Scanning MACs with Spiceworks

Here at Savannah Christian Church, we use Spiceworks (www.spiceworks.com) for our IT Inventory and Help Desk database.  We’ve been using it for about a year now, and it works great.  Spiceworks has the ability to scan Windows via Windows Accounts and/or Domain Accounts; MAC/Unix/Lunix via SSH; and Network hardware via SNMP.  Until recently, we just used Spiceworks to scan for our PCs and network gear.   We have finally got around to looking at what it takes to scan our MACs, and found that it was really straight forward.  If you are using Spiceworks (or thinking of using Spiceworks), here are the steps we took for scanning our MACs.  Your MAC will need to be atleast OS X.

Configuring Spiceworks:

  • Open Spiceworks and go to Settings
  • Click Network Scan
  • Scroll down to Manage Network Accounts.
  • Click Add and add an SSH account. (Note: You will need to add this username and password to all of your MACs.)
  • Scroll back up and edit your Device/Range that you use to scan your network.
  • Where it says SSH, use the drop down to select the Account that you just created.

Configuring the MAC:

  • Click the Apple icon and go to System Preferences
  • Click Sharing under Internet and Network
  • Check Remote Login
  • At the top of that page, make sure that your “Computer Name” is alpha-numeric and does not have any special characters or spaces (not even hyphens or underscores).
  • Go back to System Preferences and click Network.
  • Be sure that both your AirPort (if applicable) and Ethernet have the WINS (under Advanced) NetBios name show the same as the computer name.
  • Apply your settings.
  • If you don’t already have an account that is the same on all the MACs (it doesn’t have to be what they use to log in, but something like a local admin account), then go to Accounts and create one for each MAC (be sure to use the same user name and password).  This will be the same account name and password Spiceworks will use to scan the MACs via SSH.

Once you’ve completed these steps you can run your Spiceworks Network Scan and it will pick up your MACs, and populate all the data as it does for PC.  Very cool!

Advertisements

A year of Blogging

It’s been a year since I’ve started blogging.  Looking back, I really haven’t kept up with it like I had thought I would.  I average a post or two every other month.  But that’s cool though.

My purpose for the blog is to have a place to share my experiences with other IT Professionals.  What better place to do this than the Web.  🙂  I know for me, it’s awesome to do a Google search and find the answer to a problem on the first page!  That’s what I’ve tried to do this year with my blog.  When I come across a problem, or am working on a project that is new or may  be hard to find, I try to document it and post it on the web, with the hopes that someone else coming across that particular problem or project will find the answer (or get closer to the answer) sooner than later by coming across my blog.

So here are some stats from this year.  Not having anything to compare it to, I’ll say that’s pretty cool that I’ve had 14,488 views over the course of a year.  Most of the hits are from searches too!  🙂

So that’s what I’ll do again for 2009.  I may not blog several times a week, or even a month, like you would expect from a blog.  But I will definitely blog about projects and issues that I come across.

God has blessed me with a great 2008.  I pray Gods blessing over you for 2009.  Happy New Years!

Two Years with the Barracuda Spam Firewall

This month marks two years that we have had the Barracuda Spam Firewall.  I wanted to post the results (as I did last year):

The first shot is stats since I first installed the Barracuda, and the second shot is stats from this month.  It’s working great and I would highly recommend the Barracuda Spam Firewall if you are looking for a spam solution to work with your email system.

Exchange 2007

Wow.  I took our Exchange 2007 Server from 8GB RAM to 16GB RAM on Sunday.  PowerEdge 2950 III, Dual Quad Core Processors, 16GB RAM, Check this out…

That’s awesome!  570MB free, 16GB of RAM  AND  16GB Pagefile being used!

Spiceworks 3.1 Update Now Available

Spiceworks 3.1 update is now available and it has fixed the duplicate records that I blogged about not long ago.

In April, we implemented Spiceworks for Network Inventory and Monitoring.  We have it scan twice per day, so we are able to see the most current data.  With the release of Spiceworks 3.0, we implemented Help Desk and use it to track all Help Desk Tickets.  I have setup Spiceworks on it’s own Virtual Server, and have created multiple Admin Accounts for myself and IT Staff.

For Help Desk, we have two options for our users to send in a help desk ticket.  First, they can send an email to our Help Desk email account.  Spiceworks checks this account every 1 minute and will pull any new tickets into the help desk dashboard.  Once we receive the ticket, we can assign it to one of our IT staff.  Within the dashboard, we can continue a conversation with the employee (which emails them our comments) and keep the work flow in place.  As long as the employee doesn’t change the subject, it will keep the work flow going.  The second option we have put in place is the Intranet Web Portal.  Our users can log into spiceworks through the web portal that is located on our Intranet and they can create a new ticket, and see opened and closed tickets as well.  One great feature is that you can associate the ticket with the computer name, and can see a list of all tickets that have been requested against that particular machine to see reoccurring issues and such.

