Windows terminal services & network printers

Yes, yes. I do list a lot of crappy products (go on, laugh; I don’t really care). Yesterday I had quite a struggle with Microsoft Windows Server 2003 and Terminal services (or more precisely with their way on how to deal with network printers).

As most of you know, there a two (possibly three) different ways on how to do network printers.

  1. would be, to simply share a local connected printer by simply creating a share for the printer
  2. buy a smart printer with integrated print server
  3. a combination of 1. and 2.

We luckily enough do have printers with integrated print servers, so that wouldn’t be a problem. *But* you get a problem if you’re trying to monitor the printer queue if you simply create a new TCP/IP connection from another target. You simply can’t tell who’s printing what.

So we tried to find a way to reuse the already shared printers. And there actually is. Simply create a new local printer (as you would if you’d use the TCP/IP way), but don’t select TCP/IP, select Local Port instead. That’s the whole catch (I’ve been trying to figure that out half the day yesterday). Then simply supply the location (it’s URI formatted like this.is.my.printer.servarYour shady Printer) and click through the dialog.

The only catch with this is, that you have to install any non-standard printer drivers locally. That’s why I tried reusing the already present network drivers, but Windows treats Printers and Network printers differently. The former is treated as a global object (as in visible to all users on the current machine), the latter is only visible to the current user.

*Babing*

VBscript & Active Directory and printers ? (continued)

As I posted earlier, I tried working around some limitations in Microsoft’s Active Directory by teaching the script some intelligence.

But, since we recently started using Thin Clients, all the stuff I did with the fancy vbs was just a waste-of-time. Turns out, Windows XP Embedded doesn’t work quite the same as a “normal” Windows XP (that’s where I tested the script on), and it simply dies when running the WMI Query. Bollocks.

So I switched back, utilizing a shortcut in Startup, but pointing to the shortened vbs (see below) instead of the ugly batch file someone wrote.

But even that doesn’t work all the time, I still have to figure out why.

screen and UTF-8 (continued)

OK, since I last posted about my problems with screen and irssi being unable to handle unicode chars, I got a lot of feedback (here or on IRC), and actually it was Alexander who pointed me into the right direction. LANG=C doesn’t seem to support UTF-8 characters. So after adding

to my environment *everything* is just fine … 😯

screen and UTF-8

Since I got annoyed by umlauts being printed as ░, I figured I’d install a UTF-8 capable font on this box here and all my problems would be gone. But not so fast.

screen is a real fucked up thing. If you’re starting screen via screen -U everything is nice and cosy, and you get your UTF-8 goodness. But, don’t think you’ll get away with just enabling UTF-8 as default and enabling UTF-8 for each new window by doing this:

You won’t get any UTF-8 char (at least w/ irssi) out of that .. 😡

VBscript & Active Directory and printers ?

Well, since our current solution for mapping printers is an ugly batch file, which needs to be put into Startup, I today poked at doing it in VBscript (I know, but it’s less ugly than the batch script, trust me).

As some of you know, printers are only applicable to users (as in you can’t put a startup script onto an OU, which is going to map the printers). So as we store users and the computes in different OU’s in our Active Directory (we do have about 15.000 students), I can’t apply the printer.vbs to the users OU directly either, unless I implement some intelligence into the script itself.

And that’s basically what I did. Since different pools at the university have different DNS suffixes (like pools.rz.barfoo.org, that our or pools.fmz.barfoo.org) and we only want them students to have our printers when they logon at our pool, I just made the script to get the DNS DomainName of the current active interface and compare it against a given pattern.

Customizing Thin Clients

As some of you know, the company I’m currently working for, recently acquired some thin clients to replace our old computers for the students to work on. Those PC’s are like P3 800 MHz with 512MB RAM and sadly don’t run Office 2007 anymore, so we replaced them with thin clients and are streaming those applications from a Windows Terminal Server cluster (created by and with 2X Application LoadBalancer).

So far so good, getting them to display the applications ain’t hard, the real hard part starts when you want additional things from this Windows XPe (Embedded), like lets say getting them to display a German language.

First thing is, the management software for those terminals (Wyse Device Manager or WDM) uses it’s own scripting language (with pseudo abbreviations like DF or MR – Delete File and Merge Registry – get it ?), which control the whole distribution of “packages“.

That ain’t necessarily a bad thing, it’s just an additional “language” you need to understand/learn. The initial threshold is rather low (it ain’t no C++ or C#) as it’s just a pseudo language, you just need to make sure you do things in a certain order (like use the auto login registry entry with a new administrator password *after* you changed the administrator password).

We had a lot of work at the beginning of the week (like getting all packages working), and I think we managed finishing all of them (besides some default icon foo, for which is plenty of time when them terminals are already in use).

Turning a simple chroot into a binpkg repository

OK, since Alex asked me last Sunday what exactly needs to be done to turn a simple chroot (or even a bloody box) into a binpkg producing environment, here’s a little howto …

First, lets start from a freshly unpacked stage3.

With that single change you’re basically nearly finished with setting up the whole thing, the remaining things are just

  1. Making sure the binary packages get to a web-enabled (either ftp or http) box, from where you’re going to fetch the binary packages to their target
  2. Make sure you use binary packages on the target systems by default

But first, we’re gonna need to emerge something within that freshly created build chroot.

Since we now emerged some things we do have quite a few binary packages, which we are going to need on the target systems in order to avoid individual compile time.

Now, we just need to figure out a way to get the packages to a remote repository. That’s where bashrc, rsync and ssh come into play.

Take a looksie at my bashrc (or at solar’s if you can find it), especially at syncpkg. That’s the actual function doing all the work for us. It’s basically guessing what profile you’re using atm (by reading the info’s on /etc/make.profile (x86, amd64)), and the uploading it to the remote location given by REPO_HOST, REPO_BASE and REPO_TYPE (either via environment or by /etc/make.conf).

Sure the emerge takes a bit longer (since emerge forks an rsync process via ssh that syncs the just merged binary to our remote repository), but that way you have a nice repository, from which you can install one or 1.000 boxes.

Nagios & plugins

Since we started utilizing Nagios‘s power two months ago, I finally came up with a C-based ram-plugin for nagios. The biggest problem I had with the python and perl based plugins, that some distributions (yes, SLES and Debian) don’t install either Python or Perl.

Since I wanted a manageable setup (as in unified code base across all distributions), I wanted it to work without installing too much. So I took the swap plugin and basically removed what wasn’t necessary and voila!

Here we go, yay ME!

Only thing I need to finish sometime soon, is getting the NSClient++ work on my Windows boxen (which I do have quite a few, the domain controllers, nas-cluster, …)

Thin clients

As some of you people know, we (as in the University) recently purchased some Thin Clients in order to replace some oldish’ computers and solve the software management at the same time.

The Thin Clients ain’t bad, they are Wyse V90L‘s and they (as in Wyse) use their own management software to manage and deploy those thin clients and software. The bad thing about that, is it’s using it’s own “Scripting Language” (if you can call it that way – it’s more pseudo scripting since you can’t do much with it besides some basic actions).

The Wyse Device Manager also introduces it’s own limitations. Up till now our DHCP had server options for thin clients in some other facility and thus was sending those to *all* subnets it’s acting on, thus overwriting (or disabling ?) the DHCP ACK send out by the WDM. But that’s only one.

The second one is that the WDM seems to use (or expect) the American date format internally. But how did I stumble upon that ? As you know, I’m living and working in Germany and we use a different time/date format than the American’s. Now, lets assume you want to deploy packages to you Thin Clients when no one’s using them anymore (like say – around midnight), you drag your package upon the devices and select “Specific Date/Time“. Now if you have the German date/time format, the WDM will simply tell you, “Deployment date can’t be less than the current system time.

Initially I was like *WTF*, didn’t I just enter a time in the future (~15 minutes in the future from where we at right now) ?

First I looked through their Knowledgebase, but as nothing was documented there, I called their Support Hotline, where I briefly told ’em what was going on and he immediately told me, that’d I was hitting that error, since the WDM *is* using _and_ expecting the American time/date format internally. But he told me that they’ll hopefully fix that with the next release since they get asked that quite often.