Archive for the 'Windows' Category

Single Instance Storage

Single Instance Storage

I was working on a setting up a new storage / backup server for one of my networks.

Some of the requirements were data deduplication, compression, etc.

I had first hacked something together using Windows 2003 R2 and Windows Deployment Services’ Single Instance Storage functionality that is baked in.

It worked; however, it was not without problems. Namely it seemed to take forever for SIS to catch up. To be fair, this was volumes holding at least 2TB a piece.

In addition, the solution was lacking many basic tools for manipulating SIS volumes. 

After setting up storage server and logging in, I dropped to a command line.

sisadmin /i e:

Install SIS on the volume.

sisadmin /e e:

Enable SIS on the volume.

Now for testing…

C:\>
e:
copy c:\windows\system32\shell32.dll file1.dll

 Directory of E:\

11/08/2007  02:55 AM        10,508,288 file1.dll
11/08/2007  02:55 AM        10,508,288 file2.dll
11/08/2007  02:55 AM        10,508,288 file3.dll
               3 File(s)     31,524,864 bytes
               0 Dir(s)  1,887,278,223,360 bytes free

E:\>sisadmin /l e:
Listing SIS controlled files on volume ‘e:’.
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file1.dll
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file2.dll
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file3.dll
3 SIS controlled files found on volume ‘e:’.

E:\>dir C:\windows\system32\shell32.dll
 Volume in drive C is OS
 Volume Serial Number is EC25-1163

 Directory of C:\windows\system32

11/08/2007  02:55 AM        10,508,288 shell32.dll
               1 File(s)     10,508,288 bytes
               0 Dir(s)   7,007,498,240 bytes free

E:\>copy c:\windows\system32\shell32.dll file4.dll
        1 file(s) copied.

E:\>dir
 Volume in drive E is LD0-R0-1000
 Volume Serial Number is 8205-C4FF

 Directory of E:\

11/08/2007  02:55 AM        10,508,288 file1.dll
11/08/2007  02:55 AM        10,508,288 file2.dll
11/08/2007  02:55 AM        10,508,288 file3.dll
11/08/2007  02:55 AM        10,508,288 file4.dll
               4 File(s)     42,033,152 bytes
               0 Dir(s)  1,887,267,696,640 bytes free

E:\>sisadmin /l e:
Listing SIS controlled files on volume ‘e:’.
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file1.dll
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file2.dll
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file3.dll
E3E636E3-F794-11DD-90C3-002219AFCCE9.sis <- E:\file4.dll
4 SIS controlled files found on volume ‘e:’.

It works!

Now I have to test this using real data – this is just a few files.

OVAL – Windows Script – Database

Working on a way to periodically scan my systems for known security problems using the OVAL security definitions.

I downloaded the client and copy to my systems using something I have dubbed the Poor Man’s Systems Administration Kit (PSAM) and another job scheduling program called Visual Cron.

There are two scripts. One is ran locally on the system being scanned for security configuration weaknesses from the OVAL definitions. The other is a script to process the resulting html files generated by the ovaldi.exe program shipped with OVAL.

For the scripts to work, you will first need to setup a DSN within the script. The database behind the DSN  holds the results of the scans. Here is the code for the database / table on Microsoft SQL Server.

The first script is ran and dumps the results of the ovaldi scan into a common folder repository on a central server.

The next script is a vbscript and processes the directory that contains the output oval html files.

Please note, that the script needs to be ran using cscript.exe from \windows\syswow64 on 64 bit machines.  This took me almost a whole day to figure out! You’ll also need to setup the dsn using the odbccad.exe util from syswow64.

Here is the oval html output processing script.

Migrate WSUS Database from Domain Controller to SQL 2005

Okay, so I had made a newbie mistake when installing WSUS into our environment about a year ago. This may occur if you have a limited number of machines for running a small network.

I installed WSUS on top of a domain controller. Everything seemed to work fine in this configuration; however, I wanted to move the database to another SQL Server so that I could better automate reporting of which systems have which updates, etc. Turns out, that it is not very straight forward on how to move the database from a domain controller to another SQL server.

Here is my solution.

I followed the instructions here, but had to modify them slightly.

Migrate WSUS from Local SQL  to Remote SQL Server

The first modification was to ATTEMPT to install SQL Server database services. This install sqlcmd.exe which will be needed for the procedure listed above. Since it is on a domain controller, the SQL Server install will fail.

Once you get to the message above, just hold your horses and switch to a command prompt after having stopped Windows Update Services and the IIS Admin service.

Execute the command listed in the Microsoft article.

Reattach the database on the remote system.

Add the machine account in SQL Server (e.g., DOMAINAME\machinename$) to the SUSDB. Make sure the role is as the Microsoft article suggested.

Next edit the registry as the article suggested. I added my remote server name, and there was one additional key that I changed to a 1. The key was named something like ServerIsRemote with a value of 0. I changed that to a 1.

Rebooted the front end WSUS server and everything worked like a champ after that.