.NET to the rescue

I’m sure there is a lot of SOE (Standard Operating Environment) projects going on around the world. I’m always interested in how the AD design would be designed. Definitely, a new AD domain will be created and users will be migrated to this new AD domain.  But… wait, there are still other legacy services like file shares, applications integrated with AD etc that users still need to access to.  To solve this issue, at first, a Domain Trust was used to allow users to continue using their legacy resources.  After a while, this wasn’t allowed anymore and each site is left to their own to figure a way out on how to allow their users to continue using their legacy AD domain’s resources.  Don’t you hate it when your water or electricity supplier just cuts off your supply and left you to find your own supplies??!!

One way out is to make use of the Windows 2003 IIS Password Change tool (same as the one that comes with Exchange OWA). Follow these steps to get it working.

1. Start the Microsoft Management Console (MMC) IIS Management snap-in by clicking Start, Programs, Administrative Tools, Internet Information Server (IIS) Management.
2. Navigate to Web Sites, Default Web Site.
3. Right-click Default Web Site. Select New, then select Virtual Directory. You'll see the Virtual Directory Creation Wizard Welcome screen.
4. Click Next.
5. Enter an alias of IISADMPWD and click Next.
6. For the actual publish folder value, enter C:\windows\system32\inetsrv\iisadmpwd (where C:\windows is the directory in which Windows is installed). Click Next.
7. For virtual directory permissions, select the Read and Run scripts check box, if it isn't already selected. Click Next.
8. Click Finish.
9. Under Web Service Extension make sure Active Server Pages is set to Allow

You can access the new interface at:

http://<server address>/iisadmpwd/aexp2.asp 

to change a local account password or at:

http://<server address>/iisadmpwd/aexp2b.asp 

to change a domain password.

The figure below shows a sample Web interface for changing a domain password.

* Note: Using IISADMPWD without an SSL connection sends the credentials over the network in clear text.  For this reason it is recommended that you use IISADMPWD over an SSL connection.  Use the “SelfSSL” tool from the IIS6 resource kit to create a SSL. Refer to this article for a step by step guide: http://www.visualwin.com/SelfSSL/

Yes, there are tons of tips on Windows 7 in the web.  This is a compilation of what I feel is most useful.

In my earlier post (Using Windows Server 2008 as a Workstation), the same rules apply.  You have to enable the services so that you can unlock the full potential of Windows 7.

Now, time for the tips…

Tip #1: Enable Quick Launch

By default Quick Launch is disabled. I love Quick Launch as it won’t clutter up my Desktop.

1. Right click on a empty space on the taskbar and click on New Tool

2. In the Folder line, type or copy:

%userprofile%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch

3. Click on the Select Folder button

4. You now have a Quick Launch toolbar on the taskbar. (See screenshot below)
NOTE: Click on the arrow to see your Quick Launch shortcuts.

Tip #2: Problem Steps Recorder

One of the coolest new tools in Windows 7 is the Problem Steps Recorder (PSR) — especially for those of us who provide tech support to Windows users. No matter how hard they try, users often have problems accurately describing the problem they’re experiencing or the steps they took before or after experiencing it. Sure, Remote Assistance can be a godsend in those situations. But you can’t always connect to the user’s computer in real time. That’s when the PSR comes in handy.

It’s really a type of screen capture software that records all actions — keystrokes, mouse clicks, etc. — and saves the sequence of events in an MHTML page that documents every step the user took, along with screenshots.

You start the PSR by entering psr.exe in the Start menu Search box or at the command prompt. The interface is shown below.

Another usage for this is documentation.  It captures all the step by step actions, therefore all you need to do is just go through the actions and paste it into your docs.  Cool!

BackInfo

While attending Microsoft courses, most likely you would have seen the information details on the desktop wallpaper of the machine you are using.  This is a tiny application called BackInfo.exe.

It is a very useful tool that enables you to visibly identify the computer that you are logged on to.  See a sample pic below.

It’s part of the Windows Server System Reference Architecture Virtual Environments for Development and Test (WSSRA-VE) Deployment Kit. You can download the kit from the link below and after you install the deployment kit you'll find Backinfo in the \bld\utils directory. (http://www.microsoft.com/technet/itsolutions/wssra/ve/wssra-veintro_3.mspx)

Or to save you the hassle, download it here.

BgInfo

There is also another free tool called BgInfo by SysInternals (Bought over by Microsoft) at http://technet.microsoft.com/en-us/sysinternals/bb897557.aspx 

It basically does the same thing.  So, it’s up to you which UI you prefer :)

How to Install

1. Go to Run > gpedit.msc

2. Put the script under User Configuration > Windows Settings > Scripts (Logon/Logoff) > Logon

3. Add the link to the BackInfo.exe

* To prevent accidental deletion, one way is to put it under “C:\Program Files (x86)\backinfo\BackInfo.exe”

There are times whereby I need to go to Start > Control Panel > Network Connections. It’s just too many steps!

