Windows Error “The application failed to initialize properly (0xc0000135)” Solved…….

October 11th, 2011

Thought I would add my own personal

“The application failed to initialize properly (0xc0000135). Click on OK to terminate the application”

story to the masses out there, seeing as mine was not what it seemed to be at first glance.

I guess it started as it did for many, something broke on a server. In my case it was some SQL DB dumps. I logged onto the server and tried to launch the SQL management console and got the following error. I then tried to run the mmc console on it’s own and got the same error.

I did a quick Google search and most posts seemed to be the .net framework either missing a file or not being installed at all. I figured it was as good a place as any to start, so I tried to repair or remove and reinstall the .net framework on the machine. But attempts failed and resulted in the same error msg popping up. I assumed from this the the installer app relied on .net (chicken and egg scenario ?) and thought a little more about the problem. I wondered if I could determine which file was missing or damaged and attempt to replace it directly.

In times of broken apps I tend to turn to SysInternals for salvation. In this case it was procmon to the rescue (Mark Russinovich, what a genius). I launched the app on the affected server desktop.

I then added a filter to only include stuff that was being caused by ‘mmc.exe’

The I launched ‘mmc.exe’ from the Windows ‘Run’ on the start menu.

The initial output was as below. Highlighted were some lines that caught my eye due to their result column not being ‘SUCCESS’.

I performed the same process on a working system so I had a frame of reference for what a working output looked like. The first few failures seemed normal even on a working system. But this entry was unique to the broken system.

It seemed to be complaining about a file, ‘COMCTL32.DLL’. Oddly, the file did exist in the Windows ‘system32′ folder. But the entry was complaining about a very specific location, in the WinSxS folder. Navigating to this folder did indeed show the file to be strangely absent.

Reading up a little on the WinSxS folder, it allows different versions of the same DLL library to exist on the machine at the same time without getting in the way of each other (read Windows DLL Hell).

The folder in question implied I wanted version 5.82.3790.3959. I wasn’t quite sure where this exact version of the file could be obtained from, but I figured I would start with the original install media and work up from there. I got lucky first time. I extracted the file to a temporary location, and then copied it into the WinSxS folder.

I then attempted to relaunch the mmc console and presto, problem solved.

Any time you have an odd problem it’s worth initially running procmon and seeing what’s happening a little under the hood. You should also be aware of the other tools and how they can help you too.

Tags: ,
Posted in microsoft, windows | 1 Comment »

Hello James…….

October 7th, 2011

I have been promising for a while now to plug/mention the website of my good friend James McIntosh (not that he needs it, he gets way more hits and traffic than me, but then he is slightly cooler then I am, so stands to reason).

He writes rather fantastic cookery books, so fantastic he has in fact won awards (I on the other hand have an extensive collection of ‘took part’ trophies).

The books look cool on the shelf (my flatmate figured out the other day if you have the whole set in the correct order the spines combine to make a whisk image) and are actually really usable (even by a total kitchen retard such as myself). He also has an iPhone app (which I did have until I lost my iPhone (waiting for the new model before I buy again)).

So there you go James, you have been well and truly plugged (but I would be very surprised if you notice any traffic difference on the back of this. Lol). :oD

Tags: , , ,
Posted in cooking, food, friends | 1 Comment »

Using Nagios NRPE To Monitor Windows Services Via WMI Part 2…….

September 30th, 2011

Have realised my first attempt at using NRPE to monitor Windows services via WMI is in fact badly thought out and badly done. This is what happens when companies want everything yesterday and rush things :o(

Having thought about it, the following has come to mind:

The service string to check should not be hard coded into the script. Otherwise we would need x1 script per service to check (i.e. lots !). The service string should be a variable that we can pass to the script as an argument at run time.

And, we can only check one service at a time with this script. Therefore, placing the service name into an array is whaaaayyy overkill. Will simply replace the array with a single string variable.

