Kev's questions

Posts like this:

Most traffic in a corporate LAN is client to server nowadays, and a router not very well setup rather becomes a bottleneck AND a SPOF. and 200+ clients on a subnet wasn't a real issue 10 years ago and it won't be now, you can still read all the broadcasts with a (non-promisc) tcpdump without it becoming a blur - tiny compared to the bandwidth. And ARP work for the clients should also be no issue nowadays. – rackandboneman May 21 '12 at 19:34

...and this:

If all of you have is 50 clients, then it would not make a difference if the subnet was /8 or /24. Its the same number of clients, same amount of traffic. In any event, subnetting your network is not really based on the number of computers, but the need to segregate the systems based on security requirements, traffic isolation, etc...

...together seem to contradict advice I had been given from a network professional, who told me that my current 10.0.0.0/8 subnet (with about 20 clients and 2 servers all hooked to the same switch) was vulnerable to overloading should a client be compromised by malware, because broadcast traffic would be orders of magnitude higher than, say, on a 192.168.0.0/24 subnet. Is this perhaps what the poster of the above quote was referring to? Or is the advice out of date?

This page says:

And, not all USB disks can be presented to a VM as a passthrough disk.

That is the important part.

If the driver is strictly user mode the USB disk cannot be presented. Only a select few devices presente themselves in a way that the system (outside the user session) can properly access and control the disk.

Suppose I wanted to use this functionality, but then needed a replacement for my USB disk. How would I tell before buying if it has this capability?

Note: I am assuming, from the context, that this is separate from the capability to "offline" the disk, which, AFAICT from posts elsewhere, is (thought to be) 1:1 tied to whether it's a spinning USB hard disk rather than a stick or other flash/SSD-ish beast. If this isn't correct, apparently I'd also need to know before buying whether a particular USB disk is offline-able.

I have an AVHDX file that is part of a broken snapshot chain. However, I'm fairly certain there will be useful contiguous data on the last AVHDX in the chain, if I can run forensic tools on it. I have a tool under a Linux VM ready, and want to attach the AVHDX as a new IDE drive, but HyperV tells me it's corrupted when I try to click OK in the Settings dialog of the VM. Is there some way to force it to accept the AVHDX despite corruption and still have it boot?

I once in a while get this message in my rsnapshot log, and an identical message in /var/log/messages. Unfortunately, there is no other deviation from normal output, despite loglevel 5 in /etc/rsnapshot.conf, besides a summary warning at the end:

[24/Feb/2014:11:00:02] /usr/bin/rsnapshot daily: started
[24/Feb/2014:11:00:02] Setting locale to POSIX "C"
[24/Feb/2014:11:00:02] echo 9045 > /.../temp/rsnapshot.pid
[24/Feb/2014:11:00:02] /bin/rm -rf /mnt/backup/.snapshots/daily.5/
[24/Feb/2014:11:00:48] mv /mnt/backup/.snapshots/daily.4/ /mnt/backup/.snapshots/daily.5/
[24/Feb/2014:11:00:48] mv /mnt/backup/.snapshots/daily.3/ /mnt/backup/.snapshots/daily.4/
[24/Feb/2014:11:00:48] mv /mnt/backup/.snapshots/daily.2/ /mnt/backup/.snapshots/daily.3/
[24/Feb/2014:11:00:48] mv /mnt/backup/.snapshots/daily.1/ /mnt/backup/.snapshots/daily.2/
[24/Feb/2014:11:00:48] mv /mnt/backup/.snapshots/daily.0/ /mnt/backup/.snapshots/daily.1/
[24/Feb/2014:11:00:48] mkdir -m 0755 -p /mnt/backup/.snapshots/daily.0/
[24/Feb/2014:11:00:48] /usr/bin/rsync -a --delete --numeric-ids --relative --delete-excluded --exclude={/dev/*,/proc/*,/sys/*,/tmp/*,/run/*,/mnt/*,/media/*,/lost+found,/home/srv/recycle/*} --exclude=mnt/backup/.snapshots --link-dest=/mnt/backup/.snapshots/daily.1/.../ /. /mnt/backup/.snapshots/daily.0/.../
[24/Feb/2014:11:02:13] Some files and/or directories in / vanished during rsync operation
[24/Feb/2014:11:02:13] touch /mnt/backup/.snapshots/daily.0/
[24/Feb/2014:11:02:13] No directory to delete: /mnt/backup/.snapshots/_delete.9045
[24/Feb/2014:11:02:13] rm -f /home/kev/scheduled/temp/rsnapshot.pid
[24/Feb/2014:11:02:13] WARNING: /usr/bin/rsnapshot daily: completed, but with some warnings

