Fallout 4: My Wishlist

As the rumor mill continues on at full tilt about Fallou 4 I’ve seen many ideas that people have suggested they would like to see in the next Fallout. (As a pint of order, shouldn’t the next Fallout be Fallout 5. I mean there was Fallout 3, then the next one, Fallout:New Vegas, which to me would logically be Fallout 4 and then next one coming up should therefore be Fallout 5. I’m just saying…)

Anyway, a few of the things I would like to see in the next iteration (whatever the number) are as follows:

1) More variety in enemy/monster art. Seriously, why do all raiders and Deathclaws look identical. I know this a minor issue, but after killing hundreds of the same raiders, sometimes I avoid them just because they are boring visually. And to that point…

2) Let random encounters be just that…random. I shouldn’t be able to tell a half mile out if someone is hostile or not. Maybe those people in the distance are just traders that have the bobby pins I am low on. Maybe they are bounty hunters looking for my head on a pike. It’s more fun if I don’t know until the last minute…or until it is too late.

3) Weather. This could have wide ranging effects on the environment and gameplay. Do more critters come out while it is raining? Perhaps I cannot shoot as far or run as fast. In inclement weather Perhaps it even effects my weapon condition or how hard my enemies may pursue me.

4) More in-game weapon and armor mods available. New Vegas was a good foray into weapon mods. Now let me make my sniper rifle into the unholy terror of the wasteland it was meant to be. But on that same note…

5) Permanent wear-and-tear. Sure, you can fix that combat armor and sawed of shotgun, but at some point, there is no more that can be done and it just needs to be scrapped. A continual, irreversible decrease in item condition and effectiveness would bring a sense of realism to the Fallout world.

6) Religious groups, political alignment and karma/reputation system. Why can’t I be a Child of the Atom and a member of the Enclave? And how would the Tops react to me if they feared the Enclave but were dismissive of the Children? I should be able to belong to more than one group and the affiliations of those groups have a cumulative (or subtractive) effect on members of other groups.

7) Location. We’ve done East Coast. We’ve done the desert. How about the Midwest? Or California? (Anyone care to topple the NRC?). Rumor has it the next Fallout may be in Boston, but I don’t think that location is set in stone yet. Some have said Europe might be a good option, and I could see where London or Paris might be a good choice. But it would be hard to explain the presence of super-mutants there.  But the Midwest is a Tabula Rosa.  It’s barely mentioned in Fallout cannon.  Let’s open it up.  On the other hand, we’re familiar with the NCR.  I think it is time they get to know me…

8) Quest, quests, and more quests.  The more the better.  Go crazy and have a ton of quests that it will take forever and a day to complete.  Then add half a dozen more.

Any other ideas?

Apple maps, you suck!

All I wanted to do is go get me some Mongolian Beef extra crispy at PF Chang’s. Was that asking so much? Instead, you put me in the middle of nowhere between a parking garage and a construction site. Then you had the audacity to mock me with “Arrived at PF Chang’s!!!”

I hate you, Apple Maps!

ActivEcho Review

One of the challenges that network admins face these days is the constant fight against the cloud storage system like Dropbox, OneDrive, Google drive, box, etc. These systems are very appealing to end users but are a never-ending source of frustration and a huge security issue for the organization. In addition to being a huge open hole for data to leave the friendly confines of the organization, and in addition to not having adequate password and/or encryption security on the data being removed, the terms of service of these services normally do not align themselves with the best interest of the company.

With that in mind I set off to find a solution that would be a good substitute for Dropbox.

It was almost by mistake that I happened about ActivEcho. I was actually looking for a solution to allow a MobilEcho type interface on Macs and PCs that weren’t on the network. I was asking my sales rep at Acronis about this issue and he suggested ActivEcho.

While not what I was looking for originally, the users and abilities of this software quickly piqued my interest. This piece of software was far and away better than the Dropbox that most of my users were using. Some of the features that made it superior are:

1) Essentially unlimited storage. It is only limited by the size of the storage array I attach to the server.

2) Integrated with Active Directory (and thus enforcing my password security policies on it.)

3) Encrypted file storage

4) The ability to restore precious versions.

5) Logging to see what happened when and by whom.

6) No Terms of service that conflict with proprietary rights.

7) Price based on user base and not storage amount.

8) Data is hosted in house on our servers.

9) Integrates completely with MobilEcho on mobile devices.

ActivEcho has a web interface as well as a PC and Mac client.

