Category Archives: How To

How To documents with practical advices and detailed description for various Information Technology tasks.
The articles are mainly focused on Small and Medium Businisses but they can easily apply to large businisses as well.

Trashed hard drive

How to Recover Deleted Pictures or Files – Data Recovery Tools and Techniques

Trashed hard driveHelp, I lost My Pictures!

If you lost or accidentally deleted your pictures and files, there are still great chances to recover them. As a computer geek, (I do this as a profession), I had to recover file many times. In the vast majority of time the files are recoverable, and in about 30 percent of the cases the retrieval is instant.

The key to a successful retrieval of your pictures and files is to act as soon as you discovered you lost the files, be it because an accidental deletion, or computer problems. I will explain this later in the document.

This tutorial is created for Windows computers, and it assumes you have a minimum knowledge of operating in a Windows Operating System. If you don’t know how to operate in a Windows environment, your best bet is to go to a local computer repair shop.

How To Recover Deleted Pictures or Files?

The Computer IS Fine, But My Files Are Gone

If the computer is fine and it doesn’t behave erratically, most likely you accidentally deleted your files. The first step in this case is to check in the Recycle Bin, but I bet you already did this. If you didn’t do it now. Look for pictures or maybe just a folder, If you accidentally deleted the whole folder, you won’t see the files or the pictures in the Recycle Bin, you will have to look for the folder that contains the files. This is particularly difficult if your Recycle Bin hasn’t been emptied in a while, and you have to search through thousands of files.

How to Recover Deleted Files from Recycle Bin – Advanced Tutorial

Sorting the Items In the Recycling Bin

If your Recycle Bin is empty, or you have few items, you can skip this.
To make it easier right click in the “Recycle Bin” folder and choose sort by “Date deleted”.
If the deletion was made long time ago this doesn’t make sense, and you would probably need to sort by type. Sort by type is not available by default on the Recycle bin, so you have to activate it. Right click in the Recycle Bin folder, select “Sort By”, and the choose “More”. Scroll down on the list and check the box for “Type”. Now the “Sort by type” is available from the contextual menu. When you sort by type all the folders are displayed grouped so it’s easier to find your pictures folder if it’s in the recycle bin.

How to Recover Deleted Files from Recycle Bin

Recover Deleted Pictures or Files Using “Previous Versions”
Recovering with Windows 7 Previous Versions
If your operating system is not Windows 7, you can skip this paragraph, this feature is only available on Windows 7.
If your files are located on the System drive, usually the C: drive, “Previous Version” is enabled by default. “Previous Version” it’s a feature that allows the system to store on a hidden portion of the drive, files and system settings. The files are automatically copied on the hidden folder, and stored for a limited numbers of days. When a file is modified, or deleted, the old version is stored automatically. Let’s say you deleted some pictures in the “Pictures” folder. Go to “My Computer” => C: => Users => USERNAME . Search for the “My Pictures” folder and right click on the folder. From the contextual menu select “Restore Previous Versions”. A list with snapshots of the folder will be presented. Select a previous version that you think contains the deleted files. If you accidentally deleted the files today at 11:00 AM, any snapshot previous to this date and time would contain the deleted files. Neat huh? The trick here is to act as soon as you deleted the files. The longer you wait the bigger the chances to get the good snapshot deleted are. The snapshots are deleted on a regular basis by the system, so if you wait too long, the files will be deleted.

Recover Deleted Pictures or Files Using "Previous Versions"

Lexar Media IR437 Image Rescue Software (Retail Package)

Recover your lost or deleted files with this easy to use software. The software will scan raw data on you memory card, and it will find your lost pictures.
Lexar Image Rescue has an intuitive and easy to use interface, and will scan the mass storage device, (sd cards, USB drives), for deleted image files or after reformatting your SD card. Additionally, the newest version of the software, can recover, not only image files, but many other popular document types.

This is probably one of the easiest, and most effective image recovery software.

Data Recovery Tools

Recovering Deleted Files with Data Recovery Tools

If the two methods described above didn’t work for you, that means the data has been erased from the disk. The good news is that operating systems do not really delete the files when you delete them, the OS only deletes the record from the index, so from the OS’s perspective the file doesn’t exist anymore. This is where the data recovery software comes in handy. The data recovery software scans the drive for possible files that are deleted from the index, and reassembles them for you.

As with any other recovery method the key is to act as soon as possible. The more you use your drive after the deletion, the less chances you have for a full recovery. This happens because Windows treats the portion occupied by your lost files as empty, and will start to write new data over your deleted files. The more you use the drive the more deleted data is overwritten.

