Category Archives: Operating Systems

BlackBerry Enterprise Server 5 installation nightmares

If you’re going to be installing BlackBerry Enterprise Server (BES) 5.0 on a Windows Server 2008 machine, you better be ready to call technical support or read this blog post at a minimum.  I spend 5 hours on the phone with BlackBerry customer support over the course of two days to work out all the installation problems that should have been automated by the installer and documented in the pre-installation guide.  I will give Research In Motion support credit for helping me through these problems.

The main different between BES 5.0 and BES 4.1.x is that the administration interface is Java and ActiveX web based only, which irritates me to no end.  BES 4.1 gives you a real interface that works without a browser and isn’t dependent on some complicated JBoss+Apache web server setup.  This web based aspect of BES 5.0 was the source of some major installation and configuration headaches.  With BES 4.1.x, you don’t have to put up with any of this nonsense.  The reasoning behind 5.0 using a web administration interface is that now the users can manage their own BlackBerry Enterprise accounts though I really didn’t need this feature.

Just getting the basic preparation work done for a BES 5.0 install is daunting enough because you have to go through this pre-installation guide.  That involves setting up a BES service account, the local server permissions, the active directory permissions, the exchange server permissions, and other software that needs to be pre-installed.  It gets a bit confusing and I definitely recommend just using the SQL Server 2005 express they include in their BES 5.0 installer and then you don’t have to worry about additional JDBC drivers for remote SQL databases.  Don’t bother installing SQL express yourself as it will only make things more complicated.  You will need to install the Microsoft Exchange MAPI client before you install BES.

One pre-installation step that is missing is that you need to make sure that IPv6 on Windows Server 2008 is disabled.  Un-checking IPv6 in the network interface is not sufficient, and you’ll need to follow the instructions in this Microsoft KB article (Jeremy in the comment section below pointed out that the updated KB article is here) and edit the registry.  [NOTE – Disabling IPv6 will break Windows Small Business Server (SBS) which means you don’t mix BES with SBS].  Once you’ve done this along with all the other pre-installation procedures above, you can proceed to install BES.  Note that during installation, be sure to select BlackBerry Server authentication for the web administration interface and not Active Directory (AD) integrated authentication.  BlackBerry technical support couldn’t figure out how to get this working and they told me to reinstall from scratch on a clean machine and don’t use AD authentication for web administration.

There’s more pain after you’ve completed the whole installation.  The web administration interface also needs access to the SQL database which doesn’t work out of the box and can frustrate you to no end.  Because the BES installer didn’t bother to nail down the SQL ports from dynamic to fixed TCP 1433, the web admin page refuses to come up.  You need to go into the SQL Server Configuration Manager and manually set the TCP ports to 1433 as shown below.

BlackBerry Enterprise Server 5.0 SQL configuration

Internet Explorer 8.0 in Windows Server 2008 also requires you to enable “compatibility mode” for the administration page and you must also put the administration URL in the trusted site list.  The other problem you’ll find is that because the BES 5.0 installer generated its own SSL certificate rather than using the one that is either already on the server or easily obtained in a Windows network environment with a Certificate Authority in place, the browser throws up error messages that it doesn’t trust the SSL certificate.  You can fix this by right clicking on Internet Explorer and choose “Run as administrator”.  Then you can view the certificate and install it.  However, it’s installed in the wrong place in the personal user certificate store and you’ll have to export the certificate and import it into the computer certificate.  A better option is to import the certificate into Active Directory trusted certificates using this procedure I wrote up in 2006 and that solves your problem for every computer within the active directory that needs to use the BES web administration page.

Anyhow, it’s all working for me right now and I hope this document helps you avoid the headaches I went through.

Why I can’t stand KDE

I finally put my finger on what drives me nuts about KDE. It’s so petty and trivial: all of the applications insist on starting with the letter “K”. Not only is it absolutely ridiculous, but it makes finding anything impossible. “KEdit”, “KMail”, etc. It reminds me of the “Mortal Kombat” games. KSeriously.


