Burn DVDs from the Windows command line

Posted on By Mark Wilson

Sony DWG120A DVD recorder
A few weeks back, I bought myself a Sony DWG120A DVD±RW dual layer recorder. Although I picked mine up as a £29.99 brown box deal in PC World, it is available for less on the ‘net (but that would have involved shipping costs and delays).

It was a two-minute installation (open case, swap out old CD drive, insert and connect new DVD drive, close case) but I soon found out that Windows XP’s support for DVD writing is not very good – it can write CDs natively but even with a DVD burner that interface is restricted to CDs – one feature that I’d expect Microsoft to have fixed by now. I didn’t have much luck with Windows Vista beta 2 and the NEC DVD burner in my notebook PC either and my copy of Nero was no use, as I found that it is an OEM version and so is tied to that OEM’s devices – all I could do with my Sony drive was write to a generic image recorder device (which would at least allow me to create ISO images).

A couple of years back, I wrote about a utility for burning CDs from the command line and so I started googling for a DVD equivalent. A Windows FAQ article by John Savill, entitled How can I burn a DVD image from the command line? pointed me in the direction of a Microsoft resource kit tool called dvdburn.exe and that did the trick. It’s a really simple utility, that does exactly what it says – it burns DVDs (using the syntax dvdburn dvddrive filename). The result:

Media type: DVD+R
Preparing media…
– 100.0% done
Finished Writing
Waiting for drive to finalize disc (this may take up to 4 minutes)……………………
Success: Finalizing media took 22 seconds
Burn successful!

Installing VMware Server on Fedora Core 5

Posted on By Mark Wilson

Fedora logo VMware logoA few months back, I wrote about having converted the Windows XP installation on my company-supplied notebook PC to a virtual machine and was running it quite happily on Windows Vista using VMware Player. Unfortunately, it’s been slowing down (to the point that booting the Vista host, then the XP guest and logging in was taking me 15 minutes every day), so this week I rebuilt the host system. It’s still not the Vista/Linux dual boot setup that I originally intended, but I’m running a bit short on hard disk space and consequently I’m still using a single host operating system (this time it’s Fedora Core 5 as I couldn’t get SUSE 10 to install on my Fujitsu-Siemens Lifebook S7010D) with VMware Server (I could have used the player again but the server product has now been released and it’s free too).

I don’t know what was wrong with the original setup – although it ran well at first, performance in both the host and guest operating systems became noticeably degraded at times but I was using a combination of a beta host operating system, a 5400RPM laptop hard disk and the VMware Player (which is probably not optimised for Vista either) what I can say is that running XP under VMware Server on Fedora rocks, even though Fedora is not a supported host operating system for VMware Server.

Incidentally, virtual machine (VM) performance can be improved by moving the VM to a separate disk and a colleague, Garry Martin, also suggested that improvements can be made by binding the VMnet adapters to a separate network interface; however in this case I only have one permanent Ethernet connection and do not want to have to connect an external disk each time I load my Windows XP environment.

Despite following the relevant sections in the VMware Server administration guide, because I used a Linux workstation distribution (and an unsupported one too), the installation of VMware Server was not entirely straightforward, but I got it working eventually and this is what I had to do:

  • Download VMware Server (v1.0.1 – build 29996 – server and client components) and register for a serial number.
  • In addition to the standard Fedora components, install the following (using the pirut Package Manager, yum or an equivalent method):
    • gcc (v4.1.1-1.fc5.i386)
    • gcc-c++ (v4.1.1-1.fc5.i386)
    • kernel-devel (v2.6.17-1.2174_FC5.i686)
    • xinetd (v2:2.3.13-6.2.1.i386)
  • Elevate permissions to root (su –).
  • Run the VMware Server installer (rpm -Uvh VMware-server-1.0.1-29996.i386.rpm).
  • Before running the vmware-config.pl script, Download the VMware any-any update (I used v1.04 – thanks to Jean-Pierre Wenzel for highlighting the existence of this unofficial patch and the need to install kernel-devel).
  • Extract vmware-any-any-update104.tar.gz and then execute ./runme.pl (this will call vmware-config.pl, allowing for the acceptance of the VMware end user license agreement, configuration of networking, specification of the server console port, definition of the location of virtual machine files and entry of the VMware serial number). If the patch is working correctly then all the prompts should work at their defaults; however it may be necessary to answer the question “What is the location of the directory of C header files that match your running kernel? [/usr/src/linux/include]” with /usr/src/kernels/2.6.17-1.2174_FC5-i686/include (or another version of the kernel-devel tools). Building the vmmon module will fail if gcc and gcc-c++ are not present and the configuration script will have to be re-run if it finds that inetd or xinetd are not installed.
  • Unzip the client installer (VMware-server-linux-client-1.0.1-29996.zip)
  • Install the VMware Server Console (rpm -Uvh VMware-server-console-1.0.1-29996.i386.rpm).
  • Run the vmware-config-server-console.pl script (not vmware-config-console.pl as stated in the documentation).
  • Drop back to a standard user account (exit) and run the vmware shell script (a wrapper for the real binaries) to start up the VMware Server Console.
  • Create and run virtual machines as normal although there were a couple more points worth noting:
    • After copying virtual machine files across from the original Windows Vista installation, I needed to make some edits to the configuration to reflect changes in file names (e.g. disk locations) to Unix formats (\ to / etc.).
    • I created a group called vmware and ran chgrp vmware filename against the VM files so that any user in the vmware group could run the VMs (not just root).

Some configuration items may have been carried out in a slightly different sequence as I tried various advice and encountered a number of issues before I got everything working but the image below shows the end result:

Windows XP in VMware Server running on Fedora Core 5

So far, the only issue I have found is with the guest operating system clock (which is not keeping time). This could be because I originally installed VMware Tools from a Windows version of the Virtual Server beta – I’ll install the correct version next week to see if it makes any difference. In any case, performance is very good – in fact, when running full screen, it would be very difficult to tell that the Windows XP guest is not running on native hardware.

New bookmarking links

Posted on By Mark Wilson

This blog is overdue for redesign, but I barely have time to write posts at the moment so a new layout (using improved CSS and standards-compliant XHTML) will be a while coming yet; however I have been tinkering a little bit with the template and I just added bookmark links on the bottom of each post.

The trouble with social bookmarking sites and customised start pages is that there are so many of them – I used start.com (now renamed Windows Live) for a while, I have a Google personalised home page (that I don’t really use) and last night I had a play around with Protopage.

3spots has provided icons and details for over a hundred bookmark buttons but for now I’ve just put in del.icio.us del.icio.us, Digg Digg, Google Google Bookmarks, Technorati Technorati Favorites, Windows Windows Live and Yahoo Yahoo MyWeb.

Note that the 3spots site uses a Creative Commons attribution non-commercial sharealike licence and, even though I haven’t got around to switching this site over to Creative Commons yet, any reuse of the del.icio.us, Google, Technorati, Windows and Yahoo icons above is subject to the same terms (I got the Digg one from Digg).

It looks a bit messy right now so I may adjust the layout slightly over time but please let me know if there is another one that you’d really like to see and, if there is enough interest, I’ll add it.

Finally, if I write something that you think might be interesting to others, please click on the Digg Digg It! link.

The IBM PC – 25 years old today

Posted on By Mark Wilson

After reporting on the 15th anniversary of the world wide web earlier this week, there’s another important milestone in computing history to highlight today – the 25th birthday of the original IBM PC – the 5150.

IBM PC

Whilst the 5150 was not the first personal computer, the use of components that were available to other manufacturers led to the development of IBM-compatible PCs and today’s PCs and PC servers are direct descendents from the original IBM PC, albeit much more powerful than the 4.77MHz Intel 8088 with between 16 and 640KB of RAM.

