Work

SCOM 2007 R2 and Windows 2008 R2 DNS Issues

Posted in SCOM, Work on September 10th, 2010 by Tom – Be the first to comment

Issue 1 – DNS 2008 External Resolution always in “critical” state
This is an issue with how the monitor performs the test. This link has a great explanation. I followed the instructions at the bottom and overrode the monitor to change the query from type NS to type A and everyone started working. Of course before doing this I spent half a day testing DNS on each server manually and trying to figure out what was going on.

Issue 2 – TrustAnchors
Another error the pops up is DNS 2008 Zone Resolution Monitor – TrustAnchors. This is constantly on alert status. This error is related in new functionality in Windows Server 2008 R2 for support of DNSSEC. This link has a great summary of the issue. Similar to this link, I just disabled this particular monitor as I am not using DNSSEC. You can disable it in Monitoring -> Microsoft Windows DNS Server -> Domain Health State View -> open the TrustAnchors Domain -> Go to Properties of the monitor and override it to set to Enabled = False.

Issue 3 – Cisco firewall throwing away some DNS packets
I didn’t actually run into this problem due to my configuration, but I easily could have. I found the issue as I was trying to investigate Issue 1 above. The issue is some external lookups can fail when DNS packets come in with a size larger then 512 bytes. This occurs from EDNS and DNSSEC. See this post for a better idea as well as the solution when using Cisco PIX/ASA firewalls.

iPad experiences so far – handwriting

Posted in Work on April 3rd, 2010 by Tom – Be the first to comment

I like the iPad. The native applications work well. The system is snappy. It has lots of potential. The thing its missing, and what I consider the killer app for something like this is handwriting. I don’t care much about converting from handwriting to text, I would be happy with taking notes and using it that way. The conversion and such is a nice to have for me.

I got a Pogo sketch to go with it. It doesn’t work to bad, but the amount of pressure needed to apply to make it work is more then I would prefer. The apps I have tried so far also aren’t the best. I tried “Draw for iPad” but thats more for kids. Also tried “HandWriting Mail Free” which is so so. Its very basic, but it wasn’t horrible.

I am going to try “WritePad for iPad” and “Scribble Notes”. I also found a number of “Notes” style applications that handle handwriting, so going to try those. Much better results then a search for “handwriting”.

Have now tried about 10 different note apps that allow input from other then the keyboard. “Mental Notes” so far is the best. “Adobe Ideas” is good as well but is more of a drawing doodle type app instead of a note taking one. Adobe does a great job at handling the input and adjusting it to fit. One app for instance a circle would be a triangle due to how it handled the input.

Configuring Business Objects Edge and Gmail for email delivery

Posted in Business Objects, Work on August 26th, 2009 by Tom – 2 Comments

Gmail and/or Google Apps requires SSL for use when connecting and using it as your SMTP server. Unfortunately Business Objects Edge 3.1 does not support SSL connections in its various email delivery configurations.

No problem, I figured I could install a small SMTP server locally and use that to send out email. While that is possible, and one good choice is hMailServer, it has some potential problems with reverse DNS lookups, and MX record checks.

Instead I found a quick tool called sTunnel that can run as a service on any machine that will redirect a request to a defined location and handle the SSL wrapping. It is highly configurable, runs as a service, 5 minutes to install, minimal resource use, and requires no administration once setup.

Using this tool, I am able to configure Business Objects Edge 3.1 to use a Google Apps (should also work fine with Gmail) account to send emails from scheduled reports and other email destination services within Business Objects.

Here are the general steps I followed, keep in mind that my installation is Windows based, but that the general steps would work similar for non-windows based platforms (although sTunnel might require slightly more installation steps).

Step 1 –
Download sTunnel to the server your going to use for hosting the service. This can be the same server as your BO Edge, or a different server. As long as the BO Edge server can reach the server and port you define it doesn’t matter. I choose a separate server so that I can use sTunnel with other applications.

Step 2 -
Install sTunnel using the executable you downloaded.

Step 3 –
Edit the stunnel.conf file with the desired settings. sTunnel can be used with multiple services, but for email delivery the only one that matters is the one listed as [ssmtp]. I commented out the others as I won’t use them, but they could be left in if desired. The settings that matter are listed below along with some comments from me.

; stunnel comes with a certificate to test with, you should get your own though
cert = stunnel.pem

; debug is useful in setup, and can be commented out once its all working
debug = 7
; output is the location of the debug log file
output = stunnel.log
client = yes

[smtps]
; accept is what the service listens for incoming connections on
; insert the real IPaddress of the server you installed this on
accept = 127.0.0.1:25
; connect is the outbound connection to Google Apps (gmail)
connect = smtp.gmail.com:465

Step 4 –

Install sTunnel as a service by clicking on the Service Install shortcut installed in the stunnel Start Menu.

Step 5 –
Configure Business Objects Edge email delivery method to use a Google Apps user account but the connection host of the server running sTunnel. You do this through CMC under the Servers section. You will need to modify all the Job Servers that are configured for email delivery. For me that list is:

AdaptiveJobServer
CrystalReportsJobServer
DesktopIntelligenceJobServer

But could also include:

DestinationJobServer
ListOfValuesJobServer
ProgramJobServer
PublicationJobserver

Go to Properties of the Job Server, then Destination, then Email. If Email doesn’t exist and you are adding it for the first type, select Email in the drop down and click add. The fields to enter to enable use of the stunnel service and Google Apps (Gmail) are

Domain Name: (insert domain Google Apps domain, ex: abc.com)
Host Name: (insert IP or FQDN of server running stunnel)
Port: 25 (if you used a different port in stunnel.conf insert that here)
Username: (insert Google Apps / Gmail user, ex: me@abc.com)
Password: (insert user password)

The rest of the fields don’t matter. At this point restart the Server job and your done. You can now use Google Apps with Business Objects Edge for email delivery of reports.

For additional reference the following sites I found useful with this effort.
http://www.sysadmin.md/how-to-access-gmail-smtppop3-service-with-stunnel.html
http://watchdirftp.blogspot.com/2009/02/gmail-as-your-smtp-server.html