Tuesday, February 26, 2008

802.1x and the retard

I must be having a rough week.  In an attempt to demo some Enterasys coolness for my boss I started last week configuring our satellite office's core switch for 802.1x via MS IAS server.  I immediately ran into issues with what should have been a simple install.  My RADIUS server was not seeing any requests from the switch.  Anyway...long story short, somewhere in the middle of my troubleshooting process I shutdown and restarted my IAS server.  At least that's what I thought I did.  I apparently have too fast of a index finger and even though I thought I clicked start server, it never happened.  My server stayed off for hours of inspired troubleshooting.  It wasn't until I went through all my server logs that I saw the line. "The Internet Authentication Service service entered a stopped state."

Friday, February 22, 2008

SNMP nonsense

So I went to configure my switches with SNMPv3 and it didn't work.  After screwing with it for a while I backed off down to V2 and it still wasn't working, so I did what every responsible network administrator should do.  I panicked.  That led my brain to completely shut down any logic functions whatsoever.  I ripped out V2 and placed V1 communities in place.  Still nothing.  I brought in some MIB walkers.  It wouldn't access it.  I ripped out the V1 and put "public" and "private" back in.  Nothing.  I finally, after 24 wasted hours, gave up and called Enterasys tech support.  He couldn't figure it out either until he stumbled on the dumbest reason (IMHO) for a line of code to stop working.  See if you can figure it out

<My Version>
set snmp access {group name} security-model usm privacy exact read all write all notify all nonvolatile
set snmp group {group name} user {username} security-model usm
set snmp user {username} authentication {md5/sha} {auth password} privacy  {privacy password} nonvolatile

<Working Version>
set snmp access {group name} security-model usm privacy exact read All write All notify All nonvolatile
set snmp group {group name} user {username} security-model usm
set snmp user {username} authentication {md5/sha} {auth password} privacy  {privacy password} nonvolatile

Monday, February 11, 2008

Harmonica master

I don't know why, but this guy strangely reminds me of Michael Lee. He must be from the same genetic stock.

Thursday, February 7, 2008

Lift-off // sort of

I've been waiting to watch the lift-off of Atlantis since December. I've been planning all week to watch even with the threat of rain in Florida. 20 minutes to launch and my boss calls with a problem in a Domino app. After very patiently explaining that the problem isn't Windows but permission's inside the app (which I thankfully have nothing to do with), I tune to view the launch 4 minutes after the launch. (sigh) That being said. Go Atlantis! GOD speed and good luck!

picture credit LGF @ http://littlegreenfootballs.com/weblog/?entry=28876&only&rss

Monday, February 4, 2008

Great Podcast - Nothing to do with Network Administration

This is a site I recommend all readers subscribe to. Michael Lee has provided a great service here by podcasting the Bible (New English Translation). While I would have preferred the King James version so I could brush up on my thee's and thou's, harkening back to my D&D days, this site is awesome. This will definitely be one of my daily visits.


02/04/2008 2:01:00 pm PST
Update -- Well.....three hours after leaving the VM, Acronis was kind enough to return my call. It must be one busy tech support call center. The same guy that I've used in my last three calls called me back. I beginning to think Acronis' call center is out of this one gentleman's living-room located somewhere in third world and connected to the 800 number via VPN. Through his often mumbled and heavily accented voice, he asked me to repeat the message I left on the VM three hours ago (They apparently couldn't be bothered to listen to it). He then gave me a lot of hmmmms and ummmmms and then proceeded to tell me that new instructions would be sent via email and please get back to him. At this point his VPN link must have died because all of a sudden the call went one way audio. I could hear him but couldn't communicate with him. I hung up in disgust.

I'm beginning to regret my decision to purchase Acronis SnapDeploy for our companies imaging platform. We've run into some problems with deploying out to some newer workstations where the SD client just seems to drop the IP stack. At this point, Acronis' tech support has been less than helpful. In fact I would give them a D grade only because I wouldn't want to be mean and give them a F. Their tech knowledge base has no useful information with regards to this program (or truth be told any problems) and the tech support forums are littered with abandoned threads that Acronis apparently can't be bothered to answer. As a corporate customer, I expect and demand that companies that I purchase "priority" support from bend over backwards so I can service my clients. To date I have placed three phone calls for two different issues to "priority" tech support for help. These were the results.

1. The first call, the voice prompt gave me the depressing news that I wouldn't be able to talk to an engineer as they were all busy (probably listening to pissed off customers) and I could leave a VM. After begrudging leaving the VM, I received a call back a couple hours later from a gentleman with a very thick accent. Five minutes later after apparently not listening to me, he tells me to run a basic test and email him the results. I haven't returned the results because of the issue I'm currently having.

2. The second call I make I actually get an engineer (I'm pretty sure the Indian fellow I had on the last call). I explain the issue and he again makes no effort to either explain the problem or work through the problem with me on the phone. His first and only effort is to email me instructions on patching the program (A patch I might add that should have been available on their website for me to just download). The email states if the patch doesn't work, then run TrueImage rescue disk and collect and email back some data for tech support. The only problem is I don't own TrueImage nor do I have any idea what or where to find a TrueImage rescue disk.

3. My third call was made today to follow up on the emailed instructions that were apparently for TrueImage not SnapDeploy. I got the voice prompt to leave a VM.

This is starting to piss me off. I paid for priority service and I'm beginning to think I've been had.

Friday, February 1, 2008

Google sidejacking

A while back I blogged about sidejacking being done at BlackHat. I figured just use SSL and everything would be groovy. What I didn't know was that gmail would stop attempting to use SSL connections if SSL was being blocked (like when you're attempting to log into the T-Mobile at the local starbucks). Read the rest and be afraid....be very afraid.

In Memoriam

Today marks the 5th anniversary of the tragedy of the Columbia space shuttle. I don't have many words to express the sadness I felt that day as I watched the pieces of the shuttle fall from the sky on CNN. I hope tragedies like this never deter us from exploring the vast unknown. On my way into work I heard this broadcast of Commander Rick Husband's wife speaking about her and her children's loss. It's worth a listen

Kennedy Space Center

In the skies today we saw destruction and tragedy. Yet farther than we can see there is comfort and hope. In the words of the prophet Isaiah, ''Lift your eyes and look to the heavens: Who created all these? He who brings out the starry hosts one by one, and calls them each by name. Because of his great power and mighty strength, not one of them is missing.''
The same Creator who names the stars also knows the names of the seven souls we mourn today.
The crew of the shuttle Columbia did not return safely to Earth. Yet we can pray that all are safely home. May God bless the grieving families, and may God continue to bless America.

-President George Bush
February 1st, 2003