WMI Class for Windows Operating Systems

in a command window (cmd) type wmic OS get OperatingSystemSKU --- to check operating system version

Note: Windows Server 2003 and lesser version - this property is not available.

The number that is returned corresponds with Microsoft's list of SKU numbers for Windows Server:

• 0- Undefined
• 1- Ultimate Edition
• 2 -Home Basic Edition
• 3- Home Premium Edition
• 4- Enterprise Edition
• 5 -Home Basic N Edition
• 6- Business Edition
• 7 -Standard Server Edition
• 8- Datacenter Server Edition
• 9- Small Business Server Edition
• 10 -Enterprise Server Edition
• 11- Starter Edition
• 12- Datacenter Server Core Edition
• 13- Standard Server Core Edition
• 14 -Enterprise Server Core Edition
• 15- Enterprise Server Edition for Itanium-Based Systems
• 16- Business N Edition
• 17- Web Server Edition
• 18 -Cluster Server Edition
• 19- Home Server Edition
• 20- Storage Express Server Edition
• 21- Storage Standard Server Edition
• 22 -Storage Workgroup Server Edition
• 23- Storage Enterprise Server Edition
• 24- Server For Small Business Edition
• 25- Small Business Server Premium Edition

wmic OS get OSArchitecture ---- to check operating system architecture
wmic os get Name ---Operating System Name
wmic os get BootDevice, BuildNumber, BuildType, Version
wmic os get ServicePackMajorVersion, ServicePackMinorVersion

Other useful properties are below which you can use with wmic OS get property-name

1. CurrentTimeZone
2. FreePhysicalMemory
3. FreeSpaceInPagingFiles
4. FreeVirtualMemory
5. InstallDate
6. LastBootUpTime
7. LocalDateTime
8. Locale
9. Manufacturer
10. MaxNumberOfProcesses
11. MaxProcessMemorySize
12. NumberOfLicensedUsers
13. NumberOfProcesses
14. NumberOfUsers
15. OSLanguage
16. OSProductSuite
17. OSType
18. OtherTypeDescription
19. ProductType
20. RegisteredUser
21. SerialNumber
22. ServicePackMajorVersion
23. ServicePackMinorVersion
24. SizeStoredInPagingFiles
25. Status
26. SystemDevice
27. SystemDirectory
28. SystemDrive
29. TotalSwapSpaceSize
30. TotalVirtualMemorySize
31. TotalVisibleMemorySize
32. WindowsDirectory

FRM-40735:ON-ERROR trigger raised unhandled exception ORA-06508

after converting older version of Oracle forms to forms 10g using Forms Migration Assistant, you are not able to open the application or login to the application via web. when accessed from developer suite 10g it will run without any problems. one of the problem could be the path of the PL/SQL library attached to it.

in older version of forms the library path is mapped to the client pc and the forms application refer to the mapped drive letter for eg: z:\plls

in web there is no absolute path. it is relative that means there is no need to specify the path. it will automatically refer the path.

now for your converted/migrated forms to work, open the form in forms developer 10g, you might get a message that cannot attach PL/SQL library and when the form is open you lose the library attachment.sometimes you won't get the message but still you won't be able to access the application/module from web.

remember the library name that is attached with form module.now click on Attached Libraries and in the plus sign, locate the pll and add if prompted to remove the path, click on yes. now if you got the property pallette of attached library you can see that path is removed. save the form, compile and access from web . there you are !

you need to repeat this for each form.

Load balance web application without an hardware load balancer

Here is a vb script to access web application load balancing the user requests . you don't need a hardware load balancer but the users will be accessing different servers depending on the number of processes for the application on each server.