Amstrad PPC640

I didn’t get my first IBM-compatible PC until 1988 when my parents bought me an Amstrad PPC640 portable computer (it’s still in my loft at home) with an NEC V30 8MHz processor, 640KB of RAM, a full-size 102-key keyboard, two 720KB 3.5″ floppy disk drives and a 2400 baud modem (which my secondary school let some of my friends and I use for short periods of time to access bulletin boards). It was best described as “luggable” but, paired with the Citizen 120D dot matrix printer (that I also still have at home), it was more than adequate for word processing and saw me through my first year at Uni’ until I used all my childhood savings to buy an Intel 80386-based PC clone with a 1MB graphics card, MS-DOS 5.0, and Windows 3.0.

Fast forward 15 years and you can pick up a PC for just a couple of hundred pounds – or, if you’ve got a few thousand to spend then it’s possible to specify some very high specification PC servers! Earlier this week I was specifying some servers for a virtualisation solution that I’m working on. Each of these servers is an HP DL585 with 4 dual-core 2.6GHz AMD Opteron 64-bit CPUs, 32GB of RAM and has a fibre-channel connection to an HP Modular Storage Array with many terabytes of data storage. How mighty oaks from little acorns grow.

Delegation of Active Directory administration (using Quest ActiveRoles Server)

Posted on By Mark Wilson

Recently, I’ve been working with a client who has an extraordinarily high number of users with domain administrator rights (i.e. those who are members of the Domain Admins group). The problem is historic and they are in the process of moving from Windows NT to Active Directory (AD); whilst AD allows for delegation of control over objects (although best practice dictates that delegation occurs at organisational unit level), under NT the limit for delegation was the domain.

In order to reduce the number of Domain Admins, I’ve been producing a delegation model for AD administration that is intended to provide a pragmatic balance between the granular control that AD can provide and the access requirements of each support team, yet still remains realistic from a management perspective. One major issue is that, whilst Microsoft provides several-hundred pages of documentation and a delegation of control wizard, there are no native tools to keep track of the objects over which control has been delegated. Consequently it’s often necessary to resort to third party tools.

One such tool is ActiveRoles Server (ARS) from Quest Software. Quest inherited this technology with their acquisition of Aelita Software (they had previously inherited another product, now known as ActiveRoles Direct, when they purchased FastLane Technologies). Installed onto a Windows server (which should be secured as any domain controller would be), the current incarnation of the product, uses a SQL Server database for configuration data (rather than schema extensions as some previous products did) and publishes itself as a connection point object within AD. The configuration database can be mirrored via SQL replication for redundancy, with one server acting as a publisher and one as a subscriber whilst the connection point model allows for load balancing between the two servers.

In terms of management, ARS can be administered using a Microsoft management console (MMC) snap-in, a browser interface, or using AD services interface (ADSI). By default, ARS will bind to the first AD domain controller that it finds, although this can be overridden in the management toolset.

Despite not extending the AD schema, ARS allows additional attributes to be stored for an object. These attributes are placed within the ARS configuration database and can be used for provisioning (e.g. conditional filtering on attributes) or for storing additional information on a user (e.g. staff ID number). Propagation of directory data to other LDAP directories and Microsoft Identity Integration Server (MIIS) are supported via Quick Connect for ActiveRoles Server and Unix support can be provided using through a support pack for Vintela Authentication Services. ARS can also expose attributes that are not normally visible in the standard Active Directory Users and Computers MMC snap-in.

In order to allow for user rights to be elevated as required, user access is proxied via the ARS service account, which should be given the highest level of permissions that will be allowed (e.g. Domain Admins). This means that all access is via ARS, allowing for auditing and reporting of rights use. Quest’s recommendation is that users are not assigned native rights within Active Directory (beyond the standard read-only permissions given to an authenticated user). In this way, all rights can be managed via ARS (otherwise privileged users could circumvent ARS, avoiding any auditing of their actions); however there is also an option for ARS-delegated rights to be propagated to Active Directory if required.

