Install Tomcat 7 on Windows 7

In continuing with building a testing environment on Windows 7 / Windows 2008 R2 I have embarked on installing Apache Tomcat 7 on my Windows 7 desktop. First download 32 or 64 bit from http://tomcat.apache.org/download-70.cgi/tomcat-7.0-doc/tomcat-7.0-doc/taglibs/migration.html.You will find the download links in the binary distributions section of the page. You will also need to make sure you have Jave jdk installed.

My current setup is 32 bit running Apache 2.2.22 with PHP 5.4.0, so I am going with apache-tomcat-7.0.28-windows-x86.zip. Once the download is completed, just extract the zip file to the directory of your choosing. For this example I have chosen c:\apps\apache-tomcat-7.0.28.

Configure Tomcat

Now we to set a few properties for Tomcat to know where the JDK is installed. We do this by creating the setenv script file. Since we are running 32 bit windows instance, it is best to use a 32 bit instance of the JDK. Open your favorite text editor and create a file called setenv.bat with the following contents:

set "JRE_HOME=%ProgramFiles(x86)%\Java\jre6"
exit /b 0

Save the file to c:\apps\apache-tomcat-7.0.28\bin. That’s all you have to do with the bat file. The catalina.bat file will look for and execute it if it finds the file.

Setting up the Windows Service

Now we need to setup Tomcat to run as a service. Open a command prompt us9ing Run as Administrator option and change into the directory you extracted Tomcat to.

cd C:\apps\apache-tomcat-7.0.28\bin

Run setenv.bat that you just created to set JRE_HOME variable and run service.bat script with the following syntax.

Usage: service.bat install/remove [service_name] [/user username]

service.bat install Tomcat7

The service will now appear in Service as Apache Tomcat [your name] and set as Manual.

At this point you can start the service as well as change it to Automatic. Open a browser and type in http://localhost:8080 and you should be greeted with the standard Tomcat page.

You should now have a working installation of Tomcat 7 on your Windows 7 / Windows 2008 R2 system. Next step is to set the username and password for accessing Tomcat Manager app. By default this is commented out in the %TOMCAT_FOLDER%/conf/tomcat-users.xml file. Open the file with a text editor an un-comment the section in tomcat-users.
<role rolename=”tomcat”/>
<role rolename=”role1″/>
<user username=”tomcat” password=”tomcat” roles=”tomcat”/>
<user username=”both” password=”tomcat” roles=”tomcat,role1″/>
<user username=”role1″ password=”tomcat” roles=”role1″/>
</tomcat-users>

Using this configuration will not allow to access the manager and host information. You will also need to add the manager-gui and admin-gui role to access the status and other functions. So you could change the tomcat-users.xml to look like.

<tomcat-users>
<role rolename=”manager-gui”/>
<role rolename=”admin-gui”/>
<user username=”manager” password=”tomcat” roles=”manager-gui,admin-gui”/>
</tomcat-users>

Save this and restart the Tomcat service and you should now be able to access those screens. Make sure to use stronger passwords than the defaults.

Using Computer Startup Scripts to Map Drives in Windows 2008 R2

Sometimes there are instances in which you need to map drives on specific servers and not all. One of the ways to accomplish this is through the use of startup scripts defined in local policy. For this need I just needed a server to map to another server resource, the G:\ drive in particular.

Applies To: Windows 7, Windows Server 2008 R2

Create the cmd script to contain the net use command to connect. In this example I am clearing anything on G, waiting 5 seconds and then connecting to my server using domain user id and password. I am saving the file in a directory I use for scripts, c:\support\scripts and calling it mapg.cmd.

net use g: /delete
sleep 5
net use g: \\myserver\g$ /user:domain\userid "password"

Now to assign computer startup scripts

Open the Local Group Policy Editor. (Run > mmc > File > Add or Remove Snap-ins > Select Group Policy Object Editor. Click OK to accept Local Policy and click OK.)

In the console tree, click Scripts (Startup/Shutdown). The path is Computer Configuration\Windows Settings\Scripts (Startup/Shutdown).

In the results pane, double-click Startup.

In the Startup Properties dialog box, click Add.

In the Add a Script dialog box, do the following:

In the Script Name box, type the path to the script, or click Browse to search for the script file in the Netlogon shared folder on the domain controller.
In the Script Parameters box, type any parameters that you want, the same way as you would type them on the command line. For example, if your script includes parameters called //logo (display banner) and //I (interactive mode), type //logo //I.

