Check It Ma, Logz For Dayz

On a Mac, I frequently use the tail command to view files as they’re being written to or in use. You can use the Get-EventLog cmdlet to view logs. The Get-EventLog cmdlet has two options I’ll point out in this article. The first is -list and -newest. The first is used to view a list of event logs, along with retention cycles for logs, log sizes, etc. Get-EventLog -list You can then take any of the log types and view information about them. To see System information: Get-EventLog System There will be too much information in many of these cases, so use the -newest option to see just the latest: Get-EventLog system -newest 5 The list will have an Index number and an EventID. The EventID can then be used to research information about each error code. For example, at

Managing DNS In Windows Server 2012

Previously, I covered installing the DNS role in Windows Server 2012. Once installed, managing the role is very similar to how management was done in Windows Server 2003 through 2008 R2. With the exception of how you access the tools. DNS is one of the most important services in Windows Servers, as with most other platforms. So it’s important to configure DNS. To get into the DNS Manager in 2012 Server, first open Server Manager (you might get sick of using this tool in Server 2012, similar to how my Mac Server brethren have gotten tired of it in Lion and Mountain Lion Servers. Then from Server Manager click on DNS from the Tools menu. Screen Shot 2013-06-07 at 7.47.38 PM Once the DNS Manager mmc is open, notice that you will have Forward and Reverse zones listed. The forward zones point names at IP addresses or other types of records and the reverse zones contain information about what the name is for a given IP address. Screen Shot 2013-06-07 at 7.51.53 PM By default there are no zones, so click on New Zone from the Action menu to bring up the New Zone Wizard. From here, click on Next. If the zone is a new zone, click on New Zone. Otherwise, choose Secondary Zone if the server will be acting as a secondary name server for a given zone (make sure the primary allows zone transfers from the IP of the system you’re configuring) or select Stub Zone if the server will host a partial list of records. Click Next when you’ve selected the type of zone to create. Screen Shot 2013-06-07 at 8.18.36 PM At the New Zone screen, enter a name for the zone. For example, Once entering the new Zone name, click Next. Screen Shot 2013-06-07 at 8.16.19 PM At the Zone file screen, enter a name for the file that information about the new zone will be stored in and click on the Next button. Screen Shot 2013-06-07 at 8.19.36 PM At the Dynamic Update screen, choose whether the zone will allow dynamic updates. Here, you can choose whether clients can update DNS information in zones and if so, who can do so. I usually just leave this at the default (unless I’m preparing to install AD into the zone) and click on the Next button. Screen Shot 2013-06-07 at 10.23.20 PM At the Completing the New Zone Wizard screen, click on the Finish button (provided of course that the settings match your desired configuration for the zone). Screen Shot 2013-06-07 at 10.24.02 PM Once you see the domain name in DNS Manager, double-click on it. You’ll see the NS and SOA records. Usually you won’t ever end up touching these. Next, create records for your domain. Using the Action menu, select to create a new A Record, CNAME, etc. In this example, we’ll create a basic A Record, selecting the checkbox to automatically create a PTR with the record. Click Screen Shot 2013-06-07 at 10.29.21 PM Continue creating your records until they’re all built and go ahead and take this time to test them as well, as they’re being created. I usually like to run a flushdns between each creation/change: ipfconfig /flushdns Once you’re done with all of the records, I usually like to restart DNS with net stop: net stop dns And of course, start it back up. net start dns At the DNS Manager screen, right-click (control-click if you’re using a Mac) on the name of the server and then click on Properties. From the Properties screen, you’ll initially see the interface screen. Here, uncheck the box for any of the interfaces you don’t wish to have a listener for the DNS service (port 43). Screen Shot 2013-06-07 at 10.33.36 PM Click on the Forwarders tab. Here, define servers that your server uses to resolve DNS. DNS is kinda’ like a pyramid scheme like that. You shouldn’t need to use these too often, but there are some great options here for conditional forwards, where your server looks to a specific server