Tuesday, February 28, 2012
Monday, February 27, 2012
Backup Exec - Unable to open a disk of the virtual machine
For testing purpose, I assigned just one LUN to the backup server and the "SAN – Use the SAN to move virtual disk data." works well. After confirming that it works, I assigned the rest of the LUNs to the backup server and create a backup job to backup virtual machines residing in the newly assigned LUNs but the job failed with the following error.
V-79-57344-38277 - Unable to open a disk of the virtual machine.
VixDiskLib_Open() reported the error: You do not have access rights to this file
V-79-57344-38277 - Unable to open a disk of the virtual machine.
VixDiskLib_Open() reported the error: You do not have access rights to this file
The error code leads me to the following KB Article.
I ruled out solution 1 of the KB Article because the permissions was correctly set. I ruled out solution 2 of the KB Article because I am sure that it was not due to application level quiescing. I ruled out solution 3 of KB Article as well because I am able to see the disks online and it is showing healthy.
It means that there is no more solution for me to try. So I did something that I ought to have tried first. Reboot the backup server. That's it, it solved the problem
Thursday, February 23, 2012
Friday, February 17, 2012
Wednesday, February 15, 2012
Symantec backup Exec 2010 HotFix – Feb 2012
http://www.symantec.com/business/support/index?page=content&id=TECH178798&actp=search&viewlocale=en_US&searchid=1329280264040
Method 1 – Using Microsoft URL Rewrite Module
For this method of redirecting from HTTP to HTTPS, you will need to do the following;
- Install the Microsoft URL Rewrite Module
- Install your SSL certificate in IIS 7 and bind it to your website
- Make sure Require SSL is NOT checked under SSL Settings for your website (uncheck the boxes that are checked in this screenshot)
- Copy and paste the following code between the <rules> and </rules> tags in your web.config file in your website root directory.
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
- Test the site by going to http://www.yoursite.com and making sure it redirects
Tuesday, February 14, 2012
Windows Service Accounts Inventory
You have a list of service account names and a list of server names. You need to know which service account is used in which server. You can logon to each server and go through the Services MMC if there are not too many servers and service accounts. However, if you have too many servers or service accounts to check, the following vbscript might be of a little help.
You can download a copy of this vbscript from http://www.mediafire.com/?jfh5w4774w6ayru.
On Error Resume Next Const ForReading = 1 Set objFSO = CreateObject("Scripting.FileSystemObject") 'Open the servers.txt containing the server names for reading 'The results will be written to SvcAcctServers.txt 'Loop through all the server names in the servers.txt file 'Catch the error connecting to the WMI namespace 'Loop through the services.txt file 'Loop through all the Windows services |
You need to two input files to run this script. The first file is servers.txt which contains the name of all your servers. The second file is services.txt which contains the name of all the service accounts.
Example of servers.txt and services.txt:
servers.txt | services.txt |
deServer1 | ArcSvc |
From the command prompt, run the vbscript using cscript.exe. Make sure that the command prompt is open using an account that has administrative access to the server because the script impersonate the account to connect to the server.
C:\scripts\Services>cscript ServiceAcctsInventory.vbs Connecting to deServer1 C:\scripts\Services> |
The results will be written to SvcAcctServers.txt which is tab delimited. Below is a sample of the results opened in Excel.
Server Name | Service Account | Service Name |
deServer1 | ArcSvc | AMS |
deServer1 | ArcSvc | MMS |
deServer1 | ArcSvc | StorageNode |
deServer3 | MSSQLSvc | MSSQLSERVER |
deServer3 | MSSQLSvc | SQLSERVERAGENT |
deServer3 | SFClusterSvc | ClusSvc |
deServer3 | SFMSSQLSvc | MSSQLSERVER |
deServer3 | SFMSSQLSvc | SQLSERVERAGENT |
deServer5 | Error Connecting | Error |
deServer7 | BackupSvc | BackupExecAgentBrowser |
deServer7 | BackupSvc | BackupExecDeviceMediaService |
deServer7 | BackupSvc | BackupExecJobEngine |
deServer7 | BackupSvc | BackupExecManagementService |
deServer7 | BackupSvc | BackupExecRPCService |
deserver2, deserver4, deserver6 and deserver8 do not use any of the service accounts to run its Windows Services so they do not appear in the results. There is an error connecting to deServer5 and it is most likely caused by permission issues, WMI service not working or non Windows systems.
Vmware ESX – VMFS block size
With 1MB block size, the maximum virtual HDD size will be 256GB
File System : VMFS 3.21 , VMFS 3.46
Block Size : 8 MB
Monday, February 13, 2012
Saturday, February 11, 2012
How to create certificate .cer file
How to create certificate .cer file ?
openssl pkcs12 -export -out mycertkey.p12 -in certificate.txt -inkey key.txt
https://www.thawte.com/index.html
convert the .pfx to a .cer
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
Convert PEM file to PKCS#12 format for Windows IIS Web Server
openssl pkcs12 -export -passout pass:"<enter a good password>" -in <faz.dhcp.fnal.gov>.pem -out <faz.dhcp.fnal.gov>.p12 -name "<faz.dhcp.fnal.gov>"
http://www.globalsign.com/support/intermediate/extendedssl_intermediate.php
To generate the needed PKCS #12 Certificate File using OpenSSL do the following:
- Download and install OpenSSL from here.
