.NET to the rescue

If you are upgrading your BlogEngine from 1.4.5 to 1.5, you are bound to have read this post: http://www.nyveldt.com/blog/post/BlogEngineNET-15-Upgrade-Guide.aspx

At first I thought it’s going to be a very simple & smooth sailing process… perhaps I didn’t follow the steps properly. Anyway, here are some tips & tricks to ease your upgrading process.

1. Backup your site first!

2. Overwrite the new BE 1.5 files over the old ones

3. In doing so, some of the settings will be overwritten. For eg., About the author, users accounts, your settings, etc.

4. To restore the following, copy the following files from your backup & replace the new ones.

i) About the author - App_Data\datastore\widgets\1ef27b78-0218-420c-bfda-038163510def.xml

ii) Users accounts - App_Data\users.xml

iii) Categories – App_Data\categories.xml

iv) Settings – Do not copy as there are new things added. Open up in text editor and copy over your previous settings

v) Blog Roll – App_Data\blogroll.xml

5. As stated in Nyveldt’s article, there are some additions to the comments css. If you use your own custom theme, remember to add the additional css in so that the nested comments will look better

That’s it! Good luck ;)

I have never put much thought into this until one of the sites I’m handling doesn’t really like keeping up-to-date with MS patches.  To them, application stability and uptime is much more important… until the Conficker Worm threat becomes a huge concern.

This Conficker worm affects all Windows editions but if you look at the link http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx, you won’t be able to find any patch download for Windows Server 2003 RTM edition or Windows XP SP1.

After some Googling, I’ve found this: http://support.microsoft.com/?LN=zh-sg&scid=gp%3B%5Bln%5D%3Blifecycle&x=15&y=5#ServicePackSupport.  This site explains why. 

“When a new service pack is released, Microsoft will provide either 12 or 24 months of support for the previous service pack”.

Other than the Windows Family which provides 24 mths of support, all other products offer 12 mths.

Based on the above, Windows Server 2003 SP2 was released on 13th March 2007 and therefore Windows Server 2003 SP1 support will end on 13th March 2009.  The MS08-067 was released on 23rd October 2008.  Therefore, this version of Windows is still supported.

Now, let’s take Window Server 2003 SP1.  SP1 was released on 30th March 2005. Theoretically, the support for the RTM version will end on 30th March 2007. Thus, this explains why MS08-067 doesn’t support the RTM version!

Now, this is an excellent example to use when you have customers who don’t like to patch their servers.

Although I am a fan of vbscript, sometimes it’s still easier and faster to script in DOS batch scripting.  Here are some compilation of the useful DOS commands.

%date% %time%
Output: 07/03/2009 22:13:37.82
Remarks: Sometimes you want to output the date & time stamp

%cd%
Output: C:\Windows\System32
Remarks: Get the working directory the batch file is running. Useful when you need to output a text file into the same working directory

I thought I will never be using 8.3 Short Filename and ditching them away for good… but boy I was wrong!

Ever heard of this another great little tool called “RichCopy”?  It’s done by a Microsoft programmer who produced an in-house tool called RichCopy (Look for version 2.51, no install required 188Kbyte size) that would run 3 threads and has many options about target / source copy with ACL or delta by size, time, ....

The problem with File Explorer or those who are a bit more advanced would use Robocopy is that it runs only with a single thread.  That is, it will copy 1 file at a time and sometimes if there are a lot of files and if the copying process somehow breaks halfway, you have to restart all over again.  With RichCopy, it will skip those files that already existed in the destination folder and running it with multiple threads, it can synchronize files between 2 folders extremely fast!

Btw, if you are copying 1 large file, using RichCopy is no different from using File Explorer since it couldn’t spawn multiple threads.

Now, back to the main storyline… :)  This RichCopy tool is already 13 years old and the batch command line doesn’t really like “spaces” or quotation marks “”.  But I have 2 folders with names that have spaces in them.  So, in my batch script, in order to get it working, I have to resort back to 8.3 short filename.  Well, you can say “Hey, why not use another newer tool?”  If anyone knows of another great tool like this, please let me know!  Trust me, this is the BEST file copying tool I’ve known.  Here is a sample of the batch script.

net use z: "\\<servername>\c$\Documentation" /user:<username> <password>

RichCopy2.51.exe z:\ D:\Docume~1\ /F /O /R 30000 /T 3 /I 1000 /LL 2

net use z: /delete /y

I’ve tried enclosing the source & destination paths with quotation marks, single quotation marks, etc but to no avail.  If anybody knows how, please do share it with me yah.  Better still, any newer equivalent great little tool like this?!  Thanks in advance.