for a given DNS domain. Screen Shot 2013-06-07 at 10.33.48 PM Click on the Advanced tab. Here, you can configure a variety of server options. A common security task would be to disable recursion. If this server is an Active Directory integrated DNS server doing so would not disable additional Active Directory DNS servers from communicating with one another as they receive their DNS information from Active Directory, as can be seen in the Load zone data on startup field of this screen. The Enable BIND secondaries allows a Mac to act as a secondary DNS server for the records stored on this server. This doesn’t work too well with Active Directory service records, in my experience, but works pretty well with anything else provided you define each zone to cache. Screen Shot 2013-06-07 at 10.34.01 PM Click on Root Hints. If you need to edit these then you might be doing something wrong. Root hints are the root DNS servers that sit atop the DNS pyramid scheme. I’ve only ever needed to edit these once, at the instruction of Microsoft during a support call for an environment that was in a walled garden. If the server connects to the Internet then chances are it should use the Forwarders to resolve names as opposed to Root Hints. Screen Shot 2013-06-07 at 10.34.12 PM Click on the Monitoring tab. Here, you can configure a small monitor that will run queries against the DNS server (or with recursion as indicated with the second option) and you can automate the test to run every so often and show the results. Screen Shot 2013-06-07 at 10.34.23 PM Click on the Event Logging tab. By default, all events are logged. Here, you can decrease logging so that the server only logs errors, warnings or even nothing at all. Screen Shot 2013-06-07 at 10.34.32 PM Click on the debug logging. This is like a special rockin’ tcpdump for DNS logs. You can log packets of various types with regards to name resolution, filter the output by IP address(es) and dump information out to a file. This is extremely detailed logging so you also have the option to indicate a maximum size of your log files. Screen Shot 2013-06-07 at 10.34.42 PM You also have more more granular controls for each domain. In the DNS Manager, right-click on your new domain and then click on Properties. Here, you’ll see the information you provided when configuring the zone in the first place (btw, zone is pretty much the same thing as domain, except each subnet of IP addresses for PTR records is also considered a zone). At the General tab you can pause a domains DNS, change the zone from a primary to a secondary if needed, etc. You can also define a different name for your zone file and enable dynamic updates. If the zone is a primary zone, click on the Aging button if you’d like to configure stale record scavenging. There, you can define when records that become stale are automatically deleted. Screen Shot 2013-06-07 at 10.35.17 PM Click on the SOA tab. Here, you can define the serial number for the domain. Those are automatically provided but you can override them if needed. You can define primary servers if the zone is a secondary and then provide an email address/username of the user who manages the domain. Here, you also configure TTL for the domain, domain record expiry, retry intervals for the domain, etc. Screen Shot 2013-06-07 at 10.35.27 PM At the Name Servers tab, you can add servers that this zone can be hosted on. Screen Shot 2013-06-07 at 10.35.36 PM Click on the WINS tab. If you are integrating WINS with DNS then chances are you missed flannel going out of style. But that’s ok, since provided you’re wearing your flannel with super tight jeans that require a can opener to get off, it’s just fine to wear a flannel. Anyway, if you use WINS with DNS, you’ll need to install WINS with Server Manager. When you go to add WINS it’s a feature, not a role. Screen Shot 2013-06-07 at 10.35.48 PM Click on Zone Transfers. This is where you define what IP addresses are able to perform a zone transfer for the domain you’re configuring. By default, all hosts from the Name Servers tab can be accessed. To open it up for everyone (not the best security option) click “To any server”, or to use a separate list than the Name Servers use the “Only to the following servers” button and then use the Edit button to populate the list. Screen Shot 2013-06-07 at 10.35.58 PM   Once you’ve configured the properties for your zone as granularly as you’d like, click Apply and then finish populating the zone with any other required records and testing all the settings. I also like to restart my DNS again after all that fun stuff.

