Archive for May, 2009

Setting Up SonicWALL High Availability Pairs

Friday, May 29th, 2009

Prerequisites
1. They MUST be the same model
2. Make sure that if you need Stateful High Availability that you have the license for it (only Primary SonicWALL needs to be licensed)
3. Make sure that if the client wants support for both SonicWALLs that they purchase support for the Backup SonicWALL as well.
4. Register and associate the Primary and Backup SonicWALLs as a High Availability pair on mysonicwall.com
5. Physically label the SonicWALLs
6. On the back of each SonicWALL make note of the Serial Number.
7. Ensure you have two (2) Ethernet cables coming off of the LAN (one for each SonicWALL)
a. Adjust the Spanning Tree protocol if it’s being used on the switch to FAST.
8. Ensure that you have a crossover cable for X8 on NSA 240s (this is for the heartbeat between the two units)
9. Ensure that you have a dumb switch for the WAN, and two (2) Ethernet cables (one for the primary, one for the secondary).
10. Ensure that you have 2 LAN IP address that you can give to the SonicWALLs for monitoring
11. DON’T connect the SonicWALLs together yet

Setup
1. Register both SonicWALLs online
2. Register both SonicWALLs as an HA Pair
a. Go to www.mysonicwall.com
b. Go to the Backup SonicWALL
c. At the bottom of the licensing, look for HF or Hardware Failover
d. Enter in the requested information (name, and serial number)
e. On the “Service Management – Associated Products” page confirm that the registration was successful, then scroll to the bottom to see the Associated Products and click either HA Primary or HA Backup to display that the unit that is now associated with the your newly registered SonicWALL.
f. (OPTIONAL) Register Stateful HA on the Primary SonicWALL if you have the license.
3. Power on Primary SonicWALL and enter in LAN and WAN information
4. Connect LAN and WAN to SonicWALL (DO NOT CONNECT CROSSOVER CABLE)
5. Activate Primary SonicWALL (login to the Primary SonicWALL and register it when you get it online).
6. Load up new firmware on Primary SonicWALL (this’ll take up to 5 minutes)
7. Disconnect Primary SonicWALL from LAN and WAN once you’ve confirmed that the unit is now registered.
8. Power on Backup SonicWALL and enter in LAN and WAN information same as Primary and connect to LAN and WAN (DO NOT CONNECT CROSSOVER CABLE)
9. Activate Backup SonicWALL (login to the Primary SonicWALL and register it when you get it online).
10. Load up new firmware on Primary SonicWALL. (this’ll take up to 5 minutes)
11. Disconnect Backup SonicWALL from LAN and WAN once you’ve confirmed that the unit is now registered.
12. Power on and connect Primary SonicWALL
13. Create all necessary firewall/security rules on the Main Unit
14. Create a Backup of your settings

Configuring HA
1. Login to Primary SonicWALL
2. Go to “High Availability”
3. Go to “Settings”
4. Select Enable High Availability checkbox
5. Enter in Serial number of Backup SonicWALL
6. Click Accept
7. Go to “High Availability” > “Advanced”
8. Leave all values the same in the fields
9. Select the following:
Enable Preempt Mode
Enable Virtual MAC
10. Save your settings

Connecting the HA units
1. Make sure both devices are turned on
2. Connect a LAN cable to X0 on each SonicWALL device
3. Connect a WAN cable to X1 on each SonicWALL device
4. Connect the cross over cable to the HA reserved port (X8 if it’s an NSA 240)
5. Login to the Primary SonicWALL
6. Go to “High Availability” > “Settings” and keep clicking on refresh until:
a. That status at the top right is Active
b. “Primary Status” is enabled
c. Dedicated HA Link is connected
d. “Found backup” is Yes
e. “Settings Synchronized” is Yes
f. OPTIONAL make sure anything that says “Stateful” is at “yes”
7. Review the logs to ensure that there are NO errors with licensing. If found, errors with licensing will occur in the logs every 10 minutes. If you find errors in the licensing, wipe everything out, and reapply the firmware.

Configuring Monitoring of HA Devices
1. Login to Primary SonicWALL
2. Go to “High Availability” > “Monitoring”
3. Find X0 (the LAN) and click to configure it
4. Enable Physical Monitoring
5. Enter in a LAN IP address for each device that you reserved in the Prerequisite steps (Primary = Primary Unit; Backup = Backup Unit).
6. Attempt to manage both SonicWALLs from their respective HA IP addresses. NOTE: The HA LAN management IP addresses are only used for management and CANNOT be used as a gateway for traffic.

