As submitted to http://acanac.org/blogs/geek/

If you're an avid reader, you probably already know that I am a big fan of SmoothWall Express.  I currently run version 3.0 and it serves as a multi-purpose appliance in my home network.  It's a router, a firewall, a DNS manager, an intrusion detection system (IDS), and it's a lot of fun.  Diving back into the Linux world after so many years away was challenging, but with huge help from the the community forums over at http://smoothwall.org - it couldn't have been any  easier.

I run what's called a red-green-orange-purple network.  Exciting isn't it?  Take a look at the image below for a little more detail and explanation.  I grabbed this image from http://www.linux-tip.net.  Basically the networks are as follows:

• Red - Incoming Internet connection - basically my DSL modem
• Green - Standard internal network for all of the computers and devices (and a few servers)
• Orange - DMZ Server network managing mail and web servers
• Purple - Wireless segregated network

In case it wasn't clear, each colour coded network runs on it's own subnet and is isolated from the others.  Each colour is also an individual nic in the server.  Obviously this greatly improves the security of my home network.  This weekend I set out to configure the purple network that was never set up properly.  Totally my fault :)

So, for my purple setup I used a D-Link DL-524+ wireless-g router.  In order to do this, you have to configure it to run in wireless access point (WAP) mode.  All you have to do is set the router to a static IP within the subnet and turn off DHCP within the router.  Please note that you have to have DHCP enabled on the SmoothWall purple interface for this to work.  To select your new router/WAP IP, look at the gateway address.  If your gateway (purple network) is something like 192.168.30.1, then your WAP IP should be something like 192.168.30.55.  If you are really stuck with this part, visit the forums and do a bit more reading.  In my case, the problem I had with my setup is that I had the WAP plugged into the wrong nic on the SmoothWall computer.  That was my stupid mistake for the day!

Since then I have slept much better knowing that my easily cracked wireless (does secure wireless really exist?) is isolated from the rest of my network.

For the past two years I have struggled with being a Microsoft SQL Server Reporting Services 2000 and 2005 administrator.  A lack of tools makes managing enterprise implementations of this product very challenging at best.  Our setup consists of four individual instances of SQL Reporting Servers 2005 (upgraded last year from 2000).  This includes environments for development, quality testing, user testing, and production.

Having multiple environments creates the first problem - how do we migrate or promote large quantities of reports from one environment to the next?  The second largest problem that we face is updating the data source for each report once promoted.  This isn't for every case, but it does happen on a regular basis.  A couple of days ago I had enough with the frustrations and went on the hunt for a new tool to help us out.

I looked at command line tools and GUI based tools and finally I stumbled upon SSRS Explorer on CodePlex. This tool covers them all - SQL 2000, 2005, and 2008.  SSRS Explorer makes your implementation easy to navigate by creating an explorer style view of each instance you connect to.  You can simply highlight and right-click a group of reports that you wish to download, then connect to the next instance and bulk upload them.  Easy as that.

You can also select multiple reports and then set the data source for all of them, which sure beats loading up the details of each report through the browser and manually setting the new data source.  The tool also allows you to download folders, so that you can recreate the folder structure somewhere else.  Each object in the explorer allows you to view its properties and permissions, making administration a snap. 

You can also create, delete, and rename folders, reports, and data sources.  Don't take my word for it - try it out!

In a recent article that I read in Information week, Microsoft has stated that Windows Server 2008 cuts power consumption by 10% over the previous Windows Server 2003 operating system.  Server administrators and financial officers the world over will be ecstatic to find that the newest enterprise-class server operating system from Microsoft running with 20 active clients could save around $30 in power costs over the course of a year.  Wow!

Now you may not think that $30 is all that exciting.  At first glance I didn't.  Then I did the math.  My current employer has about 120 Windows 2003 servers.  With that many servers saving $30 per year, an upgrade to the new OS could save us $3600.  Against our million dollar operating budget - that's huge.  Ok, while I may be exaggerating a bit, savings are savings.  In today's corporate cut-throat world, and with the soaring cost of electricity, every penny counts.  What's more, you will be doing your part to green up the earth and ease the stress on the electricity networks during peak load times.

The article also speaks to virtualization as a means to save money on power consumption.  Hold on there cowboy!

In theory, running multiple server instances on one box equates to power consumption for one server, and the rest are virtually free.  Hmmm wouldn't the hardware be required to do more work, thus increasing the power consumption requirements?  That is absolutely correct.  Tack onto that the increase overhead of virtualization which includes added complexity, additional support staff, increased downtime, exponential growth in risk factor, and decreased performance.  Virtual doesn't look so appealing after all.

All in all, I wouldn't rush out to buy Server 2008 for the power savings.  I would recommend it for all of the other great stuff it provides over the previous family of Windows Server products.  You can read about some of the great reasons to upgrade at Microsoft's Why Upgrade? site.

As submitted to http://acanac.org/blogs/geek/

Last night I embarked upon a mission to get my media drives back online.  Not sure what I am talking about?  Let me start from the beginning then.  I have a decent sized home network.  I have multiple servers in a rack which include web servers, database servers, firewall and routing appliances, domain controllers, and miscellaneous other devices.  Recently, I did a bit of a server consolidation and merged certain services and servers to create a more efficient design.  The goal was to eliminate a server through this project and that was what I did.  The problem was that when I was done, I had some IDE drives left over that couldn't fit into my new SCSI based system that held the domain controller which used to double as a file server.  That was a mouthful.  So I went a couple of weeks with network storage while I devised a plan.

