Pages

12/21/2007

Networking::Servers


Tip: Disable unused NIC's!
If a server has an unplugged NIC it will get 169.254.0.0 address automatically and it may register it's name with both IP's and part of the time DNS will respond with the unreachable 169.254.x.x address.

12/19/2007

Blackberry::BES::Monitoring


Monitoring and Management Products for Blackberry Enterprise Server

http://www.needtext.net/

http://www.conceivium.com/

http://www.zenprise.com/products/blackberry-monitoring.aspx

http://www.berrynator.com/bn_english/index.html

http://www.ancoris.com/s/mon/blackberry.shtml

BoxTone from a company named Panacya Inc

12/11/2007

12/10/2007

Links


- free helpdesk software for intranet:
Liberum

- Remote support/access tool - free web based:
LogMeIn

- Fortiva - e-mail archiving solution
Fortiva

Video Bridging Service Providers


Contacts
To find a conference facility and also get VC hook-up:
Lad Reporting (located in Washington, DC)
Amanda Cordelli
(301) 762-8282

Video Conferencing Bridging Services:

Precision Videoconferencing Solutions
David Sayer
(720) 214-2347

WireOne
Amy Eldridge
(970) 587-8003

Adam Moss
Providea Inc.
Major Account Manager
408-280-0537 (office)
www.provideasolutions.com

1-800-CONFERENCE®
1717 North Penny Lane, Suite 2
Schaumburg, Illinois 60173
1-800-266-3373 (select option 1)
1-847-413-3498 (select option 1)
1-800-866-1096 Fax
1800conference@corporatefs.com

12/03/2007

Video Utility::Link::Download


VLC media player
Free utility useful for a few nagging functions - snapping jpgs out of videos, grabbing some video off a DVD, etc.

videolan.org

11/20/2007

ESX Time Source


set up ESX hosts with an NTP source…

VMWare KB

To configure NTP on the service console, you must:

  • Edit the following configuration files, as described in the following sections:
    /etc/ntp.conf
    /etc/ntp/step-tickers
    /etc/hosts

  • For ESX Server 3.0 only, run the following command. This opens the appropriate ports and enables the NTP daemon to talk with the external server.

  • [root@esxhost]# esxcfg-firewall --enableService ntpClient

  • Restart ntpd.

  • 11/07/2007

    Citrix::ICA::Session Sharing



    Troubleshooting and Explaining Session Sharing
    CTX159159

    Understanding and Troubleshooting Citrix's Seamless Windows Engine
    BrianMadden.com

    10/30/2007

    Network Latency



    Latency due to distance = approximately 1ms per 100km

    from: http://www.nessoft.com/kb/42

    There are two *normal* factors that significantly influence latency
    • The latency of the connecting device. For a cable modem, this can normally be between 5 and 40 ms. For a DSL modem this is normally 10 to 70ms. For a dial-up modem, this is normally anywhere from 100 to 220ms. For a cellular link, this can be from 200 to 600 ms. For a T1, this is normally 0 to 10 ms.

    • The distance the data is traveling. Data travels at (very roughly) 120,000 miles (or 192,000 kilometers) per second, or 120 miles (192 km) per ms (millisecond) over a network connection. With traceroute, we have to send the data there and back again, so the latency will raise roughly 1ms for every 60 miles (96km, although with the level of accuracy we're using here, we should say "100km") of distance between you and the target.

    10/11/2007

    Internet Explorer::cannot post data to a non-NTLM-authenticated Web site


    KB251404

    SYMPTOMS
    You cannot post any data to non-NTLM authenticated Web sites.

    CAUSE
    This issue can occur after you visit an NTLM authenticated folder.

    RESOLUTION
    add a value to the following registry key:
    HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Internet Settings/
    Add the following registry value:
    Value Name: DisableNTLMPreAuth
    Data Type: REG_DWORD
    Value: 1

    Also, turn off Enable Integrated Windows Authentication in Internet Explorer.
    1. Start Internet Explorer.
    2. Click Tools, click Internet Options, and then click the Advanced tab.
    3. Under Security, click to de-select Enable Integrated Windows Authentication (requires restart), and then click Apply.
    4. Close Internet Explorer.

    To resolve this issue from the server side, configure the Web site to use either of the following authentication methods:
    • Configure the Web site to permit anonymous access only.
    • Configure the Web site to permit both anonymous access and NLTM authentication (Integrated Windows authentication).

    VMWare::ESX::CPU Percent Ready


    Good discussion about what this means and how to optimize CPU performance.
    http://communities.vmware.com/thread/97303

    "%Ready = Percent of time there is work to be done, and no physical CPU to do it on.

    One rule of thumb that I use (saw it here some time ago) is that up to 5% Ready is OK, even normal; anything between 5% and 10%, best keep an eye on the VM and the host. Over 10% (for extended periods) you best be planning on taking some action.

    One thing to keep in mind, if the VM is assigned multiple CPUs, they must both be scheduled on physical CPUs/cores simultaniously. This can cause you some headache (voice of experience here.) If only one CPU has work, both need to be scheduled, which is harder to do, and can take longer, increasing %Ready, response time, and reducing resources for other VMs."

    "If you change from a multi-processor system to a uni-processor system you need to manually change the HAL on the Windows server after the conversion. To do this go into Device Manager after the machine first boots and discovers it's new hardware and then click on Computer then right-click on the processor and select Update Driver. Then select Install from specific location and then Don't search I will choose the driver to install. Then select show All compatible hardware and select the appropriate processor. For example, if you went from a dual cpu to a single cpu then select ACPI uni-processor PC instead of ACPI multi-processor PC. You will need to reboot once you change this. To verify what HAL you are using you right-click your hal.dll in c:\windows\system32 and select the Version tab and select Internal Name and it should say halmacpi.dll for multi-processor acpi and halacpi.dll for uni-processor acpi.

    Next clean up all the non-present hardware after the P2V conversion. To do this go to a CMD prompt and type SET DEVMGR_SHOW_NONPRESENT_DEVICES=1 and then DEVMGMT.MSC and then select Show Hidden Devices. Delete any old grayed out hardware.

    Next remove any vendor specific applications/drivers. For example on a HP server you should go to Add/Remove programs and remove any HP management agents, survey utility, array config utility, version control agent, etc. Also check your NIC and make sure there are no vendor specific drivers there (ie. teaming). Check the Services to see if all there is anything vendor specific related there and disable any services that are. "

    10/08/2007

    VBS::Parsing CSV


    This is a great ongoing series:
    Hey Scripting Guy!


    Const ForReading = 1

    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.OpenTextFile("C:\Scripts\Test.txt", ForReading)

    Do Until objFile.AtEndOfStream
    strLine = objFile.ReadLine
    arrFields = Split(strLine, ",")

    If InStr(arrFields(1), "Everyone") Then
    strContents = strContents & arrFields(5) & vbCrlf
    End If
    Loop

    objFile.Close

    Set objFile = objFSO.CreateTextFile("C:\Scripts\Everyone.txt")
    objFile.Write strContents

    objFile.Close

    9/07/2007

    Perl::Script::Cleanup Old Files


    The following script will accept a list of folders and recursively look through each one for files older than a specified number of days.
    A parameter file is used to provide input so it can be flexible after packaging with PerlPackager.

    #cleanup.pl
    use File::Find;
    #get parameters
    open (PRM, ";
    close (PRM);
    my $folder = $prm[0];
    chomp $folder;
    my @folder = split(/,/,$folder);
    my $limit = $prm[1];
    chomp $limit;
    #Create log folder if it does not exist
    if (not(-e "cleanup\\.")) {
    mkdir ("cleanup");
    }
    #Name Log File
    my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)=localtime();
    $m = sprintf("%0.2i", $mon+1);
    $d = sprintf("%0.2i", $mday);
    $y = $year + 1900 ;
    $yy = substr($y, -2, 2);
    $yy = sprintf("%0.2i", $yy);
    $hh = sprintf("%0.2i", $hour);
    $mm = sprintf("%0.2i", $min);
    $ss = sprintf("%0.2i", $sec);
    $T = "$y$m$d$hh$mm$ss" ;
    $logfile=".\\cleanup\\$T.log";
    open(LOG, ">$logfile");
    print LOG "Cleanup run: $m\/$d\/$y $hh:$mm:$ss\n Folders: @folder\n Delete older than: $limit days\n";
    print LOG "The following files, if any, have been deleted:\n";
    find(\&CheckFile, @folder);
    sub CheckFile {
    if (not(-d $_)) {
    if ($limit < (-M $_)) { $current = $File::Find::name; $current =~ tr/\//\\\\/; unlink $_; print LOG " $current\n"; } } } close (LOG);

    The parameter file is below. It is setup to purge it's own log folder (.\cleanup) after the same number of days.

