A weird occurrence of an SBS-2008 environment where locally connected users are unable to resolve DNS even though network services are working well on the server.
This user encountered a similar issue as mine:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_26804178.html#a39516961
To those of you who has no Expert Exchange account, I have printed and saved this article here:
http://www.scribd.com/doc/170510614/DNS-issue-faced-with-Windows-SBS-2008-in-the-Local-Area-Network
I am using SBS-2008, updated with the latest patches.
One fine day my clients in their office are unable to resolve DNS addresses. However, all incoming connections including VPN-PPTP were working well.
My usual solution was to restart the server, and that should fix it. Initially we thought it was due to the Antivirus software installed on the server.
We manage to figure another way out, disable network adapter, and re-enabling it will resolve the issue.However, we couldn't do that all the time, as it will disconnect our remote support session. Restarting the server was a better choice for us.
Observations:
We ran nslookup on the server, it showed an ip v6 NS. It can resolve names properly.
We ran nslookup on the workstations, it showed ip v4 NS, which is the correct and default NS, and we couldn't resolve the DNS. We could still maintain a connection via teamviewer, but simply not resolve any DNS when browsing sites.
Work-around solution:
After disabling IPv6 on the network adapter on the server, we were able to resolve DNS entries fine on the server and the clients.
In addition, we were also able to connect to the internet on both server and clients. I do realize that Exchange might encounter problems, so I turned IPv6 back on again in the server network adapter and problem was resolved.
I believe this will come back again.. and I don't think the above is a real-solution yet, but it's a good enough solution for now to resolve this issue quickly.
Monday, September 23, 2013
Thursday, September 5, 2013
7-zip.. opening of zipped up attachments from email with a .msg
A client called, received an attachment from her boss, 10 over megabytes! Nice thing is that it's all zipped-up, but there seems to be a slight issue of not being able to open some of the content of the attachments.
Content of zipped up file comprises of PDF, XLS, DOCs and... MSG!
Can't seem to open the attachment properly due to the nature of 7-zip, it seems to be able to strip open the .msg file into it's HTML or RTF form.
As such, right-click and you'll see OPEN OUTSIDE function.. that's weird! There's such a thing...
Open-Outside function calls the default program to open .MSG file, and problem was resolved.
On a separate note, I believe we can open a JPG file and view them using Windows Photo Viewer from 7-zip too! we faced a bug in recent years where an image being opened from 7-zip will not be viewable when using the default Windows Photo Viewer... We used Picasa as a work-around...
Having said that, I do believe this method above - open-outside - will work-out!
Content of zipped up file comprises of PDF, XLS, DOCs and... MSG!
Can't seem to open the attachment properly due to the nature of 7-zip, it seems to be able to strip open the .msg file into it's HTML or RTF form.
As such, right-click and you'll see OPEN OUTSIDE function.. that's weird! There's such a thing...
Open-Outside function calls the default program to open .MSG file, and problem was resolved.
On a separate note, I believe we can open a JPG file and view them using Windows Photo Viewer from 7-zip too! we faced a bug in recent years where an image being opened from 7-zip will not be viewable when using the default Windows Photo Viewer... We used Picasa as a work-around...
Having said that, I do believe this method above - open-outside - will work-out!
Sunday, August 25, 2013
Printing with Annotations in Acrobat with Electronic Filing System (EFS) resulted in weird upside down behaviour
Client from a law firm called and my tech guys has troubleshoot this issue for 1-hr but they can't figure a resolution. As such, it's transferred to me, and after my 30-min diagnosis, I realized the problem has to do with the PDF version on the document!
After 2-hrs of troubleshooting, I can only offer a work-around.
The issue is that EFS annotation
tool supports only PDF version 1.5 (for acrobat 7.0 and above). It does not support
Adobe PDF version 1.3 (for acrobat 5.0).
