windows

Case Study – Server Replacement and Upgrade

We were recently approached by a solicitors, based in Staines, Middlesex. They asked us to perform a full review of the network, and make suggestions on how to improve the existing setup.

The Problem

The customer was worried the server was out of date, and was running slowly. They had to reboot the server frequently when there was access problems, and they thought that there was a problem with the hardware as a result. The server room was untidy and there were lots of computers setup and running in the room.

Review: Hardware

The customer was using an outdated HP Proliant ML350 G6, and the warranty for the server had expired a number of years ago. Although properly specified, with enough storage space and system RAM, if this main server failed, there would be a long amount of downtime until it could be returned to proper service.

In addition to this, the customer had two physical machines setup for remote access. This was because their LOB (line of business) applications did not support remote access with Microsoft Remote Desktop Services. The machines that were being logged into were also old, and were slow to access.

We recommended that the server be replaced with a newer model, with next-business-day warranty. This would mean that if the server failed, a technician would be on site from the manufacturer the next day the replace any faulty parts. In our opinion, this is absolutely mandatory for the main server in any business.

After reviewing the amount of storage space required, we suggested a Dell PowerEdge T130. These are inexpensive servers, which can still be well specified for small business use.

Review: Operating Systems

The server was running Windows Server Standard 2008, with although out of date did not need to be completely replaced. This is still supported by Microsoft until 2020.

The remote access machines were running retail copies of Windows 7 Professional. Again, these did not need replacement, as Windows 7 is still supported by Microsoft until 2020.

We suggested no change to the operating systems that are in use, but to purchase the server with Windows Server 2012 R2, to allow for a future upgrade of the domain.

Our Solution

It was clear that virtualising the existing environment was the correct way to go. The old hardware being used could be eliminated, saving space, maintenance overheads and energy. The server room would be much tidier also.

Work Carried Out

We installed Windows Server 2012R2 on the new Dell server, and the Hyper-V role was installed. We were then ready to virtualise the existing physical devices.

Working with the customer we identified all of the user accounts and computers that were still in use on the server. We renamed all of the existing client workstations from the automatically generated DESKTOP-3847393 type names, to easily identifiable DESK-1, DESK-2 etc. These computer names were updated in Active Directory, and were physically labelled on site.

Once this cleanup task had been complete, we were ready to virtualise the server. Once this task was complete, the existing server was powered off, and disconnected from the network.

We then had a virtual copy of the server running, with the existing server intact, as a backup of the configuration and data before the work took place. In a worst-case-scenario situation, this could be reconnected and the server returned to service.

We then cleaned up the server, removing HP drivers and proprietary monitoring utilities. This left a much cleaner installation of Windows Server, with just the key software installed to allow the server to function.

After this second cleanup task, we then virtualised the two remote access machines. The physical machines were then turned off, and decomissioned.

So – from 3 physical devices, all unmaintained and out of warranty, to one new physical server, with more memory and storage space.

I am most proud of the fact that all of this work was completed with zero downtime in working hours for the customer. As soon as the server was virtualised, it took over from the existing server.

Improvements made

  • Improved flexibility. If the customer has need for another remote access machine, one can be setup in matter of minutes by remote access, with no need to go on site.
  • Significant energy savings. Only one device needs to be running instead of 3.
  • Improved disaster recovery. If there is a hardware fault with the server, this will be repaired by the manufacturer, next business day.
  • Better Upgrade Path. Additional RAM and storage space can be more cheaply added if required.
read more
DamianCase Study – Server Replacement and Upgrade

Windows 10 – Don’t Miss Out!

Microsoft has confirmed that Windows 10’s free upgrade offer will expire on July 29, 2016. After that, you’ll have to pay £100 to upgrade on any computer that hasn’t already made the leap.

We know not everyone wants to upgrade to Windows 10 right now, and that’s fine. But did you know that Windows 7 has already ended the mainstream support cycle?

This means that Windows 7 will only receive security updates, and nothing else.

New features such as Cortana, the Windows App Store, and Bitlocker encryption aren’t available with Windows 7 Pro, so upgrading now is a good opportunity to gain access to these features, which you would otherwise pay for with Windows 7.

The vast majority of applications will work perfectly with Windows 10, just as they did with Windows 7.