Finish
1. Backup all of the settings from the Primary SonicWALL and Secondary SonicWALL (via HA LAN management IP address)

Configuring IPS to Deny P2P Traffic On a SonicWALL

Thursday, May 28th, 2009

1. Login to SonicWALL
2. Go to Application Firewall
3. Go to Application Objects
4. “Add New Object”
5. In the next window, name the object
a. Under “Application Object Type” select “Signature List”
b. Under “IDP Category” select P2P
c. Under “IDP Signature” select each one, and add it to the list
NOTE: I tried using Signature Category List, assuming that this would be the same thing as choosing Signature List, and then Selects all of the IDP Signatures. I did not get good results, YMMV.
d. Click OK
6. Go to Policies
a. “Add New Policy”
b. Name the Policy
c. For “Policy Type”, choose “Dynamic Content”
d. For “Application Object” choose the name of the Application Object that you created initially.
e. For Action, choose “Reset/Drop”
f. Select “Enable Logging”
g. Ensure “Log Redundancy Filter” is selected.
h. Click OK
7. Ensure that the Policy is enabled.
8. Check the little bar graph next to the policy, called the Policy Statistics. This will tell you how many times it was used to block traffic.
9. Check the logs to see the blocking in effect, it will most likely be highlighted in yellow.

Adjusting Device Thresholds in Zenoss

Friday, May 22nd, 2009

By default, the Zenoss monitoring system tends to send extraneous warnings everyday. The thresholds for these warnings can be adjusted to create fewer, more pertinent warning messages. For example, MyXserve is set to send a warning when the Ethernet utilization on port en0 exceeds 75% of the maximum. That happens every day. Changing that threshold setting to 90% would result in fewer, more meaningful warnings. These are the steps to adjust a device threshold using COMPUTER as an example.

NOTE: Adjusting a Performance Template changes that template for EVERY DEVICE that uses it. Changing the ethernetCsmacd in this example from 75% to 90% will change the threshold to 90% for ALL DEVICES that use that template.

1. Look at the warning that was sent to an email address. For the COMPUTER example, here is the information:

Subject: [zenoss] COMPUTER threshold of high utilization exceeded: current value 1796033.47
Device: COMPUTER
Component: en0
Severity: Warning
Time: 2009/05/21 23:08:22.000
Message: Threshold of high utilization exceeded: current value 1796033.47

This tells you that the device sending the warning is MyXserve, the component having the issue is en0 which is the main Ethernet port, and that the threshold that was exceeded is the high utilization threshold.

2. Login to Zenoss. (There’s information on that in another Kbase article.)

3. In the Dashboard, click on the device in the Device Issues portal.

4. In the Device Status portal, click on the correct Component Type. In this example we click on ipInterface since we’re interested in the Ethernet port.

5. In the Interfaces portal, click on the correct interface. In this example, click on the en0 interface.

6. In the resulting window you will see the Status of the interface including some performance graphs. Click on the Templates tab.

7. Click on the correct Performance Template. You can find the correct one from its name or description. In this case, there’s only one and it’s named ethernetCsmacd.

8. In the Thresholds portal, click on the threshold that is listed in the warning. In this case, it’s the high utilization threshold.

9. The resulting window shows the settings for the high utilization threshold. There are several settings but we’re most interested in the Min Value and Max Value fields. There is nothing in the Min Value field and we’ll leave that as is. It may be used in other templates. The Max Value field contains a calculation for the number of bytes sent and received: (here.speed or 1e9) / 8 * .75. To adjust this from 75% of the maximum to 90% of the maximum change the .75 to .90 and click the Save button.

10. Back in the Performance Template window, you may have to change the description and clicked the Save button. This one said “Standard ethernet interface template with 75% utilization threshold” which I changed to “Standard ethernet interface template with 90% utilization threshold.”

At this point you can log out of Zenoss and keep an eye on any warnings your device may send for the next 24 hours.

Using Transmogrifier to Extend Final Cut Server

Wednesday, May 20th, 2009

Using Transmogrifier With Final Cut Server

Transmogrifier is a python framework created to assist with the importing and exporting of assets from Final Cut Server to various export formats (currently YouTube and BrightCove are supported).

