Serio IT Service Desk & Helpdesk Blog

Serio IT Service View uses WMI (Windows Management Instrumentation) to monitor Windows 2003/2008 Servers through its standard Plugins.

When you add a new Windows Server device to Serio, you’ll be asked for Windows Login details for WMI, and you’ll be able to test that WMI can connect to your target server.

If this test fails, you’ll receive an error message, which may help you diagnose the problem. If you’re still stuck, try working through the following checklist.

1. Starting with the basics, is the Windows Server you’re trying to connect to switched on? Can you ping it?

2. Check your credentials. The Windows username and password you supply to connect to WMI must have Administrator rights on the target server. If you’re using a domain administrator account, make sure prefix it with the domain name, as in:

mydomain\administrator

3. Is the Remote Procedure Call (RPC) service running on the target server? WMI uses RPC to connect to remote servers. Check that the ‘Remote Procedure Call’ service is running by looking on the Services panel within Administrative Tools on the Control Panel of the target server.

4. Is the target server Windows 2008? If so, there are a few changes you may need to make to the firewall, DCOM launch and activation privileges, and User Account Control (UAC) settings. It’s all explained in this handy Microsoft article:

http://msdn.microsoft.com/en-us/library/aa822854(VS.85).aspx

5. Still stuck? Another option is to bypass WMI altogether and use SNMP to monitor the server with the Serio Inventory Agent.

• Troubleshooting Connection Issues with the Serio Inventory Agent
• Monitoring Blackberry Enterprise Server Availability with Serio IT Service View
• Monitoring an (Ubuntu) Linux Server with Serio IT Service View

A study from the US IT trade body CompTIA reveals that a minority of companies (and in the current economic turmoil a decreasing number) have given IT security training to their non IT staff.

Whilst any study from a trade body should be treated with a little caution, this one stands up. Here in the UK it seems to be pretty rare amongst medium to large companies to see any user-community focussed IT security training – which is interesting, as this end-users are probably the portal through which most viruses, trojans and losses of password cases arise.

The situation has been made worse in the past few years by the advent of cheap laptops, wireless access at home (often badly set-up), a profusion of mobile devices, public wireless networks, USB menory devices and more. Most users simply trust they are OK. I wonder how many corporate laptops get used at home on a personal network connection, and on public Wi-Fi networks?

The study shows the the biggest hit from security breaches is to the end-user themselves (33% of security breaches) – i.e., loss of their laptop or other service, and then the loss of productivity that comes from that. Further down the scale (19% of security breaches), but still with significant effect, are effects to corporate services and networks.

A little advice about safe surfing and safe use may pay more dividends than an emphasis on technology and control for preventing security breaches.

Banks are the Same (Mostly)

UK Banks are an example of this when it comes to on-line banking – spending vast sums on server and corporate-side security whilst the personal and small business customer has to sort the other end of the connection, the home or business computer, themselves with wildly varying success. Read the terms and conditions (the smallprint) of your on-line banking provider – you’ll find the responsibility is pushed firmly onto you as a consumer, with little in the way of support.

However, one bank does deserve an honourable mention – RBS Group. RBS introduced a system over a year ago that extended the ridiculous and overused password system used by most banks with a requirement to enter a password but then to use something that you possess – a device and a card. Without this, you can’t transfer funds and drain an account – meaning even if you suffer a password loss through spyware, the damage that can be inflicted on you is limited.

RBS have gone one better now with the launch of something called Raport. This product is basically there to step in and make the connection between your machine and the bank less vulnerable to malware – and it’s offered for free.

I expect other banks will follows the RBS line in the coming year. I also think there is every possibility that they’ll start to take more interest in customer computer security in the near future.

• Security – Why the banks just don’t get IT

Ever wondered how you can print colour on a Black & White printer, the dailywtf explains how…

In case you haven’t noticed, laptop computers have been getting ever more powerful, with bigger and more impressive screens, and ever bigger discs. The laptop used quite commonly here at Serio are variants of the Toshiba Satellite Pro.

Whilst it’s OK, it is not any more portable that the old Compaq portables I had over 5 years ago. In fact, I suspect it’s a bit heavier and for certain, the battery doesn’t last as long.