    .\cleanup,c:\dev\purge\test\bak\1,c:\dev\purge\test\bak\2
    10
    #line 1 = comma separated list of folders to recursively search for old files.
    #line 2 = number of days after which to delete files.

    Perl::File Testing



    # -o $file true if owned by EUID
    # -e $file exists
    # -z $file zero file
    # -s $file non-zero file, returns size
    # -r $file readable
    # -w $file writeable
    # -x $file executable
    # -f $file plain file
    # -d $file directory
    # -l $file symbolic link
    # -p $file named pipe or FIFO
    # -S $file socket
    # -b $file block special file
    # -c $file character special file
    # -T $file text file
    # -B $file binary file
    # -u $file setuid
    # -g $file setgid
    # -k $file sticky
    # -t $file true if opened to a tty
    # -M $file age in days since modified
    # -A $file age in days since last accessed
    # -C $file age in days since inode changed

    9/04/2007

    Windows::NTFS Permissions



    From: Windows IT Library

    NTFS Permissions and Files



    NTFS
    file permissions are used to control the access that a user, group, or
    application has to files. This includes everything from reading a file to
    modifying and executing the file. There are five NTFS file permissions:




    1. Read



    2. Write



    3. Read & Execute



    4. Modify



    5. Full Control



    The five NTFS file permissions are also
    listed in Table 1 with a description of the access that is allowed to the
    user or group when each permission is assigned. As you can see, the permissions
    are listed in a specific order. They all build upon each other.



















    TABLE 1: NTFS FILE PERMISSIONS
    NTFS
    File Permission
     
       Allowed Access
    Read
      This allows the user or group to read the file
    and view its attributes, ownership, and permissions set.
    Write
    This allows the user or group to overwrite the
    file, change its attributes, view its ownership, and view the permissions set.
    Read
    & Execute   
      This allows the user or
    group to run and execute the application. In addition, the user can perform all
    duties allowed by the Read permission.
    Modify
    This allows the user or group to modify
    and delete a file including perform all of the actions permitted by the Read,
    Write, and Read and Execute NTFS file permissions.
    Full
    Control
    This allows the user or group
    to change the permission set on a file, take ownership of the file, and perform
    actions permitted by all of the other NTFS file permissions.




    If a user needs all access to a file
    except to take ownership and change its permissions, the Modify permission can
    be granted. The access allowed by the Read, Write, and Read & Execute are
    automatically granted within the Modify permission. This saves you from
    assigning multiple permissions to a file or group of files. In later
    discussions in this chapter you will see what happens when multiple NTFS file
    permissions are assigned and applied and how you can determine the net access
    the user or group has to that file or folder.








    NOTE: A
    file's attributes are properties of the file such as Read-Only, Hidden,
    Archive, and System. The System attribute is usually applied only to operating
    system boot files.




    NTFS Permissions and Folders


    NTFS Folder permissions allow what access is granted to a folder and the files and
    subfolders within that folder. These permissions can be assigned to a user or
    group. This topic defines each NFTS folder permission and its effect on a
    folder. Table 2 displays a list of the NTFS file permissions and the access
    that is granted to a user or group when each permission is applied.





















    TABLE 2: NTFS FOLDER PERMISSIONS
    NTFS
    File Permission
        Allowed Access
    Read
      This allows the user or group to view the
    files, folders, and subfolders of the parent folder. It also allows the viewing
    of folder ownership, permissions, and attributes of that folder.
    Write
    This allows the user or group to create new
    files and folders within the parent folder as well as view folder ownership and
    permissions and change the folder attributes.
    List
    Folder Contents
        This allows the user or
    group to view the files and subfolders contained within the folder.
    Read
    & Execute
        This allows the user or
    group to navigate through all files and subfolders including perform all
    actions allowed by the Read and List Folder Contents permissions.
    Modify
    This allows the user to delete the folder
    and perform all activities included in the Write and Read & Execute NTFS
    folder permissions.
    Full
    Control
    This allows the user or group
    to change permissions on the folder, take ownership of it, and perform all
    activities included in all other permissions.





    Notice that the only major difference
    between NTFS file and folder permissions is the List Folder Contents NTFS
    folder permission. By using this NTFS folder permission you can limit the
    user's ability to browse through a tree of folders and files. This is useful
    when trying to secure a specific directory such as an application directory. A
    user must know the name and location of a file to read or execute it when this
    permission is applied to its parent folder.

    Windows::NTFS Permissions



    From: TechNet


    Write Users can copy or paste new files and subfolders in the folder and change folder attributes. However, users cannot open or browse the folder unless you grant the Read permission. Assigning Write permission is useful for folders where users can file confidential reports, such as timesheets, that only the manager or shared folder administrator can read.

    Read Users can see the names of files and subfolders in a folder and view folder attributes, ownership, and permissions. Users can open and view files, but they cannot change files or add new files. Assign the Read permission if users need only to read information in a folder and they do not need to delete, create, or change files.

    List Folder Contents Users can see the names of files and subfolders in the folder. However, users cannot open files to view their contents.

    Read & Execute Users have the same rights as those assigned through the Read permission, as well as the ability to traverse folders. Traverse folders rights allow a user to reach files and folders located in subdirectories, even if the user does not have permission to access portions of the directory path.

    Modify Users can delete the folder and perform the actions permitted by the Write and Read & Execute permissions. Because Modify gives users the ability to delete the folder, use Modify permission only for administrators or for the group or department owner of the folder.

    Full Control Users can change permissions, take ownership, delete subfolders and files, and perform the actions granted by all other permissions. Because Full Control gives users the ability to delete the folder, use Full Control permission only for administrators or for the group or department owner of the folder.

    VOIP


    Magic Jack - $40 for a year of phone service.

    http://www.magicjack.com/site/index.html

    This is interesting.

    8/31/2007

    Windows::Inventory::Report files of particular extension::UPDATE


    I seem to make this mistake a lot. My initial goal was to create a csv format file and import to excel or someplace. But I did not account for the case where a comma is in the data. It is never in the front of my mind that a comma is a valid character in a filename.
    The corrected script is below.

    '==========================================================================
    ' NAME: Script to search for files with listed extensions
    '
    '
    '==========================================================================

    Option Explicit

    Const wbemFlagReturnImmediately = &h10
    Const wbemFlagForwardOnly = &h20

    Const PATH_TO_INPUT = "in.txt"
    Const PATH_TO_OUTPUT = "out.txt"

    Dim fso
    Set fso = WScript.CreateObject("Scripting.FileSystemObject")

    Dim shl
    Set shl = WScript.CreateObject("WScript.Shell")

    Dim input
    Set input = fso.OpenTextFile(PATH_TO_INPUT)

    Dim output
    Set output = fso.CreateTextFile(PATH_TO_OUTPUT, True)

    Dim wmiService
    Dim wmiResults
    Dim objwMIService
    Dim colFiles
    Dim objFile

    Dim hostname

    Dim line
    Dim exec
    Dim pingResults
    Dim strFileName


    While Not input.AtEndOfStream
    line = input.ReadLine
    hostname = ""
    Set exec = shl.Exec("ping -n 2 -w 500 " & line)
    pingResults = LCase(exec.StdOut.ReadAll)

    If InStr(pingResults, "reply from") Then

    WScript.Echo "Reply From: " & line
    hostname = line

    Set objWMIService = GetObject("winmgmts:\\" & hostname & "\root\cimv2")
    Set colFiles = objWMIService.ExecQuery _
    ("Select * from CIM_Datafile Where Extension = 'pst' OR Extension = 'pdf' OR Extension = 'doc' OR Extension = 'xls'")

    For Each objFile in colFiles
    strFileName = Replace(objFile.Name, "," , " ")
    output.WriteLine hostname & "," & strFileName & "," & objFile.FileSize
    Next

    Else
    WScript.Echo line & " no response"
    End If
    Wend

    output.Close
    input.Close

    Set wmiService = Nothing
    Set wmiresults = Nothing

    8/29/2007

    Batch Processes


    I recently have found myself running batch processes scanning inventory on long lists of machines. To have more control I usually generate a list of IP's or machine names and use it as an input file to my process.
    It is obvious after the fact, but I often don't think of it until I've wasted time on something taking too long -- things go faster if they are broken up into groups and processed in parallel.
    I need to spend some time to make up a script to automate this, but what I do is:
    - Create folders 0 - 9 beneath a process folder.
    - Copy the script to each folder.
    - Break up my input file of items to process into 10 equal in.txt files and put one in each folder.
    - I generally have the script create an output file such as out.txt
    - Run the script redirecting output to stdout.txt
    - Tile them all on my second monitor and watch each for errors or a Complete! message.
    - Run a script like the one below to consolidate the logs.

