Month: March 2010

"She’s Geeky" Session Notes

I just checked back at the She’s Geeky website for the conference I attended at the end of January and noticed that a good selection of the session notes have been posted. The Privacy and Identity Online session was great and there were several others that seemed like they would have been fun to participate in. I’ll keep checking back, but really I’m just looking forward to the next event that’s close enough for me to attend!

Connecting to secure Wireless Network Connections on Windows 7

Wireless access at the RSA Conference has been pretty good this week and since it’s a security conference, the official network is password protected with 802.1x PEAP. The wireless network help desk has printed instructions for connecting your XP or Vista laptop, but no instructions for Windows 7. I used a combination of the instructions and screenshots from both OSes to give me the details I needed to get Windows 7 connected.

Interestingly, the Windows Vista instructions implied a much faster process where the user is prompted to trust the server certificate and the PEAP and MSCHAP v2 settings do not need to be manually configured. I’ve never run Vista on a laptop, so I can’t confirm or deny the need to configure those items. In XP and Windows 7, you have to make sure that the root certificate is trusted and other settings are configured before attempting to connect.

Below is an example of the secure network settings provided for the conference center and where to plug in that information in Windows 7. Settings may vary depending on the requirements of other secure networks you encounter.

Setting Information

SSID: secure2010
Network Authentication: WPA2 or WPA (enterprise)
Data Encryption: AES or TKIP
EAP type: PEAP
Validate server certificate: ms1.showfloor.net
Certification Authority: Thawte Premium Server CA
PEAP authentication method: MSCHAP v2
MSCHAP properties: Do not use Windows logon
Enable Fast Reconnect: No

Steps By Step

  1. Open Network and Sharing Center

  2. Set up a connection to a new network (manually create network)


  3. After the network connect is created, go to it’s properties. On the security tab, click the settings for PEAP.

  4. Check “connect to this server” and add the server name to validate the server certificate.

  5. Check the appropriate trusted root CA.

  6. Disable Fast Reconnect.

  7. Click the “configure” button for MSCHAP and unselect the option to use the Windows logon.

When you connect to the network you’ll be prompted for the username and password. Once entered, your connection will authenticate and you’ll be on your way.

Memory Leak cripples OWA

I have to admit the Exchange 2003 Outlook Web Access has me a bit spoiled. It always seems to be there – day in, day out. So when a report of OWA not loading came in, I was surprised. Where to begin?

I really don’t like rebooting Exchange. The usually ever-reliable attempt to restart the IIS service didn’t bring it back to life and nothing suspicious was in the event logs, so our resident webmaster took a look in the IIS logs and found several “connections refused” errors in the %WINDIR%\logfiles\httperr\httperr1.log.

This gave me something to start with and after some research I found that those type of errors in the HTTPERR log often point to a non-paged pooled memory leak. As per the Troubleshots MSDN blog:

While there are many possible causes for the “Page cannot be displayed” error, there is only root cause which causes the http.sys driver to begin refusing client connections–a depletion of non-paged pooled memory, an NPP leak. The HTTP.sys driver was new with Windows 2003, is a kernel mode driver, and, at the risk of splitting hairs, is technically not part of IIS 6.0. This distinction is important in troubleshooting. When http.sys refuses to hand connections to IIS a “Connection_refused” or “Connections_refused” will be logged in the httperr log (C:\WINDOWS\system32\Logfiles\HTTPERR) rather than the IIS logs.

At this point, I didn’t want to just reboot the server to clear the memory leak. I wanted to know what was leaking. Using Task Manager, I added the columns for the Non-paged Pool and the process for “NPSrvHost” shot to the top of the list with almost 10x the average memory consumed compared to the other processes. NPSrvHost belongs the NetPro Compliance Agent. I stopped and restarted that service and memory usage returned to a normal range.

Finally, I performed and IISRESET and the OWA service came back to life.

Twitter – Silence is not Golden

Twitter went silent on me for a while last Sunday due to a problem at Twitter.com. I could tweet and look at the pages of people I follow, so I know they were tweeting. But my stream wasn’t updating, thus I saw no feedback from my tweets and I wasn’t able to participate in anyone else’s live stream.

It suddenly felt very strange to be tweeting into what felt like “nothing” – and there lies the whole value of Twitter and many other social media tools. It’s all about being able to interact with people in the “now” or at least within a timeframe that’s considered current.

When someone says that they don’t “get” Twitter, that’s the part they aren’t getting. If you sign up and don’t look for people to follow and interact with, or at least don’t look for people or organizations who tweeted information you find valuable, then Twitter becomes this quiet, dead place. No wonder people who don’t get it think it’s useless.

If you are getting pressure to tweet or have already signed up and haven’t seen any value, take a moment to do these things:

1) Think about the organizations and businesses you frequent on the web or in person. See if they have a twitter presence and follow them. SFGate has several Twitter accounts for breaking news, etc, with links to the articles. CNN also has a breaking news feed that is usually decent. Local businesses often tweet about specials and updates.

2) Upload a profile picture and fill out the bio line. You don’t have to go crazy, but you are starting to follow people you are less likely to get blocked outright if your account looks like it belongs to a “real” person who put forth some effort in joining. Personally, I’m pretty picky about who I let stay on my followers list – a picture and a bio go a long way.

3) Be a little picky about who is on your followers list. If I’m checking out your twitter feed, I’ll probably look at your followers too. If all I see is spambots following you, I’m going to assume you aren’t paying much attention to your account or you want a big number of useless followers.

4) Find your real life friends. Not only do I use Twitter as a resources for news and links about technology that interest me, I use it to stay connected to people I know in real life.

5) Feel free to unfollow tweeters that annoy you. When a tweeter’s information is no longer relevant to you, just let them go. No need to makes a whole service seem annoying when it’s really just a few irrelevant tweeters that bug you. I also unfollow people that tweet too many times during the day, especially if it’s only to forward link after link after link. I follow people because I value their opinion on things, so if it looks like you aren’t thinking before you are tweeting, it’s no longer worth it.

Those are my 5 tips for getting started on Twitter. Happy tweeting!

Pacific IT Professionals Meeting Tomorrow

Don’t forget the PacITPros regular meeting this Tuesday (tomorrow!) at 6:00pm.
I’ll be doing a quick presentation regarding Remote Desktop Services (on Windows 2008 R2) and we’ll also be hearing from Ed Horley on Windows 7 Deployment and an overview of the Application Compatibility Toolkit.
This meeting is a Microsoft STEP event, so be sure to check out the details and RSVP!