Posted by

Posted on

February 4, 2015

Posted under

Configuration, Configuration, Security, Tanium

Comments

Configuring Windows Update with Tanium

There really is only two ways to configure the Windows Update Agent: Manually through UI or the Windows Update API. Unfortunately as an enterprise admin, you need to use command line utilities to configure endpoints and Microsoft does not provide that. Thus, I’ve put together a really quick command line utility that uses the Windows Update API to allow you to configure using our favorite platform… Tanium.

Download Solution Pack

First thing you must do is download the entire Tanium solution pack for Windows Update. Once you’ve downloaded the Windows_Update.xml, you must import it through your Console->Authoring->Import Content.

You’ll find it contains multiple sensors, packages and saved questions for reading and changing the configuration.

Ensure Package Files Download

One of the packages requires external files that are downloaded from files.danielheth.com. These files are served up via https and thus you must configure my Certificate Authority in order for your Tanium Server to properly download from that location. You must also configure a White Listed URL as well. You can read more about doing this at https://danielheth.com/2015/02/02/secure-downloading-of-package-files-with-tanium/

OR you can simply download the three files manually and update the Distribute Windows Update Tools package. We will explore this second option in this article:

Download all following files:

Then edit the Distribute Windows Update Tools package by going to Console->Authoring->Packages, filtering by “Distribute Windows Update Tools” and edit the correct package. Then “Delete” all three files linked to this package…

Now we will “Add Local Files…” for each of the three files we downloaded earlier.

Now that we have all three “local” files uploaded into the package we’re ready to start using this solution…

Windows Update Dashboard

Included in the solution pack is a new dashboard which groups all the functionality together in a single location. Browse to that dashboard by looking under “Other Dashboards” and finding the one called Windows Update.

As you can see from the screenshot, there are two included saved questions. One lets you know about the installation status of the special utility we’re using and the other uses that utility to return the current status of the Windows Update Agent using the API.

Deploy Windows Update Tools

I already have one system deployed with the utility, but my other 9+ systems do not have it. I can drill down to determine what the names of these systems are and distribute to specific machines, but I want my entire infrastructure to have this utility. Thus I will right click on the “No” answer and deploy the package we edited before, the Distribute Windows Update Tools package. Complete the deployment of that action and within 10 or so minutes, you should start seeing the Windows Update Configuration appear in the right answer grid.

Configure Windows Update Status

The Windows Update Agent has a few modes of operation:

Not Configured means “not configured” by the user or by a Group Policy administrator. Users are periodically prompted to configure Automatic Updates.
Disabled is self explanatory… Users are not notified of important updates for the computer.
Notify Before Download prompts users to approve updates before it downloads or installs the updates.
Notify Before Installation will download the updates but prompt users to approve the updates before installation.
Scheduled Installation will automatically install updates according to the schedule that is configured by the user or by the wu4tanium utility.

To make changing this mode-of-operation status easy, I’ve included a Configure Windows Update Status package with the above described options. Select the configuration answers that are not configured as you want and launch this package to change it.

Configure Windows Update Schedule

If you chose to schedule the automatic installation of updates you can use the Configure Windows Update Schedule package to change the day and time updates will install.

I would like all my systems to download and automatically install updates every day at 1am. To do that, select all the configurations that do not match your desires, Right click and Deploy Action. Select the Configure Windows Update Schedule package from the dropdown and two parameters will appear. One to specify the day of the week and the other the hour. The hour is specified in 24-hour “military” time and is only configurable for on-the-hour.

After 10 minutes, the Windows Update Configuration answer grid will start updating with the newly configured schedule. The Windows Update Config sensor is set with a max age of 10min, thus we must wait that long before the sensors script is executed again and the new configuration starts appearing in the answer grid.

Conclusion

I hope this helps those of you who wish to use the Windows Update Agent to update your systems rather than using a more involved patching solution.

Note that this solution DOES NOT USE the Tanium file/shard downloading functionality… each endpoint will download updates directly from Microsoft.

Also I have only tested this on Windows 7 systems. It is possible the Windows Update API will not function as coded on other versions of Windows. If you wish to view the code for the wu4tanium utility, it is available on github. Feel free to fork that project to add functionality or compatibility with other versions of Windows.

