## IP Camera Alternatives to Dahua, Hikvision, or Huawei?

Starting August 13th, 2019 the National Defense Authorization Act banned the US government from procuring cameras from Dahua, Hikvision, and Huawei.

The upside of this attention is it brought light to the fact that many security camera brands had popped up over the years with variable quality with poor to no ongoing firmware updates for discovered security issues. Mostly as a consumer it made searching for “network cameras” in Amazon or Newegg a terrible process as it was difficult to filter out quality brands from dead-end and potentially security-compromised ones. That many of these cameras were just re-labeled cameras produced by Dahua or Hikvision using SoCs by Huawei is a different matter.

However, if you’re looking for cameras not associated with Dahua, Hikvision, or Huawei, try the manufacturers/brands below. I learned about these researching into the brands I currently use like Hikvision, Reolink, TRENDnet, etc..

 Brand Amazon Search Made By or SoC Made By NDAA Compliant? Country of Origin American Dynamics Amazon Made by Tyco Security Products now Johnson Controls Yes (some cameras) Ireland Arecont Vision Amazon OEM Yes USA Avigilon Amazon Made by Motorola Yes Canada Axis Communications Amazon Soc is Axis-developed ARTPEC Yes (though SMB cameras use Huawei HiSilicon) Sweden Hanwha (i.e. Samsung WiseNet) Amazon SoC is Hanwha-developed Wisenet chips, e.g. Wisenet 5 Yes South Korea Honeywell (not Performance Series) Amazon Made by Vivotek Yes Taiwain country of origin Illustra Amazon Made By Tyco Security Products now Johnson Controls Yes (some cameras) Ireland Pelco Amazon ? Yes USA Ubiquiti Amazon Soc is Ambarella, USA Yes USA Vivotek Amazon SoC made by VATICS, spun out of Vivotek in 2007 Yes (some cameras) Taiwan

If you’re looking for a larger list of cameras and brands including those made by or with parts from Dahua, Hikvision, or Huawei, see this Google Sheets workbook here.

Categories: Uncategorized

## Hass.io Resinos Root SSH logon with Putty

If you’re running your Home Assistant installation using Hass.io, SSH interaction with Home Assistant is usually through port 22. This connects to the Docker guest image running Home Assistant within the HassOS/ResinOS hypervisor.

Interaction with the physical host (e.g. your Raspberry Pi) requires connecting to SSH port 22222 which is configured by default to only accept SSH connections with a public/private key pair. Official instructions for setting up this connection can be found here. For additional settings confirmation, continue reading.

1. Retrieve your Home Assistant’s SD card and mount it locally. Most partitions won’t be natively readable in Windows which is fine as you will only need to write to the SD card’s “boot” partition (the only one that should be readable in Windows). Assuming this is mounted as the “G:\” drive.
2. Generate a new public/private key pair with Putty Key Generator, puttygen.exe
1. Launch puttygen
2. Default parameters of “RSA” and key size of “2048” will work.
3. Enter in a key passphrase to be used whenever the private key is unlocked.
4. Click “Generate” and follow on-screen instructions to generate randomness until the key generation process is completed.
5. Click “Save private key” and save it in a location accessible wherever you will want to SSH from.
6. You can also click “save public key” to save that file in the same location as your private key, though you will not use it in that format.
7. Copy and paste the “OpenSSH authorized_keys file” section circled above into a new text file at path “G:\authorized_keys”
1. Make sure there is no “.txt” included in the file name.
2. The contents of the file should be one line and look like this:
3. ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAivEKRSB7gTs8DoY36n4tK+vUvwNHzUkZthTawQH/LRfkn/g+0LfSQilrTm1fKaW4Te0mbtF01L0LYZO5kdkaI/BaBTHWvTmO049OWYAbVSROAXgdtm/UrlcWm2Z3f1vIfPVRxHrAL2Qw3RJ/e0fUIqzgwKrEG0HWGgWbRZZhbiPEGPkvx5F78jIEAE4ZkIfOFEYGRgOdG5om3HdfBY6pytEcLgJW2hFTgrWJ+YnAal/OGhVCZlqmxX8kBlsXKXGFVzkMMVX0/p68FP0L93c1bozIt0nBiWovasglIEn8h+O3Wz93Mnt8HhcWwj5NmhKoDX4AFyr53t7lIP9tV/FydQ== rsa-key-20180820
3. “Eject” the SD card, place it back into your Hass.io device, and boot it up again.
4. Launch Putty to configure your “Hass.io Host” profile
1. Session >
1. Host Name (or IP address): {same that you use normally for Home Assistant}
2. Port: 22222
2. Connection >
1. Data >
2. SSH >
1. Private key file for authentication: {path to your private key above, e.g. “c:\users\foo\desktop\ssh_private”}
5. In Putty, go back to the Session category node and click “Save” on your profile.
1. Now click “Open”
2. You should see the following in Putty:
Authenticating with public key “rsa-key-20180819”
Passphrase for key “rsa-key-20180819”:
3. Enter your private key’s passphrase to continue.
6. At this point you are connected to your Hass.io’s Host environment. From here you can perform a different set of administrative tasks including:
1. Docker list images: docker ps
2. ResinOS logs: docker logs resin_supervisor
3. HassOS logs: docker logs hassos_supervisor
6. System log entries (e.g. after inserting a new USB device into your Raspberry Pi): dmesg

