/bundles/itninjaweb/img/Breadcrumb_cap_w.png

Blog Posts by lcadhelpdesk

Ask a question

Fix for slow network performance on K2000 RSA for version 3.4

Situation:

I deployed 4 RSA VM's across my multiple subnets, configured syncing, and started syncing my images. I noticed that a 7gb image took about 24 hours to sync and came to the realization that it's not, in fact, utilizing gigabit. I changed the network speed from auto-negotiated to 1000mbit full duplex and the device became totally unresponsive. I tried removing the RSA and creating another one with the same results. This is pretty hard to troubleshoot without real access to a command line, so I had to call KACE.

 

Problem identification:

I engaged the KACE support team and eventually determined that when you manually force the speed, it removes the IP address (verified via ifconfig). It would work properly after that point if you manually assigned an IP using ifconfig. The issue was taken to engineering and the determination was made that the current OVF downloaded with a k2000 running 3.4 has the vmware nic set to "Flexible" instead of the normal E1000.

 

The fix:

The fix was to remove the Flexible NIC and replace it with an e1000. After making the change (and the requisite reboot) the RSA booted in about 30% the previously required amount of time, and in Konfig reports the currently negotiated speed (i.e. Speed: Auto-negotiated (1000mbits full duplex)).

 

Our configuration:

HP C7000 blade enclosure, 8 of 16 blades installed, 10gig backplane. VMware ESXi 5, Veeam.

 

Feel free to post any questions and I'll answer as best I can.

View comments (3)

Registry edit to sysprep/generalize more than 3 times.

I'm sure that many of us have encountered this message when running sysprep /generalize "A fatal error occurred while trying to Sysprep the machine."

"But what does it mean?" you may ask... Microsoft's official word is that there is a limit of 3 rearms, poof, that's it. (http://support.microsoft.com/kb/929828) note where it says "To resolve this issue, you must rebuild the Windows image." - not the way I want to spend my weekend! You can append the skiprearm tag to your unattend.xml file, or you can just lift the limit as described below.

For Windows 7, find this key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SoftwareProtectionPlatform\SkipRearm

and change the value to 1. This will allow you to keep running sysprep /generalize. Also of note, you need to do this *each time* as it's not a persistent setting.

View comments (2)

Utilizing RSA's to distribute the load during deployment (K2000)

At present I have ~50 PC's and ~ 250 Macs to deploy to. As we're all well aware, there's no multicasting, no Nic bonding, and no support for interfaces faster than 1gbit on the K2000. My disk images are ~ 70-90gb (thanks, various creative suites!) What I've done is deploy multiple RSA's to the same subnet and locked them to a particular platform, i.e. one RSA has netboot enabled for the Macs, the other RSA is set up as a PXE boot server, and they're only populated with the corresponding disk images. This has permitted me to divide the load between 2 separate devices and upped my (concurrent) deployment speed slightly. The next step would ideally be something from KACE to allow the primary machine to distribute traffic; I see this as a way to have the primary K2000 act as a traffic director for load balancing purposes. Hopefully a feature like this is somewhere in the pipeline. Any thoughts or input?

View comments (1)

My postinstall scripts for after K2000 deployment (works in deploystudio and other options as well) - binds to AD, renames computer, applies many other OS customizations.

Please feel free to add any comments if you have any questions (or comments) - that's how we all learn! Note: this is an ever-evolving script that I'm constantly refining. Some of it's "original work" other parts are cobbled together from older scripts, etc. Tested and working on 10.7.1, 10.7.2, and 10.7.3.

