Unauthorized 401 when calling Coldfusion CFC Component WebService on IIS

If you just setup a fresh Coldfusion/IIS box and all of a sudden you check one of your CFC Component WebServices and get a 401 you are not alone!

I bet you went to the folder and triple checked IIS that Anonymous Authentication was enabled and everything else was disabled and yet still didnt work. Right about that time perhaps you start questioning everything you know in this world. I mean IIS is set to anonymous yet it’s telling you its not authenticating as if it were sent to Windows Authentication.

The Solution

Rest assured, you are not losing it. Simply you like me likely made the mistake of blanket turning on Windows Authentication at the root which in turned enabled it for the virtual folder:

/jakarta

CFC’s must pass back to this folder since they are processed server side. Anyways the easy solution is to set /jakarta folder to Anonymous Authentication.

Hey if this helped you or you know something I should add to make it better, please leave it in the comments!

-Eric

Connect to Azure SQL Database using ColdFusion 10/11/2016

My how the years fly and things change.

Even in 2017 I still find value in making quick enterprise applications in Coldfusion. However the world is a changing, many of my endpoint are beyond the boundaries of my corporate firewalls.

I have ended up with a ton of nodeJS webservices endpoints  running as docker containers in Azure jamming away data in Azure SQL. I want Coldfusion to be able to utilize that data.

The Solution

The solution is stupid easy… you can use the native Microsoft SQL Driver, no need to mess with anything else.

Go ahead put in the basics

  • Database: Name as shown in Azure
  • Server: something.database.windows.net
  • Port: 1433
  • Username: <sqlaccountname>@<databasename>
  • Password: <password>

Then for the secret sauce

  • Hit Show Advanced Settings
  • In the connection string put the following:

EncryptionMethod=SSL;Encrypt=yes;TrustServerCertificate=no;

Note: Encrypt=yes may not be needed but since its working I am not touching it.

And that’s it!

If this was helpful or have a way to make it better? Let me know in the comments.

-Eric

 

 

 

 

Fix: Windows 10 Start Menu (and Modern Subsystem) Freezes and Stops Working

Nothing gets me more upset than seeing a common issue that never seems to get fixed. Since Windows 10 inception I have noticed a rather odd issue that occurs about weekly where my Start Menu, all Metro (Modern) Apps, and even Internet Explorer (which is odd given its a Win32 App) locks up, freezes, and just plan stops working.

The only obvious cure had been to reboot the PC.

However through alot of trial an error have figured out a workaround to get your PC back on its feet.

The Workaround

  • Simply open Task Manager (CTRL + SHIFT + ESC)
  • Click More Details (if needed)
  • Go to Details
  • Locate: siHost.exe
  • Right Click, End Process Tree

Note: This may need to be done twice in my testing but should always return the start menu after that second try. Many times it only takes once.

More Detail

You may notice when this happens that there are the following events in the event logs:

The program ShellExperienceHost.exe version 10.0.10586.218 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2290
Start Time: 01d1a082cc447ca3
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Report Id: 524e2a97-0c76-11e6-8dae-64006a80564a
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

Also you may see errors about SearchUI.exe

 

Workaround: Chrome will not PIN sites to Windows 10 Taskbar

I could rant for a long while about how Microsoft removed the verb “Pin to Taskbar” from the Shell.Application COM object but I won’t. I will simply say that I think they did that to keep OEM’s from putting crap on it when you buy a new PC. However as so often is the case, there was unintended side effects. Reasonable use cases like Chrome being able to PIN websites and Corporate IT being able to PIN corporate applications comes to mind. Lets not talk about how anti-competitive it looks when Internet Explorer (IE) is able to still pin items to the taskbar yet 3rd Party browsers like Chrome are left in the dust.

Ok I said I wouldn’t rant, here is the workaround.