The data recovery software is usually an intuitive program that can be installed on the computer, or can generate a bootable media. The purpose of the bootable media is to avoid the use of the hard drive, to maximize the chances of a full recovery, or sometimes provide an environment for un-bootable systems.
The process of recovering data with tools is very easy, and it is somewhat similar for all software, but not all data recovery programs are the same. The scanning algorithm, the reading approach are things that can make or break a recovery utility.

A few general rules for all recovery software:
To avoid further data corruption, mount the corrupted drive on another intact system. You can do this in a couple of ways:
Install the software on a separate system and attach the drive with a USB enclosure or adapter.
Create the recovery media on another computer and boot the computer with the bad drive from the bootable recovery media
Only start doing the job when you have enough time to dedicate. If you start and stop, and then start again you risk to lose more data.

How Can I Recover My Pictures After Formatting the SD Card

Pictures Recovery after Deletion or Formatting with Recovery Software

If you accidentally deleted your photos on the SD card there is no Recycle Bin for the SD card, so there is no easy way to recover them. Also it happens quite often to format your SD card and to realize that you didn’t save the pictures yet. What do we do in cases like this?
Fortunately, there is software that makes the recovery for cases like this a breeze. One of the easiest to use programs is “Sandisk RescuePro Recovery Software”.

Sandisk RescuePro Recovery Software, V3.3 Disk

It works on and card not just on Sandisk cards. It is really easy to use, and in most of the cases it is able to recover your pictures. One thing about this is that you need to wait the code for the software for a few days, but is worth. The software is actually an annual subscription, but it is very affordable.

Remember, if you deleted the pics on your card, or formatted the card, you need to stop using it immediately to insure a good recovery rate.

Recover Files from A Defective Computer

How To Recover Pictures and Files from A Defective Computer

Your computer might be defective and it won’t start. What to do in this case? First you need to assess the state of the computer and why the computer won’t start. Depending on this, you might be able to recover your files or not. In the next paragraphs I will give you tips to know what is wrong with your computer, and what to for each case.

  • If your computer boots and you can get on your Windows account, then probably the files were accidentally deleted.
  • If your computer passes the initial boot sequence but stops when loading Windows, it is the operating system that is corrupted. A re-installation could fix it, or a boot rescue CD could also fix the OS. Sometimes this could be due to bad computer RAM memory.
  • If your computer doesn’t pass the initial black screen booting sequence, something more serious could have happened, such as a defective hdd, or some other hardware problem.
  • If the computer doesn’t do anything, it is also a hardware problem. You can tackle this with a local computer shop, or proceed to moving your drive on another computer.
  • If the computer starts but it doesn’t recognizes your hard-drive, then you cannot rescue your files anymore. Actually there are data recovery services, that will disassemble your drive, and will read the data on the platters with special equipment. These are special services and are very expensive. Most of us prefer to lose the family pictures than to pay for these services.

What To Do If The Computer Won’t Boot

My Computer Won’t Boot, I Need My Pictures And Files

There are many reasons why your computer won’t boot. If you think your computer is not worth investing too much work to revive it, then the easiest way to recover your files is to take out the old hard-drive, mount it on a USB enclosure, and read it through USB on a good computer. You will be able to read your old files without any problems. This method assumes your hard-drive is not defective.For the case that Windows won’t boot because of a file-system corruption, or other Windows corruption problems, there is the Recovery Boot Disk that will allow you to boot your computer and fix a wide range of problems.

If the hard disk is the one that caused your computer to not boot, you still have good chances to recover your files, but in many cases you need a data recovery software like Data Rescue PC 3, to scan for files on the corrupted disk.

If the computer warns you before booting that there is a problem with the disk drive, you need to stop immediately using the drive if you want to maximize your chances of recovering the data. If your drive is making clicking noises, you also need to stop using it. Sometimes a hard-disk will have just enough life for a last run, so after recovery it will die.
The next step is to acquire data recovery software and install it on a good computer, and buy a USB enclosure and use it to mount the drive from the defective computer. Now connect the hard-drive to recover on the good computer and start the recovery.

Data Loss Prevention

What can I do to prevent data corruption or data loss?

  • Enable in BIOS and on the hard-drive S.M.A.R.T. This is a software utility embedded on the hard-drive that will detect when too many error corrections are occurring. Whenever this happens it means that you drive is near an imminent failure and you should backup/replace it.
  • If a message of a hard drive error appears, stop using your computer until you change the drive. You can use the computer to make a backup of your data onto another drive.
  • Check old backup tapes and copy them onto new tapes, using a temporary restore. This should happen each 10 years or more.
  • Check the data stored on CD’s and DVD’s, and recopy that media regularly. Not all CD and DVD media are equal. The factory-recorded media is the longest lasting. The media burned at home or on a computer CD-ROM unit can last between 1 to 10 years or more. So it is wise to rerecord it after a few years if you bought good quality media, or after one year if it’s on cheap media.
  • Buy an antivirus and keep it up to date.
Compress Contents to Save Disk Space

Copy and Backup Utility Review – Robocopy or Xcopy, Which One?

