I run a Windows Server 2008 R2 box at home, primarily for hosting small multiplayer online games and various websites. While Server 2008 is built on the same foundation as Windows 7, there are quite a few differences.

I finally upgraded my main desktop to Windows 7 Ultimate tonight and discovered that my server was no longer showing up under the “Network” view in Windows Explorer. It turns out that in Windows 7, that view (which used to be called Network Neighborhood in the Windows NT/98 days and My Network Places in Windows XP) depends on a service called Network Discovery to find machines attached to your network. For the multiple machines on my LAN running Windows 7, they display in my Homegroup and Network views perfectly fine. Server 2008, however, has Network Discovery disabled by default, likely as a security precaution.

Of course, when I remoted into my server and tried to enable Network Discovery, imagine my surprise when it kept re-disabling itself! A little googling revealed in this forum post that Network Discovery relies on several Windows Services to function properly. Getting everything set up is surprisingly easy.

The following services should be set to Automatic (some may be set to Manual; others may be entirely Disabled):

• Function Discovery Resource Publication
• SSDP Discovery
• UPnP Device Host

Once you’ve set up these services to start automatically (and made sure they’re started!), you can enable Network Discovery in the Network and Sharing Center’s advanced sharing settings view. Once you save your changes, your Server 2008 machine should show up in the Network view of your Windows 7 computers.

You know, I am just not a fan of the smug attitude Apple sometimes displays in regards to their potential customers - those of us who still use Windows. One of the most obnoxious things I’ve seen Apple do in recent years came with their second-to-last operating system update, Leopard (OS X 10.5). When you connect to an SMB share (like a Windows share), the machine shows up in the Finder with a beige CRT displaying a Windows 9x-style blue screen of death, or BSOD.

It’s not hard to remove, but I’ve been using Macs at home more and more recently, and I got sick of having to manually remove it every single time I reinstalled (or updated) OS X. So, I made a super easy shell script that lets you fix the icon with one click. You can either download it at the end of this entry or make one yourself.

Making bash shell scripts in OS X is easy - open up TextEdit to get started. Either go up to the Format menu and select Make Plain Text or use the Command+Shift+T keyboard shortcut to convert your new file into plain text.

Then, all you need are the commands, one on each line, that are used to replace the BSOD icon with the generic OS X computer icon (which looks like an Apple Cinema Display):

cd /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/
sudo mv public.generic-pc.icns public.generic-pc_lame.icns
sudo cp com.apple.mac.icns public.generic-pc.icns
echo "script complete."
exit

This script copies the original BSOD icon to a backup file, and makes a copy of the generic Mac icon and gives it the appropriate file name. Save this file as something like BSODfix.command.

In order to make it executable, you need to set the correct file permissions. Open up Terminal and navigate to the directory where you saved your script (I keep my shell scripts in Users/Claire/Scripts), and run chmod 755 BSODfix.command to set global execute permissions on the file. Now you can double-click the file in Finder to run it. Terminal will open up and prompt you for the password for your current user account (assuming you are currently logged in as an administrator), execute the script, and exit.

Quit terminal, restart your computer (for some reason, killing and restarting the Finder doesn’t always make the change take effect), and map to an SMB share to see the change.

If you don’t want to write the script yourself, you can download it below:

BSODfix.command

I just installed WordPress 2.7 today. Boy, is it exciting! The entire interface is different, and things can be accomplished much more quickly.

One of the neat features is the ability to add and remove plugins from the web interface. Unfortunately, WordPress only works with FTP and FTPS (FTP over SSL) by default. I don’t have an FTP server installed on my Linode, so I decided to see if I could use SSH instead.

Turns out it’s possible, but it sure was a beast to get up and running. I’ll go through what I did, in case anyone else had as much trouble with this as I did.

First off, you need to install PEAR. This is a nifty little utility that can automatically compile PHP extensions.

Keep in mind that I’m working in Ubuntu 8.04.1 here, and my Linode installation is very stripped down.

