Problem 1: I set the Office SharePoint Server Search Service to use a dedicated web front end computer for crawling. After doing this, the server I set to be dedicated for search crawling (indexing) started throwing this error:

Event ID: 6482

Source: Office SharePoint Server

Details: Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (3b4a9151-23b7-4c2f-ad89-b317610aae69). Reason: Access to the path ‘C:\Windows\system32\drivers\etc\HOSTS’ is denied.

Why in the world would SharePoint need access to the HOSTS file? Well, it turns out that SharePoint replaces the HOSTS file with a new one containing the IP addresses and hostnames for all web apps in SharePoint. The problem here is that the identity of the process running the SharePoint Timer Service doesn’t have access to the HOSTS file. Easy fix, right? Well, yes when SharePoint is running on Windows Server 2003. All one must do is grant Modify permissions to the WSS_ADMIN_WPG group on the ETC directory (on the directory because the Timer Job deletes the HOSTS file and then writes a new one).

Problem 2: If SharePoint is running on Windows Server 2008, an administrator can’t change the permissions on the ETC directory, even as an Elevated Administrator. I tried the following to change the permissions:

1. 1st Attempt
   1. Browse to c:\windows\system32\drivers
   2. Right-click on the ETC directory, select Properties, click the Security tab and then click the Edit button.
   3. Click Continue on the UAC prompt.
   4. PROBLEM: The Add button is grayed out. An Administrator can’t change the permissions.
      
2. 2nd Attempt
   1. Click Start, All Programs, Accessories.
   2. Right-click on Windows Explorer and select Run As Administrator.
   3. Click Continue on the UAC prompt.
   4. Followed steps 1 - 3 from the 1st Attempt.
   5. PROBLEM: The Add button is still grayed out. An Administrator can’t change the permissions even with an Elevated Windows Explorer (probably because Windows Explorer is never really elevated unless UAC is turned off).
3. 3rd Attempt
   1. Click Start, right-click on Command Prompt and select Run as Administrator.
   2. Click Continue on the UAC prompt.
   3. Run icacls c:\windows\system32\drivers\etc /grant WSS_ADMIN_WPG:f
   4. PROBLEM: Access is denied error returned from icacls. One can’t change the permissions using icacls in an Elevated Command Prompt.
      
4. 4th Attempt (Workable Solution)
   1. Browse to c:\windows\system32\drivers.
   2. Right-click on the ETC directory, select Properties, click the Security tab, and then click the Advanced button.
   3. Select the Owner tab. Wait, what’s that? TrustedInstaller is the Current Owner?
   4. Click the Edit button.
   5. Click Continue on the UAC prompt.
   6. Change the Owner to the Administrators group, select the “Replace owner on subcontainers and objects” option and click OK.
   7. Click OK on the prompt telling you to close the properties window and re-open it.
   8. Click OK on the “Advanced Security Settings for etc” window.
   9. Click OK on the “etc Properties” window.
   10. Right-click on the ETC directory, select Properties, click the Security tab, and then click the Edit button.
   11. Click Continue on the UAC prompt (you probably will not get this prompt unless you have rebooted since granting yourself ownership of the directory).
   12. Click Add and enter <servername>\WSS_ADMIN_WPG and click OK (replace <servername> with the local server name, this is done because the machine will try to use a domain group/user here).
   13. Grant the group Modify rights and click OK.
   14. Click Yes on the Security Warning.
   15. Click OK on the “etc Properties” window.
   16. SOLVED.

Another Solution

1. Click Start, right-click on Command Prompt and select Run as Administrator.
2. Click Continue on the UAC prompt.
3. Run takeown /f c:\windows\system32\drivers\etc /a
4. Run icacls c:\windows\system32\drivers\etc /grant WSS_ADMIN_WPG:m

   You have got to love the command line, we just took a 15 step process and turned it into 4 steps!!!

Yes, yet another “fix” would be to disable UAC, make the necessary changes and then re-enable UAC. The problem with this is that the administrator must reboot after each change to the UAC state. Not really a viable solution if the farm is live, is it?

Happy SharePointing!!!!!

Run the following from a command prompt:

set devmgr_show_nonpresent_devices=1

I use this usually after someone has removed NIC’s from a server and not reset their configuration prior to removal causing pesky messages about another nic in the same machine using the same IP or gateway.

In my current job I have been tasked with building and maintaining a few DB2 servers. Until now I have never used DB2 so I thought it would be wise to get some training. I checked out IBM’s website and found that they have some nice materials to get you started if you don’t have any experience with DB2. I started reading the articles and as usual I was pulled away to work on something else. I didn’t get back to the IBM site for a couple days, but when I did I had to re-register for the training I was already taking! This was extremely frustrating as you have to register for each “Part” of a training series. I wasn’t going to let IBM get the better of me so I copied the link to the PDF version of the first “Part” in one of the series and then changed the path to match the second “Part.” Voila! I didn’t have to register for each “Part” again.

Being the nice guy I am, I decided to post the links to the PDF’s so other people aren’t burdened by Little Blue’s BS, (I use “Little Blue” because I am referring to the size of the company’s brain-trust).

