Had a workstation that would regularly lose connection with connected printers, so checked the Windows services. Found that the Print Spooler terminated and would repeatedly do so even when restarted. Checked the Event Logs and found that there were several instances of Event ID 7031 – Print Spooler Terminated Unexpectedly corresponding with the Services stopping.
Fix Print Spooler terminated via the registry:
Open regedit (e.g. click Start, type regedit and press Enter)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers
depending on your OS
Under this key, there will either be the keys Version-2 and Version-3 or both
The sub-keys under these contain the printer driver configuration information, so delete all the sub-keys under Version-2 and Version-3, but not these keys themselves
Restart the Print Spooler service and test printing
If your company is having issues with Print Spooler terminated events or needs help troubleshooting network printers, then contact us for assistance.
Found the amazingly easy to use Quickbooks Install Tool that fixed common installation errors after I ran into this issue with a client on two of their new workstations, same model, when trying to install Quickbooks 2014 Premier. The client had previously contacted Quickbooks for remote installation support but the technician was unable to fix it. I tried the installation from scratch using administrative credentials and got an:
Error 1904. Module “C:\Program files\Intuit\Quickbooks 2010\ICWrapper.dll” failed to register.
Which led me to the Quickbooks Support Forums that revealed a new tool in the Quickbooks support arsenal – the Quickbooks Install Tool. This handy tool does a repair of several key components for installing software, reboots the computer, and then restarts the installation before Windows finishes booting completely to avoid any conflicts. It works like a charm.
If your company is using Quickbooks for your accounting or customer database and need help getting Quickbooks Install Tool to fix your installation issues, then contact us for assistance.
This was one of the most exasperating things that I have worked on in some time. The client got a bonded ADSL PPPoE connection from CenturyLink with 40Mbps Up by 2Mbps Down. The PPPoE was to authenticate the connection to CenturyLink.
Reconfigure the Technicolor C2000T modem into Bridged Mode
Login to the modem and click on the “Wireless” button
Disable the wireless completely and click on the “Apply” button
Click on the “Advanced” button then click on the “DHCP Settings” along the left hand menu
Disable DHCP completely and click the “Apply” button
Click on the “WAN Settings” and change the ISP Protocol to “Transparent Bridging” then click on the “Apply” button
Reboot the modem and move on to configuring the Juniper router
Configure the Juniper SRX 210 for the Bonded ADSL PPPoE connection
Enter the following commands on the router CLI:
Set the underlaying interface encapsulation to be PPP-Over-Ethernet:
set interfaces ge-0/0/0 unit 0 encapsulation ppp-over-ether
Set PPP Options with Authentication method CHAP:
set interfaces pp0 unit 0 ppp-options chap default-chap-secret YOUR-PASSWORD
set interfaces pp0 unit 0 ppp-options chap local-name YOUR-USERNAME
set interfaces pp0 unit 0 ppp-options chap no-rfc2486
set interfaces pp0 unit 0 ppp-options chap passive
Set the PPPoE Options to the underlaying interface along with connection options:
set interfaces pp0 unit 0 pppoe-options underlying-interface ge-0/0/0.0
Set the the pp0 interface to automatically negotiate the IP address:
set interfaces pp0 unit 0 family inet negotiate-address
Set the security zone pp0.0 interface WAN (untrust):
set security zones security-zone WAN interfaces pp0.0
If you are experiencing any fragmentation issue, you may want to adjust the tcp-mss setting as below, this was the part that I left out and had random websites not connecting:
set security flow tcp-mss all-tcp mss 1300
If your company is using a Juniper JunOS router or CenturyLink Bonded ADSL PPPoE connection to the internet, then contact us for assistance.
A huge thanks to Joseph Moody from DeployHappiness for these wonderful guides on how to deploy DFS Folder Redirection in an organization using Distributed File Services as a methodology for file sync between sites. I made some modifications to the DFS Replication to use site link costing and fail back for the remote sites to avoid the multiple data target issues seen in his notes.
