Moving the database (SUSDB)

The following instructions are for moving the SUSDB and should be valid irrespective of if you are using SBS or WSUS as a standalone product.

As with a regular SQL Server datastore, you can detach and move the database.

Since the database is a normal SQL database, you can simply detach, move and reattach the database. In order to do this, you will however need some tools. Note that these tools are not part of the operating system, so if you haven’t already installed them previosly, then you will need to do so now.

The tools you need are eith SQL Server Managment Studio or SQL Server Management Studio Express. At the time of writing the express (free) version can be downloaded from here:
SQL 2005: http://www.microsoft.com/download/en/details.aspx?id=8961
SQL 2008: http://www.microsoft.com/download/en/details.aspx?id=7593
or search on Google if the above links aren’t valid.
Please download the correct version for your platform (x86 or x64) – Note that SBS 2008+ is ALWAYS x64.

NOTE: You can also download and use the command line tools instead of the full management studio. (If you are familliar with these tools and their usage, then these instructions will probably be a piece of cake for you.)

Command line tools:
sqlncli.msi and SQLServer2005_SQLCMD.msi (Search for them on Google or Microsoft Download)

Prior to moving the database, please stop the following services:

  • IIS Admin Service
  • Update Services (Not Windows Update Service!).

You can do this via the commandline or by using the Services MMC snap-in (start run, services.msc).

Command line:

net stop "update services"
net stop w3svc

(Once the database has been moved you will need to restart these services. Also note that if you have any other services which are dependant on the above services – such as Terminal Services Gateway – they will also be stopped and will need to be restarted.)

Once the services have been stopped, you can proceed to detach the database.

Via SQL Server Management Studio (or Express):

  • Login to server as an administrator.
  • Click Start/Programs/Microsoft SQL Server 2005/SQL Server Management Studio Express. (NOTE: If you are not logged in as Administrator, Right click on SQL Server Management Studio and select Run As Administrator.)
  • Fill in the following information and then click Connect
    • Server type: Database Engine
    • Servername: \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
    • Authentication: Windows Authentication
  • Expand Databases, right-click on SUSDB and select Tasks > Detach…  (Please continue reading before proceeding with this step, unless you are 100% sure where your current SUSDB files are located.)
  • Select the “Drop Connection” checkbox and click OK.  (There shouldn’t be any open connections as we have stopped all the relevant services.)
  • Move C:\WSUS\SUSDB folder to the <new drive>:\WSUS directory.  (Assuming that your SUSDB is currently located here – otherwise you can check where it is located prior to detaching the database by viewing it’s properties.)
  • To reattach the database, right-click on Database and select Attach…
  • On the Attach Databases page select the Add button.
  • Browse to the new location of the SUSDB and click OK twice to complete task

Via command line:

  • Login to server as administrator
  • To detach the database:
    c:\Program Files\Microsoft SQL Server\90\Tools\binn\SQLCMD.EXE" -E -S np:\\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query -Q "sp_detach_db 'SUSDB'
  • Now move the SUSDB.mdf and SUSDB.ldf to their new location. In the example below, we use D:\WSUSDB\. Use explorer to move the files to the path you’d like.
  • Then we reattach the database:
    c:\Program Files\Microsoft SQL Server\90\Tools\binn\SQLCMD.EXE" -E -S np:\\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query -Q "sp_attach_db @dbname=N'SUSDB',@filename1=N'E:\WSUSDB\SUSDB.mdf', @filename2=N'D:\WSUSDB\SUSDB_log.ldf'

Moving the content folders (SBS 2008+):

  • Start the Windows SBS Console
  • Click on the Backup and Server Storage icon
  • Click on the Server Storage Tab
  • Select Move Windows Update Repository Data (Right hand side)

Moving the conent folders (non SBS):

The “movecontent” command:

C:\Program Files\Update Services\Tools\wsusutil.exe" movecontent [newpath] [logfile]

For example:

C:\Program Files\Update Services\Tools\wsusutil.exe" movecontent \\server\WSUS$\ c:\wsusmove.log
C:\Program Files\Update Services\Tools\wsusutil.exe" movecontent D:\WSUS c:\wsusmove.log

 



Source: http://defaultreasoning.wordpress.com/2009/11/16/synchronize-time-with-external-ntp-server-on-windows-server-2008-r2/

I can never seem to remember how to do this on 2008, so herewith instructions (copied from above link):

Time synchronization is an important aspect for all computers on the network. By default, the clients computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source. I usually use the servers listed at the NTP Pool Project website. Before you begin, don’t forget to open the default UDP 123 port (in- and outbound) on your firewall.

  1. First, locate your PDC Server. Open the command prompt and type: C:\>netdom /query fsmo
  2. Log in to your PDC Server and open the command prompt.
  3. Stop the W32Time service: C:\>net stop w32time
  4. Configure the external time sources, type: C:\> w32tm /config /syncfromflags:manual /manualpeerlist:”0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org”
  5. Make your PDC a reliable time source for the clients. Type: C:\>w32tm /config /reliable:yes
  6. Start the w32time service: C:\>net start w32time
  7. The windows time service should begin synchronizing the time. You can check the external NTP servers in the time configuration by typing: C:\>w32tm /query /configuration
  8. Check the Event Viewer for any errors.

