O R G A N I C / F E R T I L I Z E R: 11.07

Nov 28, 2007

misc: windows mobile reply to all leaves your email address...

this has been a total source of irritation since i've been a windows mobile user. i thought it was just a 5.0 thing and apparently never annoyed enough to check. when i found it happening on my 6.0, that's when i realized it was something worth looking into... if you have the same problem, the fix is in this blog post.

Nov 20, 2007

mom: ad remote topology discovery failed to execute...

i forgot all about this thing.  it started cropping up in my environment but couldn't figure out why.  after awhile, it finally dawned on me.  the agent was reinstalled, but the computer table was never adjusted.  yeah, i wish i was making this up.  this happens when you monitor DCs in an untrusted forest or domain.  here's the article.  i particularly love the way it says this:


To work around this issue, install a separate MOM management group in each untrusted forest.

Note This issue has been known to be partially resolved by the following method. First, apply MOM 2005 SP1. Then, use the Active Directory Topology Discovery script to enable the server fully qualified domain names (FQDNs) to be added to the Computer table. However, when you use this method, most of the scripts will continue to log errors.

of course, it doesn't tell you how to resolve this.  in the onepoint database, there's a table called "computer".  there's a column in there called "fqdn".  you have to specify the fqdn of the machine in question.

Nov 19, 2007

sms: sms 2003 recipes...

awhile back, greg ramsey and warren byle wrote this magnificent book called sms 2003 recipes: a problem-solution approach. it's the equivalent of the active directory cookbook for sms. it has all kinds of scripts that can help automate your environment. now, the best part is, the scripts are all free and available for download. it's a little cumbersome trying to find it... so for your reference, here's the link.

Nov 9, 2007

sms: reporting access denied after applying sp1...

maybe this is old news. maybe i'm just getting around to hearing about it... or maybe we finally did something right? now we're seeing the problem. here's the deal... recently, we decided to move from our current tier administrative approach to a three-tier approach which truly separates user, server, and domain functions so that we can minimize accidental screw ups to some degree. in doing this, our server admin accounts were added to the sms servers. our user accounts were removed. keep some of the base functionality, we left our user accounts in our sms reporting groups. apparently after applying windows server 2003 sp1, there are some changes that need to occur for launching sms web reporting if your account is a member of the sms reporting users group but not the local administrators group. trying to launch results in an error like this:
Server object error 'ASP 0178 : 80070005' Server.CreateObject Access Error /SMSReporting_093/ReportsNav.asp, line 1055 The call to Server.CreateObject failed while checking permissions. Access is denied to this object.
no point in expressing the changes required in dcomcnfg. they're all covered in this article. :)

Nov 8, 2007

misc: 1e roadshow: enterprise solutions

i sent this out to the subscribed members of the atlanta smug. thought anyone else that's in the atlanta area might be interested in going. here are the details! obviously it's a british thing... look how tea is presented before coffee. anyway, drop me a line or leave a comment if you're going. would love to meet up! register here...

1E Road Show: Enterprise Solutions

Atlanta Road Show, US: Thursday, 29 November 2007

Emory Conference Center Hotel 1615 Clifton Road Atlanta GA 30329 Tel: 404 712 6000 Website: www.emoryconferencecenter.com Location/Map: http://www.emoryconferencecenter.com/maps.html

Note : Detailed event information will be provided on confirmation of registration.

Morning – Technical Session

08:30 am – 09:00 am Registration and reception with tea & coffee

09:00 am – 09:30 am Guest introduction and their IT challenges - Courtney Austin, Marketing Manager and Bruce Walter, Business Manager, 1E

09:30 am – 10:45 am Microsoft System Center overview - Lauren DiNatale, Management and Security Solution Specialist, Microsoft

10:45 am – 11:00 am - Tea & coffee break

11.00 am – 12.15 pm 1E solutions - Derek Hartung, 1E, Lead Consultant

12.15 pm – 12.30 pm 1E Solution Demo - Brian Tucker, 1E Solutions Engineer

12.30 pm – 12.45pm myITForum Overview, Rod Trent, President, myITForum

12.45 pm – 1.00 pm Session Summary - Sumir Karayi, 1E Chief Executive Officer

Lunch – With guests split into tables with specifically grouped discussion points hosted by a 1E/Guest speaker attendee

