Informations, tips and technics.

2012 in review

The WordPress.com stats helper monkeys prepared a 2012 annual report for this blog.

Here’s an excerpt:

4,329 films were submitted to the 2012 Cannes Film Festival. This blog had 17,000 views in 2012. If each view were a film, this blog would power 4 Film Festivals

Click here to see the complete report.

Filed under: Uncategorized

Dell XPS and the loading DMRK infinite loop

The week end, I was thinking that it was time to see if there are some updates on the Dell web site. I saw 3 or 4 of them including a firmware update for a seagate hard drive. I have to confess right now that I have checked my hard drive model but as soon as downloaded the software I was thinking that waors t case, the firmware update will detect that there are no drive to update and finish there.
After downloading all the updates, I started install them. For the hard drive update, it ask me to reboot to complete the update. After the post (Dell Logo), the software lauch, detect and found no drive. Cool, that was expected. So reboot and then… the loading DRMK fires and the Dell diagnostic software appear wit honly 3 options (memory, system and exit). what ever you choose exit will reboot the system and go back to this utility.
This is because of the Dell diagnostic software installed as a partition.
I will post the how to I solve this soon, just as a reminder, her ea the important links:

ref : http://www.goodells.net/dellutility/recreate.shtml (see “Using Other Tools to Build a Utility Partition
ref: http://windows-seven-support.blogspot.com/2010/04/how-to-change-active-partition-in.html

I have been able to solve my laptop and recover my Windows 7 system bu simply make my Windows 7 partitoion active again and recover the boot loader. Be sure I will post the how to soon.

Filed under: Uncategorized,

Recover grub bootloader with Vista, Xp and Linux (new)

If you have already see my blog, you have already noticed that I have written an how-to several months ago about recovering grub bootloader with Vista and XP. Well, I have recently have to play a little more with this and I want to share with you about the way I have finally manager to get it working (back). Of course, fell free to comment this post if you have any question or suggestions.

I have to tell you about my recent issue with grub and the way I have manager to get it back as long as my different entries for my different OS. The issue happened to me several days ago and took me 1 week to solve.
For for information I have 2 sata controllers on my pc and 3 disks

  • Controller 1 : a Promise SATA TX2PLUS controller
    • Disk 1 : 3 OS (XP, Vista and OpenSuse)
      • Default boot loader is grub from where I have one entry for each OS
      • Partition 1 : XP
      • Partition 2 : Vista
      • Partition 3 : Extended
        • 1 partition for the swap
        • 1 partition for /
    • Disk 2 : some data
  • Controller 2 : Internal Silicom Image SATA Controller
    • Disk 3 : some data

All was working like a charm for several months now since I had to burn some data on a cdrw. I don’t remember the brand of de CDRW.
One inserted, I have the surprise to see that my brand new cdrw was not clean nor empty but have some data in it!! I had then open it in Explorer (I was working with XP at this time) and found an application called InCD Easywrite.

I do not really now what was that. The text displayed tell me that I have to install the InCD application so my DVD/CDRW burner can manager the CD MRW format… See here  for more information about this format.

I hadn’t take the time to google what was that application nor what the CD MRW format was.

Supidly, I  clicked on the setup file and install the program. At the end of the setup, it prompted me to reboot which I have agreed and…

Got this:

bootmgr is missing

I have immediatly try to find some fix about this issue with this application on the Internet with no luck. At that time, maybe because it was late in the evening, I started to play with different solutions found on the internet and some tool that I have in my admin kit (like SuperGrubDisk or other tool to recover the MBR of my disk). I have to confess that I have not took the most professional way to solve this issue.

For what I remember, I have tried the following:

  • Boot the OpenSuse DVD and use the repair tool
    • The operation was successfull but after the reboot, Grub has no color at all and all the entries seems not functionnal at all
  • Try some advanced options with SuperGrubDisk with no luck
  • Try to reset the MBR with a clean one and try again the OpenSuse repair tool, no luck
  • At one point, even if Linux could be booted from Grub, Vista and XP entries gave me those errors.
  • I remember that I have played with the testdisk utility and cleaned my MBR several times.
  • I remember also that I have tested different combination of howto with supergrubdisk and its brug repair tool.
  • I have also played several times with OpenSuse repair option to try to reinstall my grub bootloaded.
  • At one point, I have tried to reinstall Grub but after a reboot, it did not appear anyway

The best that I can have is a bad grub that can’t boot anything.

