Wednesday 2 December 2015

Lost or forgetten iPad Restrictions PIN code

A client called having forgotten the 4 digit PIN code to access the Restrictions menu on one of the restaurant iPads. This used to be stored in plain text in one of the files saved to your computer backup by iTunes.

Its still in the same file now, its just encrypted now. There is a crack for it here

An extra tip - that 398bc9c ... etc file is a bit hard to spot in the directory. The easiest way on a Windows PC is to click once on one of the files in the directory, so its highlighted. Then start typing 398 and it will quickly jump to it, right-click and use Open With > Notepad

This saves doing a full wipe and reinstall of everything, just to reset the Restrictions code.

Monday 2 November 2015

SBS 2008 BPA 'log file for the Windows SharePoint Services configuration database is getting large' LinkId=159745

We were running out of disk space on a Small Business Server 2008, giving us Exchange back pressure problems halting email delivery. The SBS2008 Best Practices Analyzer (BPA) reports that 'The log file for the Windows SharePoint Services configuration database is getting large'. For information about how to reduce the size of the log file, see the Knowledge Base at

Unfortunately that link is now dead, 'This page doesn't exist' and searching MS fails to show the relevant info to fix the problem.

The Microsoft FixIt however is still available for an automatic fix, use this link

Gave me an extra 8GB of disk space within seconds.

Wednesday 21 October 2015

Update firmware HP OfficeJet 6500A Plus E710n when installer greyed out, 1126 to 1206

Just came across a really cunning trick to update the firmware for an HP OfficeJet 6500A Plus E710n printer / scanner / copier / fax device. Its the All-in-One Plus model, aka product code CN557A.

On the status page, the device was reporting firmware version CIP1FN1126AR - essentially release 1126. Checking HP downloads shows a newer firmware, release 1206. Note that the firmware won't show on the support website if you specify your OS as Windows 10 - choose Win 7 instead.

When you download and run the latest firmware updater from HP, a file called OJ6500-E710n-z_R1206A.exe it spots the printer correctly on the network or WiFi. However the update button is greyed out when you specify the printer you want updated. No matter what compatibility settings / firewall / OS / computer / ethernet / WiFi / USB combination you try it won't let you update.

Here's the cunning bit - go into Control Panel > Printers, find the 6500A to update, right click and make sure its shared, preferably with a short name and no spaces, eg 6500A
 Now use Winzip or 7-Zip to open the OJ6500-E710n-z_R1206A.exe file, locate the .FUL file and extract/copy it to the desktop. I'd right-click and rename it to something much shorter, eg 6500A.FUL

Then start a Command Prompt - easiest way is to go to Start > Search (or Run) and type

In the black DOS box that comes up, type a couple of commands ...
     copy /b 6500A.FUL \\PC\6500A
[note that PC is the name of your computer, you can find it in Control Panel > System]

This sends the file as a binary transfer direct to the printer and forces the update. You should see the printer go into an update mode and restart. Takes a few minutes for it to complete

Tuesday 8 September 2015

Dell PC offline and disconnected after Windows 10 upgrade, Intel 82579LM network

Had a call from someone who had clicked the WIndows 10 free upgrade option and then found themself offline after the reboot. So they were unable to get online and check for updates or found out what had gone wrong.

It was a Dell PC that used an Intel 82579LM Gigabit network adapter. There was a red cross in the bottom right indicating that the network LAN was disconnected, with no internet available.

Fortunately there was a straightforward fix that didn't involve remote access or having to install anything.

On Windows 10, go to the Search box in the bottom left by the Windows Start icon, type in Device ... you should be prompted with a link to Device Manager (in Control Panel) as the best match. Start the Device Manager and look for the Network Adapters section.

In this case there was an Intel(R) 82579LM Gigabit Network Connection, similar to the one shown in the picture. Right-click on that entry and choose Disable, give it a moment and the right-click again and choose Enable. This effectively turns the network connection off and back on again. After a minute or two it came back to life, emails arrived and Internet Explorer and Chrome were working again.