 

__________________________________________

 

#!/bin/bash

 

#setup information

# enter your FQDN below

domain="domain.dom"

 

# enter a username with domain admin privs

diradmin="adbind"

 

# domain admin password

password="password"

 

# container

ou="ou=comp,DC=domain,DC=dom,"

#end of setup information

#################################

 

#rename computer with current DNS name

ip=`ifconfig en0 | grep "inet "|awk '{print $2}'`

asset=`host $ip |awk '{print $5 $6}' |awk -F. '{print $1}'`

echo Updating various computer names.

scutil --set HostName $asset

scutil --set ComputerName $asset

scutil --set LocalHostName $asset

 

# make sure AD is active

defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" "Active"

plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist

 

# bind machine to AD

dsconfigad -force -add $domain -computer $asset  -username "$diradmin" -password "$password" -ou "$ou"

 

# add AD to search path

searchpath="/Active Directory/$domain"

dscl /Search -append / CSPSearchPath "$searchpath"

dscl /Search -create / SearchPolicy dsAttrTypeStandard:CSPSearchPath

dscl /Search/Contacts -append / CSPSearchPath "$searchpath"

dscl /Search/Contacts -create / SearchPolicy dsAttrTypeStandard:CSPSearchPath

 

#disable automatic login

defaults delete /Library/Preferences/com.apple.loginwindow autoLoginUser

srm /etc/kcpassword

 

#bind to ntp server, sync time, set timezone

systemsetup -settimezone America/Los_Angeles -setusingnetworktime on -setnetworktimeserver time.nist.gov

 

#adjust sleep cycle

pmset -a displaysleep 30 disksleep 10 sleep 0

 

#disable graphical login; otherwise you can't log into AD accounts

defaults write /Library/Preferences/com.apple.loginwindow HideLocalUsers -bool false

 

#this allows you to point client machines at your desired local OSX update server. We use reposado (ubuntu based OSX software update server)

defaults write com.apple.SoftwareUpdate CatalogURL 'http://yourcatalogs'

 

#disable automatic login

defaults delete /Library/Preferences/com.apple.loginwindow autoLoginUser

srm /etc/kcpassword

 

# Enable the 2D Dock

defaults write com.apple.dock no-glass -bool true

 

# Disable window animations and Get Info animations in Finder

defaults write com.apple.finder DisableAllAnimations -bool true

 

# Automatically open a new Finder window when a volume is mounted - handy for students with external drives

defaults write com.apple.frameworks.diskimages auto-open-ro-root -bool true

defaults write com.apple.frameworks.diskimages auto-open-rw-root -bool true

defaults write com.apple.finder OpenWindowForNewRemovableDisk -bool true

 

# stop reopening windows after a reboot

defaults write com.apple.loginwindow TALLogoutSavesState -bool false

defaults write com.apple.loginwindow LoginwindowLaunchesRelaunchApps -bool false

 

# Empty Trash securely by default

defaults write com.apple.finder EmptyTrashSecurely -bool true

 

# Avoid creating .DS_Store files on network volumes - Windows servers, mac clients - keep those .ds_store files off the servers!!!

defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true

 

# Disable menu bar transparency

defaults write NSGlobalDomain AppleEnableMenuBarTransparency -bool false

 

#set power on/power off cycle

pmset repeat shutdown MTWRFSU 1:00:00 wakeorpoweron MTWRFSU 08:00:00

 

#reboot machine

reboot

View comments (4)

Quick script to rename Macs with the name defined on your DNS server.

Background: we've got several hundred machines with IP addresses assigned via the DHCP server. All the machines have named entries in the DNS server. My goal was to write a script that would rename the computer with the DNS name defined on the DNS server. Basically, does a reverse lookup of it's IP address, and uses the resulting DNS name to label the computer. Script assumes that ethernet 0 is being used.

 

# This queries the DNS server to get the computer name.

ip=`ifconfig en0 | grep "inet "|awk '{print $2}'`
asset=`host $ip |awk '{print $5 $6}' |awk -F. '{print $1}'`
echo Updating various computer names.
scutil --set HostName $asset
scutil --set ComputerName $asset
scutil --set LocalHostName $asset

Be the first to comment
Showing 1 - 5 of 5 results

Top Contributors

Talk About K2000 post-imaging