I have finally take several minute to think about the situation and try to find a logical way to solve my issue.

What I know for sure is that I hadn’t lost any data: I have booted with some linux and xp live cd (yes there are some! see below) and all my partitions are there with their data. So I know that only the MBR and the boot part of the parition are lost.
Ok. I remembered that several years ago I have used the repair tool of XP and Vista to restore there bootloader (the repair console in XP and the startup repair tool when you boot the Vista DVD).

I decided to give a chance to the Vista repair tool to, at least, have one OS that I can boot.

I have tested the automatic repair and also some manual commands like those : http://support.microsoft.com/kb/927392

But I still have some major issues like those boot messages:

BOOTMGR is missing. Press Ctrl+Alt+Del to restart.

I have try several repair attemps with vista and have those different errors:

  • Status: 0xc000000e; \Windows\System\winload.exe “could not be loaded because the application is missing or corrupt:.” – status: 0xc000000e.
  • Some errors when I choose the XP options in Vista boot menu :
    File: \Boot\BCD
    Status: 0xc000000e
    Info: An error occurred while attempting to read the boot configuration data
  • For what I remember, I had also the Status: 0xc000000f error

Ok… At this point I am thinking about using XP repair console to repair my MBR and have at least one OS that can boot.

Unfortunatly, when I booted the XP cd to have the recovery console the install does not show the option at all and ask me instead if I want to install a fresh copy.
One thing that I have noted is that the display order or the C:, D:, E: drives is bad, like the C: drive is listed not as the first drive in the list but in the second choice.
Also, When I have tested my OpenSuse repair grub option, I have see that in the advanced options, the system offer me to install the grub not on the primary disk (sda) but on the other disk (sdb) which make me think that the different OS that I have try to repair all thinks that my default disk (so the disk where the mbr should be repaired) is not the primary but another of my 3 disks! So the disk/partition sequence/order is not good at all.
Instead of playing with the different combination of disk and controller, I have decided to plug only the correct hard drive, meaning, the one with my 3 OS and unplug the others. But just before this, I have make sure that my disk is really bootable, so:

  • Step 0 : Boot with systemrescuecd and check with gparted tool that my disk have the flag boot set.
  • Step 1 : Unplug any other disks that you may have and have only the disk with your different OS

Now, I have only my controller 1 and my disk 1 with all my OS on it.

Fine. now let’s recover XP boot.


I have booted with my XP cd, give the drivers and … no recovery console option! Well, I don’t know why the option was not there but I know that I have no really an easy way to get it back.

But, I have found UBCD4WIN (Ultimate Boot Cd 4 Windows). Based on BartPe, you can create an XP live cd with different tool very usefull on it. For me, the most important part was to have a recovery console to play with and have access to my XP partition.

To create it, you will need to have access to an original XP CD (but there is not need of the insall key). Just have you XP CD, a blank CD and just follow the wizard (note : see below to have the mass storage drivers loaded with the recovery console).

  • Step 2 : Check if you can you can use the XP CD recovery console recovery option or use UBCD4WIN. then recover the XP boot

Once booted, choose the recovery console option. From there, you will have to choose which windows you want to access (in my case I have 2 windows, one is xp and the other one is vista) and then enter for admin password (forgot it? ubcd4win have a tool to change it)
then you can use fixboot and fixmbr and reboot

  • Step 3 : Use fixmbr and fixboot to recover your XP boot

At this point you should have an xp running. cool.
But what about vista and linux?
Well we know that now the only MBR that need to be fixed or updated is the disk currently plugged.
So i have booted my opensuse dvd and use the repair option. I told it to re read the configurtion from disk and save all the stuff.
After a reboot, my grub is there! and I can boot xp!.

  • Step 4 : Recover your GRUB bootloader with OpenSuse (or tool with your Linux distro)

Ok, but about Vista?

Well, if the MBR is correct then the only thing needed for vista is to repair the boot partition.
Let boot the Vista DVD and use the command prompt in the recovery option.
from there use bootrec /fixboot, reboot and then grub should be able to boot linux, xp and vista

  • Step 5 : Boot your Vista DVD, access the command prompt of Vista repair option and use bootrec /fixboot

Tada! Now I can plug my other hard drives. But …

  • Additional step : Fix Vista issue with swtiched drive letters

I have noticed that when Vista booted, some strange errors appears at login time and also I saw that Vista think that my C: drive is actually E:!
For some reasons, Vista seems to be confused about the fact that I have unplug some drive and now it was completely lost about the different drive letters order (I really have to check how Vista can switch from his boot driver lettre to C when it has finsihed to boot…).
I have followed those steps 
Then reboot Vista 1 or 2 times and all show be fine for this OS.

