We have recently had this complain from our various Shared hosting as well as Dedicated Server hosting clients that MSSQL Webadmin ASP .NET Enterprise Manager is having a virus / trojan on it. When the first complain arrived we too thought that there seems to be a problem with the server and might be MSSQL Webadmin ASP .NET Enterprise Manager has got an injection in it. But after receiving too many complains from most of our dedicated server clients we started investigating the problem and now we knew that this is something that has happen globally. After viewing MSSQL Webadmin ASP .NET Enterprise Manager on Plesk server it looked as the picture below:

We understood that the problem was not with the mssql.domain_name link but the virus alert only happened after click on ASP .NET Enterprise Manager, Recomended this site. And the link was:

www.referralplanet.com/referral/windows/referralWindow.asp?id=17

Since the site was not hosted with us we had a sigh of relief that the problem is not with the server however we thought we still have a security problem if the link has been injected into ASP .NET Manager site in IIS, may be due to a security issue with Plesk control panel. And after checking several servers we came to know that the problem has happened to the site that is recommended on MSSQL Webadmin site and not the server.

If you want to remove this link from your server as well as from the MSSQL WebAdmin site then follow the steps below:

1. Login into the server through RDP with Administrator user.
2. Go to D:\inetpub\vhosts\sqladmin\mssql\app
3. Open the navbar.aspx page in notepad
4. Go to line number 119 and remove the code below:

<!-- Begin ReferralPlanet.com Referral Script -->
<a onclick="refWindow=window.open('http:// www.referralplanet.com/referral/windows/referralwindow.asp?id=18','referralWindow' ,'width=350,height=520,scrollbars=yes,menubar=no,resizable=yes'); refWindow.focus(); return false;" target=_blank href="http:// www.referralplanet.com/referral/windows/referralWindow.asp?id=17">
<IMG alt="Click Here To Tell A Friend" src="images/tellafriend.gif" border=0></A>
<!-- Begin ReferralPlanet.com Referral Script -->

5. Save the file and exit.

This problem must have infected millions of computer in the world. Let see when chinese hacker stop putting their shit on other’s website and get mature.

“The RPC server is unavailable” while logging to Domain controller OR joining client machine to Domain Controller
There are many reasons to see this error,
I will discuss the issues that mostly make this happen

1] RPC service might be disabled.
Start the service through “services.msc”

2] RPC Dependencies services might be stopped
Start Dependencies services for RPC

3] You have client installed through OS image restore
Change the SID of Client machine using NewSID v4.10, its and utility provided on Microsoft site

4] Check the firewall between Domain controller and client machine for RPC port 135 must not be blocked
Unblock this RPC port for TCP

5] Check the SRV record for LDAP in DNS
Check for SRV record must be present [probably it is DC IP address]

6] Check for DNS configuration are proper and with out any error
Run “NetDiag /fix” to fix the issue on DNS server
To check the DNS zone for your new domain controller,
In Run type dnsmgmt.msc.
Expand Computer Name, expand Forward Lookup Zones, and then expand Domain.com
Confirm that the _msdcs, _sites, _tcp, and _udp folders exist.
After running “NETDIAG /FIX” command.
The most important test you will see is the first one, which is connectivity. This test will tell you if your domain controller is properly registered in DNS. If your tests are successful, you have a healthy domain controller. If this command shows “FAIL” result for any Diagnosis that is running on server then reboot Domain Controller and Re-Run this command
A typical successful output will start as follows:
Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-NameAD01
Starting test: Connectivity
……………………. Domain.com passed test Connectivity

Tip “NETDIAG /FIX” command is present in 2003 support tools

Clustering in Windows 2003 Dedicated or Shared hosting is a means of providing High Availability to your applications and websites. Clustering is a group of machines acting as a single entity to provide resources and services to the network. In time of failure, a fail over will occur to a system in that group that will maintain availability of those resources to the network. You can be alerted to the failure, repair the system failure, and bring the system back online to participate as a provider of services once more. You learn about many forms of Windows clustering. Clustering in Windows 2003 hosting can allow for failover to other systems and it can also allow for load balancing between systems. Load balancing in Windows 2003 hosting is using a device, which can be a server or an appliance, to balance the load of traffic across multiple servers waiting to receive that traffic. The device sends incoming traffic based on an algorithm to the most underused machine or spreads the traffic out evenly among all machines that are on at the time. A good example of using this technology would be if you had a web site that received 2,000 hits per day. If, in the months of November and December, your hit count tripled, you might be unable to sustain that type of increased load. Your customers might experience time outs,
more…

Introduction

We read allot of articles on how one can use MRTG as an Intrusion detection tool or to creating traffic graph for a particular network subnet or a single IP address on Linux platform with Apache web server. But we find very few that allow us to have graphs on Windows Dedicated server with IIS Web Server.

Here are some steps that can be used to create graphs on Windows Dedicated server with IIS as the web servers. And there is no need to take all the efforts to configure MRTG as we can simply have graphs with the use of logparser and the RRDtool from Tobias Oetiker and you can use the RRDtool perfectly without the rest of MRTG.

more…

Some times Configuring MSDTC and their error can ruin your Windows Cluster service and your time as well. You may get one of the following error when you failover the MSDTC service from one Dedicated node to another.

This would only happen if the Cluster services has been installed before installing and configuring MSDTC Service. Hence it is highly recommended that you first install and configure MSDTC and then configure the Windows Cluster Service.

Event ID: 4097
Description:
MS DTC started with the following settings: Security Configuration (OFF = 0 and ON = 1): Network Administration of Transactions = 1, Network Clients = 0, Distributed Transactions using Native MSDTC Protocol = 1, Transaction Internet Protocol (TIP) = 0, XA Transactions = 1.