Microsoft Retail Stores

Microsoft is opening a few retail stores in the upcoming months, with the first having launched just last week, in Scottsdale, Arizona. The stores are similar in appearance to the Apple stores that can be found around the country, which has garnered much criticism. Although if you find a formula that works then you find a formula that works. Imitation is the sincerest form of flattery, right? A number of videos have surfaced on YouTube showcasing the new store, although this seems to be the most informative regarding the products and layout of the store.
Overall, this is very interesting to me, although I don’t have any opinion either way about it. It simply is what it is…

Danger Will Robinson: SideKick + Microsoft

Occasionally Blackberries go down. Not one or two, but all of them. Sometimes (albeit rarely), Google Apps are unavailable. The Mac community got so frustrated with MobileMe during the .Mac transition that Apple released an official apology of sorts. But nothing that is as dangerous as the recent SideKick data loss. In a move that is characteristic of the battle that has been brewing between the makers of mobile devices and the carriers that provide access to those devices, T-Mobile released the following statement:
Regrettably, based on Microsoft/Danger’s latest recovery assessment of their systems, we must now inform you that personal information stored on your device – such as contacts, calendar entries, to-do lists or photos – that is no longer on your Sidekick almost certainly has been lost as a result of a server failure at Microsoft/Danger.
Basically, T-Mobile is saying that they have no culpability. After all, it’s not their job to do due diligence and make sure their parters are practicing the same backup strategies that are often practiced in 5 to 10 user environments. Microsoft on the other hand is going to point the finger at Danger, the organization they purchased in order to take over the customer base and the market of the SideKick. And Danger on the other hand is likely to simply um, well, not update their press release site for about the 16th consecutive month. Many are quick to point this colossal fail at something being wrong with the cloud computing model. Microsoft might be apt to say, but our cloud is a private cloud, likely a popular response from vendors that sell private clouds (or in Microsoft’s case Software + Services). I’m still on the fence about that one myself…

Microsoft Blogging

Once upon a time, in a land far away, there was a team of Microsoft employees. They operated in a black box, a silo of noncommunication. In order to learn what was in the new products they were developing you had to wait until they were released. There were no seeds, the prerelease software distributed to partners was codenamed with words like longhorn and the developers, if they spoke out of turn were publicly flogged with cat-o-nine-tails made of rusty old x86 hardware, known as flogware. But then something happened. Microsoft, to whatever degree, embraced a world of openness. The developers for various teams were suddenly encouraged to blog, speak publicly and even microblog. The flogware was set aside and the Hyrulians rejoiced as it seemed Link had saved them from Ganon. Today, you can keep track of development efforts and the general direction of Windows, Exchange, Storage Server, SQL, SCCM and VMM. You can download betas of Windows 7 (or could) even though it has yet to be released without being a partner. Anyone can access the support pages. Microsoft even shows up to places like BlackHat and DefCon begging people to break things because they want to make sure it’s as stable and secure a product as possible before it hits the market. Overall, Microsoft, while not open sourcing their code, are to some degree becoming a more open and honest company. And the result is that many in the IT industry have stopped looking at Microsoft as a monolithic, evil empire. We are starting to see the various units and those who work in the various units and know them, to some degree, as people. The softer side of Microsoft is more innovative than during the tumultuous time when Ganondorf was new. Sure the rubber band may snap back and Vaati may break his seal to terrorize the good employees once again (all it takes is for one person to make a terrible blunder online methinks for a kneejerk reaction to undo all the great faith they’ve been building). But for now, Microsoft is able to improve software more than ever, stand out as more gentle leader in the IT space and let the people who use their products know that they’re working hard to improve those products every day. I wish more IT vendors were as open in their processes as Microsoft has proven to be these days.