    REM collectLOG.cmd
    del temp\*.* /y
    For /d %%p in (*) do copy "%%p\stdout.txt" "temp\%%p.log"
    copy temp\*.log final\discovery.log

    - Run a script like the one below to consolidate the output.

    REM collectCSV.cmd
    For /d %%p in (*) do copy "%%p\out.txt" "final\%%p.csv"

    Windows::Inventory::Report files of particular extension


    For desired file extensions this script will report the filename and file size for all machines listed in input file.

    '==========================================================================
    ' Script to search for files with listed extensions
    '==========================================================================

    Option Explicit

    Const wbemFlagReturnImmediately = &h10
    Const wbemFlagForwardOnly = &h20

    Const PATH_TO_INPUT = "in.txt"
    Const PATH_TO_OUTPUT = "out.txt"

    Dim fso
    Set fso = WScript.CreateObject("Scripting.FileSystemObject")

    Dim shl
    Set shl = WScript.CreateObject("WScript.Shell")

    Dim input
    Set input = fso.OpenTextFile(PATH_TO_INPUT)

    Dim output
    Set output = fso.CreateTextFile(PATH_TO_OUTPUT, True)

    Dim wmiService
    Dim wmiResults
    Dim objwMIService
    Dim colFiles
    Dim objFile
    Dim hostname
    Dim line
    Dim exec
    Dim pingResults

    While Not input.AtEndOfStream
    line = input.ReadLine
    hostname = ""
    Set exec = shl.Exec("ping -n 2 -w 500 " & line)
    pingResults = LCase(exec.StdOut.ReadAll)

    If InStr(pingResults, "reply from") Then

    WScript.Echo "Reply From: " & line
    hostname = line

    Set objWMIService = GetObject("winmgmts:\\" & hostname & "\root\cimv2")
    Set colFiles = objWMIService.ExecQuery _
    ("Select * from CIM_Datafile Where Extension = 'pst' OR Extension = 'pdf' OR Extension = 'doc' OR Extension = 'xls'")

    For Each objFile in colFiles
    output.WriteLine hostname & "," & objFile.Name & "," & objFile.FileSize
    Next

    Else
    WScript.Echo line & " no response"
    End If
    Wend

    output.Close
    input.Close

    Set wmiService = Nothing
    Set wmiresults = Nothing

    8/27/2007

    Windows::File Locking Issues


    Client Settings for Windows 2000, XP, 2003 Acting as a Workstation or Client

    To modify the settings for the Workstation service, it is necessary to edit the registry, since Microsoft does not provide any method of configuring these options in their client setup. The registry key path is:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
    Services\LanmanWorkstation\Parameters


    It will be necessary to add the following values as they are listed below, with the proper data type and the value listed (0 in all cases):

    Setting Data Type Should be
    UseLockReadUnlock
    REG_DWORD
    0


    Indicates whether the redirector uses the lock-and-read and
    write-and-unlock performance enhancements.

    When this value is enabled, it generally provides a significant
    performance benefit. However, database applications that lock
    a range and don’t allow data within that range to be read will
    suffer performance degradation unless this parameter is disabled.

    UtilizeNtCaching
    REG_DWORD
    0


    Indicates whether the redirector uses the cache manager to cache
    the contents of files. Disable this parameter only to guarantee that
    all data is flushed to the server immediately after it is written by the application.


    Opportunistic locking is controlled differently in the newer versions of Windows than was done in Windows NT. The following registry key path is the location of the desired entry and that must be present and set to the associated value.

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\
    Services\MRXSmb\Parameters


    Setting Data Type Should be
    OplocksDisabled
    REG_DWORD
    1


    The OplocksDisabled registry value configures Windows clients to either request or not request opportunistic locks on a remote file.

    8/23/2007

    Opportunistic File Locking

    http://www.jsifaq.com/SF/Tips/Tip.aspx?id=3108

    http://support.microsoft.com/kb/129202

    Disabling Read Caching on Windows Workstations

    The Windows registry entry that controls read caching on Windows network clients is:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VxD\VREDIR
    DiscardCacheOnOpen REG_BINARY 0 or 1
    Default: 0 (not disabled)


    To disable read caching, the value of DiscardCacheOnOpen must be set to 1.

    If you do change this Registry value, you will have to reboot the PC to ensure that the new setting goes into effect.

    Disabling Opportunistic Locking on Windows Servers

    There are 2 Windows registry entries that control opportunistic locking (oplocks) on Windows network servers:
    1. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters EnableOpLockForceClose
    2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters EnableOplocks

    1. EnableOpLockForceClose

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
    EnableOpLockForceClose REG_DWORD 0 or 1
    Default: 0 (not disabled)

    To disable oplocks, the value of EnableOpLockForceClose must be set to 1.

    2. EnableOplocks

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
    EnableOplocks REG_DWORD 0 or 1
    Default: 1 (true)
    To disable oplocks, the value of EnableOplocks must be set to 0.


    Note: The location of the registry entry for opportunistic locking has changed in Windows 2000 from the earlier location in Microsoft Windows NT. In Windows 2000, the registry entry that disables opportunistic locking is:

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MRXSmb\Parameters\
    OplocksDisabled REG_DWORD 0 or 1
    Default: 0 (not disabled)
    To disable oplocks, the value of OplocksDisabled must be set to 1.


    Note: Windows 2000 will still respect the EnableOplocks registry value used to disable oplocks in earlier versions of Windows.

    Disabling Opportunistic Locking on Windows Workstations

    If you use a Windows NT family workstation in place of a server, you must also disable opportunistic locking (oplocks) on that workstation. For example, if you use a PC with the Windows NT Workstation operating system instead of Windows NT Server, Windows 2000 Professional instead of Windows 2000 Server, or Windows XP Home instead of Windows XP Professional you will need to disable oplocks on that system.

    The major difference is the location in the Windows registry where the values for disabling oplocks are entered. Instead of the LanManServer location, the LanManWorkstation location is used here.

    There are 2 Windows registry entries that control opportunistic locking (oplocks) on Windows network workstations:

    1. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters EnableOpLockForceClose
    2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters EnableOplocks

    1. EnableOpLockForceClose
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
    EnableOpLockForceClose REG_DWORD 0 or 1
    Default: 0 (not disabled)

    To disable oplocks, the value of EnableOpLockForceClose must be set to 1.

    2. EnableOplocks
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanManWorkstation\Parameters
    EnableOplocks REG_DWORD 0 or 1
    Default: 1 (true)
    To disable oplocks, the value of EnableOplocks must be set to 0.

    8/21/2007

    Perl::Regular Expression::Matching Expression Variables



    Match Variables
    If a =~ match expression is true, the special variables $1, $2, ... will be the substrings that matched parts of the pattern in parenthesis -- $1 matches the first left parenthesis, $2 the second left parenthesis, and so on. The following pattern picks out three words separated by whitespace...

    if ("this and that" =~ /(\w+)\s+(\w+)\s+(\w+)/) {

    ## if the above matches, $1=="this", $2=="and", $3=="that"

    This is a nice way to parse a string -- write a regular expression for the pattern you expect putting parenthesis around the parts you want to pull out. Only use $1, $2, etc. when the if =~ returns true. Other regular-expression systems use \1 and \2 instead of $1 $2, and Perl supports that syntax as well. There are three other special variables: $& (dollar-ampersand) = the matched string, $` (dollar-back-quote) = the string before what was matched, and $' (dollar-quote) = the string following what was matched.

