Category Archives: General

Home security – installing a new system with alarm.com (Part 1)

Back in 2007 I wanted to get a home security system that was more than just the standard type of system.  I stumbled upon a do it yourself system from a company who at the time was called InGrid, later renamed to LifeShield.  It had everything I wanted – keyfobs, mobile app for my phone, nice web interface, modular and redundant, etc.  I had that system until yesterday (July 10th, 2013).

I wasn’t actively looking to replace my home security system, but after talking with a friend who happens to work for alarm.com, I was convinced that it was time for an upgrade.  Several of the components on the old system were starting to wear out and fail and I was growing tired of clearing problems at the panel.

Hello GE Simon XTi by Interlogix and powered by alarm.com through SafeMart!

rs

When I received the GE Simon XTi system it came with 3 door/window sensors (the large model), one keyfob, one motion sensor and one CDMA cellular module.  This wasn’t enough to cover all the entry points into my home, so I ordered a few more components through eBay.   I also decided to pull out the CDMA cellular module since quite honestly CDMA has terrible coverage in my particular area.  What I ended up getting is a GSM cellular module with service through at&t which does have excellent coverage especially since I live less than half a mile from one of their towers.

Most of the parts arrived yesterday and once I was home from work – I began the install and setup process.  This blog post will cover the setup and installation of the basic home security system and its components.  The second part which I will post later on – will cover my experience setting up zwave devices for home automation and control.

So let’s get to it, first off – the GE Simon system came in a very nicely designed box with all the components packed neatly and safely inside.  Packaging sometimes gets overlooked but it’s actually very important for a number of reasons such as safety, marketing, protection from damage during shipping, etc.

SimonXTipackage

The next step was to unbox everything and begin setting up the control panel and connecting the wireless  sensors to the system.

Before I could do that I had to set up the panel and get it ready to power on.  This entails installing the battery pack, which is simple and nothing special.  The system does not come with a standard power cord, you have an AC power pack which you then manually connect the power cable to the leads on the AC pack, then manually connect the other end of the power cable to the leads on the back of the panel.  Since its AC power there is no polarity so it doesn’t matter which wire goes where on the panel.  Each input connection is labeled “AC Input”.

I also installed the cellular module into the optional bay on the back of the Simon XTi.  It simply snaps into place and you can secure it with a screw which is provided in the box.  It comes with an onboard antenna but you also get an external antenna extension.  I want the best possible signal on my system so I installed the external antenna wire.  You just snap it onto the antenna connector located on the cellular module and run it out of the open slots on the back of the panel casing.  While doing that I also connected my phone line (although not necessary at all).  I noticed the panel also has an ethernet port, but I didn’t bother with that either.

GE-600-1048-XT-1_zoom

Each standard sensor comes in a white box labeled with the GE part numbers and other information.  I wanted to approach this install as someone who had no idea what to do or how to proceed.  I was somewhat disappointed that the instructions for each sensor did not mention anything about the specifics of adding the sensor to the XTi panel.

GESimonXTi

You get a little bit of instruction on how to put the system into learning mode but that’s about it.  It would be nice if the manufacturer included information about the sensor, such as which sensor group to add it to, product codes, etc.  I was genuinely confused at first when adding sensors since the XTi panel asks you for an optional product code, which you cannot find anywhere on the sensor or its documentation.

A bit of advice: be ready to add sensors and remove them only to re-add later.  When setting up my system I actually worked on it over the course of two days and I wasn’t ready for activation right away.  I had time to tinker with the sensors and ended up removing and re-adding them perhaps 3 times before I was finally satisfied with the configuration.  Part of what I didn’t realize at first is that you can edit the sensor name on the panel when you add each sensor, and also add extra descriptions that get appended to the main description.  The default for many of the sensors is “Front Door”.  Obviously you should change that to something more descriptive.

The keyfobs for example, were the easiest to program into the system because you simply hold the arm/disarm buttons down at the same time to pair it with the panel, but I had 3 of them and had to do a little internet research to find out what group I should put them in and how to name them so I could show who armed/disarmed the system (since 3 different people will now have a keyfob).

What I did was to pair each Keyfob and let the primary description be “keyfob”.  Under that I added another description line with just one letter, the first initial of each person’s name who would own one of these keyfobs.  So mine for Example was named “keyfob” then under that, the letter “J”.  From there you can login to the Alarm.com web interface and rename the sensor with a more usable or familiar name for the person who will use it.  These friendly names are what you see in alerts on the website and on the mobile app as well as in email notifications.  It would be nice if the panel let you type in your own description, but instead you have to select from a predefined list of labels.

