ESX Server, NIC Teaming and VLAN Trunking

We finally bit the bullet and procured a Cisco Catalyst 3750g 24 port gigabit layer 3 switch in order to consolidate and upgrade the networking hardware.
After basic configuration of the switch including VLANs and DHCP server, I shut down all VMs and proceeded to move all the wirings over.
Once satisfied I tried to connect to the management network of both hosts with no success. After repeated efforts of cisco speak I finally resorted to the internet (from my Forefront Threat Management server!). The first hit was Scott’s article about ESX Server, NIC Teaming and VLAN Trunking.
My error was not setting the load-balancing algorithm after creating a port channel that was compatible between the two ports. The command in a nutshell:

Cat3750g(config)#int port-channel1
Cat3750g(config-if)#description ESX-01 NIC Team
Cat3750g(config-if)#int gi0/1
Cat3750g(config-if)#channel-group 1 mode on
Cat3750g(config-if)#int gi0/2
Cat3750g(config-if)#channel-group 1 mode on
Cat3750g(config)#show etherchannel load-balance (this revealed “Source MAC Address” instead of “src-dst-ip”)
Cat3750g(config)#port-channel load-balance src-dst-ip (to enable IP-based load balancing)

Ensuring that all the NIC teams on the ESX servers were set to “Route based on IP hash” and I was off to the races.
Thanks to Scott Lowe for the resolution!


Creating 'Send As' in Exchange 2010 / Outlook

After creating the universal distribution group in active directory with the wanted ‘Send As’ address, I could not get outlook to allow me to send the email impersonating the distribution list email address. Running the following in the Exchange Server Powershell did the trick:

Set-DistributionGroup -Identity “<distribution list name>” -GrantSendOnBehalfTo “<primary email mailbox>”

PITA! But I guess they have their reasons. Hopefully the next version will facilitate this option.


DFSR not replicating 'temporary files'

I had an error in my Weekly DFSR health reports indicating the following:

DFS Replication does not replicate certain files in the replicated folders listed above because they have temporary attribute set, or they are symbolic links . This problem is affecting at least 2 files in 1 replicated folders (up to 100 occurrences per replicated folder are reported). Event ID: 11004

After a little searching through Google, I found this article which basically said to run the following command in PowerShell which removes the temporary attribute on the indicated files:
Get-childitem D:Data -recurse | ForEach-Object -process {if (($_.attributes -band 0x100) -eq 0x100) {$_.attributes = ($_.attributes -band 0xFEFF)}}
If you don’t want it to work against subdirectories just remove the -recurse parameter.
Thanks Craig!


Migrating ESX 4.1U1 hosts to ESXi 4.1U1

Since vmware is now moving to ESXi exclusively, thereby dropping the CLI in the ESX version, I decided to jump on the bandwagon. Installing ESXi 4.1U1 on my two HP ML150 G6 hosts was easier said than done however. I don’t know if it’s compatibility, but both hosts would not take the ESXi 4.1U1 installer like how my little one won’t take her bottle!
Here are the steps in chronological order that I followed to eventually get ESXi 4.1U1 installed in my cluster.

  1. Download ESXi 4.1U1 image
  2. ‘Burn ISO’ to USB via UNetbootin
  3. Vmotion all machines off of target host and enter host into maintenance mode.
  4. Reboot host and select USB as boot device.
  5. ESXi installer proceeds up to before installation and then throws
  6. Installation operation failed!
    The installation operation has encountered a fatal error:
    Unable to find system image to install.  This is due to the image not being mounted correctly or the CD-ROM not being supported.

  7. Retried above steps with many different versions of ISO with same result.
  8. Switched SATA setting in BIOS from AHCI to IDE to RAID with same result.
  9. Finally found this link that suggested installing ESXi4.0 and upgrading to 4.1U1.
  10. Repeated steps 1 & 2 with ESXi4.0 image and sucessfully installed. Used VMWare Update Manager to Upgrade and Patch to latest build.

Phew! What a night!
And I totally forgot to implement jumbo frames!