What could it be? Why doesn't it report which files vanished even though I have it on the highest loglevel? (Or do I not even have the loglevel setting right? Because this doesn't seem very verbose.)

Once every few days, seemingly at random, our backup to an external USB hard disk fails on our hp DL380 G5 server running CentOS 6.4 64-bit. If I cd /mnt/backup and run ls it complains ls: reading directory .: Input/output error, but mount -l reports /dev/sda1 on /mnt/backup type ext4 (rw). When I get someone on-site to check it out, they invariably report that the light on the external drive is slowly blinking, which is apparently normal for a sleep state. But I don't ask it to go into a sleep state until after rsnapshot runs, but rsnapshot causes my script to fail before that even has a chance to happen. Is it trying to save power? How can I get it to not do this?

rsnapshot complains:

/usr/bin/rsnapshot daily: ERROR: /mnt/backup/.snapshots does not exist.

Of course, if the person on-site unplugs and replugs the drive, I can remount it, and .snapshots certainly does exist and rsnapshot will run without errors. For a while until the next random occurrance, that is. BTW, this is a pretty new WD Passport drive.

So how do I tell it to stay awake?

I installed a DHCP server (yum install dhcp) and this is my conf:

# create new
# specify domain name
option domain-name "mydomain.name";

# specify DNS's hostname or IP address
option domain-name-servers 10.0.1.1, 10.0.1.2;
option ntp-servers 10.0.1.1, 10.0.1.2;

allow unknown-clients;

# default lease time
default-lease-time 2628000;

# max lease time
max-lease-time 2628000; # about a month

# this DHCP server to be declared valid
authoritative;

# specify network address and subnet mask
subnet 10.0.0.0 netmask 255.0.0.0 {

        # specify the range of lease IP address
        range dynamic-bootp 10.0.2.1 10.0.2.50;

        # specify broadcast address
        option broadcast-address 10.255.255.255;

        # specify default gateway
        option routers 10.0.0.1;

        allow unknown-clients;

}

service dhcpd start reports [ OK ]. Yet, if I disable my other DHCP server (Win2k3) and get a client to try renewing its IP lease, it times out.

So I installed dhcping. No matter what options I try, including directing dhcping at my server, adding a client address in the range, adding my hardware address, it replies 'no answer'. I'm also trying -i since that seems to be more akin to what a WinXP client would try to do, based on /var/log/messages. It logs the attempts (from sudo dhcping -V -i -s 255.255.255.255 -c 10.0.2.15 -h 00:11:25:66:4e:7f here) as:

Oct 24 18:55:13 newdc dhcpd: DHCPINFORM from 10.0.2.15 via eth0
Oct 24 18:55:13 newdc dhcpd: DHCPACK to 10.0.2.15 (00:11:25:66:4e:7f) via eth0

Yet the client (running on the DHCP server) says:

setup
inform
packet 247 bytes
01 01 06 00 77 48 6a 52 00 00 00 00 0a 00 02 08 
00 00 00 00 00 00 00 00 00 00 00 00 00 1f 29 e1 
aa 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 
35 01 08 37 01 01 ff 
op: 1
htype: 1
hlen: 6
hops: 0
xid: 77486a52
secs: 0
flags: 0
ciaddr: 10.0.2.8
yiaddr: 0.0.0.0
siaddr: 0.0.0.0
giaddr: 0.0.0.0
chaddr: 00:1f:29:e1:aa:14:00:00:00:00:00:00:00:00:00:00
sname : .
fname : .
option 53 DHCP message type
        DHCP message type: 8 (DHCPINFORM)
option 55 
no answer
close

No answer? It sounds like it got sent out...