Troubleshooting the various errors you might see trying to connect from Putty:

1. Disconnected: No supported authentication methods available (server sent: publickey)
1. Solution1: You’re trying to use password authentication only. The Hass.io host is configured to only allow publickey authentication which requires saving your private key to the Hass.io’s boot partition in file “authorized_keys” and using the private key in your SSH client. Use instructions above or here to configure a key pair for use.
2. Solution2: Your Hass.io installation might still be using the ResinOS host environment and you crossed over in these instructions  which resulted in using username “root@hassio.local”.  Use “root” as your username instead.
3. Solution3: Your Hass.io installation is using HassOS and you’re trying to login with user “root”. Use “root@hassio.local” instead.
2. Unable to use key file “\\foo\bar\hassio_private_openssh.ppk” (OpenSSH SSH-2 private key (new format))
1. In PuttyGen you might have clicked Conversions > “Export OpenSSH key”, this is a different format. Use the key from Puttygen’s “Save private key” menu operation or button.

Categories: Uncategorized

## Restart Hyper-V Guests Automatically When iSCSI Volume Goes Offline

I have a couple of Hyper-V Server 2016 hosts with guest VHDX’s stored on some Synology-based iSCSI volumes. I like this setup as I don’t have to worry about maintaining reliable storage on the hosts as I’ve already invested in that with my Synology NAS and my iSCSI volumes are more than fast enough for my usage.

When I first got the guests running on the iSCSI volume I would have bi-monthly issues where the guests would go “Critical” and would refuse to boot unless I restarted the Hyper-V host. A little while later I realized my update installations and reboots of the NAS was taking the iSCSI volumes offline which Hyper-V didn’t handle well as it would get stuck “Reconnecting.” Additionally, having the iSCSI volume go out underneath running guests was a reliable way to have the guests BSOD.

Fixes for this were:

1) Reconfigure the iSCSI volumes to auto-reconnect once the Synology NAS had rebooted.

2) Use WMI event binding to handle the iScsiPrt System events for the volume going offline and then reconnecting successfully:

1. EventID=20, “Connection to the target was lost. The initiator will attempt to retry the connection.
2. EventId=34, “A connection to the target was lost, but Initiator successfully reconnected to the target. Dump data contains the target name.

Part 1 was mostly just reconfiguring the iSCSI connection again and ensuring that my iSCSI target was marked as a “favorite”. I still can’t explain why it would get stuck on “Reconnecting”. As of now, with all updates to Hyper-V 2016 and Synology installed, everything is working well.

Part 2 was trickier. I knew from looking at the Event Log that the two iScsiPrt events reliably occurred during the iSCSI outages. Searching around online turned up WMI eventing as a route to trigger an action after an event was logged and doing so with “permanent” events would mean they would survive host reboots. Here’s what I ended up with including my path names for reference:

c:\bin\iSCSI_Monitor.ps1

# See existing event filters, consumers, and bindings
# Get-WmiObject -Namespace root\Subscription -Class __EventFilter
# Get-WmiObject -Namespace root\Subscription -Class __EventConsumer
# Get-WmiObject -Namespace root\Subscription -Class __FilterToConsumerBinding

#
# Configure Down Events
#

$FilterNameDown = "iSCSI_TargetConnection_EventFilter_Down"$ExistingFilterDown = Get-WmiObject -Namespace root\Subscription -Class __EventFilter -Filter "name='$FilterNameDown'" if ($ExistingFilterDown -ne $null) {$ExistingFilterDown | Remove-WmiObject -Verbose
$ExistingFilterDown =$null
Write-Host "Deleted existing DOWN event filter."
}

$ConsumerNameDown = "iSCSI_TargetConnection_EventConsumer_Down"$ExistingCommandDown = Get-WmiObject -Namespace root\Subscription -Class CommandLineEventConsumer -Filter "name='$ConsumerNameDown'" if ($ExistingCommandDown -ne $null) {$ExistingCommandDown | Remove-WmiObject -Verbose
$ExistingCommandDown =$null
Write-Host "Deleted existing DOWN event command."
}

