2/25/2009
MS Exchange CCR Cluster: Maint
How to Move a Storage Group and Its Database in a CCR Environment
Pasted from http://technet.microsoft.com/en-us/library/aa997196(EXCHG.80).aspx
How to Move a Database in a CCR Environment
Pasted from http://technet.microsoft.com/en-us/library/aa997646(EXCHG.80).aspx
MS Exchange Failover to SCR Node
It was a really fun weekend. Scheduled building powerdown overnight -- shutdown Exchange servers gracefully. Next morning both CCR nodes fail to boot up. After hours on the phone with server vendor, SAN vendor, and Microsoft decided to failover to SCR copy. It didn't seem to go according to documents I've read.
Below are notes of how documents said it should work:
To get a formated list of SG settings:
Get-storagegroup -server priexs01ccr | fl
The following commands were used to move PRIEXS01CCR to SCR target SECEXS01-1:
Restore-StorageGroupCopy –Identity
(Pasted from http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/clustered-continuous-replication-failover-standby-continuous-replication-part2.html)
StandbyMachine NH-W2K3-SRV01 -Force
(Pasted from http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/clustered-continuous-replication-failover-standby-continuous-replication-part2.html)
Get-storagegroup -server priexs01ccr | Restore-StorageGroupCopy -StandbyMachine Secexs01-1 -Force
Get-Storagegroup -server priexs01ccr | Disable-StorageGroupCopy -StandbyMachine Secexs01-1 -Confirm:$false
(Will most likely return errors)
Get-storagegroupcopystatus -server priexs01ccr -StandbyMachine Secexs01-1
(This is to verify that the StgCopy returns not configured)
DNS: change IP to new CMS IP
Verify the id used for cluster service has change computer perm in AD.
DO NOT RUN /NEWCMS unless you have MS on the phone and they tell you to.
Run the following with the correct info:
setup.com /RecoverCMS /CMSName:CCREX01 /CMSIPAddress:172.16.6.153
(Pasted from http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/clustered-continuous-replication-failover-standby-continuous-replication-part2.html)
This is what we actually did with MS support:
Setup.com /RecoverCMS /CMSName:priexs01ccr /CMSIPAddress:10.100.1.43
Get-MailboxDatabase -Server priexs01ccr | Set-MailboxDatabase -AllowFileRestore:$True
Get-MailboxDatabase -Server priexs01ccr | Mount-Database
Get-MailboxDatabase -Server priexs01ccr -Status |ft *name*,*mount*
(Creates a formated list with status)
Verify Allow restore is no longer checked on SGs, this should occur automatically after the DBs mount, but just in-case.
1/16/2009
Change priority of DNS SRV records
IRS Circular 230 disclosure: To ensure compliance with requirements imposed by the IRS, we inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding any penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction(s) or tax-related matter(s) that may be addressed herein.
This e-mail communication (including any attachments) may contain legally privileged and confidential information intended solely for the use of the intended recipient. If you are not the intended recipient, you should immediately stop reading this message and delete it from your system. Any unauthorized reading, distribution, copying or other use of this communication (or its attachments) is strictly prohibited.
1/05/2009
Application | Layer | 3 | Classification | Layer 2 COS |
| IPP | PHB | DSCP | |
IP Routing | 6 | CS6 | 48 | 6 |
Voice | 5 | EF | 46 | 5 |
Interactive Video | 4 | AF41 | 34 | 4 |
Streaming Video | 4 | CS4 | 32 | 4 |
Critical Application | 3 | AF31 | 26 | 3 |
Call-Signaling | 3 | CS3 | 24 | 3 |
Network-Management | 2 | AF21 | 18 | 2 |
Bulk Data | 1 | AF11 | 10 | 1 |
Scavenger | 1 | CS1 | 8 | 1 |
Best Effort | 0 | 0 | 0 | 0 |
| | | | |
Labels: cisco qos
Below is an example of a quick start quality of service configuration. We will walk through this configuration over the phone.