This is with /etc/sysconfig/dhcpd limiting to eth0 and iptables stopped.

Update: oddly enough, a WinXP client seems to have leased an IP successfully with this setup. Why does dhcping fail then, with or without -i? Kinda makes it useless as a testing tool...

I was having this problem before on a USB drive, but now it's happening on my main RAID5-backed hard disk:

2013-10-17 9:37 C:\>dir "C:\Shares\Shared\Reference\Safety Management System\Vid
eo CD\AutoPlay\Docs\Manuel*"
 Volume in drive C has no label.
 Volume Serial Number is 3C18-E114

 Directory of C:\Shares\Shared\Reference\Safety Management System\Video CD\AutoP
lay\Docs

2003-09-09  11:29 PM         1,056,768 Manuel d'intervention d'urgence MFC.doc
2004-06-20  10:36 PM           139,849 Manuel d'intervention d'urgence MFC.pdf
               2 File(s)      1,196,617 bytes
               0 Dir(s)  196,068,691,968 bytes free

2013-10-17 9:38 C:\>dir "C:\Shares\Shared\Reference\Safety Management System\Vid
eo CD\AutoPlay\Docs\Manuel d'intervention d'urgence MFC.doc"
 Volume in drive C has no label.
 Volume Serial Number is 3C18-E114

 Directory of C:\Shares\Shared\Reference\Safety Management System\Video CD\AutoP
lay\Docs

File Not Found

2013-10-17 9:38 C:\>

This is from a Command Prompt window where I went to Properties and told it I wanted to modify who it ran as. I opened it, had it run as me with the "restricted access" unchecked, then ran the above.

The file in question has the following ACLs: Administrators, SYSTEM, and OurCompanyUsers. All three have full control of everything. Nobody has any Deny bits set. I am a member of Administrators. So I don't believe it's a permissions issue.

It's not a USB drive, so this time there is no question of USB hardware.

Windows Server 2003 Standard Edition SP2.

What does this mean? Is this more likely a hardware or software problem?

Switched recently from W2K3 to Samba4.0.9/CentOS6.4 for our fileshare for WinXP clients.

Have an ancient (1995!) piece of software that uses 8.3 filename format. After the switch, long filenames became useless in the context of the File->Open dialog box. Instead of the first few characters, we get maybe 1 character the same if we're lucky, which in a directory of thousands makes it impossible to find. For example, instead of "S:\Air conditioning control system" becoming "S:\AIRCON~1" like it would before, it's displayed in this program as "S:\A51FHG~S".

In our directory of client identifiers with their contact names appended, formerly directory mangling would leave enough characters intact that client identifiers could still be used. Not anymore.

None of the settings in the docs seem to talk about this exact problem. In fact, they seem to show it the way we were used to. Our smb.conf doesn't use any of the settings because the defaults seem to be what we want, according to the docs. Any hints?

We outgrew a few older external USB backup drives, and purchased WD My Passport 1 TB USB 3.0 drives to replace them.

When they are plugged into the front of our G4, it will blink forever after the BIOS (which is current, BTW) and never boot, even though the USB disks are not "bootable" per se.

Our old drives did not exhibit this behaviour (so I don't think it's this type of issue that I've read about other servers.) The old drives were USB 2.0, but this shouldn't make a difference, AFAICT--the specs say all of the G4's USB ports are the same, 2.0, anyway, so I'm not sure how one port would handle a USB 3.0 device better than another.

If we plug the new drives in one of the back slots, it boots fine.

What's the (most likely) cause? My concern is that the front USB port, and possibly the motherboard, might be starting to die.

(We are experiencing other strange issues with them, or were initially, like intermittent file permissions errors despite wide-open ACL on these local drives, but some serverfault users have me convinced they may be coincidental software/security related issues.)

