AFK

This blog is no longer maintained. I’ll leave it here for the sake of posterity.

The most popular post seems to be that on recovering access to Netgear ReadyNAS filesystems so here’s a quick link to that: https://onlyblueatwork.wordpress.com/2012/12/04/netgear-readynas-access-recovery/

I’m still in IT and may get back to this at some point.

Have a good one!

Advertisements

ShadowOverlay

[UPDATE] – New version uploaded.

This little application will allow you to shadow part of your screen while maintaining full screen brightness. This is to prevent prying eyes from easily reading for example an IM conversation.

The application is in early alpha and has not been properly tested. For now it will only allow you to shadow the left side of your screen starting from the top. When you start the application you will see an option window where you can set width and height as well as overlay opacity. If you can’t see it, right click the little smiley with the sunglasses in your system tray and click options.

The overlay is click through so you can work with your background application properly. I’ll try to add more features when I have time, such as positioning, different overlay colors and such.

I take no responsibility for damage or software loss caused by this application. It is in early alpha and has not been thoroughly tested. You have been warned.

1.0.0.5 – https://www.dropbox.com/s/bfpu0wxd2fesxji/shadowoverlay1005.zip
Supports saving and loading profiles (with limitations). Other tiny changes.

Checking recovery models in MS SQL Server

We have quite a few databases that have been added to our SQL environment by 3rd parties. The default recovery model is “Full”, yet a lot of the databases have no scheduled transaction log backups. What does this mean?

Well, a database with “Full” recovery model will never reclaim space in LDF files unless a transaction log backup is run. A full database backup isn’t enough.

So the options here are: set recovery model to simple, or make sure you have backup jobs in place to empty your log files periodically.

Here’s how to list all your databases and their associated recovery models:

SELECT name AS [Database Name],
recovery_model_desc AS [Recovery Model]
FROM sys.databases
GO

WSUS on port 8530, or: FATAL: Failed to show client UI, directive=7, hr=80010108

EDIT: Since our friends at SolarWinds have found their way onto my (small and insignificant) blog and had things to say (and sell?), I feel I need to make a comment here. While I appreciate the comments made to this post, I would also like to clarify that this blog is intended primarily to document errors and solutions I come across in my daily work routine for myself and my colleagues. I’ve allowed Google to crawl the site because it may be of help to someone else as well. I post solutions as I stumble upon them, when they fix my specific error. I do not spend hours researching the exact causes, or if something can be done better. I document as I go, during a hectic work day. So, I would like any readers here to keep in mind that my solutions may not work for you or your setups, and I may get things wrong.

If you would like, have a look at the comment made in this post by a SolarWinds employee. Like I state in my reply, this is what worked for me. I have no idea if the tool recommended by SW is better or not, and as things stand right now, I have no time or need to find out. If anyone has this issue and isn’t helped by my solution, or would like to try something else, by all means try the SW linked application.

ORIGINAL POST:

If you configure WSUS to run on a different port (default seems to be 8530), chances are you’ll see your clients pop up in WSUS, but never report any status. A test with Client Diagnostic Tool will present you with an error message in red stating that:

FATAL: Failed to show client UI, directive=7, hr=80010108

This message appears because the client cannot find the SelfUpdate tree on the WSUS server. The issue here, is that even though you specify WSUS to run on a different port, you MUST have the SelfUpdate virtual directory present on port 80. As far as I know, this cannot be changed.

If you, like me, have a system using port 80 that does NOT allow you to map subdirs (Like F-Secure Policy Manager), you’re out of luck using that server for WSUS unless you can change the port of that other application. I’m now running F-Secure PM on port 82 instead, and WSUS is happily chugging along.

Fixing the issue is easy peasy once you can have your default site available in IIS or Apache or whatever. Just copy the path used for SelfUpdate in the WSUS Administration site into a new virtual directory named Selfupdate in the default port 80 website:

wsuspath

That should do it. Try running the Client Diagnostic Tool again and you should have it pass, along with WSUS clients starting to report in (keep in mind that this will still happen at random).

Enable automatic logon in Windows 7

Start by editing a registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Edit the key named AutoAdminLogon and change the value data to 1

After that, run the command netplwiz and uncheck “Require users to press Ctrl+Alt+Delete”. This option can be found in the Advanced tab.

Once you hit Apply, you should be greeted with a new form:

Fill this out with the account details for the account you wish to auto logon. Voila.