That’s where ASUS have came in with their EEE PC. Whereas laptop computers have typically sacrificed weight and battery life for features, ASUS have decided to try to create something that is literally not a pain in the neck by going for portability and battery life. My new 901 weighs 1Kg and is about slightly larger than a paperback novel, as shown below.

Early versions of the ASUS suffered from poor connectivity, and were fiddly to use. With the EEE 901, most of these niggles are resolved.

To help users on the move, it doesn’t have a conventional hard disc – ie, a mechanical one with a disc that spins. Instead it has a virtual 12GB (20GB on Linux) hard disc that is actually implemented in Solid State RAM, called a Solid State Shockproof Drive. It’s something useful if you use the computer in environments where jolts are commonplace, like the Stansted Airport to Liverpool St Stansted Express I travelled on last week. The chance of a jolt damaging the disc is practically nil.

The screen is about 8 inches across and the resolution is 1024 x 600. It’s readable, and you’ll find yourself able to read most web pages and emails, but it does feel small. However, as the only alternative is a physically larger device, I’ll have it the way it is.

The keyboard is, for me, the worst aspect. Maybe you just have to get used to it, but every sentence I type has a typo (nothing new there then), and the all important number pad keys like home and end are difficult to use. The feel of the keys is also not good, one just seems to merge in with the next.

There are two versions of the EEE 901. One machine comes installed with Linux, and one with Windows XP. The linux version has had some issues with connecting to wireless networks but the XP version seems OK.

The battery life is a claimed 8 hours. I’m not sure what you have to do to get that, but certainly 5 hours can be expected (way ahead of most laptops).

On the whole, I think it’s great. When you are carrying it it’s like you’ve forgotten your computer it is so light, and because the battery life is so good you don’t need to carry the power supply around so much.

An alternative take on the ASUS eee is here (the earlier 701).

…or put another way, ‘How to Survive and Prosper when your Working World is turned upside down’.

I suppose it’s possible that some readers of this blog will have had a happy, or at least not unpleasant, experiences whilst working in IT and their company is the subject of a takeover or merger.

I have to say that in my career this hasn’t been the case, nor do I know anyone who who hasn’t found the experience troubling or stressful. At the root of the problem is a simple fact: your working situation can be changing radically, and you usually have little or no power to influence things.

Survivors Guide

1. Survivors Know Who is Actually Calling the Shots.

In a take-over (your employer is sold to another company) it’s obvious – the managers from the purchasing company have control. Mergers are more tricky. Even when mergers are said to be ‘of equals’ in my experience there is usually one of the pair that is simply absorbing the other. Try to find out which is swallowing the other. You can assess this usually by looking at the Directors and senior managers, – who is keeping their jobs (implies the one doing the swallowing) and who is taking the ‘new and exciting roles’ (implies the one being swallowed). Other clues might be the change of office (my place or yours) and whose brand survives.

2. Survivors are Cheerful and Stupid.

In a situation where you are maybe feeling stressed or nervous about the future, it’s easy to fall into the trap of getting cross easily, viewing the other company as enemies, and being over-sensitive. Being Cheerful and Stupid means simply never assuming the worse, being slow to see insults, and avoiding alienating your new or existing co-workers. Even if your new colleagues do something you don’t like, or you feel that undermines your position, ignore it.

True story: Many years ago, the company I worked for was taken over by a large multinational, at a time when I was running the product development team. A guy showed up one day, and without introducing himself to me asked our receptionist for my and my team’s CVs. My reaction was to very nearly punch this guy’s lights out. This made me feel a little better but served no useful purpose at all. Cheerful and Stupid would have been a better approach: ‘certainly Mr Secret Squirrel – here you go!’.

3. Survivors Know that it is Every Man (or Woman!) For Themselves.

It’s a bit unseemly, but a merger or takeover can be like a big scramble for the life boats on a sinking ship. Your best policy is to look after yourself – don’t expect your boss to do that for you, regardless of how well you know them.

4. Survivors Make Friends.

It’s easy for an ‘us and them’ mentality to develop, and it can be hard to even be civil at times. This attitude though doesn’t do you or the company any good so try to make friends, particularly with ‘the other side’. Try to connect with their social networks – for example, if they have a sporting team try to join it, if if there is some other social grouping try to become a part of it. If they plan LAN Computer games after work ask if you can be part of it – but remember, be Cheerful and Stupid if they say no.