If you’re in South Africa, then pick one of the stratum 2 server on the following website:

http://www.time.org.za/

At the time of writing, they are:

Stratum-2 Servers

Server DNS name Location Hosted by OS Platform Upstream ISP
ntp1.meraka.csir.co.za Pretoria CSIR FreeBSD Internet Solutions
ntp.is.co.za Johannesburg Internet Solutions UNIX / FreeBSD Internet Solutions
ntp2.is.co.za Cape Town Internet Solutions UNIX / FreeBSD Internet Solutions
igubu.saix.net Cape Town SAIX Solaris SAIX
ntp-ndf.mweb.co.za Johannesburg M-Web Cisco Internet Solutions
ntp0.za.uu.net Cape Town MTN Business FreeBSD MTN Business
ntp1.za.uu.net New Doornfontein, Jhb MTN Business FreeBSD MTN Business
ntp2.za.uu.net Cape Town MTN Business FreeBSD MTN Business

 



If you absolutely cannot resist the urge to forward a mail to a colleague or other e-mail contact, please follow these simple pointers on “netiquette”:

    • 1. If you don’t think the message is very funny – neither will the recipient.
    • 2. The larger it is the longer it takes to send (and receive) it. (Not everyone has super high speed uncapped internet!)
    • 3. If you forward a 10 Mb e-mail to 10 people that equates to 100 Mb of outbound traffic.  (Even if you send it as one e-mail with multiple recipients.)
    • 4. It is EXTREMELY rude to forward a mail in such a manner that everyone that receives it can see who you are sending it to and who sent it to you.
  • — In other words delete the e-mail header, footer and signatures.  (The header is the part that shows who sent the mail to who and other related information.)
  • — When you put multiple recipients on the BCC line (you don’t have to use the TO or CC line at all) then none of the recipients can see whom you are sending the mail to.
    • 5. Delete any irrelevant information and / or attachments before sending the mail.
  • — However, don’t send a mail with only pictures or a blank e-mail body as that will most likely be flagged as SPAM (junk mail)
  • — Leave some text (such as the subject line) in the body of the message
  • — Don’t send mails with a blank subject line or only the words “Hi” or “Hello” in the subject line – most mail servers block mails like this.
    • 6. Make sure you are not accidentally forwarding the mail to a client or other inappropriate recipient.
    • 7. If the message is not business related, flag the importance of the message as low as most mail servers will give a lower priority to messages flagged with a “low” priority.
    • 8. Only send “junk” mails outside normal business hours so that you don’t interfere with normal business processes.
  • — Most companies (including ours) have an in-house mail server (such as Microsoft Exchange)
  • — If the outbound mail queue on a mail server is very long then it slows the system and the network down and it can cause delays for all inbound / outbound traffic (such as legitimate business mails).
  • — Users on an Exchange server have the ability to schedule (or delay) an outbound e-mail.  Delayed mails (on Exchange connected mailboxes) will still be delivered even if your e-mail client (Outlook) is closed and / or your computer is switched off.

Please review the following screenshots (based on Microsoft Outlook 2007) for instructions on how to implement points 4, 5 and 8 above:


To uncap or not to uncap…

posted by Sam Ravenscroft
Aug 20

Up to recently internet access in South Africa has been billed by the GB – i.e. capped internet, with a few providers such as Internet Solutions offering uncapped solutions to businesses, but at a very high price.

Some months ago M-Web released their uncapped offerings starting from R219 / month.

It is a very attractive offer, but not necessarily cheaper than capped internet.

The following table summarises the costs of capped vs uncapped, based on a per gigabyte price of R59 / gig (inclusive of 14% VAT):

Line speed Telkom rental M-Web data M-Web all incl Telkom + M-Web Data All inclusive saving Gigs at avg. cost
384 R152,00 R219,00 R349,00 R371,00 R(22,00) 3,711864407
512 R326,00 R299,00 R599,00 R625,00 R(26,00) 5,06779661
4096 R413,00 R539,00 R899,00 R952,00 R(53,00) 9,13559322
Avg. / GB price R59,00
All pricing includes 14% VAT
This information is provided as is and without any warranty whether express or implied.
Information based on pricing as advertised on Telkom and M-Web’s websites on 18/08/2010

Based on the information in the table above it is clear that uncapped is only cheaper if you use more than 3GB of data / month on a 384 Kbps line, 5GB on a 512 Kbps line and 9 GB on a 4096 Kbps line.

