Thursday, December 17, 2009

RegRead and Error -2147024894

Error -2147024894 appears when you use the WScript.Shell RegRead object to read a registry key that does not exist. But why would you get this error when the key does exist!

Probably because you are running your code inside a HTA and using a 64bit operating system.

The HTA environment is mshta, which is 32 bit. This means that when your code reads registry entries such as HKLM\Software\Microsoft\Windows via a HTA on a 64bit OS it is really reading HKLM\Software\Wow6432Node\Microsoft\Windows. Therefore if you have values or keys at HKLM\Software\Microsoft\Windows and not at HKLM\Software\Wow6432Node\Microsoft\Windows then you will get error -2147024894 because the value/key cannot be found.

Run the HTA on a 32bit OS and it work fine. But most confusing is that if you take the code from the HTA script and save it to a .vbs or .js file and run it (on the 64bit OS) via wscript or cscript then the script will find the registry key at HKLM\Software\Microsoft\Windows because in this instance the wscript or cscript environment is 64bit.

Of course this is true for any HKLM\Software registry entry.

Tuesday, November 17, 2009

Scheduling Backup on Microsoft Hyper-V Server

To do a backup of the virtual machines installed on your Hyper-V Server (2008 or 2008 R2 editions) you need to complete the following steps.

  1. Install the backup feature by typing start /w ocsetup WindowsServerBackup from the command prompt.
  2. Get a list of the drives on which Hyper-V Server has stored virtual machines. This will be C: unless you have made changes.
  3. Determine the times you want to run the backup at.
  4. Determine the drive letter of the removable disk by typing at the command prompt each of the following commands
    1. diskpart
    2. list volume
    3. The disk drive letter will be displayed for the disk that matches the size of your removable disk.
    4. Type exit to exit diskpart.
  5. From the command prompt type wbadmin enable backup -addtarget:x: -schedule:hh:mm,h2:m2 -include:y:,z: -systemState -allCritical to backup to drive X: the contents of drives Y: and Z:, the system state and all drives critical to the running of the server.
  6. Confirm you want to schedule the backup at times HH:MM and H2:M2 (for twice a day). If you want one backup a day use HH:MM and if you want more than two just comma separate a group of times. Enter times as per local timezone. Check the current time on the Hyper-V Server by typing time from the command prompt.
  7. Start a backup now if you want by typing wbadmin start backup and confirming to use the same settings as the scheduled backup.
  8. Backup will proceed in the console. If you log out backup will remain running.
  9. Enter wbadmin enable backup to see the settings you have enabled.
  10. Type wbadmin get versions to see what backups have completed.

Wednesday, July 08, 2009

Booting a Server with a USB Key

There are numerous instructions on the internet for creating and booting a server with a USB key, but they were all complex or hard to read – even for a techy like myself.

So I thought I would rewrite a simple list of instructions to allow you to create a DOS bootable USB pendrive/key that you can use for any purpose (i.e. flashing BIOS's and other low level functions, as well as booting into other operating systems).

  1. Download download bootable_usb.zip from www.lowfps.com. This is the website these instructions are based on, but I wanted something clearer than that.
  2. Extract the download to a temporary location (i.e. C:\Users)
  3. Run the HP bootable media.exe program and install the software.
  4. Insert the USB key you want to use – it will get wiped during this process to backup its contents if needed.
  5. Run the HP USB Disk Storage Format Tool from the desktop or Start Menu. If you are using Vista or later then you will need to run the program in elevated mode (right-click program and choose Run as administrator).
  6. Select your USB key and choose to do format the key with the FAT or FAT32 file system. Choose Quick Format and select Create DOS Startup Disk. Pick the sub-option "Using DOS files located at" and select the same "DOS Files" subfolder in the location where you extracted the download too (C:\Users in my above example).
  7. Click OK. The USB key will be wiped during this process and a copy of the core files for Microsoft Millennium DOS will copied to the key.
  8. When complete copy to the key any files that you need to execute in DOS mode on the PC (for example I needed to update the BIOS on a x64 Windows Server 2008 Server Core installation running on a Dell Optiplex 755 and it said this was not allowed). The files you copy to the key must work in DOS though.
  9. Shutdown the server and insert the USB key. You must do a hard reboot, a restart will not work.
  10. Restart the server and press F12 to bring up the one-time boot menu (if you do not have this option then go into setup [Del or F2] and ensure USB booting is enabled and set to the primary option).
  11. In the boot menu choose the USB key option.
  12. From the C:\ prompt run the programs you need to start. Note that this is old style DOS and not the Command Prompt in later versions of Windows – so no command completion using the TAB key. So place the files in or near the root folder.