Vista SP2 and language packs

Tonight I went ahead and tried to install SP2 for Vista is the hopes that it would cure my Windows Media Player problem. No dice. Apparently, I need one that supports the 34 languages that I don’t have installed. Why? Because at one point I did install them, then uninstalled them, and now, SP2 thinks they are still installed. Huh?


Bit rot finally hits my Vista install

Despite what people say about Vista, I have had nothing but good experiences with it, until relatively recently. The first sign of trouble I had, was when I upgraded the Live Meeting client, and it treated every launch as if it had just been installed, and it wouldn’t associate itself to the Live Meeting links right. More upsetting, Windows Media Player will no longer start unless I do “Run as Administrator”, and it won’t minimize itself to be the mini player in my taskbar. Good timing, since W7 is right around the corner. Since I’ve had this Vista install since the week it RTM’ed, I can’t complain. Well over 2 years before bit rot sets in is a great run for an OS.


When Dell sells something they don’t properly support, lawsuits result

By now, there has been a ton of stories all over the Internet about the woman who claimed that Linux made her drop out of college, and is suing Dell as a result. Let’s leave whether or not her lawsuit makes sense out of the equation for a moment. Let’s ignore the stuff that everyone else is railing about. Let’s pretend that people aren’t going to be trolling both sides of the open source debate. Let’s look at the underlying problem here, which is how when a vendor tries too hard to make something “easy to use” it actually becomes impossible to use for many people.

If you haven’t heard about it already, the basic gist of the story, is that this lady (Abbie Schubert) bought a Dell PC. Despite the information on the Dell Web site about “is Linux for you?”, she ordered it with Linux. She was told that it was compatable with everything she needed to do. She had a CD from her ISP to connect her to the Internet, which would not work on Linux. As a result, she never got her PC working on the Internet, which she needed for school. Additionally, her teacher for school told her that her work needed to be done in Word, which does not run on Linux. As a result, she says that she was unable to do what she needed to do for her classes, and had to drop out.

Now, tech savvy users will pick up on a few problems here right off the bat. First, we all know what that CD from the ISP does, and we all know that we don’t need it. It simply configures the network settings, because making a CD that does this with an autorun results in less tech support calls than a page of instructions showing someone how to plug the cable in and set the network connection properties. Unless the ISP was doing something unusual (like a static IP on a consumer line, or PPOE), the really funny thing is that her Linux machine (or any OS, for that matter) was already properly configured! All she had to do was plug the NIC in, and let DHCP do the rest. The next issue is the Word problem. We all know that you do not need to use Word to generate a Word document. And there is plenty of software on Linux which creates a Word document.

So what happened? I’ll tell you what went wrong… a combination of inflexible vendor policies colliding with technically ignorant users (not just the lady who bought the PC, either)!

I am sure that when she called up Dell, they told her, “not our problem, our site warns you about the shortcomings of Linux, and it is on us to get you generating Word documents or setting up network connections.” And dollars to donuts, when she called her ISP (Verizon, in this case), they refused to touch her OS, “it’s not supported”, and told her that if their CD wouldn’t run in her PC, then she should have read their Web site better. And on top of that were her ignorant professors, who assumed that the only way to create a Word document was with Word. That’s why they said she must have Word! They also were too unknowledgable to realize that many other document formats would have been fine, and some of them would even open in their copy of Word, such as RTF and PDF.

All that needed to happen here, was for one person to break their company’s policy, and help this lady out. It would have been best if it was someone at Dell, since they had the “whole story”(I am sure that she didn’t walk about the Word situation with Verizon). All they needed to do was say, “OK, hang on, let me go to the Verizon Web site to get the settings needed, and walk you through that.” Likewise, someone at Verizon could have done the same. When I worked tech support, I violated our policies all of the time, to make sure that customers got the support they needed. At the end of the day, my desk was piled high with “Employee of the Month” certificates, the company paying my employer to provide support consistently mentioned me by name as a standout, and users wrote glowing thank you notes to my boss. But I was also taking a monster career risk, knowing that all it took was for me to provide support for something that wasn’t in the policy to go wrong and the user to complain, and I would be in serious trouble.