These are just a few of the many things we use Spiceworks for.  I highly recommend Spiceworks as your Network Inventory, Monitoring, and Help Desk solution.  You can’t beat the price either, free!  Thanks Spiceworks!

ESXi Time Bomb Error

Problem with ESX 3.5 Update 2 and ESXi 3.5 Update 2:  As of August 12, 2008, Virtual Machine won’t power on after it has been powered off or rebooted.

You receive the error:

A General System Error occured: Internal Error

Your event will display:

This product has expired.  Be sure that your host machine’s date and time are set correctly.  There is a more recent version available at the VMware website: http://www.vmware.com/info?id=4
———————
Module License Power Fail

Here’s an email I received from the VMware team.  I have successfully applied the patch to our Test ESXi server using VI Update (which was installed when I installed the VI Client, look in Start\All Programs\VMware\VI Update).  I will install the patch on our Production server this evening because it does require the host to be rebooted in order for the changes to take effect.  If you are running ESXi in production, you won’t receive the error unless you power down or reboot the virtual machine.

You can also see the KB Article:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006670

Here’s the email:

Dear VMware Customers,

We have released the express patches for the product expiration issue. Please go to http://www.vmware.com/go/esxexpresspatches for more information.

Problem:

An issue has been discovered by many VMware customers and partners with ESX/ESXi 3.5 Update 2 where Virtual Machines fail to power on or VMotion successfully. This problem began to occur on August 12, 2008 for customers that had upgraded to ESX 3.5 Update 2. The problem is caused by a build timeout that was mistakenly left enabled for the release build.

The following message is displayed in the vmware.log file for the virtual machine:

This product has expired. Be sure that your host machine’s date and time are set correctly.
There is a more recent version available at the VMware web site: http://www.vmware.com/info?id=4.
————–
Module License Power on failed.

Affected Products:

– VMware ESX 3.5 Update 2 & ESXi 3.5 Update 2.

– The problem will be seen if ESX350-200806201-UG is applied to a system.

– No other VMware products are affected.

Resolution:

VMware Engineering has produced express patches for impacted customers to resolve the issue.

FAQ:

1. What do the express patches do?

There are two express patches: one for ESX 3.5 Update 2 and one for ESXi 3.5 Update 2. They are specifically targeted for customers who have installed or fully upgraded to ESX/ESXi 3.5 Update 2 or who have applied the ESX350-200806201-UG patch to ESX/ESXi 3.5 or ESX/ESX 3.5 Update 1 hosts. For customers who haven’t done either, these express patches should not be applied.

To be noted is that these patches have been validated to work with esxupdate. However, testing with the VMware Update Manager is still under way. In subsequent communications, we will provide confirmation whether the patches work with VMware Update Manger or if a re-spin is required.

We are currently testing an option to apply the patch without requiring VMotion or VM power-off and re-power-on at the point of patch application. To immediately refresh vmx on the VM, one can VMotion off running VMs, apply the patches and VMotion the VMs back. If VMotion capability is not available, VMs can be powered off before the patches are applied and powered back on afterwards.

2. When will VMware re-issue the upgrade media and patch bundles?

VMware plans to re-issue upgrade media by 6pm, August 13 PST and all update patch bundles later in the week. We will provide an ETA for the update patch bundles subsequently.

NOTE:

  • An upgrade media refers to ESX 3.5 Update 2 ISO, ESXi 3.5 Update 2 ISO, ESX 3.5 Update 2 upgrade tar and zip files. They are for customers who haven’t installed or upgraded to ESX/ESXi 3.5 Update 2 but wish to.
  • The “patch bundles” here refer to those released at GA. They are for customers who do not wish to do a full upgrade to ESX/ESXi 3.5 Update 2, but apply patches that are deemed necessary to hosts running ESX/ESXi 3.5 or ESX/ESXi 3.5 Update 1. They are not the same as the express patch which is described above.

3. Why does VMware plan to re-issue the upgrade media before the patch bundles?

Since we can complete building and testing of the upgrade media before the patch bundles, we want to make that available to customers right away instead of re-issuing all the binaries later in the week.

IT Policy

Do you have a written IT policy clearly stating that all computers are property of the church, that an employee has no privacy to using the computer, and that the church (employer) has the right to “access, monitor, analyze, and inspect its computers at any time, with or without permission or advance notice”?  Are the staff required to sign off stating that they have read and understood your Churches Policy manual?

I was reading “Can Churches Inspect Employees’ Computers?” from Church Law & Tax Report and they had a story of an employee successfully claiming the Fourth Amendment because there was not a policy in place stating that the church had the right to search the computer, so it was implied that the staff member had the right to privacy and would need to give consent to search the computer (it was much more detailed than that, but that was the main point).

Here’s a good article (different article) with a few things you should include in your Information Technology Policy to ensure the “expectation of privacy” is not there.