So… here are some shortcuts:

- Network Connections: ncpa.cpl

- IIS Manager: inetmgr

- Command Prompt: cmd

- Local Group Policy Editor: gpedit.msc

- Show Desktop: Windows Key + D

- Minimize All Windows: Windows Key + M

- Lock Screen: Windows Key + L

- Windows Explorer: Windows Key + E

- Display Projection: Windows Key + P (Windows 7 only)

The Display Switch settings box lets you quickly change how you want your desktop displayed.

Remember those days when disk space is limited and one of the ways is to delete those $NtUninstall Folders that contain the uninstall information? It helps lots to free up those valuable disk space in C:\ drive.

However, in Windows Vista/2008, MS moved it to another location and I really had a hard time finding it until I came across a web site that finally has that information! My C: drive has 30GB but it’s running out of space.

Well, here are the steps:

Step 1: Deleting C:\Windows\SoftwareDistribution folder

1. In the Start menu search box, type "services.msc" and press Enter

2. Stop the Windows Update service (leave the window open - you will restart the service in step 4)

3. Navigate to your Windows folder (C:\WINDOWS) and delete the folder named "SoftwareDistribution"

4. Restart the Windows Update service

5. Open Windows Update

6 Ta-da! Windows Update states that you have never checked for updates! Simply click "Check for Updates" and you're ready to begin installing updates!

Step 2: Use msizap to remove orphaned cached Windows Installer Data Files to increase free disk space

Msizap is a command-line tool that can delete the configuration data that Windows Installer maintains for products that it installs, including the directories, files, registry subkeys, and registry entries in which Windows Installer stores configuration data.

Running msizap.exe with the G parameter removes orphaned cached Windows Installer data files for all users. Running this command on an old Windows XP machine allowed me to reduce the size of the C:\Windows\Installer directory from 3.6GB down to 875MB.

This computer had so many orphaned files due to the constant installation and uninstallation of software such as Java, Flash, Acrobat Reader, and other utility software over the years. Yes, orphaned files persist on your hard drive despite following proper uninstall procedures.

To run msizap, login to the machine as an administrative user and launch a command window. Navigate to the directory that contains msizap.exe, then type the following command:

msizap !G

The G option removes the orphaned cache files, the exclamation point forces a ‘yes’ response to any prompt.

While removing orphaned files should not have any negative impact on your Windows installation, be aware that msizap is a powerful tool that can cause problems if used incorrectly.

Msizap can be downloaded as a part of the Microsoft Windows Server 2003 Support Tools or the Windows Installer CleanUp Utility. I was unable to find the Windows Installer CleanUp Utility by searching Microsoft’s download site, so note that as of today the file’s name is msicuu2.exe if you the above link goes dead in the future.

After you’ve installed the Windows Installer CleanUp Utility, it can be found at “C:\Program Files (x86)\Windows Installer Clean Up” folder. Navigate to this folder and run the following command:

   1:  MSIZAP !G

If you don’t want to install the Windows Installer CleanUp Utility, use a program such as Universal Extractor (aka UniExtract) to extract the individual files. Once you extract the files, you’ll notice msizap.exe does not exist, but you will find MsiZapA.exe and MsiZapU.exe.

There are two versions of MSIZAP.EXE: MsiZapA.exe (for use in Windows 95, Windows 98 and Windows ME), and MsiZapU.exe (for use in Windows NT, Windows 2000, Windows XP, and Windows Server 2003). The appropriate executable should be renamed MsiZap.exe.

Current msizap.exe options are as follows:

Usage: msizap T[WA!] {product code}
msizap T[WA!] {msi package}
msizap *[WA!] ALLPRODUCTS
msizap PWSA?!

* = remove all Windows Installer folders and regkeys;
adjust shared DLL counts; stop Windows Installer service
T = remove all info for given product code
P = remove In-Progress key
S = remove Rollback Information
A = for any specified removal, just change ACLs to Admin Full Control
W = for all users (by default, only for the current user)
M = remove a managed patch registration info
G = remove orphaned cached Windows Installer data files (for all users)
? = verbose help
! = force ‘yes’ response to any prompt

For more information on the Windows Installer Cleanup Utility and msizap.exe see KB290301.

“Money is the root of all evil”

I have a customer who has a SQL 2005 cluster in the DMZ zone. However, to save cost, they installed Active Directory into the clustered nodes since SQL 2005 Cluster needs domain accounts in order to function. Everything runs fine until they decided to run another SQL cluster joining to this Domain. Problems surfaced when this 2nd set of SQL cluster couldn’t fail over as the SQL services couldn’t be started.

Microsoft has released their statements that they do not support installing SQL 2005 cluster on a domain controller (http://support.microsoft.com/kb/915846/en-us). Nevertheless, there will still be someone who will try to do it and hope for the best that it works and hurray, they managed to save cost without having to buy & maintain another 2 sets of DC. But… when problem occurs… well, you know the story.

