Menu Members Guests LTQ
BOFHcam navigation bar


1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017

August's Journal
October's Journal

[14:45] Last day of the month. Time seems to work like an elastic band at the moment. Here and there it seems to stretch on interminably with occasional sudden contractions when an entire afternoon goes by almost instantaniously. The latter was the case yesterday when I sat down to continue with my investigations of Bricolage and Apache with mod_perl. Problems with some of the Perl modules Bricolage likes to have and UTF-8 encoding meant either missing out modules, or upgrading Perl itself. Ever the optimist and up for a challenge I went for the second option. While it worked it's left me with some fun new stuff to get my head around.

Bricolage uses Postgresql which I haven't broached before, so that's something I'm getting to know too at the moment. On the up side, my previous Apache experience means that Apache/mod_perl seems to be fairly simple to configure and install so with that up, tested and running I've been adding on some extra bits and writing some little basic Perl programs to test the web-applicable side of it out. I'm sure it's actually more complex than I've experienced to date, but now that I've got the basics I can begin to put some meat on the bones of it.

Documentation for all the services and stuff I have here already continues. Of the forty or so specific major aspects to the services we have here I've managed to get five of them pretty much completely documented now. For a few days' work that's not so bad. Some of the documents aren't going to be more than a page or so long, others will need to be... a bit longer. As I think I said previously; it's a real opportunity to see just how much I've achieved here in the last few years.

The PFY has been battling with people within the building who want to stamp their own (obviously wrong) interpretation of how the revamped website is going to look. I'm proud of how much the PFY has grown since I hired her a few weeks after I started. While it's great that she's heading off on maternity leave again some time early next year it's going to put more pressure on me again to have someone else pick up where she left off. She too is starting on documentation - specifically for the Databases of Doom - so that they're even easier to deal with next time around.

Given how rough I'm feeling today with a throat I can barely talk through, a running nose and less energy than normal I'm going to head home in a little while. Having cancelled the PS2 memory card that Amazon never managed to deliver I'm going to buy one in town and sod the minor extra cost. Given the way I'm feeling at the moment I doubt I'll be using it much before the weekend anyway.

[09:50] Job! Jobjobjobjobjobjobjob! Elaine has a job. She's (soon to be) gainfully employed. Yay. It's always when you least expect it. She went to the interview yesterday and seriously wasn't expecting to do well at it. Turns out the stuff I'd been showing her recently was helpful in the technical interview and she did well at the formal interview. She's due to start next Tuesday. It's not for quite as much as she'd wanted (a bit of a drop from her last job), but it's in IT so for a first job it's not too shabby. The opportunities to learn and grow look to be pretty good at the moment. We'll have to see how things go.

I did recommend that as there were still a few interviews and a few applications that would likely lead to interview she hold of telling the place 'yes', but they needed to know yesterday afternoon and when you get down to it a job's a job. She's still going to an interview next Monday (she starts on Tuesday) so there's an opportunity there, but it must be nice going to an interview knowing you've already got a job in the bank.

While the pay isn't stunning it's by no means the last job she'll ever get (in fact the chances of her moving up the salary scale are now vastly increased over the structural and civil engineering career path she was on previously), so it's time to start learning. The lead guy has only been there since July and apparently the person before him was a odd so the place is in a tiny bit of a mess. Sounds like the kind of thing I found when I arrived here. Anyway, it's a bit of a load off both of our minds. Now we can start living a bit more. Once there's some money in the bank for both of us there are all kinds of things we can do.

[16:15] Had a good Thai lunch with Shaun and Elaine. Found out that it's highly likely I won't get to interview this time around due to the high standard of other people applying for the post. I'll have to hope that my skillset of more-than-just-some-Oracle appeals to the interview panel.

