The cause of the problem was a iscsi lock caused by 2 hosts trying to write to the same store at the same time.

This was evident from messages on the ESX hosts from the error message: vprob.vmfs.heartbeat.timedout and referencing one of the volumes on our ISCSI storage.

This was causing the entire ESX host to have connectivity problems as well as affecting the guests that resided on that volume.

Because the host and guests were not accesible through vSphere, we were unable to remove the volume or power cycle the guests.

After much digging around and with the help of VMWare support we understood that the cause of the problem was a lock on that filesystem, and to fix the problem we ran vmkfstools -L lunreset /vmfs/devices/disks/volumename…

This removed the lock which was caused by 2 hosts trying to write to the same volume at the same time and causing a iscsi lock.

Very painful, but happy to have the cluster back up and running.

I recently built a fedora 13 server without any of the X / Gnome / KDE parts as I only want command line on it – this is relativly normal for what I do, however I normally use kickstart scripts, but as it was my first jaunt into 13 I didnt.

Its common for me to set up interface aliases as I use apache and a number of sites with SSL which requires independant IP addresses.

Normally I create a interface aliase file in /etc/sysconfig/network-scripts to the figure of ifcfg-eth0:0 etc..

Doing this in FC13 and then trying to bring the interface up threw up the following error

Bringing up interface eth0:  ** (process:3898): WARNING **: fetch_connections_done: error fetching user connections: (2) The name org.freedesktop.NetworkManagerUserSettings was not provided by any .service files.

As I mentioned I have configured aliases lots so was confused as to exactly what was causing my problem – however the clue was in the error message – as it normally is..

The NetworkManager service was running which I dont use and this was preventing my alias’s from working properly. So a quick pkill -9 NetworkManager and then removing it from rc3.d to stop it starting up again fixed all my issues.

I guess thats what happens when you script build all the time – you forget these little bits

You might need to do this for a variety of reasons, access to remote services, file systems or for other reasons.

However with windows 2008 and IIS 7 / 7.5 you can no longer run the World Wide Web service as a different user without a whole world of pain..

For most people there is a fairly simple way to resolve this – in IIS 7.5 now the ApplicationPools are what fire up the specific workers for the w3wp process, and as such its very simple to change the user that the w3wp process runs as.

Open IIS management console and expand your website tree.

Click on Application Pools, and in the right hand pane you should see the DefaultAppPool – you will also see the user or Identidy that this is currently running as.

To change this to a different user simply right click the DefaultAppPool and select Advanced settings, then under the process model section click the identity name and click the elipses (the 3 dots) you will then be prompted which user account you wish to use.

If you want to use IIS to pass authentication through to a non domain machine then still in advanced settings you will also need to change the option for LoadProfile to true – this allows you to pull the credentials that get cached in cmdkey should you need it (see my other post on cmdkey).

Once you have done this, right click the DefaultAppPool and choose recycle for good measure which restarts the w3wp process.

You should now see it in task manager process list running as your defined user, and hopefully have access to all the resources you needed.

For me I encountered a problem where I have a non domain server running an .NET application which needed to write files to a cifs share which was using domain authentication.

This was a problem initially as the default application pool runs as a local builtin account and therefore has no permissions on the remote cifs share, however, I decided that I would be happy enough creating a user which mirrored a domain user by name and password, and hope that pass through authentication would work.

It didnt

So after lots of digging and gnashing of teeth, a colleague of mine found the perfect solution.

In windows 2008 there is a command called cmdkey which allows you to use a local account to cache domain user account credentials for a specific target domain / server.

So in my instance running a dos prompt as my new user, I did a cmdkey /add:cifsserver /user:domainname\username pass:domainuserpass

And bingo everything now works a treat!

Please check the LAN Adapter Binding order to make sure the NIC that Exchange is bound to is at the top of the list (Start> Run> [type] ncpa.cpl [press enter]> Advanced> Advanced Settings> Connections).

Please check and mirror the settings below (Open up IIS, expand the default website then expand the relevant Virtual Directory, right-click on the Virtual Directory and choose properties, then click on the Directory Security Tab):

Exchange 2003 (Not part of Small Business Server):

Exchange Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NetBIOS domain name – e.g., yourcompany (no more than 15 characters)
• Realm = yourcompany.com
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL NOT ticked (very important)

Microsoft-Server-Activesync Virtual Directory
• Authentication = Basic
• Default Domain = NETBIOS domain name – e.g., yourcompany (no more than 15 characters)
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption IS ticked

Exchange 2003 (Part of Small Business Server):

Exchange Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NetBIOS domain name – e.g., yourcompany
• Realm = yourcompany.com
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL IS ticked (very important)

Microsoft-Server-Activesync Virtual Directory
• Authentication = Basic
• Default Domain = NETBIOS domain name – e.g., yourcompany
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

Exchange-oma Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NETBIOS domain name – e.g., yourcompany
• Realm = NETBIOS name
• IP Address Restrictions = Restricted to IP Address of Server
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

OMA Virtual Directory
• Authentication = Basic
• Default Domain = NETBIOS domain name – e.g., yourcompany
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

ASP.NET should be set to version 1.1 for all virtual directories listed above. If you cannot see the ASP.NET tab, you only have v 1.1 installed so do not worry. If any version other than 1.1 is selected, please change it to v 1.1.4322.