Robocopy or Xcopy Which One to Use?

These two command line file copy utilities seem to provide the same functions. However don’t be deceived by the number of options xcopy provides. It is just a as it is a poor relative of the more robust, featured,
When to Use Xcopy and When to use Robocopy?
If you need advanced features such as backing-up, type of copy and you want 100% reliability of the copy process then Robocopy (robust copy) is your choice. If on the other hand, you don’t have a complex copy job Xcopy will do it. Xcopy is part of the operating system, it comes with Windows, whereas robocopy needs to be copied from another system, or you need to install the Resource Kit. To put it more simple, xcopy is always available as the shell command “copy”.

Features of Xcopy and Robocopy

Why not use the shell command copy then, is the next question. Because “copy” is just too minimal and cannot accomplish what the other two can. It only copies files and not directories with the afferent directory structure. It cannot copy attributes and ACLs.
In contrast, the other two file copy utilities are featured in such way that they can be easily used as backup systems if the correct options are setup. In conjunction with the scheduler and using a batch script this can be a powerful backup solution that is both inexpensive and flexible.
The features of Xcopy and Robocopy are: selective attributes replication, ACLs can be maintained or not for the files copied, ownership can be copied or not, folder structure replication, fully automation, archive attribute support – which makes it a real backup utility, file exclusion option, verification of the copied files, performance tuning.

What are the differences between Xcopy and Robocopy?

If we were to sum up we could say that Robocopy is way more powerful than Xcopy. But of course you might ask me for arguments to support my statement, here they are:
The most annoying thing about Xcopy is that you can’t use the network restartable mode if you copy ACls. Isn’t this annoying? For me this was enough of a reason to install the Resource Kit and get the Robocopy immediately. But wait, the list doesn’t stop here.

Robocopy as a Backup Software

Why is Robocopy worth writing about? Robocopy is a great software that can be used as a backup utility. Its features makes it fit for maintaining automated file backup using various approaches. It can be used for directory mirroring, for archiving files, for moving files, etc…
It can be used to copy only new or changed files, it can use the archive bit, as any good backup software would.
If the target directory is enabled for compression, it can save space as well.
Another application of Robocopy is during migrations or server upgrades. Because sometimes migrations or server changes are time sensitive, we need to copy as much as possible before switching to the new server. This where Robocopy comes in handy. You start the mirroring ahead of time, so all the files are copied. When the time of switching is close there are only minor changes to be done so the operation is very fast. The key options for this applications are: robocopy /MIR to mirror the directory, robocopy /MON:n to MONitor the source and run again when more than n changes occur and robocopy /MOT:m to MOnitor source and run again in m minutes Time, if changed.
Another neat application is to archive files that haven’t been used in a given period.
This command moves files that haven’t been used in 500 days, in restartable mode, copying the attributes, the file’s owner, and the ACL, excluding older files.
robocopy C:\FILES \\SERVER\FILES-ARCHIVE /e /zb /r:0 /w:1 /copy:daso /xo /move /MINLAD:500

Other Cheap Backup Utilities

Another cheap, (free), utility is xxcopy.
The utility competes with Robocopy, has versions for both 32 bit and 64 bit OS, and has more command switches.
However, this isn’t a free program for businesses, it is free for for personal use though.

Downloads and Resources

Download the resource kit for Windows 2003 here, (the resource kit contains robocopy): http://www.microsoft.com/download/en/details.aspx?id=17657
You can download xxcopy here: http://www.xxcopy.com/xcpydnld.htm
A robocopy GUI interface can be downloaded here: http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/UtilitySpotlight2006_11.exe
Another robocopy GUI interface can be downloaded here: http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/HoffmanUtilitySpotlight2009_04.exe

Centos Logo

Centos Network Configuration – on a Barebones from Command Line

Centos LogoCentos Network Configuration – is very simple on a full installation. However, I downloaded the Centos’ “Minimal Install” cd and used yum to install various packages I needed.

The simple way to do it if you have a standard installation is to use the Network Administration
Tool (system-config-network), which is a graphical interface to edit the configuration files. Since I haven’t installed this tool, I needed to edit the files manually.

How to Configure Network in Centos from Command Line:

A quick way to see if your interface works and if you can ping internal resources.
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
Use your IP addresses.
Note that this is not persistent, at the first reboot, ot first network services restart this will be lost.