$ExistingBindingDown = Get-WMIObject -Namespace root\Subscription -Class __FilterToConsumerBinding -Filter "__Path LIKE '%$ConsumerNameDown%'"
if ($ExistingBindingDown -ne$null)
{
$ExistingBindingDown | Remove-WmiObject -Verbose$ExistingBindingDown = $null Write-Host "Deleted existing DOWN event binding." }$QueryDown = "SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA 'Win32_NTLogEvent' AND TargetInstance.LogFile='System' AND TargetInstance.SourceName='iScsiPrt' AND TargetInstance.EventCode=20"
$WMIEventFilterDown = Set-WmiInstance -Class __EventFilter -Namespace "root\Subscription" -Arguments @{Name=$FilterNameDown;EventNameSpace="root\cimv2";QueryLanguage="WQL";Query=$QueryDown} Write-Host "Created new DOWN event Filter. "$WMIEventFilterDown.Path

$CommandLineTemplateDown = "powershell.exe -command ". 'c:\bin\iSCSI_OnIscsiChange.ps1' 'Down' '%TargetInstance.Message%'""$ExecutablePath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$WMIEventConsumerDown = Set-WmiInstance -Class CommandLineEventConsumer -Namespace "root\subscription"  -Arguments @{Name=$ConsumerNameDown;CommandLineTemplate=$CommandLineTemplateDown;ExecutablePath=$ExecutablePath }
Write-Host "Created new DOWN event consumer."

$result = Set-WmiInstance -Class __FilterToConsumerBinding -Namespace "root\subscription" -Arguments @{Filter=$WMIEventFilterDown;Consumer=$WMIEventConsumerDown} Write-Host "Created new DOWN event binding." # # Configure Up Events #$FilterNameUp = "iSCSI_TargetConnection_EventFilter_Up"
$ExistingFilterUp = Get-WmiObject -Namespace root\Subscription -Class __EventFilter -Filter "name='$FilterNameUp'"
if ($ExistingFilterUp -ne$null)
{
$ExistingFilterUp | Remove-WmiObject -Verbose$ExistingFilterUp = $null Write-Host "Deleted existing UP event filter." }$ConsumeNameUp = "iSCSI_TargetConnection_EventConsumer_Up"
$ExistingCommandUp = Get-WmiObject -Namespace root\Subscription -Class CommandLineEventConsumer -Filter "name='$ConsumeNameUp'"
if ($ExistingCommandUp -ne$null)
{
$ExistingCommandUp | Remove-WmiObject -Verbose$ExistingCommandUp = $null Write-Host "Deleted existing UP event command." }$ExistingBindingUp = Get-WMIObject -Namespace root\Subscription -Class __FilterToConsumerBinding -Filter "__Path LIKE '%$ConsumeNameUp%'" if ($ExistingBindingUp -ne $null) {$ExistingBindingUp | Remove-WmiObject -Verbose
$ExistingBindingUp =$null
Write-Host "Deleted existing UP event binding."
}

$QueryUp = "SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA 'Win32_NTLogEvent' AND TargetInstance.LogFile='System' AND TargetInstance.SourceName='iScsiPrt' AND TargetInstance.EventCode=34"$WMIEventFilterUp = Set-WmiInstance -Class __EventFilter -Namespace "root\Subscription" -Arguments @{Name=$FilterNameUp;EventNameSpace="root\cimv2";QueryLanguage="WQL";Query=$QueryUp}
Write-Host "Created new UP event Filter. " $WMIEventFilterUp.Path #$CommandLineTemplateUp = 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File c:\bin\iSCSI_OnIscsiChange.ps1 -state Up -eventMessage %TargetInstance.Message%'
$CommandLineTemplateUp = "powershell.exe -command ". 'c:\bin\iSCSI_OnIscsiChange.ps1' 'Up' '%TargetInstance.Message%'""$ExecutablePath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$WMIEventConsumerUp = Set-WmiInstance -Class CommandLineEventConsumer -Namespace "root\subscription"  -Arguments @{Name=$ConsumeNameUp;CommandLineTemplate=$CommandLineTemplateUp;ExecutablePath=$ExecutablePath }
Write-Host "Created new UP event consumer."

$result = Set-WmiInstance -Class __FilterToConsumerBinding -Namespace "root\subscription" -Arguments @{Filter=$WMIEventFilterUp;Consumer=$WMIEventConsumerUp} Write-Host "Created new UP event binding." Write-Host Done. Pay attention to the namespaces used, you mostly want “root\Subscription” but the event filter’s EventNamespace must be “root\cimv2”. Then have this file sitting on disk being referenced by the WMI EventConsumer: c:\bin\iSCSI_OnIscsiChange.ps1 $state = $args[0]$eventMessage = $args[1] Function Write-Log { [CmdletBinding()] Param( [Parameter(Mandatory=$False)] [ValidateSet("INFO","WARN","ERROR","FATAL","DEBUG")] [String] $Level = "INFO", [Parameter(Mandatory=$True)] [string] $Message, [Parameter(Mandatory=$False)] [string] $logfile )$Stamp = (Get-Date).toString("yyyy/MM/dd HH:mm:ss")
$Line = "$Stamp $Level$Message"
If($Logfile) { Write-Output$Line
Add-Content $logfile -Value$Line
}
Else {
Write-Output $Line } }$Logfile = "C:\bin\iSCSI_EventLog.log"
Write-Log DEBUG "New iSCSI state: $state"$Logfile
Write-Log DEBUG "Event message: $eventMessage"$Logfile

