Archive for category IT Knowledge
How To Fix: Windows Update Blocked by Group Policy
Posted by Brian Seekford in IT Knowledge on May 4, 2011
Problem: I cannot check for updates, it says “Some settings are managed by your system administrator”
Solution:
So, you can’t get windows update because some yahoo in IT blocked your access, eh?
First, type gpedit.msc in run,
In the window drill down User configuration>administrative templates>windows components>windows Update. In the right pane double click on remove access to access all windows update features and make it disabled.
If that doesn’t work, change the following key:
Disable and remove links to Windows Update
(User Configuration\AdministrativeTemplates\Start Menu & Taskbar)
NoWindowsUpdate
(HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer)
There are a few other keys and settings that could affect it.
Check this link out for all the registry locations for Group Policy.
How to restore your missing or disabled control panels? Screw GPO.
Posted by Brian Seekford in IT Knowledge on March 21, 2011
Your company have a tight GPO preventing you from running your beloved control panels? Well, here is a simple app to give them back to you.
This simply iterates the disable keys and removes them. NOTE: Completely free.
Click to download Restore Control Panels
Enjoy!
Lotus Notes JVM Terminated Error=8096
Posted by Brian Seekford in IT Knowledge on July 1, 2010
We all know Lotus Notes is a big pile of crap. Well, I kept getting this lovely error JVM Terminated Error=8096 after a power failure.
Good times.
It turns out, that after much head banging, simply blowing out your TEMP folder will fix it.
Just open your TEMP folder and delete the folder called XPDPLAT.
You will then be on your way.
Easy way to get there: Type %TEMP% into your Explorer and hit ENTER.
Happy Coding!
How to fix the McAfee SVCHOST crash from the virus definition update
Posted by Brian Seekford in IT Knowledge on April 21, 2010
I was able to fix the virus definition debacle McAfee that is hosing a bunch of people.
It turns out, that they put in a bad signature that quarantines your SVCHOST.exe which could cause your explorer to crash. Good times, right?
So, the fix is pretty easy:
1 Restart into safe mode with networking 2 open a Command window. If your explorer isn't started, hit CTRL - ALT - DEL and hit Task Manager. Hit File, run. CMD.EXE and enter. 3) type DEL C:\Program Files\Common Files\McAfee\Engine\avvscan.dat 4 type cd c:\windows\system32\dllcache 5 type copy SvcHost.exe ..\ 6 Restart your PC. You are good to go!
NOTE: If you need help getting into safe mode, click here. Or, pull the power cord during the boot after seeing the LOGO. Then boot normal, which will give the boot mode option screen. Pick Safe Mode with Networking (Without networking, you can’t use your cached domain account).
Happy Coding!
How to read the Distributed Transaction Coordinator settings from C#…
Posted by Brian Seekford in .NET Development, C#, IT Knowledge on January 21, 2010
I wrote a nice helper utility class for reading the settings from the MSDTC in .NET. My WCF service requires distributed transactions, so I want to make sure my server was able detect if it was on. If its not, I throw an error and shutdown.
So, here is the class for your pleasure.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Microsoft.Win32;
using System.Threading;
namespace SeekfordsNamespace
{
/// <summary>
/// Used to get the DTC settings on a machine
/// </summary>
internal static class DTCUtility
{
/// <summary>
/// Reads the DTC settings.
/// </summary>
/// <returns></returns>
public static DTCSettings ReadDTCSettings()
{
//Lets grab the DTC settings from the registry and then populate our entity
try
{
//we work from the local machine key
var localReg = Registry.LocalMachine;
//set the root dtc key
string rootKey = @"Software\Microsoft\MSDTC";
string securityKey = rootKey +@"\Security";
var dtcReg = localReg.OpenSubKey(rootKey, false);
var securityReg = localReg.OpenSubKey(securityKey, false);
DTCSettings settings = new DTCSettings();
try
{
//is network dtc access even turned on at all
settings.NetworkDTCAccess = ((int)securityReg.GetValue("NetworkDtcAccess", 0)) == 1;
//default to false, then prove it is on.