For a DHCP address assignment use:
ifdown eth0
dhclient eth0

To get a persistent centos network configuration use the following procedure:

Edit the network configuration file

vi /etc/sysconfig/network-scripts/ifcfg-eth0
Edit the configuration file so it contains your IP address configuration as follows:
DEVICE="eth0"
BOOTPROTO=none
HWADDR="00:00:00:00:00:00"
NM_CONTROLLED="yes"
ONBOOT="yes"
GATEWAY=192.168.0.1
NETMASK=255.255.255.0
IPADDR=192.168.0.2
PEERDNS=no
USERCTL=no

This configures your interface with the IP 192.168.0.2 and the netmask 255.255.255.0.
For more info about Centos’ network configuration look here: .

Set up Name Resolution

Name resolution configuration, is more consistent across various Linux distributions. Most of the Linux distros will have the configuration file at /etc/resolv.conf.
Edit this file and change according to your network:
vi /etc/resolv.conf
Modify the file so it contains pointers to your DNS servers like this:
nameserver 192.168.0.254
nameserver 192.168.0.253

Scalix Logo

Scalix Administration – Useful Commands

Scalix LogoScalix is now a mature email server, reliable and powerful, that can accommodate environments with thousands of users.
Most of the tasks can be accomplished using the web interface, which is a nice and intuitive interface. However, not all the tasks needed for a day to day administration are available from the web interface.

Here are some command line Scalix administration commands for the daily use as an email administrator.

Check Scalix services from CLI

omstat –a
omstat –s

lsof –i:25
lsof –I:143
lsof -i :5733
ps -ef | grep postmaster

Users unable to VIEW the inbox content

Try the following steps.

Run:

omshowu -n username -f
This should give you the location of the user folder similar to this "~/user/g000038".
Go to /var/opt/scalix/ll/s/user/g000035 (in our case) and remove the "imap-cache" directory then restart the imap server (users will get logged off).
rm -r imap-cache

STOP and START IMAP
Restart IMAP service: omoff -d 0 -a IMAP & omon IMAP

Users unable to VIEW some of the inbox content

Ask the user to log off!!! AND to stay logged off until you finish!!!!
View which users are loged on: omstat -u all
View the process associated with that user: ps -ef | grep 55003 Where 55003 is the user id.
Kill the processes associated with that user: kill -9 “process id”
Fix the mailbox: omscan -Avfx -U “User Name”
Restart the scalix service: omshut -t3 && sleep 3 && omrc
(sxfixdref –f)

sxaa problems
Delete the user’s 3d files in the above folder (/var/opt/scalix/ll/s/user/g000035)

Issues with the web interface

Restart Tomcat and Apache2
/etc/init.d/scalix-tomcat stop
rcapache2 stop
rcapache2 start
/etc/init.d/scalix-tomcat start

CDA server not starting

omoff -d 0 -w cda
omreset -o off cda

delete the lockfile, (if it exists):

rm /var/opt/scalix/ll/s/sys/omcda.lock
 omon cda

SPAMASSASSIN problems

Location: /etc/mail/spamassassin
Important files:
Init.pre
Local.cf
V310.pre
V312.pre
Update-channels

Automated update via crontab

cat /etc/cron.daily/spamassassin-updates

(this will update the filesd and restart spamassassin)
Update rules are located at:
/etc/mail/spamassassin

Edit Spamassassin Whitelist and Blacklist

vi /etc/mail/spamasassin/whitelist.cf
Entries should be of the form: whitelist_from queen_213@hanmail.net

vi /etc/mail/spamassassin/vi whitelist.cf
Entries should be of form: blacklist_from user@domainname

when whitelist and/or blacklist are modified…

  1. check for error: spamassassin –lint
  2. restart spamd /etc/init.d/spamd stop and then /etc/init.d/spamd start

Check bounces email on Postfix
tail -f /var/log/mail | grep NOQUEUE

Troubleshoot sending or receiving

  1. Check the ldapmapper and make sure it’s working.
    /etc/init.d/ldapmapper status
    /etc/init.d/ldapmapper stop
    /etc/init.d/ldapmapper restart
  2. Check the sendmail daemon – make sure it’s working.
    ps aux |grep sendmail
    You should see two things: Accept connection and Queue control
    If you don’t see them, restart the service. Sometimes you need to create your own script for starting sendmail, instead of using the one that comes with the distribution.

Clean Scalix Queues

Service router queue, Internet Mail Gateway queue, Local Delivery queue.

