CUPS notes

OS: Ubuntu 12.04 LTS

I decided it was about time to solve a couple issues that seem to constantly come up for me when it comes to using CUPS in linux for printing.

The first was getting access to the configuration page from a machine other than the console. To do this you have to modify the /etc/cups/cupsd.conf file.


# JGZ – 3/26/2014 – To listen on the eth0 interface
Listen 10.10.10.9:631

# Restrict access to the server

Order allow,deny
# JGZ – 3/26/2014 – To allow access to /
Allow all

# Restrict access to the admin pages

Order allow,deny
# JGZ – 3/26/2014 – To allow access to /admin
Allow all

# Restrict access to configuration files

AuthType Default
Require user @SYSTEM
Order allow,deny
# JGZ – 3/26/2014 – To allow access to /admin/conf
Allow all

After the changes are made to the /etc/cups/cupsd.conf file, you need to restart cups:

# service cups restart

The next issue I had is the default size of the font. I frequently print files I create in vi or configuration files or scripts, and the font is too big by default to make the document readable. For this, I added the following to the printers.conf file in /etc/cups.


# JGZ – 3/26/2014 – decrease default font size
Option cpi 15.000000
Option lpi 9.000000

I put this un the ErrorPolicy line in between the and directives. If you have multiple printers, make sure that myprinter is the printer that you want to modify. Obviously, when you look at the printers.conf file, you will find many other options you can modify. In my case, I had to add the missing entries (see man printers.conf). For this change, you do not need to restart cups.

Windows Group Policy Results

The following tools can be used to review group policies.

Since Windows Vista SP1:
rsop.msc

To view the policies applied to the computer you are logged into:
gpresults

To force a policy update:
gpupdate /force

Used in concert with rsop:
gpinventory.exe

Add DNS search suffix in Ubuntu

Sometimes I hate change, and this is one. I just want to edit the /etc/resolv.conf. The search suffix in Ubuntu can be added by adding the following to the /etc/network/interfaces file:

dns-search domaintosearch

For example, on my Ubuntu client:

# cat /etc/network/interfaces
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp
dns-search jim-zimmerman.com

I am not sure if the network needs to be restarted. I did restart it by:

# service networking restart

Import PST into Exchange 2013 mailbox.

I was trying to use New-MailboxImportRequest to import a PST file into a mailbox. From EMS, I kept getting the following error:

“The term ‘New-MailboxImportRequest’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again”

I had to enter the following to get the necessary permission:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User UserImporting

I did this for the Administrator account, so:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User Administrator

Then, I was able to import the PST mail. With following command the email was put back into the same folder as when the mail was exported:

New-MailboxImportRequest -Mailbox mailboxname -FilePath UNCToFile

I imported the PST into a mailbox with an alias of jim:

New-MailboxImportRequest -Mailbox jim -FilePath \\SERVER1\c$\jim.pst

Change DC IP address.

If you are going to change IP address of a domain controller, there are a couple things you should do afterwards to ensure that the DNS is in order.

First, go ahead and make the network modifications on the domain controller (IP address, mask, gateway, DNS, etc.).

Then, register the changes with the DNS using:

ipconfig /registerdns

Then, use the following to ensure that the service records are properly updated in the DNS as well. This could really mess things up if not correct, so do the following to make sure:

dcdiag /fix

Repair Microsoft SQL database/table lessons.

I was getting the following kinds of errors after an errant update to a Microsoft SQL Server (2005 in this case) while running a “DBCC CHECKDB”:

DBCC results for ‘Transactions’.
Msg 8928, Level 16, State 1, Line 1
Object ID 37575172, index ID 0, partition ID 72057594038845440, alloc unit ID 72057594042843136 (type In-row data): Page (1:1169) could not be processed. See other errors for details.
Msg 8939, Level 16, State 98, Line 1
Table error: Object ID 37575172, index ID 0, partition ID 72057594038845440, alloc unit ID 72057594042843136 (type In-row data), page (1:1169). Test (IS_OFF (BUF_IOERR, pBUF->bstat)) failed. Values are 29493257 and -4.
Msg 8928, Level 16, State 1, Line 1
Object ID 37575172, index ID 0, partition ID 72057594038845440, alloc unit ID 72057594042843136 (type In-row data): Page (1:1309) could not be processed. See other errors for details.
Msg 8939, Level 16, State 98, Line 1
Table error: Object ID 37575172, index ID 0, partition ID 72057594038845440, alloc unit ID 72057594042843136 (type In-row data), page (1:1309). Test (IS_OFF (BUF_IOERR, pBUF->bstat)) failed. Values are 29493257 and -4.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1337), slot 12 should be pointed to by forwarding row page (1:1169), slot 20. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1337), slot 38 should be pointed to by forwarding row page (1:1169), slot 32. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1337), slot 41 should be pointed to by forwarding row page (1:1169), slot 41. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1338), slot 5 should be pointed to by forwarding row page (1:1169), slot 45. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1338), slot 7 should be pointed to by forwarding row page (1:1309), slot 43. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1338), slot 23 should be pointed to by forwarding row page (1:1169), slot 56. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1338), slot 24 should be pointed to by forwarding row page (1:1169), slot 59. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1338), slot 29 should be pointed to by forwarding row page (1:1169), slot 62. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1338), slot 33 should be pointed to by forwarding row page (1:1309), slot 66. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1339), slot 25 should be pointed to by forwarding row page (1:1309), slot 38. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1340), slot 17 should be pointed to by forwarding row page (1:1309), slot 51. Did not encounter forwarding row. Possible allocation error.
Msg 8994, Level 16, State 1, Line 1
Object ID 37575172, forwarded row page (1:1340), slot 20 should be pointed to by forwarding row page (1:1309), slot 22. Did not encounter forwarding row. Possible allocation error.
There are 49003 rows in 821 pages for object “Transactions”.
CHECKDB found 0 allocation errors and 16 consistency errors in table ‘Transactions’ (object ID 37575172).