    The following loop rips through a string and pulls out all the email addresses. It demonstrates using a character class, using $1 etc. to pull out parts of the match string, and using $' after the match.

    $str = 'blah blah nick@cs.stanford.edu, blah blah balh billg@microsoft.com blah blah';

    while ($str =~ /(([\w._-]+)\@([\w._-]+))/) { ## look for an email addr
    print "user:$2 host:$3 all:$1\n"; ## parts of the addr
    $str = $'; ## set the str to be the "rest" of the string
    }

    output:
    user:nick host:cs.stanford.edu all:nick@cs.stanford.edu
    user:billg host:microsoft.com all:billg@microsoft.com


    Thanks to: http://cslibrary.stanford.edu/108/EssentialPerl.html

    7/16/2007

    Citrix::Program Neighborhood Agent::Rename Application


    Good to know...
    If you rename an application in Citrix Management Console -
    during the time that PNA has not refreshed on the clients, if they double click their existing icon they get an error that the program is not available.

    6/28/2007

    Security::Default Passwords


    Default Password List

    Cisco::Serial Numbers



    From: http://www.cisco.com

    To determine the serial number for the chassis and other components, issue the show idprom command, as this example shows:

    6509# show idprom ?
    all selects all FRU-types
    backplane specify backplane
    clock specify clock
    earl specify earl
    fan-tray specify fan-tray
    interface interface name
    module specify module
    power-supply specify power-supply
    rp specify RP (MSFC)
    supervisor specify supervisor
    vtt specify VTT To obtain the chassis serial number, issue the show idprom backplane command, as this example shows:

    6509# show idprom backplane
    IDPROM for backplane #0
    (FRU is 'Catalyst 6500 6-slot backplane')
    OEM String = 'Cisco Systems'
    Product Number = 'WS-C6506'
    Serial Number = 'TBA03270652'
    Manufacturing Assembly Number = '73-3436-01'
    Manufacturing Assembly Revision = 'A0'
    Hardware Revision = 1.0
    Current supplied (+) or consumed (-) = -ATo obtain the module serial number, issue the show idprom module slot # command. Alternatively, you can issue the show module command, as this example shows:

    6509# show module
    Mod Ports Card Type Model Serial No.
    --- ----- -------------------------------------- ------------------ -----------
    1 2 Catalyst 6000 supervisor 2 (Active) WS-X6K-S2U-MSFC2 SAD055006NE
    3 0 2 port adapter FlexWAN WS-X6182-2PA SAD04350EEU
    4 48 SFM-capable 48-port 10/100 Mbps RJ45 WS-X6548-RJ-45 SAD055108C2

    Mod MAC addresses Hw Fw Sw Status
    --- ---------------------------------- ------ ------------ ------------ -------
    1 0001.6415.a602 to 0001.6415.a603 3.2 6.1(3) 7.5(0.6)HUB6 Ok
    3 0001.6413.c86b to 0001.6413.c8aa 1.5 12.1(13)E1 12.1(13)E1 Ok
    4 0001.63d3.e77a to 0001.63d3.e7a9 4.0 6.3(1) 7.5(0.6)HUB6 Ok

    Mod Sub-Module Model Serial Hw Status
    --- --------------------------- --------------- --------------- ------- -------
    1 Policy Feature Card 2 WS-F6K-PFC2 SAD055004VA 3.0 Ok
    1 Cat6k MSFC 2 daughterboard WS-F6K-MSFC2 SAD055006VF 2.0 Ok

    6/19/2007

    Microsoft::Excel::Formula::Sort by IP Number


    I hate that editors, excel, SQL reports, etc will not sort properly by IP address.
    This great Excel formula will calculate a unique integer value for an IP address to allow sorting on that value:

    =((VALUE(LEFT(A2, FIND(".", A2)-1)))*256^3)+((VALUE(MID(A2, FIND(".", A2)+1, FIND(".", A2, FIND(".", A2)+1)-FIND(".", A2)-1)))*256^2)+((VALUE(MID(A2, FIND(".", A2, FIND(".", A2)+1)+1, FIND(".", A2, FIND(".", A2, FIND(".", A2)+1)+1)-FIND(".", A2, FIND(".", A2)+1)-1)))*256)+(VALUE(RIGHT(A2, LEN(A2)-FIND(".", A2, FIND(".", A2, FIND(".", A2)+1)+1))))


    And to turn that number back into an IP number:

    =IF(B2<>"", CONCATENATE(INT(B2/256^3), ".", INT(MOD(B2, (256^3))/(256^2)), ".", INT(MOD(MOD(B2, 256^3), 256^2)/256), ".", MOD(MOD(MOD(B2, 256^3), 256^2), 256)), "")


    Thanks to Matt Schuster, quoted at www.mvps.org

    6/15/2007

    VMware::P2V::Uninstall hidden "stale" devices



    From: VMWare Community

    After a physical conversation a number of “stale devices” will exist in the new virtual machine. These are hardware devices which are no longer required.
    Windows 2000 & 2003
    To identify which devices are no longer physically installed on your virtual machine, use the Microsoft environment variable devmgr_show_nonpresent_devices. This is explained in the Microsoft article:

    MS KB315539

    1. From the command prompt, type:
    set devmgr_show_nonpresent_devices = 1
    2. Start the search. Type:
    start devmgmt.msc
    3. From the Device Manager, list the devices.
    Select: View > Show hidden devices.
    4. Deinstall the listed devices:
    Select the device and uninstall it from the Device Manager.

    6/11/2007

    WAN::Latency::BES::Blackberry Enterprise Server


    Interesting rule of thumb from Blackberry support:
    The link between the BES server and the Exchange mailbox database server should, be on average, no more than 35ms.

    5/29/2007

    Windows Terminal Services::Licensing::Problem getting license across sites


    Enterprise Terminal Services License Servers cannot be discovered outside it's AD site.

    Hard-Coding Preferred License Servers
    Regardless of which of these four situations a Terminal Server is in, you always have the option of manually specifying a license server or servers that each Terminal Server should get licenses from. You can manually configure any Terminal Server to get licenses from any license server—there’s no need to stay within domain, subnet, location, or site boundaries.

    You can configure a Terminal Server to use a specific license server via the Terminal Server’s registry. Be careful though, because this registry edit is not like most others. In this case, rather than specifying a new registry value and then entering data, you have to create a new registry key (or “folder”). To do this, browse to the following registry location:

    HKLM\SYSTEM\ControlSet\Services\TermService\Parameters\

    Add a new key called “LicenseServers.” Underneath the new LicenseServers key, create another key with the NetBIOS name of the license server that you want this Terminal Server to use. You don’t need to add any values or data under this new key.

    Add multiple keys for multiple servers if you wish, although the Terminal Server will only communicate with one license server at a time. Once you’re done, reboot the server for it to take affect.

    As you’ll see, this manual process is needed in situations where the Terminal Servers cannot automatically “discover” the license servers. It’s also useful if you want to override the default license server that a Terminal Server discovers.

    From www.BrianMadden.com

    5/24/2007

    VMWare Workstation::Run as service



    Copied from news group:

    VMware-At Your Service!
    Run VMware Workstation VMs as services
    Chris Wolf
    Feature
    InstantDoc #42607
    Windows & .NET Magazine

    If you're a VMware enthusiast, you've probably on more than one occasion
    wanted to log off from your computer while leaving your virtual machines
    (VMs) running. Or, maybe you've wanted selected VMs to start as soon as
    your system boots so that your host system can log on to a domain
    controller (DC) running inside one of the host machine's VMs. Sound too
    good to be true? That's what I thought. I assumed that logging off of my
    computer and having my VMs remain running was an unattainable dream. But
    I discovered that getting VMs to run as services is possible and very
    easy to configure.

