So, you need to make a custom address list (address book) for your Microsoft Outlook users with Microsoft Exchange Server 2003. This is one of those things where it's pretty easy to get what you want until you need a list with more than just one object type (users, contacts, groups, etc.). If you want an address list to include more than just one type, you'll have to do a custom LDAP query. Another reason you may have to do a custom LDAP query is if you want an "OR" in your conditional statement; in other words, you need to have an "either/or" condition (e.g., you want users who are part of either Group A or Group B).

Most of you probably don't want to have to learn all about LDAP query writing just to get the right items to appear in your Outlook address list. This article should get you going quickly by showing you a couple shortcuts to getting the query you want. We will outline:

• Where & how to create custom address lists in Microsoft Exchange 2003
• How to quickly get a basic outline for your LDAP query
• A couple basic LDAP query syntax rules to make the changes you need

Read on for the tutorial...

The other day I was on the phone helping a teacher who wanted to insert a couple clip art items into a Microsoft Word document. She wasn't getting many results for her search on "dogs" and was wondering why. It turned out that she just needed to tell the clip art wizard to search in "all collections" so it goes out to the Web to get more results. The funny part happened right after that, though!

All of a sudden, I hear her say, "Why am all I getting are pictures of doctors?"

Confused, I loaded up Word on my machine to see if I could repeat her clip art query for dogs. In my search results I also was shown doctors as the first few results: ANIMAL DOCTORS. It turned out that the first couple pictures were of veterinarians!

Just a warning out there to those who use SanDisk, Verbatim, or Kingston USB flash drives and take advantage of their encryption to secure your files that these are easily cracked due to an extremely dim-witted move: the same decryption string is provided when accessing encrypted files no matter what your password is. Meaning, you just have to bypass their authentication program and send this string, which is even the same string on all three of the brands listed at the beginning of this article. Yeesh! Remember folks, these are the same drives that are certified by NIST as FIPS 140-2 Level 2 (PDF) and are used by the American Armed Forces and the US government (for unclassified data).

Security expert firm SySS (click here for english link) has created a demo program that can access encrypted files within seconds. You can access their press release and papers here.

Read more to see the recalls and security notes from the three flash drive makers...

A minor update to our File Searcher by Owner utility has been released, bringing it up to version 1.0.1.0. This tool can be used to search for local or network shared files and folders by a local or domain user or group. New features include:

• Search by Security Identifier (SID)
• Version checker

Click Here for the ChangeLog and Download

Microsoft has recently updated the Enterprise Learning Framework (ELF) with content for Windows 7. ELF is a is a web based tool that helps corporations develop a training and communication plan for employees during a Windows 7, Windows Vista, or 2007 Microsoft Office system deployment (including SharePoint). The tool helps you find content for a number of different audiences and assists in finding the right content for topics you are interested in, within particular deployment time frames. You can even generate customized e-mail messages or a Word document that you can send to your users with the content you find.

Click here to be taken to Microsoft's ELF tool

Tip: Click the Get Recommended Topics link to begin

The Grim Admin is happy to announce a free tool, called File Searcher by Owner, for Microsoft Windows systems that allows you to search for files and folders based on the owner of the object. Since this feature has not been built into any version of Microsoft Windows, prior to this tool you would have to run some crazy command-line hacks like dir /q /s | find /i "domain\username" or try to create your own custom batch file, a rather tedious task.

File Searcher by Owner is a simple to use utility that allows you to search for local or network shared files and folders by a local or domain user or group. Features include:

• Support for UNC paths
• Export to comma-separated (CSV) file
• Preserves right-click context menu for files & folders
• Portable and lightweight

Click Here for Details and Download

Often it is useful to create a listing of when accounts in a Microsoft Active Directory organizational unit (OU) are set to expire. For example, if you plan to lower the time between forced password changes, it is good to know which accounts may be affected by the change. You can open the outputted file from our sample VBScript in Microsoft Excel or OpenOffice.org Calc and sort and recalculate dates based on the new maximum password age. Read further for the example code and output format...

We now have a tool that lets you find what company owns a registered media access control address (MAC address). This could be useful in identifying the manufactuer of a networked device based on its organizationally unique identifier (OUI).

We hope you find the MAC Address Lookup Tool useful!

During a Microsoft SQL Server 2005 (standard or express) upgrade from a previous version or while updating SQL Server to a newer service pack (SP), you may receive the following error:

Error ID: 15116

SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client][SQL Server]Password validation failed. The password does not meet Windows policy requirements because it is too short.. To continue, correct the problem, and then run SQL Server Setup again.

Variations may appear depending on your configuration, including:

• The password does not meet Windows policy requirements because it is too long.
• The password does not meet Windows policy requirements because it is not complex enough.
• The password does not meet the requirements of the password filter DLL.

This will appear during the install process, but you may also have failed installs through Windows Update and not realize that this is the cause. The origin of the error is that your Domain or computer has a password policy set that a password that is hardcoded into a SQL script used during the upgrade fails to meet. Yes, it's an issue that Microsoft should have forseen. Yes, it's also an issue that Microsoft should have created a KB article for. Yes, The Grim Admin will fill in the holes...

After updating VMware Tools to version 4.0.0, build 164009 on a Windows Server virtual machine hosting Microsoft Exchange, the following error may appear multiple times in the event log:

Event Type:        Error
Event Source:      DCOM
Event Category:    None
Event ID:          10016
User:              NT AUTHORITYSYSTEM
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {9DA0E106-86CE-11D1-8699-00C04FB98036} to the user NT AUTHORITYSYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

The solution is fairly straightforward...