Archive for January, 2005

Where do I go from here

Monday, January 31st, 2005

Today was the last day at the media company I was with. I was only there for 3 months, but I was kinda of saddened to leave, even though it had partly been my choice to go.

Its a real shame they where so far away from where I live. Well, far away is a real relative term in the Netherlands, where actual geographical distance seems tiny, until you factor in time spent in traffic jams, or trying to get connecting trains.. and the latter is still my case as I still don’t have a drivers licence.

If they had been any closer, I would have made the case to stay. But 4 hours of travel a day where really beginning to wear me out, not to mention my spare time basicly vanished, and I do so value my spare time.

One of the things I will especially remember about that place is the support I got from the boss, the guy in charge, ..  I hesitate to call him a manager, as he was far to technical for that term to come to (my) mind. In my world all managers are tech-illiterate and bad-news. This guys was neither. I felt somewhat intimidated by him at first, but you must bear in mind I am easily intimidated. But later on, and especially after we had kind of decided to go our separate ways, in as, I was going to be replaced, he really impressed me with his genuine support, and his heart-felt wish that I got into a kind of job that I could really thrive in.  The rest of those guys where also very pleasant to work with, some of course more than others, but on the whole a group of people that knew how to get things done. I seemed to get on best with a part of the team that where their own little mini department, with their own specialities, and not directly involved in what the rest of my own team did. But these guys where the real geeks of the department, and I suppose geeks bonding just seems to happen naturally 😉

What caused me to eventually leave was of course not just the travelling distance, though this played a large part. But I found myself doing exactly the kind of work I have been doing most off for the last 3 years; second line help desk. This more or less excluded me in scope, from getting to the real meat of the IT that they where managing. Sure I got to play a little with servers, and especially in the last two weeks, I tried to dig into some serious Windows server issues.. well “dig” is a very strong word to use.. “sniff at”, is more apt, as my main job responsibilities kept “getting in the way”.

The insanity of my situation strikes me when I say that sentence out loud: “main job responcibilities kept getting in the way”.

There are two ways to approach the situation: 1. I have my priorities all fucked up and should shut up and just do whatever work they throw at me .. or 2. , which is my prefered choice, I should try to do the work I love doing and am very good at doing, no matter what anyone else says or thinks.   Basicly I have been consistantly put into the position of choice 1, and my employer, the IT services company I work for, doesnt seem to get the hint that when you stick a guy on a job he is totally bored with, and 4 times the customer sends him back with the message “this guys is too skilled and enthousaistic for this kinda boring-ass work” , that.. the guy is probably too skilled and enthousaistic for this kinda boring-ass work.

The aforementioned head of the IT department I am leaving, actually wrote an email to my employer which states in no uncertainy way “this guy is not a second line helpdesk support guy, and basicly positioned me as more of a consultant that anything else, though with the side note that I needed to work on my communications skills, and he is quite right.

So tomorrow, I have a talk with my HR manager.. again.. about this same issue, which we have in fact discussed before. No doubt she will accuse me of sabotaging my position at the customer, and I will call the company crazy for not making better use of my skills, knowledge and natural enthousiasm.

Now I am really, really scared of conflict.. with anyone. I am not one of these people that can just say ‘screw em’, how people percieve me us far, far too important for me, and often leads me to be trampled underfoot by people who can say ‘screw em’, or in that case’ screw him’. I believe it is for this reason, and this reason alone that I am still crosely underpaid and basicly exploited at every turn, cause I am basicly too chicked to stand up to them, scared shitless of any kind of consequence, or the prospect of ‘not being liked’.  Its a fucking stupid mind set, especially in the hard-ass business world of IT and IT services companies.

One thing I try to keep reminding me is that the worst they can do is fire me, and they would need a pretty good reason to do so here in the Netherlands. If they do, the basicly release me from the 4000 euro’s I owe them, and it would open up the prospect for me of finding work that at least payed better, even though it would probably be.. you guessed it.. helpdesk work.  As long as I dont have my MCSE, I dont stand that much of a chance of getting a good position anywhere.. and with good I mean interesting… I dont really care about the pay, besides, anywhere else, I would get more money that I get now (about 1200 euro net)!

