daknetworks.com

You are here: Blog

Running My Own Email Server

Running My Own Email Server

For the past 10 years, I've been running my own email server for a company of 750 accounts. It was built in my spare bedroom as a hobby and it intrigued my desire to learn. It worked very well and saved a ton of money, so I implemented it.

The Reasons

One of the reasons I did this was strictly control. I could easily control accounts, look into situations and make corrections if needed.

Another reason I did this was because of detailed information I could get by looking at the log files. Like above, I could easily look into the logs to see what's happening in real-time and didn't have to put up with cryptic or erroneous messages.

Another primary reason was speed. I could make changes via command line faster than most people could change channels on their TV. A simple command line and BAM!, the info I needed was there.

The last primary reason I did was because I trusted myself rather than someone else. I knew that as long as the hardware was working correctly, the Centos email-server would be the energizer bunny of the rack.

The Downfall

The downfall of all of this is actually running it. And everything that comes with it. The technical aspect was the easy part. As I said, most Centos systems are rock solid stable. The tough part is the people. When email doesn't go through, they automatically think that there is something wrong with the system. Especially when business is on the line. It's easier to blame the system rather than themselves. Never do they think or admit that they could have made a mistake.

The reality is much different. If this 10 year project has taught me anything it's that people make a massive amount of mistakes. Massive. Let me say it again: MASSIVE!

The Human Factor

Telling people that the email didn't go through because they spelled the email address incorrectly was nearly a daily occurrence. It went like this... They spelled the name incorrectly. They received a bounce message. They assumed that something is wrong with the email server. They complained to me. Never once did they actually look at the bounce message and read what it said.

>> NO USER BY THAT NAME

"Oh, I must have spelled the email address incorrectly. Let me try again and spell it correctly." Were never words that anyone said. It was always, "I need this email to go through!!! There is something wrong with the system!!! How can we operate like this!!!"

When you tell them the email address incorrect, they call you a smart-@$$ and grumble as they walk away. Really I have better things to do than spend my adult years telling other adults that they can't spell.

Spam

Then comes the big issue: SPAM. I've nearly devoted my life to rid my accounts of spam. It's been a back and forth battle. There were some days that I thought I would simply pull the plug and quit. But I stuck in there and eventually an updated RPM would come through fixing the problem for awhile until the process started again.

In recent years, the server has sometimes nearly choked on itself fighting the contents of messages but it kept pushing through.

Blacklisting

While blocking other blacklisted servers is a good idea in my mind it is obviously not good for the people trying to get messages. In my mind, the complaints sounded like this, "My friend has a GoDaddy account that she bought the other night for a dollar and the account is on a server that sending out millions of spam messages advertising pharmaceuticals. It's obviously black-listed for very good reason as most, if not all, blacklisted servers are but I need her messages to come through. Can you fix it?"

So I'm supposed to adjust my system because theirs is obviously broken.

Example

Here's the progression of an actual complaint taken verbatim:

THEM: "I've had repeated complaints of emails getting denied, kicked back or undeliverable when people use my [removed].com address. Am about to lose a new listing because of... What's the problem!?"

ME: "They are on a blacklist. We don't receive email from blacklisted servers."

THEM: "I contacted my friend. Here is what he said..."

"Your email server uses a German blacklist database provider that looks to be shady at best. The IP address [blah, blah, blah] is owned by Network Solutions who hosts one of the largest email systems. Any reputable black list service would contact Network Solutions directly before blacklisting one of their email servers seeing how blacklisting a Network Solution server would cause a great deal of email to be 'bounced' or undelivered to your system. I recommend removing this black list from your mail server immediately. I would also recommend using an ironport or some other reputable SPAM filtering hardware over a hosted database look up. If you do decide to use a hosted service to reduce SPAM, definitely choose a more reputable company than UCEPROTECT...."

ME: "The server is on more than 5 different blacklists. They can't all be wrong. There is obviously an issue with the other server."

THEM: "...the email addresses [sic] are famous for being undependable. (Just ask [removed] from [removed company], [removed], [removed] and more)... Many [removed] agents use their own email addresses due to the poor workings of [removed] addresses."

ME: "Their email is hosted on Unified Layer. One of Unified Layer's servers was behaving badly. Consequently, that server was put on an external BLACKLIST that we utilize. This blocked all email from that particular server. Unified Layer has full time staff to handle issues like this and they fixed the issue rather quickly so everything should be ok. It is a common issue with Unified Layer just search on google here: https://www.google.com/search?q=unified+layer+blacklist"

THEM: "Our regular [removed] emails are not all coming in. I did not receive multiple emails from [removed] a couple days ago, and apparently our new client (who is about to list a $1m+ with us) is being rejected. Please fix asap, as he is very techy [sic] and if we are not receiving his emails..."

ME: "He's so techy [sic] that he's using Unified Layer as his email. Not a good sign. They are black listed again. Look at the 17 million results when you search for it via google."

THEM: "If [removed], [removed], [removed] and I (repeatedly)are all kicked back from [removed]- we have a problem. I know other agents have addressed this same concern - answer always comes back that it is not [removed]'s issue. Yet our ability to receive necessary email continues to be compromised. More than likely, this very message will be kicked back. This is beyond frustrating - has been going on for 2+ years now with no success in remedying this crippling situation. It is not just 1 or 1 isolated incidents. Too many senders are being rejected."

ME: "Thanks for contacting me. You can help me by contacting me if you have a particular issue. You need to let me know what the issue is and what bounce message is. In other words, if someone sends you a message and they receive a bounce message, find out what the bounce is and send it to me. I'll be glad to look at it and point out where the issue is and make adjustments if necessary.

Can I make adjustments on technical information that is never sent to me? No I can't. Which is why I ask for your help.

They don't all get kicked back. Unified had a problem with one of their servers. They fixed it as they should. You can see from the info below that Barracuda agrees that this is an issue outside of [removed].

Nobody has sent me any bounce messages from [removed] but [removed] and I email each other on a regular basis. In fact we traded emails over the weekend.

Nobody has sent me any messages from [removed].

Concerning your email, you might have sent a message in the past but not recently. Again, if you are receiving a bounce message, let me know what it is."

Boring

The above is boring. That is my point. It's boring and pointless. They are trying to convince me that something is wrong on my end. I am trying to convince them to use a good email service like gmail so something similar that costs less than $5 per month.

The Switch

Today, I put an end to all of it. I switched over to a cloud service. It came down to Gmail or Microsoft Hosted Exchange. I chose Hosted Exchange because I don't like where Gmail is headed with the funny and ultimately too small compose message box on their web site. Yes, that is really why I did't choose them.

The total project is going to cost 50K per year or 500K of the same period I was doing it for free.

The biggest relief is that I don't have to do it anymore. If something is wrong, it's their fault. Do you think I will still get complaints?

Connect Powershell to Office365

Connect Powershell to Office365


If you need to connect to the EXCHANGE part of Office 365:

Start POWERSHELL (as administrator)

Then you run these commands:

  • Set-ExecutionPolicy RemoteSigned
  • net start winrm
  • winrm get winrm/config/client/auth
  • $LiveCred = Get-Credential
    (Then type in your This e-mail address is being protected from spambots. You need JavaScript enabled to view it & password.)
  • $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
  • Import-PSSession $Session

I saved the above 5 commands in a TXT document and put it here:
C:\Documents and Settings\[username]\My Documents\WindowsPowerShell

I renamed the file to:
Microsoft.PowerShell_profile.ps1

If you need to connect to the Active Directory part of Office 365:

  • Import-Module MSOnline
  • $MyCredential = Get-Credential
  • $O365Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $MyCredential -Authentication Basic -AllowRedirection
  • Import-PSSession $O365Session -AllowClobber
  • Connect-MsolService -Credential $MyCredential

Powershell Useful Commands

Powershell Useful Commands

This is my Powershell Useful Commands. They are commands that I want to use but can't remember their silly non-sensical syntax. I'll update it as I see fit. This is for me. If you can use it, great.

LOOK AT USER ACCOUNT EVERYTHING:
1.Get-Mailbox USERACCOUNT | Select *
LOOK AT USER ACCOUNT SELECTED PROPERTIES:
1.Get-Mailbox USERACCOUNT | Select prop1, prop2, etc
GET USER FORWARD EMAIL ACCOUNT
1.Get-Mailbox USERACCOUNT | FL *forward*
2.Get-Mailbox USERACCOUNT | Select Name, PrimarySMTPAddress, ForwardingAddress, ForwardingSMTPAddress, DeliverToMailboxAndForward

NOTE: There are two properties that are very similar ForwardingAddress & ForwardingSMTPAddress.

Here is the difference:
ForwardingAddress: This is to forward to another account within the same domain.
ForwardingSMTPAddress: This is to forward to an external account.

SET FORWARDING TO EXTERNAL EMAIL ADDRESS
1.Set-Mailbox USERNAME -DeliverToMailboxAndForward $true -ForwardingSMTPAddress forwarding-email-address.tld
DELETE FORWARDING TO EXTERNAL EMAIL ADDRESS
1.Set-Mailbox USERNAME -DeliverToMailboxAndForward $false -ForwardingSMTPAddress $Null
SET USER PSEUDONYM
1.Set-Mailbox USERACCOUNT -EmailAddresses foouser1-AT-domain.tld, foouser2-AT-domain.tld
2.<h5>FIND ALL USERS WITH FORWARDING ADDRESS IS SET TO EXTERNAL EMAIL ADDRESS</h5>
3.<h5>{code}Get-Mailbox | Where {$_.ForwardingsmtpAddress -ne $null} | Select Name, ForwardingAddress,ForwardingsmtpAddress, DeliverToMailboxAndForward
FIND ALL USERS IN A GROUP
1.Get-DistributionGroupMember GROUP-NAME-at-DOMAIN.TLD
FIND ALL INFO ABOUT A GROUP
1.Get-DistributionGroup GROUP-NAME-at-DOMAIN.TLD|FL
ADD USER TO A GROUP
1.Add-DistributionGroupMember -Identity GROUP-NAME-at-DOMAIN.TLD -Member USERNAME -BypassSecurityGroupManagerCheck"
REMOVE USER FROM A GROUP
1.Remove-DistributionGroupMember -Identity GROUP-NAME-at-DOMAIN.TLD -Member USERNAME -BypassSecurityGroupManagerCheck

By default only internal-accounts can email groups. To set a group to accept Senders outside of organization:

SET A GROUP TO ACCEPT SENDERS OUTSIDE OF THE ORGANIZATION
1.Set-DistributionGroup -Identity GROUP-NAME-at-DOMAIN.TLD -RequireSenderAuthenticationEnabled $False

WINDOWS AZURE AD MODULE

I don't know how to explain this. But here it goes... The following are commands that affect the USERACCOUNT at a root level. Because of this, REGULAR POWERSHELL (and all it's dependencies) can't run the commands. You have to get a SUPER POWERSHELL.

They call it the WINDOWS AZURE AD MODULE. It will only run on WINDOWS-7 & WINDOWS-8 and it requires something called ONLINE SERVICES SIGN IN ASSISTANT. Even though it is called a MODULE which maybe should just upgrade your current POWERSHELL, the truth is that it's another POWERSHELL (Trust me, nothing in Microsoft world makes sense).

DOWNLOAD WINDOWS AZURE AD MODULE

So, AS ADMINISTRATOR, you have to use this AD MODULE rather than POWERSHELL to make changes.

CONNECT WINDOWS AZURE AD MODULE TO OFFICE365
1.right-click WINDOWS AZURE AD MODULE click RUN AS ADMINISTRATOR type: $msolcred = get-credential type: connect-msolservice -credential $msolcred
SET USERNAME TO NOT REQUIRE STRONG PASSWORD
1.Set-MsolUser -UserPrincipalName jsmith-at-company.com -StrongPasswordRequired $false
HARD SET THE USERNAME PASSWORD AND DON'T REQUIRE A CHANGE
1.Set-MsolUserPassword -UserPrincipalName jsmith-at-company.com -NewPassword new-password-here -ForceChangePassword $false
DELETE USERNAME
1.Remove-MsolUser –UserPrincipalName USERNAME-at-DOMAIN.TLD
ADD USERNAME
1.New-MsolUser -DisplayName "testuser" –UserPrincipalName testuser-AT-yourdomain.com –UsageLocation "US" | Set-MsolUserLicense -AddLicenses "tenantname:ENTERPRISEPACK"

OTHER COMMON COMMANDS

ls: lists contents of directory.

cat: read contents of text file.

Select-String: the MS version of grep.

DDWRT Kong Build Updates

I periodically check for newer hardware and firmware builds when it comes to routers. I am more interested in stability than performance but of course would like to have both.

In my last update, I was using:
Asus RT-N16 + r18050

In this check, I'm still sticking with Asus RT-N16. They are plentiful and affordable. New routers are available but they are 100% higher in costs and I don't think are worth the trade-off yet.

Stable More Affordable Version

The only change at this time is to move to the latest K26 r22200 build here:
Asus RT-N16 + http://www.desipro.de/ddwrt/K26/r22200

I was looking into the K3.x builds for the RT-N16 but it seems a rather complex process.

Stable Upgraded Bleeding Edge Version

Since I'd rather wait till hardware changes and the process is a little more straight forward, the next step up seems to be:
Asus AC-RT66U + http://www.desipro.de/ddwrt/K3-AC/22715

DDWRT Kong Build Updates

I periodically check for newer hardware and firmware builds when it comes to routers. I am more interested in stability than performance but of course would like to have both.

In my last update, I was using:
Asus RT-N16 + r18050

In this check, I'm still sticking with Asus RT-N16. They are plentiful and affordable. New routers are available but they are 100% higher in costs and I don't think are worth the trade-off yet.

Stable More Affordable Version

The only change at this time is to move to the latest K26 r22200 build here:
Asus RT-N16 + http://www.desipro.de/ddwrt/K26/r22200/

I was looking into the K3.x builds for the RT-N16 but it seems a rather complex process.

Stable Upgraded Bleeding Edge Version

Since I'd rather wait till hardware changes and the process is a little more straight forward, the next step up seems to be:
Asus AC-RT66U + http://www.desipro.de/ddwrt/K3-AC/22715/

The Option of Options

The Option of Options

Leaders are gatekeeps. They decide what a group of people will have and what they won't have. In the same way an editor of a newspaper decides what stories people will read and what stories will never make the frontpage, leaders eventually have to decide what to offer as well.

One of the most powerful principles a leader will come across is the option of options. What do good leaders give as an option to another group? Do you give the as many as possible? After all, that seems to be what people want.

The truth is that while people want options to be able to choose, they don't want too many options. If you give a person too many options, their brain goes into overload and quits the decision making process altogether to find another way to proceed.

A good example of this is CostCo. You might have been to CostCo before. The huge warehouse superstore that does nearly everything by bulk. I actually stretch before I go in and I heard a rumor that it will be added to the next Summer Olympics. Just kidding.

One of the most common complaints about CostCo is the lack of choice. Do you know what CostCo thinks? Perfect. That's exactly what they want. They want options but very few of them. Options are good but too many options and it hinders the decision making process.

The brain can handle about 6 options easily. Any more than that and it starts to give up.

This was one of the brilliance of Steve Jobs. One of the best actions he took when he was reintroduced to Apple in the early 2000's was to limit the product line. Forget about having all sorts of options that competitors were offering. Boil the product line down to the most basic of items. Keep the options so simple that a non-working wife of a well-to-do husband could understand and make the decision on her own. He limited it down to the:

  • iMac (home computer use)
  • Mac Pro (professional computer use)
  • iBook (home laptop use)
  • Mac Book Pro (professional laptop use)

What could be easier? Each option is clear. Each option is distinct. Each option is easily understood by the target market. Diving deeper into each one of these simple options will reveal that there are further options to upgrade but those options come later and are re-presented at another stage.

What's funny is how quickly a company can change when the leader is vacated. In such a short time, Apple has lost it's focus that was so easily identifiable a few years ago.

This week they will release 2 new iPhones, the 5s and the 5c. Our target market can't tell the difference between the two. There's no clear difference. There's no easily identifiable differentiators. It can't be easily understood. Do you think both will be a success? Or do you think that one will succeed and one will fall flat on it's face? Or maybe both will be doomed? I guess we will find out.

Now to you leader. Will you offer options? You will offer many and confuse? Or will you be helpful. Offer no more than 6 options. Make each one clear and easily identifiable. Don't confuse. Clarify.

Paying for a SMTP Relay

Paying for a SMTP Relay

I manage a server that handles email for a medium sized company. It processes about 1,000 messages per hour or 24,000 per day. The box sits inside the office humming away for about 10 years.

Then one day, for some reason, executable content comes through the email service which isn't picked up by ClamAV. Then, for some reason, a user opens an email that's obvious-to-me-but-not-to-them that they shouldn't open. Then, for some reason, my choice of antivirus at the time (Panda Cloud) does nothing and... poof. Cutwail virus city. This thing starts sending out spam by the thousands every minute and the IP address is quickly put on blacklists all across the world.

Great.

If you are given a map and dropped into nowhere, you can usually find your way around pretty quickly. If you're dropped in the middle of nowhere, it takes longer to find your way out.

I discover they're on a blacklist pretty quickly. Through blacklist diagnostics, I can see that a cutwail virus is on the network. I wait till the end of day and start to scrub client pc's and think "I'm too old of this stuff."

I find a client pc, disinfect it with Microsoft Saftey Scanner and feel good. I put in for delisting and wake up the next day to find they were re-listed for the same reason.

I missed a client pc behind a closed door. Executives. The reason the world spins slowly.

Finally getting physical access by persuasion that there's an obvious problem, I disinfect the second client pc as well. Feeling really good, I put in for another delisting. The next morning they stay that way.

Good.

The next few days were spent delisting from any blacklist or RBL at MXToolBox.

Now here's the problem, despite delisting, the IP address is on-radar at larger outfits like Yahoo & AOL who run their own internal spam metrics. Because of poor stats, the server is still getting blocked.

To ease this, I switch over to the ISP smtp server which is used to work fine for quite a long time: smtp.fdn.com. That doesn't work. They were bought out. So I use the newer smtp server: smtp.nuvox.net. That doesn't work. They were bought out by Windstream. I don't know the smtp server for them.