Because my network is spread out and connected via expensive MPLS data lines, I prefer not to use them to transfer the data to the ActivEcho server, so I configured my DNS to give the external IP address of the server and the configured the local firewall to redirect that IP address to the correct internal IP address. Another way to do it would be to put the server in a DMZ behind the firewall. So the one downside to the whole solution was the additional internet bandwidth it requires in my configuration. But still it is better than using the expensive MPLS bandwidth.

The user adaptation has been very high and it a great collaboration tool to use with clients and co-workers alike. I highly recommend this software for anyone looking to get our of the Dropbox trap.


VMWare, I have bested you!!!

I recently got a new iMac at work to replace my desktop and clunky, heavy HP Elitebook laptop(which clocks in at a mighty 8.25 pounds).  The idea was to slim down to an iMac and a Macbook Pro and use VMWare Fusion to run the Windows operating system for the items I could not do with the iMac.

Everything started off great.  I began by installing Microsoft Office for Mac 2011 (which is pretty great) and then a few other nifty little programs I cannot live without on my Mac (Dropbox, LastPass, XMarks, KeePassX, Jump Desktop, and Evernote) and then downloaded and installed VMWare Fusion 5.

Pretty sure I was on my way doing a migration from my clunky 32-bit Windows 7 machine to the new Mac.  I kicked it off and went home.  The next morning, the migration was complete and I fired up the VM with no issues. Yes!  One down, two (or three) to go.migration

The next one was an already existing VM for Windows XP, and that was simply moving the VM from an old machine to the iMac.  About an hour later that was finished (And the was moving from VMWare workstation 7 to VMWare Fusion 5.)

So then it came time to do my main PC: An HP Elitebook 8540w with 8 GB of RAM and 4 CPUs.  As I had great success with the Migration Assistant in Fusion 5, I would give that a shot.  I kicked it off and let it run its nine (ugh) hours.  Sadly, nine hours passed and I got the “migration failed” message.

I tried again (thinking perhaps it was a transient error and got the same result.

So it was time to try the Standalone converter.  I uninstalled the PC Migration agent and installed the new version of VMWare Standalone Converter.  I had a pretty good feeling about this as I had run this converter before and it worked very well.  So I attached an external hard drive to the machine and kicked of the conversion.  It got to 98% and failed.

So I uninstalled the Migration Agent, the Standalone converter, and my AV and firewall, then reinstalled the latest Standalone Converter agent and tried again.  It failed again at 98%.  It was time to call VMWare.

I called and spoke with a person that seemed to want to help at first, but wasn’t real committed to the process.  He remoted into the machine and kicked HDSourceoff another migration, this time setting the processors to 1, the memory to 2 GB, disabling all NIC cards and setting the hard drive pro “preserve source.”

I told him it would take a few hours and I would email him when it was finished.  Naturally it failed again (at the now incredibly frustration 98%) and I emailed him the results and asked him to call me.

The next day he called me (he when home sick apparently) and remoted in to see the results screen.  He asked around a spoke to a few other techs there and they were all in agreement that this issue was unresolvable and nothing further could be done with this PC or to assist me in getting this converted.

I didn’t like this answer.

I thanked him, hung up the phone, opened a web browser and started doing some investigating.  Certainly I couldn’t be the only person with this issue, right?  The frustrating part of this is that I had done a Standalone migration on this PC before and it worked fine.

I took another look at the error that it generated.  The warning before it failed said “Warning: Unable to update the BCD on the destination machine’s system volume” followed by the Error “An error occured during reconfiguration.”  The final status of the job was “FAILFailureErrorVMED: Unable to find the system volume, reconfiguration is not possible.”

So I started my search on the VMWare website and came up with a document that explained how to use BDCEdit to modify the the boot configuration data to allow the Standalone converter to proceed.  It seems there was a 100 MB “system reserve” partition that was defining itself a C: and where my data was as D:. I booted up with the Windows 7 install disc and proceeded as instructed, and retried the migration.  Again, failure.  I went back using the command prompt in the recovery console and BCDEdit shows that the settings had reverted to what they were originally.   I changed them once again and rebooted.  On a hunch I decided to go back in and, once again, the settings had revered to their original settings.  So regardless of how many times I tried this BCDEidt, as long as that system reserve partition existed, the issue would persist.

And this is where it gets a little scary.  I knew I needed to get rid of that system reserve partition, but I also need to make sure I could get back into it if the VM Migration didn’t work.

So I proceeded to make a clone of the original disk.  I used a Apricorn Sata data cable and EZGig data transfer software to make a duplicate of my original drive on a spare laptop HD that I had laying around.  The cloning took about two and half hours but once finished I had a duplicate I could safely play with and not jeopardize the original.

