Behind the Helpdesk

25 “Worst Passwords” of 2011 Revealed

If you find your password in this list, or something close to it, change your password immediately! Make sure you have symbols, special characters, and longer than 8 characters. Below is the link to see the top 25 passwords of the year.

Android & Cisco VPN AnyConnect – Part 1

Cisco is finally seeing the light when it comes to VPN support for Android’s. You may wonder why you would want VPN access from your Android device. Having VPN access from a mobile device means you can access basically access any company resource remotely (like a privately hosted Citrix environment, Windows Active Directory resources, Remote Desktop, VNC, etc). This is very handy for the typical network/system administrator or road-warrior.

So how do you get started?

(continue reading…)

How-To & Review: Google Cloud Printing

In the age of high-tech mobile devices bringing everything to you from streaming video, to email, to Angry Birds, and so on from the touch of your finger tips, we still sometimes have to rely on “ol’ fashioned” desk-top style hardware. Sometimes you need a large monitor, more processing power, or just that full QWERTY physical keyboard. Let’s no forget printers! Yes, people still do print from time to time, even in this age of soft-copies and electronic forms. So what do you do when you’re on the road and need to print something (lets say to your office) from your mobile device and you just don’t have the time/means to email it? You need a cloud printing solution, and you want it to be printer-model agnostic.

(continue reading…)

Tablets and the Enterpise Environment

Tablets are all the rage right now. Why shouldn’t they be? They provide good portability and connectivity. They fall right in between a cell phone (downside: limited screen space) and standard laptops (downside: weight, size, portability). Netbooks never truly took off the way I think we all thought they would. Running Windows on a netbook left something to be desired for performance.

Bring on the tablets. Slim and snappy OS kernels, flash memory, no moving parts, light weight and very portable. They are relatively cheap, and some can even connect via cellular signals and don’t need to rely just on WiFi (Apple iPad). These devices are slowly making their way into the enterprise environment. And why shouldn’t they? It definitely makes access to your office network much more convenient in more locations than ever before. IT support and security become an issue. Allow these devices on your office network? How much can we control them? How do we protect the office infrastructure?

Apple makes a nice utility for iPhone’s and iPad’s that allow IT personnel the ability to preconfigure VPN, Email, and WiFi settings. It can also remove the ability to download applications and/or music. You can even set a password policy – for both the end user, and to remove all of the configured settings. Blackberry has the ability to lock the device with a password via Enterprise console. Of course this means the phone must be powered on and connected to the mobile carrier, to receive those new settings.

Where is this for Android? Windows Mobile? Palm? Android in particular has 3rd party programs available, like MyLookout (free!). If you lose your phone, provided it’s powered on, MyLookout will track it via GPS. You can even wipe it remotely, or initiate an audible “scream” to help you find it or frighten whoever stole the phone.

Word to the wise – before allowing these devices on your office network, make sure you have adequate security protocols in place. Whether that is MyLookout, or the iPad configuration utility, etc. If you find yourself in a situation where a user lost their device (yes, it happens!), think of how you will respond to the situation, and start planning now for that!

Printer Migration from Server 2000 to Server 2003

At work, I took it upon myself to migrate our print server.  We were using an outdated Windows Server 2000 solution and I felt it was time to upgrade.  After the new Windows Server 2003 R2 was implemented, I was wondering how to get all the existing printers on there in the easiest manner.  Solution: Printer Migration tool 3.1 found here!  It is a simple stand alone application that is easy to use.  You can run it remotely as well.  So from my desktop, I choose a target machine to pull the printers from, in this case the Server 2000 box.  Once targeted, you choose where to backup the .CAB file it creates.  Run the program and Voila, after a few minutes you have the .CAB file.  Now you target the new server, in my case, the Server 2003 server, and you restore the .CAB file to it.  I did run into a couple of issues, but they were easily solved.  They are described below.

When using the printmig.exe tool to migrate print queues
from a Windows2000 server to a Windows 2003 server.  It
can backup OK.  When doing any kind of restore, even
a restore to itself the following error message occurs:

FAILURE – Can’t get printer driver directory:  1722

Solution: To enable Client Connections.
the RPC listening endpoint is not set on Server 2003 until one adds a shared
printer or turns on the RPC endpoint in gpedit.msc.  Printmig should work
locally but will always fail remotely on a fresh install.

follow these steps to fix this:


1. Run Local Group Policy by going to Start > Run and type gpedit.msc

2. Explorer Computer Configuration,

3. Select Administrative Templates,

4. click Printer.

5. On the Right pane, right-click on “Allow Print Spooler to accept client connections.”

6. Select Properties and check Enable.

7. Click OK to close the Local Group Policy.


When trying to restore printers using Printer Migrator on a windows 2003 server, you may receive this message: “WARNING: Kernel Mode Drivers (version 2) are blocked on the target machine. Disable Kernel Mode driver blocking and re-run Printer Migrator…”

Solution: To disable  Kernel Mode driver blocking, following these steps:

1. Run Local Group Policy by going to Start > Run and type gpedit.msc

2. Explorer Computer Configuration,

3. Select Administrative Templates,

4. click Printer.

