I found that one of the Windows 2008 VM's on ESX VI3 was running out of space, and so I investigated. It turns out that there was a hiberfile.sys lurking on the system drive. I tried to delete, but wouldn't let me, I tried to find the option in Control Panel\Power Options, but nothing there. Turns out the following command needs to be run
powercfg.exe /hibernate off
Low and behold, the file is gone, and a few GB of disk storage is returned :)
Checked this on the Hyper-V W2K8 VM's, and it says that hibernation is not supported by the firmware, so not an issue.
Thursday, 14 August 2008
Negative Ping Time on HP Proliant DL385 G2
Encountered an issue where installing W2K3 on a HP DL385 G2 caused some funnies. When trying to ping from the server, you'd get negative ping times. I didn't think too much about it as performance was OK and this was the only noticable issue. However, it turns out that there are issues with the timing on the AMD Opteron chipsets when using 2 or more cores. Windows 2003 uses the Time System Counter for timing, and this was being affected. Adding "/usepmtimer" to the BOOT.INI fixes this problem.
Find further discussion on the problem here.
PS. it looks like it could affect VM's on Hyper-V using 2 or more AMD processors assigned to it, installed with W2K3. I've added the switch to one such VM and it *appears* to have resolved the issue
Find further discussion on the problem here.
PS. it looks like it could affect VM's on Hyper-V using 2 or more AMD processors assigned to it, installed with W2K3. I've added the switch to one such VM and it *appears* to have resolved the issue
Wednesday, 13 August 2008
Installing Windows Updates on Server Core
Here's a wonderful script that'll check what updates are required for your system, prompt if you want to install and go and do it if you so wish.
It's very handy for people like me, running Hyper-V on Server Core, who want to control when updates take place. On systems other than SC, it was easy to do, just run up the WUA client, but this script is a godsend for the SC devotee :)
If you want to see what Hotfixes are install on your system, try this
wmic qfe list (if you want better formatting, run wmic first, then enter qfe list)
WUA_SearchDownloadInstall.vbs
It's very handy for people like me, running Hyper-V on Server Core, who want to control when updates take place. On systems other than SC, it was easy to do, just run up the WUA client, but this script is a godsend for the SC devotee :)
If you want to see what Hotfixes are install on your system, try this
wmic qfe list (if you want better formatting, run wmic first, then enter qfe list)
WUA_SearchDownloadInstall.vbs
Tuesday, 12 August 2008
ESX 3.5 Update 2 Problem
It looks like users who've upgraded to Update 2 for ESX server 3.5 are having problems powering on or Vmotioning their VM's. It looks like a bug was introduced to the licensing code with update 2 that knackers up operations on VM's when the clock strikes 12 August 08 ! Already powered on VM's are OK, and although MS Patch day is today, with a nice raft of fixes, if the systems are set to auto update, it *should* be OK, as the system won't be powered off, just rebooted, but I would turn off DRS.
Turning off NTP on the host and setting the calendar to prior to the 12th fixes the issue, and it shouldn't affect the time on the VM's, apart from the fact the time could drift.
I bet MS are rubbing their hands together, you wouldn't get this kind of snafu with Hyper-V !:-0
More on this here.
Turning off NTP on the host and setting the calendar to prior to the 12th fixes the issue, and it shouldn't affect the time on the VM's, apart from the fact the time could drift.
I bet MS are rubbing their hands together, you wouldn't get this kind of snafu with Hyper-V !:-0
Tuesday, 8 July 2008
Windows Media Player 11 install problems
I had a pretty tricky problem tring to install Windows Media Player 11 onto a couple of clients recently. Basically it kept failing, with the error code 0xc0000005 in the %systemroot%\wmsetup.log. To troubleshoot this, I extracted the setup files to a temp directory and tried to install each component separately to see what was causing the problem. Amongst the extracted files were a couple of exe's, umdf.exe and wmp11.exe. When I tried to run these I got the following errors every time. (extracted from the installer log file)
Hotfix started with following command line: /log:c:\temp\umdf.log
In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
CreateUserInterface: GetProcAddress for DefineInstallCustomUI failed: 0x7f
.
.
.
In Function TestVolatileFlag, line 12013, RegOpenKeyEx failed with error 0x2
.
.
In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
.
SetupFindFirstLine in LoadExclusionList Failed with error: 0xe0000102
.
Failed to query DriverPath of ROOT\LEGACY_AFD\0000 0x2
.
Waiting For watson First time ...
I tried all sorts of stuff after searching on Google, such as renaming Catroot2 dir, checking and resetting permissions on files and registry using the SubinACL tool and scripts as found here, but it didn't work.
I could have easily fixed the problem by reinstalling the system, but where's the fun in that, so I logged a call with MS PSS. After 1.5 weeks of trying various things, they sent me a link to the following www.support.microsoft.com/kb/822798. I tried the methods in order, the only one that worked for me was method 9, extracted from the support document...