First, you need to install the command-line interface for PHP, which allows you to run PHP scripts from a terminal.

apt-get install php5-cli

Seeing as my installation of Ubuntu is devoid of pretty much any extras, I needed to install wget too.

apt-get install wget

Once that’s done, we can install PEAR.

cd /
wget http://pear.php.net/go-pear -O go-pear.php
php go-pear.php

Once the PEAR installation script is running, you need to configure the locations of each of the components. I chose to stick everything in /pear, but you may want to put it somewhere else. I’d recommend keeping option 3 to my setting, though.

1    /
2    /pear/temp
3    /bin
4    /pear
5    /pear/docs
6    /pear/data
7    /pear/tests

Now that PEAR is installed, we can get into installing OpenSSL and the necessary packages to make it work with PHP.

apt-get install openssl
apt-get install lsh-client
apt-get install libssh2-1
apt-get install libssh2-1-dev

With our libraries and packages installed, we can compile our ssh2 extension for PHP.

pecl install -f ssh2-beta

Finally, we need to add the extension to php.ini.

nano /etc/php5/apache/php.ini

Find the section titled “Extensions” and add this line:

extension=ssh2.so

And restart Apache:

apache2ctl -k graceful

In your WordPress admin interface, you should now see an “SSH” option when you go to add, remove, or update files on your server. WordPress provides text boxes to use your private and public SSH keys, but I found I only needed to use one of my user account’s credentials to authenticate to the server.

My friend Danny is a systems administrator and all-around IT guy at a manufacturing company in Indianapolis. He recently came up with a pretty useful little script, and wanted me to pass it on to the world.

Recently I needed to find out which folders a certain person was able to access on our Windows network. Apparently, this was extremely easy in Novell. Since it isn’t 1995 anymore, I tried to find a way to do this on the Internet. I couldn’t, so I set about making my own.

Microsoft has a utility called xcacls.vbs (if you’re using Vista, you’ll have to make sure WMI is installed, and modify the script. If you can’t do that comfortably, you probably don’t want to be messing with the rest of this anyway). It will allow you to change and view ACL’s from a command line. Since I’m not that interested in modifying the ACL’s in a script, the usage is fairly simple “xcacls c:\windows” will result in a listing of who has entries in the ACL and what the entry is (n.b. you’ll also have to have the default script host be cscript. Wscript won’t work).

In order for this to be useful, we really need to be able to have it run automatically on several, if not all, folders on a computer. The first step would be to get a list of the folders we want to run this on. I chose to limit it to one folder and all its subfolders only (c:\ will do everything, while c:\windows will only do the folders in c:\windows. If you want to do c:\windows and c:\program files only, you’ll have to run it twice).

What I was looking for was basically a text file that just had all the folders. This command will create exactly that:

dir "c:\program files" /s /b /o:gn /a:d > c:\batch\xcacls\dirlist.txt

Now that we’ve got a list of all the folders we need to search, we need to actually loop through it.

For /F "tokens=*" %%i in (dirlist.txt) do c:\batch\xcacls\aclSearch.bat administrator %%i

C:\batch\xcacls\aclSearch.bat is another batch file which takes two parameters (I’ll show you it in a minute). I call the other batch file so I don’t have to worry about how DOS handles variables (it doesn’t like to evaluate them during runtime, and will wait until the loop is done and use the final value for each iteration. It’s weird, I know).

A caveat about the for loop: when using for in an interactive CLI you use a single % sign in front of the i, when using it in a batch file, it’s a double %. Don’t ask me why.

aclSearch.bat contains the following

call c:\batch\xcacls\xcacls.vbs "%2" > c:\batch\xcacls\xcaclsResults.txt
 
find /i %1 c:\batch\xcacls\xcaclsResults.txt
 
if %errorlevel%==0 goto Found
 
goto End
 
:Found
 
echo %2 >>c:\batch\xcacls\%1results.txt
 
:End

This calls xcacls.vbs (from Microsoft) passing it the folder name. The quotes are there to handle filenames with spaces. It then sends the results into a temporary file called xcaclsResults.txt

Next we do a find using the search string (the first item passed – administrator in this example) on that file. If Find finds a match, the errorlevel is 0; if not, it is 1. If the errorlevel is 0, then the folder name is put into a results file named whatever the search string is, with results.txt appended (in this example it’d be administratorresults.txt).

