Personal website of Dave Hope

Izarc MSI and Transform

Dave — Wed, 16 Jul 2008 12:02:22 +0000

At work I try to use as many free software alternatives as possible, after a bit of hunting I came across an MSI that someone has built for IZArc.

The only problem the MSI above is that it’s in French. Here’s a transform (mst) to change the language to English and remove the “What’s new” and “Help” shortcuts.

IZArc is the ultimate freeware archive utility with a modern easy-to-use interface. IZArc provides support for most compressed and encoded files, as well as access to many powerful features and tools

Register connection’s addresses in DNS

Dave — Tue, 08 Jul 2008 18:51:05 +0000

In the last 12 months I’ve been through the acquisition once and am now going through it again. In June 2007 Immediacy (the company I work for) was acquired by Mediasurface PLC. A month or so ago Alterian PLC announced their intention to acquire Mediasurface.

As part of the acquisition I’ve had to change our IP addressing so that it ties in with Alterian’s. My plan was to run both subnets at the same time and then quietly drop the old one. I ran in to a problem when adding an additional IP to the network cards, Windows would only register the primary IP in DNS and insisted on dropping any other records from DNS. That was obviously problematic when wanting to run two subnets off one NIC.

As I saw it, there were three options:

Disable automatic registration on connections addresses in DNS;
Manually create the record, then set the permission of the entry so that the computer account couldn’t delete the record;
Use multiple NICs per server;

Either was a reasonable solution, however I opted to manually create the additionl records and adjust the permissions.

Still, it’s nice to know you’ve done your job right when nobody even notices a major change like re-addressing the network

A 300ft bungee jump?

Dave — Sun, 08 Jun 2008 13:19:53 +0000

I usually try and avoid blogging personal things, but am going to make an exception just this once. For my birthday back in May by friends teamed up and bought me a 300ft bungee jump in Datchet, Berkshire. I finally managed to pluck up the courage and take a jump. See below for the video evidence.

WSUS SP1 Upgrade fails

Dave — Thu, 22 May 2008 11:26:39 +0000

Came across a problem when upgrading to WSUS SP1 earlier today. If you’ve moved your WSUS database as per my post your upgrade will fail with the following:

Success  MWUSSetup  Validating pre-requisites...
Success  MWUSSetup  Creating database backup...
Success  MWUSSetup  The SQL server instance is remote. No database backup will be created
Success  MWUSSetup  Removing Wsus...
Error  MWUSSetup  RemoveWsus: MWUS Uninstall Failed (Error 0x80070643: Fatal error during installation.)
Error  MWUSSetup  C UpgradeDriver::PerformSetup: Failed to remove earlier version of WSUS (Error 0x80070643: Fatal error during installation.)
Error  MWUSSetup  C SetupDriver::LaunchSetup: Setup failed (Error 0x80070643: Fatal error during installation.)

The solution is to make sure the following registry keys are set:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Update Services\Server\Setup]
“SqlInstanceIsRemote”=dword:00000001
“wYukonInstalled”=dword:00000000

Open source network monitoring

Dave — Wed, 21 May 2008 12:58:32 +0000

I’ve used various network monitoring tools over the last few years, in particular Cacti, System Center Essentials and now Zenoss.

Cacti is great for monitoring SNMP hosts and has some incredible graphing abilities. The problem I had with Cacti is simply that there’s no useful OS error monitoring. So, there became a requirement for either a replacement or additional monitoring system.

This was where System Center Essentials came in. It had the promise of SNMP monitoring, windows agent support and other goodies. Unfortunately even with SP1 the performance was poor and I was frequently plagued with meaningless alerts (to which the Microsoft solution was to filter them out). SNMP reporting was so poor that SCE just had to go.

I then came across Zenoss, so far it looks really swish. It has a nice user interface, SNMP graphing and WMI interaction with windows hosts - meaning full event log monitoring. Check out the screenshots below and then go and take a look at their website!

Web based out of office updated

Dave — Wed, 30 Apr 2008 13:38:23 +0000

My Web based out of office manager application has now been updated with Exchange 2007 support. The WebDav interface has been de-emphasized in Exchange 2007 so the new version will make use of EWS if you’re lucky enough to be using Exchange 2007. You can find the new version here.

Remotely check Windows firewall status

Dave — Wed, 30 Apr 2008 11:10:37 +0000

As part of my routine auditing process I wanted to check to ensure that the Windows firewall is enabled and set to use its domain profile on all of our Member servers.

