Category Archives: tec

Things technical – usually work but perhaps for entertainment

Exchange Backup Script

Exchange backup script.  Cheaper than installing a whole backup solution.  Not a pretty howto…

Backs up exchange to a local disk, then copies local files onto a network drive for replication/archive.  E-mail’s resulting log files.

Script is generic, parameters set it for local environment. Script will automatically find Storage Groups and Stores for backup and so will automatically adjust if you add/subtract one.  Parameters are: <local backup path> <network backup path> <SMTP server> <e-mail from address> <e-mail to address>

Take code and paste into a file named something like AwesomeExchangeBackup.ps1 Your scheduled task would look like:

C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -PSConsoleFile “C:\Program Files\Microsoft\Exchange Server\bin\exshell.psc1” -command “C:\Support\Scripts\AwesomeExchangeBackup.ps1 -bpath B:\backup -spath \\isilon45\exchangebackup -eserv autodiscover -efrom exchange2@contoso.com -eto techsupport@contoso.com”

The link to the code should show up here, but doesn’t seem to want to. You can go here: http://snipt.org/znA8

Centrify ssh – StrictModes

The Openssh that Centrify uses goes a step farther on StrictModes (sshd_config) you need to make sure ~ of the server user is 755 (no write) as well as the standard

chmod 755 ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
chmod 644 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/known_hosts

patching – zfs rpool craps

Well this is a pain in the

Patching all recommended to Solaris 10 on my crappy x86 x4540’s. Liveupgrade, pca and on reboot I can’t find rpool. Error down low there…

Three things (or a subset ) fixed it.

First…

  •   Boot into that Boot Environment (BE) failsafe mode – hopefully that is available.
  •   Mount the damn thing on /a

Then…

  1. zpool upgrade -a #this will upgrade your zfs to the version you are patched for…
  2. 2) installgrub /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/<disk>
    1. For each c#t#d#s0 disk in your rpool
  3.  zpool export rpool
    1. zpool import rpool

Finally
init 6

keep your frickin fingers crossed so you can get some sleep.

SunOS Release 5.10 Version Generic_147441-09 64-bit
Copyright (c) 1983, 2011, Oracle and/or its affiliates. All rights reserved.
NOTICE: Can not read the pool label from '/pci@0,0/pci10de,377@a/pci1000,1000@0/sd@1,0:a /pci@0,0/pci10de,377@a/pci1000,1000@0/sd@0,0:a'
NOTICE: spa_import_rootpool: error 5
Cannot mount root on /pci@0,0/pci10de,377@a/pci1000,1000@0/sd@1,0:a /pci@0,0/pci10de,377@a/pci1000,1000@0/sd@0,0:a fstype zfs

panic[cpu0]/thread=fffffffffbc283c0: vfs_mountroot: cannot mount root

fffffffffbc6ad90 genunix:vfs_mountroot+2a2 ()
fffffffffbc6add0 genunix:main+11d ()
fffffffffbc6ade0 unix:_start+9d ()

skipping system dump – no dump device configured
rebooting…

Blindly eating cake

Over the years I have been working with computers I have had several people explain to me that they like their PC because it allows them to make choices about what they want.  This is always in relation to Apple products where you have… less choice.  I get it, I am a techie and I love the details of getting something to work just right.

But…  Your average person is not interested in these choices.  A typical computer user is much like the average car driver.  The car and the computer are a tool, a vehicle if you will, to accomplish the goal of arriving at point B, browsing the internet, communicating with people.

Its a tool.

Those who want choice, who want an open market rarely see the balance of what that offers.  Recently I was told that Android is a better product than the iPhone because you are not being told what applications are acceptable… and yet:

http://arstechnica.com/open-source/news/2011/03/malware-in-android-market-highlights-googles-vulnerability.ars

If you don’t have a moment to read that, here is the highlight:  “Free” malware available for the Android… 50,000 downloads before it was stopped.

Would you buy a car kit so you can choose how your car is built?  Even if most of the parts were lego-like easy?  If you were a mechanic you might… but either way it would be your second car.

In the end, when you choose a PC or Android because it allows you freedom, you may be freeing more than you think.

excerpt from a letter to a friend…

Facebook is making a lot of inroads into “authenticating” – that seems to be their new direction and people are easing into that a little too easily… I get the value of tracking but I trust facebook slightly less than I do Google… tools to warily use… A hypnotist will tell you “I can’t make you do anything you don’t want to do…” the rest of the sentence is “But I can make you want to do anything:” Google says “Do no harm” and I generally think the end of that sentence is “That anyone can report on”… facebook has a young and blaze attitude so far… which is scary when you are now authenticating your comments at CNN and others via your facebook account. I can even connect it up to my work e-mail account… amazing what FB can tell about an individual… more personal than Google since people give it directly rather than having to gather it…

AD group to Local Admin – without policy

Looking to add a Windows Active Directory (AD) security group to a series of workstations and don’t have AD policy set up yet? Here is some quick and dirty code to do it.

This assumes you are running with security credentials that will allow you to do this (i.e. Domain Admin) and you will need to edit the Domain (constant MyDomain) and the AD group you want (Constant MyADGroup).  It reads the list of workstations you wish to do this to from a text file c:\testfile.txt

Not lookin for pretty here, just looking for getting it done.     … and get policy set up for goodness sakes!