5. On the Right pane, right-click on “Disallow installation of printers using kernel mode drivers”

6. Select Properties and check Disabled.

7. Click OK to close the Local Group Policy.

Testing Windows 7 RTM!

I decided today would be a good day to dual-boot my laptop with Windows 7 RTM. I figured with all of the hype around it, being faster and better than Vista, a trial run wouldn’t hurt. Worst case, I boot back into XP and delete the second partition. Since I’ve only been using W7 for an hour or so, I’m only going to touch upon some of the immediate highlights.

Installation. The installation is DVD-based, and just like Vista, it’s colorful (GUI). It also supported by USB wireless mouse and keyboard! The speed and ease of the installation is fantastic. I should have timed it, but I really don’t think it took more than 20 minutes. It felt quicker, but I’m sure it wasn’t.

Initial boot-up & log in. After adding the computer to the domain where I work, restarts, log-in’s, and desktop loads (to the point where all programs have finished loading) were extremely fast. Also, Microsoft has removed all of that fluff that’s included when you initially log into a Windows XP machine. The desktop is clean of clutter, and it already includes a cool background.

Device Manager – check device drivers. I figured as with all previous Microsoft operating systems, there’s bound to be a few devices that need the manufacturer driver. This was true for the video and sound driver. No big deal though, as I went to Dell’s website and downloaded what I needed. Obviously it was lucky for me that Dell has Windows 7 drivers for this laptop! After loading up both drivers, I did a quick reboot, and things started looking more clearly.

Antivirus. We run Symantec Endpoint 11 MR4, but it wouldn’t install properly. We downloaded MR5, and it loaded perfectly.

Legacy applications. We use Numara Track-It for our Helpdesk, which installed with no issues.  In addition, we use the typical Server Administrative Pack tools (for Windows servers). In Vista and Windows 7, the standard adminpak.msi found on Windows 2003 servers no longer works. I had to track down the new version, called Remote Server Administration Tools (RSAT) made especially for Windows 7 RTM. That dropped a nice shortcut in Control Panel that included all of our beloved tools. Even the once-hated Windows UAC has backed down quite a bit during all of these software installations and system changes.

So far, I’m very impressed with Microsoft’s new OS. Some will call it Microsoft’s redemption, some will continue to be haters. Take it for it is, and for what it’s worth! As I get to test out W7 in greater detail, you’ll read about it here. Below are screen shots of my system config, for your information.




More Chinese firewall problems after riot

The Chinese government is at it again. Could you imagine having such control over communications? They can shut down the Internet at will, block sites like Twitter so users can’t post updates about a riot in progress. It just seems so unreal!

Linksys/Cisco Wireless Router – Firmware Upgrade – Project?!

I have a friend who’s home public IP is DHCP, and they have an IP-enabled thermostat for their house. I set up a free DNS “A” record from, so they could access the thermostat remotely without having to remember the IP address. The URL is something simple like Since the public IP is dynamic, I set up a service on their home PC that automatically updates that free DNS “A” record to reflect the new public IP (whenever it changes). This is called Dynamic DNS (DDNS). The problem with all of this is that the home PC must be turned on whenever the DNS “A” record needs to be updated. At this point, I figured I would leverage his Linksys BEFW11S4 wireless router to handle the DDNS updates.

Upon logging into the router, I discovered the DDNS service was no where to be found! Soon enough I figured out that the firmware had to be updated, which introduces the DDNS service. Downloading the firmware was simple enough, and the upgrade *should* have been straight-forward too – log into the router, go to the corresponding page for firmware updates, browse to where the file is saved, and update.

Unfortunately it wasn’t that easy. I was getting the error of “”Upgrade action is not finish. Upgrade file pattern error.” If the grammatical error was not bad enough, not being able to upgrade the firmware easily became frustrating! A simple Google keyword search resulted in a Linksys forum page with the same issue. It appears that the naming convention that Linksys gives their firmware files is not compatible with their own products! Simply renaming the file from “BEW1.52,blah blah.bin” to “code.bin” allowed the router to read the file and update the firmware successfully. No numbers, no mid-way periods, no commas – just “code.bin”.

After the update, DDNS was available on the router, and is now successfully updating the DNS “A” record as needed, without the use of a PC-based service.

LogMeIn now with mobile phone support

LogMeIn is superb for assisting others remotely with their computer problems. No matter where they are in the world, if they have an internet connection, you can get to their computer to help. Best part of it all… it’s free!!

Now, you can support most mobile phones including Windows Mobile, Symbian, and BlackBerry (for a fee, sorry!) right from your desktop. InfoWorld mentions some more about it.

1 Comment more...

Greatest office battle ever!

Found this video on Yahoo this morning.  If you work in an office, and have any grudges against other departments, you can appreciate this one.

Who will win the battle?

Copyright © 1996-2010 All rights reserved.
Jarrah theme by Templates Next | Powered by WordPress