One minor gripe about the keyfobs.  On the old system the keyfobs had a separate button for arming in stay or away modes, but the new keyfobs with the GE system have one arm button and the number of times you press the arm button determines how the system is armed.  This will take some getting used to and seems less than ideal to me.  But with limited space on the keyfob I can understand this design.  One press to arm in stay mode, two consecutive presses to arm in away mode.

600_1064_95R

Next I installed the motion sensor and smoke detector.  These were very straightforward and also easy to program.  I did have a few minutes of confusion over the smoke detector however, after I paired it with the panel I started getting error messages complaining about the serial number already existing.  It turned out that the system was still in learn mode after I had paired the sensor with the panel, but I was still tinkering with the smoke detector which triggered the pairing process again.

Another Tip: when pairing the smoke detector, close out of the learning mode on the panel so that you don’t end up getting confused and troubleshooting a problem that doesn’t exist.  I also had to determine the proper group for adding the smoke detector.  I don’t recall seeing any documentation with the system that gives you a table of which groups are for which types of sensor.  I had to find this information on a YouTube video that SafeMart provided.  It would be nice if this information were either included with the system or included on the documentation that comes with each sensor.

My only gripe about the motion sensor is that it is not labeled up or down to help you determine which way to mount it.  I have not yet invested the time to research this yet, so it’s very possible that I have mine incorrectly mounted.

I am using 3 of the larger crystal door sensors, but I also ordered and received several of the micro door/window sensors.  I highly recommend the micro sensors over the larger ones.  The smaller sensors comes with self-adhesive pads making them easier to install in some spots, but the larger sensors do not come with any adhesive pads at all, and seem to be intended for screw mounts.   I had to get creative in how I mounted several of my sensors.  A minor gripe about the door/window sensors, both have to be pried open to pair them with the panel.  This is something I needed a small screw driver for, it’s just a one time thing and not a big deal, but it does make initial pairing more difficult as the plastic housing on the sensors is not that easy to get open.

Another unexpected issue I ran into was when I tried to remove the old sensors from the previous security system.  They were installed using very strong self-adhesive pads and when I was removing them, they did come off, but they took chunks of drywall with them.  I now have 3 windows in my house with a big brown spot where the old sensors used to be mounted.  The adhesive is very strong and if you aren’t extremely careful you can damage the surface you are applying them to if you ever need to remove them.  At least with screws you only end up with a small hole or two, which is better than a large missing patch of drywall and paint.

I still need to add just a few more sensors to cover all of my windows and doors but at this point I have the basic home security system installed and functioning. I tested the sensors to make sure that I had everything setup correctly.  I did the pairing one sensor at a time and then placed it where it belonged so that I didn’t get anything mixed up.

Once all the hardware was in place it was time to activate.  That’s where SafeMart and alarm.com come in.  I worked with a number of people from SafeMart to get my system activated, it was actually surprising to me that so many people were involved in the activation process.  First there was “Jared” who took my basic info and payment information for the monitoring plan I selected.  Then there was “Michelle” who was in the monitoring department and she walked me through creating my SafeMart customer portal account.  She also scheduled a conversation with an installer “Greg” who called me back an hour and a half later to walk me through the actual/technical activation process.

Once I was on the phone with Greg, it was mostly a time of waiting for him to create my alarm.com account and register my cellular module in their system.  Another Tip: you will need to reboot the XTi panel after they activate the cellular module, apparently the module registers itself at boot up.  The reboot process includes disconnecting the battery, and AC power.  We waited 1 minute and then put the battery back in and re-connected AC power.  Once done, the cellular module registered successfully and tested out okay.

At this point, my system is in a 72 hour test phase where I can play around with the configuration and test it out thoroughly.  I want to make sure that everything is securely installed and functioning properly so that I don’t cause any false alarms once the monitoring exits the test phase.  Right now two of my sensors have an “N/A” status at the panel which I’ll need to investigate, but otherwise everything seems to be working well.

Once my alarm.com account was setup and I had completed the basic configuration setup online – it was time to play with the mobile apps for our iPhones.  I installed the alarm.com app on two iPhones and created a separate login account for my wife to use so that we could each have separate geo-location triggers.  The app itself is a clean modern look with black and orange highlights (on the iPhone).  It works well and I am happy with the functionality it provides.  I have only two minor gripes about the mobile app for iPhone/iPad.

