Windows Updates Error 80071A90

Windows 7 – Windows Updates keeps failing with Error 80071A90:

Scenario:

When trying to install Windows updates on a Windows 7 PC and after you reboot to apply, Windows reverts back changes and doesn’t apply updates as if nothing has happened!

Resolutions:

KB2647753 is the fix.

Click Here to Download KB2647753 apply it and restart. Then try Windows Updates now and it should work.

If you find this article helpful, please send me a note to Mike@bostonIT.com and so I can keep on adding more hands-on knowledgebase articles.

windows search error

Windows Search and Windows Updates don’t work after replacing laptop drives with a newer bigger cloned Hard Drive or after replacing one of the RAID disks:

Scenario:

You have a Windows computer and space is running out. You replace it with a newer and bigger cloned/imaged hard drive (cloned with Symantec Ghost for instance). After you start Windows, you discover Windows Search service won’t start and Windows Updates won’t run (Also when you replace one of the disks in a raid array you might run into the same issue). In the Windows Application log you get the following error messages:

The Windows Search service terminated with service-specific error %%-2147217025

Log Name:      System
Source:        Service Control Manager
Date:          8/29/2012 5:29:17 PM
Event ID:      7024
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      user.domain.com
Description:
The Windows Search service terminated with 
service-specific error %%-2147217025.
Event Xml:
Event xmlns="http://schemas.microsoft.com/ 
win/2004/08/events/event">
System>
Provider Name="Service Control Manager" 
Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" 
EventSourceName="Service Control Manager" />
EventID Qualifiers="49152">7024
Version>0
Level>2
Task>0
Opcode>0
Keywords>0x8080000000000000
EventRecordID>1298063
Correlation />
Execution ProcessID="608" ThreadID="4348" />
Channel>System
Computer>user.domain.com
Security />
/System>
EventData>
Data Name="param1">Windows Search
Data Name="param2">%%-2147217025
/EventData>
/Event>

Resolutions:

Download and Install Intel Rapid Storage Technology (RST). Check the laptop vendor website for latest RST (Lenovo, HP, Dell…). The latest driver should support the Bytes Per Sector disk format on the new disk. If you can’t find it, the following link can help:

Download Intel RST Here

For some laptops/PCs, the latest version of RST might not work with older versions of Windows, so in these case install an older version of RST. Fixed!

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.

Default Credentials Ricoh MP C2551

Default Username and Password for Ricoh MP C2551 Printer:

User: Admin
Password: blank (no password)

For security purposes, change it when you can.

If you find this article helpful, please send us a note to Mike@bostonIT.com 

How to Stop, Start or force restart iSeries Fax Support

How to Stop, Start or Force Restart iSeries AS400 Enhanced Fax Support:

1- End Fax Support
ENDFAXSPT FAXD(*ALL) ENHSRV(*YES) and press ENTER

2- Confirm that the QFAXSBS and QFQSBS subsystems have ended:
WRKSBS
You might need to wait for a few minutes for them to end

3- Vary off and on the controllers:

WRKCFGSTS CFGTYPE(*CTL) CFGD(FAXD01) and press ENTER
Take option 2. Vary Off and press ENTER
Take option 1. Vary On and press ENTER
The controller will go to a Vary On Pending status

4- Start Fax Support and Enhanced Services:
STRFAXSPT FAXD(FAXD01) ENHSRV(*YES) and press ENTER

Force end writer – AS400 – System i

How to force end stuck iSeries (AS400) Writer:

Writer name P8 (for instance)

ENDWTR P8 *IMMED

CALL QSPENDWA P8

varry off P8

vary on P8

STRPRTWTR P8

After that check Outq for messages

Configure Hot Failover between two Cisco ASA

How to Configure Hot Failover – Cisco ASA 5510, 5500 Series Firewalls – Active/Standby:

  • Two ASAs have identical hardware specs
  • From “Show version” compare the licenses installed. Licenses must match on both ASAs. If you are running ASA IOS 8.3 and above, licenses don’t need to match. Before upgrading to 8.3 (in case you want to but you don’t have to), study well! Access Lists and NAT are different so you need to do manual clean up and re-configuration. Also 8.3 needs 1G of memory.
  • After failover is configured, configuration from primary will replicate to standby. Important: If you have AnyConnect or VPN images loaded on the primary, you need to copy them into the secondary because again that will not replicate – ONLY configuration will replicate (Anyconnect images, AutoReconnect.xml, boot images all need to copied to both ASAs – upload everything before you start the config below). SSL Certificates and config, if installed on the primary, will replicate as well.
  • Connect the two ASAs through a cat5 cable for fail-over link (Heartbeat). You could use the Management interface management0/0 for that. Pick a network and IP address for that interface like 192.168.150.1. The standby will have 192.168.150.2