if ($state -eq "Down") { Write-Log INFO "iSCSI reported 'connection to target was lost', turning virtual machines off!"$Logfile
Get-VM | where {$_.State -eq 'Running'} | Tee-Object -Append -FilePath$Logfile | Stop-VM -TurnOff -Force | Tee-Object -Append -FilePath $Logfile } else { Write-Log INFO "iSCSI reported Initiator reconnected to target, turning virtual machines back on"$Logfile
Get-VM | Tee-Object -Append -FilePath $Logfile | Start-VM | Tee-Object -Append -FilePath$Logfile
}

I couldn’t get named parameters working with my CommandLineEventConsumer, just positional hence “\$args” usage above.

## Setup

1. In PowerShell, run:
1. PS C:\> .\bin\iSCSI_Monitor.ps1

## Testing Options

Consider using “-WhatIf” parameters for Start-VM and Stop-VM in iSCSI_OnIscsiChange.ps1 unless you want to actually Stop/Start your VMs.

Confirm actions in log file “C:\bin\iSCSI_EventLog.log”.

Option A: Create fake events with “eventcreate”

1. CMD> eventcreate /T INFORMATION /L SYSTEM /ID 20 /SO Test /D Test
2. Note:
1. You will need to remove the “AND TargetInstance.SourceName=’iScsiPrt’” filter conditions as the events will show up as Source “Test”

Option B: Disable/Enable the Targets from within Synology’s “iSCSI Manager” app.

This is faster than actually rebooting your Synology NAS if you’re okay with taking your iSCSI Targets offline which means also actually turning off your guest VMs.

1. Launch “iSCSI Manager” in your Synology Dashboard
2. Select your Target you wish to test taking offline, click “Disable”, then click “Yes” to acknowledge the confirmation dialog.
3. Once you’ve confirmed in the log file the event was received then click “Enable” to turn the Target back on.  State should eventually go from “online” to “connected” once your Hyper-V host connects again.
Categories: Uncategorized

## Windows Server 2016 Hyper-V “password is not correct” to Synology share

I could not get Windows Server 2016 Hyper-V (10.0.14393) in a WORKGROUP to authenticate to Synology SMB share if the Synology unit (DSM 6.1.3-15152) is set to maximum SMB version 3.  I kept getting error: “System error 86 has occurred. The specified network password is not correct.” (86 == ERROR_INVALID_PASSWORD), on the Hyper-V system.  I retried typing the username and password, many times, all with the same error even though I knew the username and password were okay because I could use the same share from a Windows 7 and a Windows 10 machine. I never saw any errors in Synology’s log or in Windows event viewer about this.

I had to go back to SMB 2.0 on Synology– in DSM, Control panel > File Services > SMB > Advanced Settings > “Maximum SMB” set to SMB2.  Then Windows Server 2016 Hyper-V Core would connect to the Synology share.

Categories: Uncategorized

## “No valid certificates were found on this smart card”

At work we use smart cards for TFA and largely for accessing company resources remotely.  I’m currently using a Gemalto .NET smart card with an OMNIKEY Cardman 6121—a SIM-sized SC plugged into a USB dongle which is more convenient than the older full-sized SC and wired Omnikey 3021 used previously.

For years this setup has been fine.  Connect to work from home, when certificates expire renew them, and when the card runs out of space delete the expired certs.

However a few months ago I started seeing the following error instead of getting prompted for my PIN:

No valid certificates were found on this smart card. Please try another smart card or contact your administrator

The same smart card still worked on my laptop and on other PCs so it wasn’t a matter of a expired certs.  But complicating matters was that my home PC’s TPM, of which I had stored virtual smart cards, had those same certs expire roughly around the same time and the error “No valid certificates” can be interpreted as (I feel) “we found certs, but none of them are valid” so I spent some extra cycles making sure all my certificates were updated and valid instead of finding the real problem.  (And between then and now I also updated the same system to Windows 10 which would explain the difference in screenshots)

After putting the problem aside for a while, I eventually noticed my working laptop was using the Gemalto mini-driver version 8.4.5.0 and the system which didn’t work was using version 8.4.8.0.  I installed the Gemalto 8.4.5.0 version from the Windows Driver Catalog but whenever I selected the driver for the card it would update back to 8.4.8.0 and because I was busy with other things at the time I didn’t really press on it.

