Thursday, October 06, 2016

Network Stack Reset - Access Denied

A number of times I have seen network stack corruption on a Windows desktop and when trying to reset the stack, an "access denied" error message is given and the stack reset fails.

Here's how to fix this.

  1. Run RegEdit and provide approval/authentication at the UAC prompt.
  2. Navigate to HKLM\SYSTEM\CurrentControlSet\Control\NSI\{eb004a00-9b1a-11d4-9123-0050047759bc}\26
  3. Right click on the "26" key and choose "Permissions"
  4. Click on "Everyone" and then "Full Control" under "Allow", Apply, OK and exit from RegEdit
  5. In an elevated command prompt, type "netsh int ip reset"
  6. Check that all steps reset successfully
  7. Reboot and all will be good with the world(1)

(1) Well, with this teensy little part of it at least...


The Outspoken Wookie

Friday, April 22, 2016

Microsoft Action Pack Subscription Promo Codes

Does anyone need to renew their MAPS (Microsoft Action Pack Subscription)? If so, when you go to pay, use the Promo Code "WELCOME2ACTIONPACK" for a 50% discount and then once you have entered this one, enter "GROWYOURBIZWITHMAPS" for a further 50% discount - that brought it from $490 ex tax down to $134.20 inc tax! :)


The Outspoken Wookie

Thursday, March 03, 2016

Mar 2016 Update to .NET Redistributables

I have just updated my post with links to the latest redistributables for dotNET 4.6 and 4.6.1.  :)


The Outspoken Wookie

Thursday, August 20, 2015

Accessing O365 Shared Mailboxes With Android

Microsoft's official position is that you cannot access Shared Mailboxes in an Office 365 tenancy from an Android device.  Here's how to do it by configuring a new IMAP account with the following settings:

Incoming Settings
1. Email Address =
2. Username =\SharedMailbox
3. Password = Password
4. IMAP Server =
5. Security Type = SSL
6. Port = 993
7. IMAP path prefix = Optional

Outgoing Settings
1. SMTP Server =
2. Security Type = TLS
3. Port = 587
4. Require Sign In = Yes
5. Username =
6. Password = Password

You should be able to have this work also on iOS and Android (and maybe even Mac OSX) devices by setting an account up in a similar fashion.


The Outspoken Wookie

Wednesday, January 14, 2015

Windows 7 Reaches Its First EOL Step

Windows 7, the operating system that Microsoft simply can't kill off, has reached the first major step in its End Of Life cycle - the end of mainstream support was yesterday (13 Jan, 2015).  As can be seen on Microsoft's Product Support Lifecycle page for Windows 7, this date has now been reached and we're now in the Extended Support phase.  This is just like when Voyager 1 passed out of our Solar System in August 2012 and into interstellar space.

What this means is that the product will now only receive security updates - no non-security updates will be made available for Windows 7 based products (unless you have a Premier Support Agreement for Windows 7 Enterprise, which I can guarantee no small business has).  This is not a nail in the coffin of Windows 7, but it does mean that the product is entering its final years of functionality.  Paid support is still available for Windows 7 on a per-incident basis.

On the 14th of January, 2020 we'll have another milestone - the last day of extended (security update) support.  That will be the last nail in the coffin of Windows 7 - this is what happened to Windows XP back on 8th April, 2014.

So, right now there's nothing to worry about if you're still running Windows 7 on your computers - currently computer manufacturers are still allowed to supply computers with Windows 7 pre-installed if the manufacturer still has old stock of Windows 7 licenses.  But with Windows 8 and also Windows 8.1 already out and Windows 10 on the horizon, it may be time to think about the steps needed to move up to the current/next version of Windows.


The Outspoken Wookie

Outright theft and plagiarism

It was brought to my attention yesterday that the author (sic) Pomiraja from the site was plagiarising my blog posts.  I'd like to thank the anonymous person who brought this to my attention.

