aurousTECH

From the Entourage blog, I just came across a PDF entitled Working with Exchange that has a bunch of useful information for anyone who's looking to provide Exchange for Mac clients. This white paper discusses several scenarios for connecting your Mac users such as Entourage, Outlook for Mac, Remote Desktop, and even Virtual PC along with advantages and drawbacks.

Basic troubleshooting for Entourage 2004 is also available in the document.

Uninstalling on the Mac is usually a pretty straightforward matter of deleting the folder or application within the Applications folder of the system. However, that leaves behind all the trails like preferences or libraries for certain application types. Here's how to remove Extensis Suitcase X1 from a Mac:

1. Remove the "Extensis Suitcase X1" folder from the /Applications folder
2. Go to /Users/%username%/Library/Preferences and remove the following:
   

   com.Extensis.Suitcase.plist
   Suitcase Preferences folder

3. Empty the trash and reboot your computer to verify that everything has been removed.

With all the malware infecting computers over the Internet, some crafty types have successfully modified the Winsock networking stack in Windows. This can cause many problems, including disrupting network connectivity and performance problems. Windows XP SP2 made such reinstalls simple by issuing the following at a command prompt:

netsh winsock reset

You can also rebuild the key and bring it back to default status. However, any program that has added or modified layered service providers (LSP) those programs need to be reinstalled. But if needed, this can save a reinstall of the entire system. Issue the following at a command prompt:

netsh winsock reset catalog

If you are on an earlier version of Windows, however, there isn't a commandline tool. Here are the manual steps required:

1. If you're not using XP, uninstall TCP/IP by going to the LAN adapter properties (found in the Network and Dial-Up Connections in Windows 2000). Highlight TCP/IP and click the uninstall button from the LAN properties page.
   
2. Now open the registry editor (Start > Run > regedit)
3. Locate the following two keys and delete them:
   HKLM\System\CurrentControlSet\Services\Winsock
   HKLM\System\CurrentControlSet\Services\Winsock2
4. Restart the computer so that the system reinserts the above registry keys.
5. Now reinstall TCP/IP by going back to the LAN adapter properties. Click Install, choose Protocol, and then click the Add button. Choose the Have Disk button and select C:\Windows\Inf (substitute as needed for your system root). Then choose TCP/IP and complete the install.

Once finished, network connectivity should be restored. More information can be found in MSKB 811259.

I got a call from a former colleague asking if there was a convenient method to change the 25 digit product key in Windows. With a little registry tweaking, it is a very simple matter to do so:

1. Open regedit and navigate to HKLM\Software\Microsoft\Windows NT\CurrentVersion\WPAEvents
2. Open the REG_BINARY value of OOBETimer and change the value. For instance simply delete the last couplet of digits and add 11 or FF to it. Hit OK and close the registry editor.
   
3. Now go to Start > Run... and paste in the following (substituting your Windows folder like C:\Windows for %SYSTEM ROOT%):
   

   %SYSTEM ROOT%\system32\oobe\msoobe /a

4. At the following dialog click the bottom button to Change Product Key.
5. Enter in the new product key for the system and click Update. After the system verifies the key's integrity, you will be returned to the telephone option screen. Click the Remind Me Later button and restart.
6. To verify that Windows has been returned to activated state, re-run the command from step 3. You should be given the notification that Windows is already activated.

Microsoft also outlines this process in article ID 328874.

Getting a Mac onto Active Directory has in the past caused many headaches. But it seems that Mac OS X 10.4 (Tiger) has automated several key steps that used to make it difficult to configure Active Directory via Apple's built-in Open Directory software. Prerequisite information that must be obtained by the Sys or Netadmin:

• Must have local administrative rights on the Mac
  
• Must have a domain administrator password to bind the computer to the network
• Must have the Active Directory domain name (such as east.microsoft.com)
• Must have the domain controller's DNS name for LDAP functionality (such as dc.east.microsoft.com)
  

Now for the configuration of Active Directory:

1. Launch Directory Access, located in the /Applications/Utilities folder.
2. Click the lock button on the bottom left to authenticate the administrative password
3. Once authenticated, double-click the Active Directory line to configure it.
4. Fill in the Active Directory Domain (east.microsoft.com) and Computer ID. The ID will be the computer's name in AD so you should try to use the standardized name for your AD environment.
5. Click the Bind... button and you will be prompted for a domain administrator's credentials (technically any account enabled to add objects to the directory). Enter this information in and if needed, change the OU as required by your AD installation. By default it goes to Active Directory's default container of "Computers" within the root of the domain.
6. Once you click OK, the machine will go through a few steps to join the domain. Once complete, the Bind... button will become Unbind.
7. Finally, to aid in system management, click the "Show Advanced Options" button and then click the Administrative tab. If you have multiple domain controllers, you can here select a preferred server. Also you can click the option to Allow administration for enterprise and domain administrators. Click OK to complete the Active Directory configuration.
   

Now that Active Directory has been established, you should add LDAP:

1. Double-click LDAPv3 to begin configuring it.
2. Click the New... button and then click the Manual button that appears in the pop-up for the quickest configuration
   
3. Now you should be back at the base configuration pop-up. Name the configuration as you see fit and then hit Tab to enter your domain controller's DNS name or IP address.
4. Then click the dropdown for LDAP mappings and select Active Directory. Then you will have to enter the search suffix base. Use the DNS domain name for this, but you need it represented in FQDN format. In my example of east.microsoft.com, it would turn into:
   

   DC=east,DC=microsoft,DC=com

5. Click OK to exit both menus and quit out of Directory Access.
   

My final recommendation is to then go into System Preferences and select the Accounts applet. From there, authenticate with your administrative credentials and click "Login Options" at the bottom left. Then hit the radio button of "Name and password" under "Display login window as:" so that you can enter any AD username at the login screen. Log out of the local profile and try logging back in as a domain user. Assuming that everything works as expected, you can login with any domain user account which will automatically setup a local profile on the Mac.

My company purchased several licenses of Office 2004 a year ago and sadly some former employees absconded with the install discs for each of them. Thankfully I do save all product numbers and serials within a database. Now that it's hardware upgrade season, I can at least copy the Office folder between the one of the unused old machines and get the new computers up and running. But the problem is that Microsoft checks product IDs to prevent piracy. Thankfully you can enter a new product ID by deleting the old one. From Terminal use the following commands:

cd /Applications/Microsoft\ Office\ 2004/Office
rm OfficePID

Once removed, Office will launch the setup wizard allowing you to enter the appropriate product ID. Once the new equipment is rolled out and the old stuff decommissioned, the old machines' product numbers won't interfere with the new computers.

Getting PHP and MySQL installed under Windows IIS takes more effort than your average Windows server install. While Microsoft has made IIS installation relatively effortless in recent years, these F/OSS components can be a bit challenging to work with. The MySQL installation is easy enough but it leaves you with a bare database service that requires the command line to do any database functions. Here's what I had to do in order to get all the components working properly under Windows 2003:

1. Install IIS 6 by going into Add/Remove Programs (under the Control Panel) and then select Add/Remove Windows Components from the left side of the menu.
2. The Windows Components Wizard will open. Double-click the Application Server line. Click the checkbox to install Internet Information Services (IIS), which installs the Common Files, Internet Information Services Manager, and World Wide Web Service. If you require SMTP or NNTP, click the Details... button to add them. Hit OK until you return to the Wizard.
   
3. Click Next to begin the installation (which requires either the Windows CD or a path to the i386 directory).
4. Once IIS is installed, download and install MySQL. I used the Windows MSI installer with the Essentials Package. Choosing the Custom Install option gives you the opportunity to choose the destination folder. I recommend using a folder structure that has no spaces (such as C:\MySQL) since spaces can result in configuration issues. Once you've chosen your folder, you can skip the MySQL.com account creation and finish the install.
   