CLEAN INTERNET MAIL GATEWAY QUEUE

 echo -e "A$(( $(date +%d) + 10 ))E\nl\nunix\n\n" |
  omqdump -p |
  ./clearq.pl |
  tee output

CLEAN LOCAL QUEUE
echo -e “A$(( $(date +%d) + 10 ))E\nl\nlocal\n\n” |
omqdump -p |
./clearq.pl |
tee output

CLEAN ROUTER QUEUE
echo -e “A$(( $(date +%d) + 10 ))E\nl\nrouter\n\n” |
omqdump -p |
./clearq.pl |
tee output

Always use a new file, output is a sample file name

Once done, de-activate scalix services , except omstmon, omsessd, queue.manager and RUN OMSCAN (this will synchronize the database)
omscan –Aqvfx
stop scalix normally, start scalix normally.

Maintenance in Scalix

Delete user

/opt/scalix/bin/omdelu -n CN=FirstName LastName/G=FirstName/S=LastName/OU1=lcbmail

Regular maintenance

omscan –Aaf (Select all areas for checking/scanning and fix)
omscan -Avuo3 -f (-A active – refreshes the omscan; -u each user; -o 0 output normal)
omscan -Avfx -U “User Name” (scans only one mailbox)
omscan -AavfxS

Refresh omscan to the latest results
omoff -d 0 scan (shutdown omscan)
omscan -Z (capital z) (reset omscan counters)
omon omscan (restart omscan)
omshowlog -f 10.05.07 -F 09:09:00 (-f date –F time) from “Date”, from “Time” (-t date –T Time) to “date” “time”
omscan -avfx – remove the orphans
omscan -AavfxS – active mode to check and fix any issues it can find – it doesn’t clear orphans
sxdu -hs (show actual mailbox space usage)

Clean up Users’ Mailboxes:

omtidyallu -Twr -a 100 –d -c -k (purges everyone’s trash and recovery directory) do not attempt unless you have to, (for example you are out of space on server) – this will delete all users’ email

omtidyu
-T folder[s] Defines which folders the following criteria is to be applied to:
i refers to the intray;
o refers to the outtray;
f refers to the filing cabinet;
w refers to the wastebasket (Deleted Items folder).
p refers to the pending tray; and (Sent Items – ?)
l refers to the List Area.
r refers to the Scalix Recovered Items folder.

Examples of Mainenance Cleaning in Scalix

omtidyu -B -u “user name” -k -T i -t “[SPAM]*” returns emails with the subject [SPAM] in the inbox
omtidyu -B -u “User Name” -d -k -T i -t “I Love You” removes all message with the subject.
omtidyu -B -u “User Name” -d -k -T i -a 365 deletes all the email older than 365 days
omtidyu -B -u “User Name” -d -T i -a 4 – moves the email messages in the Wastebasket
omtidyu -B -u “LCB Mailer” -d -k -T i deletes permanently all the messages in Inbox
omtidyu -B -u “User Name” -d -k -T iofwlrp -a 365

Import/Export mailboxes, backup, restore in Scalix

sxmboxexp –user “User Name” -a /mnt/temp/uname.mbox
sxmboximp -a /mnt/temp/uname.mbox –user ” Test User”

Scan mailbox for last login time

/root/sxlastlog.pl >lastlogin.txt
more /root/ lastlogin.txt
This could be tricky if you want to get the inactive mailboxes, since you won’t know the status of the redirected mailboxes.

Scan users’ mailbox for usage

Sxdu -sh

Show all mailboxes

omshowu –m all

Pull details of a specific mailbox

omshowu –m all | grep –i nameofindividual

View details of mailbox

omshow nameofindividual or authentication ID

Delete a duplicate account

omdelent -e local-unique-id=’ID’
omdelent -e g=given_name/s=surname

List, search users, mailboxes and email addresses

List number of users per country
omsearch -e S=* -m CNTRY >Email_list.txt
add additional attributes like name (/CN) or email address ( :
omsearch -e S=* -m CNTRY/CN/IA-FORMAL
omsearch -e S=* -m CNTRY/CN/IA-FORMAL
omsearch -e S=* -m CNTRY/CN/INTERNET-ADDR
omsearch -e S=* -m CNTRY/CN
or add all attributes:
omsearch -e S=* -m @all-attr@

per country list export to text file:
omsearch -s -e CNTRY=JP -m S/CN/IA-FORMAL >Japan_Users.txt

omshowatt for a list of attributes

omsearch -s -m CNTRY/G/I/S/CN/IA-FORMAL >list-of-users.txt

Search Accounts ibn Scalix

omsearch -e “G=<firstname>/S=<lastname>” -m @all-attr@

Search an Account If You Have the Email Address
omsearch -m @all-attr@ -e IA-FORMAL=email@cordonbleu.edu (you can use * )