- Save the three portions of the certificate into three separate files (Note: The Intermediate Certificate is optional, if you were not supplied with one, just skip the steps involving it):
- privatekey.txt – Copy and paste the contents of the private key including the begin and end lines.
- certificate.txt – Copy and paste the contents of the Regular Certificate including the begin and end lines.
- intermediate.txt – Copy and paste the contents of the Intermediate Certificate including the begin and end lines.
- privatekey.txt – Copy and paste the contents of the private key including the begin and end lines.
- Move the three files into the bin folder where you installed OpenSSL (default folder is C:\OpenSSL-Win32\bin).
- Open the command prompt and navigate to the bin folder where you installed OpenSSL.
- Enter the following line and press enter (Omit '-certfile intermediate.txt' if you do not have an Intermediate Certificate):
openssl pkcs12 -export -out certificate.pfx -inkey privatekey.txt -in certificate.txt -certfile intermediate.txt
After the process completes, there will be a certificate.pfx file in the bin directory that can be used to import the certificate into the servers personal certificate store.
Thursday, February 9, 2012
SSL Cert Installation Instructions Microsoft IIS 7
The following instructions are generally only applicable if we automatically generated your CSR during the ordering process. If you provided your own CSR we recommend using our standard installation instructions by Clicking Here.
Create A New PKCS12 (PFX) File For Importing Into IIS
A PKCS12 (PFX) file is a specially formatted file which includes the SSL Certificate, Private Key and optionally any required Intermediate CA Certificates. The file has an extension of .PFX and is compatible with Windows Internet Information Service (IIS).
To create the PKCS12 (PFX) file please visit the Tracking section of our website. Scroll down to the "Create PFX" button. You will be required to enter a password for the file - this ensures the security of the file.
If your CSR wasn't generated during the ordering process you can still using our Tracking system to create a PKCS12 (PFX) file. However, you will be required to provide your associated Private Key when generating the PKCS12 (PFX) file for it to be created successfully.
The PKCS12 (PFX) file may be compressed and saved as a ZIP file, please ensure to UNZIP it before import. The (PKCS12) PFX file should include all required components (SSL Certificate, Private Key and any required Intermediate CA Certificates).
How To Import The PKCS12 (PFX) File Into Windows Server
Importing a (PKCS12) PFX file into Microsoft IIS is generally a straight-forward process. Please review the instructions below of follow the instructions that are provided by Microsoft.
Step 1 : Click "Start" and choose "Run".
Step 2 : In the "Run" dialogue box type "MMC" and click "OK". The MMC should then appear.
Step 3 : Go to the File tab or menu and select "Add / Remove Snap-In".
Step 4 : Click on "Certificates" and click "Add".
Step 5 : Select "Computer Account" and click "Next".
Step 6 : Select "Local Computer" and click "Finish".
Step 7 : Click "OK" to close the "Add / Remove Snap-In" window.
Step 8 : Double click on "Certificates (Local Computer)" in the center window.
Step 9 : Right click on the "Personal Certificates Store" folder.
Step 10 : Choose "ALL TASKS" then select "Import".
Step 11 : Follow the "Certificate Import Wizard" to import your "Primary Certificate" from the .PFX file.
Step 12 : Browse to the .PFX and enter the associated password when prompted.
Step 13 : If desired, check the box to "Mark This Key As Exportable". We recommend choosing this option.
Step 14 : When prompted, choose to automatically place the Certificates in the Certificate Stores based on the type of the Certificate.
Step 15 : Click "Finish" to close the Certificate Import Wizard.
Step 16 : Close the MMC console. It is not necessary to save any changes that you have made to the MMC console.
How To Bind The SSL Certificate To Your Site In IIS 7
Once the SSL Certificate has been imported it is important to now bind the SSL Certificate to your website so that the website functions correctly.
Step 1 : Click "Start", "Administrative Tools" and then choose Internet Information Services (IIS) Manager.
Step 2 : Click on the server name and expand the "Sites" folder.
Step 3 : Locate your website (usually this will be called "Default Web Site") and click on it.
Step 4 : From the "Actions" menu (on the right) click on "Site Bindings" or similar.
Step 5. In the "Site Bindings" window, click "Add" or similar. This will open the "Add Site Binding" window.
Step 6 : Under "Type" choose https. The IP address should be the corresponding dedicated IP address of the site or "All Unassigned". The "Port" which traffic will be secured by SSL is usually 443. The "SSL Certificate" field should specify the SSL Certificate that was installed during the import process above.
Step 7 : Click "OK".
Step 8 : Your SSL Certificate should now be installed and functioning correctly in conjunction with your website. Occasionally a restart of IIS may be required before the new SSL Certificate is recognised.
How To Verify Your SSL Certificate Installation
To check if your SSL Certificate and any required Intermediate CA Certificates have been installed correctly please Click Here and follow the instructions.
Wednesday, February 8, 2012
How to manually install the GFI LanGuard agent
The GFI LanGuard Agent can be deployed manually as follows:
|
Subscribe to:
Posts (Atom)
Amazon