Archive for the ‘windows’ Category

« Older Entries

Powershell Log File Zipper…….

Wednesday, June 23rd, 2010

Another annoying repetitive task automated ! Ahhhhhhh :o)

The log files for our IIS servers build up over a couple of months and consume disk space to the point of becoming an issue. I had been manually logging on and creating a .zip file for each month and then dragging the individual files into the zip file.

Tedious and repetitive, just the sort of thing scripting was made for. Typicaly my scripts for Windows are in vbscript, but this time I decided it was time to look at powershell.

The logic was simple enough. First create a zip file for the previous month. The logfile names are in the format ‘u_ex.log’ where mm is the numerical month. I needed to get the current month, subtract one (compressing previous months logs) and then move any file with a mm figure that matched into the .zip file.

I found this article for creating the actual zip file itself. Then is was just a case of setting the paths and looping through each file in the directory (get-childitem makes this a breeze).

Debugging the script was a bit of a pain in the arse using the built in Windows tools, so I downloaded and installed PowerShell GUI from here. It’s still a work in progress in some respects, the built in intellisense isn’t 100% there just yet, but it does allow you to step through code and what the vaule of your variables and figure out what is happening.

Once I had the script working of the command line, it was just a case of scheduling the job to run on the 1st day of each month recurring. However, this proved to be almost as big a task as the script itself.

For some reason, running powershell.exe and passing the script to it as an argument, ever using the full -command “$ syntax failed to execute the script. In the end I had to create a batch/.cmd file and place the powershell command in there and schedule the batch file to run instead.

My only gripe is that the command to move the file into the zip file is asynchronus so I had to include a sleep/wait period to give the file time to be compressed before being moved into the .zip file. That being said, there will never be more the x31 files, and allowing x2 mins for each file to compress (extremely generous) means the script should never take more than x1 hour to complete, so as long as I run it during a quiet period it should not impact anything else.

I eagerly await the 1st of July to see if the scheduled job kicks in automatically on the live evironment……:o/


#declare functions here
function new-zipfile {
param ($zipfile)
if (! $zipfile.endswith(‘.zip’)) {$zipfile += ‘.zip’}
set-content $zipfile (“PK” + [char]5 + [char]6 + (“$([char]0)” * 18))
(dir $zipfile).IsReadOnly = $false
}

#define variables here
#some strings and numbers we will need
$thismonthint = get-date -f “MM”
$prevmonthint = (get-date).addmonths(-1).tostring(“MM”)

$thismonthstr = get-date -f “MMM”
$prevmonthstr = (get-date).addmonths(-1).tostring(“MMM”)

$thisyearlongint = get-date -f “yyyy”
$thisyearshortint = get-date -f “yy”

$thislogdir = ‘C:\weblogs\’
$thiszipfile = $thislogdir + $prevmonthstr + $thisyearlongint + ‘.zip’
$zipexists = test-path $thiszipfile

#start program here
#first pass, check for .zip files of previous months. if exists exit. if not exist, create empty .zip file
if (! $zipexists)
{
echo ‘zip file does not exist, creating zip file’
new-zipfile $thiszipfile
}
else
{
return
}

# move all log files where the month number matches the month number of the .zip file
# Jan = 01, Feb = 02, Mar =03 etc. etc.

foreach ($file in Get-ChildItem $thislogdir)
{
# exclude the .zip files already in the directory (just in case we get a random month match in their filename
if (! $file.name.endswith(“.zip”))
{
# if the
if ($file.Name.substring(6,2) -match $prevmonthint)
{
$zipfile = (New-Object -ComObject shell.application).NameSpace($thiszipfile)
$zipfile.MoveHere($file.fullname)
Start-Sleep -Seconds 120
}
}
}

squish !!

