Your basic ITPro blog... What's going on at work, what I'm interested in.

Saturday, March 28, 2009

Multi-Homed Domain Controller = FAIL!

Apparently, this is not a good idea…

I am just finishing my crawl walk down a long and winding path. It all started when we began having problems authenticating our wireless clients against our IAS server. We have a DC running IAS. This DC also runs an app for our VoIP phones. As such, this DC has two NICs, one on our DATA VLAN and one on our VOICE VLAN.

The IAS authentication problem would show up sporadically. Using WireShark, we would see authentication requests coming from the WLC to our IAS box, but no responses going back out. Things would just ‘black hole’ at the IAS box. I ended up opening tickets with both Cisco and Microsoft on this problem. Until we found a solution, our only sure-fire way to fix things (for a time) was to reboot the IAS/DC server.

It didn’t take long to notice that the WLC was working as expected. So, we focused on the Microsoft side of the equation. To their credit, Microsoft stuck with us as we worked through this. We had this ticket open for a few weeks and ran through various levels of support and various engineers. It wasn’t until we got to “level 3” support at Microsoft that we found the problem. This engineer suspected something that no one (me included) thought to even check… Could requests be coming in on one NIC and going out the other? As they say… EUREKA!

Of course, the first thing we had to do was wait… because, you know, we couldn’t exactly trigger this problem, or time it, or predict it. It would just happen all of a sudden. But, the next time we saw the problem, I ran WireShark on both interfaces. Sure enough, requests were coming in on one NIC and going out the other. The WLC didn’t like that, not one bit.

So, we had found our problem. Unfortunately, fixing the problem isn’t as easy as disabling one of the NICs. I mean, that works in the short-term, but it is not a solution. The phone paging system uses the voice VLAN NIC, as do our phones. We had a couple of phones give fits trying to register with the CallMan last week. I had disabled the voice VLAN NIC. Re-enabling this brought my phones back up.

This particular issue was easily resolved by putting an IP Helper address on the voice VLAN on the router. Phones now get their DHCP responses from the data VLAN.

But, we still have to fix the paging app. It has to have a NIC on the voice VLAN, so it looks like we will be migrating this app to its own box… Probably a better solution anyway.

Moral of the story: multi-homed DCs can cause problems… Also, don’t try to do too much on your DCs (or any box, for that matter).

Tuesday, March 10, 2009

GMail’s Archive feature in Outlook… PART 2

I am following up on my original post, available here.

These are the actual steps (as best as I remember them) that I followed to create this setup.

  1. Open Outlook
  2. Click Tools|Macro|Macros
  3. Enter ‘MoveTo_Archive’ (without quotes) as the Macro Name
  4. Click ‘Create’
  5. Paste code into Module1
  6. NOTE: Change the code in the MoveTo_Archive Sub, replacing <MyMailbox> with your actual mailbox name
  7. ALSO: Make sure the ‘_Archive’ folder exists in your mailbox.

That should do it. Hope this helps.

…not sure what I would screencap.

Wednesday, March 4, 2009

Powershell – Preserving history for future sessions

Typing ‘exit’ in a Powershell console, as you would imagine, exits the console. I use PowerShellPlus almost exclusively (and love it!). Typing ‘exit’ while in PowerShellPlus (known affectionately as simply “teh+”) gives you the option of closing the app or starting a new, clean console session. I often use this as a quick way to clean out my console environment.

I have also written a small function, named ‘exitt’, that exits AFTER securing the console. I sign all of my scripts. But sometimes, while working on something, I will set my Execution Policy to ‘remotesigned’ for a while. But, I pretty much always set my Execution Policy to ‘allsigned’ before exiting. That way, nothing unsigned by myself will accidentally (or maliciously… am I paranoid?) run the next time I start Powershell.

