Thankfully this security is more of a “security by obscurity” rather than something this is actually programmed into the software. If you right-click on the page in question and look at the properties, you will see the address is like this:

res://ieframe.dll/invalidcert.htm?SSLError=16777216&PreventIgnoreCertErrors=1#https://some-site-url

The workaround as you can probably guess is to change the PreventIgnoreCertErrors=1 to PreventIgnoreCertErrors=0 keeping the #https:// url portion intact.

You can do this by copying the URL I have above and replacing the some-site-url with the actual site you mean to reach and pasting into IE’s address bar. You will still get the cert error, but you will now have the option to continue to the site in question. If you then follow-up with the usual method to get around self-signed certs by adding site to trusted locations and installing the cert, you won’t have to use this workaround for that site again.

Hope it helps.

Since I found most diagrams that came up with Google Images confusing(I’m simple..), we put together this map here. Of course there’s a little more to DNS recursion than this, but I find the map itself does a fairly good job of detailing the process.

The color-coding is meant to help identify which server is “asking” and what server is providing the response. The steps are as follows:

1. Client computer tries to resolve http://google.com the request is sent to the Preferred DNS Server, in most scenarios this will be what your ISP provided to you.
2. The Preferred DNS Server will actually handle most of the workload in this case(hence the recursion). The Preferred DNS Server will first check to see if it is the Authoritative Host for the Zone google.com(as in, if it hosts the zone google.com); if it is, then it sends the client computer back the IP address for the host record needed.
   If the Preferred DNS Server is not Authoritative for the zone in question, and if it has DNS Caching enabled, it will check its Cache to see if it has recently resolved that hostname, and if so, it will send the IP address in its cache back to the client. Cached records have a TTL and when this TTL expires, the Preferred DNS Server will in fact go through with the DNS recursion process; which will cause that record to be updated again. (See DNS Propagation)Cached records alleviate the load by skipping the need to resolve a host name for every single request.
   If the Preferred DNS Server does not have a cached record for the request, or the cached record has expired, it will then send a request to the Root DNS servers.
3. The Root DNS server will then respond to the Preferred DNS Server with an address for the Top Level Domain containing the next bit of information needed for this process; .COM was not the easiest to use in this example but TLDs are organized by Country Codes (.CA,.BM,.UK), Generic (.COM, .NET, .ORG) and Sponsored (.travel, .info).
4. Once the Preferred DNS Server has the TLD’s address, it will request from the TLD the the actual Name Server records for the zone. The Name Servers are the ones hosting the actual DNS Zone for google.com
5. Once the Preferred DNS Server has the NS address back from the TLD, it can query the actual Primary NS (there are usually more than one NS returned) for the record needed, in this case the Address record for google.com
6. The Preferred DNS Server will then refresh it’s DNS cache (if it has caching enabled) as well as provide the client with the IP address associated with google.com
7. To the client application this is transparent, the client application would simple proceed with whatever requests it is trying to perform on that host, but now that the IP address is resolved, the data/requests would route to the appropriate host.

The downside (IMO) with all ticketing systems that are primarily email-driven is the human element. It is difficult to enforce proper usage policy onto people, and that holds true for SysAid. The main project that has been bothering me is users who email the SysAid integration email address -and- cc a large group of individuals. This results in users using the “reply all” feature, and each message creates a new ticket.

Here is a method I have used to address this issue using RegEx. I created a mailbox user for rejected messages, “SysAid Noise” then in the email integration preferences I configured this mailbox in the “Forward Ignored Email to:” field, and I added the following line to the field “Reject Email Containing the following in the subject:”


(?=^([Rr][Ee]\:).*)((?!.*(#[0-9]).*).*)


The above consist of two groups, the first “Re:” (since email clients automatically precede subject lines with that with you reply) and the second group matching the ticket ID field that SysAid uses (#ID) for communication. The second group is negated (?!); as a result my matches will only occur when the subject indicates a reply, and there is no ticket number. (So this would normally create a new SR).

Forwarding it to my SysAid Noise mailbox allows me to create tickets or forward back into SysAid with proper SR# which to me is a lot quicker than going back into SysAid and having to deal with the many messages that will be in there from people using the reply-all that include the SysAid email integration

This menu is a replacement for the QuickLaunch menu on the Master page of a WSS 3.0/SP 2007 site. This menu allows the following:

1. Security trimmings (even if using WSS 3.0)
2. Support for fly-out menus
3. Theming

Just like the original code, this QuickLaunch is driven by a custom list (which you will have to create yourself prior to deployment) to which you apply the security groups, menu names, links, and define the parent/child relationships of each menu item. This document http://spnavigationmenu.codeplex.com/documentation goes into detail on requirements for the list and deployment instructions.

spNavigationMenu Deployment
1. Deploy solution with WSP setup package.
2. Create list

a. Title (Text)
b. Link URL (Text)
c. Link Order (Number)
d. Show Menu Item (Choice: Yes/No)
e. Parent Menu (Lookup: Title (self))
f. OpenNewWindows (Boolean)

