sircles.net Computer Support The sircles.net blog | SEO, Copy Writing, Networking and Internet Safety & Security

Twitter Feed Popout byInfofru

The sircles.net blog SEO, Copy Writing, Networking and Internet Safety & Security

CRM 2016 for Outlook - Cannot display the folder Path does not exist Verify the path is correct

If you are seeing the following in CRM 2016 using Outlook 2016: Then you should check the registry

If you are seeing the following in CRM 2016 using Outlook 2016:

Then you should check the registry - this commonly occurs when the user has migrated or upgraded office and the system has used the incorrect 32 or 64 bit registry settings.

Start registry editor as your normal logon user - i.e. the one that you use for Outlook rather than an Admin user - and under HK_Current_User go to software>Microsoft>MSCRM and have a look under these keys:

Make sure that the CRM_Client_InstallDir and InstallPath keys point to either program files (x86) or program files as befits your Microsoft Office install.

CRM_Client_InstallPath should be:    C:\Program Files (x86)\Microsoft Dynamics CRM\ or C:\Program Files\Microsoft Dynamics CRM\ for 32 and 64 bit respectively.

InstallPath should be:    C:\Program Files (x86)\Microsoft Dynamics CRM\Client\ or C:\Program Files\Microsoft Dynamics CRM\Client\ for 32 and 64 bit respectively

 

 

eBay spam WARNING!! - watch out these ones look good...

So now we are looking at eBay scams that are interested in hacking your eBay account so that they ca

So now we are looking at eBay scams that are interested in hacking your eBay account so that they can get details or account information.

Here is a typical email - the first thing to do is notice that there is a big button with 'dispute this transaction' which is not normally present. Also notice that the email is originating from outlook.com which is unusual for an eBay email:

Also notice that that if we hover over the 'Dispute this transaction' button we see the following:

So the domain name, although having the rover.ebay.com part in, is actually pointing to t.co which is Twitters forwarding domain (Ooops, that's a bit embarrassing) which then forwards you to http://disputetransactionebaycommunicationreview.com/webapps/a3889/websrc 

This page shows up as PayPal:

You can still see the phantom domain at the top though. This is obviously where they are interested in grabbing your PayPal details so do not.

Report this website address as false as soon as you can.

Forward the email to your ISPs spam service email support.

It should be noted that Outlook.com and Twitter.com are both being hijacked for this so beware as it will more than likely pass your anti spam filters!

 

HP DL360 G7 Red Screen of Death Illegal OpCode

This is a fairly disturbing occurrence - when your server, instead of booting-up, just after one rec

This is a fairly disturbing occurrence - when your server, instead of booting-up, just after one recommended update or a fist time reboot after install you receive a bright red screen explaining that the server feels it has done enough and will proceed no further. Not great news if you have a lot of users awaiting emails or database results and even worse if you've never seen it before.

 

 

Well this error can be related to a few problems related to running various forms of Linux on SD card drives but it can also affect those of us just running plain old Windows Server on the inbuilt 410i RAID controller.

In essence the message means that it is unable to read the boot device and so has thrown an HP level issue instead of a standard Windows or BIOS error.

I have found this problem in connection with the following:

  • Installing using iLO3 with a network accessed ISO file and then rebooting for the first time
  • Installing a recommended update to the NICs that made the whole server BSOD and then reboot into this and so we had to fix the error to find out that the DB was intact
  • Updating BIOS for the motherboard that has somehow disabled the USB boot in the BIOS and so lost the SD card boot device (which I was using on that occassion)
  • Installed the Windows iLO3 drivers which then somehow told Windows, because there was an ISO listed in the ILO3 boot-up system, that Windows was not the boot device

In order to fix these issues you should:

  1. Update the iLO3 firmware as there is a fix in th elatest versions (allegedly) but I have found this unreliable
  2. Disable the iLO if this fails at boot-up
  3. Change the boot order in BIOS so that your boot device is first and then:
  4. Boot from a Windows DVD and ensure you can see the boot volume and then use the inbuilt repair (this seems to be the best solution for Windows installs)

If all the above fails you can just try unplugging all the PSUs for ten minutes as this is a recommended solution from HP but only for the G8 servers. 

Good luck with a really distressing and fairly futile error screen.

WBAdmin snap-in failed to initailise

The other day we had an issue with the Windows Backup on a Windows 2012 R2 server that had previousl

The other day we had an issue with the Windows Backup on a Windows 2012 R2 server that had previously backed up OK.

