jeudi 29 mars 2012

Centreon Could not find DEFINITIONS :: = BEGIN statement in MIB file!


To recover the traps sent by my SAN MSA2012FC (http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c01565941/c01565941.pdf), I tried to add a MIB (found here : http://www.emc.com/microsites/fibrealliance/index.htm) in Centreon.


Here is the error I encountered:


Could not find DEFINITIONS :: = BEGIN statement in MIB file!


After catching a headache I found the solution... 


beginning of the file


FCMGMT-MIB
-
Last edit date: November 10th, 1999
DEFINITIONS :: = BEGIN
   IMPORTS     IpAddress, TimeTicks, experimental         FROM RFC1155-SMI     OBJECT-TYPE         FROM RFC-1212     DisplayString         FROM RFC1213-MIB     TRAP-TYPE         FROM RFC-1215;


--> replaced by


FCMGMT-MIB DEFINITIONS :: = BEGIN   IMPORTS     IpAddress, TimeTicks, experimental         FROM RFC1155-SMI     OBJECT-TYPE         FROM RFC-1212     DisplayString         FROM RFC1213-MIB     TRAP-TYPE         FROM RFC-1215;


and it works ^^'

mercredi 28 mars 2012

How to analyze memory dump after windows crash (Blue Screen of Death)

1) Download and install the Microsoft Debugging Tools : http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

2) Start > All programs > Debugging Tools for Windows (x86) > WinDbg > File > Symbol File Path
Then paste this line into Symbol path : SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

3) File > Open Crash Dump > Select your crash dump (usually under %systemroot%/minidump)
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [G:\tmp\Mini032911-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.100216-1514
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x80554040
Debug session time: Tue Mar 29 11:42:28.210 2011 (UTC + 2:00)
System Uptime: 4 days 2:09:35.447
Loading Kernel Symbols
...............................................................
..............................................................
Loading User Symbols
Loading unloaded module list
.........................................
Unable to load image ATMFD.DLL, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ATMFD.DLL
*** ERROR: Module load completed but symbols could not be loaded for ATMFD.DLL
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 10000050, {e20937b4, 0, bf83cc83, 1}


Could not read faulting driver name
Probably caused by : ATMFD.DLL ( ATMFD+125e9 )

Followup: MachineOwner
---------

You can obtain the detailed debugging information by enter in the prompt KD> the command !analyze -v

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: e20937b4, memory referenced.
Arg2: 00000000, value 0 = read operation, 1 = write operation.
Arg3: bf83cc83, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 00000001, (reserved)

Debugging Details:
------------------


Could not read faulting driver name

READ_ADDRESS: e20937b4

FAULTING_IP:
win32k!EngUnmapFontFileFD+1c
bf83cc83 8b482c mov ecx,dword ptr [eax+2Ch]

MM_INTERNAL_CODE: 1

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x50

PROCESS_NAME: csrss.exe

LAST_CONTROL_TRANSFER: from bffb25e9 to bf83cc83

STACK_TEXT:
b9144b6c bffb25e9 e2093788 e2093788 00006eb0 win32k!EngUnmapFontFileFD+0x1c
WARNING: Stack unwind information not available. Following frames may be wrong.
b9144ba0 bffafaba 00000000 000004a8 00000001 ATMFD+0x125e9
b9144c00 bffa5ab1 00000001 bf977f53 00000000 ATMFD+0xfaba
b9144c34 bffa2fab 00000001 bf977f53 b9144cf4 ATMFD+0x5ab1
b9144c64 bf8d1267 e3f33968 00000002 00000000 ATMFD+0x2fab
b9144c7c bf8e0428 e3f33968 b9144ca8 bf8e0491 win32k!PDEVOBJ::UnloadFontFile+0x2a
b9144c88 bf8e0491 e26d5008 e103f550 e26d5008 win32k!vCleanupFontFile+0x23
b9144ca8 bf9657f8 b9144cec 00000001 00000000 win32k!PUBLIC_PFTOBJ::bLoadAFont+0x24c
b9144ce4 bf9420a4 00000000 89ec8990 e26d6e58 win32k!PFTOBJ::bUnloadAllButPermanentFonts+0x1c8
b9144cf8 bf93261f 805b0b36 80527852 023b1f48 win32k!GreRemoveAllButPermanentFonts+0x29
b9144d10 bf861ff8 89d31558 00000000 bf861fa2 win32k!EndShutdown+0xe4
b9144d30 bf861fcc 89d31558 00000006 006afeb4 win32k!xxxSetInformationThread+0x17f
b9144d4c 8053d658 0000008c 00000006 006afeb4 win32k!NtUserSetInformationThread+0x31
b9144d4c 7c90e514 0000008c 00000006 006afeb4 nt!KiFastCallEntry+0xf8
006afeb8 00000000 00000000 00000000 00000000 0x7c90e514


STACK_COMMAND: kb

FOLLOWUP_IP:
ATMFD+125e9
bffb25e9 ?? ???