Saturday 1 August 2015

Microsoft Office Accounting 2009 and Windows 10

Pleased to report that following an upgrade from Windows 8.1 to Windows 10, the old copy of Microsoft Office Accounting 2009 which runs on a SQL Server 2008 Express database survived. Definitely looks compatible to me - invoices, customers, reports all still running as before.

There is an outstanding, older issue where you can't export to PDF or Word. This relates to a court case Microsoft lost over XML - bit boring, but Office installs after that date won't work with Office Accounting. I do have an older Win7/Office 2007 laptop install and a virtualised XP install, both still work and will export to PDF and Word correctly.

Note that exporting reports to Excel works ok on all versions.

Glad that the Win 10 upgrade path is a lot smoother than the original Win 7 to Win 8 one, which completely killed the Office Accounting setup, breaking the SQL install. At that time, I managed to get away with reinstalling SQL and recovering the database from backup.

Definitely don't approach a major Windows upgrade without a full backup in place!

Saturday 18 July 2015

Cisco AnyConnect VPN reconnect resulted in different configurations settings error

This error is nothing to do with the Cisco setup or the configuration, well kind of. Its actually down to the packet size of the data on the network. You need to reduce the size of your MTU (Maximum Transmission Unit).

Quickest way is to start a Windows Command Prompt from Start > Programs > Accessories (in Win 7). Make sure you right-click and use Run As Admin.

Then type
   netsh interface ipv4 set subinterface "Local Area Connection" mtu=1300 store=persistent

or use "Wireless Connection" if appropriate.

You can also type
   netsh interface ipv4 show subinterfaces

to get a list of interfaces.

Or download a utility to do the job for you, c/o Cisco

Could be worth experimenting a bit to find what is the most appropriater MTU, using a higher value of 1400 might give slightly better performance.

Wednesday 1 July 2015

WindowsUpdate error 0x8007277a, MSE not updating either

Had a laptop that stopped loading Windows Updates following a spyware infection and subsequent clean-up by MBAM. Internet access was ok.

Eventually tracked the fix down to a winsock reset ...

Look in Start > Accessories and find Command Prompt
Right-click and Run As Admin

Then type ...
     netsh winsock reset
     netsh int ipv4 reset

You should get a prompt to restart the computer. We didn't need to, restarting the Windows Update service was sufficient to get everything working again (Start > Control Panel > Admin Tools > Services)

[Just as an aside, we had already run the Microsoft Windows Update Fixit tool and renamed the SoftwareDistribution folder - just in case the above netsh commands don't work on their own]

Monday 15 June 2015

Can't install Google Chrome - Installer was unable to start

There are several discussion threads on Google and other forums discussing difficulties when reinstalling Google Chrome. You get the standard online ActiveX installer or the standalone installer, but neither will start properly, reporting 'Installer was unable to start'

I tried manually deleting various Google folders from Program Files, Program Files (x86), Common Files and in the registry; HKLM\Software\Google and HKCU\Software\Google.

Still got the error about Google Update installation failing initialization.

Until ... I deleted the HKLM\Software\Wow6432Node\Google key as well. That cleared the fault up and the installer was able to run successfully.

Tuesday 2 June 2015

123-reg auto renew SSL .crt certificate won't load in ISA Server, no key, can't export .pfx

We've got an Exchange Server 2003 as part of an SBS 2003 setup, just hanging in on its last couple of months before it gets upgraded - just before the July 2015 sunset on security updates. You best contact if you haven't planned upgrading from Server 2003 yet.

The replacement Alpha SSL certificate came as a plain text email, to save as a .crt file and import. Loaded the MMC, added the Certificates option to manage the Local Computer certificate store, and easily imported into the Personal section. From there, head to IIS Manager > Default Website > Properties > Directory Security > Server Certificate and change to the updated certificate.