Update: I found that there was a missing SES driver that Western Digital's site was able to provide. I installed this. After that, one of the two drives (which had had less problems so far) I could not get to prevent the server from rebooting using the front port. I plugged in the other one into the front port, which I had reformatted elsewhere, and it also allowed the server to boot. After reformatting again just for equal comparison and doing a backup--which this time had no issues--and restarting, however, the server would not boot with it plugged in. Since I am apparently getting a marked difference between the two drives, I'm wondering if one of the drives has an issue, although I do not exclude the possibility of the USB port or motherboard having issues. Another thing I noticed is that, contrary to the specs which only mention USB 2.0 for all 4 ports, in the BIOS's hardware list, there are 4 USB 1.1 lines and only 1 USB 2.0 line. That adds up to more than the total physical ports that I can see, unless there's an internal one like on a G5, so perhaps that doesn't mean that anything is necessarily running at 1.1.

This page has installation instructions for an update to the BIOS. Assuming our G5 does not have Windows on it, can someone enlighten me as to how this works? Does it make a bootable USB stick for you to then plug into the G5? It won't try to flash the BIOS on whatever Windows computer you happen to have around, will it? All it says is a web page will open with more info, but I don't want to try installing it on a Windows machine until I know what it actually wants to do...

Update: forgot the link. I'm surprised this scored so high meanwhile :)

I can DIR a file and it doesn't exist, but DIRing its directory, or a file in the same directory as it, works fine.

Is this a hardware or software problem? If it's hardware, is it the drive or something worse?

2013-06-13 9:35 C:\>dir  E:\Shares\Users\Test\Desktop\XAV-1.htm
 Volume in drive E is BKUP2013-1
 Volume Serial Number is 1AEA-6007

 Directory of E:\Shares\Users\Test\Desktop

File Not Found

Yet:

2013-06-13 9:36 C:\>dir  E:\Shares\Users\Test\Desktop
 Volume in drive E is BKUP2013-1
 Volume Serial Number is 1AEA-6007

 Directory of E:\Shares\Users\Test\Desktop

2013-06-12  07:15 PM    <DIR>          .
2013-06-12  07:15 PM    <DIR>          ..
[snip]
2006-05-04  03:48 PM             1,232 Customer Files.lnk
2009-09-03  09:06 AM               767 Internet Explorer.lnk
2010-03-11  09:49 AM               104 My Computer.lnk
2004-01-02  04:50 PM             1,221 Reference Material.lnk
2011-11-18  05:08 PM               482 Shortcut to Downloads.lnk
2013-04-27  03:07 AM    <DIR>          Unused Desktop Shortcuts
2013-06-12  02:41 PM             2,710 XAV-1.htm
2011-01-10  03:31 PM        21,637,284 XP_EzTrends_1.0.3835.exe
              11 File(s)     27,977,417 bytes
               3 Dir(s)  670,902,140,928 bytes free

And a sibling:

2013-06-13 9:36 C:\>dir  E:\Shares\Users\Test\Desktop\XP_EzTrends_1.0.3835.exe
 Volume in drive E is BKUP2013-1
 Volume Serial Number is 1AEA-6007

 Directory of E:\Shares\Users\Test\Desktop

2011-01-10  03:31 PM        21,637,284 XP_EzTrends_1.0.3835.exe
               1 File(s)     21,637,284 bytes
               0 Dir(s)  670,902,140,928 bytes free

Furthermore, I can open XAV-1.htm no problem, and it has the same ACL profile as XP_EzTrends...exe.