In the Startup Properties dialog box, specify the options that you want:

Startup Scripts for <Group Policy object>: Lists all the scripts that currently are assigned to the selected Group Policy object (GPO). If you assign multiple scripts, the scripts are processed in the order that you specify. To move a script up in the list, click it and then click Up. To move a script down in the list, click it and then click Down.
Add: Opens the Add a Script dialog box, where you can specify any additional scripts to use.
Edit: Opens the Edit Script dialog box, where you can modify script information, such as name and parameters.
Remove: Removes the selected script from the Startup Scripts list.
Show Files: Displays the script files that are stored in the selected GPO

Right click on Startup and select Properties, click Add and click browse and navigate to the script containing the net use command you would like to use.

Click OK to save the changes and reboot the server to test the drive mapping.

Fairly simple to implement and you can expand on the use in other areas. For my part it resolved an issue I tasked it for and was easy to implement.

Enabling Server Status on Apache 2.2

Apache 2 has a nice feature to allow a server admin to view the performance of Apache. When mod_status module is enabled an HTML page will be presented to allow stats to be presented in a readable format in which refresh can be set.

Server status details:

The number of worker serving requests
The number of idle worker
The status of each worker, the number of requests that worker has performed and the total number of bytes served by the worker (*)
A total number of accesses and byte count served (*)
The time the server was started/restarted and the time it has been running for
Averages giving the number of requests per second, the number of bytes served per second and the average number of bytes per request (*)
The current percentage CPU used by each worker and in total by Apache (*)
The current hosts and requests being processed (*)

Enabling the module is easy and can be done on Apache running on Windows and other Unix / Linux systems. First lets open the Apache configuration file httpd.conf.

Find the LoadModule line

LoadModule status_module modules/mod_status.so

and un-comment or add it. Next we need to add the ExtendedStatus variable and set it to On, the default setting is Off.

Note: This setting applies to the entire server, and cannot be enabled or disabled on a virtualhost-by-virtualhost basis. The collection of extended status information can slow down the server.
Add

ExtendedStatus On

Now we need to add the server-status site to Apache. You can create a virtual host for the server object and store it in the conf.d or you can just add it to the httpd.conf, the choice is yours.

Save the httpd.conf file and restart Apache, make sure to test the config changes before restarting. Open a browser and open http://servername/server-status and you should be directed to Apache Server status page.

As you can see there is plenty of good information on the performance of the server as well as another problem determination tool.

Automatic Updates
You can get the status page to update itself automatically if you have a browser that supports “refresh”. Access the page http://your.server.name/server-status?refresh=N to refresh the page every N seconds.

Display Machine Readable Status File
A machine-readable version of the status file is available by accessing the page http://your.server.name/server-status?auto. This is useful when automatically run, see the Perl program in the /support directory of Apache, log_server_status.

Upgrading Windows 2008 R2 using DISM

Sometimes in the Enterprise environment there is a need to upgrade the version of Windows Server. With Windows 2008 R2 this is an easy task with DISM command and a KMS server. You can also use the command if you have a MAK key as well. Using DISM you can upgrade and every role, feature, app on your server will remain after the upgrade.

A few caveats:

You can only do upgrades. You CANNOT downgrade
The server you upgrade cannot be a domain controller (demote, upgrade, promote)
This works on Standard, Enterprise edition, both full & core installations.
You cannot switch form core to full or vice versa. It’s edition upgrade only, not for switching type of install.

First we need to see the possible target editions for your server. Open a command prompt and type. The server I executed the command on is running Windows 2008 R2 Standard Edition.

C:\Windows\system32>DISM /online /Get-TargetEditions

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7600.16385
Editions that can be upgraded to:

Target Edition : ServerDataCenter
Target Edition : ServerEnterprise

The operation completed successfully.

From the output of the command I see I can upgrade to DataCenter and Enterprise Editions. In this example I upgraded to Enterprise Edition by executing the following command. After running the command the server will need to be rebooted to complete the upgrade, you will have the option presented after running the command.
The syntax is:

DISM /online /Set-Edition: /ProductKey:

C:\Windows\system32>Dism /online /Set-Edition:ServerEnterprise /ProductKey:489J6-VHDMP-X63PK-3K798-CPX3Y

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7600.16385

Starting to update components...
Starting to install product key...
Finished installing product key.

Removing package Microsoft-Windows-ServerStandardEdition~31bf3856ad364e35~amd64~~6.1.7601.17514
[==========================100.0%==========================]
Finished updating components.