  • Additional step : Finalize your Grub options

Here, I have only modified the name of the entry (Windows XP, Vista) and add also the option 0×317 to the Opensuse boot option to be sure that I boot in a ‘graphical’ environement like it was before.

Here is a list a tools that I have used:
UBCD4WIN (http://www.ubcd4win.com/). See note below for recovery console mass storage drivers in UBCD$WIN 3.20.
- Your Windows XP CD (sp2)
- Your Vista DVD
- Systemrescuecd (http://www.sysresccd.org/) for its gparted tool
- Opensuse 11.x (or any livecd distro used to install grub)

Other tools that can be usefull:
- SuperGrubDisk (http://www.supergrubdisk.org/)
- Fedora or Ubuntu Live CD (fedora.org, ubuntu.com)

I will post some update as soon as I can found more detail informations about the different tools involve like the bootsect option in the Vista repair option.

 Note about UBCD4WIN and mass storage drivers in recovery console:

From a post in the UBCD4WIN forum:

MassStorage drivers plugin dosn’t support Recovery Console yet. You may create a plugin yourself.

  • First copy file (UBCD4Win)\plugin\DriverPacks.net\MassStorage.inf to MassStorageCMDC.inf
  • Edit file MassStorageCMDC.inf, use header section
    Signature=”$Windows NT$”[PEBuilder]
    Name=”# DriverPacks.net – MassStorage – Recovery Console”



  • Next replace all “txtsetup.sif” with “cmdc\txtsetup.sif”
    Example line :
    “cmdc\txtsetup.sif”,”SourceDisksFiles”,”VMSCSI.SY_”, “1,,,,,,4_,4,1,,,1,4″

If you update MassStorage.inf in future, then update MassStorageCMDC.inf too.

Ref : here


You may encounter the following issue. From Grub, you can boot XP and Linux but Vista display the error message below:

File: \Boot\BCD
Status: 0xc0000034 (0xc00000e or 0xc00000f)
Info: The Windows Boot Configuration Data file is missing required information

And, when you try to repair your Vista installation using the Vista DVD repair options use the rool bootrec/scanos :

Total identified Windows installations: 0

Here is the steps that I have followed to fix this issue.

  • First ve sure to have the bootsec utility on your Vista, XP drive or on an USB drive (it supposed to come with the Vista DVD but you can find it with some tools like EasyBCD, anyway be sure to have it somewhere accessible from the Vista Repair Console)
  • Boot with the Vista DVD
  • Open the Repair Console, then the Command Prompt
  • Identify your Vista drive letter and your XP driver letter (if you have it installed)
    For me Vista is on the E: drive and XP on the C: drive
  • On the XP partition be sure that you have no C:\Boot folder. if you have one, make a backup and then remove it
  • On the Vista partition, be sure that you have a backup of the E:\Boot folder and then delete it
  • Using Bootrec, do 
    • bootsect /nt52 c: (so the XP partition will only boot XP)
    • bootsect /nt60 e: (so Vista partition can boot Vista)
    • bootrec /fixboot
    • You may have to reboot and go again in the Vista Repair Console
  • Now, bootrec /scanos should tell you that it has found 1 Vista installation
  • Try bootrec /rebuildbcd
  • Now for some reasons, the BCD file is located on the C:\ so if I reboot now, the Vista bootloader will again says ‘The Windows Boot Configuration Data file is missing required information’. So, move the file C:\Boot\BCD to E:\Boot\ (move C:\Boot\BCD E:\Boot\) and reboot
  • Vista should boot now.

Filed under: Linux, Windows, , , , , , , ,

WSUS, Default Web Site and custom ports in IIS

Those days, I have moved my wsus server into a existing server that have already McAfee ePolicy Orchestrator 4 installed.  I have also take the time to put the 2 applications on SQLServer 2005. I will post the entire process of this move later.