Posted by

DanielHeth

Posted on

February 4, 2014

Posted under

Uncategorized

Comments

Leave a comment

Tanium How-to SigCheck

If you’ve read my blog over the past few days, you already know that I now work for Tanium. Tanium has a self-named product that is used at many of the top fortune 50 businesses to help them manage and get instant answers on the most common security and systems management questions they face in mere seconds!
I thought I’d start sharing some how-to articles related to the product. I’m still learning myself so I will share as I learn. For this first article, I thought I’d start slightly after the beginning. I’m sure anyone reading this has gotten the full intro and some basic training from their assigned Technical Account Managers. And if you have any questions, the TAMs are always listening and willing to help!
Now, for this first article I want to tackle a problem that comes up all too often when distributing software that might be used by the Tanium client itself. In the example below, I will teach you how to distribute the Sysinternals tool called SigCheck. To do this you will need to produce a few pieces of content:
1. “Has SigCheck” is a sensor that checks your endpoints and determines if you have the utility already installed or not. This sensor allows you to ask the following question: Get Has SigCheck from all machines. This question needs to return a Yes or No depending on the presence of the sigcheck.exe utility.
2. “Distribute SigCheck” is a package that pulls the SigCheck.zip from the Sysinternals website, it also pulls an unzip utility from our Tanium content site and since we’re building this on the Community website, pulls the distributesigcheck.vbs from the Tanium Community website.

The logical process once our content is built is as follows:
1. Ask the question “Get Has SigCheck from all machines”
2. Select the No answer and deploy an action, choose the “Distribute SigCheck” package and you’re execute.

“Has SigCheck” Sensor
Of course this all starts with the basic “has” sensor. To build this we’ll be writing an extremely simple sensor that will check the existence of our file within the Tools directory of our Tanium Client. This vbscript will look a little something like this:

‘========================================
’ Has SigCheck Utility
’========================================

’ This sensor will report on the existence of the sigcheck file.

Option Explicit
Dim objFSO
Dim strTaniumToolsDir, strFile
Set objFSO = CreateObject(“Scripting.FileSystemObject”)

strFile = “sigcheck.exe”
strTaniumToolsDir = GetTaniumDir(“Tools\Sigcheck”)

If objFSO.FileExists(strTaniumToolsDir&strFile) Then
WScript.Echo “Yes”
Else
WScript.Echo “No”
End If

Function GetTaniumDir(strSubDir)
‘GetTaniumDir with GeneratePath, works in x64 or x32
‘looks for a valid Path value

Dim objShell
Dim keyNativePath, keyWoWPath, strPath

Set objShell = CreateObject(“WScript.Shell”)

keyNativePath = “HKLM\Software\Tanium\Tanium Client”
keyWoWPath = “HKLM\Software\Wow6432Node\Tanium\Tanium Client”

’ first check the Software key (valid for 32-bit machines, or 64-bit machines in 32-bit mode)
On Error Resume Next
strPath = objShell.RegRead(keyNativePath&“\Path”)
On Error Goto 0

If strPath = "“ Then
’ Could not find 32-bit mode path, checking Wow6432Node
On Error Resume Next
strPath = objShell.RegRead(keyWoWPath&”\Path“)
On Error Goto 0
End If

If Not strPath = ”“ Then
If strSubDir <> ”“ Then
strSubDir = ”" & strSubDir
End If

Dim fso
Set fso = WScript.CreateObject(“Scripting.Filesystemobject”)
If fso.FolderExists(strPath) Then
If Not fso.FolderExists(strPath & strSubDir) Then
’’Need to loop through strSubDir and create all sub directories
GeneratePath strPath & strSubDir, fso
End If
GetTaniumDir = strPath & strSubDir & “"
Else
’ Specified Path doesn’t exist on the filesystem
WScript.Echo ”Error: “ & strPath & ” does not exist on the filesystem“
GetTaniumDir = False
End If
Else
WScript.Echo ”Error: Cannot find Tanium Client path in Registry"
GetTaniumDir = False
End If
End Function ’GetTaniumDir

Function GeneratePath(pFolderPath, fso)
GeneratePath = False
If Not fso.FolderExists(pFolderPath) Then
     If GeneratePath(fso.GetParentFolderName(pFolderPath), fso) Then
         GeneratePath = True
         Call fso.CreateFolder(pFolderPath)
     End If
 Else
     GeneratePath = True
 End If
End Function ’GeneratePath

Notice that I have copied code from existing sensors, namely the GetTaniumDir function (also requires GeneratePath and RegKeyExists) which reads the registry to determine where our client is installed. Providing an argument will append that to the end of the Tanium directory that was read. The new community will soon have the feature to add reusable code blocks like this with a simple checkbox. But until then, simply copy-paste the functions needed from other code.