So, how do you actually use all this? FindPermission.bat contains:

dir %1 /s /b /o:gn /a:d>"c:\batch\xcacls\dirlist.txt"
 
for /F "tokens=*" %%i in (dirlist.txt) do c:\batch\xcacls\aclSearch.bat %2 %%i

To search the c:\program files directory for anything the administrators group has access to you’d type:

Findpermission.bat "c:\program files" administrators

The results will be in the same folder you ran findpermissons from and be called administratorsResults.txt. To search the C drive for anything Danny Parrott has access to, you’d need:

Findpermission.bat c:\ "Danny Parrott"

The results from this one will be in Danny Parrottresults.txt.

This does require that Findpermission.bat, aclSearch.bat, and xcacls.vbs be either in the same folder, or in a folder that’s in the path variable. It will work for either users or groups. This process is also not instantaneous. The xcacl.vbs script can take upwards of half a second to run, so on larger systems, this is something you’d want to start and come back to later. On the plus side, though, it hardly uses any system resources while running (5MB RAM and 2-4% CPU time on a four-year-old server at work) so you can run it during the day.

Since OS X 10.4 (Tiger), Apple has provided a remote desktop capability integrated into the operating system. However, unlike Windows (which uses a proprietary protocol called RDP), Apple chose to use the VNC protocol for their remote desktop server and client.

I wouldn’t recommend using Apple’s VNC server; it’s far more restrictive than alternatives. Vine server is much more robust and customizable, and it’s open-source.

However, if you find it necessary to use Apple’s built-in VNC for whatever reason, you may also find yourself needing to control the server from the command line (for instance, if the server application fails and you need to SSH into your remote Mac to restart the service).

I found out the hard way that the Perl script Apple uses to restart the server stores the VNC password in plaintext. This is wrong on a lot of levels, one being that it’s completely user-unfriendly. At any rate, after some Googling around, I found a Perl script that will encode the password with the necessary key. You can then input the encoded password in your VNC restart command.

The Perl script looks like this:

perl -nwe 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; \
chomp; s/^(.{8}).*/$1/; @p = unpack "C*", $_; foreach (@k) { printf "%02X", $_ ^ (shift @p || 0) }; print "\n"'

Paste this at your bash prompt and hit enter. You can then type your password, hit enter again, and have the encoded password ready to go. Once you have your encoded password, you can use the kickstart command to restart the VNC server. Apple has some documentation on using kickstart here.

Overall, Apple made a major blunder by not correctly encoding the password with the kickstart utility. Hopefully this will be remedied in a future release of OS X.

I would not have figured out all this if it hadn’t been for someone on the #linode channel with the patience to walk me through the steps.

At any rate, when I moved abettergeek from Dreamhost to Linode, mail quit working in the forums. PHP has a built in mail() function, but it requires some server config to work - apparently, Dreamhost took care of that, while Linode’s default Linux install doesn’t have sendmail installed by default.

This makes sense - Linode basically allows you to select from a number of Linux distros, and they drop a very barebones image onto your VPS. It’s up to you to install the things you need. This is better than, say, installing everything by default and leaving a bunch of ports and vulnerabilities open from the start.

sendmail, however, is a bit pickier than Apache when it comes to making it work properly. These steps are using Ubuntu 8.04 LTS, but they’ll be similar for any Linux distro.

First, you’ll want to actually install sendmail:

apt-get install sendmail

That part was easy…however, the default Ubuntu config did not have my hostname information configured properly. You’l need to update your hosts file and your hostname file:

sudo nano /etc/hosts

if you have a line that looks like 127.0.0.1 ubuntu, remove it. The top two lines of the file should look like this:

127.0.0.1      localhost
72.14.177.31   abettergeek.com

Then, you need to update your hostname file:

sudo nano /etc/hostname

This needs just one line for your domain

abettergeek.com

Restart your server for the changes to take effect, and you should be able to now send mail using the mail() function in PHP.

My freshman year of college, I knew a kid with a Logitech MX700 cordless mouse. The first time I used it, I knew I had to have one. It was only a few months before I bought the Cordless Elite set, with the Elite keyboard and the MX700 mouse.