[12:10] Elaine's probably just coming out of a three hour technical pre-interview and I should be getting a call from her soon. In a way it's been good that I've been so busy with what I thought was a done deal this morning that I've been too busy to think about what she's been up to. The problem is with the Microsoft GDI+ vulnerability as addressed in MS04-028. I thought I'd patched all my machines and that everything was hunky-dory. It wasn't. I happened across an email to a patch management mailing list this morning that mentioned that Microsoft Office viewers (for file formats used by applications such as Word, PowerPoint) are not officially supported by Microsoft (although this may change soon apparently). As such there are currently no patches for them and specifically for the recent MS04-028 GDIplus.dll JPEG buffer overflow vulnerability.

We have the PowerPoint Viewer 2003 installed on some library machines and a quick scan with the SANS "gdiscan.exe" tool found at showed me that they were all running a vulnerable version of GDIplus.dll. In fact they were running two different versions, both vulnerable. The likely eventuality of someone constructing a PowerPoint Presentation with a dodgy JPEG in it is not nil, and I have no idea what tickles "Ink" so I decided to patch them both, adhering to the major version number for both, just in case.

Unfortunately it's non-trivial to get hold of more recent versions of these files. I managed to find a v5 gdiplus.dll in a patched Microsoft .NET 1.1 installation (version 5.1.3102.1360) and a kindly soul with a patched Office 2003 installation let me have a v6 GDIPLUS.DLL (version 6.0.3264.0). We run Office 2000 (not vulnerable) here so had no local source for the latter.

I've copied both these files into place over the top and done some preliminary testing and everything seems to work.

You Do This At Your Own Risk.

I then decided to scan my other major cluster of machines and noticed that our EndNote 6 (version uses the same v5 gdiplus.dll as "Ink". I've contacted Thomson/ISI ResearchSoft about a patch but have heard nothing as yet. In the meantime I've replaced this file with the same one as for "Ink" and EndNote appears to be happy. Should this change I will let the list know.

I recommend you download the SANS tool and check all machines which have even vaguely non-standard software on them. The SANS tool has a major advantage over the Microsoft one in that it scans more than just Microsoft software and can scan network drives so you don't have to install it on every machine you wish to scan. Simply map a drive (probably just \\machine\C$, but you may have installed software elsewhere) and select that drive in the tool.

It's fun to fix these problems so quickly (touch wood) but they really shouldn't be cropping up in the first place. If Microsoft had simply let people use a centralised version, rather than seemingly requiring them to package a version with their own product we wouldn't be in this particular mess. We'd probably be in a completely different one, but that's beside the point.

This afternoon I'm at a sysadmin meeting and don't expect to be back before tomorrow. At present I'm getting up with a really sore throat in the morning (probably caught something at the weekend), but I can't afford to be off work, so I should be in tomorrow.

[13:30] Sometimes I get really quite fed up with what people think of or about me. People seem to assume all kinds of things based on information and preconceptions which are quite probably outdated.

The PFY and I have been discussing the web site this morning. Not this one, another one. There is discussion of a Content Management System. The implementation is one problem, the adoption and continual usage another. The confusion arrises from the fact that the site is in the main static. By which I mean that not only are the pages static HTML, they also change very rarely. The actual diectory structure hasn't really changed in more than three years. Add to that the fact that there are probably only three people who change the content and at present all content goes through two of those people (the PFY and I) and that new content is only rarely added and the case for a CMS looks mighty thin.

I would like to try one, and probably will anyway for experience but at present there are other things to be thinking about. Documentation is going well at the moment, the network is stable (other than some power glitch this morning) and we've not had any problems with software recently.

The weekend was excellent. Travelled over to see Dunk who was celebrating the end of his M.Sc along with Veg. Also cause for celebration was Caz's birthday. Anyway, got a train to be picked up by Andy, drove to pick up Caz, got to Dunk's. Met up with some people I've not seen in about two and a half years, among others, drunk a bit, had some food, played with the cats. In the morning we watched A New Hope (again) on a projector before pulling out the XBox to play Fable (early, don't ask). At that point Andy (noted anti-games person) decided to head off, so we did. Elaine was in Nottingham for the wedding followup to the hen night she was at previously. Meeting up back at the house after a weekend apart was nice. Both shattered, we went to bed.

