USB and upgrading ESX/ESXi

If you are using USB devices on your virtual machines with ESX/ESXi (for instance using a USB over network hub with vSphere), you know that you need to install a USB concentrator device for your USB device to be recognised in your VM.

Now if you upgrade to 4.1 (for instance, to get USB passthrough connectivity), you need to reinstall said concentrator.

To do so: 

Delete all USB devices in the VM settings.

Then delete the concentrator.

Close the settings, wait for it to finish, then reopen settings, add your concentrator. Repeat the process with your USB device.

Tada, USB is now fully functional.

If you don't do so, your USB device will show up in your VM, but won't be fully usable.

ClarkConnect blocking https websites

Sometimes, for no reason at all, the ClarkConnect proxy will block a website. Hard. Timeout. white pages and the kind.

I tried everything: Disabling ECN, disabling caching/filtering, etc. Nothing would work.

I went back to basics: Installed screen (for the comfort of use) and ran a tcpdump on the adsl interface to monitor the traffic. And it didn't miss: the ClarkConnect box was sending tcp packets but not getting ACKs in return.

A quick look through iptables showed something amusing: the first two rules were an unconditional DROP on every packet coming from the website.

Back to the ClarkConnect web interface, namely intrusion detection, revealed the website IP was blacklisted for another 22h. Regardless of what could have caused it (whether a badly configured apache or firewall on their end, or a user a bit too eager on ours). Adding the server to the exception list and applying the settings did miracles.


Morality:
tcpdump is ugly, flood your screen with information that may not be deemed relevant, but trust me: learn to use it and it will save your skin more than once.

How to upgrade ESXi to 4.1

http://blog.vmpros.nl/2010/07/15/vmware-failed-to-read-the-upgrade-package-metadata-xml-upgrading-to-esxi-4-1/#more-2953

The host update utility does not work to upgrade ESXi to 4.1, but it's possible to enable SSH to perform the upgrade using the CLI.

Running batch files from a GPO logon script

As you may or may not know if you're using GPOs, you can configure various scripts. Namely Logon, Logoff, Start and Shutdown.

For flexibility sake, you're often referring to other scripts inside this "master script" and often end up having to rewrite it a lot, because sometimes this not so important line you removed two months ago was actually making all the difference in the world.

One thing I noticed today (after quite some old school debugging, people using the __LINE__ in their favorite programming language know what I mean) , is that if you refer to a .bat file from your logon script, it will execute said script and stop processing the rest.


To remedy to this, call your script with:

start /B <path>\script.bat


Start will execute your called script as a new instance, and the /B flag will prevent any opportunistic window from showing up.

Large LDF files in windows SBS 2008

By default the MSSQL database is set to full backup (which doesn't help if your backup software doesn't "play nice" with sql). Problem comes in when after some months, Exchange stop working altogether because the drive has been files by SharePoint's database (namely the replay logs, or .LDF files)

To rectify this, you need to:

• Connect to the sharepoint database in SBS 2008 with the following link: \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
• Regain control of the database. As you may or may not know, SharePoint is first installed using the local administrator, which kind of goes in limbo once you enable active directory. You end up with a pretty useless login. Re-enable  the 'sa' login by running the following query on your database: ALTER AUTHORIZATION ON DATABASE::[Database_Name] to sa; 
• Right click on the database, properties> options. Set backup mode to simple.
• Right click on the database, task, shrink, shrink files. Select log file, leave the rest as default and press ok. Tada! 20G recovered in 5 minutes (plus one hour to figure the !@#$%^& mess SBS 2008 created in the first place)