Anyway, back to my point…

When I type ‘exit’ or run my ‘exitt’ function and stay in teh+, my history is wiped out. This usually isn’t a problem. But, there are times when I want a clean, fresh console AND my history. To that end, I tweaked my ‘exitt’ function and my profile a bit.

(NOTE: I did this before really researching things on the Internet. There are probably better ways of handling this, but this works for me).

The meat of my ‘exitt’ function looks like this:

  1. param  
  2. (  
  3.     [Parameter(Position=0, Mandatory=$false, ValueFromPipeLine=$false)] 
  4.         [switch]$history = $false 
  6. # Call Secure-Console function to set executionPolicy to AllSigned 
  7. Secure-Console 
  9. # If switched, export history for future use. Otherwise, blow out history 
  10. if ($history
  11.     Get-History | Export-Clixml "c:\scripts\hist.xml" -Force 
  12. else 
  13.     Remove-Item "c:\scripts\hist.xml" -Force -ea SilentlyContinue 
  15. #Close Program 
  16. exit 

So, if I run the function with the –history switch, it writes the current history out to an XML file.

Then, my profile has this bit:

  1. if (Test-Path "c:\scripts\hist.xml"
  2.     Add-History (Import-Clixml "c:\scripts\hist.xml"
  3.     Remove-Item "c:\scripts\hist.xml" -Force -ea SilentlyContinue 

Pretty simple, and it works for me.

After writing this, I did a quick search in the ‘tubes and came across JSnover’s solution to this. Maybe I will do that first next time. 


Monday, March 2, 2009

GMail’s Archive feature in Outlook…

I love this feature. This, plus GMail’s great search, keeps my Inbox clean while making all of my past mail easily accessible. Of course, all you GMailers out there already know this.

Now, when it comes to Outlook… well… not so much.

I used to just delete stuff and use the ‘Deleted Items’ folder as my archive folder. But, that is not really an ideal solution. So, I thought that I would create an Archive folder and then move message to that instead. After some searching, I found and modified a Macro. This code is not original to me. Unfortunately, I didn’t document where I got it, so I can’t give proper credit. I even searched some this morning, looking for the original again, with no luck. But, whoever you are, thank you!

Tie this to a button and a key combo, and you have a nice archive folder. Works great for me… My Inbox is clean and I know where to look for past emails.


Sub MoveMessages(strFolder As String)
    Dim olkItem As Object, _
        olkFolder As Outlook.MAPIFolder
    Set olkFolder = OpenMAPIFolder(strFolder)
    If TypeName(olkFolder) = "MAPIFolder" Then
        For Each olkItem In Application.ActiveExplorer.Selection
            olkItem.UnRead = False
            olkItem.Move olkFolder
    End If
    Set olkFolder = Nothing
    Set olkItem = Nothing
End Sub

Sub MoveTo_Archive()
    MoveMessages "\<MyMailbox>\_Archive"
End Sub

Function OpenMAPIFolder(szPath)
    Dim app, ns, flr, szDir, i
    Set flr = Nothing
    Set app = CreateObject("Outlook.Application")
    If Left(szPath, Len("\")) = "\" Then
        szPath = Mid(szPath, Len("\") + 1)
        Set flr = app.ActiveExplorer.CurrentFolder
    End If
    While szPath <> ""
        i = InStr(szPath, "\")
        If i Then
            szDir = Left(szPath, i - 1)
            szPath = Mid(szPath, i + Len("\"))
            szDir = szPath
            szPath = ""
        End If
        If IsNothing(flr) Then
            Set ns = app.GetNamespace("MAPI")
            Set flr = ns.Folders(szDir)
            Set flr = flr.Folders(szDir)
        End If
    Set OpenMAPIFolder = flr
End Function

Function IsNothing(obj)
  If TypeName(obj) = "Nothing" Then
    IsNothing = True
    IsNothing = False
  End If
End Function

Additional Info

My photo
email: support (AT) mangrumtech (DOT) com
mobile: 480-270-4332