5. Survivors Don’t Take any Holidays for the First Six Months.

I have no hard statistical evidence for this, but a lot of people seem to be fired or made redundant after returning from holiday – it just seems easier to do when you are not around. As the period after a merger is a scramble, it doesn’t make any sense for you to not be around as things start to settle down.

6. Survivors Know How Expensive They Are.

It isn’t just a merger of cultures and people you get. Sometimes when companies merge or are subject to takeover you get a merger of approaches to salary and remuneration. Try to find out where you stand. If you are paid substantially more than a similar worker in the company that has taken you over, it might be that you’ll be shown the door regardless of what you do. In this case, you might be able to negotiate a better severance package – but regardless, it’s information you need to know.

A good source of information might be by looking at any recent recruitment advertisements the other company has placed over the last six months. Another tell tale sign is the number of empty vacancies that the other company has – a high number is sometimes indicative of lower than average salaries.

7. Survivors Constrain Their Personal Expenditure.

Part of the deal with mergers is the stress they cause. My view is that most of this comes from people being subjected to sometimes quite radical change in their jobs, and having absolutely no way to influence or control that change. Another source of stress is the more prosaic ‘how will I pay my bills if I loose my job?’. A way you can reduce this stress is simply taking an axe to your outgoings (not literally). If you’ve recently bought a new car, see if you can get rid of it without taking too large a hit, if you were taking a holiday see if you can cancel and get most of all of your money back (see also point 5).

Reducing your expenditure will make you feel less dependent on your monthly pay check. This will reduce your stress level, and allow you to more easily make friends and be Cheerful and Stupid.

8. Survivors Engage With Customers.

Without customers, most businesses will shrivel up pretty quickly. Being engaged directly with customers, and having a direct and valued relationship with customers, immediately elevates your standing within any company. It doesn’t make you indispensable, but it does give you something extra.

If a customer is particularly pleased with something you’ve done, don’t be afraid to solicit the customer sending an email of praise about you to your boss.

9. Survivors Have Their CV Up To Date.

Everyone needs a fall back position, so now is as good a time as any to bring your CV up to date.

In doing so, avoid developing a negative attitude to your employer. See points 2 and 4.

10. Survivors Sell their Office Supplies on Ebay

Aside from providing Scott Adam’s Dilbert with hundreds of strips, you may find that everyone is too busy focusing on CVs, making friends and watching their backs to notice that the premium envelops keep disappearing (warning: this may not be legal in all jurisdictions).

This post is for anyone who has ever been a bit confused about IP ports. Whilst most people I deal with have no problem understanding what they are and what they do, there have been a few cases recently where it would have been useful for me to refer to a post like this for background.

If you want to read about layered networks or IP in detail there are loads of resources – like here for example. I’m just going to deal with some of the practical aspects folk who work in IT support have to deal with.

TCP/IP is what is referred to as connection-orientated. That basically means it’s for connecting computers together…

…except that this is not quite true. It’s really for connecting applications running on computers together. And computers have more than one application running, which is one of the reasons that we have Ports.

Starting at the Beginning

You will have seen IP addresses – 123.42.1.234 for example. You also probably know that machines have names, and that names ‘resolve’ into IP addresses. For example ‘ping zephod’ might resolve into ‘ping 123.42.1.234′ (there is usually a server sitting somewhere on your network that takes names and returns IP addresses by doing a simple look-up from a list).

You are probably also familiar with either using an IP address to ‘connect’ two applications together. You might do this for example when you set-up your email client software to read your emails at home – one of the things you specify is the Name or IP address of the email server. Get that right, and the chances are you can access your email.

This IP address allows your email client software to ‘talk’ using TCP to your email server, allowing the two to exchange useful information because the email server is ‘listening’ for requests from email clients, and returning useful data back.

Ports Connect Applications

But consider this problem. That email server whose IP address you entered doesn’t just run an email server. It almost certainly runs a web server as well which is also listening for requests from clients (browsers), it probably also has a database running called MySQL that also is listening for requests, and so on. In fact, if you count all of the different applications listening it may well count over 20, with the possibility of having even more.