This sets me on another track. What if we were to set up a Hyper-V or VMWare DC in each of the cluster nodes? Would this work? And since the DC and SQL Cluster are now “logically separated”, will Microsoft support this architecture? Hope someone who had done this and gain MS support can let us know. Thanks in advance.

I stumbled upon this web site http://blogs.msdn.com/clustering/ and is amazed at how much info you can find there!  It’s simply amazing… a dedicated web site all on clustering only. Forget Google… well for once only :)

I have a customer who intends to run a fully Mac environment. No matter how much you hate or love Microsoft, you just can’t run away from it :) 

There are still some stuff which you need to run in a Windows OS, so to overcome this, we set up a dual-boot on the Mac NB to allow the user to boot up in either Windows or Mac OS. Now, comes the licensing issue… for convenience sake, the user wants to be able to use MS Office in both OS so that he doesn’t need to reboot in order to make use of MS Office available in the other OS.  Question now is, “How many MS Office licenses should they buy for each NB?” After some research, it seems that MS Office is tied to “per device”. Therefore, we only need to purchase 1 x MS Office license per NB, but in actual fact, we are installing 2 x copies of MS office per OS. Trust me, not many people know about this, not even the re-sellers who have been selling MS licenses for years!

Look at this extract from MS:

Hope this piece of information helps you save some money.

Here is a guide to buying a resale private property in Singapore. There seems to be some differences from different sources.  This is what I’ve gone through.

1) Prepare 1% (Option Fees) of the purchase price in exchange for the Option to Purchase (OTP) from the seller. At the same time, it is recommended that you also endorsed on the inventory list.

2) The OTP is prepared by the seller’s property agent.

3) You are given 14 days to decide whether to proceed with the purchase and/or to secure the loan from your preferred bank.  During this period, the seller is not allowed to offer the property to another buyer.

4) If you decide to proceed, you will exercise the OTP through your lawer. At this time, you will pay another 4% of the Purchase price, together with the Stamp Duty payable to Inland Revenue Authority of Singapore (IRAS) within 14 days after exercising the OTP (3% of purchase price - $5,400), plus $500 for the lawyer’s fees (the bank will subsidize up to $2,000, depending on your loan amount).

If you do not exercise the Option within the stated period, the Option will expire and the seller is entitled to keep the 1% option money and sell the property to any other buyer.

5) Completion takes place usually 8 – 12 weeks after the exercise (averaging 10 weeks). Your lawyer will do the necessary steps to complete the sale:
- lodage a caveat on the property
- coordinate with the bank/CPF board for the mortgage
- prepare the contract

6) A couple of weeks before the legal completion date, you will need to pay another 15% of the purchase price. (Can be 5% cash + 15% CPF or all in cash)

7) On the legal completion date, the seller must hand over the property as agreed. The property can be sold with existing tenants or vacant possession.

Inspection before taking over property

The ‘Option to Purchase’ should clearly state a permission to inspect the property before completion of the sale. The buyer should check everything that the seller has agreed to sell with the property – especially all the fixtures and fittings, e.g. air conditioning, kitchen appliances, etc. If there are any problems, you can ask the seller to fix them before you sign the Sales and Purchase Agreement.

Fees and Commission

There are various fees that come on top of the purchase price when the sale is completed, and you should therefore reserve money to pay for them. Fortunately, some of them are borne by the seller. These are summarised below:

Agent's Commission - For private property, the agent’s commission is paid by the seller - unless you have specifically appointed an agent as a representative. The seller typically pays 1-2% commission on the sale. For HDB apartment, the buyer pays typically 1% commission.

Solicitor's Fee - For the buyer, the solicitor’s fees are typically 0.3-0.6% of the transaction value. In addition, there are extra legal fees if CPF is used to pay for the apartment. If the property is in the range of $800+K, the fee is around $2,500.  If you take a loan from the bank, it will be subsidized by the bank up to $2,000. The seller pays typically 0.15% of the transaction value to his/her solicitor.

Mortgage Fee - The banks typically charge an administration fee and valuation fee for the mortgage. These together are somewhere between S$200-300. In addition, you need to take out on insurance on the property for the bank to give out the mortgage, but the 1st year is usually given free by the bank.

Stamp Fee - The stamp fee will be payable to Inland Revenue Authority of Singapore within 14 days upon exercising the Option to Purchase (or signing the Sales and Purchase Agreement when you buy from a property developer). For properties above S$300,000, stamp fee payable will be 3% of the purchase price minus S$5,400. The mortgage stamp fee is up to S$500, which is the amount payable for most mortgages.

CPF

If you are buying your second property (be it HDB or private), in order to utilise your CPF for the second property, you'll have to maintain 50% of the minimum sum. Only amount above the 50% minimum sum can be used towards your 2nd property purchase. In 1st July 2009, the minimum sum is $117,000.