Get ready for the new Experts Exchange!

McAfee Internet Security won’t activate in Windows 7

Problem :

When you click on activate button, after some time the message appeared that ” Unsuccessful Activation”

Solution :

1.Click the Windows Button and type cmd.exe into the search bar.
2.Right-click cmd.exe in the search list, and select Run as Administrator.
3.Type the following text, then press ENTER:

c:\program files\mcafee\msc\mcoemmgr.exe /regserver

4.Right-click the M icon in your taskbar and select either Activate, Activate Now, Register, or Register Now.
5.Follow the instructions.

Source:McAfee Community

SEP Proactive Threat Protection Defintion is not updating

Symantec Endpoint Protection 11 (SEP 11) includes a feature called Proactive Threat Protection, which seeks out suspicious behavior on your computer, and isolates it. Since brand new viruses may not always be immediately detected by antivirus software, Proactive Threat Protection is a good barrier against the unknown.

Unfortunately, sometimes have noticed that their Proactive Threat Protection defitions are stuck or not update day by day.

Solution:
Delete the string value “Sequence Number” under the following registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\COH_PVLInfo\COHData

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\COH_PVLInfo\COHEngine

Exit the registry and restart your system.

IF problem not solve, then try this one:

Modify the value of the following DWORD registry entry to 1:

HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\LiveUpdate\SyknappsContentListReady

Note: If this registry entry does not exist on the client, create the entry and set it to the value above

Run command : smc -stop
smc -start

or Reboot the system.

Activesync error from application log, Event ID: 3005 status code: [409]

Error: Unexpected Exchange mailbox Server error: Server: [EXCHANGE.yourdomain.local] User: [youruser@yourdomain.com] HTTP status code: [409]. Verify that the Exchange mailbox Server is working correctly.

Solution:

1.Start the Internet Information Services (IIS) Microsoft Management Server (MMS) snap-in on the Windows SBS 2003-based computer.
2.Expand Server_Name\Web Sites\Default Web Site.
3.Right-click Exchange-OMA, and then follow these steps:
1.Verify the following settings on the Virtual Directory tab:
–> The following check boxes are selected:
–> Script source access
–> Read
–> Write
–> Directory browsing
–> Log visits
–> Index this resource
–> Application name is unavailable, and Default Application is listed.
–> The Execute permissions setting is None.
–> The Application pool setting is unavailable, and ExchangeApplicationPool is listed.
2.Verify the following settings on the Directory Security tab:
–> The Enable anonymous access check box is not selected.
–> The Integrated Windows authentication check box is selected.
–> The Basic authentication check box is selected.
–> The Require secure channel (SSL) check box is not selected.
3.Close the Exchange-OMA Properties dialog box.
4.Right-click OMA, and then follow these steps:
1.Verify the following settings on the Virtual Directory tab:
–> The following check boxes are selected:
–> Read
–> Log visits
–> Index this resource
–> The Application name setting is /LM/W3SVC/1/root/OMA.
–> The Execute permissions setting is Scripts only.
–> The Application pool setting is ExchangeMobileBrowseApplicationPool.
2.Verify the following settings on the Directory Security tab:
–> The Enable anonymous access check box is not selected.
–> The Integrated Windows authentication check box is not selected.
–> The Basic authentication check box is selected.
–> The Require secure channel (SSL) check box is not selected.
3.Close the OMA Properties dialog box.
5.Right-click Microsoft-Server-ActiveSync, and then follow these steps:
1.Verify the following settings on the Virtual Directory tab:
–> The following check boxes are selected:
–> Log visits
–> Index this resource
–> The Application name setting is /LM/W3SVC/1/root/Microsoft-Server-ActiveSync.
–> The Execute permissions setting is Scripts and Executables.
–> The Application pool setting is ExchangeApplicationPool.
2.Verify the following settings on the Directory Security tab:
–> The Enable anonymous access check box is not selected.
–> The Integrated Windows authentication check box is not selected.
–> The Basic authentication check box is selected.
–> The Require secure channel (SSL) check box is not selected.
6.Run the iisreset /noforce computer_name command to restart IIS on the Windows SBS 2003-based computer.

Redirecting New Users and New Computers to a Specified OU

Either on you computer or on a domain controller run the below commands to make the changes.

To Redirect Users
C:\Windows\System32\redirusr DN_of_new_OU
For example:
C:\Windows\System32\redirusr ou=myusers,DC=mydomain,dc=com

To Redirect Computers
C:\Windows\System32\redircmp DN_of_new_OU
For example:
C:\Windows\System32\redircmp ou=mycomputers,DC=mydomain,dc=com

Note: Your domain functional level must be at at least Windows Server 2003.
If your DN contains spaces etc you will need enclose the DN with quotes.

2010 in review

The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:

The Blog-Health-o-Meter™ reads Fresher than ever.

Crunchy numbers

A helper monkey made this abstract painting, inspired by your stats.

A Boeing 747-400 passenger jet can hold 416 passengers. This blog was viewed about 11,000 times in 2010. That’s about 26 full 747s.

In 2010, there were 8 new posts, growing the total archive of this blog to 73 posts.