1. There is branding at the bottom that says “powered by alarm.com”.  I would personally prefer if this was part of the header logo rather than what appears more like an AD placed at the bottom of the app.  I find it distracting and it reminds me of ad banners that make me want to look for the paid version of the app without the branding.

2. The app works in a “pull” mode, where it’s not necessarily real-time information on your screen.  Some of the screens have a refresh button or a swipe down to refresh.  Nothing wrong with that, but it would be more economical as a user if the info were refreshed real-time when the app was open.  Again nothing serious, just minor critiques.

I’m sure the alarm.com app will continue to improve and the user interface will be refined as time goes on.  Just before I cancelled service with my old home security system they had recently released a new version of their mobile app “LifeShield” which has a very nice UI and real time updates.  I’m sure alarm.com could do something similar and given time I suspect that their app will also continue to improve.  In all fairness it was many years before LifeShield updated its mobile app.  (note: I like the iPad version of the app better than the iPhone version).

photo  photo2

The last thing I want to talk about is the geo-location feature.  This is something that I am geeking out about.  Thanks to alarm.com supporting multiple logins for their service, you can run the mobile app on separate mobile devices and each can be independently monitored and used with the ge-location function.

So far I have created two geo-zones, one for home and one for the area where I work during the day.  The idea being that I can have the system notify my wife if she leaves the vicinity of our house without arming the system.  And when I leave work for the day I can have the system perform other functional automatically for me, such as set the thermostat to my desired comfort level so the house is nice and cool when I get home.  These are just a few of the potential options available with this system.  Once I get more devices to connect via zwave I will be able to do some really cool stuff like door lock automation, lighting control, etc.  But that is what I’ll write about in part 2 of this post.

The only outstanding issue I need to work on so far is that I can’t seem to get the unit to chime properly when a door or window is opened.  I’m sure this is another documentation issue.  Most likely I need to move the sensors to a different group in order to get the chime.  Right now everything is just silent, which isn’t bad, but with kids in the house its nice to hear when a door or window is opened.

To sum up, the system is well made, sophisticated but still very manageable for a do-it-yourselfer like me.  Anyone who knows how to use a search engine for questions they have – could install this system.  Although it would be nice if the documentation that comes with the system was better.  Hopefully the tips I’ve shared here will at least help someone else as they go through this same exercise.

I’ll update this post over the next few weeks as I learn more about the system and any quirks I observe.  And keep an eye out for Part 2 of this post where I’ll share my experiences with zwave home automation – coming soon.

Links:

Safe Mart – http://www.safemart.com

Alarm.com – http://www.alarm.com

Interlogix Simon XTi – http://www.interlogix.com/intrusion/brand/simon-xti/

Simon XTi interactive Demo – http://interlogix.com/simonxti_demo/

Gotcha when adding Exchange transport rule disclaimers

Recently I was involved in a project to test outgoing e-mail disclaimers for only a specific group of users in our company.  Normally this would be a no-brainer using the standard features in Exchange transport rules to add a disclaimer using specific criteria.  However, while testing the disclaimers with a colleague, he observed that his tests worked fine when sent from a mailbox on Exchange 2007, but failed to work at all when coming from a mailbox on Exchange 2010.

So I began troubleshooting this issue and trying to find the cause of the problem.  In our company we actually have 3 generations of Microsoft Exchange running in a co-existence scenario (2003, 2007 and 2010 – with 2013 coming soon).  I tried everything I could think of to get the transport rule disclaimer to work, testing it on my own mailbox which is hosted on an Exchange 2010 server.  Sure enough the disclaimers did not work for my account.

I poured over KB articles and forum posts scouring the internet for any tips that might at least point me in the direction.  After several hours of searching I stumbled upon a forum post indicating that I should check the “remote domains” properties in the Exchange shell.  So I ran the command “get-remotedomains | FL” and sure enough the “isInternal” value was set to “true”.  Given that our transport rule disclaimers were conditional upon being sent to recipients who were “external” to our Exchange organization – of course none of the rules would work.

In order to resolve the issue, I ran the following command: “get-remotedomain | set-remotedomain -isinternal $false

This allowed Exchange 2010 hub transport servers to recognize all email recipient domains not configured in our Exchange organization as “external”.  A second round of testing revealed that this change did in fact resolve the issue and the transport rule disclaimers worked perfectly for everyone, both Exchange 2007 and 2010 mailboxes.