settings.AllowInbound = false;
settings.AllowOutbound = false;
//check to see if network access is on at all and transactions allowed
if (settings.NetworkDTCAccess &&
(((int)securityReg.GetValue("NetworkDtcAccessTransactions", 0)) == 1))
{
//so we can talk to network, can we allow outbound?
if (settings.NetworkDTCAccess &&
(((int)securityReg.GetValue("NetworkDtcAccessOutbound", 0)) == 1))
{
settings.AllowOutbound = true;
}
//same as above, but inbound connections allowed
if (settings.NetworkDTCAccess &&
(((int)securityReg.GetValue("NetworkDtcAccessInbound", 0)) == 1))
{
settings.AllowInbound = true;
}
}
//grab authentication values
bool allowOnlySecureRPCCalls = (int)dtcReg.GetValue(@"AllowOnlySecureRpcCalls", 0) == 1;
bool fallbackToUnsecuredRPC = (int)dtcReg.GetValue(@"FallbackToUnsecureRPCIfNecessary", 0) == 1;
bool turnOffRpcSecurity = (int)dtcReg.GetValue(@"TurnOffRpcSecurity", 0) == 1;
//process the logic to determine which mode is active.
settings.MutualAuthenticationRequired = (allowOnlySecureRPCCalls && !fallbackToUnsecuredRPC && !turnOffRpcSecurity);
settings.IncomingCallerAuthenticationRequired = (!allowOnlySecureRPCCalls && fallbackToUnsecuredRPC && !turnOffRpcSecurity);
settings.NoAuthenticationRequired = (!allowOnlySecureRPCCalls && !fallbackToUnsecuredRPC && turnOffRpcSecurity);
}
finally
{
try
{
//close but not a failure if there is an error
dtcReg.Close();
securityReg.Close();
}
catch { }
}
return settings ;
}
catch
{
return null;
}
}
}
/// <summary>
/// DTC Settings
/// </summary>
internal class DTCSettings
{
/// <summary>
/// Determines whether DTC on the local computer is allowed to access the network.
/// This setting must be enabled in combination with one of the other settings to
/// enable network DTC transactions.
/// </summary>
/// <value><c>true</c> if [network DTC access]; otherwise, <c>false</c>.</value>
public bool NetworkDTCAccess { get; set; }
/// <summary>
/// Allows a distributed transaction that originates from a remote computer to run on this computer.
/// Default setting: Off
/// </summary>
/// <value><c>true</c> if [allow inbound]; otherwise, <c>false</c>.</value>
public bool AllowInbound { get; set; }
/// <summary>
/// Allows the local computer to initiate a transaction and run it on a remote computer.
/// </summary>
/// <value><c>true</c> if [allow outbound]; otherwise, <c>false</c>.</value>
public bool AllowOutbound { get; set; }
/// <summary>
/// Adds support for mutual authentication in future versions and is the highest secured
/// communication mode. In the current versions of Windows and Windows Server, it is
/// functionally equivalent to the Incoming Caller Authentication Required setting.
/// This is the recommended transaction mode for clients running Windows XP SP2 and
/// servers running a member of the Windows Server 2003 family.
/// </summary>
/// <value>
/// <c>true</c> if [mutual authentication required]; otherwise, <c>false</c>.
/// </value>
public bool MutualAuthenticationRequired { get; set; }
/// <summary>
/// Requires the local DTC to communicate with a remote DTC using only encrypted messages
/// and mutual authentication. This setting is recommended for servers running Windows Server
/// 2003 that are operating in a cluster.
/// Only Windows Server 2003 and Windows XP SP2 support this feature, so you should only use
/// this if you know that the DTC on the remote computer runs either the Windows Server 2003
/// or Windows XP SP2 operating system.
/// </summary>
/// <value>
/// <c>true</c> if [incoming caller authentication required]; otherwise, <c>false</c>.
/// </value>
public bool IncomingCallerAuthenticationRequired { get; set; }
/// <summary>
/// Provides system compatibility between previous versions of the Windows operating system.