    Tools for Service
    VMware doesn't natively support running its software as a service, but
    configuring VMware Workstation 4.0 VMs to run as services is almost as
    easy as tying your shoes. All you need to get started are two
    tried-and-true Windows resource kit tools: instsrv.exe and srvany.exe.
    Both tools are available as free downloads. Go to
    http://www.microsoft.com/downloads, enter Windows 2003 Resource Kit
    Tools in the Keywords field, and click Go. Then, click the Windows
    Server 2003 Resource Kit Tools Download button at the Windows Server
    2003 Resource Kit Tools Web page to download rktools.exe-which contains
    the most recent versions of Instsrv and Srvany-and run the executable to
    install the tools on your system.

    Note that you can install the Windows 2003 resource kit tools on a
    Windows 2003 or Windows XP system. If your host system runs Windows 2000
    or Windows NT, you can acquire Instsrv and Srvany from the Win2K or NT
    resource kit CD-ROMs or you can install the Windows 2003 resource kit
    tools on an XP system and just copy Instsrv and Srvany from the XP
    system to the %windir% folder on your Win2K or NT host system. The
    Windows 2003 versions of Instsrv and Srvany run on the earlier OSs
    without any problems.

    Getting Started
    Installing the resource kit tools updates the system path to include the
    resource kit installation folder. Updating the path requires a reboot,
    so be sure to reboot your system after installing the resource kit.
    Alternatively, you can copy Instsrv and Srvany to a folder already in
    the path, such as the folder C:\windows\system32.

    With the resource kit files in place, your next task is to determine the
    location of the VMware application's vmware.exe file. I used the default
    settings when installing VMware, so the path I needed was C:\program
    files\vmware\vmware workstation\vmware.exe.

    The last bit of information that you need before you configure the new
    service is the path to the configuration file of the VM that you want to
    turn into a service. This file is in the folder in which the VM was
    created and has a .vmx extension. All my VMs are stored on my system's E
    drive, so the path to the .vmx file of the VM that I want to run as a
    service is E:\vms\w2k1\w2k1.vmx. When you have the vmware.exe path and a
    VM's .vmx path information, you're ready to create the service.

    Creating the Service
    First, decide on a name for the service. I prefer to preface the name of
    the VM with VM_ to form the service name. For example, I would give my
    VM named W2K1 the service name VM_W2K1. After you decide on the service
    name, you can use the following syntax to set up the service:

    instsrv

    So a sample command might be

    instsrv VM_W2K1
    c:\windows\srvany.exe
    Now you need to modify the service's parameters by using a registry
    editor and the Microsoft Management Console (MMC) Windows Services
    snap-in. In the registry editor, navigate to the
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
    subkey. Right-click the VM service name, select New, then click Key.
    Name the new subkey Parameters.

    Right-click the Parameters subkey, select New, then click String Value.
    Name the new value Application. Double-click the Application value and
    enter the path to the vmware.exe file on your host system (put the
    pathname in double quotation marks), followed by -x, followed by the
    path to the VM's .vmx file (put the pathname in double quotation marks).
    For my configuration, I used the string value "C:\program
    files\vmware\vmware workstation\vmware.exe" -x "e:\vms\w2k1\w2k1.vmx".
    Close the registry editor.

    Open the Windows Services snap-in. Locate and right-click the newly
    created VM service and select Properties. In the service's Properties
    dialog box, click the Log On tab. Ensure that Local System account is
    selected, and select the Allow service to interact with desktop check
    box, which Figure 1 shows. Click OK to close the service Properties
    dialog box. You can now use the Windows Services snap-in to start your
    VM service. By default, the service is configured as automatic, so the
    VM will start when your system starts. Each VM that you configure to run
    as a service will appear in its own window on the desktop. Because the
    VM is running as a service, you'll now be able to log off of your
    system, and the VM will continue to run.

    Tuning VMware
    The configuration steps you've performed thus far will let any number of
    VMs run as services without problems. However, you might find that some
    built-in VMware features will get in the way. For example, when multiple
    VMs attempt to start and share the same floppy drive, VMware displays a
    message that the floppy drive will start as disconnected on all VMs
    except for the one that was powered on first. You must click OK to
    acknowledge the message before the VM boot processes will continue. To
    prevent the need for manual intervention at boot time, you might want to
    configure the settings of each VM on the host so that their floppy
    drives don't connect at power on.

    To configure a VM's floppy drive to start as disconnected, open the VM
    in VMware, double-click the floppy drive icon, then clear the Connect at
    Power On check box and click OK in the floppy drive's Settings dialog
    box. One other method for preventing the floppy drive from connecting at
    power on is to open the VM's .vmx configuration file in Notepad and set
    the floppy0.startConnected parameter to "false".

    VMware hints might also interrupt a VM's startup process. You can
    prevent all hints from appearing for any particular VM by opening and
    editing the VM's .vmx file in Notepad. To disable all hints, add the line

    hints.hideAll = "true"
    to the file, as Figure 2 shows.

    Take It to the Max
    Now your VMs can run in ways you've never imagined. For example, you can
    configure a VM to run as a DC that your host OS can log on to. When
    you've attained the "unattainable dream" of running VMware as a service,
    the possibilities are endless.

    Resources
    WEB SITES
    VMware
    http://vmware.com

    Windows Server 2003 Resource Kit Tools
    http://www.microsoft.com/downloads

    4/25/2007

    Windows::Remote Assistance


    Offer remote assistance shortcut:
    %windir%\explorer.exe "hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/Unsolicitedrcui.htm

    Windows::VMWare


    There are known problems with performing certain Active Directory tasks with DCs running on VMWare, such as DC promotion and trust establishment. This article provides instructions on how to remove the shared folder feature, which is part of VMWare Tools.
    ActiveDir.Org

    Windows::Tip


    I saw someone today do Start > Run > %temp% to get to their temp directory to clean it out. Very quick and convenient.

    4/16/2007

    Performance::MSSQL



    Quote from: Buck WoodyThese objects and counters serve as a demonstration of the types of things I monitor for a SQL Server application I use:

    Object

    Counter

    Meaning

    Notes

    Cache

    Data Maps Hits %

    NTFS Processing Efficiency

    Should be better than 90% or may need to defrag Hard Drive

    Cache

    MDL Read Hits %

    Cache Hits for IIS

    Should be better than 90%

    Memory

    % Committed Bytes

    Shows memory use

    Should be under 70

    Memory

    Available MBytes

    How much unallocated RAM is left on the server

    Should be greater than 50MB

    Memory

    Cache Faults/Sec

    Physical Disk Read I/O Operation

    The fewer the better

    Network Interface

    Bytes Total/sec

    Shows network activity

    Network Monitor Driver must be installed for accurate measurement of networkitems - Measure against network bandwidth availability

    Network Segment

    % Network Utilization

    Total Network segment use - not from this server alone

    Depends on many networking variables, but can be useful to a Networkspecialist

    PhysicalDisk

    Current Disk Queue Length:_Total

    Shows physical drive activity

    Less than 3 per physical disk is acceptable

    PhysicalDisk

    % Disk Read Time

    How much time spent doing reads

    Combine with Writes to see if Index usage is correct - may need to adjustfillfactor

    PhysicalDisk

    % Disk Time -- _Total

    Shows drive activity

    diskperf -yv is required for proper logical disk counters to operate. Shouldbe less than 55% - watch for increase

    PhysicalDisk

    % Disk Write Time

    How much time spent doing writes

    Combine with Reads to see if Index usage is correct - may need to adjustfillfactor

    Process

    % Processor Time

    Pick Specific Object

    Will explain how much that object is taking on the processor

    Processor

    % Total Processor Time

    Shows the CPU activity being taken by all processes

    Should not exceed 80% for continuous periods with high Proc Queue Length.NOTE: W2K measures non-busy time and subtracts it from 100%

    Server

    Bytes Received/Sec

    Data received by the server NIC

     

    Server

    Bytes Transmitted/Sec

    Data sent by the server NIC

     

    SQL Server:Access Methods

    Full Scans/Sec

    Table scans

    For the entire server - not just one database

    SQL Server:Access Methods

    Page Splits/Sec

    Splits happen when data or indexes span a page (8k)

    Fillfactors may not be correct if this is high

    SQL Server:Buffer Manager

    Cache Size (pages)

     

    Multiply x 8192 for RAM amount, should be close to the RAM in yoursystem.