Here is what I did/tried and what eventually worked:

Put the database in single user mode:

ALTER DATABASE databasename SET SINGLE_USER

Examined and saved some of the contents of a corrupt page:

DBCC PAGE (‘tablename’, 1, pagenumber, 3) WITH TABLERESULTS

Tried to rebuild the indexes in the corrupt table:

DBCC DBREINDEX (“tablename”, ” “, 70)

Tried to repair the database without data loss:

DBCC CHECKDB(‘databasename’, REPAIR_REBUILD)

Eventually gave in and repaired the database with possible data loss:

DBCC CHECKDB(‘databasename’, REPAIR_ALLOW_DATA_LOSS);

Enabled multi-user mode:

ALTER DATABASE databasename SET MULTI_USER

Fortunately, it doesn’t look like much data was lost, since there was no backup.

Upgrading from Windows 2003 ADS to Windows 2012 R2

Initially, I tried to bring a Windows 2012 R2 into the 2003 ADS environment directly. In other words, I installed 2012 server and tried to promote it in an environment with 2003 DCs exclusively. This failed miserably and instead of spending a lot of time trying to figure the issue out, I opted to go to 2008 R2 and then 2012 R2. This scenario went much smoother.

This was a single Windows 2003 domain. Very simple environment. All role installation and promotion was done from the domain Administrator account.

I built a Windows 2008 R2 server and joined it to the domain.

Then, I added the Active Directory Domain Services role, and let the wizard install the DNS Server role as well.

Once the roles were installed and server rebooted, if needed, I verified the time and that DNS was set correctly.

Then, I ran dcpromo.

When dcpromo was finished, I rebooted and logged in the domain Administrator account.

Then, I transferred all the FSMO roles to the new Windows 2008 R2 domain controller (see http://jim-zimmerman.com/?p=880 ).

I built and joined a Windows 2012 R2 server to the domain.

I added the Active Directory Domain Service role, and again let the wizard install the DNS Server role.

Once the roles were installed, and I verified the DNS and time, I ran the dcpromo equivalent in Windows 2012 R2. I clicked on the flag with the warning symbol in the top right of the Server Manager window. In the drop down, under the Active Directory Domain Services role, was a link to promote the server. I clicked on it to start the promotion. Note: dcpromo is not supported in 2012. When you try to run it, you get a message telling you to go to Server Manager.
dcpromo equiv from server manager make sure to select the 2008 server to replicate from.

After the server rebooted, I transferred all the roles, in a similar manner as above, to my Windows 2012 R2 server.

Once that was done, I verified replication and authenticated to the 2012 server from a client.

Then, I shutdown my 2003 domain controller.

In a week or maybe two, I will boot the 2003 server and demote it. I don’t want to demote right away in case something goes wrong or comes up.
demote 2003 box or shutdown for a while.

Then, I will demote the 2008 server as well. If there were more than one domain controller in this environment, I would keep the 2008 server up until all the domain controllers were replaced with upgraded ones.

UPDATE: So, I demoted the 2003 server after checking to make sure all the roles were on the 2012 server, and ensuring that the Global Catalog was on the 2012 server too. To demote, I just ran dcpromo.

Then, a couple days later, I went through the same process on my 2008 server. I ended with only one domain controller which is a Windows 2012 R2 server.

Enable automatic Administrator login – Windows server

I don’t really like to do this, but sometimes you are left with no choice. Here is how to have a Windows server automatically login to the Administrator account:

Run regedit.

Navigate to:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

Right mouse click on Winlogon and add the following String Values with the following settings:

“AutoAdminLogon”=”1″
“DefaultUsername”=”mydomain\Administrator”
“DefaultPassword”=”mypassword”

Then, reboot.

Using DISKPART to add/format a newly added hard drive.

Used this basic procedure to add a hard drive in Windows 2012 R2 Core:

List the disks to ensure you select the correct one:

DISKPART
DISKPART> LIST DISK

Select the correct disk:

DISKPART> SELECT DISK=1

Put the disk online:

DISKPART> ONLINE DISK

Examine the disk attributes:

DISKPART> ATTRIBUTES DISK

Remove the READONLY attribute if on:

DISKPART> ATTRIBUTES DISK CLEAR READONLY

Create a primary partition on the drive:

DISKPART> CREATE PARTITION PRIMARY

Format it:

DISKPART> FORMAT

Assign the desired letter to the drive:

DISKPART> ASSIGN LETTER=D

Allow ping through a Cisco ASA

Here are the changes you need to make to allow clients on your LAN to ping through the Cisco ASA to a host on Internet/WAN. Basically, this is how to create a class map and a policy that uses the class map. Then, implement the policy.

class-map myclass
match default-inspection-traffic
exit
policy-map mypolicy
class myclass
inspect icmp
exit
service-policy mypolicy interface outside

Return top

INFORMATION