Apply the below under global configuration mode:
Config t
class-map match-any Voice
match ip dscp ef
class-map match-any Routing
match ip dscp cs6
class-map match-any Call-Signaling
match ip dscp cs3
policy-map QOS
class Voice
priority percent 5
class Routing
bandwidth percent 5
class Call-Signaling
bandwidth percent 5
class class-default
bandwidth percent 60
queue-limit 256
Then apply the qos policy, in the outbound direction, to the interface:
interface "interface-name"
service-policy output QOS
We set DSCP CS3 for call-signaling. Some older devices use AF31 instead. If this is the case then add AF31 to your call-signaling class-map.
class-map match-any Call-Signaling
match ip dscp cs3
match ip dscp af31
Also please reference the Cisco Solutions Reference Network Design (SRND) Guide for specific questions to best practice deployments within the enterprise. Please click on the link below to access our SRND for QOS.
http://www.cisco.com/univercd/cc/td/doc/solution/esm/qossrnd.pdf
10/24/2008
Windows::DNS Alias
When a client computer connects to a Windows 2000 or 2003 server using an alias, the client receives: System error 52 has occurred. A duplicate name exists on the network. This error occurs when you attempt to connect to the server by using a CNAME alias that is created in the DNS zone: net view \\alias.<domain name.com> where alias is a CNAME record that is created for the server in the <domain name.com> zone. Because the server is not listening on the alias, it does not accept connections to that name. Start – Run - Regedt32 Create the following DWORD Key manually. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] "DisableStrictNameChecking"=dword:00000001 Shutdown and restart the server.now alias should work again. |
Outlook::Calendar Items
It seems like a couple times a month we get somebody with a wierd issue related to Outlook Appointments.
This Tech Support Article illustrates the many things that can go wrong with Outlook Calendar appointments and some of the solutions.
http://support.microsoft.com/kb/899704/en-us
10/20/2008
10/14/2008
10/13/2008
Cisco::SNMP::IP Accounting
Gathering IP accounting information from a router via SNMP.
Cisco document with details about SNMP calls to gather MAC table and IP accounting tables from routers via SNMP.
Perl script to do this:
#!/usr/bin/perl
use SNMP_util;
$host = $ARGV[0];
chomp($host);
if ($host eq "") {
print "Host address (return = $defaultHost) ? ";
$host = <stdin>;
chomp($host);
}
if ($host eq "") { die "Usage: ipac [host address]\n"; }
print "Gathering data from $host . . .\n";
@accounting = snmpwalk ("public\@$host",".1.3.6.1.4.1.9.2.4.9");
my @src, @dest, $pkts, $bytes;
foreach $line (@accounting) {
($pre, $data) = split (/\:/, $line);
@mib = split(/\./, $pre);
if ($mib[1] eq "1") { push (@src, $data);}
elsif ($mib[1] eq "2") { push (@dest, $data);}
elsif ($mib[1] eq "3") { push (@pkts, $data);}
elsif ($mib[1] eq "4") { push (@bytes, $data);}
elsif ($mib[1] eq "5") { last;}
else { print "unrecognized data\n";}
}
my $index = 1;
open (OUT, ">", "output.html");
open (CSV, ">", "output.csv");
print OUT "<html><head><link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\" /></head><body><table border=\"1\" bordercolor=\"black\">";
print OUT "<h2>$host IP Accounting</h2><a href=\"output\.csv\" target=\"_blank\">Open in Excel</a>";
print CSV "$host IP Accounting\n";
print OUT "<tr><th>Source</th><th>Destination</th><th>Bytes</th><th>Packets</th></tr>\n";
print CSV "Source,Destination,Bytes,Packets\n";
foreach $from (@src) {
print OUT "<tr><td>$src[$index]</td><td>$dest[$index]</td><td>$bytes[$index]</td><td>$pkts[$index]</td></tr>\n";
print CSV "$src[$index],$dest[$index],$bytes[$index],$pkts[$index]\n";
$index++;
}
print OUT "</table></body></html>\n";
close OUT;
close CSV;
`output.html`
#
#
10/02/2008
Exchange2007::Outlook XP::Delivery Status Notification Issue
I have just installed Exchange 2007 and I am receiving delivery reports in some form of chinese text in outlook 2002; ????????????????????????????????•???????????????????????????????????????????? It looks correct in OWA, if it's printed, forwarded, etc. The exchange hub transport server sends the DSN messages in HTML format by default. Changing it to send DSN's in text format will fix this issue.