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: ATMFD+125e9

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: ATMFD

IMAGE_NAME: ATMFD.DLL

DEBUG_FLR_IMAGE_TIMESTAMP: 4802a0d3

FAILURE_BUCKET_ID: 0x50_ATMFD+125e9

BUCKET_ID: 0x50_ATMFD+125e9

Followup: MachineOwner
---------

The problem was a font problem

Netbeans - JVM creation failed

You tried to launch your Netbeans IDE and you encountered this error: 

JVM Creation Failed
In my case, under Windows XP x86, I modified this line (in configuration file C:\Program Files\NetBeans 7.0\ etc\netbeans.conf)


->netbeans_default_options="-J-client -J-Xss2m -J-Xms32m -J-XX:PermSize=32m -J-XX:MaxPermSize=384m -J-Dapple.laf.useScreenMenuBar=true -J-Dapple.awt.graphics.UseQuartz=true -J-Dsun.java2d.noddraw=true"

by this one

netbeans_default_options="-J-client -J-Xss2m -J-Xms32m -J-XX:PermSize=32m -J-Xmx256m -J-XX:MaxPermSize=128m -J-Dapple.laf.useScreenMenuBar=true -J-Dapple.awt.graphics.UseQuartz=true -J-Dsun.java2d.noddraw=true"

Same solution works for Netbeans 7.1.1

mardi 27 mars 2012

Powershell - Find a pattern in files (directory recursive)


$findPath="YOURPATH"
$patternToFind="YOURPATTERNTOFIND"
$patternFindInFiles=Dir $findPath -recurse|Select-String $patternToFind |Foreach {$_.path}
$patternFindInFiles|Out-File "found.txt"

jeudi 15 mars 2012

Strict replication consistency should be enabled on all domain controllers in this forest

You run a BPA on your "Active Directory Domain Services" role and you obtain this warning:

Strict replication consistency should be enabled on all domain controllers in this forest
Issue: Strict replication consistency is not enabled on the domain controller SERVERNAME
More information about this best practice and detailed resolution procedures: http://go.microsoft.com/fwlink/?LinkId=142189
(When a domain controller in your Active Directory environment is disconnected from the replication topology for an extended period of time, all objects that are deleted from AD DS on all other domain controllers might remain on the disconnected domain controller. Such objects are called lingering objects. When this domain controller is reconnected to the replication topology, it acts as a source replication partner that has one or more objects that its destination replication partners no longer have. Problems occur when these lingering objects on the source domain controller are updated and these updates are sent by replication to the destination domain controllers. A destination domain controller can respond in one of two ways:

    If the destination domain controller has strict replication consistency enabled, it recognizes that it cannot update the object (because the object does not exist), and it locally halts inbound replication of the directory partition from that source domain controller.

    If the destination domain controller does not have strict replication consistency enabled, it requests the full replica of the updated object, which introduces a lingering object into the directory.
)

What I do:

1) You have to remove lingering objects

/removelingeringobjects <Dest_DSA_LIST> <Source DSA GUID> <NC> [/ADVISORY_MODE]

Dest_DSA_LIST (you can enter the dns name of the server or the distinguished name)

DSA_GUID : To find this one, type :

                      repadmin /showrepl

                     And copy the DSA object GUID value
NC: It's your naming context (example: DC=CONTOSO,DC=COM)

The Advisory_mode logs lingering objects in Event ID 1388 or 1988 (http://technet.microsoft.com/en-us/library/cc780362%28v=ws.10%29.aspx)

2) Enable strict replication consistency

The syntax is : repadmin /regkey DC_LIST {+|-} key

--> I used "repadmin /regkey SERVENAME +strict" 


The AD DS BPA should be able to collect data about Group Policy Results setting "Access this computer from the network" from the domain controller...

