It’s nice to see that the north of England is hosting SQLBits again, I’m sure Liverpool will be a great location for the event.  I’m also happy that this time I will be attending with a good friend Tony Williams (@twith2sugars on Twitter)

In terms of topics I’m hoping I can attend a lot of the performance tuning and monitoring talks around the Development and DBA tracks as I know I’ll be able to put those skills to work right away. In particular I’d like to be able to get some real world examples of using PowerShell with SQL Server.

As well as refreshing topics I feel comfortable with I like the fact that I can go sit in on BI talk and get some more exposure to SSIS and Data Warehousing.  One of the most interesting talks at SQLBits 7 was on BI, a real eye opener.

The biggest problem is choosing between the great sessions in each time groups, it’s always hard as I wish I could attend two at once.  Also I’m going to miss not being able to see Brent Ozar or Buck Woody present again (they were at SQLBits 7 in York). After reading their blogs for so long it was good to see both of them present, but it allows me to see some new people offer their style of presenting which is always good.

Lastly I hope this year I hope I can win something in the prize giveaway they have, a nice PCI-E SSD card would be nice!

It must have been something strange, something weird, who knows what but it resulted in is ALL users, even site administrators and users with full administrative rights unable to do anything!  Nobody could add new documents or edit documents; nearly every single Document or Library option is greyed out!

The fix it would seem is performed via the central administration website for your server.

1. Central Administration -> Site Collection Quotas and Locks.
2. Select your site collection
3. Change the Site Lock Information radio button from “Read-only” to “Not locked”
4. OK the changes

You don’t even need to reboot or issue an iisreset command.

Having been a desktop user of Microsoft Exchange, which uses nonstandard proprietary methods to communicate with Outlook I’d never run into the issue of not being able to send out mail.

Using an external IMAP mail server setup to receive on TCP port 143 and send on TCP port 25 works great at the office, no problem.  First time you take your new laptop home, mail will not send with the usual setup

 SMTP Port options

The Simple Mail Transfer Protocol (SMTP) allows mail server administrators to receive email on TCP port 25.  Traditionally TCP port 25 was used for all email processing, submission and server-to-server mail transfers.

The Internet Engineering Task Force (IETF) published RFC 2476 http://tools.ietf.org/html/rfc2476 in December 1998.  In section 3.1 Submission Identification, TCP port 587 was reserved for the initial submission of email messages from a client to an email server.

The document goes on to say that you may still allow an email server to receive email submissions on port 25.  In practice a lot of email servers will accept submissions on both ports 25 and 587.

How clients should really send mail

Due to the rise in unsolicited email (SPAM) a lot of ISPs will block port 25 unless you specifically ask for it if you are running your own mail server and take responsibility for not allowing SPAM to be routed through your email server.

My issue came when I was at home as my ISP does block port 25 so I could not send email, but when I was on the WiFi at a friend’s house whose ISP obviously does not block port 25 my outbox suddenly emptied?  Back at my house altering my mail client settings to submit email to the company email service on port 587 had me replying to co-workers once again.

From researching this point the recommendation is for all end user email software configurations to use port 587 as the default and leave port 25 for the server administrators to worry about.

My original goal of the site was to record interesting events and answers to difficult IT and programming situations I found myself in.  Most of these came from my work environment but some good ones were discovered away from the office.

Another goal of the site was to try and post at least once a month, Something I nearly managed excluding a December holiday.  I actually keep a folder with ideas for blog posts on my computer.  Some of them translate well into a post while others are far too lengthy and really quite dull.

A year is certainly a long time in computing terms and it’s somewhat of shame that I no longer get to program as much as I enjoy too.  With a change of employment I find myself sat in airport lounges a lot more that I sit writing code in Microsoft .Net, which makes me thing I should include more personal programming posts in my next year of blogs.

This has allowed me to explore more of a technology side of computing rather than a straight forward programming solutions blog.  I should think there will be a lot more posts in the coming year around the use of new technology and supporting the end users of new technology.