I am amused and slightly annoyed that the vast majority of forum posts and KB articles I found about how to use Exchange transport rules to send outbound disclaimers has no mention of this possible “gotcha”.  I’m sure there are limited circumstances that would result in this issue which is probably why it was not mentioned in the articles I was reading, but I offer this as help to those who may face a similar situation.

Confusing behavior in Exchange 2007/2010 when changing Hub Transport DNS configuration

I recently ran into a configuration issue in Exchange 2007/2010 that left me scratching my head in bewilderment.  After noticing some DNS resolution issues between several hub transport servers I began looking at individually and manually configuring DNS resolution settings on specific Exchange servers.  In ESM I went to “Server Configuration > Hub Transport” and viewed the properties of each server.  On the “Internal DNS lookups” and “External DNS lookups” tabs you get the option to choose either the DNS configuration from a specific network adapter or manually enter the DNS servers to use.

To save time, I began using the drop down selection of specific network adapters to grab the DNS servers I wanted.  However, there is an important “gotcha” here that is not indicated in the GUI or anywhere else that I’ve seen.  Basically what is happening is that when you use the drop down NIC selections to grab DNS, what you are doing is querying the NICs of the server on which you are running ESM.  So what happened in my case is that incorrect DNS servers were being assigned to remote Exchange servers because I assumed that the NICs being listed in the drop down were the NICs physically installed on the remote server for which I was viewing the properties.  Big mistake!

I started noticing events in the logs complaining about inability to resolve DNS hosts.  Once I started investigating this it dawned on me that the names of the NICs in the drop down listing never changed as I viewed the properties of different servers.  It just happened that the NIC I chose did not have any DNS servers configured, so I was basically configuring those specific Exchange servers with no DNS at all on the hub transport DNS resolution configuration.

To resolve the issue, I manually specified the DNS servers to use for each specific Exchange server.  That completely resolved the problem and got mail flowing again.

Just kind of curious why Microsoft would allow you to manage remote servers from one location/instance of ESM but only show you the NICs on the local server when configuring remote server hub transport properties.

De-evolving technologically

A lot has happened since I last posted, but I thought it would be good to post a quick update on the changes I’ve made technologically over the last few months.

The first major change is the decommissioning of my personal Exchange mail system.  My home server setup was getting far too complex and expensive to maintain so it was decided to do some downsizing and basically get rid of a bunch of servers.  At the time I began to remove servers, there was 6 being used full time.  It got to a point where I had built a powerful white-box server on which to run VMWare ESXi 5 which allowed me to virtualize all of my servers.  There were 2 for AD/DNS/DHCP and 2 for Exchange 2010 in a DAG and 1 for simple/general tasks like backups and game servers.

To be honest, my wife and I got quite accustomed to having enterprise level features in our home e-mail solution.  As someone with about 12 years of Exchange experience I had it setup right which included custom domain names, SSL certificate, networking to support ActiveSync for our iPhones, etc.  I had wanted to simplify things for quite a while, but never could find just the right solution to handle our e-mail and calendaring in a way that would remain highly functional and not be difficult to migrate to.  Then along came a new service by Microsoft called Outlook.com.  Long story short, outlook.com is everything we needed to get rid of Exchange and simplify the home setup.

Our email, calendars, contacts, etc – were all easily migrated to Outlook.com.  Of course I had to dump about 8GB of archived messages to PST files out of Exchange, but thats a normal part of the process.  For the time being, we’re still using Microsoft Outlook to grab old messages, but for all new messaging features we’re going with Windows Live Mail.  It integrates nicely with Outlook.com and gives us a very nice user experience with pretty much all of the features that we were accustomed to while using Exchange.

Unfortunately, the networking side of things hasn’t transitioned quite so easily.  When we had all of these servers running they were responsible for most of our networking services, like DNS/DHCP.  Transitioning to router based network services was a bit of a challenge.  I ended up buying an Asus RT-N66U dual band 802.11N Wi-Fi router.  The Verizon FIOS router is forwarding all traffic to the Asus router (DMZ).  In the Asus router I’m doing all my port forwarding rather than having the Verizon router handle of that.  Mainly because the ASUS router won’t allow many of its advanced features if its configured as a mere AP, it must be in router mode for the bells and whistles.

