Install Logitech Webcam on Server 2008 R2
So Logitech blocks the installation of their software on Server operating systems, apparently. When you try to run the installer from their site, you get the following error:
To get around this, we need to find the files that were extracted from the installer. In my case, the installer dumped them to: C:\Users\<username>\AppData\Local\Temp\Logitech_Webcam_2.25.1016.0 , but your path may be different depending on the version of the software you are installing. Once you find it, look for the setup.ini file (see below).
Open setup.ini in a text editor and look for the lines that look like the following:
[OSCheck_xpsp2_thru_70]
; verify OS is XP SP2 through a future 7.0 version of Windows.
Evaluate + (VerCompare(2,"5.1.2600","2.0",SysVer(),ServPackVer(),"6.2.0","0.0")&&(SystemEnum()<14))
MessageId = #IDS_WARNING_OS
MessageTitleId = #IDS_WARNING_TITLE
This is the spot where it checks the version of the OS you are running and dies if you are not on the correct one. Add the following line to the text:
NonFatalError=true
This tells it to warn you if you are on the wrong OS, but to allow you to ignore it. Save and close your text editor. Now run the setup.exe in the temp folder.
Now you can hit "yes" and proceed with your install.
Failing the Right Way
I saw a brilliant observation the other day, courtesy of John from DontEatTheFruit:
How to blow up your database, lose client data, and still retain customer loyalty: https://github.com/blog/744-today-s-outage
The most interesting thing about that link is the absence of negative comments on the site. Most people thank them for being honest and for their hard work and leave it at that. A couple of people give them a hard time for bad admin choices (the kind you have to learn about the hard way), but all in all, it is pretty good-natured stuff. Compare this to the multitude of fiascoes recently published where a !MEGACORPORATION has made a mistake and then tried to cover up for it.
Two weeks ago, I found out that, despite my honest recollection to the contrary, I had forgotten to click a button that caused a recurring backup to not occur. Now for all of our clients, we run test restores at least monthly to be sure that the backups are running correctly. I have run restores from BackupExec and Tape drives that ran with no errors and found that there was no data on them at all. Unfortunately, the client needed to restore a file pretty much immediately after the system was installed, so there was no oversight ensuring that the backups were running correctly. Furthermore, the client had just come to us and one of the big reasons was that they knew that their previous backup system was basically worthless in terms of restoring.
When I realized what I had done, I realize that I had two options. First, I could have pushed the blame off. It is (too) easy to hide behind terminology or technology and pretend that something happened that no one could have foreseen. In this case, the system we use for backups, when set up correctly, is rock solid. It has saved our clients so many times that i have lost count. Blaming the technology would be nothing less than lying, and I knew it. The other option was to come clean and admit fault.
I can honestly say that I didn't even think about lying about it. To be perfectly honest, I might have considered it (not proud of it, but there it is), except that I know that I work with men who can see through the smoke and mirrors and would call me to the mat in a second if I ever compromised our integrity with a client or with each other.
I called up my contact with the client and took full and personal responsibility for the data loss. I told him that it was my fault and that I had no excuse and I would not blame them if they wanted to cancel their contract with us. I then called the user that lost the data and explained the same thing to them. The two days that I spent exhausting every option possible to recover the file only added to the pain of having screwed up so badly.
I am used to being pretty good at what I do and really like being the guy with the answers and the experience to get things done correctly. This has been a very humbling and grounding experience for me.
In the end, despite my betraying their trust, they are still a client, and are working with us on some more projects. I don't know if I had anything to do with that, or if it was more the other great guys I work with, but either way, I know that they know that we are at least honest and that I didn't compromise anything with them.
Monitoring employees activities in the workplace
Note: this is written from the perspective a consultant at a US-based IT company. Your mileage may vary in your state or country. I am not a lawyer.
I work with a lot of small businesses that have grown pretty organically and often do not have well-documented policies in place to guide employee activity. Most of the time this is not an issue, since most companies by necessity trust their employees and allow them some measure of freedom. Unfortunately it seems inevitable that an employee bruises the trust relationship and causes their employer to want to monitor them more closely.
For most employers, it is logical that they should be able to see whatever they want on company computers, phones and email accounts. After all, the employee doesn’t own it and is likely not using it outside of company time. We certainly have the technology to see everything that is going on, so why shouldn’t we use it?
For better or worse, in the US there is a principle known as the Reasonable Expectation of Privacy, which goes all the way back to the 4th amendment. Basically, if the employee can prove that they were allowed to believe that their activities were "private" and that their definition of private is "reasonable," regardless of the company resources used, the employer cannot violate that privacy. The term is deliberately vague and employees have used some pretty weak arguments to prove that they could reasonably expect privacy in the workplace, including the positioning of monitors on the desk or having a door on their office. The case law to support this principle ranges from the prohibition era to about the Nixon era and considers telephones to be pretty cutting edge technology. Since our technological options have expanded so greatly and the defining regulations have basically not changed at all, the potential liability for an employer based on a judge or jury's interpretation of the existing case law is considerable.