Since Microsoft is no longer making Small Business Server (SBS) as the complete package for the SMB client, it is time to migrate email to Office365 and put in a Windows Standard Server in its place. This will explain the details of how to demote Windows Small Business Server from the domain after email has been migrated, the new server should already be in place and it should be running the appropriate server service and Flexible Single Master Operation (FSMO) roles would already be migrated.
One Last Check
Open a Command Prompt
Type in – netdom query fsmo
Make sure that all roles are pointing to the new Domain Controller
Open Control Panel
Double Click on “Programs and Features” icon
Search the list and find the entry named something like “Microsoft Exchange Server…” right click on it and choose “Uninstall”
Click “Next >” button then uncheck all possible boxes then click “Next >” button
Once the prerequisites have cleared successfully, click “Uninstall” button
Finally click “Finish” button
Remove AD Certificate Services
Click Start button, click Administrative Tools, and then click Server Manager.
Click on Roles, then in the Roles Summary section, click Remove Roles.
In the Remove Roles Wizard, click “Next >” button
Clear the “Active Directory Certificate Services” check box, and then click “Next >” button
On the Confirm Removal Options page, review the information, and then click “Remove >” button
Demote Windows Small Business Server and Remove from Active Directory
On the Source Server, click Start button, click Run, type dcpromo, and then click “OK” button
Click “Next >” button twice. (WARNING: Do not select “Delete the domain because this server is the last domain controller in the domain.”)
In the Summary dialog box, you are told that Active Directory Domain Services (AD DS) will be removed from the computer and that the server will become a member of the domain. Click “Next >” button
Click “Finish” button and the Server will restart
After the Server restarts, it can then be removed from the domain into a workgroup and disconnected from the network.
To remove the Source Server from Active Directory Domain Services
On the new Domain Controller Server click Start button, click Administrative Tools, and then select Active Directory Users and Computers.
In the Active Directory Users and Computers navigation pane, expand the domain name, expand MyBusiness, expand Computers, and then expand SBSComputers.
Right-click the old Server name if it still exists in the list of servers, click Delete, and then click Yes.
Verify that the Source Server is not listed, and then close Active Directory Users and Computers.
To update the Software Updates Group Policy Object
On the Management Server, click Start, click Administrative Tools, and then click Group Policy Management.
On the User Account Control dialog box, click Continue.
In the Group Policy Management console, in the navigation pane, expand Forest:DomainName, expand Domains, expand DomainName, and then expand Group Policy Objects (GPO).
Click Update Services Server Computers Policy.
In the results pane, click the Scope tab.
In the Security Filtering section, click the object that begins with “S-1-5…” This is the old Server Security Identifier (SID).
Click Remove, and then click “OK” button
If your company is migrating to Office 365 and needs help to demote Windows Small Business Server, then contact us for assistance.
This has happened to me countless times in the field and it is time to write up the process on my own. Either the client has an older version of the DirSync tool installed or there is some sort of errors that require reinstalling Office 365 DirSync. Special thanks go to Joseph Turley for the original write up on which this is based.
Uninstall Old AADSync Tool
If the server is running an older version of AADSync then below is a list of applications that are to be removed:
Microsoft Azure AD Sync
Microsoft Online Services Sign-in Assistant [Restart is required]
Forefront Identity Manager Windows Azure Active Directory Connector
There should then be a reboot of the server to finish these uninstallations. Additionally, the Azure AD Sync Scheduler scheduled task needs to be removed from the Task Scheduler to complete the removal of AADSync. There are also several user accounts in Active Directory Users and Computers that will need to be removed either titled something like “AAD…” or “ADSync…” for the reinstall to work properly. Also need to remove the folders named something like “C: > Program Files > Microsoft Azure AD…” before attempting to start the new installer. There might also be some leftovers in the registry that need to be removed as follows:
If the server is running a more current version of DirSync then below is a list of applications that are to be removed:
Windows Azure Active Directory Sync Tool
Microsoft Online Services Sign-in Assistant [Restart is required]
Forefront Identity Manager Synchronization Service
There should then be a reboot of the server to finish these uninstallations. There are several user accounts in Active Directory Users and Computers that will need to be removed either titled something like “AAD…” or “ADSync…” or “FIMSync…” for the reinstall to work properly. Also need to remove the folders named something like “C: > Program Files > Windows Azure…” and the database files located in a folder named something like “C: > Program Files > Microsoft SQL Server > MSSQL**.MSONLINE > MSSQL > DATA > FIMSync…” before attempting to start the installer.