Getting Started

The primary interface to the Transmogrifier framework is provided via the executable file ‘transmogrifier’. Here is the usage output for this file:

Usage:
transmogrifier [-f configfile] [-d supportdir] [-a action] [-t mediatitle]
transmogrifier -o BrightCove -t MyAsset [-f configfile] [-d supportdir] [-a action]
transmogrifier -o BrightCove -a preflightCheck|upload -t MyAsset [-f configfile] [-d supportdir]
transmogrifier -a createSupportFolders [-o YouTube] [-f configfile] [-d supportdir]

Flags:
-h — displays this help message
-f filepath — Use specified config file
-o target — output target, i.e. ‘BrightCove’, ‘YouTube’
-d supportdir — path to support folder, this is typically read out of the configuration file
-t title — title of the asset.
-a action — Perform the requested action. default: “upload”
“upload”
“preflightCheck”
“createSupportFolders”

See the Introduction PDF on GitHub or Sourceforge for more info.

Disable Flash Auto-Load

Tuesday, May 19th, 2009

ClickToFlash is an alternative flash plugin for Safari.

It prevents flash from autoloading on a webpage, you have the ability to add certain domains to a whitelist, or you can just “click to flash” to load the flash element for only that instance.

Great for browsing flash heavy websites that love to blast music and bring your browser to a crawl as flash loads. Also

One drawback is if the flash is old and includes an out of date version check, it will report your flash plugin as needing to be upgraded (this is because clicktoflash hijacks the primary flash file type handler, and then when clicked, changes the filetype to an older one that Adobe still recognizes).

Direct link to download version 1.4.1 (current as of this writing): http://s3.amazonaws.com/clicktoflash/ClickToFlash-1.4.1.zip

Works in Safari 3 and 4 beta, but only 10.5 for now.

Google Apps and BlackBerry

Friday, May 15th, 2009

Google Apps has taken another step towards the capacity for enterprise integration. Google Apps Connector for BlackBerry Enterprise Server will be available in July. Google was fairly quick to release a product that allowed for interaction with the iPhone and has recently added an ActiveSync option to connect to their mail services, allowing for the synchronization of contacts, mail and calendars to devices running Windows Mobile and the iPhone. This additional step simply completes offering up Google Apps to the major smartphones on the market. And with recent directory services integration offerings, Google Apps seems more than ever like a viable option in the enterprise space.

As partners of Research in Motion, Microsoft and Apple, 318 would be happy to work with you to formulate a unified strategy for managing, application development and application delivery for your mobile enterprise – no matter the platform.

Safari Browsing and Sonicwall Enhanced

Friday, May 15th, 2009

Thanks to one Ed Marczak and earlier hinted at here we had a fix for a SonicWALL issue that was bugging us from awhile back. With SonicOS Enhanced and Content Filtering Service, Safari experiences errors trying to load pages that require a login, such as store.apple.com and www.amazon.com. This even occurs when CFS is not enabled on your Sonicwall.

To fix this, you need to uncheck the “Enforce Host Tag Search with for CFS” feature on the SonicWALL. In order to uncheck “Enforce Host Tag Search with for CFS”, you have to login to sonicwall console and then go to diag page, which is accessible by logging into the sonicwall and replacing the webpage name with diag.html.

For example, if you log into http://192.168.1.1/main.html you have to replace main with diag; that is: http://192.168.1.1/diag.html

This page will bring the internal settings page of the SonicWALL, and from here you can uncheck “Enforce Host Tag Search with for CFS”.

Itemized List of 10.5.7 Updates

Wednesday, May 13th, 2009

If you’re wondering what was included in the 10.5.7 update, the itemized list has been compiled here.

Citrix Receiver for iPhone

Wednesday, May 13th, 2009

Deploying the iPhone into the enterprise has a number of pain points. Two that we continue to hear are a lack of full disk encryption and developing software. For environment who cannot obtain enterprise developer accounts, we also continue to work through problems with regard to application provisioning. Many companies are also getting tired of trying to deploy applications to too many operating systems. One answer we’ve taken for some of this is to introduce web-based applications with small wrappers around them that are specific to each application/device. But Citrix has stepped up and released Citrix Receiver for iPhone and Dazzle.