I call support knowing that large customers get to talk to knowledgeable people in a few minutes. Obtaining that Windstream's smtp server is: mailhost.windstream.com, I start using that.

Everything is going good.

A few hours pass.

Rrrrrriiiiiinnnnggg!!!! Rrrrrrriiiiinnnngggg!!! Rrrrrriiiinnnnnngggg!!!

"I'm not getting email!"

I look in the logs: "Too many recipients in the past hour."

So Windstream has an hourly limit on sending. This used to not be so. Normally it isn't a problem but when blast company wide messages go out, the server spikes above that level.

I switch back to the internal smtp.

Everything is going good.

A few hours pass.

Rrrrrriiiiiinnnnggg!!!! Rrrrrrriiiiinnnngggg!!! Rrrrrriiiinnnnnngggg!!!

"I'm not gettting email!"

I look in the logs: "(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.htm"

So AOL has dynamically blocked the IP address because it went too high on the stats.

I switch back to the Windstream smtp.

My only problem is AOL. If they would remove the DYN:T1 block, my life would be normal again.

I switched back and forth between the internal smtp and the Windstream smtp for the next several days hoping the block would be removed.

After getting enough complaints because of too much delay, I realize I'm too old for this and my hobby projects in my 20's which are now production projects in my 30's probably need to be shutdown. I just can't take it.

I look for outside help.

I remember hearing about Amazon smtp services or simple email service (SES). It's part of their Amazon Web Services (AWS) or their cloud services.

I sign up feeling like they are a good partner.

Their documentation takes a few reads because of the whole credentials aspect. They have a set of credentials for accessing the service but they have a different set for accessing SMTP. This set is created automatically.

Their documentation is also confusing about SSL/TLS on port 465 but I test it out over the next few days and get it working in my test. Here's what I used

SMTPSmartHost=email-smtp.us-east-1.amazonaws.com

smtp-auth-proxy=service
Debug=disabled
Passwd=not-posted-in-plain-text
PeerPort=465
Userid=AKIAILKTFOYH47NR5MEA
status=enabled

Unfortunately, the service won't work for forwarding accounts. In other words, if I receive emails on behalf of someone and forward them onto their private email address at for example, AOL, it bounces with a message about the sending domain being invalid.

Back to the drawling board.

You would think that an SMTP service for large volume would be easy to find and obtain. Well, it's easy to find enough. Like most, I go to google and type "smtp services."

Cutting out the details, here's the services that make my short list:

  • MandrillApp
  • Ongage
  • Critsend
  • Mailgun
  • MailJet
  • SendGrid
  • Dyn

I moved on to the next service on the list, MandrillApp. Super easy. Create an account and the credentials are right there, easy to understand and ready to be used.

  • Host smtp.mandrillapp.com
  • Port 587
  • SMTP Username This e-mail address is being protected from spambots. You need JavaScript enabled to view it
  • SMTP Password any valid API key

I turn them on over the weekend and montior it. Everything is great. It even has detail stats on the sending such as percentages and graphs that make you feel good. The problem becomes, you lose control.

Managing my own server, I can watch the outgoiong process in real time. If the receiving server gives a message, I can see it. When you outsource this to another company, you don't get to see anything. You have no idea what is happening. All you know is that there is a problem.

Over the next few days, I deal with issues such as mail stuck in the queue with no way to send it, message sending limits being lowered to 29 messages per hour with no way to lift them and rejected messages with no reason why. Messages aren't getting through.

No one can run a business without messages getting through.

I contact their support through email and wait about 24 hours for a response each time. The responses are all the same, they sound great but in the end the service is automatic and their's nothing they can/will do.

So I ask the ultimate question, "What's the point of having a sending service that doesn't help you send?" I didn't pay them to be critics on what I was sending, I pay them to send, period. If they are not going to help me do that then we are not a good fit.

I change the sending back to local server. I move on.

I cannot have another experience like the failed MandrillApp trial run. Being afraid, I breeze over Ongage, CritSend, MailGun and MailJet. They all seem to be similar. Built for developers so that a product can automatically send messages to their clients.

They really aren't services that help send messages on a day to day basis. Most of their documentation starts talking about send limits and unsubscribes.

I decide using the local service is the best option just like that past 10 years. I made some changes to limit the number of messages that can be sent per second and I dish sending off to the ISP smtp server. It seems to be working OK with only a few hiccups.

AOL has seemed to stop blocking with these low limits and the passing of 30 days time from the original incident. My only issue is some Yahoo servers are still blocking. Not all. Only some. Arrrrgggghhh. I'll deal with it.

I'll have to work on the IP reputation in the near future by turning on SPF, DKIM, and DMARC. Believe it or not, I turn towards friends and I have one who runs scanmailx.com. I'll test the service out but know that the developers are some of best around.

Walk Through: Clone Hard Drive with Bad Blocks By Using ddrescue

Walk Through: Clone Hard Drive with Bad Blocks By Using ddrescue

OK, here it is again in simple terms. You can't fix bad blocks. Once it happens, it grows. If you see bad blocks anywhere, replace the HD as soon as possible.

The best way to make this happen is by cloning the disk. Here's how:

This process ignores filesystems so it will work on Windows (NTFS) and Linux (ext2, ext3). I haven't tried other filesystems but can imagine it would work fine as well. Although on Mac's I use Carbon Copy Cloner (CCC).

  • -shutdown the computer that needs fixing.
  • -buy a disk the exact same size (or larger) as the disk that has bad blocks on it.
  • -physically install the HD in the computer.
  • -download SYSRESCUE CD here:
  • -make a bootable SYSRESCUE CD.
  • -boot off of the SYSRESCUE CD.
  • -accpect the defaults as it boots.
  • -you are at a black command prompt.
  • -find which HD is in which position.
1.sfdisk -luS /dev/sda /dev/sdb

-typically the sda will have a partition table & sdb will have nothing and you'll get "no partitions found".

-Great. Wonderful.

-Now let's clone the disk by rescuing a whole disc with all partitions in /dev/hda to /dev/hdb.

Note: you do not need to partition the new disk /dev/hdb beforehand, but if the partition table on /dev/hda is damaged, you'll need to recreate it somehow on /dev/hdb.

1.ddrescue -f -n /dev/sda /dev/sdb rescue.log

If the system is really important, then do it a second time with the following options. This pass will be slower but more thorough.

1.ddrescue -d -f -r3 /dev/sda /dev/sdb rescue.log

Now let's shutdown.

Remove sda (the old drive).

Now reboot.

Boot fine! It recognizes the new cloned drive as sda.

Shutdown.

Reposition the drive sda to the first slot for sanity's sake.

Macbook Pro Slow After 10.8 Upgrade

Macbook Pro Slow After 10.8 Upgrade

Macbook Pro slow after 10.8 update. Many are having the same issue. I threw in the towel and purchased another after market hard drive from macsales.com. They promise it will work with some custom firmware they have on it. The hard drive I purchase is located here:

http://eshop.macsales.com/item/HGST/0J22423S2/

With a fresh 1TB hard drive that's verified to work and original CD's in hand, I went onto install Mac OS X 10.6 with a fresh install rather than cloning this time. It wouldn't install... See above.

Macbook Pro Won't Install

Macbook Pro Won't Install

Macbook Pro won't install OS X with an error message "Installation failed, Mac OS X could not be installed on your computer..." I don't know why. I don't really care. I just want it to work.

  • restart the install from the disk.
  • select OPTIONS.
  • uncheck everything except the BASE SYSTEM (I think that's what it's called).
  • it should install this time.

One thing is for sure, Apple is not the promise land... it's just a new set of problems.

Macbook Pro Slow During OS X Install

Macbook Pro Slow During OS X Install

Macbook Pro is slow and taking forever (say about 15 minutes) with no progress update or the little sounds that make me feel like something's happening. You can see the install logs by clicking:

  • window.
  • installer log.

Select to SHOW ALL LOGS. This way I know what's happening. That makes me feel better. Or just be patient and let it go through. It's actually doing something.

Macbook Pro Pinwheel of Death During 10.8 Upgrade

Macbook Pro Pinwheel of Death During 10.8 Upgrade

What a disaster... If you see the pinwheel of death, aka the beachball of death, aka spinning ball, let it go for about 10 minutes. Still happeing? Hard shutdown by holding the power button for 5 seconds or so. It will shutdown. Press again to start up the Macbook Pro. The upgrade process should begin automatically.

Can't Print to Bizhub C360 From Mac OSX

Can't Print to Bizhub C360 From Mac OSX

DEFAULT USERNAME & PASSWORD:

USER: admin
PASS: 12345678

INSTRUCTIONS

  • -download drivers from the bizhub website
  • -add printer as normal using those drivers (not generic)
  • -print something
  • -click SHOW DETAILS (in print dialog box) (or you might have to click USE SYSTEM DIALOG)
  • (Basically we are trying to get to the part where we have many options.)
  • -change to OUTPUT METHOD
  • -checkmark USER AUTHENTICATION
  • -bullet PUBLIC
  • -click SAVE SETTINGS > OK
  • -click SAVE AS DEFAULT SETTINGS

In some cases, I've had to use ACCOUNT TRACKING (rather than USER AUTHENTICATION). For this, a USER must be setup on the Bizhub C360 under ACCOUNT TRACKING. The USER must have a NAME & PASSWORD.

On the Mac OSX side

  • -print something
  • -click SHOW DETAILS (in print dialog box) (or you might have to click USE SYSTEM DIALOG)
  • (Basically we are trying to get to the part where we have many options.)
  • -change to OUTPUT METHOD
  • -checkmark ACCOUT TRACKING
  • -type in ACCOUNT & PASSWORD
  • -click SAVE SETTINGS > OK
  • -click SAVE AS DEFAULT SETTINGS

The Specified Domain Either Does Not Exist or Could Not Be Contacted

The Specified Domain Either Does Not Exist or Could Not Be Contacted

When you try to add a computer (XP, SERVER 2003, WIN7, etc) to a domain, you get: "The Specified Domain Either Does Not Exist or Could Not Be Contacted"

If I know that the domain does exist, check to make sure the computer you are working on has the right network settings. You may have to release and renew the IP address. Usually, the DNS is incorrect. If it still doesn't work, set the WINS server as well.

unrecoverable I/O read error for block 976557696

unrecoverable I/O read error for block 976557696

unrecoverable I/O read error for block 976557696

TLDR; (SHORT VERSION)

I'm going to walk you through this one. It happened during a raid recovery. SDA is in the system and I'm trying to add a new SDB. I hate posting logs but it looks like this:

01.Dec 24 15:38:10 server kernel: sd 0:0:0:0: SCSI error: return code = 0x08000002
02.Dec 24 15:38:10 server kernel: Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE,SUGGEST_OK
03.Dec 24 15:38:10 server kernel: sda: Current [descriptor]: sense key: Medium Error
04.Dec 24 15:38:10 server kernel:     Add. Sense: Unrecovered read error - auto reallocate failed
05.Dec 24 15:38:10 server kernel:
06.Dec 24 15:38:10 server kernel: Descriptor sense data with sense descriptors (in hex):
07.Dec 24 15:38:10 server kernel:         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00
08.Dec 24 15:38:10 server kernel:         3a 38 46 23
09.Dec 24 15:38:10 server kernel: raid1: sda: unrecoverable I/O read error for block 976557696
10.Dec 24 15:38:10 server kernel: ata1: EH complete

It can't resync the raid because there's a read error on the only remaining disk, sda. I wish it would just skip over it because the value of having a working raid is more important than the value of having a bit of information that is probably not that important anyway. I think it's a bug in the mdadm package that's fixed in current versions but I'm stuck with what I have.

To fix, in short, clone the disk and move on with life. Here's howto:

================================================
Use ddrescue to clone disk. It's a tool on a boot cd found here:
http://www.sysresccd.org

So download the disk image and burn it.
Boot to system rescue cd with defaults.
The raid starts to rebuild automatically, so we will have to stop it. First, fail and remove sdb1:

1.mdadm -f /dev/md1 /dev/sdb1
2.mdadm -r /dev/md1 /dev/sdb1

Now, fail and remove sdb2:

1.mdadm -f /dev/md2 /dev/sdb2
2.mdadm -r /dev/md2 /dev/sdb2

Now let's clone the disk:

1.ddrescue -f -n /dev/sda /dev/sdb rescue.log
2.ddrescue -d -f -r3 /dev/sda /dev/sdb rescue.log

Now let's shutdown.

Remove sda. Now reboot.

Boot fine! It recognizes the new cloned drive as sda.

Shutdown:

1.signal-event halt

Reposition the drive sda to the first slot for sanity's sake.
Place new hd into the second slot.
reboot.

01.console
02.manage disk array redundancy.
03.add sdb into array.
04.wait for resync.
05.# cat /proc/mdstat
06.Personalities : [raid1]
07.md1 : active raid1 sdb1[1] sda1[0]
08. 104320 blocks [2/2] [UU]
09.md2 : active raid1 sdb2[1] sda2[0]
10. 488279552 blocks [2/2] [UU]

resync's fine!!!

LONG VERSION

Here's the long version with all of my notes. It's the perfect example of a sysadmin's downward spiral into the 5th circle of hell.  It may or may not make sense.

The error return code is below. I had to look it up. Basically it says there's no error.
==============================================
0x08000002
DRIVER | HOST | MESSAGE | CONDITION
08 | 00 | 00 | 02
cat /usr/src/kernels/2.6.18-308.16.1.el5PAE-i686/include/scsi/scsi.h
DRIVER SOFT | NO ERROR | COMMAND COMPLETE | SAM_STAT_CHECK_CONDITION

Here's the real issue. It's a read error on the live disk.
==============================================
raid1: sda: unrecoverable I/O read error for block 976557696

This link explains it better than I do:
http://www.sjvs.nl/?p=12

In theory, this would work. First check the read of the sector:
==============================================
$ hdparm –read-sector 976766499 /dev/sda: Input/Output error

Then write to the sector:
==============================================
hdparm –write-sector 976766499 /dev/sda
hdparm –write-sector 976766499 –yes-i-know-what-i-am-doing /dev/sda

But I don't have those options in hdparm. I'm at hdparm v6.6 and these options are in hdparm v8.1. Hmmm... Let's look at the status:
==============================================
cat /proc/mdstat
Personalities : [raid1]
md1 : active raid1 sdb1[1] sda1[0]
104320 blocks [2/2] [UU]
md2 : active raid1 sdb2[2](S) sda2[0]
488279552 blocks [2/1] [U_]

Let's look at the details of md2:
==============================================
mdadm --detail /dev/md2

So md2 has:
1 active-sync member
1 removed member
1 spare member

We can't add the new drive into md2 because it's already added:
==============================================
mdadm -a /dev/md2 /dev/sdb2
mdadm: Cannot open /dev/sdb2: Device or resource busy

So we have to fail it and remove it:
==============================================
mdadm -f /dev/md2 /dev/sdb2
mdadm -r /dev/md2 /dev/sdb2

Now let's try to re-add it with the re-add option:
==============================================
mdadm /dev/md2 --remove detached
mdadm --re-add /dev/md2 /dev/sdb2

Same result. Humph...

==============================================
Let's remove the device, shutdown and add the original sdb back in.

Same result. Humph...

==============================================
We're back to the bad block. Exact same message, exact same block:
$raid1: sda: unrecoverable I/O read error for block 976557696

Modern hard disk drives are equipped with a small amount of spare sectors to reallocate damaged sectors. However, a sector only gets relocated when a write operation fails. A failing read operation will, in most cases, only throw an I/O error. In the unlikely event a second read does succeed, some disks perform a auto-reallocation and data is preserved. In my case, the second read failed miserably (“Unrecovered read error – auto reallocate failed“).

If there were another correctly working disk in the raid, I would just replace the bad disk. But this is the only disk left.

==============================================
Let's see the logical volume:
lvdisplay --maps |egrep 'Physical|LV Name|Type'

OK, it's: /dev/main/root

I'm going to try to run badblocks on the lv:
badblocks -n -s /dev/main/root

I get:
/dev/main/root is mounted; it's not safe to run badblocks!

===============================================
Boot from Install CD.
Type: sme rescue (at prompt)

Select your language. Select keyboard language.
Select READ/WRITE

Unmount the lvm:
unmount -l /dev/main/root

Check for bad blocks on the lv:
badblocks -n -s /dev/main/root

That took too long. Stopped at 1% compelete.

================================================
Let's check the remaining disk:
smartctl -a /dev/sda

Gives the error log:
40 51 08 22 46 38 e0  Error: UNC 8 sectors at LBA = 0x00384622 = 3687970

And also gives the proper LBA error:
LBA_of_first_error
976766499

This is the decimal number. The hexadecimal number is: 0x3a384623.

The system has a raid. LVM is on the raid. The file system is on LVM. Trying to map the bad phyiscal block, to the LVM logical block is nearly impossible because it's manual calculation. But I try anyway.

Finding the sda layout:
sfdisk -luS /dev/sda

Gives:
Disk /dev/sda: 60801 cylinders, 255 heads, 63 sectors/track
Units = sectors of 512 bytes, counting from 0

Device Boot    Start       End   #sectors  Id  System
/dev/sda1   *         1    208769     208769  fd  Linux raid autodetect
/dev/sda2        208770 976768063  976559294  fd  Linux raid autodetect

so the bad lba is in sda2.