NOTE:

On a few occasions, the last window prompting you to enter user data hasn’t shown up for me, and I’ve been able to remedy it by ticking “Users must enter a user name and password to use this computer” on the Users tab, hitting Apply, and unticking it again, then hitting Apply again.

Netgear ReadyNAS access recovery after SSH and WebGUI lockout

The following post is about a ReadyNAS Pro 4. I have no idea if it’ll work on other ReadyNAS devices.

I stupidly managed to lock myself out of SSH access (I blame /bin/false automagically appearing by my username in /etc/passwd instead of the usual /bin/bash).
Not thinking straight due to stress. I decided that I probably forgot my password, and proceeded to reset it by editing /etc/shadow from a ReadyNAS configuration backup and uploading it back to the device..

That was probably the dumbest move I’ve ever made. For several reasons:

1. Since I borked SSH access, Frontview (Web GUI) was my only option for control of the system at this time.

2. User access for Frontview is also read from /etc/shadow. Same as SSH.

3. Did I use an editor in Windows that was capable of editing files without inserting Windows specific weirdness? (i.e. whitespaces and linebreaks)? No I did not.

I didn’t figure this out until way later, but I wont describe just how dumb my thought process was during my evening. Just post a solution to the problem.

The problem being the following:
I was totally locked out of my system. No admin GUI, no console, nothing. My obvious options were paying Netgear to fix it, or losing all my data.
Neither is ok.

Here’s my solution. You probably shouldn’t do this unless you’re desperate. I won’t take responsibility for your bricked NAS or lost data if you decide to follow the steps i took. You can cause a lot of damage if you have clumsy fingers.

1. Power down the ReadyNAS.

2. Access the Boot Menu by pushing the reset button while powering up the device. Release reset when “Boot Menu” is shown in the display.

3. Select Tech Menu by pressing the backup button. Confirm by pushing the reset button again.

4. Log in with the following super secret Netgear Tech staff only account (Google is great some times): root / infr8ntdebug

5. Connect to the IP displayed on the ReadyNAS with Telnet (Port 23). At the # prompt (this is Busybox btw), you wont initially have access to the regular boot partition of the device. To mount that, enter the following commands:

echo DEVICE partitions > /etc/mdadm.conf
mdadm --examine --scan >> /etc/mdadm.conf
mdadm --assemble --scan
mount /dev/md0 /mnt

6. Navigate to /mnt/etc/

7. In my case, since I had broken shadow by inserting Windows whitespaces into them (^M in Vi), I had to get rid of those. Since %s/^V^M//g didn’t work for some reason, I did the following instead:

cat /etc/shadow | tr -d '\r' > shadow.temp
mv shadow.temp shadow

8. Reboot the device. I now had SSH access again. The Frontview account was still broken for some reason so that was fixed by issuing passwd admin and just resetting it.

My case may have been specific, but if you find yourself needing to access and modify the root partition of the ReadyNAS Pro without having SSH access, the Netgear tech support mode is a viable option. Just mind what you do when you’re there. You’re not supposed to be there and you’ll probably void your warranty just by considering it..

Kickstarter projects

Since I’m a sci-fi and space game junkie, I was thrilled to see two very interesting projects on Kickstarter. One is a followup of my all time favorite game franchise Elite. I love the idea of an open ended open universe to explore. Space combat is fine, but what I want first and foremost is exploration and trade. Elite got a pledge for £50. I’m not sure they will manage to reach the set goal but I’m really really hoping so.


Elite: Dangerous on Kickstarter
Elite: Dangerous website

When backing, I saw a recommended link to a second similar project by Josh Parnell (unknown to me before KS), called Limit Theory. It looks awesome and there’s already impressive in game footage presented on the Kickstarter page for the project. Josh seems to know what he’s doing and pitched his project just right. I’ve backed him with $75 to get prototype access. It was the most I could do on a limited budget (I’m in the middle of house building.. I received an invoice for $240,000 just a couple of days ago. Josh’s project has already reached it’s funding goal which has me thrilled. Now I just hope some interesting milestones are reached as well. I’ve gotten rid of my Mac but I’d still love to see more games reach the platform, and the fact that he’s also adding Linux support when the project reached $100k just sweetens the deal.

Here’s a screenshot from Limit Theory. For more information, just like with E:D I suggest you visit the Kickstarter project pages and/or the websites. I could never do the projects justice by attempting to describe them here anyway 🙂

Limit Theory on Kickstarter
Limit Theory website

The media in this post has been added without permission. If you are a rights holder and wish the images removed, please contact me at macaon at outlook dot com.