Friday, July 03, 2009

Windows Backup Failure on Windows Server 2008

I recently had a case where Windows Backup would fail at approx. 75% complete during a full backup. The backup utility and command line both reported that "The system cannot find the file specified". The Event Viewer/Application... Services/ Microsoft/ Windows/ Backup/ Operational reads "Backup target is running low on free space. Future backups to this target may fail for want of enough space." and then at the same time and immediately after that we get "Backup started at TimeZ' failed with following error code '2147942402'" which means file not found or unknown error.

After a series of email communications with the Windows Backup team at Microsoft India (where, incidentally, the program was developed) the answer came back that I should run chkdsk /r and reboot the server. As this process can take hours this occurred out of hours and actually in my case needed to be repeated twice. A normal chkdsk command, run whilst the server was online, reported that the disk had errors and could not continue.

After running chkdsk /r twice, from an elevated command prompt, the backup started to work again.

Wednesday, June 24, 2009

Uninstalling Virtual Machine Additions in Hyper-V

The error message "this installer may only be run inside of a virtual machine" appears when you try to remove old virtual machine additions (from Virtual Server 2005/Virtual PC 2004) when running the virtual machine in Hyper-V.

The migration guidelines recommend the removal (but do not mandate it) of the Virtual Machine Additions. But this is probably because later versions of the additions can be removed from inside Hyper-V, earlier versions cannot.

The problem is the existence of this software stops the installation of the Hyper-V Integration Services.

So to remove the Virtual Machine Additions of the Hyper-V guest (that has been previously used in Virtual PC/Server) you need to do the following:

  1. Shutdown the Hyper-V virtual guest
  2. Share the folder containing the VHD for this guest
  3. Install Virtual PC 2007 or later on another computer
  4. Create a new virtual guest on the Virtual PC, pointing the VHD property to the shared VHD on the network and do not create undo disks.
  5. Boot the Virtual PC guest and uninstall the Virtual Machine Additions. Any prompts about new hardware should be ignored by pressing the Cancel button.
  6. The removal process will require a reboot. Once the reboot has completed you can then shutdown the virtual PC.
  7. Remove the Virtual PC guest, stop sharing the VHD folder and restart the guest in Hyper-V.
  8. Install the Hyper-V Integration Services.

If the virtual guest is so old as to have a Standard PC HAL installed then attempts to install the Integration Services results in the following error "Setup cannot upgrade the HAL in this virtual machine. Hyper-V integration services can be installed only on virtual machines with an ACPI-compatible HAL. For information about hardware requirements, see the Hyper-V documentation".

This cannot be fixed and so if you have an old virtual machine that has a Standard PC HAL (from Device Manager > Computer) then do without the integration services or rebuild the guest from scratch.

Tuesday, June 16, 2009

Message Tracking Logs ‘And/Or’ Error

The following message appears in the Exchange Server 2003 message tracking logs:

The object 'and/or' in the message tracking logs can't be found in the directory.  The object may have been deleted.  The tracking history may be incorrect.

This is an error that can be ignored as it does not mean that the email message that you are tracking has not been delivered (discounting other errors that is).

This error occurs in the Exchange Server 2003 tracking logs because the logs store the name of the recipients server, and if the recipients server is determined to be ‘and/or’ then that is what the log will read.

I have noticed that this error occurs when Exchange Server 2003 talks to Exim 4.69 servers with the following welcome message:

220-server.fqdn ESMTP Exim 4.69 #1 date time
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.

This welcome message is spread across three lines and the last line reads “220 and/or bulk e-mail”. Exchange uses the first word following 220<space> (and not 220<dash>) as the server name.

For example, the following is the welcome banner displayed by Postini/Google, which is a single line:

220 Postini ESMTP 108 y6_19_2c0 ready.  CA Business and Professions Code Section 17538.45 forbids use of this system for unsolicited electronic mail advertisements.

Therefore Exchange will identify this server in the message tracking logs as “Postini”.

Monday, June 08, 2009

Editing the Registry on x64 Windows Computers

This is, in the main, just a quick note to myself! When editing the registry on a Windows x64 based computer, but the program that will read those registry settings is a 32 bit application then you need to change the location that you edit to the “Wow6432Node” rather than the usual location.

Note that when blogs and other technical articles write down a registry key they do not often mention that the registry location you need to change is not what they have written down!