Read and Edit the Mailbox Rules in Scalix

sxaa –user username (get the active and inactive rules)
sxaa –user username –remove 501 (remove the rule with the reference 501)
sxaa –user username –off 600 (disable, without removing the rule with the ref 600)
sxaa –user username –on 600 (enable the rule with the ref 600)

Other Useful Commands in Scalix

ps –ax ( list of processes)
Top –p pidID (stats about specific process)

More info on the error from omshowlog
omsolve -n OM 16094

Search for content ZIP compressed logs on the fly
bzcat /var/log/mail-20070610.bz2 | grep -i webmaster | less –S

Find the abbreviated names for a Scalix service
omshowlvl –a –l

 

Not Related To Scalix But Useful

tcpdump -ni eth0 port 5729 -s 0 –A
watch -n1 cat /dev/vcs10 (see the logs on the tty10 console)

rdiff-backup a great utility to backup your system

Scalix Migration

Move users to other mail-nodes.
Note that you don’t need to specify your node if the user is in the default node. –o is old –n is new.
ommodu -o username -n “Firstname Lastname”/Parisnode

Ping - Network Troubleshoot

How to troubleshoot a slow computer network?

Troubleshoot Network - Ping

Pinging Google

Your network is slow. What do you do to make it faster?
The answer is not simple and the reason for your slow network could be a lot of things. You have to take a step by step approach and isolate the bottleneck. Once you isolate the point of failure it is easier to find the problem.

Many times a packet sniffer will help you find the problem faster. A good free packet sniffer is Wireshark. Another packet sniffer is Microsoft Network Monitor.

Here is a list of Windows-based network tools that can help you troubleshoot almost any problem in a Computer Network:
Ping – a network utility to test if a computer is up and reachable or not. Ping uses the ICMP protocol to send echo requests.
Nmap – a port scanner. You need a port scanner to enumerate open ports and live IP addresses.
Tracert – a utility that traces the path of a network packet enumerating all of the routers that it passes through.
Wireshark – a packet sniffer.
Netstat – a utility that enumerates all the open ports on the local computer.
Ipconfig – a utility to list or modify the properties of a network adapter.
Netsh – a powerful Windows utility to modify various network properties. It is a scripting utility that basically controls every aspect of the Network on a Windows computer.
One of the cool usages of the netsh is to reset the TCP/IP stack to the defaults without the need to uninstall and reinstall the TCP/IP protocol as we needed with the older OSs.
Route – enables the view and manipulation of routing.
Nslookup – a name resolution utility. Very useful to check DNS servers and validity of name records.
Arp – a utility that allows you to get information about MAC address to IP address resolution.
Getmac – Provides the MAC address and lists associated network protocols for all network cards for a local or remote computer.
Getname – displays the computer name.
PathPing – Combines the functions of Traceroute and Ping, very powerful tool.
Net services commands – Performs a broad range of network tasks such as Network mapping, authentication, controls services, etc…

If you are not sure how to use these tools read the Help or from the command line, (all of these are command line tools), issue the command with the help option, for instance: “pathping /?”. This will give you a list of other valid options.  

This article is part of a five posts series regarding Network Troubleshooting.

  1. How to troubleshoot a slow computer network?
  2. Troubleshoot a Slow Network – The entire Network is Slow
  3. Troubleshoot a Slow Network – Slow Server
  4. Troubleshoot a Slow Computer Network – Only One Computer on the Network is Slow
  5. Troubleshoot a Slow Computer Network – Your Computer is Slow and Not the Network

Compress files in Windows

As a Windows Network Administrator I always have to make space delete unneeded files, archive old files, compress files that we don’t need but we might need at some point.
I don’t use the same compression method every time, because the scenario is different. Here are a three compression methods for Windows.

Compress Files Using the NTFS Compression

Compress Contents to Save Disk Space

This method of compression only works on NTFS partitions. You don’t have the option for a FAT or FAT32 partition.
The most usual and easier way to do this is to use the Windows’ Graphical Interface and access the Advanced File Properties and select Compress contents to save disk space.

Compact – Compress files or folders from command line

If you would like to compress files from a batch file use this command line variant. Usually if you access the advanced file properties, (right-click => properties and => advanced) you have the option to compress contents to save space. Another good use of the command line is that it gives you a better view of the progress. The graphic interface sometimes hangs and you don’t know if the job is still active.

The command to compress a folder from within the folder is compact /c /s. It compresses all of the files within the folder and marks the folder as compressed so that new files are created compressed.

Why would you choose Compact and not Zipped Folder?