What I came up with brought back the eliminated system, which totally messed up my plan to green up my server room.  lol

Back to yesterday...  I rebuilt the old AMD 1200+ system with the IDE drives and got ready to learn about FreeNAS.  FreeNAS is a free NAS server built on the FreeBSD platform.  One of the great things about it is that it runs from a CD.  You basically just plug a small USB key into the system to write server configuration to, then set the bios to boot from CD.  It's as simple as that.  Well, there might be a few extra steps, but not many!  When you boot it up for the first time, you have to use a console to complete some very basic setup.  Using the menu based system you can assign an interface and setup you IP address.  Once that is complete, simply load the web interface from any browser on your network and finish the configuration.  I won't get into all of the details here, the FreeNAS wiki has all you need to get up and running. 

FreeNAS will allow you to connect to a domain or run standalone.  It also works with multiple file systems.  I added one UFS drive and two NTFS drives and it had no problem with either of them.  The system will monitor the drives using S.M.A.R.T. and email you if there are any problems.  It literally took just over an hour to get the whole thing going and configured just the way I wanted it.  If you are in the market for a NAS setup, I strongly recommend checking it out!

Brian McCann has written a wonderful article over at AdminPrep.com in regards to completing your own domain controller health check.  The article, as reproduced below, shows a complete set of steps that you can walk through to make sure your DC is on the up and up.  I really love when people write these little guides - especially when I feel that such things should come with the products.  Lets face it, Microsoft clearly wasn't thinking simplicity when they designed Active Directory. 

I didn't find the list of tasks to be overly complex and I would recommend scripting the whole thing and running it on a weekly or monthly basis.  Here's the full story:

I get asked over and over about what I do when I'm performing a health check on a domain controller. Below you will see some of the commands that I use when I need to ensure my domain controllers are still healthy after some sort of change...like patching.

The Event Viewer is always a must. I look at all the logs before and after the update to the domain controller looking for abnormal events. With the pre-check I usually go back a month of logs to get more historical data. I then run through a couple command line utilities. One thing I always do is pipe my commands out to a text document. This just makes it easier for me to read and also search for failed events.

Dcdiag.exe /v >> c:\temp\pre_dcdiag.txt
This is a must and will always tell you if there is trouble with your DCs and/or services associated with it

Netdiag.exe /v >> c:\temp\pre_Netdiag.txt
This will let me know if there are issues with the networking components on the DC. This along with the post test also is a quick easy way to ensure the patch I just installed is really installed (just check the top of the log)

Netsh dhcp show server >> c:\temp\pre_dhcp.txt
Some may not do this but I've felt the pain of a DHCP server somehow not being authorized after a patch. This allows me verify the server count and names.

Repadmin /showreps >> c:\temp\pre_rep_partners.txt
This shows all my replication and if it was successful or not. Just be aware that Global Catalogs will have more info here than a normal domain controller.

repadmin /replsum /errorsonly >> c:\temp\pre_repadmin_err.txt
This is the one that always takes forever but will let you know who you are having issues replicating with.

After I run and check the pre_ scripts I update my server. When it is done I run post_ scripts which are the same thing but this allows me to verify them against the scripts earlier.

Hopefully this helps you when you troubleshoot your domain controllers but by no way is this an all encompassing list of things to do. These are the standard steps I take but I would love to hear what you all do as well. Feel free to jump over to my blog and leave a comment to let everyone else know what you do as well.

Having a background as both a developer and a system administrator, I have a very big interest in virtualization tools.  Recently, I have spent a fair amount of time using VMWare to house multiple testing environments that I don't have the physical hardware for.  At the moment, I have only good things to say about the latest versions of the product.  This post is about a mistake that I made - not a shortcoming of the product.  A while ago I created a Windows XP virtual pc so that I could try out Visual Studio 2008, without messing with my Vista setup.  Recently, I was forced into installing Visual Studio 2005 on that same image, in order to create a workaround to some problems I have been experiencing with Visual SourceSafe 2005.  I'll write another post about that shortly. 

I chose the virtual pc for the VS2005 install because I am running VS2008 on my Vista system and I had no idea what impact it would be adding VS2005 after the VS2008.  I kind of chuckled to myself when the installation told me that I couldn't continue because it had calculated my free space after the install to be -1.5 GB.  You see, I had created a 10GB virtual hard drive for this install back when I created it.  Now, I had to increase the size of the drive to accommodate the new software.  I had a suspicion that this would not be an easy feat, but as it turns out - it's not that tough.

A fellow by the name of Carl Tyler provided an excellent post on how to do this, and the comments include a lot of useful information.  The first thing that you need to do is to tell VMWare to increase the size of the disk.  This won't automatically make the drive bigger, but it will increase the available free space on the virtual disk.  The command can be run from the VMWare installation directory and looks like this:

The last two parameters identify the new size of the virtual disk and the actual name of the virtual disk file respectively.  Once you do this, head on over to Knoppix and download their ISO cd image.  Set VMWare to boot from the ISO by selecting VM --> Removable Devices --> CD ROM --> Edit from the start menu.  Browse for the ISO, then start up your virtual machine.  When asked to press a key to boot from Knoppix, I would suggest that you do it.  Once Knoppix loads, click on the start icon (same location as in Windows) and select the 'System' group, then 'QTParted'.  QTParted is a linux-based partition manager, a utility that Microsoft has failed to deliver with it's historical OS's.  In QTParted, select the drive that represents your virtual drive.   In my setup, it was /dev/hda.  When it shows up in the right-hand pane, right-click on it and select resize.  Then drag the sizing slider all the way to the right.  Click Ok, then select 'Commit' from the file menu.  Once it completes, change the mapping of your virtual CD ROM back to your physical CD ROM and reboot.  Voila!  The bigger partition will now be usable and all of the data will be intact.