Easy enough, however on the SBS 2003 Premium, running ISA server as the firewall, you also need to update the certificate in the ISA Outlook web publishing rule too. Right-lick on the rule > Properties > Listener > Properties > Preferences > SSL > Select

But the new certificate doesn't appear on the list. Thats because it needs to be in PFX format, which also includes the private key. This comes from the original certificate request. If you try and export that certificate in PFX format its greyed out, because the private key is missing. There's a quick and easy way to fix the certificate, which doesn't involve exporting or trying to recombine the certificate and key with openssl (yes tried all that!)

Look at the new certificate details and find the serial number - should eb something like a 36 character hex number. Now start a CMD prompt and use the command
   certutil -repairstore my "serialno"

Then go back to ISA to change the certificate attached to the web publishing rule listener and your new certificate should be on the list.

(I also did a restart of IIS Admin service - not sure whether that was required or not - let me know in the comments below)

Friday 29 May 2015

Lumia 625 bricked with red Nokia screen or won't turn on

A Nokia Lumia 625 failed to reload the system with the Windows Phone Recovery Tool 1.0.4 (released earlier in 2015 I think). The 625 had a Nokia screen initially but wouldn't respond to anything, or turn on, or recover using any of the Microsoft or Nokia tools. Completely bricked.

If connected to a computer it appeared as an unknown device QHUSB_DLOAD. I took it to Nokia Care and they couldn't do anything other send it back to be looked at - but I needed proof of purchase (even though it showed in their system as still under warranty - however it came from ebay)

The good news is that can now be recovered. The latest version of the Windows Phone Recovery Software is 2.1.1. Spotted the phone right away, warned to charge the battery above 25%, then reloaded the system. Only took 10-15 mins, and the phone is back! De-bricked. Un-bricked. Whatever the word is.

Tuesday 12 May 2015

Samsung SA450 (S24A450BW / LS24A450) monitor turning off or no picture

The Samsung SyncMaster SA450 24" LED monitor (aka S24A450BW or LS24A450) is a great bit of kit supporting a resolution of 1920x1200 with DVI or VGA. However it started playing up, sometimes working ok and then abruptly powering off, showing the flashing Analog/Digital symbol as it scans for a signal. Other times it won't show a picture as soon as turned on - ruling out some sort of overheating problem.

I was about to pull the back off the monitor and start looking for faulty capacitors, when I spotted a firmware upgrade on the Samsung website.

You can run this Windows updater program to flash the firmware up to v1.1.7 - I did it successfully using Win7 64 bit and a VGA cable. Completely cleared up the no picture fault.

Monday 4 May 2015

AVG CloudCare keeps prompting to Restart after Update

Seems like AVG Cloudcare with the AVG 2015 component (CloudCare version currently showing as v3.3.1) sometimes gets stuck on an update. It may just be for non-admin domain users, I haven't been able to confirm that for certain.

The user gets prompted every day for a Restart, which then nags hourly if they click postpone. Restarting and logging in as admin doesn't clear the problem -  it repeats again the following day.

Couple of options - the simple one is to go into CloudCare > Options > Advanced Settings > Update > Manage, then click the Delete Temporary Update Files. Reboot and you shouldn't be prompted again.

The more tedious option, if that doesn't fix the warning, is to uninstall and reinstall. After using the Uninstall from Control Panel > Programs and Features, do a reboot if required. Then run the AVG 2015 Remover program, that can be downloaded from AVG's utilities website here:
Reboot, check there are no AVG folders left in C:\USERS\username\APPDATA or in Program Files or Program Files (x86) - and then reinstall. That definitely clears the problem !

