Windows 7: The Default Gateway is not Available

I encountered a problem affecting a Windows 7 Ultimate (64-bit) system,  where the Internet connection was randomly disconnected, often while downloading a large file or streaming media across the network.  The Windows network troubleshooting wizard was able to correct the issue temporarily by performing a reset of the Network Adapter (Manually doing the same also restored connectivity).  Oddly enough,  the Local Area Network connection remained active,  but the Internet link was show as disconnected.  The network troubleshooting wizard identified the problem as being that the “Default Gateway was not available” even though the Broadband router was online and working fine for other computers.

After running some searches on the issue, I discovered that there were a large number of Windows 7 users who had been experiencing a similar problem.  The common factor was often the use of an NVidia NForce onboard network adapter,  however in this case the computer in question was using an Atheros 10/100/1000base-t controller (Onboard an ASUS motherboard).

The initial recommendation provided was that affected users should acquire updated NIC drivers from the manufacturer of their network card,  however there were no update drivers available for the Atheros card.

Luckily I came across information posted by a user suffering from the same problem on a similar system using the same onboard NIC (Atheros).  The recommendation that corrected the problem permanently was to:

Open Device Manager

Locate the Network Adapter

Right click, Properties

Go to Advanced tab

Locate the Task Offload (aka TCP offload) property on the list and set it to Disabled

After setting this property and applying the changes,  the Internet connection remained stable and no longer dropped out when transferring large amounts of data.

For more information see:
http://www.sevenforums.com/network-sharing/5787-problems-atheros-l1-ethernet-adapter-win7-x64.html
http://social.answers.microsoft.com/Forums/en-US/w7hardware/thread/59bcb7f5-fcca-44a4-b1db-787b1d269825

Windows 7 GodMode

You may have come across news of a hidden feature in Windows 7 that was posted about on Cnet.com called Windows 7 GodMode.  It’s a little know feature of Windows that has been around since Vista, though few were aware of it’s existence until now.

GodMode is a feature that lets users access all of the Windows Control Panel options from a single window. No hidden Control Panel options are exposed,  but all the various options for the different Control Panel applets are shown.

To create your own GodMode folder where you can easily modify your computer settings, try the following:

Create a new folder (right-click and click on “New Folder”). Right-click on the folder and click on rename, copy and paste this: GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

The GodMode section at the front of the string can contain any name you like,  GodMode was chosen for dramatic effect I’m sure.

You have exceeded your profile space!

Came across an interesting issue today while cleaning a Malware infection from a client computer.  Once I had cleaned the system up enough to load Windows XP in normal mode, I noticed a strange icon in the system tray.  It was a large red circle with a white X, and when the mouse was hovered over the icon the message “Warning! You have exceeded your profile space by XXX KB” was displayed. Opening the program displayed a more detailed message:

34zeutj

Profile Storage Space
You have exceeded your profile storage space. Before you can log off, you need to move some items from your profile to network or local storage

This was on a computer that is not attached to a domain,  with no quotas enabled by the administrator.

It seems that the Malware infection implemented a local security policy on the PC restricting the users profile storage space.  Manually deleting unneeded files from My Documents to reduce the size of the profile had no affect.

Luckily I came across this registry modification that removed the quota and corrected the problem.

Take this code and paste it into notepad. Save the file as quotarem.reg (make sure to save as type All Files to avoid the .TXT extension) and then double click on it to merge the changes into your Windows registry.

Code:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"EnableProfileQuota"=-
"ProfileQuotaMessage"=-
"MaxProfileSize"=-
"IncludeRegInProQuota"=-
"WarnUser"=-
"WarnUserTimeout"=-

Migrating a Windows XP user profile to a new domain without FAST

This technique can be useful when you need to migrate users to a new network domain,  and want to retain all the users profile data for use in the new domain.   Using this simple registry modification saves the time required for a tool like the Files and Settings Transfer Wizard (FAST),  but unlike FAST cannot be used to move a users profile from one PC to another.

1 ) Log in to the PC as the user who’s profile you intend to migrate.  Lets call the account TESTUSER.

2 ) Check the users profile path typically located in C:Documents and SettingsTESTUSER and make note of the exact directory path.