Tips

To get the short filename, go to command prompt and type “dir /x”.

MBSA is a free tool by Microsoft to help scan a server to determine the security state compliance. The main feature I made use of it is the ability to scan for missing MS patches. Usually, we need to compile the list of missing patches and pass it to the Application team to test it out whether any of the patches affect or break their applications.

I have decided to post this is because I thought that every System Administrator should already know about this great tool, but I was wrong. One of my customers requested for this list and none of the System Admins know how to go about it.

Syntax

mbsacli.exe /target webserver /catalog c:\mbsa\wsusscn2.cab /n password+iis+os+sql /nvc /nd /rd c:\mbsa

These are the switches I’ve chosen:

For more details on these and other available options use mbsacli /?

Ways to download wsusscn2.cab for offline use in a secured environment

Today, most places would have blocked Internet access on the servers in a Data Centre. Here are a couple of ways to download a copy of wsusscn2.cab for offline scanning.

Method 1:
1. Run mbsacli.exe by itself on a machine with Internet access. It will automatically download the wsusscn2.cab file and save it into either of the following folders:

• C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\   
• C:\Users\<username>\AppData\Local\Microsoft\MBSA\2.1\Cache

Method 2:
1. Download it from http://go.microsoft.com/fwlink/?LinkId=76054

Recently, there have been a lot of security guidelines being passed down from the various security related agencies and from the auditors about USB thumb drives and HDD drives being plugged into the workstations or notebooks.  Their concerns are that restricted information may be copied out to these removable media and taken out of the office.

Well, in Windows XP SP2, I have implemented USB restrictions to prevent users from plugging in their removable USB media and also disallow them from burning into writeable CDs and this was done long time ago and recently because of this I have to go back and dig out this piece of information.

Hope this saves you some time having to ask Mr. Google.

1. How to disable USB ports to prevent Removable Storage Devices from connecting

You want to prevent users from connecting their removable medias to the USB ports.  This procedure will show you how to disable USB ports to prevent Removable Storage Devices from connecting. E.g. USB Thumb drives, External HDD. But not to worry, it will allow USB Mouse operation.

1. Deny permission on the files usbstor.pnf and usbstor.inf, located at %systemroot%\inf (Note that this folder is hidden, you will need to "Show all hidden files" in File Explorer)

* Remove all users from the permission lists and add "System" to "Deny All"

2. Set the Start value to hexadecimal 4 in the Registry at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor

2. Disabling CD-ROM & Floppy Drives

2.1 How to disable CD-ROM

Set the Start value to hexadecimal 4 in the Registry at

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom

This will also disable user from connecting an external USB CD/DVD-Writer to the system.

2.2 Remove CD Burning Features

Use GPO settings to remove CD burning feature:

Local Computer Policy\User Configuration\Administrative Templates\Windows Components\Windows Explorer\Remove CD Burning features

* Windows Explorer allows you to create and modify re-writable CDs if you have a CD writer connected to your PC.
* If you enable this setting, all features in the Windows Explorer that allow you to use your CD writer are removed.
* If you disable or do not configure this setting, users are able to use the Windows Explorer CD burning features.

• Note: This setting does not prevent users from using third-party applications to create or modify CDs using a CD writer.

2.3 How to disable Floppy Drive

Set the Start value to hexadecimal 4 in the Registry at

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Flpydisk

3. Prevent Writing to USB Storage Devices

If you still want to allow your users to connect their USB media but prevent them from writing, this is what you will have to do.

Prevent Writing to USB Storage Devices via registry setting. Only works for Win XP SP2.
1. Start the Registry Editor
2. Go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control key
3. If there is no key called StorageDevicePolicies, create it. You do this by right-clicking the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control key, and selecting New > Key from the menu.
4. Select the StorageDevicePolicies key
5. From the menu select Edit > New > DWORD Value
6. Name the new value WriteProtect
7. Right-click the WriteProtect value and choose Modify
8. In the Value Data: box enter 1
9. Exit the registry editor, and restart your computer

VMware is one of the hottest technologies in 2009.  There are now many companies embarking on virtualization to reduce DC space and also to reduce cost.

• There are only 2 channels to purchase VMware. It’s either via OEM manufacturers like Dell, HP, IBM or via re-seller like Ingram Micro.
• There are 3 main products that will be mostly used by customers. They are “VMware Infrastructure 3”, “VMware vCenter Server” and “VMware ESXi”.
• General guideline for a 2 socket Quad Core server, it is able to run 40 Windows XP virtual machines.
• Only runs on x86 architecture.