Wednesday 8 April 2015

At last! 1&1 SRV DNS records - with invalid characters warning when creating _autodiscover for Exchange

1and1 finally add SRV records to the DNS
I can't tell you how long I've wanted 1&1 to allow SRV records in the DNS editor - since Exchange 2007 ... and its 2015 now, must have been really really hard to implement ;-)

So login to 1and1 and go to the new Domain Centre, choose your domain and click Edit DNS Settings. At the bottom under 'TXT, SPF and SRV Records' click Add Record. It looks like this picture.

The standard advice is to create a record with this info:
   Service: _autodiscover
   Protocol: _tcp
   Port Number: 443

However if you add _autodiscover you'll get an error ... This field contains invalid characters. The following characters are valid: 'a-Z', '0-9', '*', '-', '+'.

The trick is to remove the underscore at the start for both autodiscover and tcp. If you look at the preview at the bottom, 1and1 are automatically adding the underscore. 

Also note you need to click Add and then click Save, to create the record.

Monday 23 March 2015

Reclaim lots of disk space from Microsoft Zune / Windows Phone .tmp files

The laptop just shouted about having low disk space, only 100MB remaining. So I started poking around to find out what I could free up - really didn't expect to discover that a big culprit was Microsoft Zune.

Zune was using around 15GB for its Transcoded Files Cache - consisting of 5000+ .tmp files. You can find this folder in

Select All (Ctrl-A) to highlight them all, then Shift-Del to permanently delete (bypassing the Recycle Bin).

The files have come from a Windows Phone being connected and syncing media files between laptop and phone.

Monday 16 March 2015

Shared printer keeps going offline after a few minutes on Windows Server

Sometimes its just the simple things ... AND you keep forgetting the fix. The copier company has just been and installed a shiny new Toshiba, looks loverly. Installed x86 / x64 drivers on the server, setup the printers, shared on the network, installed on a couple of PCs and watched as the printers promptly went offline again.

Restart the Print Spooler, come back online, wait a few minutes, and they're offline again. Aaargh.

Oh yes the fix - right-click on the server printer and choose Properties (or Printer Properties on newer versions of Windows Server) find the Ports tab, click Configure Port and

make sure SNMP is turned OFF

Thursday 19 February 2015

Draytek 2820 not connecting to Vigor 120 ADSL modem on WAN2, no response from server

Got a DrayTek Vigor 2820 router on the latest firmware. We've got Plusnet connected using the ADSL WAN 1 port, which works fine. However WAN2 was connected to a Technicolor TG582n in ethernet bridged mode to ZEN broadband. WAN2 started dropping randomly and we couldn't pin down why.

We swapped a Draytek Vigor 120 ADSL modem ( in place of the Technicolor. Line sync was ok, in fact faster than the TG582n, esp the uplink which doubled up from 512k to 1Mbps. Bonus! However it wouldn't connect from the 2820 router using the WAN2 PPPoE setup. This is a PPPoE to PPPoA bridged mode.

On the Online Status > Physical Connection you could see the PPP connection starting, but followed by a 'No response from the server' error.

Took a little while to identify - make sure the Vigor 120 modem has DHCP enabled on the LAN screen. Doh!

Wednesday 11 February 2015

Windows 8.1 Hyper-V requires SLAT, is my Intel CPU supported?

I was having a bit of trouble tracking down if there was a suitable CPU upgrade for an old Core 2 E7300 that would support Hyper-V on Windows 8.1. The option to enable it in Programs and Features was greyed out. You an see the message here "Hyper-V cannot be installed: The processor does not have required virtualisation capabilities."

Turns out the CPU needs to support SLAT - Intel call their version, Extended Page Tables (EPT). Its not enough having Intel VT or VT-x or VT-d, it needs to be 'VT-x with EPT'.

Roughly speaking, you need an i3, i5, i7 or equivalent Xeon CPU for EPT support. None of the Core 2 CPUs had it present.

For a more definitive answer, you can bring up a full list of supported CPUs with this search of Intel's ARK library

Thursday 5 February 2015

Unable to send email from SBS 2008 Task Scheduler when Event Viewer Audit Failure, error 2147746321

I wanted an SBS 2008 server (which is essentially Windows Server 2008) to email me if there was a login failure recorded. So if someone types the wrong password, or more importantly, starts trying to guess a password, I'll get a notification.