Completely uninstalling Symantec Endpoint Protection the manual way!

What a nightmare this was!
Even worse considering I had to do this to my PRODUCTION EXCHANGE SERVER!
If you ever need to know How to manually uninstall Symantec Endpoint Protection client from Windows Vista, Windows 7, and Windows 2008 32-bit, this seems to have done it for me.
A lot of tedious key removal in one of the sections, so this little script saved me some carpel-tunnel syndrome!
Just for the sake of “longevity”, I paste a copy of the article below. I’m not sure if I should thank the authors considering it’s their software that I had to remove to begin with. 🙂

How to manually uninstall Symantec Endpoint Protection client from Windows Vista, Windows 7, and Windows 2008 32-bit
Article ID: TECH102286 | Created: 2007-01-02 | Updated: 2011-02-11
Technical Solution for Endpoint Protection Small Business Edition 11.0, Endpoint Protection 11.0
This document describes how to remove Symantec Endpoint Protection client from 32-bit versions of Windows Vista, Windows 7, and Windows 2008 manually.
Warning: These removal steps can disable other Symantec products that are installed on the computer. It is recommended that all Symantec products be uninstalled by using Add or Remove Programs before starting this process.
Log on as Administrator
Manual removal of Symantec Endpoint Protection must be done from the Administrator account. To enable the Administrator account, read the following document from the Microsoft Knowledge Base: Enable and Disable the Built-in Administrator Account.
When the Administrator account is enabled, log on to that account.
Stop Symantec Endpoint Protection
Click Start > Run.
Type msconfig
Click OK.
On the Startup tab, uncheck Symantec Security Technologies.
In the Services tab, uncheck the following (not all may be present):
Symantec Event Manager
Symantec Settings Manager
Symantec Management Client
Symantec Network Access Control
Symantec Endpoint Protection
Click OK, and then restart the computer.
After the computer starts up, an alert appears. Check the box and click OK.
Remove the Teefer2 driver
Click Start > Settings > Control Panel > Network Connections.
Click a connection.
In the dialog, click Properties.
Select Teefer2 Driver and click Uninstall.
You will need to repeat these steps for each Network Connection.
Restart the computer.
Remove Symantec Endpoint Protection from the registry
Run the Windows Installer Cleanup Utility to remove Symantec Endpoint Protection 11.0.
The Windows Installer Cleanup Utility can be found at the following URL: http://support.microsoft.com/default.aspx?scid=kb;en-us;290301
After removing Symantec endpoint Protection with the Windows Installer Cleanup Utility:
Symantec Endpoint Protection does not appear in Add/Remove Programs.
Symantec Endpoint Protection services are still present.
Symantec Endpoint Protection may still be operational.
Click Start > Run.
Type regedit and Click OK.
In the Windows registry editor, in the left pane, delete the following keys if they are present. If one is not present, proceed to the next one.
HKEY_CURRENT_USERSoftwareSymantecSymantec Endpoint Protection
HKEY_LOCAL_MACHINESOFTWARESymantecInstalledApps, SAVCE value only
HKEY_LOCAL_MACHINESOFTWARESymantecSymantec Endpoint Protection
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSymantec AntiVirus
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesEventlogApplicationSymantec AntiVirus
Navigate to the following key: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall
Select Uninstall.
Select Edit
Click Find.
Type symantec
Click Find Next.
A value appears in the right pane that includes the word Symantec, in a key that is still in HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall.
If the key that is selected is still in HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall, delete the key (in the left pane), and then repeat the search.