Tech Predictions Rant

<rant> According to Mayan tradition if you jump into one of the cenotes by the Mayan pyramids you can make predictions as to the future. Apparently, one person predicted he would be a ruler and was thus anointed such. Funny how that works. Well, I cave dived into a cenote and then read the January editions of eWeek, ComputerWorld, NetworkWorld, CIO and about 10 other magazines that show up to my house despite the lack of funding on my part for them to do so. Let’s see if I can wade through the fluff… First off, January is a funny month for tech magazines as it’s all IT predications, “look at which of my predictions turned out (but please forget the ones that I don’t mention that didn’t)” and various “top 10 tech” lists. It’s not hard to predict that people will spend more on security in 2009 than they did in 2008 when research papers already give you that information. It’s also not hard to predict that people will have to buy storage in 2009 (thank you Mr. Regulatory Compliance) or that network security incidents will go up in the next year. Either way my prediction is that next year they will be showcasing what they got right again, but somehow missing what they got wrong… Don’t get me wrong, some have more specific predictions, such as that Schwartz, the CEO of Sun, will be ousted. I’ve been waiting for that for a year or two myself, but it hasn’t happened yet – if it doesn’t happen in the next year I predict they’ll straight up go out of business (rm -Rf /Sun style)… A prediction I hadn’t considered was that Sun would go private. I still need to digest that, but I just kinda’ figured someone would end up buying Sun or they’d get resurrected by a strong CEO with a vision for how to eek profits out of this weird open source model, not that they’d end up buying back themselves… Another common prediction is that cybrecrime will go up. Well, while I find this in the realm of the “duh” I suppose I should make my own small prediction that is a bit more specific. Cybercrime amongst IT professionals will go up alongside the unemployment rate of IT professionals (maybe that’s why IT has been the least hit by the recession). Anyone who knows a good bit about system internals can write a good bot. Anyone with a flair for networking can convert that bot into a full fledged botnet. Of course, these newbies to the botnet world are not criminals in the traditional sense so I would expect that the rate of arrest would go up alongside the rate of newbie cyber crime… For example, there’s the Fannie Mae admin who upon his release decided to wipe out their data. There’s also the story about the rogue contractor who attacked the Northern Territory Government in Australia. There’s also the 2006 case (so pre economic whatnot) of the LA traffic signal hacking. Then there’s the dink in Sacramento who thought it would be wise to monkey with the California power grid (Grey Davis could have told him that doesn’t work out well). And of course the other dink in Northern California (NoCal) who refuses(d) to give up the password to network resources in San Francisco. But most convincing is that 88% of the IT workforce actually said they would steal data if let go. So I guess with all of this pointing towards a trend it’s a pretty safe darn prediction… Another interesting prediction was that city and state governments would start to switch away from their 20 year old or more computer systems, many of which are still running COBOL. Well, sounds good to me, provided there is someone who can foot the bill for the upgrade. Reportedly California is going to need to cough up about $200 million to upgrade their systems from COBOL. If I were to make a more specific prediction I would say that some enterprising lass is gonna’ come out with a little SaaS aimed at city governments. While many cities are likely close to being able to standardize the more holistic state-wide systems are likely not, even though doing so would likely save the states billions of dollars whether upgrades are a joint effort or a federally backed SaaS solution that is provided to the states. But while we are 50 united states, we are 50 completely different non-standard states nonetheless… I don’t predict it will happen, but I hope to see more standardization and therefore lower costs to the IT of bureaucracy. Another popular prediction is that the cloud industry will continue to increase. That’s the beauty of a buzz word. The cloud could reference shared storage or shared processing power. If one of these two goes up then the predictor is able to claim success. In a down economy, it is likely that many organizations will defer capital expenditures while others will welcome them, given the cheap cost of capital these days (where are our interest rates right now?). But whether they buy storage or outsource it I would guess that if everyone hasn’t tinkered around with “cloud” services that they will, just to see whether it will work for them. Thus, another safe prediction – unless you’re forecasting into 2010. One brave pundit announced that Microsoft’s Hyper-V would replace VMware as the market leader in virtualization offerings. I don’t know if I would necessarily be so brave a soul. Technically, I find it less appealing even than XenServer, the Citrixy form of XenSource, but there is something to be said for the fact that it’s bundled with 2008 Server… Either way, I wouldn’t have made that prediction just yet. What about IPv6? Are we not still running out of IP addresses? Did we all change our minds about that… Is the Army project in Germany really the only major implementation people are talking about? OK, so this one should maybe be into 2010, but there is a finite number of IP addressing space and we need more. Will companies defer IPv6 projects into 2011 or 2012? That’s what I’m interested in knowing. I’m guessing by that time there will be a War of the Worlds style panic to transition due to there being no more IP addresses… And what about certifications. For years IT vendors have been trying to get better at tracking certification cheating. Last year, many actually started to seed the cert brain dump sites with bad questions meant to statistically point out the cheaters. Will we see traction there? I’m guessing not… Especially on the Apple/Symantec/APC front. So if you are a pundit and you’re calling that people are going to be buying more storage in 2009, which is a big “duh” in my book, riddle me this, are they going to be buying storage built on open standards or are they going to be buying storage built in traditional shelf-like fashion, such as EMC or NetApp? Will EMC lay off more staffers in 2009 or were last weeks cuts as deep as they go? Where are the pundits saying “hey, in 2006 when Apple was at 1.1 percent of the Enterprise desktop market, I called that they’d grow to 4.5 percent within two years”? I don’t see any hands shooting up. If that curve were to continue, then within the next two years would Apple not be sitting close to 20 percent of the enterprise desktop market? If so then where are the pundits saying that will actually happen? I guess what this rant is getting at is that the future is uncertain (unless you first jump into a cenote), especially in an industry as rapidly changing as the IT industry. Sure, it’s only one year, but there is really no way to have any modicum of certainty that, for example, Microsoft and Intel would lay off 5,000 employees a year in advance, nor that EMC would follow up by laying off another 2,400 people. There’s no way to tell that Windows Live will not be what Microsoft was hoping it would be (OK, so maybe there was actually) nor that Facebook would take over the market. There are some who would guess that Mac OS X will become a darling of the Enterprise in favor of Windows 7 adoption. But then there are a lot of people at Linux shows around the country that would call that Linux would become that darling instead. And of course there are far more Windows professionals out there who aren’t even considering any change whatsoever in their skillsets… To conclude my rant I just want to state that what the authors of these articles are doing is actually an important service, and one that is done for free to subscribers of their pseudo-free publications.  I enjoy reading their predictions and whether I agree with them or not they definitely get me thinking about things! </rant>