For example, there is a problem in the Windows 7 RC release in which Internet Explorer 8 does not show some webpages resulting in an error “A webpage is not responding on the following website:” (see http://support.microsoft.com/kb/970858). The registry key describes setting the hangresistance value, but as Internet Explorer is a 32 bit application you need to set the hangresistance value at HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ and not at HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\.

If you follow the advice in the Microsoft support article KB970858 then it will not fix the problem on a 64 bit machine. You need to edit the Wow6432Node value instead.

There is an x64 version of Internet Explorer installed, but the common one that people use is the 32 bit version – if you use both, set both registry keys.

Friday, May 29, 2009

Running MOC Courseware Virtual Machines on Windows 7 RC

Once you have installed Windows 7 RC and downloaded Microsoft Virtual PC you might have the need to run Microsoft Official Curriculum courseware virtual machines. And therein is a problem.

The virtual machines are built to use Virtual Server 2005, but that cannot install in Windows 7, so you cannot use the Lab Launcher. Though you can install the courseware drives, you will need to run the installer in compatibility mode or the VHD installer will not run.

Once you have the VHD files unzipped you need to configure Microsoft Virtual PC to load them up. This though is a problem if you are not located in the same timezone as the creators of the base disks (PST timezone).

The steps to create a virtual machine when you are in a different timezone are:

  1. Start the virtual machine wizard and make a note of the location value. You will need to modify files in this location later on
    image
  2. Set memory and untick the network connections option
    image
  3. Browse to the exiting hard disks folder. Enable undo disks at this time as well
    image
  4. If you are in a different timezone you will get the following cryptic error
    image
  5. Click OK and modify the file used to point to either any of the “allfiles” disks (as these are not differencing disks) or create your own empty vhd for the time being
    image
  6. Complete the creation steps and then bring up the settings of the new virtual machine (with the wrong disk attached)
    image
  7. Modify the network settings to Internal Network and add any additional disks needed (this will be described in the full setup guide for the course) and close the settings dialog.
  8. Browse to the folder that contains the actual settings file (the vmc file). This folder is the location value from step 1 (defaults to C:\Users\username\AppData\Local\Microsoft\Windows Virtual PC\Virtual Machines).
  9. Open the vmc file in Notepad (or an XML editor) and change the settings to that which you require. These changes are for disks. Look for ide_controller 0 and ide_controller 1 (if present) and change the name of the vhd file to the correct disk name.
  10. Modify the time sync. settings as per disabling-time-synchronization-under-virtual-pc-2007. The virtual machines from Microsoft for training purposes have a grace period and if you bring them up with the current date/time on them (which Virtual PC 2007 does automatically) then you will need to activate them.
  11. Save the file when your changes are completed.
  12. Start the virtual machine. You will see this error message - Inconsistency in virtual hard disk time stamp detected - The virtual hard disk's parent appears to have been modified without using the differencing virtual hard disk. Modifying the parent virtual hard disk may result in data corruption. It is strongly recommended that you mark the parent virtual hard disk as read-only to prevent this in the future. If you recently changed timezones on your host operating system, you can safely continue using this virtual hard disk.
    image
  13. This can occur for a number of reasons, but if the reason is timestamps then click OK. DO NOT click the option not to show the message again, or you will not be able to get past this error without modifying the options.xml file in C:\Users\username\AppData\Local\Microsoft\Windows Virtual PC.

The virtual PC will start, and will prompt you about updates to the integration components, but that is only a minor , so that can be ignored when you are presented with that error, unless you want the error to never show again per machine, in which case install (at your own risk and numerous reboots) the integration components.

Finally, you might need to reactivate some machines, as the hardware will have changed.

Thursday, May 28, 2009

Create i386 CMAK Profile on x64 Machine

Informing users and clients how to connect their Windows PC to a VPN connection is easy, but could be easier. There are a few questions to answer and having the user type this in might mean wrong answers, and therefore a supsequent support call would be required.

To ease this issue, and reduce the support call costs Microsoft have made available for a number of years the Connection Manager Administration Kit (CMAK). Lots of websites and blogs describe how to make CMAK profiles but to date none that I can find solve the problem of installing CMAK on a x64 version of Windows 2008 (for example Small Business Server 2008, but any x64 bit architecture will do) and attempting to deploy the resulting executable on a i386 XP architecture.

The CMAK program within Windows 2008 (added to the default installation by adding a feature) has options for the creation of a "downlevel" build (i.e. XP, 2003 and 2000) as well as a Vista build (which covers 2008 and Windows 7 as well) but the resulting executable made from the downlevel option is not valid.