Within the Citrix product line you will now be able to provision a thin client-based application and achieve the agility that business units want without the commitment to a specific platform. This means that if your users want Windows Mobile or an iPhone you can publish an application, tailored to their screens and with Dazzle, you can give them the option to choose which applications they want to access, making application provisioning easier for many environments. Because a thin client leaves all of its data on the server, the lack of full disk encryption becomes less of an issue with the iPhone as you can choose to sandbox your business critical data into thin client environments. And finally, you can go to market with solutions that can enhance your business faster in many cases, by leveraging existing efforts and resources.

Overall, we’re happy to add Citrix Receiver in our own portfolio of product offerings. We can now go into any development opportunity with even more options: begin a new application (fat client), deploy a mobile-specific web-based application or bring a thin client solution to the table. From an application lifecycle, being able to look at the iPhone in a similar fashion to how we look at Microsoft Windows and Mac OS X is key to maximizing the capacity an organization towards their the business potential.

Retrospect 8.0.733

Tuesday, May 12th, 2009

Retrospect 8.0.733 is now out and available for download. If you are using version 8 and experiencing problems then you should run it as it fixes a number of bugs. Bugs fixed in the Retrospect 8.0.733 release:
18925: Keep backup sets and scripts associated when catalog rebuild is necessary
20075: General UI Feedback: Okay/Apply
20131: Able to enter text in fields that should only accept numbers
20146: Log Limit doesn’t verify for valid value range
20156: Prefs >Media > media request timeout should check for valid values
20229: Scripts Icon backwards in details view when no script is selected
20258: Copy assistant should not allow you to select same volume for source and destination
20276: “More Backups…” is disabled in Restore Assistant
20332: Restore Assistant: script starts when you select ‘Save’
20343: Error backing up Win XP client – error -3043 (the maximum number of Snapshots has been reached)
20373: Sources icons display as usb removable drives
20437: Past Backup lists wrong date
20475: Disclosure triangles in volumes and scripts
20504: Remove all local volumes: Need to restart Engine to repopulate
20528: Servers displaying in the Sources list
20538: Improve column sizes and layout
20555: Verify Script: Options lists backup sets
20585: “Pause Server” should change to “Unpause” or “Resume”
20598: File Media Sets: remove option to change ‘Fast Catalog Rebuild’
20604: Volume Type not correct
20634: Script Schedule > refresh > auto deletes schedules
20640: Creating a new schedule item does not select the new item
20719: Console: DAG memory leaks
20729: Possible Small Memory leak in Engine when [Backupset EditWithPassword]
20735: New Backup Script: using Tag from previous script
20849: Creating a New Media Set does not accept some characters
20896: “Please update your server” dialog should be more informative
20919: Media Sets: Tape not display Used/Free/Capacity
20945: ScriptProperties::TransferMode seems to have incorrect values
20953: Need to be able to defer scheduled activities
20971: Use Small Icons setting lost after closing UI
21015: Sources: Clients duplicate in the Multicast list
21039: License Manager UI Issues
21087: Starting activity negates activity scope buttons
21124: Desktop: no license challenge when adding a 3rd client
21174: Smart Tag UI problem
21302: Disk Media Sets: when only one member – remove should be disabled
21382: Dev: ArcDiskInfo/ArcDiskFileInfo’s persistent logic is wrong, blocking ppc feature
21463: Need a way to change console’s server password on existing server
21487: Sessions and Snapshots get into state with different volume names
21510: Search for files restore not working across multiple Media Sets
21544: Launch engine at startup authentication broken
21552: Sources: Erase a local drive the disk used / total not updated
21562: Restore Files: Assistant – Search for files in selected Media sets
21590: Need to store extdFlags EXTD_HASACL and EXTD_HASMETA in trees
21603: File Media Set: during backup .rbf.rfc file displays as unix executable
21618: Unable to successfully restore IIS on W2K3 Server
21625: Rules not updating correctly
21628: Unable to add multiple device members
21644: Cannot change member location in Edit Member, throws error
21663: Bad value for Compression field in Activities
21712: Assert during first backup
21737: Crash with DLT1 drive
21740: Media creation time is wrong
21746: Crash trying to add NAS device
21752: Crash copying library directory
21755: module.cpp-825 assert
21764: Console crash while backing up NAS (tag-related)
21775: wrong password adding clients
21782: Restore Assistant: Assert at module.cpp-845
21783: Sources: Local Volumes displaying multiple times
21785: Restore Assistant: When Clients volumes selected unable to ‘Continue’
21791: U Mich. assert
21797: Klingon server assert during client backup
21800: RefBackupset::Search needs Progress object
21803: Error -703 unknown when trying to access a Media Set
21804: Firewire Lacie D2 AIT not responding
21812: Engine crash with invalid object
21813: Incorrect free disk space displayed
21815: Can’t stop engine on 10.4.11
21822: Search for files – manual selection is ignored
21824: Wrong Client Errors being displayed
21825: Client Test button missing
21826: Client connection strangeness
21830: Rules UI different in different parts of yeti
21837: Source’s ‘Last Backup Date’ field doesn’t roll up
21838: assert while trying to rebuild a disk media set
21846: Improve how compression data is displayed
21849: Editing script with many sources not easy
21852: Crash proactive backup to tape library
21856: Console crash with 8.0.608 (tag-related)
21858: Restore Assistant: Selected Media selector set jumps to top of list
21863: Restore Assistant: Restore files from which backup – no date displaying
21864: Restore Assistant: Preview for multiple media sets – only displaying files from first
21866: Assert during local restore: restore drive out of space
21868: better errors needed when license is required
21876: Assert: tree.cpp-3095
21877: Smart Tags not working with Clients set to Startup volume
21878: Assert: module.cpp-825 and others when adding clients
21879: Can’t erase 6.1 VXA-320 media
21881: Hang with 2 proactive backups running
21901: Selecting tape in slot during add member tries to add tape in drive first
21902: Grow the UI elements for all non-English language XIBs
21908: Can’t create a Size rule with more then 3 numbers
21911: Restore Assistant: Not restoring correct files (search restore restores too many files)
21915: Rule: Rules using ‘is not’ switches back to ‘is’
21916: Rules: unable to use Rule ‘Volume drive letter is’
21917: Rules: Files system is Mac OS switches to Windows
21922: Rules: unable to use ‘Date accessed’ rule
21924: Add Media Set: changes to catalog path in text field are ignored
21925: Add Media Set: Browse window should be a sheet
21926: Client browse cause engine crash: module.cpp-845
21934: Assert module.cpp-825 adding tape members
21939: Assert: tmemory.cpp-275 and Crash Reporter logs
21945: Restore Assistant: Unable to use ‘Search Media Set’
21960: VXA-320 FireWire loader issues including assert at intldrdev.cpp-4483
21961: Sources: Last Backup Date – local dmg files
21969: Find Files doesn’t always find the right media sets
21973: Sources: cannot remove local favorite folders
22002: Restore Assistant: issue with preview
22005: Restore: crash when accessing backup with a yellow icon
22006: Restore Assistant: FindFiles with mutiple found sets but not all checked doesn’t run
22013: Copy Backup: MD5 check some error
22024: Unable to change rules condition
22046: Script > Schedule > Text cutoff “F” for friday
22056: Restore Assistant: Restore files – Where do you want to restore: allows multiple selections