Likewise, if Dell had simply told her, “hey, you can use OpenOffice to create Word documents!” that’s it, the problem would have been resolved. Instead, they kept saying, “you can’t install Word on Linux.”

Indeed, the ending to the story is exactly this. She ended up suing Dell. The college told her that they would be willing to take her work in any format that Word can open. Verizon is sending a tech out to help her get connected to the Internet. She’s happy, and the vendors look like heroes (except for Dell).

None of this should have happened. But vendors are stuck walking a fine line. Either they support this stuff which results in a lot more training for them (and how many knowledgable Linux folks are happy to work consumer level tech support for crying out loud?). Or they risk these kinds of situations. No matter how they approach it, they lose.


Some Vista quirks that drive me nuts

I’ve been a Windows user since version 3.0. That’s a pretty long time. Indeed, I even used Windows NT 3.1, which was a fairly rare product “in the wild”. Over the years, I have watched the bug count drop dramatically. Not just the true “bugs”, but the stuff that the programmers joke about and say, “that’s not a ‘bug’, it’s a ‘feature'”. Still, Vista still has a few of these quirks (and a few new ones), and they drive me nuts.

Re-arranging the Start Menu
UAC is great, in my mind. I love the fact that if something serious is happening, I need to sign off on it. I think that UAC is probably something that most people get “Click-Yes-Itis” very quickly to, but I don’t. Now that being said, it drives me absolutely nuts that re-arranging the Start Menu involves signing off on so many things per drag/drop operation. First, it needs administrator approval. Then, UAC comes up. Then I need to confirmt he move. And if the destination folder already exists (like if a service pack re-created the Start Menu entry in the original location), I need to merge the folders together. Argh! Luckily, I only need to put up with this on an occassional basis.

When things on the Start Menu get moved…
This has been a problem with Windows since Day 1. The OS simply has zero awareness of the Start Menu, other than it being a standard directory tree. This is fine, and I am sure that it saved them a ton of programmer hours. The problem is, if the user re-arranges the Start Menu in any way, it causes pure chaos. For example, I create, at the top level, functional categories such as “Multimedia”, “Communications”, and “Programming” on my Start Menu, and then move the entries for installed applications as needed. Very few applications (on most installs for me, only Microsoft Office) still warrant their own top level entry. This works great for me, until the application gets updated. Service packs and patches re-create the original top-level entry. Uninstall does not remove the entry because it is not where the uninstaller thinks it should be. The answer is for someone at Microsoft to spend a week or two writing some code to make this smarter.

Lack of a proper “Shadows” file type
OS/2 had a great file type called a “Shadow”. *Nix has a similar idea in the form of a file link. The idea is that a file has 1 physical entry, but you can have other files which appear in other directories (or in the same directory) which “point to” the file. No, not like Window’s useless shortcuts. The problem with shortcuts is that they are too much of a hybrid model; you have a 50/50 short of working with the shortcut file itself, not its target. With a “shadow” file, operations always act upon the target, with a few rare exceptions. Ask a shadow where it is, and it gives you the shadow’s directory path, not the target’s. Deletion always removes the shadow, not the target. And so on. But the idea is that when you act upon the shadow’s metadata (say, right-clicking on it), you get the target’s information, not the shadow’s. That’s what I really hate about shortcuts, you need to follow them to the original file to do a lot of useful things. Bleh.

Recyle Bin Navigation
It is still a pain in the neck to get around the Recycle Bin. I go in there about twice a year, but when I do, I would like to be able to find what I am looking for. Am I being picky? Maybe. But I would still like to see this improved.

The Registry
I remember back to 1994-1995 when Microsoft hailed the Registry as being this awesome thing that would prevent people from needing to work hard to find INI files, and to make managing these things more uniform. It did that. Now, it is uniformly difficult to find what you need in the Registry. Unless you are a Registry magician familiar with all of the odd hierarchies, it is nealry impossible to find what you are looking for in there.

On that note, why has Regedit remained unchanged since 1995? Would a proper “Find All/Replace All” hurt? Given the level of knowledge of the average person running Regedit, would a regular expression Find/Replace be too high level of a feature? Why is Regedit more primitive than Notepad?

