While carrying out the steps to move our network devices from a flat network to one with purposeful VLANs I had changed the IP address of one of our HP CP3505 printers (using the web based management console) to discover that with the new IP I could not print to the printer over the network.
Oddly enough the web based management console was still accessible, the printer replied to PINGs and SNMP requests but would not print (that includes from Mac and PC!).

With no error messages other than ‘Error – Printing’ on the server, and nothing in the logs of the printer it seemed like this issue would not have a simple solution.

In trying to troubleshoot the issue I tried…

  • Changing the printers IP address to other options (indeed changing the IP back to its original one sorted the problem but was not what I wanted)
  • Firmware updating the printer
  • Pressing all of the ‘reset’ and ‘clear settings’ buttons I could find on the printer through the WBMC and front panel
  • Attaching a network cable between a laptop and the printer direct (no server or switches)
  • Removing the jet direct card and leaving it for 30 minutes while the printer was unplugged (oddly enough the jet direct card has a button battery which cannot be removed on it)

All to no success!

In the end and on a complete whim I changed the network settings of the printer to use DHCP instead of Manual IP, reset the printer and then set it back to Manual IP. It was evident that the IP address I had set previously had been forgotten and I set upon the task of configuring the IP address through the front panel. Long behold this worked and the printer is now happyily printing under its new IP address.

As some readers may know I currently work in Higher Education and while all of the business data is trivial to backup providing any level of backup service to students and academics is significantly harder. The challenges faced include the myriad of Operating Systems in use (Windows/OSX/Linux), the fact that the devices being backed up are inherently ‘untrusted’ (i.e. owned by the individual) and that they are often on networks (be it eduroam/public/home) that have no direct connectivity back to the internal trusted network.

Most enterprise class backup systems just aren’t suited to this kind of environment in that they cannot be securely published through a firewall or have exorbitant licencing costs for the number of devices to be protected (a few file servers vs 500+ student owned laptops).

One solution to this issue cropped up at a recent trade show where Synology were demonstrating their Synology DiskStation Manager NAS software which set itself apart from the traditional enterprise backup solutions with…

  • Support up to 16,000 users on high end models (and 2048 on the kind of model that we would consider using) with no extra licencing costs, users can have storage quotas set either by group or per user
  • Secure remote access (simply publish a single port which can be protected by HTTPS for encryption in transit)
  • Home grown backup clients for modern versions of Windows, OSX/macOS and Linux
  • On the point of OSX/macOS the backup client for Synology does not rely on Time Machine and so overcomes the issues associated with having to be on the same network as your backup device
  • Home grown Btrfs file system which auto detects (and fixes) corrupted files through metadata along with extensive snapshot support
  • Up to 32 recovery points and real-time file protection (when connected to the DiskStation)

So time for some screenshots! Below we have the initial setup of the Disk Station Manager and the installation of the client on a Windows PC.

Then restoring a file that has been deleted on the Windows PC; note that you can restore either individual files or entire folders to a point in time.

The same but for OSX…

So that’s all of the good, the only downside we have found thus far is while shared drives can be protected with encryption it is not possible to protect each individual home area (per user) with a unique encryption key thus opening up issues with data privacy. However, if you consider the following scenario…

  • A business needs to provide backup to remote workers
    • Those remote workers do not connect to the trusted network often
      • Perhaps they don’t like VPNs/DirectAccess (and so rules out using Offline Files)
    • and those remote workers do not use a commercial ‘cloud’ service to protect their data with
      • Perhaps trusting a 3rd party to host the data is not an option
    • The remote workers use OSX/macOS

…then using a Synology DiskStation should be a serious consideration for that business.

When working with a lab full of HPE ProCurve/Aruba switches (or you just want to know who is who in a stack of switches) the chassislocate CLI command comes in really handy by either blinking or holding solid the blue locator light. See the screenshots below for a little more info.

It’s that magical time of the year where…new network switches arrive! Given that the new Aruba branding has taken full control of what was ProCurve I thought I should post some photos of the new paintwork. Happy to say the colour black isn’t half bad!

Included in the images are

  • J9729A 2920-48G-PoE+
  • J9728A 2920-48G
  • J9731A 2920 2-Port 10Gbe SFP+ Module
  • J9733A 2920 2-Port Stacking Module
  • J9734A 2920 0.5m Stacking Cable

So this post is a more a reminder to me than anything else but…having recently come across the Microsoft TechNet article ‘Keyboard Shortcuts for the Windows PowerShell ISE’ (https://msdn.microsoft.com/powershell/scripting/core-powershell/ise/keyboard-shortcuts-for-the-windows-powershell-ise) I thought it necessary to highlight the two keyboard shortcuts….