Top blog Posts

Over the whole year I was surprised by how popular some posts were, here are the best of them.

http://niallbest.com/dell-2950-strike-the-f1-key-to-continue/

One of my first posts to the blog but it still gets a surprising amount of traffic, it’s a really nasty issue.

http://niallbest.com/seagate-2tb-st32000542as-cc35-firmware-upgrade/

I never even realised you could (or might have to!) flash the firmware of a hard disk until we suffered the issue with Seagate 2TB disks nearly 12 months ago.  This is by far the most read blog post on my site and it’s still receiving comments from people who are flashing their hard disks even now!

http://niallbest.com/using-windows-azure-tables-to-persist-session-data/

It was nice to get a good programming blog post out and Windows Azure was still very much in its infancy at this point.  I was lucky enough to work for a company that was working with Microsoft using the Azure stack for a new product.  Help at that time was thin on the ground so I hope this post helped a few folks out.

http://niallbest.com/sqlbits-7/

SQLBits 7 was my first real SQL conference; it was a blast and really useful learning resource.  I was also lucky enough to be able to catch the train down in one day to attend.  I wrote this mainly as a roundup of the conference for myself but also to impress on readers that conferences do work as a learning aid, even if they just spark you interest to go investigate something further on your own.

http://niallbest.com/draytek-vigor-ip-pbx-2820-linksys-spa941/

The Draytek IP PBX 2820 is a constant source of irritation at work and I was sure that other people out there might face the same woe.  VoIP shouldn’t be difficult but situations conspire along with time constraints to make things hard.

I must have looked back at this page 10 times or more when doing config updates so for that reason alone it was a very useful blog post.

Stats

Some stats from the year:

• Over 22,000 visits
• 27,600 page views
• 15,800 unique visitors
• More than 50% of visits came from Google search engine

Visits from 144 different countries, top 5

1. United States
2. United Kingdom
3. Germany
4. Canada
5. Russia

Web browser stats

1. Firefox 38%
2. IE 31%
3. Chrome 18%
4. Safari 5%
5. Opera 5%

Traveling on business can be stressful and leave you exhausted at the other end with a deadline looming or important meeting. I’ve decided to write up my tips and ideas on how to make business travel a little easier.

Know your details

Probably the most important thing to have is a plan or schedule of What, Where, Who and When. We already know the why – business.

Knowing your flight times, flight numbers, airline contact numbers and terminal buildings should be top priority. Usually your company will provide you with an itinerary but I like to amend mine with extra details such as the local numbers for the airlines and airport information. Local taxi numbers at each destination and I also like to plan my way round a new airport in case my transfer time gets short and I need to hurry.

It’s also nice to let somebody else know your travel plans so they can stay in touch or help you out in a bind. http://www.tripit.com is a great site that can compile your itinerary from lots of difference sources.

Plan for delays

The biggest stress reliever I have is knowing that I have a plan if there are delays or alterations. Having a backup plan for travel when your flight gets in the hold for 30 minutes and you need to make a connection quickly really helps.

If you have a smartphone make sure you have any airline applications on your phone and use them for status updates, always try and be ahead of the pack otherwise you can find yourself at the back of a 300 person queue.

If you do need to queue and speak to somebody being civil is the best thing you can do regardless of how you might feel. A top tip from Scott Hanselman is to “speak the language of the airport” when dealing with staff. Give them flight numbers, 24-hour times, airport short codes e.g. LHR (London Heathrow) and have your passport and any boarding cards or booking references quickly to hand. The more you can help them the faster they will help you.

Know the rules

Security is an unfortunate part of air travel today, but you can ease your transition through the checkpoints by dressing cleverly and being selective about what is in your carryon bag.

For example I don’t wear a belt or jacket when flying (but would a jacket help with an operational seat upgrade?) and slip on shoes so it’s easy to move through the security process. I also don’t carry keys or change when flying so there is nothing to set off the scanner.