To clear the temporary file and restart the hotfix installation or the service pack installation, follow these steps:
1. Delete all the tmp*.cat files in the following folders:%systemroot%\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} %systemroot%\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
2. Delete all the kb*.cat files in the following folders:
%systemroot%\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}%systemroot%\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
3. Delete all the oem*.* files from the %systemroot%\inf folder.
4.
At the command prompt, type the following commands. Press ENTER after each command.
net stop cryptsvc ren %systemroot%\System32\Catroot2 oldcatroot2net start cryptsvcexit
5. Restart the failed hotfix installation or service pack installation.
Bingo, worked like a dream :)
Hotfix started with following command line: /log:c:\temp\umdf.log
In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
CreateUserInterface: GetProcAddress for DefineInstallCustomUI failed: 0x7f
.
.
.
In Function TestVolatileFlag, line 12013, RegOpenKeyEx failed with error 0x2
.
.
In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
.
SetupFindFirstLine in LoadExclusionList Failed with error: 0xe0000102
.
Failed to query DriverPath of ROOT\LEGACY_AFD\0000 0x2
.
Waiting For watson First time ...
I tried all sorts of stuff after searching on Google, such as renaming Catroot2 dir, checking and resetting permissions on files and registry using the SubinACL tool and scripts as found here, but it didn't work.
I could have easily fixed the problem by reinstalling the system, but where's the fun in that, so I logged a call with MS PSS. After 1.5 weeks of trying various things, they sent me a link to the following www.support.microsoft.com/kb/822798. I tried the methods in order, the only one that worked for me was method 9, extracted from the support document...
To clear the temporary file and restart the hotfix installation or the service pack installation, follow these steps:
1. Delete all the tmp*.cat files in the following folders:%systemroot%\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} %systemroot%\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
2. Delete all the kb*.cat files in the following folders:
%systemroot%\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}%systemroot%\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
3. Delete all the oem*.* files from the %systemroot%\inf folder.
4.
At the command prompt, type the following commands. Press ENTER after each command.
net stop cryptsvc ren %systemroot%\System32\Catroot2 oldcatroot2net start cryptsvcexit
5. Restart the failed hotfix installation or service pack installation.
Bingo, worked like a dream :)
Wednesday, 2 July 2008
Tuesday, 1 July 2008
Restrict User Access to Null Pipes and Shares
There is the well known method of securing a Windows system from null session access http://www.sans.org/reading_room/whitepapers/windows/286.php, but there are additional steps that can be taken.
As part of a security mandate at work, we've been advised to delete the following values from the registry to further secure systems from anonymous access.
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\NullSessionPipes
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\NullSessionShares
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\RestrictNullSessAccess
It can't be done via GPO, which is a shame, but can be done by a script. Easiest way is to do the following.
reg delete HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v NullSessionShares /f
reg delete HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v NullSessionPipes /f
reg delete HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v RestrictNullSessAccess /f
If you use Trend Server Protect, you can't delete the values TMRPC\AgentRPC or TMRPC\SPNTSVC from the NullSessionPipes or it won't work. I'm sure some nice VBScript could do the trick to get arounf this, but I don't need anything sophisticated.
I've done the registry mods on my system, and everything works OK, so happy days.
As part of a security mandate at work, we've been advised to delete the following values from the registry to further secure systems from anonymous access.
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\NullSessionPipes
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\NullSessionShares
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\RestrictNullSessAccess
It can't be done via GPO, which is a shame, but can be done by a script. Easiest way is to do the following.
reg delete HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v NullSessionShares /f
reg delete HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v NullSessionPipes /f
reg delete HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v RestrictNullSessAccess /f
If you use Trend Server Protect, you can't delete the values TMRPC\AgentRPC or TMRPC\SPNTSVC from the NullSessionPipes or it won't work. I'm sure some nice VBScript could do the trick to get arounf this, but I don't need anything sophisticated.
I've done the registry mods on my system, and everything works OK, so happy days.
Monday, 30 June 2008
Quantum Of Solace
Great new trailer for the latest 007 film, Quantum of Solace, has been published. Can't wait for Nov 7 :)
See it here
See it here
Friday, 27 June 2008
Hyper-V RTM
Hyper-V went RTM yesterday, and so I rolled it out to the cluster today. There were some issues with the 64bit VM's, not being connected to the network, but installing the Integration drivers and changing the LAN settings to connected did the trick. Everything appears to be working fine and the install procedure is nice and simple :)
I'm almost famous now, the boss was quoted in an article in Computing, extolling the virtues of virtualisation, check it out here.
I'm almost famous now, the boss was quoted in an article in Computing, extolling the virtues of virtualisation, check it out here.
Thursday, 26 June 2008
SCCM Blogs
Here's the 1st post ! Anyway, straight to it, I've been deploying SCCM 2007 SP1 at work and here are some useful links I've come across.
I've installed it on Windows 2008 x64 , which in turn is running on a Hyper-V RC1 Windows Server Core cluster. The SP1 upgrade didn't work, there was a problem with sitecomp.exe, but after logging a call with PSS, they gave me a patch which did the trick. The slipstreamed version of the installer wasn't release, so I don't know whether that would have worked or not.
I'll no doubt be adding more links soon !
Subscribe to:
Posts (Atom)