An unfortunate side-effect of this transition is that all of our Apple Devices appear to be rather slow on Wi-Fi using the new home network setup.  I’ve run lots of diagnostics and tried many tweaks but nothing I’ve done so far has restored pre-transition device speed for the iDevices.  Strangely enough my laptop works fairly well on both the 2.4GHz and 5GHz Wi-Fi Networks.  I suspect there is some advanced tweaking that could be done to improve the iDevice performance over Wi-Fi, but so far I haven’t figured it out.

At this point, my office has one nice PC in it, a PC that is quiet and easy to maintain. The big server is now going to go up for sale, hopefully on Craigslist.  After adding everything up, it seems I have approximately $1,200 worth of server/parts available for sale.  This was a great machine, dual quad core Opteron 2.2GHz CPUs, 32GB DDR2 memory, 6 SATA HDD for over 5 TB of disk space, etc.  This machine was perfect for virtualizing servers, the only downside is the noise and heat.

To sum up, I’m no longer running a bunch of servers at home.  No more Exchange for home messaging, no more noise, no more extra heat in the office, its all gone.  And its interesting how quickly we grew accustomed to the noise in the office and how much we enjoy the quiet now that its gone.

In addition to the servers being removed, I also finally got us off the Ooma VOIP service.  Someone purchased the Ooma box from me via craigslist and took it off my hands.  Since we’ve bundled phone services with Verizon FIOS there was simply no further need for an additional home phone service.

Outlook.com is handling our messaging needs very nicely.  The web interface is easy to use and very clean.  It supports Active Sync via the Hotmail connector in the Apple Mail client, which is very nice.  The only things we really miss are server based Distribution lists and shared calendars.  However, none of that was a deal-breaker for us.

As a result of the downsizing, it looks like we will be saving approximately $600 a year in services and fees from all of the various resources I needed in order to run such a system at home.  That includes Microsoft licensing and domain names, SSL, etc.  Needless to say this transition is going to be a cost saver with only a few minor networking kinks to work out.

Drive failure in my personal Exchange 2010 server

A few months ago I upgraded my home Exchange mail system from Exchange 2007 to Exchange 2010.  During this process I added a secondary server that was identical to the main server.  By having two Exchange 2010 servers I was able to utilize the DAG feature that is new in this version of Exchange. 

All that to say – yesterday my main Exchange server disk drive failed.  I got home from work and shutdown the server, removed the hard drive and tried to run some tests.  All I got was clicking, it won’t even see the partition table.  Fortunately, since I was running Exchange 2010 with a DAG for redundancy, I was able to quickly activate the database copies on the secondary server thereby eliminating any downtime or data loss of my Exchange system.  Currently, the secondary server is actively hosting my databases.  My mobile phone still works through ActiveSync, OWA works, incoming and outgoing mail also, no problems! 

I’ve purchased a replacement drive which should be here in a day or two.  The downside is the drive that failed has failed to a degree where recovering the drive is highly unlikely.  Since I don’t have RAID on any of my servers (due to cost) I will end up having to rebuild this server.  My next steps will include reinstalling the Operating system and Exchange 2010.  I plan on using a recovery mode install of Exchange 2010 which should restore all my Exchange settings and configuration leaving very little left to do but tweak a few things and make sure my DAG is re-created.  My only other option is to manually remove all traces of the failed server from Active Directory and then re-install Exchange in normal mode.  This would be a little more work so I’m hoping the recovery mode install will work properly. 

I LOVE EXCHANGE 2010!

Change mailbox alias or re-create Exchange mailboxes results in NDR from bad Outlook recipient cache

In the past when renaming or re-creating mailboxes in Exchange I’ve had issues where the Outlook cached entry for the user no longer works when internal users send mail to the specified mailbox. This is because of our dual Exchange environment running mixed versions of Exchange. The original mailbox was created under Exchange 2003 and ultimately moved to Exchange 2007, but preserving the Exchange 2003 Mailbox reference for X500. When a mailbox is re-created or the alias is changed, it can break these cached entries in Outlook. Today, I discovered a way to work around this issue from this article.

In the future if I need to change alias (due to name change) or if there are problems resulting in a need to re-create the mailbox, the steps in the article can be used to avoid having mail delivery problems for the affected user.