You run a BPA on your "Active Directory Domain Services" role and you obtain this error:

"The AD DS BPA should be able to collect data about Group Policy Results setting "Access this computer from the network" from the domain controller SERVERNAME"

Open "Active Directory Module for Windows PowerShell" then type:
1) cd C:\Windows\System32\BestPractices\v1.0\Models\Microsoft\Windows\DirectoryServices\
 2) .\DirectoryServices_model.ps1

From Microsoft Technet
 a) Look for “Cannot translate account name to SID” in the output, where is the name of the account that was failed to translate. 
b) Troubleshoot why this account cannot be translated to a SID 

In my case, it was a problem with an account that had been set on "Default Domain Controllers Policy" policy and that no longer existed in the domain. 

Tip: To find what policy contains SID problems, try to backup all your GPOs 

1) Open "Group Policy Management" (or type gpmc.msc in Start>Execute) 

2) You'll see an error message appears in the GPO which contains not mapped SID --> remove the bad SID(s).

Best practice : protect OU from accidental deletion in 2008R2

In 2008 domain, when you create an OU, it is protected by default from accidental deletion.

But if you have got OU presents from a migration or something else these OUs are not protected against deletion.

 You can do it via the interface "Active Directory Users and Computers", right click on the "OU>properties>object>check the box 'Portect object from accidental deletion'".

If you can't see the "object" tab, it's because you have to activate the advanced features view. In ADUC, "View>Advanced Features".

If you have a lot of OUs, you would make this by a script...
So, open "Active Directory Module for Windows PowerShell" and enter this command

Get-ADOrganizationalUnit -filter * | Set-ADOrganizationalUnit
 -ProtectedFromAccidentalDeletion
$true

jeudi 8 mars 2012

List user's folder access permissions

You can use subinacl (available here : http://www.microsoft.com/download/en/confirmation.aspx?id=23510)

subinacl /testmode /noverbose /outputlog=c:\mytest.log /subdirec=directoriesonly c:\*.* /findsid=domain\username

Install NPS (Network Policy Server) - Radius

Description
The VPN (Virtual Private Network) allows users to connect from the Internet in their company. This connection is encrypted in a tunnel, so that data can not be recovered by a possible pirate.
The authentication procedure may be made either by e-certificate or by account / password. We must therefore choose the method that works for you.

Principle
The client connects to the VPN server, which authenticates with the Radius server (Remote Authentication Dial-In User Service) Central. After authentication, the client received his VPN company IP address, which allows access to company data, as if it were on the site.

Authentication: verification and control of User ID and Password in the Radius Client
This is a protocol used by machines to authenticate an user of a service or providing feedback on this user (traffic volume, connection time, ...). By extension, it is called Radius server or proxy server to tell server or proxy using the Radius protocol to communicate.

RADIUS uses UDP.

On Windows Server 2008R2 service Radius (IAS) was replaced by NPS (Network Policy Server).
































How to find HBA WWN number on ESX server

Select the ESX host in the VI client > Select the Configuration tab > Select Storage Adapters> and on the right hand side the storage adapters are listed.  If you select one it should list the details of the hba in the section on the bottom right of the screen. 



Clone a virtual machine without vmkfstools

Clone a virtual machine without vmkfstools:


Power Off Server-A

scp -r /vmfs/volume/LUN25/Server-A/ /vmfs/volume/LUN30/Server-B/

or

cp -r /vmfs/volume/LUN25/Server-A/ /vmfs/volume/LUN30/Server-B/

cd /vmfs/volume/LUN30/Server-B

modify all names from Server-A to Server-B

mv ServerA-flat.vmdk ServerB-flat.vmdk
mv ServerA.vmdk ServerB.vmdk
mv ServerA.nvram ServerB.nvram
mv ServerA.vmx ServerB.vmx
mv ServerA.vmxf ServerB.vmxf
mv ServerA.vmsd ServerB.vmsd

modify all referrences inside the .vmdk .vmx .vmxf from Server-A to Server-B
delete all vmware*.log files
vmware-cmd -s register Server-B.vmx
vmware-cmd Server-B.vmx start

Installing VMWare-tools on Ubuntu

uname -r

sudo aptitude install build-essential linux-headers-2.6.32-23-generic-pae  psmisc


# make a mount point if needed :
sudo mkdir /media/cdrom

# Mount the CD
sudo mount /dev/cdrom /media/cdrom

# Copy and extract VMWareTools

sudo cp /media/cdrom/VMwareTools*.tar.gz /home/administrator

# You can extract with archive manager, right click on the archive and extract ... or

tar xvf VMwareTools*.tar.gz

# Install as below

cd /home/administrator/vmware-tools-distrib
sudo ./vmware-install.pl

During vmware-install.pl, choose the default answers to everything (just hit the <enter> key).