Carl’s Blog

Many people know that there is a file called SYSTEM.SAV under \windows\system32\config, along with all the other registry hive files. Most people also know that this is a backup copy of the SYSTEM registry hive, from some time in the past – usually years ago, but when does this file become extremely important and useful, and when and why was it created ?

I thought I would write this blog post to describe some observed behaviour / patterns and how this file needs to be utilised for repairing some sometimes seen damage on XP computers.

The problem I sometimes run into is: Corrupt file system or Windows installation. A repair install is undertaken. After the text-mode part of the re-install, when the GUI starts, you are prompted with message “The file ‘Asms’ on Windows XP Professional CD-ROM is needed. Type the path where the file is located, and then click OK.”

What is interesting here is that the Path in which setup is looking for the installation files is something like \\GLOBALROOT\CDROM\Blah. If you change it to D:\i386 this does not help.

So we hit CTRL-F10 for a command-prompt, then we type sysdm.cpl to fire up system properties, and we look in Device Manager. We can see that the CD-ROM device is broken. This is because of the common broken Upper / Lower filters problem. The cure for this is to enter the registry, under HKLM\System\CCS\Control\Class\4D36E965… (the one that says DVD/CD-ROM drives on the right), and remove the UpperFilters or LowerFilters (see http://support.microsoft.com/kb/314060), then reboot.

So we do the above, reboot (nicely, by clicking cancel on the “asms” prompt, or ending setup.exe through taskmgr). After the reboot, setup will automatically restart from the same point, and we hope that the CDROM drive will be working and setup will be able to find the installation files.

But it doesn’t work! We are back where we started! We hit CTRL-F10 and check in device manager, and in the registry, and the UpperFilters or LowerFilters are back! It’s like we’ve been working on a temporary copy of the registry and not the proper registry! Any changes we made were lost when we rebooted!

Well this is what SYSTEM.SAV is all about. It seems that during the in-place upgrade / repair install, Setup is moving the existing SYSTEM registry to SYSTEM.SAV, and it is dumping that into a new SYSTEM each time it is started, or something to that effect.

So, if we want to make registry changes during setup that will be effective upon reboot/restart of setup, we need to make the changes in SYSTEM.SAV. Go into regedit (CTRL-F10 -> regedit). File -> Load Hive. Find the file SYSTEM.SAV in \windows\system32\config, load it, enter “system.sav” for the name. It will show up under that name. Find the UpperFilters or LowerFilters or whatever you need to modify under the system.sav part that now appears in regedit, make the changes, then highlight system.sav again and go to File -> Unload hive.

Reboot, let setup restart, and watch it work*

*You may need to remove the CD-ROM drive from Device Manager (CTRL-F10 -> sysdm.cpl) and then “Scan for hardware changes”..

I picked up a Vodafone branded Nokia E72, because I was getting really fed up of my Palm Pre for loads of reasons.

The Vodafone UK supplied E72 doesn’t seem to be sim-locked and took my o2 sim card just fine, but I wasn’t happy with the Voda customised firmware, and I wanted the latest firmware update which isn’t available for the Voda product code.

As I have done many times before, I used Nemsis service suite to change the product code to 0573569, which is some EURO – BLACK product code. This product code had the latest firmware available anyway.

I then used Nokia Software Updater and it told me there was new firmware available and it did the upgrade.

That was over an hour ago and the phone has been bricked since, that is until I did a hard reset just now. Phew!

When the USB cable was plugged into the phone, the Nokia USB Flashing Parent device would be detected in device manager for about 10 seconds, then the phone would bleep and it would disappear. NSS, Nokia Software Updater, and Phoenix all couldn’t see an attached deviced.

I was getting ready to tell my supplier that I’d broke another phone (I had an E55 die after not very long ..)

I’m still not quite sure if it’s *, 3, Green/Dial that have to be held down on the full QWERTY Nokias, or if it was Shift, Space, Backspace. I think it was the latter. Anyway, the phone has sprung into life.