Primary ASA:

For each interface with IP address and Subnet Mask pick an ip address for the  standby from the same network. For instance for inside network with IP address 192.168.99.1 255.255.255.0, pick an ip address for the standby like 192.168.99.2 (no mask needed) and configure that interface:

ip address 192.168.99.1 255.255.255.0 standby 192.168.99.2

Do the same thing for all other interfaces that you are going to use like the Outside and DMZ (of course with different ip addresses). Make sure they are in “no shutdown”. Interfaces need to be on different networks.

For management interface, do a no shutdown. Make sure interface has no interface name “no nameif”. Don’t configure ip address for it.

Type the following commands

ASA(config)# failover lan unit primary

ASA(config)# failover lan interface failover Management0/0
When you type this command the ASA will say “INFO: Non-failover interface config is cleared on Management0/0 and its sub-interfaces” and it will give a description to that interface as “description LAN Failover Interface”

ASA(config)# failover interface ip failover 192.168.150.1 255.255.255.0 standby 192.168.150.2

ASA(config)# failover link failover Management0/0

If you do show running-config you will see that the description of interface Management 0/0 has changed to “description LAN/STATE Failover Interface”.

ASA(config)# failover replication http

ASA(config)# Failover

Secondary/Standby ASA:

Connect all interfaces to the respective network (at least the inside interface to the inside network and outside interface to the outside network. The Management 0/0 interfaces on both ASAs are connected together through a Cat5 or crossover network cable). Connect to the ASA through a consol.

Go to all interfaces that you are going to use (just like the Primary ASA) and do a no shutdown. Don’t forget the Management Interface that will be used as a failover interface – Make sure interface has no interface name “no nameif”. ASA configuration including IP addresses will replicate from the Primary ASA when replication starts.

Following is the minimum configuration that you need to do on the standby. No more!

Type the following:

ASA(config)# failover lan interface failover Management0/0

ASA(config)# failover interface ip failover 192.168.150.1 255.255.255.0 standby 192.168.150.2 (this is the same exact command you typed on the Primary).

ASA(config)# failover link failover Management0/0

ASA(config)# failover lan unit secondary

ASA(config)# failover replication http

ASA(config)# failover (This is the last command that you need to do and as soon as you do that the replication of configuration will start)

You will see messages similar to the following:

“Detected an Active mate
Beginning configuration replication from mate…. Jul 12 2013 23:37:14: %ASA-6-720037: (VPN-Secondary) HA progression callback: id
=3,seq=200,grp=0,event=101,op=15,my=Sync Config,peer=Active.
Jul 12 2013 23:37:14: %ASA-6-721003: (WebVPN-Secondary) HA progression change:
event HA_PROG_STANDBY_CONFIG, my state Sync Config, peer state Active.
Jul 12 2013 23:37:14: %ASA-1-709006: (Secondary) End Configuration Replication (STB)”

Give some time (a minute or so) for replication to finish before you proceed with the following
After that, go back to the primary ASA (not standby) and save config on it and that will save it on both ASAs:
ASA#Wr mem

You can use the following two commands to see the state of failover
ASA# show failover
ASA# show failover state

Down the road, if standy configuration is out of sync with the active asa, go the active asa and do:
wr standby
That will wipe out the whole config of the standby and the config will replicate from active to standby.

If you find this article helpful, please send me a note to Mike@bostonIT.com so I can keep on adding more hands-on knowledgebase articles.

Room permissions Office 365

Microsoft Hosted Exchange – How to grant a user full permissions on a room mailbox in Office 365:

Email address of user to be granted access:    User123@domain.com
Room mailbox email address:      Room123@domain.com

You need to do that through Powershell.  Powershell is part of Windows 7.  From your Windows 7 machine, run Powershell as admin (right click on Powershell and choose Run as Admin).
In powershell command, type the following commands:
Set-ExecutionPolicy unrestricted
Choose Y to confirm
$cred=Get-Credential
(You will be prompted for Office 365 admin user, and If you are an administrator in Office 365 then type your email adddress as user and your email password).

