Carl's blog
Carl's geek blog
SBS 2008 Unbootable after partition resize – winload.exe; Status: 0xc0000225; Info: The selected entry could not be loaded because the application is missing or corrupt.
Dec 11th
The server is all done. One last thing to do – resize that Dell OS partition now that we have the Data partition on a separate 500gb RAID1.
Being an old fashioned person (read: not a Vista user, and new to SBS 2008), I didn’t think to use Disk Management to do the resize. I used Acronis Disk Director. This resulted in the system not booting, with the above error message.
I was at a bit of a loss for what to do. I ran chkdsk from an NTFS bootdisk and this made no difference. Obviously there is no boot.ini any more, and to make matters worse, the Dell supplied SBS 2008 DVDs are non-bootable, so I was a bit stuck.
Whilst waiting the 2hrs for the SBS 2008 DVD ISO to download from Microsoft.com, I thought I’d try out a Vista disk and see if that would repair the bootmgr. It did and now all is well.
The problem is apparently caused by the UUID of the partition changing, leaving the bootmgr unable to find it, as per this article.
Internet Explorer error pages blank and missing information, can’t click continue or more information.
Dec 11th
Internet Explorer 7 / 8 appear broken. Error pages such as “Certificate Error” do not display full information, lots of script errors, “more information” gives blank information, can’t click “continue” on certificate error pages (which means you can’t accept a self-signed cert).
Fix: (download subinacl first).
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
subinacl /subdirectories C:\ /grant=administrators=f
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories C:\ /grant=system=f
for %a in (param1 param2 ..) do something with %a
Dec 11th
This is useful. The params can be a filespec, e.g. “*.pdf”, or they can just be values given on the command-line.
Let’s say you are remotely accessing a computer, and you want to release and renew its IP address. When you release the IP address, you’ll lose connectivity and won’t be able to renew. You could make a batch file, or you could do:
for %a in (release renew) do ipconfig /%a
This will run “ipconfig /release” followed by “ipconfig /renew”.
Or let’s say you have a thousand home directory folders, and you set the permissions a bit wrong. You want each user to have full control of their own folder. You could do:
for /D %a in (*) do cacls %a /E /G %a:F
This will run “cacls carl.farrington /E /G carl.farrington:F”, substituting carl.farrington for the folder name and user name until every folder has been done. This example assumes of course that the folder name is the same as the user name who you want to grant the permissions to. Notice the /D – this means the filespec matches directory names, not filenames. Without the /D the * would not return any directory names.
Another example. You might want to search within every .ini file in the current directory. NT’s “find” command doesn’t accept wildcards/multiple files. So what you do is use a for loop and pipe the output into a text file that you can check when the process completes:
for %a in (*.ini) do find /i “Microsoft” %a >>output.txt
This will do “find /i “Microsoft” file1.ini >>output.txt”, then file2.ini, then file3.ini. You can check the output of output.txt to see which files contained the text you were searching for.
I sometimes use this to search all the oem*.inf files in %windir%\inf to find the inf file that’s supplying driver information for a particular piece of hardware. Then I can delete that inf file, remove the hardware from device manager and Windows will not just re-install the existing driver for the device, allowing you to supply a different driver. Searching for the INF file is not necessary on Vista because the details tab in a device’s properties within Device Manager has been extended to display the inf source.
Exchange ActiveSync on SBS broken due to ExchangeVdir setting in registry.
Dec 11th
This is the second time I have encountered this now. Both sites were completely unrelated and had different IT admins. In each case, for whatever reason EAS was not working, probably due to SSL problem or IP address restrictions, but in trying to fix the problem, the IT person left the machine with ExchangeVdir set to /exchange-oma, but no such virtual directory in IIS.
To fix, I simply removed the ExchangeVdir registry entry, but according to MS KB article 817379, on SBS 2003 the key should indeed be set, and a virtual directory should exist called exchange-oma. Therefore, it seems that the IT person is doing the re-build of Exchange IIS virtual directories (as per the well known MS KB article where you do the metabase edit), but the re-build does not create the SBS-only non-standard exchange-oma directory. I am guessing that the CEICW recreates the exchange-oma virtual directory, otherwise it must be manually created as per kb817379.