This in mind, here’s the revised version of the check script

strComputer = "."
'list services to monitor, comma seperated, inside quotes
strService = Wscript.Arguments.Item(0)
'connect using standard monkier
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
'get an array containing all services
Set objItems = objWMIService.ExecQuery ("Select * from Win32_Service")
'for each service compare it’s display name to the current one we are looking for
For each objService in ObjItems
	'if we get a service display name match
	If objService.DisplayName = strService Then
		'display the current service along with it’s current state
		'wscript.echo "service name = " & objService.DisplayName & " currently :: " & objService.State
		If objService.State = "Running" Then
		'If the service is running return exit code 0 = ok
			Wscript.Echo "SERVICE STATUS: OK"
			Wscript.Quit(0)
		Else
		'otherwise return non 0 = error = fire alert hopefully
			Wscript.Echo "SERVICE STATUS: Critical"
			Wscript.Quit(2)
		End if
	End if
Next

And the command to add to the nrpe.cfg file will now need a parameter adding to the end like so (note the quote marks “” around the $ARG1$ parameter. This is in case our variable has spaces in it !!).

command[check_windows_service]=cscript.exe //T:30 //NoLogo "C:\Program Files (x86)\NRPE_NT\libexec\check_windows_service.vbs" "$ARG1$"

The command.cfg file will need a command definition in it like this

# 'check_windows_service' command definition (using NRPE)
define command{
	command_name	check_windows_service
	command_line	$USER1$/check_nrpe -H $HOSTADDRESS$ -t 60 -p 5666 -c check_windows_service -a $ARG1$
}

And finally, in services.cfg, a service check section using the command, like this

define service{
        service_description     Check Windows Awesome Service
        servicegroups           cust-windows
        host_name               windows_server_1
        check_command           check_windows_service!"Some Windows Service"
        use                     generic-service
}

But we can now use the same script to check other services like this

define service{
        service_description     Check Windows Awesome Service
        servicegroups           cust-windows
        host_name               windows_server_1
        check_command           check_windows_service!"Some Windows Service"
        use                     generic-service
}

define service{
        service_description     Check Windows Spooler Service
        servicegroups           cust-windows
        host_name               windows_server_1
        check_command           check_windows_service!"Print Spooler"
        use                     generic-service
}

Second time’s a charm. At least I got to go back and correct my horrible (but technically working) mistake !

Next stop, monitoring for running processes by their executable name in the process list…….

doh !

Tags: , , , , ,
Posted in IT, monitoring, nagios, nrpe, scripting, vbscript, windows, wmi | No Comments »

Using Nagios NRPE To Monitor Windows Services Via WMI…….

September 28th, 2011

If you are setting up Nagios from scratch, install the NSClient++ agent on your Windows servers and get the increased flexibility that it offers. My predecessor at my current work place has only installed the NRPE addon (the same guy who installed the core datacentre router with a duplex mismatch….that made my first week fun), which means I can’t use much of the cool check_nt stuff to monitor services and processes :o(

I needed a way to tell if a service had stopped on Windows server, but I could only use NRPE. First stop, a script to check the status of a given service.


strComputer = "."
'list services to monitor, comma seperated, inside quotes
arrServices = Array("Awesome Service")
For each strService in arrServices
	'connect using standard monkier
	Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
	'get an array containing all services
	Set objItems = objWMIService.ExecQuery ("Select * from Win32_Service")
	'for each service compare it’s display name to the current one we are looking for
	For each objService in ObjItems
		'if we get a service display name match
		If objService.DisplayName = strService Then
			'display the current service along with it’s current state
			'wscript.echo "service name = " & objService.DisplayName & " currently :: " & objService.State
			If objService.State = "Running" Then
			'If the service is running say so
				Wscript.Echo "SERVICE running"
			Else
			'otherwise it must not be runing
				Wscript.Echo "SERVICE not running"
			End if
		End if
	Next
Next

This script binds to WMI, searches for a service called Awesome Service and then echoes a statement to say if it’s running or not. Perfect, but Nagios can’t use this quite yet. We need the script to send some data back to the NRPE engine for this to work.