Easy access to my electronic devices is another plus. I like to pack all the gadgets I’ll need on the flight in a separate wash style bag so all I need to take out is the one bag for the security scanner and any laptop(s). Yes a tablet or iPad does count and needs to be removed from the bag, as I witnessed last week some guy got a grilling over the contents of his carryon for having a iPad2 in there.

Making it personal

I personally don’t work on a flight unless I really have to; I like to take a book I’m reading or latest magazine subscription. Music is good but a lot of airlines don’t let you use headphones or while taxiing or at take-off and landing so good reading material is essential.

If I do feel like sleeping on the plane then ear plugs are a must for me, noise cancelling headphones are great but I find them uncomfortable to sleep in and earplugs are cheap. Some of the better airlines carry them if you ask the cabin staff as well as eye masks.

I usually take several devices with me for the flight. I know most smartphones have an mp3 player capacity but how many also last 8 hours+? I still find a dedicated mp3 player, phone, netbook and handheld gaming device to be the best of all worlds. I always like to have enough to keep me occupied if I find I can’t sleep.

Top Tips

• Plan your itinerary.
• Make a list of useful numbers, both in your phone and in your bag.
• Have multiple forms of payment in different currencies, cash is still king in most places.
• Know your airports and the airport procedures for security.
• Know the correct boarder control procedure.
• Have a routine, you’ll feel better if it feels normal.
• Personalise the travel time with music, books or movies you like.

NTP is the protocol used to synchronise clocks across data networks.  Normally, for Windows Servers, you will set your domains operational master to check the time from a master source and the domain members will check time with the domain operational master.

Of course if you have a standalone server or a different network device you can usually configure them to check directly.  The NTP Pool project (http://www.pool.ntp.org) is a distributed collection of machines that exist to provide accurate time service to machines worldwide.

For the UK they offer local time servers, the full list available here http://www.pool.ntp.org/zone/uk

Settings for Windows 7 & Server 2008 to use pool.ntp.org servers

The above administrative command prompt shows the default settings for a non-domain Windows 7 machine.  If you look at the section NtpServer: time.windows.com, this shows that my machine is checking the time with the default server provided by Microsoft. 

Steps to change to alternative time server

1. Stop the W32Time service.
2. Edit the config.
3. For operational master domain controllers, make a reliable time source.
4. Start the W32Time service.

1. C:\>net stop w32time
2. C:\>w32tm /config /syncfromflags:manual /manualpeerlist:0.uk.pool.ntp.org,1.uk.pool.ntp.org,2.uk.pool.ntp.org
3.  C:\>w32tm /config /reliable:yes
4. C:\>net start w32time

Once set make sure you open UDP port 123 on your firewall to allow NTP traffic in and out.  If your applying these settings on your home Windows 7 machine or other non-domain server you can omit step 3.

If you’re interested in seeing what settings you have applied first you can check the configuration like so:

C:\>w32tm /query /configuration

Checking domain members time subscriptions

To check that a domain member is syncing time with the Active Directory master you can check here in the registry

HKLM\System\CurrentControlSet\Services\W32Time\Parameters\Type

If Type is set to Nt5DS then the member machine should be checking with the domain controller for its time.  If Type is set to NTP it will be checking on its own.

You can see what time server the machine is checking with using the /monitor command

C:\>w32tm /monitor

Running this command on non-domain machines will result in an error.

The problem is that because Windows cannot classify the type of network, often due to there being no default gateway specified on remote access LAN connections, the default is to make it public as this offers the most restrictive level of network access.  

Irritatingly Windows Server 2008 and Windows 7 do not allow you to alter the type of network if it is classified as unidentified when using the Network and Sharing Centre.