I found a good article on sevenforums.com on how to go about removing the system reserve partition and then another on running the startup repair to restore the boot.ini and such to allow the computer to once again boot.  I ran through the startup repair twice and on the third boot attempt I saw the happy windows screen jump to life prompting me to give it a ctrl+alt+del.

Once in I initiated the Standalone conversion.  After two hours this time, however, I was met with a much-longed for green “Success!” prompt.

I copied the VDMK over to my iMac, imported it in the Fusion and, ta-da, it worked like a charm.

And the techs at VMware said it couldn’t be done…pashaw!

They just weren’t motivated enough.  🙂

Syria: Fools rush in where angels fear to tread.

Once again the United States is poised to take military action in the middle east. The quick rush to a conclusion before the evidence has been gathered and analyzed by the Obama administation is troubling on many levels. Not the least of which is that we really have no idea, based on media reports, who actually used the chemical weapons. But the gears of the United States war machine are in motion. And as we saw in 2003, once in motion they are hard to stop. I fear the Obama administration is about to make a terrible mistake.

I certainly don’t want to see the Syrian people terrorized by chemical weapons…or any weapons for that matter. But before we let slip the dogs of war, we best make sure they unleashed at the coreect people for the correct reason.

I pray that cooler head will prevail in Washington over the next few days and that the cool, thoughtful, idealist President that was elected five years ago will show up.

Barracuda Spam Filter Out Queue Issue

I recently implemented a Barracuda Spam and Virus Firewall 300 at a business. The configuration was easy enough as they had an Exchange 2010 environment. Having a similar live system at my own company made it even easier as I could just walk through it tab by tab and essentially duplicate the settings I had on my existing system.


The implementation from out of the box to installed and filtering took about three hours. Everything looked great. Or so I thought…


As usual with these type of things, the unexpected always rears it’s ugly head. This time it was several days after initial implementation. People we complaining about two things: 1) their quarantined mail didn’t have nearly as many items in it as their old system (Postini by Google) and 2) some emails were taking up to eight hours to be delivered.


This first issue they raised was a simple explanation: the Barracuda simply was filtering them out rather than quarantining them. I asked them if they wanted me to dial back the filtering to have it put more in the quarantine rather than outright blocking it. “No, no…” they said “we hated all those emails in there. We just didn’t know where they went.”


The second issue was a bit trickier. I started looking at the logs and the queues and the Advanced Queue management and sure enough some emails would be queued for delivery but would never make that last jump over to the Exchange server.


Now this Exchange server is nothing special, but it is probably overkill for this company’s purposes. It is on a HP Proliant DL380 Gen 5 with 16 GB or RAM and dual processors. Not a monster, but with only ten users, more than enough horsepower to suffice.


I contacted Barracuda support and they told me that the spam filter was having issues connecting to the Exchange server and at times it looked like it wasn’t even getting an SMTP connection.


I proceeded to go about applying all software updates and firmware patches on as well as the latest device drivers. No dice. Still had the issue.


They I replaced the NIC cards, the switch and the cables going from the server to the switch and the Barracuda to the switch. Still nothing.


At this point, I talked to Barracuda again and told them that I had pretty much replaced everything I could from a network standpoint, but I was not convinced that it wasn’t an issue with the Barracuda Unit. They shipped me another one and I had it the next day. Applied some firmware updates on the new unit, transferred the configuration and….nothing. Same problem.


So back to the drawing board I went. I started to do research the SMTP connector on Exchange 2010. After a few hours of searching, I hit pay dirt. I opened the Exchange Management Shell (EMS) and typed the following:

Get-ReceiveConnector -Identity “Default <Servername>” | fl

It then proceeded to list several key pieces of information. The based on the research I did, I changed the following settings:

Set-ReceiveConnector -Identity “Default <Servername>” -ConnectionTimeout 00:10:00

Set-ReceiveConnector -Identity “Default <Servername>” -ConnectionInactivityTimeout 00:10:00

Set-ReceiveConnector -Identity “Default <Servername>” -Banner “220 SMTP OK”

These ccould actually be combined to the following:

Set-ReceiveConnector -Identity “Default <Servername>” -ConnectionTimeout 00:10:00 -ConnectionInactivityTimeout 00:10:00 -Banner “220 SMTP OK”

So I applied these settings and went back to my Barracuda and checked the queue….and I waited.


And waited.


And waited.


And nothing happened. The mail sailed right through just like it should. Problem solved.


Hopefully someone else will find this information useful and won’t have to jump through all the hoops I did.