Since I am basicly going to be roaming around between home and the office, where at least the proxy will let blogjet though, I will be posting more often again, so expect a post from me tomorrow or so.

Windows Indexing service.. uhh.. wow!!

Tuesday, January 25th, 2005

http://weblog.infoworld.com/udell/gems/windowsIndexing.html

From John Udell’s blog: Jon’s Radio

Kind of amazing how well it works. The service was disabled on my pc, just turned it on, will play with it tomorrow when its had a chance to index stuff.

Now..  it could well be that many many people already knew about this, and about the use of “!”, but if John Udell didn’t know about it, I am not embarresed to have been ignorrent about it also!

My recent and future blog usage – “Action Blogging”

Monday, January 24th, 2005

Usage of my blog has been sporadic the past few weeks. This is mostly due to not being able to effectively blog at work, because for some reason, Blogjet is not able to communicate properly through our proxy.

Probably for the same reason RSS Bandit wont collect feeds here, so I use Bloglines for my RSS browsing at work now.

I have actually opened a call on the issue, and the network guys will be looking into it when they can; I told them it was ultra low priorty. But the guy agreed that if it was an issue for me, it was bound to be a future issue for others, and if there was a problem with web-service access over the proxy, it was something they shoudl look into, regardless of the above-lying application. I couldn’t agree more, finally someone in this company thinking outside the box, what a relief, I was starting to think I was the only one! 😉

The past few weeks I have been reexamining my blog usage and where I want to go with it. One thing that really rang a bell was what I believe was John Udell, that said on this weekends Gillmore Gang. He talked about action-based blogging as an aspect of blogging that is proving increasingly usefull as an online resource.

I have been doing this for a while without realising it, and have only come to realise how usefull some of my posts are, when I start to see my blog post popup at the top of Google’s rankings, because a certain issue is relatively undocumented on the web. Examples of this are this post on RSoP (no solution yet), this post on restoring Outlook Web Access on IIS, or this one on Explorer Filetype behaviour (also not solved yet.. damnit).

Considdering the usefullness of above posts, both to me and the tech community at large, I am going to ‘take better care’ of these posts.
They all share a basic common theme.. as in they discribe a problem I have encountered in real life tech, and a solution if I have found it.
I might turn them into what .text discribes as articles, like I did with the WUS tryout…. but it might be best to simply catagorize them under a seperate name.. like In The Trenches 😉  .. or something.  I could even add the words ‘unsolved’ or ‘solved’ at the back of the topic titles.

ITT: Resultant Set of Policy, Services view or Remote Disk Management – “RPC Server is Unavailable” (Solved)

Wednesday, January 19th, 2005

Update June 17, 2005:

Progress at least getting the remote disk management to work thought the SP2 firewall.
I am chaning the status to this issue to SOLVED

I can confirm that the solution suggested by Tori in the comments works. the following program exeptions must be added to your firewall policy in order for the Logical Disk Management Service to be accesable through the firewall, dispite having already turned on the options Allow Remote Administration Exception and Allow File and Printer Sharing Exception:

Define Program Exeptions:

(replace localsubnet with whatever access source you wish to grant, see the explain tab for more info )

c:windowssystem32dmadmin.exe:locasubnet:enabled:Logical Disk Manager
c:windowssystem32dmremote.exe:locasubnet:enabled:Logical Disk Manager Remote Access


As for other RPC errors using remote administratior, such as RSoP.. make sure you dont have the option Do Not Allow Exceptions turned on in your firewall domain policy. It easy to turn this setting on under the asumption that the setting would only effect locally logged on users. But it effectively turns off any other local exeptions you have defined in your policy.

——————————————————

Update 23 March 2005:


I have returned to this issue at work, purely by coincidence.
This time, its a very simple classroom setup, same configuration: GPO with settings for the SP2 firewall, firewall enabled, remote admin enabled, file and print sharing enabled.