I have since discovered that this is the number one best mouse in existence. I’m not a gamer, so I don’t need high sensitivity and hair-trigger response. What I do need on a daily basis are the extra mappable keys that the MX700 (and its siblings) provide.

Logitech canned the MX700 several years ago in favor of the (in my opinion, at least) inferior MX1000. They still, however, produce a corded version - the MX518 gaming mouse. This is what I have in my office at work.

I typically map the second button below the scroll wheel to Ctrl+W, so that I can quickly close tabs and child windows in almost any application. There are, however, two applications I frequently use that do not follow the Ctrl+W convention - Outlook 2003 and SQL Server Management Studio. In Outlook, you need to use Esc to close child windows (messages, appointments, etc.). In SQL Studio, Ctrl+F4 is the only shortcut that will close open tabs in the interface.

Today, on a whim, I Googled to see if there was a way to map each of the mouse’s buttons differently for specific applications. Lo and behold, there is! It turns out that the SetPoint software required for Logitech’s newer mice uses XML for the configuration settings, so someone figured out how to enable lots of additional settings via the aptly-named uberOptions.

This application was ridiculously easy to install and use. I didn’t have to restart, or even manually shutdown SetPoint before installing. Once it was installed, I was able to quickly specify mapped keystrokes for Outlook and SQL Server, and was off and running. Changes take effect immediately - you don’t need to restart an application for its specific mappings to work.

If you have an older MX700-like mouse (the MX500, 700, 510, and 310), you can use an application called LogiGamer, although it looks to be a bit clunkier (and requires the .NET 1.1 framework; it’s old enough that it may not be compatible with newer .NET versions).

If you have a Logitech keyboard, uberOptions will allow you to customize all the keyboard’s extra keys on a per-application basis. I’m just glad that I can finally use the same shortcut button for the same purpose in all my applications!

At work, we use Microsoft SQL Server 2005. The client software requires Windows authentication to connect to a database. However, the credentials are pulled from your logged in Windows account. If you’re not on Purdue’s domain, you can’t connect. While putting my workstation on the domain wasn’t an issue, I prefer using my local user account on my laptop.

Vista supports fast user switching on a domain (XP does not, unfortunately), so I could switch between local and domain to use the SQL client, but running two profiles simultaneously is a bit of a resource hog.

Windows XP has a handy “Run As…” feature. If you right-click on an executable or shortcut, you can click “Run As…” and enter different credentials to load an application. This is especially handy if an admin needs to run something like the Management Console without logging out the user first.

Vista, for some inexplicable reason, has removed this feature. Fortunately, SysInternals came up with a handy little application that brings back the “Run As…” menu. It registers in Explorer’s context menu, and it can be used at the command line to load an application - which means you can create shortcuts specifically to run something as a different user.

It’s small, easy to install, and works great. You can get it here.

So Firefox 3.0 was released recently. I downloaded it today to see if it was worth upgrading from 1.5 (I skipped 2.0 entirely - too many annoyances for me).

The verdict thus far is, as I used to say when I was 15, “big negative on that one”.

I really don’t see much happiness in the future of Firefox. What I see is yet another great piece of open source software going drastically downhill in an attempt to “reach out” to a wider user base - meaning a dumber user base.

There is a delicate balance between making an app so unusable that nobody downloads it (even though you, as the developer, might find it plenty useful) and making an app so dumbed-down that anyone, including a computer-illiterate 90-year-old, can use it. This is particularly a problem with open-source software.

I’ve been a big fan of how Microsoft does things. I’m sure I’ll get blasted by “real geeks” for saying that, but the fact is, Microsoft’s products cater to everyone - from the stupidest of the stupid users to the most advanced power-using geeks out there. While there are certain things that Linux indeed does better, Windows meets all of my needs as a power user - and all of my mother’s needs as someone who only uses the computer for email and the occasional game of Spider Solitaire.

In the case of OSS, it’s too easy to either make a product really dumbed-down or really complex. This is more or less what happened when Gaim was released as Pidgin several years ago. Since then, Pidgin’s development has gotten drastically more user-unfriendly in an attempt to make it more accessible to people who would otherwise avoid unfamiliar software. In the case of Pidgin, as “features” were added (which translated into actual features being removed, hidden, or dumbed down) and the user base got wind of the changes and requested fixes or reversions, the developers unfortunately were not too interested in listening to their users.

