Stuff I Do

I have Comcast for my home internet connection and I have the 16Mb pipe. The cable modem and wireless router sit in the basement and we normally work from the main floor. The problem is that I am not seeing any speed at all on my connection. And by no speed I mean 3Mb down and 400k upload.

If I go straight from the cable modem to my laptop I get over 20Mb down and 1.5Mb up. Crap that kind of points to the router as my problem. It is a Linksys router running the OpenWRT. The reason I am using this firmware instead of the stock is that I wanted to get rid of my internal servers to save power and the last service I needed to provide was internal DNS. OpenWRT gives me that ability. Since I have no other routers anymore to try out, I can either downgrade the firmware to the stock release from Linksys or buy a new router and see what kind of speed I get there.

Arrrrgggggghhhhhh!!!!!!!

UPDATE
So running some tests all through the same router with the same OpenWRT software build on the router.

I have two laptops I am testing with and here are the results:
HP Pavilion ZV5000
Wireless speed: 6Mb
Wired speed: 13Mb

MacBook Pro
Wireless speed: 4Mb
Wired speed: 13Mb

The uploads were all around the 400K speed.

Looks like I need to find a way to tweak the wireless speeds and the upload speeds.

UPDATE #2
On the router I disable the G-Mode Protection settings.
HP Pavilion ZV5000 now at 7Mb
MacBook Pro now at 10Mb

UPDATE #3
Now on the router I have set it to only G mode and got rid B settings.
HP Pavilion ZV5000 no at 9Mb
MacBook Pro now at 11Mb

Don’t think I have any more B mode devices anymore, but that could be an issue if I come across a long forgotten device.

UPDATE #4
Got my uploads figured out now. No longer capped at 400k I am now getting 1.5Mb uploads.
Apparently even though the QoS Service is disabled, there is a setting called QoS Overhead Calculation which by default is on. Once this setting is also disabled, everything uploads quickly.

After all this I kind of feel bad for gripping at the Comcast people on the phone when it was not them that hosed the connection. {blushes} I hate being that jerk.

These instruction are for setting up rsyslog and phpLogCon on CentOS 5.3. It is assumed you have a working Apache and MySQL setup. Configuration of these two packages are outside the realm of this document.

On the Linux server I wanted to host the rsyslog database I ran yum install -y rsyslog-mysql on my CentOS 5.3 machine. Once installed went to the path of cd /usr/share/doc/rsyslog-mysql-2.0.6/. In this location you will see a file called createDB.sql which is the scheme needed to make using phpLogCon easy to use. To create this database type mysql -u MySQLusername -p < createDB.sql You will be prompted for a password for the account you entered and then the database will be created.

Edit the /etc/rsyslog.conf file to add in the mysql connection information at the top of the config file. I am using FROMHOST instead of HOSTNAME as I wasn't getting any hostnames with the former.
$ModLoad ommysql.so
$template dbFormat,”insert into SystemEvents (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values (‘%msg%’, %syslogfacility%, ‘%FROMHOST%’, %syslogpriority%, ‘%timereported:::date-mysql%’, ‘%timegenerated:::date-mysql%’, %iut%, ‘%syslogtag%’)”,sql

*.* : ommysql:192.168.1.100,Syslog,MySQLusername,MySQLpassword;dbFormat

Stop the normal syslog daemon
service syslog stop

And set it to never come on
chkconfig syslog off

Set rsyslog to start at boot
chkconfig rsyslog on

And then start the service
service rsyslog start

You should now have messages showing in your MySQL database. If you do not check the /var/log/messages to see if there is an error in your rsyslog.conf file.

Once you are sure you are getting messages in your database you can use the phpLogCon application to have a nice web interface over the top of the database. Download from http://www.phplogcon.org/, I am using version 2.6.2 for this tutorial. Once downloaded unpack it and move the src directory to the web server path mv src /var/www/html/phplogcon Out of the contrib directory copy both the configure.sh and secure.sh to /var/www/html/phplogcon. Change to the web directory cd /var/www/html/phplogcon and then run the configure script by typing ./configure.sh Open a web browser and enter the path to this site http://servername/phplogcon to start the configuration of the site. Click NEXT until you get to Step 7 and make sure the source type is MySQL, the Database Name is Syslog and the table name is SystemEvents and then enter your MySQL username and password. You now have a function phpLogCon page.