• The listed steps will allow the cached Outlook entries to properly resolve the user mailbox. No user action is required to make this work.
• You can find the proper alias for the user in an NDR message or by going to the cached entry in outlook and viewing its properties. It will be a string in one of the values displayed on the properties. (Note, this only works before you make the changes above).
• The updated string for the Exchange 2007 environment is automatically added to re-created mailboxes in X400 form. The old pointers can be added using X500.
• This issue only affects mail sent from internal clients using the cached entry in Outlook, all SMTP mail flow and external mail will continue to flow to the user uninterrupted regardless of this issue.

Lets put the internet in perspective

A Day in the Internet
Created by Online Education

Yes you can activate a clean install of Windows 7 with an upgrade product key

I am not promoting piracy, but I ran into a nasty little problem when I tried to activate Windows 7 on my home computer.  Maybe this post will help others like me who can’t get help anywhere else. 

In anticipation of obtaining my Windows 7 Pro upgrades (which I ordered in July on the pre-order 50% off sale) I installed Windows 7 Pro using a clean install without entering a product key for activation on two of my computers.  My laptop and my main home computer.  Both computers were clean installs on either a new hard drive or a new partition.  On my laptop I resized my partitions and installed Windows 7 on a new partition separate from Windows Vista.  So now its in a dual boot configuration with Windows Vista and Windows 7. 

On Thursday, I got my upgrade product keys from the Microsoft store and went to activate my computers.  On my laptop the activation was successful wtihout a problem.  Then I went to activate my home computer and got the error telling me that I can’t use an upgrade product key to activate a clean install of Windows 7.  So now I am left with a fully loaded PC running Windows 7 with only 10 days left to activate before I either have to re-arm or enter a new product key.  It takes hours to backup and restore the data on this PC, its my wife’s main computer and we have tons of stuff to backup and move around.  I’d pay a fee to avoid having to do this! 

The home computer was running Widnows Vista 32-bit Home premium edition.  It got upgraded to Windows 7 Pro 64-bit using a clean install method.  A while after I had installed Windows 7, I decided to cleanup the old hard drive that had the Windows Vista install on it because I wouldn’t need it anymore.  So I can’t even go back to Vista without having to do a clean install of Vista first which is something I want to avoid.  But from my understanding you can’t upgrade a 32-bit OS to the 64-bit version, so I have to do a clean install anyway.  But now that I’ve wiped out the hard drive that had Vista on it, so the activation wizard can’t see the old OS and won’t let me use my upgrade key.  I heard hints in various forums that the activation wizard looks for partitions with an upgradable OS on it. 

On my laptop, I still have the partition with Activated Windows Vista home premium 64-bit because of the dual boot setup, so I think thats why the activation wizard let me activate my laptop without a problem.  So what can we do in a situation like this?  Call Microsoft, take a huge risk and investigate non legit options?  

I had thought about trying to run the Retail upgrade install of Windows 7 on my home PC and use my upgrade key for activation.  The reason I had hope that this might work is because my home PC was loaded using the RTM Windows 7, and the download I got from Microsoft was the official retail media, so there is a very small chance it may have let me do another upgrade using my upgrade key and then possibly activate successfully.  My other thought was to install windows Vista on a spare hard drive and just leave it in my PC when booted up to Windows 7 and see if the Windows 7 Activation wizard will recognize a valid copy of Windows Vista and let me activate using my upgrade key. 

I was getting desperate since it could easily take two days to reload my home computer and go through all the trouble to get Windows 7 running again!  This is such a pain!  It shouldn’t be this hard for legit customers to use Microsoft software!!!

Ok, now that the rant is over, let me tell you how to get around this problem and get your Windows 7 systems activated.  This is actually very easy and only took a few minutes.  To my knowledge there is nothing underhanded or risky about this procedure.  Its also not well documented, it took me two days of google research and massive searches to find the information that helped me. 

Thanks to Winsupersite.com community for this information!

After performing the clean install, ensure that there are no Windows Updates pending that would require a system reboot. (You’ll see an orange shield icon next to Shutdown in the Start Menu if this is the case).  Install the updates and reboot if necessary before proceeding.

Then, open regedit.exe with Start Menu Search and navigate to:

HKLM/Software/Microsoft/Windows/CurrentVersion/Setup/OOBE/

Change MediaBootInstall from “1” to “0”.

Open the Start Menu again and type cmd to display a shortcut to the Command Line utility. Right-click this shortcut and choose “Run as administrator.” Handle the UAC prompt.

