Me and my colleague found an incredibly weird behavior on ESXi, while experimenting with APC PowerChute Network Shutdown and this neat little script – If you want to do a scripted shutdown of a free version of ESX(i), try it out.

Once you initiate the host shutdown through SSH or SOAP API, it won’t shutdown or suspend virtual machines unless they are in “Automatic Startup” list. Ticking the “Allow virtual machines to start and stop automatically with the system.” and adjusting the shutdown delay is not enough. Machines you want shut down when the host is sent the shutdown command need to be part of automatic startup list, ordered or not.

Later, I looked through ESXi documentation and found this to be working as intended, machines that are in “Manual Startup” list can’t be automatically shut down. I think this is unnecessary limitation, that could have been easily avoided.

We do actually have VM’s that are not required to auto start, but still want them to have a graceful shutdown in case of power failure. It would be nice if VMware redesigned this feature…

My company is using Microsoft Exchange 2010 SP1, there we have a few mailboxes that have permanent out of office assistant set for the purpose of informing people that their message has been received and that we’ll process it ASAP. And that’s fulfilling its purpose, but at some point we realized that the notification is sent only once to each email sender. It doesn’t matter how much time has passed between two sent emails, you would always get out of office reply only for the first message.

This is actually all by design, hard-coded, without the possibility to change or modify this behavior. The Microsoft’s intended purpose for OOF is to notify senders that the recipient is out of office, usually on vacation for some period of time. For that objective, usually there is no need for auto reply with OOF info to be sent out more than once. But for our intents and purposes, this will not do. Those accounts have permanent Auto Reply, and we want our server to respond more than once.

But not too often 🙂 Microsoft left out the possibility to modify OOF settings out of the box for a good reason. If an email server would respond with OOF each time it received an email on that particular mailbox, it could be really easy to either purposely or not cause an email loop. Two mail servers would bounce (auto reply) emails until one of them dies or reaches the mailbox limit. Hence, you should be really careful when meddling with  OOF auto reply.

One way I found to make OOF respond more than once is to reset the Auto Reply configuration. Basically, disable it, and enable it right away. The OOF will be sent to each sender again on the first email, at least until the configuration is changed again.

So, one would schedule a PowerShell script to disable/enable OOF on speciefic mailboxes that fit aforementioned intent. Do not reset OOF too often, set the scheduler for an interval of one day at least.

set-MailboxAutoReplyConfiguration -id user.name -AutoReplyState Disabled
set-MailboxAutoReplyConfiguration -id user.name -AutoReplyState Enabled

I’ve been testing out Server 2012 and at one occasion I wanted to install WSUS role on my test server. The installation went smoothly but the post install configuration failed miserably with cryptic errors in the setup log.
I tried with many things suggested on the net… Both with internal and external database, but always failed.

One solution that worked for me is doing a manual installation and performing the post installation configuration with PowerShell. How the heck does this makes a difference – ask Microsoft.

Here is how to install WSUS with external database. I already installed SQLExpress on the machine so why not use it 🙂

Install-WindowsFeature -Name UpdateServices-Services,UpdateServices-DB -IncludeManagementTools

Running post installation configuration form PowerShell (wsusutil.exe is at C:\Program Files\Update Services\Tools):

.\wsusutil.exe postinstall SQL_INSTANCE_NAME="HOSTNAME\SQLEXPRESS" CONTENT_DIR=C:\WSUS

For those interested to use Windows Internal Database, just run:

Install-WindowsFeature -Name UpdateServices -IncludeManagementTools

As same as before, after installation run post install configuration by issuing:

.\wsusutil.exe postinstall CONTENT_DIR=C:\WSUS

Of course replace “HOSTNAME\SQLEXPRESS” with your DB instance, and path to your content dir.

Few days ago there was a sale on Namecheap.com and i got a domain for a 0.89$. Mostly because DynDns.com has drastically shrunk canceled  their free services, I wanted it for personal use for my home machine that gets IP dynamically. Since I’m a fan of DD-WRT and have been using it for quite a while on my home router, I wanted it to update my DNS record when its IP changes. Out of the box DD-WRT doesn’t support Namecheap’s DDNS service but can be customized to work with it.