Because EPO use Apache on the port 80, I have tested wsus on a new tcp port in IIS (8530 and 8531 for SSL), I have discovered that wsus seems not very confortable with a least 2 things:

  • If wsus install itself in iis using custom port, it put itself in the ‘WSUS Administration’ web site on port 8530
  • When running the client diag of wsus on some client, every client complain with some errors (VerifyWUServerURL() failed with hr=0×80072efd). I have finally discovered that it is mainly due to the fact the the ‘SelfUpdate’ service in IIS is not in the Default web site.
  • I have also discovered that even if all seems working nice, I still have some errors in the event viewer like ‘The DSS Authentication Web Service is not working’

Here are the steps that I have taken to solve my issues:

  • Move EPO apache to port other that 86
    • See https://knowledge.mcafee.com/article/579/614037_f.SAL_Public.html for more information about this. Just remember that you will have also to reinstall your client on each computer that connect to your EPO server.
    • At this end of the procedure, remember to delete the file following the procedure found here:
      • Recompile the ePO agent: 
        In Windows Explorer, navigate to: …\Program Files\Network Associates\ePO\3.x.x\DB\Software\Current\EPOAGENT3000\Install409
      • Move the FramePkg.exe and Framework.z files out of this folder to the root of the c: drive.
        NOTE: Once the ePO services are restarted in the next step, the FramePkg.exe and Framework.z files will be recompiled back into this folder.
      • Click Start, Run, type: services.msc right-click on the following services and click Start:
        NOTE: This will create a new FramePkg.exe and Framework.z file.
        McAfee ePolicy Orchestrator 3.x.x Server
        McAfee ePolicy Orchestrator 3.x.x Event Parser
    • Generate a new Framework package using EPO console
    • On each client, update the Framework EPO agent using : FramePkg.exe /Install=agent /ForceInstall /silent
      On some computers, you will have to uninstall the agent before updating it using “C:\Program Files\Network Associates\Common Framework\FrmInst.exe” /forceuninstall”
  • Ok now the port 80 is free for IIS.
    • Make sure the value for PortNumber under the “HKLM\SOFTWARE\Microsoft\Update Services\Server\Setup” key is set to the correct port (the one your WSUS site is on).
    • Make sure that the IIS web site where WSUS is installed is called ‘Default Web Site’
    • Go to your wsus installation (C:\Program Files\Update Services\Tools) and use:
      - wsusutil configure ssl : if you use ssl
      - wsusutil usecustomwebsite false : this will either move your wsus to the ‘Default Web Site’ site in IIS on use port 80 or if you use the ‘true’ option, this will move wsus to the ‘WSUS Administration’ IIS web site on port 8530 port.
  • Reconfigure your SSL in IIS
    - On the root ‘Default Web Site’ site in IIS, go in ‘Directory Security’ tab on tell IIS to reuse a certificate that you have already have created.
    - Reconfigure SSL for some folders in IIS, according my previous post.
  • Of course, you will have to configure your GPO or registry to reflect the changes.

And finally no more errors!

Filed under: Windows, , , , , ,

Wierd samba access issue with Windows.

I found this one funny (sort of…).

A user who use a Windows 2003 terminal server session reported be having a problem access a samba share after the server, which is part of a domain, asking him to change his password (controlled by a GPO). He changed his password, access his session and then he tried to access his samba share using

 Start /cmd / \\sambaserver\<username>.

Windows then prompted him a user name and password. But whatever username and password he entered, it was rejected.

The funny thing is that the event viewer did not report any issue and there are no entries in the samba logs at all, no errors or anything. Even when the user logged out and logged in again, the same behaviour occurred.


We finally discover that some shortcuts displayed in My Network Placesworked well on the samba server without asking any username and password. We saw also that a network drive was disconnected.

  • We finally resolve the issue by using  start / cmd and using net use
  • This will list all network resources currently used by the user on the system.
  • we have done some cleanup using net use <entry> -DELETE for each item displayed here.

Then the user have been able to go the samba share without any problem.

Hope this help!

Filed under: Windows, , , , , , , ,

Checking imap/exchange connectivity

Sometimes, you want to troubleshoot network connectivity and access to an imap server, like Exchange or other ones. Of course you can use telnet, like:

  • telnet <your exchange server> <port>

The tcp port could be 143 or 993 if it has been configured to only accept secure connections (SSL).

In some cases, even by telnet, it does not work which does not mean that there is a connectivity problem. In this case, you can use opensslto test your connection to your imap server. Note that you can install openssl even on Windows, just go here. On linux, openssl you be available.

So, use this string to connect to your imap server over a secure channel:

  • openssl s_client -connect <server>:<port> -crlf

The port could be 993. Just don’t forget the option -crlf. Without this, you will not be able to use Return after entering a command at the prompt.