Starting to apply edition-specific settings...
Restart Windows to complete this operation.
Do you want to restart the computer now (Y/N)?

When you have KMS (Key Management Server) in the activation will be done automatically and transparent for you.
Here are the public keys for use with a KMS server:

Windows Server 2008 R2 HPC Edition – FKJQ8-TMCVP-FRMR7-4WR42-3JCD7
Windows Server 2008 R2 Datacenter – 74YFP-3QFB3-KQT8W-PMXWJ-7M648
Windows Server 2008 R2 Enterprise – 489J6-VHDMP-X63PK-3K798-CPX3Y
Windows Server 2008 R2 for Itanium-Based Systems – GT63C-RJFQ3-4GMB6-BRFB9-CB83V
Windows Server 2008 R2 Standard – YC6KT-GKW9T-YTKYR-T4X34-R7VHC
Windows Web Server 2008 R2 – 6TPJF-RBVHG-WBW2R-86QPH-6RTM4

Don’t worry this is public information KMS Client Setup Keys, these will only activate if you have a KMS server and the key make that KMS server work.
Using the DISM command makes upgrades and migration a lot simpler!!!

Port Capture on Windows 2003 Using PortReporter

Have you ever wanted to capture ports in use on Windows 2003 server with a simple output? Usually you would want such information for migrations of servers and applications to new hosts from servers that have never been documented or have been long forgotten. One such tool is PortReporter and PortParser. There are other tools available to complete this task but in this post I am only covering PortReporter but future posts will cover other available tools.

Description
The Port Reporter tool logs TCP and UDP port activity. The tool is a small program that runs as a service on a computer that is running Windows Server 2003, Windows XP, or Windows 2000.

On Windows Server 2003 and on Windows XP-based computers, the service can log the following information:

The ports that are used
The processes that use the port
Whether a process is a service
The modules that a process loaded
The user accounts that run a process

On Windows 2000-based computers, the service logs the ports that are used and when the ports are used.

You can use the information that is logged by the Port Reporter tool to help you track port usage and troubleshoot certain issues. The information that is logged by the Port Reporter tool may also be helpful for security purposes.

Download the Port Reporter tool
The Port Reporter tool is available from this link on the Microsoft Download Center:
http://www.microsoft.com/downloads/details.aspx?familyid=69ba779b-bae9-4243-b9d6-63e62b4bcd2e&displaylang=en

Important: The Port Reporter Parser tool is a log parser for Port Reporter log files. This tool is now available for download. Port Reporter Parser has many features that can help you analyze Port Reporter log files. You can download the Port Reporter Parser tool from the following Microsoft web site:
http://download.microsoft.com/download/2/8/8/28810043-0e21-4004-89a3-2f477a74186f/PRParser.exe

Installation
Installation is simple. After extracting the file double-click on pr-setup.exe and a popup box will appear asking if you want to install the tool. Answer “y” and the installation will complete. A service will be created and set the setting to manual.

Newly added service

The logs generated by the tool will be set to c:\windows\system32\Logfiles\PortReporter. Three logs will be created when you start the service and will create a new set of three when one of the logs reaches 5 MB in size.

PR-INITIAL-<datestamp>.log
PR-PIDS-<datestamp>.log
PR-PORTS-<datestamp>.log

Start Collecting
Start the service to start the process of collecting information. Keep an eye on disk space on the system, as this tool can chew up space quickly on very busy servers. Once you have run it long enough to collect data, just stop the service.

Reading the Output
Now that you have the data you can read it using Port Reporter Parser developed just to read the files. Download and install it on the server. Once installed open up the tool and it will immediately go and ask for a log to open.

Select the log to view and click OK.

Port Reporter Parser displays the information in a readable format that allows you to drill down on the process to get more details on the process and the ports it is using.

Port details

As you can see PortReporter and PrParser are just one of many free tools available to get information on the communication on a Windows 2003 server. Explore and use the tools and see the other features available.

Keeping Logfiles at Bay with bash

From time to time there are instances in which an application creates logfiles that are big but you need them to fix an issue. Most times these are trace logs. Ran into a similar situation and came up with a short and simple bash script to address the issue.

#!/bin/bash
####################################################################
#  This will look for trace log  and zip them and deleting files older than 2 days
#  The pattern it will zip is trace_*.log
####################################################################
PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin
LOC="/path_to_logs"
pushd ${LOC}

for i in `ls |grep trace |grep -v gz `;do
#echo $i
if  $(lsof | grep $i);then
   echo "File is in use, try later"
else
   gzip $i
   chown nobody:nobody $i.gz
fi
done
   find . -type f -mtime +2 -name 'trace_*.gz' -exec /bin/rm {} \;
popd

Looking at the script we see that it uses LOC variable for the location of the logfile and we are setting a PATH so the commands will find themselves. Basically the script flows as such.