The main reason is that a compacted folder can be used by applications. In other words if the path of a log file points to a compacted folder this is transparent for the application that writes the log file. As a result your log files will be compacted. You cannot do this with Zipped folders or files.

Compress files using the Windows’ built-in zip archiving utility

Send to Compressed (Zipped) folder

Why would you choose Compressed (Zipped) Folder over the Compacted Folder?

The zipped Folder has better compression and better portability. The zipped folder has a slightly better compression rate, and you can copy the files to any other Operating System, send them by email and they will retain the compression. The compacted folders will only be compressed on the original location unless you compress the file again at the new destination. Note in the image below the difference between the two file compression formats. The Windows shell has the option to “show NTFS compressed files in color”, which is a great option. Note that the zipped file is slightly smaller than the compacted, (blue colored), one.

Compact (the native NTFS compression) vs Compress the send to Zipped Folder

Compact vs Compress click to enlarge

Is there a Compressed (zipped) Folder – command line variant?

Unfortunately, there isn’t any Windows built-in option. The good news though is that there is a free archiver that has a command line version as well. 7zip is a great free utility very flexible that manipulates all of the popular archiving file formats.

Compressing from the command line with 7zip is very simple, the simplest command is 7z a NewFolder.zip “New Folder” that compresses the folder New Folder into the archive: NewFolder.zip. For more options and switches type: 7z –h, note that 7z doesn’t understand the /? switch, usual on any Windows application.

Why would you choose 7Zip over the Windows’ built in compressing solutions?

The main reason is flexibility. 7zip has a lot of options/switches that control a lot of the compression aspects and it is very easy to use in a batch file.

An interesting application is to separately archive a lot of folders from a batch file. Let’s say you have 500 folders that you want to archive and you know you will be accessing those folders on a regular. It makes more sense to archive the folders separately and not in one big file. It is easier to access smaller zip files from the Windows shell and keeps the system responsive. To do this manually for 500 folders is a nightmare. Here is a command that runs from a batch file that will compress those folders separately, each folder one zip file:

for /D %%d in (*.*) do 7z a -tzip “%%d.zip” “.\%%d\*”

To run the command from the command line and not from a batch file the command is slightly different:

for /D %d in (*.*) do 7z a -tzip “%d.zip” “.\%d\*”

There are other great archiving utilities such as Winzip, Winrar, Pkzip, etc… They are not free, but you can get a trial-ware which in many cases is good enough for anybody.

A few tips on what to compress and what not.
Usually Installation files are already compressed so there is no benefit in compressing.
Digital photos in a jpg or gif format are already compressed using special algorithms.
PDF files don’t compress.
Text files, (plain text, log files, etc…) compress the best.
Word files can be compressed but not as much as the text files.

Troubleshoot a Slow Computer Network – Your Computer is Slow and Not the Network

Slow Data Transfer is not Always caused by the Network

Slow data transfers are sometimes caused by a slow computer. Determine if the computer is the reason by comparing the transfer speed with a different computer connected on the same switch port. If the speed is the same, the problem is your network. If you get faster data transfers with a different computer then the problem is the computer.

A computer could be slow because of various reasons:

A bad network card. Troubleshoot: Swap the network card and test the data transfers afterwards.
The computer is outdated and it runs software that needs more resources. Troubleshoot: change the computer.
Slow hard-drive. The hard-drive will always be the computer’s bottle neck. It is the slowest part of a desktop computer. Old hard-disks are very often seen in new computers. Hard-disk fragmentation is a frequent reason for slow computers. Troubleshoot: Defragment often your hard-drive and reserve a 25% free space on the drive.
The computer might be infected with a virus or a Trojan. Troubleshoot: scan the computer for viruses. On a Windows machine run the command “netstat -a -b” to see what ports are being used and which program is using them. Use a network sniffer and monitor the network activity on the specific computer.
The transfer is intermittently slow, check what background processes are using the CPU, Memory, and hard-drives. Windows Vista can sometimes be a resources hog by allocating too many resources for background processes such as indexing and running the antispyware. Antivirus or other antimalware can consume a lot of the computers’ resources. Troubleshoot: Change the schedule for maintenance tasks to a time when you are not using the computer. Check what other programs are running in the background and configure accordingly. Some antivirus programs enable scanning the network drives by default.
A slow network printer. A slow network printer can be caused by the power save feature. If you use the printer very often you might consider turning off the power save.
A slow Network Attached Storage device. A slow NAS could be caused by improper SAMBA configuration or a disk power save feature. The power save feature is fairly easy to fix, just disable it if you find that you are using the drive very often. The SAMBA tune up is more difficult and usually it is complicated to have terminal access to the device itself. Many manufacturers do not allow direct access to the OS. SAMBA is a free implementation of Microsoft’s SMB protocol. SAMBA, SMB and CIFS offer file and print sharing services for Windows and Linux/Unix machines

This article is part of a five posts series regarding Network Troubleshooting.