5. MySQL's installer will give you the opportunity to configure the server. You can get away with using the Standard Configuration but the Detailed Configuration does give you the opportunity to choose the server roles, including database type. The defaults are fine for most options. Just make sure that you add the install directory to the PATH when given the option. Add a root password and the following screen will complete the configuration.

After IIS and MySQL are finished, the PHP install comes next. This is where particular attention needs to be paid, since you may find a lot of conflicting information on Google regarding the exact setup. There are multiple parts involved in setting up PHP so they will be broken up into a few parts. Part I is how to download and configure the initialization file:

1. Download the latest zipped version of PHP. The installer seems to introduce problems so the archived file is recommended. Uncompress the folder to your hard drive; again, the easiest configuration is to use a folder structure without spaces (like C:\PHP5).
2. Open the directory and locate the file named "php.ini-recommended" remove the "-recommended" part from the filename so it becomes "php.ini". Open this file in a text editor.
3. Search for "doc_root" and type in the path to the home directory listed under the default web site in IIS Manager. (Right-click your website, click Properties, and then go to the Home Directory tab.)
   
4. Search for "cgi.force_redirect" and make sure it's uncommented (delete the semicolon) and make it equal to 0 (zero).
5. To use PHP sessions (which is optional), first create a directory (for instance C:\PHP5\sessions) and then key that path into the "session.save_path" line in php.ini.
6. Now to get PHP extensions working, as is required for MySQL support, you will need to first find the "extension_dir" line and enter the path to PHP's extensions subdirectory (such as C:\PHP5\extensions). Then uncomment out the line "extension=php_mysql.dll" in the php.ini file. Any other extensions you require should also be uncommented.
7. Save the php.ini file and exit out of the text editor.
   

Part II describes setting up Windows to use PHP properly:

1. Add PHP's folder into the PATH environment variable. Right-click My Computer and select Properties. Under the Advanced tab click the Environment Variables button at the bottom. Then scroll the System variables section to find Path. Double-click it and enter your PHP path at the line's end appending a semicolon (such as c:\PHP5; in my example). You should not have to restart in order for this to take effect.
2. Now in order to have Windows read the php.ini file you created earlier, you must either copy the php.ini file into C:\Windows (supposedly hard coded into PHP) or you can point to the ini file's location with the Registry. To do that, create a text file someplace on the server and paste the following into it and save it as phpini.reg:
   

   Windows Registry Editor Version 5.00
   
   [HKEY_LOCAL_MACHINE\SOFTWARE\PHP]
   "IniFilePath"="C:\\PHP5"

   Note the above assumes C:\PHP5 is your directory. Substitute as needed, but remember that any backslash in the path needs to use the escape code of double backslash. After this is saved, double-click phpini.reg to add the information to the registry.
3. Now launch IIS Manager for more configuration fun. First thing is to add PHP as a web service extension and allow it to run on the server. In IIS Manager, expand the local system and then right-click the "Web Service Extensions" folder and click "Add a new web service extension".
4. Under the Extension name you can enter PHP and then click the "Add..." button. Browse to your PHP directory, double-click the "php5isapi.dll" file, and then hit OK. Then click the checkbox "Set extension status to Allowed" and then click OK.
5. Now right-click Web Sites and click on Properties. Under the Home Directory tab, click the Configuration button. Click the Add... button to create the PHP extension. Browse to the PHP directory and double-click the same "php5isapi.dll" file from the last step. Type ".php" as the extension and then under the Verbs section select "Limit to:" and enter "GET,POST,HEAD" on the line. Click OK to return to the Web Sites Properties.
6. This next step is optional but recommended. Click the Documents tab in the properties page and click the Add... button under the default content page. Call it "index.php" and then hit OK. Select this and move it to the top of the list. Click OK to close the properties page which will then prompt you to make those changes on each website listed (should just be 2 prompts if you have the Default Web Site only).
   
7. Then expand "Web Sites" folder on the left pane, right-click the Default Web Site (or any other site(s) that need PHP) and select Properties.
8. Under the Home Directory tab verify that the Execute permissions: line is set to "Scripts Only" and then click OK.
9. Finally the configuration is complete. In IIS Manager, right-click the local computer, go to All-Tasks, and then select Restart IIS... Hit OK and PHP should be configured.

