I started a new blog covering the fun I’m having running a WordPress site running Project Nami backed by Azure and MS SQL. The new blog is using continuous deployment from the GitHub source of Project Nami. What is Project Nami? – well, certainly it’s Not Another MySQL Install. 🙂

Advertisements

If you’re happily running MS SQL Server 2012 on Windows Server 2012 Core, but you need to install the Microsoft OLE DB Provider for DB2 Version 4.0, that smile won’t last long.

The installation fails trying to create an Internet shortcut, as Internet Explorer isn’t installed:

Action 10:33:43: WixCreateInternetShortcuts. 
WixCreateInternetShortcuts: Creating IUniformResourceLocatorW shortcut 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft OLE DB Provider for DB2 Version 4.0\Online Help.url' target 'http://go.microsoft.com/fwlink/?LinkId=232712'
WixCreateInternetShortcuts: Error 0x80040154: failed to create an instance of IUniformResourceLocatorW
WixCreateInternetShortcuts: Error 0x80040154: failed to create Internet shortcut
CustomAction WixCreateInternetShortcuts returned actual error code 1603

I solved this issue by creating a MSI transform to remove the actions creating the URL. I used my long time standby ORCA to create the transform. I’ve made the transform available for download.

So on with the installation on Windows Server 2012 Core.

First make sure you meet the prerequisites, 2 key packages being Visual C++ 2010 Redistributable Package (x86 and x64). A quick way to see what you have installed on Core is with some PowerShell of course:

Get-WmiObject -Class Win32_Product | Sort Name | Select Name

Assuming you have the MSI and transform in a folder on your server, you can install with the following command (and you can add /qn to run silent):

C:\Installs>msiexec /i DB2OLEDBV4_x64.msi TRANSFORMS=noURL.mst /lv c:\installs\results.txt

I hope this helps save you some frustration!

-Joe

When you download a file from the Internet, an NTFS stream is added to indicate the file came an unsafe place. This adds a layer of security when you try to open the file as you are forced to click through an are-you-sure dialog box or a document will open in safe mode. You can right-click the file, choose Properties, and select the Unblock button to remove this extra protection. The following process will allow you to right-click a downloaded file and perform the Unblock function directly from the context-sensitive menu.

I solved this “annoyance” previously using the streams.exe program. I’ve found a more elegant method using a new cmdlet in PowerShell 3.0 – “Unblock-file”.

Create the following as a REG file. Right-click and merge once created.

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\*\shell\Unblock\command]
@="PowerShell.exe -NoProfile -NonInteractive Unblock-File -Path '%1'"

Or run from an administrative command line:

reg add HKCR\*\shell\Unblock\command /ve /d "PowerShell.exe -NoProfile -NonInteractive -Command Unblock-File -Path '%1'"

You will then have the menu option “Unblock” available when right-clicking on a file.

Bonus:
Did you unzip a file already? Unblock at the extracted folder level all contained files.

reg add HKCR\folder\shell\Unblock\command /ve /d "PowerShell.exe -NoProfile -NonInteractive -Command Get-ChildItem '%1' -recurse | Unblock-File"

If you want to get rid of the quick pop-up PowerShell command window (no, adding “-WindowStyle Hidden” doesn’t work) you can put PSRun.exe in your path and replace ‘PowerShell.exe’ with ‘PSRun.exe’ in the registry edit.

The Windows Performance Tuning Guide suggests enabling Processor Performance Boost (Intel Turbo Boost Technology). A fresh install of Windows 2008 R2 (Core) sets the power scheme to Balanced, where Turbo Mode is disabled. From the Tuning Guide, you can modify just the Processor Performance Boost policy under the Balanced scheme, but as I’m usually running my OS as a virtual machine, I’ll just show a command to set the power scheme to High Performance.