Register Assembly
1. Launch SharePoint Designer 2007, and open your site
2. Create backup of the Master Page
3. Insert following line before first HTML tag of master page:
<%@ Register TagPrefix="myMenu" Namespace="spNavigationMenu" Assembly="spNavigationMenu, Version=1.0.0.0, Culture=neutral, PublicKeyToken=c4f8a12532420039" %>
4. Locate QuickLaunch placeholder: PlaceHolderLeftNavBar
5. Select the PlaceHolderLeftNavBar tag (open and close) and replace with the code below
6. Paste the new PlaceHolderLeftNavBar:

<asp:ContentPlaceHolder id="PlaceHolderLeftNavBar" runat="server">
<myMenu:spNavigationMenu runat="server"
Set_MaximumDynamicDisplayLevels="0"
Set_MenuList="quicklaunchMain"
Set_ServerURL="http://sptestsite"
id="spQuickLaunchMenu"
Set_MenuName="mySpMenu"
Set_MenuOrientation="vertical"
Set_MenuCSS="ms-quicklaunch" />
</asp:ContentPlaceHolder>


The above will give you a QuickLaunch menu which looks like the original, but is driven by the list named “quicklaunchMain” (which needs to be formated prior to modifying the master page as specified above). I modified the code so the list will have to be in the current Site collection (it looks at the relative path); this fixes all sorts of issues with security and sharepoint groups.

Here are additional properties you can add to the <myMenu:spNavigationMenu /> tag:

Set_StaticDisplayLevels="2"
Set_MaximumDynamicDisplayLevels="0"
Set_MenuPreRenderClientScript=""
Set_Level1ItemStyles="custom CSS Class name"
Set_Level2ItemStyles="custom CSS Class name"
Set_Level1SubItemStyles="custom CSS Class name"
Set_Level2SubItemStyles="custom CSS Class name"
Set_Level1SelItemStyles="custom CSS Class name"
Set_Level2SelItemStyles="custom CSS Class name"


Download the WSP package: .ZIP

Please note: I did not write this code, I modified the CodePlex project SharePoint Navigation Menu project so in order to get my security trimmings functining on the WSS 3.0 site; the original project default to a topNavigation item instead of QuickLaunch. If you like the work please support the project over at CodePlex. If you have errors you may also want to look at the discussion thread and documents there. http://spnavigationmenu.codeplex.com

If you do not select SQL Server 2008 Management Studio as a feature to install initially (perhaps because you downloaded the Databases Only package?) and you proceed to patch your SQL Server 2008 Installation, you may may have trouble installing the SSMS package after the fact.

It seems to be an oversight, since the Installation Wizard for SQL Server 2008 edition will run two separate checks for errors and prerequisites, and not one of them bothers to tell you the installation package you are running doesn’t match your current SQL Server 2008 Version. What does this mean? It means you get to the screen to customize your existing SQL 2008 installation, but the Management Tools option isn’t here. It’s simply missing, and any other options you might have there are greyed out.

So what’s the fix? Downloading the SSMS 2008 R2 will allow you to select that feature! The alternative, as you may have noticed from Googling this, is to completely uninstall SQL Server 2008 instance, and re-install with the Management Tools.

At the time of this post, this link has what you need, you should be able to search MS site as well, just have the R2 in there. http://www.microsoft.com/express/Database/InstallOptions.aspx

The setup is a breeze, the tools are easy to use and the sites are crisp and professional. Free if you don’t mind using their doamin name and having discreet ADs but only $5 a month if you host with them and remove the ADs and use your own Domain name.

Great for simple sites that need to look great.

use the following command to get full details about a particular installed certificate

Get- ExchangeCertificate | fl *

As unlikely as this is to be of use to anyone else, here is the scenario it got me out of:

• File Server Running Microsoft Windows Server 2008 Standard 64 bit SP2, I’ll call it ServerA
• No access to Recovery Console (WRE) as none of the bootable media would allow us to access the recovery environment because of version mismatch on a patched system
• System unusable after a recent install of CA Enterprise Security Solution.
  -> Machine was unreponsive and File Shares were offline
  -> The Priviledged Elevation Process used by CA was stuck in a starting mode
  -> Safe mode would reboot (couldn’t access via safe mode)
  -> UAC elevation would freeze before prompt, so no way of administering services (or disabling the offending services)
  -> RPC was blocked or disabled by some portion of the CA solution, so no RDP, no remote access via GotoAssist etc.. etc.. but, machine did get an IP from DHCP and was on the network.
  -> Server in question was sole physical server without a backup (and we didn’t want to go there)

The hack in question was to launch the Task Scheduler from another machine on the domain (in this case the primary DC) and use the “Connect to” function to add tasks to ServerA. Luckily enough I was able to do this despite all the other MMCs (services/computer management) erroring out on “RPC not available” when I tried to use them.

Following this I was able to create a task “mmc.exe services.msc” set to run with elevation (which would bypass the freeze) and with trigger of “when user logs on”. Once created, I went back to the console of ServerA, logged in, and with the now elevated services.msc, was able to disable all of the offending services, and brought the machine back online (the file shares more specifically).