The reason for this is many. Firstly the executable is constructed using iexpress.exe on an x64 machine - resulting in a x64 installer that will not run on a i386 machine. Fix this problem (see below for steps) and you find that the installer runs a program to actually create the connection object in the Network settings area of Control Panel, but this program (cmstp.exe) is also x64 architecture and so will not run on an i386 architecture machine.

Before we go into the steps to do this successfully, here (for the benefit of the search engines) are the different errors that you will see:

  1. This profile was not built for this processor architecture. Please contact your Administrator to get the appropriate profile for this architecture.
  2. profile.exe is not a valid Win32 application.
  3. Error creating process <c:\docume~1\user\locals~1\temp\ixp000.tmp\.\cmstp.exe>. Reason: C:\WINDOWS\system32\advpack.dll

To fix this and create an i386 connection profile on an x64 architecture machine involves modifying the file that controls the creation of the executable (the .sed file) and getting two files from either an i386 Windows Server 2003 installation or an i386 XP installation.

First for those extra files. On the Windows 2008 Server that has CMAK installed, and having successfully created a profile (see windowssecurity.com and uksbsguy for profile creation steps) you need to create a folder called i386 inside C:\Program Files\CMAK\Support\en-US (C: and en-US might be different on your installation). This is best done from an elevated command prompt. Inside this folder place advpack.dll and cmstp.exe from an i386 installation of Windows Server 2003 or XP Professional (ensure latest service packs and patches on the source machine as well). Both of these files are found in \windows\system32 on the source installation.

Secondly, also from the elevated command prompt, you need to create a copy of the .sed file for each architecture you want to build for. The .sed file is named after the profile name that you have created and is located in a subfolder of C:\Program Files\CMAK\Profiles\Downlevel where the subfolder is the name of the profile. The default .sed file will work on x64 XP. Therefore to create a .sed file for i386 XP copy profile.sed to profile-i386.sed and then open this file in notepad (by typing notepad profile-i386.sed from the elevated command prompt).

The third step is to edit this .sed file so that the entries that point to the location of cmstp.exe and advpack.dll are to the new files you copied in the first step. Therefore change the line that starts FILE0= and the line that starts FILE1=. These should read something like the following:

  • FILE0=C:\Program Files\CMAK\Support\en-US\i386\advpack.dll
  • FILE1=C:\Program Files\CMAK\Support\en-US\i386\cmstp.exe

Additionally, but not required, I also change the TargetName= value from profile.exe to profile-i386.exe so that it does not overwrite the x64 executable that has already been created by the CMAK wizard and I edit the InstallPrompt= value to include something that indicates that I am about to install the i386 version of the connection object.

Now close and save the changes made to the new .sed file.

Finally you can build the executable. But the fun does not stop here. You might have noticed from the errors above that one of the errors is that the executable is not a valid win32 executable. This occurs if the x64 version of iexpress.exe is used to create the installation program. You need to use the 32 bit version that is installed on the x64 machine. The 32 bit version of the program is found in c:\windows\syswow64 (this stands for Windows On Windows 64) and so from the elevated command prompt type \windows\syswow64\iexpress /N profile-i386.sed (this is one command on one line if your browser happens to wrap the text over two lines). This will create the executable named after the TargetName value in the .sed file. This can then be copied to your software installation share and deployed to your users.

CRM 4 Fails to Run In Outlook on Terminal Services

If CRM 4 Client is installed on a Citrix/Terminal Services server and the initial installation (done when in CHANGE USER /INSTALL mode) also includes starting Outlook for the first time then a registry key is set in the Terminal Services registry shadow. This means that once you go into CHANGE USER /EXECUTE mode and a new user logs in they get the registry keys set during installation as part of their profile.

This is by design if the registry keys that are set are not needed to be unique per person. And CRM has one registry key that needs to be unique for each user logged into the terminal server. This is the ClientRemotingChannel registry value located at HKCU\Software\Microsoft\MSCRMClient.

If more than one person is connected to the terminal server and running Outlook with CRM configured then behind the scenes the CRM hoster application will be running. The ClientRemotingChannel registry key controls the ability of this application to communicate with Outlook and the CRM server and therefore this registry value must be unique for every logged in user on the terminal server at the same time. If more than one user has the same value (which they will if initial installation is done as above) then the 2nd concurrent user will fail to connect to CRM via Outlook – web access will work fine.

Therefore ensure that the shadow registry value for this (HKLM\SOFTWARE\Windows NT\…\MSCRMClient) is not set and that all users that already have a duplicate value have the registry value deleted. The hoster application will recreate the registry value when it starts with a unique value if the registry setting is missing.

A clue to the existence of this error will be the application event log error "Failed to create an IPC Port: Access is denied".