powershell change this: Get-TransportServer | Set-TransportServer –InternalDsnSendHtml $False
|
9/30/2008
Disable activesync for all mailboxes:
get-Mailbox | set-CASMailbox -ActiveSyncEnabled:$False
Labels: ActiveSync, exchange, PowerShell
9/29/2008
Outlook::Freeware::Shutdown
I have a shutdown issue with Outlook from time to time. Cache mode file corruption can be problematic when Outlook Add-In's interfere with shutdown.
Outlook Shutdown Add-in
9/10/2008
How much data do I have?
Thanks to: e-discovery team blog
CD = 650 MB = 50,000 pages.
DVD = 4.7 GB = 350,000 pages.
DLT Tape = 40/80 GB = 3 to 6 Million pages.
Super DLT Tape = 60/120 GB = 4 to 9 Million pages.
***************************
Page Estimates:
1 MB is about 75 pages;
1 GB is about 75,000 pages (pick-up truck full of documents).
Aver. pgs. per email: 1.5 (100,099 pages per GB).
Aver. pgs. per word document: 8 (64,782 pages per GB).
Aver. pgs. per spreadsheet: 50 (165,791 pages per GB).
Aver. pgs. per power point: 14 (17,552 pages per GB).
***************************
For the average .PST or .NSF Email File:
100 MB .PST file is 900 emails and 300 attachments.
400 MB .PST file is 3,500 emails and 1,200 attachments.
600 MB .PST file is 5,500 emails and 1,600 attachments.
A 1.00 GB .NSF file is 9,000 emails and 3,000 attachments.
A 1.5 GB .NSF file is 13,500 emails and 4,500 attachments.
*************************** Note: Many variables will affect ALL of the actual numbers above, including especially large image and video files, and recursive files.
*************************** Bits and Bytes Sizes:
•8 bits are equal to 1 byte (one or two words),
•1,024 bytes are equal to 1 kilobyte (KB).
•1,024 kilobytes (KB) are equal to 1 megabyte (MB or Meg).
•1,024 megabytes are equal to 1 gigabyte (GB or Gig) (truck full of paper).
•1,024 gigabytes are equal to 1 terabyte (TB) (50,000 trees of paper).
•1,024 terabytes are equal to 1 petabyte (PB) (250 Billion Pgs. of Text).
•1,024 petabytes are equal to 1 exabytes (EB) (1 000 000 000 000 000 000 bytes).
9/09/2008
Security::VPN::Alphabet Soup
Integrity: AH = Authentication Header or ESP = Encapsulating Security Payload
Encryption: DES = Data Encryption Standard, 3DES = 3 DES keys used, AES = newer standard
Hash: SHA = Secure Hash Algorithm, MD5 = Message-Digest. SHA is newer/more secure. Vista uses SHA
9/02/2008
Protocol Analysis::TCP::TCP State Descriptions
Thanks to: http://www.tcpipguide.com
State | State | Event |
CLOSED | This is the default | Passive Open: A server |
Active Open, | ||
LISTEN | A device (normally a server) | Receive Client SYN,Send SYN+ACK: The server device receives a SYN from |
SYN-SENT | The | Receive SYN, Send ACK: If the device that has sent its SYN message receives a SYN from the other device but not an ACK for its own SYN, it acknowledges the SYN it receives and |
Receive SYN+ACK, Send ACK: If the device that sent the SYN receives both an acknowledgment to its SYN and also a SYN from the other device, it acknowledges the SYN received and then moves straight to the ESTABLISHED state. | ||
SYN-RECEIVED | The device has both received a SYN (connection request) from its partner and sent its own SYN. It is now waiting for an ACK to | Receive ACK: When the device receives the ACK to the SYN it sent, it transitions to the ESTABLISHED state. |
ESTABLISHED | The steady state of an open TCP connection. Data can be exchanged freely once both devices in the connection enter this state. This will continue until the connection is closed for one reason or another. | Close, Send FIN: A device can close the connection by sending a message with the FIN(finish) bit sent and transition to the FIN-WAIT-1 state. |
Receive FIN: A device may receive a FIN message from its connection partner asking that the connection be closed. It will acknowledge this message and transition to the CLOSE-WAIT state. | ||
