IT Archives

December 1, 2008

Remote Access Authentication

Your users wants to have VPN access to access stuff on the road. The VPN tunnel stops at the appliance. You loathe create an access control list just for that box. Not to mention internal audit is going to you hell for static passwords. The solution is RADIUS

Continue reading "Remote Access Authentication" »

October 12, 2008

Installing Windows 2008 using HP SmartStart 8.1

Installing servers with vendor installation CD is to make your life easier as it comes with all the necessary drivers for their hardware.

Continue reading "Installing Windows 2008 using HP SmartStart 8.1" »

September 8, 2008

Installing an additional node to a SQL 2005 cluster

An SQL 2005 cluster can have up to upto 8 nodes for the Enterprise or Standard edition 2 nodes. Sometimes you only have the budget to do so much and the passive node gets postponed.

When you have finally get the passive node, how do you add it in?

Continue reading "Installing an additional node to a SQL 2005 cluster" »

August 7, 2008

Migrating Symantec Endpoint Security Management Server

Symantec Endpoint Protection is a marriage of Symantec Antivirus 11 and Sygate Firewall. As a result the management server is quite a different animal from the previous version. It is much more similar to Mcafee ePO.

There are times you need to move the management server after installation.

Continue reading "Migrating Symantec Endpoint Security Management Server" »

July 29, 2008

Fixing Symantec Endpoint Protection Manager

After installation of the Symantec Endpoint Protection Manager, you might encounter the home page, reports and policy page cannot be viewed. "The website declined to show this webpage".

Continue reading "Fixing Symantec Endpoint Protection Manager" »

April 19, 2008

Hitachi Data System SAN

Recently I have the chance to work on HDS AMS 200 SAN. It was quite an interesting experience.

When you create a LUN, it needs to be formatted. What it does during the formatting it never really say, but I find it very strange as I still need to perform the usual OS format.

The LUN expansion is performed by joining the LUNs and presenting a virtual LUN. It does not actually expanding the LUN.

Continue reading "Hitachi Data System SAN" »

March 20, 2008

Working on Primary DNS server

Primary DNS server, usually a Domain Controller provides the necessary name resolution of Active Directory operations. It also required for user computer startup and logon. It is also required for the all important Internet access.

What about the secondary DNS server? Isn't that what it suppose to stand in when the primary is not available?

Continue reading "Working on Primary DNS server" »

March 19, 2008

Trend Micro OfficeScan and ServerProtect

After a long lull, I get to work with Trend Micro products again. OfficeScan has really evolved. The current version 8.0 will work with IIS or Apache 2.0 (only). If it detects an IIS web server, it will proceed to install for it. Otherwise it will install Apache 2.0. Note this is located in OfficeScan folder, not Apache Project.

Continue reading "Trend Micro OfficeScan and ServerProtect" »

March 18, 2008

Promoting Domain Controllers

Domain controllers for Windows rely on the DNS to work and find each other through SRV records. If the DNS is not available, the domain controllers don't work very well.

For member server, the DNS settings are typically any of the domain controllers. For Domain controllers, the DNS server should be set to its opposite partner as primary and itself as secondary.

Continue reading "Promoting Domain Controllers" »

January 8, 2008

Symantec Endpoint Protection

Also known as Corporate Edition version 11 + Sygate firewall. This is really different product from Symantec Corporate Edition ver 10. It looks more like a McAfee ePO Orchestra. There are groups for clients and packages to go with the groups etc.

With the inclusion of anti-spyware, intrusion detection and software signature, the PC is going to be really protected. To do all that you will need a higher end management server and may be a bit more.

Continue reading "Symantec Endpoint Protection" »

December 17, 2007

Symantec Backup Exec 11d Oracle Agent is broken

I was installing Symantec Backup Exec 11d to back up a bunch of servers with Oracle database. After several fruitless sessions to get the Oracle Agent to work, I logged a call to Symantec Support.

