Category: electronics

  • Copy Files Between Untrusted Domains Programmatically

    Normally on a Windows machine when you attempt to access a share in a different domain you are prompted for credentials.  However, there are no copy utilities (copy, xcopy, robocopy, etc) that pass credentials in the command line.  Also, as it is an untrusted domain, you simply can’t do a RunAs (need to manually type in a password for that anyways).

    The answer was so obvious, I can’t believe it didn’t come to me right away.  However, net use, the simplest of commands, is your friend again.  Using the following command you can initiate the connection and then copy between the machines as much as you like via normal UNC path.

    net use [server][path] [password] /user:[username]

    copy [server][path][more path]

    net use [server][path] /delete /y

    By using the following syntax there is no mapped drive.  There is simply a stored connection with the associated credentials for the life of the profile or until the delete command is run. 

  • PSExec

    On my current project they deploy PSExec to all machines.  The downside?  It is a version from 2004.  Yes, that is right from over 5 years ago.  Needless to say, there has been nothing but problems with it.  Granted, PSExec is probably one of the easiest things to upgrade as you just need to upgrade the version that you are calling PSExec from.  It then copies itself out to the machine and does it’s job.  However, if the old version was ever tried against a machine, you may be in some weird state like we were where PSExec wouldn’t start, or it would and wouldn’t close, etc.

    Stumbling along the internet I found someone else who had this issue.  However, his processes doesn’t always work because there may be something hanging onto the PSExecsvc.exe file still.  Instead I recommend using the following batch file.

    sc %1 stop psexesvc
    sc %1 delete psexesvc
    del %1admin$psexesvc.exe
    del %1admin$system32psexesvc.exe

     

    It just deletes the service before it tries to delete the files.  Works like a charm.

  • CSS Project Destination Authentication Account

    Been a long time again, but I have a few updates to put up here.  They may not help a lot of people, but they are good things that I want to remember 🙂

    Commerce Server uses a pretty antiquated system for doing content and code promotions.  It is called Commerce Server Staging (CSS).  We have set it up, but want to better automate the deployment of all the CSS projects (jobs).  For the life of me, I could not figure out how to add in the destination authentication account programmatically.  Thankfully it wasn’t something short sighted I was missing.  After discussing with Microsoft for awhile, there is apparently some undocumented switches on CSS.exe.  After you add the project (css.exe addproj), you then need to edit the project with the following syntax:

    css.exe editproj [project] Destination=[server];[username];[password]

    Yay to automation!

    Update:
    Turns out you can do this with the Addproj also doing the same way with the semicolon separated items for the destination.

  • Xbox 360 and Netflix

    Netflix streaming straight to the Xbox 360 has got to be the coolest thing ever.  Last weekend we watched two movies that way.  I just wish they would get more movies on the streaming feature.  Screw DVDs moving forward.  It’s all about the streaming media.

  • Data Protection Manager and Windows 2008

    I’ve been playing with getting DPM running on Windows 2008 (SQL) for awhile now.  Mostly on and off, just when I have time to think about it.  Well, today I finally got around to getting it installed, successfully.

    First of all my setup:

    • Frontend is on Windows 2003 x86 R2 with SP2
    • SQL is on a Windows 2008 x64 box
    • Reporting Services front-end is on a Windows 2008 x86 box

    Things I found out while trying to install:

    • DPM will not install unless Reporting Services is installed on the same box as the SQL database.  You may be able to fix that afterwards, but this is a serious limitation.  In any sort of enterprise, reporting services is (or at least should be) segregated from the production database services box.  This was a large pain as I needed to move everything, ugh.
    • DPM’s installer doesn’t play nicely with UAC.  There’s a step that a registry item needs to be added to the remote SQL server.  However, if UAC is enabled on the SQL box, the installer fails saying that it can’t create that registry key eventhough I’m logged in as an administrator on both machines.  This is because on the SQL box, it’s probably getting the allow dialog box.  Simply turn off UAC on the remote machine, or run the installer as the local administrator account (password must be the same on both machines).