Here’s a script to do just that

' Configuration.
' ====================================================================
Dim strFirewallStatus, strComputer, arrComputers
arrComputers = Split("london,brisbane,perth,chicago", ",")

WScript.Echo "-------------------------------------------------------"
WScript.Echo Left("Computer Name" & Space(47),47) & "Status"
WScript.Echo "-------------------------------------------------------"

' Iterate through computers, showing status.
' ====================================================================
For Each strComputer in arrComputers

  ' Required so we don't die on permission errors.
  On Error Resume Next

  Set objReg = GetObject( "winmgmts:{impersonationLevel" &_
  "=impersonate}!\\" & strComputer & "\root\default:StdRegProv")

  If err.number = 0 Then
    objReg.GetDWORDValue &H80000002, "SYSTEM\CurrentControlSet\" &_
    "Services\SharedAccess\Parameters\FirewallPolicy\" &_
    "DomainProfile\", "EnableFirewall",dwValue

    If dwValue <> 0 Then
      strFirewallStatus = "Enabled"
    Else
      strFirewallStatus = "Disabled"
    End If

    WScript.Echo Left(strComputer & Space(47),47) & strFirewallStatus

  Else
    WScript.Echo strComputer & " - Error" & err.number & " : " &_
    err.description
    err.clear
  End if
Next

You’ll need to make sure that you’ve got the relevant permissions on the target computers, otherwise you’ll just get errors.

Microsoft break support.microsoft.com for Squid users

Dave — Tue, 29 Apr 2008 07:35:59 +0000

It seems that Microsoft have managed to break their support site for anyone behind a Squid proxy server. Danny has posted a fix for this on his website, though for newer version of squid a slightly different approach is required.

##
# Fix support.microsoft.com
##
acl fixSupportMicrosoft dstdomain support.microsoft.com
reply_header_access Accept-Encoding deny fixSupportMicrosoft
request_header_access Accept-Encoding deny fixSupportMicrosoft

What you’re doing there is preventing the Microsoft support site from gzip’ing their content.

Squid top-site report generator updated

Dave — Tue, 22 Apr 2008 12:26:12 +0000

I got an e-mail from Marco Stefanini asking if the Perl script could sort sites by the data transfer rather than the frequency of the visits. Not wanting to disappoint I added the functionality last night and tested when I got into work today.

So, without further ado go checkout my Squid Top Site Report Generator and get yourself some reporting goodness.

System Center Essentials (SCE) SP1 error 3604

Dave — Mon, 21 Apr 2008 10:26:12 +0000

Our latest ActionPack subscription came through the other day and I noticed licenses for System Center Essentials so figured I’d give it a try. We already use WSUS to update management, so am still not toally convinced of the benefits.

Anyway, after a few problems with the initial install I went to install SP1 only for the upgrade to fail fairly early on, with the following in the setup log:

09:54: ProcessInstalls: installWSUS set.
09:54: AdjustWSUSSSL: found the wsusutil.exe at C:\Program Files\Update Services\Tools\wsusutil.exe
09:54: AdjustWSUSSSL: Launching C:\Program Files\Update Services\Tools\wsusutil.exe with arguments: ConfigureSsl MIOS3.immediacy.local
09:54: SetProgressScreen: Init WSUS Install progress.
09:54: statusUpdate: Resetting progress bar.
09:54: LaunchWSUS: Launching d:\temp\setup\i386\WSUSSetup.exe with arguments: /g /q DEFAULT_WEBSITE=0 PROGRESS_WINDOW_HANDLE=2818292
09:55: LaunchWSUS: Failed: Return Code 3604
09:55: LaunchWSUS: Check C:\Documents and Settings\dhope\Local Settings\Temp\1\SCEWsus for more information.
09:55: LaunchWSUS: Additional Logs may be avaiable at: C:\Program Files\Update Services\LogFiles

So, time to check the WSUSSetup.log file

2008-04-21 10:02:32  Success   MWUSSetup          Creating database backup...
2008-04-21 10:02:32  Error     MWUSSetup          ExecuteQuery: Failed to execute SQL query BACKUP DATABASE SUSDB to DISK=N'D:\WSUS\SUSDB.bak' (Error 0x80040E14)
2008-04-21 10:02:32  Error     MWUSSetup          ExecuteQueryGetNoResults: Failed to execute query BACKUP DATABASE SUSDB to DISK=N'%s' (Error 0x80040E14)
2008-04-21 10:02:32  Error     MWUSSetup          BackupDatabase: Failed to backup database (Error 0x80040E14)
2008-04-21 10:02:32  Error     MWUSSetup          CUpgradeDriver::PerformSetup: Failed to backup database (Error 0x80040E14)
2008-04-21 10:02:32  Error     MWUSSetup          CSetupDriver::LaunchSetup: Setup failed (Error 0x80040E14)
2008-04-21 10:02:32  Success   MWUSSetup          An error occurred while performing setup. Please refer to the error logs for details
2008-04-21 10:02:32  Error     MWUSSetup          DoInstall: Wsus setup failed (Error 0x80040E14)

Ahah! - What’s this, SCE SP1 seems to be trying to backup to a non existent location (D:\WSUS), simply creating the directory and giving it the relevant permissions sorted the problem and setup could then run.