If the key that is selected is not in HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall, continue to the next step.
Remove any values with “Symantec” in the path from the following key:
Search for the following strings, and delete any registry keys that contain them:
Navigate to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components.
Under the following registry keys, delete the registry key 12AD9A2D657B7654F96A2EA43F3166B3:
Remove Symantec Endpoint Security files and folders
Restart the computer into Safe Mode. To enter Safe Mode on Windows Vista and Windows 7, read the Microsoft article Start your computer in safe mode.
In Safe Mode, log on as the Administrator account.
Delete the following files and folders. If a file or folder is not present, proceed to the next one.
C:Program FilesSymantecSymantec Endpoint Protection (Or the appropriate directory if you installed in a different one)
C:Program FilesSymantecLiveUpdate (Or the appropriate directory if you installed in a different one)
C:Program FilesSymantec (Or the appropriate directory if you installed in a different one)
C:Program FilesCommon FilesSymantec Shared
C:UsersAll UsersMicrosoftWindowsStart MenuProgramsSymantec Endpoint Protection
Delete the following driver files in C:WindowsSystem32drivers. In all cases delete the files with the extensions .sys, .cat, and .inf with the following prefixes:
Delete the following driver files in both C:WindowsSystem32 and C:WindowsSysWOW64:
Go to C:WindowsInstaller.
For each file in C:WindowsInstaller, right-click the file and select Properties.
On the Summary tab, check to see whether the file was created by Symantec. If it was, delete the file.
Repeat steps 6-9 for every file in the folder.
Remove the Teefer driver
Click Start > Search, type cmd, and press Ctrl Shift Enter to start a command prompt with Administrator privileges.
Type pnputil -e to list the Symantec drivers in the driver store.
Type pnputil -f -d oem.inf to remove Symantec drivers from driver store, where is a number corresponding to one of the Symantec drivers listed in the previous step.
Type exit to close the command prompt.
In the Windows registry editor, navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlClass{4D36E972-E325-11CE-BFC1-08002bE10318}.
Delete any keys that have a value of ComponentId that is set to symc_teefer2mp.
Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlDeviceClasses{ad498944-762f-11d0-8dcb-00c04fc3358c}.
Delete any sub keys that have a name containing SYMC_TEEFER2MP.
Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlDeviceClasses{cac88424-7515-4c03-82e6-71a87abac361}.
Delete any sub keys that have a name containing SYMC_TEEFER2MP.
Close the Windows Registry Editor.
In the Device Manager (devmgmt.msc), go to Network Adapters, and delete all entries with “teefer” in them.
Delete any network adapters to which teefer was attached.
This causes the adapters to be reinstalled. This step must be done in order for there to be network connectivity after you restart the computer.
Restart the computer into normal mode.
“Enable and Disable the Built-in Administrator Account” at:
“Start your computer in Safe Mode” at:
This document is available in the following languages:
Brazilian-Portuguese: http://www.symantec.com/business/support/index?page=content&id=TECH102286&locale=pt_BR
French: http://www.symantec.com/business/support/index?page=content&id=TECH102286&locale=fr_FR
German: http://www.symantec.com/business/support/index?page=content&id=TECH102286&locale=de_DE
Italian: http://www.symantec.com/business/support/index?page=content&id=TECH102286&locale=it_IT
Spanish: http://www.symantec.com/business/support/index?page=content&id=TECH102286&locale=es_ES
Legacy ID
Article URL http://www.symantec.com/docs/TECH102286