AskMeBoy have so far, through Pomiraja's plagiarism, republished 26 of my blog posts (as of right now) as Pomiraja's own work without giving any credit to me.  To see exactly how stupid this plagiarist is, they have even left my signature on all of the posts they have stolen!

If you would like to see a list of the plagiarised posts, have a look at or the screen captures I took below - as I said, there are 26 at this point in time.  I don't know if this will encourage the owners of the website to axe Pomiraja for this plagiarism, axe the stolen and mis-credited posts, or have the site publish a written apology.  Their contact page is broken so I could not contact them directly about this, forcing me to make this public complaint about their plagiarism.


The Outspoken Wookie

Sunday, December 07, 2014

Does A 6Gbps SATA Interface Actually Matter

As we've been told all our lives, bigger is better.  But as we also know, what we've always been told isn't necessarily right any more (and often wasn't ever right).  So, with that in mind, I present the 6Gbps SATA Interface!

First, for those who get confused by the nomenclature and numbering used in computing, a Byte (B) is a collection of 8 bits (b), a Kilobyte (KB) is 1,000 Bytes, a Megabyte (MB) is 1,000,000 Bytes (or 1,000 KB) and a Gigabyte (GB) is 1,000,000,000 Bytes (or 1,000 MB or 1 million KB).(1)

So, with that information at hand, we can do a few calculations to see what 6Gbps really means.  An added complication is the way that the data is encoded across the SATA interface using something called 8b/10b Encoding (and here's a link for the nerdy types) which results in a slight loss in data throughput across the SATA.  The end result of this data encoding means that a SATA 1.5Gbps (187.50MB/s) interface will deliver a total of 1.2Gbps (150MBps) of data.

SATA RevisionInterface Speed GbpsInterface Speed MBpsData Throughput GbpsData Throughput MBps
1.0  1.5Gbps  187.5MBps  1.2Gbps  150MBps
2.0  3.0Gbps  375.0MBps  2.4 Gbps  300MBps
3.0  6.0Gbps  750.0MBps  4.8Gbps  600MBps
3.1  6.0Gbps  750.0MBps  4.8Gbps  600MBps

Right, now that we know the actual maximum data throughput of a bunch of different SATA standards, what we need to do is to look for drives that we can attach to these SATA interfaces and see how fast they can go compares to the data throughput speed of the SATA interfaces.

Drive ManufDrive ModelDrive CapacityMax/Sustained Read MBps
SeagateDesktop SSHD ST4000DX001   4TB 146MBps (from all zones)
SeagateDesktop SSHD ST4000DX001   4TB 190MBps (from NAND)
SeagateDesktop NAS HDD ST4000VN000   4TB 180MBps
SeagateLaptop SSHD ST1000LM014   1TB 100MBps
SamsungSSD Pro 840 MZ-7PD512  500GB 540/520MBps (Read/Write)
SamsungSSD 840 Evo MZ-7TE1T0  1TB 540/520MBps (Read/Write)
SamsungXP941 Gen 2 X4 M.2 SSD  512GB1170/950MBps (Read/Write)
PlextorM6E Gen 2 X2 M.2 SSD  512GB 705/638MBps (Read/Write)

As you can quite clearly see, all of the regular Hard Drives (and even the Hybrid SSD/HDDs) are pretty much around the same maximum or sustained transfer rate of somewhere under 200Mbps, which means that plugging one into anything faster than a SATA 3.0Gbps controller will give no performance improvement whatsoever.

This changes when we start to look at SSDs.  The regular Samsung SSDs will deliver up to 540MBps of read performance which is well in excess of the throughput of a 3.0Gbps SATA interface - to get the full performance from any modern SSD you will need to have a SATA 3.0 (6.0Gbps) to connect it to.  This goes for many current SSDs that all deliver up to around 550MBps from Samsung, Intel, Crucial, Transcend and others.