After an hour or so of testing and googling, here is the only configuration that i managed to get working on latest release of DD-WRT v24-sp2 (05/27/13) std (SVN revision 21676).

DDNS Service: Custom
DYNDNS Server: dynamicdns.park-your-domain.com
Username: yourdomain.com
Password: password you got from namecheap ddns service
Hostname: hostname or enter @ if you want to point directly to your domain

URL: /update?domain=yourdomain.com&password=1111111111111111111&host=

Note: Don’t enter anything after &host= even if you have a subdomain.

Capture

One of our lab networks has access to internet only through SOCKS proxy provided by our contractor. That works fine in most cases, but not for OpenSUSE’s package manager (zypper) since there is practically no support for SOCKS proxies .

One easy and fast workaround is to setup a local HTTP proxy server that will redirect all traffic to specified parent SOCKS proxy. From what I’ve read, Squid doesn’t support SOCKS proxy parent, and honestly i didn’t want to go with it as it seemed like an overkill.

Simple solution was Polipo; small, fast and easy to setup proxy server that supports SOCKS parent proxy. RPM package was already available in SUSE’s repository, downloaded it on another machine, SCPed it to a OpenSUSE box, set a few things and viola.

For the quickest and simplest setup i added these three parameters in /etc/polipo/config file.

daemonise = true
socksParentProxy = "proxy.hostname.or.ip:proxyport"
socksProxyType = socks5

Run polipo. Optionally you can add Polipo to Cron so it will start with the system.

 

Few days ago I installed Hyper-V Server 2012, Microsoft’s free virtualization platform and the equivalent of VMware ESXi.
The very first thing that I was stuck with is that Hyper-V Manager available through RSAT doesn’t have an option to mount an ISO or capture a drive from a machine on which is running. Instead it gives you drives of the Hyper-V host, and that would of course require you to have an ISO or the disc itself present on the host.

For most of us this is very inconvenient, we like the ability to mount an ISO from a network share or our machine. One would think, this a Windows box, no problem, i will map a network drive with my ISOs. The mapping would succeed, but mapped drive (letter) will not be visible in Hyper-V manager when trying to mount an ISO. Ok, the next step that the one would consider is mounting from UNC share directly, but that would also fail, with the message “‘VM’ failed to add device ‘Virtual CD/DVD Disk'” & “User account does not have permission required to open attachment”.

hyperv1

The cause of this is that the Hyper-V is intended to run with VMM Library Server and to mount files from it, not any random share. To circumvent this:

  • You need to assign full NTFS and share permissions to computer account of Hyper-V on a shared folder with ISO’s you want to mount.
  • In AD on the computer account of Hyper-v machine delegate specific service ‘cifs’ to the machine you want your ISO’s mounted from, microsoft calls this constrained delegation.

Here is step by step procedure for the constrained delegation:

  1. Go to Active Directory Users and Computers
  2. Find the Hyper-V server computer account and open up its properties.
  3. Go to Delegation tab.
  4. Select Trust this computer for delegation to the specified services only radio button.
  5. Click the Add button.
  6. Click the Users or Computers… button.
  7. In the Add Services window, click Users or Computers and enter the computer account that will  act as a library server and click OK.
  8. Select the cifs Service Type and click OK.

The resulting setup should look something like this:

Constrained delegation

You could reboot the Hyper-V server just for the good measure.

I’ve ran in to the mentioned issue yesterday, our WDS stopped working just out of the blue. To make it more convenient , only few days after i experimented with PxeLinux one the WDS…

TFTP open timeout

After some googleing it turns out that culprit is the DNS server role located on the same box. Apparently DNS server is randomly allocating ports (2500 of them) in the range of 49152-65535 which can overlap with WDS range, which by default operates from 64001 to 65000.

On Server 2008 R2, the simple solution is to change dword value of “UdpPortPolicy” to 0 – located in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WDSServer\Parameters.
Which will make WDS server check if the port is already in use before trying to use it.

There is no “UdpPortPolicy” parameter on Windows Server 2008, so the solution would be to broaden the port range of WDS server. You could do it through Server manager, under network properties of WDS server, or by command prompt
wdsutil /set-Server /Transport /StartPort:50000 /EndPort:65000

Microsoft KB article for more info: http://support.microsoft.com/kb/977512