3 ) Login as a user with administrative rights and join the new domain. Reboot the PC.

4 ) Log in after rebooting with the users (TESTUSER) new domain account to create a new profile, the log out.

5 ) Log in with a domain admin account.

6 ) Give the TESTUSER@newdomain account full NTFS permissions to the old account profile path you noted earlier.  It’s best to Apply the changes before pressing Okay,  as I’ve found that they don’t stick when you simply press Okay after adding the permissions.

7 ) Open Regedit and navigate to HKLMsoftwaremicrosoftwindows ntcurrent versionprofile list

8 ) You will see a list of all the profiles on the machine.  Be aware that these profile folders are named according to the user security IDs (SIDs) and not according to the user names.  You should find a number of profiles including the old user profile (TESTUSER) and the new domain user profile (TESTUSER.domain). The easiest way to determine which profile belongs to which user is to compare the ProfileImagePath key data to see which account is referenced in the path.

9 ) Edit the domain user profile (TESTUSER.domain) ProfileImagePath key to point to the old user profile path.  For example:  “C:documents and settingsTESTUSER.domain”  <changes to> “C:documents and settingsTESTUSER”

10 ) Once complete, login using the domain account and test it out. The desktop should change, the My Documents should contain all their documents, etc.  Make sure to check Outlook to confirm the email profile was migrated correctly,  I’ve seen a few instances where this did not happen and Outlook required reconfiguration.

Product Spotlight: Windows SharePoint Services

SharePoint Services is a versatile technology included with Microsoft Windows Server 2008 that enables organizations of all sizes to increase the efficiency of business processes and improve team productivity. With tools for collaboration that help people stay connected across organizational and geographic boundaries, Windows SharePoint Services gives people access to documents and information they need.

wss1

Chief among the advantages of Windows SharePoint Services:

  • Provides a single workspace for teams to coordinate schedules, organize documents, and participate in discussions—within the organization and over the extranet.
  • Easily author and manage documents. SharePoint Services helps to ensure document integrity with the option to require document checkout before editing, provides the ability to view past revisions and restore to previous versions, and has the ability to set document-specific security.
  • Helps people and teams stay on task with a variety of communication features that let users know when actions are required or important changes are made to existing information or documentation, including announcements, sophisticated alerts, surveys, and discussion boards.
  • Provides creative forums for brainstorming ideas, building knowledge bases, or simply gathering information in an easy-to-edit format with new templates for implementing blogs and wikis (Web sites that can be quickly and easily edited by team members).
  • Increases productivity while mobile with enhanced support for synchronization; using Microsoft Office Outlook 2007 to manage document libraries, lists, calendars, contacts, tasks, and discussion board—even offline.

Built on Microsoft Windows Server 2008, Windows SharePoint Services also provides a foundation platform for building Web-based business applications that can flex and scale easily to meet the changing and growing needs of your business.  With a familiar, Web-based interface and close integration with everyday tools including the Microsoft Office system, Windows SharePoint Services is easy to use and can be deployed rapidly. Users can create workspaces and then publish, store, share, and keep track of information, workflow, and documents.

Windows SharePoint Services helps teams stay connected and productive by providing easy access to the people, documents, and information they need to make more informed decisions and get the job done. Enhancements in Windows SharePoint Services 3.0 make it easier than ever to share documents, track tasks, use e-mail efficiently and effectively, and share ideas and information.

Contact KTS today for additional details on how your business can benefit from Windows SharePoint Services!

See the rest of our latest newsletter here.

Sending email to certian domains does not work when you run Exchange Server 2007 on a Windows Server 2008-based computer

You may have trouble sending mail to certain domains while using Exchange Server 2007 on Windows Server 2008. The Queue Viewer displays the following status error for the domain in question:

“451 4.4.0 primary target IP address responded with “421.4.4.2 unable to connect.”attempted failover to alternate host, but that did not succeed.Either there are no alternate hosts, or delivery failed to all alternate hosts.”

This problem occurs because routers do not support the TCP autotuning settings in Windows Server 2008.

To disable autotuning, follow these steps:

Run CMD as Administrator

At the command prompt, type the following command, and then press ENTER:

netsh interface tcp set global autotuninglevel=disabled

This command disables the Receive Window Auto-Tuning feature.

