mirco's.net

Updates from October, 2009

• 

  Windows 7 on an IdeaPad S10e

  Mirco 19:01 on Monday, 26. October 2009 | View Comments Permalink | Reply
  Tags: administrator (3), diskpart, driver, ideapad, installation (2), lenovo, microsoft (10), netbook, s10e, upgrade, usb (3), win7, windows (5), windows7

  Last week Microsoft introduced the new Windows 7 to the humble consumer and since I’ve known about the increased performance over Windows Vista from the Beta program it was to to send the installation of Windows XP on my netbook into retirement for good.

  The Atom processor of the S10e doesn’t support 64 Bit operating systems and the onboard graphic isn’t the fastest either. And since I rarely store any data directly on the netbook I won’t need the BitLocker feature, so I went for a solid 32 Bit Home Premium version. These are available as System Builder Version from 69€ to 89€ at retail shops (perfectly legal according to German law). The only differences to the regular retail version is the missing 64 Bit DVD and the lack of Microsoft support.

  The first obstacle was the DVD. The IdeaPad, like any netbook, doesn’t have an internal optical drive. So I have two options:

  1. use an external USB DVD drive
  2. copy the DVD onto a USB thumb drive (at least a 4GB size)

  I went with option 2 because I didn’t want to buy a new DVD drive.

  Before I started to copy I had to prepare the thumb drive using some command. Open the Command Prompt (CMD) as an Administrator (important!).

  c:>diskpart
DISKPART>lis dis
DISKPART>sel dis 3 (3 was my thumb drive)
DISKPART>lis par
DISKPART>sel par 1 (1 usually the only partition on the thumb drive)
DISKPART>format fs=FAT32 LABEL=”Windows 7” QUICK OVERRIDE
DISKPART>active
DISKPART>exit

  Your thumb drive should now be empty and most importantly bootable.

  Now insert the Windows 7 DVD into your DVD drive (D:) on your PC and copy the content to the thumb drive (G:) using Robocopy. (use drive letters that match your configuration)

  c:>Robocopy d: g: *.* /e /copyall

  This could take a while, depending on the writing speed of your thumb drive. Now you can boot the netbook with the memory stick and start the installation process. I still had the original recovery partition which I wanted to keep. I had to choose custom setup to select the system partition for installation. The automatic mode went into a menu loop because the recovery partition (the first partition on the disk) was too small to install Windows 7. A simple error or warning message would have helped at this point.

  The main installation was done within 30 minutes.

  From good tradition the first thing I did was to run Windows Update. It found only 9 updates, most of which where device drivers. but still I missed some functionality.

  • Microphone
  • Bluetooth
  • Energiemanagement
  • Multi Touch function of the touchpad

  Lenovo doesn’t provide any Windows 7 drivers to the IdeaPad S10e, since the device is currently phasing out and is only sold with Windows XP. But the new IdeaPad S10-2 is sold with Windows 7 and besides some minor differences it’s practically the same hardware.

  Here’s a list of needed device drivers:

  • Lenovo Energy Management Driver
  • Synaptics Pointing Device Driver
  • Realtek High Definition Audio Driver
  • Intel Onboard Graphics Driver
  • Broadcom Bluetooth Driver

  For the 3G version of the S10e you’ll need additional UMTS card drivers. There’s a complete list of all working drivers and tools at the ThinkPad Forum (only German content, but the drivers are available in Englisch).

  Update: I just found a video tutorial

  Click here for Part 2

   

  Reply Click here to cancel reply.

  Name (required)

  Email (required)

  Web Site

   
• 

  Tick, Tick, Tick, … Boom!

  Mirco 8:05 on Wednesday, 3. December 2008 | View Comments Permalink | Reply
  Tags: administrator (3), blaster, breach, changemanagement (2), clean, cleaning, consultant, coordination, customer (2), infection, management (5), microsoft (10), operations manager (2), opsmgr (2), patch, patches, scom (4), security (2), server (5), symantec, update, updates (2), virus (2), windows (5), worm (2), wsus (2)

  I still don’t know why I gave into my manager wanting me to postpone my scheduled vacation by a week, so he has some billable hours to report in December.

