Powershell Create DNS Sub Domain…….

August 5th, 2011

I’ve been working on some Software as Service systems for the last few weeks. They offer a basic fixed configuration of our applications for a smaller price, but are not as customisable as a dedicated full application system.

Being of a fixed configuration means of course that admin process for creating instances was just ripe for scripting and automating. As the system was running on Windows server 2008R2, I decided to use Powershell as it would enable me to work with DNS, filesystem and IIS.

The first part of the process was to create internal DNS records. The platform requires x3 DNS records creating, x1 A record and x2 CNAME. The A record should be blank so it points to the sub domain itself and thereby assigns it an IP address. The CNAMEs should be ‘live’ and ‘preview’ and should point to te afore mentioned A record (they all come from the same IIS server and use host headers, so only the x1 IP address is needed)

The system main DNS namespace domain being ‘company.com’, each client should have the domain ‘client.company.com’ with the actual records created inside this sub domain. So the order of actions to my mind was

1) Create sub domain
2) Create A record in sub domain
3) Create x2 CNAME records in sub domain that point to the A record

First task, create the sub domain. Powershell command to do this ? 

([WMIClass]"\\sandpit\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone("subcompany.company.com", 0, $False)

Now previously when I had done this via the DNS admin GUI, the results looked something like this

However, what I got instead was this

While technically correct, a little untidy to look at. The command created the DNS subdomain folder as the same folder level of the parent DNS domain folder, and then created a delegated zone inside the main DNS domain folder (little greyed out bugger !)

Spent a little while trying various things, googling etc. etc. and got no-where. Decided to move and and proceed with the next part, to create actual host records. Again, powershell script for this was 

([WMIClass]"\\sandpit\root\MicrosoftDNS:MicrosoftDNS_AType").CreateInstanceFromPropertyData(sandpit, company.com, subcompany.company.com, 1, 3600, 192.168.4.58)

The arguments in parenthesis can be explained here, but what came as a pleasant surprise was thay when I looked in the DNS admin console to check the details of teh A record I had just created, it appeared as shown below

Yup, it seems that the script, much like the admin console, will create any missing/required domain/subdomain folders necessary to hold DNS records that you try to create !

And they say there’s no such thing as a free lunch.

Tags: , ,
Posted in dns, powershell, scripting, windows | 2 Comments »

iPad 2 For Dad…….

May 23rd, 2011

According to an email I just received from Apple, an ‘iPad2 makes an ideal gift for fathers day’

I suspect if I gave one to my father, he would stare at it with a confused look and eventually use it to prop up something around the house !

Nice try Apple, but no sell on that front I’m afraid.

Tags: ,
Posted in apple, humour, ipad, meh ! | No Comments »

Liquorice Pig…….

May 13th, 2011

Gaaaaaahhhhh !!

Owing to my stressy workloads and total lack of will power, I have just consume an entire 215g bag of Bassetts Liquorice Allsorts by myself :o(

Curse you Trebor (are they still owned by Trebor ??)

p.s. Seems thet are now owned by Cadburys

p.p.s What happened to the tasty little blue Bertie sweetie that used to be in the bag ?

Tags: ,
Posted in food, humour, meh ! | No Comments »

QNAP Data Recovery Hell…….

May 11th, 2011

It’s never goes easily does it ?!

Somehow, I had managed to almost fill my 1TB drives in my x2 bay QNAP NAS. Owing to my being paranoid about my data, I choose to mirror a pair of x1TB drives for 1TB total storage, rather the create a 2TB spanned volume using both of them.

I was down to a couple of hundred MB of free space, time to take action. I ordered a couple of shiny new Seagate 2TB drives online with the intention of going from a pair of mirrored 1TB drive to a pair of mirrored 2TB drives.

My plan was to removed one drive from the mirror set, and one of the new 2TB drives, wait for it to rebuild, and then replace the second drive and allow a subsequent rebuild to take place. Did not go according to plan :o(

I removed one of the 1TB disks, and then to ensure the 2TB disk would stand a greater chance of working, I upgraded the firmware (dumb dumb dumb !). I then installed one of the new 2TB disks.

The NAS did indeed rebuild/re-mirror with the new drive, but it created a 1TB volume on the 2TB disk. Not entirely unexpected, but not quite what I wanted :o(

Now I needed to get all the data off of the existing NAS 1TB disk onto something else, install both the new 2TB disks, create an empty 2TB volume, mirror it, and re-copy the data back onto the new larger volume. I attempted to connect one of the original 1TB disks to a Windows desktop machine with a SATA converter cabe/kit, and to mount the file system to copy the data off. And here’s where I hit real problems.

I could see the top level folder structure on the disk, but nothing below it ! :o( The QNAP version of EXT4 is a custom patched version that it seems can only be read by their chassis running their firmware. Fair enough, intellectual property and all that, but this was making my life a mite difficult now.