The LBA minus the start of the partition:
976766499 - 208770 = 976557729

Let's get the size of the PHYSICAL EXTENT of the PHYSICAL VOLUME:
pvdisplay
--- Physical volume ---
PV Name               /dev/md2
VG Name               main
PV Size               465.66 GB / not usable 3.31 MB
Allocatable           yes (but full)
PE Size (KByte)       32768
Total PE              14901
Free PE               0
Allocated PE          14901
PV UUID               M1IIOi-nln7-encf-DgZC-DtjF-0ZGs-4OEFgK

So we have:
32768

So the LBA block size is 32768 * 2:
65536

Let's find the offset of the beginning of the first PE:
pvs -o+pe_start $part

Gives:
192.00K

Let's calculate the physical partition's bad block number / sizeof(PE) =
976557729 / 65536 = 14901.0883942

Find the LV of 14901:
lvdisplay --maps |egrep 'Physical|LV Name|Type'

Gives:
]# lvdisplay --maps |egrep 'Physical|LV Name|Type'
LV Name                /dev/main/root
Type                linear
Physical volume     /dev/md2
Physical extents    0 to 4702
Type                linear
Physical volume     /dev/md2
Physical extents    4765 to 14900

So we know it's in /dev/main/root

We need to know the block size of the LV:
dumpe2fs /dev/main/root | grep 'Block size'

Gives:
Block size:               4096

The logical partition begins on PE 4765

So let's find the badblock
(# PE's start of partition * sizeof(PE)) + parttion offset[pe_start] =
(4096 * 65536) + 192 = 268435648

Let's test the FS of the bad block:
dd if=/dev/main/root of=block268435648 bs=4096 count=1 skip=268435648

Nothing.

debugfs
debugfs 1.32 (09-Nov-2002)
debugfs:  open /dev/main/root
debugfs:  testb 268435648

976557696

I got:
Illegal block number passed to ext2fs_test_block_bitmap #268435648 for block bitmap for /dev/main/root
Block 268435648 not in use

This means my calculations are wrong.

Crap...

====================================
Back to the drawing board. Here's what I know:
debugfs must be used on the filesystem. The filesystem is on /dev/main/root
The disk has sectors of 512 bytes.
The logical block size of the FS is 4096 (Or the block size is 8 disk sectors)
The error message is: raid1: sda: unrecoverable I/O read error for block 976557696
(I don't know if this is the block on sda, sda2, md2 or /dev/main/root).
Doing a e2fsck -cvy /dev/main/root or a badblocks -n -s /dev/main/root takes too long.
The LBA_of_first_error is 976766499
The starting sector of sda2 is 208770.
The last sector of sda2 is 976768063.
The total sectors in sda2 is 976559294.
The problem is at 976557729 inside partition sda2.

====================================
If no LVM it would be:
((976766499 - 208770) * 512) / 4096 = 122069716.125

http://smartmontools.sourceforge.net/badblockhowto.html#bb

So I check to see if it's in the repos
yum --enablerepo=* search sg3

I get some pages back.

So I look at more info about it:
yum info sg3_utils

I get back the package is in the centos base repo.

Feeling safe, I install the package:
yum install sg3_utils

Now I can verify LBA block without feeling nausea:
sg_verify --lba=976766499 /dev/sda

I get:
verify (10):  Descriptor format, current;  Sense key: Medium Error
Additional sense: Unrecovered read error - auto reallocate failed
Descriptor type: Information
0x000000003a384623
medium or hardware error, reported lba=0x3a384623

I poke around other LBA from the logs:
sg_verify --lba=976557696 /dev/sda

I get nothing.

I'm all in and going to reassign the block:
sg_reassign --address=976766499 /dev/sda

I get:
REASSIGN BLOCKS not supported

Crap... The good news is that I've verified the LBA block or physical block.

================================================
Physcial block: 976766499
File system block: 3687970

b = (int)((L-S)*512/B)

================================================
I'm down to:
using a live cd to hdparm
or
Spinrite.
or
calculate something to use dd on the lvm filesystem.

================================================
I downloaded a gparted livecd & burn it to a cd
Booted from gparted live cd and entered command line mode.

hdparm –read-sector 976766499 /dev/sda: Input/Output error

Then write to the sector:
hdparm –write-sector 976766499 /dev/sda
hdparm –write-sector 976766499 –yes-i-know-what-i-am-doing /dev/sda

Read sector again:
hdparm –read-sector 976766499 /dev/sda
(a lot of zeroes should follow)
================================================

New error:
raid1: sda: unrecoverable I/O read error for block 976558336

================================================
# 1  Short offline       Completed: read failure       90%     44420         976766501

Booted from gparted live cd and entered command line mode.

This time when I read the sector, I get a bunch of zero's
hdparm –read-sector 976766501 /dev/sda

================================================
Reboot... won't boot.

Boot into file system recover mode (no live cd or rescue).
Look at /cat/proc/mdstat
Now md1 was automatically renamed md127 thanks to gparted livecd.

Go into single user mode:
telinit 1

Take a look at the mdadm.conf
mdadm --detail /dev/md127

If it says "Preferred Minor : 127" this this is your problem. You need to update the preferred minor.

mdadm --stop /dev/md127
mdadm --assemble --update=super-minor /dev/md1 /dev/sda1

Then you'll have your md127 assembled as md1. And it should stay this way in the future too.

================================================
Since I didn't do:
mdadm --assemble --update=super-minor /dev/md1 /dev/sda1 /dev/sdb1

I now have:
# cat /proc/mdstat
Personalities : [raid1]
md1 : active raid1 sda1[0]
104320 blocks [2/1] [U_]

md127 : active raid1 sdb1[1]
104320 blocks [2/1] [_U]

md2 : active raid1 sda2[0]
488279552 blocks [2/1] [U_]

unused devices: <none>

Wonderful. Let's stop md127. But first, unmount it:
# umount /dev/md127

I get:
umount: /dev/md127: not mounted

OK. Since it's unmounted, let's stop it:
# mdadm -S /dev/md127

I get:
mdadm: stopped /dev/md127

Great. Back to start. Let's see what we have:
# cat /proc/mdstat

I get:
Personalities : [raid1]
md1 : active raid1 sda1[0]
104320 blocks [2/1] [U_]

md2 : active raid1 sda2[0]
488279552 blocks [2/1] [U_]

unused devices: <none>

Let's zero out the superblock of sdb so that md127 doesn't com back via some type of magic out there.

Fist, I check the partition table of sdb with the -lu option so it shows sectors rather than cylinders.
# fdisk -lu /dev/sdb
or
# sfdisk -luS /dev/sdb

I get:
Disk /dev/sdb: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders, total 976773168 sectors
Units = sectors of 1 * 512 = 512 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sdb1   *           1      208769      104384+  fd  Linux raid autodetect
Partition 1 does not end on cylinder boundary.
/dev/sdb2          208770   976768063   488279647   fd  Linux raid autodetect

Let's zero out the superblock of sdb.
#mdadm --zero-superblock /dev/sdb1
#mdadm --zero-superblock /dev/sdb2

Now let's add sdb back in.
#console > Manage Disk Array > Add sdb

I get:
kernel: raid1: sda: unrecoverable I/O read error for block 976558336

================================================

hdparm –read-sector 976766501 /dev/sda: Input/Output error

Then write to the sector:
hdparm –write-sector 976766501 /dev/sda
hdparm –write-sector 976766501 –yes-i-know-what-i-am-doing /dev/sda

Read sector again:
hdparm –read-sector 976766501 /dev/sda
(a lot of zeroes should follow)

hdparm –read-sector 976767187 /dev/sda: Input/Output error

Then write to the sector:
hdparm –write-sector 976767187 /dev/sda
hdparm –write-sector 976767187 –yes-i-know-what-i-am-doing /dev/sda

Read sector again:
hdparm –read-sector 976767187 /dev/sda
(a lot of zeroes should follow)

================================================
kernel panic

crap!!!

================================================
Boot from livecd.

type: sme rescue
press ENTER for ENGLISH
press ENTER for US
press right arrow to select NO, Don't start network.
press ENTER to CONTINUE, Start filesystem.
press ENTER for OK

Take a look at:
cat /proc/mdstat

md1
md127

mdadm --detail /dev/md127

If it says "Preferred Minor : 127" this this is your problem. You need to update the preferred minor.

vgchange -an
can't deactivate volue group main with 2 open logical volumes

Can't stop the volume group because there's a logical volume open.

lvchange -an
lv main/root in use: not deactivating

Can't stop the logical volume. Don't know why.

Let's reboot without mounting the file system:
Boot from livecd.

type: sme rescue
press ENTER for ENGLISH
press ENTER for US
press right arrow to select NO, Don't start network.
SKIP the filesystem

mdadm --assemble --update=super-minor --uuid ce917023:5da6a14f:2a9c304f:a380120a /dev/md2

================================================
Use ddrescue to clone disk.
Boot to system rescue cd with defaults.
The raid starts to rebuild automatically, so we will have to stop it.

mdadm -f /dev/md1 /dev/sdb1
mdadm -r /dev/md1 /dev/sdb1

mdadm -f /dev/md2 /dev/sdb2
mdadm -r /dev/md2 /dev/sdb2

Now let's clone the disk:

ddrescue -f -n /dev/sda /dev/sdb rescue.log
ddrescue -d -f -r3 /dev/sda /dev/sdb rescue.log

Now let's shutdown.
halt

Remove sda. Now reboot.

Boot fine! It recognizes the new cloned drive as sda.

Shutdown:
signal-event halt

Reposition the drive sda to the first slot for sanity's sake.
Place new hd into the second slot.
reboot.
console
manage disk array redundancy.
add sdb into array.
wait for resync.

# cat /proc/mdstat
Personalities : [raid1]
md1 : active raid1 sdb1[1] sda1[0]
104320 blocks [2/2] [UU]

md2 : active raid1 sdb2[1] sda2[0]
488279552 blocks [2/2] [UU]

resync's fine!!!

================================================
Now reboot with only sdb. I get:
black screen.

I have to reinstall grub onto sdb. It should have happened on manage disk array redundancy. Asking for help.

In the end, the following worked fine:
grub-install sdb

md1 was automatically renamed md127 after using gparted livecd.

md1 was automatically renamed md127 after using gparted livecd.

Boot into file system recover mode (no live cd or rescue).
Look at:

1./cat/proc/mdstat

Now md1 was automatically renamed md127 thanks to gparted livecd.

Go into single user mode:

1.telinit 1

Take a look at the mdadm.conf

1.mdadm --detail /dev/md127

If it says "Preferred Minor : 127" this this is your problem. You need to update the preferred minor.

1.mdadm --stop /dev/md127
2.mdadm --assemble --update=super-minor /dev/md1 /dev/sda1 /dev/sdb1

This will rebuild, without data loss, md1.

Or to be more exact, use the uuid of the raid disk, md1, and update the name.

1.mdadm --assemble --update=super-minor --uuid ce917023:5da6a14f:2a9c304f:a380120a /dev/md1

Of course you need to re-adjust for your raid situation. In my case, md1 was built from sda1 and sdb1.

Then you'll have your md127 assembled as md1. And it should stay this way in the future too.

How Do I Remove md127?

How Do I Remove md127?

If you're following along, md127 is on the system because of the gparted live cd. It isn't being used because we've re-built the array as md1.

md127 is left over as a raid device but there are no disks to it. Let's stop md127. But first, unmount it:

1.# umount /dev/md127

I get:

1.umount: /dev/md127: not mounted

OK. Since it's unmounted, let's stop it:

1.# mdadm -S /dev/md127

I get:

1.mdadm: stopped /dev/md127

That should do it.

IE9 Won't Install - code 3715

IE9 Won't Install - code 3715

IE9 won't install on a Windows 7 64-bit system:

1.-download the SYSTEM UPDATE READINESS TOOL here:
3.-run the tool (as administrator)
4.-wait about 30 minutes.
5.-download the IE9 offline installer here:
7.-run the IE9 INSTALLER (as administrator).

That should do it.

PDF -The file is damaged and could not be repaired

PDF -The file is damaged and could not be repaired

Try to open a PDF in FIREFOX and get the message: The file is damaged and could not be repaired. Local\gobblygook

The fix, for me was a setting in KASPERSKY.

1.-click KASPERSKY > SETTINGS
2.-click WEB ANTIVIRUS (on the left-hand side).
3.-click SETTINGS (under SECURITY LEVEL, in the middle)
4.-click TRUSTED URLS (tab at the top)
5.-click ADD
6.-type: *.yourwebsitename.tld/*
7.-click OK > OK > OK

Office 2008 Mac Setup Assistant Loop

Office 2008 Mac Setup Assistant Loop

If you have the serial code for the software, you remove the files below:
~/Library/Preferences/Microsoft/Office 2008/Microsoft Office 2008 Settings.plist
/Applications/Microsoft Office 2008/Office/OfficePID.plist

If you are using the Mac Migration Assistant and migrate the Apps but not the user, copy the files from the old computer to the new user/computer.
~/Library/Preferences/Microsoft/Office 2008/Microsoft Office 2008 Settings.plist
/Applications/Microsoft Office 2008/Office/OfficePID.plist

That should do it.

eregi, preg_match | split, preg_split | ereg_replace, preg_replace

Quick note to myself; eregi, ereg_replace and split are depreciated php functions. Official note is here:

http://www.php.net/manual/en/reference.pcre.pattern.posix.php

Fix eregi with preg_match like so:

case (eregi('android',$user_agent));  // we find android in the user agent
case (preg_match('/(android)/i',$user_agent));  // we find android in the user agent

if ( eregi( "bmp|gif|jpg|png|jpeg", $file ) && is_file( $i_f ) ) {^M
if ( preg_match( "/(bmp|gif|jpg|png|jpeg)/i", $file ) && is_file( $i_f ) ) {^M

if (eregi("0$", $count)) {
if ( preg_match( "/(0$)/i", $count)) {

if (eregi("gif", $file) || eregi("jpg", $file) || eregi("png", $file))
if (preg_match("/(gif)/i", $file) || preg_match("/(jpg)/i", $file) || preg_match("/(png)/i", $file))

Fix split with preg_split like so:

split(':', $thumbSpace);^M
preg_split('/:/', $thumbSpace);^M

split('www', 'D:/Projects/job.com/www/www/path/source', 2);
preg_split('/www/', 'D:/Projects/job.com/www/www/path/source', 2);

Fix ereg_replace with preg_replace like so:

$output = ereg_replace (";", "", $output);
$output = preg_replace ("/;/", "", $output);

Dell 3100cn Won't Work with Windows 8

Dell 3100cn color laser printer won't work with Windows 8. When it asks for the driver:

  • select DELL (on the left hand side).
  • select DELL OPEN PRINTER DRIVER (PCL 5) (on the right hand side).

That should do it. It will work, it just won't automatically pick up the correct model number. Who cares. At least it works. Better than Dell not offering specific drivers.

Brother MFC Scanning Windows 8

Brother MFC 8440 won't scan as PDF on Windows 8 (32 bit). These are loose instructions as I can't provide step by step.

You'll have to start the scans from the computer. The scan buttons on the Brother MFC won't work. But at least you can scan to PDF.


Another option, if you really want PaperPort then:

You'll have to start the scans from the PaperPort in this instance. But at least you can use PaperPort and you can scan to PDF. The ConnectionTool also works if the SCAN button in greyed out in PaperPort for Windows 8.


All of this is provided that the twain driver is installed. The WIA driver won't work. If the twain driver needs installed:
  • right-click MY COMPUTER.
  • click MANAGE.
  • click DEVICE MANAGER.
  • find IMAGING DEVICES in the tree.
  • right click BROTHER MFC 8440.
  • click UPDATE DRIVERS.
  • click I HAVE THE DRIVERS.
  • browse to the driver folder and inf file.
  • click OK.

This will install the twain driver.

Allow Internal Lan Clients to Send Email

Upgrading to SME v8 (Centos v5, RHEL v5) requires email clients on the internal lan to send email with authentication turned on and SSL turned on. Without this, email will not get sent.

To send email from internal email clients without requiring authentication turned on and SSL turned on.

config setprop qpsmtpd RelayRequiresAuth disabled
signal-event email-update

How Do I Reset a Ricoh Printer Back to Factory Defaults?

To reset a Ricoh printer back to factory defaults:

  1. -go into SERVICE MODE
  2. -go to: SP 5-801

Sender Name Has Not Been Registered to the Address Book on Ricoh Printers

Sometimes I get a "Sender name has not been registered to the address book" error on Ricoh printers and multifunction machines.

  1. -walk up to machine.
  2. -click USER TOOLS -> SYSTEMS SETTINGS.
  3. -click the FILE TRANSFER tab (at the top).
  4. -click NEXT or the down arrow button (at the bottom).
  5. -click AUTO SPECIFY SENDERS NAME.
  6. -click ON.
  7. -while you are there, make sure there's an ADMINISTRATOR'S EMAIL address and SMTP settings.
  8. -click OK -> EXIT -> EXIT.

As far as I know there is no way to change this on the web interface. I'm probably wrong, I just don''t know where it is. The other settings on the web interface are accessible by clicking EMAIL.

Other settings in to make a multi-page PDF, in other words a PDF with multiple pages and not seperate pages, are in:

  • Default Settings for Normal Screens on Device
  • Default Settings for Simplified Screens on Device

Hardware VEN DEV's

Here's a list I just used to figure out the model number of an attached harware wireless client. I was working remotely so I couldn't just look at the label.

http://www.linux-usb.org/usb.ids

  1. -right click MY COMPUTER
  2. -click MANAGE
  3. -click DEVICE MANAGER (on the left hand side)
  4. -click the + (next to a device, ie "network adapters")
  5. -right click on the device
  6. -click PROPERTIES
  7. -click DETAILS tab (at the top)

The number in the big white box looks like this:
PCI\VEN_8086&DEV_1050&SUBSYS_017A1028&REV_02\4&1C660DD6&0&40F0

The important parts are the following:
VEN number: 8086
DEV number: 1050

Look it up on the list and you'll see what I was working with.

Macbook Pro Slow After New Hard Drive

UPDATE

I'm not sure the below is correct. I think there is a problem with the link negoatiation between 1.5 (sata), 3.0 (sata2) and 6.0 (sata3). Something isn't jiving. You can see this post where people more interested in this than I am located a tool to change the speed: http://forums.macrumors.com/showthread.php?t=1584023&page=2


 

After I upgraded a client's Macbook Pro (Mid 2009) 250GB hard drive to a 1TB WD WD10JPVT and cloned it with CCC, the Macbook Pro was sloooooowwwwww.

Being beachballed to death, I searched for a solution. It's technical but basically the SOFTWARE UPDATE in OSX upgrades the EFI FIRMWARE to v1.7. I don't know why exactly but downgrading to EFI FIRMWARE to v1.6 fixes it (shamelessly reprinted from the Crucial forms).

