Aug 282014

Hope this saves someone some time:  RDP was not listening on TCP 3389 on a new server build.  Followed the standard troubleshooting (verify registry, re-create RDP listener, etc). When showing hidden devices in device manager, tdtcp (tdtcp.sys) was not enabled.  NIC is HP373i (Broadcom), but the tdtcp driver would not load until after I installed the HP Network Configuration Utility (NCU)  + reboot.  Tip your waitress.

Aug 262014

Merely as a thought experiment (I like SCOM and Nagios both), if one were to implement Nagios [Icinga, et al.] to cover the same functionality as SCOM, what would be the quickest and surest way?

SCOM and Nagios both do nothing — they’re just frameworks for collecting data and figuring out if it meets criteria to alert or report on.  SCOM without Management Packs is like Nagios without plugins: useless.  The most important part of monitoring is knowing what you want to monitor, but the documentation for hardware and software aren’t generally very specific.  “Monitor the event logs for stuff with Red by them” isn’t useful.  SNMP MIBs without any corresponding declaration of ‘normal’ is a start, but it’s not good.  It’s time-consuming to start from scratch (even from “Best Practices” whitepapers) and try to figure out what to monitor, what’s normal, and what the severity is when things aren’t normal.

The best documentation for monitoring Microsoft products (or anything with a SCOM management pack), is the management pack.  Load up a SCOM console (eval copy works fine), download the free MPViewer utility, download the management pack(s) you need, install them, then open MPViewer and view the management pack contents.  Discovery is much more difficult with Nagios (an exercise for the reader), but if you’re looking for monitors and rules for 90% of use cases (eventlog id’s, service status, perfmon counters, network status), it’s pretty trivial to convert to NSClient++/NSCP checks.   Someone savvy enough could probably automate a great deal of it, though I bet Microsoft’s lawyers might object….




 Main  Comments Off
Jul 182014

Ever notice that the Park – Reverse – Neutral – Drive (“PRND”) in an automatic car is “paranoid” without the vowels?  Also matches:





 Computers, Main  Comments Off
Apr 132014

My WordPress installation sent me an email this morning, saying I was the only person with a blog who hadn’t written about heartbleed, and I only have one thing to add, really.

Heartbleed describes a bug in OpenSSL, most succinctly explained by the xkcd: Heartbleed Explanation comic.  It’s a routine programming bug, but the incomprehensible aspect is that the OpenSSL authors actively worked around system malloc’s and rolled their own: to make you vulnerable that much faster (“exploit mitigation countermeasures”).  Other bugs that have been logged for years are presumably being reviewed.  Nothing new to add there.

But I say that critical infrastructure exploits should all have better names, though ‘heartbleed’ isn’t bad — a heartbeat function that bleeds information.  But instead of rolling your own, or going by generic CVE entries, we should pre-allocate alphabetical names, like they do for hurricanes.  Except I’d name them after waitresses, not just generic female names.  So, instead of ‘heartbleed’ we’d start with ‘Amanda.’

  • Amanda (one of my favorite waitresses)
  • Betty (I don’t know a waitress named Betty, but I imagine she’d be really good).
  • Chelsea (who isn’t a waitress any more; she’s a parole officer).
  • Dotty (Like Betty, I don’t know a waitress named Dotty.  I bet Dotty’s a good waitress, but not as good as Betty).
  • and so on.

Everyone could have action plans and themed PowerPoint templates ready.  Next critical infrastructure bug?  Pull out the “Torie” slides, and Bob’s your uncle.  That’s all I have to say.  Thanks.

Mar 072014

SCCM 2007 report to show patch status details per Update List and Collection.  You can get here by drilling down 4 reports deep, individually, for hundreds or thousands of your servers, or you can just run this, throw it into Excel, and filter and munge at will.  Much faster.

-- Shows all patch status details, given an Update List and a Collection. Export it to Excel and monkey with it there.
-- Based off of the stock "Compliance 1 - Overall Compliance" report.

 FROM v_AuthListInfo
 WHERE CI_UniqueID=@AuthListID

 v_UpdateInfo.DatePosted As UpdateDateReleased,
 v_UpdateInfo.DateRevised AS UpdateDateRevised,
 v_UpdateInfo.InfoURL AS UpdateInfoURL,
 v_UpdateInfo.Description AS UpdateDescription

FROM v_UpdateInfo

 INNER JOIN v_GS_PatchStatusEx AS ps ON v_UpdateInfo.CI_UniqueID = ps.UniqueUpdateID
 INNER JOIN v_FullCollectionMembership AS fcm ON ps.ResourceID = fcm.ResourceID
 INNER JOIN v_CIRelation cir ON cir.ToCIID= v_UpdateInfo.CI_ID
 INNER JOIN (v_CICategories_All
 INNER JOIN v_CategoryInfo
 ON v_CICategories_All.CategoryInstance_UniqueID = v_CategoryInfo.CategoryInstance_UniqueID
 AND v_CategoryInfo.CategoryTypeName = 'Company')
 ON v_CICategories_All.CI_ID = v_UpdateInfo.CI_ID

WHERE fcm.CollectionID = @CollID
 AND ps.AgentInstallDate IS NULL --this shows errors only. Comment it out for reports on installed updates.
 AND cir.FromCIID = @AuthListLocalID
 AND cir.RelationType = 1