    Now I just need to start backing up my Exchange 2007 server, since it has log files dating back to March the 3rd (ouch).

    *Update*
    Well, it looks like the DPM team has finally released the Rollup package to allow for Win2k8 system state backups (among other things).  Check out the news.

  • WCF Extensions and .NET 3.0 SP1

    Having issues installing the WCF Extensions on Visual Studio 2005 when you have .NET 3.0 SP1 installed?  Getting an error message the looks something like the following? 

    Setup has detected that a prerequisite is missing. To use Visual Studio 2005 extensions for .NET Framework 3.0 (WCF & WPF), November 2006 CTP you must have the .NET Framework 3.0 runtime installed. Please install the .NET Framework 3.0 runtime and restart setup.

    Well, instead of just installing the application by double clicking on the MSI, run it the following way.  This ends up bypassing the prereq checks and it installs successfully.  Yay to broken installers!

    msiexec /i vsextwfx.msi WRC_INSTALLED_OVERRIDE=1

  • VI3, NFS and Windows VMs

    See the second update for the correct way of setting this up 🙂

    You may be like me, and have a test lab running VI3.  You may also only be running Microsoft VMs for whatever reason.  I happen to be because that’s all I deal with as I work for a MS Consulting company.  Anyways, whenever I wanted to create a new machine I needed to have the ISO copied out to the ESX storage device.  This was always a pain because I’d have to use WinSCP or Filezilla to copy it from a host virtual machine to the storage device.  Plus there was the fact that I was now using 2x the space on the storage device because it’s accessible to ESX and it’s stored in a VM.  Lame.

    With VI3 you can use NFS shares as storage devices.  Downside is, is that by default Windows only uses CIFS (or SMB) sharing.  However, with Windows 2003 R2 (you may be able to do it in Win2k3 too) you can install the Unix NFS tools which allows for the creation of NFS shares.

    From the Windows machine you want the NFS share(s) located on, you need to open Add/Remove Programs from the Control Panel and then Add the following Windows components.  Under Other Network File and Print Services select to install all of the Microsoft Services for NFS.  I don’t think if you need all of them, but it’s working with them all (feel free to leave feedback if you play).

    After you install those, it will require a reboot.  Once you’re back up, open up the Microsoft Services for NFS in the Administrator Tools.  Right click on the root (Microsoft Services for NFS) and select the user name mapping you want.  I set mine to AD lookup, but I’m using anonymous read only access on the share anyways.

    If the CIFS share has already been created, you will need to create the NFS share from the command line.  This can be done with the following command:  nfsshare -o anon=yes

    =drive:path.  Obviously replace

    with the name you like and drive:path with the location for the share. 

    If the CIFS share hasn’t already been created, then you will see a NFS Sharing tab when you attempt to create the share.

    Once the share has been created, within your VirtualCenter client (or host based VI Client), select the host, go to configuration tab, and then Storage (SCSI, SAN, and NFS).  Select Add Storage and select the Network File System option.  Enter the info for the server you just set this up on and the folder (/

    ).  Now you have a mounted storage device for your share.  Yay!

    As mentioned before, this NFS mount point can be a virtual machine on the host.  I haven’t restarted the host yet, so I’m not sure how nicely it plays with that though.

    Resources used for this:
    http://levelsofdetail.kendeeter.com/2007/01/setting_up_an_nfs_server_on_wi.html
    http://support.microsoft.com/kb/324089

    **Update**

    Ugh, so just doing the above doesn’t work.  At least it didn’t list the contents of the iso directory.  No good.  Further research comes up with one possible solution, but it’s ugly.

    Add anonymous login read access to the share and ntfs permissions on the share.  This seems to work, but I’m not really a fan of it.  For some reason, user mapping doesn’t seem to be working.  You should be able to do user mapping by grabbing the /etc/passwd and /etc/group files from your VI3 host and then importing them into the Microsoft Services for NFS User Name Mapping section (right click and define the location for these two files). 