  So here I was, stumbling into the office after a terrible drive through heavy traffic and a 20km detour because of a roadblock caused by a serious accident. As expected most of my customers administrators where either still not in office or in a meeting. I start the computer and fire up Outlook and the Operations Manager Console, and… Uh-Oh, this can’t be good.

  I was looking at about 1000 critical alerts, all less than 36 hours old and of the same type.

  It turned out that a new Windows worm has appeared over the weekend, infecting computers without a previously released patch and/or old versions of Antivirus Software.

  To say I was surprised of this sort of fallout would be … a huge lie, since I kept telling every responsible stakeholder for months this could be happening anytime at the way they are handling update and patch distribution.

  And it continued to play out just as I had expected it would. Someone found the single patch that would prevent an infection, and everyone with an Administrator account jumped at any server they could get a hold on to install exactly this single patch manually, instead of installing the other 28 – 79 missing patches along the way.

  It also reminded some of them that I had published a process on how to identify and classify servers for automatic update distribution. After all this document was available to everyone for the last few months and presented to management for consideration.

  Two days later most of the monitored servers are responding again, which doesn’t imply they are no longer infected, just patched. But as far as I can tell we are only monitoring about 60% of all servers after all.

  Since there is no active WSUS on the network, all patches had to be downloaded from Microsoft to the servers which took hours. The worm was putting so much additional traffic on the network that the proxy servers collapsed several times. User where constantly complaining about service and accessibility.

  The last company I witnessed this kind of chaos after a virus out brake was during the Blaster era (2001). It took them less than a month after this incident to implement strict policies and processes to prevent this from happening again. And as far as I know it never has since.

  Knowing there are still companies like my current customer out there, that don’t have a clue about processes, security and management only fill me with the assurance that there is still a great potential for future business, if only they would listen to their consultants.

  That’s why the pay us, right?

   
• 

  Relying on the Unknown

  Mirco 9:41 on Tuesday, 2. September 2008 | View Comments Permalink | Reply
  Tags: activedirectory, assignment, business (2), change, changemanagement (2), chaos, company, Consulting (2), customer (2), delegation, department, dns, domain (2), failure (3), it, management (5), merge (2), merger, problem

  When merging different companies, one of the most crucial building blocks of future success is a fully merged and centralized IT Management. Why? Because every attempt I witnessed to try something else created chaos. And that’s something you really don’t want within your IT department.

  A small example. One of my customers bought some small companies and integrated them into their Active Directory, leaving every local administrator with a domain administrator account, because that’s what they had before the migration. Sounds fair for the administrators, but a few weeks later some of the mail servers stopped sending email.

  Someone made some small changes to the DNS service, which was Active Directory integrated, so this reduced the potential causes to the Domain Admin group members… all 120 of them. At first this doesn’t look like a huge number, but if you consider that every local administrator and at some sites even local support personnel had domain administrator privileges, it is much to great a risk to be left unchanged.

  Another small example, at another company. While rolling out a new directory structure and migrating every company site into it, all local administrators where reduced from local Domain Administrators to being Domain Users with delegated privileges. Some of them fought fiercely to regain their old “power” and the CIO was forced by some executives to reinstate them.

  The funny thing was one of them sent an email with a question, that most of the central hotline staff could answer, about a problem he had at his site only minutes after the CIO requested to rejoin this particular administrator. The request was cancelled, after we forwarded this email to the CIO.

  The main problem when merging IT departments is, that in most cases you don’t know anything about the people and their skills. Even if, in this case, they have been running the local IT at some sites for years this doesn’t mean they know what they are doing.

  We all know communication is a crucial part of business success and since IT is a crucial part of today’s businesses it’s even more important to know what is going on in your network, on your servers and who is making changes to what.