As such, when the user tries to
annotate on a scanned document, which Fuji Xerox [Apeosport iv - c3300] uses PDF version 1.3, it will
give an upside down or weird issue where the document gets upside down, while the stamp or annotated words stays upright.
 |
| after scanning from copier-scanner |
 |
| the problem with the annotation, it's upright while the document is upside down |
There is no fix to this as the
copier can only generate an older PDF version of the document. I spoke with the
FX engineer and she advised that the only solution is to upgrade firmware of
copier, which might not resolve the issue as it does not include upgrading the
PDF version.
I taught the user to try using
Docuworks, scan in document, then re-print to PDF. Too many steps and too
lengthy of a process. In the end we just stick with
re-saving the scanned PDF document to a ‘newer’ version of a PDF document,
before annotating and then, re-saving it again with the annotations.
 |
| in the event where the scanned pdf is upgraded. |
 |
| this is a working example. |
Sunday, July 28, 2013
Getting Fuji Xerox Centreware Internet Services to include new staff email address
A new staff just joined a client's firm, and while trying to add the new user's email address, I spent a good 10-mins trying to figure out where to get the address book entry changed.
As such, not to repeat this kind of problem, I am posting a guide for my own future reference.
The Steps:
As such, not to repeat this kind of problem, I am posting a guide for my own future reference.
The Steps:
- login to centreware using IE. I tried using Chrome, sorry, just had no inspiration to locate it. Use IE.
- login using administrator username and password, usually 11111 for username, and x-admin for password.
- go to properties, look at services, go to email and find public address book.
- unfortunately, you can't just change the addresses from here, you'll have to download the CSV file, edit it using excel, then save it, after which... you may import the file back to the copier.
- should you encounter problem with the downloading or importing, please ensure that all services are exited from the copier, it's set to sleep mode and no one else is using the copier for scan/copy/fax/print.
Good Luck!
Friday, June 7, 2013
QNAP with OwnCloud 5.0 Installation and Configuration from SCRATCH!
A client recently purchased a QNAP from us, and he complained that the features aren't as 'dropbox' like. :(
Well, let's then make the QNAP as DropboX like as possible! :)
After searching, I found the Wiki to install OwnCloud in a NAS - Wiki Here
However, this guide is applicable only to version 4 of the OwnCloud, and there seems to be some parts of it that is no longer required.
Disclaimer:
I did notice some problems in the forum on Owncloud 5.0 on the QNAP. Some reverted back to 4.5.11 build for better stability. While the forum posts are dated in May-2013, if you're worried about the possibility of conflicts or problems, I'd suggest going through the new features of the 5.0 and verify that if you don't need any of them, then please use the stable-build of 4.5.11.
Some of the forum entries are:
For a start, the list of things I have are:
Now that OwnCloud is set-up, let's proceed with administering to owncloud!
Well, let's then make the QNAP as DropboX like as possible! :)
After searching, I found the Wiki to install OwnCloud in a NAS - Wiki Here
However, this guide is applicable only to version 4 of the OwnCloud, and there seems to be some parts of it that is no longer required.
Disclaimer:
I did notice some problems in the forum on Owncloud 5.0 on the QNAP. Some reverted back to 4.5.11 build for better stability. While the forum posts are dated in May-2013, if you're worried about the possibility of conflicts or problems, I'd suggest going through the new features of the 5.0 and verify that if you don't need any of them, then please use the stable-build of 4.5.11.
Some of the forum entries are:
- Goodbye Owncloud
- Install OwnCloud on your NAS - seems easy...
For a start, the list of things I have are:
- QNAP TS-419PII
- Update to the latest version of firmware, 3.8.3
- 2x 320GB hard-disks with RAID-1
- OwnCloud 5.0.6
- OwnCloud Documentation (Here)
- Enable the QNAP services for Telnet/SSH
- Enable the QNAP services for Web Server
- Install IPKG Optware in the QPKG Centre
- I did not install PHP 5.3 as it's already on PHP 5.3
- Download and unpack the latest version of OwnCloud and place it in the /web share
- Set the permission using chmod command via putty into the NAS
- Enable MySQL Server in QNAP Applications, but i did not want to tick the 'allow TCP connection' to prevent intrusion and hacking of the DB
- Reset the root password
- Install PhpMyAdmin in the QPKG Centre
- Remove all other applications that I do not use like Video station, Music station, etc...