.NET Gemalto search on the Windows Driver Catalog (to install, download a cab locally, unpack it, and right-click the .inf and select “Install”)

However when I went to enumerate the certificates on the card via command certutil –scinfo > scinfo.txt instead of getting a PIN prompt the certificates I got this error instead:

The smart card cannot perform the requested operation or the operation requires a different smart card

and the scinfo.txt output file indicated failures reading the key container when the same operation succeeded on my laptop:

--------------===========================-------------- ================ Certificate 0 ================ --- Reader: OMNIKEY CardMan 6121 0 --- Card: Axalto Cryptoflex .NET Provider = Microsoft Base Smart Card Crypto Provider Key Container = (null) [Default Container] Cannot open the AT_SIGNATURE key for reader: OMNIKEY CardMan 6121 0 … 

Knowing the key container is read/written to by the mini-driver, failure to read then still hinted at some incompatibility with the particular Gemalto mini-driver version I had installed.

So I went back to Device Management (devmgmt.msc) and selected the Gemalto IDPrime .NET Smart Card node under the Smart cards node.  From there I selected “Update Driver…” > “Browse my computer for driver software” > “Let me pick from a list of device drivers on my computer” and chose the previously-installed 8.4.5.0 driver version:

Now when authenticating I can see the smart card LED blinking finally indicating activity and eventually the familiar PIN prompt:

Hooray, I can work from home again.

Categories: Uncategorized

## Contents of .pdf files not being indexed in Windows 8/8.1

August 10, 2014 1 comment

## Summary

I broke Windows Search indexing because I didn’t give the SYSTEM user full permission on the folders I wanted indexed.

## Background

We’ve been using a Fujitsu ScanSnap S1300i to scan all incoming paperwork (e.g. receipts, bills) since October 2012.  The ScanSnap includes ABBY FineReader OCR functionality (not ABBY FineReader itself but instead ScanSnap links to ABBY .dll’s to do the actual OCR task).  When the “Searchable PDF” option is used, ABBY OCR’s the .pdf and embeds the searchable text.

A collection of searchable-PDFs is only useful if something indexes them and you can search that index.  For most Windows users, the built-in Windows Search feature more than handles the task.

A few months ago I had profiled Windows boot performance to find out why initial-logon was slow only to find out Windows Search itself appeared to be aggressively reading the disk so I culled the list of indexed folders to lessen the load.  At the same time I rearranged folders to optimize disk usage and to simplify backups.  But around that time I noticed that searching on keywords that previously returned .pdf results now instead returned “No items match your search”.

If at this point I had tried searching for known PDFs in other locations (outside of my D:\Scans directory) I might have found out they were being returned.  However since the vast majority of all my PDFs are within D:\Scans I didn’t even bother checking.  Since other document types turned up in search results I assumed it was just a PDF-indexing problem.

1) Double-checked I hadn’t removed my scan folder from Indexing Options. I also tried removing and re-adding that folder.  I clicked the “delete and rebuild index” button between some changes thinking it’d make a difference.

2) Ran the Windows Search troubleshooter– Control Panel > search “windows search” and clicked “Troubleshooting: Find and fix problems with Windows Search”.  I checked the “Files don’t appear in search results” checkbox though I now suspect this is just a CEIP checkbox.  I always got “Issue not present” on each of the issues checked, including “Incorrect permissions on Windows Search directories”, ha!

3) Checked and changed the HKEY_CLASSES_ROOT\.pdf\PersistentHandler registry value per these steps from Adobe: http://helpx.adobe.com/acrobat/kb/pdf-search-breaks-110-install.html .  I spent a while on this step (and the next few) because I had installed the guilty version of Adobe Acrobat Reader before and I had even installed the Adobe PDF iFilter (v11.0.01) before I learned that Windows 8 includes PDF indexing out of the box. (It’s now uninstalled because the built-in Windows PDF indexing is just fine)

4) Reset Windows Search settings.  Setting REG_SZ value SetupCompletedSuccessfully to “0” at HKLM\SOFTWARE\Microsoft\Windows Search\ reset all “Index these locations” folders in Windows Search.  Re-adding the scan directory still didn’t help get those PDFs indexed.  While I was at it I configured Windows Search to index more aggressively since I was spending time waiting for index rebuilds.

5) Checked CLSIDs and .dll registration for .pdf indexing.  (or if “Filter Description” isn’t “Reader Search Handler” and you don’t have the Adobe PDF iFilter installed)

To do this:

a) Stop the Windows Search service.  Open services.msc, find “Windows Search” and right-click it to stop.

b) Default value at HKEY_CLASSES_ROOT\.pdf\PersistentHandler should be {1AA9BF05-9A97-48c1-BA28-D9DCE795E93C}

c) Default value at HKEY_CLASSES_ROOT\CLSID\{1AA9BF05-9A97-48c1-BA28-D9DCE795E93C}\PersistentAddinsRegistered\{89BCB740-6119-101A-BCB7-00DD010655AF} should be {6C337B26-3E38-4F98-813B-FBA18BAB64F5}

d) If you’re running Windows 8x:

• Default value at HKEY_CLASSES_ROOT\CLSID\{6C337B26-3E38-4F98-813B-FBA18BAB64F5}\InProcServer32 should be %systemroot%\system32\glcndFilter.dll
• In an administrative command prompt, run: regsvr32 %systemroot%\system32\glcndFilter.dll  and confirm you get “DllRegisterServer in C:\WINDOWS\system32\glcndFilter.dll succeeded.

d) If you’re running Windows 10:

• Default value at HKEY_CLASSES_ROOT\CLSID\{6C337B26-3E38-4F98-813B-FBA18BAB64F5}\InProcServer32 should be %systemroot%\system32\Windows.Data.Pdf.dll

f) Restart the Windows Search service

g) If you made any changes to the registry values, rebuild your search index

6) Checked the contents of the Windows Search ESE database (windows.edb) to verify if this is an issue with the indexer not seeing or erroring-out on indexing of the files in question or an issue of storing the indexed values into the database.  Windows.edb is a standard ESE/JET Blue database.

I also reset Windows Search again (see step #4 above) and only configured it to have Windows index a few small directories, including a sub-folder of my much larger D:\scans directory just to keep indexed values to a minimum.

Then you:

• Stop the Windows Search service (via services.msc)
• Copy file Windows.edb found at C:\ProgramData\Microsoft\Search\Data\Applications\Windows to another location.
• Download and run ESE Database View (note: this isn’t my file and I cannot 100% attest to its safety but at least you don’t need to elevate when running it).  Open the previously copied Windows.edb file.
• From the drop-down, choose “SystemIndex_PropertyStore” and do a CTRL-F search for files which should be indexed.  If they show up then the file has been indexed if not, then the file hasn’t been indexed.
• Note: if you get “0 record(s)” after selecting the “SystemIndex_PropertyStore” table, it’s possible your windows.edb file is too large or that table is too large.  My smaller windows.edb file is 232MB, but now that I’ve got Windows indexing a much larger set of files it’s now 2.4GB.  It’s possible ESEDatabaseView cannot open ESE databases over a certain size.  Still a handy utility to know about.

7) Lastly, since I didn’t see the PDF files I wanted indexed in the windows.edb database, I compared this workstation to a known-working one where PDF indexing worked.  I compared all the above HKLM\HKCR values between the two systems– no difference.  I then compared the file security permissions between two files—one file on the working system which turned up in search results and one on my busted system which didn’t.  At the same time I checked the permissions which the SearchIndexer.exe process runs

There’s the problem—SearchIndexer.exe runs as SYSTEM and I didn’t add SYSTEM to D:\Scans’s security permissions.

I quickly granted the SYSTEM user permissions on all directories I wanted indexed and then rebuilt the search database.  Very quickly thereafter I started getting the PDFs showing up in search results.

Add SYSTEM user either via the “Edit…” dialog in the folder Properties > Security tab, or run something like the following in an elevated command prompt:

icacls "D:\Scans" /grant SYSTEM:(OI)(CI)F

Additionally, in my forum-crawling for solutions, I saw that others had success with copying files into the directory again to get indexing to work.  I suspect this might work for them because Windows doesn’t use the source file’s ACL but instead rebuilds it based off the folder which might be accessible to the SearchIndexer.exe process.

Categories: Troubleshooting, Windows 8

## Enable touch on HP 2740p with Windows 8.1

After upgrading my HP 2740p from Windows 8 to Windows 8.1 I lost touch.  The Wacom pen input still worked.  I re-installed PenTablet_533-3.exe and Wacom Digitizer Driver 3.0.7.24 – sp52863.exe (in that order) but touch wasn’t restored.

It wasn’t until I opened Window’s Control Panel, searched for Touch, launch the Touch Settings app, and run through the 16-point calibration was touch restored.

Touch Settings v3.0.7-24

Touch Settings (WTouchCPL.exe) on my system is installed to C:\Program Files\WTouch

Categories: Uncategorized Tags: ,

## Quicken 2011 Not Opening Last Quicken Data File (QDF) Used

I recently installed Windows 8 RTM onto my laptop.  Quicken 2011 R8 successfully installed and I as able to open my most recent QDF file without any issues.  However, the next time I opened Quicken, and every time after that, it presented me with the “Select your existing data file to get started” default screen rather than re-opening the last open file:

I re-opened Quicken again but with ProcMon running.  I noticed that it was successfully reading my directory of Quicken save files but in the end it was failing to open my QDF file because it was using the wrong file name.  It had truncated it to a shorter 8.3 filename and since a file doesn’t exist by that name it fails to open it:

This was a regression in behavior from running Quicken 2011 R8 in Windows 7 SP1 where I was using the same file at the same directory without any issues.