In any case, this is something to look for when EAS does not work. The IIS logfiles show the requests for /exchange-oma, which does not exist.
The key issue here is that in attempting to fix a problem, the IT person compounds the problem with exactly the same symptoms but a totally different cause. They probably then move on and fix the initial cause of the problem, but it still doesn’t work because they just goofed up the ExchangeVdir stuff.
The Routing and Remote Access service failed to start due to dependency service NetBIOSGroup failed to start.
Dec 11th
RRAS won’t start because service “NetBIOSGroup” failed to start.
This is due to broken “NetBIOS Interface” service, which provides “Group = NetBIOSGroup”.
Import the following .reg file and reboot the server: http://www.css-networks.com/netbios.reg
Blackberry Professional Server for Exchange quick setup.
Dec 11th
If the machine already has SQL Server or SQL Express on there, the BPS installer will not automatically create an SQL instance. You can either use an existing instance (i.e. tell the installer to create the Blackberry database on the SERVER\SHAREPOINT instance), which may confuse other sysadmins later and result in accidental removal of the Blackberry database, or you can install SQL 2005 Express yourself manually, which is what I do. It’s in the tools folder after you have extracted the BPS archive. Deselect “Hide Advanced Configuration Options” during the SQLEXPR install, and name the instance something useful like “BLACKBERRY”. You do not need User-Instances enabled.
Here’s the quick setup guide that I wrote after watching the videos. The written install guide is rotten. It makes a simple process look so tough:
Add user BPSAdmin, create Exchange mailbox.
Add to group Administrators (if you forget this you’ll know about it later when you’re unable to logon to the server locally as BPSAdmin).
Active Directory Users & Computers -> View -> Advanced Features
Domain Properties -> Security -> Advanced -> Add BPSAdmin -> Apply onto: User Objects -> Send As
Regedit: HKCU->Software->microsoft->Exchange->ExAdmin-> New DWORD ShowSecurityPage=1
Exchange System Manager -> Right-click Org -> Delegate Control -> Next -> Add BPSAdmin -> Exchange View Only Administrator
Right-click Org -> Properties -> Security -> BPSADmin -> Allow Administer IS, Receive As, Send As.
Log off.
Log on as BPSAdmin
Start BPS setup, accept all defaults, enter the BPSAdmin password.
Set up device as usual – Options -> Advanced Options -> Enterprise Activation.
When entering the email address, use space bar instead of @ and dot.
How to remove Linux software RAID1 (md raid) on-the-fly so that VMWare Converter works
Dec 11th
Trying to do a physical to virtual conversion so that this blog can be put on the VMWare ESXi 4 box, and the little HP box can do Asterisk (VMWare didn’t play well with Asterisk).
After much frustration (need 32-bit libs on Fedora for the Converter to run), I still couldn’t quite fathom out why the converted machine failed to boot (“cannot find root”), then it dawned on me that the VMWare converter was not finding the root filesystem because it was on a linux raid1 mirror partition, which the converter doesn’t support.
Rather than transferring manually, here’s what I did:
fdisk
change partition type of RAID partition from type fd (linux raid autodetect) to 83 (linux ext). This might not be necessary, but it should prevent the kernel from auto-configuring RAID for that partition.
cd /etc
mv mdadm.conf mdadm.conf.old (i.e. remove the mdadm.conf configuration file, but keep as a backup just in case).
mkinitrd /boot/initrd-noraid-`uname -r`.img `uname -r`
(basically we’re doing “mkinitrd /boot/initrd-noraid-2.2.15-el5.img 2.2.15-el5″ if 2.2.15-el5 is your running kernel version.. the uname -r substitutes this for us.)
cd /boot/grub
edit grub.conf and change the initrd= line to /boot/initrd-noraid-x.x.x.img, change kernel boot parameter root= to reflect partition without raid, e.g. change from /dev/md0 to /dev/sda2. Do the same for /etc/fstab.