Elaine's got a fairly busy week ahead. She's coming in to see Cormac this afternoon with a view to perhaps taking up a temporary post at his workplace. Tomorrow she's got an interview and there's another one on Friday. Between those two there are more job applications to do. There always are.

I've got one of the world's most boring meetings this afternoon at 14:15. I doubt I'll come back afterwards.

[15:10] A quiet day today. I've taken the opportunity to do some more work on Oracle in hopeful preparation for getting an interview for another Oracle DBA post. I've been learning steadily since the first interview. Between then and now I missed one chance for interview for another post because the quality of the other candidates was just far too high. I'm really hoping that they same thing doesn't happen again.

Today's subject has been Oracle's standby database functionality. Specifically logical and physical standbys, the roles of ARCH and LGWR and their associated standby redo and archived redo log files and the data guard. You'd be surprised just how interesting this stuff is... really! I had some idea about this from talking with my friend Shaun, but when you get down to the nuts and bolts it's really, really cool.

[12:30] Today I have been mostly dealing with printers which only work when I stare at them. I've also been updating a few web pages and discussing with my nominal boss what's going to happen with things when the PFY goes on maternity leave again. I've also just started what's probably going to be a large discussion on the levels of support people like me are supposed to provide within the institution. It should be rather interesting.

I'm considering taking this afternoon off. There's very little happening, my lunch appointment has had to cancel on account of working far too hard and I don't really want to be here today anyway. It was really raining earlier but I think I may get home in the lull between showers.

My parents have a friend who came over from Africa a while ago to study. He's a lovely man and they were really helping him settle in and provide some company for someone who must have felt very lonely (and cold!) so far from home. Only he's gone missing. I very much hope that they're able to find him soon and put everyone's minds at rest.

[15:55] This morning one of my users came in and said that the brand new machine I'd installed for them was too loud. Truth be told the hard drive was a little noisy, but still. I ended up ghosting the drive off, sticking in a new one and ghosting it back.

Had lunch with Mel and Bob, where discussion turned to matters of jobs being available and so forth. Came back and have been talking Elaine through the concepts of local and domain accounts under Windows. It's going to be good to go climbing this evening and do something physical rather than mental. I was going to take tomorrow off but the way things are going it's going to be more sensible to come in instead. Maybe I can take a Monday off some time soon...

[12:10] So I go and buy a PS2 and then this happens. Thanks a lot Sony. No, really. Actually it doesn't really matter as the one I have is fine (apart from the lack of ethernet as standard) and fits perfectly between the TV cabinet and the thingy the video sits on. Ah well, you can't wait forever for the Next Big Thing to come along otherwise you'd never buy anything.

This morning I've been mostly scanning in Elaine's graduation photo for her to put on Fotopic to get cheap prints for her family. I've also been mocking up the first couple of pages for a private bit of work Elaine and I will be doing for someone.

Apparently today is the day everyone who doesn't have or would like to replace a photo on the photoboard day. Naturally the person who decided today was the day hasn't come in to have their photo done yet. We may have to 'prod' this afternoon. Oh, and apparently some jobs I was hoping to go for in November have come up now. I'm hoping my email asking for the further details, etc. got through.

[17:25] A whole load of internal mail arrived a bit ago. Further details for the two jobs I'm going for, a payslip (yay!) and an agenda for the world's most boring meeting next Monday. Oh, and the PFY is pregnant again. Due in February just like last time. Although those of you who've been reading a while will remember that she gave birth the previous December the Monday after I went on holiday on the Friday. This left the Faculty without support until I returned from Egypt. Not that they really struggled as things were set up to work smoothly. Well, best of luck to her this time and I really hope things go well for her. I'm not going to let it get in the way of trying to move jobs though, if I do get a new one they're just going to have to deal with the transition. I'll be available to come back and help if the new job allows, but I'm not going to hang around any more if I can help it. Of course I may not get a new job before then, so all this may be moot.

