Dodgy Realtek network card drivers

Unless you are in a big corporate network where you can bulk buy identical computers for a uniform hardware specification, you are most likely buying computers in small batches with different hardware.

One of the side effects of this is that you are more than likely to get a computer with a Realtek network card in it. Realtek seems to be the choice of budget to mid range motherboards, with Marvell and Broadcom cards in the slightly higher bracket.

I’ve never really had a problem with Realtek cards, I used to love the 8139 100MB network card. Lately however, I’ve been less impressed. During our network migration at work, we had some issues with 11 pc’s not properly applying the Computer policy section of Group Policy. The most telling error was that the computer couldn’t find a domain controller, even though it actually could. Intensive investigation discovered that all the computers had the same Realtek network card in it, the 8110SC.

I had downloaded the latest drivers from the motherboards manufacturer’s website prior to the migration, and we used these drivers. Previous experience has taught me to use these rather than drivers at Realtek’s website, as those are usually plain drivers, incompatible with the modifications made by the manufacturers.

After almost buying a box of Intel network cards, I discovered later drivers on Realtek’s website, and I decided to use those. Lo and behold, after rebooting the computer, everything was working properly. This couldn’t come too soon, as we discovered that our second computer lab had the exact same issue, and buying 38 network cards was out of the question. It seems that the earlier drivers were buggy, and didn’t bring the network card up properly during boot up, hence the Computer policies not applying.

This whole experience has motivated me to make sure that when we next buy computers, they will only be with Intel motherboards in them. While lacking some features, Intel boards are solid and stable, and they have Intel network cards on them, cards I know will never give strange issues.

In short, many network cards out there will work absolutely fine in a home or small office environment, but are totally unsuitable for a bigger network. Be careful, and if you have no choice, try to get the latest possible drivers.

Interesting WSUS problem

WSUS is a real life saver on a Windows network of any size, it more than pays off its huge initial download size when it serves computers on the network and saves internet bandwidth. However, like any other software, it can be temperamental and have tough to troubleshoot problems.

I recently came across a problem during the migration at my work. We set up the client XP SP3 workstation, ran sysprep and then cloned the box. However, after the deployment, only 1 or 2 computers were appearing in the WSUS console when there should have been 38.

Puzzled by this, and by the fact that computers were still getting updates despite not showing up in the console, I decided to investigate. After a lot of internet searching, I narrowed down the seeming culprit to a setting in the registry.

It turns out that for whatever reason, sysprep is not removing these entries in the registry, so the computers after cloning will receive updates but won’t report to the console. It may have been some change Microsoft made with SP3, or it may be the updated Automatic Update client, no one really knows.

The solution is to delete the SusClientId and SusClientValidationId entries in the following registry key before running sysprep and cloning the computers : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\Windows\CurrentVersion\WindowsUpdate

Clone the computer and after sysprep is run, the computer should now report to the WSUS console. Alternatively, you can restart the Automatic Updates service, as well as run wuauclt /resetauthorization /detectnow. If you don’t delete the entries in the above mentioned registry key, they are all identical and WSUS will only pick up the first computer that starts up with those entries.

I haven’t yet figured out if this problem exists in Windows Vista and 7, as I have never had the chance to clone those systems or use the sysprep tool for them.

I hope this will help someone out there avoid the head scratching we went though with this.

Telkom Mega 105WR: Follow up after almost a year

I previously wrote about the Telkom Mega 105WR router here, and after almost a year’s worth of use, I thought I would do a follow up.

Most of my original comments still stand on the device, it is quite powerful and feature rich for a telco supplied device. However, one thing that has not improved is the routine freezing of the device. Almost like clockwork, the router needs to be restarted every 7-8 days, as I can’t access the web console, and wireless struggles to remain connected.

Doing some research on the router revealed that it appeared to have a high return rate, for this reason and diverse others. I looked on the manufacturer’s website for an updated firmware, to no avail. I even tried emailing their support address, to which I have still not gotten a reply to this day.

A few weeks ago, I decided to take the router back into the shop to try and get a replacement model before the guarantee ran out. I duly packed up everything and went to the Telkom shop. I was duly informed that they could not exchange the router directly, I first had to call the national ADSL support line, go through the troubleshooting tips, and then get a reference number. Come back with that they said, and we’ll do a swap. Then came the interesting news: “Telkom no longer supply this router, so you will be getting another model”

I am guessing that the problem rate with this router was high enough to cause Telkom to move to another model. I looked in the shop, and it appeared that the most likely replacement model would be another Telkom branded router, called the Duoplus 300WR. After looking up the specs of this thing on the internet, I was left less than pleased. The wireless antenna is only 3dbi, half the strength of the current model. It would mean me having to buy a new aerial, which I don’t want to do. I could be wrong however, as there were also Netgear routers in the shop, which may also be an option. I’m not fully sure.