Now the initial ramdisk has no mdadm.conf, and the partition type is no longer set to linux raid autodetect (type fd).
Power down, remove one of the RAID1 disks, and the system should boot and run now off the other disk without RAID.
VMWare converter now works. Job’s a good ‘un.
Recovering from Windows registry hive corruption, the clever way.
Dec 11th
I like this trick. Every time I do it, I think about all those people doing repair installs (in-place upgrades).
It works pretty much every time unless the filesystem is really truly screwed, in which case you need a backup, say from the system restore directory (System Volume Information), as per this knowledgebase article (don’t bother with the recovery console though, use your USB to IDE or USB to SATA cable and fix it from your laptop.)
Here are the symptoms. You try to start up your Windows 2000/XP (Vista too?) computer and you get a message, white text on black background:
Windows could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
or
Windows could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE
Sometimes, the message is cut short, so you might see “\WINDOWS\SYSTEM32\CONFIG\SYS” or similar. Hint: If it’s really cut short, and you can’t see if it’s SOFTWARE or SYSTEM, do the following procedure on both files. Whichever one is identified as having been repaired, well that’s the one that was broken 
Anyway, how to fix it in 2 minutes:
Use your USB to IDE/SATA adapter cable, and connect the broken machine’s hard drive to your laptop, or your spare PC or whatever. You don’t have to use a USB to IDE/SATA adapter cable – if you’re a person at home with another PC you can stick the drive on a spare IDE or SATA channel. You just need to get that hard drive into a working Windows XP computer for a few minutes.
Windows will mount the broken computer’s hard drive as, say E: or F:. Make sure you have your computer set to show hidden files and also system files. To check this, go into My Computer -> Tools -> Folder Options, -> View Tab, and select “Show hidden files”, and make sure “Hide protected operating system files” is not ticked.
First things first, run chkdsk on that drive, after all it is most likely filesystem corruption that has caused the registry to become corrupt in the first place. In My Computer, right-click the broken computer’s drive and choose properties. Go to tools, “Check Now”, put a tick in only the first box (Automatically fix filesystem errors), and click start. Let that finish before continuing.
Here’s where the magic happens. Go to start -> run, and type regedit [enter]. This will launch the registry editor on your computer. In the registry editor, highlight HKEY_LOCAL_MACHINE, and then go to File -> Load Hive. Find the file that is “missing or corrupt” (from your error message earlier), and choose to load that. It will be in E:\(or F:\)Windows\System32\Config, and will be called just SOFTWARE or SYSTEM. Regedit will ask you to name the hive, just type “badpc” (any old garbage will do – it’s only temporary).
Regedit will say “One or more files containing the registry were corrupt and had to be recovered by use of log files. The recovery was successful.” You have just repaired the registry! Now you need to Un-load that hive, so highlight that “badpc” hive that you can now see under HKEY_LOCAL_MACHINE, and go to File -> Unload Hive.
You now just need to put that hard drive back in the broken computer, which hopefully won’t be broken any more! If you used a USB to SATA or USB to IDE cable from your laptop, make sure you use the “Safely remove hardware” icon in the system tray next to the clock to safely remove the hard drive, else you may cause filesystem corruption again. Alternatively just shut your laptop/working computer down properly and remove the hard drive once it’s shut down.
All done.
Some background:
The registry is a database. It has transaction log files which can be used to recover from corruption. It would appear that the early Windows boot process is not able to work with those log files, but regedit (and Windows itself further on in the boot process) is.
“Publisher cannot complete the operation”, on Windows XP.
Dec 11th
Contrary to the Microsoft Knowledgebase article, my encounter with this problem was caused by an overloaded Temp directory on the user’s computer. See How to clear the temp directory.
More strange Internet Explorer script errors. Why doesn’t the site work!
Dec 11th
Try checking that MSXML 4.0 is installed. I spent many many hours tracing the source of a non-functioning finance lender’s system, which was due to MSXML 4.0 not being installed on some of the workstations.