To workaround this I renamed my original QDF file from “RyanR Quicken Data.QDF” to “RyanR.QDF” so the filename was 5 characters long– less than or equal to 8.   I then re-opened Quicken, chose the renamed file, and then exited Quicken.  The next time I launched Quicken it successfully opened the last open QDF file.

From this Intuit forum thread it seems that this is a known issue with Quicken.  I just don’t know why I never saw this problem until now.

Categories: Windows 8 Tags: ,

## Wacom Devices and Photoshop Pen Pressure

9/9/2014 update: Earlier this year Wacom released updated drivers for Windows for supported PEnabled devices (the HP 2740p included) at http://us.wacom.com/en/feeldriver/.  I’ve confirmed that in Windows 8.1 and after uninstalling (and rebooting) any existing Wacom pen driver packages (e.g. “Pen Tablet” listed n Add/Remove software) and then installing ISD_DualTouch_720-10.exe (“Enhanced Tablet Driver 7.2.0-10”) enables Photoshop pen pressure support or similar in any other application that relies on Wintab driver support.

Information below is about my HP 2740p (and possibly HP 2760p) tablet running x64 Windows 7.  Suggestions here may or may not help with your particular hardware/software configuration.

My HP 2740p tablet’s great and after the HP touchscreen firmware update (3043-35D_0C6C, 4012-FOA (14 Jul 2010) – sp49201)– to fix the issue with touch not working in certain situations usually after resuming from sleep– everything works reliably.

Pen pressure generally always works with Windows apps like the pen input dialog, OneNote, or Windows Journal.  But getting pen pressure to work in Photoshop was a pain.  It entirely depends on which Wacom packages are installed, which versions of them, and what Wacom device drivers are being used.  If you get the combination incorrect, you’ll see a yellow exclamation icon in Photoshop’s brush Shape Dynamics pane and no pen pressure functionality:

(“Control by pen pressure requires the use of a pressure sensitive tablet”)

Once you get compatible driver packages and versions installed, Photoshop is happy and the feature works:

Wacom Dependencies

Using Dependency Walker to profile Photoshop, I found that Photoshop loads and executes code within the following Wacom files found at c:\windows\syswow64\, Pen_Tablet.dll and Wintab32.dll. The versions I have installed, from the Wacom_PenTablet_521-6a.exe package listed below, are: 5.2.1-6 and 1.0.4-3 respectively.

I haven’t tried it, but if those files aren’t present and you have a compatible Wacom Device device driver installed, Photoshop could fail to let you use Pen Pressure functionality.  Check for those files in your Windows install and if not install the Wacom_PenTablet_521-6a package.

Wacom Packages to Install

Search online for this Photoshop Pen Pressure issue and you’ll get a variety of helpful suggestions and links to different Wacom packages.  I wish this process was more deterministic but here’s what works for me (installed in this order):

9/9/2014 update:

Previously I was using (and used to work):

Here’s what certainly didn’t help:

• Wacom Bamboo Pen and Touch – Driver 5.2.4-6(RC) for Windows 7, Vista & XP (32 & 64 bit versions) – PenTablet_5.2.4-6.exe
• Wacom Digitizer Driver 3.0.7.20 – sp51088.exe (22 Nov 2010, w/ wisdpen.sys v3.0.4.5)
• Wacom ISD_DualTouch_701-8.exe
• Wacom Penabled Driver Driver 7.01-8 (RC) for Penabled Tablet PCs – ISD_DualTouch_701-8.exe

Wacom Device, wisdpen.sys, and Windows Update

Additionally, once you have a working version of the Wacom Digitizer Driver above installed, if it’s outdated, and you have your system’s Windows Update process set to search for driver updates online, Windows Update will notify for an update to the Wacom Device (HWID: ACPI\WACF00E):

If you install this driver update, it will update the

Wacom Device

from (driver date:12/30/2009, driver version:3.0.4.1) or (driver date:5/14/2010, driver version:3.0.4.5) and updating to (driver date: 12/20/2010, driver version: 3.1.1.2).  While that update works fine with Windows, it breaks pen pressure functionality in Photoshop.  If you want Pen Pressure in Photoshop,

don’t

install this update.
If you have installed the update already, open Device Manager (run: devmgmt.msc) and open the properties for node Human Interface Devices >

Wacom Device

.  Switch to the “Driver” tab and click “Roll Back Driver”.  After a reboot you will be back to the old version:

(Hardware Id: ACPI\WACF00E)

Wacom Driver Differences

Here’s a neat tip for searching for Windows driver updates used by Windows Update. Go to the Microsoft Update Catalog (you will need to install an ActiveX control) and search on the hardware ID you’re interested in, e.g. ACPI\WACF00E. The x64 3.1.1.2 package for “Wacom – Input – Wacom Device” updates the driver ACPI\WACF00E which is installed to c:\windows\system32\drivers\wisdpen.sys (Wacom ISD Tablet HID MiniDriver).