  • Simply do the normal process in Chrome to PIN something to the start menu.
  • Then go here:
    • C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      • Note: <username> will be your username you use to logon to Windows. If you dont know it simply go to c:\users and you should be able to figure it out
  • Find the shortcut Chrome created for your website, right click and you will see “PIN to Taskbar”

Also thanks to Reddit for figuring this out:

Chrome "Add To Taskbar" Issue from Windows10

Leave a comment if it helped you!

-Eric

Get a list of all System Center Virtual Machine Manager (SCVMM 2012 R2) Users via SQL

Ever need to send a notice to your System Center Virtual Machine Manager (SCVMM) users like “Upgrade to UR7 coming” but realized you never took the time to collect all of their names?

Here is some quick SQL that will give you the names of anyone who has actually used the platform:

select
distinct replace(SessionOwner, ‘contoso\’,”) as Username
from [tbl_TR_TaskTrail]
order by 1

As a added bonus if you replace contoso with your domain name it will strip that out making it ready to past into outlook for name resolution.

Enjoy!

-Eric

Search Active Directory for Specific Word or Phrase (string) in a Group

Ever tried to search for a group by name but the part you know is in the middle? Did you think you would be smart and go to the advanced tab then do “blah” contains, hit search and find nothing?

Quickest way to find is actually via PowerShell

Get-ADGroup -Filter {Name -like “*blah*”} | select SAMAccountName

Works great!

Enjoy

-Eric

Offline Downloading of Windows 10 Patchs

Anyone looking at Microsoft KB’s may be surprised to see that there are no direct download links. However you can still download the patches manually by finding and downloding them here:

http://catalog.update.microsoft.com

This can also be used to import patches into WSUS if needed.

Hope it help

-Eric

Fix | Windows 10, “the connection cannot proceed because authentication is not enabled”

Ah security, the balance between not allowing access at all and allowing too much access.

In Windows 10 Microsoft changed RDP’s defaults. They modified the default for “SecurityLayer” from 0 to 2. Even if you go into the user interface and disable: “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” Still doesn’t change that value to a 2.

Simple fix:

  1. Open RegEdit
  2. Navigate to this Key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  3. Change “SecurityLayer” to a zero
  4. Reboot and done!

Fix | NVidia Control Panel will not save

Just got Lightroom 6!! Finally they are using the GPU to make things faster. Just one problem, its using my crappy Intel 4600 GPU instead of the NVidia Quadro K1100M in my dual GPU Notebook.

Adobes own advise from their FAQ is to disable the Intel Card. I tried that, all it did is screw up almost everything on the PC. Thanks Adobe for that… So looking around the interwebs I found way too many people having this issue but none having a good solution.

After about 3 hours of messing around with ProcessMon.exe I discovered it was trying to write to c:\ProgramData\NVidia Corporation\Drs folder. Only problem is that folder did not exist.

Simply create the folder, and give “everyone” full control in the security Tab and you should be good to go.

One thing to note, it seemed like it took two saves to start working for me, not sure what that was about but finally I was able to use the “Managed 3D Settings” part of the NVidia Control Panel to set Lightroom.exe to use the NVidia GPU.

Hope it helps you!

-Eric

Powershell | Using Modify AD Groups with Alternate Credentials

Quick one. Had an issue where I needed to remove a user from a AD group in another domain. To my surprise it was harder then I had thought. At first I settled on using set-QADGroupMember (the Quest Powershell CMDLET) as it takes -connectionusername and -connectionpassword. However it was dog slow. I think that was due to being over a WAN link and it was querying all members (which took about 2-3 mins).

I needed something swifter. I went directly to the .NET controls and reduced the time to about 15 second.

$GroupDN = “LDAP://CN=GroupName,OU=Distribution Lists,DC=domain,DC=local”
$Group = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList $GroupDN,”username”,”Password”
#To Add
$Group.Properties[“member”].Add(“DN of the User you wish to add”)
#To Remove
$Group.Properties[“member”].Remove(“DN of the User you wish removed”)
$Group.CommitChanges()
$Group.Close()

Enjoy!

-Eric