Tags: ,
Posted in IIS, powershell, windows | No Comments »

.NET4 Framework Install Lacks MVC

Saturday, June 5th, 2010

I just upgraded all our Windows web servers to .NET4 to keep up with the Jones and take advantage of new features and capabilities that it pertains to offer. Soon after we discovered that the bare bones framework installation lacks some of the features that our developers make use of, in this case MVC.

Our developers and anyone who touches the web solution in any shape or form (including myself) all have the full blow installation of Visual Studio 2010 installed, which comes with everything and the kitchen sink (this was a seriously long list of components on the install list) so when they run against their local IIS instances all the VS bits are in place and it works.

However, the .NET4 framework install for Server 2008 does not include all the bells and whistles of Visual Studio 2010 and so we found some bits seemed to be *missing* when we deployed the solution, specifically MVC/MVC2 associated binaries.

More verbose details can be found here after one of our developers figured out how to make the missing bits copy to the web servers as part of the deployment.

Huge thanks to Colin :o)

Tags: ,
Posted in IIS, visual studio, windows | No Comments »

Over Zealous Registry Editing…….Damn !

Wednesday, April 21st, 2010

The company where I work produces a web site. In order to make sure it looks ok on as many browsers as possible, we have to keep a few machines around with older OS and broswers versions installed.

Last week, the machine used to test IE6 (now dead and unsupported by Microsoft, but unfortunately while it’s use has stedily been declining since January 2010, there are still over 8% of people using it, so we have to test to make sure it will look right) got infected with the XP Malware 2010 virus.

The virus itself has been well written with a very sincere and genuine looking application interface (see here for pictures etc.). Normally for most computer viri I simply remove their entries from the /Software/Microsoft/Windows/Current Version/Run registry section, delete the binaries and reboot.

But this one went a little further (some do unfortunately). It actually modifies the registry entries that deal with how windows launches .exe binaries. It essentially modified the default open shell open entry to launch itself, with the program you wanted to open as an argument. So if you tried to run notepad.exe, AV.EXE would get launched instead, but AV.EXE would know to run notepad.exe after itself.

I followed to instructions on the site, but not to the letter. I was in a rush and sort of deleted the .exe entries completely. Result, I could no longer launch apps that ended in .exe :o(

I didn’t fancy trying to manually put the correct entried back in, so I had a quick search on google for ‘XP .exe file association’ and found this page.

The whole site is pretty cool with a lot of utils, tips and fixes. Admittedley it seems to all be for XP, but I’m sure some of it could be of use for later Windows versions, or at least provide a starting point.

Doug Knox, I thank you for saving me from having to rebuild an old XP system (hours alone in just trying to find the OS istall disks !!)

;o)

Genuine looking interface :o(

Tags: , , ,
Posted in microsoft, security, xp | No Comments »

WDS Deploying Windows 7…….The Wrong Way…….

Friday, April 16th, 2010

The 2nd Microsoft UK Techday I attended was on the subject of deploying Windows 7 within the organisation using WDS. This was the one I had really been waiting for as:

a) I’m pretty sure the way I am using WDS to deploy Vista is wrong, even though it works

b) Chris Jackson was presenting

Bit of history. One of the earlier tasks when I joined my current job was to replace the mix of XP and Vista desktops that were in use. I installed WDS and set about trying to figure out all the bells and whistles, but there are so many of them.

There is a ton of doc to read through, and walk through scenarios, but they are somewhat basic in that they only deal with creating and distributing a single image/buld to the desktop.

Here’s my problem, I have a mix of HP and Dell desktops. I also have different software requirements for different groups of people. Everyone needs Windows Vista and Office 2007. Devs need Visual Studio. Designers need the Adobe CS suite. I could not work out how to use a single boot and install image to achieve this.

So, I created multiple install images. Essentially, I setup each PC exactly as I wanted it for the desktop, then sysprep’d it with an answer file and capture it to an image. Then for each install image, I created a corresponding boot image and edit the startnet.cmd to wipe and prepare the disk, and then use imagex to apply the correct install image file to the machine.

