Posted on

Quick Fix If Primary Domain Relationship Fails in Windows 7

OK! So you go to your Windows 7 machine and find that there is a problem which requires you to select the Repair option. After the usual wait, it reboots and presents the login screen after your three finger salute. You attempt to log on when you are presented with the message:

Trust Relationship Between This Workstation And The Primary Domain Failed

A possible cause of this problem is that Windows computers change their internal password every 30 days, and if you have had cause to roll back to a restore point before the last password change, then the local password and the domain password do not match. In this event the computer must re-join the domain. If you not a domain Administrator then you should contact your domain administrator to have the computer’s domain account re-created or re-enabled, as appropriate.

If you are a domain admin and there is a local account on the computer that you can use (it does not have to be an administrator), then there is a quick fix:

  • Log on to the local account
  • Right click on Computer and click Properties
  • Click on Change Settings, next to Computer name
  • Click on Change next to rename the computer or change its domain or workgroup
  • At the Computer Name/Domain Changes dialogue, check the Workgroup radio button and enter anything into the Workgroup textbox
  • Acknowledge the warning about rebooting
  • When back at the Computer Name/Domain Changes dialogue, check the Domain radio button and enter the domain short-name.
  • When prompted enter the domain credentials, then OK your way back to the System Properties page at which point you will be given the opportunity to reboot.
  • After rebooting enter the normal domain name which you would normally use, and Bingo! You are back in business.

There is a Microsoft Support article which refers to a slightly different way to generate this error message, which can be found under Article ID: 976494 – Error 1789 when you use the LookupAccountName function on a computer that is running Windows 7 or Windows Server 2008 R2. If the quick fix does not work for you, you can check out the article by clicking here

Hopefully the repair fixed your problem and as you are back in the domain, you will not see the message “Trust Relationship Between This Workstation And The Primary Domain Failed” for a while

Posted on

Add a Mac Mini Server to your network

Have you ever considered adding a Mac server to your gadget collection, but were afraid of the hassle? Does your Mac work group need a server to share essential resources like your media library, without cluttering up your individual machines? Have you ever wondered if you could set up a Mac server to control your Mac work stations?

Well the answer may be to get yourself a Mac Mini, preloaded with Snow Leopard Server. You can buy one of these little dynamite machines for less than £900 including VAT in UK, or $950 US, and be up and running in less than an hour. The standard Apple Mac Mini Server comes with a 2.66GHz Intel Core 2 Duo processor, 4 GB RAM, and two 500 GB Hard drives as standard, with a Geforce 320M graphics adapter, and of course Snow Leopard Server 2 installed.

Be warned, however, that this machine does not include an optical drive, as does it’s client cousin, or a keyboard or mouse, and you will need your own display. It does have two graphics ports, a HDMI port, with an included HDMI to DVI conversion lead. It also includes Wi-Fi wireless networking (based on 802.11n specification; 802.11a/b/g compatible), Gigabit Ethernet wired networking (10/100/1000BASE-T), Bluetooth 2.1 + EDR (Enhanced Data Rate) for connecting with peripherals such as keyboards, mice and cell phones, and four USB 2.0 ports and a FireWire 800 port. Not bad in such a tiny form factor!

If you want to use a VGA display you can buy an optional adapter Mini DisplayPort to VGA adapter, which allows you run up to 2560-by-1600 resolution. Please note that the Mac Mini Server has a Mini DisplayPort, not a Mini DVI port, so you need an Apple MB572Z/A Mini Display Port to VGA Adapter cable, or equivalent. See the link below for a suitable product, or contact Apple.

The setup is quite simple, with a Mac quality Assistant to guide you through the process. One note of caution is offered here; if the server you are setting up will serve as an Open Directory Master and DNS server, you should not set up a new Open Directory domain until you have read and understand the implications. One of the pitfalls of simply walking through Mac OS X Server’s automatic Server Assistant tool, is that the Assistant offers you the option of setting up a new Open Directory domain. This can cause problems if the server you are setting up will serve as an Open Directory Master and DNS server. See Understanding Mac OS X Open Directory later for more information.

