There is a post "Surfcontrol EUM issue" in another site, which I have the answer to but can't reply - so here it is in case you do a Google search on this;
--- The question on that site ---
The problem is this:
1. Windows user logs onto our domain.
2. The EUM logon agent sends their domain\username and IP information to WebFilter.
3. User shuts down and leaves office.
4. MAC user boots up some time later and is DHCP'd the same IP (as the lease has since expired) 5. WebFilter incorrectly tracks/reports the browsing activities of the MAC user against the cached domain\username of the Windows user!!!
Right now, we don't have a solution for the MAC situation however, for the momentI'd be more than happy if MAC activity was simply tracked by IP - but certainly not in the name of the previous Windows holder of the IP addresses.
It seems to me that we need a way to regularly flush the EUM information that Webfilter stores.
Please advise, as this problem completely voids the integrity of the data reported.
-- The solution ---
There is a EUM agent that runs through logon scripts. It it ScEumLoginAgent.exe. What you do is launch that on your clients with the /intlogoff option which will remove that user's mapping to the IP address.
You can also run a logout script ScEumLoginAgent.exe /logout which will do the same thing, though Windows logout scripts are flaky at best.
I'm using the first method.
Wednesday, April 16, 2008
Friday, April 4, 2008
Plotting uptime MRTG in Windows the easy way
This summary is not available. Please
click here to view the post.
Thursday, March 27, 2008
How to grab images off an Axis camera and save them in a time lapse format
I have two Axis Cameras which I want to grab an image from every 10 seconds and store offsite.
My Firewall is configured to pass traffic on ports 1081 and 1080 to the two Axis cameras.
Below is a batch file to accomplish this. It relies upon WGET and SLEEP which is free to download if you search.
:top
wget -O1081.jpg http://user:password@yourdnsname:1081/jpg/1/image.jpg
wget -O1080.jpg http://user:password@yourdnsname:1080/jpg/1/image.jpg
ren 1081.jpg 1081-%DATE:/=%%TIME::=%.jpg
ren 1080.jpg 1080-%DATE:/=%%TIME::=%.jpg
move 1081*.jpg 1081\.
move 1080*.jpg 1080\.
sleep 10
goto top
Store that in a batch file in an empty directory along with WGET. Create two directories named 1080 and 1081.
Launch the batch file -- it will loop forever, storing your images in these directories.
Now, turn them into a time lapse film using mplayer..
Download mplayer (Search Google) and extract mencoder from the zip file. Place that in this directory..
Create another batch file with these contents;
c:
cd \yourdir\1080
mencoder mf://*.jpg -mf fps=5:type=jpg -oac lavc -ovc lavc -of mpeg -mpegopts format=dvd:tsaf -vf scale=720:576,harddup -srate 48000 -af lavcresample=48000 -lavcopts vcodec=mpeg2video:vrc_buf_size=1835:vrc_maxrate=1800:vbitrate=500:keyint=15:vstrict=0:acodec=ac3:abitrate=64:aspect=4/3 -ofps 25 -o c:\yourdir\1080.mpg
cd \yourdir\1081
mencoder mf://*.jpg -mf fps=5:type=jpg -oac lavc -ovc lavc -of mpeg -mpegopts format=dvd:tsaf -vf scale=720:576,harddup -srate 48000 -af lavcresample=48000 -lavcopts vcodec=mpeg2video:vrc_buf_size=1835:vrc_maxrate=1800:vbitrate=500:keyint=15:vstrict=0:acodec=ac3:abitrate=64:aspect=4/3 -ofps 25 -o c:\yourdir\1081.mpg
Of course replace c:\yourdir with the proper location. This will generate an mpg video of all these JPG's, and it will remove any duplicate images. Change fps from 25 to 5 for a slower view. Change maxrate and bitrate higher to get better quality.
If you have problems playing the mpg, you can use mplayer to play it or download VLC Videolan and play it through that. I use VLC because it can also stream directly from the AXIS camera and has it's own recording options.. But that's a different post.
My Firewall is configured to pass traffic on ports 1081 and 1080 to the two Axis cameras.
Below is a batch file to accomplish this. It relies upon WGET and SLEEP which is free to download if you search.