On Error Resume Next
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
strComputer1 = "x.x.x.x"
strComputer2 = "y.y.y.y"
strx = "domain-user"
stry = "password"
strDomain = "domain-name"
dim objShell
set objShell = CreateObject("Shell.Application")
str1 = "applicationlink1"
str2 = "applicationlink2"
str3 = "http://www.google.com"
str4 = "applicationlink3"

//Locate the computers

Set objWMIService1 = objLocator.ConnectServer(strComputer1, "root\cimv2",strx,stry,"MS_409","ntlmdomain:" + strDomain)
Set objWMIService2 = objLocator.ConnectServer(strComputer2, "root\cimv2",strx,stry,"MS_409","ntlmdomain:" + strDomain)

//Ping the computers

Set colPingedComputers1 = objWMIService1.ExecQuery ("Select * from Win32_PingStatus Where Address = 'x.x.x.x'")
Set colPingedComputers2 = objWMIService2.ExecQuery ("Select * from Win32_PingStatus Where Address = 'y.y.y.y'")

//check if both servers are offline open http://www.google.com

For each objComputer1 in colPingedComputers1
If objComputer1.StatusCode <> 0 Then
For each objComputer2 in colPingedComputers2
If objComputer2.StatusCode <> 0 Then
strMessage = "No Servers are Online"
MsgBox strMessage
objShell.ShellExecute str3, "", "", "open", 3
set objShell = nothing
set objComputer2 = nothing
End If
Next
set objComputer1 = nothing
End If
Next

//if server2 is online and server1 is offline execute application link2

For each objComputer1 in colPingedComputers1
If objComputer1.StatusCode <> 0 Then
For each objComputer2 in colPingedComputers2
If objComputer2.StatusCode = 0 Then
objShell.ShellExecute str2, "", "", "open", 3
set objShell = nothing
set objComputer2 = nothing
End If
Next
set objComputer1 = nothing
End If
Next

//if server1 is online and server2 is offline execute application link1

For each objComputer2 in colPingedComputers2
If objComputer2.StatusCode <> 0 Then
For each objComputer1 in colPingedComputers1
If objComputer1.StatusCode = 0 Then
objShell.ShellExecute str1, "", "", "open", 3
set objShell = nothing
set objComputer1 = nothing
End If
Next
set objComputer2 = nothing
End If
Next

//if server1 and server2 are online execute link checking for the number of processes on each computer and also specify a maximum limit.

For each objComputer1 in colPingedComputers1
If objComputer1.StatusCode = 0 Then
Set colProcessList1 = objWMIService1.ExecQuery ("Select * from Win32_Process Where Name = 'application-name.exe'")
For each objComputer2 in colPingedComputers2
If objComputer2.StatusCode = 0 Then
Set colProcessList2 = objWMIService2.ExecQuery ("Select * from Win32_Process Where Name = 'application-name.exe'")
End If
set objComputer2 = nothing
Next
If colProcessList1.Count > 100 And colProcessList2.Count > 100 Then
objShell.ShellExecute str4, "", "", "open", 3
set objShell = nothing
Else If colProcessList1.Count < colProcessList2.Count Then
objShell.ShellExecute str1, "", "", "open", 3
set objShell = nothing
Else if colProcessList2.Count < colProcessList1.Count Then
objShell.ShellExecute str2, "", "", "open", 3
set objShell = nothing
Else
objShell.ShellExecute str1, "", "", "open", 3
set objShell = nothing
End If
End If
End If
set objComputer1 = nothing
End If
Next

BizTalk Server 2009 pre-requisites

Preparing your computer for installation

1. Install any critical updates for Windows®

2. Enable Internet Information Services (IIS) 6.0 or 7.0

3. Install Microsoft Office Excel® 2007

4. Install Visual Studio® 2008 with Service Pack 1 (SP1)

5. Install SQL Server® 2008 or SQL Server 2005 with Service Pack 2 (SP2 )

6. Install SQL Notification Services (required only for BAM Alerts)

7. Install Microsoft Management Console 3.0 (required only for Windows Server 2003 and Windows XP)

8. Install prerequisites for MQSeries Agent

9. Configure ASP.NET 2.0 for 64-bit Mode*

10. Install Windows SharePoint Services 3.0 with Service Pack 1 (SP1)*

11. Configure ASP.NET 2.0 for 32-bit mode*

12. Configure Default Web Site for ASP.NET 2.0*

13. Configure Windows SharePoint® Services*

14. Extend the Default Web Site as a Virtual server*

15. Disable shared Memory Protocol

16. Join the local Administrators group

17. Configure the Application Event Log

18. Enable TCP/IP and named pipes in the SQL Server Configuration Manager

19. Enable Microsoft Distributed Transaction Coordinator (MS DTC) on the Local Host Server (LHS)

20. Before installing and configuring BizTalk Server 2009 in a multicomputer environment, you must enable network DTC access and network COM+ access on all computers running Windows Server 2003 SP1 or later where you will install BizTalk Server.