CLOSE-WAIT | The device has received a close request (FIN) from the other device. It must now wait for the application on the local device to acknowledge this request and generate a matching request. | Close, Send FIN:The application using TCP, having been informed the other process wants to shut down, sends a close request to the TCP layer on the machine upon which it is running. TCP then sends a FIN to the remote device that already asked to terminate the connection. This device now |
LAST-ACK | A device that has already received a close request and acknowledged it, has sent its own FIN and is waiting for an ACK to this request. | Receive ACK for FIN: The device receives an acknowledgment for its close request. We have now sent our FIN and had it acknowledged, and received the other device's FIN and acknowledged it, so we |
FIN-WAIT-1 | A device in this state is waiting for an ACK for a FIN it has sent, or is waiting for a connection termination request from the other device. | Receive ACK for FIN:The device receives an acknowledgment for its close request. It transitions to the FIN-WAIT-2 state. |
Receive FIN, Send ACK: The device does not receive an ACKfor its own FIN, but receives a FIN from the other device. It acknowledges it, and moves to the CLOSING state. | ||
FIN-WAIT-2 | A device in this state has received | Receive FIN, Send ACK: |
CLOSING | The device has received a FIN from the other device and sent an ACK for it, but not yet received an ACK for its own FIN message. | ReceiveACK for FIN: The device receives an acknowledgment for its close request. It transitions to the TIME-WAIT state. |
TIME-WAIT | The device has now received aFIN from the other device and acknowledged it, and sent its ownFIN and received an ACK for it. We are done, except for waiting to ensure the ACK is received and prevent potential overlap with new connections. | Timer Expiration: After a designated wait period, device transitions to the CLOSED state. |
Exchange::IIS::Redirect HTTP to HTTPS page for Outlook Web Access
The following KB article details customizing the error message for the 403.3 error (SSL required.)
MS KB 839357
I'm not an ASP programmer, but I couldn't get their sample code to work. Instead I used the more elegant HTML below:
<HTML>
<HEAD>
<TITLE>WebMail</TITLE>
<meta HTTP-EQUIV="REFRESH" content="0; url=https://email.COMPANY.com/exchange">
</HEAD>
<p>
Redirecting to: <a href="https://email.COMPANY.com/exchange" target="_blank">https://email.COMPANY.com</a>
</p>
</BODY>
</HTML>
5/12/2008
Exchange::Mailbox Cleanup Agent
Thanks to: MS Exchange Team Blog
Exchange 2000/2003 Mailbox Manager and msExchMailboxManagerAgeLimit.
In Exchange 2000/2003 mailbox manager policies may not process items as some administrators might expect. For example, if you set up a mailbox manager policy to delete messages from the inbox after 30 days, you may find that some of the messages are not deleted after the 30 day window has passed.
In Exchange 2000/2003, in order for a message to be processed by a policy, the age of the message must pass 3 criteria:
Delivery: (PR_MESSAGE_DELIVERY_TIME),
Sent: (PR_CLIENT_SUBMIT_TIME),
and Last Modified: (PR_LAST_MODIFICATION_TIME).
If any of these flags are less than the age specified on the mailbox manager policy settings, that message will not be processed. In other words, if you have a policy set to 30 days and at 29 days a user reads a message that falls under this policy (and hence sets the last modified flag back to 0 days) the message will not be processed after the 30th day because it will fail on 1 of the 3 criteria. It will not be processed until all the criteria are met (in this scenario after 30 more days)
This behavior is different than in Exchange 5.5. In Exchange 5.5, if the delivery time flag is present on a message then no other criteria will be checked. So in the above scenario, 30 days after receiving the message it would be purged.
