windows dns server and EDns – update (added namebench info/link)

I have had an issue with DNS server in Windows 2003 server previously that’s covered pretty well in this article by my buddy Marcus. The short version is that EDNS is enabled by default on 2003 server, and this doesn’t play well with the rest of the internet, so it’s best to turn it off if you are using windows 2003 for external (internet) DNS.

Right now I’m working on a Windows 2008 R2 server and was having similar problems that made me check for EDNS many moons ago on 2003 server. This link came up in a search and it says that they made EDNS off in 2008 RTM, but it’s back on again in R2. He includes a link to Microsoft’s KB article about EDNS. 

Luckily this is pretty easy to turn off. All you do is run this command:

dnscmd /config /enableednsprobes 0

I wanted to update this post with a link to a cool tool I have been using. It’s called name bench and it’s a DNS benchmarking tool. Works good, does exactly what you want, and the price is right.

Advertisement

Obama and health care – worst president ever and one of the worse ideas ever

In case you didn’t know, I think Obama has taken the torch from Jimmy Carter as the worst president we have ever had, for many reasons. Especially, I believe that this health care thing is a piss poor idea for many reasons, it’s too expensive (we don’t have the money – we cannot afford it), it increases the entitlement state, diminishes the concept of personal responsibility and is unconstitutional. I have posted about it many times on twitter and on facebook. I don’t want to get into a long discussion here as to why, mainly because I don’t have the time, and I feel like a lot of it has been said before, but what I did want to do was register my complaints in an open forum (the internets) so that google could pick up on them and to be sure that my feelings are.. what are those words? Oh yeah open and transparent.

I will probably come back later and update this post with some more info, but for now I wanted to put in some quotes I have run across in the past couple of days that I think are applicable.

If you’re not a liberal at 20, you have no heart, and if you’re not a conservative at 40, you have no head! – Winston Churchill

Government, even in its best state, is but a necessary evil; in its worst state, an intolerable one. – Thomas Paine

Amendment 10 – Powers of the States and People. Ratified 12/15/1791. Note The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

Everyone should read this.

hiding users from the welcome screen in windows

This is a bit of an annoyance for me, but when vista or w7 boots and shows you the list of users, I personally find that annoying. Here’s a link to a fix.

keeping flash full screen when you use the mouse

Since I’m a bit of a mediacenter advocate, I use the internets on the tv a lot. One of my issues with flash is that it never stays full screen if you click the mouse on another monitor. Today I ran across a how-to at lifehacker on how to fix this. It’s temporary (it will break when they upgrade versions) but it’s better than nothing.

a very cool audit utility

I have been using a very cool utility for a while now that I just realized I failed to plug, it’s called Open Audit. What it does is basically is run a wmi scan on your network (it will do nmap too) and submit that data back to a mysql database through a web service. Then there’s a fancy UI that you can do searches, queries, etc.. You can get cool stuff like hardware type, see how many sticks of ram, or an IP address, or a driver, or a hotfix.

The application is written in PHP and mysql and I run the application on a windows host (it can run on just about anything) and use XAMPP, which is a pretty cool. It’s a single download that contains apache, php and mysql, all preconfigured and ready to rock and roll. All you need is some minor configuration.

While it’s pretty cool as it comes, the real power is that you can modify it all you want. So what you can do is take one of the default “views” such as list_viewdef_all_servers.php. If you open it, there’s a sql query inside that looks like this:

SELECT * FROM `system` WHERE (system_os_name LIKE ‘%Server%’)

Then you can copy/rename the page and modify that query however you like. Here’s a modification that I made so I could find servers on our internal (but shouldn’t be) net.

SELECT * FROM `system` WHERE (system_os_name LIKE ‘%Server%’) AND net_ip_address LIKE ‘192.100%’

After doing this for every custom query that I wanted, I realized that all of this data is in a mysql database. This allows you to run queries straight up, and since you used XAMPP, well you can then log in there, choose your database, find the query window, and paste your sql query right there and get the results on the spot. It’s pretty cool.

This now leads me to a gotcha I encountered today while doing my own query this way. What I had was a query that looked like this:

SELECT * FROM `system` WHERE (system_os_name LIKE ‘%Server%’) AND net_ip_address LIKE ‘192.100%’

And I was trying to find a subnet that was 10.1.13, so I made the query like this:

SELECT * FROM `system` WHERE (system_os_name LIKE ‘%Server%’) AND net_ip_address LIKE ‘10.1.13.%’

This kept returning zero results, which I knew was not the case. After looking at the data, I saw that the IP addresses were stored like this:

010.001.013.xxx

As a result I had to change my query to look like this instead:

SELECT * FROM `system` WHERE (system_os_name LIKE ‘%Server%’) AND net_ip_address LIKE ‘010.001.013.%’

wsus and cloning vm’s

I am currently working on WSUS (windows software update services) here at work, for the most part I’m following this excellent article at Ars. After screwing around with this for much longer than I should have, I was having issues with about half the servers not showing up in the WSUS console. Many things could have been the culprit and I checked them all.. group policy, dns, firewall rules, etc. What was the most frustrating was that I could see the clients touch the WSUS server by looking in the IIS logs, and there were no errors whatsoever, but half the servers wouldn’t show up.

Eventually I realized that it was exactly half of the servers and a light bulb went off. In our environment we have a bunch of web and app servers that are all virtual, and when we build them, we get the first node working right, and then clone and rename the vm to be the redundant node in the farm.This lead me to do some searching and I found this link. Admittedly, this is an old problem, but the first time I have run across it.

The following is a repost of the pertinent bits that have caused my trouble and are the resolution for it.

5. Imaged clients with a duplicate client ID will only appear once in the WSUS Admin Console. Each AU client must have a unique id which is created for each individual install. When imaging systems it is recommended always to use SysPrep. The WSUS admin console will only display one client for each unique ID. If you have multiple clients created from one image which are sharing the same ID, only one will appear in the WSUS admin console. All clients will check in and download updates, but only one will appear and display status in the WSUS admin console. In cases where clients are not checking in, and they were created from images without running SysPrep, the following steps will reset the existing duplicative client IDs.

a. Run regedit and go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate

b. Delete the PingID, SUSClientID and the AccountDomainSID values

c. Stop and start the Wuauserv Service

d. From the command prompt run: wuauclt /resetauthorization /detectnow

or-

From the command line, once you are sure the AU client is properly configured and not disabled, you could run a batch file (which might look something like this sample) and get the same results:

rem Fixes problem with client machines not showing up on the server due to imaging method

reg delete HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate /v AccountDomainSid /f

reg delete HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate /v PingID /f

reg delete HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate /v SusClientId /f

cls

@echo Triggering detection after resetting WSUS client identity

net stop wuauserv

net start wuauserv

wuauclt /resetauthorization /detectnow