My notes, things I have learned, and documentation I have created.

While we are on the subject of flushing DNS cache, here is how you do it in MacOS.

dscacheutil -flushcache

I have run into this issue a few times, and decided that I needed to document this since I keep forgetting the procedure. I have had a situation where I have checked and double check my DNS modifications and no matter what I do the changes do not seem to have taken effect on some Windows clients. Well, it turns, as it usually does, that it just takes a simple command to resolve the name properly:

ipconfig /flushdns

I know this works on Windows 7, Windows 2003, and Windows 2008.

Another useful option if registerdns. If you change the IP address of a server and need it to update in your Windows DNS use:

ipconfig /registerdns

If pinging from a Windows client, you may need to flush your client DNS cache to recognize the address change.

I needed an easy way to “Allow access” under “Network Access Permission” in the “Dial-in” tab of the “Active Directory Users and Computers” console for several users in a Windows 2003/2008 ADS environment.

At first, I approached this task from a scripting angle. I developed a VBscript that would worked in my test environments, but not in production. I am still not sure why, but I have not had to time to look into it further. I suspect it has to do with some policy restrictions or permissions. I know the script was working, because I could see that the “msNAPllowDialin” ADS attribute was being modified. However, when I opened up “Active Directory Users and Computers,” the change was not reflected. Also, I was still not able to use our VPN that requires the attribute be enabled.

Being short on time, I looked for a powershell command, or some other command line solution. It was then that I rediscovered the netsh command. I had used this command in the past, but did not document anything about it. I want to get something posted on it, because it is a tremendously powerful command and one that every seasoned Windows administrator should know about. In my case, this command helped solve my issue quickly. I used the following command syntax to choose “Allow access” on the “Network Access Permission” radio button:

netsh RAS set user name=username dialin=PERMIT

The netsh command has many options. Among them, I found that looked pretty interesting (netsh dump). It creates a script of your current settings. There is another option, netsh exec, that you can use to execute a netsh script like the the “netsh dump” creates. These could be incredible useful. There are several other options. You can find help and syntax for all the options by entering a “?” when you need more information. For example, “netsh ?” or “netsh set ?”, etc. You can add to question mark to any level to find more information. Very useful command. I wish I had written down what I used it for before.

To list the virtual machines installed on a VMWare ESXi server, loging to the server via ssh and enter the following command:

~ # esxcli vms vm list
VMDC1
World ID: 9375350
Process ID: 0
VMX Cartel ID: 9375349
UUID: 56 4d 7e ca e0 c8 15 17-53 2e 21 de 2f 57 6b f0
Display Name: VMDC1
Config File: /vmfs/volumes/4cd70f88-eac98d60-3346-b8ac6f907086/VMDC1/VMDC1.vmx

There are several other options to the esxcli command, but another potentially useful option is the following command used to kill a hung VM:

~ # esxcli vms vm kill
~ # esxcli vms vm kill –type soft|hard|force –world-id World ID

I used the following procedures to enable core dumps in RHEL6.

# vi /etc/security/limits.conf
…
#* soft core 0
* soft core unlimited
…

# vi /etc/sysctl.conf
…
kernel.core_pattern = /tmp/core-%e-%s-%u-%g-%p-%t
fs.suid_dumpable = 2
…
Note:
%e is the filename
%g is the gid the processs was running under
%p is the pid of the process
%s is the signal that caused the dump
%t is the time the dump occurred
%u is the uid the process was running under

# vi /etc/sysconfig/init
…
DAEMON_COREFILE_LIMIT=’unlimited’
…

# sysctl -p

I finally had to look into udev a little bit today. I had made some modifications to a RHEL6 guest I have in VMWare ESXi. My trouble started when I converted the storage from thick to thin, due to limited space. I am still not sure why would have caused an issue with network devices, but it did. I ended up with a eth1 device instead of the eth0 device I had previously. I tried removing all the interfaces via vSphere and then adding one, but this only created eth2.

To resolve the issue, I needed to modify the appropriate udev rules. The rule files are located in /etc/udev/rules.d. The file that contained the network interface information was in the 70-persistent-net.rules file.

My /etc/udev/rules.d/70-persistent-net.rules contained the following:

# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.