 Pen Pressure in Photoshop? wisdpen.sys Version wisdpen.sys Date Modified Works 3.0.4.1 1/4/2010 Works 3.0.4.5 5/14/2010 Doesn’t Work 3.1.1.2 1/4/2011

So something changed between Wacom’s wisdpen.sys v3.0.4.1 and v3.1.1.2 to break pen pressure sensitivity in Photoshop.  I tried poking around for public exports on wisdpen.sys for clues why but none exist. I also took a look at the differences pre/post update installation of the registry for the wisdpen service at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wisdpen—no differences.  And the only difference between the 3.0.4.1 and 3.1.1.2 driver installation file, wisdpen.inf, was adding a registry value for BaudRate at the above key.

There are some interesting string differences between the two wisdpen.sys drivers themselves, like missing DefaultPenMouse/DefaultTouchMouse entries, but no smoking gun like “DisablePhotoshopPen” and nothing actionable.  At this point, unless I write my own Wacom Digitizer driver, I’m likely grasping at straws.

## Windows Phone 7 on a Samsung Focus

Notes and observations about the Samsung Focus hardware running Windows Phone 7.

# Charging

The Samsung Focus uses a certain amount of electricity in order to operate.  In order to charge, the incoming rate needs to exceed the rate being consumed by the phone.  If it doesn’t then you will problems like your Samsung Focus “charging slowly”, or “not charging.”

Not all USB ports output the same amperage.  The USB spec dictates each port output 5 volts, but amperage is only guaranteed to be available up to 100 mA.  If the phone requires ~200 mA and you plug your phone into a laptop USB port outputting 100 mA, then the battery will still be drained even though the device’s battery icon shows it’s charging.  Bus-powered hubs (USB hubs on the front-side of a desktop or most USB ports on a laptop) will generally provide 100 mA.  Root hubs and self-powered hubs should be 500 mA.  Some wall chargers will output >500 mA which while they’ll charge the phone faster could damage the phone or battery—if your phone gets hot while charging this is a good indicator it’s too much amperage as it needs to dissipate a higher amount of power.

Additionally, not all USB cables are not the same.  Some thinner cables (such as those in cheap retractable micro-USB cables) might have issues carrying amperage and will start to overheat (get warm to the touch) which will increase resistance and reduce the load (increase charging times).

You can access the battery diagnostics mode on the phone to find detailed information on battery charge percentage.  In short, bring up the phone and call “##634#”.  When the next screen comes up with the ‘-‘ button on top, enter the code “*#2*#”.  The Debug Mode for Chg/Bat will have three pages.  The first page (with examples values from my device):

• VBATT: ?
• INCHG: Incoming charge (?)
• 1: no charge
• 51-52: plugged into the USB2.0 port on backside of desktop computer
• THERM: ?
• 178
• TA (T/F): ?
• False
• USB (T/F): Whether the device is being charged via USB or not.
• BAT ID:
• 4 (no cable or not charging)
• 5 (charging via USB cable to USB 2.0 port on backside of desktop)
• MV
• VBATT_MV (mV, millivolt): Battery voltage
• On my phone, when charged to 100% and then unplugged from charger, this value went up to 4185 and then slowly dropped with some minor jumps up and down.
• VCHG_MV (mV): ?
• 65 mV when unplugged
• 4677 mV when plugged into USB2.0 port on desktop
• ICHG_MV (mV): ?
• 8 mV when unplugged (reads 0 immediately after being unplugged)
• 419 mV on my phone when charging via USB
• DEG (C): temperature of the battery
• 21 C on mine while indoors
• Bat_PER (%): percentage of battery charge
• 100 when battery is fully charged

Todo: determine electrical metrics (e.g. amps) used by Samsung Focus in various scenarios.

Todo: determine electrical metrics output by various charging devices.

# Touch

Touch can be finicky on the Focus.

• Sometimes doesn’t work when lying flat on a surface
• Remedy: picking the phone up (or just moving it?) seems to generally help. Note: if the phone is being charged, some chargers will prevent the phone’s screen from working while being charged.
• Update 4/20/2011: This should be fixed with the Samsung firmware (v2103.11.3.3) updates released in the March 2011 WP7 update. More info.
• When being charged with certain wall chargers, touch doesn’t work but resumes when unplugged
• Todo: determine specifics on which certain chargers are likely to do this
• Doesn’t like to be operated when vibrating.  This can easily happen when mounted in a car on a phone arm like below and say your car vibrates when idling with the heater on.
• Remedy: Move the car arm to a location where the mount can rest against the dash or otherwise not be vibrating out in the open.  Wrapping your hand around the phone to operate it can also temporarily fix this, but not while you’re driving..
• Screen surface has excess dirt/oil on it.  This can be registered as wayward presses and make the phone act wonky.
• Remedy: Wipe the phone screen with a clean non-scratching material– like your shirt.
Categories: Windows Phone