The “unauthenticated network” in Vista, which means RDP and many other things do not work (basically, it has broke kerberos) was in my case due to two computers having the same name.

I have no idea why I was allowed to join a Windows 7 laptop called Julian-PC to the domain when there was already a Vista desktop called Julian-PC on the domain.

There were no warnings of duplicate names on the network, but adding a new computer to the domain with the same name as an existing computer caused the existing computer’s Computer/Machine Account to be overwritten in active directory, and so the machine was no longer a working domain member and kerberos/authentication was broken. We were seeing “cds.local 2: unauthenticated network” instead of just “cds.local”.

Hope this helps others.

Try checking that MSXML 4.0 is installed. I spent many many hours tracing the source of a non-functioning finance lender’s system, which was due to MSXML 4.0 not being installed on some of the workstations.

I took a chance on one of these phones from eBay. I was half expecting that they would be unusable without an Avaya system in place (Communication Manager, SIP Enablement Services (SES) etc.), and that they’d basically be Avaya-only.

As luck would have it, they work just fine with FreeSWITCH. I haven’t set up much though. I just called the FreeSWITCH test IVR on 5000, listened to some music on hold and an echo test from FreeSWITCH hosted on this laptop. I am looking forward to playing with the Exchange integration though.

The Avaya IP Telephone File Server application (MV_IPtel) is pretty horrible, and in the end I didn’t use that. I actually went through all the hassle of loading up a CentOS 5 virtual machine on this old pre-hardware-virtualization Ubuntu laptop, just so I could load up that app, and what a waste of time that was.

So, all that needs to be done is:

Firstly, the phone comes out of the box running H.323 firmware. You need to get into the phone’s settings by pressing # when first prompted. The default password is 27238 (CRAFT).
In there you need to change the signalling from H.323 to SIP with the SIG option. This means that upon the next bootup, when the phone finds the 96xxupgrade.txt script, the script will direct it to download the sip firmware.

While you’re in the phone’s setup, set the “File Server” to the IP address of your web server where you will be putting the firmware & config files. Also set the phones IP address if you’re not running a working DHCP server. The IP address of the file/web server should be settable as a DHCP option, I am not sure of the option number though.

You need to download the latest SIP firmware. As of this writing it is version 2.5. Download the firmware from here. Download the zip file.
While you are there, download the 46xxsettings.txt file, as this will become your configuration file where you will fill in the FreeSWITCH / Asterisk IP address/port, and any other options that interest you. Most options are there but commented out with “##”, so you just un-comment and alter accordingly.

Extract the contents of the firmware zip file, and place it, along with the 46xxsettings.txt file into the root of your web server – the 96xx phones use HTTP, not TFTP.

Edit the 46xxsettings.txt file: un-comment (remove the two ##’s from the beginning of) the SIP_CONTROLLER_LIST line (about line 2829 in my version of the config file), and edit the line according to the IP address and transport type of your SIP server. In my case, I am using plain SIP over TCP on port 5060, so that line looks like this:
SET SIP_CONTROLLER_LIST 192.168.1.1:5060;transport=tcp

Save that file, boot up the phone and let it do its stuff. When the phone asks you to log in, you just enter a valid extension number and password and you’re away. Now, I’d better go and buy some more of these phones before they’re all gone off eBay!

This is the second time I have encountered this now. Both sites were completely unrelated and had different IT admins. In each case, for whatever reason EAS was not working, probably due to SSL problem or IP address restrictions, but in trying to fix the problem, the IT person left the machine with ExchangeVdir set to /exchange-oma, but no such virtual directory in IIS.
To fix, I simply removed the ExchangeVdir registry entry, but according to MS KB article 817379, on SBS 2003 the key should indeed be set, and a virtual directory should exist called exchange-oma. Therefore, it seems that the IT person is doing the re-build of Exchange IIS virtual directories (as per the well known MS KB article where you do the metabase edit), but the re-build does not create the SBS-only non-standard exchange-oma directory. I am guessing that the CEICW recreates the exchange-oma virtual directory, otherwise it must be manually created as per kb817379.