    SQL Server:Locks

    Average Wait Time (ms)

    Time processes spend waiting on a lock release

    Should not be high

    SQL Server:Locks

    Number of Deadlocks

    Number of processes deadlocking each other

    Measurement is by the second

    SQL Server:Memory Manager

    Target Server Memory

    How much RAM SQL wants

     

    SQL Server:Memory Manager

    Total Server Memory

    How much RAM SQL is using

     

    SQL Server:SQL Statistics

    Batch Requests/Sec

    Bow many batches sent to SQL Server

    Over 1000 indicates a busy SQL Server - May indicate CPU bottleneck. A 100Mbnetwork card can handle 3000 per second.

    SQL Server:SQl Statistics

    SQL Compilations/Sec

    How many compiles SQL has to do

    Over 100 may indicate a SQL problem

    SQLServer:Buffer Manager

    Buffer Cache Hit Ratio

    Shows how much data is found in the Buffer

    Should be 99% or greater

    SQLServer:General Statistics

    User Connections

    Shows the number of connections taken on the SQL Server

    Varies

    System

    % Total Privileged Time

    Kernel mode operations

    Should be less than 20% or may be IO bound. Pair with %Disk time counter tosee if greater than 50%. Can also indicate driver or NIC.

    System

    Context Switches/Sec

    Server thread switches

    Should not exceed 8000 per second, per processor

    System

    Processor Queue Length

    Shows the amount of processes waiting for CPU time

    Pairs with % Processor Time counter - Should not be greater than 2 perproc.

    Web Service

    GET Requests/Sec

    Number of GET requests

    Each GET connection attempt

    Web Service

    POST Requests/Sec

    Number of POST requests

    Each POST connection attempt

    Web Service

    Total Method Requests/Sec

    Hits on the Web Server

    Service Request rate

    4/10/2007

    Perl::Screen Scraping


    Required: MRTG Graphing for "source records remaining" of replica on Data Domain DDR appliance.

    Problem: The replication statistics are not exposed via SNMP.

    Workaround: Create external monitoring script to http to the device and grab this stat out of the html table that we are manually checking it from now.

    I used PAR to package this into an EXE so I don't even need to screw with Perl modules on the MRTG/Web server.

    Perl code:
    ####################################################
    # checkrep.pl
    #
    # MRTG External Monitoring Script
    # to return Records Remaining to be replicated
    # for specific host & replication destination
    ####################################################

    use Socket; # include Socket module
    require 'tcp.pl'; # file with Open_TCP routine
    use HTML::TableExtract; # Module to parse HTML

    ##########################################
    #
    # Parameters for customization below:
    #
    ##########################################

    ##########################################
    # Host to query

    my $host="DDR05";

    ##########################################
    # Replication Destination

    $Query="dir://ddr02.usa.mydomain.com/backup/rep1";

    ##########################################
    #
    # Don't mess with stuff below here
    #
    ##########################################


    my $time = localtime;
    open (LOG, '>checkrep.log');

    #open (OUT, '>replication.html');


    print LOG "\n----------\n$time\n";

    ##########################################
    #Authenticate

    open_TCP('F', $host, 80);
    print LOG "\n----------\nLOGON-\n";
    print F "POST /cgi-bin/auth.pl HTTP/1.0\n";
    print F "User-Agent: Mozilla/1.1N (X11; I; SunOS 5.3 sun4m)\n";
    print F "Accept: */*\n";
    print F "Accept: image/gif\n";
    print F "Accept: image/x-xbitmap\n";
    print F "Accept: image/jpeg\n";
    print F "Accept: text/javascript\n";
    print F "Content-type: application/x-www-form-urlencoded\n";
    print F "Content-length: 31\n";
    print F "\n";
    print F "user=TESTLOGON&password=********\n";

    # get the HTTP response line
    my $the_response=;
    print LOG $the_response;

    # get the header data
    my %header;
    while(=~ m/^(\S+):\s+(.+)/) {
    $header{$1} = $2;
    print LOG "$1: $2\n";
    }

    # get the entity body
    print LOG while ();

    # close (F);


    ##########################################
    #Open Main (create cookie)

    open_TCP('F', $host, 80);
    print LOG "\n----------\nOPEN MAIN-\n";
    # request the path of the document to get
    print F "GET $header{'Location'} HTTP/1.0\n";
    print F "Accept: */*\n";
    print F "User-Agent: Mozilla/1.1N (X11; I; SunOS 5.3 sun4m)\n";
    print F "Connection: Keep-Alive\n";
    print F "\n";

    # get the HTTP response line
    $the_response=;
    print LOG $the_response;

    # get the header data
    while(=~ m/^(\S+):\s+(.+)/) {
    $header{$1} = $2;
    print LOG "$1: $2\n";
    }

    my $Cookie = $header{'Set-Cookie'};


    # get the entity body
    print LOG while ();


    # close the network connection
    close(F);

    ##########################################
    #Open Page
    open_TCP('F', $host, 80);
    print LOG "\n----------\nOPEN REPLICATION PAGE-\n";
    print F "GET /view.cgi?ref=replication.gui HTTP/1.0\n";
    print F "Accept: */*\n";
    print F "User-Agent: Mozilla/1.1N (X11; I; SunOS 5.3 sun4m)\n";
    print F "Connection: Keep-Alive\n";
    print F "Cookie: $Cookie\n\n";

    # get the HTTP response line
    $the_response=;
    print LOG $the_response;

    # get the header data
    while(=~ m/^(\S+):\s+(.+)/) {
    print LOG "$1: $2\n";
    }

    # get the entity body
    # print OUT while ();
    @line = ;

    # close the network connection
    close(F);

    ##########################################
    #Logout

    # Test to see if session is still logged on
    # e.g. http://atlddr05/view.cgi?ref=main.gui&session=14

    open_TCP('F', $host, 80);
    print LOG "\n----------\nLOGOUT-\n";
    print F "POST /logout.cgi HTTP/1.0\n";
    print F "User-Agent: Mozilla/1.1N (X11; I; SunOS 5.3 sun4m)\n";
    print F "Accept: */*\n";
    print F "Accept: image/gif\n";
    print F "Accept: image/x-xbitmap\n";
    print F "Accept: image/jpeg\n";
    print F "Accept: text/javascript\n";
    print F "Content-type: application/x-www-form-urlencoded\n";
    print F "Content-length: 0\n";
    print F "Pragma: no-cache\n";
    print F "Cookie: $Cookie\n\n";

    # get the HTTP response line
    $the_response=;
    print LOG $the_response;

    # get the header data
    while(=~ m/^(\S+):\s+(.+)/) {
    $header{$1} = $2;
    print LOG "$1: $2\n";
    }
    # get the entity body
    print LOG while ();

    print LOG "\n----------\nEND\n----------\n";
    close (F);
    close (LOG);
    close (OUT);

    ##########################################
    # Parse HTML


    #use Data::Dumper;

    foreach $line (@line) {
    $line =~ s/\x0d{0,1}\x0a{0,1}\Z/ /s;
    }

    $html_string = join ('',@line);

    $te = HTML::TableExtract->new( headers => ['Destination', 'Source Records Remaining'] );
    $te->parse($html_string);

    #print Dumper $te;
    #print "\n";

    foreach $ts ($te->tables) {
    foreach $row (@$ts) {
    # print join(',', @$row), "\n";
    ($Null,$Destination,$Null,$Null,$Null,$Null,$Null,$SourceRecordsRemaining,$Null,$Null) = @$row;
    $Result{$Destination} = $SourceRecordsRemaining;
    }
    }

    $RecordsRemaining = $Result{$Query};

    $RecordsRemaining =~ s/,//;


    ##########################################
    # Return Results

    $Results = "$RecordsRemaining\n$RecordsRemaining\nNA\n$host\\$Query\n";

    print $Results;



    #The external command must return 4 lines of output:

    #Line 1 - current state of the first variable, normally 'incoming bytes count'
    #Line 2 - current state of the second variable, normally 'outgoing bytes count'
    #Line 3 - string (in any human readable format), telling the uptime of the target.
    #Line 4 - string, telling the name of the target



    ##########################################
    # END
    ##########################################

    MRTG - External Monitoring Scripts


    Having a bit of fun lately working with MRTG to graph "non-standard" stats from external monitoring scripts.
    MRTG.CFG
    RunAsDaemon: yes
    #RunAsDaemon: no
    Interval: 60
    EnableIPv6: no
    WorkDir: c:\inetpub\wwwroot\mrtg

    Target[DDR05]: `c:\monitor\checkrep.exe`
    MaxBytes[DDR05]: 500000
    Options[DDR05]: gauge,growright,nopercent,noo
    XSize[DDR05]: 600
    YSize[DDR05]: 175
    PNGTitle[DDR05]: DDR05->DDR02 Replication Status
    LegendI[DDR05]: Records:
    Ylegend[DDR05]: Records
    ShortLegend[DDR05]: records  
    Title[DDR05]: Data Domain Replication Status
    PageTop[DDR05]: <*h1>Source Records Remaining - DDR05->DDR02

    3/29/2007

    Windows Terminal Server::Outlook 2002::Safe Mode


    SYMPTOMS
    ========

    When using Outlook 2002 on a Windows 2000 terminal server, you may receive the following error:

    Outlook failed to start correctly last time. Starting Outlook in safe mode
    will help you correct or isolate a startup problem in order to successfully
    start the program. Some functionality may be disabled in this mode.

    Do you want to start Outlook in safe mode?

    You can click either Yes or No and Outlook opens. The next time you launch Outlook you are not given the prompt. However, at the next launch of Outlook you are given the prompt. On the following logon, you are not given the prompt. This loop of Outlook 2002 prompting for Safe Mode every other time you launch Outlook continues indefinitely.

    CAUSE
    =====

    HKEY_LOCAL_MACHINE\Windows NT\Current Version\Terminal Server\Install\Software\Microsoft\Office\10.0\Outlook\Resiliency with the key TermSrvCopyKeyOnce with a value of 0x1 exists in the Registry on the Windows 2000 Terminal Server in one of the subkeys under Resiliency.

    When Outlook 2002 starts, the following Registry key is created:

    HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Resiliency.

    NOTE: The Resiliency registry key for Outlook is new for Outlook 2002.

    If no problems are encountered, the Resiliency key is deleted. If one of the many tests that Outlook makes at startup fail, subkeys are written under the Resiliency key and the Resiliency key is not deleted. If the key remains, the next start of Outlook 2002 gives the prompt.

    If a subkey is deleted by an application from HKEY_CURRENT_USER (HKCU) -- specifically a subkey from HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Resiliency while the server is in Terminal Server Install mode, the data is copied to HKEY_LOCAL_MACHINE (HKLM):

    HKLM\Software\Microsoft\Windows NT\Current Version\Terminal Server\Install\Software\\Microsoft\Office\10.0\Outlook\Resiliency

    When the application attempts with the server in Terminal Server Application Mode to access the key again and finds it missing, the application looks in this location (HKLM) for the key. If the Resiliency key is there and has the key TermSrvCopyKeyOnce under one of the subkeys of the Resiliency key, the Resiliency key is written back to HKCU.

    In this case, the Resiliency key was written with subkeys while in install mode. Once the terminal server goes back to application mode every user is affected since Outlook 2002 always looks for the Resiliency key, thus causing the loop.

    RESOLUTION
    ==========

    Deleting HKLM\Software\Microsoft\Windows NT\Current Version\Terminal Server\Install\Software\Microsoft\Office\10.0\Outlook\Resiliency resolves the problem.

    3/27/2007

    Operational limits of Word Documents


    MS KB 211489
    Very interesting:
    The maximum file size is limited to 32 MB for the total document text only and does not include graphics, regardless of how the graphics image is inserted (Link to file, Save with document, or Wrapping style) into the document. Therefore, if the file contains graphics, the maximum file size can be larger than 32 MB.

    3/07/2007

    Totally Unrelated


    Atlanta Time Machine
    Very interesting site. I wonder if there are others for other cities.

    2/08/2007

    Windows::Recovery



    Some great offline recovery freeware:

    NTFS4DOS - Access an NTFS volume from DOS prompt - read/write

    Offline Recovery NT/2K/XP/2K3 Offline Password recovery and rudimentary registry editor

    2/06/2007

    Internet Explorer::FTP::Passive Mode


    MS Doc

    SUMMARY
    This article describes how to configure Microsoft Internet Explorer or in Windows Internet Explorer to use both the File Transfer Protocol (FTP) PORT mode and PASV mode.

    FTP supports two modes. These modes are called Standard (or PORT or Active) and Passive (or PASV). The Standard mode FTP client sends PORT commands to the FTP server. The Passive mode client sends PASV commands to the FTP Server. These commands are sent over the FTP command channel when establishing the FTP session.

    Standard mode FTP clients first establish a connection to TCP port 21 on the FTP server. This connection establishes the FTP command channel. The client sends a PORT command over the FTP command channel when the FTP client needs to send or receive data, such as a folder list or file. The PORT command contains information about which port the FTP client receives the data connection on. In Standard mode, the FTP server always starts the data connection from TCP port 20. The FTP server must open a new connection to the client when it sends or receives data, and the FTP client requests this by using the PORT command again.

    Passive mode FTP clients also start by establishing a connection to TCP port 21 on the FTP server to create the control channel. When the client sends a PASV command over the command channel, the FTP server opens an ephemeral port (between 1024 and 5000) and informs the FTP client to connect to that port before requesting data transfer. As in Standard mode, the FTP client must send a new PASV command prior to each new transfer, and the FTP server will await a connection at a new port for each transfer.

    You may have to change the mode that is used by the FTP client, depending on the firewall configuration on either the FTP client or the server. Microsoft Internet Explorer 5 and later versions support both Standard mode and Passive mode.

    How to change the Internet Explorer FTP Client mode
    1. Start Internet Explorer.
    2. On the Tools menu, click Internet Options.
    3. Click the Advanced tab.
    4. Under Browsing, click to clear the Enable folder view for FTP sites check box.
    5. Click to select the Use Passive FTP (for firewall and DSL modem compatibility) check box.
    6. Click OK.
    Internet Explorer behaves as a Standard mode FTP client if you select the Enable folder view for FTP sites check box, even if you also select the Use Passive FTP check box. If you clear the Enable folder view for FTP sites check box and then select the Use Passive FTP check box, Internet Explorer behaves as a Passive mode FTP client.

    2/02/2007

    E-Mail::Common Sense


    Simple rules:

    1) Never put anything in an email that you wouldn't want posted on the lunch room bulletin board.
    2) Treat email like a written memo; it's a business record.
    3) Never use offensive or vulgar language in an email.
    4) Beware what you write; your email can be forwarded to others (accidentally or otherwise).
    5) Be careful that the tone of the words is what you want. Consider being over-polite to avoid misinterpretation. (and "let the ink dry" before sending if you are angry when you composed it.)
    6) Business is not the place to forward jokes; others may be offended or tired of the interruptions.

    Top Ten E-Messes

    You inadvertently send porn to your boss:
    You receive a picture that you just know your friend Daniel will appreciate. While no one is around, you quickly forward it to him using the function to recognise the name. Daniel doesn't reply, and when you quiz him about it later that evening, you realise he didn't receive it.
    Frantically checking your sent items the following day, you realise that the explicit image was sent to Dani, your boss.

    You did not secure the salary information document:
    HR sends to you the salary breakdowns for 2002, and while reviewing them you realise changes need to be made. You re-save the document, and send it back to HR. Unfortunately, you have saved the document in the company network file name: Salaries.

    You swear about your client in an email to a colleague at work:
    Your client has been irritating you with their unrealistic demands and constant complaining. You vent your frustration in an email to your colleague, where 'no holds are barred' about your views. But in anger and because you have your client on your mind you send it to him instead. You lose the account the following week.

