EqualLogic SAN HQ and VC++ issue

When installing Dell EqualLogic SAN HQ 3.10 on a new server, I ran into an issue where the installer looked like it needed to deliver a message about the VC++, but nothing appeared.

I tried installing various versions of the VC++ Redistributable, until I finally hit the right one:

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17

Once this was installed, my installation of SAN HQ proceeded normally.


Read More

Dell 2162ds KVM Network Connect Error

I have a Dell 2162ds KVM switch in my server room for out-of-band management instead of individual DRAC cards.

I recently went to use this, but the Java connection produced an error of “Network Connect Error”.

Luckily someone already found a workaround for this issue here.

Here’s how to get it to work:

  1. Run Notepad as Administrator
  2. Navigate to C:\Program Files (x86)\Java\jre1.8.0_65\lib\security
  3. Open the file “Java.Security”
  4. Find the line that looks like this: jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
  5. Remove this text from that line: “, DH keySize < 768”
  6. Save the text file

Now your KVM session should start properly.

Read More

Network up but DNS mysteriously broken

I was recently troubleshooting a computer for a family member, where they reported “I can’t access the Internet” and the resolution was something I’ve never seen before.

This was a laptop with both an Ethernet and Wifi connection. They were both set to DHCP with dynamic DNS, and IPCONFIG displayed the correct information.

I could ping to confirming network connectivity, and an NSLookup found my gateway acting as a DNS server which could properly resolve external names.

However, as soon as any browser attempted to access a DNS name, it failed. Chrome gave a “DNS_Probe_Finished_Nxdomain” error, and IE simply stated “Page could not be found”.

I checked the Hosts file for malicious entries, ensured no proxy was enabled within IE, and verified the routing table was all normal.

I ran ComboFix and GMER to look for rootkits, and started the computer in Safe Mode with Networking but none of these resolved the issue.

Finally I decided to install WireShark and run ProcessMon while the browser connection was made, in an attempt to see where these requests were going.

When trying to run WireShark after the install though, it gave an error about a missing “dnsapi.dll” file. I verified the file was in the proper location (c:\windows\system32), but on a hunch decided to refresh it from SFC with this command:

sfc /scanfile=c:\windows\system32\dnsapi.dll

The output confirmed a corrupted file was replaced, and then I rebooted Windows. Once it came back up, all external browsing worked!

I suspect that some malware had gotten onto this machine and modifed the dnsapi.dll file, but at some point had been partly removed.

This one left me confused for a while, so hopefully this helps anyone else coming across the issue.


Read More

Nagios incorrect Hostname

I have certain infrastructure monitored by the parent company’s Nagios environment, and as such I’m not well versed in its setup or configuration. However I’ve recently been receiving notifications for hosts where the Host Name does not match it’s actual defined values.

For example, I’ll receive an email stating:

Host: Office #2 (server #1)

where I would normally expect it to display “Office #1”.

This led me down a path of learning a bit about Nagios.

First I browsed through the host monitoring to where the email notifications are displayed. Here I was able to determine the command used to populate the notification body:

/usr/bin/printf "%b" "** Nagios **\n\nAlert type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$ ($HOSTALIAS$)\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" |

The bolded $HOSTNAME$ there is where the incorrect data was coming from. Google tells me this is set in the host definition config file, which in my environment was located on the Nagios server here:


Finding my server definition in that file showed that it was entered correctly.

I got lucky with more google search terms and came across this link.

It appears that Nagios uses a “retention.dat” file which is effectively caching old values, and this file is referenced during notifications.

This file was found here in my environment:


I’ve asked my Nagios administrator to update this file, and I’ll update this post if it proves to be successful.


Read More