Monthly archives: July, 2013

Happy SysAdmin Day

It’s the last Friday of July so that must mean that it is System Administrator Appreciation Day!

I will have to supply some cakes for my colleagues today I think, even though the idea is supposed to be that they buy me cake to show their appreciation for me and the work I do.



Huge collection of Free Microsoft eBooks for you

Microsoft are giving away more eBooks. Previous ebook giveaways

I grabbed Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset and TCP/IP Fundamentals for Microsoft Windows.



Bringing a laptop back from death

My responsibilities in this job are exceptionally broad so although I’m the systems administrator with overall responsibility for the company’s IT infrastructure I’m also on occasion called upon to do things such as repair a dead laptop.

I could have delegated it to another staff member but in this case it was important that the issue should be resolved quickly. I thrive under pressure, have a real knack for troubleshooting weird computer problems and generally just enjoy getting my hands dirty when it is something that I’d never encountered before.

It was mid-afternoon when I took the call from one of our consultants that works out of the office with customers on their site and he told me that very weird things were happening with his laptop computer. It was reportedly dead, completely unresponsive and would have a strange effect on any laptop charger that was plugged into it, the LED on the charger would turn off whenever plugged into the laptop and would then not work in any other laptop until the mains power had been turned off and on.

This sounded to me like the laptop was shorting out the laptop power supplies, fortunately not permanently as it might have killed off a swath of power supplies of one of our major customers. I asked my colleague to bring it into the office so I could take a look but I wasn’t holding out much hope that it could be fixed.

I ran through some basic logical checks to see if the laptop was behaving as described and that it wasn’t something stupid like the wrong laptop charger was being used.
The charger was indeed the correct one for that model and hadn’t been swapped or mixed up with someone else’s.
Plugged it into the mains and then the laptop and the LED was the extinguished.
Did the charger work with a different laptop, yes but only after cycling the mains electricity.
Did swapping the battery help. No and the battery appeared good in another laptop.

The problem then must lie with the laptop itself and with the power input socket. If we had a spare laptop I’d have pulled the hard disk and installed it in the replacement laptop and given that to my colleague and then stuck the dead laptop on the junk pile. Unfortunately we have no spares and he needed a working laptop for Monday and couldn’t come via the office so needed me to fix then and there if possible.

No choice then but to completely dismantle the laptop so that’s what I did. About 20 screws later I finally had the case apart and I could see the wiring of the power input and theorising it was a short of some sort I examined the wiring. The wiring from the power input socket appeared to be good to me. However there was a metal bracket that kept the power input socket connected to the chassis and by removing that I could see that there was a metal contact on the socket that would then form an electrical connection to the chassis.

The chassis looked dull and therefore might be corroded and preventing the electrical contact that was required (I’d had a similar issue with the starter motor on my car last year). A bit of abrasion on the chassis at the right point to make it nice and shiny I then reassembled the power input assembly and tested it by plugging in the charger before I completely reassembled the laptop. Moment of truth. I switched the mains electricity on and the LED on the charger stayed lit so it wasn’t being shorted out by the laptop any longer. Unplugged the power. Put the laptop back together again. Plugged the power in once more and hit the on button. Lights up. Dell logo shows on screen briefly and then Windows starts its boot up.

An hour and a bit after being given a mysteriously dead laptop I gave back a working machine and all was right with the world once more.



Using Process Monitor for software error investigation

I’m not typically involved in the support for the software that the company that I work for produces but this morning I was asked to consult on a problem that was affecting the application support team here. Fortunately there are no reports that the client we produced this exact piece of software for is experiencing the same error.

I was asked to consult because the error appeared to be due a change in the IT infrastructure in some way as it was affecting multiple people and the code itself had not been changed by the developers. The error is in a software module that is supposed to produce a document from a set of data that is being currently viewed however it just throws up an error message. Because it was apparently working earlier this week, nothing has changed in our code and we had a Patch Tuesday this week could a Microsoft Windows update be the underlying cause of the error?

The first thing to do was to understand exactly what was going on and what processes were failing. The error message itself was useless and nothing was getting logged in the Windows event logs so what was needed was a tool to capture data on running processes.

Sysinternals Process Monitor is just the tool for the job and no SysAdmin worth his salt will have not had call to use it many times in their career. Process Monitor is a fantastic tool but can be a little intimidating at first as it generates a huge amount of data which seems like it would take hours to analyse a minute’s worth of captured events.

procmon130711

However there are a couple of simple little things to do to drastically cut down on the amount of data to sift through.

  1. Exclude processes that are probably not relevant to the error. Do this by right-clicking on a process in the window and selecting the appropriate option from the menu.
  2. Clear the display just prior to running the program or performing the task that causes the error you want to investigate and then stop the capture of events once the error has occurred.

So I excluded explorer.exe and then svchost.exe and spoolsv.exe. This cut the list down massively then I also excluded a couple of processes associated with the AVG antivirus and also Microsoft Word and Excel. Cleared the display, started the capture, forced the error to happen again and then stopped the capture.

It then just took under a minute to find the failing process from amongst the few hundred logged events. An ActiveX control that is referenced by the software in order to produce the document could not be found. I then ran the whole thing again on a different machine that had not yet been patched, a slight security risk but necessary in a software development environment in case there are ever conflicts with a new Windows update. The error occurred on this computer also so I was able to rule out a relation to Patch Tuesday.

At this point my job was done (at least for now). I had pinpointed the ActiveX control that was causing the error and had ruled out Windows Updates as a cause. The issue is now being investigated by the software developer that wrote the code.



The New VDI Reality

I read the excellent book The VDI Delusion by Brian Madden at about this time last year.

Brian in hindsight doesn’t think that they picked the best title as it may have scared people off.