Regarding ACL, if I right-click either C: or E: drives in My Computer, and hit Security, both of them show SYSTEM as having Full Control. As I understand it, this refers to NT AUTHORITY\SYSTEM. UPDATE: Furthermore, the ACL is the roughly same as the old drive we used to use for E: which is now too small for us. I plugged it in and checked, and if anything the ACL is more restrictive on the old drive, with read-only for Users. However, for SYSTEM, Everyone, and Administrators, both old and new allow full access. (Which maybe is too loose, but then that's even more on the side of "it should be working.") UPDATE 2: I turned on auditing and checked the event log, which if it's like 2008 should make an event in the Security log with category Object Access, but my Security log does not have any like that. I wonder if the footnote here about domain policies trumping applies here, even though this is on a domain controller. UPDATE 3: Okay, I have managed to get Object Access entries to show up, by enabling Object Access logging in general in the domain / domain controller policy areas, in addition to requesting it on the specific folder, for Everyone, me, and SYSTEM, for any kind of access whatsoever. However, running a backup does not generate any entries, they come from using the MMC snap-on.

UPDATE 4: I modified the backup script to manual byte-for-byte verify all files in the Desktop directory in addition to the random statistical sample it normally does, and reformatted the drive in exFAT, so every file would be copied from scratch. I only got Success Audit Object Access entries when those files were touched by the verify step. I'm now trying the same thing on the second of the two drives, which was the flakier-seeming one, so we'll see what it says.

UPDATE 5: Oddly, the Test and SYSTEM users both have alternating Success Audit entries from during the backup for the Desktop directory. No failures though. Meanwhile, I'm watching ROBOCOPY do its thing, and it has had no trouble for a good chunk of the backup. Now it's failing on every file, starting with this (last successful file and first two fails--since then it seems to do runs of successes and failures):

\C\Rebuild\Apache\httpd-2.2.24-win32\Apache2\modules\mod_version.so
            New File               11776 2013/02/25 20:09:27    C:\scheduled\res \C\Rebuild\Apache\httpd-2.2.24-win32\Apache2\modules\mod_vhost_alias.so
          New Dir          4    C:\scheduled\res\C\Rebuild\Backup\
            New File              14.7 m 2010/12/01 17:09:00    C:\scheduled\res \C\Rebuild\Backup\cbSetup.exe 2013/07/10 17:37:04 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\cbSetup.exe The system cannot find the path specified. Waiting 1 seconds... Retrying...
            New File              14.7 m 2010/12/01 17:09:00    C:\scheduled\res \C\Rebuild\Backup\cbSetup.exe 2013/07/10 17:37:06 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\cbSetup.exe The system cannot find the path specified. Waiting 1 seconds... Retrying...
            New File              14.7 m 2010/12/01 17:09:00    C:\scheduled\res \C\Rebuild\Backup\cbSetup.exe 2013/07/10 17:37:08 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\cbSetup.exe The system cannot find the path specified. Waiting 1 seconds... Retrying...
            New File              14.7 m 2010/12/01 17:09:00    C:\scheduled\res \C\Rebuild\Backup\cbSetup.exe 2013/07/10 17:37:09 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\cbSetup.exe The system cannot find the path specified.

ERROR: RETRY LIMIT EXCEEDED.

            New File               2.0 m 2010/03/04 16:18:28    C:\scheduled\res \C\Rebuild\Backup\diffutils-2.8.7-1.exe 2013/07/10 17:37:10 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\diffutils-2.8.7-1.exe The system cannot find the path specified. Waiting 1 seconds... Retrying...
            New File               2.0 m 2010/03/04 16:18:28    C:\scheduled\res \C\Rebuild\Backup\diffutils-2.8.7-1.exe 2013/07/10 17:37:11 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\diffutils-2.8.7-1.exe The system cannot find the path specified. Waiting 1 seconds... Retrying...
            New File               2.0 m 2010/03/04 16:18:28    C:\scheduled\res \C\Rebuild\Backup\diffutils-2.8.7-1.exe 2013/07/10 17:37:12 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\diffutils-2.8.7-1.exe The system cannot find the path specified. Waiting 1 seconds... Retrying...
            New File               2.0 m 2010/03/04 16:18:28    C:\scheduled\res \C\Rebuild\Backup\diffutils-2.8.7-1.exe 2013/07/10 17:37:13 ERROR 3 (0x00000003) Copying File C:\scheduled\res\C\Rebuild \Backup\diffutils-2.8.7-1.exe The system cannot find the path specified.