Another thing to be aware of of if you are a hands on person and just want to get going. Make sure you have the server software serial number cards that are essential during the setup process! That is one of the first things the Server Assistant requires, and if you have thrown away the packaging in your enthusiasm to get going, you will have a problem. Not that anyone we know would have done that, you understand!

In use, the Mac Mini Server runs cooler that the client version with its built in internal optical drive. Is seems that the internal optical drive generate most of the heat in a Mini, while the disk drives generate very little, which contributes to the heat savings claimed by Apple. As a benchmark, a Mini with Snow Leopard Server should handle a work-group or small business of 25 users with a bit of room to spare.

For the corporately minded, who like the server bolted into a 19″ rack, there is even a nifty little attachment you can buy, which allows two Mac Mini Servers to be secure in a 1U rack mounted enclosure. Neat!

Further reading about Mac OS X server:

Posted on

How to Use Remote Desktop on an iMac

Have you ever wanted to access something on your iMac without going back to your desk? Wouldn’t it be cool to remotely access you iMac and check on your email without even being there? Did you know that Mac OS X comes with Remote Desktop software included, which allows you to connect to your iMac from another machine?

To set this up and try it out for yourself, follow the following sequence on the target Mac:

  • Go into System Preferences
  • Select Sharing
  • Check Remote Management
  • Note down the the IP address of the Mac, you will need this later
  • Click on Computer Settings
  • Check VNC viewers may control screen with password,
  • Enter a suitable password and the click OK

Your Mac is is now ready to receive input from another machine on the network. Now go to the machine you want to use to control your Mac and install a VNC client such as Chicken of the VNC, (for a Mac) or TightVNC (for Windows).

Using Chicken of the VNC

  • Open Chicken of the VNC and at the VNC Login screen check if the target Mac is listed. If not, click on New Server, and enter the IP address you noted earlier and the password, and click Connect. If the Mac is listed, select it and enter the password, then click Connect.

Using TightVNC for Windows

  • Open TightVNC Viewer (for a default Windows installation this will be under Start, All Programs, in the TightVNC folder)
  • In the New TightVNC Connection enter the IP address you noted earlier and Click Connect.
  • At the Standard VNC Authentication dialogue enter the password and click OK

Remember if you want to make a remote connection though a firewall, you will need to set up Port Forwarding, and point port 5900 to the IP address of your machine. You can do this by logging into the router with the administrator name and password.

You can now access your Mac OS X machine across the network as if you were sitting at it. Enjoy!

If you are interested in using your desktop Mac remotely, the links below may be usefull:

Posted on

Microsoft Floors The Coreflood Botnet

With headlines like “More Than 2 Million Computers Infected with Keylogging Software as Part of Massive Fraud Scheme”, the U.S. Department of Justice (DoJ) and Federal Bureau of Investigation announced the filing of a civil complaint, the execution of criminal seizure warrants, and the issuance of a temporary restraining order as part of the most complete and comprehensive enforcement action ever taken by U.S authorities to disable an international botnet.

The U.S. Attorney’s Office for the District of Connecticut has filed a civil complaint against 13 “John Doe” defendants, alleging that the defendants engaged in wire fraud, bank fraud and illegal interception of electronic communications.

The Coreflood botnet is a particularly harmful type of malicious software that records keystrokes and private communications on a computer. Once a computer is infected with Coreflood, it can be controlled remotely from another computer, known as a command and control (C & C) server.

Interestingly, the US Government also obtained a temporary restraining order (TRO), granting authorization to respond to signals sent from infected computers in the United States in order to stop the Coreflood software from running, thereby preventing further harm to hundreds of thousands of unsuspecting users of infected computers.