21. SQL Server Client Tools must be installed on the local computer when SQL Server is remote. The version of the SQL Server Client tools on the local computer must be the same version that is installed on SQL Server.

22. SQL Server OLAP client must be installed on the local computer if you plan to use Analysis Services remotely.

23. The remote SQL Server must be running during BizTalk Server configuration

24. The TCP and UDP ports you specified during the SQL Server setup process must be open during BizTalk Server configuration.

25. Named instances of SQL Server 2005 Analysis Services are not supported.

*Only necessary if you are using the Windows SharePoint Services Adapter Web Service.

Logon Types in MS Windows

It is time to understand all the logon type so here I am adding them for my future reference.

the logon/logoff category of the Windows security log gives you the ability to monitor all attempts to access the local computer. Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons).

Type	Logon	Description
0	System Only	-
1	Unknown	-
2	Interactive	this is logged when you attempt to log on at a Windows computer’s local keyboard and screen
3	Network	This logon occurs when you access remote file shares or printers. Also, most logons to Internet Information Services (IIS) are classified as network logons, other than IIS logons that use the basic authentication protocol (those are logged as logon type 8).
4	Batch	This is used for scheduled tasks. When the Windows Scheduler service starts a scheduled task, it first creates a new logon session for the task, so that it can run in the security context of the account that was specified when the task was created.
5	Service	This is used for services and service accounts that log on to start a service. When a service starts, Windows first creates a logon session for the user account that is specified in the service configuration.
6	Proxy	-
7	Unlock Workstation	This is used whenever you unlock your Windows machine.
8	Network Clear Text	This is used when you log on over a network and the password is sent in clear text. This happens, for example, when you use basic authentication to authenticate to an IIS server.
9	New Credentials	This is used when you run an application using the RunAs command and specify the /netonly switch. When you start a program with RunAs using /netonly, the program starts in a new logon session that has the same local identity (this is the identity of the user you are currently logged on with), but uses different credentials (the ones specified in the runas command) for other network connections. Without /netonly, Windows runs the program on the local computer and on the network as the user specified in the runas command, and logs the logon event with type 2.
10	Remote Interactive	This is used for RDP-based applications like Terminal Services, Remote Desktop or Remote Assistance.
11	Cached Interactive	This is logged when users log on using cached credentials, which basically means that in the absence of a domain controller, you can still log on to your local machine using your domain credentials. Windows supports logon using cached credentials to ease the life of mobile users and users who are often disconnected.

Event ID 528 - Logon Process Advapi & Type 4

my event viewer shows a suspicious logon process Advapi with logon type 4 and event id 528 . searching in the computer I couldnot find advapi.exe file which is supposed to be a security risk virus. well I am little bit relaxed now, there is no virus in the system. later I found out there is advapi32.dll ,a google search told me that advapi32.dll is a part of an advanced API services library supporting numerous APIs including many security and registry calls.It is a non essential process however it should not be removed if not causing any problems. It is just a runtime library, The service logon calls are in Advapi.

now my turn is to check the logon type 4 which in turn is a batch process that doesn’t sound good .another search in the www gave me scheduled tasks uses this type. Here I got my answer I have a scheduled task running everyday at 6:00 AM. When checked for the event-id it is logged at the same time !.

Synchronisation problem with SharePoint Databases

the event id 5553 and 7888 were shown in the event log.

to solve the synchronisation problem with old databases in Sharepoint  run

stsadm -o sync -listolddatabases 0 

Now run a Select Query on the Config Databases “dbo.Objects” table and look for
the GUID that matches the listed GUID.