Verify you have a higher version number than 1.6.

  1. -click APPLE > ABOUT THIS MAC > MORE INFO
  2. -find "Boot ROM Version"
  3. -it should say: MBP53.00AC.B03
  4. -download http://hotfile.com/dl/109001076/5dfaf39/aluminum.macbook.pro.recovery.dmg.html
  5. -open DiskUtility and drag the above image to the left.
  6. -plug-in any USB flash drive (no need for large capacity).
  7. -click the USB from the left and erase with "Mac OS Extended (Journaled)".
  8. -click the image and choose the RESTORE tab.
  9. -in the destination drag the USB drive.
  10. -click restore.
  11. -beboot while holding the option key to select the USB drive from boot menu.
  12. -the Apple logo will come up and a dark gray bar will start to move right under it.
  13. -sit relax and wait for the process to be done.
  14. -Macbook Pro will reboot automatically.
  15. -now open System Information and make sure that Boot ROM Version is MBP53.00AC.B02.

If you get "Could not find any scan information. The source image needs to be imagescanned before it can be restored."
-click on the image file in the list on the left.
-click on IMAGE > SCAN IMAGE (in the menu at the top).

The final fix for this is to change the SPECIFIC hd cable, with a 2010 FOXCONN model hd cable that is designed for the faster controller. It's a 15 minute fix and you should be running EFI Firmware v1.7 without any issues.
Here are the details:

PART#:
922-9314

iFixit part no:
161-061-1

FOXCONN#:
50 12. 02 6

APPLE part#:
821-0989-A (NOT part#: 821-0812-A)

How Do I Customize Joomla 2.5 Quick Icons

Go to: site-root/administrator/modules/mod_quickicon/helper.php

array(
'link' => JRoute::_('index.php?option=com_jevents&task=icalevent.list'),
'image' => 'header/icon-48-language.png',
'text' => 'Calendar Events',
'access' => true
),

In the example above the link goes to the JEVENTS component. I wanted to place a quick icon for Joomla 2.5 because I want my client to easily be able to access what they need to access. You can replace the LINK with your custom link.

How Do I Reset the Counter on a Ricoh 4100nl

Need to get to reset the counter on the Ricoh 4100nl?

1.-go into SERVICE MODE.
2.-press 2 > ENTER > 7 > ENTER > 804 > ENTER >
3.-press 001 > ENTER > ENTER > ESCAPE
4.-press 002 > ENTER > ENTER > ESCAPE
5.-press 003 > ENTER > ENTER > ESCAPE
6.-press 004 > ENTER > ENTER > ESCAPE
7.-turn OFF & back ON.

Service Mode for Ricoh 4100nl

Need to get to SERVICE MODE on the Ricoh 4100nl?

1.-turn power off.
2.-hold ONLINE & ESCAPE
3.-turn on
4.-nothing shows on led
5.-release ONLINE & ESCAPE

You're in SERVICE MODE on the Ricoh 4100nl.

Ricoh 4100 Remove Misfeed Internal Path

Are you getting an error message that says, "REMOVE MISFEED INTERNAL PATH" after changing the MAINTENANCE KIT on your Ricoh 4100nl?

-unplug printer
-remove two screws that hold the left panel on (one in back & one on left side after opening up the front).
-you'll see 2 silver motors about the size of a quarter.
-the lower one has a metal rod in the middle.
-push it all the way in. It has to be all the way flush with the rest. It came loose when replacing the paper feed roller.

If that doesn't work, I usually trash it. Probably thrown away about 10 so far. They don't make them like they used to. Still better quality than when I was using Dell/Lexmark products.

GPT Protected Disk

SCENERIO

You plug in a external disk drive into an Windows XP computer. The disk doesn't show under MY COMPUTER. You look in DISK MANAGEMENT and you might see HD Drive in GPT status.

SOLUTION

CAUTION! This will erase everything on the disk. If you need to get data off the disk, you'll have to use a data recover program like R-STUDIO or ICARE.

  • -click on "Start Menu" > click "Run" > type "cmd" > click "OK"
  • -type "DiskPart"
  • -type "list disk"
  • -type "select disk 1"
  • -type "clean" (This command removes GPT disk from the current in-focus disk by zeroing sectors).
  • -go back to Disk Management
  • -right click on disk info > choose "Initialize Disk"
  • -right click on disk info > choose "New Partition…", follow Partition Wizard and format it.
  • -now you are able to use the disk in Windows XP.

iPhone Photo Library is Black

On your iPhone, you go to the PHOTO LIBRARY and all you see is black. Here is the fix:

  1. Connect your iPhone to your computer.
  2. Run iPhone Explorer on your computer (install it if you don't already have it).
  3. Backup (copy to a folder on your computer) and then delete the following files:
  4. /DCIM/.MISC/Info.plist
  5. /PhotoData/Photos.sqlite
  6. /PhotoData/PhotosAux.sqlite
  7. /PhotoData/com.apple.photos.caches_metadata.plist
  8. Unplug your iPhone, launch Camera Roll app and wait as it rebuilds the database.

HP Printing Gibberish

HP printing gibberish when printing PDF's. The first page comes out in English but the other pages come out in hyroglyphocs or gibberish.

  1. open ADOBE READER.
  2. click PREFERENCES.
  3. uncheck PROTECTED MODE.

How Do I Share on Windows 7

STEP 1

-click Start > Control Panel > Network and Sharing Center.
-click Change Advanced Sharing Settings.
-make sure File and Printer Sharing is Turned On.
-make sure Password Protected Sharing is Turned Off.

STEP 2 (If that didn't work)

-click Start > type gpedit.msc
-navigate to Computer Configuration/ Windows Settings/ Security Settings/ Local Policies.
-click on User Rights Assignment.
-click "Access this computer from the network"
-make sure EVERYONE is added to the list.

STEP 3 (If that didn't work)

-click here Windows Server 2003 Resource Kit Tools: http://go.microsoft.com/fwlink/?LinkId=4544(ignore message about known issue.)

After installation is complete, click on: Start > All Programs > Windows Resource Kit Tools > Command Shell

Type (Attention: they are case sensitive.)

1.net user guest /active:yes
2.ntrights +r SeNetworkLogonRight -u Guest
3.ntrights -r SeDenyNetworkLogonRight -u Guest

The first command enables network access for Guest, the two subsequent ones change two different policies to allow network access for Guest.

Ricoh LPR Port

Ricoh printers should be able to print with a RAW PORT and port number 9100. These are the default settings for TCP/IP printing.

To get an older Ricoh printer to print in LPR

1.-select LPR
2.-type: lp (that's a lower-case L and lower-case P in the QUEUE).

I recently had this with an MPC2000 (MP C2000).

In the end, I switched it back to RAW PORT 9100. It seemed it was a firmware issue.

Find Your Service Tag Number

Finding your service tage or serial number can be a pain. These are needed so that I can get the right drivers on the computer which is always harder than it seems.

1.-click RUN
2.-type: cmd
3.-click OK
4.-type: wmic csproduct get vendor,name,identifyingnumber
5.-hit ENTER (on the keyboard)

Reset a Cisco AIR-AP1121G-A-K9

To reset a Cisco AIR-AP1121G-A-K9 to factory defaults:

1.-power Cisco Aironet down.
2.-hold the MODE button, and turn it on.
3.-hold the MODE button until you the AP lights turn red, which should be after about 30 seconds.

To access a Cisco AIR-AP1121G-A-K9 with factory defaults:

1.-give your PC  the static address of 10.0.0.2
2.-plug your PC into your AP's Ethernet interface using a Crossover cable (this is required).
3.-open a web  browser and try to connect to 10.0.0.1
4.-USER: Cisco (case-sensitive)
5.-PASS: Cisco (case-sensitive)

Note that the AP only holds the 10.0.0.1 for 5 minutes after boot.

Also note that if it's plugged into a router, it will pick up a DHCP address. If so, you may be able to look at the address table on the router and match up the MAC ADDRESS with IP ADDRESS so you can see what address to connect to. Hope that makes sense.

For the record, the above access points are nearly the worst wireless units I've ever come across. It's taken nearly all day to reconfigure these units that could have been done in a matter of minutes on DDWRT. After that, one went awol and brought down the entire network for some unknown reason. I'm seriously considering dropping these units in the project and replacing them with Asus units with DDWRT.

Contact Form Spam

So this site has recently been the target of CONTACT FORM SPAM. This means that a CONTACT FORM on the web site is being hammered by an automated process to submit content to the form that is really just junk and random letters.

The main ip address of the spammer is 178.238.232.234. and the logs are here: http://daknetworks.com/logs/giga-hosting.biz

I went ahead and contacted the abuse department at giga-hosting.biz, the company responsible for the server and ip address. I'm doubting to get any response but you never know.

I put on CAPTCHA on the contact forms. CAPTCHA is where it makes you spell the funny letters and numbers before hitting submit. You know what I'm talking about, right? Good. Well, unfortunately, in this world it is just about absolute necessary to have one of those on just about every contact form.

UPDATE

And upon sending the message we received the response of "[your email] is_not_yet_authorized_to_deliver_mail_from" message. Basically this means that they are greylisting or DEFERRING any email that comes to them. Our system should automatically resend the message when appropriate.

Comcast SMC Business Class Modem Login

I've been doing a bunch of Comcast Business Class internet setups lately. With 25mbps download speeds and a affordable pricing for Small to Medium Enterprises (SME's), who can blame the customers. I'd do it too.

The issue with the cable connection is that it isn't guaranteed. This means it could go down for any reason what-so-ever and there's really no re-course. Not good for an office fully of paid salaries trying to accomplish daily tasks. So I also have a backup T1 connection. Funny because historically T1 connections were soooo much faster than speeds at home.

I usually install my own equipment (ROUTER) behind the MODEM. When doing this, 2 items I notice.

First, DHCP is turned on the modem. I don't want that because I have a static IP. So getting into the SMC modem is as follows:

-open INTERNET EXPLORER (big blue 'e' on computer).
-at the top where you type in a web site, erase everything up there.
-type: 10.1.10.1
-hit ENTER (or RETURN) on the keyboard.

USER: cusadmin
PASS: highspeed

Turning off DHCP should be pretty obvious.

Secondly, I couldn't get through my router with a public IP from a remote location so that I can access the equipment behind it. There's an firewall setting that has to be changed in the SMC modem to make it work. Simply:
-checkmark "Disable Firewall for True Static IP Subnet Only."

That's it. Enjoy your highspeed, really, really fast business class internet from Comcast with a static IP.

DDWRT Kong Builds

I've been using the Kong Builds lately and have been happy with them. Just make sure to use the right build number. Currently, I use Kong Build R18050 here:
http://www.desipro.de/ddwrt/K26/r18050/

There still seems to be some kind of memory leak or wireless driver issue with the new drivers but I'll wait and see it improves.

If I have to resort to the DDWRT official builds, I resort to the R14929 by BrainSlayer, also known as BS builds found here:
ftp://dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2010/08-12-10-r14929/broadcom_K26/

I am getting a little worn over the whole wireless issue and trying to find the maximum settings so that everyone can work at peak performance. Here's what I currently use:

1.NG Mixed Mode
2.Channel Wide 40MHz
3.Extension Channel Upper
4.Channel 6 if possible & Channel 8 if not possible.
5.17 TX Power
6.WPA Personal Security Mode (not WPA2)

XP ACTIVATION BLACK PAGE

SITUATION: Repair install on Windows XP. Must activate. Can't activate... get black screen.

01.1. Turn On your PC.
02.2. Press F8 repeatedly and go to SAFE MODE WITH COMMAND PROMPT.
03.3. Click RESOLVE LATER (a black screen with show).
04.4. Type: cd \windows\system32
05.5. Type: rundll32.exe syssetup,SetupOobeBnk
06.(one space after "rundll32.exe" - Oo are two letter o's - capitals and comma are necessary)
07.6. Wait a couple of seconds (although you will Not see any change).
08.7. type: shutdown -r -t 3
09.8. You are now able to go to Normal Mode again (For another 30 days !!!).

Top Ten Reasons Why I Miss the Palm Pre and the WebOS

Scenario

I've had a Palm Pre for more than 2 years now. Like dog years, that's about 14 years in technology world. After this time, the phone started to show signs of wear. Random shutdowns, cracks in the case and the like prompted me to move to a newer, better looking model that requires less maintenance.

I switched to the iPhone 4s. The decision was more out of necessity, than by choice. What other phone could I really choose? The Android or Droid is absolutely horrendous. So that left me with one option, the iPhone.

While it seems like everyone has this phone and absolutely loves it, I'm a little different. After only a week, I can already find myself wanting some of the features of the Palm Pre I've become accustomed to.

Rationalization

You see, I'm a geek. I admit it. I like things a certain way. The litmus test for most of my project implementations is the following:

Perfection is achieved perfection not when there is nothing left to add, but when there is nothing left to take away– Antoine de Saint-Exupery .

This has much to do with User Interface design or UI. But it also has to do with how we operate and perform tasks. In projects, I refer to this as processes and procedures.

Only give them the buttons you want them to use. If you don't want them to use a button, don't give it to them. Don't give them 2 steps when you can only give them one. You get the idea.

Top 10 Items I Miss About the Palm Pre and WebOS

As I apply these ideas to the iPhone 4s, I'm amazed. Not at what a wonderful tool it is but how in the world did it become so popular? There are great items about·the device·and it's a cool party topic but most of it is soooo 2007. It's almost 5 years later. We deserve more. We deserve the features the Palm Pre had over 2 years ago.

Here are the top ten·items the Palm Pre/WebOS has/had that I dearly miss:

01. Visual notification. This is really a stroke of genius. The Palm Pre had a visual notification when someone emailed me, texted me or called me. If I didn't get the buzz (or disabled the buzz altogether), the light would flash letting me know even from across the room that something happened. That's great because I'm not tied to my phone all the time but it usually is in close proximity. Now I have to do 4 steps with the iPhone, get the phone, turn on the screen, swipe it to activate and visually check for messages. With the Palm Pre, this only took a glance of my eye. No extra steps required.

02. Unified Swiping. This means that with the Palm Pre, everything was like a book, left to right. That's great because to go back, you don't have to find a button, just swipe to the left (or book backwards) at the bottom of the phone and it will take you back. Again, very intuitive. The iPhone has back buttons scattered all around. Sometimes at the top, sometimes at the bottom. I find fingers going schitz looking for where to push. To me this translates as a slowdown. With the Palm Pre, this is only a swipe of a thumb from the hand that's holding it. No extra steps required.

03. Card Multitasking. This was brilliant as well. On the Web OS, every new item was a card. A simple push of the button will allow you to visually see all the cards so that you can get to the one you want. Want to see a contact while writing an email? No problem, just push one button to activate the carding system and go to the contacts. Then go back via the same route you came. No extra steps required.

04. Screen Size. Believe it or not, in some cases, the screen size was larger on the Palm Pre than the iPhone. When I have to text something, the virtual keyboard takes up more than half of the physical screen size leaving my texting visual field to nearly that of a calculator I had in high school. Ugh... I miss the larger usable screen size.

05. Texting App. I can barely read texts on the iPhone. I don't need to shrink and see a comic-bubble like on the iOS. The WebOS had texting in full font size and differentiates people by a simple different color background. It also time stamped conversations easily to see when conversations happened. I miss the WebOS texting app.

06. Cloud. I mean really. It's November 2011 and the iOS is just coming out with cloud which requires a forced upgrade. WebOS has this by default and has it by design and since inception almost 3 years ago. If I drop the phone in the ocean, who cares. I buy a new one type in my username and password and viola... all my important stuff is there including my APPS. No extra steps required.

07. Synergy. This is something iOS still hasn't caught onto. Lets say I have a Facebook Friend named Dallas Herrmann. Guess who's contact is in my contacts? Dallas's. Guess who's picture shows when Dallas calls? Dallas's. I didn't put it there, it pulled from Facebook. Chances are if he's my friend in Facebook, he'll call my cell phone. If he changes his picture on Facebook, it changes on my phone. I can override this of course. I really liked this. No extra steps required.

08. Phone App. The Phone App on the iPhone is terribly thought out in my opinion. Going from voicemail to missed calls to contacts is clumsy. Trying to make a phone call requires more scrolling than an ancient library. Finding contacts is such a slowdown since everyone is listed by last name. With the Palm Pre, I open the phone app and start typing either their first or last name and a short list shows. No extra steps required.

09. Notifications. On the iOS, I get a little read circle with a number. That tells a whole lot of nothing. The WebOS has a notification system that shows a notification with what happened and who did it. Getting rid of them wasn't entering the app, it was a simple swipe to remove the visual item. No extra steps required.

10. Touchstone Charging. The iPhone still has to be plugged in to get a charge. The Palm Pre could have a touch back that rested on a pedestal. This limited the chances of breakage of tiny part or of dirt entering the internals of the device. It was less moving parts. No extra steps required.

Additional Notes

So there you have it, the top 10 items I miss most about the Palm Pre and WebOS. I could have put other items in like the single swipe to delete emails or the sticky note app but the list above is good. If I missed something or if you just want to sound off, let me know. We're a small group.

Also note that there are things that I won't miss about the Palm Pre that should be put into a different post.·As well, there are items about the iPhone 4s that are superior to the Palm Pre which again is a different post altogether.

I suppose my biggest suprise is the lack of support of a large company for the WebOS. It is a viable and in some cases preferred alternative to the iOS. Not everyone needs to have games and apps of the iOS. People like me don't have time for that stuff anyway. What we need is productivity. And that seemed to be the gap the·WebOS filled for me. My device needs to do some things really, really well: phone, contacts, calendar, email, texting and twitter.

There's a Pepsi for Every Coke

In my perfect world, Sprint would have bought the WebOS (instead of HP, yuck) and married it to their services. This would have created a synergy in the mobile communications sector defining themselves for productive people and attracting people who don't prefer the iOS or want·the opposite of items that can be seen as childish. Doing this would have created a clear personal brand that defined Sprint and WebOS for productive people and pitted themselves against the iPhone which is nothing more than an unproductive toy that requires attention that I·have set for other important items. I would used a tag line, Productivity Begins.