Things, however, start to really get interesting when we look at the newer M.2 (SATA Rev 3.2) devices.  These can deliver data across an older SATA 3.0 interface, or a PCIEx2 or PCIEx4 interface, depending on the configuration of the drive (and socket).  Currently, the Asrock Z97 Extreme6 is the only motherboard to support the X4 transfer rates, however more boards are sure to hit the market soon.  The Plextor M6E drive delivers just under 50% faster transfers using its PCIEx2 interface than can be achieved using the SATA specification, and impressively the Samsung XP941 512GB M.2 drive on an Asrock Z97 Extreme6 delivers over 1GBps in read performance!

So, basically, if you have any form of spinning metal disk, be it a hybrid or not, there's no need to upgrade to a 6Gbps SATA controller, though if you have one on your motherboard, it won't hurt to use it.  If, however, you have one of the current fast crop of SSD drives, then you will need to connect this to a 6Gbps SATA port to realise the full speed of the device.

If speed is your bag, baby, then a 6Gbps SATA port is not enough and you'll need to look at the newer M.2 X4 devices on a controller that will allow it to run at full speed and right now, the only onboard controller that will handle this is on the Asrock Z97 Extreme6 motherboard.  Plug in adapters that will support this spec include the BPlus M2P4S and the PEX16X-LTSSD-ADP adapter.  There may be others out there and Google may well help locate them! :)


The Outspoken Wookie

Wednesday, December 03, 2014


There have been a number of vulnerabilities detected in various security protocols over the past year or two including BEAST Attack, Heartbleed Bug and POODLE Attack.  At least 2/3 of these have names that give some indication of their severity and the remaining 1/3 leaves you with a rather interesting visual image.  But be ye not distracted by the names - they are all things that need to be addressed in various ways.

Information about the Browser Exploit Against SSL/TLS (BEAST) Attack was released in September 2011 and involved attacking the lack of security in particular implementations of TLS 1.0 traffic.  This vulnerability has been pretty much mitigated today (Dec, 2014), however there are still some older, non-updated systems out there that are vulnerable to this attack.  The table below lists the earliest version of the products that have mitigated the BEAST Attack (and yes, Apple took an inordinately long time to patch for this vulnerability):

Apple iOSiOS 7.0
Apple OS-XOS-X 10.9 (Mavericks)
Google ChromeVersion 16
Microsoft WindowsMS12-006 on Windows 7/Server 2008 R2 and older
Mozilla FirefoxVersion 10

Following on from the BEAST Attack were the CRIME and BREACH attacks which, too, have been mitigated in current browsers and are a low-grade threat at worst these days.

The Heartbleed bug, publicly announced in April, 2014, affected anything running OpenSSL.  The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.  Yup, it is pretty nasty but this, too, is pretty much completely mitigated by the various vendors using this code.

For an easy to understand explanation of the Heartbleed bug, have a read of this XKCD comic.  To see if your website is affected by the Heartbleed bug, have a look at (Heartbleed bug only) and (Heartbleed and more).  Any site that you go to that uses the "https" protocol can be checked to ensure it is running a version of OpenSSL that is not vulnerable to this attack.  If the site *still* has not been updated, I'd suggest speaking with the vendor, outing them in social media and removing your account and changing any passwords and/or information that was stored in that site.

And now we come to what at first glance may be the fluffiest of all these vulnerabilities - the POODLE Attack.  Basically, there's the ability in browsers to request a lower level of security from the server if the browser doesn't support the version the server prefers.  This is called a security renegotation.  The POODLE Attack uses a recently discovered flaw in the now obsoleted and in the process of fast becoming deprecated SSL 3.0 protocol mixed with a renegotiation attack (forcing the server to drop from TLS 1.x to SSL 3.0).  The simple fix is to disable SSL 3.0 on all your web servers, however there are still some applications that use SSL 3.0 (again, speak with the vendor, expose in social media and seriously question your continued trusting of a vendor using 18 year old technology that's been superseded 3 times).