Database: Sharepoint_Config
Table:  dbo.Objects 

SELECT Id, ClassId, ParentId, Name, Status, Version, Properties
FROM Objects
WHERE (Id = '5bafe2af-43o7-4043-a36d-2856xvr788e2') -change the id to yours

if there is no data for any id there is problem with sync so delete the sync
information by running the below command  

stsadm -o sync -deleteolddatabases 0 

FRMWEB trying to connect through AD LDAP

I found a weird problem this week that frmweb.exe is connecting to Microsoft Active Directory Port 389 ie., LDAP which i haven't configured to do so. and our application do not use AD LDAP to authenticate users.

problem: open the oracle forms application. it takes long time to get the main login screen. tnsping take long time to connect and connection time is 0ms !!

reason: the netstat monitor shows the server first connects to AD LDAP. it spends more than a minute sometimes then connect to the real oracle application database.

the tnsping.exe also gave the same result. so the thing got to check is sqlnet.ora file in the network\admin folder of oracle home.

solution: hashed the NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES, EZCONNECT, ONAMES, HOSTNAME) entry in sqlnet.ora file

# NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES, EZCONNECT, ONAMES, HOSTNAME).

voila! there it goes

but it was working fine for years untill the problem last week. what could have caused it? still annoying me :(

NETSTAT Commands in Windows

Though there are many tools to monitor the network connectivity .This command is often used by me in first place to check functioning of network. It helps to see what connections are present.

netstat [-a][-b][-e][-f][-n][-o][-p proto][-r][-s][-t][interval]

Table I. Switches for Netstat command
Switch	Description
-a	Displays all connections and listening ports
-b	Displays the executable involved in creating each connection or listening port. (Added in XP SP2.)
-e	Displays Ethernet statistics
-f	Displays Fully Qualified Domain Names for foreign addresses. (In Windows Vista/7 only)
-n	Displays addresses and port numbers in numerical form
-o	Displays the owning process ID associated with each connection
-p proto	Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6.
-r	Displays the routing table
-s	Displays per-protocol statistics
-t	Displays the current connection offload state, (Windows Vista/7)
-v	When used in conjunction with -b, will display sequence of components involved in creating the connection or listening port for all executables. (Windows XP SP2, SP3)
[interval]	An integer used to display results multiple times with specified number of seconds between displays. Continues until stopped by command ctrl+c. Default setting is to display once,

Checking TCP/IP connections:

TCP and UDP connections and their IP and port addresses can be seen by entering a command combining two switches: netstat –an

Table II. Description of various connection states
State	Description
CLOSED	Indicates that the server has received an ACK signal from the client and the connection is closed
CLOSE_WAIT	Indicates that the server has received the first FIN signal from the client and the connection is in the process of being closed
ESTABLISHED	Indicates that the server received the SYN signal from the client and the session is established
FIN_WAIT_1	Indicates that the connection is still active but not currently being used
FIN_WAIT_2	Indicates that the client just received acknowledgment of the first FIN signal from the server
LAST_ACK	Indicates that the server is in the process of sending its own FIN signal
LISTENING	Indicates that the server is ready to accept a connection
SYN_RECEIVED	Indicates that the server just received a SYN signal from the client
SYN_SEND	Indicates that this particular connection is open and active
TIME_WAIT	Indicates that the client recognizes the connection as still active but not currently being used

Checking for malware by looking at which programs initiate connections

To find out which programs are making connections with the outside world, we can use the command netstat -b

Actually, it is better to check over a period of time and we can add a number that sets the command to run at fixed intervals. Also, it is best to create a written record of the connections that are made over some period of time. The command can then be written

netstat -b 5 >> C:\connections.txt

netstat 5 is used for a period with 5 seconds interval. Use ctrl C to stop execution

find the PID in task manager and related program to add PID colum in task manager go to view and all column. You can end a pid program related from task manager.

we can use combination of switches for eg: netstat -ano or netstat -nb 20