Database upgrade loop when upgrading WordPress

When I performed an upgrade to WordPress 3.2.1 the upgrade went fine, but when trying to Login to the site it prompted for a Database Upgrade. After executing this, it would result in a blank screen with just the WordPress logo and nothing else.

To fix the problem I had to temporarily remove the file object-cache.php from the wp-content directory and restart the web application. Once I did this the database upgrade worked fine.

It appears the database upgrade process doesn’t like Wincache 1.1, however upgrading Wincache to 1.2.614.0 may possibly fix the problem. Download location: http://sourceforge.net/projects/wincache/files/development/

Posted in Wordpress | Leave a comment

CallerID not displaying on Draytek 2830Vn

I had an issue where CallerID would not display on my phone when a call came in via PSTN on a Draytek 2830Vn ADSL router (firmware 3.3.6_beta). It would display correctly when a call came in over VoIP.

Draytek support advised me to run the following command from a telnet session to the router, which fixed the problem for me.

voip dsp relaydbounce off

Posted in ADSL | 2 Comments

Publishing PRTG Network Monitor through TMG 2010

I encountered an issue where certain graphs would not display at all when accessing PRTG Network Monitor 8.4.1.2282 on the outside of a Microsoft TMG 2010 firewall, and an error would be displayed every minute or so when I was connected to the site. If I accessed the PRTG site on the inside of the firewall, all graphs were displayed fine and no errors were shown.

The error displayed in the web browser was:

From the TMG logs I could see some http traffic getting blocked and the following error recorded:

Blocked by the HTTP Security filter: URL normalization was not complete after one pass

Upon identifying the error, I figured that it was related to one of the HTTP filtering settings on the publishing rule that publishes the site through TMG. On the Traffic tab for the rule in TMG, select the Filtering -> Configure HTTP button to display the following page:

To fix the problem I turned off the Verify Normalization setting which changes the way TMG handles URLs with a lot of escaped characters such as % (which was heavily used in some of the PRTG Network Monitor web pages having problems).

A description of the Verify Normalization feature can be found on this page : http://technet.microsoft.com/en-us/library/cc302627.aspx

I assume this problem would exist on ISA 2004/2006 in addition to TMG 2010 as they all operate in a similar way.

Posted in Microsoft Server | Leave a comment

Draytek SNMP OIDs for Monitoring

Vigor Routers support MIB II. Please download the standard MIB II and ADSL-LINE-MIB.

The items below are the ADSL-LINE-MIB that Vigor Routers support.

OID for supported ADSL LINE MIB

———————————————————-

1.3.6.1.2.1.10.94.1.1.1.1.1 adslLineCoding
1.3.6.1.2.1.10.94.1.1.1.1.2 adslLineType
1.3.6.1.2.1.10.94.1.1.1.1.3 adslLineSpecific
1.3.6.1.2.1.10.94.1.1.1.1.4 adslLineConfProfile
1.3.6.1.2.1.10.94.1.1.1.1.5 adslLineAlarmConfProfile

1.3.6.1.2.1.10.94.1.1.3.1.1 adslAturInvSerialNumber
1.3.6.1.2.1.10.94.1.1.3.1.2 adslAturInvVendorID
1.3.6.1.2.1.10.94.1.1.3.1.3 adslAturInvVersionNumber
1.3.6.1.2.1.10.94.1.1.3.1.4 adslAturCurrSnrMgn
1.3.6.1.2.1.10.94.1.1.3.1.5 adslAturCurrAtn
1.3.6.1.2.1.10.94.1.1.3.1.6 adslAturCurrStatus
1.3.6.1.2.1.10.94.1.1.3.1.7 adslAturCurrOutputPwr
1.3.6.1.2.1.10.94.1.1.3.1.8 adslAturCurrAttainableRate

1.3.6.1.2.1.10.94.1.1.5.1.1 adslAturChanInterleaveDelay
1.3.6.1.2.1.10.94.1.1.5.1.2 adslAturChanCurrTxRate
1.3.6.1.2.1.10.94.1.1.5.1.3 adslAturChanPrevTxRate
1.3.6.1.2.1.10.94.1.1.5.1.4 adslAturChanCrcBlockLength

Above information is courtesy of www.draytek.com.