# PCI device 0x15ad:0x07b0 (vmxnet3) (custom name provided by external tool)
SUBSYSTEM==”net”, ACTION==”add”, DRIVERS==”?*”, ATTR{address}==”00:0c:29:9a:99:76″, ATTR{type}==”1″, KERNEL==”eth*”, NAME=”eth0″

# PCI device 0x15ad:0x07b0 (vmxnet3)
SUBSYSTEM==”net”, ACTION==”add”, DRIVERS==”?*”, ATTR{address}==”00:0c:29:70:fa:e5″, ATTR{type}==”1″, KERNEL==”eth*”, NAME=”eth1″

# PCI device 0x8086:0x100f (e1000) (custom name provided by external tool)
SUBSYSTEM==”net”, ACTION==”add”, DRIVERS==”?*”, ATTR{address}==”00:0c:29:70:fa:e5″, ATTR{type}==”1″, KERNEL==”eth*”, NAME=”eth0″

# PCI device 0x15ad:0x07b0 (vmxnet3)
SUBSYSTEM==”net”, ACTION==”add”, DRIVERS==”?*”, ATTR{address}==”00:0c:29:70:fa:ef”, ATTR{type}==”1″, KERNEL==”eth*”, NAME=”eth2″

I simply removed all eth1 and eth2 and the eth0 (vmxnet3) entries, and rebooted. This took care of the issue.

I found myself needing to change some disks in my VMs from thick (pre-allocating all the defined storage) to thin (dynamically resizing storage up to the maximum size configured. I found myself running out of disk space after creating a few snapshots.

First, to clarify a bit of confusion, I ran into. When I first attempted this, I logged into my ESXi host machine, and navigated to the VM directory I wanted to modify. Logically, I chose the largest vmdk file thinking that is one I want to change. Well, it turns out this isn’t the vmdk file you want to run vmkfstools against. To determine the file name, I brought up the vSphere Client and right mouse clicked on the VM, and chose Edit Settings. Then, I clicked on the hard disk I wanted to modify. From here, I was able to identify the filename I needed (under “Disk File”). Knowing this, I simply needed to run vmkfstools.

vmkfstools -i inputfilename outputfilename -d thin

Once completed, you replace the thick file with the thin file. The simplest way, to me, seems to be to remove or rename the thick file, and edit the vmx configuration file to use the new thin vmdk output file created when the vmkfstools was run. Then, I removed the server from the vSphere client by right mouse clicking on the VM and selecting “Remove from Inventory.” Then, I added the VM back into the invetory by clicking on ESXi host, right mouse clicking on the datastore where the VM is stored, and browsing to the VM directory. From here, I chose the updated vmx file to add the VM to the inventory.

There are several other options to the vmkfstools command including other disk formats including converting back to a thick disk format.

Note: When you look at the files via an ssh client, it does not look like you have changed anything with regards to space. To verify that it has worked, look at the hard disk for the VM. It should indicate that the type is Thin.

Finally got around to getting my posts automatically posting to Tumblr.  It works just the way I want it to.  Still haven’t gotten to it for Facebook or at least something that works the way I want it to.

I used the following procedures to jailbreak my iPhone 4.2.1 with 03.10.01 baseband.

First some prep work. Backup your phone. From iTunes, right mouse click your phone and choose Backup.

Then, you need greenpois0n from greenpois0n.com. I used version rc5.2.

Next, you need to get you phone into DFU mode. Below, I have outlined the steps that have consistently worked for me.

How to get your iPhone into DFU mode:

With device powered on and unlocked:
Hold the Power and Home buttons.
When the screen goes black, count to 2.
Then, release the Power button, and hold the Home button for 10 – 15 seconds.
You know you are in DFU mode, if the screen stays black.

Now, you need to launch greenpois0n from the Terminal application. Below is the command line I used:

sudo Desktop/JailBreak/GreenPois0n/greenpois0n-osx_rc5_2/greenpois0n.app/Contents/MacOS/greenpois0n

In my case, the Loader application did not install Cydia. I needed to use redsn0w_mac_0.9.7b6 along with 4.2.1 download from Apple. The only option I chose was to install Cydia.

After the restart, my phone was jailbroken and I had a Cydia icon installed.

I found the following in a /var/log/secure log on a RHEL6 minimal installation:

PAM unable to dlopen(/lib64/security/pam_fprintd.so): /lib64/security/pam_fprintd.so: cannot open shared object file: No such file or directory

This is the PAM module to support finger print readers. In this installation, I do not need that functionality. To disable using the PAM module, I used the following command:

authconfig –disablefingerprint –update