/// When enabled, communication on the network between DTCs can fall back to a non-authentication
/// or non-encrypted communication if a secure communication channel cannot be established.
/// This setting should be used if the DTC on the remote computer runs a Windows 2000 operating system
/// or a Windows XP operating system earlier than SP2. This setting is also useful when the DTCs
/// that are involved are located on computers that are in domains that do not have an established
/// trust relationship or if the computers are part of a Windows workgroup.
/// </summary>
/// <value>
/// <c>true</c> if [no authentication required]; otherwise, <c>false</c>.
/// </value>
public bool NoAuthenticationRequired { get; set; }
/// <summary>
/// Returns a <see cref="T:System.String"/> that represents the current <see cref="T:System.Object"/>.
/// </summary>
/// <returns>
/// A <see cref="T:System.String"/> that represents the current <see cref="T:System.Object"/>.
/// </returns>
public override string ToString()
{
StringBuilder state = new StringBuilder();
state.AppendFormat("NetworkDTCAccess: {0}\r\n", NetworkDTCAccess);
state.AppendFormat("AllowInbound: {0}\r\n", AllowInbound);
state.AppendFormat("AllowOutbound: {0}\r\n", AllowOutbound);
state.AppendFormat("MutualAuthenticationRequired: {0}\r\n", MutualAuthenticationRequired);
state.AppendFormat("IncomingCallerAuthenticationRequired: {0}\r\n", IncomingCallerAuthenticationRequired);
state.AppendFormat("NoAuthenticationRequired: {0}\r\n", NoAuthenticationRequired);
return state.ToString();
}
}
}
Happy coding!
How to make your own SSL test certificate for IIS or WCF
Posted by Brian Seekford in .NET Development, IT Knowledge on January 20, 2010
I had to create a test ssl certificate to use with my WCF service.
Here is the simple way to do it in 2 Easy Steps!
1) Open the Visual Studio 2008 Command Prompt
2) Fire off this command. change bseekford00111 to your computer name or whatever name you want the certificate to be.
makecert -r -pe -n "CN=bseekford00111" -b 01/01/2000 -e 01/01/2050 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr CurrentUser -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
That is all there is to it.
It will drop it in the current user MY store. If you want it under local machine store, change CurrentUser to LocalMachine
Really cool and free screen shot clipping tool. How handy!
Posted by Brian Seekford in IT Knowledge on January 16, 2010
I imagine everyone writing on the web or developing software needs to do a screen shot every once in a while. I also don’t want to pay $30 for something I only use every once in a while. So I ran across this cool project from CodePlex.
It is called Cropper. http://cropper.codeplex.com/
You can give it a shot. It’s free and it works. It drops the area of the screen you pick to the disk or clipboard in the format of your choice.
Share the knowledge, as knowledge is freedom!
ATLRX.H missing, oh where have you gone? At least in Visual Studio 2008
Posted by Brian Seekford in CPlusPlus, IT Knowledge on January 14, 2010
I pulled out some old code to work on a legacy project of mine and lo and behold I get “Error 29 fatal error C1083: Cannot open include file: ‘atlrx.h’: No such file or directory”. Not exactly a pretty error and worse, this file was part of the standard ATL includes.
So what the heck happened to my good ole’ friend? Well, the geniuses at Microsoft decided it would be better to sit on CodePlex. So, you can download it from here.
The library is called the ATL Server Library. Just download it, and set your include path in Visual Studio to point to it. Or get creative and copy the files into an existing include path in the program files folder(under the visual studio folder of course.
Happy Coding!
The cost of a code freeze and maybe a better way of doing it.
Posted by Brian Seekford in .NET Development, General Thoughts, IT Knowledge on January 12, 2010
The cost of a code freeze
So you’re thinking about doing a code freeze in your company, or maybe you already are. This article discusses the pros and cons and potential solutions to the common pitfalls.
A “code freeze” is general the period of time in which developers of a team based software development project are barred from the check-in of code into the source code control repository. Code freezes are used as a way of obtaining a clean version of code for preparation of a release. A lot of companies use these for internal build releases as well that are generally provided for the Quality Assurance department.