The design was changed in Exchange 2000/2003 to better accommodate certain workflow programs, journaling and non-ipm.note message classes that would look at different message properties for cleanup.
However, in certain environments you might want to have Exchange 2000/2003 behave the same as Exchange 5.5. This can be done in Exchange 2000 with the post SP3 roll-up or with Exchange 2003 RTM by setting the msExchMailboxManagerAgeLimit attribute on the mailbox manager policy to a hex value of "0x3".
There are three values you can set this to depending on your needs:
0x1: The Last modification time will not prevent the deletion of a message. If the last modified modified date is greater than the limit, the item may be deleted.
0x2: The time that the message was submitted will not prevent the deletion of a message. If the submission time is greater than the limit, the item may be deleted.
0x3: This value sets both bits 0x1 and 0x2, and mimics the behavior from Exchange 5.5.
Note that Mailbox Manager does not ever delete recurring appointments or tasks, regardless of age. You cannot turn off evaluation of delivery time.
More information on setting this is in the following article: KB 326397
4/15/2008
HP Servers::iLo
Reset iLo Administrator Password
Thanks NetNerds !
1. Installed SNMP because it was a preprequesite
2. Download and Install the HP Insight Management Agents.
3. Download HP Lights-Out Online Configuration Utility.
4. Download HP Lights-Out XML Scripting Sample for Windows
reset.xml
<ribcl VERSION="2.0">
<login USER_LOGIN="Administrator" PASSWORD="boguspassword">
<user_INFO MODE="write">
<mod_USER USER_LOGIN="Administrator">
<password value="newpass"/>
</mod_USER>
</user_INFO>
</login>
</ribcl>
hponfig.exe /f reset.xml
Labels: hp
3/28/2008
HTML::Style Sheet::Page Breaks
This is a wonderful thing:
<STYLE TYPE="text/css">
HR {page-break-before: always}
</STYLE>
Labels: HTML
2/29/2008
Windows::Exchange 2007::Power Shell
Cryptic result from Get-StorageGroupCopyStatus
Get-StorageGroupCopyStatus ExchMbx01ccr\TestStg01 -StandbyMachine ExchDR
Resulted in SummaryCopyStatus = "not configured"
Documentation on TechNet did not even list "not configured" as a possible value.
It turns out that the server name was incorrect.
Get-StorageGroupCopyStatus ExchMbx01ccr\TestStg01 -StandbyMachine ExchDR01
Results in SummaryCopyStatus = "Healthy"
Labels: Exch2007, PowerShell
1/30/2008
SMTP::From Address Spoofing
Sender Policy Framework
The Problem: Sender Address Forgery
Today, nearly all abusive e-mail messages carry fake sender addresses. The victims whose addresses are being abused often suffer from the consequences, because their reputation gets diminished and they have to disclaim liability for the abuse, or waste their time sorting out misdirected bounce messages.
The Solution: SPF
The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. More precisely, the current version of SPF — called SPFv1 or SPF Classic — protects the envelope sender address, which is used for the delivery of messages. See the box on the right for a quick explanation of the different types of sender addresses in e-mails.
1/24/2008
1/17/2008
Data Center::Fire Suppression
FM200
Interesting information gleaned from overview from vendor:
- This system puts out a fire by quickly lowering the temperature of the room by 20 degrees or more. This also creates a vaccum in the room which, in addition to lower temp, puts out the fire. This change in pressure can displace ceiling tiles and stir up dust from the floor. Very shortly after the gas is deployed the room warms back up and the pressure in the room returns to normal.
- The gas is inert and not toxic to breath.
- The gas disperses sideways from a nosel that looks like a sprinkler head.
At our site this will be integrated with the same control system as our pre-action system.
So...it will work as follows:
- smoke alarm in the data center => the preaction system will release water control valve making water available to the system. The pipes remain pressurized so pipes still have only air in them until the heat from a fire causes a sprinkler to open.
