Monday, February 9, 2015

Someone is currently logged into the APC

Time was APC was the Cadillac of the power management world. But in my opinion, as with many vendors they're not keeping up with the times. Case in point our APC AP7990 PDUs. We're no longer able to use any modern browser to manage them. And when we use an older browser, we've been getting "Someone is currently logged into the APC Management Web Server." when attempting to login, because it's not resetting the session when disconnecting.

Logging into the terminal and back out to reset the web interface fixes this, but if you're doing that securely as you should with SSH, not Telnet, using PuTTY, you get an error message "Received SSH2_MSG_CHANNEL_SUCCESS for nonexistent channel 65536". To get around that try using a Linux or BSD-based system to SSH to the PDU, although that resulted in a "Broken pipe" error at times...

Unfortunately the heart of the matter is their products, like many manufactures' devices are using old, broken security protocols, ciphers and versions of Java, with no hope of ever being updated. And now with all modern browsers and JVM security settings at all-time high, they block access to these remote management web interfaces. Truly a frustrating development since there is no way to push manufacturers to update what should amount to a simple fix (if they have sensible software dev practices). I don't expect companies to support products forever the way Microsoft does, but when their products become completely unmanageable because of far-reaching, widely-known security flaws in Bash, OpenSSH, SSL and Java, they should be on the hook to spend a few cycles on helping the people who buy their products. (Okay, off my soapbox.)

And by all means, click Log Off when using the APC PDU web interface.

Monday, November 10, 2014

Ifconfig: command not found

CentOS, say it isn't so! Having just done the minimal install of CentOS 7 as a VM, I wanted to install VMware tools. I thought I installed all the prerequisites when the script halted at "Setup is unable to find the "ifconfig" program on your machine."

I ended the script and incredulously ran the ifconfig command, thinking it had to be wrong, but it's no longer included. The ip command has now taken over networking duties, but the VMware script didn't care. I ran yum provides ipconfig, but no love: "No package ifconfig available". A couple of web searches later and I found the package I needed to bring it back...

# yum install net-tools

BTW, don't be surprised if Fedora and RHEL (and it's other offspring) are missing ifconfig as well.

Sunday, November 2, 2014

Developer Cannot Be Confirmed

I bought a new camera recently and decided I needed the "old" version of Photoshop I had lying around on my MacBook so I could salvage pics taken with my n00btastic photo skills. So as any reasonable person would do, I installed and then attempted to update Photoshop with the latest available patch from Adobe.

Finding the correct patch on Adobe's site wasn't exactly intuitive, which is surprising from a company that specializes in making software for the web, anyway I digress. Once the patch was downloaded, it wouldn't install. "AdobePhotoshop12-4-mul-AdobeUpdate.dmg can't be opened because the identity of the developer cannot be confirmed." Seems hard to believe, and I'm not sure who's to blame here, but after some searching it seems there are a number of rather large companies, i.e. Oracle, that have the same issue. (Either devs are signing their apps incorrectly or Apple released a patch/update breaking the previous verification mechanism.)

In any case, if you trust the developer, this can be overruled with a few clicks and your password:

System Preferences > Security & Privacy > General tab and you will see "App in question" was blocked from opening because the identity of the developer cannot be confirmed.

Click the button to allow anyway and enter your password, the app should start installing immediately.

Wednesday, October 8, 2014

Disabling the Yum RHN Plugin

Due to the sheer number of RHEL installs we have on our network it was time to have our own Yum repo. The setup was fairly straightforward and their are many useful articles available.

Once setup and configured, testing began; both the new test systems worked perfectly. But apparently it was too soon to start slapping myself on the back, because systems already registered with RHN would error out once I removed their subscription, rather than use the local repo.

"There was an error communicating with RHN.
RHN Satellite or RHN Classic support will be disabled.
Error communicating with server. The message was:

Error Message:
        Please run rhn_register as root on this client
Error Class Code: 9
Error Class Info: Invalid System Credentials.

I did many an Internet search only to find numerous suggestions that didn't fix the problem. It wasn't until I looked at the man page for yum.conf did I see the answer. The related files portion at the bottom listed a number of other files, the important one under /etc/yum/pluginconf.d the rhnplugin.conf file. Setting it to enabled=0 stops the plugin from being used and voilĂ , the local repo was working. With each of these, I also follow up with a yum clean all just to be sure it's a fresh start.

Sunday, March 31, 2013

Excel Closing Slowly

Excel seemed to open fast enough for someone in our accounting department, but its closing was glacial.

I removed all Add-ins (File > Options > Add-Ins) and even started it in Safe Mode (Run... excel /s), but it still lagged on close.

Not surprising, Excel has a default template like Word's named ExcelXX.xlb, XX being the version number of Excel, in this case it's 2010 which is version 12.

Once Excel12.xlb was renamed in C:\Users\%username%\AppData\Roaming\Microsoft\Excel, the file was regenerated upon start starting Excel and from then on, it closed without hesitation.

For further troubleshooting steps, visit the overlords at Microsoft.

Friday, February 22, 2013

Changing the Default Windows Icon

I don't know about you, but always having the "orange flower" icon whenever I log into a new account on a system or use the Remote Desktop client has gotten old.

Of course, you can change the account icon by clicking on it from the Start Menu, bringing you into Control Panel > User Accounts to select Change your picture and choose from the list available or Browse for more pictures...

But if you want to change the default permanently, grab yourself a 128 x 128 bitmap (.bmp) image and name it user.bmp and dump it into: C:\ProgramData\Microsoft\User Account Pictures, confirm to overwrite.

You can also add your own icons to the list offered by naming the bitmaps usertile45.bmp, usertile46.bmp, etc. and placing them in: C:\ProgramData\Microsoft\User Account Pictures\Default Pictures

As you would imagine, this works for Windows Vista and 2008/R2. Still don't have a Windows 8 system to use, so you're mileage may vary with that...

Wednesday, December 26, 2012

Testing an External NTP Server

First off, NTP uses port 123. That was the first thing I checked when trying to telnet to one of the servers. Seems most NTP server ignore the telnet command.

Then I thought I'd use net time, but it has been deprecated in Windows 7 in favor of the newer w32tm command.

There's a litany of switches to use with it, but the /monitor /computers:server are the ones you want.

And using the command: c:\w32tm /monitor /
You will get the following output, showing it works:[]:
    ICMP: 59ms delay
    NTP: -0.1402919s offset from local clock
        RefID: 'ACTS' [0x53544341]
        Stratum: 1

You can find a huge amount of popular public NTP servers at