The best counter to this is usually a very explicit Acceptable Use Policy, signed by each employee. Make it as broad as you like, since it is a legal document. It should also be reviewed by a lawyer, in case you are asking them to promise not to engage in protected speech. For example, if you tell them not to communicate to other users about union activities, you are going to be in big trouble.
A great explanation of the 4th amendment can be found here
Exchange 2010 SP1 Observations
- WebDAV clients are no longer supported. This includes older versions of Entourage or pre 10.6 versions of mail.app. If you are running an older version of Entourage, you can upgrade to Entourage 2008 EWS for free and it works pretty well from there.
- The default connector set up between Exchange servers are overridden by the presence of a smart host on the default send connector on either server. This will impact public folder replication as well as mail being sent to mailboxes on the other server.
- By default, the mailbox move process is throttled to an effective 2 mailboxes at a time. This is to limit the impact of several source servers writing to a single destination at a time. You can increase the limit by upping the "2"'s in the MSExhangeMailBoxReplication.Exe.Config file to something higher. I did it with 10 and everything else nearly ground to a halt. An interesting feature is that the corresponding service did not need to be restarted for this change to take effect.
- If you get errors when you are trying to move mailboxes, or some accounts can't use activesync, confirm in AD that the accounts do not have inheritance blocked in the security tab of the account.
- In my case, I was moving about 750 mailboxes, and the whole process took about 17 hours running 10 moves at a time. Both the old and new server had the mail store on iSCSI volumes.
- As always, run the BPA and confirm that everything passes first. You will need to update AD to proceed. Also, run every exe or powershell script with escalated privileges.
SBS new install checklist
I was going to make one, but this guys is much better: http://blog.mpecsinc.ca/2009/05/sbs-2008-setup-checklist-v111.html
I am working on a checklist for a migration from standard server or sbs 2003/2000. Look for it soon.
VMWare standalone server checklist
This list assumes a Dell PowerEdge R710 with no SAN. Similar steps would be required for any VMware host. After unboxing server and setting it up on the bench boot it up.
- Hit f10 to configure your RAID, if needed. Reboot.
- Download and install firmware updates for RAID controllers and backplanes. Reboot.
- Enter bios and turn on virtualization support on the processor. Reboot.
- Configure iDrac IP settings and password (Ctrl-e at the prompt). Reboot and test access via the web console. Default username/password is root/calvin
- Boot to ESX 4.0 installer disc, go through installation prompts with defaults. Remove disc and reboot.
- After reboot, log in to the console, set IP information and password.
- On a machine on the same network, go to https://<server IP> and download the appropriate vsphere client for the version of VMWare ESXi you are running, if needed. Install the host update utility.
- Log in to the server via the vsphere client and enter your serial number. Select the host IP in the left hand panel, choose the configuration tab on the right hand panel, then select "licensed features" on the left and then choose edit in the top right corner. Enter your key. If you don't have one, get it from VMware.
- Configure your NTP server. Exit vSphere.
- Open the host update utility, connect to your new host, scan for patches and install them. Run through this process until you can do it twice and find no new patches.
- If needed, open vSphere and configure networking (vlans)
- Create an ISO directory on your data store, copy needed ISO files to that folder using either the store browser or the Veeam SCP utility.
- Build your VM. Configure startup options for the vm if needed.
- Install the vmware tools for the server in question.
WordPress Admin Site Corruption on 2.9.2
Normally, I assume that if I am running the most current version of a product, my chances of getting hacked are pretty low. I don't know what happened, but a few days ago, I noticed that the admin side of my site was rendering really funny, regardless of the computer or browser I was using. I noticed that the other sites I run on the same shared host (hostgator) had the same issue. I did the following steps in order until I found one that fixed it:
- Changes theme back to default
- Deactivated all the plugins (I really only use two, so this was not a big deal)
- Renamed the plugin directory to plugin.old via FTP
- Replaced the http.php file in wp-includes with a fresh copy from a newly downloaded zip file
- Replaced entire wp-includes directory with new copy
The last thing fixed it. Unfortunately, in my haste, I did not get a close look at the files to see if they had been modified. If I was in a situation where I only updated my site from one IP, I would definitely be modifying my .htaccess file to lock this down.
Below is a screencap of what the site looked like:
Everything worked fine, but it looked way off.
Postman’s 4th idea
I am 30 now, which means that I can still remember using BBS's and installing a pre-5.0 version of netscape. In short, I am old.