The single line command below with determine the GUID for the “High Performance” power scheme and set it to the active scheme:

@echo off & echo. & echo Current Power Scheme & powercfg -list | find /i “) *” & echo. & powercfg -list | find /i “high” > %temp%\pwrcfgs.txt & for /f “tokens=4 delims= ” %i in (%temp%\pwrcfgs.txt) do @powercfg -setactive %i & echo. & echo New Power Scheme & powercfg -list| find /i “) *”

Output:

Current Power Scheme
Power Scheme GUID: 381b4222-f694-41f0-9685-ff5bb260df2e  (Balanced) *

New Power Scheme
Power Scheme GUID: 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c  (High performance) *

 

Turbo Mode will now be enabled.

[edit] See new recommendations from this KB2207548.

When you download a file from the Internet, an NTFS stream is added to indicate the file came an unsafe place. This adds a layer of security when you try to open the file as you are forced to click through an are-you-sure dialog box. You can right-click the file, choose Properties, and select the Unblock button to remove this extra protection.  The following process will allow you to right-click a downloaded file and perform the Unblock function directly from the context sensitive menu.
 
Step 1) Download Streams and place somewhere in your Path (i.e., C:\Windows)
 
Step 2) Save the following as a .REG file (i.e., unblock.reg) and merge to your registry.
 

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\*\shell\Unblock\command]
@="streams -d \"%1\""

Note: You will still get the are-you-sure dialog box since you are performing an operation on the file while it still has the stream, but this unblock process will still save you time navigating the menu and choosing the Unblock button.

Below is a running list of hotfixes, security updates, and non-required updates.
 
Type KB Published Required? Restart?
Update: Stability & Reliability KB974431 10/12/2009 No Yes
Security: CryptoAPI spoofing KB974571 10/13/2009 Yes Yes
Security: LSASS DoS KB975467 10/13/2009 Yes Yes
Update: Time Zone KB976098 11/16/2009 No No
Update: Stability & Reliability KB977074 01/25/2010 No Yes
Security: SMB Remote Code Execution KB971468 02/09/2010 Yes Yes
Security: Hyper-V DoS KB977894 02/09/2010 Yes Yes
Security: SMB Remote Code Execution KB978251 02/09/2010 Yes Yes
Update: Application Compatibility KB978562 02/22/2010 No Yes
Update: Application Compatibility KB978637 02/22/2010 No Yes
Update: Time Zone KB979306 02/22/2010 No No
Update: Application Compatibility KB976264 03/09/2010 No No
Update: Application Compatibility KB981618 04/12/2010 No Yes

 

Note: There have been 2 required reboots of Hyper-V Server 2008 R2 since release.

I have a 4th-level wildcard SSL certificate to secure one of my web sites. This wildcard certificate does not cover my 3rd-level domain, so I have to use a 4-level domain URL to properly use the certificate. When I need SSL, my proper URL is https://www.mydom.myedu.edu. When I don’t need SSL, I use the URL http://mydom.myedu.edu. A problem can arise when people forget the "www" as the 4th-level when using "https" at the same time – the user’s browser will display a warning that the certificate is not valid (i.e., https://mydom.myedu.edu). The code below for the global.asax file will redirect the browser to the correct SSL URL if the incorrect SSL URL is used when the user first makes an attempt to view the requested web page. Just change the "wrongStartSSLurl" and "goodStartSSLurl" variables for your environment.

As the code below may be mangled, here’s a text file of the code.

–Begin Global.asax file

   1:  <script language="VB" runat="server">
   2:      Sub Session_OnStart()
   3:          'This code is for correcting an issue with wildcard SSL certs
   4:          'when the base domain is not covered by the cert.
   5:          Dim wrongStartSSLurl As String = "https://mydom"
   6:          Dim goodStartSSLurl As String = "https://www.mydom"
   7:          Dim requestedURL As String =HttpContext.Current.Request.Url.ToString()
   8:          Dim startOfRequestedURL As String = Left(requestedURL, Len(wrongStartSSLurl))
   9:          If startOfRequestedURL = wrongStartSSLurl Then
  10:              Dim properSSLurl As String = Replace(requestedURL, wrongStartSSLurl, goodStartSSLurl)
  11:              HttpContext.Current.Response.Redirect(properSSLurl)
  12:          End If
  13:      End Sub
  14:  </script>

—End Global.asax file