To read more on the POODLE Attack and how to ensure you're doing everything you can to protect against it, have a read of and then go to and to confirm your server mitigations have been invoked.  There's also a funky little tool from Nartac Software called IISCrypto that can help you properly configure your Windows IIS to mitigate against POODLE and other vulnerabilities.

The table below lists the earliest version of the products that have mitigated the POODLE Attack:

Apple iOSiOS 8.1
Apple OS-XOS-X Security Update 2014-005 (Mavericks & Mountain Lion)
Google AndroidChrome - still waiting
Google AndroidSamsung Browser - still waiting
Google ChromeVersion 39
Microsoft WindowsTemporary Fix it released, also shows Group Policy fix
Mozilla FirefoxVersion 34

If you want to see if your client (browser) is susceptible to the POODLE Attack, go to  If your browser is vulnerable, don't trust it to keep your data secure.


The Outspoken Wookie

Monday, November 10, 2014

Azure Needs To Be Introduced To 2012

I'd *REALLY* like to know how, if Microsoft is pumping so much time and energy into Azure, it cannot handle the VHDX format, let alone Generation 2 Virtual Machines from Hyper-V 2012?  I mean, we're now in 2014 and have the Windows Server 10 Technical Preview available to us and Microsoft still can't handle .VHDX files in their Azure virtual machines!

This is slack.  Really slack.  It means that even though we who use on-premises Hyper-V Servers can use the current Microsoft technologies for all of our current-release guests, we cannot do it using their Azure platform.  It means that we cannot even upload our virtual machines nor use SCVMM and replicate our Gen 2 VMs into Azure.

Come on Microsoft - bring the Azure infrastructure up to your current generation before you get severely left behind yourself! :(


The Outspoken Wookie

Wednesday, November 05, 2014

Medical Woo-Woo Shits Me

Anyone who knows me knows that I'm not a fan of medical woo-woo.  So, to help people understand what these quasi-medical woo-woo terms mean, here's a Patient's Guide to Magical Medicine.

And in case someone is looking for the other common term for these practices, it is "SCAM" as in Supplements, Complementary and Alternative Medicine.


The Outspoken Wookie

Tuesday, October 07, 2014

Windows 8.x Wireless Networking Issues

One of the more useful features of Windows 7 that has been completely removed from Windows 8.x for no apparently decent reason is the "Manage Wireless Networks" Control Panel applet.  It provided you with a wealth of knowledge and gave you the ability to, as its name suggests, manage wireless networks.

So, with the demise of this useful feature, along came the Kerkia group with their WinFi application to return the functionality of this tool in a nice, usable interface.  It allows you to re-order, delete, import and export network profiles and it also allows you to change a network profile between Current User and All Users.  All User profiles will connect before any user has logged in to the computer.

In addition to this, there are some "netsh" commands you may well find useful if you like doing things via the command-line:

Showing Wireless Profiles

 netsh wlan show profile

- output will be something like:

Profiles on interface Wi-Fi:

Group policy profiles (read only)
User profiles
All User Profile : SSID1
All User Profile : SSID2
Current User Profile : SSID3

Deleting Wireless Profiles

netsh wlan delete profile SSID2

- output will be something like:

 Profile "SSID2" is deleted from interface "Wi-Fi".

Exporting Wireless Profiles

To back up all Wireless Profiles
netsh wlan export profile folder="%UserProfile%\Desktop"

To back up all Wireless Profiles on a particular interface
netsh wlan export profile interface="interface name" folder="%UserProfile%\Desktop"

To back up a specific Wireless Profile on all interfaces
netsh wlan export profile "profile name" folder="%UserProfile%\Desktop"

To back up a specific Wireless Profile on a specific interface
netsh wlan export profile "profile name" interface="interface name"