No Sim Card Installed - iPhone 3GS (iOS 5.0.1)

I will list out the horror story later. Basically if you have a "No Sim Card Installed" or "No Service" message. Do the following exactly. Do not read into the instructions - just perform the steps.

1. connect iPhone to Mac with iTunes.

2. remove the SIM CARD (take a paper-clip and push it in the top pinhole to eject the card).

3. put iPhone in DFU mode (that is holding down the POWER BUTTON & HOME BUTTON both at the same time for exactly 10 seconds. Release the POWER BUTTON only).

[a message on iTunes shows that an iPhone is connected in recover mode.]

4.click RESTORE in iTunes (this will restore the iPhone to the stock/normal firmware.)

5. wait til it is finished.

6. when the phone boots, it will show "No Sim card." Don't do anything yet.

7. simply put the simcard in the top SIM CARD slot.

6. the phone will activate the phone automatically.

Update: 11/03/12: This is one of the most popular articles on this web site. Please note that this info is provided as in my own experience and it isn't meant to fix your particular issue. Please make sure you've backed up everything. Please make sure everything is synced. Please refrain from emailing me, asking me for support. If you want my advice, upgrade your phone to the latest version available (iPhone v5) and have the store/service transfer everything.

What is a T1?

internetRecently I was at a medical office in Stuart. The office was sending huge x-ray images to various places. The issue was sending the files was taking forever.

They couldn't understand why it was taking so long because they had a DSL. I asked it they ever considered a T1? They said they didn't understand what a T1 was compared to their DSL line.

Great question.

Internet connections are measured in two ways; download speed (or receiving speed) and upload speed (or sending speed).

Download speed is the speed by which we surf the internet. Your laptop is getting information from somewhere else. Complaints asking why the internet is so slow is always download speed.

Upload speed is the speed by which we send emails. Your laptop is sending information to somewhere else. This is why their complaint about slow in sending prompted me to inquire about a T1 consideration.

Furthermore, we measure speeds in megabits, Mbp, (not megabytes, MB, like we normally do). Here's how the connections stack up.

Their DSL was a 6Mbps. This is a 6Mbps maximum download speed. Upload speed probably around 0.250 Mbps.

Their T1 is going a to be 1.5Mbps. Upload speed is going to be 1.5Mbps. This is a 500% increase over a DSL line in upload speed. Giving the best chance at sending the xray images.

The most important factor of T1 is that it is guaranteed. This means it is guaranteed to be running all the time. Worries about their internet going down like it did in the past won't be an issue anymore.

After explaining the differences, we'll be installing a T1 at their office this week.

Open .xls Files with Office Starter (Excel Starter)

SITUATION:

-have a traditional .xls file on the DESKTOP

-double-click to open it.... nothing

RESOLUTION:

01.-close out of everything
02.-click START > RUN
03.-type: regedit
04.-click OK
05.-navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xls\OpenWithProgIDs
06.-it'll probably say: "Excel.Sheet.8"
07.-right-click
08.-click RENAME
09.-change to: "Excel.Sheet.12"
10.-restart computer
11.-click START > CONTROL PANEL > DEFAULT PROGRAMS
12.-click ASSOCIATE A FILE TYPE WITH A PROGRAM
13.-find .xls
14.-double-click
15.-change to: "Microsoft Application Virtualization DDE"
16.-click OK > CLOSE

Yes... that took me about 2 hours to discover. I don't choose to hate Microsoft.... they force me to hate them.

DDWRT Initial Flash Instructions

This one is for me because I can never remember or sift through the endless pages of info on web sites concerning this.

The files are located here:

 

1.-the TRX file is the first one
2.-then
3.-telnet
4.-erase nvram
5.-reboot
6.-14896 is legacy
7.-14929 is recommended stable
8.-do a 30/30/30

COM+ Fix (Reinstalling COM+ Service)

01.-Reboot and start in Safemode
02.-Open a command prompt (cmd.exe) and execute the following commands:
03.-ren %windir%\System32\Clbcatq.dll Clbcatq.dll.bak
04.-del %windir%\Registration\*.* /s
05.-Start the registry editor and delete the following registry key:
06.[HKEY_LOCAL_MACHINE \SOFTWARE \Microsoft \COM3]
07.-Reboot and start in Normal mode.
08.-Open a command prompt (cmd.exe) and execute this command:
09.-rmdir /s %windir%\Registration
10.-Open the Control Panel and double click Add/Remove Programs
11.-Select Add/Remove Components and click Next and it will reinstall COM+
12.-Re-apply the necessary service packs and updates for COM+.
13.-click START > RUN
14.-type: cmd
15.-click OK
16.-rundll32 %windir%\system32\inetsrv\wamreg.dll, CreateIISPackage

Virtual Domain External SMTP on SME Server

SCENERIO

  • -add a virtual domain to the server.
  • -configure external domain name provider (in this case, ENOM) to point to server.
  • -configure external domain name provider to point MX records to gmail.
  • -check MX records.
1.dig -t mx domain.tld
2. 
3.;; ANSWER SECTION:
4.domain.tld.       1800    IN      MX      10 ASPMX.L.GOOGLE.com.
5.domain.tld.       1800    IN      MX      20 ALT1.ASPMX.L.GOOGLE.com.
6.domain.tld.       1800    IN      MX      30 ALT2.ASPMX.L.GOOGLE.com.
7.domain.tld.       1800    IN      MX      40 ASPMX2.GOOGLEMAIL.com.
8.domain.tld.       1800    IN      MX      50 ASPMX3.GOOGLEMAIL.com.
  • -send an email from primary domain to virtual domain.
  • -get a bounce basically saying "Recipient unknown"

SOLUTION

-added MailServer setting to domain

1.db domains setprop domain.tld <b>MailServer</b> a.b.c.d
2.signal-event email-update

chkdsk every boot

1.-click START > RUN
2.-type: cmd (black scary screen shows)
3.-type: fsutil dirty query c:
4.-if volume is dirty go to next step
5.-type: chkdsk c: /f /x
6.-when finished repeat: fsutil dirty query c:
7.-if no longer dirty then reboot (no more ckdisk).

What is an SSL Certificate?

What is it?

An SSL Certificate in layman's terms is a vouching system. In other words, you are who you say you are because a large company has verified it.

If I had a company, say like Dak Networks Company, how would you know that the web site you are on is actually the company web site? There's no way of actually knowing. Unless, of course, someone you trust told you that it really was the company web site. Then you would feel secure that you were on the right web site.

This in essence is what an SSL Certificate is. You pay a company. They do a little research to verify who you are. They hand you a certificate. Easier said than done.

Why do you need it?

You need an SSL Certificate to create an SSL connection or to have the HTTPS for you web site.

More importantly, you have to install it correctly for the web site not to complain. If it isn't installed correctly, people get weird messages when they visit your site like "there's a problem with this web site." So unless you want to field phone calls all day long and repeatedly say, "Just click continue" which drives you absolutely insane, you better make sure the SSL Certificate is installed correctly (sounds like I have experience with this?).

I have an SSL Certificate... Now What?

You have to install the SSL Certificate on your server. This is the issue.

What is SSL?

httpsWhat is it?

SSL stands for SECURE SOCKET LAYER. In layman's terms SSL is a secure connection. When you type something into a web site, any web site, and click SUBMIT, the information you type in can be seen by those young kids who know how to hack.

SSL prevents those kids from seeing what you type in.

What does it do?

SSL securely transmits the information you type into a web site so that no one can see it. Except, of course, the people who you're sending it to.

SSL Quick Example

Find the ADDRESS BAR at the top of your web browser (see picture). You know where you type in a web site. You can typically tell you're on an SSL web site because you'll see HTTPS in the beginning of the bar. The "S" stands for "secure." Also, recently, the ADDRESS BAR is changing color when an SSL connection is being made, sometimes blue (see picture) & sometime green.

What do I need if I want to do an SSL for my web site?

You need an SSL certificate from an authorized browser partner.

Install Rapid SSL Certificate, RapidSSL Intermediate Certificate & RapidSSL CA

When you get a RapidSSL Certificate (see instructions below somewhere), you have to install it. You also have to install the intermediate certificate. You also have to install the parent certificate or the certificate authority also known as the Root CA. The intermediate certificate & root certificate together is known as the CertificateChainFile or intermediate file or intermediate bundle or CA bundle.

So our structure from below is:

1.ssl.crt
2.ssl.key
3.ssl.pem

We'll change into the certificate directory:

1.cd ssl.crt

In this directory, you should have your server.crt, the certificate that you bought & they sent you in an email.

You should also have the INTERMEDIATE CERTIFICATE FILE. This is also called the CA BUNDLE.

Caution! They only send you the single intermediate certificate in the email. They don't send the bundle. You have to get it. Also, they send a link to the incorrect CA bundle in the email.

The problem with the RapidSSL bundle is that it contains the RAPIDSSL CA & the GEOTRUST CROSS ROOT CA and nothing else.

The GEOTRUST CROSS ROOT CA is here:
https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1426&actp=search&viewlocale=en_US&searchid=1283360269668

This works fine for newer devices like ANDROID phones as they have the GEOTRUST CROSS ROOT CA installed as something they can trust.

But it doesn't work for stable production systems like CENTOS 4, RHEL 4 or anything with OPENSSL v0.9.7a-43.17.el4_8.6 . The problem is that these items have a different CA STORE or items they can trust and the GEOTRUST CROSS ROOT CA isn't in the STORE.

The older GEOTRUST GLOBAL ROOT CA is in the store (which is different than the GEOTRUST CROSS ROOT CA... confusing, isn't it). First we have to get it:

So now the directory looks like this:

1.server.crt
2.RapidSSL_CA_bundle.pem
3.GeoTrust_Global_CA.cer

Great! We have to join these together into one certificate.

1.openssl x509 -inform PEM -in "server.crt" -text > ca_bundle.crt
2.openssl x509 -inform PEM -in "RapidSSL_CA_bundle.pem" -text >> ca_bundle.crt
3.openssl x509 -inform PEM -in "GeoTrust_Global_CA.cer" -text >> ca_bundle.crt

That's it! You know have a certificate called ca_bundle.crt to incorporate the certificate into you server directly. For me that's:

1.config setprop modSSL crt /home/e-smith/path/to/your/crt/ca_bundle.crt
2.signal-event domain-modify
3.signal-event email-update

This ensures you have no error messages on the browsers (firefox, opera, safari, ie) and it ensures you have no error messages on the email clients (thunderbird, etc).

You can test your work directly on the server directory with:

1.openssl verify -CAfile ca_bundle.crt -verbose server.crt

You can test your work directly on the public HTTPS side with:

1.echo GET | openssl s_client -connect yourwebnameserver.tld:443

And the public IMAPS with:

1.echo GET | openssl s_client -connect yourwebnameserver:993

Both will give you the chain structure and where it breaks, if it breaks.

Caution! If it tells you, you have a self-signed certificate, that's fine. The ROOT CA is always a self-signed certificate.

Hope this helps someone. Most importantly me, since it took a good 48 hours to pull all this together from different places & trial and error.

Create Key, Generate & Install Certificate -ssl, csr, crt

How many times do I have to go through this? Because this can be confusing I create 3 directories:
1.mkdir ssl.crt
2.mkdir ssl.key
3.mkdir ssl.pem

 

GENERATE KEY PAIR (key & csr)

This can be done a few ways. You can do this with PUTTY on a WINDOWS pc. You can do this with OPENSSL on a REDHAT server. Choose one. It doesn't matter. Below is for OPENSSL on the server.

 

1.cd ./ssl.key
2.openssl req -nodes -newkey rsa:2048 -sha256 -reqexts v3_req -keyout www.regionalidx.key -out www.regionalidx.csr -subj "/C=US/ST=Florida/L=Jupiter/O=Regional IDX/OU=IT/CN=www.regionalidx.com"

NOTE: Please do not enter your email address, challenge password or an optional company name when generating the CSR.

You can test out test CSR with the following:

openssl req -text -noout -verify -in www.regionalidx.csr

3.openssl req -new -key www.yourdomain-example.com.key -out www.yourdomain-example.com.csr

 

REQUEST CERTIFICATE

Great! You have a key as well as a certificate request (csr).

 

1.login to your account where you bought the certificate.
2.paste in your CSR.
3.submit the request.
4.check & double check to make sure the contact info is correct (you can't skimp here)

 

APPROVE REQUEST

 

1.the certificate provider (GEOTRUST, VERISIGN, etc) should email the AUTHORITATIVE EMAIL (admin @yourdomain.com) as listed out in the domain name WHO IS.
2.accept the request.

 

INSTALL CERTIFICATE

 

1.the certificate provider (GEOTRUST, VERISIGN, etc) should email you the certificate.
2.copy the certficate
3.change into the CRT directory
4.cd ../ssl.crt
5.paste it into the CRT file.
6.vi yourdomain-example.com.crt

 

They may also send you an INTERMEDIATE certificte. If needed, paste it into it's own file.

 

1.vi geotrust.crt

 

TELL THE SERVER WHERE TO FIND IT

 

1.config setprop modSSL crt /home/e-smith/ssl.crt/{domain}.crt
2.config setprop modSSL key /home/e-smith/ssl.key/{domain}.key
3.config setprop modSSL CertificateChainFile /home/e-smith/ssl.crt/{CA}.crt

 

APPLY THE CHANGES

 

1.signal-event domain-modify
2.signal-event email-update

 

Accept Certificate on Ipad, Accept Certificate on Iphone

If you have a certificate error for an email server, your IPOD/IPAD/IPHONE may not notify you of an issue, which doesn't allow you to click OK, which doesn't all you to get email. It simply says, "Cannot connect to server. Check the settings and try again."
1.on your Mac, go to the web site with the certificate issue (my issue was a name mismatch).
2.view the certificate.
3.trust the certificate.
4.open your Applications->Utilities->Keychain Access app.

find your mail server in the Name column. There may well be more than 1 entry. Find the entry that has “certificate” in the Kind column, and that has the most recent Expires date. This is the certificate you want.

 

1.right/control-click the certificate and choose Export “(mail server name)”: 
2.in the File Format dropdown, make sure you select Privacy Enhanced Mail (.pem) [NOT Certificate (.cer)]
3.save the file on your desktop.
4.attach it to a new mail message. Send the email to yourself.
5.on your iPhone/iPad/iPod touch, open the email. 
6.tap the attachment. This will open an Install Profile window.
7.tap the Install button to install the certificate on your device.

You should now find that you can send and receive email. If not, reboot your IPAD/IPHONE/IPOD.

To find the installed certificate, just tap Settings -> General -> Profile.

Logon failure: the user has not been granted the requested logon type at this computer

view source
1.go to the computer with the share
2.download the Windows Server 2003 Resource Kit Tools and install it: http://go.microsoft.com/fwlink/?LinkId=4544
3.click Start, All Programs, Windows Resource Kit Tools, Command Shell

Then enter the following commands. (Attention: they are case sensitive.)

1.net user guest /active:yes
2.ntrights +r SeNetworkLogonRight -u Guest
3.ntrights -r SeDenyNetworkLogonRight -u Guest

Tech Support Life

It's a Saturday on a holiday weekend. By 10am, I had more than 5 voicemail messages and 5 text messages. All "Little Stuff" that is sooooo important that it can't wait till the beginning of the next work week.

This is why I've pretty much exited personal tech support and why I'm moving into teaching.

Ohhh... Before I forget. Payment for today after working for 8 hours straight.... zero.

Windows 7 Won't Run EXE Files

Latest problem listed above on a Windows 7 machine. Here' how I fixed it:

01.-go to working computer
02.-click here: http://www.winhelponline.com/fileasso/exe_fix_w7.zip
03.-unzip the file: exe_fix_w7.reg
04.-copy to FLASH DRIVE (also known as a THUMB DRIVE)
05.-start problem PC in START MODE W NETWORKING
06.-plug in FLASH DRIVE
07.-press: CTRL-SHIFT-ESC
08.-hold: CTRL
09.-click FILE > NEW TASK (command box / shell prompt / black-scary-screen opens)
10.-type: F:
11.-type: REG IMPORT exe_fix_w7.reg
12.-that's it! You should be able to run EXE files now.

DDWRT Client Bridge Settings

Here's the simple steps to get a second DDWRT wirless unit to extend the orginial. Putting here so that I don't have to look it up again. I always seem to forget some of the settings.

FIND THE SIGNAL

wireless_find

  • -start from scratch. This means start with a plain jane vanilla ddwrt without any customized settings.
  • -login & change USERNAME & PASSWORD to something customized.
  • -click STATUS > WIRELESS.
  • -click SITE SURVEY (at the bottom).
  • -(a screen with a list of the wireless signals will show).
  • -find the one you want to extend.
  • -click JOIN (at the right).

WIRELESS SETTINGS

  • -(this will automatically fill in the BASIC SETTINGS for the wireless).
  • -wireless mode: client-bridge.
  • -wireless channel: match the channel on the main unit.
  • -click SAVE (at the bottom.)
  • -click WIRELESS SECURITY (at the top).
  • -security mode: (match the security mode on the main unit exactly including TKIP or AES. If a new setup use WPA PERSONAL AES).
  • -(note: cannot do WPA2 Personal Mixed).
  • -password: anything-of-your-choosing-thats-8-characters-long.
  • -click SAVE (at the bottom).

BASIC SETTINGS

  • -click SETUP
  • -connection type: disabled
  • -local ip address: 192.168.1.2
  • -subnet: 255.255.255.0
  • -gateway: 192.168.1.1
  • -local dns: leave-blank
  • -dhcp forwarder: 192.168.1.1
  • -click SAVE
  • -click ADVANCED ROUTING (at the top)
  • -operating mode: ROUTER
  • -click SAVE (at the bottom)

SECURITY SETTINGS

  • -click SECURITY
  • -find BLOCK WAN REQUESTS area
  • -checkmark FILTER MULTICAST
  • -uncheck everything else in the area
  • -spi firewall: disable
  • -click SAVE (at the bottom)

FINAL SETTINGS

  • -click ADMINISTRATION
  • -click SAVE (at the bottom)
  • -click APPLY SETTINGS (at the bottom)
  • -reboot router
  • -wait 3 minutes for everything to come back on and sync up.

