Reset Symantec System Center Password

To reset the Symantec System Center admin user password

1. On the computer running Symantec System Center, start Windows Explorer.
2. Go to \Program Files\Symantec\Symantec System Center\Tools.
3. In the right pane, double-click the IFORGOT.exe file.
4. In the Primary server field, type the name of the server group’s primary server.
5. In the user field, type admin
6. In the New Password and Confirm New Password fields, type the new password.
7. Click Reset Password.
You may be prompted for a Windows user name and password if you specify a remote server.

RPC Dynamic Ports

By default, Microsoft RPC allocate ports from 1024 – 65535.

To restrict them to 5000 – 5100, Use the Registry entries below.

— cut here —
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet]
“Ports”=hex(7):35,00,30,00,30,00,30,00,2d,00,35,00,31,00,30,00,30,00,00,00,00, 00
“PortsInternetAvailable”=”Y”
“UseInternetPorts”=”Y”

— cut here

webmin & DHCPD

Finally, I got both my boxes fixed. So I was happily connecting them together with a SC cable…. yah yah.. It’s only 15cm apart but still it’s a 1Gbps Fibre Channel link 😀

I decided to use dhcp for that link, since I haven’t tried configuring dhcpd before.

After configuring dhcpd on webmin, I tried starting it. The button still shows “Start Server”.

syslog presents:
Nov 9 19:53:24 localhost dhcpd: No subnet declaration for eth0 (10.x.x.x).
Nov 9 19:53:24 localhost dhcpd: Please write a subnet declaration in your dhcpd.conf file for the
Nov 9 19:53:24 localhost dhcpd: network segment to which interface eth0 is attached.
Nov 9 19:53:24 localhost dhcpd: exiting.

wtf, I actually configured for eth3 in the options. So i check /etc/dhcpd.conf, no mention of eth0. Got more pissed after starting the server several times, then I checked /etc/init.d/dhcp..

#Defaults
INTERFACES=”eth0″

So, ok. now I know the reason, changed it.. SAME ERROR !
This time i saw /etc/defaults/dhcp, added INTERFACES=”eth3″

Now it works. Installing Ubuntu on my 2nd box..

Cisco ASA IPSec VPN

Here I go again with my constant Cisco rant or rather rating on my incompetence.. LOL…

I was configuring a Lan-to-Lan VPN between 2 Cisco ASA5510. After going through the wizard, I actually changed the Group Tunnel Name to a more meaningful name rather than just ip address. Didn’t realise the impact till I can’t get the stupid tunnel up.

I did a debug crypto isakmp 255 and it starts throws out every damn low level stuff at me after i entered “terminal monitor”…
After going through the debug logs, I realised that isakmp fails as the group name is invalid. On that actual debug statement, it stated the group name is the ip address of my vpn peer.

Now that’s weird. I remembered in PIX 6.0, the syntax for creating the tunnel is crypto map tunnel-name, where the name doesn’t *MATTERS*. So I checked the configuration guide for ASA 7.0.

“Tunnel group name: Both remote access and LAN-to-LAN clients select a tunnel group by its
name, as follows:
– For IPSec clients that use preshared keys to authenticate, the tunnel group name is the same as
the group name that the IPSec client passes to the security appliance.”

So I configured tunnel-group type ipsec-l2l.

Viola… a wasted morning.

Enabling DMA with hdparm for Ubuntu

With reference to the wiki at ubuntu.com,

Edit /etc/modules:

For an intel cpu put the lines
piix
ide-core
above the line ide-cd

For an amd cpu put the line
amd74xx
above ide-cd

For a VIA Chipset put
via82cxxx
above ide-cd

my hdparm parameters

hdparm -c1 -d1 -X70 /dev/hda
-c1 enables 32bit IO
-d1 enables DMA
-X70 sets DMA to UDMA6

that’s all folks.