Posted in ADSL | Leave a comment

Billion 7404VGPM SNMP OIDs for Monitoring

PPP uptime is 1.3.6.1.2.1.2.2.1.9.6 but the value returned is in timeticks. timeticks are 100ths of a second since system boot time.

system uptime – (timeticks/100) = ppp uptime

Downstream:
SNR: 1.3.6.1.2.1.10.94.1.1.2.1.4.3
Attenuation: 1.3.6.1.2.1.10.94.1.1.2.1.5.3
Sync Speed: 1.3.6.1.2.1.10.94.1.1.4.1.2.3

Upstream:
SNR: 1.3.6.1.2.1.10.94.1.1.3.1.4.3
Attenuation: 1.3.6.1.2.1.10.94.1.1.3.1.5.3
Sync Speed: 1.3.6.1.2.1.10.94.1.1.5.1.2.3

Traffic: Upstream/Downstream:
InOctects = 1.3.6.1.2.1.2.2.1.10.6 (Downstream)
OutOctects = 1.3.6.1.2.1.2.2.1.16.6 (Upstream)

Posted in ADSL | Leave a comment

Steps to setup a new FTP site in IIS 7.5

Assuming the FTP Virtual server has been configured already, setup access to a new site as follows:

  1. ​Under the settings for the Web Server (Root node) select IIS Manager Users and create and enable a new user.
  2. Under the Root FTP Site (Virtual Server) select IIS Manager Permissions and add the user you created in the previous step.
  3. Create a virtual directory under the Root FTP site/LocalUser for the user (must match username).
  4. Click on the created virtual directory and in the right pane select FTP Authorization Rules and add the user with Read/Write permissions.

That’s it!

Posted in Microsoft Server | Leave a comment

WordPress updates failing

The fix the problem of WordPress updates not working do the following :-

Give the IUSR account modify permissions to the wordpress folder on your web site.

Posted in Wordpress | 1 Comment

Add script mappings for Perl after ActivePerl Installation (IIS 7.5 64-bit)

Run the following commands:

C:\Perl64\bin>ap-iis-config list sites (to get the list of sites and their numbers)

ap-iis-config add map –ext .pl –site <sitenumber> –type cgi
Posted in Microsoft Server | Leave a comment

FTP User Isolation in IIS 7.5

To configure the IIS Manager FTP Users and FTP User Isolation in IIS 7.5 I followed the following articles….

http://learn.iis.net/page.aspx/305/configuring-ftp-75-user-isolation/

http://learn.iis.net/page.aspx/321/configure-ftp-with-iis-7-manager-authentication/

Posted in Microsoft Server | Leave a comment

Moving SharePoint content databases to another installation

Steps I followed to move my SharePoint (WSS v3) Content Databases to SharePoint 2010 on another server (including upgrade) were:-

  1. Detach DB from SQL2008 on original server using SQL Management Studio.
  2. Copy the .mdf and .ldf files for the content database to the DB folder on the new server.
  3. Attach DB to new SQL 2008 R2 server using SQL Management Studio.
  4. Create web application in SharePoint 2010 Central Administration using the same URL as the original site (must be exact name).
  5. After the site has been created successfully, delete its default content database from SharePoint Central Administration.
  6. Copy the SSL certificate (including private key) from the original server to the new server and import into the Certificates/Local Computer store.
  7. Configure the IIS Bindings (IP Address, SSL, Host Headers, Ports) for the new SharePoint web site.
  8. Run the powershell command from the SharePoint Management Shell to attach the DB to the web application in SharePoint 2010. This process also upgrades the database. ( Mount-SPContentDatabase -Name STS_<name>_848357356 -DatabaseServer <servername> -WebApplication https://sp.<domain>.com/ -Updateuserexperience )
  9. Configure the correct Alternate Access Mappings (AAM) for the site in SharePoint Central Administration.
  10. Change the Web Publishing Rule on the TMG server to point to the new SharePoint server.

That’s it!

Posted in Microsoft Server | Leave a comment

Anonymous Relay on Exchange 2010

To configure anonymous relay in Exchange 2010 I had to create a receive connector on the Hub Transport server and run a powershell command.
Anonymous relay is restricted to individual IP addresses in this scenario.
The process is described in the following article : http://technet.microsoft.com/en-us/library/bb232021.aspx
Posted in Microsoft Server | Leave a comment