CHECK TO SEE IF IT'S WORKING

  • -click STATUS > WIRELESS
  • -you'll be able to see the signal strength between the two units. If it's too low, move them closer together or in a more direct line of sight.

Rogue Infections Hiding Start Menu Shortcuts

Here's the deal. Fake infections on Windows XP & Windows 7 have been hiding folders in LOCAL DISK C.

Basically we have to unhide the hidden folders.

We also have to move the START MENU shortcuts back.

http://forums.malwarebytes.org/index.php?showtopic=85715&st=0&p=434006&#entry434006

The Conspiracy of Change


PICT0053My life has been turned upside down lately. It all started with my car. I needed to replace it. So I bought the same make and model but a different year. It's amazing how different user interface items change in the span of a few years. The cruise controls were different, the center console configuration was different and radio was different.

My family tried to convince me that these items were better but if you're like me, you know that this isn't true. They conspired with the car to accept it as better. But I didn't want to learn how to do something new. I already knew how to work all of those items just fine.

Then the same thing happened to my TV as Comcast changed the user interface on the cable box without asking me. The nerve of them! At least give me the option of going back to the old look and feel. Even the buttons on the remote don't respond the same.

Then it happened to my phone. The PalmPre was discontinued by Sprint so I took the opportunity to change to the most popular phone system, the Android on brand new 4G technology. I got a new larger screen, joining everyone else and of course a new user interface.

I gave it my best to adapt to the new controls that were supposed to be better and it shouldn't have been that hard. After all, I already knew how to use one smartphone, translating that knowledge to a new smartphone should be easy.

But I missed many of the features of the PalmPre. I didn't have buttons anymore, it was all on screen. Getting my clumsy thumbs to hit the letter I wanted proved to be too hard. This made the spell correction an absolute necessity. But it corrected many items incorrectly and in my tech world many items are spelled awkardly to begin with; OSX became "occasion". And my last name is my last name, whether I like the spelling or not isn't the point. Just stop asking me if I want to correct it. I don't.

This all lead up to making my texts & tweets incomprehensible. Everything from "Woof you call me?" to "I'll be huff in a boat 2 hores." (I'll be home in about 2 hours.) Nice upgrade.

The larger screen was nice. But was it too large. That whole item of being happy to see someone and pockets started to come to mind repeatedly. Also, when the onscreen keyboard was showing, the screen didn't seem to be that large anymore. It actually seemed smaller.

This larger screen lead to the battery dying by dinner. Bad for any family member trying to connect for the nightly ritual.

The worst of it was the user interaction. What took one gesture on the PalmPre (swipe to delete an email) now took 3 with the Android (read email, menu, delete). The simple measure of going back even with it's permanent button seemed to not take me where I wanted to go. And switching applications was a seemingly impossibility.

Combine this all together and I was missing texts, missing phone calls and missing family dinners.

I gave it my best go for two weeks. As soon as I hit the two week mark, I switched back to the PalmPre and WebOS. WebOS, you're my hero. Never did I miss my swiping so much.

EXE Files Won't Run (Windows cannot find the correct program... Choose a program from the list)

A round of malware has really turned up lately that once it's cleaned with Malware Malbytes, the computer won't run EXE files. It says, "Windows cannot find the correct program to open blahblah.exe, choose a program from the list."

Here's the fix (reformatted & reposted from http://support.microsoft.com/kb/555067)

  • -click START > RUN
  • -type "command.com", press Enter. (A DOS window opens.)
  • -type: "cd\", press Enter
  • -type "cd \windows" press Enter
  • -type: copy regedit.exe regedit.com, press Enter
  • -type regedit.com, press Enter
  • -navigate to and select the key: HKEY_CLASSES_ROOT\exefile\shell\open\command
  • -in the right pane, double-click the (Default) value.
  • -delete the current value data
  • -type: "%1" %*
    (quote-percent-one-quote-space-percent-asterisk)
  • -cose Regedit utility.

That should do it! You can now run EXE files again. If it still doesn't work, you may have to fix EXE file association with this zip file.

Then if SECURITY CENTER won't run AUTOMATIC UPDATES

  • -click START > RUN
  • -type:regsvr32 wuaueng.dll

AC97 Drivers Continuous Reboot and Won't Install

I hate drivers. I really do. Just wrestled with another AC97 (AC 97) REALTEK driver issue on an older computer with WINDOWS XP SP3.

The board was an INTEL D845GRG (audio was a 82801DB). The driver from REALTEK kept rebooting without finishing (WDM_A406) and the INTEL drivers kept saying, "DRIVER NOT FOUND" with the SOUNDMAX installs.

Here are the steps I used to get it fixed:

 

A patch is required before any of the HD device drivers are installed, but the patch will only go on XP SP2 computers. 

-right-click MY COMPUTER
-click MANAGE
-click DEVICE MANAGER (on the left-hand side)
-find SOUND, VIDEO, AND GAME CONTROLLERS
-under it, find the yellow exclamation point
-right-click yellow exclamation point
-click UNINSTALL

-click START > RUN
-type: regedit
-go to: HKLM\SYSTEM\CurrentControlSet\Control\Windows\CSDVersion
-change HEX VALUE TO: 200
-Restart your PC

-download kb888111xpsp2.exe
-install: kb888111xpsp2.exe
-download: Audio_eMachines_5.12.1.3571_XPx86_A.zip
-unzip: Audio_eMachines_5.12.1.3571_XPx86_A.zip
-run: SoundMAX_WDM_5_12_1_3571.exe
(the old driver is removed & new is downloaded)
(may have to manually run: DownloadedDriver_1-7-2005\Setup.exe)
-Restart your PC

-click START > RUN
-type: regedit
-go to: HKLM\SYSTEM\CurrentControlSet\Control\Windows\CSDVersion
-change HEX VALUE TO: 300
-Restart your PC

I'm putting this here so I never have to deal with it again.

Comcast Fiber Optic Upgrade

comcast_flyerI got a flyer in the mail from Comcast today. It headlines that they've "doubled [my] internet speeds." Further it claims that the fiber optic network in Jupiter, FL has been "enhanced." The flyer claims that speeds of up to 25Mbps are possible. All I have to do is "unplug [the modem] from the power source for ten minutes."

To the left, you can see a poor image of the flyer from my Palm Pre.

Cool. Rather than just giving it a shot, I'd thought I'd do a "live" before and after to see if it really works. I'll use Speedtest.net for my tests. Speedtest tries to measure your speed between your location and a server. Since the server location is important, I'll pick a server relatively close to me in Boca/ Miami about 60/90 miles away (rather than a server outside of the state of FL).

Before and after details are below:

comcast_speedtest

You can see before in February 2011 my speed was around 12.6Mbps. Now in April 2011 my speed is about 28.11Mbps.

Good enough for me. Thanks Comcast. This is faster than my T1 connections I have all over Palm Beach County and my Metro-e connection on PGA Blvd.

If you can get Comcast around here, it's a definite no brainer -yes!

Then why do I have a Metro-e? Good question. Because a Metro-e is guaranteed not to go down. Since the office has about 50 people working in it at all business hours and since the office processes more than 1billion dollars a year, it is worth it to spend extra to have peace of mind that the office won't have issues.

Compliance Services of 400 Capital Cir SE is a Scam

The COMPLIANCE SERVICES of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301 is a complete scam. The COMPLIANCE SERVICES of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301 is a complete farce. Do not do business with the COMPLIANCE SERVICES of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301.

State of Florida notifies that the Compliance Services of 400 Capital Cir SE is a Scam

You can see the official warning and consumer advisory posted by the State of Florida on their web site at http://sunbiz.org here. You can see they reinforce the fact that the COMPLIANCE SERVICES of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301 is a complete scam.

Lawyers in Florida notifies that the Compliance Services of Tallahassee, FL is a Scam

You can see other recent blog posts from licensed lawyers in Florida notifying businesses of the fact that the COMPLIANCE SERVICES of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301 is a complete scam here: http://www.floridaconsumerlawyerblog.com/2011/03/compliance-services-in-tallaha.html

In fact, in the above blog post quoted as saying, "Sarelson Law Firm is investigating a potential class action lawsuit on behalf of anyone who paid "Compliance Services" the $125 fee."

The Compliance Services of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301, is a company unrelated to the Florida Division of Corporations. They are sending out notices through the US Postal Service with a marking of "TIME SENSITIVE" concerning a $125 fee for annual corporate minutes. They try hard to make it look like an official letter from the State of Florida. They even put a due date on the letter.

Compliance Services of Tallahaee, FL 32301, is a company unrelated to the Florida Division of Corporations

Only people who read the fine print realize that the Compliance Services of 400 Capital Cir SE, Postal Mail Box 18321, Tallahaee, FL 32301, is a company unrelated to the Florida Division of Corporations.

However this is after the bolded headline which reads, "ANNUAL MINUTES REQUIREMENT STATEMENT DIRECTORS AND SHAREHOLDERS (Business Corporations)."

Jacksonville Times Union warns readers of the Compliance Services of Tallahassee, FL 32301

Even the Jacksonville Times Union is reporting on the story here: http://jacksonville.com/opinion/blog/400564/david-bauerlein/2010-04-25/letter-tallahassee-not-necessarily-state

Compliance Services of Tallahassee, FL Scamming People for Years

Apparently, this has been going on for quite some time as the following blog post is from 2009 and has more than 220 comments: http://scriptionary.com/2009/03/07/annual-minutes-requirement-scam/

They all echo the same concern. That the Compliance Services of 400 Capital Cir SE, Postal Mail Box 18321, Tallahaee, FL 32301, is a scam.

Compliance Services of Tallahassee, FL Scamming People in Other States

Click here to see how the Compliance Services of Tallahassee, FL is scamming people in other states:

http://www.ncnn.com/business/6646-state-stops-deceptive-mailings-to-businesses

Picture of the Compliance Services of Tallahassee, FL Scam Letter

Here is the letter JPG format of the Compliance Services of 400 Capital Cir SE, Postal Mail Box 18321, Tallahassee, FL 32301:

compliance_services

If this is all it takes to make some quick cash, I'm in the wrong business. I might as well start a company call the Computer Compliance Services and base it on 400 Capital Cir SE, Tallahassee, FL 32301.

Enough Proof that the Compliance Services of Tallahassee, FL is a Scam?

Hopefully, this page has provided enough proof that the Compliance Services of 400 Capital Cir SE, Postal Mail Box 18321, Tallahaee, FL 32301, is a scam.

Where Is This Going?

I have a friend who thinks that the push towards Apple desktops and laptops is just a fad. He really believes that in the long run, companies are not going to be able to incorporate Apple desktops into their businesses.

Will Macs Be Accepted in the Workplace?

I understand where he's coming from. He's in the banking business where people are traditional employees and the information belongs to the company. The company can't handle a dual environment between PC's and Mac's not because it's impossible but because it's one more thing.

Contrast From Apple

In contrast, Apple is citing that the PC era is over. They announced this at the launch of the iPad2 here:
http://finance.yahoo.com/news/Apples-Jobs-Says-iPad-2-Makes-paidcontent-407216748.html?x=0&.v=3

Basically they are saying that the era of keyboards and desktop towers are gone. Not needed. They are indicating that the "app stack" or applications like WORD, EXCEL, FILEMAKER PRO are not needed anymore. All of these types of applications are available on the web.

The Future is Uncertain

If you are like me, you're wondering where all this is going. And I'll tell you. I don't know.

Public Demand

It really has to do with how the general public accept these types of devices. Most companies will initially resist. Simply because, like my friend above, they are not sure if this is going to last. But if the pull is so strong that companies cannot ignore, they will incorporate items like iPads into their support systems.

You may have to learn something new, yet again. But it isn't that bad this time. You don't need that much dexterity. Everyone can point and click with their finger.

The Next 24 Months

We will see iPads invade the small workplace. They're fun, affordable and currently don't break. We don't have to deal with items like spyware, malware and TDSS rootkits. It might be an actual welcomed scenario.

Touchpad on HP G65

SITUATION

Just had a situation where the TOUCHPAD on an HP G65 laptop wasn't working. Here's the short answer.

SHORT ANSWER

  1. uninstall the drivers
  2. restart
  3. install drivers that came with laptop: c:\swsetup\drivers\touchpad
  4. restart
  5. click CONTROL PANEL > MOUSE. You should be able to enable the touchpad (LuxPad) in there somewhere.

LONG ANSWER

Initially, I updated the drivers to the newest on the hp.com/support website. That didn't work. Then I tried to use the drivers directly from SYNAPTIC website. That didn't work.

The light in the upper-left wasn't working at all, so I thought it was a hardware issue. I finally tried the drivers that came with the laptop. Bingo. It's just bad drivers.

You'd think by 2011 these things would get easier. Shees.

FINAL SOLUTION

Buy a DELL LATITUDE if you're going Windows. Click here to see how: http://screenr.com/xVG

PS -I am no way affiliated with DELL, it's just a recommendation from experience. You don't have these types of issues. Spending 1 hour on a trackpad is ridiculous.

The Rise of the Browser

I've started to see it happen across offices for quite some time now. The rise of the web. This means that you no longer sit at your computer to get access to desktop applications like Word, Excel and Photoshop. And, oh yeah, by the way, that icon is for web sites.

Now you sit at a computer primarily for web sites. Photoshop is being replaced with sites like Aviary.com. MS Office is quickly being replaced with items like Google Docs. And when was the last time the general public used anything but web email?

What's interesting about all of this is that you don't need a very powerful computer to run a browser. Web masters are going to make their sites accessible for most popular browsers: Internet Explorer, Firefox, Chrome, Safari. Most of us do this with our smart phones.

But what should lengthen the lifespan of the computer will make it a target for extinction by Microsoft.

MS is primarily in the business to sell operating system (OS) licenses. Knowing that the browser is being all important, the next version of Internet Explorer (IE) v9 will not work on Windows XP. This forces an upgrade to Windows 7 for any industry that relies on ACTIVE X controls.

How Much Does Metro-E Cost?

connection_costs

While we talked about 4 different types of popular internet connections, we didn't talk about the costs for small and medium sized companies.

As you can see above, the Metro-E is the most expensive and having a business fork over this amount of money every month just for an internet connection that only costs $45 at home is sometimes difficult.

I would like to make a few points. First, Metro-E's are dedicated connections. Again, this means they never go out. This is huge for a business that determines an internet connection is vital to the mission of the business.

Let me help you determine if the cost is worth it for your business. Use your imagination. Let's say your have an office of 10 people. And the internet goes out. It's out for 5 hours. How much did that cost you in terms of labor and lost productivity? Did you lose a client? Did someone not get paid through accounting? Did an employee talk on the phone and pass to a client that "they always have internet problems" putting a bad mark in the client's mind?

At what point does it make sense for the business to sign a 36 month contract for this type of internet service? This is something that only you can determine.

If you'd like an internet connection specialist to talk to, let us know and we'll be glad to look at the specifics of your situation.

What is 4G?

4G is goodI forgot one connection type from earlier that I should mention. It's called 4G. Yup the cell phones. But also, the internet service through small 4G devices.

4G means 4th generation. It is in fact a type of wireless internet. Just like you may have wireless internet at your home that covers a certain area (your living room), 4G is a wireless internet that covers a huge area (your town). This is also known as WiMax

The difference here is that the wireless in your home just needs a password, sometimes called key, to connect and the 4G needs a certain device and authorization from the provider.

What's nice about 4G is that is connects not just one device but up to 8 devices at the same time. It is a mobile hotspot. This means anywhere I have the device I can connect my laptop to the internet. Basically, as long as I have my phone and my laptop together, I can connect. And it's fast in 4G areas like Palm Beach Gardens but not 3G areas like Jupiter.

I actually have one office running off of a 4G connection. The problem was that a temporary office was opening and they didn't have internet. Getting internet would take a few days around the Christmas season and result in the office missing a key sales period. The location manager just couldn't accept that.

Since the office was only going to be open 12 weeks and that there would only be a maximum of 3 people in the office, I setup a 4G connection.

The success is marginal because it's in a 3G area in the Wellington Mall. But at least it works. The speed at the location is about 245kbps.

What is A Metro-E

I manage over 50 internet connections. The question I get asked all the time is, "Can I get faster internet?"

"Of course!" I replied. And I continued to explain their options. Here's the breakdown on internet connections.

First of all, we measure internet connections through download speed in what's called kbps or kilobits per second. The higher the number the faster the service.

DSL: This internet comes through the phone company. In our part of the world this is ATT/Bellsouth/Yahoo. DSL varies in speed depending on equipment in your area and how close you are to that equipment. Typically in my experience, DSL is around 1000kbps or 1Mbps.

CABLE: This internet comes through the cable company. In our area, this is Comcast (used to be Adelphia). Cable internet is currently king for most residences and in my recent tests gets a whopping 12,600kbps (or 12.6Mbps). That's fast!

The problem with two options above is... they are not available everywhere. For example on PGA Blvd, they are not available to businesses. This means that if you want the service, you cannot purchase it. You cannot pay the companies to install it. You cannot have what you have at home, in the office. It no-o exist-o.

One more item you should know about them. They are not guaranteed services. This means they can go out for any reason at any time. When will it be back up? Who knows. Sometimes a few hours, somestimes a few days. In one experience I had, it was over 30 days before the DSL was up at a business location. The longest I ever had Cable out was for over a week.

So companies offer guaranteed services. These are services that are guaranteed to be on all the time. That's 100% of the time. Businesses like that. There's nothing worse than paying 30 people in an office with no internet. It's office gossip time as soon as it goes out.

T1: This internet is from the phone company. It is available everywhere. The speed on this is 1,500kbps (or 1.5Mpbs). Sometimes if a T1 isn't fast enough businesses will purchase two T1's and join them together.

Metro-E: This internet is is becoming the preferred choice of services for businesses. A Metro-E is in fact a partial fiber line. This is also known as an optical cable line (OC line). But fiber is so fast, that they limit it's speed. The speed on this is 10,000kpbs (10Mbps). That's screaming fast!