Why does Vista Backup consider backing up to a directly attached drive to be the Holy Grail of backing up, and treat backups to network locations as second class citizens, particular for the full system state backups? Why does Vista Backup not have a way of smartly rotating my backups and “folding” them together in a way so that I don’t have to wipe out all of my backups every few months and restart them? Why do both Vista Backup and Windows Server 2008 Backup feel like a massive step backwards from the capable but feature poor backup in previous versions?

What Windows quirks drive you nuts?


My experiences with Windows Server 2008

In July, we put up our first Windows Server 2008 server. Since then, I have migrated the domain from NT 4 to the new domain (which was upgraded from 2003 to 2008 too), put in Office Communications Server 2007 (OCS), Exchange 2007, SharePoint 2007, and I am in the process of getting Dynamics CRM 4.0 in place. After all of this, I think I can fairly report on Windows Server 2008.

First of all, it works, it works better than any other Microsoft OS I have encountered. They significantly cleaned up and reorganized the interface so that logically related tasks are “closer” to each other and are sometimes in the same tool now, as opposed to using 4 separate tools with wildly different interfaces to get things done. PowerShell is suddenly a “big deal”, and many of the GUI management tools really are just wizards to construct & run PowerShell scripts on the fly (Exchange 2007 Management Console is a great example, it even shows you the PowerShell command it is about to run). Now that I’ve had to use PowerShell, I like it, but only because I am familiar with *Nix; it’s like someone took the *Nix model of pipes and indirection, and instead of letting all of the commands be developed hodgepodge by different people with no common naming conventions, format conventions, etc., it was all centrally managed and therefore, logical.

Things I don’t like? Application incompatability. A lot of apps (ISA, Office Communication Server) don’t work on it. Others require odd modifications (Exchange 2007, pre-rollup 4, needed some bizarre hacks to disable IPv6 in some common scenarios) because the applications don’t work “right” with it. I’m unhappy that Microsoft is pushing some products to 64-bit only (like Exchange 2007), while others refuse to run under 64-bit (Office Communication Server). This mandates that you have at least a 64-bit and a 32-bit install, and possibly (probably) a 32-bit Windows Server 2003 machine around too. I’m furious that many of the updated products are 64-bit only, which means that instead of a simple upgrade, you need to bring the new version into the “pool”, transfer responsibility to it, then gracefully disable the old 32-bit server from the pool, and then uninstall it; this is the “upgrade” path for OCS 2007 R2, in a nutshell. And Exchange 2007, for that matter. Not a nice thing to do. Personally, I find that it is easier to see what my options are when they are in a GUI than a command line, I just walk the menu tree and go into every dialog. But that is a personal thing. At the same time, many tasks can only be done in PowerShell, so if you don’t like the command line… tough.

Hyper-V ROCKS. I can’t compare it to VMWare ESX server, but I can tell you that it beats VMWare Server, Virtual PC 2007, and Virtual Server 2005 with the ugly end of the ugly stick, and leaves them half dead in a Moscow alleyway. The biggest gripe I have, is that its missing features are in the (just RTMed) System Center Virtual Machine Manager product. Granted, much, if not most of that functionality is already available via PowerShell (once again, the idea that GUI tools are now just PowerShell script construction wizards). But still, it would have been nice to easily get P2V and V2V conversions up front with a GUI tool.


Broken Search in Windows Server 2008

Windows Server 2008 has the most broken feature I have seen in a Micrisoft product in a long time: file searching. Like Vista, Server 2008 has some really nice file searching features that make heavy use of the file indexing. Sadly, some idiot decided to make the system search only indexed items by default, and then turned off the indexing by default!

The end result? A hopelessly broken search system that is insanely frustrating to use. You either need to manually tell each search to use non-indexed content, turn on indexing (you may very well not want to do this on a server!), or change the default settings to always use non-indexed content. Whoever set up these defaults is a fool. It’s a lot like the problem in Server 2003, where the checkbox for “Search Tape Backups” also seems to regulate whether or not it will actually search on a network drive, even if you’ve specified a network drive as being where to search.