ERROR: RETRY LIMIT EXCEEDED.

And yet:

2013-07-1017:45 C:\>dir C:\scheduled\res\C\Rebuild\Backup\cbSetup.ex
 Volume in drive C has no label.
 Volume Serial Number is 3C18-E114

 Directory of C:\scheduled\res\C\Rebuild\Backup

2010-12-01  01:09 PM        15,492,608 cbSetup.exe
               1 File(s)     15,492,608 bytes
               0 Dir(s)  240,190,017,536 bytes free

2013-07-1017:45 C:\>dir C:\Rebuild\Backup\cbSetup.exe
 Volume in drive C has no label.
 Volume Serial Number is 3C18-E114

 Directory of C:\Rebuild\Backup

2010-12-01  01:09 PM        15,492,608 cbSetup.exe
               1 File(s)     15,492,608 bytes
               0 Dir(s)  239,572,938,752 bytes free

2013-07-1017:46 C:\>

UPDATE 6: Stranger still, it appears to have actually copied the file it supposedly gave up on, and with a strange datestamp (which it did for its sibling files in the same dir):

2013-07-1017:46 C:\>dir e:\IN\Rebuild\Backup\cbSetup.exe
 Volume in drive E is BAERO2013-2
 Volume Serial Number is 76F0-668E

 Directory of e:\IN\Rebuild\Backup

1980-01-01  08:00 PM        15,492,608 cbSetup.exe
               1 File(s)     15,492,608 bytes
               0 Dir(s)  822,191,718,400 bytes free

2013-07-1018:05 C:\>

And, for ones I'm pretty sure didn't error out (it's past what I can scroll back to in the command window now), a random smattering of them have their timestamp messed up (ROBOCOPY's way of marking them incomplete):

2013-07-1018:05 C:\>dir e:\IN\Rebuild\Apache
 Volume in drive E is BAERO2013-2
 Volume Serial Number is 76F0-668E

 Directory of e:\IN\Rebuild\Apache

2013-07-10  05:36 PM    <DIR>          .
2013-07-10  05:36 PM    <DIR>          ..
1980-01-01  08:00 PM         6,042,112 httpd-2.2.15-win32-x86-openssl-0.9.8m-r2.msi
2013-07-10  05:36 PM                80 httpd-2.2.15-win32-x86-openssl-0.9.8m-r2.msi.md5
1980-01-01  08:00 PM         6,085,632 httpd-2.2.17-win32-x86-openssl-0.9.8o.msi
2013-07-10  05:36 PM                76 httpd-2.2.17-win32-x86-openssl-0.9.8o.msi.md5
1980-01-01  08:00 PM         9,097,535 httpd-2.2.23-win32-ssl_0.9.8.zip
1980-01-01  08:00 PM         9,257,408 httpd-2.2.24-win32.zip
2012-11-06  05:23 AM             2,251 service-dependencies--unused.reg
2010-10-20  07:51 AM             2,410 services.bat
2013-05-28  06:57 AM             2,665 services-splittest.bat
2012-11-06  05:58 AM             2,448 services-upgradetest.bat
2013-07-10  05:36 PM    <DIR>          httpd-2.2.24-win32
              10 File(s)     30,492,617 bytes
               3 Dir(s)  821,313,273,856 bytes free

2013-07-1018:07 C:\>

Yet, as you can see, the files on C, in the volume shadow copy of C being backed up by ROBOCOPY, and E, which was formatted just before ROBOCOPY began, are byte-for-byte identical using cmp.exe:

2013-07-1018:13 C:\>c:\scheduled\res\cmp.exe --verbose c:\scheduled\res\C\Rebuild\Apache\httpd-2.2.24-win32.zip e:\IN\Rebuild\Apache\httpd-2.2.24-win32.zip

2013-07-1018:13 C:\>c:\scheduled\res\cmp.exe --verbose c:\Rebuild\Apache\httpd-2.2.24-win32.zip e:\IN\Rebuild\Apache\httpd-2.2.24-win32.zip