Essentially the DoJ was allowed to impersonate the commanding servers and send a Stop command to the botnet agents that were tethered to the 5 illegal computers, known as a command and control (C&C or CnC) servers. This is believed to be a precedent, and opens the door for more active countermeasures against these criminal money-making machine networks.

Following on from the earlier successes against the Rustock botnet in March, and the Waledac botnet in February, this action takes the war against these cyber crimanls a stage further.

Other links on the subject:

Posted on

Microsoft Claims Rustock Botnet Takedown

Have you missed your daily dose of spam emails advertising everything from Viagra to fake pharmaceuticals and watches this week? According to a link spotted on eWeek, Microsoft is claiming responsibility for the takedown of the massive Rustock botnet, which stopped sending out spam midmorning on 16 March 2011.

This operation, known as Operation B107, is the second high-profile takedown in Microsoft’s joint effort between Microsoft Digital Crimes Unit (DCU), Microsoft Malware Protection Center and Trustworthy Computing – known as Project MARS (Microsoft Active Response for Security) – to disrupt botnets and begin to undo the damage the botnets have caused.

The previous operation against the Waledac botnet (B49) followed a judgement by the US District Court of Eastern Virginia, that upheld a recommendation to grant Microsoft’s motion for the transfer of the domains behind the Waledac botnet to Microsoft.

The Rustock Botnet is estimated to have infected up to 1.7 million computers worldwide, and up to the end of 2010 may have been responsible for almost 50% of the spam sent worldwide. At times Rustock was capable of sending 30 billion spam e-mails per day.

The Rustock Botnet was identified as being more complicated than the Waledac botnet, using hard coded IP addresses rather than domain names, and peer-to peer command and control servers. To combat this Microsoft obtained a court order allowing them to work with the U.S. Marshals Service to physically capture evidence onsite and, in some cases, take the affected servers from hosting providers for analysis.

The amount of computers which can be linked in a botnet is mind boggling, and because the bots are so versatile their use is limited only be the imagination of their controller, or bot-herder.

In order to combat botnets, Microsoft encourage every computer owner to make sure their machine isn’t doing a criminal’s dirty work. If you believe your computer may be infected by Rustock or other type of malware, we encourage you to visit support.microsoft.com/botnets for free information and resources to clean your computer.

Further links and resources

Finally, for everyone who likes comics, check out the Microsoft comic strip Terrifying Tales of Digital Delivery

Posted on

Microsoft launches Internet Explorer 9

Microsoft has launched the finished version of its Internet Explorer 9 web browser, and at the same time started a campagn to rid the world of the dreaded IE6. The site called The Internet Explorer 6 Countdown, appears to be set on moving the world off Internet Explorer 6 – and about time too!

However, the joy at the launch of IE9 may not be ubiquitous; While Windows Vista or Windows 7 users can now download the full release version of IE9, XP users and Mac OS X or Linux users are not so fortunate. There are plenty of other browsers of course, including Firefox, Chrome, Safari, Opera, and many others to chose from, so there are plenty of alternatives to IE6.

Meanwhile on another front, a Downing Street petition is calling for the UK government to drop IE6 and move to a more modern browser. The petition highlights IE6 security flaws and uses outdated technology, creating a burden for developers. The petition comes as the Department of Health advised the NHS to move away from the old browser. How long will it be before other government departments catch on and realize that it is time to ditch the bad egg, which is well past it’s use by date.

If you are running Windows Vista or Windows 7, you can click here to download IE9

For a more critical view of the new browser from the Microsoft stable, read Five Reasons not to “Upgrade” to Windows’ Internet Explorer 9

Posted on

Google Changes its Ranking Algorithm.

Just when you think you have worked out how to optimize your website to get the best ranking for you site for your favorite search terms, Google goes and changes the ranking algorithm! In a move intended to counter criticism for allowing content farm sites to rank above high-quality sites Google has anounced a change to its search engine to demotes ‘low-quality’ websites. Apparently the change will affect about 12% of Google search queries in the US.