In the command line window, type: slmgr /rearm

Then click OK, close the command line window and reboot. When Windows 7 reboots, run the Activate Windows wizard (go to system properties and click the activate windows link at the bottom of the window), type in your upgrade product key and activate windows.  It should activate successfully and you are now finished!  Congratulations on saving yourself hours (or days in my case) of wasted time jumping through hoops trying to get your genuine Windows 7 installation activated!

Exchange 2003/2007, IIS 6 Metabase and SMTP domains

   Recently I ran into a very strange issue with Exchange 2003, IIS 6 and SMTP domains.  The environment is a mixed Exchange 2003/2007 site with about 10 public SMTP domain names for which this Exchange org is responsible for.  Since the beginning of my time as the Administrator for this system the recipient policy settings have been the same.  All the SMTP domains are listed in the recipient policy but some are unchecked.  For years this has been the case and we’ve never had a problem.  But something must have happened recently, because the last few days have been busy for me trying to figure out what was causing a mail delivery issue that resulted in all incoming mail for several of the legitimate public SMTP domains to bounce back to the sender.

   After some research and manual testing to try to identify what was causing the problem, I found a strange thing.  In the IIS 6 metabase on one of the Exchange 2003 servers, the public SMTP domains were missing from the “domains” key under LMSMTPSVC1DOMAIN.  Two of our domains were listed but all the rest were missing.  If the domains are not listed in the IIS metabase for SMTP, the server will reject mail sent to those domains because it doesn’t realize that its responsible for receiving mail for them.  So I decided to do a test, I opened up the recipient policy and put a check next to all public SMTP domains and waited a minute before refreshing the IIS metabase information.  When I checked again, I found all the public SMTP domains were correctly listed in the IIS metabase now. 

   Earlier in the day I was trying to send test messages via telnet through SMTP.  When I would try to send a test message to a user on one of the affected domains I would get the error “unable to relay for user@domain.com”.  After refreshing the IIS 6 metabase, my telnet test messages were being accepted successfully and I confirmed that the user was receiving them.  Again, the recipient policies have been the same since the beginning of the AD in this site.  I have no idea why all of a sudden we would see incoming mail problems.  I can only speculate what might have happened, perhaps a quirk due to an unexpected DC shutdown, or maybe its some weird fluke with IIS 6 and some other third party apps that have SMTP event hooks that caused it.  I really have no idea and I don’t have a screenshot of the IIS 6 metabase config from before the time when we started to have problems. 

   What fixed the problem was to make sure all the public SMTP domains appeared in the IIS 6 metabase.  After that was taken care of, mail delivery issues were fixed and I was able to verify this using manual telnet test messages.  So I know what the problem was and I know what fixed it, I just don’t know what actually caused the problem in the first place. 

   If you don’t have a metabase explorer, you can use the one included in the IIS 6 resource kit, which is available as a download from Microsoft.

Migrating to Windows 7

Yesterday, I upgraded my work PC to Windows 7 professional.  I wanted to give the upgrade a try and see how it would go, but normally I prefer to do clean installs.  The upgrade process took about 2-3 hours but did retain all my applications and most settings.  I did have to remove some HP software that came with the PC, but overall it wasn’t too bad.  I had some additional trouble with Ultramon that caused some errors and weird behavior with the taskbar.  Here are some observations so far:

1. The taskbar is taller and takes up more screen real estate.  This isn’t necessarily bad, but takes some getting used to.  It makes the icons look smaller. 
2.  The quick launch bar has been transformed into something different, mabye better, not sure yet.  I was dismayed to find out that the upgrade had wiped out my quick launch folder completely, all my pre-arranged shortcuts were just gone!  I found a way to work around this by creating a new quick launch folder manually and moving shortcuts that I wanted in the list.  I wish I had backed up my quick launch folder before the upgrade! 
3. The transparency is nice, but at times a little weird.  Since the top inch or so of many apps is now transparent, it seems like your apps are not maximized or as if there is a big gap at the top of the screen. 
4.  I think its cute how the new network connection icon in the task bar looks like it has a pitch fork in it.  🙂
5.  I like the new start menu, specifically the ability to expand options for programs such as RDP.  Now when you go to RDP in the start menu, it gives you an expandable list of recent connections, which I think is nice, even though I use mRemote to organize my RDP connections.  
6. Performance seems good, the PC boots up pretty fast especially considering it was an upgrade install. 

The official upgrades for my home computers will be available in a few weeks, so I’ll post back later on with more observations.