[09:25] Straight off the bat this morning there's something to do. I came in to find one of the servers was screaming. Specifically one of it's RAID5 disks had somehow kicked the bucket. Luckily this server does very little other than be the print server for a few people, HFNetChkPro and Ghost. So it's not very heavily used. I checked the event log and did the necessary before downing the server, sticking in the new disk and rebooting. Finally once the machine was up and running again I could quiet the alarm and start the rebuild going. I've got it at 90% rebuild rate so people can print out their morning emails, but I really hate having RAID5 arrays which aren't complete so I want it done as soon as possible.

Hopefully we're going to see Hero this evening. There are some free ticket things on the web which I've printed out. Hopefully we'll get in before the rush. Oh, and my Star Wars DVDs have arrived. Episodes IV to VI. They should be good for a laugh some time soon. Not sure what I think about the new CGI they've added in, takes away some of the innocent charm of the originals. Plus Mr Harryhausen must be turning in his grave.

[13:00] I'm debating going to give blood this afternoon. The Blood Service have really put the pressure on by putting "Baby pack" at the top. This means that my blood is used by newborns within a few days of me donating it and probably saves lives. How can I not?

[14:45] There is now a new object of desire for those people for whom a multi-tool is a required part of their wardrobe (personally mine's in my bag). Leatherman have announced the Charge Ti. Titanium, all locking tools. It's what the Wave should have been. I want one.

Otherwise the day has been empty. All the machines are patched, even the laptop that I never usually get to see. All the machines are up to date with antivirus definitions, the users are happy and no printers are complaining. It's given me time to think more about the documentation I need to write, as well as play the migration of the MeetingMaker service to another machine.

I popped out a few minutes ago to get an optical cable for my PS2 to connect it to my amp. I think the one I have has the right connectors. We'll have to see this evening. I'm hoping the memory card will turn up soon, I'm wasting valuable playing time not being able to save anything. I may leave early today as there is nothing happening here and I don't fancy starting anything big at the end of the week. With luck and some bad weather Elaine and I will start on insulating and boarding loft one this weekend.

[15:20] Elaine's interview this morning was... odd. Of the people she was in with, one of them wouldn't stop talking and the other one just looked pained while this went on. I don't think she's going to want to work there if they offer her a post. There's some other good posts coming up towards the end of the month so we're going to be pushing for them I think.

I spent about an hour dithering in town this lunchtime and finally settled on a PlayStation 2, Burnout 3 and a second controller. I wasn't going to be 100% happy with the choice whichever console I'd gone with. In the end it came down to physical size, who I could borrow games from and the size of the controller (Elaine has smaller hands than me). Elaine's also got some PSX games that'll play on it too. I met Elaine in town after her interview and she's taken it home with here with orders not to open it. I've just ordered a memory card from Amazon which hopefully should arrive some time tomorrow or on Saturday.

Shavlik have updated their XML to support MS04-028 under Windows 2000 and IE6SP1 so I've got everything installing and rebooting tomorrow morning. Every machine seems to have the Office 2000 SP3 update on it now so things look pretty much sorted.

[15:00] I've spent the morning working on patching our centralised version of Office 2000 with MS04-027 and pushing it out to the first batch of machines to reboot. This generated a storm of AV warnings as scan timeouts started coming in. Still, what can you do? I've got it so that every other machine will get the new version of Office when they next reboot and hope to have convinced Shavlik that Windows 2000 and IE6SP1 are a supported combination and please could we have an XML file which notices that MS04-028 is a useful download to have.

Elaine's in this afternoon after dropping off another job application down in the south of the city. We're debating (among other actually important things) whether I buy an XBox or a PlayStation 2 when I next have some money. The principle reason being Burnout 3, which is great.

[13:25] I went home earlier yesterday just because it was so quiet and there wasn't anything to do. It's a nice way to use up some of the massive amount of holiday I still have left that I'm not supposed to be able to carry across. When I got home Elaine was on the phone to my mother. I have no idea what they were talking about...

Elaine got a call a little while later from a place she'd applied to to be an IT technician. Turns out the interview'll be on Thursday and won't be technical at all. This is odd. Perhaps it's just a first stage one. They want to know about her customer service skills. I'm still hoping to have her come in tomorrow to put some meat on the bones of the Active Directory stuff I set her off learning about last week.