Continue reading "Symantec Backup Exec 11d Oracle Agent is broken" »

November 27, 2007

Server Hardening

To reduce to surface vulnerable to malicious attack. This is accomplished by removing, disabling unused services and/or increasing the encryption level of communication protocol. Microsoft has provided three types of templates: Compatible, Secure and Highly Secure.

Continue reading "Server Hardening" »

November 26, 2007

Patching ISA 2004

Ever tried patching an ISA server? Not as easy as other application servers. Recently I had an interesting experience on patching an ISA 2004 server. So I am documenting this down for everyone and myself.

Continue reading "Patching ISA 2004" »

October 12, 2007

Moving backup to disk folders for Backup Exec 11d

I had a situation that required me to change the IP address of the NAS for the Backup to disk folders. Now the location of the folders cannot be changed in the properties. Symantec recommends to create a new location and copy the files across.

That seems to be too complicated, since I am changing the IP address of my NAS, the location of the files remain the same. I really can't do a source and destination copy.

There got to be a simpler way.

Continue reading "Moving backup to disk folders for Backup Exec 11d" »

October 7, 2007

Project Management

Once upon a time, an architect friend of mine commented what is so special IT project management. You have the lead time and alloted time for the task. Plan and execute. Unlike construction project management, we don't have to contend with weather and all the nice things of working outdoors. I tend to agree until I tried installing Symantec Backup Exec 11d

Continue reading "Project Management" »

October 3, 2007

Meet Shorty

Shorty, the smaller brother of HP c7000 Blade enclosure is now available. The new c3000 is targetted towards SMB. It is a very compact enclosure, with only eight half height slots compared to the C7000 16 slots. To achieve this size, some power options are not available.

All the server blades, interconnect options are currently reuseable on the c3000. For more info see here and a excellent video site

September 10, 2007

Cloning the HP way

HP offers this nifty little software to help you to migrate your installation from old or other platform to Proliant servers. With a management server, it will reboot the source server and copy the partitions directly to the destination server. This is done using with the aid iSCSI Software Initiator from Microsoft.

You can download the trial version from Create a bootable CD from the installation file. Run the CD on the management and the source server. Follow the simple instructions on screen. Move the CD over to the destination server and reboot. On the management server initiate the cloning. After 35 minutes for 17 GB of data over a 1Gb switch its done!

The only catch is that your destination Proliant server should be G4 or newer and another thing.

Continue reading "Cloning the HP way" »

August 27, 2007

Have you heard of the command SC?

Most of us are familiar with the famous NET command since the Windows NT days. The NET command to handle network services is part of the NTLM and LAN Manager coming from the days of MS-DOS.

Now we have Windows 2003 and the NET command don't quite make it, as it does not show the service properties completely.

Enter the SC command.

Continue reading "Have you heard of the command SC?" »

August 23, 2007

HP BladeSystem c-Class

Just completed a week of blade system training by HP. They take blade technology to a whole new level. The keyword here is Integration. Everything is integrated here except the kitchen sink. And then may be next time.

The c class blade servers are very much smaller than the old p class, eg no more double slots or sleeves. They are available either as full height or half height single slot servers, giving a total of 8 or 16 blades in a 10U chassis. Coupled together with a wide range options, HP has a winner. And the market agrees. In summer of 2007, HP BladeSystem now has the largest market share.

The road to be certified as an ASE with c class specialization is a rocky one. With a prerequisite of MCSE 2003, all I need to pass are three papers, AIS HP0-055, ASE HP0-053 and c class HP0-064.

24 Aug 07. Finally passed HP0-064. Now ASE-Specialty in HP ProLiant Servers c-Class Blades. Yippee.
Some of the questions were pretty brain dead, some are really weird like when adding a second enclosure, what should I install? It seems the answer is the rear module. There were no questions on details of each blade servers and differences, eg mezzamine slots are the fastest for BL465 and it is the only one that supports Novell. Mezzamine port mappings are not there too, presumably they wanted to keep the exam questions hardware version independant.