Reinstalling Office 365 DirSync Tool
Log into the customer’s Office365 portal as a global administrator.
Click on the Admin tile
Click on the Users item in the left pane to expand it then click on Active Users
At the top of the main pane next to “Active Directory synchronization:” click on Manage
Make sure the at Active Directory synchronization is activated
Download the Directory Sync tool by clicking on Download button
Double click the installer
Type in your Office365 global administrator credentials then click “Next >” button
Type in your domain administrator credentials then click “Next >” button
Ignore the page on Hybrid and click “Next >” button
Make sure the box next to Active Directory Password Sync is checked and then click “Next >” button
Click on Install then on Finish to complete the install
Another handy thing to do after the installation is complete is to make a shortcut on the desktop for the miisclient software that monitors the sync process. It is located at “c: > Program Files > Windows Azure Active Directory Sync > SYNCBUS > Synchronization Service > UIShell > miisclient.exe” (this also allows for manual syncs when needed).
If your company needs help reinstalling Office 365 DirSync or help setting up Active Directory Password Sync for single sign-on, then contact us for assistance.
There are often times that shortcuts are needed on all users or a specific subset of user’s desktops, which is where Group Policy Preferences Desktop Shortcuts come in. Here is how to create a simple internet shortcut for a particular website:
Create a Group Policy Preferences Desktop Internet Shortcut
Login as an administrator.
Go the the start screen and type “Server Manager”.
In the Tools menu select “Group Policy Management”
Find / Create the Organizational Unit (OU) in the domain containing the target computers
Right click on the OU and select “Create a GPO in this domain, and Link it here…” to create a policy and link in to that OU.
If Control Panel is in Category view, click the Switch to Classic View link on the left and then double-click the Mail control panel. If Control Panel is in Classic view, double-click the Mail control panel.
Click on the “E-mail Accounts…” button.
Select Microsoft Exchange (or whatever is was named). Click on the “Change…” button.
Click on the “More Settings…” button. Click the Connection tab.
In the Outlook Anywhere section, check the “Connect to Microsoft Exchange using HTTP” box.
Click on the “Exchange Proxy Settings…” button.
In the “Use this URL to connect to my proxy server for Exchange” box, type the external URL of the proxy server.
Make sure the “Connect using SSL only” box is checked.
Check the “Only connect to proxy servers that have this principal name in their certificate” box.
In the Principle name for proxy server box, type msstd:[external URL] where [external URL] is the external URL of the proxy server. Note: Be certain that entries from Step 9 and 12 are correct. Do not have a space before or after the entries. In Step 12, after msstd there is a colon ( : ). It is not a semicolon. The text should be in all lower-case as well.
Un-check the “On fast networks, connect using HTTP first, then connect using TCP/IP” box.
Check the “On slow networks, connect using HTTP first, then connect using TCP/IP” box.
At the bottom of the dialog box, in the Use this authentication when connecting to my proxy server for Exchange list, change the setting from NTLM Authentication to Basic Authentication instead.
Click OK. Click Apply. Click OK. Click Next. Click Finish. Note: If you get “stuck” at the above step and can’t go forward, you need to double-check the settings in the settings in the Exchange Proxy Settings dialog box.
Open Outlook. You will be prompted for a User name and password.
In the User name box, type: [domainname]\ where [domainname] is the internal domain name of the network and then username. (i.E. FHN\Administrator)
Enter the password for the account. Click OK. In some cases, you may be prompted for the password a second time, please enter it.
Outlook should open normally. You’re done.
If your company is using internal Microsoft Exchange servers and need help configuring Outlook Anywhere via RPC over HTTP, then contact us for assistance.
Click on Manage and choose “Add roles and Features”.