Set the path and location variable, change to the location of the files, find the files and check to see if the file is in use. If the file is in use, skip it and move on to the next. When it finds one, zip it up and change ownership until you are done.

Finally the script then uses find using the -type switch to look for files older than 2 days and deletes them.

The script is generic enough that several of the values can be changed to meet your needs.

Evernote

Recently I found a piece of software that just works perfect for me in keeping track of ideas, notes and items I see but may not be near a computer or a device to write down or record that moment. In steps Evernote to the rescue.

Evernote makes it easy to remember things big and small from your everyday life using your computer, phone, tablet and the web. It is available on all of the major phone and OS’s and is free to use. You can upgrade to premium for $45 per year, which gives you alot of extras.

You’ll get all of Evernote’s standard features, plus:

Create, save and clip 1GB of new content each month
Add up to 50MB of ideas, files and web pages to notes
Search within PDFs attached to your notes
Offline notebooks on Android, iOS and Windows Phone
Share your notebooks and allow others to edit them
Faster recognition of images containing text
Top priority support, plus live chat
Add a PIN to lock the app on iOS and Android
View a history of note versions
Choose to hide promotions and partner ads

The only OS that is not supported is Linux, but that’s not an issue and I am sure there will be a port at sometime when the demand increases, but in the meantime the web interface for Evernote will work just fine. My main target was my phone (iPhone 4), tablet (ASUS Transformer TF101) and my laptop (Windows 7). that covers all my bases when I am mobile and a great idea hits.

Installation is simple and registration is free. Evernote is available in the iTunes store, Google Play and for download from the site.

You can save websites, pictures notes and other items, which is great and convenient. For my purpose it eliminates all the text files off my desktop and transferring from device to device.

So if you are looking for a tool to add to your phone, tablet and computer look no further than Evernote.

Install Adobe Flash Player on Fedora 17 / 16

This document explains how to install Adobe Flash Player Plugin version 11.2 (32-bit and 64-bit) with YUM on Fedora 17/16

Adding Adobe’s YUM repository makes it very easy also keep up-to-date with Flash Player Plugin.

Install Adobe YUM Repository RPM package

Adobe Repository 32-bit x86

$ sudo rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm
$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

Adobe Repository 64-bit x86_64

$ sudo rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-x86_64-1.0-1.noarch.rpm
$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

Update Repositories

$ sudo yum update

Install Adobe Flash Player 11.2

$ sudo yum install flash-plugin nspluginwrapper

Install Google Chrome on Fedora 16/17

This explains how to install Google Chrome on Fedora 16/17.

First we need to add the Google yum repository to your system, for this we will add the 32 and 64 bit repositories.

Create the following file with root privileges.

$ sudo vi /etc/yum.repos.d/google.repo

Add the following contents and save the file.

[google-chrome]
name=google-chrome - 64-bit
baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub

[google-chrome]
name=google-chrome - 32-bit
baseurl=http://dl.google.com/linux/chrome/rpm/stable/i386
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub

Now we are ready to install Chrome.

$ sudo yum install google-chrome-stable

Any dependent packages will be installed and after a short time you will be able to start enjoying Chrome.

If you feel adventurous you can also install Google Chrome Beta or Unstable by running the following commands.

$ sudo yum install google-chrome-beta

$ sudo yum install google-chrome-unstable

Copying Files to Multiple Systems Simultaneously

Have you ever wonder a simple way to copy files and run commands on multiple machines from one command? Well there are several tools available that will allow us to do just that. I will discuss just pssh (Parallel SSH).

pssh (Parallel SSH)

pssh (Parallel SSH) is a command line tool that includes pscp and allows you to send commands and copy files to multiple server via a list or individually. Makes it very easy to distribute commands and files to a few or hundreds of servers.

Installation is pretty simple with Fedora and RHEL.

$ sudo yum install pssh

Say I wanted to copy two files to multiple hosts to the /tmp directory and limit the command to execute to 5 systems at a time and execute as root I would run the following command on RHEL 5.x and higher.