- I will need to access mySQL database first to change the default password because root password as default is no good! (MySQL guide here)
- I will need to access via phpmyadmin but i can't login via admin
- I don't want to enable the TCP connection, so...
- Open up Windows Explorer, go to the path: \\(your NAS IP)\Web\phpMyAdmin
- Look for config.inc.php, change the value for
$cfg['Servers'][$i]['host'] = 'localhost'; - Leave everything else the same. Note that the value was previously 127.0.0.1
- Proceed with login to PhpMyADMIN web-console (https://(ip)/phpMyAdmin), with default username: root, password:admin
- If you still can't login, just remember to reset the password from inside the QNAP Admin console.
- Immediately change password for the root account to access the phpMyAdmin
- Go to Privileges, create a new mysql account: owncloud1, set password accordingly.
- Set the location to 'localhost' instead of '%'
- Tick on the Create database with samename and grant all privilleges
- Click on Check All for the privileges, then untick the SUPER under Administration
- Login to web-console for owncloud (https://(ip)/owncloud)
- Create an admin account, I'll use owncloudadmin, with a new password - different from mySQL pls...
- Click Advanced
- Set DB to MySQL
- insert MySQL Details
- User: owncloud1
- Password: the password you've set for the user
- DB name: owncloud1
- Leave the localhost alone.
- Completed!
Now that OwnCloud is set-up, let's proceed with administering to owncloud!
Tuesday, June 4, 2013
Manually Map Office 365 MX records in my own DNS servers
I like Office 365, the features are decent, pretty much complete, and support is 'okay', a little slow at times, but generally, people on it-like Google Apps, don't complain with email unavailability, and issues with missing mails or even too much spam.
It goes to say that my own email hosting services, as well as implementing an onsite-exchange with SBS-es, have much to improve to match up to Office 365 and Google Apps set-up and maintenance team.
Having said that, there are some things that are set in place as a standard practice for Office 365 users or subscribers, to minimize problems with connections and reduce the complication of set-up. Wizards rule the configuration and I believe that is the strategy to allow any tom-dick-harry to set-up their own Office 365 subscriptions.
While that may be a good thing for the mass majority, IT pros like me would still like the flexibility of having to ala-carte our own variety of services too. Therefore, though we might like the Office 365 mail offerings, we could possibly maintain our own web-servers, and DNS servers too!
I did a quick search on the web and couldn't find a guide to do this manual configuration. As such, here are steps below to ala-carte my hosting plan.
Scenario:
Create all the accounts, register for the domain within office 365... (oh well, there's a whole bunch of other guides out there on the set-up... I won't cover it here.)
Now, for the CUT-OVER.
You might be familiar with the DNS changes for the first MX or TXT/SRV record changes to the domain name in the DNS server to allow the domain ownership verification process. If not, please follow the instructions from the Microsoft guide.
Once you are left with step-5 in the set-up process, the last step was to simply change the authoritative name server from my no-ip.com to ns1.microsoft name servers, which I really don't wish to.
As such, we'll then have to head to:
That's it. Changes to the domain and MX, thought we all like to believe that it's 48-hr, should actually take no more than 2-hrs depending on the TTL settings. I'd advise not to terminate the old mail hosting plan for 1-2 days, then once 1-2-days are over, do give the old mail server a check to ensure that there are no 'trapped' emails... Once ready, delete all old mailboxes and disable the SMTP or email services in the previous hosting plan. (VERY IMPORTANT)
Hope this guide helps people out there!
It goes to say that my own email hosting services, as well as implementing an onsite-exchange with SBS-es, have much to improve to match up to Office 365 and Google Apps set-up and maintenance team.
Having said that, there are some things that are set in place as a standard practice for Office 365 users or subscribers, to minimize problems with connections and reduce the complication of set-up. Wizards rule the configuration and I believe that is the strategy to allow any tom-dick-harry to set-up their own Office 365 subscriptions.