I tried putting the original drive back into the chassis and booting it to copy the files off over the network, but the new firmware update seemed not to like this, it booted ok, but the actual file server part did not kick in, I couldn’t see the device on the LAN to map a drive to.

In the end I had to ssh to the NAS device itself and use the Samba services to run a CIFS mount to my Windows desktop. I then spent several glorious days moving the files off folder by folder till I had them all. Then I put both new 2TB disks in, did a factory reset (including down grading the firmware as it seemed a little….buggy).

Once the device booted up and presented itself as a shiny new empty 2TB NAS, I began the unenviable task of copying all my crap back over…….several more lost days. Moral of the story for me would be:

a) don’t upgrade drivers/firmware for the sake of it
b) when dealing with a *lot* of data, *copy* and then delete, do not use move. even if a 20 stone psycho has a knife pressed to your throat

Ironically as I write this, my 2TB is being eaten into at a rate of knots. Am probably gonna have to buy a bigger NAS. Have my eye on one of these full to the brim with 3TB disks.

possibly all the storage I could need.......?

Tags:
Posted in IT, NAS, networking, storage, unix | 3 Comments »

Companies. Make VPN Easy For Yourselves…….

March 29th, 2011

So I come to work for yet *another* company who have a 192.168.0.0/24 network on their LAN. It’s not that it’s a bad idea as such, but history had made me come to realise it can cause problems later on. How ?

Hint: most domestic vendors of home network equipment (be they switches, routers or something with ADSL built into them) tend to use either 192.168.0.0 /24, 192.168.1.0/24 or 192.168.254.0/24

Yup, if you have a home network, chances are that it and all your home devices are on ip addresses 192.168.0.something, or a 192.168.1.something, with a network mask of 255.255.255.0.

If you create a 192.168.0.0 or 192.168.1.0 network in your office environment and then try to connect to the office VPN from your home LAN, these identical networks are likely to clash. The communication kit involved cannot deal with there being x2 identical 192.168.x.x networks in x2 different locations at the same time. As result, stuff may not work correctly. For example, if I connect to th work LAN from home, once the VPN connection is established, I cannot connect to anything on my home network until I disconnect.

Admittedly I work in IT and can work around or put fixes in place. But imagine if I was a co-worker from say marketing, or sales, or, *gasp horror*, someone from senior management. I’m trying to connect to the office from home, but it not going according to the instructions you gave me because we both have a 192.168.1.0 network !

You can imagine the long and frustrating support call(s) that ensue with them trying to vaguely convey to you their setup and you gently smashing a fork into your forehead to try and keep from going insane.

The long term work around is this. If you absolutely must have /24 networks in the office (/24 is a nice size network and very easy to calculate in your head) then use anything other than 192.168. with a 255.255.255.0 network mask. What you use doesn’t matter. As long as you avoid 192.168.x.x, you will reduce the possibility of clashing with some home user LAN over a VPN connection at a later date.

more than x1 192.168.x.x network ?!?

Tags: ,
Posted in internet, networking, tcp/ip, vpn | 1 Comment »

VMWare ESX Thin Provisioned Disks And Credit Cards…….

March 11th, 2011

In my youth, I was offered credit cards. I thought they were great, allowing me lots of instant retail gratification, I was on cloud 9 on the high street…….then I had to repay them. My cloud evaporated and I came back down to earth with a bump right on my wallet !

The principal behind thinly provisioned disks on VMWare ESX storage LUNs would appear to be along the same lines as that of credit cards. Utilising more than you actually have at your disposal.

With credit cards the impact is that later down the line you have to repay the money you spent that you don’t actually have (ouch !). With thinly provisioned disks the pain is that of not being able to reclaim free disk space without a lot of work.

With normal *fat* disk allocation when you create a volume all the space is allocated at creation time. So if you have a 100GB storage LUN and you create a 50GB volume on it, that 50GB is immediately deducted from the 100GB, leaving you with only 50GB free space on the storage LUN.

But with thin provisioned disks, if you allocate a 50GB *thin* volume, the space is only deducted from the storage LUN as it gets used. So if you only write 20GB of files to the 50GB thin volume, the storage LUN will report 80GB of free space out of the total 100GB.

But here’s the kicker, if you then delete 10GB of those files, the free space remains at only 80GB, the space does not get returned back to the storage LUN. This is because Windows/Linux does not actually delete files, it simply marks those blocks as being avilable for use in the file table. As the blocks do not actually get cleared, VMWare does not pick up on this and remains ignorant to the free’d up filespace.

In order to shrink the disk and reclaim the space, you have to actually clear the physical blocks so that they are actually empty. You can do this using the free tool Sdelete from Sysinternals. You use the -c switch (which tells it to zero out the blocks). This is a rather I/O demanding task best done out of peak useage hours.

