1. In the device Options, click Security.
   If you are using BlackBerry Device Software 4.1, click Security Options > General Security.
2. Click the trackwheel and select Wipe Handheld.
3. Click Continue.
4. Type “blackberry”. All the data on the BlackBerry device is erased.

On some new versions of BlackBerry software, the menu navigation is slightly different.

1. Go to Options.
2. Select Security Options.
3. Select General Settings.
4. Click the Menu key.
5. Select Wipe Handheld.
6. Click Continue.
7. Type “blackberry”. All the data on the BlackBerry device is erased.

Once it is wiped, hard-reset the handheld and perform BlackBerry Wireless Activation again.

Issue

Resolution

1. Make a complete list of all servers that have SafeWord components installed. This includes Servers, Agents, and SDK applications. Components include:

- SafeWord Core Servers (Database, Admin, Authentication Engine / AAA)
- Web Servers (Web Logon Server (WLS), Enrollment Server (ES))
- User Center
- SafeWord Administration Console
- Citrix Web Interface Agent
- RADIUS (IAS Agent, RADIUS, Ascend RADIUS, RADIUS Accounting)
- Outlook Web Access Agent (OWA), Universal Web Agent (UWA)
- Domain Logon Agent (DLA)

2. Stop all SafeWord server services (Admin, Authentication Engine / AAA Server, Web, RADIUS).

3. Stop all services that are using SafeWord Agents (e.g., IIS and IAS).

4. Remove any swec.md5 or swec.dat files (first stop any RADIUS services if they are running or exist, then delete the swec.md5 file/s. Then restart any RADIUS services) on all servers containing SafeWord components. Their location can vary, so search the entire computer. These swec files are often recreated when the service is stopped, so it’s imperative that you stop the service before doing the search.

5. Remove all of the following pem files on all SafeWord servers and Admin Console computers.

…\SERVERS\AdminServer\certificates\cacert.pem
…\SERVERS\AdminServer\certificates\cakey.pem
…\SERVERS\AdminServer\certificates\SccAdminServer.pem
…\SERVERS\AAAServer\certificates\SccAAAServer.pem
…\AdminConsole\certificates\PremierAccess_Administrator_Console.pem

6. Delete all client entries from the Admin Server’s clients.ini file. The clients.ini file is extensively documented if you require more information.

…\SERVERS\AdminServer\certificates\clients.ini

Do NOT delete these two lines. Increase the value of AcceptNewCertificates if necessary.

$AcceptNewCertificates=50 $AcceptNewCertificatesDefaultPolicy=always

7. Delete all server entries from the Admin Server’s and Admin Console’s servers.ini file. The servers.ini file is extensively documented if you require more information.

…\SERVERS\AdminServer\certificates\servers.ini
…\AdminConsole\certificates\servers.ini

Do NOT delete this line.

$AcceptNewCertsDefaultPolicy=never

8. Start services in this order.

a. SafeWord Database Server services
b. Admin Sever services
c. SafeWord Authentication Engine (AAA Server) services
d. All remaining services

Source : http://theether.net/kb/100168

Attempts by standard users to write to “C:\Program Files\Foo Inc\Foo” do not fail with “access denied” (as they would have on version of Windows prior to Vista), but instead the disk write is redirected to the user’s own profiles (under “%userprofile%\AppData\Local\VirtualStore\Program Files”).

So far, so good – the application is happy as it believes it is able to write to a system protected area of the volume even when running without admin rights.

But imagine that FOO has an “automatic updater” or a “launcher” stub process whose job it is to check the current version of the application and download an update package & apply it…

The write operation is virtualized into the user’s profile, so the new patch will download okay – but when it comes to apply it this is also virtualized and the file it is updating or replacing is not in VirtualStore… so it fails.

Re-run the launcher and it will either start over with the download of the update, or try again to apply it and fail once more.

There are now plenty of apps (and games) that will run okay without admin privileges, but they have problems patching because of UAC virtualization unless the launcher was started elevated (or by the Administrator, who is the only user exempt from UAC as per my previous blog entry).

