Page 1
Standard

SNMP Cannot adopt OID in UCD-SNMP-MIB errors on Raspberry Pi

As I’m a fan of new tech stuff I also have several Raspberry Pi’s in my home. One offcourse as mediacenter, but also I have one that is acting as FTP box for backups and my Private Cloud on my 100/100 home fiber connection. This Pi is running also Cacti and as the Raspberry Pi has an internal temperature sensor I was interested in showing this on my Cacti installation.

I followd this great tutorial on howto read the temp and output it. Check it out at: http://www.onestep2.at/en/blog/remote-sensor-raspberry-pi-locale-temperature-monitoring-snmp-and-cacti

But before i got to setting this up i had some issues with SNMP. My snmpwalk for testing showed a lot of errors:

Cannot adopt OID in UCD-SNMP-MIB

To fix this you can simply run the following command:

sudo apt-get install snmp-mibs-downloader

This will download the missing MIBs and apply them into your system. With the next SNMPWALK a lot of errors where gone, and the SH script for reading my Raspberry Internal Temperature was showing its correct value output, something like: Temp:40.1

Standard

Check the progress of the Shrink Database task in SQL Server

Today I had to shrink a database that was about 250GB and had 100GB free space to create some space on the disk. After running the command you are not able to see the progress of the Shrink, and as this can take some time you want to see how the action is proceeding.

To see the progress of the Shrink Database task you can run a query that will give you some information about the task. Run the following Query in a “New Query Window”

SELECT
percent_complete,
start_time,
status,
command,
estimated_completion_time,
cpu_time,
total_elapsed_time
FROM
sys.dm_exec_requests
WHERE
command = 'DbccFilesCompact'

This will show you the following information: “Percent_complete”, “start_time”, “cpu_time” and some more information. Keep in mind a shrink can take some time!

Standard

Microsoft Dynamics AX 2012R3 CU8 demo vm shutting down

Because we have a support case with the MSFT team I was asked to download some Microsoft DEMO vm’s for Dynamics AX 2012R3 CU8. When i downloaded the VM’s and started these everything was working fine for a few minutes. I was making some modification when suddenly the VM shuts down. Now I found out the License was Expired and then the Machine auto shuts down.

This can be tracked in the EventViewer where the VM tells you it is shutting down because of an evaluation version.

Rearm the machine to keep working

You can rearm the machine so it will stay online and you can keep testing with it. To do this follow the steps below:

  1. Login to the Virtual Machine with the Administrator credentials
  2. Start an elevated CommandPrompt (run as administrator)
  3. run the following command:
    slmgr /dlv
    Check if you can still rearm the machine (remaining number of rearm)
  4. run the following command to rearm the machine
    slmgr /rearm
  5. Reboot your server
  6. Njoy
Standard

VMware Workstation and Hyper-V on Windows 8.1

As I’m working a lot with Dynamics AX and the Microsoft Demo VM’s, i was in need of VMware and Hyper-V on my notebook so I could run my VM’s for VPN and run Hyper-V for the Microsoft DEMO machines.

Now you can install both of them in Windows 8.1, but when you try to start VMware you get an error message:

VMware Workstation and Hyper-V are not compatible. Remove the Hyper-V role from the system before running VMware Workstation.

This message is because the Hyper-V role is installed on your workstation and it is not compatible with VMware. To work around this issue you can modify the Hypervisorlaunchtype for Hyper-V. I made 2 CMD files with the following content. Run them as Administrator and you can enable or disable Hyper-V so you can work with either VMware or Hyper-V.

You must reboot your system after running the CMD files

Disable Hyper-V (to work with VMware) save this file as CMD file
@echo off
echo Turning off Hyper-V services
pause
bcdedit /set hypervisorlaunchtype off
echo Modified the BootFile, please reboot...
pause

Enable Hyper-V (to work with Hyper-V) save this file as CMD file
@echo off
echo Turning ON Hyper-V services
pause
bcdedit /set hypervisorlaunchtype auto
echo Modified the BootFile, please reboot...
pause

You need to run both the files as Administrator

Standard

Perflib (WmiApRpl and BITS) on Server2012 and SharePoint 2013

I have been searching for a way to get rid of some performance counter errors (WmiApRpl and BITS) on my SharePoint 2013 installation for a while but couldn’t find the answer. Today I decided to have a look with Process Monitor and finally found a solution.

The w3wp process tries to access to registry keys but does not have the permissions.

After granting the WSS_WPG group full control(you probable can get away with a little less) to the following registry keys, the errors went away.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance

Standard

DDoS / rootkit infection mikrjcfxwr

This week one of my XenServers for testing environments was suffering from Network loss and packet loss. My ISP did only see some broadcast traffic and was not sure what was going on.