OR

Event ID: 4395
Description:
MSDTC detected that MSDTC related information in the local registry is different from that in the shared cluster registry. Error Specifics: d:ntcomcom1xdtcsharedmtxclumtxclusetuphelper.cpp:541, CmdLine: C:WINNTSystem32msdtc.exe, Pid: 796
Data:
0000: 05 40 00 80 .@.?

OR

Event ID: 4384
Description:
MS DTC was unable to start because the installation was not configured to run on a cluster. Please run comclust.exe and restart MS DTC. Error Specifics: d:ntcomcom1xdtcsharedmtxclumtxclusetuphelper.cpp:668, CmdLine: C:WINNTSystem32msdtc.exe, Pid: 796

OR

Event ID : 7024
Source : Service Control Manager
Description: The MSDTC service terminated with service specific error 3221229584.

Initially you should try and run the command below and check if it solves the problem:

msdtc -resetlog

If that does not help then follow the fix below:

more…

This checklist helps you prepare for installation. It is very important to go through all of them else it make it very difficult to restart if either one of them is missed or not configured:

Software Requirements

•    Microsoft Windows Server 2003 Enterprise Edition or Windows Server 2003 Datacenter Edition installed on all dedicated servers in the cluster.
•    A name resolution method such as Domain Name System (DNS), DNS dynamic update protocol, Windows Internet Name Service (WINS), HOSTS, and so on.
•    An existing domain model.
•    All nodes must be members of the same domain.
•    A domain-level account that is a member of the local administrators group on each node. A dedicated account is recommended.

Hardware Requirements

•    Clustering hardware must be on the cluster service Hardware Compatibility List (HCL). To find the latest version of the cluster service HCL, go to the Windows Hardware Compatibility List at http://www.microsoft.com/hcl/, and then search for cluster. The entire solution must be certified on the HCL, not just the individual components.

more…

Steps to Configure Windows DNS Server/Service.

Here is a very simple way to configure a DNS service on Windows Dedicated Server that hosts your website.

Requirements:

1. You should have one of the following Windows OS to install the DNS service:

– Windows XP Professional edition.
– Windows Vista.
– Windows 2003 Server Data center edition.
– Windows 2003 Server Enterprise edition.
– Windows 2003 Server Standard edition.

You cannot install DNS service on Windows 2008 Server with the steps below as it does not have an option to add remove Windows Components. You will have to use the Server Manager option to install Services on your Windows 2008 Server.

I have not specified Windows NT and Windows 2000 version as they are hardly used now a days. Also Windows XP Home edition and Windows 2003 Server Web edition does not support DNS service on them.

2. Windows OS installation CD or the i386 folder.

3. A user that will have Administrator rights on the Dedicated server on which you want to install DNS service.

Installation Steps:

1. Go to Control panel >> Add/Remove Programs >> Add/Remove Windows Components, it will open a windows below:

more…

Remote Desktop [RDP] not Working..?

This applies to all versions of Windows 2003 and Windows 2008 and also to Vista and XP Professional. This problem normally occurs to our client with Dedicated Server hosting. So I thought I will create a check list to make their hosting service a bit easy.
Yes, you will need physical access to the machine to check this, it is obvious that you will not be able to check this problem unless you have remote access to the server. These steps can only be performed if you have physical access to the dedicated server or through a Keyboard-Video-Mouse [KVM]. So there we go:

* First thing that you need to check is whether the Remote Desktop Console [RDC] is enabled on your server.
Go to Desktop >> My Computer >> Properties >> Remote Tab
Check the box for “Enable Remote Desktop on this computer” and click OK.

more…

Disable specific devices such as USB, CDROM, Floppy, on your local Windows machine or the Windows server..

Recently I’ve seen people having issues with certain devices attached via USB to their thinking machines… Issues that included, Spyware, Malware, Viruses.. ugh, many more.. Wouldn’t it be good to disable these unwanted creepy devices when on a shared/public windows  machines? Ok, follow these steps & get yourself a bit secured.

This can be implemented on your local Windows Machine or on the Windows Dedicated servers, please make sure to backup the Windows registry before following these steps. As making incorrect changes in Windows registry can make the system unbootable.

Search for the following keys in your registry to disable each of them respectively or as per your requirement.

SYSTEMCurrentControlSetServices

Notice the value ‘Start‘, this should be 3 by default [3 = enabled]. Switch this value to 4 [4 = disabled], and USB storage devices are disabled. To re-enable the device switch this value to 3.

To disable USB ports:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesUsbStor

To disable CD-ROM drive:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicescdrom

To disable Floppy drive:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesflpydisk

To disable a High Capacity Floppy Drive:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessfloppy

Once done, you’d need to reboot your machine for the changes to come into effect. That is it

Most of our users have this problem with there Windows Plesk Dedicated hosting as well as Windows Shared hosting packages with recent Parallels Plesk versions. I have had so many instance of support about the sitepreview not working on our Windows Shared Servers with Plesk for different reasons and I had to scratch my head to get things sorted for our valuable Windows dedicated hosting customers. And it is an important feature for our Shared hosting customers without the dedicated IP address to check their site before moving their name server to us. So I decided to write this blog with the steps to troubleshoot the problem with Plesk sitepreview in few simple steps. I will try and put every thing that I have figured while investigation.

There are 3 types of problems with site preview in Plesk:

1. Site Preview in Windows Plesk will show 404 Page Not Found error
2. Site Preview in Windows Plesk will show Plesk Default page.
3. SitePreview will ask for user name and password.

We will troubleshoot each problem with site preview one by one.

1. Site Preview in Plesk will show 404 Page Not Found error.

more…