On the Linux clients make sure you install the rsyslog-mysql module the same way you did on the server by typing yum install -y rsyslog-mysql

Edit the /etc/rsyslog.conf file to add in the mysql connection information at the top of the config file.
$ModLoad ommysql.so
$template dbFormat,"insert into SystemEvents (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%FROMHOST%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",sql

*.* : ommysql:192.168.1.100,Syslog,MySQLusername,MySQLpassword;dbFormat

Stop the normal syslog daemon
service syslog stop

And set it to never come on
chkconfig syslog off

Set rsyslog to start at boot
chkconfig rsyslog on

And then start the service
service rsyslog start

Refresh your phpLogCon web page and you will now see two entries from the Linux client, one is a kernel message the other is a syslog message.

Anything that has a syslog capability can now point to the rsyslog server, such as HP JetDirect cards and Cisco network gear. All the messages are available in one location and you can filter and search for issues on your network.

In our Active Directory domain we do not allow the clients to resolve outside domain names. This is because we have a very restrictive web browsing policy and people are only allowed access out if a manager says they can, and even at that point it goes through a proxy server that blocks 99% of the internet. The added benefit is that this really curbs any virus or spyware issues. Even though we don’t let user workstations out of the network, there are other vlans that definitely need out. At the time we were very limited on the number of Windows servers we could purchase and place so we went with Linux to provide this name server for these vlans. Below is the config and how resolve both internal and external names and I will describe what each section involves.

Line 6-14 list the subnets that are allowed access to this name server. If you are not in this subnet and you request a name resolution from this server, you will be denied.
Line 18-21 lists the name servers for outside (internet) name resolution. These are the OpenDNS ip addresses.
Line 25-33 tells named that for the domain ‘domain.com’ resolve those names to the internal Active Directory DNS servers.
Line 35-55 lists the zones for reverse name resolution. These zone names must match the reverse name in your AD DNS servers.

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        version "not currently available";
        allow-query {
                127.0.0.1;
                10.1.4.0/24;
                10.1.6.0/24;
                10.1.7.0/24;
                10.1.15.0/24;
                10.2.4.0/24;
                10.2.7.0/24;
        };
        allow-transfer {
                none;
        };
        forwarders {
                208.67.220.220;
                208.67.222.222;
        };
        forward only;
};

zone "domain.com" IN {
        type forward;
        forwarders {
                10.1.100.100;
                10.1.101.101;
                10.2.100.100;
                10.2.101.101;
        };
};

zone "1.10.in-addr.arpa" {
    type slave;
    file "slaves/1.10.in-addr.arpa";
    masters {
                10.1.100.100;
                10.1.101.101;
                10.2.100.100;
                10.2.101.101;
    };
};

zone "2.10.in-addr.arpa" {
    type slave;
    file "slaves/2.10.in-addr.arpa";
    masters {
                10.1.100.100;
                10.1.101.101;
                10.2.100.100;
                10.2.101.101;
    };
};

include "/etc/rndc.key";

Our maintenance department uses a CMMS package called MP2 for all maintenance work orders. The software is based on a MSSQL back end which has allowed us to create many additional reports and web interfaces to help the maintenance staff handle the work orders. Some of the work orders are scheduled PMs and they have a due date. Part of their review is making sure they have the work orders closed on time so to help them out I created a SQL Server Reporting Services report that will email them a list of work orders that are due the next business day.

First I have to get a listing of all the work orders that are due the next business day and then if it is Friday, get all the work orders that are due up through Monday. Below is the TSQL to get that info:

select
	wo.wonum,
	woeqlist.location,
	equip.description,
	wo.taskdesc,
	wo.wotype,
	wo.atfirstname + ' ' + wo.atlastname as fullname,
	wo.schedfinishdate
from
	wo left join woeqlist on wo.wonum = woeqlist.wonum
		join equip on woeqlist.eqnum = equip.eqnum
where
	schedfinishdate
		between
			cast(convert(char, getdate(), 101) as datetime) + 1 and
			case
				when (select datename(dw, getdate())) = 'Friday' then cast(convert(char, getdate(), 101)as datetime) + 3
				else cast(convert(char, getdate(), 101) as datetime) + 1
			end
	and status != 'C'
order by wonum

This will return the work order number, which plant location the equipment’s name, what the title of the work order is, type of work order, who is assigned to the work order and the date it is due as a extreme reminder which day they need to complete this job.

Throw that in a Reporting Services report and we are almost ready. I don’t want to send an email unless there is actually a work order that is due for the following day. For this I create a Data Driven Subscription in the Reporting Services web page for this report.

To do this go to the report you want to send out in the Reporting Services web page and click on the Subscriptions tab. Select the New Data Driven Subscription. Give this subscription a description and select the Shared Data Sources option and click Next. Pick your shared data source and click Next. Now we will make a slightly modified query to get back an email address if any records are available.

select
	email = 'MaintenanceDept@domain.com'
from
	wo
where
	schedfinishdate
		between
			cast(convert(char, getdate(), 101) as datetime) + 1 and
			case
				when (select datename(dw, getdate())) = 'Friday' then cast(convert(char, getdate(), 101)as datetime) + 3
				else cast(convert(char, getdate(), 101) as datetime) + 1
			end
	and status != 'C'
group by email

This will return us just one record of MaintenanceDept@domain.com if there are any number of work orders due for the next business day.