NT 4 to Windows 2008 Migration – almost ready!

The monster project on my plate (I’ve been building up to it since around March) is to migrate our existing NT 4 domain to Windows 2008. This project has been joy and pain, and it is finally nearly done.

For the last few months, I’ve been getting the new domain ready, like upgrading the domain controller to server 2008, getting a new SQL Server install in place, SharePoint, and so on. I still need to do Exchange, CRM 4,0, and Office Communications Server, but we agreed that those items need to wait until after the migration.

When I went to do the initial batch of migrations, though, I hit a snag. The Active Directory Migration Tool (ADMT) version 3.0 supports migrating from NT 4, but not migrating to 2008. The newest version 3.1, supports 2008 as a target but not NT 4 as a source. So we needed to get the NT 4 server upgraded to 2000 or higher. For safety’s sake, we decided to use a VMWare image of the server for this.

The VMWare conversion process worked fine, but when we fired up the VM, it claimed that there was no system disk. This wasn’t a huge surprise – the original machine is an ancient Compaq Proliant with an EISA SCSI controller in it; the MBR points to a tiny 36 MB partition on the RAID 1, which contains the SCSI tools to get into the card’s firmware, and then boot off of the true C drive. Gotta love 1990’s technology. After contacting VMWare, we decided that the best route was to do the following:

  1. Take a drive image of the original server, and copy it to the VMWare computer’s local drive.
  2. Create a new VM with disks of the appropriate size (I made the C drive 20 GB larger than the original, to provide ample space for the upgrade to take place), and also mount the local drive with the image file as a disk in the VM.
  3. Start the VM and boot off of the imaging software’s CD.
  4. Blast the image onto the virtual drives.
  5. Copy the VM back to the NT 4 server (to ensure the same version of NTFS) and run the virtual machine conversion wizard.

This worked great, except for when it didn’t work. Why not? Well, we still didn’t have an MBR pointing to the right place, since we weren’t going to get the EISA SCISI tool partition (we tried it once on a drive image, it complained about jumpers…). So what did we do? We made floppy images of the NT 4 install floppies, and a floppy image of a fresh NT 4 Emergency Repair Disk, and ran the NT 4 recovery mode, to “Inspect Boot Sector”. That fixed the MBR issue!

Now, we got NTLDR issues. So we brought the VM back to the NT 4 server, and tried to run the conversion utility. It groused about not being able to identify the OS. Huh? Looking at the VMWare converter logs, we found the problem. It turns out that the VM was still set to mount the local drive of the VMWare workstation; removing that virtual drive solved that problem, and the conversion continued.

And lo and behold, it worked! We actually managed to virtualize a server that I originally built when I was (I beleive) a sophomore in college. This machine was my introduction to SCSI, TCP/IP, NT 4 (I had experience with NT 3.51, 3.5, and 3.1 before that, as well as NetWare), multi-CPU machines (it had 2 CPUs, amazing for the time), and a lot of other technologies (DNS and DHCP come to mind immediately). This machine really got me started hardcore in systems administration. And now it is a VMWare VM.

But I digress.

We then performed the upgrade to Windows Server 2003 R2. This went extremely well; the only hiccups we had were remembering to make a floppy image containing the VMWare SCSI controller driver to feed to the Windows setup program, and then remembering to disconnect the floppy image before the next reboot (we got another scary NTLDR error… woops!).

On a side note, we needed to make the Active Directory install post-upgrade be in a completely separate forest, since the 2003 domain can’t participate in the 2008 forest.

But we are now finally ready to migrate this domain, and I can’t wait. If our NT 4 domain could last from 1997 to 2008, I shouldn’t have to upgrade this domain until around 2019. :)


Windows Search 4.0 for XP, Vista, and Server 2008

Betanews has a good article about Windows Search 4.0 which is now listed as “important” in Windows Vista Update.  You can manually download a copy here for Windows Vista and Server 2008 and you can download Search 4.0 for Windows XP.  Couple this with Microsoft’s free enterprise search and you have a complete search solution for your whole business or organization at little or no additional cost.