:top
wget -O1081.jpg http://user:password@yourdnsname:1081/jpg/1/image.jpg
wget -O1080.jpg http://user:password@yourdnsname:1080/jpg/1/image.jpg
ren 1081.jpg 1081-%DATE:/=%%TIME::=%.jpg
ren 1080.jpg 1080-%DATE:/=%%TIME::=%.jpg
move 1081*.jpg 1081\.
move 1080*.jpg 1080\.
sleep 10
goto top
Store that in a batch file in an empty directory along with WGET. Create two directories named 1080 and 1081.
Launch the batch file -- it will loop forever, storing your images in these directories.
Now, turn them into a time lapse film using mplayer..
Download mplayer (Search Google) and extract mencoder from the zip file. Place that in this directory..
Create another batch file with these contents;
c:
cd \yourdir\1080
mencoder mf://*.jpg -mf fps=5:type=jpg -oac lavc -ovc lavc -of mpeg -mpegopts format=dvd:tsaf -vf scale=720:576,harddup -srate 48000 -af lavcresample=48000 -lavcopts vcodec=mpeg2video:vrc_buf_size=1835:vrc_maxrate=1800:vbitrate=500:keyint=15:vstrict=0:acodec=ac3:abitrate=64:aspect=4/3 -ofps 25 -o c:\yourdir\1080.mpg
cd \yourdir\1081
mencoder mf://*.jpg -mf fps=5:type=jpg -oac lavc -ovc lavc -of mpeg -mpegopts format=dvd:tsaf -vf scale=720:576,harddup -srate 48000 -af lavcresample=48000 -lavcopts vcodec=mpeg2video:vrc_buf_size=1835:vrc_maxrate=1800:vbitrate=500:keyint=15:vstrict=0:acodec=ac3:abitrate=64:aspect=4/3 -ofps 25 -o c:\yourdir\1081.mpg
Of course replace c:\yourdir with the proper location. This will generate an mpg video of all these JPG's, and it will remove any duplicate images. Change fps from 25 to 5 for a slower view. Change maxrate and bitrate higher to get better quality.
If you have problems playing the mpg, you can use mplayer to play it or download VLC Videolan and play it through that. I use VLC because it can also stream directly from the AXIS camera and has it's own recording options.. But that's a different post.
Friday, February 22, 2008
Mac OSX 10.5.x Leopard
So I've been running a Mac OS X Leopard machine from 10.5.0 to 10.50.2 and it has been a journey for this Windows user.
While the OS looks pretty, and many things are dumbed down for use, there are still many issues with this OS that make me wonder why so many people praise it's tunes.
Issue A, in no particular order) Lockups. I have had many lockups on 10.5.x. They still continue. Many patches have been released, but the issues still occur. Most of the time it is while I am playing something either in iTunes, DVD Player, or Front Row. It will often hard lock requiring a power cycle.
Issue B) Bugs. There are many plain bugs in the system. They just released a firmware update to resolve an issue where you type a key stroke and nothing happens. This has been a royal pain to deal with, especially on passwords. Things are better now, but not resolve. In Mail if I change an account from IMAP to IMAPS it will show the port 993 (usually) in the screen - but it tries to connect with port 143 per the firewall logs. Have to mess with it over and over and finally it will take. The Network Neighborhood seems to only check for clients at startup, and then drop them off as they sleep - but never update with new clients. The only way to get the list back again that I've found is to drop Airport and bring it back online. iChat bombs out during video chats.
Issue C) The thing gets very hot, especially in bootcamp. No temperature controls in Windows.
Issue D) Can't listen to unprotected WMA's in iTunes. WTF?
Issue E) Hardware. Only two USB ports and only one providing the full mA of power. No media buttons. Metal case shocks the crap out of you if you have a static charge. Plugging something into the speaker jack often kills the audio signal completely. Especially in games. Restarting the audio in the game will fix it, if it has that option.
Issue F) Nothing like NTBackup included. Must purchase .Mac or some other tool to get backup software. Time Machine hardware is expensive. Why can't I do system recovery backup to my USB drive with out of the box software?
Issue G) No NTFS read/write built in. Again, wtf? I'm not installing NTFS-3G et al when the projects are either dead, have known issues which say do not install in production environments, or commercial. This should be out of the box.
For the most part, I like the Mac. But these are some rather major issues. Especially when I paid almost twice as much for the Mac over a very similar Dell.
While the OS looks pretty, and many things are dumbed down for use, there are still many issues with this OS that make me wonder why so many people praise it's tunes.
Issue A, in no particular order) Lockups. I have had many lockups on 10.5.x. They still continue. Many patches have been released, but the issues still occur. Most of the time it is while I am playing something either in iTunes, DVD Player, or Front Row. It will often hard lock requiring a power cycle.