Click “Next >” (Check the box to skip this in the future)
Make sure “Role-based or feature-based installation” is selected then click “Next >”
Choose the appropriate server then click “Next >”
Make no changes to the “Roles” page then click “Next >”
On the “Features” page scroll down and check the box by “SMTP Server”
Click “Add Features” (required for SMTP Server) then click “Next >”
Click “Install” then wait for the install to finish then click “Close”.
Configure Windows Server 2012 SMTP Relay
Go the the start screen and type “Server Manager”.
In the Tools menu select “Internet Information Services (IIS) 6.0 Manager”
Expand the tree until [SMTP Virtual Server #1] is shown then right click and choose “Rename” (as appropriate)
Right click again and choose “Properties”.
Click on the “Access” tab then click the “Connection…” button
Select “All except the list below” then click “OK”
Click on the “Relay…” then select “All except the list below” then click “OK”
Click on the “Delivery” tab then click the “Outbound Security” button
Select “Basic Authentication” and type in the username and password of Office365 user – this can be different than what is used on the device as long as the alternate address on the device is an alias of this user.
Check “TLS encryption” then click “OK”
Click the “Outbound connections” button then change “TCP port” to 587 then click “OK”
Click the “Advanced” button then fill in the FQDN of the internal server (add custom DNS for future changes)
Fill in “Smart host” with SMTP.office365.com – the name of the Office365 SMTP server then click “OK” twice
Warning! You have an open relay now. Use this setup to check the email notification system. When you see it’s fully functional go back to the “Access” tab and narrow down the “Connection” settings to the necessary systems. When no other system needs to relay, just check “Only the list below” and grant “127.0.0.1” access.
Configure External DNS for SPF protection
Go to the domain registrar’s website to update DNS records. Edit / create a sender policy framework (SPF) record. In the entry, include the external IP address. The finished string looks similar to this, where 10.0.0.2 is your public IP address:
Skipping this step might cause email to be sent to recipients’ junk mail folders.
If your company is using Office 365 and needs an Office 365 SMTP relay setup for use by a network device like a multi-function printer, then contact us for assistance.
With the recent changes in the economic landscape, the majority of companies will need to take a look at their bottom line including the current technology investments and the future technology needs of each company. The following are several guidelines as to making the most out of current investments by properly maintaining and safeguarding the equipment already in place as well as when to consider upgrading or replacing equipment in order to achieve a greater return on investment (ROI).
Maintenance of Technology Investments
There are many schools of thought as to how often a computer should be maintained and to what extent. A general rule of thumb is those who use the computer more heavily will need to perform these steps more often to reap the benefits. This routine should include tasks such as temporary file cleaning, full system virus and spyware scans, checking for operating system and major program updates or patches, and physically cleaning the computers outside and dusting out the inside with compressed air. These steps will help the computer to run at its peak performance.
Safeguarding Technology Investments
Various steps can be taken to protect computers from unforeseen environmental problems and malicious attacks. Each computer should be protected by some sort of high quality surge protection or battery backup to help shield them from potential catastrophic damage from an electrical surge. If the computers are connected to a broadband internet connection then a quality firewall router is needed to help protect against hacker intrusion. Also with any internet connection a quality antivirus / antispyware will help keep such malicious software at bay. Finally and most importantly is to backup critical files and documents in case of an accidental deletion or worse a hardware failure. These steps are vital to insuring that what you have is safe and if something goes wrong you are not left wanting.
Upgrading / Replacing Technology Investments
There is an unpleasant reality that all mechanical devices, including computers, will one day start to break down and need repairs or replacements. The standard lifespan of a current computer is around three to five years based on use, at which time parts will need to be upgraded and replaced or new hardware should be acquired to avoid the possibility of unforeseen failure. This is also a good rule of thumb for software as most companies have taken the stance of no longer supporting versions that are within that same age bracket. These upgrades and replacements will insure that
you have the software features to keep your business streamlined and the hardware to make it run efficiently.
These are just the basics of how to make the most out of current technology investments with the specifics needing to be tailored to the individual companies needs. The hope is that with proper maintenance, technology will be more of a benefit then a burden and make business success an obtainable goal.
If your company is in need of network consulting or considering some Technology Investments, then contact us for assistance.