Pushing Mail Configurations to iPhone

Monday, May 11th, 2009

First, you need to download the iPhone configuration utility. You can find it at http://support.apple.com/downloads/iPhone_Configuration_Utility_1_1_for_Mac_OS_X

Once you have downloaded that and installed it. You go to your /Applications/Utilities folder and find the iPhone Configuration Utility app.

Open that up and go to the Configuration Profiles and click on New up on the top menu bar.

From there it will give you a bunch of different parameters that you can customize for a given profile. If you go to the Email tab, you can configure mail for the client so that all they have to do is just enter their password and it will set it up by itself.

Once you are done with all of the configurations, you can either export it or just email it by either of the 2 buttons on the top menu bar.

Once mailed to the client they will just have to agree to install it on their phone, entering their password, and than they have the settings.

You want to make sure that if they had a previously setup email address with these settings you are sending them, that they delete that account. You will have to email it to a different email address than the one it will be setting up.

————————

To delete the account, on the iPhone, go to the Settings – General – Profiles. You can uninstall the profile from that screen.

Defragmenting Exchange Databases

Thursday, May 7th, 2009

In Exchange 2003, databases grow, and can get fragmented. It’s been nearly 6 years since it was released. Many people moved to Exchange 2003, and since may want to migrate to another new Exchange environment.

Either way, Exchange maintenance is important.

First, by default Exchange 2003 will have Online Defragmentation and it occurs daily between 1A and 5A. It’s online, so it’s OK if users hit their mailboxes during this time. It does not mess with e-mail. Every time someone accesses their mailbox, the defragmentation will pause, and then begin again once it notices that the mailboxes are idle again.