So this begs the question: when your email client program wants to send a request to the email server application running at the IP address you specified, how does it avoid sending the data to the web server instead?

The answer is Ports

Imagine a large high-rise building with 120 flats (apartments). The address of the apartment building is 100 High St, Livingston. If you want to send a letter to a Mr Joe Bloggs who lives there, you’ll need more than ‘Mr Joe Bloggs, 100 High St, Livingston’ because the postman won’t know which of the 120 mailboxes to put the letter into. The correct address is ‘Mr Joe Bloggs, Flat 25, 100 High St, Livingston’. In this example, the 100 High St part of the address is equivalent to the IP address, and ‘Flat 25′ is the Port number: the final piece of the jigsaw. If you don’t specify a flat, or specify the wrong flat number, the chances are your letter will not be delivered.

Why don’t I need to specify, or know, the Port number when I enter the IP address into my email client software?

The answer is because of convention. By convention, certain types of programs always use the same Port. So email programs typically know what Port to use. Some common standards are below:

20 FTP
22 Secure Shell
23 Telnet protocol—unencrypted text communications
25 Simple Mail Transfer Protocol (SMTP)
42 nameserver
53 Domain Name System (DNS)
57 MTP, Mail Transfer Protocol
79 Finger
80 Hypertext Transfer Protocol (HTTP)
110 POP3 (Mail)
161 SNMP

What about Ports used for Sending Data?

Ports are also used for sending data, but unlike applications that listen for data (like server applications of all kinds) the send Port is usually not significant. The reason is simple: when you send your request to the server application, you will send both your IP address and the Port you send the data from, meaning it’s easy for the server to send a reply using this information.

(Thanks to DuncanD for his help with this)

Technorati Tags: Technology, TCP/IP

Don’t Oversell Availability, warns Peter Warren.

You’ve maybe never heard of S3, but the chances are you’ve used a website that uses it either wholly or in part in the last month.

S3 is Simple Storage Service – web content hosting on steriods, and is provided by Amazon. It is used by services like the excellent Twitter, Smugmug and Pownce, and thousands more. It’s key selling points are its low cost and high availability – and at the end of last week it suffered a fairly substantial amount of downtime.

As a user myself, I’ve been surprised by the reaction of the S3 user community who view this like it is the end of the on-line world as we know it. In fact, the service was down for less than 3 hours.

Many users seem to have taken the marketing speak about “ensuring that the data will always be available when you need it” and the reassurances about redundant copies of data on different servers (the much hyped ‘cloud’) at face value – and have taken 100% uptime as the minimum that they should expect.

Personally I always view these claims in the same way as claims like ‘this ship is unsinkable’ – it always seems companies lack the imagination to understand where the critical weak-point is. In this case, S3 may (according to some rumours) have suffered a good old-fashioned Denial of Service (DoS) Attack – its authentication server got a gazillion requests and could not keep up. The 3 hour downtime was how long it took Amazon to create extra capacity.

My complaint is really about the way Amazon dealt with this, and I think this might be what is at the root of some customer ill-feeling (some customers seem to be downright unreasonable though).

I got a call in the small hours of the morning to say our website was down. Working from home it was clear that some important files hosted on S3 were inaccessible, but there was nothing from their Helpdesk that I could find on the support site to say either that Amazon knew something was up, or if they did know when it would be back.

This meant I had little of value to say to our own customers.

It took a note on the user forum before we got any word from Amazon. Frankly that’s not good enough.

Many users are now asking for service status information. I hope they provide this soon.

I guess the moral of the story is: don’t oversell availability, practice your customer response for when the inevitable unavailability occurs, and be very open. After all, I have Service Status pages, why don’t they?

Peter Warren is a guest blogger. 

Technorati Tags: Availability, S3

• Availability Reporting Round-Up

It’s not often I’m thrilled with the idea of new technology and gadgets. As someone in their mid-forties I’m old enough to remember the Pen PC from the late 90’s (sank without trace), Prestel (ditto), LED-display watches (useless and uncool) and a whole bunch of other stuff that was going to be ‘mainstream’ and ‘big’.