In any case, this is something to look for when EAS does not work. The IIS logfiles show the requests for /exchange-oma, which does not exist.

The key issue here is that in attempting to fix a problem, the IT person compounds the problem with exactly the same symptoms but a totally different cause. They probably then move on and fix the initial cause of the problem, but it still doesn’t work because they just goofed up the ExchangeVdir stuff.

Trying to do a physical to virtual conversion so that this blog can be put on the VMWare ESXi 4 box, and the little HP box can do Asterisk (VMWare didn’t play well with Asterisk).
After much frustration (need 32-bit libs on Fedora for the Converter to run), I still couldn’t quite fathom out why the converted machine failed to boot (“cannot find root”), then it dawned on me that the VMWare converter was not finding the root filesystem because it was on a linux raid1 mirror partition, which the converter doesn’t support.

Rather than transferring manually, here’s what I did:
fdisk
change partition type of RAID partition from type fd (linux raid autodetect) to 83 (linux ext). This might not be necessary, but it should prevent the kernel from auto-configuring RAID for that partition.
cd /etc
mv mdadm.conf mdadm.conf.old (i.e. remove the mdadm.conf configuration file, but keep as a backup just in case).
mkinitrd /boot/initrd-noraid-`uname -r`.img `uname -r`
(basically we’re doing “mkinitrd /boot/initrd-noraid-2.2.15-el5.img 2.2.15-el5″ if 2.2.15-el5 is your running kernel version.. the uname -r substitutes this for us.)
cd /boot/grub
edit grub.conf and change kernel boot parameter root= to reflect partition without raid, e.g. change from /dev/md0 to /dev/sda2, also change the initrd= line to /boot/initrd-noraid-x.x.x.img

Now the initial ramdisk has no mdadm.conf, and the partition type is no longer set to linux raid autodetect (type fd).
Power down, remove one of the RAID1 disks, and the system should boot and run now off the other disk without RAID.

VMWare converter now works. Job’s a good ‘un.

Internet Explorer 7 / 8 appear broken. Error pages such as “Certificate Error” do not display full information, lots of script errors, “more information” gives blank information, can’t click “continue” on certificate error pages (which means you can’t accept a self-signed cert).

Fix: (download subinacl first).

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
subinacl /subdirectories C:\ /grant=administrators=f
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories C:\ /grant=system=f

I have just installed the beta of Exchange 2010.

It seems that when accessing OWA through Firefox or Epiphany on Linux, we’re only given the option of OWA Light, therefore exactly the same experience as with Exchange 2007.

Firefox on Win32 works as expected. How obviously intentionally lame.

Fortunately we can override the useragent in both Firefox and Epiphany (my preferred browser due to FF’s annoying right-click Linux bug).

Go to about:config in the address bar, click on the “I’ll be careful” thing to carry on, and right-click, create a new String, called general.useragent.override with the following as the data:

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8

Close and reopen Epiphany or Firefox and Exchange 2010’s OWA Premium works perfectly

Note: you must close all Epiphany or Firefox windows for this to take effect.

Even better is that you can use Prism to launch OWA “as an application”. You will need to edit /usr/share/prism/default/preferences/webrunner-prefs.js and add the following line:

pref(“general.useragent.override”, “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8″);

See screenshot below:

OWA Premium from Exchange 2010 launched through Prism on Ubuntu Jaunty

RRAS won’t start because service “NetBIOSGroup” failed to start.

This is due to broken “NetBIOS Interface” service, which provides “Group = NetBIOSGroup”.

Import the following .reg file and reboot the server: http://www.css-networks.com/netbios.reg