Technical Notes

My online notepad

How to install RDP 6.1 on Windows Server 2003

Posted by Anton Khitrenovich on March 7, 2012

Microsoft RDP client (aka “Remote Desktop Connection” or “Terminal Services Client”)  allows you to connect from your Windows station to other Windows servers. Version 6.1 was released in 2008 and nowadays many popular tools (such as mRemoteNG) state it as a requirement. Unfortunately, this version is available for Windows XP/Vista and Windows Server 2008, but not for Windows Server 2003.

So, how can you install RDP client 6.1 on Windows Server 2003?

It appears that in January 2001 Microsoft released security update for RDP client 6.0 and 6.1 – which can be installed on Windows Server, since the original RDP client 6.0 is supported there. Now, pay attention to this note in the “more information” section:

Bottom line? Take the official RDP client 6.0, download KB 2481109 for Windows Server 2003 (the security update mentioned above) – and you are ready to run with RDP client 6.1 on your Windows Server 2003!

Posted in HOWTO, Workarounds | Tagged: , | Leave a Comment »

Initial Tuning of MediaWiki Installation

Posted by Anton Khitrenovich on February 4, 2012

Just found another old notes on the initial tuning of MediaWiki installation. Note sure if they are outdated or not, but maybe somebody will find them useful. The notes are not really detailed, so some minimal technical understanding of MediaWiki software is required.

Permissions

Disable self-registration and anonymous editing:

$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['*']['edit'] = false;

Appearance

Change the name of the site (shown in browser window title):

$wgSitename = "My private Wiki";

Change the main page:

  1. Go to “MediaWiki:Mainpage” page
  2. Click on “Create” or “Edit” tab
  3. Enter the name of new main page
  4. Save changes

Files Upload

Change allowed upload types:

$wgFileExtensions[] = 'zip';

Icons for file types are located under skins/common/images/icons directory.

Site Name in OpenSearch Box

To edit site name that is displayed in search boxes of popular browsers:

  1. Go to “Special:Allmessages” page
  2. Find opensearch-desc message
  3. Click on the message name
  4. On the edit page, set the new message text
  5. Save the page

 

Posted in HOWTO | Tagged: | Leave a Comment »

For non-US people: How to Avoid Wikipedia Blackout

Posted by Anton Khitrenovich on January 18, 2012

For all non-US people, that have no U.S.Congress representative to contact about SOPA and PIPA – here is the simple recipe  to avoid the blackout.

First of all, you need Google Chrome with AdBlock extension. Now, open the AdBlock options, go to the Customize tab, click on ‘Edit’ button and add the following two lines to the filters:

http://meta.wikimedia.org/w/index.php?title=Special:BannerLoader&banner=blackout*
http://upload.wikimedia.org/wikipedia/commons/9/98/WP_SOPA_Splash_Full.jpg

Don’t forget to click ‘Save’ and enjoy the Wikipedia again!

Posted in HOWTO, Workarounds | Tagged: | Leave a Comment »

Deployment of New VM from Template Fails with VMDK Locked Error

Posted by Anton Khitrenovich on January 16, 2012

Some time ago I managed to isolate an ugly vSphere 5 bug that caused me some unpleasant moments. Today I finally reproduced this behavior in a clean lab environment, so I feel confident enough to describe it in public. Don’t worry, the way to recover is described also!

Take a vSphere 5 environment with a template (say, “MyTemplate”) that you want to deploy a virtual machine from. Step through a regular deployment wizard and select “Edit Virtual Hardware” on the last page. In the VM properties, choose the hard disk and change its size. The new VM (say, “MyVM”) will be created successfully, but the next time you’ll go through the deployment process it will fail with a strange message: “Unable to access file ‘MyTemplate/MyTemplate.vmdk’ since it is locked”…

A quick search in VMware KB (or just in Google) will tell you that the vmdk (the virtual disk of the VM) is usually locked when some other VM uses the same disk. Hey, this is a template! No other VMs are supposed to use the template disk, right? Well, the truth is that this disk is now attached to MyVM – yes, that one with different disk size… But let the lock alone. Your lovely template is now gone, since the disk that belonged to the template is now owned by the running virtual machine – with new name, settings and maybe even software!

Well, how do you recover from this situation? The good news are that the original disk from MyTemplate is not gone. In fact, vSphere really cloned a new vmdk file for MyVM and placed it where it should usually reside – in ‘MyVM/MyVM.vmdk’ – but for some reason set the MyVM to use a template file instead. At this moment you can take a deep breath, shut down MyVM, point it to the right virtual disk and physically swap the files in the datastore… Continue reading “Deployment of New VM from Template Fails with VMDK Locked Error” »

Posted in Troubleshooting, Workarounds | Tagged: , | Leave a Comment »

IBM Tivoli Access Manager for e-business and WebSEAL Resources

Posted by Anton Khitrenovich on January 15, 2012

After posting another WebSEAL HOWTO recently, I feel it is the right time to post my collection of WebSEAL-related resources and forget about the WebSEAL for a while.