Once sdelete has completed you will need to migrate the VM files to another datastore for VMWare to re-read the free blocks and give back the cleared up space. You may then have to re-migrate the VM files back to where you actually want them to run from if your fussy about the location of your VM’s on your datastores.

I’m not saying thin disk provisioning has no place, it’s great for R&D, labs and proof of concept type setups where you will be setting up and ripping down and don’t really care too much about long term storage levels. But for production systems, the administration overhead is just too great for my liking.

disk squish

Tags: , ,
Posted in esxi, iscsi, NAS, SAN, storage, vmware | 2 Comments »

Merging iPhone Calendars Using A PC…….

January 7th, 2011

Last month I noticed that the calendar on my iPhone had a few duplicates. Worse, some of them were clearly wrong (x2 ‘Dad’s birthday’ items, one a day late !??).

The issue would seem to be something to do with the fact that I use Windows and Outlook to sync my calendar and contacts, and when I switched from my old iPhone 3 to my new iPhone 4, it seems it created a new calendar item in the .pst rather than just continuing with the existing one. Fair enough. My bad.

Issue now was, how to tidy the mess up? Solution, do it in Outlook.

First step was to get all appointments (even the incorrect ones) into a single calendar. To do this:-

In the Outlook open the Calendar section in the left hand nav. Note how it is possible to have multiple calendars with the same name (in the screenshot below circled in red).

Click the view drop down and select ‘All Appointments’. This will give you a table list view of all appointments in the chosen calendar.

Select the other calendar in the list and change it’s view to ‘All Appointments’. Now you can flick back and forth between the lists and compare them to see which calendar contains what.

In order to work out which one iTunes is using to sync with, create a dummy appointment on your iPhone in the calendar and then sync. The appointment will appear in only one of the calendars. Use the ‘All Appointments’ lists view to find which one this is. This is the calendar we want to keep.

Select the calendar that did not get the new appointment after syncing. Select all appointments with ‘CTRL+A’.

Now drag and drop all the appointments onto the calendar that you are going to keep going forward.

Now delete the superfluous calendar.

In the calendar we are keeping, in the ‘All Appointments’ view you can now edit/prune/delete the list of appointments until they are all correct. You can sort them by name to find duplicates and then correct/delete them as neccessary.

Now resync your iPhone, but this time, on the ‘Info’ tab, at the bottom in the ‘Advanced’ section, under the ‘Replace information on this iPhone’, tick the appointments checkbox.

The sync should remove the currently held appointments on your phone and replace them with the corrected ones from Outlook. You should also see the number of calendars drop down to x2, ‘From My PC’ calendar and ‘Other’ birthdays (the birthdays one is built into the iPhone, you cannot remove it, it obtains it’s data from the ‘Birthday’ field of the ‘Contacts’ app on the phone !

Eh voila :oD

Tags: , ,
Posted in apple, iphone | No Comments »

VMWare ESXi 4.1 CLI VM Does Not Start…….

January 6th, 2011

So for some odd reason, my VCentre VM had stopped/died/crashed or, possibly been shutdown by someone. For whatever reason, I could not logon to my VCentre instance using my vSphere client.

For some reason it did not occur to me to just attached my vSphere client directly to one of my ESX hosts. Instead I had this minor learning curve.

The command line to start a VM is

vim-cmd vmsvc/power.on <Vmid>

where is a integer that identifies a VM in/on your infrastructure. To obtain your Vmid’s, you need to list your VM’s on your ESX host with

vim-cmd vmsvc/getallvms

While several VM’s were listed, the VM for my vCentre instance was not among those shown. So I had to find the .vmx config file to add to my host config. My VMWare setup uses iSCSI paths that map to /vmfs/volumes and in here I eventually found my way to

ls /vmfs/volumes/4ce64694-5ae4e508-917e-001b216c49dd/VCenter4.1/

In this directory was the .vmx config file along with all the other files that make up a virtual machine instance. I needed to add this VM to my host config (this is a lttle like when you add a VM to the inventory in the vSphere client !). The command to do this was

vim-cmd solo/registervm <full path to the .vmx file>

Now that my Vm had been added to my ESX host VM list, repeating

vim-cmd vmsvc/getallvms

now showed

Now I had the Vmid number with with to use the command line to powr on the VM.

vim-cmd vmsvc/power.on <Vmid>

This should have been enough to get my vCenter VM up and running. But, 10 mins later, when I tried to ping the IP address of the VM, I still could not contact it ? I decided to have a look at any queued command to the VM with

vim-cmd /vmsvc/get.tasklist <Vmid>

but this simply listed the command to power on. I tried sending a reset VM command with

vim-cmd /vmsvc/power.reset <Vmid>

but this command just got stacked under the existing command to power on the VM ? At this point it dawned on me that I could start the vSphere client up and attache directly to the ESX host IP address instead of the vCenter Ip address. When I did this, I saw the all to familiar little exclamtion mark on the vCenter VM icon.

pesky gui question

When I right-clicked the icon and selected ‘Open Console’, this popped up the ‘Did you move/copy this VM’ dialog box shown above !