A temporary measure is to set the unidentified network to private using PowerShell.  See the MSDN blogs for the script. Be warned though, if you reboot the unidentified network will return to public.

http://blogs.msdn.com/b/dimeby8/archive/2009/06/10/change-unidentified-network-from-public-to-work-in-windows-7.aspx

A more permanent solution, but a possible security risk, is to set any unidentified network to be classified as private rather than public by default.  To do this we need to modify the defaults using the local security policy.  See the steps below.

1. In Administrative tools, open “Local Security Policy”.
2. Select “Network List Manager Polices” in the left hand pane.
3. In the right hand pane open “Unidentified Networks” and choose “Private” in the location type.
4. Check your firewall settings will not lock you out of the system once the rules apply.
5. Close the dialogue and reboot to apply the changes.

This flexibility comes at the cost of having to understand the complex and initially confusing dial plan; the regular expression that tells the phone how it should route your call based on the number you have typed.

Chances are your VoIP telephone is using the default dial plan that looks similar to this

(*xx|[3469]11|0|00|[2-9]xxxxxx|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.)

Now at first sight that looks confusing, lets break it down to figure out what is going on.  First some details of the syntax.

| Separates items in the dial plan.

* Is the star key on the phone keypad.

# Is the pound or hash key.

x Defines a single digit 0-9.

x. Repeat the previous numeral zero or more times.

[] Range of explicit values. E.g. [3469] 3 or 4 or 6 or 9.

[2-9] Numbers 2 through 9 allowed.

[25-7*] Numbers 2 or 5 or 6 or 7 or *

! Used for barring numbers.

, Sends the dial tone to the handset.

S0 Immediate dial, do not wait for caller timeout.

Dissecting the default dial plan

The default dial plan on most VoIP systems is setup for callers in the USA, once you’ve figured this part out it’s easy to see how the patterns would match.

(*xx|[3469]11|0|00|[2-9]xxxxxx|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.)

*xx Allows redial last caller service e.g. *69

[3469]11 Allows you to dial a host of USA based emergency and information services including the commonly known 911.

0 Zero is a common prefix for numbers, all internal calls in the UK begin with 0.

00 Zero zero is the international dialling prefix when calling FROM the UK to a foreign country.

[2-9]xxxxxx This is a USA dialling rule for local calls within the same area code(Simpsons episode 250?)

1xxx[2-9]xxxxxxS0 Again this is a national USA phone number, usually written 1-(555) 123-1234 S0 for immediate dial on the end.

xxxxxxxxxxxx Finally at the end any 12 digit phone number.

Dial plan for the UK

For use in the UK I find this is a better dial plan.

(<911:999> | <00:00>x. | <:441642>[2-9]xxxx. | xxxxxxxxxxxx. | 1xxx | 0[45689]x.| [1xx] | 999S0)

So breaking it down as before we have.

<911:999>  911 to 999 Conversion for American visitors to our offices just in case.

<00:00>x. Allows for all international numbers from the UK. (essential for our international sites)

<:441642>[2-9]xxxx. Allows 5 or 6 digit local numbers to be prefixed with the local area code.

xxxxxxxxxxxx. Allows any full telephone number not covered by other rules.

1xxx Allows for special service numbers like 1471 for ring back and 1571 for voice mail.

0[45689]x. Allows for special numbers in the UK, 0800, 0500 and 09 etc.

[1xx] Again used for special numbers like 123 (speaking clock) and 141 (withhold number).

999S0 finally, allow 999 to be dialled directly and dial immediately.

Advanced rules

The dial plan constructed for use in our office is very open in its restrictions and UK centric.  Many home users may want to restrict the use of premium 0871 numbers and 09 preium rate numbers, but at work we have need to be able to dial such numbers and have policies in place to deal with staff who abuse the open system.

More advanced uses of the dial plan include routing calls between different VoIP providers.  If, for example, you had relatives in Australia and friends in Japan you might have a different VoIP provider for each country.

In this case you could add the following rules

<0061:0061>x.<:@gw1> | <0081:0081>x.<:@gw2>

Each of these say if dialling Australia (country code 61) route calls via VoIP gateway 1 and if calling Japan (country code 81) route via VoIP provider 2.