On start-up of the Windows Backup application we received a message saying that the windows backup wbadmin snap-in failed to start and that we should restart the service and retry the snap-in.

When we tried the command line we received a message saying that the command was not available on portable workstations

After some looking around we found that a possible cause was that the registry had this entry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control

PortableOperatingSystem = 1

So we changed to 1 and then wbadmin stated that there were no jobs scheduled.

We then ran the following command in order:

  1. Get-WBPolicy | Remove-WBPolicy
  2. Remove-WBBackupSet
  3. Remove-WBCatalog
  4. get-Service *wb* | Start-Service
  5. Restart Windows Server Backup

We then found that the backup record was destroyed but that the service could be run in the GUI once more.

Current spam emails in 2017

6. February 2017 10:41 by sirclesadmin in
Sometimes a spamming email shows up that really does impress me, one that has been created by someon

Sometimes a spamming email shows up that really does impress me, one that has been created by someone who really knows how to spot spam and that they have designed to out-fox themselves and, of course, we send out warnings to users as soon as possible to mitigate the risk of these attacks.

In the current climate there are not so many of these, in fact the current crop is a bit weak, but nonetheless we shall go through a few basic steps for detecting emails that are not telling you the trutgh about their origins.

The most common emails are scamming you for passwords, such as the classic 'Apple' email:

 
 
 

Update your account when you're ready.

We suspect that someone is trying to use your account. When you're ready, click the link below to update your account information. For your safety your account has been temporarily locked.

https://appleid.apple.com/IDMSWebAuth/login.html?appIdKey=af1139274f266b22b68c2a3e7a.

Case ID: 662498345


This link will expire after 24 hours.

Sincerely,
Apple Support

 

 

Get help online
Visit Apple Support to learn more about your product, download software updates, and much more.

 
 

Join the conversation
Find and share solutions with Apple users around the world.

 

copyright 2016 Apple Inc.
All Rights Reserved / Privacy Policy / Support / Give us feedback
On behalf of Apple Distribution International

 

So first of all, let us verify the domain name of the link on the page. We shall do this by hovering our mouse arrow over the link and see what shows up:


 

Well well, the domain appears to be 3sinfo.net/wp-content/uploads/2017/02/ro which appears to be an upload folder on some unknown server with a .net extension. What is happening here is that the link has been set to display the text of the Apple ID website but actually links to 3sinfo.net - this is an immideiate sign of ingenuine intention and so this email cannot be trusted. The best thing to do is to delete this email and ignore its messages as there is undoubtedly no issue with your APple account and any attempt to use your account will be defended by Apple anyway and if someone has your password there is no way Apple would easily know that it was not you. These type of emails are the source of all two factor authentication that we now endure when contacting Apple involving mobile text messages and iPad PINs etc.

 

Spyware/Adware Tricks....

10. January 2017 09:07 by sirclesadmin in
Spyware/Adware Tricks....   Your PC is running Windows which means that there are a number of p

Spyware/Adware Tricks....

 

Your PC is running Windows which means that there are a number of processes running at any one time which are loaded into RAM. It also means that the Operating System (XP, Vista or whatever) is customised in a way to suit you and is not quite the same as any other installation of Windows. The information that these customisations are made up from is held in something called the 'registry' which is basically a map of all the software you have installed, what colour and background preferences you have and what hardware has been installed etc. The registry is held on the disk of your computer and can be edited using 'regedit' like you would a giant text document. Additionally you have a Hard Disk itself which hold all of the system files and application files that Windows is made up of. Spyware/Adware uses these tools to make sure that it is extremely difficult to remove.

The latest incarnations of Antivirus 2017/VirusResponse 2017/Windows 10 Antivirus etc are truly designed around Windows and being a continual pain in the neck. One could liken them to a Fungus that lives on trees in the way that they have evolved as a pest to Windows. Once one of these pests is either in RAM as a process or in the registry or on the disk, it can repeatedly reload itself from the Internet and re-materialise in RAM and the Registry. These latest version attach themselves to Internet Explorer as an 'add-on' that always takes you back to the same page where you are told you must buy yet more anti-spyware to clean your computer.

Most of these applications descend from Eastern Block countries and Russia. The example I was looking at the other day was from Russia. How do I know this? Well when the pestware takes you to a site to download itself again the domain name was http://startedwebsite.com/ which is registered to a gentleman (I think it's a he) in Russia. The website gives the impression that the user has already shut down but if you go to the full FQDN the pestware is still downloaded so they are simply pretending to have been shut down - they have literally thougth of everything -. They have also thought of everything when it comes to the design of the software. Let us talk about how to remove it in all of it's forms.

