Toaster Gremlin

Archive for the ‘Windows’ Category

While trying to work with Microsoft Word on a server through .NET the following error was thrown:

Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005 Access is denied. (Exception from HRESULT: 0×80070005 (E_ACCESSDENIED)).

To resolve this you will need to grant COM permissions to the user running the application pool.

1. Open up Component Services (Start -> Run -> dcomcnfg)
2. Expand Component Services -> Computers
3. Right click My Computer -> Properties

4. On the COM Security tab click Edit Default under the “Launch and Activation Permissions” section

5. Add the IIS_IUSRS group and check allow next to Local Launch and Local Activation

When trying to use Performance counters with WCAT testing I was getting this error on the final report:

An error occured collecting server information data. Check that WMI is available.

Looking back at the command prompt on the controller I also saw this:

ERROR:Unknown error -1073738789 (c0000bdb)

Wireshark and Procmon did not really indicate any problems. In my situation I was logged into the WCAT controller as a domain user which did not have administrative access on the web server I was trying to start the Perfmon counters on.

After adding this domain user to the administrative users group on the web server, the WCAT test successfully collected the Performance counters specified in my settings.ubr file.

After SQL was removed from Failover Cluster Manager I was unable to uninstall it. The following error was logged in the application logs:

Product: Microsoft SQL Server 2008 Database Engine Services — Error 25012. There was an error attempting to remove the configuration of the product which prevents any other action from occuring. The current configuration of the product is being cancelled as a result.

To correct this I needed to follow the steps below to tell SQL it was no longer in a cluster. Then I was able to uninstall normally.

1. Open Registry Editor (Start -> run -> type in ‘regedit’)

2. Navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10.MSSQLSERVER\ClusterState\SQL_Engine_Core_Inst

3. Change the value of this “SQL_Engine_Core_Inst” key from 1 to 0.

4. Uninstall as normal through Programs and Features

These instructions will work for Server 2003 and 2008. Here is the full error message:

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {12345} to the user NT AUTHORITY\NETWORK SERVICE SID from address LocalHost

1. Open Component Servers (Start -> Run -> dcomcnfg).

2. Expand Component Services -> expand Computers.

3. Right click My Computer -> Properties -> COM Security tab.

4. Click “Edit Default” under the “Launch and Activation Permission section.


5. Click Add -> Advanced -> Find Now.

6. Scroll down and select the “NETWORK SERVICE” user -> OK -> OK

7. Select the “NETWORK SERVICE” user and check the allow box next to “Local Launch”.


8. Click OK -> OK

I received the following error when trying to install the SNMP service on Windows Server 2008:

Attempt to install SNMP Service failed. The source for the specified package or file was not found (error value: 0x800F081F).


The solution was to install the System Update Readiness tool for the appropriate version of Windows. I recommend the manual install (method 2) here:
http://support.microsoft.com/kb/947821

After hotfix 947821 is installed just try installing the failing feature or role again. In my case an incomplete Windows update or feature installation was preventing the installation of the SNMP feature.

Wireshark offers command line options which allows users to capture traffic information through a batch file. This also means the built in Windows scheduled task feature can be used to schedule a capture.

Example batch file:

"C:\Program Files\Wireshark\tshark.exe" -a duration:14400 -a filesize:20480 -a files:512 -w "C:\Program Files\Wireshark\captures\Packet_Capture.pcap"

-w: Specifies the output file:
In this example it will create the following file and increment the names if multiple files are being created:
C:\Program Files\Wireshark\captures\Packet_Capture.pcap

-a: Capture autostop conditions in the example above:
duration: Stop after 14400 seconds (4 hours)
filesize: Create a new file after it reaches 20480KB (20MB)
files: Stop creating new files after it reaches 512 (512 x 20MB = 10GB total)

For a full list of command line options use “wireshark -h” in a command prompt or take a look at the Wireshark command line help page.

If you need to bulk add IPs to a Windows server (2003 or 2008) one of the following batch scripts will make that much easier.

Example one:
This example will add a range of IPs as specified between the parentheses. Here are the values used in the example below:
2 = Starting octet
1 = Value to increment
5 = Ending octet

FOR /L %%i IN (2,1,5) DO netsh in ip add address "EXT" 192.168.1.%%i 255.255.255.192

This will add 192.168.1.2 through 192.168.1.5 to the connection labeled “EXT”.

Example two:
If you have a list of IPs that need to be added in a text file, the following batch script can be used. Ensure that each IP is on a new line:

FOR /F %%i IN (IPs.txt) DO (
netsh in ip add address "EXT" %%i 255.255.255.240
)

Make sure “IPs.txt” is the name of your file, “EXT” is the name of your connection, and the netmask (255.255.255.240) is correct for your range.

This is a quick example of how to automate a FTP task with a batch file. WinSCP allows you to utilize a script file with your connection details and commands, which makes things very easy.

Save the following details into “myscript.txt”:

# Answer all prompts negatively so the script
#does not stall on error
option batch on
# Disable overwrite confirmations
option confirm off
# Connect using a password
open ftp://myftpusername:mypassword@127.0.0.1:21
# Upload files
put C:\mydirectory


Make sure to update these values appropriately:
myftpusername = FTP username
mypassword = FTP user’s password
127.0.0.1 = IP or hostname of machine you are connecting to
C:\mydirectory = directory you wish to copy to the home directory of your FTP user

Then the following can be placed in a .bat file to execute the upload above:

C:\Program Files\WinSCP\winscp.exe /console /script=myscript.txt


Note you may need to update the path to the WinSCP executable or the myscript.txt file depending on your installation.

After installing Cyberghost VPN on a Windows 7 machine I was unable to launch the application. The following error was returned each time:
There is a problem with your Cyberghost VPN Installation. Should Cyberghost try to solve the problem automatically?

After choosing yes the application still failed to launch. I was able to resolve the issue by following these steps:

1. Open up Device Manager:
Start -> Control Panel -> System -> Device Manager

2. Scroll down to Network adapters and expand it.

3. Here I had three different “TAP-Win32 Adapter” instances each with a different V#. Right click each one and choose Uninstall.

4. Install OpenVPN which will install the appropriate TAP-Win32 driver. This can be downloaded here.

5. Now there will only be one instance of “TAP-Win32 Adapter” under Network Adapters and you should be able to launch Cyberghost without error.

First create a new Windows user which will have access to the directory. If this user already exists, skip to step #5.

1. Open Server Manager by clicking Start -> Administrative Tools -> Server Manager

2. Expand Configuration -> Local Users and Groups

3. Right click Users and select New User.

4. Enter the desired user name and password. Make sure to uncheck “User must change password at next logon” and check both options for “User cannot change password” and “Password never expires”.

5. Open IIS Manager by clicking Start -> Administrative Tools -> Internet Information Services (IIS) Manager

6. Expand the server name in IIS then Sites. Expand the site in question and select the directory you are looking to secure.

7. Double click “Authenticaton” under the IIS heading on the right. If you do not see this, make sure you “Features view” is selected at the bottom of IIS.

8. Right click “Anonymous Authentication” and choose Disable.

9. Right click on “Windows Authentication” and choose Enable.

By default the new user we created will be a member of the “Users” group and this group has access to the directory we are securing. However if you want to limit this access to a select user(s) instead of all users on your server, follow the extra steps below.

1. Right click the directory again on the left side of IIS and choose Edit Permissions.

2. Click the Security tab and then click Advanced.

3. Click Change Permissions

4. Select the Users group and choose Remove

5. Click Add -> Advanced -> Find Now to browse for the new user

6. Click OK until all dialogue boxes are closed