Home

(re)Gain sysadmin access to SQL2005 or SQL2008

In SQL Server 2005 and 2008 the local Administrators account is not sysadmin by default. This makes it even more important that the one setting up the Database also remembers to add a SQL Server admins group to the sysadmin role. If this step is forgotten, the user installing the database server is the only one that will ever be sysadmin. In some extreme cases I’ve seen situations where no one except some dude on vacation is sysadmin and I need to install or upgrade a bunch of applications and services. In these cases I have also been assigned Local Administrator rights on the server, but since the local Administrators group isn’t sysadmin either I still cannot login to the SQL server. What to do!? Thanks to Raul Carcia’s blog post it’s not that a big deal. The instructions are written for SQL Server 2005 but works equally fine on SQL Server 2008 and the only pre-requirement is that you are a local server administrator. Here’s what to do: Open the SQL Server Configuration Manager. In SQL Server Services, open the properties for the SQL Server instance you need access to. In the Advanced tab, find Startup Parameters. Add “;-m” to the end of that line. Press OK and restart the SQL Server into “Maintenance Mode” or “Single User Mode” if you like. (check that a restart is OK first 😉) Open a command prompt (right-click, “Run as Administrator” in Windows 2008) and go to C:\Program Files\Microsoft SQL Server\100\Tools\Binn (C:\Program Files\Microsoft SQL Server_90_\Tools\Binn for SQL2005) Execute sqlcmd /A /E /S <INSTANCE> (use . for local default instance and .INSTANCE for local named instance) In the CLI, execute: EXEC sp_addsrvrolemember 'DOMAIN\yourusername', 'sysadmin';GO Return to the SQL Server Configuration Manager and restore the Startup Parameters to it’s previous settings. Restart the SQL Server instance to allow users to get access to it again. Now, you should be able to login to the SQL server with sysadmin rights using your current user. This would also be a good time to actually set up a SQL Server Admins group (local or domain) to add to the sysadmin role to avoid having others to the above steps when you, yourself, are on vacation. 😉 As Raul Carcia point out in his original post, this is really a disaster recovery procedure and there’s definitely nothing sneaky about it since it leaves a lot of trails in the event logs. All in all, a Great article by Raul and all credit should go his way.

Updated: MP for System Center Configurations Manager 2007 SP2 on x64

Microsoft has released an updated MP for SCCM SP2 (v6.0.6000.2, released on 10/28/2009) for OpsMgr R2. The update basically contains support for x64 that was missing in the previous release. The Configuration Manager 2007 SP2 Management Pack adds support for monitoring Configuration Manager 2007 SP2 in a 64-bit environment with Operations Manager 2007 R2 or Operations Manager 2007 SP1 with hotfix (KB971541) installed. This enables the Configuration Manager 2007 SP2 Management Pack to work with either the 32-bit or the 64-bit Operations Manager 2007 agent. Except for the 64-bit support, the other features and guidance for Configuration Manager 2007 Management Packs remain intact. Emphasis is mine. Read more and download here: http://www.microsoft.com/downloads/details.aspx?FamilyID=a8443173-46c2-4581-b3b8-ce67160f627b

Installing SQL Reporting Services 2005 on Windows 2008 x64

Let’s say you have followed this guide: http://support.microsoft.com/kb/938245/ Still not working? The one thing I forgot, or rather did not find in any of the guides, was to change the website application pool to “Classic .NET AppPool”. It is actually noted in KB938245 but only after the installation, during the configuration. For some reason I have not been able to install Reporting Services 2005 on Windows 2008 without changing this prior to the installation. Maybe I am doing it wrong but this seems to be working all right for me.

Cannot Delete Files with Long Paths?

What do you do when you cannot delete a file or folder on a windows server? Check the file permissions! And if that doesn’t help? Check the share permissions! Yes, if it is a shared folder. And if that doesn’t help? Check the file ownership! Great! But then what? Well, the file could be in use, and then you would have to shut the locking process down and perhaps kick a user out. In a really bad scenario it could also be a symptom of a broken filesystem, a reserved filename (like “lpt1” or “PRN”) or even an invalid name (silly things like a space in the beginning or the end of a filename). Another possible reason could actually be that the path to the file or folder is too long. You won’t actually get an error telling you that the filepath exceeds the 255 characters Windows can handle but a simple “Acces Denied”. There are some, more or less tedious, work-arounds for the problem. Like renaming, starting from the root, all the directories to shorter ones or using the old DOS (8.3, like “dokume~1.doc”) names that windows can auto-generate for you. Personally, I have two favourite ways of handling this. Map the parent-directory of the file/folder you are trying to access/delete as a network drive and access your files that way. This is particularly useful if the folder you are trying to access a DFS-share or perhaps a share on the central fileserver filepaths like \\servername01\Central Projects\Central Services\IT Department\Develop Methods for Automatically Deploying New Central Servers\2.2.1 Auto-Deploying SQL-Server 2005 Cluster\Documents\Preparations\Whitepapers\SQL Server 2005 Failover Clustering White Paper.doc Create a new share to a folder further down the hierarchy. This works locally too if you are logged on to, say, SRV01, you create a new share on D:\\Central Projects\Central Services\IT Department\Develop Methods for Automatically Deploying New Central Servers\ called Autodeploymethods and access it from \\SRV01\Autodeploymethods. That way the filepath doesn’t exceed 255 characters. Now. When designing fileservers, you really should think about how deep the filepaths may get. This is especially true on DFS-shares since you might have to deal with the full FQDN too, and not only the actual folder structure. Many big corporations I know uses “codes” for departments and assign a project ID (quite simply a number or maybe an abbreviation) to each project and uses theese for the fileshares too. Another scenario that could lead to similar problems are intranet sites where users can create and manage their own subsites and where filenames and folders are not stored in a database. I have only seen this phenomena on Windows systems so far, and I’ve actually used a linux Live-CD on occasion when admin access is denied. Read More: http://support.microsoft.com/kb/320081

Microsoft Adds support for SUSE 11 in OpsMgr R2

This update hasn’t showed up in the MP Catalog yet, but the System Center Operations Manager 2007 R2 Cross Platform Update can be downloaded here. Besides SUSE 11 support, here’s the short overview. The System Center Operations Manager 2007 R2 Cross Platform Update adds fixes for a defunct process issue on Unix/Linux Servers, as well as, adds support for SUSE Linux Enterprise Server 11 (both 32-bit and 64-bit versions) and Solaris Zone support. Feature Summary: The System Center Operations Manager 2007 R2 Cross Platform Update supports the monitoring of Unix/Linux Servers including: Monitoring of SUSE Linux Enterprise Server 11 servers (both 32-bit and 64-bit versions)* Support of Solaris Zones* Fix for defunct Process issue* The Cross Platform Agent may not discover soft partitions on Solaris systems. Therefore, the disk provider may be unloaded, and the Cross Platform Agent may stop collecting information from the system disks.* The Cross Platform Agent may not restart after the AIX server reboots. The latest versions of all the Operations Manager 2007 R2 Unix/Linux agents are included in this update. Perfect timing, I must say, since I really need this today. 😄 Update: This is no small MP-update, which probably is the reason that we do not find it in the MP Catalog, but a ~250MB OpsMgr R2 Software Update. You need to run this on all Operations Manager Servers (RMS/MS, GW?) since it actually updates many of the agent Cross Platform binaries. It does add a new MP för SUSE 11 that you have to import from disk if you need it. So, the installation goes somewhat like this: Install the Software Update (pick the right Architecture) on all OpsMgr R2 Servers Import the SUSE 11 MP if necessary Re-discover your Unix/Linux machines. Files updated in this update for R2:

Health Rollup not working in Exchange Management Pack

I’ve wrestled a bit with a critical status on one of the Organization States at a clients site that wont go back to green despite all the underlying monitors have gone back to green. And apparently I am not alone on this one. Others, like me, has read and re-read the MP-guide i search for a monitor/rule/discovery for overrides forgotten, and I don’t know how many times I’ve made a small change and tried resetting the health once again. Anyhow. Marius Sutara posted an answer on TechNet forums last week with a “fix” (-ish), or rather the acknowledgement that the problem is not a 40c. The problem might be related to other MP as well, but I’ve only seen it on the new Exchange MP so far. In that same post, Pete Zerger provided some links to two nifty little tools that will help you reset the health of the monitor. In case you wonder why on earth I post when there’s allready a “solution” out there; Pagerank, baby! Not for me, but for the forum post making it show up earlier on google.

Updated: Operations Manager 2007 R2 Management Pack

Microsoft released an updated MP (v6.1.7533.0, released on 10/8/2009) for monitoring the health the Operations Manager components. Most significant updates, according to me, would seem to be: Fixed an issue that was previously preventing all rules related to agentless exception monitoring from generating alerts. Added the rule “Collects Opsmgr SDK ServiceClient Connections” to collect the number of connected clients for a given management group. This data is shown in the view “Console and SDK Connection Count” under the folder “Operations ManagerManagement Server Performance”. Updated a number of monitors and rules to ensure that data is reported to the correct management group for multihomed agents. Fixed the configuration of the rule “IIS Discovery Probe Module Execution Failure” to so that the parameter replacement will now work correctly for alert suppression and generating the details of the alert’s description. The rest is mostly polishing, fine-tuning and complementary updates. Nothing really ground-breaking here, but still a welcome update. Download at: http://www.microsoft.com/downloads/details.aspx?FamilyID=61365290-3c38-4004-b717-e90bb0f6c148

SQL ManagementPack Survey – Make your voice heard

According to the OpsMgr Team blog, Microsoft wants to know what you think about their SQL Server MP. It’s really hard to come by a better opportunity to express your feelings and desires about monitoring SQL Server, so don’t miss this one out. http://blogs.technet.com/momteam/archive/2009/09/25/sql-management-pack-survey-live-on-connect.aspx

Replace/Change a Gateway Server

Description of problem If you are looking into replacing an (or just switching to another primary) Operations Manager 2007 Gateway Server for any reason, there’s a little more to consider than just right-clicking the clients and selecting “Change Primary Management Server” in the Operations Console. You could end up with agents not being able to connect to the Management Group at all due to a small problem with the order in which Operations Manager do things. Here’s basically what happens: You tell Operations Manager to change Primary Management Server for AGENTX from GW1 to GW2. The SDK Service (i guess) tells GW1 that “You’re no longer the Primary Management Server for AGENTX” GW1 acknowledges this and stops talking to AGENTX. And I mean Completely stops talking to AGENTX. OpsMgr then tells GW2 to start accepting communication from AGENTX. OpsMgr tries to tell AGENTX that it should talk to GW2 since GW1 won’t listen. Spotted the problem? This modus operandi probably works when agents are on the same network and in the same domain where fail-over is sort of automatic. The problem we are facing now is that the server are telling the Gateway to stop accepting communications to and from the agent before the agent is notified that there is a new Gateway server to talk to. The agent will continue to talk to GW1 but will be completely ignored and you will probably start seeing events in the Operations Manager eventlog on GW1 with EventID 20000. How do I get around this little feature then? No matter if you found this article after running into the mentioned troubles or if you are googling ahead of time to be prepared, the fix is the same and consists of a few powershell scripts. These scripts are out there allready, but in different contexts, hence this post. First step: Install the new Gateway Documentation on this from Microsoft is good enough, but here’s the short version. Verify name resolution to and from Gateway server and Management Server Create certificate for the Gateway server Approve the Gateway server Install Gateway server Import certificates on Windows system Run MOMCertImport.exe on Gateway server to add the certificate into Gateway server configuration Wait

My impression of EXT4 -- WTH!?

Ok, so I reinstalled my linux partition with Ubuntu 9.04 x64 and decided to try EXT4 on the root partition. Like, yesterday. Managed to get the Citrix client running (way more easy on Ubuntu than Fedora, I’ll be back on that) and all without too much fuzz. First reboot gave me a “let’s FSCK!”. So I FSCK-ed and booted up to the desktop. Second reboot gave me a “let’s FSCK!”. And I did. Booted to the desktop. Third boot went smoothly, but all of a sudden all the icons decided to go AWOL. Rebooted again. Fourth boot gave me a “let’s FSCK!”. I replied with “Well FSCK You!” Fifth boot gave me a “let’s FSCK!”. I rebooted back to Windows 7. Tonight I am reinstalling Ubuntu 9.04 x64 with EXT3.