Full fiber line or OC lines are also available. Unfortunately, I only know a handful of companies that have this in the Palm Beach County area. Usually limited to large office complexes, hospitals, schools and the like. I can't comment on them because my interaction has been limited.

Internet Speed

What is A Metro-E

I manage over 50 internet connections. The question I get asked all the time is, "Can I get faster internet?"

"Of course!" I replied. And I continued to explain their options. Here's the breakdown on internet connections.

First of all, we measure internet connections through download speed in what's called kbps or kilobits per second. The higher the number the faster the service.

DSL: This internet comes through the phone company. In our part of the world this is ATT/Bellsouth/Yahoo. DSL varies in speed depending on equipment in your area and how close you are to that equipment. Typically in my experience, DSL is around 1000kbps or 1Mbps.

CABLE: This internet comes through the cable company. In our area, this is Comcast (used to be Adelphia). Cable internet is currently king for most residences and in my recent tests gets a whopping 12,600kbps (or 12.6Mbps). That's fast!

The problem with two options above is... they are not available everywhere. For example on PGA Blvd, they are not available to businesses. This means that if you want the service, you cannot purchase it. You cannot pay the companies to install it. You cannot have what you have at home, in the office. It no-o exist-o.

One more item you should know about them. They are not guaranteed services. This means they can go out for any reason at any time. When will it be back up? Who knows. Sometimes a few hours, somestimes a few days. In one experience I had, it was over 30 days before the DSL was up at a business location. The longest I ever had Cable out was for over a week.

So companies offer guaranteed services. These are services that are guaranteed to be on all the time. That's 100% of the time. Businesses like that. There's nothing worse than paying 30 people in an office with no internet. It's office gossip time as soon as it goes out.

T1: This internet is from the phone company. It is available everywhere. The speed on this is 1,500kbps (or 1.5Mpbs). Sometimes if a T1 isn't fast enough businesses will purchase two T1's and join them together.

Metro-E: This internet is is becoming the preferred choice of services for businesses. A Metro-E is in fact a partial fiber line. This is also known as an optical cable line (OC line). But fiber is so fast, that they limit it's speed. The speed on this is 10,000kpbs (10Mbps). That's screaming fast!

Full fiber line or OC lines are also available. Unfortunately, I only know a handful of companies that have this in the Palm Beach County area. Usually limited to large office complexes, hospitals, schools and the like. I can't comment on them because my interaction has been limited.

Internet Speed

Why Do I Always Have Trouble With iFax After Upgrading The Kernel

Dialogic Brooktrout TR1034_8I always have trouble with iFax after I upgrade the kernel on my RedHat fax server. Here are my notes to upgrade the Brooktrout / Cantana / iFax / Hylafax / Dialogic / bt-tr1034 driver.

Stop BT service:

service bt-tr1034 stop

The kernel-smp version, the kernel-smp-devel version must match.

Check kernel version:

uname -a
|Linux server 2.6.9-89.31.1.ELsmp #1 SMP Tue Oct 19 17:42:26 EDT 2010 i686 i686 i386 GNU/Linux

Check the kernel-devel version:

rpm -qa |grep kernel-smp-devel |kernel-smp-devel-2.6.9-89.33.1.EL

The kernel-smp will probably be upgraded via YUM automatically. But the kernel-smp-devel may need manual intervention.

Uninstall any unmatching version:

yum remove kernel-smp-devel-2.6.9-89.33.1.EL

Install a matching version:

yum install kernel-smp-devel-2.6.9-89.31.1.EL

Verify RedHat Release:

echo "Red Hat Enterprise Linux ES release 4" > /etc/redhat-release

Make BT Driver:

cd /var/spool/hylafax/bt/tr1034/driver
make -f Makefile.kerndep INSTALLED_ARCH=i686

Start BT service:

service bt-tr1034 start

Verify everything is working ok. If not, it'll show here:

cat /var/spool/hylafax/tmp/ecc_trace.txt
faxstat

Why Do I Always Have Trouble With iFax After Upgrading The Kernel

Dialogic Brooktrout TR1034_8I always have trouble with iFax after I upgrade the kernel on my RedHat fax server. Here are my notes to upgrade the Brooktrout / Cantana / iFax / Hylafax / Dialogic / bt-tr1034 driver.

Stop BT service:

service bt-tr1034 stop

The kernel-smp version, the kernel-smp-devel version must match.

Check kernel version:

uname -a
|Linux server 2.6.9-89.31.1.ELsmp #1 SMP Tue Oct 19 17:42:26 EDT 2010 i686 i686 i386 GNU/Linux

Check the kernel-devel version:

rpm -qa|grep kernel-smp-devel
|kernel-smp-devel-2.6.9-89.33.1.EL

The kernel-smp will probably be upgraded via YUM automatically. But the kernel-smp-devel may need manual intervention.

Uninstall any unmatching version:

yum remove kernel-smp-devel-2.6.9-89.33.1.EL

Install a matching version:

yum install kernel-smp-devel-2.6.9-89.31.1.EL

Verify RedHat Release:

echo "Red Hat Enterprise Linux ES release 4" > /etc/redhat-release

Make BT Driver:

cd /var/spool/hylafax/bt/tr1034/driver
make -f Makefile.kerndep INSTALLED_ARCH=i686

Start BT service:

service bt-tr1034 start

Verify everything is working ok. If not, it'll show here:

cat /var/spool/hylafax/tmp/ecc_trace.txt
faxstat

What is a T1?

internetRecently I was at a medical office in Stuart. The office was sending huge x-ray images to various places. The issue was sending the files was taking forever.

They couldn't understand why it was taking so long because they had a DSL. I asked it they ever considered a T1? They said they didn't understand what a T1 was compared to their DSL line.

Great question.

Internet connections are measured in two ways; download speed (or receiving speed) and upload speed (or sending speed).

Download speed is the speed by which we surf the internet. Your laptop is getting information from somewhere else. Complaints asking why the internet is so slow is always download speed.

Upload speed is the speed by which we send emails. Your laptop is sending information to somewhere else. This is why their complaint about slow in sending prompted me to inquire about a T1 consideration.

Furthermore, we measure speeds in megabits, Mbp, (not megabytes, MB, like we normally do). Here's how the connections stack up.

Their DSL was a 6Mbps. This is a 6Mbps maximum download speed. Upload speed probably around 0.250 Mbps.

Their T1 is going a to be 1.5Mbps. Upload speed is going to be 1.5Mbps. This is a 500% increase over a DSL line in upload speed. Giving the best chance at sending the xray images.

The most important factor of T1 is that it is guaranteed. This means it is guaranteed to be running all the time. Worries about their internet going down like it did in the past won't be an issue anymore.

After explaining the differences, we'll be installing a T1 at their office this week.

DDWRT Wireless Client Bridge

ddwrtAt an office on Palm Beach at the Paramount building has 2 separate spaces; one downstairs and one upstairs. The problem is how do I get the T1 internet I installed downstairs and bring it upstairs?

It may seem simple but consider this. Because the space was never intended to be used this way, there is no existing wiring in place to link the offices together. Also, the Paramount is a registered historic building, meaning that most of the additional low voltage wiring is exposed. Running a cable from downstairs to upstairs is possible but also tedious and tacky.

I always like to use a Wireless Client Bridge. It's perfect for these situations. It links 2 places together through wireless. To be clear, this means that the second place has no internet connection in the wall. The internet connection will come into the second office from the wireless.

I've done this a bunch of times; at an airplane broker, at homes where the wireless signal is just too weak for full coverage and at another historic building in downtown Stuart.

The trick is that the wireless signal and settings must be exactly the same. Well, I usually setup WPA + WPA2 AES+TKIP for ease of use for the laptops. To my dismay, this caused the wireless bridge not to work. Apparently, it couldn't negotiate between WPA + WPA2. I, of course, didn't know this.

So after an extra hour reflashing both routers and configuring the settings, I dropped the security to WPA-AES. Worked like a charm.

Internet can be used upstairs through a few CAT cables and the wireless if needed.

DDWRT Wireless Client Bridge

ddwrtAt an office on Palm Beach at the Paramount building has 2 separate spaces; one downstairs and one upstairs. The problem is how do I get the T1 internet I installed downstairs and bring it upstairs?

It may seem simple but consider this. Because the space was never intended to be used this way, there is no existing wiring in place to link the offices together. Also, the Paramount is a registered historic building, meaning that most of the additional low voltage wiring is exposed. Runing a cable from downstairs to upstairs is possible but also tedious and tacky.

I always like to use a Wireless Client Bridge. It's perfect for these situations. It links 2 places together through wireless. To be clear, this means that the second place has no internet connection in the wall. The internet connection will come into the second office from the wireless.

I've done this a bunch of times; at an airplane broker, at homes where the wireless signal is just too weak for full coverage and at another historic building in downtown Stuart.

The trick is that the wireless signal and settings must be exactly the same. Well, I usually setup WPA + WPA2 AES+TKIP for ease of use for the laptops. To my dismay, this caused the wireless bridge not to work. Apparently, it couldn't negotiate between WPA + WPA2. I, of course, didn't know this.

So after an extra hour reflashing both routers and configuring the settings, I dropped the security to WPA-AES. Worked like a charm.

Internet can be used upstairs through a few CAT cables and the wireless if needed.

The Power of a RedHat Server

Redhat_LogoThe week after Christmas is a great time to clean up and plan for the next year. I was going through some old info from a few years ago and pulled out a sheet I printed up. It goes something like this:

  • 1 Server
  • P4 3.0Ghz
  • 1GB ram
  • 663 users
  • 53 websites

And it was running on a T1 (or 1.44Mbps) at the time which happened to be the slow point in whole scenario.

Now the servers are hosted at a datacenter with redundant fiber connections and the office location where the server was has a Metro E (11.00Mbps), which is a partial fiber line.

So what's the point? The point is you can host a whole lot of web sites and users on relatively old computer if you know what you are doing.

Another point is, if you're a serious business, have a serious business equipment at a serious business datacenter. It isn't worth it to try and save costs. That document was the goad to rouse me and move the servers to a datacenter.

A last point is, I love a supported Linux. This particular flavor was a RedHat server.

Panda Cloud Antivirus

Panda Cloud AntivirusAfter 10 years of being dedicated to AVG antivirus, I've finally decided to try something new. There are a few reasons that lead me to choose this.

AVG antivirus was wonderful a few years ago. It fit all the requirements: small, unobtrusive, lightweight in terms of system resources and it actually worked catching viruses. Also it had the correct economics, free for home users and business bulk packs for small businesses with servers.

Over the years, AVG has become bloated. Going from 31MB in v7.5 to a whopping 141MB in the latest v10. Downloading the package takes awhile on business T1's and goes against our core beliefs. Adding an extra 10-20 minutes just to download something doesn't thrill us.

AVG has become obtrusive. It's continuous nagging messages about upgrading to pro and trying out system speed is pure tricks to the unknowing, fooling them into paying for unnecessary items.

AVG has become a burden. On more than one occasion, AVG doesn't install correctly, zarks the install and removal can be a lengthy process. This is on top of the already lengthy install process. The system resources needed to run AVG has also increased becoming a burden on the system.The system dogs and pants every time a scan is run. Not cool.

Lastly AVG is unable to catch the TDSS rootkit. Despite saying it catches rootkits, AVG doesn't. This requires other tools like ComboFix. The problem is ComboFix doesn't work with AVG, requiring an AVG uninstall, ComboFix run and AVG reinstall. Again, not cool.

At the suggestion of Majorgeeks.com, I've decided to try Panda Cloud Antivirus. It meets all the original requirements: small, unobtrusive, lightweight in terms of system resources and it actually works catching viruses.

Panda is a small 31MB and downloads in a few seconds. I like that.

The install process is a breeze and doesn't try to upsell you on anything.

It is a server/client system. Unlike traditional server client systems, the server is Panda's server, making this the first cloud antivirus available.

The Cloud Antivirus is unobtrusive. This means no nagging messages after installation.

Panda's pricing is right with a free version and a professional version for those in need.

Others seem to agree. Here's a poll about who's switching to Panda: http://www.cloudantivirus.com/forum/poll.jspa?pollID=50108

I'm just excited I get a large part of my day back as service calls have just become shorter. Hopefully this doesn't turn into longer calls as I have to see for myself about its virus catching quality. Wish me luck.

Panda Cloud Antivirus

Panda Cloud AntivirusAfter 10 years of being dedicated to AVG antivirus, I've finally decided to try something new. There are a few reasons that lead me to choose this.

AVG antivirus was wonderful a few years ago. It fit all the requirements: small, unobtrusive, lightweight in terms of system resources and it actually worked catching viruses. Also it had the correct economics, free for home users and business bulk packs for small businesses with servers.

Over the years, AVG has become bloated. Going from 31MB in v7.5 to a whopping 141MB in the latest v10. Downloading the package takes awhile on business T1's and goes against our core beliefs. Adding an extra 10-20 minutes just to download something doesn't thrill us.

AVG has become obtrusive. It's continuous nagging messages about upgrading to pro and trying out system speed is pure tricks to the unknowing, fooling them into paying for unnecessary items.

AVG has become a burden. On more than one occasion, AVG doesn't install correctly, zarks the install and removal can be a lengthy process. This is on top of the already lengthy install process. The system resources needed to run AVG has also increased becoming a burden on the system.The system dogs and pants every time a scan is run. Not cool.

Lastly AVG is unable to catch the TDSS rootkit. Despite saying it catches rootkits, AVG doesn't. This requires other tools like ComboFix. The problem is ComboFix doesn't work with AVG, requiring an AVG uninstall, ComboFix run and AVG reinstall. Again, not cool.

At the suggestion of Majorgeeks.com, I've decided to try Panda Cloud Antivirus. It meets all the original requirements: small, unobtrusive, lightweight in terms of system resources and it actually works catching viruses.

Panda is a small 31MB and downloads in a few seconds. I like that.

The install process is a breeze and doesn't try to upsell you on anything.

It is a server/client system. Unlike traditional server client systems, the server is Panda's server, making this the first cloud antivirus available.

The Cloud Antivirus is unobtrusive. This means no nagging messages after installation.

Panda's pricing is right with a free version and a professional version for those in need.

Others seem to agree. Here's a poll about who's switching to Panda: http://www.cloudantivirus.com/forum/poll.jspa?pollID=50108

I'm just excited I get a large part of my day back as service calls have just become shorter. Hopefully this doesn't turn into longer calls as I have to see for myself about its virus catching quality. Wish me luck.

Wireless For A Condo Building On Palm Beach

Recently a condo building on Palm Beach asked us how much it would cost to provide wireless internet to the building.

The idea here is that it's silly for all of them to pay internet separately ($40 * 100 = $4000). If they can share one internet connection, it will save them money ($x * 1 = $1x). As an added bonus they'll be able to do surf the web while at the community pool.

I wrote the response privately but decided to post the majority of it in case anyone else in the world is interested:

A hard quote can't be provided until a site survey is done. But here's a soft quote so everyone know what's involved.

There are 4 main parts to providing wireless for the building:

1. Internet Connection
One internet connection will be shared for everyone. The speed of this connection depends on the number of people using the internet and what they are using it for. COMCAST should be OK for regular office surfing and email. But some offices need an upgraded internet to a fractional optical cable / fiber line called a METRO E.
COMCAST: $100 per month approx
METRO E: $1,350 per month approx (36 month contract required)

2. Wireless Antennas & Network Equipment
Wireless antennas have to be place through out the building. These vary in cost depending on brand. Cisco enterprise equipment is on the high end at about $1000 per unit and small office equipment is on the lower end at about $150. The number of units required depends on the building itself. I'm guessing around: 15 units
CONSUMER-GRADE: $2,250
CISCO: $15,000
Other required network equip: $1,000

3. Wiring
The wireless units need to be actually wired together and meet at a central location. If no existing wiring is in place, then it will have to be installed. Ballpark is $250 per connection.
CONNECTION DROPS: $3,750

4. Configuration Service
After the internet is installed, the equipment is in hand and wiring is in place, the whole system needs to be setup correctly, taking a full day. Sometimes further support is needed for customer help (upgrading outdated wireless drivers).
SERVICE: $600
EXTEND: $600

To give a couple of scenarios...
One Palm Beach apartment complex used a DSL connection they had in place. They used 6 consumer-grade wireless units to keep costs low. They had their own on-site handyman wire the building. So the total cost was minimal about $1,500.

Another complex had a site survey done for 3 buildings. They needed all of the above. The total quote was around $37,000 and the project was scrapped.

A community center on PGA Blvd (45,000 sq ft) used an existing T1 internet connection (around $500 per month). The Cisco equipment, wiring and configuration cost around $10,000.

Pursuing wireless for a condo building on Palm Beach is a decision each community will have to face depending on complex layout and funds available.

Replace Dated Hardware

It isn't worth it to deal with hardware problems. Combine this principle with the others I've stated like time is the most precious resource and the Murphy's law principle from last time and you'll appreciate this story.

I had a recent snowbird, from Manhattan, in BallenIsles. A simple call to setup a monitor, nothing big.

Monitor setup was no problem. Windows XP starts to boot then fails and begins to endlessly reboot. I try everything I can think of, safe mode, last known good config, boot into BartPE, boot into Knoppix and I even try a repair install. All end in the same result. Endlessly rebooting. Yes, even the repair install.

What do I do? A simple monitor install has turned into a service call worst disaster. After an hour and a half of tinkering, I have a total loss of everything.

I buy off lease systems in bulk and keep them around for fast office setups. They are about 2 years old, Dell Optiplex systems. Total cost of each system is barely over $100.

I run out back to my office, grab one of the systems and put it in place of the troubled item. Transfer over the user profile and finally call it a day.

Total service time was 3 hours. Which is a loss for me as I charge by the job and not by the hour.

The win here is that the issue was fixed as fast as possible and the client was relatively happy.

Move Past Murphy

I can't explain it. I wish I really could but I can't.

Murphy's Law is a common adage that says, "Anything that can go wrong, will go wrong."

With over a decade of hands on technology experience, I can tell you that's it's true.