  • Substitute profile name (SSID) in the command with the actual SSID network profile name that you want to export as a backup.
  • Substitute interface name in the command with the actual name of the interface that the wireless network is on that you want to export as a backup.
  • If you want to back up the Wireless Key (password), add "key=clear" after the profile "profile name" section in each of the above commands (needs administrator rights)
For example:
netsh wlan export profile "SSID1" interface="Wi-Fi" folder="%UserProfile%\Desktop"

Exporting Wireless Profiles

To restore a Wireless Profile for the Current User only
netsh wlan add profile filename="\path\to\file.xml" user=current

To restore a Wireless Profile for All Users
netsh wlan add profile filename="\path\to\file.xml" user=all


The Outspoken Wookie

Thursday, September 11, 2014

Microsoft's Broken Store Upgrade to 8.1

After spending well over 8 hours trying to work through this issue, including a reasonable amount of Google searching, it seems to me that Microsoft has royally fucked up the Microsoft Store Windows 8.1 Upgrade for Windows 8.0 users.  And now, I'll explain it in a little more depth...

For anyone who needs/wants to reinstall their Windows 8 (RTM), then activate with their license key, then install the updates needed (KB2871389 and KB2917499) to get the Windows 8.1 upgrade from the Microsoft Store and upgrade to Windows 8.1, you're in for a bit of a shock if you need to run applications that need the .NET Framework 3.5 (or 3.0 or 2.0) Feature that's normally installable via either the Control Panel or a particular invocation of the DISM command.

If you try and install via Windows Update, you'll be presented with the following error message:

Windows couldn't connect to the Internet to download necessary files. Error code: 0x800F0906 (which, of course, is bullshit if you've got a functional Internet connection - this is an erroneous error message)

If instead you try the DISM way, you'll see either the above error code or the following:

•0x800F081F: The changes could not be completed.

The reason for this, it seems, is because downloading the Windows 8.1 Upgrade from the Microsoft Store gives you the latest slipstreamed install of Windows 8.1 with almost all current Updates and HotFixes. Normally that would be great as it means that you don't need to bother performing a boatload of updates after installing the Windows 8.1 Upgrade, except that it seems that Microsoft has chosen to include in the slipstreamed Upgrade, HotFixes KB2966826 and KB2966828 (see: which are .NET 3.5 updates, meaning that until you uninstall these (which you cannot do if you've installed the 8.1 Upgrade from the Microsoft Store) you are what's known in the trade as SOL if you want to install .NET 3.5 (including 3.0 and 2.0) in a newly installed Win 8.0/8.1 from the Store.

As mentioned in that thread, if these have been installed as part of the regular Microsoft Update regime before .NET 3.5 is even installed, it is a simple enough task to uninstall them, install .NET 3.5 and then reinstall these updates.  This is not the case with the slipstreamed Windows 8.1 Upgrade from the Microsoft Store as these updates seem to have been slipstreamed into the installer, meaning that they don't show as updates that can be uninstalled, therefore they can't be uninstalled, therefore you CANNOT install .NET 3.5 on this system - that leaves a lot of software that won't install nor run properly.

Out of interest, this thread also details issues with these updates - so it isn't just on Microsoft's own site that this issue has been discussed.

I have found - as expected - that even if you install .Net 3.5 in Windows 8.0 before performing the Microsoft Store upgrade to Windows 8.1, Windows 8.1 is installed with .Net 3.5 uninstalled.  As I said, I expected this behaviour and would have been rather surprised if this had actually worked.

It seems to me that the easiest fix for this is to re-release both of these HotFixes with better pre-requisite detection and also rebuild the Microsoft Store upgrade image so that these two HotFixes are not included, or alternatively, fix the Windows Update site so that if a Windows 8.1 system with these updates already installed, but .Net 3.5 not yet installed, goes out looking for the .Net 3.5 installation files, it provides a working set of files that will install the .Net 3.5 Feature.

Until then, good luck if you need to get the .Net 3.5 Feature installed on a Windows 8.1 system recently upgraded from Windows 8.0 through the Microsoft Store.