“Distribute SigCheck” Package
The distribution package has multiple components that are a bit complicated when combined together. I will boil down each component and help you build this package. The Tanium Client will automatically download all files related to the package for us… they’ll all be sitting in the working directory of the command line we specify. Typically that is Tanium Client\Downloads\Action_XXXX. Knowing that, let’s look at the overall logic we’ll be using:
1. Unzip the SigCheck.zip file
2. Get the Tanium client directory using the same reusable code we added to the sensor.
3. Copy the SigCheck.exe into the Tools directory under the Tanium Client directory.
4. Agree to the Sysinternals EULA by indicating agreement within the Registry. (this is required or the SigCheck utility will hang every time waiting for user input which will never come since you’re running as SYSTEM on the endpoint).

Steps 1, 2, and 3: Unzip SigCheck.zip into Tools Directory
To unzip our utility we acquired from Microsoft, we’ll need to use a command line unzip utility. In the official content, we often use 7za.exe. It is an extremly small utility we will add to our package with the following details:

Filename: 7za.exe
URI: https://community.tanium.com/files/7za.exe
SHA–256: c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf
Check for Updates: Never

The following reusable code block will be used to unzip our utility zip file:

Sub Unzip(strZipFilePath, strTargetDir)
’ Takes full file path to zip file, path to target directory
’ will extract to target directory as a subdirectory
’ overwriting anything in the subdirectory and showing no UI.
 Dim objShell, objFSO, strCurrentDir, strZipUtil
 Dim strTempDir, strZipFileName, strCommand, intResult

 Set objShell = WScript.CreateObject("WScript.Shell")
 Set objFSO = CreateObject("Scripting.FileSystemObject")

 strCurrentDir = Replace(WScript.ScriptFullName, WScript.ScriptName, "")

 If Not objFSO.FileExists(strZipFilePath) Then
     WScript.Echo "Cannot continue - " & strZipFilePath & " does not exist"
     Exit Sub
 End If

 strZipUtil = strCurrentDir & "7za.exe"

 If Not objFSO.FileExists(strZipUtil) Then 
     WScript.Echo "Cannot continue - " & strZipUtil & " does not exist"
     Exit Sub
 End If 

 If Not objFSO.FolderExists(strTargetDir) Then
     objFSO.CreateFolder(strTargetDir)
 End If

 strZipFileName = objFSO.GetFile(strZipFilePath).Name
 ' remove .zip from end"
 If InStr(LCase(strZipFileName),".zip") = Len(strZipFileName) - 3 Then ' ends in zip
     strZipFileName = Left(strZipFileName,Len(strZipFileName) - 4)
 End If
 strTempDir = strCurrentDir & strZipFileName
 WScript.Echo "Unzipping to " & strTempDir
 If Not objFSO.FolderExists(strTempDir) Then
     objFSO.CreateFolder strTempDir
 End If

 strCommand = Chr(34) & strZipUtil & Chr(34) & " x -y -o" & Chr(34) & strTempDir & Chr(34) & " " & Chr(34) & strZipFilePath & Chr(34)

 WScript.Echo "running unzip:"
 WScript.Echo "   command: " & strCommand

 objShell.Run strCommand, 0, True

 If objFSO.FolderExists(strTempDir) Then
     WScript.Echo "Copying " & strTempDir & " to " & strTargetDir
     On Error Resume Next
     intResult = objFSO.CopyFolder(strTempDir,strTargetDir,True) ' overwrite
     On Error Goto 0
     If intResult = 0 Then
         WScript.Echo "Success"
     Else
         WScript.Echo "Failure - result is " & intResult
     End If
 End If
End Sub ’Unzip

This function allows us to unzip with a single command: Unzip Source-Zip-File Destination-Folder
We’ll accomplish steps 1–3 in one fail swoop after setting up a few variables for use. We need the full path of our zip file as well as the destination folder to extract into. To get our current working directory where the zip file was downloaded for us, we can use the filesystem object as follows:

Set objShell = CreateObject(“WScript.shell”)
strCurrentDir = objShell.CurrentDirectory
To get the destination folder, we’ll reuse the technique we learned from the sensor above to get the tanium client directory:
strTaniumDir = GetTaniumDir(“Tools”)
Now accomplishing steps 1 through 3 is as easy as:
Unzip strCurrentDir&“\SigCheck.zip”, strTaniumDir