2013-07-1018:13 C:\>

UPDATE 7: Now I see some files going by saying The process cannot access the file because it is being used by another process. and others saying The system cannot find the path specified.. Both messages seem to be red herrings, because I'm running ROBOCOPY with /B which means it runs as Backup Operator and should have access to all local files, which is what these are. Also I'm looking at the Open Files MMC snap-in and they aren't. I even used LockHunter on one of the "being used by another process" files right after it complained, and LockHunter has never failed in my experience, yet it says nothing is using it. I've kicked all users off and I'm the only one logged in, and I'm certainly not touching random groups of files like this. I've disabled the task scheduler, and verified that my robocopy is the only robocopy process running right now.

UPDATE 8: Since reformatting to exFAT, I hadn't tried a CHKDSK /R, so I did that. 0 KB in bad sectors, it says, after 7 hours (it's a 1 TB drive.)

This is on a weeks-old WD USB external drive. Time to take it back? Or is our USB port going? Or what?

UPDATE 9: We just tried a loaner 1 TB drive from a local business which is USB 2.0 instead of USB 3.0, just like our former drives were (but bigger). It doesn't exibit the exact same behaviour as the original question, but during the backup the verify step did fail saying the file didn't exist on E:, even though, afterwards, it does and I can DIR it alone unlike above.

The last three midnights I've gotten an Event ID 539 in the log...about my own account:

Event Type: Failure Audit
Event Source:   Security
Event Category: Logon/Logoff 
Event ID:   539
Date:       2010-04-26
Time:       12:00:20 AM
User:       NT AUTHORITY\SYSTEM
Computer:   SERVERNAME
Description:
Logon Failure:
    Reason:     Account locked out
    User Name:  MyUser
    Domain: MYDOMAIN
    Logon Type: 3
    Logon Process:  NtLmSsp 
    Authentication Package: NTLM
    Workstation Name:   SERVERNAME
    Caller User Name:   -
    Caller Domain:  -
    Caller Logon ID:    -
    Caller Process ID: -
    Transited Services: -
    Source Network Address: -
    Source Port:    -

It's always within a half minute of midnight. There are no login attempts before it. Right after it (in the same second) there's a success audit entry:

Logon attempt using explicit credentials:
 Logged on user:
    User Name:  SERVERNAME$
    Domain:     MYDOMAIN
    Logon ID:       (0x0,0x3E7)
    Logon GUID: -
 User whose credentials were used:
    Target User Name:   MyUser
    Target Domain:  MYDOMAIN
    Target Logon GUID: -

 Target Server Name:    servername.mydomain.lan
 Target Server Info:    servername.mydomain.lan
 Caller Process ID: 2724
 Source Network Address:    -
 Source Port:   -

The process ID was the same on all three of them, so I looked it up, and right now at least it maps to TCP/IP Services (Microsoft).

I don't believe I changed any policies or anything on Friday. How should I interpret this?

Can I move the directory a local Mercurial repository is contained in without breaking it, or does it know where it lives and expect it to live there forever? (Coming from SVN with its switch/relocate requirements for moving local repos.)

We have a fairly new server running Windows 2003 SP2, and the past few days we've noticed random slowdowns. When I'm logged into the server over remote desktop while this is happening, or if I'm physically sitting at the server logged in, suddenly everything becomes extremely laggy. Any UI element I try to interact with takes upwards of ten seconds to react, and then responds very slowly. Then a minute later everything is quite snappy again. During this, I have Task Manager minimized to the tray, and there's no CPU usage. I open it up right after this happens, and there's very little CPU usage on the graph, and no memory or pagefile usage above normal. (Normal being 1.5 GB free in the case of memory.) This is what I see logged into the server, and then users start calling saying things are slow, timing out, and failing--anything to do with our server.

No events in the Event Viewer around the times this happens. The context I'm working in (last thing I clicked, etc.) seems different every time--different programs active, different combinations of programs open. Never anything particularly stressful (like adding an event entry to a Cobian Backup configuration, or editing text in TextPad, which has been exceptionally stable in my extensive usage of it.)