The machine was sometimes responding and had most of the time a very high ICMP reply. After checking into this I found some strange cron jobs and strange files in /usr/bin and /lib after killing they came back under a new name. Also in /etc/init.d/ i found some strange scripts. They all appeared under strange names like:

  • mikrjcfxwr
  • smtqqusisa
  • getty
  • jfcqxcpocz

Now the steps to clean this machine where:

  1. Check the file /etc/crontab to see if you have an entry that runs every 3 minutes and delete this line:
    * /3 * * * * root /etc/cron.hourly/cron.sh
  2. Now use the ps -ej command to find the Parent process of the rootkit. This will be the first entry you see when running ps -ej
  3. Important step is to STOP the process and NOT kill it! Stop it with the PID from the previous command
    kill -STOP 1462
  4. Now check again to see the children have died, and the parent is still alive.
    ps -ej
  5. Next step is to delete all the files related to this virus. Check the following folders:
    /usr/bin
    /etc/init.d/
    /bin/
    /lib/libgcc4.so OR /lib/libgcc4.4.so
  6. Check the /etc/cron.hourly/cron.sh file to see what is was calling. Also check the init.d folder to see where the files are stored and remove them.
  7. Now kill the parent process and you should be clean and up and running!

Reminder!

The process can use different names!

Standard

Linux: Error, some other host already uses address

The last week I did a migration from a Virtual Machine (VMware based) from ISP A to ISP B, and after starting the machine it worked fine. Then I needed to add a new IP to the eth0 interface so I made an ifcfg-eth0:0 config file with the new IP.

After starting the eth0:0 i got the message:

Error, some other host already uses address

I was sure the IP was free, and I needed the IP attached to an interface so i could get a license for some software i was using.

Then I did some checkup in the ifup-eth file to see if I could bypass the check, and this was possible!

In the script ifup-eth I found a query and did modify this:

/etc/sysconfig/network-scripts/

# if ! /sbin/arping -q -c 2 -w 3 -D -I ${REALDEVICE} ${ipaddr[$idx]} ; then
# net_log $”Error, some other host already uses address ${ipaddr[$idx]}.”
# exit 1
# fi

As you can see we did comment out the check only! So the command works and can bring up the device. Now i finally could retrieve the file and my software started working.

Now i wanted to know what Device is using the IP address. To check this i took the command in the ifup-eth file and modified it:

/sbin/arping -c 2 -w 3 -D -I eth0 123.123.123.123

Replace 123.123.123.123 with your IP address of the device that is not willing to start.

This will show you the MAC address. Now Happy Hunting!

Standard

Missing Private Key on IIS

Yesterday I was working on a new Sharepoint setup for a customer, and this website needed to be SSL only. So only on HTTPS instead of both HTTP and HTTPS. The customer did help us by already buying the Certificate.

When I got at the point I wanted to install, I did just finish the wizard in IIS, and installed the p7b certificates. So all the certificates were installed in the proper location and in the Computer MMC and not the USER mmc (when starting MMC open the Certification Snap in as Computer and not User!).

I noticed i was missing the private key, while the certificate was installed properly. This way i was not able to select the SSL certificate for the Website in IIS. Asking the customer they told me they generated the CSR on a different machine.

WIth the DIGICERT TOOL we could export the whole pfx and then we did an import on the IIS machine using the same tool again. We could then repair the SSL Certificate.

So To move an SSL certificate without the PrivateKey you can use the DIGICERT Tool to Export the current certificate and key and then import it. Keep in mind you MUST have access to the machine where the CSR was generated.

Standard

Disable Telephone number link on iPhone/Android

This evening I was updating a website for a customer and noticed on my iPad and iPhone that Tel: +31 (0)123 456 789 numbers got a different color instead of the color i submitted in the CSS code.

As i didnt do any CSS on the element i started searching and found out you can prevent this by adding a metatag:

<meta name="format-detection" content="telephone=no">

This should prevent mobile browsers to mark telephone numbers as blue / hyperlinks.

Standard

Auto Update on SharePoint servers

Somewhere in October Microsoft decided to add a SharePoint update to the Windows Update system. This caused some Sharepoint servers that had enabled Auto Update to stop working and throwing errors all around the place.

Now on most servers we have disabled the following function:
Give me updates for other Microsoft products when I update Windows

 

This should disallow Windows Update to update Office applications like SharePoint, except it didnt do this for the update that Microsoft did sneak into a Windows update!

This resulted in a new Best Practice for our SharePoint servers to not Auto Update the SharePoint servers, we know this could be a possible Security risk, but it also could lead to a non working SharePoint Farm!

Recommedation:

Let Windows only download the updates and manually install them so you can check for hidden updates. You can change this in the Control Panel –> System Security –> Windows Update, and just change the settings there.