- multiple smoke alarms in the data center => FM200 system will alarm, 30 second delay, the gas will be released. temp will go way down, ceiling tiles will be sucked down into the room--some will fall out, "hurricane" wind may blow more dust up from the floors, A/C system will be shut down to prevent air flow that would further feed fire. A few seconds later the room will warm up and the pressure will become normal. No cleanup procedure required. (just dust things off...)
Other interesting info from Q&A
- It is required to have a 4 foot square of ceiling around our sprinkler heads to allow for proper operation. If the sprinkler head is not at the top of the ceiling it will not heat up at the same rate as the rest of the room and not kick in soon enough.
- Sprinkler heads - bottom plate will melt off at 135 degrees F. That exposes an element that will melt at about 155 degrees F.
- in some cases locality may allow water fire suppression systems to be removed. This would likely require a backup system. Many times this is not allowed however either by the local statutes and/or building management.
Labels: data-center
Windows::Server Performance::Troubleshooting::Citrix
Troubleshooting Server Performance
The discussion of a specific issue below is perhaps useful in a more general sense for troubleshooting and performance monitoring topics.
Problem: After upgrading to Citrix Presentation Server 4.5 a higher average cpu utilization is observed as well as a high rate of context switches. Previously we have often received warnings in Citrix Performance Monitor for %interrupt -- this issue continues and is perhaps seen more often in 4.5 servers as well.
Background: Running PS4.5 using published applications and desktops on a Microsoft Windows 2003 SP2 server on a physical machine. Running several "high maintenance" accounting applications on two PS4.5 as published applications on virtual machines on VMWare Virtual Infrastructure 3.0 cluster. These all exhibit the symtoms above just since the upgrade to 4.5. Also, we are still running 4.0 on several other servers in the same Citrix Farm and various versions of PNA are in use by client machines (predominantly 8.x)
Investigation regarding context switches
A lot of good resources turned up:
Intel: Using Windows Performance Monitor
Sysinternals
www.thomaskoetzing.de
MSDN-Context Switches
Analyzing Processor Activity
Since this issue occurs on both physical and virtual servers it is not a VM problem, but will investigate this avenue as well to ensure correct and optimal configuration.
VMware: improving scalability for Citrix PS
http://redmondmag.com/features/article.asp?editorialsid=718
- definition: CPU's share their time between all threads according to priority. When the CPU stops working on one thread and starts working on another that is a context switch.
- monitoring: A ballpark rule of thumb is "normally" there should be no more than 28000 context switches per CPU on a system.
- What to look for
- Page file - too small, or is allowed to dynamically grow - recommendation: set to larger fixed size.
- Consider write cache on RAID controller
- insufficient hardware
- poorly designed device drivers or applications
Tools
- PerfMon - system/context switches
- SysInternals - Process Explorer - View > select columns > Process Performance > context switches, context switch delta
- pstat.exe (windows resource kit or support tools
VMWare
Some asides that came up during this investigation explained some issues we have had with virtualizing citrix servers. We needed to keep 2 cpu's in the VM after we converted them. That is the opposite of the VMWare recommendations we have seen.
- The multiprocessor HAL had not been downgraded to single processor HAL.
- Hidden devices in device manager had not all been removed.
1. Click Start, click Run, type cmd.exe, and then press ENTER.
2. Type set devmgr_show_nonpresent_devices=1, and then press ENTER.
3. Type Start DEVMGMT.MSC, and then press ENTER.
4. Click View, and then click Show Hidden Devices.
5. Expand the Network Adapters tree.
6. Right-click the dimmed network adapter, and then click Uninstall
uninstall any other physical devices not needed
Investigation
- Interesting - on the VM servers when looking at Task Manager the %cpu listed individually for all the processes for all users did not appear to add up to what was showing up on the Performance tab (at least 50% discrepency.) This was not observed on the physical server
- For both VM's and physical servers: Citrix Performance Monitor was showing warnings and intermittent error conditions on %cpu, %interrupt, context switches/sec.
- The VM's cpu utilization on the host machine is extremely high. On the server with the greatest number of users it maxed out the host cpu for much of the time I watched it.