My job caters well to the fact that I am old. I don't really bother memorizing anything any more. In an age when I can type in a few words to a song into google and immediately pull up the lyrics, a link to buy it, 37 mashups using it and a video of a cat playing a keyboard to it, most things simply do not register as important enough to dedicate the attention required to memorize them. As a consequence, I believe that my memory is getting weaker. If it were up to my retention abilities, both the good and bad would be forgotten quickly. Thanks to gmail, archive.org and google web cache, however, I am free the from the responsibility of ever remembering anything that is said to me or that i said to anyone else. A little over 10 years ago, Neil Postman wrote a talk called 5 Things We Need to Know About Technological Change, in which he explains in the most distilled way I can imagine a sort of "heads up" to the leadership of the world about what is coming in the next 10-20 years. The 4th point in his wholly amazing work is summarized below:
Here is the fourth idea: Technological change is not additive; it is ecological. I can explain this best by an analogy. What happens if we place a drop of red dye into a beaker of clear water? Do we have clear water plus a spot of red dye? Obviously not. We have a new coloration to every molecule of water. That is what I mean by ecological change. A new medium does not add something; it changes everything. In the year 1500, after the printing press was invented, you did not have old Europe plus the printing press. You had a different Europe. After television, America was not America plus television. Television gave a new coloration to every political campaign, to every home, to every school, to every church, to every industry, and so on.
The addition of an automatic stenographer for every thought I bang out to my wife or father, or friends has many benefits. I can easily refer back to see if I said something incorrectly, or missed an important detail. I can pull up emails that were sent 5 years ago (I was on the early curve of the gmail thing) and get exact quotes from people I have not seen in years. The issue is that my changed ecology allows me to easily re-kindle old grudges. Before Christmas, I was sent an email response to a note I had sent to a relative. The email I got was, in a word, inflammatory. Possibly more so than the author had intended. In the 2 months since, my anger had moved from foaming-at-the-mouth seething rage, to a much more restrained irritation. Last week, a conversation with my brother caused me to search for the message in question and the second I re-read it, I was immediately filled with the same emotions once again. This automatic record has the capacity to turn every little offense into a Hatfield Vs McCoy level feud.
I have been convicted recently about my treatment of another family member, again fueled by a perfect record of the wrongs I have 'suffered.' Even if I am justified and wholly 'right' (or as much as so as a human can be), am I allowing this shift in my spiritual ecology, the environment in which my faith exists, to be a less-Christ-like forgiver of wrongs done to me? A friend of mine recently wrote in an article for Collide magazine on this subject. He said:
Theologian Miroslav Volf, author of The End of Memory: Remembering Rightly in a Violent World, says that when we try to deal with the past, we often make one of two mistakes. Sometimes we downplay what happened, saying, “Aw, it wasn’t that big of a deal. I only lost, like, six followers over it.” This way, we don’t have to forgive the event as it actually happened. Other times, when we hold resentment against someone, we inflate an event in order to make the offender look worse. “She posted that over the entire Internet.” But Volf, who underwent a months-long interrogation during the Yugoslavian conflict, suggests that a major part of forgiveness is not forgetting, but remembering rightly so we can forgive what really happened.
For Christians, this means that the Internet’s ability to help us remember rightly is a chance to practice a theologically-informed, true kind of forgiveness. Rather than downplay an incident or cut people off every time they annoy us, we have the chance to look at the past with Google-like accuracy and choose to stop holding those wrongs against those who harmed us.
Wow. For me, this is about the hardest thing in the world. I like to pretend that I never play the victim and that I will just take all kinds of abuse without saying a word. The truth is, though, that I act worse than my kids when I am wronged. The hardest parts of the Christian life are the things that fly most in the face of our instincts with no payout in return. When we give financially, we feel good about it. When we serve in a ministry, we get kudos from other believers. When we forgive someone who has wronged us without throwing it back in their face, we a) open ourselves up to getting hurt again and b) walk away from our right to be right, to be the blameless one. The hardest part for me is that second one, the one where I have to treat the other person like they are as forgiven as God says they are. I don't get to be a martyr any more. I hope that someday I will be as able to forgive and treat another believer as blameless as gracefully as our savior and some of his more sanctified children have show me in the past.
References:
http://www.mat.upm.es/~jcm/neil-postman--five-things.html
http://www.collidemagazine.com/article/print/291/i-will-remember-your-tweets-no-more
LogMeIn Error “failed to start remote control process: 5″
Client called last night with the above error when trying to connect to any of 6 workstations in an office in Virginia from any other machine with any browser. Quick check on google returned no results, so I called LogMeIn support. Apparently, an update released yesterday for AVG misidentifies a component of LogMeIn as Vundo.J and blocks it from accessing the internet. It will also block new installations of LogMeIn, causing the "starting services" step to fail over and over again.
The band-aid is easy, just exclude c:\program files\logmein from your resident shield. The folks at LogMeIn also urged me to contact AVG support about the issue, as they want to get it fixed as quickly as possible and they figure that more voices will make the fix happen more quickly.