Issue B) Bugs. There are many plain bugs in the system. They just released a firmware update to resolve an issue where you type a key stroke and nothing happens. This has been a royal pain to deal with, especially on passwords. Things are better now, but not resolve. In Mail if I change an account from IMAP to IMAPS it will show the port 993 (usually) in the screen - but it tries to connect with port 143 per the firewall logs. Have to mess with it over and over and finally it will take. The Network Neighborhood seems to only check for clients at startup, and then drop them off as they sleep - but never update with new clients. The only way to get the list back again that I've found is to drop Airport and bring it back online. iChat bombs out during video chats.
Issue C) The thing gets very hot, especially in bootcamp. No temperature controls in Windows.
Issue D) Can't listen to unprotected WMA's in iTunes. WTF?
Issue E) Hardware. Only two USB ports and only one providing the full mA of power. No media buttons. Metal case shocks the crap out of you if you have a static charge. Plugging something into the speaker jack often kills the audio signal completely. Especially in games. Restarting the audio in the game will fix it, if it has that option.
Issue F) Nothing like NTBackup included. Must purchase .Mac or some other tool to get backup software. Time Machine hardware is expensive. Why can't I do system recovery backup to my USB drive with out of the box software?
Issue G) No NTFS read/write built in. Again, wtf? I'm not installing NTFS-3G et al when the projects are either dead, have known issues which say do not install in production environments, or commercial. This should be out of the box.
For the most part, I like the Mac. But these are some rather major issues. Especially when I paid almost twice as much for the Mac over a very similar Dell.
Monday, January 7, 2008
IE7 IEAK upgrade causes all Internet Zones to be treated as Local Intranet
Ah, yes, this bug again. I've seen it crop it's nasty head up a number of times all the way back to IE 4.x.
After using an IEAK upgrade to upgrade my stations from IE6 to IE7, Internet Explorer treats all Internet sites as Local Intranet. For me, this means they have additional rights to install spyware & because we don't allow passwords to be saved on our Intranet via a GPO, the users can't save ANY of their passwords for any website.
I've seen this times before. So I had a hunch. I checked my settings. Everything seems right in the GUI. The settings match my machine. Mine was updated via WSUS, not through IEAK installer. But we both run the same .INS configuration file. We run security zones for IE as HKLM only as described in KB182569. This allows us to set the settings once per PC and be done.
So my first test was to disable "Automatically Detect Intranet settings". And behold, the Internet zone was detected correctly now. Go back into the settings and IE7 had reset this setting back to enabled. But that didn't matter, the detection was working now. I tested this on 3 machines and repeated the experience.
So I found the registry location and dumped it into a .REG file
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"AutoDetect"=dword:00000000
Notice this is in the HKCU location and not the HKLM location, where my settings should be coming from. However, running this via REGEDIT /s ie7fix.reg in a login script resolved the issue on 3 machines. So this triggers IE to fix whatever is wrong. Since my settings come out of HKLM, the IE GUI still shows autodetect enabled. And it detects correctly.
This is obviously a bug. IE7 must not be looking at HKLM in every case where it should when Security_HKLM_only is enabled. My guess is that the IEAK installer couldn't access the HKCU hive of the user. Somehow setting the AutoDetect value in HKCU triggers IE7 to fix what is wrong there.
--- Correction below----
This was caused by my own doing. I followed these directions;
http://www.msfn.org/board/index.php?showtopic=75475&mode=linearplus
Which had me set the runonce to 1 so that the annoying welcome to IE7 didn't appear. Apparently it is this flag that also upgrades HKCU settings from IE6 to IE7. So I caused the problem myself.
After using an IEAK upgrade to upgrade my stations from IE6 to IE7, Internet Explorer treats all Internet sites as Local Intranet. For me, this means they have additional rights to install spyware & because we don't allow passwords to be saved on our Intranet via a GPO, the users can't save ANY of their passwords for any website.
I've seen this times before. So I had a hunch. I checked my settings. Everything seems right in the GUI. The settings match my machine. Mine was updated via WSUS, not through IEAK installer. But we both run the same .INS configuration file. We run security zones for IE as HKLM only as described in KB182569. This allows us to set the settings once per PC and be done.
So my first test was to disable "Automatically Detect Intranet settings". And behold, the Internet zone was detected correctly now. Go back into the settings and IE7 had reset this setting back to enabled. But that didn't matter, the detection was working now. I tested this on 3 machines and repeated the experience.