A user came in yesterday asking why he didn't have an account any more. Turns out that he's changed status and should still have one on this particular part of the system. When I went to create his account I found that his home directory in the archive was a little more than the standard 75MB we allow users to have. It was 678MB. He'd left by this point so the PFY has emailed him to come in and we'll talk about his "data requirements". We're not short on disk space but this particular set of users has been know to take the piss something criminal when given un-quota'd filestore. There's also the backups to think about as we've only got a DDS-3 at the moment and can't back up more than 24GB. Contention is pretty good at the moment, but if all the users decide to use all of their allowable space we could be in a spot of bother. I've got a DDS-4 upgrade planned, but that's not for a while.

[14:40] This weekend Elaine was in Nottingham for a Hen Night so I took the opportunity to do some painting, rather than leaving it all to her. The object of my ministrations was the rear wall of the lounge. The one with the staircase on it. She'd made a start so I just carried on where she'd left off. Of course, it took me about ten minutes to get the top off the tin of paint. I think I was using the wrong type of lever. Once I was up and running the paint went on nicely but easily looked like it was going to need more than one coat, despite proclaiming itself to be 'one-coat'. I couldn't reach everywhere on the wall as it's two storeys tall. In the end I put the extension pole on the roller and finished it that way. After waiting for a while (watching television) I did another coat and then settled down to let my hands recover from the strain of pressing the paint out of the roller. Rather than make some food (I forgot to get anything out of the freezer) I had chinese. Such a slacker.

Sunday was spent waking up from the very late night I had in front of the TV, and then travelling to London for climbing with Will. It's been a long time since I went to The Castle and it showed. I was abysmal. Barely managed any decent 5Cs, but bouldered a good few 5Bs I think. Once Will turned up I had a go at some roped 5s and came away feeling really rather disappointed. I so need to get back in shape. Still, plenty of time before I'm too old.

By the time I got home Elaine had returned from Nottingham and was busy uploading photos from the weekend. We had some food and turned in, not before she'd admired the wall and admitted that although it was rather a dark colour it did work very well. Told you.

We're handing out passwords at a rate of a few a day at the moment. No major complaints (no complaints at all, actually) as yet, although one person mentioned they couldn't change their password. This was true and needed a quick tweak to the right GPO to allow users in that are to be able to. All sorted now.

I've been fiddling with DBAN for the last few minutes and think it's something we'll be using from now on when we're getting rid of PCs from now on.

[15:55] Spent the morning working through a little todo list of small tasks that had been awaiting my attention for a few weeks now. It was good to get them out of the way finally.

I've spent a chunk of the afternoon teaching Elaine the basics of Active Directory. I'd forgotten how complex, byzantine and generally messy the whole thing is. I don't know how anyone is supposed to pick this stuff up by themselves.

[13:10] I finally bit the bullet and, using my newfound wscript-fu and a page that generates random strings of characters for you, set all the newly created users passwords to strings of eight characters. With some batching and some deft use of Excel everything seems to be happy. We have a master password list stored in a locked filing cabinet and we'll tell each user who comes in what their password is. They can then change it if they like.

Our first user came in this morning and was soon logging in and printing. He's not emailed or come up to say there were any problems so we're going to wait for demand to pick up a bit and see what falls out when the setup is given a thorough shaking by the users. We're not going to do anything drastic to the place until we're sure everything's settled down there.

However, once things are looking like they're OK, the next things we need to do include; swapping two servers around, migrating the main print server to another machine, migrating the MeetingMaker server and upgrading to ePO3.5 from 2.5.1 with associated Enterprise 8 hilarity. Oh, and I need to order a PC and a Zip drive for someone. The excitement!

[15:40] I think I'm finished. I think it's done. I think I've managed to smack OpenSSH and Windows 2000's policy permissions around enough that everything works as it should. There are a few rough edges. Some things don't quite work as seamlessly as they should. For a while there was no way to get all the new users to log in to the server with SFTP, but a quick (ha!) bit of Windows scripting and some tighter permissions on higher parts of the directory tree and I think everything's working. Elaine's here, having just delivered another job application to somewhere in town so she gets to help me pretend to be a user downstairs for a while. I'll unlock the room in the morning and put up the sign telling people they need to come to me to get their password set.