Curiously, this time, resultant set of policy works oke though the firewall, but remote disk management ( Logical Disk Manager service ) does not. Had another look on google, but nothing new. Didnt find my blog post either, probably havnt used the right keywords often enough.

If I feel up to it, I will dig deeper.

————————————————————

Original post,

Resultant Set of Policy – “RPC Server is Unavailable”

So there seems to be a problem with DCOM or RPC over the Windows XP SP2 firewall.

The problem above also manifests itself when you use MSinfo32.exe to collect info on an external computer. And also appears when you try access the disk manager of the remote pc, via the Computer Management Snap-in.

Discounted all other things, as RSoP and all of the abobe works just fine with the firewall turned off.

Also note, that all the firewall settings are being pushed via Group Policy, and that the policy is not being overidden by anything above it, the application of the correct settings can be observed live on the client.

Now via Group Policy, you can set some settings that are suppose to open up all the management ports you could need within your lan/domain:

Windows Firewall: Allow local program exceptions

This will open up the following ports on the client machines:

TCP Port 135 for (DCOM) (DCE/RCP Endpoint Mapper)
TCP Port 445 for (RPC)

Allows remote administration of this computer using administrative tools such as the Microsoft Management Console (MMC) and Windows Management Instrumentation (WMI). To do this, Windows Firewall opens TCP ports 135 and 445. Services typically use these ports to communicate using remote procedure calls (RPC) and Distributed Component Object Model (DCOM). This policy setting also allows SVCHOST.EXE and LSASS.EXE to receive unsolicited incoming messages and allows hosted services to open additional dynamically-assigned ports, typically in the range of 1024 to 1034.
If you enable this policy setting, Windows Firewall allows the computer to receive the unsolicited incoming messages associated with remote administration. You must specify the IP addresses or subnets from which these incoming messages are allowed.
If you disable or do not configure this policy setting, Windows Firewall does not open TCP port 135 or 445. Also, Windows Firewall prevents SVCHOST.EXE and LSASS.EXE from receiving unsolicited incoming messages, and prevents hosted services from opening additional dynamically-assigned ports. Because disabling this policy setting does not block TCP port 445, it does not conflict with the “Windows Firewall: Allow file and printer sharing exception” policy setting.
Note: Malicious users often attempt to attack networks and computers using RPC and DCOM. We recommend that you contact the manufacturers of your critical programs to determine if they are hosted by SVCHOST.exe or LSASS.exe or if they require RPC and DCOM communication. If they do not, then do not enable this policy setting.
Note: If any policy setting opens TCP port 445, Windows Firewall allows inbound ICMP echo request messages (the message sent by the Ping utility), even if the “Windows Firewall: Allow ICMP exceptions” policy setting would block them. Policy settings that can open TCP port 445 include “Windows Firewall: Allow file and printer sharing exception,” “Windows Firewall: Allow remote administration exception,” and “Windows Firewall: Define port exceptions.

Then you also have this one:

Windows Firewall: Allow File and Print Sharing exception

This will open up the following ports on the client machines:

TCP Port 139 (Netbios Session Service)
TCP Port 445 (RPC)
UDP Port 137 (Netbios Name Service)
UDP Port 138 (Netbios Datagram Service)

Allows file and printer sharing. To do this, Windows Firewall opens UDP ports 137 and 138, and TCP ports 139 and 445.
If you enable this policy setting, Windows Firewall opens these ports so that this computer can receive print jobs and requests for access to shared files. You must specify the IP addresses or subnets from which these incoming messages are allowed. In the Windows Firewall component of Control Panel, the “File and Printer Sharing” check box is selected and administrators cannot clear it.
If you disable this policy setting, Windows Firewall blocks these ports, which prevents this computer from sharing files and printers. If an administrator attempts to open any of these ports by adding them to a local port exceptions list, Windows Firewall does not open the port. In the Windows Firewall component of Control Panel, the “File and Printer Sharing” check box is cleared and administrators cannot select it.
If you do not configure this policy setting, Windows Firewall does not open these ports. Therefore, the computer cannot share files or printers unless an administrator uses other policy settings to open the required ports. In the Windows Firewall component of Control Panel, the “File and Printer Sharing” check box is cleared. Administrators can change this check box.
Note: If any policy setting opens TCP port 445, Windows Firewall allows inbound ICMP echo requests (the message sent by the Ping utility), even if the “Windows Firewall: Allow ICMP exceptions” policy setting would block them. Policy settings that can open TCP port 445 include “Windows Firewall: Allow file and printer sharing exception,” “Windows Firewall: Allow remote administration exception,” and “Windows Firewall: Define port exceptions.”