Secondly, there is something called Offline Defragmentation. Offline Defragmentation involves using a utility called Eseutil.exe (Exchange Server Database Utility). This utility can do some other things, but in this instance you can use it for defragmentation and shrinking down the size of the actual database. When using offline defragmentation, your databases must be offline.

According to Microsoft, the only times that you should use Offline Defragmentation is when:

- After performing a database repair (using the command Eseutil /p)
- After moving a significant amount of data from an Exchange Server database
- If instructed to do this when you are working with Microsoft Product Support Services, or when troubleshooting a specific problem and the existing documentation calls for an offline defragmentation.

NOTE:
- To determine how much space you will regain after the offline defragmentation of the database, check event 1221 in the Exchange server’s Application log. You should also consider the time factor when performing an offline defragmentation of the database because it is a lengthy process.
- It is also important to note that the offline defragmentation requires about 110% of the space of the original database to succeed. This is because the Eseutil tool actually creates a new database file, in addition to the original database file. Both files have to coexist on the disk. It is possible however, to redirect the temporary database file to a different hard disk by using the Eseutil /t switch
- Immediately create a backup after you initiate an offline defrag

For more good information, please see:

http://technet.microsoft.com/en-us/library/aa998687%28EXCHG.65%29.aspx

Using Symantec’s Backup Exec With External Hard Drives

Tuesday, May 5th, 2009

This assumes that you’ve already installed Backup Exec, and licensed it appropriately.
This assumes that all parities understand the expected backup retention policies, as well.

Preparing Backup Drives
1. Unpack Backup Drives
2. Plug both of them in
3. Note the drive letter assigned to them (this drive letter will now be forever associated with that drive).
4. Ensure drive is formatted with NTFS, if not, backup info on hard drive, format it, and label it appropriately
NOTE: You want to backup info on the new external drive because often times there will be utilities on there that are not present on the CD that the drive came with, or available from the manufacturers website.

Preparing Devices
1. Open Backup Exec
2. Navigate to Devices
3. Right mouse click on Removable Backup-to-Disk Folders
4. Select Backup-to-Disk Wizard
5. Click Next
6. Select Create a new backup-to-disk folder
7. Select Removable backup-to-disk folder
8. Name it (remember the name)
9. Select a path (this is just the drive name [ex. F:])
10. Follow the rest of the steps
NOTE: You will need to do this for each drive.

Preparing Media
NOTE: This is a critical step. If you don’t do this, chances are that the media you’re writing to will not allow you to overwrite it, even if you told it to do so in your Job properties. As a general rule, remember that device properties trump job properties.
1. Go to the Media tab, Right mouse click on Media Set
2. Select New Media Set
3. Give it a name (remember the name)
4. Ensure that “Overwrite protection period” is set to: Infinite – Don’t Allow Overwrite
NOTE: This is in my opinion bad grammar that’s been carried along from version to version. What this settings does is DISABLE overwrite protection. This means that there is no overwrite protection – i.e, you can write over the drive as many times as you please.
5. For “Append Period”, ensure that it is set to “Infinite – Allow Append” Backup exec interprets this as “I will allow you to append as many time as you please because there is no period to stop appending”.
6. Set Vault rules to None

Creating a Job
1. Go to the Job Setup tab
2. On the left pane, under the Backup Tasks window, select “New job using wizard”
3. Select “Create a backup job with custom settings”
4. Select the resources you would like to backup
5. Test the logon account
6. Select the order of backup
7. Name the backup, and the backup set
8. Choose the device you’d like to backup the data to (The All Devices pool).
NOTE: You will in most cases want to select “all devices”. This will tell Backup Exec to go to all devices and then select the one that’s available to backup to. If you have a tape drive that’s been deprecated, then you want to disable the tape drive under “Devices”, but still point the job to all devices. It will then backup to the drive that’s plugged in. This will allow for external drive rotation with the least amount of user intervention. If you have more than one “online” device, then you want to create a new “device pool” under “Device” and add your two “backup-to-disk” folders within that new pool.
9. Select the media set you’d like to backup the data to (the new media set you created).
10. For Backup Overwrite Method, please select “Append to media, overwrite if no appendable media is available”. What this will do is backup to the drives for as long as the drives say per your Media selection, and if there’s no room, it will overwrite.
11. Choose your backup options. Depending on the time it takes to backup, you will want to adjust this. With the size of external hard drives nowadays, I don’t see any other reason why you’d want to stray from Full Backups. If the backups are under 100GB and you have 1TB drives, go ahead and choose full backups (at the speed of USB2.0 or greater this will most likely only take about 4-5 hours). This will make it easier for restores in a offsite rotation scenario, managing jobs in the long run, and give you ~8 days worth of backups.
12. Always select it to verify backups
13. Schedule the job to run later
14. For the schedule, you would usually want to choose Recurring Week Days, and select the days you want it to backup per your conversation with the client.
15. For the Time Window, select what time you’d like the backup to start.