We have been using Windows 10 in our offices now (as have man of our other customers) since the release date last year, and have nothing but positive words to say about it:

  • Faster boot times compared to Windows 7 – from a normal 30 seconds boot time to just 10 seconds
  • Improved driver compatibility – more things ‘just work’
  • Improved stability – less crashes and downtime
  • Great new features, like build in hard drive encryption

If you would like to take advantage of the free upgrade offer, but want advice on how to proceed, contact us now for a free rundown of the upgrade process.

read more
DamianWindows 10 – Don’t Miss Out!

Windows 10 – Change PPTP ipv4 Settings

screenshot win10 pptp

In my RTM copy of Windows 10 Pro, when I try to edit the IPv4 settings of a VPN connection, nothing happened when I clicked ‘Properties’.

Thankfully, there is a solution to the issue – you can edit the file rasphone.pbk in a text editor like notepad.exe and make the necessary changes in this file.

The exact setting I wanted to change was to disable the default gateway – also known as split tunneling. This way I can connect to the VPN, and only tunnel traffic for that specific remote site over the VPN – i.e. use my normal non-vpn connection for internet traffic.

This is called “IpPrioritizeRemote”. I set this to 0 instead of 1 and saved the PBK file. When I re-established the VPN connection in the usual way, the ‘default gateway’ setting worked as intended.

The PBK file is profile dependant, but can be found either at:

C:Users*username*AppDataRoamingMicrosoftNetworkConnectionsPbk

or:

%appdata%MicrosoftNetworkConnectionsPbk

Other useful settings:
IpAddress – IP address for the client to use
IpDnsAddress – DNS server for the client to use
PhoneNumber – IP address of the remote host

read more
DamianWindows 10 – Change PPTP ipv4 Settings

Join a wireless network before login

​Export the existing wifi setup
​netsh wlan export profile %SSIDName% folder=c:temp

XML files of the existing connections will be exported to c:temp. Find the one you want all users to access. You need to modify the to false and enter the wireless key.

You will end up with something like this:

<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>Best Network</name>
<SSIDConfig>
<SSID>
<hex>42657374204E6574776F726B</hex>
<name>Best Network</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2PSK</authentication>
<encryption>AES</encryption>
<useOneX>false</useOneX>
</authEncryption>
<sharedKey>
<keyType>passPhrase</keyType>
<protected>false</protected>
<keyMaterial>W2kjwoei111</keyMaterial>
</sharedKey>
</security>
</MSM>
</WLANProfile>

Delete the network from Wireless connections, because you need to re-add it for all users, and this will fail if it’s already setup.

Reimporting/Adding the WLAN config for all users
netsh wlan add profile filename=”wifi.xml” user=all

Note the wifi.xml needs to be modified to match the name of the xml file you wish to import.​

The wireless network should now connect before login.

read more
DamianJoin a wireless network before login

How to reset a network card in Windows

Open Control Panel
Click Hardware and Sound
Click Device Manager
In Network Adapters, find the LAN card you want to reset – this is often something like:

  • Realtek PCIe GBE Family Controller
  • Broadcom NetXtreme 57xx Gigabit Controller
  • Intel PRO/1000MT Network Adapter

Right click on the adapter and click Uninstall
You will be warned that this will remove the device from the system – ensure that ‘Delete the driver software’ is *not* ticked if this is shown
Note: Clicking OK will disconnect your remote access session if you are connected!
Click OK
The icon will disappear, and the network adapter will be disabled
At the top of the device manager list, the PC name is displayed
Right click this PC name and select Scan for hardware changes
The network card should reappear in Network Adapters
The network card will be reset to default settings, so you may need to reconfigure IP addresses, reconnect to a wireless network etc.

read more
DamianHow to reset a network card in Windows

Send test email via telnet

It’s often useful to test an email server manually – to ensure the port is open and redirected properly, and also that the server is delivering messages to the mailbox correctly.

Here is how to send an email manually with telnet:

Open a command prompt on the PC you will send the test email from
telnet server.server.com 25​
HELO jaytag.co.uk (response will be 250 OK)
MAIL FROM:dmcmillan@jaytag.co.uk (response should be 250 OK – mail from dmcmillan@jaytag.co.uk)
RCPT TO:james@stephenrjames.com (response should be 250 OK – Recipient james@stephenrjames.com)
DATA (response should be 354 Send data. End with CRLF.CRLF)
Test Email!
(line break)
.
(line break)
QUIT​

A successful delivery will look something like this:
250 OK

read more
DamianSend test email via telnet
end-of-life.jpg

Countdown to End-of-Support for Windows XP

Support for Windows XP ends

On April 8th 2014, Microsoft will end support for its decade-old Windows XP. This means, you will no longer receive security updates, fixes or online technical support for PCs still running Windows XP SP3 and Office 2003. The security and privacy implications of this event could have significant impacts on your business, so if you’re running either of these products you should plan to take action soon.