So I have a ‘HP7900-install.wim’ and a ‘HP7900-boot.wim’. I also have a ‘HP7800-install.wim’ and a ‘HP7800-boot.wim’. Adding each xxx-boot.wim file to WDS lists it as an option on the PXE WDS boot menu, and when you select either boot image, the ‘startnet.cmd’ batch file will use imagex to apply the corresponding xxx-install.wim file.

I am fairly certain this is not how WDS was supposed to be used ?! There are currently x8 boot and x8 install images sitting on my WDS server.

The Windows 7 deployment demo at the UK Techday event unfrotunately has not cleared this up for me any further. The demo simply showed how to use a stock boot.wim and install.wim with an answer file to remove the prompts that occur during install. This much I had already figured out, what I hoped to discover was how to create a relationship between a boot.wim file and an install.wim file so I did not have to edit the startnet.cmd file each time.

I’ve just downloaded the WAIK 2010 and MDT 2010 applications and am going to install them and take a look at the new and improved documentation and scenarios and see if the answers lay within.

Anything I find out I will of course post here.

One thing I do already know is that if you are using a x64 bit version of Windows (7 or Vista) you have to install the x64 bit version of the WAIK. The x64 bit version cannot work on x86 (32bit) images !??? However, the x86 (32bit) version of WAIK can work on both formats. So when creating your build administration workstation, I would use x86 versions to ensure maximum flexibility.

Tags: , ,
Posted in imaging, microsoft, wds, windows 7 | No Comments »

IIS7 HRESULT: 0×80070057 (E_INVALIDARG))…….

Wednesday, March 24th, 2010

I don’t write code. Well compileable code anyway. Now scripting, I’m ya man, but anything that does stuff ‘behind the scenes’ is frankly a little bit beyond me.

So I was filled with doom when one of our web developers was getting an error every time she tried to load her dev copy of the site into her browser. IIS7 simply gave the very detailed but unhelpful message


HRESULT: 0×80070057 (E_INVALIDARG))

Along with a pretty error page and some bits of XML. Googling that error code led me to this site which thankfully explained what was going on, and more importantly, how to fix.

Seems that when you build/compile a .NET site, it takes copies of the binaries from your solution and copies them to a temporary folder. The site is then hosted from the files in this temporary location.

Should your system crash mid-build/compile (she was using Vista, of course it crashed !) then the file(s) copying at the time may not quite be up to scratch (i.e. corrupted).

For x64 bit systems the path in question is

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files

For x86 bit systems the path is

C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files

Inside the ‘Temporary ASP.NET Files’ folder will be many sub folders. You can spend time trying isolate the exact subfolder containing the knacked files, but I just deleted all the sub folders and then rebuilt the web solution again and ‘Presto’ a working site

The site owner Dan Abdinnor credits his friend Patrick Fitzsimmons for working all this out. I don’t know who you guys are, but thanks, you possibly saved me from hours of diagnostic tools and head scratching on this one !

Posted in IIS, vista | 2 Comments »

Microsoft UK TechDays……yipee !!

Friday, February 26th, 2010

I just signed up for a couple of the Microsoft UK tech.days events being held in London during April.

Am really hoping to get to see Chris Jackson live as I have only previously seen him online on Channel 9 and on the 2008 TechEd recordings (2nd page, first row, far right video). He really seems to know his stuff and have a sense of humour and presentation charisma.

Is quite a big deal for me as I don’t think I will ever work in the sort of company who send their staff out to the big official MS TechEd events held globally (at least I haven’t been sent to any so far, and never having been to one, have not been able to ask the attendees what sort of company they are working for that send them to MS Tech events).

In fact, I think the last formal IT training I was sent on was over 10 years ago when I was sent on a course to learn Exchange server 5.5 administration.

Admittedly I seem to have done ok without any training, getting by using books, online examples and demos and so on. But some systems (ones from Microsoft in particular) are getting so large and so complex with so many features and capabilities built right into them that I wonder if I am doing some things inefficiently or even incorrectly.

