Life of a Geek Admin

The Daily adventures of a true geek administrator

Life of a Geek Admin - The Daily adventures of a true geek administrator

Monthly Archives: August 2011

Changing Windows 2003/2008 Eventlog Size

With the daily routine as a Systems Administrator for Windows and Linux systems we periodically are looking for ways to reduce disk space usage. One of the ways for Windows servers is to reduce the amount of space used by the eventlogs which can eat up alot of space.

The value I am using in this example is 1024 kb, you can use any value you would like by changing the value to your liking. The method I am using is a registry edit from a command line within a command script.

Open Notepad or your Windows editor of choice to create a new file. Enter in the following commands.

reg add "\\%servername%\HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Security" /v MaxSize /t REG_DWORD /d 1024 /f
reg add "\\%servername%\HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Security" /v Retention /t REG_DWORD /d 0 /f
reg add "\\%servername%\HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System" /v MaxSize /t REG_DWORD /d 1024 /f
reg add "\\%servername%\HKLM\SYSTEM\CurrentControlSet\Services\EventLog\System" /v Retention /t REG_DWORD /d 0 /f
reg add "\\%servername%\HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application" /v MaxSize /t REG_DWORD /d 1024 /f
reg add "\\%servername%\HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application" /v Retention /t REG_DWORD /d 0 /f

Save the file with your name of choice and just double-click to run on your system. If you want to save the typing then just download the file from here regsetevtsixe and rename .txt to .cmd.

We can also acheive this with Powershell. Open a Powershell session and type

C:\PS> limit-eventLog -logname Application -MaximumSize 1024KB
C:\PS> limit-eventLog -logname System -MaximumSize 1024KB

One thing to note is that this is an immediate change but it will not clear out the logs you already have. You can achieve this by opening Event Viewer or use PowerShell or VBScript if you want to do it programmatic-ally.

VBScript

' Backup and Clear the event log
' You will have to change the value for each of the different logs
' August 2011

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,(Backup)}!\\" & _
strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
("SELECT * FROM Win32_NTEventLogFile WHERE LogFileName='Application'")
For Each objLogfile in colLogFiles
errBackupLog = objLogFile.BackupEventLog("c:\scripts\application.evt")
If errBackupLog <> 0 Then
Wscript.Echo "The Application event log could not be backed up."
Else
objLogFile.ClearEventLog()
End If
Next

Powershell
Open a Powershell session and type the following:
C:\PS> clear-eventlog -log application, system

More information on Powershell clear-Eventlog & Limit-Eventlog can be found here

Installing NVIDIA Drivers Fedora 14

Recently I was rebuilding a system with Fedora 14 which has an Nvidia GeForce 9500 GT chipset and ran into an issue in which the nouveau driver supplied by the distribution could not support some of the features I was needing. With a bit of digging in multiple places I was able to find pieces to accomplish the task at hand.

In this post I will attempt to show the process I used to get Fedora 14 to use the latest Nvidia drivers (280.13) and or RPMFusion to install on the system.

Using Nividia Driver
1. Download nvidia linux driver

http://www.nvidia.com/content/DriverDownload-March2009/confirmation.php?url=/XFree86/Linux-x86/280.13/NVIDIA-Linux-x86-280.13.run

2. Next, edit /etc/inittab and change runlevel to 3 and save the file.
$ sudo vi /etc/inittab
3. Edit /boot/grub/grub.conf and add “rdblacklist=nouveau” to the end of the kernel line, this will stop the system from loading nouveau driver. save and reboot.

4. System restarts, log in as root, go to your download folder where you downloaded Nvidia driver and install GCC and kernel-devel*
$ sudo yum -y install gcc kernel-devel*

5. Run nvidia installer.
$ sudo sh ./NVIDIA-Linux-x86_64-260.19.12.run

If you get an error you may need to change the

if everything goes ok, edit /etc/inittab runlevel to 5 (X11) , save and reboot. Remember doing this is NOT advisable, it will break your fedora installation and you may need to reinstall your fedora in order to use a stable nvidia driver from fedora/rpmfusion..

Using RPMFusion
1. Add this to the end of the kernel line (without quotes) in /etc/grub.conf ->
“rdblacklist=nouveau vga=0×318″

2. Download and install rpmfusion repository RPM’s for free and non-free to your system.
sudo yum localinstall --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm

http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

3. Update yum repository.
$ sudo yum update

4. For 64bit Users,
sudo yum install kmod-nvidia xorg-x11-drv-nvidia-libs.i686 xorg-x11-drv-nvidia-libs.x86_64

5. For 32bit Users
sudo yum install kmod-nvidia

For 32bit Users using the PAE kernel,
sudo yum install kmod-nvidia-PAE

Disable NetBIOS over TCPIP with vbscript

Part of building new servers I have been creating a script to configure add and remove features added to the Windows 2008 R2 servers. The process is being handled by powershell, command scripts and vbscripts.

Ran into a step to disable the WINS setting for  Disable NetBIOS over TCP/IP.  As with any step in the build process automation is the key to consistent builds and reduce human error. For this part I turned to vbscript and used the following script to execute the step on all the NIC’s defined on the system.

This script will work on Windows 2003 / 2008 servers.

‘ Disable NetBIOS over TCPIP
‘ Author: Mark Harris
‘ disablenetbios.vbs
‘ run as cscript /nologo disablenetbios.vbs

strComputer = “.”
‘ set to HKEY_LOCAL_MACHINE registry Hive
HKLM = 2147483650

‘ Set keyword value to open
valuename = “NetBIOSOptions”
subkey = “System\CurrentControlSet\Services\NetBT\Parameters\Interfaces\”

‘Get registry provider from WMI
set registry = GetObject(“winmgmts:\\” & strComputer & “\root\default:StdRegProv”)

‘Get subkeys of Interfaces key … these will be random GUIDs
registry.EnumKey HKLM, subkey, subkeys

for i = 0 to ubound(subkeys)
‘Set hex value of registry value to 0×2. We have to use the built-in VBscript hex function to convert from decimal to hex data type
registry.SetDWORDValue HKLM, subkey & subkeys(i), valuename, hex(2)
next

Switch to our mobile site