No other virtual directories are involved when using Activesync – despite having seen other postings suggesting that there are.

Also, make sure that you have HTTP Keep-Alives enabled -http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/d7e13ea5-4350-497e-ba34-b25c0e9efd68.mspx?mfr=true

Please also check that Ignore Client Certificates is selected under the IISADMPWD virtual directory / Directory Security Tab / Edit Secure Communications Button. This Virtual Directory may not exist if you have not setup the ability to reset passwords via Outlook Web Access (OWA).

For Small Business Server 2003 Users – please check this MS article -http://support.microsoft.com/kb/937635

Make sure that the name on the SSL certificate you have installed matches the Fully Qualified Domain Name (FQDN) that you are connecting to for ActiveSync – for example, mail.microsoft.com. If it does not match, either re-issue the certificate if you created it yourself, or re-key the certificate from your SSL certificate provider.

Activesync is much easier to get working with a purchased SSL certificate (installed on the default website but you can generate your own and still make it work). GoDaddy seem to be offering the cheapest SSL certificates (at the time of writing this article).

Ensure that the IP for the Default Website is set to All Unassigned and using port 80 (open up IIS, Right-Click the Default Website). If your default website is using any port other than port 80, it simply will not work, so if you have changed this to make something else work, either change it back to port 80 or stop trying to use Activesync!

If you make any changes to IIS, you will need to reset IIS settings. Please click on Start, Run and type IISRESET then press enter.

Testing:

If you have got SP2 installed, check on https://testexchangeconnectivity.com to see if everything is working properly by running the Exchange Activesync check. The site is an official Microsoft site specifically for testing Exchange installations and connectivity.

Please select ‘Specify Manual Server Settings’ (Exchange 2003 does not have native Autodiscover enabled so using the Autodiscover settings will fail).

3rd Party SSL Certificate:

Do not check the “Ignore Trust for SSL” check box

Self-Certified SSL Certificate:

Check the “Ignore Trust for SSL” checkbox.

If you are trying to make an iPhone work, then you can also download the free iPhone App ‘Activesync Tester’ and this should identify any problems with your configuration, or download the version for your PC from https://store.accessmylan.com/main/diagnostic-tools

Various Activesync Errors / Solutions:

If you make any changes to IIS settings, please run IISRESET and re-visithttps://testexchangeconnectivity.com

Activesync Error 0×86000108:
Activesync is unsuccessful and you see the error 0×86000108 on your Windows Mobile Device:
Please read the following MS Article which checks that Authenticated Users has write permissions to the %TEMP% directory (usually c:\windows\temp) –http://support.microsoft.com/kb/950796/en-us

Application Event Log 3005 Errors:
A lot of 3005 errors can be resolved by changing the Default Website Timeout value from 120 (default) to something greater, such as 480 using IIS Manager.

Inconsistent Sync:
If you are getting inconsistent Synchronisation from your device to your Exchange 2003 server, please add the following registry key to the server:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\VirusScan
ProactiveScanning REG_DWORD 1

HTTP 401 Error:
If you are getting an HTTP 401 error when testing on https://testexchangeconnectivity.com then you are probably entering an incorrect username or password, or you may have IP Address restrictions setup on your virtual directories (see IIS Settings above under prerequisites).

HTTP 403 Error:
Ensure that Forms Based Authentication is NOT turned on under Exchange Virtual Server under Exchange Protocols (Exchange System Manager, Servers, Protocols, HTTP, Exchange Virtual Server properties, Settings Tab). If it is — read http://support.microsoft.com/kb/817379

I have had Activesync work despite seeing “An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: HTTP/1.1 403 Forbidden” at the end of the test above. To resolve this (if you like things tidy), please open up Exchange System Manager, Global Settings, Mobile Services Properties, Device Security Button, Exceptions Button, then add your account to the exceptions list.

HTTP 500 Error:
If you still cannot get Activesync to work or keep getting an HTTP 500 error, please follow Method 2 in Microsoft Knowledgebase Article KB883380 (http://support.microsoft.com/kb/883380) and this should resolve the issues. This essentially deletes the Exchange Virtual Directories from the IIS Metabase (which can be corrupted) and rebuilds them. Rebuilding those virtual directories often clears up problems that all the other steps above do not resolve.