So I found the registry location and dumped it into a .REG file
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"AutoDetect"=dword:00000000
Notice this is in the HKCU location and not the HKLM location, where my settings should be coming from. However, running this via REGEDIT /s ie7fix.reg in a login script resolved the issue on 3 machines. So this triggers IE to fix whatever is wrong. Since my settings come out of HKLM, the IE GUI still shows autodetect enabled. And it detects correctly.
This is obviously a bug. IE7 must not be looking at HKLM in every case where it should when Security_HKLM_only is enabled. My guess is that the IEAK installer couldn't access the HKCU hive of the user. Somehow setting the AutoDetect value in HKCU triggers IE7 to fix what is wrong there.
--- Correction below----
This was caused by my own doing. I followed these directions;
http://www.msfn.org/board/index.php?showtopic=75475&mode=linearplus
Which had me set the runonce to 1 so that the annoying welcome to IE7 didn't appear. Apparently it is this flag that also upgrades HKCU settings from IE6 to IE7. So I caused the problem myself.
Friday, December 28, 2007
Ubuntu, Cron, Logrotate, and Squid
So you have that nice new Ubuntu server running. You get Squid up and configured, and have it using an effective user and group of squid. But each day at the same time, the squid server just stops. The logs show that it can't write to access.log. You take a look at /var/log/squid/access.log and find out that the file is owned by root:root. So it's an ACL issue.
You modify logrotate for squid adding chown and get squid back up. But the next day it fails. What gives?
Ubuntu 6.0.6 runs a cron job daily /etc/cron.daily/sysklogd. This archives your log files to save disk space and rotates them, independent of logrotate. If you look at this, you'll see it does a chown root:adm. Ooops.
So modify sysklogd to have this at the end;
touch /var/log/squid/access.log
chown --silent squid:squid /var/log/squid/access.log
chown --silent -R squid:squid /var/log/squid/access*
test ! -e /var/run/squid.pid || /usr/sbin/squid -k rotate
Of course, if you use a different user:group than squid:squid, replace with what you use. The last line gets squid to start logging into the new access.log, versus access.log.0.
Enjoy.
You modify logrotate for squid adding chown and get squid back up. But the next day it fails. What gives?
Ubuntu 6.0.6 runs a cron job daily /etc/cron.daily/sysklogd. This archives your log files to save disk space and rotates them, independent of logrotate. If you look at this, you'll see it does a chown root:adm. Ooops.
So modify sysklogd to have this at the end;
touch /var/log/squid/access.log
chown --silent squid:squid /var/log/squid/access.log
chown --silent -R squid:squid /var/log/squid/access*
test ! -e /var/run/squid.pid || /usr/sbin/squid -k rotate
Of course, if you use a different user:group than squid:squid, replace with what you use. The last line gets squid to start logging into the new access.log, versus access.log.0.
Enjoy.
Monday, November 26, 2007
Forcing a PC to reboot through task scheduler
So you want to schedule a PC to reboot through the task scheduler. It works sometimes, but not every time. Microsoft has created multiple shutdown commands. Below is a batch file which seems to work 100% of the time in my environment. We use the built in XP shutdown command first, then the old NT4 resource kit shutdown command, then again try the XP.
It seems that sometimes during shutdown, a program will hang the process. These additional shutdown commands seem to get it past that.
rem Reboots this PC
shutdown -r -t 90 -f -c "Nightly reboot occuring in 90 seconds to apply patches"
shutdown2 /L /R /T:160 /Y /C "Nightly reboot occuring in 90 seconds to apply patches"
shutdown -r -t 60 -f -c "Nightly reboot occuring in 90 seconds to apply patches"
sleep 100
Sometimes I stick sleep commands between the shutdowns. I don't fully understand this issue, but the above batch file works for me.
It seems that sometimes during shutdown, a program will hang the process. These additional shutdown commands seem to get it past that.
rem Reboots this PC
shutdown -r -t 90 -f -c "Nightly reboot occuring in 90 seconds to apply patches"
shutdown2 /L /R /T:160 /Y /C "Nightly reboot occuring in 90 seconds to apply patches"
shutdown -r -t 60 -f -c "Nightly reboot occuring in 90 seconds to apply patches"
sleep 100
Sometimes I stick sleep commands between the shutdowns. I don't fully understand this issue, but the above batch file works for me.
Subscribe to:
Posts (Atom)