Adjusting Alerts
1. Go to Tools > Alert Categories
2. For “Media Insert”, and “Media Overwrite”, ensure that you select “Automatically clear alert after” 2 Minutes (or whatever you want), and Respond with “Yes”
NOTE: IMPORTANT If you don’t do this, Backup Exec will actually wait FOREVER (literally) for someone to manually acknowledge the alert by clicking Yes, No, or Cancel. It will always pop an alert because it’s hitting a pool to search for available media. By responding with Yes, it will now begin to Overwrite and/or use the device and media that you have selected the job to use.

Testing Job
1. Unplug one of the drives
2. Manually Run the Job
3. Verify that the job has run successfully and note what problems you have ran into, and correct or note as necessary
4. Run the Job AGAIN on the same drive. Ensure that it runs and appends to the drive. This will prove that the drive can be written to and is not “locked” due to an incorrect setting on the job or media.
5. Unplug the tested drive
6. Run steps 2-4 on the other drive to ensure that everything is OK.
7. Run a test restore
8. You can now leave one of the drives onsite, and take another with you or leave it with the client. You can now assure the client that they now have good backups (one onsite, and one that’s going offsite), and that you’ve thoroughly tested the backups and also performed a test restore.

Wrap up
1. Note any false positives in notes for the client (for backup troubleshooting in the future)
2. Update the Backup section for the client in notes.
3. Even if there was no BEV, send a BEV out saying that they now have a backup system in place.

Add Copy To and Move To Contextual Menus in Windows 7

Tuesday, May 5th, 2009

As with XP and Vista, Windows 7 doesn’t have the uber-useful (to us at least) Move To and Copy To options in the contextual menu’s by default. To create a Copy To menu item, go to the HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers location in the registry and create a new Default key with a name of Copy To and a value of {C2FBB630-2971-11D1-A18C-00C04FD75D13}. To create a Move To menu item, go to HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers (the same location) and add a new Default key with a name of Move To and a value of {C2FBB631-2971-11D1-A18C-00C04FD75D13}. Now you should have the menu items. Notice that the keys are only different in the 30 at the end of the first string of hex numbers…

Troubleshooting File Replication Pro

Saturday, May 2nd, 2009

Check the Web GUI.

To Check the logs via the Web Gui
- On the server, open Safari and go to http://localhost:9100 and authenticate
- Go To Scheduled Jobs and view the Logs for the 2 Way Replication Job

You can also tail the logs on the server. They are in /Applications/FileReplicationPro/logs and among the various logs in that location, the most useful log would be the syncronization log.

Many times the logs show that the server TimeSync is to fare between, the date and time are not correct. Each Server has a script you can run to resync the time. To Run this Script
Open Terminal on both First and Second servers and run
sudo /scripts/updatetime.sh

You should see output in the terminal window and in the Console related to the time&date are now in sync with the time server.

To Stop and Restart the Replication Service

Open Terminal and run the following commands as sudo
systemstarter stop FRPRep
systemstarter stop FRPHelp
systemstarter stop FRPMgmt
once the services are stopped, start them up again in the following order
systemstarter start FRPRep
systemstarter start FRPHelp
systemstarter start FRPMgmt

You also should restart the second (or tertiary) Client:
Open Terminal and run the following commands as sudo
systemstarter stop FRPRep
wait for the service to stop and then start it again with this command
systemstarter start FRPRep

Xsan and Final Cut Server Monitors

Friday, May 1st, 2009

The Xsan and Final Cut Server monitors have been announced at Xsanity and are now available for download. These will monitor processor and memory utilization of the Xsan and Final Cut Server processes respectively. SSH tunneling will hopefully be added soon so that you can run them remotely but that’s closer to a 1.x release rather than the .x release that is available.