As a precaution, we would recommend all our clients to consider upgrading to the latest supported operating systems such as Windows 7 or Windows 8.1. Customers migrating to these platforms will benefit from enhanced security, broad device choice for a mobile workforce and higher user productivity.

Why upgrade now?

  1. No support: Microsoft support, including online and phone-based technical support, will end. As a result both Jaytag and any other IT support company will not be able to properly support Windows XP.
  2. Security Risks: Critical security updates will stop, making machines much more vulnerable to viruses. Hackers are waiting to take advantage of this insecurity. If your computer gets a virus your machine will not only not perform properly – it may shut down entirely. Moreover, you are at risk for losing files and having your personal and business information stolen. Anti-virus software will also not be able to fully protect you once Windows XP itself is unsupported.
  3. Compliance: Businesses that are governed by regulatory obligations may find that they are no longer able to satisfy compliance requirements e.g. PCI compliance.
  4. Hardware Manufacturer support: PC hardware manufacturers will stop supporting the above mentioned operating system. This will also mean that drivers required won’t be available anymore. E.g. a new HP printer won’t have drivers for the above operating system.
  5. Old technology: Windows XP was released 12 years ago, and was replaced by Windows 7 in 2009. It does not support HTML5 or the newest version of Internet Explorer nor does it support many modern hardware devices such as USB 3.0.

If you have any concerns regarding your systems, please do contact us to discuss the options that are available to you.

read more
DamianCountdown to End-of-Support for Windows XP

Windows Server updates failing – Error 80072EFD

You may have found that your Windows Server won’t update via Windows Updates Services and the following error message is displayed on screen.

error2

One issue which causes Windows Updates to fail with error 80072EFD is if the Windows Server is pointing at itself or another Server on the network to find the updates.

To check this click Start > Run > type “regedit”, and accept the UAC prompt to continue.

regedit

Now navigate to HKLMSoftwarePoliciesMicrosoftWindowsWindowsUpdate.

win

Look at the keys in that folder, and check whether they look something like this:

“WUServer”=http://srv_name:8530

“WUStatusServer”=http://srv_name:8530

If these entries are listed under that folder you should backup and then delete the “WindowsUpdate” folder:

  • Right-click on the folder and select “export” to save it.
  • Delete the “WindowsUpdate” folder from the registry at HKLMSoftwarePoliciesMicrosoftWindows.

Now, click Start > Run > type “services.msc”.

services

Navigate down to the Windows Update service and restart it.

serviceslist

You should now be able to perform updates on your server.

read more
Joel JohnsonWindows Server updates failing – Error 80072EFD

Session setup failed: NT_STATUS_INVALID_PARAMETER

When trying to link to a Windows Vista, 7 or 8 shared printer from Mac OS 10.6 or newer, you may find that the printer gives this error message. Essentially, SMB printing from CUPS (the Mac OS printing system) seems broken – it does not pass along the correct user name and password (even when entered manually).

The solution is quite long winded…

Firstly, ensure that the printer is shared on the Windows machine, with a share name with no spaces. (i.e. not “Canon IP 6700D”, but “CanonIP6”)

Then:

On the Windows PC

  1. Click Start
  2. Click Control Panel
  3. Select Programs and Features
  4. Click Turn Windows Features on or off
  5. Under Print and Document Services, tick the LPD Print Service
  6. Click OK

Ensure you have assigned a static IP to the print server (or have noted this down) as you will need this later.

On the Mac

  1. Click into System Preferences
  2. Click Print & Fax
  3. Click + in the bottom left of the window to add a printer
  4. Right click the tool bar (next to the Windows icon) and click customize
  5. Add the Advanced button to the toolbar
  6. Select Advanced
  7. In the Type field select LPD/LPR Host or Printer
  8. In the URL field enter lpd://x.x.x.x/PrinterShare (for example lpd://192.168.1.120/CanonIP6)
  9. We found that using lpd://ServeName/PrinterShareName does not work – you must use the the IP address of the print server. Use the IP address you noted earlier.
  10. Click the Add button
read more
DamianSession setup failed: NT_STATUS_INVALID_PARAMETER