The Event Viewer should let you attach a task to a particular event id, in this case Audit Failure Event ID 4625. Find one in the event viewer (using Filter Current Log > keywords > Audit Failure) then right-click and Attach Task.

Except no matter how many combinations of user/SYSTEM account, Run whether user is logged in or not, highest privileges and then messing with the from field and the smtp server (including a second receive connector on a different port), localhost vs ip vs ... it just wouldn't send an email. I couldn't even see in the Transport Roles verbose logging what was happening. The only hint was in the Task properties under history which showed error 2147746321. That didn't Google to anything that fixed the problem.

So I gave up on that plan.

And decided to attach a script instead, dead simple, ran first time. So open notepad and paste this script in

Set objMail = CreateObject("CDO.Message")
Set objConf = CreateObject("CDO.Configuration")
Set objFlds = objConf.Fields
objFlds.Item("") = 2
objFlds.Item("") = "SERVER1"
objFlds.Item("") = 25
objMail.Configuration = objConf
objMail.From = ""
objMail.To = "support@redleg"
objMail.Subject = "Security audit failure (Acme Cleaning)"
objMail.TextBody = "Please check the security log on SERVER1 at Acme Cleaning."
Set objFlds = Nothing
Set objConf = Nothing
Set objMail = Nothing
Save the file as "security-warning.vbs" into somewhere handy like c:\users\administrator and change the task action from send email to run a program, point it at that script.

Oh and you'll need to update the script with your server, from email address and to email address.

Note that the sending port is the default 25 in this example which doesn't allow internal smtp by default. You might want to create another Receive Connector in Exchange Management Console > Server Config > Hub Transport using another port, eg 25025 and allow anonymous internal email via that instead.

Friday 30 January 2015

Did someone say Mouse !?

Contrary to rumours, I'd just like to confirm I fixed the iMac to capture VHS video, not the cat. I did get help, a lot of help.

Tuesday 20 January 2015

DrayTek Vigor 2820 ADSL monitoring with SNMP, whats the line speed OID

One client with a DrayTek Vigor 2820n internet router has a problem with the ADSL upload speed slowing down to around 40-50% of normal on occasion. It has a big impact because there are staff out in the field needing to VPN in to the office to update the main database.

To keep an eye on performance we added SNMP monitoring to the Centrastage console for that client, with an alert to trigger if it fell below 80%. The upload line speed is typically just under 1.2Mbps with the Annex M fast upload option we have on that line. It seems to fluctuate 5-10% in normal operation anyway - possibly some dodgy wiring or just being quite a way from the exchange.

The key element of SNMP monitoring is knowing what object identifier (OID) to monitor. We used snmpwalk to dump them all out to CSV. Then matched the known line speed values to the relevant OIDs:
 .  --- ADSL download line speed
 .  --- ADSL upload line speed

DrayTek have a list of some useful Vigor router OIDs

Have you got any other useful parameters or OIDs to monitor on a DrayTek router ?

Saturday 10 January 2015

MODx Evolution 'Access Denied' to directory in assets\files

Moved a MODX Evo website to a new server, which went pretty smoothly with the standard instructions. However any user trying to access one of the directories under assets/files where all the reports etc are stored constantly got an Access Denied error.

This occurred when going into Elements >  Manage Files

If you're looking closely, you can see the directory 'Test' in this image has been truncated to 'est'. Interesting.

Tracked the fault down to an extra slash in the File Manager path. Go into Tools > Configuration > File Manager and look at the first field, titled File Manager path, see pic.

I had to remove the slash between the [(base_path)] and assets, so the entry should read [(base_path)]assets/files


Trust 1&1 Internet for your domain name registration, from only £1.99/year!. Check now!