Mike's Realm chown -R us ./base

27Feb/111

Automated P2V Cleanup: Remove/Uninstall Dell OpenManage & Broadcom/Intel Drivers v1.1

This is an updated version with more Intel removal goodness...see my previous post for more information on Automated P2V Cleanup: Remove/Uninstall Dell OpenManage & Broadcom/Intel Drivers

This Removes:

  • Dell OpenManage Server Administrator
  • Broadcom Drivers and Management Applications
  • Broadcom NetXtreme II Driver Installer
  • Intel(R) PROSet for Wired Connections
  • Intel(R) PRO Network Connections
Share
20Feb/119

N-1000 Command Reference Cheetsheet

Posting this command reference as a cheatsheet for those trying to setup a Honeywell (previously Northern Computers, Inc.) N-1000 panel at home.  These are the basics for programming it:

Remember to prepend all commands with a space before typing them!

- Panel buffers and prints all activity

- Set Pulse Time on Output 1 to 1 Second

- Assign Reader 1 to Output 1

- Add Card 01110 to database during Timezone 1 on Reader 1

- Set time to 20:48

- Set Panel name as "House Panel"

- Set Reader 1 name as "Garage Reader"

- Set Output 1 name as "Garage Door"

- List all cards in database

- Energize Output 1 for 1 Second

Share
15Feb/112

The Journey to Virtualizing 180+ Remote Sites and their 500+ Servers using ESXi “Free”

Close to a year ago we proposed the idea to virtualize all the servers at our remotes sites.  It took a significant amount of time to prove the value of virtualizing these remote sites, build the business case, present it, finally get approval, then create the in-depth project plan.  As of today we have 10% of our sites virtualized.

One of the major decisions we made was to use ESXi Free--we had a lot of push back at first, but continued to explain any risk of using the free product was mitigated with our plan.  For the technical folks it was simple, ask them:  What does licensing ESXi get you?  Most people who were asked this didn't know the answer--the big hit is vCenter.

No vCenter?

Yes thats right--no vCenter.  The biggest frown here is no centralized console to manage everything from.  To us that isn't a big deal--we've been manging distributed systems for years without a centralized management console.  All the hosts are setup with  Active Directory authentication so Role Baesd Access Control (RBAC) is cake, and the staff that need access have just the access they need.

We do not have shared storage in the remote sites so we can't really take advantage of clusters--and along with that DRS, DPM, HA, FT, etc.  as well as vMotion...

vCenter does provide all the hardware and performance monitoring, but we have that covered to...

What about monitoring?!

At the VMware level

The hosts are monitored by Veeam Monitor Free is a fantastic product that will give us the nice dashboard and aggregate alarms and performance from all the remote hosts.  It's awesome that Veeam offers this product for free.  The only limitation we've really noticed thus far is email alerts of these alarms.

At the Hardware level

Hardware is monitored using Whatsup Gold! with a monitor against the DRAC for hardware status--Whatsup will generate the email alerts on any hardware issues.

I posted howto setup this monitor on the WhatsUp Gold Community site: Dell Server Hardware Monitor VIA DRAC (SNMP Monitor)

What about updates?

While vCenter Update Manager is nice we can patch the hosts  using the vSphere Management Assistant (vMA) appliance--look out for posts in the future on how we accomplish this.

Here we are about a month and a half into the actual conversion process!

I've already posted some of our obstacles in previous posts and how we avoided/got around them, but stay tuned for more--like how we actually handled provisioning 180+ ESXi hosts.

Share
Tagged as: , , 2 Comments
13Feb/113

WordPress:MU Fix Broken Images after upgrade from 2.x to 3.x

Making the move from WordPressMU 2.x to 3.x isn't all seamless. If after you upgrade all your uploaded images are broken download a broken image (because the webserver is actually serving an image, just your browser can't read it). Open this image in notepad and you should see something like:

If you followed the upgrade instructions exactly you deleted the file /wp-content/blogs.php. Well thats a problem, in WordPress 3.0 they decided to move the function of /wp-content/blogs.php to /wp-includes/ms-files.php. Now if you have broken images and you still have blogs.php--it's still a problem with your rewrite rules anyway because the old 2.x version of blogs.php isn't going to work now that you have upgraded everything else to 3.x.

