O R G A N I C / F E R T I L I Z E R: 11.05

Nov 16, 2005

sms 2003 desired configuration monitoring released!

in case you missed it (and I did as well -- recurring theme?) the desired configuration monitoring component for sms 2003 has been released. download it here.

exchange sla scorecard released!

in case you missed it (i know i did), the exchange sla scorecard has been officially released. if you have MOM 2005 and a reporting server, download your copy now!

Nov 14, 2005

free resource for MVPs

this is pretty cool. the other day, i stumbled across a posting stating that eventid.net gives out free subscriptions to MVPs. i emailed their sales alias and received an email today. sure enough, it's true. :) here's the link to the page if you want to read more about it: http://www.eventid.net/freeformvp.asp. thanks EventID.Net!

Nov 10, 2005

get with the times, dude - setting an external time sync

while i was at the mvp summit, i was talking to a friend and fellow mvp, rory mccaw. he made mention that he discovered in windows server 2003, that net time was a deprecated command. he came across this when he found he was having an extremely difficult time getting the server to accept the time sync sources. minasi's latest post (issue #52) reminded me of this - especially since minasi himself is a mvp. i guess if he had been in that conversation, he'd have known this too.

Nov 9, 2005

sony digital rights management

for those of you that have been following along with russinovich's expose on sony's digital right's management copy protection scheme, this article from techdirt regarding npr's recent interview with hesse is a must read. is this guy for real?! here's a quote from the article.
After taking issue with anyone using the terms "spyware, malware or rootkit," Thomas Hesse, President of Sony's Global Digital Business, literally says: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"
click here to listen to the full story.

mom 2005 agent - port requirements

here's some good, general information on mom agent port requirements over a firewall. someone posted this on the msmom mailing list.
MOM agents can communicate with the MOM Management Server if the MOM agent computer is behind a firewall. However, you must open TCP port 1270 and UDP port 1270. Additionally, you must manually install and update MOM agents that are behind a firewall. If you cannot enable access to port 1270 through the firewall, you must install a MOM management group inside the perimeter network. You can separately monitor the perimeter network management group. Or, you can enable alert forwarding from the perimeter network management group to the internal MOM management group by using port 1271. If the managed computers belong to the internal domain, the following conditions are true:
  • Mutual authentication is available.
  • Signed and encrypted communications are available.
  • The following ports are open so that the managed computer can authenticate the MOM management domain and communicate with the domain:
    • UDP port 53 to support Domain Name System (DNS) queries and dynamic registrations
    • UDP port 123 to support Network Time Protocol (NTP)
    • TCP port 135 to support remote procedure calls (RPC)
    • UDP port 389 and TCP port 389 to support Lightweight Directory Access Protocol (LDAP)
    • TCP port 445 to support server message block (SMB)
    • All ports over 1024 for RPC communication and for response to dynamic source ports on the MOM agent computer.
If the managed computers belong to a perimeter network domain, the following conditions are true:
  • If a full Active Directory directory service trust relationship exists between the Management Server domain and the agent domain, the following options are available:
    • Mutual authentication
    • Signed and encrypted communications
  • If a full Active Directory trust relationship does not exist, only signed and encrypted communications are available. Mutual authentication is not available.

Nov 8, 2005

mom 2005 agent - existing connection was forcibly closed

are you familiar with this error message? you've probably applied the hotfix to correct it, if you are. when you apply this hotfix, you have to add a new dword value called ServerIOTimeoutMS under this path: HKEY_LOCAL_MACHINE\Software\Mission Critical Software\OnePoint\Configurations\configuration group name\Operations\Consolidator what you may not know is that when you apply mom 2005 sp1, though this hotfix is applied with it, the dword value still needs to be created. if you find yourself in a scenario where you're building a new mom server, keep this in mind. by the way, most people have success by setting this value somewhere between 30000 and 45000.

Nov 7, 2005

sharing code - mom 2005

looking for a place to share some of your favorite mom scripts, management packs, reports, etc? looks like this went live recently... http://www.gotdotnet.com/codegallery/featuredgroups.aspx. this is a supplemental site to some of your favorites like momsolutions.org, myitforum.com, smsmom.com, momanswers.com ... here's some of the stuff you can expect to get at gotdotnet:
  • license control
  • download counts
  • search
  • discussions

updated exchange 2000/2003 management pack for mom 2005 released

in case you missed it, the exchange mp for mom 2005 was updated and released, along with an updated configuration tool. if you did, don't think you've been living under a rock. with the state of mp notifier updates and the management pack catalog, it's not surprising very few people know about these releases. at the moment, the exchange mp doesn't seem to be available:
The download you requested is unavailable. If you continue to see this message when trying to access this download, go to the "Search for a Download" area on the Download Center home page.
yeah, right. if you ever see this error, don't presume you'll be able to find it on your own. :) also, the mom summary reporting pack came out of beta. one gotcha. you have to be at mom 2005 sp1 to utilize it. i'll post more about my experiences with it soon.

winternals presentation - understanding malware

recently, i attended a presentation by Winternals called "Understanding Malware: Spyware, Viruses, and Rootkits". from what i understand, it was an abbreviated version of the presentation at teched. for what it was worth (free), it was pretty good. it was a couple of days after russinovich's blog about sony's drm rootkit. timing couldn't have been more perfect. it was more or a less a pitch for recovery manager. it's a pretty cool tool by its own right. as a mvp, i received a free copy to try out. i wasn't really inspired to do it until i saw their demo... anyway, i thought it was pretty cool that at the end of the slidedeck, one of the many resource links they listed was the microsoft mvp site! scoring even higher, they sent a trial key and slidedeck the next day. to top it all off, i received a package today from winternals. it was completely unexpected. it's a large, black tin box. i took the lid off to read "Relax, Marcus". kudos to their marketing. that was clever. underneath the pamphlets and thank you note (for attending the presentation) was a hammock. :) nice stuff. wish all vendors were that creative and thoughtful. anyway, if you get a chance to attend this presentation in your city, be sure not to miss it.


i stumbled across this site today. has some interesting utilities and scripts to help augment a stock mom installation. good stuff!