Monitoring non-domain members with SCOM 2007 R2

To monitor non-domain members I had to do the following:-
  1. Add the CA’s certificate to the Trusted Root Certification Authorities store on both the RMS and the Monitored server.
  2. Create a certificate for both the RMS and monitored server with OIDs of 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 (Server Authentication and Client Authentication) and use the FQDN as the Name and Friendly Name for each certificate.
  3. Install the created certs on the RMS and monitored servers.
  4. Run MOMCertImport on the RMS to import the RMS servers certificate into SCOM, then restart the System Center Management service on the RMS.
  5. Do a manual SCOM agent install on the target monitored server and install any applicable CUs.
  6. Run MOMCertImport on the target server to import it’s certificate for SCOM use, the restart the System Center Management service.
  7. Approve the manual agent installation from the Pending Installations section of Administration in the SCOM console.
  8. Create a runas account for an account which has administrative access on the target server. Specify servername\account as the account name to create it as a local account.
  9. Edit the profile for the Default SCOM Action Account, to specify the created account as the Action Account for the target monitored server which should be in the list of servers.
Some important notes:
  • Server must have a FQDN, so if it is in a workgroup add a domain suffix manually.
  • The server being monitored must be able to resolve the FQDN of the SCOM server. If no DNS servers are specified, add a HOSTS file entry for the SCOM server.
  • MomCertImport /remove can be used to remove installed SCOM certificates.
  • Syntax of MOMCertImport is as follows:
momcertimport /subjectname <fqdn of cert> OR
momcertimport <full path to pfx for cert>
Posted in Microsoft Server | Leave a comment

Error creating SCOM 2007 R2 SQL Report Model

I had an error when I tried to Deploy a report model in Business Intelligence Studio. Error was as follows:
There was an exception running the extensions specified in the config file. —> System.Web.HttpException: Maximum request length exceeded
The fix was to change <httpRuntime executionTimeout=”9000″  /> to <httpRuntime executionTimeout=”9000″  maxRequestLength = “16384” /> in web.config under D:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer
The Default Web Site hosting the ReportServer and Reports virtual directories for Reporting Services must be restarted after the web.config change.
NOTE: After this I could deploy the model but couldn’t generate a report based on that model in SCOM due to a datasource1 error. To fix this I had to:
2. Click on “Data Sources” -> “Operations Manager DW”
3. Select “Credentials stored securely in the report server” under “Connect Using:”.
4. Enter <domainname>\<username> for username and type password.
5. Select “Use as Windows credentials when connecting to the data source”.
6. Click Apply
Posted in Microsoft Server | Leave a comment

Install HP ACU on ESX4

To install the HP Array Configuration Utility on ESX4 I did the following:
1. Install the latest HP Proliant Support Paq for VMware ESX 4.
2. Install HP ACU Web Site (rpm -ivh cpqacuxe-8.50-5.0.noarch.rpm)
3. Install the HP ACU CLI for Linux (rpm -ivh hpacucli-8.50-6.0.noarch.rpm)
4. Start the HP ACU Web Site (cpqacuxe -R)
5. Add a firewall rule (esxcfg-firewall -o 2301,tcp,out,HPACU)
The HP ACU can now be accessed through the HP Systems management home page.
Posted in HP, VMware | Leave a comment

Install SCOM 2007 R2 Agent on ESX4

On ESX Host :-
(Indented lines are optional)
rpm –e scx (To cleanup previous failed installation)
cat /proc/sys/kernel/random/entropy_avail (To view current settings)
dd if=/dev/urandom of=~/.rnd bs=1 count=1024
esxcfg-firewall -o 1270,tcp,in,SCOMAgent
esxcfg-firewall -q (To check rule is in place)
rpm -q scx (To check version of UNIX SCOM Agent)
less /var/opt/microsoft/scx/log/scxcimd.log (To view installation logs)
service scx-cimd status (To view SCOM UNIX Agent Status)
On SCOM RMS Server :-
Copy scx-host-<servername>.pem from /etc/opt/microsoft/scx/ssl to RMS server (e.g. D: drive)
From command prompt, change directory to \program files\system center operations manager 2007\ on RMS server
scxcertconfig -sign d:\scx-host-<hostname>.pem d:\scx-host-<hostname>-new.pem
Rename original file to something else on ESX host (to keep backup)
Copy the file scx-host-<hostname>-new.pem to /etc/opt/microsoft/scx/ssl and rename to scx-host-<hostname>.pem
Run /opt/microsoft/scx/bin/tools/scxadmin -restart
Rediscover UNIX host in SCOM Console.
In SCOM Console :-
Add UNIX Low Privilege and UNIX High Privilege accounts and add them to the appropriate Profiles (Basic Authentication Accounts). Assign the accounts for use only by particular server/s.
Posted in Microsoft Server, VMware | Leave a comment

Enable Client Recovery in DPM 2010

To enable client recovery I had to enable port 6075 Incoming on the DPM servers firewall (this should be done automatically when you set up a client protection group in DPM 2010 RTM).
You also have to do the schema extensions under “End User Recovery” in Options on DPM server.
See this article fix a fix for implementing schema updates on Windows 2008… http://scdpm.blogspot.com/2009/11/enable-end-user-recover-in-dpm-fails.html
Posted in Microsoft Server | Leave a comment

Enable the Mark keys as exportable Option with Windows 2003 Certificate Services

Procedure

In order to allow the private key to be marked as exportable, follow these steps:

Open the Certificate Templates mmc snap-in.