  That’s why change management was created.

  Sending an email with a problem to a distribution list of 40 administrators doesn’t necessary solve a problem. It will more likely produce another: The problem assignment.

  This approach has two possible paths of solution.

  1. Everyone thinks somebody else is already on it and ignores the email
  2. Two or more Admins will try to solve the same problem at the same time

  In most cases none of these paths will solve the original problem, because every change of one admin will lead to inconclusive result for the other, thus resulting in more changes.

  Taking some time to think, define and plan how your IT environment should work and how this plan can be realised is the first an one of the more difficult steps, but it in the end it will be worth the effort.

   
• 

  SCOM Agent Trouble

  Mirco 13:16 on Thursday, 28. August 2008 | View Comments Permalink | Reply
  Tags: -2130771964, agent (2), console, error (4), google (4), install, manager (2), msi, operations (2), restart, scom (4), service (2), solution, system center (2), troubleshooting, uninstall

  Two weeks ago I installed the KB954049 on our Operations Manager servers. This “allows” me to update all of our 1500 agents, that are currently deployed.

  Four days, some Alerts form the IDS and multiple retries later there are still 60 agents left and refusing every attempt to be updated to version 6.0.6278.32. I’m still not sure why a domain administrator gets an “Access Denied” when trying to initiate a remote installation but I will figure this out, eventually.

  Today I noticed something new. Several, already updated Agents are grayed out on the status view. The servers are up an running, according to ping. A short look at the Computer Management shows the Agent is running too, but when I try to restart the service I’m prompted with some error message and the ID: -2130771964.

  Unfortunately Google isn’t a great help finding this error. There are only a handful results that focus on installing agents, but I have trouble restarting the service.

  My next thought was to try the Change/Repair option in “Add/Remove Software”, which stopped with the same Error code as restarting the service. Somebody must have been very creative in defining error codes for these agents.

  OK, if I can’t repair it, maybe I can uninstall it… and it worked, with the slight limitation that the uninstaller was unable to remove the installation folder.

  The next step was redistributing the Agent from the OpsMgr console, which went through with no errors at all.

   
• 

  Getting the 100 biggest Agent Queues out of your Operations Manager Database

  Mirco 16:00 on Tuesday, 22. July 2008 | View Comments Permalink | Reply
  Tags: 2007 (3), agent (2), center, database, datawarehouse, manager (2), microsoft (10), operations (2), ops (2), opsmgr (2), query, queue, scom (4), sql (2), system (2), systemcenter, usage

  Getting a decent overview of you Operations Manager Agents sometimes is a bit hard. There’s a nice graph to display the “Send Queue % Usage” but you have to click through every agent status to find the interesting ones. Most likely the ones with a high percentage status.

  Another way, although with less current data would be to query your Data Warehouse with the following statement

  SELECT     TOP (100) vManagedEntity.Path,
                       vPerformanceRule.CounterName,
                       Perf.vPerfHourly.DateTime,
                       Perf.vPerfHourly.AverageValue AS Avg,
                       Perf.vPerfHourly.MinValue AS Min,
                       Perf.vPerfHourly.MaxValue AS Max
  FROM       Perf.vPerfHourly
  INNER JOIN vManagedEntity ON Perf.vPerfHourly.ManagedEntityRowId = vManagedEntity.ManagedEntityRowId
  INNER JOIN vPerformanceRuleInstance ON Perf.vPerfHourly.PerformanceRuleInstanceRowId = vPerformanceRuleInstance.PerformanceRuleInstanceRowId
  INNER JOIN vPerformanceRule ON vPerformanceRuleInstance.RuleRowId = vPerformanceRule.RuleRowId
  WHERE      (vPerformanceRule.CounterName LIKE N'%send queue % used')
  ORDER BY   Perf.vPerfHourly.DateTime DESC,
             Avg DESC

  This query returns the 100 Queue with the highest fill rate. Note, that data in the Data Warehouse DB can be several hours behind the Operations Database.