The Nagios plug-in dev guide tells you most of what you need to know, in this case we need to pass return codes back, which is covered here.

So the finished version now looks like this


strComputer = "."
'list services to monitor, comma seperated, inside quotes
arrServices = Array("Awesome Service")
For each strService in arrServices
	'connect using standard monkier
	Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
	'get an array containing all services
	Set objItems = objWMIService.ExecQuery ("Select * from Win32_Service")
	'for each service compare it’s display name to the current one we are looking for
	For each objService in ObjItems
		'if we get a service display name match
		If objService.DisplayName = strService Then
			'display the current service along with it’s current state
			'wscript.echo "service name = " & objService.DisplayName & " currently :: " & objService.State
			If objService.State = "Running" Then
			'If the service is running return exit code 0 = ok
				Wscript.Echo "SERVICE STATUS: OK"
				Wscript.Quit(0)
			Else
			'otherwise return non 0 = error = fire alert hopefully
				Wscript.Echo "SERVICE STATUS: Critical"
				Wscript.Quit(2)
			End if
		End if
	Next
Next

So if the service is running, we exit with return code 0 Wscript.Quit(0). But if it’s not, we exit with a non 0 return code. I need an alert to fire an SMS, so I have used Wscript.Quit(2) for critical, but if you only want a warning you can use Wscript.Quit(1).

Save the file in the NRPE scripts location (mine are located at C:\Program Files\NRPE_NT\libexec\

Final piece of the puzzle is to add the actual command to run the script to the NRPE config file. Mine is located at ‘C:\Program Files\NRPE_NT\bin\nrpe.cfg’, but your may vary.

At the end of the file are a list of demo commands, we just need to add in


command[check_awesome_service]=cscript.exe //T:30 //NoLogo "C:\Program Files\NRPE_NT\libexec\check_awesome_service.vbs"

Now add a command definition to the Nagios commands.cfg 


# 'check_awesome_service' command definition (using nrpe)
define command{
        command_name    check_galaxy_service
        command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -t 60 -p 5666 -c check_awesome_service
        }

And finally in my Nagios services.cfg file an service definition that includes the command and the hosts to run this against


define service{
        host_name               windows_server_1
        service_description     Windows Awesome Service
        servicegroups           cust-windows
        check_command           check_awesome_service
        use                     generic-service
}

And that should be it. You need to restart Nagios to include the new commands and service definitions. And then test the monitor by stopping and the starting the service in question.

The next step would be to replace the service name in the .vbs script file with a variable. Then you can reuse the same script to monitor different services by passing the service name from Nagios to NRPE as a variable from the config file. :oD

Tags: , , , , ,
Posted in IT, monitoring, nagios, nrpe, scripting, vbscript, windows, wmi | No Comments »

Making Passwords for An Easier Life…….

September 16th, 2011

Hot on the heals of Companies Make VPN Easy For Yourselves……. comes another gem from the school of ‘kinda obvious if you think about it’ !

If you use the UK pound ‘£’ symbol in any passwords, at some point it will bite you in the ass when you are on an American keyboard (especially laptop keyboards).

With so many other non alphanumeric characters to choose from that are accepted in both UK and USA regions (ampersand, asterisk, exclamation mark, percent sign, carat) why run the risk of being unable to logon when not sat of your default location/system (this come from being unable to SU all bloody weekend on some Linux systems owing to my laptop be of the crappy USA keyboard variety….and yes I know about character map and such, but I couldn’t be bothered)

So from now on, I will never use pound ‘£’ or hash ‘#’ in my passwords just to be on the safe side (I guess some among you would consider this a security enhancement…….I suspect you are the same people who think obfuscation through DNS is also a security measure !)

DOH !

Tags: , , , ,
Posted in unix, windows | No Comments »

Apache Header Byte Range DoS Exploit…….

September 3rd, 2011

Grrrrr, looks like there’s an unpatched exploit in *all* versions of Apache web server.