If, after following KB 883380, Activesync still does not work and it keeps coming up with HTTP 500 errors, please do the following:

• Disable Forms Based Authentication – Exchange HTTP Protocol (if enabled)
• Remove SSL settings from the Exchange IIS virtual directory
• Run iisreset
• Test Activesync without SSL selected – hopefully this should work or give the OK result
• If okay – right-click on the Exchange Virtual Directory and select all Tasks> Save Configuration to a file. Name the file Exchange and save to the desktop
• Run Regedit (and be extremely careful here as you can kill your server very easily) then right-click on My Computer and select Export. Name the file as ‘EntireRegistry’ and save the backup of the registry to the desktop
• In regedit – locate HKLM \ System \ CurrentControlSet \ Services \ MasSync \ Parameters and delete the ExchangeVDir key from the right-hand pane.
• Close Regedit
• Right-click on the default-website and select New> Virtual Directory fom File. Browse to the desktop and click on the Exchange.xml that you created above, then click on Read file, select Exchange from the ‘Select a configuration to import’ section and click on OK. Select ‘Create a new virtual Directory’ and name the directory ‘exchange-oma’ and click OK.
• Right-click on Exchange-OMA virtual directory you just created and click Browse – you should see OWA open up happily
• Open Regedit and add the ExchangeVDir key back that you recently deleted as a String Value and then change the value to read /exchange-oma
• Close regedit
• Enable SSL and require 128-Bit Encryption on the Exchange Virtual Directory to ensure it is secure once again
• Enable Forms Based Authentication (if you want to use it) on Exchange > Protocols> HTTP
• Make sure that Integrated Authentication is enabled on the Exchange Virtual Directory
• Check that the Exchweb virtual directory does not have SSL enabled
• Run iisreset
• Test Activesync – should hopefully be working now

Hopefully if you are now at the bottom of my article, your mobile phones should now be synchronising happily. If that is not the case, please review your IIS Settings carefully and start at the top of this article again.

From time to time, especially at home, ive been experiencing problems where pressing the home button takes ages for my phone to actually wake up, and then often when it does wake up, the slide to unlock screen is frozen, and I have to wait longer before I can actually slide and unlock.

Ive tried loads of things to try to figure this out, I am jailbroken, so wondered if it was that that caused the problems, but after putting the phone into flight mode, the problem went away..

After some digging around, I tried manually selecting my carrier – specifically the 3 3g one. Whilst this is far from ideal as it locks me to three’s 3g network, which means that should I go outside of that I will not automatically fall back onto the 2g infrastructure, it does seem to have sorted my problem.

More digging and reading suggests that when the phone switches from 3g to 2g, it can some times be a slow and painful process, and especially so with three’s network, as it seems they utilise other peoples 2g infrastructure, which would explain why I dont see this problem with a vodafone iPhone.

So if you are on three, it might be worth trying this, but remember you are likely to get more No Service messages if you go outside of a covered area and will need to manually either select automatic to get it back, or manually chose an alternative compatible carrier.

Using a mysql cluster configuration allows you to add nodes simply and increase the power available to you simply, its quite a involved solution with multiple nodes required as well as controller stations, added with the fact that you need the cluster nodes to be on a low latency link means it might not fit the requirement.

Using the master slave option is great if you dont need a massive amount of writes, if you want to replicate between sites, or if you just want a quick solution to provide you with a resilient platform (albeit not instant)

So to setting up the solution.

You need at least 2 nodes running ideally the same version of mysql and the master node needs port 3306 access to the slave / slaves.

Once you have set that up, you need to configure the master to push updates out to the slave, you also need to ensure that from a starting point, both the slave and the master have the same db’s etc..

So below are the steps you need to take to do this:

Edit the my.cnf on your master under the mysqld section with the follow (assuming you have a standard install and things are in the default location, adjust paths if required) :

server-id=1

relay-log=/usr/local/mysql/var/mysql-relay-bin

relay-log-index=/usr/local/mysql/var/mysql-relay-bin.index

log-error=/usr/local/mysql/var/mysql.err

master-info-file=/usr/local/mysql/var/mysql-master.info

relay-log-info-file=/usr/local/mysql/var/mysql-relay-log.info

datadir=/usr/local/mysql/var

log-bin=/usr/local/myql/var/mysql-bin

Now put the following in your slaves my.cnf

server-id=2

relay-log=/usr/local/mysql/var/mysql-relay-bin

relay-log-index=/usr/local/mysql/var/mysql-relay-bin.index

log-error=/usr/local/mysql/var/mysql.err

master-info-file=/usr/local/mysql/var/mysql-master.info

relay-log-info-file=/usr/local/mysql/var/mysql-relay-log.info

datadir=/usr/local/mysql/var

Now the configs are done, you need to sort out the users and permissions.