This past week, a client had battery backups in place to keep the internet connection alive at all times. The network equipment is secured behind lock and key however the power extends beyond that secured area. Guess which plug the night time cleaning crew unplugs to get power for their vacuum? And it's a Friday night meaning no one knows until Saturday morning. I can't explain it. I wish I really could but I can't.

My advice is to have systems in place that cannot fail.

Pay extra when the space is being built out to have everything wired correctly and centralized in a logical place.

For network equipment and servers, make sure you have adequate battery backup power. Be certain they are on a scheduled maintenance plan meaning you have the equipment switched every 24-48 months rather than waiting for the batteries to fail.

Also make sure· the systems are behind lock and key of some type. You wouldn't believe the number of times an unqualified employee tries to fix "slow internet" causing even further damage. Don't even give them that chance.

Even with all this preparation, you may find yourself saying to yourself, I can't explain it. I wish I really could but I can't.

Move Past Murphy

I can't explain it. I wish I really could but I can't.

Murphy's Law is a common adage that says, "Anything that can go wrong, will go wrong."

With over a decade of hands on technology experience, I can tell you that's it's true.

This past week, a client had battery backups in place to keep the internet connection alive at all times. The network equipment is secured behind lock and key however the power extends beyond that secured area. Guess which plug the night time cleaning crew unplugs to get power for their vacuum? And it's a Friday night meaning no one knows until Saturday morning. I can't explain it. I wish I really could but I can't.

My advice is to have systems in place that cannot fail.

Pay extra when the space is being built out to have everything wired correctly and centralized in a logical place.

For network equipment and servers, make sure you have adequate battery backup power. Be certain they are on a scheduled maintenance plan meaning you have the equipment switched every 24-48 months rather than waiting for the batteries to fail.

Also make sure· the systems are behind lock and key of some type. You wouldn't believe the number of times an unqualified employee tries to fix "slow internet" causing even further damage. Don't even give them that chance.

Even with all this preparation, you may find yourself saying to yourself, I can't explain it. I wish I really could but I can't.

TDSS

I ran into 3 TDSSvirus infections yesterday. All at separate locations. This is despite the computers having antivirus up and running.

The only tools that I know of to get rid of TDSS infections are:

TDSS REMOVAL STEP 1

  • -Boot into SAFE MODE WITH NETWORKING
  • -Download Dr Web from above.
  • -Close out of everything.
  • -Run the program.

TDSS REMOVAL STEP 2

  • -Stay in SAFE MODE
  • -Download TDSS Killer from above.
  • -Close out of everything.
  • -Run the program.

The Power of a RedHat Server

Redhat_LogoThe week after Christmas is a great time to clean up and plan for the next year. I was going through some old info from a few years ago and pulled out a sheet I printed up. It goes something like this:

  • 1 Server
  • P4 3.0Ghz
  • 1GB ram
  • 663 users
  • 53 websites

And it was running on a T1 (or 1.44Mbps) at the time which happened to be the slow point in whole scenario.

Now the servers are hosted at a datacenter with redundant fiber connections and the office location where the server was has a Metro E (10.00Mbps), which is a partial fiber line.

So what's the point? The point is you can host a whole lot of web sites and users on relatively old computer if you know what you are doing.

Another point is, if you're a serious business, have a serious business equipment at a serious business datacenter. It isn't worth it to try and save costs. That document was the goad to rouse me and move the servers to a datacenter.

A last point is, I love a supported Linux. This particular flavor was a RedHat server.

TDSS

I ran into 3 TDSSvirus infections yesterday. All at separate locations. This is despite the computers having antivirus up and running.

The only tools that I know of to get rid of TDSS infections are:

TDSS REMOVAL STEP 1

  • -Boot into SAFE MODE WITH NETWORKING
  • -Download Dr Web from above.
  • -Close out of everything.
  • -Run the program.

TDSS REMOVAL STEP 2

  • -Stay in SAFE MODE
  • -Download TDSS Killer from above.
  • -Close out of everything.
  • -Run the program.

Hardware Choice

The most frustrating aspect of technology is getting it to work the way it's supposed to.

Recently I was at a legacy client's condo on Palm Beach, waterfront views on 3 sides. They had a remote that couldn't control the volume on a tv. OK, first, it seems like it should be an easy type of issue. There are remotes that go through this everyday and get fixed easily. Secondly, these are high-end items. It wasn't like it was a remote and tv that can be bought at your local Walgreens.

Yet there the client was, hiring an audio/visual expert, not me mind you, get it fixed. The hired help was explaining how it just wasn't going to work. Not the words you ever want to speak or hear.

This is why hardware choice is so important. It goes back to our goal of reliable productivity in the shortest amount of time. I thought I'd list out my hardware choices for everyone to see. Feel free to disagree, this is what I've found to be most stable in my experience:

  • Dell Optiplex: moving to the Optiplex series automatically cut my issue list in half. In general, they are stable.
  • Macbook Pro: for those who must go Mac. Don't even consider the younger brother of the generic Macbook.
  • Asus RT-N16: this router has more memory & processing power to run without ever locking up. Plus it's wireless N and gigabit.
  • Canon Multifunction: I've been around the world on this one. Canon is the only small office MFP I trust. That is until you get to the large MFP's.
  • Netgear Gigabit Switches: reliable and affordable. I never had an issue.

Hardware Choice

The most frustrating aspect of technology is getting it to work the way it's supposed to.

Recently I was at a legacy client's condo on Palm Beach, waterfront views on 3 sides. They had a remote that couldn't control the volume on a tv. OK, first, it seems like it should be an easy type of issue. There are remotes that go through this everyday and get fixed easily. Secondly, these are high-end items. It wasn't like it was a remote and tv that can be bought at your local Walgreens.

Yet there the client was, hiring an audio/visual expert, not me mind you, get it fixed. The hired help was explaining how it just wasn't going to work. Not the words you ever want to speak or hear.

This is why hardware choice is so important. It goes back to our goal of reliable productivity in the shortest amount of time. I thought I'd list out my hardware choices for everyone to see. Feel free to disagree, this is what I've found to be most stable in my experience:

  • Dell Optiplex: moving to the Optiplex series automatically cut my issue list in half. In general, they are stable.
  • Macbook Pro: for those who must go Mac. Don't even consider the younger brother of the generic Macbook.
  • Asus RT-N16: this router has more memory & processing power to run without ever locking up. Plus it's wireless N and gigabit.
  • Canon Multifunction: I've been around the world on this one. Canon is the only small office MFP I trust. That is until you get to the large MFP's.
  • Netgear Gigabit Switches: reliable and affordable. I never had an issue.

My Favorite Thing

Every once in awhile I get the opportunity to hear John Maxwell speak live. This started when I was attending Liberty University in the 90's and now our paths cross again in the 10's.

Recently, as he was explaining the importance of attitude, he demonstrated through the diary of a dog vs a cat. Here's the jist from my memory:

A Dog Diary

  • 9am feeding... my favorite thing.
  • 10am walk... my favorite thing.
  • 11am nap... my favorite thing.
  • 12pm watch cars at the door... my favorite thing.
  • 1pm sit next to owner... my favorite thing.

A Cat Diary

  • Day 1057 of my captivity.
  • My captures still insist on tormenting me by dangling string in my face. 

As a dog owner, I laugh every time I think about it.

I thought I'd list out my favorite things:

  • HijackThis: The first line to discovering malware on a PC. I've been using it for years. It really takes an outside tool to see eveything starting up on your PC. Sillyness.
  • Malwarebytes: This handy tools gets the majority of general malware on PC's. Run it in SAFE MODE. I'll let you know if I ever become a partner.
  • DrWeb: The only tool I know of that will fix the TSSD infection.
  • ComboFix: Fixing rootkits and the TDSServ/vundo infection.
  • MacBook Pro: Because it doesn't need any of the above. I was driven to having one because the thought of ever fixing another computer made me sick. I've never had to service it since I've owned it. 
  • VI: VI is a text editor that has been around since the 70's. Color coded to easily spot errors. Learn it once and use it forever. My geekyness comes out by listing this.

You can see the list above ties directly into my conclusion. They fix problems fast, increases productivity and saves time.

My Favorite Thing

Every once in awhile I get the opportunity to hear John Maxwell speak live. This started when I was attending Liberty University in the 90's and now our paths cross again in the 10's.

Recently, as he was explaining the importance of attitude, he demonstrated through the diary of a dog vs a cat. Here's the jist from my memory:

A Dog Diary

  • 9am feeding... my favorite thing.
  • 10am walk... my favorite thing.
  • 11am nap... my favorite thing.
  • 12pm watch cars at the door... my favorite thing.
  • 1pm sit next to owner... my favorite thing.

A Cat Diary

  • Day 1057 of my captivity.
  • My captures still insist on tormenting me by dangling string in my face. 

As a dog owner, I laugh every time I think about it.

I thought I'd list out my favorite things:

  • HijackThis: The first line to discovering malware on a PC. I've been using it for years. It really takes an outside tool to see eveything starting up on your PC. Sillyness.
  • Malwarebytes: This handy tools gets the majority of general malware on PC's. Run it in SAFE MODE. I'll let you know if I ever become a partner.
  • DrWeb: The only tool I know of that will fix the TSSD infection.
  • ComboFix: Fixing rootkits and the TDSServ/vundo infection.
  • MacBook Pro: Because it doesn't need any of the above. I was driven to having one because the thought of ever fixing another computer made me sick. I've never had to service it since I've owned it. 
  • VI: VI is a text editor that has been around since the 70's. Color coded to easily spot errors. Learn it once and use it forever. My geekyness comes out by listing this.

You can see the list above ties directly into my conclusion. They fix problems fast, increases productivity and saves time.

Best Time To Buy

The best time to buy new hardware is early December and late July. Why? Good question.

Early December because of it's proximity to Christmas on the 25th. What happens here is that companies like to hit certain production numbers on a month by month basis. By their nature, they are optimists and usually set the numbers high. When they realize that they won't hit the numbers they set themselves, they start offering discounts to easily obtain those numbers. Or if they will hit the numbers, they like to surpass them and the same situation occurs.

You want to buy early in the month because the manufacturer doesn't receive credit until the package is shipped and received. To be able to be certain that the package is received by the 25th, they'll offer discount usually the first or second weekend in December. It will be one or two days only and it will be internet only. It happens every year.

Late July is a good time to buy as well because students go back to school in mid to late August. Most students are thinking, "Hey, I go back in 3 weeks, I need a laptop." If they aren't thinking that then the parents are.

Late July is better than August because the manufacture knows they won't be able to get all of August, so they shoot for July.

This happened when I manned the Gateway Country stores year after year and it still happen today but in online fashion.

Best Time To Buy

The best time to buy hardware is early December and late July. Why? Good question.

Early December because of it's proximity to Christmas on the 25th. What happens here is that companies like to hit certain production numbers on a month by month basis. By their nature, they are optimists and usually set the numbers high. When they realize that they won't hit the numbers they set themselves, they start offering discounts to easily obtain those numbers. Or if they will hit the numbers, they like to surpass them and the same situation occurs.

You want to buy early in the month because the manufacturer doesn't receive credit until the package is shipped and received. To be able to be certain that the package is received by the 25th, they'll offer discount usually the first or second weekend in December. It will be one or two days only and it will be internet only. It happens every year.

Late July is a good time to buy as well because students go back to school in mid to late August. Most students are thinking, "Hey, I go back in 3 weeks, I need a laptop." If they aren't thinking that then the parents are.

Late July is better than August because the manufacture knows they won't be able to get all of August, so they shoot for July.

This happened when I manned the Gateway Country stores year after year and it still happen today but in online fashion.

The Conclusion

Like all good stories, this one is going to end where it begins. So I figured I just give you the end before I begin to give details. Over the past decade of helping people out I've eventually have come to a few conclusions. Here are the two most important conclusions.

Technology is for productivity.

It exists for our sake. We do not exist for technology's sake. It exists to serve us and at some point produce some type of item. This item is often time but it also can be money, communication or something similar.

I mention this because with the amount of time we spend on technology, choosing right items, configuration and getting things to work, you'd think that we exists for technology's sake. We've all heard, or worse, been through (myself included) stories that start out like this, "I spend all day on trying to get such and such to work."

Really? All day? It isn't that I don't believe, it's that I figure at some point along the process of trying to get it to work, you'd give up. Not because you are a quitter but because it isn't worth it.

Time is the most precious resource.

Rote, I know but non the less true. Beautiful beaches, coral reefs, playing with children, calling neglected family members are all things that we could be doing instead of struggling with technology.

I try to take this mindset everyday. In practical terms, I try and fix the problems as fast as possible. Also I put a 2 hour limit on it. If it isn't fixed in 2 hours, I simply give up and find another way, often replacing the difficult item.

The Conclusion

Like all good stories, this one is going to end where it begins. So I figured I just give you the end before I begin to give details. Over the past decade of helping people out I've eventually have come to a few conclusions. Here are the two most important conclusions.

Technology is for productivity.

It exists for our sake. We do not exist for technology's sake. It exists to serve us and at some point produce some type of item. This item is often time but it also can be money, communication or something similar.

I mention this because with the amount of time we spend on technology, choosing right items, configuration and getting things to work, you'd think that we exists for technology's sake. We've all heard, or worse, been through (myself included) stories that start out like this, "I spend all day on trying to get such and such to work."

Really? All day? It isn't that I don't believe, it's that I figure at some point along the process of trying to get it to work, you'd give up. Not because you are a quitter but because it isn't worth it.

Time is the most precious resource.

Rote, I know but non the less true. Beautiful beaches, coral reefs, playing with children, calling neglected family members are all things that we could be doing instead of struggling with technology.

I try to take this mindset everyday. In practical terms, I try and fix the problems as fast as possible. Also I put a 2 hour limit on it. If it isn't fixed in 2 hours, I simply give up and find another way, often replacing the difficult item.

So I Started A Blog Today

So I started a blog today. Why should you care?

Good question. Well, because I have lots of experience. I mean lots. So much that most technology stuff is becoming obvious to me.

Then I read something. It went something like this... "Just because it's obvious to you doesn't mean it is to everyone else."

You know what? I never thought of that before. I occurred to me that there are thousands, probably millions of people who lack the knowledge and experience that I do. I look at a problem and know just what to do. They look at the same problem and have no idea what to do.

The people want recommendations with someone with experience.The people want confidence and assurance that they are taking the right actions. They want help that they are doing the right thing.

Since I'm moving in different direction other than service, I thought it would be terrible if I didn't pass my the knowledge on to someone. I figured they best way is to chronicle my experiences and journeys so that others can take advantage.

So you are the one to benefit. I'll wrap up my experiences in short blog posts and you can take advantage of what I've been through over the past decade. Most of my experience is with small to medium sized businesses, including home offices. Even if you are a large corporation, you may take advantage of the items.

That's why I started a blog.

Wireless For A Condo Building On Palm Beach

Recently a condo building on Palm Beach asked us how much it would cost to provide wireless internet to the building.

The idea here is that it's silly for all of them to pay internet separately ($40 * 100 = $4000). If they can share one internet connection, it will save them money ($x * 1 = $1x). As an added bonus they'll be able to do surf the web while at the community pool.

I wrote the response privately but decided to post the majority of it in case anyone else in the world is interested:

A hard quote can't be provided until a site survey is done. But here's a soft quote so everyone know what's involved.

There are 4 main parts to providing wireless for the building:

1. Internet Connection
One internet connection will be shared for everyone. The speed of this connection depends on the number of people using the internet and what they are using it for. COMCAST should be OK for regular office surfing and email. But some offices need an upgraded internet to a fractional optical cable / fiber line called a METRO E.
COMCAST: $100 per month approx
METRO E: $1,350 per month approx (36 month contract required)

2. Wireless Antennas & Network Equipment
Wireless antennas have to be place through out the building. These vary in cost depending on brand. Cisco enterprise equipment is on the high end at about $1000 per unit and small office equipment is on the lower end at about $150. The number of units required depends on the building itself. I'm guessing around: 15 units
CONSUMER-GRADE: $2,250
CISCO: $15,000
Other required network equip: $1,000

3. Wiring
The wireless units need to be actually wired together and meet at a central location. If no existing wiring is in place, then it will have to be installed. Ballpark is $250 per connection.
CONNECTION DROPS: $3,750

4. Configuration Service
After the internet is installed, the equipment is in hand and wiring is in place, the whole system needs to be setup correctly, taking a full day. Sometimes further support is needed for customer help (upgrading outdated wireless drivers).
SERVICE: $600
EXTEND: $600

To give a couple of scenarios...
One Palm Beach apartment complex used a DSL connection they had in place. They used 6 consumer-grade wireless units to keep costs low. They had their own on-site handyman wire the building. So the total cost was minimal about $1,500.

Another complex had a site survey done for 3 buildings. They needed all of the above. The total quote was around $37,000 and the project was scrapped.

A community center on PGA Blvd (45,000 sq ft) used an existing T1 internet connection (around $500 per month). The Cisco equipment, wiring and configuration cost around $10,000.

Pursuing wireless for a condo building on Palm Beach is decision each community will have to face depending on complex layout and funds available.

Replace Dated Hardware

It isn't worth it to deal with hardware problems. Combine this principle with the others I've stated like time is the most precious resource and the Murphy's law principle from last time and you'll appreciate this story.

I had a recent snowbird, from Manhattan, in BallenIsles. A simple call to setup a monitor, nothing big.

Monitor setup was no problem. Windows XP starts to boot then fails and begins to endlessly reboot. I try everything I can think of, safe mode, last known good config, boot into BartPE, boot into Knoppix and I even try a repair install. All end in the same result. Endlessly rebooting. Yes, even the repair install.

What do I do? A simple monitor install has turned into a service call worst disaster. After an hour and a half of tinkering, I have a total loss of everything.

I buy off lease systems in bulk and keep them around for fast office setups. They are about 2 years old, Dell Optiplex systems. Total cost of each system is barely over $100.

I run out back to my office, grab one of the systems and put it in place of the troubled item. Transfer over the user profile and finally call it a day.

Total service time was 3 hours. Which is a loss for me as I charge by the job and not by the hour.

The win here is that the issue was fixed as fast as possible and the client was relatively happy.

Page 4 of 4

Contact Dak Networks

Please contact us at the following.