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $cred -Authentication Basic –AllowRedirection

Import-PSSession $session

Add-MailboxPermission -Identity room123@domain.com -User user123@domain.com -AccessRights FullAccess -InheritanceType All -AutoMapping:$false

 

My Notes on changing permissions on public folders

same as above steps expect last step is:

Get-PublicFolder -Identity “\CPM” -Recurse | Add-PublicFolderClientPermission -User “UserNameHere-WhichIsFirstpartOfEmailAddressBeforethe@” -AccessRights Owner

 

My Notes on changing permissions on public calendars:

add-MailboxFolderPermission -Identity CalendarName@domain.com:\Calendar -User User@domain.com -AccessRights PublishingAuthor

Get-MailboxFolderPermission -Identity calendor@domain.com:\calendar

Remove-MailboxFolderPermission -Identity user@mycompany:\calendar -user myuser@mycompany.com

My Notes on setting password to never expire for a user:

Find users PasswordNeverExpires status:

Get-MSOLUser -MaxResults 2000 | Select PasswordNeverExpires | export-csv c:\result.txt

Start Microsoft Online Services Module for Power Shell (download from web if not arelady installed). “Run As” Admin. Type the following:

Connect-MsolService

Check the password policy for that user:
Get-MSOLUser -UserPrincipalName user@domain.com | Select PasswordNeverExpires
Substitute user@domain.com by the username that you want to change password policy for.

Change it to never expires:
Set-MsolUser -UserPrincipalName user@domain.com -PasswordNeverExpires $true
Substitute user@domain.com by the username that you want to change password policy for.

If you find this article helpful, please send me a note to Mike@bostonIT.com so I can keep on adding more hands-on knowledgebase articles. https://bostonit.wpengine.com/it-companies-boston/

Find us on Bing, http://www.bing.com

Windows takes long time to shutdown

Windows Server 2008 Takes Too Long to Restart or Shutdown.

Had two identical Lenovo ThinkServer servers loaded with Windows Server 2008 SP1 (not R2) and when restarting or shutting down, it would take over 30 minutes for them to restart.

When you press restart in Windows, Keyboard and Mouse appear unresponsive and the screen halts.

It turned out that Windows 2008 Server was configured to clear the page file upon shut down/restart and that was delaying the process of server going down. To fix the issue, go to the following registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management

and change ClearPageFileAtShutdown value to 0 instead of 1

Alternatively, you can go to Programs, Administrative Tools, Local Security Policy, Security Settings, Local Policies, Security Options, In the right pane, right click on Shutdown: Clear virtual memory pagefile. Change it to disabled.

After you make the change, reboot the server (it might still take a long time to reboot because the setting will take effect next time you boot).

If you have a Domain Policy configured make sure you change that setting in the Domain Group Policy on the Domain Controller.

If you find this article helpful, please send me a note to Mike@bostonIT.com so I can keep on adding more hands-on knowledgebase articles.

Quota warning

 

Users don’t receive Mailbox Quota Warnings in Microsoft Exchange 2010 SP1/SP2 – Quota Warnings Aren’t Generated

This is a design update that Microsoft made in Exchange 2010 Service Pack 1. Prior to Service Pack 1, quota warning messages were generated automatically whenever the mail users hit the quota warning threshold. After Service Pack 1 that won’t be generated unless you:

EITHER

Set the “prohibit send” quota value. You can go to Microsoft site or do a Google search to find out more about how that works.

OR

Add a new Flag/Registry key:

Resolutions:

We are going to add the necessary flag.

Add the following registry key and restart the Information Store. Quota notification emails will start working, and people will start getting them once a day if they have exceeded the quota value.

Run Regedit, and go to the following:

HKEY_LOCAL_MACHINE\System\CCS\Services\MsExchangeIS\ParametersSystem

Create a New DWORD Value.

Type CheckWarningQuota , and then press Enter.

Right-click CheckWarningQuota, and then click Modify.

In the Value data box, type 1, and then click OK.

Exit the Registry and restart the Information Store.

If you find this article helpful, please send us a note to Mike@bostonIT.com so we can keep on adding more hands-on Knowledgebase articles.

Disable Open File warning

How to Disable Open File Security Warning in Windows 7 When Openning Files on the Local or Network Drives:

 

Click Start –> Search or Run,

Type
gpedit.msc and hit enter

In the left pane, click on to expand User Configuration, Administrative Templates, Windows Components, and Attachment Manager.

In the right pane, double click on Inclusion list for low file types.

Enable it and type the kind/extension of file that you would like to disable the security warning for (if it is an EXE file, then type .exe). If you have multiple files (like bat, dba and xls, then seperate them with semicolon (;)
This is how that would look like:
.bat;.dba;.xls

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.