1. Close the Scanner application and delete c:\program files\vir* folder. The folder is not called vir* but virlib or virdub or something similar - it has a few varieties so delete the folder that starts with vir which contains the scanner and hold down [SHIFT] key as you press delete so that the pestware doesn't go into the recycle bin.

2. Start task manager [Ctrl+Alt+Del] and right click on any processes that resemble iebt.exe (i.e. iedbt.exe and the like) and choose 'end process tree' which are the processes that make the pop-up appear bottom right; make sure they are not re-appearing in the list then delete the c:\programs\application folder.

3. Go to the Control Panel and double click Internet Options and go along the top to the 'Programs' page. Click on the button that says manage add-ons. Highlight the add-on iebt.dll and then at the bottom of the applet move the blob into the disabled position. Also find 'Internet Services' in the list and disable this also.

4. Go to Control Panel and make a note of the names of the new programs that have appeared such as IEBrowse and Internet Explore. Make a note of these names exactly as they appear. Open the registry editor (Start=>run and type regedit and click OK or start=>all programs=>accessories=>run and type regedit and click OK if youre on Vista.)

!BEWARE! Editing the registry is dangerous and can render you system un-bootable or even unrecoverable!! ReadAllAboutIT or sircles.net take no responsibility for what may happen even if you follow these instructions correctly!

Browse to HKEY_LOCAL_MACHINE > Software > and find the entries with the names you noted (or just do a search for them.) Delete these entries from the registry. (Any software that is installed makes an entry here in the registry so that it appears in Control Panel under the add/remove programs list. It also adds a filed that shows Windows where the executable .exe file is which will remove that software which is what is triggered when you choose to add or remove applications.

5. Go to start=>run=> and type msconfig. Go to 'startup' at the top and remove anything to do with 'Virus Scanning' or 'Antivirus' that you have not purchased. (This software pretends to be an antivirus application and so Windows will actually warn you that it is out-of-date. Microsoft need to address this problem immediately as it one of the most emabarassing things i have ever seen befall a software company!)

Now restart your PC.

If all goes well you will not have the scanner restart, you will not go to the infected websites webpage when you open Internet Explorer and you will not receive a pop-up from the Notification Bar about having viruses.

Watching for new roothints and adware

OK, so you have your new Computer and you are dying to get cracking on the Internet as your ISP has

OK, so you have your new Computer and you are dying to get cracking on the Internet as your ISP has just made live your new broadband connection. Your computer was pre-installed and appears to have everything that you need including your bonus installation of Norton Antivirus or similar and free downloads for a year. You install your modem and are ready to go so lets go...

Antivirus Questions?

But maybe we should hold on a second. Norton Antivirus wins a lot of awards etc but then it would. It is manufactured by Symantec and they are definitely a leader in corporate antivirus technology and a good supplier to deal with on that level but they will charge you for any support as a home user and charge you to update your signature files after your trial period. A better option is to lose the installed antivirus and get AVG Free Edition from Grisoft which picks up as many viruses as any other home edition antivirus package. Grisoft's solution is available from http://free.grisoft.com/doc/1 and I would urge you to pay for the full edition if you are a business as the extra functionality is worth it. Avast Antivir are also perfectly good examples and are also free. Whatever you do, make sure you have a suitable solution before just surfing unknown pages.

You should also equip yourself with a Firewall. Surfing the internet without a firewall is leaving yourself open to attacks so at the very least make sure you have either the Microsoft XPSP2 firewall or one of these free firewalls: Kerio, Sygate, ZoneAlarm

ALSO: Keep Windows Updated! Many Windows updates are to close holes exploited by malicious programs and simply staying updated will keep a lot of infections off your system.

But what about Spy-ware?

What antispyware system should I use? Well first of all, a lot of decent antivirus solutions get spy-ware as well as ad-ware and viruses as they are all basically the same thing. They are all darn annoying and the primary reason new internet users run into trouble. Most of the anti-spy-ware solutions these days use all of the spy-ware and virus hassles to try and sell themselves - I have people calling me asking how to get spy-axe and spy-ware-killer OFF of their machines. These are not solutions being sold to enrich computer use, they are immature, trip-you-up pieces of software designed for a quick buck and some new users will be caught out. In my experience there is no anti-spy-ware solution - even the ones from Microsoft and the like - that catch most of the ad-ware and irritations that can be removed simply by going into Control Panel in Windows and removing everything you do not use or recognise.