Windows XP: Another Six Months

Windows XP is a 7 year old operating system.  Microsoft ads on TV tell us that we should move to Vista.  They put a deadline in place.  According to Devil Mountain Software and a few others, more than one third of Windows systems are still being downgraded to XP though.  What more can Microsoft do?  Well, the deadline of January 31st to stop allowing OEM manufacturers to sell XP has been extended.  You will now be able to purchase Vista and then have a downgrade option through to July of 2009, at which point XP will be well over 8 years old.  Pundits say Vista sales are up, but really it makes you wonder how much of that is actually software being immediately downgraded back to XP.  Is it possible that Vista is the worse disappointment in Microsoft’s storied history?  Will corporations ever truly trust Vista?

Microsoft Offers Rewards to LiveSearch Users

It’s not desperation really, more like what AmEx does to entice me to keep using that damn card for everything…  Anyway, Microsoft now offers points of a sort.  Here’s where I heard about it:;jsessionid=XPUR4JVLKQ4UAQSNDLPSKH0CJUNN2JVN?articleID=210605109

Windows Server: Pick What Goes into AD Next

What you would like to see in the next version of Active Directory Users and Computers? This is a great opportunity for you to provide feedback and help ensure that the features you want make it into ADUC’s next version. If you are interested, or know someone who might be interested in participating, and can make it to Microsoft’s main campus in Redmond, Washington for a two-hour study session, e-mail us at with ADUC in the subject line.