While that may be a good thing for the mass majority, IT pros like me would still like the flexibility of having to ala-carte our own variety of services too. Therefore, though we might like the Office 365 mail offerings, we could possibly maintain our own web-servers, and DNS servers too!
I did a quick search on the web and couldn't find a guide to do this manual configuration. As such, here are steps below to ala-carte my hosting plan.
Scenario:
- Client has a web-hosting, joomla site with Hostgator with ip 90.87.10.1
- Client has an email-hosting, previously in Hostgator too, on the same server as the web.
- Client has a domain name registered with ENOM named wecando.sg
- Client has a DNS server subscription with NO-IP for dynamic IP mapping for as well as DNS manangement. Which means, the authoritative name servers are currently set as:
- ns1.no-ip.com
- ns2.no-ip.com
- ns3.no-ip.com
- ns4.no-ip.com
- ns5.no-ip.com
- Client would like Office 365 email only subscription, with a P1 or Small Business Standard Office 365. Having said that, it'll still work for other Office 365 set-ups.
Create all the accounts, register for the domain within office 365... (oh well, there's a whole bunch of other guides out there on the set-up... I won't cover it here.)
Now, for the CUT-OVER.
You might be familiar with the DNS changes for the first MX or TXT/SRV record changes to the domain name in the DNS server to allow the domain ownership verification process. If not, please follow the instructions from the Microsoft guide.
Once you are left with step-5 in the set-up process, the last step was to simply change the authoritative name server from my no-ip.com to ns1.microsoft name servers, which I really don't wish to.
As such, we'll then have to head to:
- Login to Office 365 portal
- Scroll down or on the left Nav, to look for Domains
- You'll see a list of domain names
- Select the domain name you'd like to find out more on the details, then click View DNS Settings
- You'll see that the DNS configuration is in progress and 'some things' are not yet completed.
- Look below, click on View DNS records.
- You'll get to see the current MX records and what is the server to use...such as:
wecando-sg.mail.protection.outlook.com
autodiscover.outlook.com - To ensure that you'll have autodiscover ready for use, please insert the CNAME record for the domain in your DNS server, in my case, the No-IP server.
- I also need to remove current MX records from my No-IP DNS Server for the domain, and place the Microsoft MX Record.
- Note that each domains registered with Microsoft will have their MX servers named differently! You can't use this address above as a template, always check and verify the DNS settings.
That's it. Changes to the domain and MX, thought we all like to believe that it's 48-hr, should actually take no more than 2-hrs depending on the TTL settings. I'd advise not to terminate the old mail hosting plan for 1-2 days, then once 1-2-days are over, do give the old mail server a check to ensure that there are no 'trapped' emails... Once ready, delete all old mailboxes and disable the SMTP or email services in the previous hosting plan. (VERY IMPORTANT)
Hope this guide helps people out there!
VPN issue with a user account - error 800 - on Windows Essentials 2012 and SBS 2011
A client called and reported a VPN connection problem with an error 800. Interestingly, the issue happened only on his account and not the others.
I proceed with testing on the administrator account, found out that it works!
I went on to Google to search for the possible issues that might be related, I searched from this aspect:
1) Reconfiguring the Remote Access Services - VPN - http://www.windowsecurity.com/articles-tutorials/Windows_Server_2012_Security/understanding-configuring-network-policy-access-services-server-2012-part2.html
While it doesn't make sense to do this, I was out of solutions and I think this was a good try. I tried and to my dismay, the problem persists, and only onto this particular user account.
3) A VPN server issue and it's security protocols - http://social.technet.microsoft.com/Forums/en-US/winserveressentials/thread/f17ec934-821c-4fe7-bb44-679bdf0e4ad3
This link provides a check on client configuration as well as network set-up. Having the VPN connected clients to be in the same DHCP region as LAN, I don't see any issues with the network part of the connection. Moreover, I am facing problem with ESTABLISHING the VPN and not accessing the network servers.