Step 4: Agree to Sysinternals EULA
Before we can execute the SigCheck utility, Sysinternals requires you to agree to their EULA. When you execute it for the first time a popup box appears with the EULA with an Agree or Cancel button. After some research I learned the EULA agreement flag is stored in the users profile inside of the registry. (HKEY_CURRENT_USER\Software\Sysinternals\SigCheck)
Before the Tanium Client can use this utility, the SYSTEM user must agree to the EULA. This presents a problem since SYSTEM doesn’t have a UI nor are we sitting at the thousands of machines we want to run the utility on. Thus we will need to indicate agreement by adding the “EulaAccepted” registry value. We’ll do that with the following code:

Dim WshShell
Set WshShell = WScript.CreateObject(“WScript.Shell”)
WshShell.RegWrite “HKEY_CURRENT_USER\Software\Sysinternals\SigCheck\EulaAccepted”, “1”, “REG_DWORD”
set WshShell = Nothing

Downloads
You can download the “Has SigCheck” sensor from the Tanium Community website at: https://community.tanium.com/repo/sensor/788
I’m still building the packages feature of our Community so I’ll follow up later with the package download link.

Bonus… Distribute SigCheck Automatically
All done! To review, we built a sensor to check the existance of our SigCheck utility and built a package to distribute it to our computers. The only problem now is we may want to have distribution occur anytime an endpoint comes online and doesn’t have the utliity. To accomplish this we’ll need to ask our new sensor question and deploy our new package with the reissue option specified. The following is a screen shot of what this looks like:

Posted by

DanielHeth

Posted on

May 3, 2013

Posted under

Microsoft, Software, Windows 2008r2, Windows Server 2012

Comments

Leave a comment

Migrate Active Directory from 2008r2 to 2012

This is a very nice article with great step-by-step screen shots for migrating your master domain controller from an older 2008r2 box to a new 2012 server.

http://www.msserverpro.com/migrating-active-directory-domain-controller-from-windows-server-2008-r2-to-windows-server-2012/

Thanks for this Naresh!

Posted by

DanielHeth

Posted on

March 15, 2013

Posted under

Installation, Microsoft, Software, Windows Server 2012

Comments

Leave a comment

Installing Windows Server 2012

Recently I’ve had a need to setup a Windows Server 2012 and wanted to document the process for future attempts.

I won’t document every single screen, only those that include decisions to be made and considerations to be considered.

I’ll be using this server as a root server for my new IBM Endpoint Manager v9, so a GUI would be very handy during install and general maintenance of that application.

At first I wanted to go with a regular install… not Custom… so I chose the top option.

Turns out this is for upgrading an existing OS installation. Since this is a brand new hard drive with no pre-existing OS, I should have chosen the “Custom” option. After hitting Close, I was sent back to the very beginning of the installation.

Once I arrived at the start up screen… it hung there for nearly 30 minutes. Turns out since I was setting this up on a VMWare ESXi v5.0 server it doesn’t support Windows Server 2012. So after some research I came across this article: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2006859

I learned that I had to upgrade my VMWare ESXi server to a patch or v5.1… I opted for v5.1 and was able to get past this sticky part.

The server manager has been redesigned for the new GUI. Interesting choices…

I don’t want this application to come up every time I log in… so choosing the Manager –> Server Manager Properties, I was able to check the “Do not start Server Manager automatically at logon”.

Now I need to add my new server to my LDAP domain. Choosing “Local Server” from the left menu…

Click on “WORKGROUP” and the familiar computer properties dialog opens where you can change these settings.

One restart later I was able to log in and I’m done.

Posted by

DanielHeth

Posted on

March 15, 2013

Posted under

Installation, Software, SQL 2012

Comments

Leave a comment

Installing Microsoft SQL 2012

Like many of my step-by-step articles, it’s mostly for corporate level documentation purposes.

I won’t describe every screen, only those that include important decision points that affect my particular use case.

The above dialog is warning me that the firewall does not allow remote database connectivity. The below command line can be used to open up the SQL port. The cmd prompt must be opened with administrative permissions for this to work.
netsh advfirewall firewall add rule name = SQLPort dir = inprotocol = tcp action – allow localport = 1433 remoteip = localsubnet profile = DOMAIN

This is one of those major decision points. My purpose for this database is to house the newest IBM Endpoint Manager v9 database… nothing else. So I only require a few items to accomplish this simple task. The following items are needed for my particular use case:

Database Engine Services

Full-Text and Semantic Extractions for Search

Management Tools – Basic

Management Tools – Complete

In order to get IEM installed properly… an SA account is required. So I’ll configure the database authentication in “Mixed Mode” and specify a password for the SA account.