To cut a long story short, I am still running the old Mega 105WR at home, and I’m not yet sure what I plan to do about it. I am tempted to buy a proper name brand router, but at this point I’m trying to find one that has all the features I need and is not too expensive.

My advice is that if you have one of these devices, and it routinely freezes up like mine, get the reference number, swap the model out and hopefully the newer router will perform better. I can’t recommend this router anymore, it just doesn’t perform as expected. Rather buy a name brand router, it will serve you better in the long run.

Marketplace for Windows Mobile

Windows Mobile is no doubt a powerful platform, and it has been around for many years. As such, it has a huge software ecosystem of applications that have been developed over the years, but like everything else pre Apple iPhone App Store, there was no simple easy place to get these applications.

Enter Marketplace for Windows Mobile. Introduced with Windows Mobile 6.5 in October, the number of apps it offers has steadily grown, as has support for Windows Mobile 6 and 6.1. A web front end is also available for users to manage various aspects of the service through their pc’s.

I’ve found the service to work pretty well, it does what it needs to. However, there appear to be some quirks still, which hopefully will be resolved in the future. Not being able to install your apps to a memory card for example is a bit silly. Updates to applications also seem to be a bit hit and miss at the moment. A case in point is the Bing application from Microsoft themselves. An update was available from the menu in the application, but there’s no sight of it in the Marketplace yet.

The other thing I’ve noticed is that content seems to differ depending on which country you are in. If you are in the US, there are a ton of applications and games available, but for me in South Africa, there are only free and demo applications available. I think it is because Microsoft still need to set up methods whereby people can buy applications and games easily in each country.

Overall, I look forward to seeing how the service evolves over time. I hope that more and more content publishers come on board. There are tons of wonderful applications out there on the internet, but it is highly disorganised. If these people can contribute towards the Marketplace, it will quickly grow and become even more useful.

I’ve looked at the Ovi Store on my father’s Nokia N97, and while it has a lot more content, I’m not particularly impressed with its layout. It seems quite cluttered in comparison to the Marketplace.

I highly recommend that if you are a Windows Mobile user, to keep an eye on the Marketplace. It can only continue to grow from here.

FOG and Active Directory

A while back, I wrote a post on a very useful piece of software called FOG, which you can read here. Since then, FOG has been updated to version 0.28, and my original article ended up on their wiki.

Our school is moving to an Active Directory based domain in the middle of December, and we have been searching for ways to get our workstations ready. After much discussion, it was felt that grouping the machines together hardware wise, then cloning them would be the best way to get all the machines ready. The idea behind this is that this will be faster than cleaning out individual workstations, as well as providing a clean stable base system. Unfortunately, XP remains the base operating system.

Joining a computer to the domain is not hard, but it is time consuming. Combined with renaming the workstation, it becomes really time consuming. FOG thankfully can automatically rename a workstation, and provided that the Windows Support Tools are installed on a workstation, it can join the domain for us. We finally got around to attempting to make use of this, and in short, while it works, there is an issue related to the password for the account used to join the domain, which I will explain shortly.

With enough experimenting and reading of the FOG wiki, we got our test computers to join the domain. It worked quite well, and combined with the name changing module, it has the facility to save us lots of time.

In order to join the domain, you need an account in Active Directory that has the rights to do so. As a test, we were using our Administrator account. However, our account has a strong password, including the use of the : character This character caused an issue with the NETDOM command that is part of the Windows Support Tools that FOG needs to join the domain. Using the : character caused NETDOM to think that we were specifying another parameter, when we weren’t. This came to light after manually using the NETDOM command when FOG failed to join the domain.

I haven’t experimented with the NETDOM command, to see if using inverted commas around the password will work. However, even if that works, FOG will not be able to pass that on to NETDOM. In short, make sure the account you use to join computers to the network is using a password without at least the : character.

I’ve read on the FOG forums that some code is being developed to join computers to the domain without using NETDOM, as this command is no longer available for Windows 7. So far it is having some mixed success, so time will tell what happens.

To close off, I am yet again impressed by FOG. The improvements brought about by the later versions have increased speed and added some nice new features. I look forward to see what more is still coming, including possibly much better Linux cloning support. For a free product, it is quickly becoming a must have in a network environment that needs cloning.

