One funny problem just happened with my computer for the second time in half-a-year.
Visual Studio 2008 (MS VS2008 SP1 with ATL fixes) suddenly refused to run and displayed the following problem: "Cannot find one or more components. Please reinstall the application".
This thread contains the detailed desciption of the problem and similar user stories: http://social.msdn.microsoft.com/Forums/en/vssetup/thread/76713427-0daa-4907-a017-633ad258a5af
It actually helped me very much to resolve this problem for the first and second times.
The second time it was the same file, but I still don't know what kind of software/installation removed it.
WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\ATL90.DLL
The easiest way to restore it is to download and install vcredist_x86 (redistributable for Visual C++ 2008 SP1 with ATL security update) from here (if your computer is missing the same file):
http://www.microsoft.com/downloads/details.aspx?familyid=2051A0C1-C9B5-4B0A-A8F5-770A549FD78C&displaylang=en
I wouldn't recommend copying atl90.dll from any x86 directory inside WinSxS since they all different versions, and this one actually contains some security fixes.
P.S. You need to start profiling (F7) in depends (Dependancy Walker, rocks!) to see which dlls are really required and missing on your system.
Saturday, February 13, 2010
Tuesday, February 2, 2010
Mikrotik RouterOS and domain (active directory) DNS requests forwarding
I'm using mikrotik router at home, with RB150 constantly handling connection to provider (PPPoE) and to my office (VPN over internet).
However since router is using provider's DNS, it is not possible to work with shared folders or perform any other domain tasks (while office IPs are readily accessible). Anything using active directory will fail, since any computer in home won't be able to resolve domain controllers.
How to fix this:
1. added layer7 matcher for \x06\x5Fmsdcs\x08mydomain\x03com
(you need to replace mydomain.com with your domain address).
each domain part preceded with \x and number of characters in hex, \x5F is _ symbol.
whenever computer tries to find active directory servers it requests for multiple DNS records all ending with _msdcs.yourdomain.com.
/ip firewall layer7-protocol
add comment="" name=activedirectory regexp=\
"\\x06\\x5Fmsdcs\\x06itsoft\\x02by"
2. added mangle to mark dns request packets matching our layer7 rule and our dns server as destination
/ip firewall mangle
add action=mark-packet chain=prerouting comment="" disabled=no dst-address=\
192.168.0.200 dst-port=53 layer7-protocol=activedirectory \
new-packet-mark=activedirectory passthrough=yes protocol=udp
3. added dst-nat rule to route active directory specific requests to actual domain server
/ip firewall nat
add action=dst-nat chain=dstnat comment=\
"forward active directory DNS requests" disabled=no dst-port=53 \
packet-mark=activedirectory protocol=udp to-addresses=10.10.0.201 \
to-ports=53
that's all. it works, at least in my particular configuration.
may be there are easier solutions, but I wasn't able to find any.
However since router is using provider's DNS, it is not possible to work with shared folders or perform any other domain tasks (while office IPs are readily accessible). Anything using active directory will fail, since any computer in home won't be able to resolve domain controllers.
How to fix this:
1. added layer7 matcher for \x06\x5Fmsdcs\x08mydomain\x03com
(you need to replace mydomain.com with your domain address).
each domain part preceded with \x and number of characters in hex, \x5F is _ symbol.
whenever computer tries to find active directory servers it requests for multiple DNS records all ending with _msdcs.yourdomain.com.
/ip firewall layer7-protocol
add comment="" name=activedirectory regexp=\
"\\x06\\x5Fmsdcs\\x06itsoft\\x02by"
2. added mangle to mark dns request packets matching our layer7 rule and our dns server as destination
/ip firewall mangle
add action=mark-packet chain=prerouting comment="" disabled=no dst-address=\
192.168.0.200 dst-port=53 layer7-protocol=activedirectory \
new-packet-mark=activedirectory passthrough=yes protocol=udp
3. added dst-nat rule to route active directory specific requests to actual domain server
/ip firewall nat
add action=dst-nat chain=dstnat comment=\
"forward active directory DNS requests" disabled=no dst-port=53 \
packet-mark=activedirectory protocol=udp to-addresses=10.10.0.201 \
to-ports=53
that's all. it works, at least in my particular configuration.
may be there are easier solutions, but I wasn't able to find any.
Subscribe to:
Posts (Atom)