But unfortunatly, this doesnt seem to help.

Now MS KB article 875605 (How to troubleshoot WMI-related issues in Windows XP SP2) also tells me to
– Create a program exeption for uncecapp.exe – Done, no dice
– Explicitly open port 135 – Done, still no dice.
– Edit the DCOM remote launch permissions. – Done, officer, I still dont have any dice.

I really cant think of anything else at this point. I guess I will have to dig into DCOM and pull out the network monitor for this. *sigh*

Consulted sources so far:

http://www.ntcompatible.com/thread28557-1.html – SP2 Windows Firewall programs exceptions list issues… http://support.microsoft.com/kb/q204279/ – Direct Hosting of SMB Over TCP/IP
http://support.microsoft.com/default.aspx?scid=kb;en-us;840634 – You receive an “Access denied” or “The network path was not found” error message when you try to remotely manage a computer that is running Windows XP Service Pack 2
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2maint.mspx#EEAA – Changes to Functionality in Microsoft Windows XP Service Pack 2
http://www.911cd.net/forums/index.php?showtopic=5999&hl=mmc_sp2 – Diskpart And Nu2menu Problem
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngdepgp.mspx – Managing Windows XP Service Pack 2 Features Using Group Policy

Feedback

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by keeb at 1/31/2005 10:15 PM Remove Comment 21595 Gravatar

Have you resolved this yet?

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by Robert at 1/31/2005 10:30 PM Remove Comment 21597 Gravatar

Unfortunatly not, no. May have a chance to work on it this weekend.. why, you having the same problems?

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by jason at 2/1/2005 4:53 PM Remove Comment 21677 Gravatar

Same problem here. Remote administration opens a number of tools, unfortunatly not winmsd or msinfo32. Also tried addeding these two programs to the Program exceptions, no help.

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by Adrian at 2/8/2005 10:13 AM Remove Comment 22335 Gravatar

I was having the same problems as you guys in a workgroup, but followed the above URL instructions, turned off Wondows Firewall, lit a candle to the Virgin Mary and it worked. MSinfo32, Winmsd etc. worked.

Oh yes. I forgot to mention, I turned of Norton Antivirus 2005 worm protection. On both machines. What is it with Norton? Luckily I have a Router/Firewall.

🙂

Adrian.

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by Morgan at 3/21/2005 3:36 PM Remove Comment 26879 Gravatar

I’ve open TCP 135 and specified program exception unsecapp.exe.
But it only worked when i also Enabled “Allow remote administration exception” for the
servers that ran Group wizard results.

Try: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2maint.mspx

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by skewld00d at 3/23/2005 1:40 AM Remove Comment 27020 Gravatar

I have the *exact* same problem on a w2k3 machine!!

The firewall rules have been uber-quadruple checked, and I even have a nearly identical machine where it works!

I need a system (registry + file) diff I guess.

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by skewld00d at 3/23/2005 3:06 AM Remove Comment 27032 Gravatar

Try this….

1) Disable firewall
2) Test
3) Reenable firewall.
— If it worked, keep going —
4) Open up port 1025/TCP (this is some RPC port)
5) Works for me!

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by Tori at 3/25/2005 9:41 PM Remove Comment 27285 Gravatar

I was working with Microsoft on this issue, and we just got it to work by adding an exception for Dmadmin.exe. The following appear to be the required exceptions:

Dmadmin.exe
Dmremote.exe
File and Printer Sharing
mmc.exe
Port 135

Many thanks to Sean at Microsoft support!!