So how to leave UAC enabled and be able to use and update this program as a standard user?

First, we need to verify that the application is not being virtualized – when it is running you can check in Task Manager and right-click the process name – in the context menu if there is a check against “UAC Virtualization” then we need to create a manifest so the OS thinks it is “UAC aware”.

If the executable is named FOO.EXE, the manifest in the same folder needs to be FOO.EXE.MANIFEST, and it is just a human-readable XML file.

(Bear in mind if there is a stub launcher it may be necessary to create a similar manifest for the main executable too.)

Based on the example on MSDN, the contents of the manifest file would be something like this:

If using Notepad to create the file, make sure to save the file in quotation marks to avoid .txt being appended to the name.

Now, launching FOO.EXE should not trigger an OTS prompt and UAC virtualization should be disabled – note that if the application is trying to write to its folder then it will now have errors as it is behaving as Windows XP would.

(We could disable just the OTS prompt but leave the application UAC virtualized by using the Application Compatibility Toolkit to create a shim to set requestedPrivileges=asInvoker and import it with sdbinst.exe, but this blog is about working around an application’s design flaw to disable UAC virtualization.)

So the next thing we need to do is to grant the required permissions on the folder we’re trying to write to.

In this case the easiest thing is probably to take “C:\Program Files\Foo Inc\Foo” and set:
- the owner to the group “Users”
- permissions for group “Users” to Full Access

This will let anyone authenticated as a member of the Users group able to create and delete files in this folder – but you should also check the permissions on the files & folders that are already there to ensure that Users have Full Access on those too, or editing/deleting existing files may fail.

A quick way to check the owner of a folder or file is to use the /Q switch for DIR at a command prompt:

Here you can see I’ve set ownership of the folder itself (“.” is the current folder) to “Users”, but it has not changed the owner of the items in the folder.

(You can also add the “Owner” column when browsing the folder in Explorer, but you won’t see “.” or “..” in this case.)

ICACLS can be used for viewing and editing permissions at an elevated command prompt:

We can then change the owner of the files, if we work with just foo.exe as a simple example:

As CREATOR OWNER (a member of Users) we now have permission to change the permissions even without the process being elevated:

Finally, we can verify that our discretionary ACE is there (note the lack of “(I)” indicating inheritance):

This sounds like a lot of work, but remember we are fixing a compatibility issues for an application that somebody else designed, and if it’s done correctly (and there are no other quirks of the application) it shouldn’t need doing again.

An alternative that at least one vendor did to get round this for non-technical users was to move the installation folder for the app (actually a game) into the %PUBLIC% folder (the “public” or “all users” profile) which is not UAC virtualized, and grant permissions for anyone to write there.

NOTES:
1. If an application wants to write to the %SYSTEMROOT% folder, I would never recommend taking ownership or trying this method – the vendor should fix their application in this case.
2. Similarly, I would never advocate taking ownership of the %PROGRAMFILES% folder itself as this reduces security.

Source : http://blogs.technet.com

1) Install the MPIO feature
2) Click MPIO in Administration Tools
3) In the Discover multi-path tab, click add support for iSCSI devices (you must connect to the iSCSI device before otherwise this will be grayed)
4) You will be asked to restart Windows. You will see a new device hardware ID (MSFT2005iSCSIBusType_0x9) in the MPIO Devices tab.

1) Once restarted open the iSCSI initiator again
2) Select the target in the Targets tab, click properties
3) Click Add session and add the target-initiator pair in the remaining iSCSI network
4) Click Devices, you will see only one device (not two) if MPIO is configured properly
5) Click MPIO, you will see the load balancing policy and the two connections to the iSCSI device
6) In Disk Management (or Storage Manager for SANs (SMfS), if Storage Server hardware providers are installed), configure the newly added disks as appropriate

To verify:

1) You will see network traffic in both iSCSI adapters when formatting and copying files
2) Copy a large file. Disconnect one of the iSCSI connections and see the traffic failover to another path. Repeat the other way.
3) In the Device by connection view of Device Manager, you will see “MSFT Virtual HD Multi-Path Disk Device” under the Microsoft Multi-Path Bus Driver
4) In MPIO the Configuration Shapshot tab, generate a configuration log file.

vijayp@ike:~$ xrandr --output HDMI1 --primary

In case you don’t know what your display is called, just run “xrandr” on its own. This is what my laptop says:

vijayp@ike:~$ xrandr
Screen 0: minimum 320 x 200, current 2880 x 1200, maximum 8192 x 8192
VGA1 disconnected (normal left inverted right x axis y axis)
LVDS1 connected 1280x800+0+0 (normal left inverted right x axis y axis) 261mm x 163mm
   1280x800       60.0*+
   1024x768       60.0
   800x600        60.3     56.2
   640x480        59.9
HDMI1 connected 1600x1200+1280+0 (normal left inverted right x axis y axis) 367mm x 275mm
   1600x1200      60.0*+
   1280x1024      75.0     60.0
   1152x864       75.0
   1024x768       75.1     60.0
   800x600        75.0     60.3
   640x480        75.0     60.0
   720x400        70.1
DP1 disconnected (normal left inverted right x axis y axis)

WARNING: Ensure you have a backup of any important data before you start in case something goes wrong. Carrying out these instructions is at your own risk.

Running out of space is really the only annoyance I have come across since owning an android phone. Every now and again the low space icon comes up and you have to try and free up some space.

Since Froyo you’ve been able to move certain apps to SD card, but it’s only if the developer allows it. If you’re an android developer and you want to know how to do it, see this post: Enabling the Android Move To SD Card Feature

So if you’re stuck with a bunch of apps you can’t move by default because “Move to SD Card” is greyed out in “Settings -> Applications -> Manage Applications -> Appname” then you might be thinking it’s not possible. However, it is possible to change the default install location to SD card via adb.

Introducing the Android Debug Bridge

Adb is the Android Debug Bridge which comes as part of the SDK. If you don’t have the SDK the first thing you will need to do is install it (get it fromdeveloper.android.com). Once you have the SDK you can find the adb tool in /platform-tools/, though in my case I have it at /tools/.

After you’ve installed the SDK you’ll need to connect your phone to your computer using the USB data cable. You’ll also need to make sure that debugging is possible by visiting “Settings -> Applications -> Development” and checking “USB Debugging”.

Enabling moving of apps to SD card

To change the the install location we are going to run the pm command via the adb shell. Here’s the details of the pm command:

The setInstallLocation command changes the default install location
  0 [auto]: Let system decide the best location
  1 [internal]: Install on internal device storage
  2 [external]: Install on external media

To change the default install location to the SD card (which also enables moving most apps to the SD card.) run the following from the dir containing the adb command:

./adb shell pm setInstallLocation 2

If you at any point hit the following:

error: insufficient permissions for device

Try doing this:

./adb kill-server
sudo ./adb  start-server

You should now find you can run the above commands without error.

Insufficient Storage Available

The other error I had was that when I was trying to move any app after changing the default install location to the SD card was something along the lines of “Unable to move application. Insufficient Storage”.

The way I got around this was to uninstall twitter which was using about 17mb (it was the largest app). After that I re-installed it and it used far less space (naturally as the data would have been removed by the re-install process). After that I was able to successfully move most of my remaining apps (twitter included) to my SD card.

Re-setting the installation location back to auto

I’d strongly recommend re-setting the default installation location when you are done moving apps. The reason for this is that apps will fail to be installed directly to the external location, at least this is what I experienced when trying to re-install the twitter app.

To reset the install location to automatic (let the system decide) use the following:

./adb shell pm setInstallLocation 0

Should you forget where it was left at you can always run:

./adb shell pm getInstallLocation

e.g:

$ ./adb shell pm getInstallLocation
0[auto]

Source : Muffinresearch

I’m not immediately sure how the Catalyst Control Center differs between Windows 7 and Windows XP, but I was able to find the Overscan/Underscan options a bit easier in XP.