We went to see Hellboy last night. It was an amusing way to spend an hour or so. Tonight it's climbing. I'm sure I should be writing more, but frankly I'm too brain-fried from the last two and a half days to think of anything much more coherent.

[14:00] The PFY and I have spent the morning looking at file ownership in preparation for activating the quota system on the newly installed server. Apart from a few minor issues the user creation coupled with adding to the OpenSSH passwd file, and setting the owner with a handy little setowner.exe file everything seems to have gone reasonably well. I solved a few small problems with user login scripts and the PFY wrote a whole load of scripts which save us a good few dozen hours worth of time. Once I've had lunch and another think we'll do the main file transfer to the server and make sure everything is working OK.

[17:35] Everything's working now apart from the fact that only Administrators can log in via SSH to the server. It's Windows 2000 SP4 with the SSH package from I don't know what the problem is at the moment but it's really bugging me now. If anyone knows what I need to frob (log on locally, permissions, etc.) let me know please.

[08:15] No job for Elaine. Same old reasons. We move on. Today I'll be mostly installing workstations and servers.

[12:50] Currently installing the server with Windows 2000 from the OpenManage CD and Advanced Server SP3-slipstreamed. The ghosting of the workstations seems have gone fairly smoothly (one minor error that doesn't seem to be a problem). As of right now there is no more Windows NT4.0 left in the building any more. I know this puts me well behind the curve, but probably still well ahead of many businesses still out there.

[15:20] A fairly empty day today as we gear up for Monday. No PFY so I've been running through the procedures we'll need to do. Before all that I went with Elaine part of the way to the hospital (she wasn't quite sure of the way) for her initial consult for this health authority on her on-going MS diagnosis. While she was there I started work on understanding the feasibility of having two RAID5 arrays on the same controller in the Dell PowerEdge 2300 with a PERC2/SC. It seems to be fairly straight forward and at the same time as finding more information on 'how' out, I've found a rosetta stone of pretty much all the Dell PERCs to date. Which will be helpful.

Other than that I've been reviewing the drivers to install, digging out the Dell OpenManage CD (v6.4 being the last one to support PowerEdge 2300s) and W2K Advanced Server (SP3 slipstreamed) CD and getting all the ancilliary software together. I don't think it's going to go 100% smoothly, but it should be as near as damnit.

[15:20] Apparently the post is currently 'on hold'. This doesn't really help as we don't know if she's got the job and they're awaiting funding or something, or something else, like she hasn't got it. Ho hum. Wonder how long we'll have to wait to find out.

Buying some more licenses and maintenance for HFNetChkPro soon. Wonderful product, wouldn't do without it now. The PFY and I are working on the information sheet we give to new people joining the network. Lots of fun. Other than that I'm tweaking scripts, getting things organised in the right order and generally waiting for Monday when everything happens at once in an orgy of well-timed copying, installation and configuration. Honest.

[10:20] There's something about traffic in this city some mornings that makes me hum the signature riff from Hans Zimmer's score to The Rock. It's a really exciting journey some days. Still, here in once piece. I've got someone's Digital Ixus II to install on their machine this morning. It's for perfectly valid reasons and it gives me the perfect excuse to have a look at it. The LCD screen on the back is wonderfully black and I expect the contrast is excellent. I'll get around to that some time around 11:30.

With luck Elaine'll get the call today to say if she's got the job or not. We're trying to not hold out any hope because it's getting a bit wearing to keep being told that it's not this time. I remain hopeful and I know that if it's not this one, then it could be the next one.

Slacker that I am I've only just got around to doing the most recent patch for ePolicy Orchestrator. It went without a hitch and all the agents are now updated. I do like centralised management.

[16:40] Still nothing from the place Elaine interviewed for. We have no idea whether they've decided or not.