# re: ITT: Resultant Set of Policy or Remote Disk Management – “RPC Server is Unavailable” (Unsolved)

left by James at 4/15/2005 12:05 AM Remove Comment 33981 Gravatar

For some reason, my DCOM was turned off after trying to resolve this problem for a while now.

In administrative tools -> component services

Expand the component services , open computers, and then click on my computer. The last icon on the task bar is “configure your computer”. click it and hit the default properties tab. right there, DCOM was not enabled for whatever reason. This was sometime after installing SP2. I install many test applications too so it could have been one of them. I also explicitly gave myself remote launch permissions under COM security even though Im an admin.

if you search for WMI and SP2 at the MS knowledge, they go over some other things you can do as well.

# RPC Server is Unavailable in windows 2000

left by vipul at 6/6/2005 8:29 AM Remove Comment 42244 Gravatar

I m facing “RPC Server is Unavailable” Error in windows 2000. I just want to know the solution of this error. I had done all prescribed steps written in msdn from microsoft in order to solve this problem. But still problem persists. Plz anyone give me solution as soon as possible.
Vipul

# re: ITT: Resultant Set of Policy, Services view or Remote Disk Management – “RPC Server is Unavailable” (Solved)

left by ThanX it helped me a lot .. at 10/7/2005 3:02 PM Remove Comment 56328 Gravatar

I could not find the answer anywere else …
you misspelled “locasubnet” in your comment it should mean “localsubnet”

“c:windowssystem32dmadmin.exe:locasubnet:enabled:Logical Disk Manager
c:windowssystem32dmremote.exe:locasubnet:enabled:Logical Disk Manager Remote Access”

# re: ITT: Resultant Set of Policy, Services view or Remote Disk Management – “RPC Server is Unavailable” (Solved)

left by Roger at 2/8/2006 6:31 PM Remove Comment 68722 Gravatar

As posted 4/15/2005 12:05 AM by James … Enabling COM worked like a charm for me. Don’t forget to restart the console.

# re: ITT: Resultant Set of Policy, Services view or Remote Disk Management – “RPC Server is Unavailable” (Solved)

left by halfmoon at 5/10/2006 1:26 AM Remove Comment 77749 Gravatar

DiskSpace Explorer is a professional tool, powerful, intuitive and easy to use, that runs under all Windows platforms (Windows 95, Windows 98, Windows Me, Windows NT, Windows 2000, Windows XP etc.) and allows the network professional to manage the server hard disk space and make intelligent allocation decisions for its capacity… yet it is simple enough for the average computer user at home on non-networked computers to allocate and manage hard drive space the way professionals do.

http://www.yaodownload.com/utilites/network/diskspace-explorer/

# re: ITT: Resultant Set of Policy, Services view or Remote Disk Management – “RPC Server is Unavailable” (Solved)

left by Brad at 5/25/2007 1:00 PM Remove Comment 123823 Gravatar

None of the program exception policies worked for me, so I finally enabled logging in the firewall group policy and found that connection attempts to port 2878 were being blocked when I attempted to connect with remote disk management. Opening that port corrected the problem.

These are the policies I added:

Windows Firewall: Define port exceptions
2878:TCP:localsubnet:enabled:Remote Disk Management

Windows Firewall: Allow local port exceptions
Enabled

# re: ITT: Resultant Set of Policy, Services view or Remote Disk Management – “RPC Server is Unavailable” (Solved)

left by can at 11/20/2007 3:23 PM Remove Comment 148836 Gravatar

thanks best regards..

Another Tech-Chat @ In The Trenches

Saturday, January 15th, 2005

Just finished up on another tech chat for In The Trenches

Its really is so cool, I never get tired of participating in this stuff.  Originally we had Chuck Tomasi on board for the chat, but he had to leave, so we continued on with me, Kevin and Dave Johnson (Edave.org) on Security as the topic of focus, but ended up talking about all kinds of other stuff aswell. The tech chat when edited will be on the security stuff though..