That’s all there is to it. Installations are almost always straight forward… but some corporations require complete step-by-step documentation, I hope this fits the bill.

Posted by

DanielHeth

Posted on

May 28, 2012

Posted under

BigFix, Installation, Microsoft, Programming, Software, Visual Studio

Comments

4 Comments

Visual Studio: Add Uninstall to Your Application

First let me send a shout out to my reference for this little tidbit of information: How to add a Uninstall option in Visual Studio Setup project without writing code GoGoToTo created a very nice article on this. I simply expanded it further to include getting your application “registered” so within BigFix it will show up as one of the registered apps.

First View your File System so we can add the special folder “System”

If your application is x86, then we’ll want to add the msiexec.exe from the c:\windows\SysWow64 folder.

Left click to highlight the msiexec.exe file and in the properties window, adjust as indicated in the following image:

Next we’ll need to add a shortcut to the “User’s Program Menu”. In my example, I’ve created a sub-folder named after my application. Click that folder and in the right window, right-click and create a shortcut.

Navigate to the System Folder and select the msiexe.exe file.

Before we modify the shortcut’s properties, we’ll need to copy the ProductCode from the Setup Application Properties.

Using that ProductCode, modify the shortcut’s properties as follows:

Now we get to register our application… Open the Registry View.

Under HKEY_LOCAL_MACHINE add the following sub-keys:

Microsoft\Windows\CurrentVersion\App Paths\[name of your exe]

Remember to specify the last key to “DeleteAtUninstall” = True

Add the following 2 string values with the values as shown.

That’s it. You now have an uninstall link that will be created upon installation of your app. You will also have your application properly “registered” so BigFix can properly detect it.

Posted by

DanielHeth

Posted on

January 4, 2012

Posted under

Bing Maps, C#, Microsoft, Programming, Technology, Windows 8

Comments

6 Comments

Submitted My Windows 8 App for their Contest

This afternoon I have finally completed my Metro style Windows 8 application. I’m still entering data into the database, but the app itself is completed. When the app is launched it pulls that data and displays it to the users.

Here are a few screen shots of my application:

Windows 8 Metro App Submission

VIEW SLIDE SHOW

DOWNLOAD ALL

My application is based on the House of Representatives. It allows you to quickly discover your congress person and provides you with contact information including Twitter, Facebook and other links they’ve shared on their websites.

The contest started here: https://buildwindowscontest.com/

If I win, I will be included in the first round of apps added to the new Microsoft App store… very exciting!

Wish me luck!

Posted by

DanielHeth

Posted on

December 6, 2011

Posted under

Microsoft, SQL 2008r2

Comments

Leave a comment

Upgrading Servers with Microsoft SQL 2008r2

I have a server whose hard drive is failing and unable to get an image of the hard drive. This particular server is one of the most important on my network as it is my SQL database server and links to multiple other services: Microsoft Team Foundation Server, Microsoft Sharepoint, IBM Tivoli Endpoint Manager (BigFix), among several of my personal developments.

Since I have upgraded my virtual host server I plan on running my new SQL server as a virtual (see: 1, 2, 3) . I’m assigning 4 cores and 3 vhd files running from multiple hard drives within my virtual host server. This should serve my applications well. I’m now left with the problem of migrating my databases from the old failing server to the new one.

The first thing to do is stop all services that rely on the old SQL server.

Stop my custom vGPS website

First up, my custom virtual GPS website… This website provides an easy way to take someone’s public IP address and performs a database lookup, then returns the previously recorded GPS coordinates.

Stop Team Foundation Server

Next up, my Team Foundation Server… here I plan on just shutting down that virtual. During my migration process I plan on changing the DNS name for my old SQL server to point to the new SQL server. Thus when TFS starts back up, it shouldn’t see anything change.

Stop Tivoli Endpoint Manager services

Finally I’ll need to disable my BigFix infrastructure by stopping all of the related services.

I had to stop my BES Client also due to the policies I’ve put into place which monitors for stopped/failed services and restarts them.

While I’ve been working documenting what needs to be stopped, I’ve also been preparing and updating my new virtual SQL server. Windows Updates, attaching to domain, installing SQL, etc…

Visit my “Installing Microsoft SQL Server 2008r2” for details on how to setup your own SQL server.

Now we’re ready to, backup/detach/move/attach our databases.

Backup Databases

First let’s backup each of the databases that will be migrated over:

Open up SQL Mgmt Studio

Open up the localhost->Databases and right click on each database->Tasks->Back Up. The default location should be fine unless your shy on space. If so, remove the destination at the bottom and redirect to a different location.