Exit the Command Prompt window.

Restart the computer.

Configuring printer registry settings for Windows Terminal Server

Following the installation of a printer driver on at  Windows 2003 Terminal Server, it’s good practice to check out the registry to make sure the driver is not using an unsupported Monitor or Print Processor.

To check for the presence of a print monitor:

1) Open Regedit

2) Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlPrintEnvironmentsWindows NT x86DriversVersion-3

3) locate the newly installed driver by name, click on the key (folder)

4) In the right hand pane you will see a series of settings,  look for the Monitor string

5) The Monitor data field should be clear as print monitors are not supported in a TS environment, if you see anything listed there, delete it.

For the print processor:

1) The printer should been connected at least once to the Terminal Server in order for it to show up in the list at HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlPrintPrinters

2) Navigate to that key in the registry and locate the printer by name in the list

3) In the right hand pane you will see a series of settings,  look for the Print Processor string

4) The only supported Terminal Server print processor is the default,  WinPrint – if the driver you installed is using a different print processor,  replace it with WinPrint.

Once you’ve made these changes, test the printer to make certain it functions via TS.

Autocreated Terminal Services Printers not deleting after user logs off

In order for printers to be completely autodeleted from both the registry and Print Manager users may need Full Control over the following registry key and subkeys:-

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Print

Users also need Change permissions to the following:

%systemroot%system32spool

How to change product key on Office 2003

Regedit

Find

HKLM/Software/Microsoft/Office/11.0/Registration/<only-32-bit-ID>

-Change the value of key “ProductID” to “OldProductID”
-Delete the key DigitalProductId

Now start one of the office apps – it should ask you to re-enter the key, then activate normally.

Implementing RPC over HTTPS in a single Exchange Server 2003 environment

Sources: http://www.outlookexchange.com/articles/HenrikWalther/RPC_over_HTTP.asp
http://www.msexchange.org/tutorials/Implementing-RPC-over-HTTPS-single-Exchange-Server-2003-environment.html
http://blogs.techrepublic.com.com/networking/?p=292

In order to make use of all Exchange’s collaborative tools, Outlook must communicate with the Exchange server via the remote procedure call protocol (RPC). It’s not a good idea to open these ports to the Internet due to RPC’s rich history of exploitable vulnerabilities. RPC over HTTPS allows RPC traffic to be tunnelled inside secured HTTP packets. This enables roaming users to enjoy full Outlook/Exchange functionality without having to open any additional firewall ports or dial a VPN connection.

The following steps are necessary to implement RPC over HTTPS in a single Exchange Server environment:

– Configure an Exchange Server 2003 back-end server as an RPC proxy server.
– Configure the RPC virtual directory for Basic authentication and SSL
– Configure the RPC proxy server to use specified ports for RPC over HTTP
– Set the NT Directory Services (NTDS) port on all global catalog servers that act as Exchange Server 2003 back-end servers
– Create a Microsoft Office Outlook 2003 Profile for your users to use with RPC over HTTPS
– Test the connection

Requirements in order to get RPC over HTTP working:

Client(s)
Windows XP with Service Pack 2.
Outlook 2003 installed, previous Outlook versions won’t work.

Server:
The exchange server needs to be running Windows 2003 and Exchange 2003.

It’s not a requirement running Exchange in a Front-End/Back-End topology as many believe, actually you could get by running everything from a single server. But depending on your environment, Microsoft recommends you make use of a Front-End/Back-End scenario, and if possible placed behind an ISA 2000 server.

You will also need to have a Microsoft Certificate Authority (CA) installed , this should be used to issue the respective certificates needed in order to have SSL/443 working properly. You could as well go the easy way and get the certificate from a certificate provider like Verisign or Thawte.

Configuration Steps:

1)  Install the RPC over HTTP Proxy component on Windows Server 2003
– Click Start | Settings | Control Panel
– Double-click Add/Remove Programs
– Click Add/Remove Windows Components
– Double-click Networking Services
– Put a checkmark in RPC over HTTP Proxy
– Click Next | Ok | Finish

2) Configure the RPC virtual directory for Basic authentication and SSL

Installing the RPC proxy will create two new virtual directories under your Default Web Site. We need to modify these slightly in order to allow proper authentication and encryption of RPC over HTTP connections.

– Open up the IIS Manager.
– Navigate to Web Sites | Default Web Site.
– Right click on the RPC directory and select Properties from the drop-down menu.
– Select the Directory Security tab.
– Click on the Edit button within ‘Authentication and access control’.
– Make sure that the option ‘Enable anonymous access’ is deselected.
– Check ‘Integrated Windows authentication’ and ‘Basic authentication’ and click on OK. You may be prompted with a warning dialogue; click on Yes and ignore this as it does not apply while using SSL.
– Click the Select button next to Default Domain and select the domain from the list.
– Click the Select button next to Realm and select the domain from the list.
– Click OK.
– Click on the Edit button within ‘Secure communications’.
– Check ‘Require secure channel (SSL)’ and ‘Require 128-bit encryption’ and click on OK.
– Click on OK to apply the changes.
Repeat these steps for the RPCWithCert directory.


3) Configure the RPC proxy server to use specified ports for RPC over HTTP

Now we need to edit some values in the registry editor, so start it up and navigate to the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftRpcRpcProxy

The ValidPorts key will likely already include an entry for ports 100-5000; we need to add a few more. Below is an example; you will need to change the hostnames and domains to match your own environment. This should be entered as a single line with no spaces after the semicolons.

ISLMAIN:100-5000;ISLMAIN:6001-6002;ISLMAIN.ISLLLC.local:6001-6002;ISLMAIN:6004;ISLMAIN.ISLLLC.local:6004

4) Set the NT Directory Services (NTDS) port on all Global Catalog Servers that act as Exchange Server 2003 back-end Servers

There are two ways to do this:A) Tell the Exchange server to act as a target for the RPC proxy:
Open up Exchange System Manager, browse to your target server, right-click, and select Properties.
Just above the General tab you will find the RPC-HTTP tab. Select this tab and ensure that the option ‘RPC-HTTP back-end server’ is checked.
Click on OK to exit.  You will be prompted to restart the server.

B) Use Regedit to navigate to the following key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNTDSParameters

– Then click Edit in the menu > New then click Multi-String Value
– Name it NSPI interface protocol sequences
– Right-click the NSPI interface protocol sequences multi-string value, and then click Modify
– Type ncacn_http:6004 in the value box
– Now restart the Global Catalog Server.

5) Create a Microsoft Office Outlook 2003 Profile for your users to use with RPC over HTTPS

– Open the Control Panel | Double-click Mail
– Click Show Profiles
– Click Add…
– Give the profile a name and click Ok
– Click Next and set bullet in Microsoft Exchange Server
– Now you should type in yourExchange server FQDN (ex.  exchange.domainname.local)
-Set a checkmark in Use Cached Exchange Mode, type in your username, but don’t hit Check Name yet, instead click More Settings…
– Click the Connection tab
– Set a checkmark in Connect to my Exchange mailbox using HTTP
-Now open up the ‘Exchange Proxy Settings’ and use the options below.

Use this URL to connect to my proxy server for Exchange:
https://mail.domainname.com

-Check ‘Connect using SSL only’.
-Check ‘Mutually authenticate the session when connection with SSL’.
‘Principal name for proxy server:’ msstd:mail.domainname.com
-If you want to use RPC over HTTPS even while on the internal network, then check ‘On fast networks, connect using HTTP first, then connect using TCP/IP
-Make sure ‘On slow networks, connect using HTTP first, then connect using TCP/IP’ is checked.
-For the ‘Proxy authentication settings’ we can use either NTLM or Basic authentication. I prefer NTLM as it doesn’t constantly prompt for a username and password to be entered.

Apply the changes and you’re ready to start testing. Don’t forget to forward port 443 to the Exchange Server on your external firewall.

6) Test the connection

After enabling the RPC Proxy settings, your Outlook connection to the Exchange Server should be established successfully. The question is now: How to determine that it is an RPC over HTTPS connection?

The answer is simple. Right click the Outlook icon in the taskbar while you are holding the CTRL Key. The Context menu opens and now you have the option to see the Exchange Server Connection Status. Here you can see if your connected, and if yes what connection type is used.