Archive for January, 2010

Application installation rights in Windows Server 2003 or Finding a needle is a stack of needles.

No Comments »

I was trying to upgrade an application, and due to the list of complexities involved in the upgrade process, I had decided that the best course of action was to back up all crtical data, uninstall the previous version,  and then do a clean install of the new version.

Having done this before on the other production boxes we have, and this box being the same model, OS, and Citrix install as the other boxes, I made a horrible mistake… I assumed that it would be the same smooth process as had occurred on the other servers.

So I grab my word doc chock full o’ meticulous notes on how to upgrade this monster, and follow each step to the letter and after about 10 minutes or so, the uninstall goes smooth as silk.  I go to do the re-install and I get this message upon clicking the first executable file:

Windows cannot access the specified device, path, or file.  You may not have the appropriate permissions to access the item.

Upon seeing this, I start to go through in my head the list of usual offenders.

  1. Do I have administrative rights?  Check.
  2. Since this box runs Citrix, did I disable logons for other users and enable installation mode?  Check.
  3. Anything set as read-only that shouldn’t be?  Nope.

At this point, I was damn near befuddled, and when you get befuddled, you theories start getting more and more far fetched.  Starting with “Is my account corrupt?” then after logging on using another admin account and getting the same result, you migrate to “Have the Chinese taken control of my server and they are just toying with me right now?” and culminating with “Am I really doing this or am I just another hairless pig fetus floating in a plexiglass bathtub somewhere deep inside inside the Matrix?”

It was at this point that I decided to call Saulo, one of our intrepid Windows admins where I work.  Working with Saulo is great for several reasons… you can get him on weekends, he knows his shit, etc…. but his specialty in this case is that he can find solutions when all of your mere mortal options have been exhausted.  After some trial and error and research, he found this little nugget of wisdom that I will now impart to you:

  1. Open Internet Explorer (I know.  Seems totally unrelated, but this is Windows, so it’s not supposed to be intuitive.  Just work with me here.)
  2. Go to Tools -> Internet Options.
  3. Select the Security tab
  4. Select Internet and then click the Custom Level button.
  5. In the Miscellaneous section, the Launching applications and unsafe files setting was  set to Disable, which is the root cause of my problem.  To fix this, set it to Prompt (recommended).

This screenshot will show the visual details of the steps shown above.

This is a message for those of you are into this whole “Tea Party” movement thing…

No Comments »

You may want to take a second look at the people who are going to be showing up at your convention.

I’m all for people having different opinions.  Life would be boring if we all thought the same.  However, white supremacy is not an opinion, it’s a disease.  And for whatever reason, this disease is looking at the Tea Party movement as a giant petri dish.  And that’s really sad.

Mark Twain gives a clinic on how to talk to idiots.

No Comments »

On November 20, 1905, Mark Twain had finally become fed up with the bogus medicinal elixir salesman that had left him a flyer and note on his doorstep for probably the umpteenth time.  So he decided to fire a letter back to the salesman who had clearly been the straw that broke the camel’s back.  I would put money that no patent medicine salesman darkened his doorway ever again.

Below is the text of the letter.  You can go here to see the letter in Twain’s own hand.

Nov. 20. 1905

J. H. Todd
1212 Webster St.
San Francisco, Cal.

Dear Sir,

Your letter is an insoluble puzzle to me. The handwriting is good and exhibits considerable character, and there are even traces of intelligence in what you say, yet the letter and the accompanying advertisements profess to be the work of the same hand. The person who wrote the advertisements is without doubt the most ignorant person now alive on the planet; also without doubt he is an idiot, an idiot of the 33rd degree, and scion of an ancestral procession of idiots stretching back to the Missing Link. It puzzles me to make out how the same hand could have constructed your letter and your advertisements. Puzzles fret me, puzzles annoy me, puzzles exasperate me; and always, for a moment, they arouse in me an unkind state of mind toward the person who has puzzled me. A few moments from now my resentment will have faded and passed and I shall probably even be praying for you; but while there is yet time I hasten to wish that you may take a dose of your own poison by mistake, and enter swiftly into the damnation which you and all other patent medicine assassins have so remorselessly earned and do so richly deserve.

Adieu, adieu, adieu!

Mark Twain

I don’t know these people, but I kinda wish I did.

No Comments »

I’ll bet they have a kick-ass wedding if the invite for it is any indication.

Alterian Engine 4.1 – ConnectionBroker.exe and Security Groups

No Comments »

This is just a blurb that I wanted to publish for my sake (so that I could look it up later) and for anyone else who has to install Alterian Studio who will invariably run into the same problem.

The problem: You want to set up a security group so that certain fields in your database are invisible to certain users.  You log onto the management console and set up your group only to find that when you log off of the AMC and start the application, the fields you thought were invisible are still visible.  You clearly saw the  group created and users assigned to it in the AMC when you were building the group.  So what happened?

Here is what happened: When you were logged onto the Alterian Management Console, you were indeed building a security group and assigning users to it.  However the issue lies with where you were building that group.  You were building it in memory.  The AMC does not write to disk until you actually log off of your session.  The other piece to this puzzle is what does the writing.

