So I guess I've had my head up my ass more than usual lately, cause I completely missed these guys. I give you 2X Software.
Aside from being the largest company I know of to name their company after an enviable domain name - albeit a lame one, 2X put it's stake in the world of SBC as yet another Citrix wannabe.
Look I love competition, but I have to say that all these companies try to sell you their stuff under the tagline, "Hey we do most / all of what Citrix does, but for less money." It's pedestrian. Innovate already, Dammit!! Is it just me?
There's something to being able to say, "Hey yeah, Citrix is swell and all, but they have a funny logo, give you strange cravings for orange juice, and oh by the way our shit does a bunch more stuff that actually pushes the envelope of this industry than their stuff does! We're actually making waves not just riding them!"
Case in point - (and I probably owe these guys a plug anyways) - Provision Networks (now Quest software).
Provision networks is like a whirlpool that's sucking all these seemingly distant technologies from all over the landscape and homogenizing them. For example - you can publish a virtual machine instance from the same console as you can publish an application. You can even publish an application on a virtual machine and have the software spin up the vm as needed to host said application. I don't care who you are, that's fukin sweet people. That's pushing the envelope. That's putting something out there that Citrix will have to play catch up on for a change.
Don't get me wrong, I'm sure 2X has some great stuff at a much better price point than Citrix. But who doesn't? I've looked at their stuff, and it's a strong offering, but with the exception of their Linux stuff it's just not that fresh.
So X2 fans, am I wrong?
Friday, November 7, 2008
Tuesday, October 21, 2008
Happy Douche Bag Day!
Holy shit it's been a long time since I posted.
Sorry folks, I was sitting around the other day with that feeling like I had left the iron on, and then I was like, "hey, don't I have a blog or something"
Anyways..
Update: My job is making me a racist. More on that some other time.
For now I'm writing in celebration of Global Anti Piracy Day! Hooray!! What's that you say? You've never heard of it? Ahh.. well friend, that's because it's bullshit.
It's nothing more than a corporate mind fuck dreamed up by the lawyers and other suits at Microsoft. Yes kids, suddenly the company that has been at odds with the US Department of Justice for years over anti-trust violations, that has all but monopolized (and shit-ified) the software realm, that has gone to great lengths to stamp out open source software, this same company now wants to become your moral compass and guardian angel. The amount of ironic hypocracy that oozes out of this effort is staggering to the degree that even Alanis Morissette wouldn't be able to handle it.
But don't take my word for it. Remember, I'm full of shit and a liar. Have a heaping pile of corporate propaganda and see for yourself. My favorite part is how they try to spin it as a stimulus to the US economy. You gotta admit, to do that with a straight face takes brass balls.
This really is pathetic. You know what? You may be Microsoft, but just like the RIAA, the cat is out of the bag, and technology will always stay one step ahead of you. As fast as you can come up with anti-pirate measures, countermeasures will enter the scene. You're going to have to come to terms with the fact that you can't ass-slam every person on earth for 400 bucks just to have their machine grind to a crawl by your bloated memory-whore of an operating system. Oops, was that my out-loud voice?
Talk amongst yourselves while I swear and throw things.
Damn, I'm angry.
-CG
Sorry folks, I was sitting around the other day with that feeling like I had left the iron on, and then I was like, "hey, don't I have a blog or something"
Anyways..
Update: My job is making me a racist. More on that some other time.
For now I'm writing in celebration of Global Anti Piracy Day! Hooray!! What's that you say? You've never heard of it? Ahh.. well friend, that's because it's bullshit.
It's nothing more than a corporate mind fuck dreamed up by the lawyers and other suits at Microsoft. Yes kids, suddenly the company that has been at odds with the US Department of Justice for years over anti-trust violations, that has all but monopolized (and shit-ified) the software realm, that has gone to great lengths to stamp out open source software, this same company now wants to become your moral compass and guardian angel. The amount of ironic hypocracy that oozes out of this effort is staggering to the degree that even Alanis Morissette wouldn't be able to handle it.
But don't take my word for it. Remember, I'm full of shit and a liar. Have a heaping pile of corporate propaganda and see for yourself. My favorite part is how they try to spin it as a stimulus to the US economy. You gotta admit, to do that with a straight face takes brass balls.
This really is pathetic. You know what? You may be Microsoft, but just like the RIAA, the cat is out of the bag, and technology will always stay one step ahead of you. As fast as you can come up with anti-pirate measures, countermeasures will enter the scene. You're going to have to come to terms with the fact that you can't ass-slam every person on earth for 400 bucks just to have their machine grind to a crawl by your bloated memory-whore of an operating system. Oops, was that my out-loud voice?
Talk amongst yourselves while I swear and throw things.
Damn, I'm angry.
-CG
Tuesday, June 17, 2008
Sepa-go-go gadget profiles!
Profiles have long been the high maintenance girlfriend of Terminal Server / Citrix deployments. There's no way around it. If you run Citrix, you have at some point included user profiles as a bullet point on a suicide note.
Citrix has finally decided to listen to the million or so odd people that have been bitching for years on all manner of lists and forums about user profile management. To date, I think Citrix has turned a deaf ear to the whiners because technically that falls into the terminal server realm, and stepping on Microsoft's toes has generally not been regarded as a strategic business direction. And if Microsoft can't come up with a better way to do it then why should it be Citrix's problem? Can't argue with that, besides who the hell would want to take on profile management and all its baggage as a supported product? Fuck that noise.
So what has happened is the same thing that happened with the "Wow, printing really sucks in Citrix" movement. A bunch of third-party solutions popped up to fill the void. One of these is Sepago. Admittedly, I haven't played with it much, but Sepago has a pretty cool product for managing profiles. And surprise surprise, Citrix recently bought them.
So now Citrix has a native profile solution, or at least one that their sales people can pimp out. But why Sepago? I have a speculation. The disclaimer is that this is just me talking. This is probably going to be a half-truth at best - but here goes.
Convergence.
You see, thin computing is on the brink of a singularity. In the coming years you're going to see application and OS virtualization merge with VDI, workstations, and mobile devices. It's all going to be a huge blob that facilitates access to all the virtualized resources across platforms from a single technology or (as some have speculated) an appliance (although I doubt that). Here's where Sepago fits in. You see, it's not limited to just terminal server. It will manage profiles across the board - including your desktops and VDI instances. And... And.. it is largely managed through native GPO's! How's that for elegant scalability? Bam! What we're we're seeing is Citrix positioning itself for the coming homogeneous landscape.
Strategery.
One thing for sure, I can poke and jab at the company and have a good time doing it, but that Marky T is a sharp guy. Forward thinking and all. You tell Mark Templeton to think outside the box and he would answer that the box isn't really there to begin with. "It's running on a server somewhere else, but I get all the functionality of the box and I'm able to seamlessly think outside of it from wherever I am using any number of hardware and software platforms. We call it XenBox"
Again, that's not an actual quote. I'm just making all that up to make a point. It will certainly be interesting to watch and see what happens.
-CG
Citrix has finally decided to listen to the million or so odd people that have been bitching for years on all manner of lists and forums about user profile management. To date, I think Citrix has turned a deaf ear to the whiners because technically that falls into the terminal server realm, and stepping on Microsoft's toes has generally not been regarded as a strategic business direction. And if Microsoft can't come up with a better way to do it then why should it be Citrix's problem? Can't argue with that, besides who the hell would want to take on profile management and all its baggage as a supported product? Fuck that noise.
So what has happened is the same thing that happened with the "Wow, printing really sucks in Citrix" movement. A bunch of third-party solutions popped up to fill the void. One of these is Sepago. Admittedly, I haven't played with it much, but Sepago has a pretty cool product for managing profiles. And surprise surprise, Citrix recently bought them.
So now Citrix has a native profile solution, or at least one that their sales people can pimp out. But why Sepago? I have a speculation. The disclaimer is that this is just me talking. This is probably going to be a half-truth at best - but here goes.
Convergence.
You see, thin computing is on the brink of a singularity. In the coming years you're going to see application and OS virtualization merge with VDI, workstations, and mobile devices. It's all going to be a huge blob that facilitates access to all the virtualized resources across platforms from a single technology or (as some have speculated) an appliance (although I doubt that). Here's where Sepago fits in. You see, it's not limited to just terminal server. It will manage profiles across the board - including your desktops and VDI instances. And... And.. it is largely managed through native GPO's! How's that for elegant scalability? Bam! What we're we're seeing is Citrix positioning itself for the coming homogeneous landscape.
Strategery.
One thing for sure, I can poke and jab at the company and have a good time doing it, but that Marky T is a sharp guy. Forward thinking and all. You tell Mark Templeton to think outside the box and he would answer that the box isn't really there to begin with. "It's running on a server somewhere else, but I get all the functionality of the box and I'm able to seamlessly think outside of it from wherever I am using any number of hardware and software platforms. We call it XenBox"
Again, that's not an actual quote. I'm just making all that up to make a point. It will certainly be interesting to watch and see what happens.
-CG
Tuesday, May 13, 2008
Sorry peeps. It's gone.
Sorry everyone. I've deleted this post because it's ruffled some big feathers and gotten a friend very pissed off at me. This friend (I'll call him B) confided some frustrations in me over a beer a few weeks ago and I posted it without permission. When the vendor recognized the scenario and brought this to B's attention he contacted me and told me to remove it immediately. And in typical CG fashion, for whatever reason, I decided not to. If I had done so, this situation would probably still be salvageable.
I just received an email from someone who I believe is the vendor implicating B because he apparently had a link to this blog on a networking site. So in short, for his showing me some support, I've potentially delivered a whole load of shit to his doorstep. I haven't told B of this little development yet, but it will probably be the final straw in this whole thing.
I'm considering taking down this blog permanently, but whether or not that comes to pass I want to convey my most sincere apologies to B and to the vendor that was involved.
-CG
I just received an email from someone who I believe is the vendor implicating B because he apparently had a link to this blog on a networking site. So in short, for his showing me some support, I've potentially delivered a whole load of shit to his doorstep. I haven't told B of this little development yet, but it will probably be the final straw in this whole thing.
I'm considering taking down this blog permanently, but whether or not that comes to pass I want to convey my most sincere apologies to B and to the vendor that was involved.
-CG
Wednesday, April 16, 2008
CDRom Scripting Fun
Here's a nifty bit of shop talk. Although no one really uses them, the Windows Media Player API exposes the CDRom controls. The following code snippit uses vbscript to eject the cdrom. It's only a few lines, so you could easily put it in .. oh I dunno.. a login script or something. Just imagine the little snaps of cdroms ejecting all over the office at 9am. Now that is some capital whimsy, folks.
Set objMPlay = CreateObject("WMPlayer.OCX.7" )
Set colCDROM = objMPlay.cdromCollection
if colCDROM.Count >= 1 then
For i = 0 to colCDROM.Count - 1
colCDROM.Item(i).Eject
Next
End If
If you would like to learn more about scripting with Media Player, then you are a dork and I pity you. All that aside, the SDK is available here.
-CG
Set objMPlay = CreateObject("WMPlayer.OCX.7" )
Set colCDROM = objMPlay.cdromCollection
if colCDROM.Count >= 1 then
For i = 0 to colCDROM.Count - 1
colCDROM.Item(i).Eject
Next
End If
If you would like to learn more about scripting with Media Player, then you are a dork and I pity you. All that aside, the SDK is available here.
-CG
Thursday, March 20, 2008
Do I like Citrix?
I saw a forum post the other day referring to this site (which is way fucking uber cool in itself. Major thanks for the plug!). But it troubled me that it made the assertion that I don't at all like Citrix. Certainly I can understand how one would get this impression from the posts. But it's not true.
I've been doing Citrix for a long time. I've had lunches with Mark Templeton, gone to solution summits, had lunches with the developers (great guys), attended iForum (got completely hammered), and did it all on Citrix's dime. Citrix has treated me very well, and I've made a successful career out of working with their products. Indeed, some of the quirks of their products have served to make the Citrix skill set more exclusive. Long ago Citrix made a decision to foster community around their products. Sure it's taken them a while to get it right, but it's a good thing. They're not perfect, but there are far worse software companies out there.
The point is that I'm all about giving credit where credit is due, and Citrix deserves alot of credit for a great many thing.
So what's with all the zings?
I can't begin to count the number of blogs out there that deal with thin computing. While many of these are technically interesting, they also tend to be butt-kissy and flacid in content. My goal is to keep it interesting here by speaking from the real side of IT with a healthy dose of the cynicism that proliferates most enterprise shops.
Real IT isn't sitting around sipping lattes while talking about great new feature sets in products. Real IT is plowing through all the bugs and unexpected behavior those new products add as 'features'. IT is getting called in the middle of the night because some fucktard can't log in. Our day to day is decidedly less fluffy than many vendors, Citrix included, would have us believe about their products.
So there ya go. I'm not against Citrix, Microsoft, or most other companies out there.. except Scientology of course, and then all bets are off. I'm just trying to expose the underbelly of the IT and thin computing landscape and have a little fun doing it.
Who knows, Someday some dude/dudette at Citrix may be reading this blog (they do quite frequently, btw) and maybe find something useful that they can use to improve their products. I wouldn't count on it, but it's possible. Innovation is good for everyone, even assholes like me.
-CG
I've been doing Citrix for a long time. I've had lunches with Mark Templeton, gone to solution summits, had lunches with the developers (great guys), attended iForum (got completely hammered), and did it all on Citrix's dime. Citrix has treated me very well, and I've made a successful career out of working with their products. Indeed, some of the quirks of their products have served to make the Citrix skill set more exclusive. Long ago Citrix made a decision to foster community around their products. Sure it's taken them a while to get it right, but it's a good thing. They're not perfect, but there are far worse software companies out there.
The point is that I'm all about giving credit where credit is due, and Citrix deserves alot of credit for a great many thing.
So what's with all the zings?
I can't begin to count the number of blogs out there that deal with thin computing. While many of these are technically interesting, they also tend to be butt-kissy and flacid in content. My goal is to keep it interesting here by speaking from the real side of IT with a healthy dose of the cynicism that proliferates most enterprise shops.
Real IT isn't sitting around sipping lattes while talking about great new feature sets in products. Real IT is plowing through all the bugs and unexpected behavior those new products add as 'features'. IT is getting called in the middle of the night because some fucktard can't log in. Our day to day is decidedly less fluffy than many vendors, Citrix included, would have us believe about their products.
So there ya go. I'm not against Citrix, Microsoft, or most other companies out there.. except Scientology of course, and then all bets are off. I'm just trying to expose the underbelly of the IT and thin computing landscape and have a little fun doing it.
Who knows, Someday some dude/dudette at Citrix may be reading this blog (they do quite frequently, btw) and maybe find something useful that they can use to improve their products. I wouldn't count on it, but it's possible. Innovation is good for everyone, even assholes like me.
-CG
Tuesday, March 18, 2008
Happy Power Holidays!!
And in outsourcing critical operations to third world countries with faltering infrastructure news:
Through one of my esteemed coworkers, I caught a copy of an email that was sent from our Chennai operations to one of our VPs. Apparently, there's a bit of a power crunch over in India.
There's so much of a crunch in fact that the government is mandating blackouts. The spin is that they're actually 'power holidays', but lets face it - how much of a break does one need from electricity? Is having electrical service something that is so stressful that we need a holiday from it? That's right pal! Fuck President's Day, but if someone doesn't kill the lights, I'm taking a hostage.
Okie dokie.
I've never worked at a company that offered paid holidays from electricity, running water, telephone service, clothing (though that could be kinda fun), or the like. No, indeed going without these things is generally regarded by most as a huge fu#king inconvenience.
So what does this mean?
Before we get into that, it's important to take a moment to give a big middle finger salute to all these companies that gleefully tossed skilled IT workers to the curb in favor of cheap overseas (and often unqualified) labor to save a buck or two on the front end. Long have I suffered at the inept hands of overseas workers which have been tasked with jobs that they are unqualified to do. So a heartfelt congratulations to all of you corner-office-power-lunching big wigs. You're getting exactly what you paid for.
And believe me, if some whelk supervisor over there is sending an email to an EVP of a multi-billion dollar company telling him that golly gee sorry, we're just not going to work on Mondays because the building is dark..this is just the tip of the iceberg.
Hell, it's not even summer yet. Just wait until they crank up all those air conditioners over there and then talk to me about power holidays.
Polish up the resume and keep a close eye on this one kids. My guess is that it may turn out to be a sizable fecal matter & fan situation before it's all done.
-CG
Through one of my esteemed coworkers, I caught a copy of an email that was sent from our Chennai operations to one of our VPs. Apparently, there's a bit of a power crunch over in India.
There's so much of a crunch in fact that the government is mandating blackouts. The spin is that they're actually 'power holidays', but lets face it - how much of a break does one need from electricity? Is having electrical service something that is so stressful that we need a holiday from it? That's right pal! Fuck President's Day, but if someone doesn't kill the lights, I'm taking a hostage.
Okie dokie.
I've never worked at a company that offered paid holidays from electricity, running water, telephone service, clothing (though that could be kinda fun), or the like. No, indeed going without these things is generally regarded by most as a huge fu#king inconvenience.
So what does this mean?
Before we get into that, it's important to take a moment to give a big middle finger salute to all these companies that gleefully tossed skilled IT workers to the curb in favor of cheap overseas (and often unqualified) labor to save a buck or two on the front end. Long have I suffered at the inept hands of overseas workers which have been tasked with jobs that they are unqualified to do. So a heartfelt congratulations to all of you corner-office-power-lunching big wigs. You're getting exactly what you paid for.
And believe me, if some whelk supervisor over there is sending an email to an EVP of a multi-billion dollar company telling him that golly gee sorry, we're just not going to work on Mondays because the building is dark..this is just the tip of the iceberg.
Hell, it's not even summer yet. Just wait until they crank up all those air conditioners over there and then talk to me about power holidays.
Polish up the resume and keep a close eye on this one kids. My guess is that it may turn out to be a sizable fecal matter & fan situation before it's all done.
-CG
Thursday, March 13, 2008
Ericom to Citrix: Chew on This!
This is big news.
In a very interesting and fuckyouCitrix-esque turn of events Ericom has stepped up and is offering a free version of Windows Power Term to be released with Windows Server 2008.
Now I haven't personally used Powerterm, but I hear it's not too bad. And hell, if it's free, then it's a no-brainer. This is a real sucker punch to Citrix in the small to medium office arena. In the present economic landscape, you can bet that a free and workable alternative to Citrix will be embraced by companies. This is especially true in the medium size sector where the company or app is just too big or important to only use terminal server, but they hate seeing that damn Citrix line item every year.
Hats off to Ericom for a very bold and I must add cunning move! But now what?
The problem is that very few decision makers are tuned into the virtualization world like us. Let's face it; they have lives and have probably never been addressed by anyone as "Dungeon Master". It's up to us as engineers to sell this thing and give it visibility. Ericom is putting itself out there and if this does well, it's going to introduce competition. That's going to force innovation on Citrix's part. That is unless of course Citrix just buys Ericom, which would be in line with their recent product launches.
See original info here.
-CG
In a very interesting and fuckyouCitrix-esque turn of events Ericom has stepped up and is offering a free version of Windows Power Term to be released with Windows Server 2008.
Now I haven't personally used Powerterm, but I hear it's not too bad. And hell, if it's free, then it's a no-brainer. This is a real sucker punch to Citrix in the small to medium office arena. In the present economic landscape, you can bet that a free and workable alternative to Citrix will be embraced by companies. This is especially true in the medium size sector where the company or app is just too big or important to only use terminal server, but they hate seeing that damn Citrix line item every year.
Hats off to Ericom for a very bold and I must add cunning move! But now what?
The problem is that very few decision makers are tuned into the virtualization world like us. Let's face it; they have lives and have probably never been addressed by anyone as "Dungeon Master". It's up to us as engineers to sell this thing and give it visibility. Ericom is putting itself out there and if this does well, it's going to introduce competition. That's going to force innovation on Citrix's part. That is unless of course Citrix just buys Ericom, which would be in line with their recent product launches.
See original info here.
-CG
Wednesday, March 12, 2008
Managing Local Admin Passwords
The company I work for often seeks out the worst and most vexing solution to any given situation. That probably stems from the fact that although the corporate line is that we hire 'quality people', most of the people in my building have an IQ approximating that of a canteloupe.
In fact, I would wager that many of the IT staff here would be quite content to sit and drool on their keyboards for much of the day. Sad, but there ya go. The plus side of that is that it's not terribly difficult for a slightly below average bloke such as myself to look like a shining star.
"Hey CG, I really like the way you tied your shoes. You keep that up and the sky is the limit for you here."
Seriously.
So anyways, one of the most short-bus-esque practices that goes on here is that all of the servers in the environment have the same admin password. Yeah.. not only that, but nearly everyone in the building knows about since it hasn't changed in two years. It even showed up in a Google search the other day. I wish I was kidding.
So it's been a constant pain in the ass for me that when odd stuff happens on the server the trail stops at the admin account. So I decided to take the law in my own hands and change it.
Here's the quandry. I don't want to have to manage several hundred admin ids and passwords. I wanted a password that I could get to quickly, that was unique for each server, and that did not require some kind of database to manage. Here's what I came up with. I set the password to a combination of the servername, a special character, and the last octet of the server IP address. It's easy to figure out the password if you know the formula and the formula can be quickly updated by tweaking the script.
Here's the script I used to do it. (Special thanks to E, who helped me fix a bug in the error handling) This pulls a list of servers from MFCOM and loops through them. Enjoy.
'//Resets the local password using the formula:
'// servername + @ + last octet of IP
'// Run this using cscript. If you use wscript you will be innundated with popups
'-------------------------------------------------------------------------------------
'// Compensate for crappy coding and diminutive manhood.
On Error Resume Next
'//Set the Username
'------------------------------------------------------------------------------------------
LocalAdmin = "Admin"
'------------------------------------------------------------------------------------------
'// Get the farm 411
Set theFarm = CreateObject("MetaFrameCOM.MetaFrameFarm")
theFarm.Initialize 1
'// If this doesn't work we're screwed so exit
if Err.Number <> 0 Then
WScript.Echo "Can't create MetaFrameFarm object"
WScript.Echo "(" & Err.Number & ") " & Err.Description
WScript.Echo ""
WScript.Quit Err.Number
End if
'// Loop through the name o' server
For each Server in thefarm.servers
'// set the hostname based on where we are in the loop
strComputer = ""
strComputer = Server.servername
'invoke the dnslookup because the datastore IP could be for some other nic if we pulled it from MFCOM.
strIP = DNSLookup(strComputer)
strOctet = Right(strIP,3)
StrOctet = Replace(strOctet,".","")
strPassword = strComputer & "@" & strOctet
strPassword = LCase(strPassword)
'//now that we have the password, let evil ensue
On error resume next
IF not strComputer = "" then
'//Clear any error condition that may have existed from the last loop
Err.Clear
' //Connect to the computer\administrator account
Set objUser = GetObject("WinNT://" & strComputer & "/" & LocalAdmin, user)
if Err.Number <> 0 Then
wscript.echo "Error on " & strComputer
if WScript.Echo "(" & Err.Number & ") " & Err.Description
WScript.Echo ""
End If
'//Set the password for the account
wscript.echo
wscript.echo "Setting password on " & strComputer
objUser.SetPassword strPassword
objUser.SetInfo
if Err.Number <> 0 Then
wscript.echo "Error on " & strComputer & "!!!"
WScript.Echo "(" & Err.Number & ") " & Err.Description
Else
wscript.echo strComputer & " - " & localadin & " password has been set to: " & strPassword
End If
End if
' //senseless destruction of objects
Set objWMIService = nothing
Set objuser = nothing
Next
'-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
'Functions
'-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Function DNSLookup(sAlias)
If len(sAlias) = 0 Then
DNSLookup = "Failed."
End If
Const OpenAsDefault = -2
Const FailIfNotExist = 0
Const ForReading = 1
Set oShell = CreateObject("WScript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")
sTemp = oShell.ExpandEnvironmentStrings("%TEMP%")
sTempFile = sTemp & "\" & oFSO.GetTempName
oShell.Run "%comspec% /c nslookup " & sAlias & ">" & sTempFile, 0, True
Set fFile = oFSO.OpenTextFile(sTempFile, ForReading, FailIfNotExist, OpenAsDefault)
sResults = fFile.ReadAll
fFile.Close
oFSO.DeleteFile (sTempFile)
aIP = Split(sResults, "Address:")
If UBound(aIP) < 2 Then
DNSLookup = "Failed."
Else
aIPTemp = Split(aIP(2), Chr(13))
DNSLookup = trim(aIPTemp(0))
End If
Set oShell = Nothing
Set oFSO = Nothing
End Function
----------------------------------------------------
Happy Clicking!
In fact, I would wager that many of the IT staff here would be quite content to sit and drool on their keyboards for much of the day. Sad, but there ya go. The plus side of that is that it's not terribly difficult for a slightly below average bloke such as myself to look like a shining star.
"Hey CG, I really like the way you tied your shoes. You keep that up and the sky is the limit for you here."
Seriously.
So anyways, one of the most short-bus-esque practices that goes on here is that all of the servers in the environment have the same admin password. Yeah.. not only that, but nearly everyone in the building knows about since it hasn't changed in two years. It even showed up in a Google search the other day. I wish I was kidding.
So it's been a constant pain in the ass for me that when odd stuff happens on the server the trail stops at the admin account. So I decided to take the law in my own hands and change it.
Here's the quandry. I don't want to have to manage several hundred admin ids and passwords. I wanted a password that I could get to quickly, that was unique for each server, and that did not require some kind of database to manage. Here's what I came up with. I set the password to a combination of the servername, a special character, and the last octet of the server IP address. It's easy to figure out the password if you know the formula and the formula can be quickly updated by tweaking the script.
Here's the script I used to do it. (Special thanks to E, who helped me fix a bug in the error handling) This pulls a list of servers from MFCOM and loops through them. Enjoy.
'//Resets the local password using the formula:
'// servername + @ + last octet of IP
'// Run this using cscript. If you use wscript you will be innundated with popups
'-------------------------------------------------------------------------------------
'// Compensate for crappy coding and diminutive manhood.
On Error Resume Next
'//Set the Username
'------------------------------------------------------------------------------------------
LocalAdmin = "Admin"
'------------------------------------------------------------------------------------------
'// Get the farm 411
Set theFarm = CreateObject("MetaFrameCOM.MetaFrameFarm")
theFarm.Initialize 1
'// If this doesn't work we're screwed so exit
if Err.Number <> 0 Then
WScript.Echo "Can't create MetaFrameFarm object"
WScript.Echo "(" & Err.Number & ") " & Err.Description
WScript.Echo ""
WScript.Quit Err.Number
End if
'// Loop through the name o' server
For each Server in thefarm.servers
'// set the hostname based on where we are in the loop
strComputer = ""
strComputer = Server.servername
'invoke the dnslookup because the datastore IP could be for some other nic if we pulled it from MFCOM.
strIP = DNSLookup(strComputer)
strOctet = Right(strIP,3)
StrOctet = Replace(strOctet,".","")
strPassword = strComputer & "@" & strOctet
strPassword = LCase(strPassword)
'//now that we have the password, let evil ensue
On error resume next
IF not strComputer = "" then
'//Clear any error condition that may have existed from the last loop
Err.Clear
' //Connect to the computer\administrator account
Set objUser = GetObject("WinNT://" & strComputer & "/" & LocalAdmin, user)
if Err.Number <> 0 Then
wscript.echo "Error on " & strComputer
if WScript.Echo "(" & Err.Number & ") " & Err.Description
WScript.Echo ""
End If
'//Set the password for the account
wscript.echo
wscript.echo "Setting password on " & strComputer
objUser.SetPassword strPassword
objUser.SetInfo
if Err.Number <> 0 Then
wscript.echo "Error on " & strComputer & "!!!"
WScript.Echo "(" & Err.Number & ") " & Err.Description
Else
wscript.echo strComputer & " - " & localadin & " password has been set to: " & strPassword
End If
End if
' //senseless destruction of objects
Set objWMIService = nothing
Set objuser = nothing
Next
'-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
'Functions
'-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Function DNSLookup(sAlias)
If len(sAlias) = 0 Then
DNSLookup = "Failed."
End If
Const OpenAsDefault = -2
Const FailIfNotExist = 0
Const ForReading = 1
Set oShell = CreateObject("WScript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")
sTemp = oShell.ExpandEnvironmentStrings("%TEMP%")
sTempFile = sTemp & "\" & oFSO.GetTempName
oShell.Run "%comspec% /c nslookup " & sAlias & ">" & sTempFile, 0, True
Set fFile = oFSO.OpenTextFile(sTempFile, ForReading, FailIfNotExist, OpenAsDefault)
sResults = fFile.ReadAll
fFile.Close
oFSO.DeleteFile (sTempFile)
aIP = Split(sResults, "Address:")
If UBound(aIP) < 2 Then
DNSLookup = "Failed."
Else
aIPTemp = Split(aIP(2), Chr(13))
DNSLookup = trim(aIPTemp(0))
End If
Set oShell = Nothing
Set oFSO = Nothing
End Function
----------------------------------------------------
Happy Clicking!
Thursday, February 14, 2008
Paging Dr. Xen to Delivery
In one guy's humble opinion, the person that is responsible for coming up with marketing slogans at Citrix really needs to consider hitting a second cup of coffee in the morning. No doubt you've noticed the new splash when you visit the Citrix.com site. It takes up half the page to deliver the following message:
The Game has Changed.
Transform your Datacenter into a Delivery Center.
Introducing Citrix Delivery Center.
Now is it just me or does that sound like some kind of superbowl ad for a maternity ward? I mean seriously..the Citrix Delivery Center? That's all you guys could come up with? You need to hire someone with a pulse to do your marketing.
Oh but let not your heart be troubled, kids. I've come up with a few alternate suggestions. I know..I know. I'm a giver. It's just how I am.
How about:
The game has changed. We're combining all our suites into a new super-enterprise-platinum-mega-super-uber-suite that all runs on NetScaler.
The game has changed. Resource manager is another story. Say, have you checked out Edgesight?
The game hasn't actually changed...just the name of our products.
The game is up. Too bad your servers aren't.
The game has changed. We're actually considering writing our next software product instead of just buying it up.
Any other suggestions?
-CG
The Game has Changed.
Transform your Datacenter into a Delivery Center.
Introducing Citrix Delivery Center.
Now is it just me or does that sound like some kind of superbowl ad for a maternity ward? I mean seriously..the Citrix Delivery Center? That's all you guys could come up with? You need to hire someone with a pulse to do your marketing.
Oh but let not your heart be troubled, kids. I've come up with a few alternate suggestions. I know..I know. I'm a giver. It's just how I am.
How about:
The game has changed. We're combining all our suites into a new super-enterprise-platinum-mega-super-uber-suite that all runs on NetScaler.
The game has changed. Resource manager is another story. Say, have you checked out Edgesight?
The game hasn't actually changed...just the name of our products.
The game is up. Too bad your servers aren't.
The game has changed. We're actually considering writing our next software product instead of just buying it up.
Any other suggestions?
-CG
Tuesday, February 12, 2008
Free Edgesight Courseware - CTX-1800
Knowledge should be free. Share it. Here's the full courseware for Citrix / Xenapp, or whatever the hell their name is today course CTX-1800.
Note that I am not personally providing this download, just pointing you to it. I don't know who put it out there, but get while it's hot.
-CG
Note that I am not personally providing this download, just pointing you to it. I don't know who put it out there, but get while it's hot.
-CG
Friday, February 1, 2008
Endpoint Agent Hack
Hey folks,
I know.. I know.. the Edgesight hacking stuff is becoming a little tiresome. I'll try to sweeten the mix with some other topicality this month but for now.. here's yet another Edgesight hack.
This time we're talking about the agent.
Citrix has two main versions of the Edgesight agent. The one you and I are probably mostly concerned with is the Presentation Server agent (I guess that will soon be named the Xenapp agent or some crap like that in keeping with Citrix's curious habit of renaming their products every 7.5 minutes). Anyways, you have the PS agent, which is designed to monitor Presentation Servers, and you have the Endpoint Agent - which is designed to run on non-presentation servers. This includes standard server builds and workstations.
Now the irksome thing is that Citrix licenses these agents separately. Consequently, we get to keep track of how many PS agents versus EP agents are deployed, what they're running on, and whether or not we have enough licenses to support what's out there. What a pain in the ass.
In our environment we don't monitor our workstations through the EP agent using Edgsight, but we do have many servers that are non Presentation servers that we want to monitor. i.e. Web Interface, Secure Gateway, File / Profile Servers, etc.
I don't want to have to mess with the additional administrative burden of running two agents to essentially get me the same functionality. Wouldn't it be cool if you could run the PS agent on non-Presentation Servers?
You can.
How? Well it goes back to the way that the agent works and why there are two agents in the first place.
Both agents position themselves very close to the kernel and essentially function like a piece of zombie code.
The reason is that there are two agents is because the terminal server kernel is vastly different from that of a standard server, being that it has to accomodate multiple users and all that other cool stuff that allows people like me to keep a job.
So the endpoint agent just won't work with a terminal server, and vice versa - you can't install the PS agent on a non-terminal server. So it has nothing to do with licensing; it's a matter of compatibility. That's why there's two agents.
So if you want to only run the PS agent, it's a simple matter of making it so that it works with your non terminal servers. To do that it's as easy as making them application servers. You just install terminal server on them. That's it. Badda bing! They'll run perfectly fine in terminal server mode and you only have to manage one agent. Cake.
Of course there are some security aspects to address, but if you're messing around with this stuff I'm going to assume you're not a complete tool and can handle that stuff on your own.
Peace
-CG
I know.. I know.. the Edgesight hacking stuff is becoming a little tiresome. I'll try to sweeten the mix with some other topicality this month but for now.. here's yet another Edgesight hack.
This time we're talking about the agent.
Citrix has two main versions of the Edgesight agent. The one you and I are probably mostly concerned with is the Presentation Server agent (I guess that will soon be named the Xenapp agent or some crap like that in keeping with Citrix's curious habit of renaming their products every 7.5 minutes). Anyways, you have the PS agent, which is designed to monitor Presentation Servers, and you have the Endpoint Agent - which is designed to run on non-presentation servers. This includes standard server builds and workstations.
Now the irksome thing is that Citrix licenses these agents separately. Consequently, we get to keep track of how many PS agents versus EP agents are deployed, what they're running on, and whether or not we have enough licenses to support what's out there. What a pain in the ass.
In our environment we don't monitor our workstations through the EP agent using Edgsight, but we do have many servers that are non Presentation servers that we want to monitor. i.e. Web Interface, Secure Gateway, File / Profile Servers, etc.
I don't want to have to mess with the additional administrative burden of running two agents to essentially get me the same functionality. Wouldn't it be cool if you could run the PS agent on non-Presentation Servers?
You can.
How? Well it goes back to the way that the agent works and why there are two agents in the first place.
Both agents position themselves very close to the kernel and essentially function like a piece of zombie code.
The reason is that there are two agents is because the terminal server kernel is vastly different from that of a standard server, being that it has to accomodate multiple users and all that other cool stuff that allows people like me to keep a job.
So the endpoint agent just won't work with a terminal server, and vice versa - you can't install the PS agent on a non-terminal server. So it has nothing to do with licensing; it's a matter of compatibility. That's why there's two agents.
So if you want to only run the PS agent, it's a simple matter of making it so that it works with your non terminal servers. To do that it's as easy as making them application servers. You just install terminal server on them. That's it. Badda bing! They'll run perfectly fine in terminal server mode and you only have to manage one agent. Cake.
Of course there are some security aspects to address, but if you're messing around with this stuff I'm going to assume you're not a complete tool and can handle that stuff on your own.
Peace
-CG
Thursday, January 3, 2008
Citrixguy.net Featured on Citrix.com!
So I was browsing my stats the other day and noticed several visitors coming in from citrix.com! Yes, Citrix linked to this blog.
TWICE!!!
Specifically from http://web.citrix.com/blogosphere/index.php?id=88
Look for the "Edgesight for Load Testing Semi-Free" and "Edgesight Licensing Hole" links.
So WTF?
No doubt this is an automated spider that just searches a bunch of blogs for relevent content and posts links to the page. I seriously doubt that Citrix Systems would endorse anything on this site. All that said, I got quite a chuckle at the irony of Citrix linking to articles about hacking their products.
I'm thinking that maybe someone at Citrix should take a glance at that page once in a while.
-CG
TWICE!!!
Specifically from http://web.citrix.com/blogosphere/index.php?id=88
Look for the "Edgesight for Load Testing Semi-Free" and "Edgesight Licensing Hole" links.
So WTF?
No doubt this is an automated spider that just searches a bunch of blogs for relevent content and posts links to the page. I seriously doubt that Citrix Systems would endorse anything on this site. All that said, I got quite a chuckle at the irony of Citrix linking to articles about hacking their products.
I'm thinking that maybe someone at Citrix should take a glance at that page once in a while.
-CG
Subscribe to:
Posts (Atom)