Some ARS terminology includes:

  • Access templates: pre-defined role descriptions controlling what a user can/cannot do. ARS allows further granularity than native AD rights – for example controlling which attributes a particular user can edit on an object (e.g. allowing for self service of certain directory attributes via a web interface).
  • Managed units: query-based filters for management of roles (effectively a virtual OU). This avoids issues whereby best practice recommends delegation at OU level but the OU structure is generally designed with group policy in mind.
  • Policy objects: rules applied to objects as they are created (e.g. when creating a user in a particular OU, add them to certain security groups).
  • Script modules: bespoke code that allows policy objects to be extended beyond the standard capabilities of AD OUs and group policy (e.g. when creating a user account, e-mail the telephone system administrator and ask them to populate the user’s telephone number in AD).

ARS seems pretty powerful but it does have some limitations:

  • Firstly, it operates at the domain level, so delegation of forest-level tasks does not seem to be supported.
  • Secondly ARS is used to provide delegation of control over directory objects – not the resources protected by the directory itself (e.g. file systems). This means that ARS can be used to control the administration of the groups that allow access to a particular resource; but there is nothing that it can do to prevent a sufficiently-privileged user from bypassing ARS and accessing a resource directly.

In reality, this has meant that my client has built part of the delegation model for AD using the Quest tools (the translation of the IT policy and procedures to a provisioning model built around ARS) whilst I have based the administration model for the servers and computers within the domain (as well as forest-wide operations) around Windows groups, with procedural control over the use of privileged and non-privileged accounts.

Although I’ve been working with Active Directory since Windows NT 5.0 beta 2 (about 8 years now), this is the first time I’ve really looked at the administration model. It’s been a difficult process for me – to do it properly requires business analysis skills as well as (and probably more than) technical knowledge. The following links might be useful to anyone else who is looking at delegating AD administrative control:

How to make the web sound interesting

Posted on By Mark Wilson

A few days back, I wrote about the 15th anniversary of the world wide web. Robert Cailliau, who worked with Sir Tim Berners-Lee on the creation of the web, commented that, at the time, his only reservation about the name was that “it is difficult to pronounce in French“.

Since then, those of us whose native tongue is English have grown used saying “double-you-double-you-double-you”, to the point where there are now a number of abbreviations (I tend to say “dub-dub-dub” – a habit I picked up from antipodean radio adverts a few years back), or often the www gets dropped entirely. This topic has been discussed at length on the back pages of IT Week over the last couple of months and one suggestion for reducing the number of syllables was “wibble”. Of course, once you change the language it starts to get more interesting… apparently the Welsh version is “ooh-ooh-ooh”.

Cars

Posted on By Mark Wilson

Not that I’m about to start doing movie reviews here, but when they exclusively use CGI then I think that falls under my technology remit…

Cars

Last Friday, I dragged my wife along to the cinema to see Cars (the latest release from Pixar Animation Studios).

It’s the first time that I’ve been to a film where all the trailers are for animations too; although if they are a judge of what’s coming then Pixar don’t have too much to worry about from the competition. Toy Story goes down in history as the first fully computer animated feature film but that was a long time back and these days the fact that a film is exclusively generated using computer graphics is not enough – it needs to have all the other elements of a great film in place too.

Now I must confess that I’m a fan of Pixar movies and I’ve been waiting to see this film since I first caught sight of a teaser a couple of years back – I’m pleased to say that it did not disappoint.