If you remember, back in the heady days of AMS 2.2, there were 3 parts that made up the essence of Alterian:  Molecule.exe (the interface), Atom.exe (the distributor), and Nucleus.exe (the engine).  Now with AMS 2.5/Engine 4.1 comes some serious performance improvements, and one of the reasons for those improvements is ConnectionBroker.exe, the sort of  ‘traffic cop’ for the multi-tenant environment.  You’ll also remember that in AMS 2.2/Engine 3.1, you needed to use DCOMCNFG to tell the application what account it needs to run under so that proper rights are given for these executables to access folders, write to disk, use network shares, etc.  With ConnectionBroker in the mix, you need to do the same thing, but for ConnectionBroker, this is not done in DCOMCNFG.  ConnectionBroker runs as a service, so configuration happens in the Microsoft Management Console under Services.  Another catch is that changes are not immediate.  When you change a service, you have to stop and then re-start the service for the change to take effect.  By default, ConnectionBroker.exe runs under SYSTEM (the Windows SYSTEM account, not Alterian’s administrative account) which often is not given rights to write data willy nilly all over your server.  Switching to whatever generic Alterian account you use in DCOM usually solves this problem as that account is 1) not accessed by regular users and 2) is an admin level account (Alterian uses ‘nuclog’, but where I work, we make our own account).

Once ConnectionBroker.exe service is set to run under a different account than the default Windows SYSTEM account, you will see the Security Group issue disappear.  Interestingly, this issue does not rear it’s ugly head when creating/editing users themselves.

Simple passwords are easier to hack.

No Comments »


(little kids waving) “G’bye!!  G’bye Captain Obvious!”


Buckethead – Whitewash

No Comments »

One of his best songs.  This is the mellower version…

And if you want a little more crunch and little more shred, there is this version:

You don’t need to “know” Linux to use Linux.

No Comments »

You can argue many points both for and against the author’s argument. But what you can’t deny is the hilarity of the most recent comment (shown just below the article’s text) as of the writing of this blog post:

Submitted by Anonymous on January 16, 2010 – 10:45 P.M.I don’t think anyone who has commented on this article has ever been laid.

Happy Birthday Gene Krupa.

No Comments »

One of the best drummers ever.

Review: Dave’s Take Out Rib Shack

1 Comment »

One of the great crimes of this world, and especially in the current economy, is to see a great food joint go under.  Consider this review a pre-emptive strike in order to save one such place.

This past fall, I was driving my kids to daycare and school, and on my way, I pass this little food stand.  I’ve lived in this neighborhood for almost 7 years and the place has changed hands 7 times.  I remember a burger and hot dog joint, followed by another burger joint, and then… brace yourselves folks… yet another burger and hot dog joint.  Clearly nobody got the memo that another burger joint was not needed, and the addition of hot dogs did not sweeten the deal.  However, this year, the clouds parted, the sun shone down, and what appeared is Dave’s Take Out Rib Shack.

I like this place for 4 reasons:

  1. If you go into Dave’s Take Out Rib Shack, you’ll actually meet Dave (Nice guy too!).
  2. It’s not another burger and hot dog joint.
  3. The man gave us what we don’t have:  a rib joint.
  4. He just doesn’t sell ribs.  He celebrates pork.

What I mean by celebrates pork is that his menu includes not only ribs, but bacon, ham, sausage, scrapple, pulled pork, and kielbasa.  His doesn’t serve french fries, but what he does serve is actually far better:  actual homemade sides.  Macaroni and cheese, scalloped potatoes (nobody serves these), baked beans, cornbread, etc.

The first time I went into Dave’s, I didn’t even get ribs.  I went in at about 6:30 in the morning (he opens at 6am) and I got a ham egg and cheese breakfast sandwich.

Best breakfast sandwich I ever ate, and here’s why:

  1. The ham is real ham.  Not shitty lunch meat ham.  Real ham.  Thick ham.  Ham like a slice you would get at your grandmother’s Sunday dinner ham.
  2. He used two eggs instead of one.  And there were chunks of FRESHLY CRACKED PEPPER on my eggs.
  3. He uses good quality cheese.  You can tell good quality cheese by how it melts.
  4. It’s on a soft kaiser roll.
  5. It’s only $3.75.

The man clearly has the attention to detail to get right a simple but really good thing on which most people will automatically lower their expectations because the extent of their experience with the breakfast sandwich is at the low end of the food spectrum:  the cookie-cutter corporate fast food joint or the combination gas station/convenience store.

If you time it right, you can not only get your breakfast sandwich, but you can stand there and watch Dave working on getting the day’s rib supply ready for lunch and dinner.  And a fine smell it is.  The man is clearly proud of what he’s doing, clearly has taken a huge gamble by probably sinking his life savings into this, and is probably one of the hardest working people on the planet as he is there every day from open to close doing everything himself.  This place clearly has the ingredients to be successful, but as a lot of business owners and successful restaurateurs will tell you, one of the hardest things is getting the momentum of the first wave of customers that will sing your praises to others.

So consider this the beginning of that wave.  here’s the details:

Dave’s Take Out Rib Shack, 1339 E. Philadelphia Avenue, Gilbertsville, PA  19525

7am – 7pm Monday through Friday, 9am – 7pm Saturday and Sunday