[code snippet: http://snipt.org/Tmmj]

zpool unavail cannot open

Techie blog for me to remember since I did this before after lots of research and was frustrated when it happened to me again and I could not find the command – which means there is a dearth of comments about it on the internet. If you find this may it be exactly what you are looking for… it will be next time I forget.

scenario:
Too many boring details in the history of why – and I have already written too much – odd considering. The zfs pool I had needed a disk replacement and here of the story of how I finally got it working.

Sun Thor x4540 Solaris 10.5
23 RAID 1 zfs sets
Greenplum database 3.6.3.1

A disk had too many errors and we needed to replace it – unfortunately they sent me a Hitachi replacement for a Seagate drive (SATA 500GB 7200rpm)

Standard replacement procedure:
– assuming failed disk is c3t5d0

# zpool status
–will show all disks in the zpool including one that failed

hd
–will show all disks and which physical slot c3t5d0 is in the x4540

# cfgadm -alv | grep c3t4d0
–will show the device configuration slot

c3::dsk/c3t5d0                 connected    configured   unknown    ATA HITACHI HUA7250S
unavailable  disk         n        /devices/pci@0,0/pci10de,376@f/pci1000,1000@0:scsi::dsk/c3t5d0

# zpool offline <pool> c3t5d0
–will remove the disk from the zfs raid set – errors if there is no redundancy… I like zfs.

# cfgadm -c unconfigure   c3::dsk/c3t5d0
— unconfigures device from sun hardware

Remove and replace the device

# cfgadm -alv | grep c3t4d0
–check to see if it is there…

# cfgadm -c configure   c3::dsk/c3t5d0
— configures device back into sun hardware

# zpool clear <poolname>  [c3t5d0]
— this clears the drive back into the pool and it should start resilvering  – with my machine about 80 minutes

***   except that it would not work…  I am pretty sure because the wwn (world wide name) of the disk changed during the swap (shows in dmesg)

and you get the output below with a # zpool status: (second RAID 1 set is what a normal set is like)

          mirror      DEGRADED     0     0     0
            c2t5d0    ONLINE       0     0     0
            spare     DEGRADED     0     0     0
              c3t5d0  UNAVAIL      0     0     0  cannot open
              c6t1d0  ONLINE       0     0     0
          mirror      ONLINE       0     0     0
            c2t6d0    ONLINE       0     0     0
            c3t6d0    ONLINE       0     0     0

After much online searching I found it, then forgot and the second time it happened was frustrated trying to find the solution…   so blog it…  some public notes for you too.

in short, it needs to replace itself to accept the new wwn.

# zpool replace <poolname>  c3t5d0 c3t5d0

yea, that simple…    then it starts resilvering.

But wait…   Another interesting issue if the drive shows as “removed” you may need to manually “remove” it again…   annoying.  Here is the command:

List out devices, see what the drive replaced as:

  • # cfgadm -alv

In my case it was

c6::dsk/c6t6d0                 connected    configured   unknown    ATA SEAGATE ST35002Nunavailable  disk         n        /devices/pci@3c,0/pci10de,376@f/pci1000,1000@0:scsi::dsk/c6t6d0

c6::sd40                       connected    configured   unknown    ATA SEAGATE ST35002N

unavailable  disk         n        /devices/pci@3c,0/pci10de,376@f/pci1000,1000@0:scsi::sd40

Then unconfigure it and let it “reinsert”.

  • cfgadm -c unconfigure c6::sd40
  • cfgadm -x remove_device c6::sd40

Removing SCSI devie: /devices/pci@3c,0/pci10de,376@f/pci1000,1000@0/sd@7,0

This operation will suspend activity on SCSI bus: c6

Continue (yes/no)? yes

SCSI bus quiesced successfully.

It is now safe to proceed with hotplug operation.

Enter y if operation is complete or n to abort (yes/no)? yes

 

Don’t forget to check:

#  fmadm faulty -a

(The -a is important since vanilla fmadm faulty hides fixed problems and maintains the service light)

to see if you need to clear the fault.

Al this because there was bad firmware on the 48 drives in each of the three x4540’s we use.   Oh yea… and you did all this 12x on all the drives that had errors… just in case …

Off to Vegas.

Code presentation

Considering ways to post code… open to options… Found snipit.org but not sure I want to go this way.

http://snipt.org/Kkl

But it is not clear what the rights are to what is posted there. Nifty idea but I would prefer to keep code local.  For the simple fact I would prefer a reference by anyone who might use any of what I post.

viewed with WordPress tags, my code would look as such:
When I put it in it has all indentations proper.

Function MachineUp (strComputer)
	Dim objPing
	Dim objStatus
    Set objPing = GetObject("winmgmts:{impersonationLevel=impersonate}")._
        		ExecQuery("select * from Win32_PingStatus where address = '"_
            		& strComputer & "'")
	For Each objStatus in objPing
        	If IsNull(objStatus.StatusCode) or objStatus.StatusCode <> 0 Then
        		MachineUp = False
        	Else
			MachineUp = True
			Exit For
		End If
	Next
End Function

This works but the intention is to be helpful, not sloppy.

And so I will search on hopeful of a simple plug-in that will help.

Edit – After playing with it some more I have the indentation but it is still not clean…