Automatic removal of Windows Profile after logging off

This is a neat trick I’ve discovered after reading about it on the EduGeek.net computer forums. This trick is for domain environments, where it can be handy to remove the user profile clutter that builds up on a local workstation. It is also highly useful for schools, who don’t want local profiles to build up on computers for various reasons.

If you want the profile on the local computer to be deleted after you log off, get your account added to the Domain Guests group. After you log off, the profile is deleted. Next time you log on, it is a completely new and clean profile that is created. From what I understand, being added to the Guest group doesn’t alter any other permissions you have in other groups though.

Novell Netware has a similar feature that is called Volatile Profiles, which when used with Zenworks, removes the user’s profile from the computer after logging off. We have this enabled at my school, and it is something I’ve been looking to duplicate on a pure Windows platform without resolving to 3rd party software.

I’ve tested this with Windows Server 2003 and an XP Service Pack 3 client, so far so good. I’ve also just tested with Windows 7 client, which appears to work as well. I haven’t tested with Vista client, but I imagine it would work the same as Windows 7. Server 2008 domains should also have this benefit.

The only downside to the whole process is that log in times may be longer as the profile has to be created every time. I’m also not sure how this would affect cached log ins in case the network is down. Hard disk activity will also be a bit high during log in and after log off, but that shouldn’t be too big an issue depending on the computer.

Depending on your situation, this may be a nice trick to add to your arsenal in helping to keep workstations sanitized and controlled. The faster the workstation runs, the less complaints from everybody.

Microsoft Security Intelligence Report

Computer security seems like a never ending battle sometimes. You can never have enough layers of defence, your definitions can never be up to date enough, and you can never be paranoid enough. Threats seem to mutate almost daily. However, the days of threats making big waves in the mainstream news headlines appear to be over now. The threat landscape has changed.

Whereas before malware writers wanted to destroy your pc, these days they want to avoid that, since a “dead” pc is a pc not held to ransom or carrying out some other nefarious task the malware author wants done. A broken pc is of no use to these people.

I recently ran into an article that spoke about the Microsoft Security Intelligence Report, and about how some progress was being made in fighting malware. Curious, I went to go and download it. You too can get a copy by visiting www.microsoft.com/sir.

The report is quite long, but was quite interesting and even enlightening to read through. Compiled from statistics from its various anti-malware products, Microsoft has painted an interesting picture of computer security. I don’t know how accurate these numbers are, and I do know that without the statistics of the other anti-virus companies, the results are not a truthful reflection of the state of Windows computing.

The next version of the report should be quite interesting, as it will include data from Vista SP2, Microsoft Security Essentials and Windows 7.

In summary, the report vindicates what I’ve been telling friends for years about how much safer Vista was than XP. Vista has suffered far less attacks than XP. It has gotten to the point where attacks are being shifted into the application market, rather than attacking the base OS. Windows security has come a long way now, to the point where it is becoming harder for attackers to attack the base OS easily.

What it also points out is that by patching your computer, you can avoid some of the issues that have affected people. One example was that by simply having one patch, roughly 98% of attacks based though Microsoft Office would have failed to work.

I would highly recommend that if you are interested in computer security, that you take the time to read this report. It is well worth the time to do so.

Windows Mobile 6.5: My review

I’ve had 4 cell phones in my life, 3 of which were Nokia phones. Two of those ran Symbian S60. My latest phone is the HTC Touch Pro2, which runs Windows Mobile. 4 years of using Symbian based Nokia phones moulded me in how I came to view phones. Using any other type of phone, I felt lost. Such was the case when I first used the Touch Pro2.

The Touch Pro2 came with Windows Mobile 6.1 Professional on it. It was partly covered up by HTC’s Touch Flo 3D applications, which helped to ease me in, but underneath it was still Windows Mobile. Raw power, but rather unpolished I felt. Certain logical places for applications or settings were not there, and as a result I felt a bit lost.

Still, I persevered and grew to like 6.1. It was pretty stable, and I had only just got into finding out about the tons of applications that run on the platform. I could multitask much better than on any of my old Nokia phones. Into this mix however, Windows Mobile 6.5 was released.

On release day, I downloaded the ROM from HTC’s website. Before I flashed it, I had to find a way to back up all my stuff on the phone. Here again I ran into a brick wall, as unlike Nokia’s PC software, there is no easy way to back up a Windows Mobile phone. Eventually I discovered and used Microsoft’s MyPhone service, which while working, felt very disjointed.