Hacking a Samsung LCD TV

I have a 46″ Samsung monitor on my wall (Model UN46C5000) that I use to display the output of some Network Monitoring software we use (Passler, btw.)  This monitor is attached to a Mac Mini via the HDMI port.

The one fly in the ointment has always been turning the darn thing on every morning.  I know it may seem trivial, but usually the mornings are the busiest time of day of me in IT and sometimes that computer just doesn’t get turned on.  And I am kind of opposed to just leaving it on and wasting energy.

Now Macs are grsamsungeat at starting themselves up and shutting themselves off, and my Samsung TV has the same capabilities.  However it can only turn on and off the the TV input or a USB input, not the HDMI input (which seems pointless to me, but whatever.)

So I turn to my old friend Google.  I found a forum on CNET where people were complaining about this exact same issue.  A few pages down someone had found a hack that worked around the issue (which the Samsung Rep that was posting to the forum failed to tell anyone which I find both deceitful and troubling.)

Apparantly there is a thing called “Hotel Mode.”  Like all good hacks, this one has some very dangerous setting that can mess your TV up pretty bad, so use with caution.  Also please not that this also has the effect of clearing any of the settings you already had setup (like color settings, timers, time, etc.) Anyway, apparantly on many Samsung TV models, to get into this Hotel Mode, what you do is turn the television off and then press the mute button followed by the numbers 1, 8, and 2  (in that order) and then power on the television again.  When the television comes back on there will be a service menu there with all kinds of crazy cool stuff.  Digging through the menus you’ll want to turn the Hotel Mode to “on” and the Power On Source to “HDMI/DVI”.  Once finished, power cycle your television again.

Once that is finished, go in and setup your timers but ignore the source, antenna, and channel settings.  They no longer do anything.  😉

And that’s about it.  I have tested it a few times now and it seems to work great.  Good luck and have fun!

System Restore Fun!!!

We have had an on-going issue on our network for some time that I finally resolved.  Our network is a Windows 2008 domain environment using (obviously) AD and employing GPOs to enforce quite a few policies.  Most of the client machines are Windows 7 with a few remaining XP machines in place just for a little variety.

The issue we have had is that end-users were not able to manually able to create restore points.  When a user tried to create one manually, they would get the following error:

The restore point could not be created for the following reason:

Not all privileges or groups referenced are assigned to the caller. (0x80070514)

Please try again.

If the PC was removed from the domain, manual restore points could once again be created.  So the source of the problem appeared to be a GPO.  However a check of the GPO System restore settings were set to the default “not configured” (meaning that System restore was enabled.  The GPO allows the System restore to be UI and SR configuration to be disabled, but the alternative to allow System Restore to function is simply to set these settings to “not configured”.)

A check of the registry on effected machines showed nothing unusual either.  GPOs and Registry seemed to check out.

So back to the message.  The phrase Not all privileges or groups referenced” piqued my curiosity.  I decided to look at the GPO and focus on the local security policy.  There, in User Rights Assignments I saw one that was interesting: “Back Up Files and Directories”.  This setting was set to domain admins.  I added domain users to this privilege and rebooted.

Ta-da!  Once again users we able to manually create restore points.

GPO, Deny local Logon, and end users….

Today I got a bit of a shock while trying to do some troubleshooting on a new server.  I could not access the resource monitor to see what was causing some odd interface delays.  Finally I looked and the server was logged on by one of my domain users.  This is very interesting as I have domain users blocked from logging into my servers locally.

(As an FYI, I accomplished this by having a separate GPO for servers and domain controllers.  Then I edit the GPO and under Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment I define the “Deny log on locally” policy and add the user group I want to block (in my case, Domain Users) to that group.)

Anyway, it seems that I added the server to the domain and left for lunch.  Then, in what must have been the minute after I left, this end user went into the server room (which doesn’t have any physically security because we are just moving in to a new building) and logged into the server.  The oddity here is that I must have added it to the domain and not rebooted.  Then this guy came in and logged me off and him on and went about doing his business (he wanted to show someone the security cameras which is extra humorous as the security cameras aren’t even on any of the network servers) and then walked away.

So I returned from lunch and nothing seemed to be working quite right.  Everything seemed sluggish and I couldn’t do a Resource Monitor (it said I didn’t have permission…) and things just seemed off.  But then I had to leave and return back to the main office.  I touched on it again on Friday but couldn’t seem to find a cause.  But finally today I figured it out when I saw the end user’s name on the start menu.  I called him and asked him if he logged into a server.  “No.  Not me” he said.  I gave him some more detail like the specific time and date and suddenly his memory was restored.  I told him he wasn’t allowed in the server room at all much less touch the servers.  “But the door was open” he claimed.  A moot point, I said, since none of the doors in the entire office had been put on yet.  That didn’t give him a right to touch it.

