November 2010

PortQry - Simple Command Line Port Scanner

Monday, November 22, 2010

There are many reasons why you may need to use a port scanner to check if a TCP or UDP port is open. Microsoft has a little known utility called PortQry that allows you to perform basic port scanning from the command line.

You can download PortQry from http://www.microsoft.com/downloads/en/details.aspx?familyid=89811747-c74b-4638-a2d5-ac828bdc6983&displaylang=en

Download the PortQryV2.exe package and run it to extract the PortQry.exe program, EULA and readme file. I typically copy PortQry.exe to my %SystemRoot% folder so I can run it from any directory.

Here are some examples of how to use PortQry from the command line:

portqry -n servername -e 80 - Queries remote computer servername to check if it's listening on TCP port 80 (HTTP).
portqry -n servername -p UDP -o 37,88,135 - Queries the remote computer to check if it's listening on UDP ports 37, 88 and 135.
portqry -n 10.0.0.21 -r 1-1024 - Queries the IP address to determine if it's listening on any of the well-known TCP ports. The output will display each port and whether it's listening or not listening.
portqry -n 10.0.0.21 -r 1:1024 | find ": LISTENING" - Same as above, but only lists open ports.

PortQry can also be run in silent mode using the -q switch. The program exit with a returncode of 0 if listening, 1 if not listening, or 2 if listening or filtered. This is useful for batch file processing.

At the Lync Server 2010 Launch

Monday, November 15, 2010

I'm attending the launch event for Lync Server 2010 at the Microsoft offices in San Francisco this morning.

Microsoft is presenting a virtual launch event November 17 on the Lync Server website.

Don Brooks is here giving a great hands-on demo of the Lync 2010 client with mutliple ad-hoc remote users. Really good demo and is very much like the one that we do for clients at ExtraTeam. The integration of Lync with all things Microsoft has to be seen to be believed. It's just so organic and easy to use.

Several vendors are here showing off their new product, including Jabra, Plantronics, and Audiocodes. There are some really cool phones coming out for Lync - a few of them are already available. The rest will be avaiable very soon. Here are some examples:

Plantronics phones

Jabra phones

Audiocodes gateways

Plantronics Calisto speakerphone

I really like the new Plantronics Calisto (above). It's a slick looking touchscreen speakerphone with a remote microphone on the sidecar shown, which can be used to clip to a presenter.

Jabra has a new omni-directional speakerphone with touchpad control in the ring around the speaker. Very easy to use.

Our company is doing several POCs and full deployments even before the product officially launches. Very exciting! I'm looking forward to attending Lync Ignite here in San Francisco in January.

Transferring Auto-Completion Information to Outlook 2010

Thursday, November 11, 2010

All versions of Outlook since Outlook 2003 have had a feature called Auto-Complete. Auto-Completion "remembers" recipient names and email addresses that you have used before and offers to complete the email address as you type characters. This works within Outlook and OWA 2010.

In Outlook 2003-2007, the Auto-Completion (aka NickName) data is stored in a hidden N2K file. This file is located in the following path:

C:\Users\%username%\AppData\Roaming\Microsoft\Outlook

This can usually be shortened to:

%AppData%\Microsoft\Outlook

Microsoft changed the way Outlook 2010 handles Auto-Completion data so that it supports roaming users. Recipient AutoComplete lists are now stored on the Exchange Server. A user’s recipient AutoCompletion list is now available to any computer on which Outlook 2010 runs that is connected to the same Exchange account.

This article discusses how to migrate the older format N2K file to the new format on a new computer. This is helpful for when a user gets new hardware and wants to maintain their current Auto-Complete data. A good example is when an executive using Outlook 2007 gets a new laptop with Outlook 2010 pre-installed.

Copy the Outlook.nk2 file from the old computer to the following path: C:\Users\%username%\AppData\Roaming\Microsoft\Outlook. This is a hidden folder so it’s easier to unhide the folder. Replace the user name variable with the actual user name.
Go to the Control Panel –Mail -Click Show Profiles and note the name of the user profile. This is usually Outlook
Make sure the User profile name (Outlook) is the same name as the NK2 file e.g. Outlook.nk2 again this is usually the case.
In the start menu search box(Run in XP) type Outlook.exe /importnk2
This should then populate the Outlook 2010 auto completion file with the data contained in the old NK2 file.
Open Outlook and compose a new email, type the first few characters and you should see your old email address auto populate.

Unable to logon to Lync Server Control Panel

Sunday, November 7, 2010

You may recieve an error when logging in to the Lync Server Control Panel for the first time from a computer or even the Lync server itself.

When you launch the Lync Server Control Panel Silverlight application from the Start menu or open https://lyncserver.domain.com/cscp in Internet Explorer, you must enter a username and password for an account that is a member of the CSAdministrator group in Active Directory. You may then receive the following IIS error:

Unauthorized: Authorization failed.
The application cannot verify your credentials.
Verify your logon credentials and contact your support team.

This happens when the https://lyncserver.domain.com/cscp website is not in the computer's Trusted Sites zone. Here's how to fix it:

Launch Internet Explorer
Double-click the Security Options zone information at the bottom of the IE window:

This will open the Internet Security Properties window. Click Trusted Sites and then the Sites button.
Click Add and Close to add the https://lyncserver.domain.com site to the Trusted Sites zone.

Now you will be able to access the Lync Server Control Panel from both Internet Explorer and the Silverlight application on that computer.

Cannot move Lync 2010 user to new pool

Sunday, November 7, 2010

You may find that you are unable to move certain users to a new Lync Server 2010 registrar pool. When you select the user and then choose Move selected users to pool from the Action menu, you enter the Destination Registrar Pool and then receive the error, "Failed while updating the destination pool".

If you select the "Force" check box, you receive a slightly different error, Active Directory operation failed on "dc.domain.com". You cannot retry this operation: "Insufficient access rights to perform the operation

This happens when the user you are trying to move is a member of a Windows Builtin group, such as Domain Admins. When a user is a member of one of the special Windows built-in groups, Windows will automatically remove security inheritance on that user. To complete the move, you must reapply inheritance.

Open Active Directory Users and Computers and locate the user object
Right-click the user and select Properties
Click the Security tab and then the Advanced button
Check the Include inheritable permissions from this object's parent check box

Click OK twice and try moving the user to the new Lync pool again

Be aware that Windows will automatically remove the inheritance setting again within a few minutes as long as the user remains a member of the Windows built-in group.