Advantages Of Buying Original Ink Cartridges

by: Kathryn Dawson
Since there is a need to cut on costs because of these turbulent financial times, there are a few ways that consumers refill ink cartridges. Through ink refilling kits that are do-it-yourself projects that consumers can do on their own; through purchasing compatible ink cartridges that are made by third party manufacturers which are compatible for particular brands like Canon ink or Lexmark ink cartridges; and re-manufactured printer cartridges which are recycled cartridges refilled with ink.
Surely, these are far cheaper than buying an original cartridge, not because original equipment is overpriced but because they have a few disadvantages to using them. For one, they are not manufactured with the same quality control and manufacturing process as an original cartridge. Since the quality will not be the same, think of the number of times you will have to (re)print, not only wasting ink but paper and time as well. You cannot be assured one hundred percent that the less than original cartridge will actually work once it gets to you. Imagine purchasing ten cartridges off the internet because of a really cheap sale but only five function when it gets to you. Yes, you can send them back for an exchange but think of the time wasted and the cost of return shipping. Be weary of cartridges sold at an unbelievably low price because these are cartridges that were drilled so they can be filled with ink. Many of these are half-filled or sometimes less. Not to mention the fact that if something goes wrong with your printer because you are not using an originally manufactured ink cartridge, you cannot expect the printer manufacturer to honor your warranty. This is one of the gravest things a consumer can do to a brand new printer. If you are really forced to buy these cheaper and less than stellar equipment, then please wait until the warranty is over before using them. You may be saving some money but not enough to actually purchase a brand new printer. In the long run you are not actually saving but spending more. The point is that these cartridges are not made to suit your printer perfectly so there is a big chance that it can in fact damage your equipment. Some studies have shown that forty percent of unoriginal ink cartridges cause problems with the printer.
On the other hand, purchasing originally manufactured ink cartridges might be a tad bit intimidating and overwhelming because of the steep price it comes with but in reality, you are actually saving money for the long haul. Here are a number of reasons why. These cartridges are really manufactured for the sole purpose of using it with the printer so you can expect stellar quality in printing without the hassle of reprinting, durability of your printer means you should encounter less problems if none at all and lastly, if ever something goes wrong with the printer, you can expect full accountability from the manufacturer as well as honouring the warranty. You can expect not to encounter instances of streaking, blurring, bleeding, curling and ugly blotches highlighting that you only need to print once and on one piece of paper. Compute these with the number of pages you can actually print only once versus the number of instances you will have to reprint for unoriginal equipment and you will immediately see how much you have saved. Do the math.
There may be only a few advantages to purchasing originally manufactured ink cartridges but one thing is certain. The cost on a new printer because of a damaged one plus hoards of reams of paper and unoriginal ink cartridges for reprints, printer jams, plus low class quality prints should be enough for you to do a double take on cost alone versus a onetime steep investment on all original equipment. You shell out on a printer once in two to three years, twice for Canon ink cartridges or Lexmark ink cartridges in a year. That is a lot of savings on cost already. Original equipment is manufactured for a purpose and that purpose is because they are built to last and are supposed to compliment the equipment they are really made for. These reasons alone should be enough to dispel the myth that unoriginal equipment are cost efficient.


WordPress, SSL and Forefront TMG 2010

After following Wordpress’ instructions for Administration over SSL I was stumped on why Firefox kept telling me “Firefox has detected that the server is redirecting the request for this address in a way that will never complete” and Internet Explorer would just crap out.
After many hours of of Googling, I finally found the solution by disabling link translation in my web publishing rules:

After clearing the checkbox, the HTTP to HTTPS redirection worked like a charm!


Importance of Cheap Web Hosting Services in the Third World

by: Dwslenin
Technological advancement in the world has seen most third world countries embrace modern ways of doing business. The use of internet has therefore penetrated almost every sphere of urban life in these countries, with a good percentage of people especially the youth, using the social networking sites to share ideas and communicate important messages on issues that affect their day-to-day lives. Most businesses in the third world countries are now using the internet to run their affairs.
This has been necessitated by the urge to remain competitive in the global market. The introduction of cheap web hosting services has therefore come at an opportune time. Cheap web hosting services have enabled the most businesses to have websites. This is a good development since even growing businesses with limited cash flow can afford to advertise their services in the web and reach their target audience globally. In this case, you will find that the rate of job creation in most third world countries will go up and are the people’s standards of living. Cheap web hosting services has seen the creation of many online businesses in the developing countries.
These businesses may be subsidiaries of companies that operate globally .In this case, there has been an extensive transfer of technology from developed countries to developing countries. Increase in the number of online businesses has led to the creation of both direct and indirect jobs. Most countries in the have very high unemployment rates and such new online businesses play an important role in fighting unemployment.
Since most third world countries are bedeviled with poor governance, most people are relying on social networking sites to fight the ills of the government of the day. Some courageous third world citizens have been able to have their own websites, where people are invited to share their views on various issues of importance, thanks to cheap web hosting service providers.