Troubleshoot a Slow Computer Network – Only One Computer on the Network is Slow

Only One Computer on the Network is Slow

Client Computer Network Mask Wrongly Configured
Your network is a class C network, (net-mask 255.255.255.0), and your client computer has its IP address configuration on a class B network, (255.255.0.0). Change the network mask of the client to match the network configuration.

Poor network cards
Bad network cards or bad drivers are very often the reason for poor transfer rates. Test the transfer rate with a different network card.
An outdated computer can also slow down your network transfer.

Bad Network Configuration
DNS Configuration
can be the cause a of slow network connections.
Wrong DNS address in the IP configuration can slow your network dramatically. Your DNS client will try to connect to an inexistent or not working DNS server then give up and try your secondary DNS server. This translates in slowdowns and sometimes even DNS resolution errors.
Fix: Ping the DNS address or, even better, use nslookup and connect to both of your DNS servers to check if they work.

The TCP/IP protocol stack corrupted.

Sometimes no matter what you do you can’t fix the network and this is because the TCP/IP becomes corrupted. The only thing that fixes it is a reset. On older Operating Systems, such as Windows 98 and Windows NT, the fix was to uninstall and reinstall the whole TCP/IP suite of protocols.
Fix: issue the following command to reset it: netsh int ip reset c:\resetlog.txt.

More Than One Default Route
Advanced Lan SettingsA very common mistake is to assign more than on default route to the same computer. Do not confuse load balancing with multiple Default Gateways. You are configuring two network cards, and both of them have a default gateway. This configuration will not work. Usually, a Windows computer will warn you that this is not a good idea, but some users will choose to ignore the warning.
This is a typical problem for laptop users, they connect into the Lan environment and leave the wireless connection on. This will create a lot of problems for corporate users and even for home users.
In order for this type of configuration to work, special routing rules and IP configuration is needed. it is easier to turn the wireless of or have an adapter manager that will automatically do that for you based on your rules.
Advanced Tcp/IP Settings
On a Windows XP there is a way to assign priorities to network cards using a graphic interface. from the Network Connections applet in the Control Panel, click on the Advanced menu and choose Advanced Settings.
On the Advanced Settings window arrange the network cards according to the correct priority.
Another way to achieve this is to change the gateway’s metric for each of the network adapters on the computer. To do this, open the TCP/IP properties on each of the network addapters with a default gateway configured, and click on the Advanced button. On the Advanced TCP/IP Settings window, uncheck the Automatic Metric for the Default Gateway, and enter a value according to your network topology. The lower the metric, the higher the preference for a default route.

This article is part of a five posts series regarding Network Troubleshooting.

Troubleshoot a Slow Network – Slow Server

Slow Server

How do we know the server is slow and the problem is not elsewhere?
Make a file transfer between any two other computers on the network. Compare the measurements with the server’s transfer rates.
What are the reasons for a slow server?
There are many reasons for a slow server. The server is many times the bottle-neck of a network. Here are a few reasons for a slow server:
An average, or below average network card, (you need good quality network cards for a server).
Server Network Card Underutilized. Connect your server on the backbone or on 1GB switch ports to make use of the high speed network card. You probably want to limit all your clients to transfer at 100Mb so that there is no traffic discrimination. If your server and switches support higher transfer rates, (10GB ports), make sure you make use of it.
Slow disks. Poor hardware is many times the main reason. Improper configuration, such as choosing the wrong RAID type, or not using write caching can be another reason.
Too many clients on a server. If too many clients make requests to the same single server this could overload the server and it will perceived as a slow network by the users. Measure your server’s performance on load using the performance logs and alerts and the system monitor in Windows. Usually the performance is changing over the course of a day based on the number of users who access the server at the same time. Sometimes adding another network card would be sufficient. Enabling cache writing on the SCSI card can help a lot, (make sure you install a cache battery), adding a new SCSI card and additional disks to offload the existing ones could be of help. Sometimes adding another CPU can make a difference, (if you have free CPU slots). Memory is very often the most used method of upgrading, but most of the times it is not the needed solution. Use the performance logs and alerts and the system monitor and compare with the recommended thresholds to determine what your bottleneck is.
Slow server response, (packet sniffer to determine the handshake time), Adjust the server’s configuration to optimize the handshaking time; (this is a fairly advanced optimization task).

This article is part of a five posts series regarding Network Troubleshooting.