If you are determined to use other means or have tried all of the above you can also run these on-line scans. PandaActivescan Housecall Scan although they require an Active X download which your Firewall may object to.

The following examples are all free also, and can happily coexist on the same computer:
Free Anti-Spyware: MS Antispyware AdAwareSE SpybotSD SpywareBlaster
It is important that your computer is run at minimum functionality. Windows is like a pen-knife - it can do almost anything you need it to - but if you are not hosting a website then make sure that the Web-Hosting features are uninstalled. You can do this in Control Panel under add/remove programs and then by clicking add/remove windows components on the left (Windows XP - the others are similar.) Every bit of unnecessary functionality can be used against you so try and run a tight ship. Make sure you have a reason to keep everything you see in this screen. If you don't use network printing then get rid of it. If you don't use Fax services then get rid of them. Every one you can dump frees memory and so decreases the work your computer is doing to swap out the page-file which equals more speed.

Once you have spy-ware/ad-ware or a virus infesting your system it will be taking you to an undesirable website or you will be getting pop-ups of some kind or whatever. Do not go running to the first advert you see. Your friends are the other people who have had the problem. Do a search on the Internet for a description of the symptoms and have a read of some articles that do not get money off of you for your custom. Forums and the like. There will be instructions. If you cannot get to a website other than the one to which you are unwittingly directed, go into control panel and add/remove programs, and get rid of anything with an incomplete name (I mean uninstall it by get rid of) or anything that you do not knowingly use. If you are unsure, then have a look in the documentation for the software name in question. Do not just uninstall everything you do not recognise, check the system again at each uninstall to see if the problem is cured so you know for sure which application was causing the problem.

Many viruses and the like kick-off their processes at boot up. There are many places in the Registry (a set of files that do a lot to tell Windows how it should behave) that these processes can give themselves shortcuts to start-up. If you go to the start button on your task bar and choose run and then type regedit into the box which appears, you will be presented with the registry editor. Beware!!!! The Registry is critical to Windows and if you mess about with it you can stop Windows booting up altogether so do not change anything without verifying the information from at least two sources!!! If you look at HKey_Local_Machine -> Software -> Microsoft -> Windows -> CurrentVersion -> Run and Runonce etc. you will see something like that below:

 

Many of the processes aggravating you or your computer are to be found here or other similar places in the Windows Registry. Note that in a lot of articles it is common to substitute HKLM for HKey_Local_Machine and that there are as many trouble causers as do-gooders so try and find a good source of information and verify it. Once you have found a source to be good more than a few times you can start to trust the information you find there.

With issues like SpyAxe where the product repeats that you have a virus, remember a few things. If the product it is asking you to install is not already installed then how can the computer know it has a virus? 

Please feel free to submit any other spy-ware problems at http://forum.sircles.net for us to have a look at. If you wish to try an anti-spy-ware application to help clear up your PC, have a look at the anti-spy-ware review site for a decent opinion of which one works best as we prefer companies to be inspired to make a good product rather than just hard-selling via cheap viruses and ad-ware; if they keep trying to hard-sell you things, tell us, and we will find a better link.

Windows Boot Recovery

10. January 2017 08:49 by sirclesadmin in Microsoft Windows, Troubleshooting
Windows 7 uses the Boot Configuration Data (BCD) which is a firmware-independent registry style coll

Windows 7 uses the Boot Configuration Data (BCD) which is a firmware-independent registry style collection of files for boot-time configuration data. It replaces the boot.ini that was used by NTLDR, and is used by Microsoft's new Windows Boot Manager which replaces NTLDR itself.

Boot Configuration Data is stored in a data file (formatted in the same way as a Windows registry hive) that is located either on the EFI System Partition (on machines that use Extensible Firmware Interface firmware which is an Operating System aware replacement for BIOS and communicates with the OS for things like MBR and ACPI) or in \Boot\Bcd on the system volume (on machines that use IBM PC style firmware).

Boot Configuration Data may be altered using a command-line tool (bcdedit.exe) pictured below:

by using WMI (Windows Management Instrumentation), or with 3rd party tools such as EasyBCD which allows for advanced configuration and support for non-Windows operating systems.

Boot Configuration Data contain the menu presented by the Windows Boot Manager, just as boot.ini contained the menu entries presented by NTLDR.