- Watching performance monitor a few minutes showed context switches/sec to be in the hundreds of thousands.
- Opened Process Explorer and set view to show context switches and context switch deltas. I observed that at times it reported up to 50% cpu was due to hardware interrupts (this was not as dramatic when I checked it on the physical machine so I wonder if this is a reporting issue related to vmware's magic behind the scenes.) Also, the highest context switch delta was for hardware interrupts so Process Explorer was no help to further isolate it.
- To isolate what driver or program might be causing this issue, I piped the output of pstat.exe to a file and looked for the highest count of context switches. I took the memory address of that thread and looked it up in the bottom section to find what address range it fell in. In this case it was CDM.SYS
- google search of CDM.SYS turned up multiple articles about Citrix servers. I think CDM stands for Client Data Mapper. Of greatest interest is an article about a hotfix for PS4.5:
http://support.citrix.com/article/CTX114121 (and I see a lot of other post FR1 hotfixes out there too.)
The issue resolved in this hotfix is:
"Winlogon.exe shows higher than average CPU consumption on the server. The issue occurs because the server refreshes the smart card reader state more frequently than necessary. This occurs even if smart cards are not being used. With this fix, the reader state is refreshed only once per noticeable event."
Labels: citrix, performance, server
12/21/2007
Networking::Servers
Tip: Disable unused NIC's!
If a server has an unplugged NIC it will get 169.254.0.0 address automatically and it may register it's name with both IP's and part of the time DNS will respond with the unreachable 169.254.x.x address.
12/19/2007
Blackberry::BES::Monitoring
Monitoring and Management Products for Blackberry Enterprise Server
http://www.needtext.net/
http://www.conceivium.com/
http://www.zenprise.com/products/blackberry-monitoring.aspx
http://www.berrynator.com/bn_english/index.html
http://www.ancoris.com/s/mon/blackberry.shtml
BoxTone from a company named Panacya Inc
Labels: BES, blackberry
12/11/2007
Links::Point to Point DS3
Interesting, cheaper solution for p2p DS3
http://www.ds3switch.com/
Labels: WAN
12/10/2007
Video Bridging Service Providers
Contacts
To find a conference facility and also get VC hook-up:
Lad Reporting (located in Washington, DC)
Amanda Cordelli
(301) 762-8282
Video Conferencing Bridging Services:
Precision Videoconferencing Solutions
David Sayer
(720) 214-2347
WireOne
Amy Eldridge
(970) 587-8003
Adam Moss
Providea Inc.
Major Account Manager
408-280-0537 (office)
www.provideasolutions.com
1-800-CONFERENCE®
1717 North Penny Lane, Suite 2
Schaumburg, Illinois 60173
1-800-266-3373 (select option 1)
1-847-413-3498 (select option 1)
1-800-866-1096 Fax
1800conference@corporatefs.com
Labels: audio-visual
12/03/2007
Video Utility::Link::Download
VLC media player
Free utility useful for a few nagging functions - snapping jpgs out of videos, grabbing some video off a DVD, etc.
videolan.org
Labels: audio-visual, Links
11/20/2007
ESX Time Source
set up ESX hosts with an NTP source…
VMWare KB
To configure NTP on the service console, you must:
/etc/ntp.conf
/etc/ntp/step-tickers
/etc/hosts
Labels: vmware ntp
11/07/2007
Citrix::ICA::Session Sharing
Troubleshooting and Explaining Session Sharing
CTX159159
Understanding and Troubleshooting Citrix's Seamless Windows Engine
BrianMadden.com
Labels: citrix
10/30/2007
Network Latency
Latency due to distance = approximately 1ms per 100km
from: http://www.nessoft.com/kb/42
There are two *normal* factors that significantly influence latency
- The latency of the connecting device. For a cable modem, this can normally be between 5 and 40 ms. For a DSL modem this is normally 10 to 70ms. For a dial-up modem, this is normally anywhere from 100 to 220ms. For a cellular link, this can be from 200 to 600 ms. For a T1, this is normally 0 to 10 ms.