Virtual Infrastructure Editions

ESXi Basic

VI Foundation
- License cost: US$995
- Supports 2 core CPU
- Additional components: “VC Agent”, “Update Manager”, “Consolidated Backup”
  - Consolidated Backup
    - Remove the need to install backup agent into each VM. 
    - Eg. Windows Server 2003, it uses Shadow Services to present a snapshot of the OS for the backup software to perform a backup.

VI Standard
- License cost: US$2,995
- Additional components: “High Availability”
- HA: Provides VMware clustering by moving the VM to other physical boxes (but still got downtime)

VI Enterprise
- License cost: US$5,750
- Additional components: “VMotion”, “DRS”

Miscellaneous

VMotion
- Need to adhere to same CPU architecture (eg. Opteron to Opteron)
- Can only move from virtual to virtual

Storage VMotion
- Can move from physical to virtual
- Good for situation whereby need to increase HDD space

VMware Converter
- 3rd generation tool that automates machine format conversions to VMware VMs
- Good for situation like Windows NT 4.0

If you are like using Windows Server 2008 as your primary OS for your daily usage, you might want to enable the following to turn it into a workstation.

Tip #1: Enable Wireless Networking
1. Start the Server Manager by clicking the Server Manager icon in the systray, or the Server Manager shortcut in directly the Start menu or in the menu Administrative Tools

2. In the Server Manager scroll down to Features Summary and click Add Features. In the Add Features Wizard window scroll down, check Wireless LAN Service and click Next.

3. At the Confirm Installation Selections page click Install.

4. Click Close to finish the installation. Now you have wireless support in Windows Server 2008!

Tip #2: Enable Desktop Experience
Desktop Experience includes features of Windows Vista such as:

• Media Player
• Desktop Themes
• Photo management

Some of the issues this service will solve are:

• Being able to install the camera driver for your iPhone so that you can copy your pictures out via File Explorer
• Able to map to your iPhone via WebDav via applications like “Air Sharing”

Steps on installing Desktop Experience:
1. Repeat the above steps in Tip #1 to get into the “Add Features”

2. This time select “Desktop Experience”

If, for some reason, you want to boot Windows Server 2008 without the hypervisor you can create an extra entry in the boot loader. Here's how:

1. At the command prompt, type the following:
   bcdedit /copy {default} /d "No Hypervisor"
2. The above command should say: The entry was successfully copied to {guid}. Copy that guid to the clipboard including the curly braces.
3. Now, type the following command:
   bcdedit /set {guid} hypervisorlaunchtype off
   In the above command, replace {guid} with what you copied in step 2. The above command just sets a property in the boot entry that will not load the hypervisor on boot.

That's it. If you now boot your machine you will get a boot menu with an extra option.

Now why would you do it? Troubleshooting is one reason but for test/dev/training purposes you might want to run something like Virtual Server or VMware Server/Workstation on the same box. Running those with the hypervisor turned on will give you all sorts of problems: it will be slow, and you won't be able to run x64 guests in VMware, etc...

As for me, I wanted to try out Solaris 10 on VMware as currently Hyper-V doesn’t support Solaris yet.

Tip #1: There is a bug in VMware that if you select the default 540MB memory allocation, the installation will hang. You need to allocate 1024MB.

This is a list of applications for iPhone 3G which I think is useful or essential.  Do let me know if there are any apps which you think are “A must have”.

Free Apps:

• TodayOnline Singapore newspaper (via App Store)
  • Read about Singapore news while taking public transport to work
• Stanza (http://www.lexcycle.com)
  • Read ebooks on your iPhone
• WinSCP (http://winscp.net/eng/index.php)
  • To transfer files between iPhone & your Computer
• StatusNotifier (via Cydia)
  • Email, SMS, Call, Voicemail notification in status bar (top right hand corner)
• Files Lite (via App Store)
• Similar to Air Sharing. You can store your documents on your iPhone, view them & transfer them between your PC or Mac
• Of course, being free the limit is 200MB.  But I think it’s pretty good enough.  Do get the Pro version if you need more storage + some more added functionalities.

Paid Apps:

• Air Sharing (http://www.avatron.com/products/)
  • Mount your iPhone or iPod touch as a wireless drive on any Mac, Windows, or Linux computer.
  • Drag-drop files between your iPhone or iPod touch and your computers.
  • View documents in many common formats.
• m.Box Mail
  • Lets you access Windows Live Hotmail accounts on your iPhone