ORDER BY fcm.Name

-- Create two prompts, for Update List, and Collection
-- AuthListID
-- Update List ID (Required)
if (@__filterwildcard = '')
 select distinct CI_UniqueID as AuthListID, Title as Title from v_AuthListInfo order by Title
 select distinct CI_UniqueID as AuthListID, Title as Title from v_AuthListInfo
 where ((CI_UniqueID like @__filterwildcard) or
 (Title like @__filterwildcard))
 order by Title
-- CollID
-- Collection ID (Required)

 if (@__filterwildcard = '')
 select CollectionID as CollectionID, Name as CollectionName from v_Collection order by Name
 select CollectionID as CollectionID, Name as CollectionName from v_Collection
 WHERE CollectionID like @__filterwildcard or Name like @__filterwildcard
 order by Name

Resume in Markdown

 Main  Comments Off
Aug 172013

It used to be a sign of technical prowess to compose a resume in LaTeX — you wanted to take the extra effort to make a professional, beautiful document. Now, unfortunately, nobody reads printed resumes — employers just want something to copy-and-paste into a database field so they can search for whatever isolated skillset they’re looking for. Nice-looking PDF’s may not fit the bill; copying and pasting may lose all the nice ligatures. Where you mention “Office”, pasting into Word will drop the “ffi” ligature into gibberish, and you’re left with “Oce”. Unless you’re looking for a printer job, this isn’t what you want.

And, face it, almost everyone wants a Microsoft Word copy.

IT staff need to keep their resumes current, regardless of job search status. Employers may want an internal database. They may provide a bundle of resumes to prospective clients, to show off their staff competence — happened for me recently.

A lot of people have recently concluded that Markdown (in Pandoc) is an easily-maintainable and portable text format suitable for publishing resumes. For example:

Problem is that the PDF’s I’ve seen are serviceable, but they’re bug-ugly. The Microsoft Word output is nice, but you still want a decent-looking PDF.

This zip file includes a XeTeX template that I like. The Makefile also generates a Windows-formatted text file suitable for a raw copy-and-paste into online forms. Zips all the output formats into one file, so you can just email someone the whole thing. Pick one.

Name your resume something like “” and update the “ME=” line in the Makefile to match “your_name”, run `make clean && make` and Bob’s your uncle. Thanks.


Mar 172013

UPDATE: Disk Cleanup Wizard addon lets users delete outdated Windows updates on Windows 7 SP1 or Windows Server 2008 R2 SP1 (KB2852386)


I picked up an HP t5740e thin client off eBay, as I had deployed some at a prior job.  Window Embedded Standard 7 (32-bit), with 2GB RAM and 4GB flash.  Set it up the way I want it, re-enable the write filter, and Bob’s your uncle.   But the default HP build includes components that take up a lot of space, and I have no need for them — namely, the text-to-speech components, the natural language components, and the SAT performance tests (sample movies).

While logged in as Administrator, with the write filter disabled:

dism /online /Get-Packages

You’ll get a list of all packages installed in the running image. Find the ones you want to delete. Then delete them. Reboot.

dism /online /Get-Packages

dism /online /Get-PackageInfo /packagename:WinEmb-Natural-Language~31bf3856ad364e35~x86~~6.1.7601.17514

dism /online /Remove-Package /PackageName:WinEmb-Accessibility~31bf3856ad364e35~x86~~6.1.7601.17514
dism /online /Remove-Package /PackageName:WinEmb-Natural-Language~31bf3856ad364e35~x86~~6.1.7601.17514
dism /online /Remove-Package /PackageName:WinEmb-Speech-LP-ENU~31bf3856ad364e35~x86~~6.1.7600.16385
dism /online /Remove-Package /PackageName:WinEmb-Speech~31bf3856ad364e35~x86~~6.1.7601.17514
dism /online /Remove-Package /PackageName:WinEmb-Diagnostics-Performance~31bf3856ad364e35~x86~~6.1.7601.17514
Aug 142012

Went to extract email addresses from different Outlook .pst’s and other exported files to import into LinkedIn.  Any email client will export to text files.

To extract email addresses from Outlook, try this Visual Basic script.  That’s not just a Contacts export; it extracts Sender addresses from email messages.

Throw everything into one file.  Then extract email addresses, as:

$ egrep -io '[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]+' < input.txt | tr "[:upper:]" "[:lower:]" | sort -u >output.txt
May 072012

What perverse incentives exist to prevent Sun/Oracle from streamlining Java installations on Windows?  They have FAQ items that have been unresolved for years.  Don’t tell me you can’t reproduce them; I can.  You’d think that routine professional curiosity would impel them to troubleshoot a live customer issue.  Sheer laziness.

I had a workstation today that would not install the 6.0_update32 JRE, getting the error “error 2753 regutils.dll”.

Sun/Oracle’s ‘troubleshooting’ is worthless.  Nobody else’s was any help, either, though.  JavaRa gave it a good try. (Seriously, you just have a comprehensive list of registry keys and files/directories to delete.  That’s all.)

So, fire up procmon, include “msiexec.exe” and see what pops up….

Simple enough.  The installer thinks there’s another conflicting existing installation:

Delete the registry key (and subkeys):



So, why can’t Sun/Oracle release a utility to clean up all traces of Java?  Laziness, pure and simple.  This has been a pain for admins for years.  Fix your installer.

cf the .NET Framework Cleanup Tool

The SAP Elf

 Main  Comments Off
Apr 132012

I laugh every time I see this screen in SAP …

… because I know what the girl on the right is thinking …

For posterity, here’s an edited picture that doesn’t make the girl on the left have pointy ears.

There went my lunch hour.

Mar 112012

DISCLAIMER – I DON’T DO C. And my Perl isn’t great, either.

I routinely browse the openbsd-cvs mailing list, and I saw this easy openbsd-cvs bug fix (“Fix a stupid bug in tcpdump print-bgp.c“) the other night when doing some really late-night, partial-involvement sysadmin work.  So I decided to pass the time (“stay awake”) by doing a regex exercise to find similar patterns in the OpenBSD source tree.

Continue reading »