Firefox is a much bigger open-source project compared to Pidgin, which makes me wonder if they’ll be less likely to listen to their users - or more likely because they have such a public presence now. It’s hard to tell, really.

Surprisingly, Firefox 3.0 has made an effort to behave more like Internet Explorer - I tend to believe it should be the other way around. The oversized back button just gets in the way - who even uses the back button anymore? Ctrl+Left is a heck of a lot faster when navigating your page history.

Not only that, but, like IE7, FF 3.0 has condensed the history into a single button. Rather than having arrows next to both back and forward so that you can navigate in either direction in a tab’s page history, it’s all been shoved into a single button. Does this actually increase usability? I tend to think not. When you’re doing a lot of heavy browsing (and lord knows I do that enough), you don’t want to try and work with one list for all your page history - it’s easier when it’s split between what’s behind and what’s ahead in your page history.

The new drop-down URL bar is ridiculously obnoxious. I Googled around a bit to see what others thought, and there’s a pretty clear consensus so far - the new auto search is annoying, frustrating, and at times unusable. While I’m sure there are people who only remember URLs by title, I don’t. I know the actual URL. When I type in “sla” to go to slashdot, I’d rather not have it start throwing back search suggestions and entries from my history or my bookmarks. If I want to find a page in my history, I’ll hit Ctrl+H and search for it in the History sidebar.

I would imagine that this particular problem, given how many people already dislike it, will be fixed soon with an extension.

Then we come to the feature that I was most interested in - memory management. I am a tab addict. On any given day, I’ll generally have between 20 and 40 tabs open in a single Firefox window. On top of that, each tab has enough browsing history that I start to quickly suck up any and all available physical and virtual RAM as Firefox attempts to cache my history in RAM. After a few days of leaving my workstation at Purdue up and running with Firefox open, I’ll look in the task manager to discover that Firefox is using 500MB of RAM (out of 2GB) and another 1.2GB or so of virtual memory. Closing tabs doesn’t fix the problem - the cache is still there. Killing the process entirely and starting over is the only way to free up memory.

I haven’t really put FF 3.0 through the wringer yet on this one. However, in running the same general activities in 1.5 and 3.0 today, both were using almost identical amounts of physical and virtual memory. It’s not a good sign so far, but I’ll have to really do some hardcore browsing to see if 3.0 is actually an improvement over previous releases.

So far, 3.0 has not impressed me. The only feature I’ve seen so far that I liked was the ability to make it remember to always allow SSL certificates with mismatched domains - at work, our development environment’s SSL certificate doesn’t match the server’s URL. It gets annoying to get that “are you sure you want to do this?” popup every time I login (particularly when the login has to expire after an hour). Being able to set it to always authenticate without needing an extension is nice.

Other than that, though, I think I’ll be sticking with 1.5 for awhile longer, much like I’ve been forced to use older versions of Pidgin to compensate for the fact that the developers appear to be writing the application into its grave.

I have friends all over the world. Once in awhile, I make use of the various webcams I own and do a little video chatting. Getting video chat to work well will be for another day - something I learned recently, however, was how to setup a live stream on a webpage. It was surprisingly easy, and works in both Windows Vista and Windows XP.

You need three things : a webcam, a decent high-speed internet connection (the lowest end DSL might not have enough bandwidth to support this well), and Windows Media Encoder, which is available for free from Microsoft. If you’re running Vista, there’s a hotfix you might need (it’s linked on the main WME page), but I have yet to have any problems myself.

You might also want to get a dynamic IP service, like dyndns or no-ip. I used no-ip.org, although they seem to be really big on sending me frequent emails advertising their paid services - I’m not a big fan of free services spamming me about their commerical options. If you don’t use a dynamic IP service with the computer running the webcam, you’ll have to manually update the webpage every time your IP changes.

We’ll walk through how to get setup and going. It’s a bit screenshot heavy, so click the jump to see the rest.

Read the rest of this entry »