Take desktop deployment. My current employer are using Windows Vista. One of the earlier tasks I did (after the massive mail migration I wrote about on here previously) was to replace the mix of XP and Vista will a few standardised builds of Vista using WDS. The learning process was pretty steep, and very confusing.

I could not get the answer files to work correctly for unattended installs, I gave up on trying to figure the Microsoft Deployment Toolkit (MDT). In the end I simply installed a box *eaxctly* how I wanted it to be, and then sysprep’d it with an answer file. I then used ImageX to capture the system to a .WIM file and this is what I used to deploy to new systems. Even though it works pretty well (the only bits I could not automate were the machine naming, joining the domain and Windows activation) I am still not sure I am doing it the way Microsoft intended.

Now in 2010, the office here are looking to replace Vista with Windows 7 (not just to be fashionable you understand, but there do seem to be too many issues with Vista for our liking). I downloaded with Windows Automated Installer Kit (WAIK) for Windows 7 to have a look, and it bigger and even more complex that the one for Vista was.

So I have high hopes that some bright Microsoft chappie (maybe even Chris Jackson himself) will take to the stage and say “here’s how you do it” and show me the bits I’m missing, and the bits I’m doing wrong. I am taking my laptop and will be furiously trying to record everything they say and do :oO

p.s. If you work for a company that sends you to tech events (not just the MS ones) please let me know who you are and what you do, cause I really wanna go to them too :o/

http://www.microsoft.com/uk/techdays/dayitp.aspx

Tags: ,
Posted in microsoft, windows, windows 7 | No Comments »

IIS7 AppPool user account causes HTTP 503 error

Tuesday, February 9th, 2010

I don’t profess to be any kind of IIS expert, in fact, I would say I’m more of an Apache man myself. I just find it easier dealing with flat text file for application configs, frankly while I’m sure there are benefits to having the IIS config all sorted in metadata and stuff, I just find it confusing and overwhelming, gimme httpd.conf any day.

While trying to configure an IIS7 AppPool to use a not evelvated logon to run as, I recieved a HTTP 503 error and the following was logged in Appilcation area of the event viewer.

The identity of application pool user.www.somedomain.com is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request. If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.

Quite a few possibilities mentioned there, so I started with the first one, incorrect user. I deleted the user logon, recreated it, set the password and then re-configured the IIS AppPool to use the newly created account. But still the page gave me a 503 error.

So I looked at the new possibility, ‘Batch Logon Rights’. Comparing the local security policy MMC for the server I was having trouble with and one that was working ok I found that the group ‘IIS_IUSRS’ had been granted the ‘Logon As Batch’ right on the standalone server, but not on the server that was part of a domain ?!

Local Security Policy MMC

As the domained server was controlled by group policies I could not just add the group directly to the permission, I had to create a group policy to grant ‘IIS_IUSRS’ the ‘Logon As Batch’ right and the run a ‘gpupdate /force’ on the domain server.

Restarting IIS and testing the site again showed everything now working correctly. It seems that the ‘IUSR_USRS’ group gets granted the ‘Logon As Batch’ right automatically on standalone servers, but not ones that are part of a domain, you have to grant the rights by adding them via a group policy.

Posted in IIS | 1 Comment »

Odd Windows DNS Issue…….

Thursday, January 21st, 2010

Hmmmm, something is up with DNS at work. Randomly (anything from a week to 2 months) it seems to stop resolving .co.uk for some domains (especially www.bbc.co.uk) ? Nothing recorded in the eventlog for the times while it is behaving like this. Restarting DNS server fixes the problem for a while until it breaks again.

I recently patched server 2008 to SP2 as I found some issues that were fixed in that SP (like incomplete zone transfers which broke some stuff a while back).

But the service pack does not seem to have fixed this random sulking occuring in DNS.