The busiest day of the year was December 21st with 70 views. The most popular post that day was Clearing Windows Update Cache Upon Update Failure .

Where did they come from?

The top referring sites in 2010 were social.answers.microsoft.com, social.technet.microsoft.com, google.com, tek-tips.com, and google.co.in.

Some visitors came searching, mostly for limitlogin, limit login, standard tcp ip port missing, ntfrs, and clear windows update cache vista.

Attractions in 2010

These are the posts and pages that got the most views in 2010.

1

Clearing Windows Update Cache Upon Update Failure December 2008
3 comments

2

LimitLogin: Step By Step August 2009
5 comments

3

Restore missing Standard TCP/IP Port type for Printer January 2009

4

Kodak Imaging for Windows XP February 2009
4 comments

5

Fix for File Replication System (NTFRS) replication problems (Event ID 13549) July 2009

SBS 2008 DNS stops working for .uk, .eu and some other TLDs outside USA

In SBS 2008, when first installed or rebooted, DNS queries succeed, but after a period of about 1 day users report that they are unable to access some web sites. On inspection, it may be noticed that the inaccessible web sites are in the .uk and .eu Top Level Domains (TLDs) or certain other TLDs that are outside of the USA.

If left for several days, the problem may appear to resolve itself then re-occur after another day or so.

If the DNS server service is restarted, or the DNS cache on the server is cleared, then the problem is temporarily resolved but re-occurs after a day or so.

The cause of this problem is that in EU countries (and certain other TLDs outside the USA), nameserver records are typically cached for more than 1 day. SBS2008 has a cap on the maximum time that it will allow nameserver records to be cached, which defaults to 1 day. This default works fine in the USA but When the .uk and .eu records become stale, they are not deleted from the cache but are no longer returned as valid records. Therefore, they effectively prevent DNS lookups in those TLDs from succeeding until the records expire and are deleted from teh cache, or the DNS Server service is restarted.

The fix is to increase the maximum Time To Live (TTL) setting in the DNS server so that it recognises records older than 1 day. Experience has shown that setting the value to 4 days is usually enough, but the maximum setting is 30 days.

Solution

For a permanent work around, the MaxCacheTTL value needs to be changed to a value larger than the TLD TTL (Default value is 1 day, maximum value is 30 days). On SBS2008 there is no negative impact since this is the TTL for the cache of Resource Records. This is just the maximum value that it will be stored on DNS server. If the actual TTL is shorter, the shorter value will be used.

1. Start Registry Editor (Regedit.exe).
2. Locate the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
3.On the Edit menu, click New, click DWORD (32-bit) Value , and then add the following value:

Value: MaxCacheTTL
Data Type: DWORD
Data value: 0×69780 (432000 in decimal = 5 days)

4.Click OK .
5. Quit Registry Editor.
6. Restart the DNS server.

Source:
http://serverfault.com
http://support.microsoft.com/default.aspx?scid=kb;EN-US;968372

SEP installation RollBack Issue on Windows 7 -Fix

Issue:

When attempting to install the Symantec Endpoint Protection client onto a machine, the installation fails and rolls back around the point of registering with LiveUpdate.

Solution:

In the registry,

Find

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
value=%APPDATA%

and change it to

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
value=%USERPROFILE%\AppData\Roaming

Restart Windows 7 and then install SEP client again.

Source:http://www.symantec.com

Shadow a Terminal Server Session Without Prompt for Approval

Using windows 2003 and want to gain session access to another users session. Perhaps the person you are asking for shadow permission has an issue on his desktop and cannot figure it out,

To “Shadow” you have to know the session id of the user’s session that you want to view and or take over. Right click on your taskbar and select task manager. Go to Users and pick the users name and the session number should be located to the left of the name.
Shadow 0 and on the users session it will pop up a dialog box asking the other user for permission for you to access the session.

Of course this can be denied from the other user. Frustrating?

To shadow any other session, without a prompt, you would use the RDP-TCP Properties dialog, on the Remote Control tab, and clear the require users permission box.

To remote control the console (session 0) without a prompt for approval:

1. On the Terminal Services server, Start –> Run –>Gpedit.msc –> OK.

2. Navigate through Computer Configuration–> Administrative templates –> Windows Components –> Terminal Services.

3. Right-click Remote Control Settings and press Properties.

4. Select the Enabled option.

5. Select Full Control without user’s permission, under Options.

6. Press OK.

7. Exit the Group Policy Editor.

8. To force this local policy to update now, open a CMD prompt, type gpupdate /force, and press Enter.

When you establish a Remote Desktop session, you can connect to the console and remote control it:

1. Open a CMD prompt.

2. Type Shadow 0 and press Enter.

The user will NOT be prompted for permission.

Well this can be exploited and used in many wrong ways. So just be careful and use it wisely…

Source :http://support.microsoft.com/kb/292190

Microsoft Download Manager

The Microsoft Download Manager enables you to download files from the Internet in a more reliable and faster way than using a browser alone. Using the Download Manager makes it easier to download large files such as an application or multimedia files. Also, it has resume support so that you can continue downloading files from where it left off the last time.

More Information: Click Here
Download: Click Here