On the next page in the TO: field select the database field email to include the needed email address. Set any other properties on this page and click Next. Set the days and hours that you want the report to run and you are done.

Now an email will go out only when there are work orders that are due tomorrow and if no work orders are do, no one gets an email.

In a later post, I will show a super cool user defined function that you can use to take into account holidays and other office closed events.

I finally took the time to disable this annoying trait of XP. Anytime a new user logs onto a workstation they would have that annoying XP tour pop up in the task tray and you would have to run it once to make it keep from coming back each time the user logged in.
So here is the KiXtart code to make it never show up.

; Turn off XP tour on first logon
$ReturnCode = WriteValue("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour", "RunCount", "0", "REG_DWORD")

We don’t run the Windows Desktop Search tool and when you launch Outlook 2007 it prompts you with the following message;

“Windows Desktop Search is not currently installed or not up to date. Outlook will not be able to provide fast search results when using the new Instant Search functionality unless this Windows component is installed.”

Not wanting the userbase to see this message, added this line to the KiXtart logon to make it automatically disabled.

; OUTLOOK 2007 - turn off prompt to download Desktop Search
$ReturnCode = WriteValue("HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Options\General", "PONT_STRING", "60", "REG_SZ")

We are in the process of rolling out IE 7 and Outlook 2007 to all our workstations. Ran into a few things that were annoying so here is how they are now fixed up.

After you install IE7 there is that annoying Language Bar that shows up in the task bar next to the clock. Since we don’t use this thing and it confuses our users and we don’t want to field all the calls of freaked out users wondering what this thing is, we disable it.

Since we use KiXtart as our logon scripting language I will give you the syntax for that, but it is just registry entries so you can use the same thing with what ever tools you use to push out registry changes.

; Turn off Language Bar
$ReturnCode = WriteValue("HKEY_CURRENT_USER\Software\Microsoft\CTF\LangBar", "ShowStatus", "3", "REG_DWORD")
$ReturnCode = WriteValue("HKEY_CURRENT_USER\Software\Microsoft\CTF\LangBar", "ExtraIconsOnMinimized", "0", "REG_DWORD")
$ReturnCode = WriteValue("HKEY_CURRENT_USER\Software\Microsoft\CTF\MSUTB", "DontShowCloseLangBarDlg", "1", "REG_DWORD")
$ReturnCode = DelValue("HKEY_CURRENT_USER\Software\Microsoft\CTF\MSUTB", "ShowDeskBand")

I made a boo boo tonight. I was copying some image files from my Windows file server over to my Mac. While looking in finder I thought I was looking at the files on the Mac and deleted a lot of pictures before I realized I was on the network share not the Mac. Doot!

Since this was across the network they will not be in the recycle bin, so after a quick search and trying out different software packages, I found my undelete program. While not as fast nor is the interface as slick as others out, it is completely free so Glary Undelete wins my award for frugal butt saver. Ran the program, recovered my files and breathed a sigh of relief.

Here is a shot of a Mac Mini cracked open to double up the memory in it and if you check out the monitor you will see it is running OSX Server.

OSX server is a pretty slick piece of software and if you had an office full of Macs it would be spectacular to run. It is all the open source software that I have used on Linux for a long time so pretty familiar with it all, but it can be difficult to understand the Apple think on how some of the menus and screens are laid out.

The trick comes when you tie it into your Active Directory network. There are a few different ways to do it and from my testing they work with varying degrees of success and at the end it has the feeling that it is working by some kind of voodoo. The kind of voodoo where you are scared of a patch breaks part of the integration you will be up a creek. I have not tried it with 10.5 yet and really should sit down and give it another shot.

I could never get the Mac profiles to mount to a Windows server. I could do it when it was a straight Mac network using AFP to an OSX server but SMB seems to not work well for this purpose.

We have a Catalyst 6513 switch in our core with many blades and hundreds of ethernet cables plugged into the switch. It is impossible to figure out where a particular device is plugged into the switch, right? Nope, it is a simple to track down where you are plugged in at.

On the network device get it’s MAC address then shell into your switch. Enter the command:

show mac-address-table address 0000.0000.0000

Change the 0000.0000.0000 to the MAC address of your device then enter.

What you get back is information from your Primary Supervisor blade and also from your Stand By Supervisor blade telling you that your device is located on which blade/port.