$ pscp.pssh -vA -h ~/myhosts.txt -l id -p 5 -e /tmp upgrade_prog upgrade_prog.tar.gz /tmp/

-vA switch tells pscp to run in verbose mode and ask for a password.
-h switch tells pscp the list of hosts are located in this file and this location.
-p switch says execute on 5 systems at a time
-e switch tells pscp to output the error log to /tmp on my system
Then finally the files to send and the destination on the systems.

NAME
pscp — parallel process kill program
SYNOPSIS
pscp [-vAr] [-h hosts_file] [-H [user@]host[:port]] [-l user] [-p par] [-o outdir] [-e errdir] [-t timeout] [-O options] [-x
args] [-X arg] local remote
DESCRIPTION
pscp is a program for copying files in parallel to a number of hosts. It provides features such as passing a password to scp,
saving output to files, and timing out.
OPTIONS
-h host_file
–hosts host_file
Read hosts from the given host_file. Lines in the host file are of the form [user@]host[:port] and can include blank
lines and comments (lines beginning with “#”). If multiple host files are given (the -h option is used more than once),
then pscp behaves as though these files were concatenated together. If a host is specified multiple times, then pscp will
connect the given number of times.
-H     [user@]host[:port]
–host [user@]host[:port]
-H     “[user@]host[:port] [ [user@]host[:port ] … ]”
–host “[user@]host[:port] [ [user@]host[:port ] … ]”
Add the given host strings to the list of hosts. This option may be given multiple times, and may be used in conjunction
with the -h option.
-l user
–user user
Use the given username as the default for any host entries that don’t specifically specify a user.
-p parallelism
–par parallelism
Use the given number as the maximum number of concurrent connections.
-t timeout
–timeout timeout
Make connections time out after the given number of seconds. With a value of 0, pscp will not timeout any connections.
-o outdir
–outdir outdir
Save standard output to files in the given directory. Filenames are of the form [user@]host[:port][.num] where the user
and port are only included for hosts that explicitly specify them. The number is a counter that is incremented each time
for hosts that are specified more than once.
-e errdir
–errdir errdir
Save standard error to files in the given directory. Filenames are of the same form as with the -o option.
-x args
–extra-args args
Passes extra SSH command-line arguments (see the ssh(1) man page for more information about SSH arguments). This option
may be specified multiple times. The arguments are processed to split on whitespace, protect text within quotes, and
escape with backslashes. To pass arguments without such processing, use the -X option instead.
-X arg
–extra-arg arg
Passes a single SSH command-line argument (see the ssh(1) man page for more information about SSH arguments). Unlike the
-x option, no processing is performed on the argument, including word splitting. To pass multiple command-line arguments,
-O options
–options options
SSH options in the format used in the SSH configuration file (see the ssh_config(5) man page for more information). This
option may be specified multiple times.
-A
–askpass
Prompt for a password and pass it to ssh. The password may be used for either to unlock a key or for password authentica-
tion.   The password is transferred in a fairly secure manner (e.g., it will not show up in argument lists). However, be
aware that a root user on your system could potentially intercept the password.
-v
–verbose
Include error messages from ssh with the -i and \ options.
-r
–recursive
Recursively copy directories.

TIPS
The ssh_config file can include an arbitrary number of Host sections. Each host entry specifies ssh options which apply only to
the given host. Host definitions can even behave like aliases if the HostName option is included. This ssh feature, in combina-
tion with pssh host files, provides a tremendous amount of flexibility.

EXIT STATUS
The exit status codes from pscp are as follows:
0      Success
1      Miscellaneous error
2      Syntax or usage error
3      At least one process was killed by a signal or timed out.
4      All processes completed, but at least one scp process reported an error (exit status other than 0).

As with PSCP you can use PSSH to run Command multiple hosts. The syntax is similar to PSCP.

pssh -vA -h ~/myhosts.txt -l id -p 5 -t 5 -e /tmp -o /tmp hostname

This example is running the hostname command on the list of servers and writes the output to the /tmp directory.

Using the two commands you can accomplish many tasks on multiple servers with a short amount of time and effort.

Update: When pssh or pssh.pscp to a system for the first time you will receive a failure, this is due to the ssh key not existing in your known_hosts file. If you use the -X arg option you can pass -oStrictHostKeyChecking=no ssh parameter and it will add the key to your known_hosts file. Using -x args you can string multiple ssh options.

Example:

pssh -vA -h ~/myhosts.txt -l id -p 5 -t 5 -e /tmp -o /tmp -X "-oStrictHostChecking=no" hostname

Life of a Geek Admin

The Daily adventures of a true geek administrator

Monthly Archives: June 2012