Is a code freeze a good thing? Well, maybe. Conceptually it sounds like a great idea; tell all developers to hold off on the check-in of code for a set period of time while a build is prepared off of the active development branch of the source control system. Proponents of the standard code freeze argue that the lock down period of time is necessary in order to properly create a build that is functional. The issue that arises is really around the length of time the code freeze is truly in effect. If the standard build and assurance process lasts a few hours, the impact is relatively negligible. If in turn the process takes a day or longer, then the impact to the development cycle is truly felt.
The impact of the denial of code checkins on an active project is dependent on a number of factors; the size of the team, the lack of source code isolation of the distributed tasks, and the velocity of the tasks. These variables interact in a non-definitive but potentially exponential way. The higher any of the values are, the more the value of the other variables affects the cost. For example, the more developers there are on a project the greater the impact of higher velocity and lack of source code isolation on the tasks.
Say you have X developers, they work on code with an isolation level that has a probability of interaction of Y (likelihood a developer is working on a section of code another developer is also working on), and they are working on tasks at a velocity of Z. Let us also assume the code freeze occurs for H hours. The variable interaction would be similar to H * ((X2 * Z) * Y. While the math on this particular equation is very loose and up for debate, the potential impact is obvious. We can determine the true impact if we were to take on an actual experimental situation (or really put a lot more thought to it than I did) to find the actual impact.
What the above is basically showing is that the cost of the code freeze increases the longer it lasts and is dramatically more when a larger number of potential interactions (developer activities) are introduced.
What can be done about this?
The code freeze employed by some companies is the hold all code and wait until a valid build is created from the development/active branch of the source control system. The implied benefit is that developers can check in code ONLY to fix the actual build process and get the initial assurance verification tests to complete successfully. The cost of this particular method is generally not worth its benefit.
An alternative to this particular cycle is to use a form of the Branch by Purpose pattern (“The Importance of Branching Models in SCM.” IEEE Computing Practices. 0018-9162/02.) recommended by Walrad and Strom which dictates that you create source branches when the code in the branch will be used for a particular purpose; a bit self explanatory in nature. This method allows you to have a code freeze for only the period of time it takes to snapshot the branch. You can then build your releases of the branch. The developers will encounter minimal impact due to the brevity of the code freeze and defects can easily be fixed in the secondary branch and merged back into the main branch if necessary.
The utilization of my interpretation of this pattern is quite simple. The source control is created with a main/active development folder to house the current iteration of source code. You then create a quality assurance branch which you use to send copies of the main/active branch when you need to create builds to send off to the quality assurance team. This format allows the development team to continue on with work while the build team uses the QA branch to produce the QA builds. Any code changes to fix the process would be made in this branch and merged back to the main branch.
regsvr32.exe registering your ActiveX (ocx) gives you error 0×80040200..yuck.
Posted by Brian Seekford in IT Knowledge, Rants on January 6, 2010
I design and work with a lot of c++ code and write a number of ActiveX controls. I set my machine up so I can double click the OCX and it is associated with regsvr32.exe, so it gets registered. Nice and easy, right? I have been doing it for years. Double click, whammo. It’s registered.
Now let’s come to the present. Happy go lucky , easy as pie, double click my way to registered controls, is gone. BAH! I upgraded to Windows 7, I knew this OS had to have a gotcha!
So I get regsvr32.exe blowing up and giving me error 0×80040200. That’s real helpful, doesn’t Microsoft speak any ENGLISH. So I go and look up that ridiculous error code, and lo and behold…wait for it….wait…….User Access Control. UAC said, go away child, you can’t play here.
The long and short of it, I typed cmd.exe into the run box on the start menu, right clicked cmd.exe when it appeared and did a runas for Administrator. I then did the old school command line register of the ocx. Sad.
When I get froggy enough, I will write a batch file that will have the always run as admin attributes on it so at least UAC can prompt me to elevate.
So in short, regsvr32 on Windows 7 with UAC. You must find a way to make regsvr32.exe run elevated as an Administrator for it to work.