One of our little cherubs decided to put a supervisor(bios) password on a laptop that didn’t have the supervisor password already set.  It has been a few years since I’ve had to clear one of these passwords as I don’t do much in the way of workstation helpdesk tasks anymore.

In the old days, you just moved the jumper for the the CMOS reset and that was pretty much it.

On these new laptops, apparently the only way to reset the password, is to replace the motherboard.   Yes, that’s not a typo.  You have replace the whole effing motherboard!  Who came up with that design?  If the ignition core on my car breaks, do I need to get a new engine?  I don’t even know what to say, it’s crazy.  What possible reason could there be to have such a horrid design flaw?

Update:  I found this article on The Register confirming the absurd policy.

http://www.theregister.co.uk/2010/03/01/thinkpad_password_reset_hard_luck/

SMTP notification configured to be sent from Backup Exec for Windows Servers, requiring authentication to the SMTP server, fails to be sent:

http://seer.entsupport.symantec.com/docs/290886.htm

Basically, it says, “we’re not fixing it”.  Why the hell do you put an option into a program, that doesn’t work and you acknowledge doesn’t work, and don’t plan on fixing it?

Sure, that phone will ring, but too bad if you want to dial with it as there are no numbers and we don’t plan on adding any numbers to it.  Why do we put up with this crap?

I walked in this morning and got logged in.  Shortly after that, I was approached by a coworker stating that the server room was really loud.  I wandered down and heard the server fans screaming away before I even got to the door.  As soon as I opened the door I was blasted by a head wave as hot as some of our mid summer heat waves here in eastern PA.  At first, I felt like I was walking into some crazy bizarro server room.  Every server was flashing amber or red and there was a slight odor of burning electronics.

I quickly realized the 1 year old AC unit had crapped out. The server room has two doors so I opened both doors and grabbed a few box fans to start moving air through the room. I then started to shut down most of the servers and a large chunk of the network gear. Somewhere during that, I called our facilities department and alerted them of the situation. They began to work on the AC unit and determined that a fuse blew, which has been replaced and the unit is back on. The server room is still cooling down now and I have slowly been bringing servers and other equipment back online.

There are a few issues here. Ultimately, things break and we need to have some sort of control of the environment of that room or at the very least, a way to monitor it. First of all, I should have an independent temperature sensor that will alert me when it gets too hot in there. If someone hadn’t alerted me to the problem when they did, there could have been a shit load of issues if equipment started to fail.

The other issue is that I’ve always been toying around with a network monitor system, but I’ve never been able to settle on anything. I’ve mucked around with Zenoss and nagios but I’ve never stuck with anything. I need to just find a proper system and knuckle down and get it configured.

There are lessons to be learned from this morning!

…is to walk away from it for about a month. In this case anyway.

We had a lot of legacy cruft in our network that has been and continues to be slowly phased out.  We have recently replaced our content filter running Bordermanager with a Barracuda 610 web filter appliance…sort of.  There is a legacy web based app which we have to run through the summer.  When I cut everyone over to the Barracuda away from Bordermanager, it broke the web application.  Right now, students go directly through the Barracuda, everyone else goes through the old proxy box which in turn goes through the Barracuda.  That wasn’t really a large issue, but the proxy server has been locking up cold lately.  The only thing that really changes on that box is the web cache processed by the proxy nlm.  Maybe it was choking on something there…or I’m just grasping at straws.  Either way, I don’t think it matters much, since ultimately that box needs to go away.

I finally got to spend a couple of minutes on the problem today.  NSLookups on the hostname worked fine.  But I couldn’t ping it from my test machine.  I could ping it from my own machine without any issues.  I figured out what was going on.  The web app server is on the old legacy 10.0.0.0/8 network where my workstation and the proxy server all reside.  So, routing is no issue there.  The default gateway of the proxy and my machine is our core 4507.  Unfortunatly, due to more legacy issues, the default gateway of the web app server is an old pfsense firewall connected hooked to our old ISP connection so it can’t have a proper gateway to the inside of the network.  That goofy setup is only around because of DNS issues and the fact that Oracle application servers, at least our version, are incredibly stupid and need a complete reload if you want to change the hostname.  There’s more to that story, but suffice it to say, we have to keep this setup until the summer.

To fix the whole mess, or rather duct tape it together, I just configured static routes into pfsense for the rest of the network.  So, maybe walking away for an hour would have worked, I just chose a month.  Also, this is a testament to keeping things simple.