Then, when the connection is made, you can use this commands:

  • ? LOGIN username password
  • ? SELECT Inbox
  • ? LOGOUT

Use ‘? <command>‘ (The ? sign, a space, and the command) or this will not work. The username is the username you have on your domain/exchange/imap server (the @domainname should not be needed here).

Ref : link1, link2, link3

Filed under: Uncategorized, , , , , , ,

My Network Places in Windows hangs when you access or delete an item

On a Windows 2003 server which act as a termial server, a user report me that when he access My Network Places and try to access or delete one of the entry listed there, his session hangs there is no option that to kill is session. Note that it can also occurs in Windows XP.

Well, I have looking for a fix for this issue but can’t find something really interesting until I do a simple task: clean all the entries listed there! But how we can acheive this if the computer hangs? Well, just do this:

Clearing Existing Shortcuts from My Network Places

  1. Click Start, point to Settings, and then click Taskbar & Start Menu.
  2. Click the Advanced tab.
  3. Click Clear to remove records of recently used documents, programs, and Web sites.
  4. Click OK.

That’s all!

Some things you want to know about My Network Places. The items listed here are displayed when you access some files one a network share. So if you want your shorcuts back, simply access/open a file on the share on the network.

Computers are listed here when Windows search over the network for some shares also, they disappear when it can’t access them after 48h.

Ref : Ms KB Article

Filed under: Windows, , ,

MySQL root password recovery under linux

MySQL root password recovery:

  1. As Linux system root user stop the database process: /etc/init.d/mysql stop
    (or: service mysql stop)
  2. Start MySQL in safe mode and skip the use of the “grant tables”: /usr/bin/mysqld_safe --user=mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --datadir=/var/lib/mysql --skip-grant-tables --skip-networking &
  3. Reset the MySQL root password: mysqladmin -u root flush-privileges password newpassword
  4. Stop MySQL running in safe mode: kill `cat /var/run/mysqld/mysqld.pid`
  5. Start MySQL: /etc/init.d/mysql start
  6. The new MySQL root password can now be used: mysql -u root -p 
    Respond withthe password: newpassword

Find other, information about MySQL under linux, go here.    

Filed under: Linux, , , , , ,

How to log in syslog-ng when the message does not have the hostname field

Depending of you syslog-ng configuration, you may have configured your logging system to write a different at different place (folder created by year and month for ex) and for each different hosts that contact your syslog server.

I will not detail here all the configuration needed for that (or maybe later if you are nice) but I will explain a trick that can help you when the syslog-ng server does not want to create a file for a host and put its messages in the Fallback file. 

Usually, all is working fine with simple filters, like this one :

filter my_filter { host("myserver");};

Here, ‘myserver‘ is in fact the hostname in the message header (should be in third position after the date and the hour/timestamp). Some device may send their messages without the hostname field in the message resulting the log written in the fallback file.

In this case, you can use netmask intead of host, like this:

filter my_filter { netmask("<ip address of the server>/<netmask>");};

for ex : filter my_filter { netmask(““);};

Which should this time make your redirection to work well and the file created for this host correctly.

Note: using /32 does not work at all, use the entire netmask instead.

Filed under: Linux, , , , ,

Nagios NRPE_NT configuration with MSSQL$…service

I don’t know if you know Nagios but it is a quite nice (yet tricky) monitoring solution for you IT infrastructure. With this open-source solution, you can monitor daemons and services, nics, CPU load, memory use, disk usage, etc. for your Linux and Windows systems. 

I came recently across a problem when adding a SQLServer service to my nrpe.cfg config file using the NRPE_NT client. For the background, some software like McAfee Epolicy Orchestrator, BrigthStore Arcserver installed themselves with a limited version of SQLServer. The point is the SQLServer service (name of the service) is listed in the registry something like this MSSQL$<name of your application> (ex: MSSQL$EPOSERVER).

If you try to just copy/paste that name in your nrpe config file, Nagios will says something like:

MSSQL$EPOSERVER$ : Service unknown

As you can see, it add a $ sign at the end.

To correctly monitor this service in Nagios (when your use NRPE_NT), configure your nrpe.conf file like this:

  • # Epolicy Orchestrator MSSQL Service
    command[check_epomssqlservice]=c:\nagios\nt_plugins\check_nt -H localhost -v SERVICESTATE -l MSSQL”$$”EPOSERVER

Note the “$$” (double quote, dollar sign, dollar sign, double quote) between MSSQL and the name your application/software.

Filed under: Windows, , , , ,


Get every new post delivered to your Inbox.