Is to do with using header byte ranges which allow http responses to be broken into smaller chunks before sending. You can read about them here and here.

There are multiple workarounds for mitigating the issue that can be read here and here.

And as of 30th August, version 2.2.20 of Apache was released which has mitigation built in (If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file.)

Guess what I’m going to be doing all next week ? :-/…….

Tags: , ,
Posted in apache, internet, IT, security, unix | No Comments »

Thou Shall Not Covet…….

August 25th, 2011

I’m not terribly religious…..in fact not at all really. But I am aware by way of popular TV and movie culture of the commandments passed down to Charlton Heston, specifically the 10th one, ‘Thou Shall Not Covet’.

 

However, seeing this at a friends place when I went for dinner the other weekend, I must confess to a brief passing moment when I was trying to work out how I could get it out of the house without being seen/noticed.

 

I want I want I want……

pills ?...... pills ?.......cigarettes ?.........

Posted in meh ! | No Comments »

Recursive Grep For Solaris…….

August 11th, 2011

Solaris doesn’t seem to have a ‘-r’ switch to perform recursive string searches (at least not on version 10 on Intel x86 anyway)

:o(

The following works as a workaround/substitution


find -type f | xargs grep -i

 

That is all……..

 

Tags: ,
Posted in bash, scripting, solaris, unix | No Comments »

Powershell Create DNS Sub Domain…….

August 5th, 2011

I’ve been working on some Software as Service systems for the last few weeks. They offer a basic fixed configuration of our applications for a smaller price, but are not as customisable as a dedicated full application system.

Being of a fixed configuration means of course that admin process for creating instances was just ripe for scripting and automating. As the system was running on Windows server 2008R2, I decided to use Powershell as it would enable me to work with DNS, filesystem and IIS.

The first part of the process was to create internal DNS records. The platform requires x3 DNS records creating, x1 A record and x2 CNAME. The A record should be blank so it points to the sub domain itself and thereby assigns it an IP address. The CNAMEs should be ‘live’ and ‘preview’ and should point to te afore mentioned A record (they all come from the same IIS server and use host headers, so only the x1 IP address is needed)

The system main DNS namespace domain being ‘company.com’, each client should have the domain ‘client.company.com’ with the actual records created inside this sub domain. So the order of actions to my mind was

1) Create sub domain
2) Create A record in sub domain
3) Create x2 CNAME records in sub domain that point to the A record

First task, create the sub domain. Powershell command to do this ? 

([WMIClass]"\\sandpit\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone("subcompany.company.com", 0, $False)

Now previously when I had done this via the DNS admin GUI, the results looked something like this

However, what I got instead was this

While technically correct, a little untidy to look at. The command created the DNS subdomain folder as the same folder level of the parent DNS domain folder, and then created a delegated zone inside the main DNS domain folder (little greyed out bugger !)

Spent a little while trying various things, googling etc. etc. and got no-where. Decided to move and and proceed with the next part, to create actual host records. Again, powershell script for this was 

([WMIClass]"\\sandpit\root\MicrosoftDNS:MicrosoftDNS_AType").CreateInstanceFromPropertyData(sandpit, company.com, subcompany.company.com, 1, 3600, 192.168.4.58)

The arguments in parenthesis can be explained here, but what came as a pleasant surprise was thay when I looked in the DNS admin console to check the details of teh A record I had just created, it appeared as shown below

Yup, it seems that the script, much like the admin console, will create any missing/required domain/subdomain folders necessary to hold DNS records that you try to create !

And they say there’s no such thing as a free lunch.

Tags: , ,
Posted in dns, powershell, scripting, windows | 2 Comments »

iPad 2 For Dad…….

May 23rd, 2011

According to an email I just received from Apple, an ‘iPad2 makes an ideal gift for fathers day’

I suspect if I gave one to my father, he would stare at it with a confused look and eventually use it to prop up something around the house !

Nice try Apple, but no sell on that front I’m afraid.

Tags: ,
Posted in apple, humour, ipad, meh ! | No Comments »

« Older Entries