For now I have enabled DNS debugging to a file on the system and restarted DNS, now I will need to patiently wait for it to act up again so I can have a peek and see if anything looks amiss.

I can find nothing solid on google either. If I ever get to the bottom of it I’ll re-post here, but in the mean time if anyone has any ideas let me know as I am stumped.

Tags: ,
Posted in dns, microsoft, windows | No Comments »

Kaspersky NDIS 6 Filter Causes Network Loss…..

Wednesday, August 19th, 2009

We use Kaspersky for anti virus in the office. It’s an ok product, no better or worse than any others I have worked with. It did however turn out to be the cause of an issue that I was unable to figure out for a while now.

On x64 bit Vista systems, when moving large files across the network, the PC would suddenly loose it’s network connection. The network icon in the system tray would get a little yellow warning triangle on it and the status would indicate a connectivity issue.

It did not do this on systems that did not have kaspersky installed how ever. So I tried disabling the x2 Kaspersky services (anti virus and network agent). While this made the problem happen less, it did not go away completely, if I copied x3 or x4 large files (2gb+ in size each) at the same time, the network connection would drop again.

The problem was made even worse because there was no way to get the connection back without restarting the machine. Disabling and re-enabling the interface did not work, using netsh to reset the interface and winsock also did not work. The machine would become unstable and need a power cycle in the end.

I thought perhaps it was being caused by using bad network interface card drivers, so I downloaded the latest ones from the vendor web site but still the connection dropped under heavy load.

And then I spotted it. while checking the driver details for the network interface. kaspersky had added a protocol stack component that I knew nothing about, the ‘kaspersky NDIS 6 filter’.

kaspersky ndis 6 filter

kaspersky ndis 6 filter

Checking on the kaspersky site, it seems that this is a network level embedded packet interceptor. as packets arrive and leave the network card interface, the NDIS driver intercepts them for scanning to try to determin if the packet contains malicious content. It would seem that under heavy network load, the intercepts become too much and it trashes the network stack beyond repair.

Disabling this component by clearing it’s checkbox and unbinding it from the network stack seems to have fixed the issue and I was able to copy x8+ large files (2GB+) simultaneously without any connection issue. It also seems to have corrected a more minor issue I was experiencing with system pauses when network operations were happening.

I hope this helps anyone else having these issues.

Tags: , , ,
Posted in kaspersky, vista | 2 Comments »

Everything Starts With An ‘e’……..

Wednesday, July 22nd, 2009

Just read this post (admittedly, a little behind the times, but I have been very busy). It seems that in Europe, MS are being forced to remove IE from Windows 7 when it launches, and to comemerate this, all European versions of Windows 7 will have an ‘e’ appended to the product name (so for instance Windows 7 Home Premium ‘E’).

I cannot believe that with all the ‘smarts’ that work at MS this is the best idea they could come up with. The cost of x2 completely sets of packaging for US and EU materials !! And, seeing as what I suspect what will end up happening is a link on the desktop entitled ‘click here to install a web browser’ that will simply…..no wait for it…..download and install IE from the MS site, I have to ask  ‘what’s the point ?’

Without this link for dummies, they would also appear to have created and chicken and egg type scenario (at least for the lowest demonination of user). If you have no browser on your PC, how do you download a browser ? Yes, I know the smarter among us can just ftp/sftp one down from our favourite downloads site, but I dont fancy trying to talk my parents through that particular operation on a week day evening :o(

Why not simply force MS to incude a bunch of the top browsers. That way people (even dumb ones) could just sample and then remove (or ignore if they have the disk space) the ones they don’t like ?

It also looks like there will be no upgrade option for Europe either. So clean installs all round with the gnashing of teeth as people realise they didn’t get everything off that they needed before wiping the system.

What I still find more outrageous is that MS are still inflicting their version of paint on people and the EU have not said a word…….!!

e

Tags: , ,
Posted in microsoft, windows, windows 7 | No Comments »

« Older Entries