Flashing the phone took roughly 10 minutes for the actual flash, and about 7-8 for the phone to do its first boot procedure. I was greeted with an updated version of Touch Flo 3D, and various other screens had been updated, but underneath precious little really had changed from 6.1. Most of the screens had been changed to make input options slightly larger, so as to make it more finger friendly, but in the end the stylus is still a necessity.

Windows Mobile 6.5 includes some extra applications like Microsoft’s Facebook application, the Windows Marketplace and so on that were previously separate downloads. Unfortunately I’ve seen memory usage go up, which can make the phone feel sluggish at times. I’ve also run into a bug where downloading weather data will cause the Last Battery Charge information to be deleted.

Overall, I feel like HTC didn’t spend a lot of time polishing this update. I hope that they will release more updates to help speed up the phone.

To add to the chaos, I read an article on GSMArena that stated Windows Mobile 6.5.1 was being worked on, which had a lot of proper new features. Now I am actually hoping that HTC will release that for us instead. I’ve read that the real focus of Microsoft is bringing out Windows Mobile 7 next year, which is fair enough, but I do hope that they won’t forget us still out there using current versions.

In summary, I have to say that Windows Mobile 6.5 as it stands now feels like a pretty weak release from Microsoft. It’s designed to just keep us hanging on until Windows Mobile 7 launches. Time will tell how history judges 6.5

Windows Group Policy

When it comes to configuring Windows advanced computer settings on a wide scale, little if nothing can touch Windows Group Policy. Built into Windows versions since Windows 2000, the settings it can configure has grown with every release, where it now numbers over 2400 on Vista, according to Wikipedia. This level of control is probably the main reason Windows based computers rule the corporate world. Nothing in Linux, BSD or Apple comes close.

I’ve been playing with Group Policy for a number of years now, but only lightly. I’ve never had the chance to study it in depth or try out some of it’s features. It has also caused me some grief from time to time when a policy wouldn’t apply to a computer, but apart from that it has made my life as a Windows Admin much easier.

One of the additions to Group Policy introduced with Vista is the option to finer control removable devices such as flash drives and memory cards. Since the rise of the AutoRun based trojans a few years ago, having the option to deny read or write access to a flash drive is a big boon for those trying to control infections.

Unfortunately, this only works on Vista and above. XP does not have this feature available. I’ve seen some half hearted solutions to the problem by modifying a system file called USBSTOR.SYS and messing around with system services.

I’ve recently come across something called Group Policy Client Side Extensions which promises to make things even easier. Should this work as explained, I will be able to do things like create shortcuts on Desktops of users, which is not possible with standard Group Policy.

Group Policy can get very complex, but if done right it is a rewarding tool to work with.

Local Policy on my Windows x64 Vista Ultimate

Microsoft Web Platform Installer

For years, the LAMP stack has been a success story of the open source world. Based on the components of Linux, Apache web server, MySQL and PHP/Perl/Python, it has enabled many fantastic applications to be built: WordPress, Joomla, Drupal, Moodle and more. The ease of use for developers and admins has lead to this stack being almost the de facto standard for hosting these applications.

Generally these packages also worked under Microsoft’s web server, IIS, but usually with some difficulty in setting up and maintaining the site. Most of the projects help forums are for those who run it on the LAMP stack. Downloads are usually zipped, and need to be set up manually. Linux distros such as Debian may have the packages in their repositories, but they may be a little out of date.

Microsoft finally decided to help people who run Windows Servers to be able to easily join in on the party. The result was the Web Platform Installer, more information can be found here

View Full Album

While the focus of the tool seems to be to promote ASP.Net based applications, PHP based applications are also available and supported. Indeed, supporting these PHP applications has made installing products like Moodle and Gallery a lot simpler, as the package has scripts that set up the correct rights on folders, connection to the database and more.

The Installer sets up various aspects of IIS for you, installs a Microsoft SQL Express Database, PHP and other tools you will need for the applications.

At the moment, the number of applications is still quite small, but it is growing. Applications I wish to see in the future include PHPBB3, MediaWiki, and most importantly, Joomla. Microsoft does not package the applications themselves, but rather provides the guidelines and tools to create the packages. Hopefully members of the above mentioned communities will band together to package the apps to eventually have them appear in the Installer.

The Installer makes life easy in many ways, but it is not the be all end all. Admins still need to test the security of their websites, directory permissions and so to ensure the most secure website possible.

Overall, I really like this tool and hope that in time it will continue to grow and offer more and more killer applications. Microsoft have done sterling work to get PHP to run better and faster under Windows, and this is hopefully a sign of even more things to come.