Windows Tips & Tricks UPDATE--January 3, 2005

Windows Tips & Tricks UPDATE, January 3, 2005, —brought to you by the Windows IT Pro Network and the Windows 2000 FAQ site
http://www.windows2000faq.com

~~~~ Happy New Year! ~~~~

Make sure your copy of Windows Tips & Tricks UPDATE isn't mistakenly blocked by antispam software! Be sure to add [email protected] to your list of allowed senders and contacts.

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Windows Tips & Tricks UPDATE.

Free White Paper: Measuring the ROI of Systems Management Software
http://www.argent.com/w/whitepapers_ema.html?Source=WNT

Protecting Your Company by Managing Your Users' Internet Access
http://www.windowsitpro.com/whitepapers/stbernard/internetaccess/index.cfm?code=0103Tips_S

Sponsor: Free White Paper: Measuring the ROI of Systems Management Software

Argent delivers what a growing number of enterprises need today: flawless management of Windows, UNIX, and application servers; low total cost of ownership; flexible configuration; scalable architecture; modular products; positive ROI; and outstanding customer support. Every enterprise IT department wants value without sacrificing performance, and that describes Argent's value proposition. To read the entire paper, click here:
http://www.argent.com/w/whitepapers_ema.html?Source=WNT

FAQs

Q. Why am I now limited to 10MB email messages after upgrading from Exchange 2000 Server to Exchange Server 2003?
Q. What's the Portqry tool?
Q. Is a graphical front end available for the Portqry tool?
Q. How can I quickly search for shared folders that are published in Active Directory (AD)?
Q. I have Zone Labs' ZoneAlarm firewall installed, and it's reporting a problem with Microsoft Application Error Reporting. What's causing this error?

Commentary
by John Savill, FAQ Editor, [email protected]

This week, I explain how to remove the 10MB default message size on a system that's been upgraded from Exchange 2000 Server to Exchange Server 2003, how to use the Portqry tool, and how to obtain the graphical UI for Portqry. I also tell you how to search for shared folders that are published in Active Directory (AD) and explain the cause of an error that the Zone Labs' ZoneAlarm firewall reports.

Sponsor: Protecting Your Company by Managing Your Users' Internet Access

Free White Paper from St. Bernard Software
Companies pay plenty of attention to hardening their servers and networks but pay little attention to how uncontrolled Internet access from within an organization can represent a significant legal and security risk. For example, users who browse a malicious Web site can become infected with a Trojan or other malware without their knowledge as a result of vulnerabilities in Internet Explorer. Internet filtering technology is a key player in mitigating these threats. This white paper discusses the various methods available for Internet filtering and how to use them to increase security and decrease legal exposure. Download this free white paper now!
http://www.windowsitpro.com/whitepapers/stbernard/internetaccess/index.cfm?code=0103Tips_S

FAQs

Q. Why am I now limited to 10MB email messages after upgrading from Exchange 2000 Server to Exchange Server 2003?

A. Exchange 2003 introduces some default settings that aren't in Exchange 2000, such as a new default maximum sending and receiving message size of 10,240KB. If you've already set a global custom message-size limit in Exchange 2000, this value is maintained after an upgrade to Exchange 2003. However, if you didn't manually set a message-size limit in Exchange 2000, the Exchange 2003 default will take effect, which restricts users to sending and receiving messages of 10MB or less. You can, however, remove the default message size in Exchange 2003, by performing these steps:

Start Exchange System Manager (ESM).
Expand the Exchange organization, then expand Global Settings.
Right-click Message Delivery and select Properties from the displayed context menu.
Select the Default tab.
Select "No Limit" for both the Sending and Receive message sizes.
Click OK.

Instead of removing the message-size limit altogether, you might find it more useful to increase the limit as needed by following the previous steps.

Q. What's the Portqry tool?

A. Portqry is a Microsoft tool that provides information about TCP and UDP ports that are "listening" locally and which process or service is offering IP services on a system. For example, if a server is listening on port 80, this means it's offering a Web (HTTP) service. You can download Portqry at http://www.microsoft.com/downloads/details.aspx?familyid=89811747-c74b-4638-a2d5-ac828bdc6983&displaylang=en. After you download the file, execute it to extract the files that you need to execute the command. The simplest example of how to use Portqry is to specify the -local switch on the command, like this:

portqry -local

Executing this command displays on screen a list of all ports in use on the local system and which process offers the IP service, similar to this sample output:

======================================================

Process ID: 512 (msmsgs.exe)

Process doesn't appear to be a service

PID Port Local IP State Remote IP:Port
512 TCP 1235 192.168.1.101 ESTABLISHED 207.46.106.195:1863
512 UDP 1036 127.0.0.1 *:*

This example shows the Microsoft Messenger (msmsgs.exe) ports that are in use.

You can also use Portqry to check the status of open ports on remote systems. For example, to check the status of the Web port on a system, specify the -n switch and the system's IP address, like this:

portqry -n 192.168.1.1

You'll see messages similar to these:

Querying target system called:

192.168.1.1

Attempting to resolve IP address to a name...

Failed to resolve IP address to name

querying...