Right-click on the Web Server template and choose Duplicate Template.

Under the General tab, name the template.

Under the Request Handling tab, select Allow private key to be exported and click OK. Close the mmc.

Open the certification Authority administrative tool (Administrative tools > Certification Authority).

Right-click the Certificate Templates node, click New > Certificate Template to Issue.

Select the correct template to add (find the template name you created in step 3) and click OK.

Now the certificate is added and should be ready for use.

Open your Web browser and point to the certificate authority server (http://<your-server-name>/certsrv).

Select the correct template to issue (find the template name you added in step 7).

You can see that the option to export the private key is now available.

Posted in Microsoft Server | Leave a comment

Configure CA to Issue Certs with SAN (Subject Alternate Names)

How to configure a CA to accept a SAN attribute from a certificate request

By default, a CA that is configured on a Windows Server 2003-based computer does not issue certificates that contain the SAN extension. If SAN entries are included in the certificate request, these entries are omitted from the issued certificate. To change this behavior, run the following commands at a command prompt on the server that runs the Certification Authority service. Press ENTER after each command.

certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc

How to create and submit a certificate request

When you submit a certificate request to an enterprise CA, the certificate template must be configured to use the SAN in the request instead of using information from the Active Directory directory service. The Version 1 Web Server template can be used to request a certificate that will support LDAP over the Secure Sockets Layer (SSL). Version 2 templates can be configured to retrieve the SAN either from the certificate request or from Active Directory. To issue certificates that are based on Version 2 templates, the enterprise CA must be running on a Windows Server 2003, Enterprise Edition-based computer.

When you submit a request to a stand-alone CA, certificate templates are not used. Therefore, the SAN must always be included in the certificate request. SAN attributes can be added to a request that is created by using the Certreq.exe program. Or, SAN attributes can be included in requests that are submitted by using the Web enrollment pages.

How to use Web enrollment pages to submit a certificate request to an enterprise CA

To submit a certificate request that contains a SAN to an enterprise CA, follow these steps:

  1. Open Internet Explorer.
  2. In Internet Explorer, connect to http://servername/certsrv.

    Note servername is the name of the Web server that is running Windows Server 2003 and that has the CA that you want to access.

  3. Click Request a Certificate.
  4. Click Advanced certificate request.
  5. Click Create and submit a request to this CA.
  6. In the Certificate Template list, click Web Server.

    Note The CA must be configured to issue Web Server certificates. You may have to add the Web Server template to the Certificate Templates folder in the Certification Authority snap-in if the CA is not already configured to issue Web Server certificates.

  7. Provide identifying information as required.
  8. In the Name box, type the fully qualified domain name of the server.
  9. Under Key Options, set the following options:
    • Create a new key set
    • CSP: Microsoft RSA SChannel Cryptographic Provider
    • Key Usage: Exchange
    • Key Size: 1024 – 16384
    • Automatic key container name
    • Store certificate in the local computer certificate store
  10. Under Advanced Options, set the request format to CMC.
  11. In the Attributes box, type the desired SAN attributes. SAN attributes take the following form:
    san:dns=dns.name[&dns=dns.name]

    Multiple DNS names are separated by an ampersand (&). For example, if the name of the domain controller is corpdc1.fabrikam.com and the alias is ldap.fabrikam.com, both of these names must be included in the SAN attributes. The resulting attribute string appears as follows:

    san:dns=corpdc1.fabrikam.com&dns=ldap.fabrikam.com
  12. Click Submit.
  13. If you see the Certificate Issued Web page, click Install this Certificate.
Posted in Microsoft Server | Leave a comment

DHCP Relay for Wireless network through TMG/ISA

For DHCP to work through TMG/ISA, the two firewall rules need to be configured and enabled, as well as DHCP Relay Agent in RRAS pointing to the address of the Internal DHCP server and a Wireless Interface on the DHCP Relay Agent for listening for requests.

Posted in Microsoft Server | Leave a comment

Change Terminal Services Listening Port

Change the PortNumber value under:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
Same under 2003/2008/2008R2
Posted in Microsoft Server | Leave a comment