So I’m slightly sceptical about new gadgets generally. My experience is that consumers are much more conservative than most PR-companies expect.

However, one thing I’ve seen recently has had certainly caught my attention.

It’s called a Readius (there is a youtube clip here) from Polymer Vision, and features a new type of display – one that folds. I use a PDA, but one of the things that irritates me is the size of the screen – I just can’t see everything I want to, particularly when using the Internet. The size of the screen is the major thing that affects portability as the screen can’t bend or fold – so I’m stuck with a few square inches to squint into.

That is until the Readius. This screen  folds out so you can read it – almost like paper. It means that for a smaller device than I carry now, I can have a bigger screen – offering the promise of a usable display that will fit in my suit pocket.

Right now the fold-out display is greyscale (fine for what I want) but features a very low power consumption footprint (battery life on my current HP PDA is not brilliant).

Of course, what would make this fly off the shelves of technology dealers is Internet capability – attaching the screen to a 3G phone to make a truly portable mobile Internet device with a decent, usable screen. Alas this is where the device falls down – it simply (at the moment) does not refresh fast enough to be used in this way, although it is promised for a couple of years time. As the price for the Readius seems to be in the order of USD800, it makes it a very expensive toy until it can access websites and comes attached to a device with a browser. In the meantime, I’m still interested enough to consider buying.

It will also be interesting to see what the reliability is like – will the folding lead to cracks and expensive warranty claims?

However, improving displays puts the focus on keyboards – or lack of keyboard. They are either like arcade games (Blackberry) or much too large to carry (Pocketop Wireless). Hopefully the people at Polymer Vision will come up with a solution soon to this.

Technorati Tags: gadget, readius

Back in October, I started to look at the next version of Microsoft’s server operating system – Windows Server 2008. In that post I concentrated on two of the new technologies – Server Core and Windows Server Virtualization (since renamed as Hyper-V).

For those who have installed previous versions of Windows Server, Windows Server 2008 setup will be totally new. Windows Vista users will be familiar with some of the concepts, but Windows Server takes things a step further with simplified configuration and role-based administration.

Using a technology known as Windows PE, the new setup model allows multiple builds to be stored in a single image (using the .WIM file format). Because many of these builds will share the same files, single instance storage is used to reduce the volume of disk space required, allowing six operating system versions to fit into one DVD image (with plenty of free space).

The first stage of the setup process is about collecting information. Windows Setup now asks fewer questions and instead of being spread throughout the process (anybody ever left a server installation running and then returned to find it had stopped half way through for input of some networking details?) the information is all gathered at this first stage in the process. After gathering details for the language, time and currency, keyboard, product key (which can be left and entered later), version of Windows to install, license agreement and selection of a disk on which to install the operating system (including options for disk management), Windows Setup is ready to begin the installation. Incidentally, it’s probably worth noting that SATA disk controllers have been problematic when setting up previous versions of Windows. Windows Server 2008 had no issues with the motherboard SATA controller on the Dell server that I used for my research.

After collecting information, Windows Setup moves on to the actual installation. This consists of copying files, expanding files (which took about 10 minutes on my system), installing features, installing updates, two reboots and completing installation. One final reboot brings the system up to the login screen after which Windows is installed. On my server (with a fast processor, but only 512MB of RAM) the whole process took around 20 minutes.

At this point you may be wondering where the computer name, domain name, etc. is entered. Windows Setup initially installs the server into a workgroup (called WORKGROUP) and uses an automatically generated computer name. The Administrator password must be changed at first logon, after which the desktop is prepared and loaded.

Windows Server 2003 included an HTML application called the Configure Your Server Wizard and service pack 1 added the post-setup security updates (PSSU) functionality to allow the application of updates before enabling non-essential services. In Windows Server 2008 this is enhanced with a feature called the Initial Tasks Configuration Wizard. This takes an administrator through the final steps in setup (or initial tasks in configuration):

1. Provide computer information – configure networking, change the computer name and join a domain.
2. Update this server – enable Automatic Updates and Windows Error Reporting, download the latest updates.
3. Customise this server – add roles or features, enable Remote Desktop, configure Windows Firewall (now enabled by default).