Herewith the same table based on R70 / gig (inclusive of 14% VAT):

Line speed Telkom rental M-Web data M-Web all incl Telkom + M-Web Data All inclusive saving Gigs at avg. cost
384 R152,00 R219,00 R349,00 R371,00 R(22,00) 3,128571429
512 R326,00 R299,00 R599,00 R625,00 R(26,00) 4,271428571
4096 R413,00 R539,00 R899,00 R952,00 R(53,00) 7,7

Installing Telnet Client on Vista

posted by Sam Ravenscroft
Aug 3

,

By default, Vista doesn’t install the Telnet client.  Often used for debugging purposes (network connection problems / SMTP diagnostics etc). Install it by following these steps:

1. Open Control Panel from the Start Menu.

2. Select Programs and Features.

3. Select Turn Windows features on or off.

4. Select the Telnet Client option.

5. Click OK.

6. A dialog box will appear to confirm installation. The telnet command should now be available.

Note that it might take some time for this to complete.


Skype for Asterisk

posted by Sam Ravenscroft
Jul 31

For some time now I have been interested in hooking my asterisk server up to Skype – I mean isn’t this the next logical step?

So after googling around, I came upon many sites that offer software packages that integrate with Asterisk via SIP.  I even ended up purchasing a license for SiskyEE from Yeastar. Now finally Digium has opened up the beta program for “Skype for Asterisk”…

Here’s the e-mail I received:

Hello from Digium® We are pleased to announce the open beta of Skype For Asterisk is ready to begin and we look forward to you participation. To obtain your copy of the software, please visit Digium’s web store and purchase (for zero dollars) the Skype For Asterisk product. The web store does require a Digium.com account, which can be set up during the purchase process if you don’t already have one.

Once the web store process is complete, you will be e-mailed your license key and directions on where to download Skype For Asterisk beta software.

The beta version of software and license keys will only be available for download through August 7th. License keys will expire on August 31st.

Happy testing!

Sincerely, Pete Engler, Product Manager

I can’t wait to try this out… Will post more once I have had a chance to test this!


Feb 15

Ensure portaudit and portupgrade are installed:

> cd /usr/ports/ports-mgmt/portaudit
> make install clean

> cd /usr/ports/ports-mgmt/portupgrade
> make install clean

> rehash

then simply run:
> portaudit -a

If you already have portaudit installed, ensure your portaudit database is up to date:
> portaudit -Fd

and upgrade affected packages using
> portupgrade <<package name>>

You might want to ensure your port’s database is up to date before hand using cvsup or portsnap

I would however recommend portsnap over cvsup – see excerpt from portsnap pkg-description file:

"Portsnap is a system for securely updating the ports tree by
distributing signed compressed snapshots.  This is the client
half of that system; it downloads compressed snapshots into
/usr/local/portsnap ("portsnap fetch") and uses those to extract
a ports tree into /usr/ports ("portsnap extract") or update an
existing tree ("portsnap update").

In addition to operating entirely over HTTP, portsnap can use under
a tenth of the bandwidth required by CVSup if a copy of the ports
tree is being updated every few days.

WWW: http://www.daemonology.net/portsnap/

- Colin Percival"

To install portsnap (if not already installed):

> cd /usr/ports/ports-mgmt/portsnap
> make install clean

Then simply run

> portsnap fetch update

For further information regarding FreeBSD vulnerability auditing, please see this great post:

http://blogs.techrepublic.com.com/security/?p=477


Jan 28

I recently encountered a problem with one of our SBS servers running Symantec Backup Exec 12.  Jobs would not run and the job status kept saying “Server Paused”.  Apart from that there was also a problem with the SCSI card timing out…

I rebooted the server and the SCSI time-outs disappeared, but the job status still said “Server paused”.  Although the tabular view under the job monitor said “running”, jobs were not running, and job activity (double click on running job) gave status “server paused”.

Under the devices tab the server was not set to pause.  However, setting it to pause and then un-pausing the server resolved my problem.  (This is accomplished by right-click on the server name, underneath the “Devices” tab and then clicking on pause.)  Jobs were now running and no longer showed status “server paused” under the job activity window.

A truly strange problem, with an easy solution.

Please note that the SCSI time-outs and “server paused” seems to have been unrelated.


K2 RC3 Released

posted by Sam Ravenscroft
Nov 2

K2 release candidate 3 was released about 3 weeks ago!  This is great news for me, because my “live search” functionality is working again!

Yeah!

You can download the latest version at http://getk2.com/


Sep 14

I’m writing this article, because many people don’t have the luxury of a server and therefore work on a p2p network. So now you have setup user accounts for all the users on all the computers in your p2p network and everything works great. Users can access files shares and network printers, but every 42 days it stops working due to passwords expiring.

Here is how you disable passwords from expiring:

  • Open Control Panel, Administrative Tools
  • Open the Local Security Policy snap-in

Local Security Policy

  • In the tree view in the left side, navigate to Security Settings -> Account Policies -> Password Policy
  • In the right side, select Maximum Password Age and change the default value of 42 to 0. A value of 0 means that the passwords will not expire.

Maximum password age Properties

  • Click OK, close the Local Security Snap-in and Control Panel
  • Passwords are now set to not expire