    I’ve mapped the local admin to the root account.  I get no love though as soon as I disable anonymous access on the NFS share.  Boo.  What really makes me angry is that I want to host templates on this Windows NFS share.  That would require me to enable read/write access to the anonymous user.  Needless to say, something I’m really not comfortable with.  Maybe I can fix this stupid user mapping issue, and then I won’t have to worry.

    Oh yeah, be sure to enable the NFS client firewall rule on your host…

    **Update #2**  This is the way to get this setup
    Alright, I’m retarded as to why I couldn’t get this figured out.  The real steps to get this going:

    1. Enable NFS Client through the firewall in VI3.  This is done from the host level, configuration, security profile.
    2. Install Microsoft Services for NFS.  From Add/Remove Programs in the Control Panel open up Windows Components and add all of the Microsoft Services for NFS found under Other Network File and Print Services.  Yes, you need them all.
    3. Reboot if required.
    4. Using WinSCP or Filezilla, get the /etc/passwd file from your VI3 host.
    5. Open up the Microsoft Services for NFS in the Administrator Tools.  Do not right click on the root (Microsoft Services for NFS) and delete the user name mapping server.  Be sure it is set to localhost.  Don’t worry about setting the domain unless you want to do additional user name mapping.
    6. Right click on User Name Mapping and select the Use Password and Group files and point to the path of the passwd file.
    7. Right click on User Maps under User Name Mapping and select create maps.
      • On the windows account side, change to the local host (if it’s not already selected) and click the List Windows Users button.
      • On the Unix account side, click the List Unix Users button.
      • Select the local Administrator on the Windows side and the root account on the Unix side.  ESX does everything as root, so don’t worry about selecting multiple mappings. (You can definitely map to a domain account, but DO NOT map to the domain admin account as this is usually disabled.)
    8. Create the NFS shares.  Ensure that the user you mapped to on the windows side (local Administrator) has the required (Windows) Share and NTFS permissions.
      • Right click on a folder and go to Sharing and Security.  Go to the NFS Sharing tab and select Share this folder and give it a name.  DO NOT allow anonymous access.  Instead select the permissions button.  Give the access required and be sure to check “Allow Root Access”.  As mentioned before, ESX does everything as root, so this box must be checked.
    9. Within VirtualCenter client (or host based VI Client) select the host, go to the configuration and then storage.  Select Add Storage and select the Network File System option.  Enter the info for the server you just set this up on and the folder (/).  Now you have a mounted storage device for your share.  Yay!
    10. Verify the storage device by double clicking on it.  If you can view stuff in the folder on windows, you will be able to view it on the ESX host.
  • Windows 2008 Role Services for MOSS 2007 Part 2

    Make sure your Database Access account is an admin on the central administration server, otherwise you’ll get access denied errors when trying to create new web applications.  This is because the db access account won’t have the ability to edit the metabase.  Oh, and this bubble up by MOSS saying that you, the logged in user doesn’t have access, which is completely inaccurate, especially since I was a Farm Administrator.  In addition you’ll see the error message listed below in the Application event logs.

    Log Name:    Application
    Source:      ASP.NET 2.0.50727.0
    Date:      3/18/2008 10:58:42 AM
    Event ID:    1309
    Task Category: Web Event
    Level:      Warning
    Keywords:    Classic
    User:      N/A
    Computer:   

    Description:
    Event code: 3005
    Event message: An unhandled exception has occurred.
    Event time: 3/18/2008 10:58:42 AM
    Event time (UTC): 3/18/2008 3:58:42 PM
    Event ID: c59d97a1bbf8405cba1d837292259be4
    Event sequence: 4767
    Event occurrence: 8
    Event detail code: 0
    Application information:
      Application domain: /LM/W3SVC/236168797/ROOT-1-128503227503346172
      Trust level: WSS_Minimal
      Application Virtual Path: /
      Application Path: C:inetpubwwwrootwssVirtualDirectories37466
      Machine name:


    Process information:
      Process ID: 3720
      Process name: w3wp.exe
      Account name:


    Exception information:
      Exception type: COMException
      Exception message: Access is denied.