Ctrl + J – brings up a list of code snippet templates (e.g. try-catch-finally and do-until)
Ctrl + M – expand or collapse braces

See the screenshots below for a demo and do make sure you try them yourself!

1

Picture 1 of 3

Error 8024400E appears on the clients...

After recently deploying a Windows Server 2012 R2 WSUS server (afraid we couldn’t wait much longer for 2016 (which is now out by the way!)) we started seeing Error 8024400E on our clients and servers (from 2008R2/Windows 7 to Server 2012 R2/Windows 10).

As it transpires Microsoft published KB3159706 for the WSUS server which adds some new features to be able to manage Windows 10 updates and thus requires some manual post installation steps which can be found at this link here – https://support.microsoft.com/en-gb/kb/3159706.

The steps only took a few minutes to go through so it was a pretty easy fix in the end.

In this guide I’ll show a ‘working’ method to upgrade from MySQL Server 5.1 to 5.5 on a Windows Server 2008 R2 machine. In this case MySQL Server 5.1 was installed by the Microsoft Web Platform Installer some time ago, however this version doesn’t deliver very good performance (and its horribly outdated!) so it was time to get it replaced.

The good chaps at MySQL do offer a guide on how to do this on their website – https://dev.mysql.com/doc/refman/5.5/en/windows-upgrading.html however I hope you will find this one will serve you better.

A few points to note before we continue….

  • This guide assumes you are using a default install of MySQL Server 5.1 (as delivered by the Microsoft Web Platform Installer)
  • This guide only looks at a ‘simple’ server deployment i.e. no clustering or other funky features are in use
  • It is recommended to jump only one version at a time when going from MySQL version to version e.g. 5.1 to 5.5 (there were no 5.2, 5.3 or 5.4 versions) and then 5.5 to 5.6 and 5.6 to 5.7…
  • You can download previous versions of MySQL Server from this link – http://dev.mysql.com/downloads/mysql/ just click on the ‘Looking for previous GA versions?’ link
  • Be sure to take a backup of your databases before you attempt this guide on a production machine (see https://dev.mysql.com/doc/refman/5.5/en/backup-methods.html for some ideas on how to do this)
  • If possible run through the upgrade process a few times on a testing machine (one that you can break and no one will notice) first

So on with the guide!

Final point to note….this guide only works with migrations to 5.5 from 5.1, if going to further versions you will be missing some tables which will in turn generate error messages during the upgrade process. More information on that here http://dba.stackexchange.com/questions/54608/innodb-error-table-mysql-innodb-table-stats-not-found-after-upgrade-to-mys.

Work is coming along nicely with the Server Room, we’ve now removed the last Cisco switch from our infrastructure and the HP 5400R series switch is deployed replacing the 2530 that was in its place; over time we’ll be bringing more fibre from our edge switches into this room as well hence the number of SFP+ ports on the 5400R. The entire front of the cabinet is now populated with hardware or a blanking panel as well (panels available from Comms Express) to keep things looking tidy. I wish there were a little more that I could do with the cables coming into the 5400R however with a very narrow rack there’s not much that can be done.

Some interesting things have come out of both Rucks and PaloAlto recently in that they offer Hyper-V compatible VMs for their services which could free up a further 3U of space and remove a further 4-6 cables out of the picture.

Looking for some fun ways to get more out of your your Smart Card deployment? If so have you tried……?

  1. Use Smart Cards to login to your Servers via Remote Desktop
  2. Use Smart Cards with the PowerShell Get-Credential Commandlet
  3. Use Smart Cards with your Firewall for single sign on
  4. Use Smart Cards to login to IIS Web Applications (just a box to tick and a radio option to select)
  5. Store multiple identities on your Smart Card and assign different (and perhaps more complex) PINs to the identities

Have a look at the screen shots below for some more details…

If you are looking for a free tool to manage some of the more intricate features of the Gemalto IDPrime .NET and MD cards then the Mini-Driver Manager (downloadable from http://www.gemalto.com/products/dotnet_card/resources/development.html) may well fit the bill. However it has one small downfall in that out of the box it only allows you to manage cards with the Admin Key set to 48 0s or 48 Fs with neither option being much use to anyone once they have changed the Admin PIN.

Luckily these values are only set in a INI file so its pretty easy to change them to anything else.

Please note that this guide uses a feature in Notepad++ to elevate an application to have local Admin access, you can download Notepad++ from https://notepad-plus-plus.org however you could also use plain old Notepad you’ll just need to launch it as an Administrator and browse to the INI file within Notepad.

On with the guide!!

About

my world of IT is a blog about both the business and consumer world of IT as seen by a common garden SysAdmin. For more information click here!