To fix this we need to update your rewrite rules in the .htaccess file
Find the line:

And replace it with:

It's that simple, now to see it take effect you will need to clear your browser cache, use another browser, or force reload (Ctrl+F5 typically)

Share
12Feb/112

LikeWise Open: Adding Domain Group to Sudoers File

So now that your cranking using LikeWise, you want to use it for all your admins and you need to give them access to sudo all.
Run visudo as normal:
sudo visudo
Then add a line at the bottom like so: (remember to press I to switch to edit mode so you can add this)
%DOMAIN\\linux^admins ALL=(ALL) ALL

When your done hit escape then type:

:wq

This will write the file out and exit visudo

Some things to note:

  • The % MUST be the first character on the line
  • Escape the slash between domain & user with a slash (double slash)
  • Use ^ in place of spaces
  • Obviously replace DOMAIN with your domain
  • If you have problems try dropping case on the group name
Share
Tagged as: , 2 Comments
12Feb/110

Automated P2V Cleanup: Remove/Uninstall Dell OpenManage & Broadcom/Intel Drivers

So how many times have you done a P2V only to have to go back and manually cleanup all the extra crud a physical server requires--Dell OpenManage Server Administrator(Dell OSMA), Broadcom Drivers and Management Applications, Intel Drivers and Management Applications, etc.  Now expand that to having to do over 500 P2Vs in a few month span and you find the need to automate....

Presenting a huge honking script to automate those pesky uninstalls, right now it's only Dell specific, but I plan to expand it to other vendors like IBM & HP.

This Removes:

  • Dell OpenManage Server Administrator
  • Broadcom Drivers and Management Applications
  • Broadcom NetXtreme II Driver Installer
  • Intel(R) PROSet for Wired Connections
  • Intel(R) PRO Network Connections
Share
11Feb/115

LikeWise Open: Change Default Shell

LikeWise by default will have users on /bin/sh since not all systems have bash--correct that and make your users happy:
sudo /opt/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]' LoginShellTemplate /bin/bash
sudo /opt/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\Local]' LoginShellTemplate /bin/bash
Then simply refresh Local Security Service:
sudo /opt/likewise/bin/lwsm refresh lsass
Now you also need to clear LikeWise's Active Directory Cache if users have already logged in and you want it to take effect immediately:  (if this is done during setup you can skip this step)
sudo /opt/likewise/bin/lw-ad-cache --delete-all

Enjoy

Share
Tagged as: , 5 Comments
10Feb/112

LikeWise Open: Restrict Login by Groups

So once you get LikeWise setup, one of the first things that comes up is howto restrict access to prevent just anyone from being able to login.  You can leverage Active Directory groups via LikeWise to require a user to have membership of one of the group(s) you define.

LikeWise changed how this is done from previous versions, now you need to edit the LW registry like so:

sudo /opt/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory\]' RequireMembershipOf "domain\\domain^admins" "domain\\unix^admins"

Yes you need the double slash--this escapes the slash properly.  Also if it isn't obvious replace domain with your domain name.  You can specify as many groups as you want, just encase in quotes and leave a space as shown above.  Now you simply refresh the Local Security Service like so:

sudo /opt/likewise/bin/lwsm refresh lsass

And your done, easy-peasy with LikeWise

Some things to note:

  • Remember to escape the slash between domain & user with a slash (double slash)
  • Use ^ in place of spaces
  • Obviously replace DOMAIN with your domain
  • If you have problems try dropping case on the group names
Share
Tagged as: , 2 Comments