Continue reading "HP BladeSystem c-Class" »

July 1, 2007

Windows 2000 and ML310 G4

The mission if you choose to accept is to install Windows 2000 on a HP ML310 G4. Sound simple, except that HP does not support this configuration. To make things even more interesting, onboard SATA RAID!

Windows 2000 does not support SATA or SATA RAID natively. You have to provide a driver at the start of installation using F6. Windows 2003 does not have this problem. Since HP does not support this configuration, there are no drivers available. Using the Windows 2003 driver at HP website is able to recognize the RAID volume but on reboot to start the Windows based installer, it gave a blue screen. Strangely this is an Adaptec driver.

On bootup, it shows "Intel 82801GR SATA RAID Controller". Searching through Intel website, reveals that it is part of the ICH7R chipset and that the controller does not use AHCI mode. Downloaded Intel Matrix Storage Manager in various versions. Some can't recognize the SATA RAID controller, some could except it lists all the physical drives!

After two days of fruitless search, time to ask for help. A colleague remembered a similar situation and suggested using Adaptec drivers. Downloaded Adaptec's ICH7R drivers and hey presto! The installer can recognize the RAID volume and installed the operating system successfully.

After installation, in the Device Manager, there was a long list of question marks as Windows 2000 does not have the appropriate drivers. Installed Proliant Support Pack (PSP) 7.7 for the ML310 G4. Fixed almost of it except for USB controller. That is going to cause a problem. Installed PSP 7.6, which is for the G3 version of the server and fixed the USB controller driver issue.

Time to test the RAID functionality. Pulled out and push back one of the harddisks and during bootup it shows as RAID degraded. Login to HP Systems Management webpage, it showed nothing degraded. Started the Array Controller Unit (ACU), it reported none found. It seems that HP Systems tools cannot manage the RAID card. This is going to cause a really big problem.

Since I am using Adaptec drivers that work and Intel drivers can't, time to go fully Adaptec. Downloaded Adaptec Storage Manager v 5.00.16806. It recognizes the SATA RAID card and the degarded RAID volume!. Started the RAID rebuilding. After 24 hours it has completed 68%. Hmmmm.

This chipset relies on the mainboard CPU to do all the hard work. Whereas in a standard RAID card, there is a seperate dedicated CPU for the RAID computation processes.

So at the end of the day, I end up using Adaptec driver and storage manager for an Intel chipset. The RAID driver is operating in AHCI mode! Makes you wonder what in the world is going on.

June 20, 2007

Disaster Recovery and backup software

Prepping two server to demonstrate disaster recovery using Veritas Intelligent Disaster Recovery. Based on track record, not very optimistic but never say die!

Read more for update.

Continue reading "Disaster Recovery and backup software" »

June 16, 2007

Automatic Updates does not work

Recently I found out the hard way that you need to regularly install the patches downloaded by Automatic Updates. Strangely when I decided to click on the yellow shield to install, it kept stuck at "Initializing installation". I have seen this before.

Continue reading "Automatic Updates does not work" »

A tip on troubleshooting a very sluggish computer

Recently my computer suddenly became very slow. The SVCHOST service will start and consume some 80 to 100% of CPU and RAM shot up to 80K++

I made a temp fix by killing the SVCHOST process from Task Manager, which in turn stops my Workstation service. Not good. Survived for a few weeks. Until I sat down one evening to check it out.

SVCHOST is a service that is connecting to the network. One possibly it was corrupted by a virus eg Nimda or Spybot. I know is neither as my network interface is not blinking. Some forums suggested using Sysinternals (now a Microsoft company) Process Explorer.

I installed it and guess who is using SVCHOST?

Continue reading "A tip on troubleshooting a very sluggish computer" »

April 30, 2007

What they don't teach you in your MCSE course.

I have just completed the server modules for MCSE 2003. Strangely there a few things in the administrator's life that are critical but not listed. I will attempt to cover them here.

Continue reading "What they don't teach you in your MCSE course." »

December 5, 2006

SSL enabled non default Outlook Web Access (OWA)

Having problems with your SSL enabled Outlook Web Acess website? Does the SSL port number keeps disappearing from your Internet Information Services (IIS) Manager?

