Huge links on a draining day:
What I thought was the root issue.
And this got the issue over the hump.
After getting the DNS tests to pass, I did a topology rediscovery on the troublesome DC. It came up with a new replication link with a funky GUID, and event logs all over the place indicated that AD said, “Oh crap, we had the wrong GUID for the PDC emulator all along!”
At least it (NTDS Replication) appears to work now. Off to class.
–Nat
Kristin and I went down to Ames this weekend along with the Mooney’s. After leaving late on Friday night, Derek and Meghan did a great job of driving us down there and we got to spend a little time with Liz and her house mate before enjoying the air mattress in the living room.
Saturday Kristin and I enjoyed awesome Pizza Ranch Buffet after dropping off Liz for her rehearsal and pictures. While Liz was there, I downloaded and installed on PlayOn so that we could see how much functionality could be squeezed out of Liz’s new xbox 360. It seemed to work pretty well, but kept dropping out when we tried to watch Dr. Horribles Sing Along blog. It ended up working on Sunday, but caused no end of frustration during the twenty minutes I tried to get it working. I’ll blog more about that some other time.
I picked up Liz and dropped her off again when my dad showed up with the tickets with Mike Cooley. Jason and Derek showed up shortly later and we all headed off to tail gate just north east of the stadium. While we were tailgating, a helicopter circled and dropped a paratrooper who we believe delivered the game ball. It was only about 4:30, so it was hard to tell what point was because the game wasn’t until six.
About 5:15 we headed into the stadium and were treated to a great performance as expected from the band and a surprising victory from the football team.
Click on the pic for the real deal...
Click on the link for the real deal...
Sitting at the game, I got really thirsty. Despite a raised eyebrow from Kristin, I decided to buy a cup of pop. Kristin decided to get a picture of the cup to commemorate the occasion.
It was tasty. Yep.
We finished up the game, said goodbye to my dad, hung out with Liz & Brad at Old Chicago, and that was our Saturday. Liz seems to be doing really well down there which is really awesome. “The Rental” in Ames is so much nicer than than “The Rental” was in Waverly that there really is no comparison. It’s really exciting that Brad is cruising towards both graduation and getting married next year, too.
Sunday featured some tasty Chinese food, hanging out with Liz and an uneventful ride home with the Mooneys. Conversation is always good in the vibe… 🙂
–Nat
Something that has bothered me about this blogging setup since its inception was the need type “wordpress” at the end of my teamjuchems.com URL, https://www.teamjuchems.com/wordpress. Everyone else seems to have figured out how to get their blog into their root directory. I had setup my wordpress install into a “virtual” apache instance, so this wasn’t how it came up as default.
After trying to mess with an .htaccess file, redirects in Apache, etc. I scrolled down, in webmin, to the apache server management page, and guess what I saw:
As you can see there, there is a “root” directory. Previously it was pointed just to /var/www/, now it points to /var/www/wordpress/ and magically this made it so my blog was the root of the web server. Now, this broke a bunch of things and made it so I had to clear the cache of all my web browsers so I could login, but this should be its long term parking spot. I had also mistakenly told the virtual server that it was representing http://worpress.teamjuchems.com – this has now been fixed as well.
One win for the team, at least 😉
–Nat
So, I’ve had an issue creating VMFS partitions from the GUI on the ESX 3.02 servers that I have built. Given that I didn’t have it create partitions at installation because I wanted a bigger block size (its an 800GB local disk, so I want one VM to be able to use at least a majority of it, and the default 1MB block size means a .vmdk file is limited to 256GB, too small) so I elected to wait until after the ESX installation. Doing this greeted me with a great “There was an unexpected error updating the partition table.” Great, thanks for that descriptive error. So, to the command line we go:
- fdisk -l (check what the last partition is)
- fdisk /dev/sda
- n (new)
- default (start block)
- default (end block)
- t (partition type)
- 10 (partition 10, just created)
- fb (vmfs type)
- w (write config)
- reboot (Reboot the host before you format the newly created local partition)
- vmkfstools -C vmfs3 /vmfs/devices/disks/vmhba0:0:0:10
- Go to VI Client, Refresh storage view and rename the newly created volume
- W
You can align the VMFS volume as follows, before you do step 9:- X
- b
- 1
- 128 (disk alignment, check your SAN manual for the correct value, 128 is correct in most cases…)
Now I need to figure out how to set blocksize while running that command and I will be set.
#vmkfstools –C vmfs3 –b 2M vmhba1:0:0:2
Found it.
–Nat
So Windows 7 has a development environment (Integrated Scripting Environment) built in for PowerShell. That’s pretty freakin’ cool…
Start -> All Programs -> Accessories -> Windows PowerShell -> Windows PowerShell ISE
Remember that the Shell is capitalized 😉
And the awesomeness has just been tempered as I realize that I have PowerShell V2 with the included ISE – but the only way to get this is to run Windows 7 or Server 2008 R2. I was hoping to get this up and romping at work, but evidently I’ll have to wait. As in “a few months.” Seems pretty ridiculous, you would think that Vista and 2008 would have support at the same time… I was really hoping to do my VMware backups with this tool. It’s still possible, I suppose, just a little more difficult. Dang it.
This came out last December but appears to be the best MS can do for my 2008 Server development box. That’s a bit of a downer.