To verify that PHP is working properly, create a text file in the root of the website, name it info.php and place the following code into it:

<? phpinfo(); ?>

This page gives all the basic information of your PHP install. Spot check and verify the configuration for things like the Configuration File (php.ini) Path, doc_root, and extension_dir. Also you should see a table belonging to mysql that will provide the API version number. Your PHP and MySQL webserving platform should now be ready to go. Thanks goes out to Pete's Place for an excellent guide; unfortunately I happened upon it late into my own install headaches! But that guide still worked well for working around doing needless server restarts and providing extra functionality (like adding support for sessions).

With Terminal Services, users can access remote Windows machines as if they were at the station's console. However, you aren't logged into the console session by default; if you require this functionality, you must pass through the appropriate commands via the command line. To invoke this, use the following command:

mstsc -v:servername /w:width_size /h:height_size -console

The variables are in italics; the servername would be the host name or IP address of the remote computer, width_size would be the width in pixels (such as 1024), and height_size would be the height in pixels (such as 768). The width and height values are optional so you should just receive fullscreen mode by default. Full options will be available by passing /? after mstsc.exe on the prompt.

Windows 2000 requires Remote Desktop Client installed first and it is also helpful to add RDC's path to the Windows environment variables.

In Microsoft Exchange, users are able to access shared mailboxes (such as a Webmaster account) by providing mailbox access rights via the Exchange ACL. However, there are additional rights required if users wish to send emails as another user. Here's how to set it up:

1. Open Active Directory Users and Computers and verify that the Advanced Features checkbox is selected under the View menu. Then double-click the mailbox user you would like to grant the send as permission to.
2. Under the Security tab, click the Add... button and type in the username of the user(s) that will be granted the send as permission and then hit OK.
   
3. Highlight the user(s) on the Security tab and click the Send As permission's "allow" checkbox. Click OK to accept the change.
4. In Outlook, the user(s) will have to verify that the From: field is enabled in the message composition window. If it is not showing, it can be enabled from the View menu and activating the From Field.
5. Once set up, the user just needs to make sure the From: field has the mailbox owner they have Send As permissions is listed.

At work our color printing system has always been a little on the finicky side. Recently I had only 1 out of 4 Mac OS X boxes able to send jobs to that printer but it worked fine when I set up a network print share on my Windows DC.

Instead of struggling with the unreliable internal print server, I decided on using OS X's built-in Samba print and file sharing capabilities. Unfortunately Bonjour was less than successful at locating this share I set up. So here are the manual steps I culled from Apple's support site:

1. Open the Printer Setup Utility (in System Preferences or in the Utilities folder)
2. Under Tiger, select Add Printer and then hold the Option key while clicking the More Printers button. Panther users instead hold the Option key down while selecting Add Printer from the Printers menu.
3. Choose Advanced from the menu that pops up.
4. Select the Windows Printer via SAMBA dropdown in the Device popup.
5. Name the printer and then under Device URI enter the following information (based on a Windows Active Directory network):
   
   smb://username:password@domain_name/server_name/print_share
   
   
6. Select the appropriate printer driver from the menu or browse one that's been downloaded for the printer.

Keep in mind that you can make this a bit easier if your Mac is part of the directory service already. You then would substitute the device URI as simply:

smb://server_name/print_share

I'm sure that one of these days I will have a post about integrating the Macs with AD... For the time being, the SMB printing with the full URI works nicely and faster than the device's internal print server.

Here's something I need for every Mac that I come across: disable the creation of .DS_Store files on network volumes. While these are needed on your local machine, there's no reason to litter someone else's computer:

From Terminal: defaults write com.apple.desktopservices DSDontWriteNetworkStores true

That keeps us power users in Windows happy because we always have our hidden files showing. For reference, here are the big caveats: this keeps your local .DS_Store files intact and is only applicable for the current user.