There are some excellent resources on Wikipedia on the state of the UK telephone system and a excellent php based dial plan simulator you can use when testing your own rules.

Useful  resources

http://en.wikipedia.org/wiki/Telephone_numbers_in_the_United_Kingdom

http://www.netphonedirectory.com/pap2_dialplan.htm

http://supremeit.com/voip/dialplan.php

http://www.cisco.com/en/US/products/ps10033/products_qanda_item09186a0080a35db6.shtml

The biggest problem with FTP is that in order to create a connection both parties must be able to communicate over the same ports for both commands and data.  With many users being protected by corporate firewalls, NAT and SPI (Stateful Packet Inspection) Routers it can be tough job.

An excellent technical background on exactly what happens during the FTP process and the differences between Active and Passive FTP can be found here http://slacksite.com/other/ftp.html

Configuring FileZilla on Windows to accept Passive FTP connections

Connect to your FileZilla server interface and click on the Passive mode settings

Here we are telling FileZilla server to use the range of ports that we are going to open on our firewall.  For my sever using Default correctly identifies the fixed IPv4 public Internet address of the server.  If you have connection issues manually enter your fixed IP in the box below by altering the radio button.

Here we can see the firewall rules that I have setup for FTP and FTPS.

We have the internal IP address on the LAN of our FileZilla FTP server and the protocol and port ranges that need to be opened.  FTP uses only TCP ports so you don’t need to open any UDP ports.

Configuring Windows Server Advanced firewall rules for FTP

Using the administrative command line you can specify that you want to open the following ports on your Windows Server firewall.

netsh advfirewall firewall add rule name="FTP (non-ssl)" action=allow protocol=TCP dir=in localport=21

Rather than creating a rule to open all those TCP ports (41500-65535) Windows Server is smart enough to recognise when a high numbered port is needed for data transfer in a FTP session.

netsh advfirewall set global StatefulFtp enable

This command disables the blocking of FTP traffic allowing the requreid ports to be opened only when needed.  You can get all the details on the Windows Server advanced firewall netsh commands from Technet.

http://technet.microsoft.com/en-us/library/cc771920(WS.10).aspx

Finally, from a client machine outside your network (to simulate real user connections) connect in passive mode using FileZilla client for Windows.

Status:		Connecting to 213.106.150.123:21...
Status:		Connection established, waiting for welcome message...
Response:	220 Welcome
Command:	USER ftp_user0157
Response:	331 Password required for ftp_user0157
Command:	PASS *************
Response:	230 Logged on
Status:		Connected
Status:		Retrieving directory listing...
Command:	PWD
Response:	257 "/" is current directory.
Command:	TYPE I
Response:	200 Type set to I
Command:	PASV
Response:	227 Entering Passive Mode (213,106,150,123,177,45)
Command:	MLSD
Response:	150 Connection accepted
Response:	226 Transfer OK
Status:		Directory listing successful

Not so in Exchange 2010.  What you get when running on a trial key is a pop-up box every time you open the Exchange Management Console.

It informs you to enter your new license in the “Exchange server work centre action pane” but where on earth is that?

From the Exchange 2010 Management Console.

1. Expand Microsoft Exchange
2. Select ‘Server Configuration’
3. Select the unlicensed Exchange 2010 server and right click.
4. Finally select ‘Enter Product Key…’ to start the license wizard.

Once you’re all done you should get the success message.  Simply restart the Information Store service or restart the machine with any necessary Windows Updates.

Note:

The preferred way of doing anything now in the majority of Microsoft’s server products is with PowerShell 2.0.  Exchange 2010 is no exception.  The confirmation screen of the wizard nicely displays the PowerShell command executed; here it is repeated with a dummy product key for completeness.

Set-ExchangeServer -Identity yourserver -ProductKey ABC12-DEF34-GHI56-JKL78-MNO90