4) Possibly a few cases of someone facing a similar problem with no resolutions
5) Issues related to 3rd party applications affecting the VPN as a whole - http://forums.hak5.org/index.php?/topic/25381-server-2008-r2-vpn-error-812/
This is related to issues with VPN from Antivirus software or firewalls. I don't have this issue as the server does allow VPN connection in general, just NOT on 1 account.
There are some good troubleshooting references in the link that we all ought to follow for the troubleshooting process. Some posts here talks about NPS and the pains in getting that set-up or configured properly.
6) Troubleshooting guide related to NPS - http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/62c382fc-ebf8-4c69-9569-5cda792a19bf/
Decent article in step-by-step troubleshooting if NPS is the issue. I went through this and found out that it's not an NPS or Network Access Policy services that's stopping the VPN.
========================================================================
After trying for close to 3hrs, I gave up, and created a new user account specifically to allow only for VPN. I used a similar naming convention.. So if the user was Andy Tan and his log-in account is andytan, then the new account was andyt and i set the same password for the user, with similar account privileges simply for VPN access.
This solved the issue and client is happy. Anyway, it's not worth the amount of time to troubleshoot, but it's interesting that such a 'bug' occurs. I do am looking forward to Microsoft solving this issue though.
I will post in some of the community forum to see if they can figure a resolution.
I proceed with testing on the administrator account, found out that it works!
I went on to Google to search for the possible issues that might be related, I searched from this aspect:
- User remote access privileges
- User network access protocol blockage
- Whether there is a 'Deny' access on any of the security groups
- Is it related to the IP address or the network that the client is connecting from
1) Reconfiguring the Remote Access Services - VPN - http://www.windowsecurity.com/articles-tutorials/Windows_Server_2012_Security/understanding-configuring-network-policy-access-services-server-2012-part2.html
While it doesn't make sense to do this, I was out of solutions and I think this was a good try. I tried and to my dismay, the problem persists, and only onto this particular user account.
3) A VPN server issue and it's security protocols - http://social.technet.microsoft.com/Forums/en-US/winserveressentials/thread/f17ec934-821c-4fe7-bb44-679bdf0e4ad3
This link provides a check on client configuration as well as network set-up. Having the VPN connected clients to be in the same DHCP region as LAN, I don't see any issues with the network part of the connection. Moreover, I am facing problem with ESTABLISHING the VPN and not accessing the network servers.
4) Possibly a few cases of someone facing a similar problem with no resolutions
- This is one close one: http://undepurated10.motutaro.com/browser.php?indx=6583078&item=612
- This is one SUPER CLOSE: http://social.technet.microsoft.com/Forums/en-US/winserveressentials/thread/617af2e7-a904-44f3-a9f0-173658bfa848
- This is one EXACT SAME ISSUE: http://social.technet.microsoft.com/Forums/en-US/smallbusinessserver/thread/63e1855d-69eb-43f5-b3d3-52494cdb542d
5) Issues related to 3rd party applications affecting the VPN as a whole - http://forums.hak5.org/index.php?/topic/25381-server-2008-r2-vpn-error-812/
This is related to issues with VPN from Antivirus software or firewalls. I don't have this issue as the server does allow VPN connection in general, just NOT on 1 account.
There are some good troubleshooting references in the link that we all ought to follow for the troubleshooting process. Some posts here talks about NPS and the pains in getting that set-up or configured properly.
6) Troubleshooting guide related to NPS - http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/62c382fc-ebf8-4c69-9569-5cda792a19bf/
Decent article in step-by-step troubleshooting if NPS is the issue. I went through this and found out that it's not an NPS or Network Access Policy services that's stopping the VPN.
========================================================================
After trying for close to 3hrs, I gave up, and created a new user account specifically to allow only for VPN. I used a similar naming convention.. So if the user was Andy Tan and his log-in account is andytan, then the new account was andyt and i set the same password for the user, with similar account privileges simply for VPN access.
This solved the issue and client is happy. Anyway, it's not worth the amount of time to troubleshoot, but it's interesting that such a 'bug' occurs. I do am looking forward to Microsoft solving this issue though.
I will post in some of the community forum to see if they can figure a resolution.
Subscribe to:
Posts (Atom)