Stop Orb from using 100% Drive Space on Server 2008

Orb is a media server application which allows you to stream all of your videos, music, and photos to almost any device on your network or the internet.

However, it is not officially supported on Server 2008. Since 2008 is based on Vista, I figured why not give it a shot. And it works. There is just one small problem: It throws an absolute fit if it can’t access a file and starts filling the drive with log files. That causes problems when a machine goes to sleep and Orb tries to index files from a SMB share.

I managed to put together a small batch file which will stop the Orb services, clean up the log files, and restart Orb. Running this on the scheduler once a day seems to have stopped the drive space problem.

@echo off
net stop OrbMediaService
taskkill /f /im orbtray.exe
taskkill /f /im orb.exe
taskkill /f /im orbmediaservice.exe
del *.log1
del *.back
net start OrbMediaService
cd \Program Files (x86)\Orb Networks\Orb\bin
start OrbTray.exe

Defrag Large Files with Contig

Windows Defrag does a fairly decent job of keeping your drives defragmented and running smoothly. But sometimes, it has problems with large files. I usually run into problems with virtual machine drive images, once they get over about 2-3GB, they just don’t seem to defrag anymore.

Fortunately thanks to yet another Sysinternals tool called Contig, you can clean up those large files easily. Contig is a single-file defragmenter that uses the existing defrag API within Windows. After running it on a couple of my drive images, it took them from over 400 fragments each to less than 20. I did find it helpful to run a defrag pass on the drive before running contig on the large files.

Hacking the Panda GateDefender 8100

The Panda GateDefender 8100 is a Linux-based filtering, AV, and intrusion prevention system.  The system I have to work with has a P4 3.4GHz CPU, 1GB of DDR400, and an 80GB SATA drive.  It has one available PCI slot, 2 unused SATA ports, and a CF slot.

While you can get a display on the VGA connector, its not an actual console. To get a console, you’ll need a serial cable. Open up a terminal emulator and set the port to 57600,8,N,1, then power on the machine. To get into the BIOS, press the tab key when prompted.

If you look at the motherboard, you’ll see JP1 is labeled CMOS Reset. I’ve tried this, and it did not seem to actually reset anything, nor did JP8 (NMI) or JP2 (???). I used a tool called CmosPwd to recover the actual password (its ‘adnap17’).  Once in the BIOS, you can move on to getting more access to the box.

Continue reading Hacking the Panda GateDefender 8100

Extract MSI files from (some) Microsoft EXEs

Certain files from Microsoft (in particular, things such as PowerPoint Viewer and the Office 2007 Compat. Pack) are provided as .exe files. If you’re looking for something a little easier to roll out via Group Policy, you can extract the archive files to a folder of your choice by adding the /extract or /c command line switches. Which switch to use depends on the package, but you can usually do /? to get an explanation of all the options. The files Microsoft provides usually contain some MSI files you can then add to a Software Policy.

Replacing Faxmaker with Hylafax+

Faxmaker is an excellent product that I work with, but it is also expensive. When I ran into some issues with my Faxmaker server (I think it was more modem driver issues, but whatever), I decided to investigate other options instead of renewing/upgrading. That’s when I came across Hylafax+.

My workplace uses Faxmaker for 3 things: email-to-fax, fax-to-email, and PDF-to-fax. After some reading, Hylafax will do all of this as well, so I’m going to document the entire conversion process.

For now, I’m going to cover my initial setup of Hylafax to use a MultiTech MT5634 modem board to receive incoming faxes and send them to users as a PDF attachment.

Continue reading Replacing Faxmaker with Hylafax+

Uninstall Symantec from all PCs in a Domain

Last time, I posted about some leftover permission issues for FlowerCo and the Enterprise Admins group.  Today, I will explain how to remove Symantec from all the workstations in the domain. Most of this comes from this awesome post by Locutus, and if I could send this guy a beer over the internet, I would.

FlowerCo’s Symantec rollout is a combination of a misconfigured old central server, a new central server with no managed clients, and workstations that are all unmanaged clients. The great thing about this is that none of the clients are managed, so there isn’t any password needed to remove them from the workstations, which makes this a lot simpler. The bad thing about this is that the clients are all running the full endpoint protection suite, so remotely uninstalling them will briefly disconnect them from the network.  Don’t run this command during business hours unless you like having your phone suddenly ring off the hook.

Find the GUID for Symantec’s uninstall command (it’ll be buried somewhere in HKLM\Software\Microsoft\Windows\Current Version\Uninstall), then from a machine logged on as Domain Admin, run the following command (you’ll need the PsTools suite from SysInternals):

psexec \\* MsiExec.exe /norestart /q/x{FB8A4E30-9915-4814-ADF9-42E00D9FDC3D} REMOVE=ALL

This will run the uninstall command on every machine in the domain. The /norestart should be obvious, the /q makes the uninstall silent, and the /x enables logging. You can substitute other installer GUIDs to uninstall those products too.

This does not remove LiveUpdate.