IBM Tivoli Access Manager (TAM) for e-business is positioned by IBM as an end-to-end security solution for e-business, focused on providing robust, policy-based security to a corporate web environment. The web security components of TAMeb are WebSEAL (reverse proxy web server that performs authentication and authorizations; typically used for DMZ external access to backend content servers) and Plug-in for Web Servers (plug-in that secures web servers; typically used for internal access). Continue reading “IBM Tivoli Access Manager for e-business and WebSEAL Resources” »

Posted in Miscellaneous | Tagged: , , | Leave a Comment »

Gmail App for iOS – Pros and Cons

Posted by Anton Khitrenovich on January 14, 2012

[ This mini-review was originally written in mid-November 2011, when Gmail App for iOS was back to AppStore, and published on Google+. Today Google released an update for Google Sync (ability to easily delete messages instead of archive them - something I was missing in the native email client), so I recalled this text and reposted it here also. ]

I decided to try the new Gmail App over this weekend. Here is a short summary:

Pros:
1. The Gmail App has Gmail-style threaded view that I really miss in native iOS client. Also, the UI look and feel is synced with the new style of the browser version of Gmail.
2. The Gmail App allows me to do a clear separation between corporate and private mailboxes – work Exchange goes to native client, Gmail – well, to Gmail. For me, it is very convenient to see if it is personal of work-related email before I run to check it out. Also, with this separation I can disable notification sounds on any specific email account (the work one, i my case).
3. Other reviews report that search here is much better. I had no chance to test this on my own today, but native search was sometimes… say, frustrating.

Cons:
1. The main concern about Gmail App is that it is not fully integrated in all the applications on iOS like the native client – and there is no hope for such integration. Of course, you can compose emails using native address book or browse for picture attachments, but other apps the utilize sharing via default email client (for example, Genius Scan) obviously are out of scope here.
2. It seems that Gmail App is not so fast in getting emails as Gmail account defined in the native client via Google Sync with Push. I have no reliable idea what is the reason for this behavior…
3. There are no modern-style banner notifications in the Gmail App for some reason. Yet, I hope this is something to be added in the future versions.

As you may see, there are both pros and cons of using new Gmail App instead of the native email client, and I’m still not sure if it will survive on my iPhone. But I will test it for few more days…

Update (January 2012): Still using Gmail App. It is definitely slower that native client, but the threaded view and the ability to easily archive, delete and star messages keeps it alive for me.

Posted in Miscellaneous | Tagged: , , , | Leave a Comment »

Unauthenticated Access to WebSEAL Junctions

Posted by Anton Khitrenovich on January 8, 2012

By default WebSEAL junctions do not require any specific authentication for external access – they just derive the default ACL definition of the WebSEAL. However, this default ACL does not allow access to unauthenticated users. So, efficiently the users have to pass authentication with any available authentication method to gain access rights for the junction that does not need any specific authentication.

Here I will explain how to define unauthenticated junction – a junction that allows access to any user, including users that did not pass WebSEAL authentication at all. In fact, creating unauthenticated junction in WebSEAL is super-easy and super-simple when you are experienced WebSEAL professional. If you are a newbie or WebSEAL administration is not among your main tasks, the logic of this flow is not so trivial to guess (or even recall).  Continue reading “Unauthenticated Access to WebSEAL Junctions” »

Posted in HOWTO | Tagged: , , | 1 Comment »

Microsoft DirectAccess Resources

Posted by Anton Khitrenovich on January 8, 2012

Microsoft DirectAccess technology provides seamless corporate network connectivity to the clients. Available in Windows 7 Enterprise (client) and Microsoft Server 2008 R2 (server). Implementation mostly relies of mandatory IPsec implementation in IPv6 protocol. For further reading see the list of relevant resources below. Continue reading “Microsoft DirectAccess Resources” »

Posted in Miscellaneous | Tagged: , | 1 Comment »

How to fix “missing required fields” warnings in Rich Snippets Testing Tool

Posted by Anton Khitrenovich on December 24, 2011

Several days ago I checked what Google’s Rich Snippets Testing Tool thinks about this WordPress-based blog. The results were not bad in general, but also not good enough for my understanding. While Google was able to detect that I am the owner of the blog and presented a link to my Google+ Profile, and the main page of the blog was correctly detected as a list of blog entries, each one with the permalink, a list of tags and a list of categories – the most important things were missing: the title, the date and the author of the post. The following errors were displayed for each blog entry:

Warning: Missing required field “entry-title”.
Warning: Missing required field “updated”.
Warning: Missing required hCard “author”.

Obviously, I started to check what can be done about that. Continue reading “How to fix “missing required fields” warnings in Rich Snippets Testing Tool” »

Posted in Miscellaneous | Tagged: , | Leave a Comment »

How to install Admin Pack for Windows 2003 on Virtual Machine

Posted by Anton Khitrenovich on December 14, 2011

The internet is full of complains that Admin Pack for Windows 2003 cannot be installed due to protected Windows files. I guess that this can happen for various reasons, but I have found a solution for at least one of the cases – when the server where the installation of Windows 2003 Admin Pack fails is virtualized.

So, we have two servers - Windows 2003 Server with Active Directory installed as Domain Controller (server #1) and VM with Windows 2003 Server that is a member of this domain (server #2). The need – administer DNS and DHCP settings of AD remotely, but corresponding MMC snap-ins are not available by default on non-DC machines. The correct way is to install ADMINPACK.MSI, available from Windows 2003 installation CD-ROM or from Microsoft Download Center. (Of course, you can always open an RDP session to a DC – but this does not address the real need.)

However, the installation suddenly shows a message ”The Windows Installer service cannot update one or more protected windows files” and rolls back everything that was already installed. The Event Viewer reveals error numbers (“Error 1933. … SPF Error: 1223.”) and the list of protected files – but this does not really help. So, what can we do about that?

In fact, the solution is really simple. Running the same installation via the console RDP session (or in the vSphere console) reveals the real cause for the failure – the Admin Pack install needs Windows 2003 installation CD-ROM, but for some reason does not tell that on non-console sessions. After the requested CD is provided (for VMs, this can be done by mounting the CD image in vSphere or via DaemonTools), the installation was able to complete successfully. Continue reading “How to install Admin Pack for Windows 2003 on Virtual Machine” »

Posted in HOWTO, Troubleshooting | Tagged: , , | Leave a Comment »

« Previous Entries