The Outspoken Wookie

Friday, August 15, 2014

Companyweb on SBS 2003 stopping

We've all had those sites where, for some reason, Companyweb just stops, needs restarting then runs fine for a while and then stops again.  Gotta love it...

Well, I have a site we're in the process of migrating from SBS 2003 to Essentials 2012 R2 + Office 365 where this started happening a few days ago, so I decided to sort out a scheduled script to take care of this for me.

@Echo Off
if exist default.aspx del default.aspx

"C:\Program Files\GnuWin32\bin\wget.exe" --user=administrator --password="Seriously, you think I'd post that on my blog?" --timeout=30 --tries=1 http://CompanyWeb/default.aspx

find /C "SharePoint Team Web Site" default.aspx

IF ERRORLEVEL 1 cscript C:\WINDOWS\system32\iisweb.vbs /start companyweb

I'm running this script every 5 minutes which places bugger all extra load on the server, but means that it isn't long after the Companyweb site stops that it is restarted.

Oh, and run it as "nt authority\system" so it doesn't pop up a command prompt window on the user's desktop (ie, the administrator's desktop).


The Outspoken Wookie

Wednesday, July 30, 2014


OK, so I'm sick and tired of visiting various sites to find the APNs for the carious 3G/4G providers our clients use at work and at home, so here's my own list...

Provider3G/4GAPNAccount typeCommentsURL
Aldi business use - see 1.4.1.d here.Aldi Mobile
ApexN3GOptus based plansApexN
Bigpond3G/4Gtelstra.bigpondUsername and password required
Mainly personal use - see 1.1 here.BoostMobile
Exetel3Gexetel1PremiumOlder Optus-based plans
Exetel3GconnectStandardNewer Optus-based plans
Exetel4GyesinternetNew Optus 4G plans
Best optionOptus
Use if "internet" doesn't workOptus
Pacnet3GinternetStatic IPOptus infrastructurePacnet
Pacnet3GpacnetStatic IPOptus infrastructurePacnet
Telstra3G/4Gtelstra.internetBusiness accountThis is the Telstra 10. private NATted network. Code is "GPTCOMB3".
Telstra3G/4Gtelstra.iphAny account typeThis is their "iPhone" APN. Call and ask for the "GPDWLES3" code to be added to your account.Whirlpool
Telstra3G/4Gtelstra.extranetBusiness account (10 digits)This gives you a real, usable dynamic IP. Call and ask for the "GPTEXB3" code to be added to your account.
Telstra3G/4Gtelstra.corpBusiness account (10 digits)This is for Telstra Wireless IP WAN users. Call and ask for the "GPCORPB3" code to be added to your account.
Vodafone3G/4Glive.vodafone.comThis is NATted on the networkVodafone
Vodafone3G/4Gvfinternet.auThis gives you a real, usable dynamic IP.  Or so it appears.  But it is NATted through still.  Ggrrrr...
Voicetalk3Gsplns357Try getting any sense out of VoiceTalk!

There are some other sites out there with useful collections of APN configuration information:
Whirlpool APN - Access Point Name


The Outspoken Wookie

Friday, July 18, 2014

Samsung Galaxy Note 2 Factory Mode

OK, after trying everything I could find on the 'Net (unsuccessfully, obviously) I decided to do one final search before buying a new handset and came across which is the only thing I found that worked - my Samsung Galaxy Note 2 no longer continually boots into factory mode, which means that it is no longer as useful as a 80.5 x 151.1 x 9.4 mm, 182.5g brick!

Having then found this, I followed another too many hours and too many links to eventually get the LiquidSmooth 4.4.4 ROM installed (basically involving needing to use the TWRP Recovery environment to reset permissions and reformat the entire device ( and then the ClockworkMod recovery environment from to load the LiquidSmooth 4.4.4 ROM (, I found that the phone still had no signal at all.  It looks like the phone chip really has died.  Oh, well - here comes a Note 3! :)


The Outspoken Wookie