- The distance the data is traveling. Data travels at (very roughly) 120,000 miles (or 192,000 kilometers) per second, or 120 miles (192 km) per ms (millisecond) over a network connection. With traceroute, we have to send the data there and back again, so the latency will raise roughly 1ms for every 60 miles (96km, although with the level of accuracy we're using here, we should say "100km") of distance between you and the target.
Labels: internet network latency
10/11/2007
Internet Explorer::cannot post data to a non-NTLM-authenticated Web site
KB251404
SYMPTOMS
You cannot post any data to non-NTLM authenticated Web sites.
CAUSE
This issue can occur after you visit an NTLM authenticated folder.
RESOLUTION
add a value to the following registry key:
HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Internet Settings/
Add the following registry value:
Value Name: DisableNTLMPreAuth
Data Type: REG_DWORD
Value: 1
Also, turn off Enable Integrated Windows Authentication in Internet Explorer.
1. Start Internet Explorer.
2. Click Tools, click Internet Options, and then click the Advanced tab.
3. Under Security, click to de-select Enable Integrated Windows Authentication (requires restart), and then click Apply.
4. Close Internet Explorer.
To resolve this issue from the server side, configure the Web site to use either of the following authentication methods:
• Configure the Web site to permit anonymous access only.
• Configure the Web site to permit both anonymous access and NLTM authentication (Integrated Windows authentication).
Labels: IE
VMWare::ESX::CPU Percent Ready
Good discussion about what this means and how to optimize CPU performance.
http://communities.vmware.com/thread/97303
"%Ready = Percent of time there is work to be done, and no physical CPU to do it on.
One rule of thumb that I use (saw it here some time ago) is that up to 5% Ready is OK, even normal; anything between 5% and 10%, best keep an eye on the VM and the host. Over 10% (for extended periods) you best be planning on taking some action.
One thing to keep in mind, if the VM is assigned multiple CPUs, they must both be scheduled on physical CPUs/cores simultaniously. This can cause you some headache (voice of experience here.) If only one CPU has work, both need to be scheduled, which is harder to do, and can take longer, increasing %Ready, response time, and reducing resources for other VMs."
"If you change from a multi-processor system to a uni-processor system you need to manually change the HAL on the Windows server after the conversion. To do this go into Device Manager after the machine first boots and discovers it's new hardware and then click on Computer then right-click on the processor and select Update Driver. Then select Install from specific location and then Don't search I will choose the driver to install. Then select show All compatible hardware and select the appropriate processor. For example, if you went from a dual cpu to a single cpu then select ACPI uni-processor PC instead of ACPI multi-processor PC. You will need to reboot once you change this. To verify what HAL you are using you right-click your hal.dll in c:\windows\system32 and select the Version tab and select Internal Name and it should say halmacpi.dll for multi-processor acpi and halacpi.dll for uni-processor acpi.
Next clean up all the non-present hardware after the P2V conversion. To do this go to a CMD prompt and type SET DEVMGR_SHOW_NONPRESENT_DEVICES=1 and then DEVMGMT.MSC and then select Show Hidden Devices. Delete any old grayed out hardware.
Next remove any vendor specific applications/drivers. For example on a HP server you should go to Add/Remove programs and remove any HP management agents, survey utility, array config utility, version control agent, etc. Also check your NIC and make sure there are no vendor specific drivers there (ie. teaming). Check the Services to see if all there is anything vendor specific related there and disable any services that are. "
10/08/2007
VBS::Parsing CSV
This is a great ongoing series:
Hey Scripting Guy!
Const ForReading = 1
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("C:\Scripts\Test.txt", ForReading)
Do Until objFile.AtEndOfStream
strLine = objFile.ReadLine
arrFields = Split(strLine, ",")
If InStr(arrFields(1), "Everyone") Then
strContents = strContents & arrFields(5) & vbCrlf
End If
Loop
objFile.Close
Set objFile = objFSO.CreateTextFile("C:\Scripts\Everyone.txt")
objFile.Write strContents
objFile.Close
Labels: script parse