Afternoon – 'Go-Green' Business Session

02:15 pm – 02:45 pm Guest Go Green challenges - Courtney Austin, Marketing Manager and Bruce Walter, Business Manager

02:45 pm – 03:30 pm Go Green with 1E solutions and industry research - Sumir Karayi, 1E Chief Executive Officer

03.30 pm – 03.45 pm 1E Go-Green Solution Demo - Brian Tucker, 1E Consultant, Tucker, 1E Solutions Engineer

03:45 pm – 04:15 pm - Tea & coffee break

04.15 pm – 04:45 pm Customer 'Go-Green' insight with ROI – Brian Mufley, Manager, Framework Engineering, LendLease

04.45 pm – 05:00 pm Event wrap-up, next steps - Sumir Karayi, 1E Chief E

misc: dsquery vs powershell...

as a part of trying to familiarize myself with powershell, i figured converting some of my favorite dsquery commands to it would be as good of a measure as any. the problem was, i had a hell of a time figuring it out! thankfully, hal was nice enough to help out... in order to get displayname and streetaddress from dsquery, you'd use a command like this:
dsquery user -samid myUser | dsget user -display
oh wait a second... there is no switch for streetaddress. all you'll get is something like this:
  My User (Test)
let's try that again...
dsquery * -filter "(&(objectcategory=person)(samaccountname=myUser))" -attr displayname streetaddress
in my case, i have multiple lines in my streetaddress attribute, which throws off the entire format. this is something i wanted to avoid so i seeked powershell as the answer (instead of writing a vbscript to handle it.)
  displayname                 streetaddress
  My User (Test)              2000 My Test Avenue
Suite 200
here's how you'd pull the information from powershell (providing you use the quest add-ons)...
get-qaduser testdomain\myUser | format-table displayname,streetaddress

DisplayName                                  StreetAddress
-----------                                  -------------
My User (Test)                               2000 My Test Avenue...
already much better. however, the street address is truncated. so let's try again.
get-qaduser testdomain\myUser | format-table -wrap displayname,streetaddress
now we get the full street address, but as you can see, the cr/lf is carried over. to get rid of it, we'll insert a replace statement.
DisplayName                                  StreetAddress
-----------                                  -------------
My User (Test)                               2000 My Test Avenue
                                             Suite 200
get-qaduser testdomain\myUser | format-table -wrap displayname,@{label = "StreetAddress";expression = {$_.streetaddress -replace "`n",", "}}
resulting in this much nicer formatted version...
DisplayName                                  StreetAddress
-----------                                  -------------
My User (Test)                               2000 My Test Avenue, Suite 200

Nov 5, 2007

ds: password complexity rules...

in case you're asked for it, like i am, all the time, as in ... yesterday, today, tomorrow...
  • Do not contain all or part of the user's account name.
  • Contain characters from three of the following four categories:
    • English uppercase characters (A through Z).
    • English lowercase characters (a through z).
    • Base-10 digits (0 through 9).
    • Non-alphanumeric (for example, !, $, #, %). extended ASCII, symbolic, or linguistic characters.
i believe in cases where it refers to "part of the user's account name" it specifically means 3 or more characters in a row. for example, since my name is "marcus" i can't have the letters "arc" or "rcu" or "mar" in my password. it's not referenced in the following article but is referenced in a sql 2005 article. anyway, here's more detail from the article...

Nov 1, 2007

ds: ad attribute editor (adae)...

heard of this tool? just saw it come through activedir. check it out here: http://www.fcsovelto.fi/adae. here's a small blurb of what it does:
ADAE (Active Directory Attribute Editor) enables you to add your own property pages (tabs) to the Active Directory Users and Computers. This way you can view and/or modify predefined attributes, such as user's EmployeeID, or any new attributes you or your applications have added to AD.
look carefully on the page. read/write version costs money. read version is free.