Category Archives: Work

Active Directory update

Posted on by
Reply

The student sites are now NT4 free! I reinstalled the last NT4 BDC with Windows 2003 Server today. I also moved the FSMO roles off the upgraded DC to a clean install server, so next up is to demote the upgraded DC and then reformat and reinstall it.
After that is the upgrade for the admin domain, but that involves an Exchange 5.5 server, so much more testing will be needed before we even start thinking about actually doing that.

Dell Tech Support call

Posted on by
2

The harddrive in my less than 3 month old laptop bit the dust today. Being the good guy that I am, I called Dell Support myself instead of burdening the overworked hardware guys, and all I can say is Wow.

  • Entering my Express Service Code actually routed me right to the correct support chain. This is new. I was asked for the info again, but at least I wasn’t shuffled around another time.
  • The woman that I got on the line asked the standard questions, and didn’t put up a fight when I said I’d rather not give an email address.
  • She also didn’t argue when I said “My hard drive has died.” I described the symptoms (not found in BIOS, laptop won’t boot, makes loud clicking noise) and she said: “I’ve got some bad news, we’ll have to replace your hard drive.” I then say that’s fine, and she replies: “But, you are supposed to cry. Am I going to have to kick you in the shins?” I explain that I support users all day and I don’t put anything important on desktops or laptops. She is not amused, still wanting a response.
  • My next statement is “If it is important enough to save, it should be on a server.” She says that sounds just like her brother. I am confused.
  • Five minutes later, after all the address information has been collected, she asks if I’ve seen any good movies lately. I tell her no, I don’t go to many movies. She says I should see National Treasure, but she’s really waiting for The Hitchhikers Guide to the Galaxy to come out in 2006. When I say I didn’t know that was coming out in 2006, she responds that I’ve earned massive brownie points for knowing what it was. When I say that I wasn’t that impressed with it and it was long, I lose all my brownie points. And all future support calls will require me to jump through every hoop possible.

The moral of the story? I called Dell Technical Support and got someone:

  1. Who spoke english as a native language.
  2. Was female.
  3. Had a clue. (This is not gender related, some Dell Techs are just reading the scriptbook without knowing what any of it means.)

There should be a replacement drive here tommorrow or the next day. Yay for good parts service, boo for crappy quality/low MTBF.

New security update from Microsoft

Posted on by
Reply

MS04-040
And they were getting so good at keeping things on the second Tuesday of the month. Oh well, at least they are fixing holes with known exploits in the wild.

Home users, time to visit WindowsUpdate. I’m putting off updating all the lab machines for at least 24 hours to make sure there aren’t a string of “this update hosed my computer/network/server farm/enterprise” posts to NTBugTraq.

Active Directory upgrade

Posted on by
Reply

The student sites are now running on a Windows 2003 Server Active Directory. I learned a few things along the way:

  • Don’t try to reuse an existing server name if it is staticly mapped in your WINS database. The Windows Server 2003 upgrade process will think there is a name collision and use some randomly generated name for the server, UNIVERSI-2345a8 for example.
  • If you have messed around with the User Rights on your NT4 domain, you’d best find the defaults for Windows 2003 and reset them. Updates and other things just don’t install correctly until they are reset. (The Threats and Countermeasures Guide came in pretty handy here too.)
  • Until the workstations DNS server and the default DNS domain name is changed, they keep working right along as if the domain is still NT4 based. Dynamic DNS doesn’t start working until then either.

I still need to move all the FSMO roles off the temporary DC, but that doesn’t need to happen any time soon. I may put any more changes off until winter break.

Lots of portscans this morning

Posted on by
Reply

Looks like there’s a new worm afoot on campus this morning, lots of probes at port 445 and 135 to our portsentry hosts. Maybe this new RBot variant or this Agobot variant.

And we were down to less than 60 open tickets.

Update (11/18/2004): Looks like at least some of these were recently reinstalled Windows XP without all the patches. Most commonly found virus was Korgo.worm.v. But, this mini-outbreak reinforces the usefulness of being proactive with network monitoring and using the quarantine vlan.

gentoo profile updates

Posted on by
Reply

Taking my brain away from the election boondoggle this morning, after an emerge --sync, I was greeted with this:

!!! Your current profile is deprecated and not supported anymore.
!!! Please upgrade to the following profile if possible:
        default-linux/x86/2004.0
To upgrade do the following steps:
# emerge -n '>=sys-apps/portage-2.0.51'
# cd /etc/
# rm make.profile
# ln -s ../usr/portage/profiles/default-linux/x86/2004.0 make.profile

Searching the forums led to one post in german about this. Since I’ve got the luxury of more than one non-production test machine, I went ahead and followed the instructions. All seems to be fine.
A little more poking around in the gentoo documentation, and I found some pretty good advice on this upgrade, seems to be just a file system layout/naming convention change.