    Request information:
      Request URL: http://

    :24055/_admin/extendvs.aspx
      Request path: /_admin/extendvs.aspx
      User host address: fe80::e48a:75aa:9034:9106WSS_Minimal
      User:

      Is authenticated: True
      Authentication Type: NTLM
      Thread account name:

    Thread information:
      Thread ID: 9
      Thread account name:

      Is impersonating: False
      Stack trace:  at Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex)
      at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.HandleAccessDenied(Exception ex)
      at Microsoft.SharePoint.ApplicationRuntime.BaseApplication.Application_Error(HttpApplication app)
      at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorAppHandler(Object oSender, EventArgs ea)
      at System.Web.HttpApplication.RaiseOnError()

    I hate having service accounts admins on boxes.

  • Windows 2008 Role Services for MOSS 2007

    After trying to install MOSS 2007 on a new Windows 2008 box, I almost went completely bonkers.  No place in the installation documentation does it tell you what Role Services need to be installed for MOSS to successfully install and run.  Initially MOSS 2007 wouldn’t even install because I didn’t have the IIS6 metabase compatability installed.  However, just because it’s installed, doesn’t mean it actually runs.  I then started installing additional role services to see if I could get it to work.  Needless to say, even after installing all of services, my MOSS installation didn’t work.  Turns out you need to have the services installed prior to actually installing MOSS.  Otherwise the page will never render, and you’ll get a 5MB binary download instead of the actual application.

    However, after I knew what I was looking at (reinstalling MOSS again after all the services were installed), I decided to start whittle down the actual services I need.  Instead of doing it by hand, I finally found a website that listed what’s needed.  I’d like to give Bill Baer’s site a shoutout as to where I found this information.

    Web Server

    • Common HTTP Features
    • Static Content
    • Default Document
    • Directory Browsing
    • HTTP Errors

    Application Development

    • ASP.NET
    • .NET Extensibility
    • ISAPI Extensions
    • ISAPI Filters

    Health and Diagnostics

    • HTTP Logging
    • Logging Tools
    • Request Monitor
    • Tracing

    Security

    • Basic Authentication
    • Windows Authentication
    • Digest Authentication
    • Request Filtering

    Performance

    • Static Content Compression
    • Dynamic Content Compression

    Management Tools

    • IIS Management Console

    IIS 6 Management Compatibility

    • IIS 6 Metabase Compatibility
  • ESX 3.5 Upgrade Woes

    I really want to upgrade to ESX 3.5.  However, I’m not having that much luck with it.  I’ve tried 2x now, and have had the exact same experience.  So, I do the upgrade from 3.0.2 to 3.5.0.  However, after the upgrade, not all of my VMs function.  Some of them work just fine.  However, others are sitting at the command prompt saying that no OS has been found.  It’s weird because the drives are attached and recognized, but it doesn’t like to boot from them.  It’s like it can’t find the MBR. 

    Things I’ve tried to fix this:

    • Analyze the differences in the VMX and VMDK files between the machines that are working and aren’t.  This hasn’t given me much as there isn’t any difference.  The only difference I noticed was in the VMDK files.  The ones that booted correctly listed the “ddb.toolsVersion”.  The ones that hadn’t booted listed it as “0”.  Sadly, changing this didn’t fix anything.
    • Mount the non-functioning disks on working VMs.  By doing this I was able to view the contents of the disks just fine.  And amazingly, sometimes after doing that, the original VM actually booted.  However, they are very flakey and sometime revert back.  There is a lot of chkdsks going on on bootups too. Nothing is ever found, but it seems to always run.

    I really don’t know what to do at this point.  I know that I can downgrade again to 3.0.2 and it will work fine.  The machines will boot right up without issues.  However, to downgrade, that means I have to recreate all of my Virtual Machines again.  Not completely awful, but time consuming.  I may try to do a full install instead of any upgrade too, see if that works.  Any other ideas?

    I’d really like to move to 3.5 as it has some nice features.  Plus I’ll be sitting the VCP class soon, which will be on 3.5.