To Troubleshoot startup problems by using Windows RE, first try the Startup Repair option in the System Recovery Options dialogue box. If the Startup Repair option does not resolve the issue, or if you must troubleshoot manually, use the Bootrec.exe tool as described below.

The Bootrec.exe tool is the boot recovery tool in the Windows Recovery Environment (Windows RE) and is useful when trying to troubleshoot and repair the following in Windows Vista:

  • A master boot record (MBR)
  • A boot sector
  • A Boot Configuration Data (BCD) store

When you run the Bootrec.exe tool, you must start Windows RE like so:

  • Put the Windows Vista installation disc in the disc drive, and then reboot the computer.
  • Press a key when you are prompted by the DVD
  • Select the relevant language, time, currency and keyboard
  • Click Next
  • Click Repair your computer.
  • Click the operating system that you want to repair,
  • Click Next.
  • In the System Recovery Options dialog box, click Command Prompt.
  • Type Bootrec.exe, and then press ENTER.

NB:To start the computer from the Windows Vista DVD, you must configure the compute to start from the DVD drive in the BIOS.

Bootrec.exe optional switches:

/FixMbr
The /FixMbr option writes a Windows Vista-compatible Master Boot Record to the system partition. This option does not overwrite the existing partition table. This option is for when you must resolve MBR corruption issues, or when you have to remove non-standard code from the MBR.

/FixBoot
The /FixBoot option writes a new boot sector to the system partition by using a boot sector that is compatible with Windows Vista. Use this option if one of the following conditions is true:
The boot sector has been replaced with a non-standard Windows Vista boot sector.
The boot sector is damaged.
An earlier Windows operating system has been installed after Windows Vista was installed. In this scenario, the computer starts by using Windows NT Loader (NTLDR) instead of Windows Boot Manager (Bootmgr.exe).

/ScanOs
The /ScanOs option scans all disks for installations that are compatible with Windows Vista. Additionally, this option displays the entries that are currently not in the BCD store. Use this option when there are Windows Vista installations that the Boot Manager menu does not list.

/RebuildBcd
The /RebuildBcd option scans all disks for installations that are compatible with Windows Vista. Additionally, this option lets you select the installations that you want to add to the BCD store. Use this option when you must completely rebuild the BCD. If rebuilding does not resolve the issue, you can export and delete and then run this option again. By doing this, you make sure that the BCD is completely rebuilt. To do this, type the following:

bcdedit /export C:\BCD_Backup
c:
cd boot
attrib bcd -s -h -r
ren c:\boot\bcd bcd.old
bootrec /RebuildBcd

Windows 2003/XP/2000

Windows before Vista and Windows 7 did not use the BCD and Windows BootlLoader. Instead it relied on NTLDR and boot.ini.

Broadband Routers and Networks

8. January 2017 12:23 by sirclesadmin in
Broadband Routers and Networks This page deals with wired Broadband Routers but actually contains us

Broadband Routers and Networks

 

This page deals with wired Broadband Routers but actually contains useful information for any networking set-up, explained in as simple terms as I know how. If you are having issues with your wireless router then you may wish to have a look here as well, but the information on this page may also be applicable.

Firstly here are a few pointers for those of you who are stuck:

Router - The router is a modem or network card with a little computer and network card stuck to the other end of it. It has two IP addresses, one for the modem/network card on the internet and the other for your internal network. (The same applies for wireless routers only your internal network card is a wireless card) You will be able to surf the internet when your router has been given the correct username and password for your ISP and it gets an internet address to the modem AND has an internal network address which your PC has connected to with its own IP address.

IP Address - On the client machine (i.e. the computers you want to use to surf the web) this will usually be automatically assigned along with the Subnet Mask and Default Gateway.

Default Gateway - This is the IP Address of the router and is by default something like 192.168.1.1 for most routers or 192.168.2.1 or 192.168.0.1 for some others. It is the default first place to go for any traffic outbound to the internet from the computers wishing to surf - known as a first hop-.

Subnet Mask This will usually be 255.255.255.0 for most users. If you want a detailed explanation you will have to read on....

We are going to start at the beginning as it is always important to know the theory...

TCP/IP Networking is dependent upon every device on the network having an IP (Internet Protocol) address. An IP address is made up of 4 numbers, each being an eight bit value made up of 8 1's and 0's (bits). These numbers appear in the form x.x.x.x where x= 0-255, for example 192.168.0.1.