Still, it looks promising 🙂
–Nat
I’ve learned to trust the cold clone version of converter as my defacto conversion tool as you can be sure that it is going to do the job right the first time and not hit issues based on file system depth, etc.
The big question is where is this functionality with the newest version? Hardware support in the bootpe disc (especially network drivers!) is a big deal with newer hardware coming out. Let’s get it together VMware and release a new version. My cold clone CD appears to have last been updated in May 2009 – lame!
–Nat
Continuing the quest to install ESX 3.02, it came about that we need to enable some password security. There is a couple things to do here, the first being to run the command “esxcfg-auth” – this command will bring up the list of commands available which include setting how long the password is valid, how often the password can be changed and when the warning will appear that the password for a given account is going to expire.
The meat of the password security is setting the password complexity rules setup. I found that using the –usepamqc=values worked well. Here is the verbose language:
-KjB
–usepamqc
Enables the use of the pam_passwdqc PAM module for password com-
plexity checking. It can be configured by passing a 6 value tuple
as the value. The tuple is formed from the following information:
– minimum length of a single character class password
– minimum length of a password that has characters from 2
character classes
– minimum number of words in a passphrase
– minimum length of a password that has characters from 3
character classes
– minimum length of a password that has characters from 4
character classes
This does not fully expose the abilities of this powerful PAM
module. See the pam_passwdqc man page for more information on how
to use this PAM module to enforce password rules on the user’s
password.
If you pass a value of -1 for any of the six tuple values,
that is understood as disable this option. An example of a tuple
is “8 -1 -1 -1 8 4”.
That worked well (with some different values of course.) The last number, not described above is the number of times a character can appear in the password. In this case, that would mean any single character could appear four times.
To add the a nifty warning message when a user logs on, simply create a file titled “motd” in /etc and add your message. Easy!
–Nat
Update:
So, I am a moron. That’s the idiot error you get when you don’t type the password right in your script. Yep, got it now.
Original:
Well, crap.
insufficient rights to host operating system
The dreaded UAC controls and security model in Server 2008/Vista have reared their head and I think its going to be complicated to work within their rules.
My plan hinged on the automated shutdown, copy and then restart of my Ubuntu server VM. There are two obvious hurdles to this plan. The first is acquiring/writing a script to do this. Secondly, I don’t believe that VMware tools has been successfully installed on the Ubuntu server – I spent a lot of time on that, custom compiling, adding packages, etc. This seems to have been ineffective so far, but I think that should be somewhat easy to over come.
Back to the first issue, the automation. It seems that unlike the big boy version of VMware, VMware Server 2.x doesn’t have a built in task scheduler which would have just been too darn easy. It does come with an executable that should be an enabler, however. This script I found would work really well. The issue is that the script blows out when it hits the “vmrun.exe” because even running the command prompt as administrator doesn’t pass on the necessary rights elevation. Looks like I could do some fanciness in VB that would make this work…
I am going to try and run the commands singly in task manager to see if the “run as” there is effective. Probably not, but I can hope. Time to dig into that, which is just fantastic and will require some local group policy work. Once I have a fix, it might actually be useful to others. We’ll see. Ideally I’ll find a fix that works within the default Server 2008 security model which would make it much more portable.
–Nat
I finally got windows DNS up and running on my Windows Home Server after putting it off for a year or so. It seems trivial, but I view it as one more configuration item to recreate after a rebuild. I hope that my current WHS lasts about forever (I built it with 3 to 5 years in mind) but the system drive could always fail – not to mention that WHS2 should be out before too long. Once WHS is 64 bit, I’ll consolidate my main VMware Server instance onto it and it will be nice to be down to basically one server in the house.
Anyway, I had a couple challenges, but mostly those were due to configurations across my two networks (one behind the G router, the other behind the N router.) The long term solution is to flip both of those into AP mode and do all my configuration on the SMC gateway but that is an undertaking for another day. The other was related to flushing the dns cache on the DNS server itself. Seems obvious, right? Well, I wasted about twenty minutes before I caught on to it.
I switched over to OpenDNS for my external DNS servers and that seems to have sped up internet browsing a touch.
The last thing to do is to have DHCP append a domain (so atlas will be atlas.jhome) to PC’s and then setup a zone for that on my DNS server. That way name resolution will be tidier and I can setup reverse zones and such.
And the next last thing to do is to setup another windows host for dns so I don’t have to worry about maitnenance activities upsetting our LAN and internet access.
It just never ends!
–Nat
Dailytech Virtualization Article
Seriously? A dark side to virtualization? If virtualization technology is phased in by someone that has a clue this cannot be an issue. Take something like Exchange 2007 – will the performance be worse virtualized? Yep. But what kind of horsepower do you really need for 100? Or 1,000? A modern server on the VMware HCL that is configured reasonably should be able to take 30 to 40 servers, which means that many SMB’s could get away with a two node cluster.
Virutalization allows for enormous flexibility. Even if you run the most basic version of VMware ESX, you’ll get fully encapsulated virtual servers that you can back up cheaply with a product like vRanger from Vizioncore for complete, bare metal backups. You could run two or three servers per host and see incredible DR and utilization benefits very cheaply.
If the issue for SMB’s is that they are going to be dumb and deploy a technology in a way that dreadfully increases risk that’s a not a technology problem. That’s a stupid person problem.
It really sounds like the analyst wanted to say something to stir it up. Congrats, man, but you just sound ignorant.
–Nat