FTP server comparison #1

This has been a bit rushed, but I’m currently evaluating Ipswitch WSFTP and WingFTP. So far I’ve only installed WingFTP; it’s a bit clunky (and strangely worded!) but does what it says on the tin; it tied in easly with AD and created ftp “home” folders on-the-fly as people logged in (no need to pre-create user folders). However it doesn’t seem to uninstall very well- I’ve tried twice and it’s still stuck in “Add/ Remove programs”.

Dell OpenManager Server Administrator 6.4.0

Firstly I’ve only noticed this behaviour on a stand-alone server running the above version of OMSA, but it might apply to earlier versions.

I’ve been getting annoyed by OMSA requesting local admin credentials in a pop-up box before getting anywhere; I knew I was typing the right credentials in but the pop-up box keeps on appearing. The apparent fix is to “escape” out of this box and just wait for the credentials boxes to appear within the OMSA web page itself.

Dell SUU (Server Update Utility)

In the last week or so I’ve been struggling to get the SUU DVD to actually update some new Dell servers; basically, the update process never actually starts (I don’t know why- I suspect it’s an x64 v x86 issue?). However, the way around this is to click the hyperlink to the update(s) you need to apply from within the server-specific SUU window; once the page loads, not what the actual update is and switch from choosing x86 updates to x64 updates within support.euro.dell.com then just find the same named update (except this time you’ll be downloading the x64 version).

Ja.net video conferencing site

Okay this is quite a specific oddity and will only be of use to anyone inside the UK, and even then only if you’re connected to the academic ja.net network and using Internet Explorer to make video conferencing bookings.

If you’ve got anyone struggling to make a new video conferencing booking after logging in- more specifically when you try to, it says it doesn’t know who’s logged in and the only option is to try loggin in again (this gets into an infinite loop if you let it!)- try checking the bit-version of IE you’re running. It might simply be a case of switching from IE x64 to IE x86- I noticed this morning that the jvcs site worked fine on my client- both through Opera and IE- and so when I check ed on the “faulty” machine I noticed it running IE x64 by default. Switching to IE x86 seems to have resolved the problem.

Windows Phone update hit by bug

http://www.bbc.co.uk/news/technology-12554499

Oops. While I really do feel sorry for anyone without the use of their phone (and having to fight the muddy line of resposibility) it gives me one more reason not to touch Samsung with a bargepole.

From my limited experience, their phones are rubbish (example: why can’t you turn off 3G? If you don’t surf on your phone, all 3G is is a battery drain) and their phone backup software is even worse (whenever I find they’ve updated their phone software, it seems to download at v33 modem speeds so takes all evening just to download so actually backing up the phone has to wait ’till the next day).

EMC Celerra virus scanning

After installing whatever EMC calls its anti-virus scanning agent now (started life as CAVA, then I think CEPA, then CEE- Celerra Event Enabler) a couple of things to watch:

  • Assign a domain user account (can just be a normal domain account, not need for raised privileges) to the EMC CAVA Service
  • Make sure this user gets the “log on as a service” right in gpedit.msc on the AV scanning box
  • Also make sure this user is in the local administrator’s group on that box (or at least I’ve found that our AV solution won’t work with CAVA if this isn’t the case)

BitLocker-enabling Windows Server 2008/ 2008 R2

Okay this is not a guide about implementing BitLocker on the above server platforms, but this will set servers up so BitLocker can be implemented later. This is all to do with boot partitions, and the fact that you can’t encrypt the boot partition so you need to build a small RAW partition into your server build in case you need to switch on BitLocker later (unless you want to go around rebuilding all your servers).

I’m assuming a completely clean, unconfigured server.

At the “Install Now” screen DO NOT choose the big “Install Now” button. Instead hit escape, and follow the system recovery process until a “System Recovery Options” dialog box appears (don’t restore any images or anything- just try to “Next” or “Escape” every screen until this one).

Once the screen shows Restore, Memory Diagnostics or Command Prompt, choose command prompt. Once cmd.exe opens, type “diskpart” and press enter. Once in diskpart, follow these steps (ignore anything following a // in this list, press enter after each step):

  1. select volume 0 //that’s a zero, not an ‘o’. Selects the optical drive.
  2. assign letter=V //makes sure drives C:, D: and E; are free for the hard disk
  3. select disk 0 //that’s a zero, not an ‘o’
  4. clean //wipes all partition info
  5. create partition primary size=1536 //this is your potential 1.5GB boot partition
  6. create partition primary size=61440 //60GB system partition
  7. assign letter=C //gives this partition drive C:\
  8. FORMAT FS=NTFS LABEL=”System” QUICK //formats drive.
  9. create partition primary //no size specified- will just use up the remainder of the disk
  10. assign letter=D
  11. FORMAT FS=NTFS LABEL=”Data” QUICK

Steps 4-9 are arbitrary and only show an example of a server with a 60GB system drive, and the rest of the space allocated to “data”, whatever that will be. That’s it- theres’s a 1.5GB partition available of BitLocker is ever needed but it’s not in use. You might find that on booting into Windows it’s been allocated as D: or E:, in which case go back into DiskPart > select disk 0 > select partition 1 > remove letter=D (or whatever it’s been allocated).

Further ForeFront TMG issues

Well done. Microsoft have made it phenomenally difficult to backup ForeFront TMG (actually- in all fairness, I don’t think ISA was very good either). But help is at hand; download the TMGSDK.exe file from

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=8809cfda-2ee1-4e67-b993-6f9a20e08607&displaylang=en

And- after installing- look for a file called “importexport.vbs” (probably located in %programfiles(x86)%\Microsoft Forefront TMG Tools\SDK\samples\Admin). This file can take one of two switches: “e” or “i” (which unsurprisingly stand for “export” and “import”). Also, when you feed it the filename- which can be anything- you must also feed it the full path or it won’t do anything despite appearing to (not prefixing with a drive + path won’t fail, but I couldn’t find the file anywhere so assume it actually just doesn’t create the file…).

At least now you have something you can pass to the windows scheduling service to routinely back up the FFTMG config. I’ve further modified the script to save off to a network location (which is already backed up) rather than the local drive, and it sends a little email out too as a notifier.

Web 2.0: rise of the Malware?

Given the increasing number of attack vectors available on the web (it’s no longer simply a case of Windows/ MacOS/ *Nix; iOS, Symbian, Android…) is it just me, or does this pose the threat of a multi platform/ platform independent virus? I have no idea how this would work, but a virus that could take out all of your devices at once is a bit scary… (let me know if this has already happened!).