Each part of the Internet, whether in another country or whatever, is assigned a range of these numbers and each part knows where in relation each other part is and so traffic can be 'routed' from one part to another extremely effectively allowing us all to seamlessly communicate. 192.168.x.x is a special range of numbers put aside for 'Class C' internal networking (see later in the text for what Class C means) and has no users on the Internet.

An IP address allows all of the information sent to you to be routed to your host (a host is a device with an IP address on the network or internet). Your computer can obtain an address in one of two ways. Firstly you can go into the network configuration pages and give it a specified address, as below:

 

 

 

As you can see there are a number of values to consider concerning the configuration of an IP address. The IP address itself, the subnet mask and the default gateway are all integral to your computers ability to surf the Internet. Whether you are using a modem, wireless LAN card or a network interface card, it will be assigned an IP address, either manually or automatically, with DHCP. The subnet mask is what tells your computer what is on your own network and what is not. It does this by telling your computer how big your network is.

The Windows IP Address Configuration Panel

In the Example shown, the address is what is referred to as a 'Class C' address. This means that, as all of the values are at their maximum except the last, there are up to 256 hosts. If the subnet mask was 255.255.0.0 it would be a 'Class B' subnet allowing for 256 'Class C' subnets and so 65536 hosts. If I am on a Class C subnet with 256 hosts, only the last value in the x.x.x.x IP address can change before traffic will use the default gateway to get to the address it seeks:

 

 

 

In the example above, all addresses in the range 192.l68.0.x will be treated as internal because the subnet mask is 255.255.255.0 indicating a class c subnet which means that the internal hosts will send any packet that is not addressed to 192.168.0.x through the default gateway which is the router at 192.168.0.x. A subnet of 255.255.255.255 would therefore indicate it is the only address in the subnet. It should be noted that there is a convention for IP address. For the first value at the left, Class A addresses are 0-127, Class B are 127-191 and Class C are 192-255.

The alternative, as is more common and convenient, is that an address is assigned automatically by something called DHCP. DHCP (Dynamic Host Configuration Protocol) works by your system sending out a signal to everything else on the network (a multicast broadcast) that is has no address and any DHCP server device it reaches will respond to that request by leasing an IP address to that client for some predetermined period. For example if you are using the inbuilt DHCP server of Windows to share a network connection it will automatically use the address 192.168.0.1 as the DHCP server machine (the machine sharing the connection and handing out the IP addresses.) Each client that is configured to automatically receive an address (which is the default setting) will receive an address in the range 192.168.0.x and the default gateway will be 192.168.0.1 which is the 'way out' of the network to everywhere else and should always be the address of the connection to the internet. DHCP automatically provides as much networking information as you have configured the server with and can include the IP address, subnet mask, default gateway, DNS servers (for obtaining the IP address of a domain name like microsoft.com) and a host of other features. As long as you have the aforementioned four pre=requisites - IP address, subnet mask, default gateway and DNS server(s) you should be able (if you have connectivity) to surf to internet websites.

This is, however only taking into account your internal network. A router is a router because it routes information from one connection to another, or between three or more interfaces. Your broadband router has a connection to the internet via ADSL or Cable etc. and so it has either another network card or an ADSL modem on the internet. This interface, whether it be modem or network card, must also have an IP address, an IP address assigned by the Internet Service Provider (ISP) who routes the internet data to and from your routers external interface address. The example above shows this to be 217.45.145.40 which is a BT ADSL business address and can be looked up as such. BT have been assigned a range of addresses by the internet administrators and resell these addresses onto their clients. If your router has the correct username and password and is configured for the right type of line it will receive an IP address and then route the data it receives from each interface - i.e. the internet and your personal network - from side to side allowing you to browse, download and email etc. The external address is most likely obtained from BT by DHCP but your router will prevent the internet DHCP requests from penetrating your network leaving your own routers DHCP messages undisturbed. The external IP address must be one that your ISP is expecting as all of their routers are configured to route messages according to different addresses and if your routers external IP is unexpected it will not accept the correct incoming traffic.

A note for AOL users:

If you are having difficulty with browsing some sites such as Microsoft.com?, check the ADSL router MTU setting under WAN set-up and change it from 1492 to 1400 which should solve the problem.

The TCP/IP Protocol Microsoft DNS Microsoft Active Directory FSMO Roles

Windows Server Security Practices Your Windows network is reliant on a few basic elements that allow

Windows Server Security Practices

 

Elements Required for Active Directory

Microsoft DNS - This is a very different animal in Windows 2000/3 compared to NT4, not because of the way it does anything but because of what it is used for. Microsoft NT4, Windows 95/8 uses WINS - the Windows Internet Naming Service (rather confusingly named) to locate each other over inter-connecting LANs. The system basically works with DHCP, the Dynamic Host Configuration Protocol which ascribes an IP Address to your Network Interface Card and supplies the Default Gateway, DNS Server and WINS server and also registers you with WINS at the same time. One WINS server then replicates with another on another LAN and then the hosts can look up your workstation on their own LAN and the communication can be successfully routed between machines. DNS was simply for looking up domains on the Internet at this stage and had a 'Reverse WINS Lookup' feature for tracking down workstations from the DNS server. Microsoft DNS on Windows 2000 has the option of being entirely dynamic. It can be configured to live in Active Directory, has built in reverse lookup and is updatable just as WINS is from the DHCP server negotiation.- better!

TCP/IP - The Transport Control Protocol / Internet Protocol. This is just moving from it's fourth to sixth incarnation at present and it is a complicated protocol. It is routable in more ways than you can wave an Ethernet cable at and with version 6 supports IPSec as standard. It is the basis of nearly all inter communication of computers today, whether we are talking about Macintosh, Netware, Linux or Windows, they are most likely using TCP/IP to speak with their cohorts. Microsoft have favoured it for some time whilst Netware moved over at version 5. Macintosh jumped on the wagon (as opposed to leading the way as they normally do) and began dropping AppleTalk with the arrival of OSX. Although TCP/IP is referred to as a single protocol it is not. It is a standard set of amalgamated systems and the resultant protocol lives in layer 3 of the standard model. As with all other communications protocols, TCP/IP is composed of layers:
The Internet Protocol (IP) - is responsible for moving packets of data from one node to another. IP forwards each packet based on a four byte destination address (the IP address). The Internet authorities assign ranges of numbers to different organizations. The organizations assign groups of their numbers to departments. IP operates on gateway machines that move data from department to organization to region and then around the world. Each computer using the internet can do so because at some level it is using an IP address. Typically in most networks nowadays your LAN may have only one 'real' IP address at your router or firewall and your computer may use a 192.168.x.x or 10.1.x.x address. These are reserved address sets for computers in internal LANs and are assigned to no one. This is made possible by NAT and PAT which stand for Network Address Translation and Port Address Translation which is performed by your router or firewall so as to redirect any traffic your machine requested back to you.

The Transport Control Protocol (TCP)- is responsible for verifying the correct delivery of data from client to server. Data can be lost in the intermediate network. TCP adds support to detect errors or lost data and to trigger retransmission until the data is correctly and completely received. TCP makes TCP/IP a very robust system and allows different sections of the Internet to fall over and reroute data constantly and seamlessly.

Port Numbers - is a name given to packages of subroutines that provide access to TCP/IP on most systems. A socket is a combination of a port number and an IP Address and therefore uniquely identifies a network process on any individual network. There are many standardized port numbers such as 80 for HTTP and 25 for SMTP etc. A port number is basically a feature of a packet just like the routing header. It is a property that, instead of deciding where it is going, like the IP Address, it decides what it will do when it gets there and most likely whether it will be allowed to get there or not.

Microsoft Active Directory - Don't be put off by the way this is continuously described by Microsoft as all sorts of different things. The simple nuts and bolts of it are most easily described as follows. AD is a secured and replicated set of files shared around the domain or domains that allow all of the clients and servers to share and use information. For those of us familiar with the nuts and bolts of a Windows PC, it's like a replicated registry that is shared around the Domain Controllers. It sits in different files, just like the registry did, and it can be edited with a straightforward tool, just like the registry. It relies on five central roles for a forest to function. (A Forest is a collection of Domain Trees - yes I know very clever etc.) The replicated information that is shared to non DC clients is stored in the SYSVOL share on a DC and there will be a folder inside for each domain storing policies, scripts and other information. The old Netlogon share is now inside of the shared SYSVOL directory but is still shared as Netlogon for backwards compatibility. The Database of all DC only AD information is kept inside %systemroot%\SYSVOL - note that the SYSVOL folder shared to clients is inside of the first sysvol directory i.e. at %systemroot%\SYSVOL\SYSVOL. The database itself and the log files by default are kept in %systemroot%\WINDOWS\NTDS but the location can be specified when installing Active Directory to a server.