TCP port 80 (http service): LISTENING

The last line of the sample output shows that the queried server is offering a Web service. If you want to check the status of a specific port, specify the -e switch and the port to check. The following sample command checks for a listener on port 80 for a remote system that has an IP address of 192.168.1.1.

portqry -n 192.168.1.1 -e 80

To check the status of a range of ports, specify the -r switch and the starting and ending port range. The following sample command checks for all ports between 10 and 100:

portqry -r 10:100

Other utilities are available that work similarly to Portqry and query TCP listeners. However, unlike those tools, Portqry also queries UDP listeners. Portqry actually sends correctly formatted UDP payloads for the most popular UDP-based services, such as Lightweight Directory Access Protocol (LDAP) and DNS. For example, to check for DNS over UDP, you'd run the command

portqry -n  -p udp -e 53

You can find articles about how to use Portqry for troubleshooting Exchange Server and Active Directory (AD) problems at http://support.microsoft.com/?kbid=310298 and http://support.microsoft.com/?kbid=310456.

Q. Is a graphical front end available for the Portqry tool?

A. Microsoft provides a graphical UI for the Portqry tool--Portqryui--which you can download at http://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/portqryui.exe. Portqryui provides command sets for ports to query for, including

Domains and Trusts
IP Security (IPSec)
Networking
SQL Server service
Web service
Exchange Server
NetMeeting
miscellaneous

Like Portqry, Portqryui can be configured to run against the local box (IP address 127.0.0.1, the standard loopback address) or a remote IP address or Fully Qualified Domain Name (FQDN). When you view the output of the Portqryui tool, you'll see the actual commands that portqryui.exe passes to portqry.exe, which the figure at http://www.windowsitpro.com/content/content/44948/portqryui.gif shows. You could write a script that lets you automate these commands.

Q. How can I quickly search for shared folders that are published in Active Directory (AD)?

A. To quickly search AD for published shared folders, you can run the command

rundll32 dsquery,OpenQueryWindow

Executing this command opens the Find dialog box, which provides in the drop-down lists the option to find Shared Folders and where to search. The figure at http://www.windowsitpro.com/content/content/44948/searchsharedfolders.gif shows search results displayed in the Find dialog box. In pre-Windows XP versions, you could access this dialog box fairly easily via Explorer or My Network places. However, accessing the Find dialog box is a little more complicated in XP, so you might want to create a shortcut to the previous Rundll32 command.

Q. I have Zone Labs' ZoneAlarm firewall installed, and it's reporting a problem with Microsoft Application Error Reporting. What's causing this error?

A. This error is a false alarm and occurs because of a problem with the ZoneAlarm database. Microsoft Application Error Reporting is based on the dw.exe executable. ZoneAlarm is confusing this dw.exe with another application named dw.exe (aka DownloadWare) and is actually referring to the DownloadWare software in its error message. It's therefore all right to allow your system to connect to the Internet via the firewall if you get the alarm after an application crash and it refers to "Microsoft Application Error Reporting."

Announcements
(from Windows IT Pro and its partners)

Get a Free Windows IT Pro Digital Subscription at the New Server Consolidation Roadshow

Come and join us for this free event and learn how to increase operational efficiency through a more strategic and holistic approach to server consolidation, management, hardware, applications, security, access, and information. Attend and get a free Windows IT Pro 6-month digital subscription. Plus, you could win an iPod! Sign up today.
http://www.windowsitpro.com/roadshows/serverconsolidation/index.cfm?code=103emailannc

Get David Chernicoff's Essential Guide to Blade Servers

The cost of setting up new servers, provisioning them, and managing their operation is a significant one, and reducing those costs results in quicker ROI and more easily justifiable initial expenses. Find out why Blade server technology is an attractive methodology for addressing these concerns and implementing improvements in your server infrastructure.
http://www.windowsitpro.com/essential/index.cfm?code=103emailannc

Is Your Messaging Infrastructure Ready for Tomorrow's Risks?

In this free Web seminar on February 17, Randy Franklin Smith reveals the new security threats as SPIM, Spyware, Phishing, and Malware evolve and become tools for industrial espionage. You'll learn which kinds of attacks companies are reporting in increased numbers and the commonly held misconceptions about Microsoft security patches. Find out what threats deserve your attention. Register now!
http://www.windowsitpro.com/seminars/securemessaging/index.cfm?code=103emailannc

New eBook! Keeping Your Business Safe from Attack: Passwords and Permission

Master password and permissions basics with our latest free eBook and discover how to prevent most vulnerabilities and exploits with Microsoft's new tools. Firewalls, antivirus software, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS) can all fail--but a strong permissions and authentication defense is priceless. Get the first chapter now!
http://www.windowsitlibrary.com/ebooks/SecurityPermissions/Index.cfm?code=103emailannc

Events Central
(A complete Web and live events directory brought to you by Windows IT Pro: http://www.windowsitpro.com/events )

True High Availability for Microsoft Exchange Web Seminar - February 3

Discover solutions that minimize the likelihood of downtime in your Exchange implementation and help to ensure continuous Exchange application availability. In this free Web seminar, learn how you can ensure high availability through the use of tools that analyze and proactively monitor the health of your entire Exchange environment. Register now!
http://www.windowsitpro.com/seminars/highavailability/index.cfm?code=103emailannc

Comments

Plain text