The second edition is now available to download for free in either .pdf or .mobi formats and it has had a change of title to The New VDI Reality.

I haven’t had much of a chance to read it yet, but Brian says that there has been substantial rewrites of significant portions of the book in line with the great improvements in the underlying technology for VDI.



Office 365 is turning Hungarian

Really bizarre error has turned up in the Term Store for my company’s instance of Sharepoint Online.

Listed under Department we now have the following Hungarian terms and their English equivalents as translated by Bing Translator

Alföldi Retail Régió – Great Plains Region Retail
Dunántúli Retail Régió – The Population Of The Retail Region
Hitelezési Kockázati Metodológiák szakterület – Credit Risk Methodologies practice areas
Nagyvállalati Finanszírozás törzs – Enterprise Financing body
Okmányos Műveletek szakterület – Documentary Operations Specialist
Wholesale vezérigazgató-helyettes törzs – Deputy General Manager of Wholesale trunk

I think Bing has mistranslated Dunántúli though, I think it should read Transdanubian. Regardless I have no idea how they got into our Sharepoint.

Hungarian_term_store



RT @doctorow: Explaining metadata collection with…

RT @doctorow: Explaining metadata collection with Alan Turing, Theresa May and Winston Churchill tmblr.co/ZUhJRsowC2r5



A close shave with TrueCrypt

We have a number of consultants in my company that assist our customers with the implementation of our software products and as the job requires them to be out of the office and onsite with the customer a lot of the time the consultants have all been issued laptops.

Of course for security of data and because of the UK’s data protection legislation all the laptops have full-disk encryption. The solution chosen by one of my predecessors was the open source encryption software TrueCrypt.

I love TrueCrypt and use it at home but have never used it in an enterprise environment, I had used Symantec PGP Whole Disk Encryption in my previous job and found that worked very well. There is a major downside to usinf TrueCrypt and that is that there is no key mangement facility which means that there is a major problem should a user forget their passphrase.

Ordinarily this wouldn’t be an issue as I have found my colleagues to be intelligent and not at all prone to forgetting passwords. I honestly have only needed to reset a domain password in Active Directory twice since I started with the company in January and I’m pretty sure that one of those times was down to a replication issue between domain controllers.

However in this case it was not a failure of memory but a lost Yubikey that prevented my colleague from being able to access his laptop. Not only that but unfortunately he had lost his car and house keys along with it, but only the Yubikey was my problem, though I did sympathize with his plight.

The Yubikey is a great little device that slots into a USB socket and at a touch of a button sends a stream of random characters to the computer and when programmed with a static password it can create a very secure way of logging into a laptop secured by TrueCrypt. So secure in fact that there was literally nothing I could do to assist with gaining access to the laptop. I even emailed my predecessor as a long shot to see if he had by chance copied the static password to a text file that was hidden away on the network somewhere. To no avail.

Then luckily the keys just turned up! They had through a bizarre mix up of bags that I thought only ever happened in comedy movies ended up in someone else’s bag.

A close shave, but it has made me realize that in lieu of a true key management system we need some way of keeping track of staff members’ passwords for TrueCrypt. We do already use Password Safe to manage the myriad of passwords for out IT infrastructure so why not add these others also, probably a good opportunity for me to audit the complexity of people’s passwords too.



Updating WSUS to work with Windows 8 and Server 2012

I have to confess that I haven’t been paying as much attention to WSUS as I should have and even though I had been going in and approving updates as they have become available I failed to notice that my Windows 8 clients and the Windows Server 2012 were being misidentified and hadn’t yet reported to WSUS.

wsus_reporting_error

Windows 8 was being identified as Windows XP Professional x64 Edition and Windows Server 2012 as Windows Server 2003 Standard x64 Edition.

With a little help from http://chapsnet.wordpress.com/ I was able to resolve the issues through the following steps.

First I visited Microsoft to download the Update for WSUS 3.0 SP2 (KB2734608) that allows it to be able to recognise Windows 8 and Windows Server 2012 Operating Systems and download the appropriate updates.

Once installed on the WSUS Server there are a couple of services that need to be reset in order for it to then synchronize correctly and recognise the newer operating systems.

open Command Prompt and run the following commands
IISReset
net stop WSUSService
net start WSUSService

Open the Console, Update the Product List and begin a Synchronisation

Even though my clients had already been connected to the WSUS server prior to the update I only needed to do the following on the Windows Server 2012 machine in order for it to update in the WSUS console. The Windows 8 clients re-identified themselves correctly without anything further needing to be done.

Open an elevated Command Prompt (Win + X menu)
enter the following commands
net stop wuauserv
rd /s %windir%\softwaredistribution\
y
net start wuauserv
wuauclt /update

Running wuauclt /ResetAuthorization /DetectNow at the command prompt on the Windows 2012 server resolved the reporting issue and S300-Win2012 now shows up as both being identiifed as Windows Server 2012 and as having reported in. It looks like there are 3 updates that it requires.

wsus_reporting_resolved



BSkyB and Microsoft in trademark dispute over SkyDrive

Ars Technica reports that Microsoft is in danger of losing “SkyDrive” name in UK following a ruling Friday by Justice Sarah Asplin of the England and Wales High Court.

The ruling agrees with BSkyB’s argument that Microsoft’s use of the name SkyDrive, Microsoft’s cloud storage service for both consumers and business customers, infringed on the company’s “Sky” trademarks.

This is just yet another blow in the long-running battle between Microsoft and BSkyB over the SkyDrive name. In November 2007 Microsoft tried to get a European trademark for the SkyDrive name but this was successfully opposed by BSkyB.

Microsoft is not going to give up the name yet, though. In a statement reported by TechCrunch, Microsoft said, “The decision is one step in the legal process and Microsoft intends to appeal.”