FSMO Roles - Flexible Single Master Operations (Pronounced by all the guys on the Microsoft Websites as Fuszmo.) So there you are, after all of the fuss Microsoft made about Windows 2000/3 no longer requiring a PDC or BDC it turns out that there are five different sorts of the darn things.
PDC Emulator - All Winnt fans know what this guy is bound to do. He emulated the old PDC on behalf of backwards compatibility. He also creates group policy objects and synchronizes the w32time service.
RID Master - Hands out the Global Unique Identifiers to each Domain Controller. Each object in Active Directory must have one to be indexed in the registry-like list. The RID hands out different sets to each DC for labelling all of the objects created on it.
Infrastructure Master - This guy is the Ambassador. He is monitoring everything to do with memberships of trusts and other domains. He checks that you are allowed into the country by having a good look at your passport- well you know the way things are these days.
Domain Naming Master - This ol' gal is the only central repository for child domain names. There is only one in an attempt to prevent duplicate domain names. Just as well, duplicate computer names are bad enough!
Schema Master - This fellow is responsible for changes to the Schema of Active Directory. In other words he is the man who alters the way in which data is stored inside of any types of object. If you want to add a field to the standard computer object then you've got to ask him.

OK so there we have it. It is worth remembering that Active Directory is dependant, not only on all of the FSMO bear roles but also on TCP/IP and Microsoft DNS because without either there is no transport with or from Active Directory.

So based on these observations we will start with a few pointers. When you are building or designing your new Windows Active Directory you will want to minimize network traffic and administration and to optimize ease of use. This may seem a confusing and daunting task but let us get things in perspective. Active Directory goes a long way to doing this itself and the design does not have to be completed before you begin your upgrades/installs. If it is not a huge network - i.e. less than 10 sites and 20 Domain Controllers - you are not going to notice a huge impact on how you do things anyhow, unless there are a lot of different bandwidth connections. Windows  Active Directory is based on replication and it can cause networking problems and bottlenecks when it gets itself confused and is using all of the available bandwidth, but these services can be stopped if they are bringing things to a halt whilst you work out what is going on. Active Directory does do some funny things just because of the order in which it is created so make sure you design your Upgrade path from the centre of your networks where the most bandwidth lies moving out gradually toward the more remote slower sites. But all of this is scare-mongering as much as anything else. If you are just upgrading or designing a single LAN network then the most important part is to choose the correct specification of servers and make sure you have checked with manufacturers and software designers that the upgrade paths have been tested and are supported. (This still doesn't guarantee anything so if you can, test it on a dummy example.) The worst kind of Microsoft designers are those who come to the job with all of the AD knowledge in the world but have neglected to think about where the servers will be plugged in. Try and effect a policy of security and robustness in where the servers are and how they are looked after as well as in how Windows is configured. Many server compromises are at source, remember that.

Some services work better together than others. The Domain Controllers should be DNS Servers, there is no point having a domain controller if it has no access to DNS and it forgoes the risk of losing communications during adding and removing Domain Controllers which can lead to catastrophic results. If there is a DNS server on board then you always at lease have a single copy of what is happening in the domain and it can be replicated once network communications have been restored. If there is only one DC in a site then they should be set as a Global Catalogue, a Global Catalogue keeps a copy of every object in the forest and if a site needs information on part of the forest it must be able to retrieve it without running home to momma down a slow connection. Sometimes replication must be set to copy to more remote sites when the office is out of use to retain bandwidth but replication can always be halted if a connection is beginning to feel the strain. Sites are important and define the replication characteristics of Active Directory. A site boundary should indicate where there is a connection to the main LAN over a lower bandwidth; just because you need a separate Windows site doesn't mean an separate Exchange site, Exchange is another animal when it comes to designing site boundaries.

A dedicated Domain Controller is always a good idea, a server that can deal with the FSMO roles which need not be distributed over different servers unless your domain exceeds 2000 clients. The FSMO roles are a difficult point because there are they are single entity for an entire domain. With enough changes being made to the domain the workload can become such that you will have to redistribute the roles to multiple servers, the name changing role and the schema and operations master are a good place to start. As a rule, if you are including Microsoft Exchange, the Domain Controllers should have the Active Directory Connector for Microsoft Exchange installed and it is also a good machine to have in charge of your antivirus and DHCP. WINS should be phased out once all clients and servers have been moved over to 8 or 10 and your network performance and reliability should start to increase as duplicate WINS entries and the need to replicate the WINS servers become things of the past.
 
Lastly always change the logon name for the Administrator account to something difficult to guess as a lot of the scripts that people run trying to compromise security rely on password lists which pre-supposes the administrator account login name.