Roles and Features are an important change in Windows Server 2008. The enhanced role-based administration model provides a simple approach for an administrator to install Windows components and configure the firewall to allow access in a secure manner. At release candidate 1 (RC1), Windows Server 2008 includes 17 roles (e.g. Active Directory Domain Services, DHCP Server, DNS Server, Web Server, etc.) and 35 features (e.g. failover clustering, .NET Framework 3.0, Telnet Server, Windows PowerShell).

Finally, all of the initial configuration tasks can be saved as HTML for printing, storage, or e-mailing (e.g. to a configuration management system).

Although Windows Server 2008 includes many familiar Microsoft Management Console snap-ins, it includes a new console which is intended to act as a central point of administration – Server Manager. Broken out into Roles, Features, Diagnostics (Event Viewer, Reliability and Performance, and Device Manager), Configuration (Task Scheduler, Windows Firewall with Advanced Security, Services, WMI Control and Local Users and Groups)and Storage (Windows Server Backup and Disk Management), Server Manager provides most of the information that an administrator needs – all in one place.

It’s worth noting that the Initial Tasks Configuration Wizard and Server Manager do not apply for Server Core installations. Server Manager can be used to remotely administer a computer running Server Core, or hardcore administrators can configure the server from the command line.

So that’s Windows Server 2008 setup and configuration in a nutshell. Greatly simplified. More secure. Much faster.

Of course, there are options for customising Windows images and pre-defining setup options but these are beyond the scope of this article. Further information can be found elsewhere on the ‘net – I recommend starting with the Microsoft Deployment Getting Started Guide.

Windows Server 2008 will be launched on 27 February 2008. It seems unlikely that it will be available for purchase in stores at that time; however corporate users with volume license agreements should have access to the final code by then. In the meantime, it’s worth checking out Microsoft’s Windows Server 2008 website and the Windows Server UK User Group.

• Looking forward to Windows Server 2008
• Windows 7 – Now you can pretend you’re in a Sci-Fi Movie when sending a memo to Accounts

Just as we are getting our heads round the idea of online applications, the wheel, we are told, is turning a full circle and the focus is moving back to the desktop. A number of browser plug ins are bringing applications out of the browser and creating hybrid apps that have been dubbed the new webtops.

These include Microsoft’s Silverlight, Google’s Gears and Adobe’s AIR. Crucially though, Adobe takes things a step further with AIR, which can operate entirely independently of the browser.

The race is on to develop must-have website applets for the desktop, keeping websites in the user’s face as never before, which is exciting the marketing and media types, and potentially replacing core desktop applications such as word processing with hybrid web/internet applications, which is scaring IT support.

But why should the hapless user give up precious desktop space anyway? This confusing state of affairs is best clarified by example. A developer might write a desktop application that links to an online service allowing local storage to be combined with online features such as streaming media.

The success of this latest generation of webtops lies as always with the killer app. In a move that could well put pressure on Google’s online apps offer, Adobe bought up the Buzzword online word processor this month as part of its strategy for internet application development. Buzzword was built with Adobe’s Flex and runs in Flash, allowing people to collaborate on documents – and work with hosted and local documents.

As well as its purchasing muscle, Adobe is using the latest crowdsourcing development methodology, running an AIR developer derby with $100,000 for the winning developer and last week it got together with MTV to launch another big ticket developer competition.

Some big names have got in the web-desktop act – Ebay, AOL, The New York stock exchange NASDAQ and Business Objects are reported to have demoed hybrid applications for business and consumers.

Applets can be knocked up in AIR by web developers in HTML (JavaScript, CSS, XML) and Adobe Flash (ActionScript, Flex, XML) and can be run on Windows or Mac operating systems, with versions for Linux and mobile devices in the pipeline. A big advantage is that browser specific code can be used to create the independent desktop app too.

Downsides are the 10Mb runtime load and the need to install the application. Regular readers may remember mutterings about the security threats posed by desktop gadgets and widgets and there are similar murmurings that webtop hybrids carry the same risk of being a chink in the network armour. That health warning aside though, the results of the AIR developer derby should make interesting viewing.

Technorati Tags: Adobe AIR, Applets