I would've thought it was just the server, but a family member's home PC (entirely separate) running WinXPSP3 had the same thing happen to it last night a few times. Is this some new behaviour introduced by the latest Windows Updates? Either way, where do I even start to look when nothing seems to be chewing up resources?

I noticed on the Windows DHCP service there's an option to add SMTP servers to the information provided to DHCP clients. I've never heard of this before, but it sounds useful, especially for when our ISP's SMTP server experiences problems. How would I get, e.g., Thunderbird to get its SMTP settings via DHCP?

I've been thinking of trying out some freeware cluster software. IIUC two of the main things we use servers for, Apache and PostgreSQL, can be set up to run redundantly on clusters by load-balancing modules and Slony-I replication. Filesharing can be too, probably a little more easily.

What are some typically important services you wouldn't be able to host on a cluster (i.e., you would more or less be stuck with hosting on a single, beefy machine?)

Newb question:

I have two servers, call them OLD and NEW, on a domain that are apparently replicating Active Directory just fine.

The last time I had this setup it was to migrate from 2000 to 2003. I had to do the whole "create BDC, promote, disconnect old PDC (now a BDC)" thing.

This time I'm just going from 2003 to 2003 on different hardware. Now that they're replicating, do I just down the old server?

(Thanks for the help, it's hard to google things when you don't know the current and/or proper terminology to describe what you're trying to do.)

An IT company is trying to sell me netbooks, but because they're "business" rather than "home" they're twice the price for less than the same specs. Adding insult to injury, we're quoted separately on power adapters, which add about 10% to the unit cost.

Do they really not come with power adapters? Am I the only one who thinks that's ridiculous? Is that a standard thing from Asus, HP, etc.?

The only other difference I can see is that they come with XP Pro instead of XP Home...but even that's not the case for all the units.

Is there different hardware? Is there even really a different class of netbook for businesses, or is it all made up? (Re: made up: For instance, we have Bell "Business" DSL at work, and they shipped us a DSL modem labelled "SpeedTouch HOME". Since they're service doesn't have any more uptime than I get at home, I assume they're just charging double because we're a business and they're therefore allowed to force us to buy "business" service even if it's exactly the same as their home service.)

This is on Win2k3sp2, using TortoiseSVN 1.6.5 and SlikSVN 1.6.3.

I have a folder in a repo, call it /a/b, which I want to become /a/c/d in the same repo. I have tried just moving the folder and renaming it, and then committing, and apparently it gets confused, because the .svn folder thinks it's still under the old name, and if it does work, it's a two-commit thing where /a/b is deleted and /a/c/d is brand new, which is no good, because then I lose the history attached to each file.

I started poking around and found "relocate," which comes with a huge warning and convinces me not to use it. Then there's "switch," which, although I thought "relocate" was a more intuitive way of describing what I wanted to do, seemed to be the appropriate option. So I did that, and it took a long time, even though there were only a few files within /a/b (like maybe 8 folders, each containing a file or two), and now:

1. /a/b is still there
2. half the folders in /a/b are gone
3. the remaining folders in /a/b give me an error when I try to look inside them: "/a/b/e is not accessible. Access is denied."
4. /a/c/b (not /a/c/d as I had told it!) was created but stayed empty
5. I tried an update and now some folders are back in /a/b, but not all

My question then is in two parts:

1. How do I clean this up?
2. What's the proper way to move a folder as I described?

I have a scheduled task that runs a batch file, and even though I can see the results of it completing successfully, according to the task scheduler it fails with error 0xff, every time.

I have other batch files scheduled that also complete successfully and return 0x0 as they should. The only difference I can see between these files is that the working ones end with:

IF ERRORLEVEL 1 (
    ("notify me" script here)
)

whereas the broken one ends with:

IF %2==something (
    (run a program here)
    IF ERRORLEVEL 1 (
        (same "notify me" script here)
    )
)

Does an IF block return 0xff if false or something? What's the deal?