Grrrrrrrr. Reading up I cannot see any way to :-

a) Determine if one of these has been fired
b) Respond to it if this is the case

from the VMWare command line. Most annoying, but it did give me a crash course in ESXi command line :o)

Tags: ,
Posted in esx, esxi, iscsi, vmware | 3 Comments »

Default Windows 7 Partitioning Brakes WDS Imaging…….Kinda…….

December 23rd, 2010

Another little Windows 7 nugget.

While installing Windows 7, I noticed that during the section for setting up the disk, some stuff was going on that I didn’t ask for (didn’t realise it at the time, took some trial and error to figure it out).

When you configure Windows 7 installation, the graphical section for configuring the disk will automatically create a 100MB primary partition for Bit Locker to use at a later stage. No matter what I did, I could not stop the GUI from doing this.

So I pressed on and agreed to the installation with the 100MB partition at the begining of the disk and the rest of the disk as a another primary partition.

Windows installs the *boot* files into the 100MB partition, and everything else into the second larger partition !

As I have mentioned before, I don’t think I am using WDS and imaging as Microsoft intended, but I essentially create a machine exactly how I want it and then sysprep and capture it using imagex. I can then reapply the image to another system of have it on the desktop in approx. 10-15mins all ready for use.

But this dual partition configuration breaks this. I believe to do it this way I would have to perform x2 sets of imagex capture and deploys :o( Not going to happen.

To get around this, I have to prepare the disk partitioning up front. The GUI disk section of the install will not alter the disk if it is already partitioned. I booted using a WINPE boot disk used ‘diskpart.exe /s ‘ and pass the following in a txt file as an argument

select disk 0
clean
create partition primary id=07
select partition 1
format fs=ntfs quick nowait
assign letter=c
active

This causes diskpart to select the first disk, wipe it clean and then create a primary partition using the whole disk, mark it as active and assign it drive letter C:

With the disk prepared in this way, I can now install Windows 7 (skipping over the GUI section of disk partitioning) and the boot files will be on the same partition as the system files. This can then be caught in a single image capture to .wim file which, when I then apply back to machines via WDS they will boot correctly.

Not sure of the implications this has should you then want to use Bitlocker at some later stage. Meh ! I don’t care, I don’t use Bitlocker right now :o)

Hope someone else finds this useful :o)

Tags: , , ,
Posted in imaging, IT, microsoft, wds, windows, windows 7 | No Comments »

TFL You Suck (well, your staff do !)

December 11th, 2010

Ask anyone who knows me, they’ll tell you I’m awesome. They’ll also tell you it takes a *lot* to make me angry to the point of expressing it.

So hats of to TFL, you can add me to what I am sure is an extensive and rather long list of people who wish there were an alternative to getting around London.

Am I being harsh ? You tell me.

I just tried to enable the auto top up feature on my Oyster card. The create account page asked for the normal stuff. Name, address, oyster card number, email, a security question and a password (to be entered twice for verification). I filled everything in and hit submit. The form bounced back that my passwords did not match. I corrected this and resubmitted. It came back that that email address is in use !!!

WFT

Email addresses are unique. I’ve never registered before. So unless someone else has tried to imitate me, (which seems like rather a lot of work to scam an oyster card), it seems their form partially submitted my data with incorrect values for some fields.

Genius !

Any attempt to logon, retrieve username or password met with failure. Whatever values the form had passed, they weren’t the ones I’d used.

When calling their helpline to sort the humpty dumpty mess out, the dumber than average rhesus monkey I spoke to said there was nothing he could do (maybe you should have tried harder at school ! you’d be more capable in your chosen field then). It seems he is unable to reset/modify/delete/touch my incorrect entry on their system.

Problem. My email remains the same. Even if I buy a different oyster card, I will not be able to pair it up to my email address as it already exists in their system with bad values. I suppose I could create another email address to use, but why should I have to ? You don’t have to move house to get a problematic package delivered (praise for the postal service).

I’m going to assume I got an unhappy disgruntled employee who was pissed at having to work on a Saturday. I’ll call once again and see if I get someone helpful.

Otherwise I’ll need to create a new email just to register my oyster card. Hmmmmm, scott@tflsucksdonkeyballs.com has a ring to it, wonder if the domain name is free ?……..

For the love of god TFL, sort your site and train your staff, please !!!

Tags:
Posted in meh ! | No Comments »

« Older Entries
Newer Entries »