On the master you need to create a user that has permissions on the slave, do this as follows:

mysql> grant replication slave on *.* to useronslave@’slaves.ip.add.ress’ identified by ‘useronslavepassword’;

Obviously substituting useronslave for your actual username on the slave, slaves.ip.add.ress for your slaves ip, i.e 192.168.0.3 and your useronslavepassword for your slave users password.

Now export the database from your master to your slave, to initially create the sync, as below:

mysqldump -u root -p –all-databases –single-transaction –master-data=1 > masterdump.sql

Next copy this .sql file over to the slave and import it so the slave is now in sync, as below run this on the slave:

mysql -u root -p < masterdump.sql

Once the above dump import has finished you will need to tell the slave which master to connect to, do the following, again substituting users and passwords as appropriate (again done on the slave).

mysql> CHANGE MASTER TO MASTER_HOST=’ip.address.of.master’, MASTER_USER=’useronslave’, MASTER_PASSWORD=’useronslavepassword’;

once that is done start up the slave

mysql> start slave;

if you want to see the status of the slave, type

mysql> show slave status\G

That should be everything done, you should now have your master and slave in sync and updating themselves as required.

I used to get pretty much 2 days use out of a full charge – I dont use the phone loads, just normal texting, a few phone calls and a bit of facebook / twittering, but after the 3.1.3 firmware upgrade, I immediately found I was getting only a days worth of battery life

Wasn’t happy especially as apple stopped me from downgrading to 3.1.2 which was nice and lovely.

So to help me get the best of what I had I made 2 changes which made a big difference and have resulted in me getting my 2 days usage back, and maybe even a bit more.

1: Disable location services – Go into settings > general, and change location services to off.

This does mean you no longer have your GPS active, but if you like me only use this infrequently, i’d rather switch it on in the odd occasion I do use it, than have it sucking my battery away.

2: Disable wi-fi scanning – Go into settings > wi-fi and change Ask to Join Networks to off. This means that rather than constantly scanning for available wi-fi networks, it will only use the ones you have pre-configured. Should you want to connect to a new network, you can either switch this back on or go back into settings > wi-fi and pick it from the list or add it manually. Again this saves loads of battery time as the wi-fi is not scanning.

These 2 simple tips made a big difference to mine and a few friends iPhone life, hope it helps you too.

After much debugging on the network side, thinking that perhaps there was a misconfigured NIC with the wrong VLAN config, the problem was still happening.

So ssh’ing onto the host, I started to trawl through the log files, and came across the below in the /var/log/vmkwarning file:

Feb 17 13:44:19 vminfraboxvmkernel: 18:00:00:11.865 cpu4:4222)WARNING: NMP: nmp_DeviceAttemptFailover: Retry world failover device “naa.6090a028004f243d08ab44c26687e3dd” – issuing command 0×410002074040
Feb 17 13:44:19 vminfrabox vmkernel: 18:00:00:11.865 cpu4:4222)WARNING: NMP: nmp_DeviceAttemptFailover: Retry world failover device “naa.6090a028004f243d08ab44c26687e3dd” – failed to issue command due to Not found (APD), try again…
Feb 17 13:44:19 vminfrabox vmkernel: 18:00:00:11.865 cpu4:4222)WARNING: NMP: nmp_DeviceAttemptFailover: Logical device “naa.6090a028004f243d08ab44c26687e3dd”: awaiting fast path state update…

This was occuring repeatedly every half hour and the entries above filled the logs solidly for about 2 minutes continuously every half an hour.

After doing some digging on the google, I found out that ESX4 has a bug whereby if you have a duff or old connection to an iSCSI LUN – perhaps one that no longer exists – but you never rescanned to remove it – when the host tries to check the paths every 30 minutes, it finds this duff connection and goes through the motions of trying to find failover paths. The bug is that this causes very brief network loss to your guests.

The fix for me was to simply re-scan my adapter, which removed the old mapping to one of our removed LUNS’s and the problem went away.

To extract files from a .msi file at the command line, type:

msiexec /a PathToMSIFile /qb TARGETDIR=DirectoryToExtractTo

For example, to extract files from c:\installer.msi into c:\install you would type:

msiexec /a c:\installer.msi /qb TARGETDIR=c:\install

The destination directory does not need to exist prior to running this command.

If this doesnt work, a crude way is to rename the msi file to a rar file, winrar will then allow you to extract all the files – however… it doesnt name them properly, so I used a combination of LesMsierables a .net file which allows you to view msi files and compared the size to find the specific file I wanted..