Network Problem

Monday started with a bang this week. We were having lots of problems with network connections dropping randomly throughout the building.. In the middle of trouble shooting this, a third of the network just disappeared. The first place to look when this happens is always the wiring cabinet. I took a quick look there and didn’t see anything out of the "ordinary". It was on my second trip to the wiring cabinet that I noticed that one of our 48 port switches was not blinking; all the lights were on and nobody was home. I went over to the server room to check the main switch that acts as the backbone for the network and it was showing no connection back to the other switch. I tried resetting the switch and still nothing. I then tried a factory reset of the switch and it never came back on. Guess what we didn’t have a spare of; a switch. It is amazing how many small routers you can find lying around in a company since that is what I had to use to get things back up and running. I did get a new switch shipped in overnight and it was installed Thursday morning. We were already looking to do some major infrastructure upgrades next year, so we just started the project a little early.  The new switch was a Netgear ProSafe 48-port Gigabit L3 Managed Stackable Switch.  There has been a noticeable improvement in throughput on the network.  We put this router in the server room were most of the bandwidth was needed.

Patch Tuesday … (December, 2008) Updated

This is the first in what is going to start being a monthly recap of Microsoft’s Patch Tuesday.  It will be a quick summary of how many patches where released as far as our Windows Server Update Server (WSUS) is concerned.  The way that we currently are configured, we push the updates out to the IT Department on the first day that a patch is released and two servers for to test the updates and make sure that everything works.  After one week if there are no problems we will release the updates to the rest of the factory.  This process will get modified if there are any high priority updates.  This would include any update that is actively being exploited.

The computer in the test group are:
2 Windows XP installations
1 Vista installation starting in January 2008
1 Office 2003 installation
1 Office 2007 installation
2 Windows 2003 servers (1 Domain Control, 1 Application Server)

This month there were 16 updates covering Windows XP, Office 2003 and Office 2007.  There were no updates 6 for our Windows 2003 servers.  We did not have any Vista machines before this round of updates.  I am just setting the first Vista machine up for the company today for testing.  After two days everything seems to be running pretty good.

I did have a problem with my personnel notebook which is running Vista.  After installing this months updates and rebooting, my CPU was running at about 95% utilization.  It would swing up to 95% for about 10 seconds and then drop to 5% for 5 seconds and then repeat.  I let it run for almost an hour to see if it would settle down.  I tried reboot a couple of times but had the same results.  I when back to the restore point from before the updates were installed and that fixed the problem.  For some reason I decided to try installing the updates again today and everything went fine.  I am not getting the big spikes in utilization.  I didn’t think much of it until lunch today.  I was talking to the other half of the IT Department and he had a similar problem with the updates this month.  After installing them and rebooting, he had not networking.  He restored to the restore point from before the updates and then reapplied them and everything worked fine on the second try. 

Update: It does not look like I will have a Vista machine to test after all next month.  The Time and Attendance software that we are using does not run on Vista.  I guess we may have to upgrade to the new version before we start looking a rolling Vista out.

Update: Not sure why, but two days after approving the updates from the WSUS server the Windows 2003 servers FINALLY decided that they did have some updates.  The servers are usually the first machines on the network to show that there are updates available.  That said there where 6 updates for the servers.

Entitlement Issues …

What is it about employees and entitlement.  I think that I have talked about the fact that we will let people bring in home computers and we will work on them as we have time.  We currently have a manager who always has their home computer, work computer or both computers in being worked on.  Today he decided that we are not taking his home computer problems serious enough and he wants it fixed now.  You would have had to be there to understand the utter stupidity of this comment.  He is standing in my office demanding that I fix his computer today, while we have one of our three primary switches down and a third of the building has no network access.  The only other person that has been a pain about stuff like this is the person he was hired to replace.  Makes me wonder if this entitlement issue is just something that comes with being the being a sales manager.

Google’s Chrome Finally Ready?

I have been using Chrome almost since the day it was released.  I really, really love the clean interface that it has, and wish that more developers would take a page from Google’s book.  One of the biggest roadblocks to using it full time has been the lack of support from LogMeIn.  I started using their service early this year to connect to and trouble shoot our road warriors notebooks.  It has saved us from having to get notebooks shipped back and fourth on several occasions.  Well it seems that LogMeIn is finally working with Chrome.  I’m not sure when this happen, because I had not checked it is a week or two.  I am currently running the development branch of Chrome, but I have not had any problems with it crashing.

I’m going to try and keep this post updated with any problems that I run into and when they get fixed.

Recovering From a Corrupt Registry Hive

We had a computer come in the office that was getting the following error today:

Windows XP could not start because the following file is missing or corrupt:

I found sever solutions to fix this, but all of them would cause the registry to be restored to the default Windows installation state.  This does not seem like a very good solution at all.  After digging around trying to find a way to run Windows Restore from the Recovery Console, I found a post that explained how to restore files backed up a Restore Point from the Recovery Console.

The Steps required are:

  1. Log into the recovery console using a Windows install disk.
  2. Navigate to the windowssystem32config directory and rename the file system to something like system.bak
  3. Navigate to the System Volume Information directory.
    cd system~1
    cd _resto~1
  4. A quick dir command will give you a list of directories named RP and then  a number.  If you look at the timestamp for these directories it will let you know when the restore point was created.  Look for one that is dated JUST before you started to have this problem and navigate into it.
    cd rp#
  5. Within the RP# directory there will be a directory named snapshot. This is the directory with the registry hives in it, so will want to go there now.
    cd snapshot
  6. The SOFTWARE hive is named _REGISTRY_MACHINE_SOFTWARE and the SYSTEM hive is named _REGISTRY_MACHINE_SYSTEM.  Now we need to copy this hive into the location of the corrupt hive.
    copy _REGISTRY_MACHINE_SOFTWARE windowssystem32configsoftware
    copy _REGISTRY_MACHINE_SYSTEM windowssystem32configsystem
  7. With any luck you can now type exit and let Windows reboot.

This solution was information combined from the following two sources:
Running System Restore from the Recovery Console (well, sort of)
How to recover from a corrupted registry that prevents Windows XP from starting

Still looking for a good blogging application

WindowsLiveWriterI have been using Microsoft Word 2007 do create my post this year and have never been real happy with it.  After digging around looking at some different applications that will do offline post creation, I may have finally found something that I like.  I am creating this post using Windows Live Writer.  It has one neat feature that I have not seen in any of the other applications that I tested.  It collects the theme information from your blog and displays the post in the theme as you are typing.   It’s a small touch that makes a big difference.

Virus, Virus everywhere , but nothing seems to stop them …

It seems as if there is a zero day exploit floating around out in the wild that is still unknown.  In the last 6 years we have had less than 5 computers get infected at work.  In the last three weeks we have had a steady stream of calls about computers acting weird.  Almost all of them have had trojans installed and two of them have been rooted.  All of the computers affected have been fully up to date with both patches and AV definitions.  At work we are using avast! for our antivirus software, and had not had a problem until the last few weeks.  Like most IT shops we will look at personnel computers when thing are not too busy.  We’ve had lots of home computers coming in infected also.  Most of them have also been fully up to date.  Only one of them was really asking for a problem.  Some of the antivirus software packages that have been on these computers are AVG, McAfee and Trend Micro.

I’m not really sure wall all this means, but it is getting old.