So here I am, checking and rechecking everything to see if he did any damage or anything nefarious.

Ugh…end users….

Repost of “My Wife is a Teacher”

I do not take credit for this.  I am mearly reposting an email that I received.  Although I agree witht he sentiments and thoughts expressed here, all credit it due to Mr. Vic DeSantis.


My Wife is a Teacher 
By: Vic DeSantis

I am a guy who lives for summers. I wasn’t always like this but I’m pretty sure I can pinpoint the exact time in my life where the months of June, July, and August became such an integral part of my happiness.

You might be inclined to deduce that my yearning for these warmer times is related to a sports season or a passion for outdoor activities; perhaps even slower times at work. In some regards you might be correct but not exactly for the any one of the three multiple choice answers provided. 

You see, my wife is a teacher.

When I met my wife she was not a teacher – she was a student. When we married she was finishing her degree and starting out on her own professional career. To say that I knew nothing about the educational system at that point would be an enormous understatement. In the nearly 20 years that followed I have learned everything that a parent, student, citizen, and spouse should know about the challenges that every teacher faces. Armed with those insights it is difficult to reconcile the carefully framed messages of politicians and privatized education proponents with the realities of life in the classroom.

My wife is a teacher. I’ve never once, in the history of our life together, seen her trading derivatives, speculate in real estate, engage in subprime lending practices, or make exorbitant demands on her employer for an outrageous salary. It is perplexing to me that over the past few years she and her colleagues have, at least in the eyes of many, become public enemy number one. I suspect that a good portion of this misguided angst is directly related to the economic environment; something that she had absolutely no part in creating. Is she without fault? Absolutely not. I have over the years thought that she would have been much better off taking her well-earned college degree and her intelligence into the private sector and guiltlessly accumulated as much wealth and material possessions as possible. Sometimes you just can’t talk sense into these folks.

My wife is a teacher. Instead of making money she decided to make a difference. 

My wife is a teacher. For nearly 2 years she worked diligently to achieve the prestigious designation as a nationally board certified teacher – a designation that came with a small annual bonus. After meeting her end of the bargain, the state pulled the funding.

My wife is a teacher. She has worked for a decade and a half for far less money than her counterparts who are not public employees. She did this satisfied with the proposition that the pay was steady, a small retirement income certain, and the intangible satisfaction of steering the lives of children.

My wife is a teacher. Her income is now in decline. As a reward for her faithful years of service our state has decided that she should give back 3% of her salary towards her retirement. After all they say “this is what folks in the private sector do.” Tack-on another 2% reduction for the expired payroll tax holiday and the hits just keep on coming.

My wife is a teacher. Despite continuous assaults on her take-home pay, she shells out thousands of her own dollars for classroom supplies. She is impervious to the yearly barrage of administrative mandates established by politicians and so-called “educational experts” – she soldiers on.

My wife is a teacher. She is reviled by certain segments of our society who labor under the belief that she is underworked and overpaid. One would think that after fifteen plus years in a professional where a four-year college degree is a minimum entry requirement that most would not begrudge her a $40,000 a year salary. And for those less inclined to the truth, her salary is adjusted to smaller twice-a-month paychecks to cover the summer months when school is not in session.

My wife is a teacher. She is tasked with the enormous responsibility for the care and safety of your children. I’ll dispense with the lengthy analysis on this topic. Two words suffice – Newtown and Oklahoma. Someone please let me know the next time Lebron James throws his body between a child and the working end of an assault rifle and I will hold professional athletes in the same reverence I do teachers.

My wife is a teacher. For nine months of every year our family lives in the metronomic cycle of early morning wake-ups and late evening lesson-planning. We revel in the plethora of candies and candles, gift-cards and gadgets that herald the arrival of the “Christmas Break,” and I observe with interest the emotion that a hand-written note from a 1st grader can bring at the end of a school year.

My wife is a teacher. From August to May she had dedicated herself to the interests of her kids and her school. She has prepared and toiled, laughed and cried – and shared one hundred stories about the amazing kids that walk through her door each morning. She has left me wondering in awe how she does so much with – and for – so little. 

It is the summer now – my happy time comprised of the few short weeks that I do not have to share her. My wife is a teacher – she is also my hero. I promise to return her in August.