According to an announcement on the official Google Blog, this update does not rely on the feedback received from the Personal Blocklist Chrome extension, which was launched a few weeks ago. The post by Amit Singhal, Google Fellow, and Matt Cutts, Principal Engineer notes that “If you take the top several dozen or so most-blocked domains from the Chrome extension, then this algorithmic change addresses 84% of them, which is strong independent confirmation of the user benefits.”

At the moment it is impossible to speculate how any of the changes made by Google will impact on any online business in the long term, but we will keep our finger on the pulse, and let you know what we find.

If you want to read the official Google Blog announcement click here

Posted on

Microsoft Takes Down The Waledac Botnet

In a post on the Official Microsoft blog, entitled Cracking Down on Botnets, Microsoft announced the takedown of the Waledac botnet, one of the 10 largest botnets in the United States and a major distributor of spam globally. Microsoft achieved this after a federal judge granted a temporary restraining order cutting off 277 Internet domains believed to be run by criminals.

In a complaint filed in the Eastern District of Virginia on the 22 February against John Does 1-27 et al, Microsoft alleged that the “Doe defendants have undertaken the forgoing acts with the knowledge that such acts would cause harm through the .com domains located in Virginia and through user computers located in Verginia, therby injuring Microsoft, its customers and others both in Virginia and elsewhere in the United States”. This argues that the Virginia Court has jurisdiction over the case regardless where the perpetrator reside.

The takedown of the Waledac botnet, or Operation B49 as it was known internally in Microsoft, was the result of months of investigation. The Waledac botnet is believed to have had the capacity to send over 1.5 billion spam emails per day. From Microsoft’s analysis, between 3-21 December 2009, approximately 651 million spam emails attributable to Waledac were directed to Hotmail accounts alone.

This legal and industry operation against Waledac is the first of its kind, but hopefully it won’t be the last. Microsoft has acted with experts from the international security communication to combat this menace to computer users everywhere. However, taking down the botnet is not the end of the story.

Thousands of computers are still infected with the Waledac computer worm, a self-replicating malware computer program. Although the zombies are now largely out of the bot-herders’ control, they are still infected with the original malware. Microsoft advise users people running Windows machines to visit the Microsoft Security Web site, where they can find Microsoft’s Malicious Software Removal Tool, which removes Waledac.

Links and resources relating to Microsoft Takes Down The Waledac Botnet:

Posted on

Happy 10th Birthday to Wikipedia

According to popular culture, and Wikipedia, it is ten years today since Jimmy Wales and Larry Sanger set up a wiki to help with a problem they were having with their current project, an online encyclopedia called Nupedia. Today the Wikipedia site has become one of the best sources of information on the Internet, and often tops the list of sites returned in the Google search results.

On the 9th September 2007 the English version of Wikipedia passed the two million-article mark which makes it the largest encyclopedia ever assembled. Nupedia servers were taken down permanently in 2003, and its text was incorporated into Wikipedia.

Invented in the mid-90s by Ward Cunningham, a wiki is social media at its most radical. It is built on the basic assumption that people care, and so edit the pages they care about. You don’t need permission to add, alter, or delete text, and when you are done, you don’t need permission to publish.

Wikipedia was formally launched on January 15, 2001, as a single English-language edition at www.wikipedia.com. Ten years later it has become the largest encyclopedia ever assembled and the most popular general reference work on the Internet. Happy 10th Birthday Wikipedia!

If you havent yet visited Wikipedia check it out now at en.wikipedia.org/

Posted on

Important WordPress Security Update Announced

In a direct email from Matt Mullenweg via the WordPress.org announcement list, news has reached our ears about an important WordPress Security Update, WordPress version 3.0.4.

Apparently, they have fixed a critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible.

We have already been busy updating dozens of WordPress sites we support, mostly without incident. We recommend you back up your site before upgrading, but upgrade soon.

We would like to wish all our readers, supporters and colleagues a merry Christmas break and a Happy New Year. Blog On!