CarsCars
CarsCars

As do all successful animations, the film caters to both adult and child audiences; however at 121 minutes it is a bit lengthy, considering that many of the viewers will be children. After the initial NASCAR excitement it slowed down and took a while to build as the characters were introduced and the scene set; but the second hour more than made up for the first. Making a bunch of cars seem human is no mean feat and Pixar have done a fantastic job, from Lightning McQueen the rookie racecar to Doc Hudson the reluctant retiree with a cast of supporting characters including Sally Porsche, Mater the towtruck, the delightful Luigi the Fiat (and his sidekick Guido the Italian forklift), Sheriff the Police cruiser, Sarge the WW2 Jeep and my favourite – Fillmore – the hippy VW Microbus. With cameo appearances from none other than Jeremy Clarkson (as Lightning McQueen’s agent – in the UK release only) and Michael Schumacher, this may not be the best Pixar film ever, but they are all pretty excellent and this one’s at least a 9/10.

Happy birthday to the world wide web

Posted on By Mark Wilson

A couple of years ago, I wrote a post highlighting the 35th anniversary of the Internet. Today it’s the turn of the world wide web – for which Tim Berners-Lee (now Sir Tim Berners-Lee) posted a message on the alt.hypertext newsgroup encouraging people to try out the concept on 6th August 1991.

At that time, I was studying for my BSc in Computer Studies and this is just one example of how irrelevant that degree was (I’m still struggling to think of anything learned in my studies that has been useful in the subsequent 12 years that I’ve been working in IT). Although there was some object oriented programming in Modula-2 (along with some C/C++) we were still learning COBOL. Up and coming operating systems (e.g. OS/2 and Windows NT) were ignored in favour of Unix and the low level language I used was 68000 assembler (not 8086). In my final year of studies (1993-1994) I did at least have the opportunity to study distributed computing but there was no mention of such concepts as hypertext in my classes. Perhaps all of this is a little harsh at it would have been difficult back then to forsee the effect that the world wide web has had on our lives.

It was not until 1995 that I first used a graphical web browser and was introduced to the delights of Yahoo! and Altavista. My first online service was a CompuServe account and later I migrated to dial-up Internet access before finally getting a broadband connection in 2002. Today, in common with many others, I rely on the world wide web for an increasing number of services – at home and at work.

Read more about the creation of the web.

Opening up the Mac Mini – easy when you know how

Posted on By Mark Wilson

Woohoo! 2GB RAM in my Mac for less than half the amount that Apple would have charged me (does anybody want to buy 2x256MB 667MHz DDR2 SODIMMs that have been used for just one month?).

Mac with 2GB RAM installed

Ordinarily, I’d say that upgrading the RAM in a PC is no big deal, but Mac Minis don’t have any screws to open the case; and unlike many notebook PCs, it not a case of popping open a small panel either.

Thankfully the instructional videos at the OtherWorldComputing Tech Center include a hardware upgrade tutorial for the Intel Mac Mini which showed exactly how to do it (thanks guys – if you sold memory in the UK I would have bought it from you).

So, armed with a Stanley DynaGrip 50mm filling knife that I picked from B&Q on the way home and an old plastic visitors pass (from Microsoft of all places!), I gained access to the inside of my Mac and swapped out the standard 256MB SODIMMs for two new 1GB modules from(which arrived in 24 hours with free shipping by Royal Mail Special Delivery – and there was 5% off the day I bought them, so they only came to £178.59 including VAT).

The operation wasn’t without it’s hiccups. First of all, I didn’t quite insert one of the memory modules correctly so when I booted the Mac it only saw 1GB of RAM. Then, when I reopened the computer to investigate, the knife slipped and I made a small scratch on the outside of the case (annoying, but too late to do anything about it now). I refitted the RAM, but dropped one of the screws inside the unit and the airport antenna came off whilst I was trying to locate the missing screw… that was a bit of a heart-stopper but it was easily reattached (once I worked out where to fix it). Finally, I forgot to reattach the small cable at the front of the motherboard so the fan ran continuously until I opened the Mac up for a third time and reattached the missing connector. Notwithstanding all of these errors, everything is working now and the extra memory should make everything a lot faster.