DB2 9 Fundamentals exam 730 prep, Part 1: Planning
DB2 9 Fundamentals exam 730 prep, Part 2: Security
DB2 9 Fundamentals exam 730 prep, Part 3: Accessing DB2 data
DB2 9 Fundamentals exam 730 prep, Part 4: Working with DB2 data
DB2 9 Fundamentals exam 730 prep, Part 5: Working with DB2 objects
DB2 9 Fundamentals exam 730 prep, Part 6: Data concurrency
DB2 9 Fundamentals exam 730 prep, Part 7: Introducing Xquery

DB2 9 DBA exam 731 prep, Part 1: Server management
DB2 9 DBA exam 731 prep, Part 2: Data placement
DB2 9 DBA exam 731 prep, Part 3: Database access
DB2 9 DBA exam 731 prep, Part 4: Monitoring DB2 activity
DB2 9 DBA exam 731 prep, Part 5: DB2 utilities
DB2 9 DBA exam 731 prep, Part 6: High availability: Backup and recovery
DB2 9 DBA exam 731 prep, Part 7: High availability: Split mirroring and HADR

I recently installed the latest pidgin for windows which comes bundled with GTK.  One of the features that I require in an instant message program is that I can start typing someone’s name and it find the contact based on what I’m typing.  In the latest pidgin this is broken, but it’s not a pidgin bug, it’s a gtk bug.  To fix it, do the following:

1.  Download http://www.mocker.org/files/libgdk-win32-2.0-0.dll
2.  Copy that file to C:\Program Files\Common Files\GTK\2.0\bin\ (You will have to exit out of pidgin)
3.  Start pidgin back up
4.  There is no 4.

I found this information on the pidgin bug tracker at http://developer.pidgin.im/ticket/4966, but couldn’t get any good hits just searching around Google.  Hopefully this saves someone some time.  Credits go to http://developer.pidgin.im/ticket/4966#comment:4 for finding the fix.

I ran into an issue where I needed to recreate a Shared Service Provider for a SharePoint environment. The original admin setup the SSP admin site inside of an existing Web Application/Site Collection. Besides manageability, this kind of configuration can cause problems with the search provider and mysites.

There are a lot of blogs and instructions which tell you how to create SSP’s and move applications between them. You can use this post by Tony Zink: http://www.pptspaces.com/sharepointreporterblog/Lists/Posts/ViewPost.aspx?ID=18 to create the new SSP. The problem I ran into was deleting the original SSP because it was the Parent SSP. A Parent SSP is the SSP which provides shared services to a sharepoint farm. It is identified by the word Parent in parenthesis directly after the SSP’s name. You cannot delete an SSP designated as the Parent without first removing it from the Parent SSP role by doing the following:

1. Open Central Administration
2. Click on the Application Management tab
3. Click “Grant or configure shared services between farms” under Office SharePoint Server Shared Services
4. Select your new SSP and click OK

After doing this, you should be able to delete the ssp. If you can’t delete the SSP through Central Admin, use this command from the 12 hive (c:\program files\common files\microsoft shared\web service extensions\12\bin):
stsadm -o deletessp -title SharedServices

There is an interesting article that goes over some of the real requirements of setting up a cloud environment at your corporation.  One of the things I hate about most cloud discussions is the marketing fluff that goes along with them.  This article talks about the real hardware involved in a simple cloud setup.  Don’t know if I agree with a blade center requirement, but great points overall.

The people over at Data Center Knowledge dug up a video demonstrating a gas fire suppression system.  Cut to 40 seconds in to see the system go off and skip the marketing fluff. 

According to InfoWorld Red Hat will be open sourcing their Red Hat Network software.  This should be great for the community but I hope it doesn’t cut too much into the profits for Red Hat.

I can imagine that soon CentOS will release a RHN server to easily manage all of your CentOS servers.  RHN was one of the value adds of purchasing a subscription.

Remind me why I need Red Hat again?

I recently installed Ubuntu Hardy Heron on my home computer and ran into a problem when I would switch between my user and my wife’s.  After we were both logged on and I performed the switch, it would go to a “white” screen.  Searching around, this is a known issue.  At the bottom of the bug report, they say that it’s fixed in the hardy-proposed repository, but don’t really give instructions on how to upgrade.

Here’s what I did to fix the problem.

First, I added the following sources to my /etc/apt/sources.list:

deb http://c.archive.ubuntu.com/ubuntu/ hardy-proposed restricted main multiverse universe
deb-src http://c.archive.ubuntu.com/ubuntu/ hardy-proposed restricted main multiverse universe

Then, I created a preferences file for apt, so that I wouldn’t have to upgrade all my packages to the hardy-proposed repository.  The file is /etc/apt/preferences:

Package: *
Pin: release a=hardy-updates
Pin-Priority: 900

Package: *
Pin: release a=hardy-proposed
Pin-Priority: 400

After I did that, I did the standard apt-get update to pull down all my new packages.  Now to upgrade just the compiz files (which has a workaround for the nvidia bug):

sudo apt-get install compiz/hardy-proposed compiz-core/hardy-proposed compiz-gnome/hardy-proposed compiz-plugins/hardy-proposed

With the upgraded packages installed I rebooted for good measure (I know, I didn’t need to do this).  When the system came back online I was able to switch users without the white screen!

I ran into this problem today, I have a user account on a FreeBSD machine that needs the ability to rsync and scp files to the server. I really didn’t see any need for the user to have full ssh access to the machine. So I headed over to the ports tree to do some poking around. I found a couple utilities there that seemed promising, such as shells/scponly and shells/rssh. Both of these programs allowed the user to only have scp and rssh had extra functionality to allow sftp, not exactly what I was looking for.

I resort to google, of course, and find an article posted on the FreeBSD wiki, which is somewhat of an unofficial FreeBSD wiki. The article makes mention of scponly but also has a small C program at the tail end of the article which does exactly what I was looking for.

The program compiled first try, no errors, and worked flawlessly, and by looking at the code it would seem that adding more protocols besides just rsync, scp, and sftp would be fairly simple.

External Link: SSH: Limiting to SCP or Rsync only @ FreeBSD Wiki