Repeat until you have all of the desired databases backed up and safe.

Since I went with the defaults, all of my database backups show up in “C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Backup”. I will leave them there for now and utilize them if something goes wrong later on.

Detach Databases

Next we’ll need to Detach these databases from the old SQL Server.

The database files will remain where they were. In my case I had them configured to sit in the default directory:

C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA

This process will detach the database from this instance of SQL server and locks the two related files: [database name].mdf and [database name]_log.LDF

I will repeat the detaching process until I get all 10 databases. 1 for my custom vGPS application, 4 related to BigFix, and the 5 related to TFS.

I now have 20 files to be moved over to the new SQL server. I’ll do this using robocopy. See my Robocopy how-to in a different article.

I’m going to move them straight over to the new SQL servers data drive… so I used the following robocopy command:

robocopy ./ "\\vsql\e$\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA" -z –e

After the move, I wanted to position the transaction log files in a different “drive” than the database files… so I selected all of the _log files and moved them to a separate VHD which sits on a different physical RAID array than the OS and Data VHD’s. This is due to performance reasons related to BigFix.

Nearly an hour and a half later…Attaching Databases

I encountered a SQL error 5123 while selecting my mdf file. This is because the DATA directory is protected. I solved that by simply exploring to that directory and when asked for “admin” access to it, clicked yes. Then choosing OK to the above dialog went as expected…

Since my Data and Log files reside on two different VHD drives, I needed to specify the path to each file separately. The previous file selection automatically chose the correct Data file, and since my path matched between the Data VHD and the Logs VHD, I only needed to change the Drive letter.

Next, repeat that for each of the databases that are being moved over…

Transferring Logins

I opted not to perform this and simply recreate the couple of logins I needed. Since only 3 services are currently using the SQL Server, recreating them was quick and extremely easy.

I also opted to change the DNS alias the three services were connecting to. On my old server, both BigFix and SQL were running on the same box. I decided to separate them into two separate virtuals. vSQL will host my SQL server and allow all three services to connect into it. vBigFix81 will serve as my BigFix server running version 8.1. If I want to upgrade to 8.2 or beyond, I’ll simply create upgrade vBigFix81 to get upgrade documentation, then create a brand new vBigFix82 virtual, install 8.2 and change the BigFix DNS alias.

Now onto restoring each of my services…

Restoring Team Foundation Server

It made logical sense to restore this service first. My vGPS service will need alias’s updated in code which is stored on my TFS. So…

Turns out this is extremely easy. I only needed to update the web.config file under “C:\Program Files\Microsoft Team Foundation Server 2010\Application Tier\Web Services” with the new DNS alias for my SQL server. I found information on this from http://msdn.microsoft.com/en-us/library/ms404869(v=vs.80).aspx which pointed me to the Web.config for other reasons. While there I remember for many of my apps, I have to configure the database connection within this file. And done!

I was able to do that LIVE and the connection automatically repaired the db logins needed and established connections to the newly attached databases.

Restoring vGPS my Custom App

This is extremely easy as it was a simple matter of checking out my code from the TFS server, do a crtl-h to replace the alias, save and publish. Testing showed my DB user account wasn’t configured right, so I made the appropriate adjustments and all done. App works perfectly with the new SQL DNS alias.

Restoring BigFix

This one I take my time on because I really enjoy installing, customizing, and playing around with my companies program.

I created a brand new virtual 2008r2 server. Thus I had to do the usual build the virtual, install os, patch os, install pre-requisites, and migrate BigFix v8.1.

Now that my three services have been restored and validated… the upgrade of my Microsoft SQL 2008r2 SP1 is now complete!

Please leave comments and questions below!

Posted by

DanielHeth

Posted on

December 6, 2011

Posted under

Installation, Microsoft, Technology, Windows 2008r2

Comments

Leave a comment

Installing Microsoft Windows 2008r2

In this article, I’ll detail the installation

That’s it! I’m ready to start customizing, updating, and using my new operating system.

Please leave your comments and questions below!

Posted by

DanielHeth

Posted on

December 5, 2011

Posted under

Microsoft, Technology, Windows 8

Comments

Leave a comment

Attach Windows 8 to a Domain

My personal test lab has a fully functional Windows Domain in order to properly test my applications for corporate networks. As a result, I require all of my windows boxes, when possible, to be attached to my domain for further testing purposes. Since I’ve just added a few Windows 8 boxes, I had to “learn” the attachment process all over again.