Continue reading "SSL enabled non default Outlook Web Access (OWA)" »

November 27, 2006

IE 7 test drive

After an interesting experience with a user's IE7, thought it will be fruitful to do some test driving myself.

Installed the final version of Internet Explorer 7, it took a long time as it was running a check for malicious software


Continue reading "IE 7 test drive" »

November 24, 2006

Internet Explorer 7 and Outlook 2003

If you have the two software in the same computer, there is going to be a problem when you print HTML emails from Outlook.

The Outlook printout of mail sometimes will have no headers. For example, username, date and time, subject will be missing. I checked the amount of text and it appears that IE 7 is trying to squeeze text into the page resulting in the truncation of the mail header..

Continue reading "Internet Explorer 7 and Outlook 2003" »

November 15, 2006

Error on Technet documentation

Well, it isn't an everyday event that one finds an error on Microsoft Technet web page. I thought I share it here. This is on the Exchange 2003 pre and post SP2 behaviour for the DS Proxy module which provides address book service for the Outlook clients.

Continue reading "Error on Technet documentation" »

How not to run a national IT project

Slashdot has an article on the Biggest IT Disaster Ever. This is on the National Healthcare Service or NHS's project called National Programme for IT, or NPfIT. Some call it "sleepwalking toward disaster".The aim is "an electronic care record for patients and to connect 30,000 GPs to 300 hospitals, providing secure and audited access to these records by authorised health professionals". I guess they don't believe in starting small.

Continue reading "How not to run a national IT project" »

November 13, 2006

Jeff Papows and Lotus Development Corp

I was patting Ted to sleep when a book caught my eye. by Jeff Papows. He left Lotus Development Corp after news reports of discrepancies in his resume. I wonder where is he now.

Continue reading "Jeff Papows and Lotus Development Corp" »

November 10, 2006

MT Blogroll

MT Blogroll Manual | Movalog Plugins: Movable Type Plugins by Arvind Satyanarayan
A plug in to manage links. Quite picky about the browser to do installation.

Continue reading "MT Blogroll" »

November 6, 2006

The journey to being certified MCSE 2003

The journey to being certified. MCSE 2003

The paper that I am currently embarking on is a mouthful of a name "Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure." Hmm why can't they have simplier names?

Continue reading "The journey to being certified MCSE 2003" »

November 3, 2006

IT Service management

Just what exactly does an IT Manager do? Hmm manages the infrastructure, applications eg ERP, network, budget, technology planning, talk to the users and much more.

I have always wondered about this. After quite a bit of Googling, and library crawling, the answer to the question is IT Service Management. Or described in the series of books of IT Infrastructure Library.

Continue reading "IT Service management" »

November 1, 2006

Roaming GPRS problems

Recently had a case of user having roaming GPRS problem in a neighbouring country. His Windows Mobile 5 (WM5) device keeps giving modem errors. Normally we would just write it up as a typical roaming issue.

But this guy is stuck in one place for a week with no Internet access. Oh did I mention he is also a VVIP user? So tried check all the usual Activesync and GPRS settings. No joy.

In the end, have to ask the user to call Singtel. Singtel told the in-country telco to do something about their GPRS. Voila, now connected.

Morale of the story is, when having roaming problems, call your Singapore telco pronto and lean on them. After all you are paying for it.

October 18, 2006

A better Remote Desktop plug in

Ever tried using the Remote Desktop MMC plugin in the Admin Tools folder? Feels great to be able to connect to several servers at one time.

But its strength is also its weakness. The server list cannot be sorted or reordered. Graphics control is minimal.

So after some digging around, I found this sofware RoyalTS from It needs .Net framework 1.1 to work

Vista support is iffy. Website says it is possible to install, but my colleague could never get it installed.

About IT

This page contains an archive of all entries posted to Alfred's Ramblings in the IT category. They are listed from oldest to newest.

Family is the previous category.

ITIL is the next category.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.31