To access the Overscan option of your current display do the following:

• Right click on the Desktop and open CCC
• If your not already in Advanced Mode, Switch to this.
• Click dropdown menu Graphics in the top right
• Select Desktops and Displays
• Right Click your currently activated display under ‘Please Select a Display’
• Select Configure
• Click on the Scaling Options tab

From this menu you’ll probably find more of your favorite CCC options that you’ve been missing. For reference these instructions come from a Windows 7 machine with a Sapphire ATi Radeon 4850 running Catalyst Control Center 9.9

W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4DEF31B9A9E345C0
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0F678A01569113AE
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7889D725DA6DEEAA
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FD58F8C9E8EF47D2
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AF5ED91C56978EF9
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 464AD83D4631BBEA
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6AF0E1940624A220
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5A9A06AEF9CB8DB0
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8CA7A6E8E4FA953A

Just run the following command :

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys KEYID

where KEYID is number shown in error msg

You can also import all the keys automatically. Tutorial here.

http://www.webupd8.org/2010/05/autom…l-missing.html

To get started with a basic signature, open the Exchange Management Console, and navigate to: ‘Organization Configuration’ >> ‘Hub Transport’, then select the ‘Transport Rules’ tab, finally click the ‘New Transport Rule’ link in the actions pane on the right. The Transport Rule wizard should then start, you’ll need to provide a name for your rule, and then select which user or group of users this rule should apply to. In your first instance, it’s probably a good idea just to apply it to yourself to test with, later you can apply the rule to other individuals, distribution groups  etc. Have a look through the options available to you in step 1, they are quite flexible with who the rules can be applied to. In step two of the transport rule wizard, you will need to chose the ‘append disclaimer text’ action, and then enter your text by clicking the appropriate hyperlink in the bottom pane of the wizard.

Before we move on to step 3 of the wizard, you should be aware that signatures and disclaimers can only be appended to the absolute end of emails. If you want to have a signature at the end of each reply, you will need to look into 3^rd party solutions. Due to this fact, I always add an exclusion rule, for any email with ‘FW:’ or ‘RE:’ in the subject, in order to prevent a build up of signatures right at the end of an email conversation, which could confuse people. Once you’ve added this exclusion rule, the wizard will confirm your choices, and then create the transport rule. At this stage, if you send an email that matches the criteria in step 1 of the wizard, you should see your signature applied.

Dynamic email signatures

The best aspect of adding signatures via Exchange transport rules is the fact that certain attributes from Active Directory can be dynamically inserted into the signatures – just insert the attribute name into the disclaimer text in the transport rule, with ‘%%’ on either side of the attribute name (e.g. %phoneNumber%). Unfortunately not all AD attributes will work, but there are a number of useful ones available, the full list is provided on Microsoft TechNet.

For our next signature, go back and edit the previous transport rule you created, and edit the disclaimer text to include some dynamic attributes. We will also need to add some very basic HTML to format the signature:

Now when a mail matching our criteria is processed by Exchange, it should have our name added in bold, along with our phone number. You could get more creative with the HTML in the signature, inserting company logos, or creating tables.

Text only email signatures

If you’re sending a text only email (Many mobile devices will send these out – including iPhones and Blackberries), Exchange will have to convert your signature to a text only format. It’s always a good idea to check what the converted version looks like – especially if you’ve used a lot of HTML.

It’s also worth noting that a bug in pre SP1 meant that when Exchange converted HTML messages to text only, the signature ended up with <html> and <body> tags at the start of it. This issue was fixed in Exchange SP1.

Chaining email signatures

Finally, as you build your signature system up for your organization – it may help to be aware that you can create multiple transport rules that build up your signature and disclaimer in chunks. For example, one rule could include generic name and contact details, followed by another section with a departmental marketing line, followed by a global disclaimer message. By setting the priority of each transport rule, you can ensure that they will be joined together in the correct order.