Pizza Hotel Flyers

I know this is a little off topic but it is work related, interesting, and good to know.

We’ve all seen those pizza flyers that are slid under your door when you’re staying at a hotel right?  I’ve been staying at a hotel in San Antonio for the past two weeks and I’ve seen my share of them.  When I woke up this morning, I saw two in my room.  Each one was from a different place.  Ordering from these places can be risky.  The stories are true of some being a front to steal your credit card info but most commonly, it is poor quality pizza made in someone’s garage or by some fly by night business.  Some places are honest but after researching this more I’ll never order from these places.  I wanted to let others know how unethical these "businesses" are.

The first one was from Pizza Sub Shop (original name right?) and the address listed on the flyer was 234 Broadway.  When I Binged that name the address that came back is 240 Broadway.  That’s a red flag when the address on your flyer doesn’t match web results.  The other flyer was from Pizza Express (another stand out name) and they don’t even list an address on their flyer.  Both places have two phone numbers listed on their flyers.  That’s also strange because most businesses have a single phone number unless you’re using cell phones/pre-paid cell phones or are so cheap you just pay for two phone lines with no type of phone system in place.  Another red flag.

Knowing that more than likely these are not honest businesses or even a scam I decided to talk to the hotel staff to learn more.  The gentleman from the hotel I spoke with said those people are not allowed to come on the hotel’s property to distribute flyers.  If they do, they could be charged with trespassing but that doesn’t stop them.  I also asked why on both flyers it says "Cell phone required for delivery orders" or "Trouble getting thru! Please use your cell phone".  The hotel gentleman said since they don’t follow the hotel’s rules the hotel blocks their phone numbers to stop guests from calling and to discourage them from trespassing to distribute their flyers.  NOW THAT MAKES SENSE.  That’s why it says on the flyers to dial from your cell phone.  Because of their repeated unethical behavior the hotels have blacklisted their phone numbers from their system but these "businesses" continue to do what they do.

My advice is if a business is trespassing and circumventing what the hotel has in place to discourage these unethical practices I wonder how honest they are with your credit card information and order.  Something to think about the next time you see a pizza flyer under your door.

WOW, I just saw on the back of one flyer it says "Now hiring delivery drivers & couponers".  You too can possibly be charged with criminal trespassing.  Nice.

Microsoft Security Essentials Beta

Microsoft Forefront Endpoint Protection 2010 Beta was released recently along with Microsoft Security Essentials Beta.  I plan on working with FEP (that’s what I’m calling it) soon but until then I wanted to get my hands dirty with MSE on my personal netbook.  I’ll be installing MSE Beta today and showing you how simple and smoothly it’s going to go. 

MSE comes in two packages.  A 32-bit package and a you guessed it 64-bit package.  I’ll be installing the 32-bit package on my netbook replacing my current and reliable Microsoft Security Essentials.

The first thing you’ll get when starting the installer is the User Account Control box.  Yay for UAC (no screenshot)!

After UAC you’ll get the typical Welcome Screen.  What I like here is you get the option to upgrade, not uninstall your old product and install a new product.  Simple but it saves time.  Some beta products require you to uninstall your old products but not this one.


Of course I reviewed every word of the License Agreement and clicked I accept.


I would recommend joining the Customer Experience Improvement Program.  The more users that join means the more Microsoft will learn about what is really going on out in the wild.  With that information they’ll be able to improve their products and services.


I like how I’m given a choice to use the Windows Firewall or not if I have another product.


Hey look, it’s upgrading.


Toward the end of the install Security Center barked a few times but it’s doing it’s job.  There will be short points in time where no anti-virus is installed, MSE is off, Windows will see that Windows Defender is off with nothing to replace it, and MSE is out of date.  This is all normal so don’t be alarmed.






It took about 2 minutes to upgrade my netbook.  For testing I’m not going to restart just yet.  I was curious to see if MSE was running even though there wasn’t a MSE icon in the systray.  The first thing I checked was the service and yup, it’s running.


To see if MSE was actually working I downloaded the EICAR test virus and although I received no prompts from MSE it did remove the EICAR test virus.  I’m going to restart like it wants but before I had a chance to do that Windows is brought up the Windows Update window wanting me to restart.  I’m going to restart this time and continue.  


Restarting . . . . . . . . . . . . . . . . .

MSE Beta has the same “tent” icon in the systray


In my next blog I’ll cover the actual application.  Stay tuned.

. Log on to a local computer .

Most of the time you log on to a domain that a workstation is joined to.  Sometimes you want to log on locally to the workstation using a local account.  At the log on screen there’s a link that says:

"How do I log on to another domain?"


The link says:

"To log on to another domain, type domain namedomain user name.

To log on to your computer (not a domain), type ADAM-PClocal user name."


ADAM-PC is used in this example and it’s pretty simple to remember but most of the time it’s some complex computer name.  I think I have ADD so I won’t be able to remember a computer name that is too difficult and I find it a waste of time to write down the computer name on paper just to type it back in.  Here’s an easier way:


Yup you saw it.

If you put that in the username field before your local username it will log you on to the local workstation.  Notice in the example below how it’s logging me on to the local workstations?  Pretty cool ‘eh?


Remote Desktop options now that Live Mesh is going away

I use Live Mesh on all of my workstations so that I can easily connect to them via it’s Remote Desktop utility.  It’s really handy when I’m at a client, traveling, or on vacation.  According to the Live Mesh website it says “Live Mesh will soon be replaced by the new Windows Live Sync”.  I researched Windows Live Sync and could not find a replacement to live Mesh’s Remote Desktop until I saw Sync in Windows Live Sync Beta!  Now I’m happy.  Windows Live Sync Beta is installed and I’m about ready to set it all back up.

Windows 2008 Secure Socket Tunneling Protocol (SSTP) is great

One of the problems that Catapult Consultants has at times is the restrictions of outbound traffic while at a client site.  Most clients allow all outbound traffic from their locations but there are a few clients that only allow certain outbound traffic.  This has caused problems in the past with some application that use ports other than port 80 and port 443 including VPN. One of the most used VPN protocols is Point-to-Point Tunneling Protocol (PPTP).  PPTP has been in Microsoft Windows since Windows 95 and continues to be part of Windows even in Windows Server 2008 and Windows 7.  It’s fast, it works, and there is no additional software to install. The only problem is if you’re somewhere that doesn’t allow it then Catapult Consultants can’t connect to their office via VPN.  With the introduction of Secure Socket Tunneling Protocol (SSTP) in Windows Server 2008 it was viewed as another way to have Catapult Consultants connect to the Catapult network securely without asking a client to modify their firewall rules. Since SSTP is so new for the Microsoft Operating System it’s only available in Microsoft Vista SP1+, Microsoft Windows 2008, and Microsoft Windows 7. SSTP uses port 443 with SSL and almost everyplace allows outbound traffic through port 443. It also uses certificates. These certificates can be either private corporate ones issued by an internal CA or public certificates. What’s also great is when a Catapult Consultant tries to connect to Catapult via VPN it will try to use PPTP first. If it can’t connect for some reason it will try L2TP/IPsec next. If it can’t connect that way then it will try SSTP and hopefully it will connect since SSTP is designed to work everywhere. Looking at the Microsoft TechNet Routing and Remote Access Blog ( ) it appears PPTP puts less of a load on the processor of the VPN server and VPN client. I would imagine why that’s why it tries PPTP first.

What’s great is end users don’t have to do a thing differently or change anything! Everything is setup on the server and public DNS so there is nothing to configure on the clients unless they changed the default settings. Hopefully not.

Now let’s talk about the technical highlights and problems I experienced while implementing SSTP.

If you’ve setup a Microsoft Routing and Remote Access Server using 2 NICs then you really don’t have to do much more to get SSTP to work. I found an article on the Internet ( ) on how to setup SSTP VPN on a server with a single NIC but I’m not fond of setting up VPN on a server with a single NIC. I like using two NICs. The two articles below were very useful for me. and .
I decided to setup a new server and test it so it wouldn’t disrupt the current VPN users. My plan was when it was setup, tested, and working just to change the public DNS records and firewall rule. When implementing SSTP for Catapult I had to change the certificates a few times for a few reasons. You should have the certificates installed BEFORE you install RRAS so they will bind the right way but if for some reason you have to change the certificates two articles are very important on how to rebind and what you need to change in the registry. One problem I experienced was I was connecting via SSTP then within 1 second my VPN connection would disconnect. It was bound the right way but my registry settings didn’t reflect the proper SHA hash. Once I change it I was able to stay connected. It drove me crazy because I really don’t get an error message or anything.

Just remember to review the articles for changes. Also make sure you restart RRAS for all changes to take effect. No need to reboot but just restart the service.

One more thing. It appears wildcard certificates work. We couldn’t find anything on the net if they would or not but it LOOKS like they do.

Event ID 73 and Event ID 101 in Event Viewer when migrating from Rights Management Services ( RMS ) to Active Directory Rights Management Services ( AD RMS )

I was tasked with migrating Rights Management Services ( RMS ) to Active Directory Rights Management Services ( AD RMS ) for a client. The old RMS server was Windows 2003 with RMS installed and in production. That same server also hosted the RMS database. The new AD RMS server was of course Windows 2008 that would host the new database. The first thing I wanted to do was to move the SQL database from the old server to the new server, test, and let the dust settle. I followed Microsoft’s TechNet article with no problems.

I then followed Microsoft’s TechNet article to migrate. Everything looked fine until users tried to open protected emails and documents. They would get the error “You do not have credentials that allow you to open this document. You can request updated permission from SAMPLEUSER@DOMAIN.COM. Do you want to request updated permission?

AD RMS was reading the database but not writing to it for some reason. It turned out some fields in the DRMS_ClusterPolicies table PolicyData column were pointing to the name of the old RMS server. I simply went into the table and replaced the old server name with the new server name.

After that everything started working!

Great Windows 7 feature – Set Different Default Printers for Different Locations

I’ve been using Windows 7 for a few weeks now and I love it, NO, I REALLY MEAN IT WHEN I SAY I LOVE IT!!!

The last time I printed something was at the Catapult Austin office a few days ago.  I set my default printer to the one in my office while I was there.  Today I’m at a client’s site and needed to print something.  When I tried to print a document the default printer automatically changed to a printer at my client’s site.  I researched it and there is a neat new Windows 7 feature.  You can set your default printer based on your location!!!  How cool is that?

If you use your system in multiple locations (for example, using your laptop at work and at home) you can set a different default printer for each location. You can default to the networked color laser printer when you’re in the New York office, the scanner/copier/laser printer when you’re in the Seattle office, and your personal printer when at home.

Simply click on the Start Menu and type “printers” in the search field, and choose “Devices and Printers.” Click on one of your printers, and click on the “Manage Default Printers” option in the menu bar. You can then specify which printer should be the default for each network you’ve connected to. And you can select the Microsoft XPS Document Writer for locations where you don’t have access to a printer.

Tip by Jason Leznek, a Group Product Manager at Microsoft.