    You forward a joke:
    You receive a joke from your old friend, who can always be relied on to provide the best jokes they always go down well. You don't have time to read it through, but send it onto your colleagues so they don't miss out. The racist comment at the end of the email is not appreciated, and sent immediately to HR with a complaint.

    Ruining your company's reputation:
    You send a MPEG that only a few select friends would appreciate you're very careful about that. Your friends forward it onto a select group, too, and the chain goes on and on. In the end, over 300 people have received an email with your company name, address and URL with a shocking attachment. Not the sort of campaign your marketing department had in mind.

    1/29/2007

    Fax::Services::Outsource


    From InfoWorld
    The original page can be found here:
    InfoWorld
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    The First SMB IT Buyers' Guide: Internet Fax Services


    By Oliver Rist
    April 27, 2006

    Took me a little while to compile this chart, but here 'tis: The first SMB IT Buyers' Guide. Today, boys and girls, we've compiled you a fine summary of Internet Fax Service providers, their features and basic pricing.

    There are more fax services out there than the twelve I've managed to summarize here, but I thought these were either the best known or the best suited to the SMB set. Also, I've got a finite attention span for this kind of thing, and figuring out 57 features for 12 products tends to bring out my ADD demons. I kept them at bay with an adventurous dosage of gin, tonic, chocolate chip cookies and background TV, but I've got limits.

    Of the 12, the two I liked best are highlighted in green: InterFAX and Venali. Of the two, I rate Venali as somewhat ahead of InterFAX and certainly ahead of the rest of the field.

    Venali may not have the desktop client platform breadth of some of the other services (they love Microsoft), but they definitely have the best business feature set of the bunch and an excellent price to boot. Better, where the others tend to top out at the small business level, Venali can take you from small to medium and right on up to enterprise.

    An interesting one is the Phone Company's Remote Printing Service. This is basically a collection of open fax servers worldwide that you can use to send a fax from your browser in a pinch. Not something you'd base even a small business' entire fax functionality upon, but an interesting development--and definitely a utility worth knowing about for when the fax gods are angry with you.

    I tried to convert this thing into a PDF, but Adobe has always hated me; so download the link below only if you've got Microsoft Excel or something compatible. I'll keep dancing with Acrobat and get that version up as soon as I find someone smarter than me. (Short search, I know.)

    Also, anyone has any corrections to this chart, please post in comments and I'll add after verifying.

    Download Fax Buyers Guide.xls



    http://weblog.infoworld.com/smbit/archives/2006/04/download_first.html

    Cisco::Firewall::IOS



    Cisco IOS firewall implementation guide.

    PDF

    1/18/2007

    Multicast Routing


    http://www.cymru.com/Documents/Cisco/multicast-router.txt


    @(#)multicast routing howto 04 AUG 1997 Rob Thomas robt@cymru.com
    How to setup a router to route multicast packets
    Multicast is a UDP-based protocol which literally delivers packets from one
    host to many. If abused, it can be made to deliver from many hosts to
    many hosts to many hosts to many hosts... This is why it's important to
    setup multicasting routing on the routers in a sane manner.
    1. First, enable the global multicast routing parameter by:
    !
    ip multicast-routing
    !
    This can be disabled, if you so choose, by doing:
    !
    no ip multicast-routing
    !
    2. Next, select your style of multicasting. I chose PIM (Protocol-
    Independent Multicast) for the following reasons:
    - PIM works with all existing multicast routing protocols.
    - PIM has two modes (dense & sparse) which gives me some freedom at
    configuration time.
    You could also choose from IGMP (Internet Group Management Protocol,
    which is good for large WANs) or DVMRP (Distance Vector Multicast
    Routing Protocol, which is slightly unsupported). However, be aware
    that Cisco only tacitly supports DVMRP. To use DVMRP with a Cisco
    router, you need to point your Cisco to a router that DOES support
    DVMRP directly.
    Of the two PIM choices, I went with dense mode. Here are the differences:
    - Dense mode: When the router receives a multicast packet, the router
    sends the packet out of all interfaces except for the interface from
    whence the packet originated. If the router discovers that a certain
    interface has no multicast recipients, it sends a "prune" message back
    to the sender stating that there is no need to send messages to that
    interface/subnet/link/host.
    - Sparse mode: In sparse mode, it is assumed that no host wants multi-
    cast packets unless the host specifically asks for it. So, instead
    of the shotgun approach of dense mode, one router becomes the central
    hub. This central hub logs all hosts that wish to receive multicast.
    Further multicast packets are sent only to those hosts.
    Seeing as how we only have two routers, I did not want one router to be
    burdened with the list of multicast hosts (especially since practically
    ALL of our hosts "want" multicast). Additionally, I did not want to
    spend time fudging entries in the multicast recipient list.
    So, to configure for PIM dense mode multicast routing:
    !
    interface ethernet 0
    ip pim dense-mode
    !
    interface ethernet 1
    ip pim dense-mode
    !
    Obviously, all involved routers should be speaking the same lingo. Thus,
    routerA is configured the same as routerB.
    3. Next, you need to set the multicast threshold. This is the BIG TRICK[tm]
    to multicast routing. In a nutshell, every multicast packet has a TTL.
    That's basic to all IP. By setting the multicast threshold on a given
    router interface, you create a hurdle. If the packet's TTL is higher
    than the multicast threshold, the packet may pass. If the packet's TTL
    is LOWER than the multicast threshold, the packet is stopped (actually,
    it is bounced with an ICMP message, but that's for another "howto" ;-).
    This is how one prevents multicast packets from careening out into the
    great 'Net. The range for multicast threshold is 0 to 255, with 0
    meaning all packets may pass (well, *almost* all) and 255 meaning
    virtually no packets may pass. On the routerB router, I set up the
    multicast threshold at a comfortable 1 (because this is an internal
    router). The multicast threshold on the interface leading to the
    Internet on routerA should be set at 255 (if, in fact, multicast is
    enabled on the interface at all).
    !
    interface ethernet 0
    ip multicast-threshold 1
    !
    interface ethernet 1
    ip multicast-threshold 1
    !
    And you're set!
    4. It's probably a VERY good idea at this point to save your config. I
    choose to save off to tftp (in case my NVRAM gets scrammed), but you
    can choose your own danger here. At the least, you should copy your
    running-config to your saved config.
    router#copy running-config startup-config
    Enjoy!
    Questions/comments/bugs to: robt@cymru.com
    Famous Unix quotes: "You are not expected to understand this."
    -- From the original comments in the source code for Version 7's
    process scheduling algorithm.
    Rob Thomas, robt@cymru.com
    http://www.enteract.com/~robt

    1/05/2007

    Migration from GroupWise to Exchange



    I have just a few users and the only data available is the "cache mode" copy on a laptop.

    Search Results Page: "Instructions on exporting mail to a PST file from GroupWise using Outlook."

    -Install the GroupWise Client.
    -Install the Outlook 2002 Client.
    -Load GroupWise Client and login as the user.
    -Launch Outlook (this will connect to the GroupWise account that you are currently logged into).
    Opening Attachments Blocked by the Microsoft Outlook E-mail Security Update:
    "Opening .exe Attachments with the Outlook E-mail Security Update"

    Allow the user to use a registry key to open up access to blocked attachments. (Always make a backup before editing the registry.) To use this key: Run Regedit, and go to this key:

    HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security

    (change 10.0 to 9.0 for Outlook 2000 SP3 or to 11.0 for Outlook 2003) Under that key, add a new string value named Level1Remove. For the value for Level1Remove, enter a semicolon-delimited list of file extensions. For example, entering this: .mdb;.urlwould unblock Microsoft Access files and Internet shortcuts. Note that the use of a leading dot was not previously required, however, new security patches may require it. If you are using "mdb;url" format and extensions are blocked, add a dot to each extension. Note also that there is not a space between extensions. If you are using this registry entry, a glance at Help About Microsoft Outlook will show Security Mode: User Controlled above the license information. See OL2002 You Cannot Open Attachments for more information on this registry entry. To force users to save *.zip files to the hard drive before opening, add .zip to the extensions step 3. See How to configure Outlook to block additional attachment file name extensions for more information. If you prefer not to edit the registry directly, you can use one of these tools to make the change; not all support both Outlook 2002 and 2000: