1. @@__________________________________________________________________________
@@ ___ ____ ___ ___ __ _____ _ __
@@ / | / __ / | __ ______/ (_) /_ / ___/__________(_)___ / /_
@@ / /| | / /_/ / / /| |/ / / / __ / / __/ __ / ___/ ___/ / __ / __/
@@ / ___ |/ ____/ / ___ / /_/ / /_/ / / /_ ___/ / /__/ / / / /_/ / /_
@@ /_/ |_/_/ /_/ |___,_/__,_/_/__/ /____/___/_/ /_/ .___/__/
@@ /_/
@@__________________________________________________________________________
@@
@@ NAME
@@ AP Audit Script
@@
@@ PRODUCT
@@ AUSBIN, CXC 137 1120/4
@@
@@ Copyright Ericsson AB 2009.
@@ All rights reserved.
@@
@@ The Copyright to the computer program(s) herein
@@ is the property of Ericsson AB, Sweden.
@@ The program(s) may be used and/or copied only with
@@ the written permission from Ericsson AB or in
@@ accordance with the terms and conditions stipulated in the
@@ agreement/contract under which the program(s) have been
@@ supplied.
@@
@@ DESCRIPTION
@@ This winfiol script will generate log files to be analyzed
@@ offline by ALAN, CXC 137 1124/4
@@
@@ This winfiol script is to be used with WinFIOL 6.4 or later.
@@ It is recommended for the user to use WinFIOL 7.1 SP2
@@ Note : WinFIOL 7.1 SP2 echo commands correctly while using SSH (HI80445)
@@
@@
@@ AUTHOR
@@ 2005-12-19 by EAB/UZ/ZS UABHAKM
@@
@@ REV DATE NAME DESCRIPTION
@@ R1A 20051219 UABHAKM First revision, complies to CXC 137 1120/4 R1A
@@ R2A 20060215 UABHAKM Second revision, complies to CXC 137 1120/4 R2A
@@ Tr's solved:
@@ HG56987
@@ HG57835
@@ HG57839
@@ R3A 20060407 UABHAKM Third revision, complies to CXC 137 1120/4 R3A
@@ HG70665
@@ HG70690
@@ HG66302
@@ HG72032
@@ HG69453
@@ HG58613
@@ R3B 20060411 UABHAKM Fourth revision, complies to CXC 137 1120/4 R3B
@@ R4A 20060622 UABHAKM Fifth revision, complies to CXC 137 1120/4 R4A
@@ R4B 20060704 ESEFRSV Sixth revision, complies to CXC 137 1120/4 R4B
@@ R4C 20060821 UABHAKM Seventh revision, complies to CXC 137 1120/4 R4C
@@ R5A 20060926 UABHAKM Eight revision, complies to CXC 137 1120/4 R5A
@@ HH29261
@@ HH24770
@@ HH28381
@@ R5B 20061221 UABHAKM Ninth revision, complies to CXC 137 1120/4 R5B
@@ R5C 20070308 UABHAKM Tenth revision, complies to CXC 137 1120/4 R5C
@@ R6A 20070906 UABHAKM Eleventh revision, complies to CXC 137 1120/4 R6A
@@ R6B 20071207 UABHAKM Twelth revision, complies to CXC 137 1120/4 R6B
2. @@ R6C 20081008 EFRAZOL Thirteenth revision, complies to CXC 137 1120/4 R6C
@@ R6D 20081128 XMADTHA Fourteenth revision, complies to CXC 137 1120/4 R6D
@@ R6E 20090123 XMADTHA Fifteenth revision, complies to CXC 137 1120/4 R6E
@@ R6F 20090227 XMADTHA Sixteenth revision, complies to CXC 137 1120/4 R6F
@@ R7A 20090403 XCSSUJV Seventeenth revision, complies to CXC 137
1120/4 R7A
@@ R7B 20090709 XMADTHA Eighteenth revision, complies to CXC 137
1120/4 R7B
@@ R7C 20091001 XSIVAAR Nineteenth revision, complies to CXC 137
1120/4 R7C
@@ R7D 20100406 XLAVAMR Twentieth revision, complies to CXC 137
1120/4 R7D
@@ R7E 20100930 XCHAKRI Twenty First revision,complies to CXC 137 1120/4
R7E
@@ R7F 20110160 XCHAKRI Twenty Second revision,complies to CXC 137 1120/4
R7F
@@ R8A 20110615 XCHAKRI Twenty Third revision,complies to CXC 137 1120/4
R8A
@@ R8B 20110825 XCHAKRI Twenty Fourth revision,complies to CXC 137 1120/4
R8B
@@ R8C 20111014 XCHAKRI Twenty Fifth revision,complies to CXC 137 1120/4
R8C
@@ R8D 20111104 XCHAKRI Twenty Sixth revision,complies to CXC 137 1120/4
R8D
@@ R9A 20120311 XCHAKRI Twenty Seventh revision,complies to CXC 137 1120/4
R9A
@@
@@ SEE ALSO
@@ ALANBIN, CXC 137 1124/4 @@
@@--------------------------------------------------------------------------
@@File: AP_Audit_R9A.txt
@@Supported
@@ sw levels: APZ 11.1, 11.2, 11.3, 12.0, 13.0, 15.0,16.0 and APG40 One
Track up to AGM020
@@ hw levels: APG40 C/1, APG40 C/2, APG40 C/4 and APG43
@@
@@Script used with WinFIOL 6.4 or later.
@@Script plug-in must be loaded.
@@To check:
@@Help->Status Information->Plug-ins
@@'Script plug-in' must be present in the list.
@@
@@This winfiol script creates Audit logs to be reviewed offline with ALAN-tool
and/or manual.
@@
@@Log in to A-node and transmit/send this file
@@
@@Log in to B-node and transmit/send this file
@@
@@
@@ Note: The Logfile name is automatically set to
@@
C:TempAP_Audit_R9A_"hostname"_"nodestate_"osversion"_"date"_"time".log
@@
@@
@@20040430 Rev.A First version
@@20041119 Rev.B Second version
@@20050430 Rev.C Third version
@@ Extended ACL checks
@@ LBB hotfixes checked
@@ Antivirus exclusion lists collected
@@ DPHIP (CP hardware versions)
@@ Ipna osdumps collected
@@ Commondll and dll logs collected
3. @@ Extended collection of mcs fms aes configuration data
@@20050909 Rev.D Fourth version
@@ MML commands only executed in Active node and only on AP-1
@@ Improvements for dual ap configuration
@@ Improvements for APZ 212 40
@@ Commands only possible in Active node not executed in Passive
node
@@ Adaption for APZ 12.0
@@ ACL checks according to Baseline
@@ More efficient "comment out" syntax used (@@)
@@ IPN-2 and -3 also checked
@@ DIRCP; CP Event Record collected
@@ Examples for net start and net share changed
@@ APMSP;CHOIP;CHOPP; To check charging configuration on the APZ-
side
@@ Cluster /ver and /list
@@ Alarm panel configuration
@@ Rdt/ohs configuration
@@ Tree information
@@ Application-,System-logs only 100 last events printed
@@ Printing of sfc-, fch- and dr.watson logs are disabled
@@ Please use mktr (or enable by remove @@) if they are requested
@@ Commondll.log, dll.log and IPN osdumps are commented out
@@ Date /t&time /t&mml CACLP:ALL; are sent together (to check
CP/AP time deviation)
@@ Timezone information
@@ ISP statistics
@@ Automatic naming of the logfile
@@20051021 Rev.E Fifth version
@@ Userdump (needed for OSU)
@@ fcc_amversion added for WinS03
@@ Version check of Pragma telnet server
@@ Check for incorrectly installed files
@@ WinS03: Print all services
@@ Check automatically started applications
@@ New partitions in cacls for WinS03
@@ Osversion added to logfile name
@@20051110 Rev.F Sixth version
@@ OSU: To check that no empty user variable PATH exist.
@@ OSU: To check that no occurrences of <Account Domain not
found> exist.
@@ OSU: No "big" ddi files should exist (Normal size ~50KByte).
@@ OSU: Make sure that Administrator doesn't have membership in
@@ groups 'Guests' and 'Domain Guests'.
@@ OSU: Check required free disk space.
@@ aehevls removed. Can cause APZ21240 cp fault caused by high
cpu load.
@@20051219 AUSBIN CXC1371120/4 R1A only some text differs to Rev.F
@@20060215 AUSBIN CXC1371120/4 R2A
@@ ipnaadm -list also printed for AP-2.
@@ dbols -l included.
@@ cpfdf cpfls -l afpls -l cdhdsls -l cdhls -l dbols -l also
printed on AP-2.
@@ mdutil removed for WinS03.
@@ <Account Domain not found> check improved. (quicker)
@@ dhcp config printing changed for WinS03.
@@ OSU: Check if Display of Legal Notice is active.
@@ OSU: Check that both node names are in uppercase.
@@ OSU: Check that ossuser account never expires.
@@ lmhosts example corrected.
@@ Example for Excluded from AVIR updated.
@@ Example for set changed.
@@ OSU: "Default FTP Site" has to be "C:Inetsrvftproot".
@@ OSU: To check that no other user than Default is defined in
4. the Pragma Telnet Server.
@@20060407 AUSBIN CXC1371120/4 R3A
@@ New for APG40/C4: ScsiDisk and megarc.
@@ Check the alog status.
@@ Added example for e:boot.ini WinS03.
@@ OSU: Check for file c:winntbackup.fts (HG66302).
@@ OSU: Attributes and files on e: partition printed.
@@ OSU: Check permissions on E: partition (HG70665).
@@ OSU: Check for missing files (HG72032).
@@ OSU: Check correct labels (HG69453 and HG58613).
@@20060411 AUSBIN CXC1371120/4 R3B
@@ Minor corrections for ipn print on passive node, Backup.fts
and boot.ini example.
@@20060622 AUSBIN CXC1371120/4 R4A
@@ FOR command removed on request from BSC-OSS.
@@ Check content of hosts and compare them between A and B node.
@@ Print MAXSIZE of the eventlogs.
@@ Installation date/time printed for the security patches (TR
HG72875).
@@ Check if the repair fix 109 22-APZ 212 30/4-494 was correct
installed.
@@ Check for directories that should be files on C: (TR
HG72032).
@@ DHCP: To check that no directory called "old" exist.
@@ DHCP: To check that no corrupted dir's exist. (e.g. <DIR>
j500000D.log).
@@ DHCP: checkdb.
@@ winmsdreport printed for WinS03.
@@ Check that SSH installation is correct (SCS534984).
@@ DNS Server configuration.
@@ OSU: Check required free disk space on E: 19 MByte (TR
HG87416).
@@20060704 AUSBIN FTP virtual directories printed on passive node.
@@20060821 AUSBIN CXC1371120/4 R4C minor corrections.
@@20060926 AUSBIN CXC1371120/4 R5A
@@ Ping the other node over the public interface.
@@ Check of replication and USN.
@@ Setupservice.def is printed.
@@ Check lct configuration of the service account.
@@ Listing of ddi files for WinS03.
@@ Check anonymous logon setting for the FTP Sites (TR HH29261).
@@ Preferred owners are checked for the cluster groups (TR
HH24770).
@@ OSU: Check input language setting (TR HH28381).
@@20061220 AUSBIN CXC1371120/4 R5B
@@ EXCHANGE IDENTITY DATA, IOEXP.
@@ Adaption to run on APG43 (note: APG43 is not officially
supported).
@@ Status of insecure protocols (csadm).
@@ date and time added to the logfile name.
@@ Check FTP Sites settings.
@@ netstat -s to get network statistics
@@ Total script execution time printed.
@@ bupls/bupidls/sybrp/lamip
@@ tree C: /A
@@20070308 AUSBIN CXC1371120/4 R5C
@@ bugfix for totaltime calculation and cacls on data disks.
@@ Changes for ap2 at bupls and repadmin.
@@ Extended Active Directory Check.
@@ Volume check in WinS03 changed, wmic.
@@ Check the registered IE version.
@@ audit error for second APG -- wrongly included CP commands
(HH71860)
@@20070906 AUSBIN CXC1371120/4 R6A
5. @@ APG43 supported
@@ cluster net /prop | sort | find "Role"
@@ The Baseline config file, IntegrityAP.dir is printed.
@@ dir /od c:bur dir /od C:acsdataBUR
@@ attrib E:* /S /D
@@ NIC speed and duplex.
@@ Check for directories that should be files (TR HG72032)
updated.
@@ DNS should not be configured to listen on the Public
interface.
@@ ISP log maximum size
@@ @EXIT used instead of @END to end this script.
@@ folders/files in C:acsdataFCHcurrent are listed.
@@ print acl's for responding ftp dir's.
@@ Check for isperror.log dir C:acslogsprc.
@@ Extended FRS and gp Check
@@ SCSIDISK and megarc additions for C/4
@@20071210 AUSBIN CXC1371120/4 R6B
@@ afpls -a for all defined transferqueues.
@@ Check that clustername and cluster ip-address works from both
nodes.
@@ Check setting of RAID remirroring speed.
@@ Updated text: "IgnoreBroadcastFlag 0x1" all other APZ's
(classic and also APZ 212 50/55)
@@ Check that $oem$ doesn't exist on the root catalog on C:
drive.
@@ OSU: SearchList must be empty before starting OSU.
@@ Check that clustername and cluster ip-address works from both
nodes.
@@ stmdbrt -p Database Retainment Time Print
@@ exalls -f the path and filename for EXAL listed.
@@ alogexls List all items that are excluded from alog.
@@ cpdlist EOL & EOP is listed.
@@ cluster res "{clusterResource}" /listowners
@@20081008 AUSBIN CXC1371120/4 R6C
@@ netsh dhcp server show serverstatus added.
@@ Check if burbackup archive exists on datadisk for
WinS03.
@@ Jump over certain code if Winfiol 7.0 or older is used
@@ (7.0 SP1 and newer is OK).
@@ Check for number of network interfaces in registry.
@@ Change the path of logfile.
@@20081128 AUSBIN CXC1371120/4 R6D
@@ Corrected typoerror in "which dnscmd.exe".
@@20090123 AUSBIN CXC1371120/4 R6E
@@ net time 192.168.202.1 && net time 192.168.202.2
added (HJ92696)
@@ gpupdate /force added (HJ99663)
@@ eventquery /L application /V /FO list /R 1 /FI "Source
eq SceCli" added (HJ99663)
@@ diskeeper /p /jt=z added (HJ99663)
@@ SCSIDISK /CS ,megarc commands,gamevelog for C/4 added
(HJ99663)
@@ Corrected typoerror in "cacls S:STSData*"
@@20090227 AUSBIN CXC1371120/4 R6F
@@ Revised check for CA ANTIVIRUS VER 8.1 (AVIRBIN CXC 137
1268/4 R1A)
@@20090403 AUSBIN CXC1371120/4 R7A
@@ Adaption to run on APG43 Blade Cluster
(HK34818)
@@ Inclusion of WinS2003 Quorum Disk (HK57350)
@@20090709 AUSBIN CXC1371120/4 R7B
@@ regedit /e Keyb.txt "HKEY_Users" changed to
reg query "HKU" /s /f "Preload" >Keyb.txt (HK23886)
6. @@ dir
{int_a}c$winntsysvoldomainPoliciesgptTmpl.inf /s/b and
@@ dir
{int_b}c$winntsysvoldomainPoliciesgptTmpl.inf /s/b added. (HK24490)
@@ dsquery computer -stalepwd 29 added.
(HK29936)
@@ WinFIOL version printed. (HK29943)
@@ phaprint commands combined with single
command. (HK35345)
@@ TFTP server commands added for checking TFTP
performance. (HK35616)
@@ reg query
"HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters" /v
ReservedPorts. (HK38154)
@@ Corrected the Extended FRS check routine and
so Extended Active Directory check is done always. (HK46884)
@@ gpresult /z added. (HK51693)
@@
@@20091001 AUSBIN CXC1371120/4 R7C
@@ Extended DHCP Server check for AP2 machines
(HK70097)
@@ Updated WinFIOL version print statement.
(HK87590)
@@ Extended GPO policy checks for AP2
configuration (HK89797)
@@ nels added for checking the Blade Cluster
Configuration. (HK91440)
@@20100406 AUSBIN CXC1371120/4 R7D
@@ Introduced COMPUTERNAME instead of IPNs
(HL66537)
@@ dir "C:WINNTInstaller" | findstr
"2015A3F9-5EED-4C67-BD3A-FF024A40C22D" added(HL41602)
@@ type {NODEA}C$acsdataFCRverbosity and
type {NODEB}C$acsdataFCRverbosity added. (HL41506)
@@ reg query
{NODEA}HKLMSystemCurrentControlSetControlTimeZoneInformation
@@ reg query
{NODEB}HKLMSystemCurrentControlSetControlTimeZoneInformation added.
(HL60686)
@@ Additional raidutil commands are added.
(HL41654)
@@20100929 AUSBIN CXC1371120/4 R7E
@@ Introduced the command for AP number
(HL97608)
@@ Introduced command to find the veritas
version(HM54509)
@@ Revised the query for obtaining APG43
hardware version (HM71509)
@@ Introduced the command to check the frchangedisk
version (HM71623)
@@ Introduced command to check the BIOS
revision (HM71628)
@@ Added the command to check the DVD model and
the write cache status (HM76392)
@@ Added the command to quota of disks for
APG43 (HM76423)
@@ Added the command to list the hardware
configuration table (HM77062)
@@ Added the command to check if the
autoadminlogon feature is enabled or not (HM91777)
@@20110106 AUSBIN CXC1371120/4 R7F
@@ Added command to check the cluster
configuration (HL74967)
@@20110615 AUSBIN CXC1371120/4 R8A
7. @@ Changed the code to find the HKU
Administrator registry key (HO21753)
@@ Added a command to check the wsrm service
startup type and state (HO57613)
@@ Added a command to check if the folder
V:APZDATABOOT is present or not (HO57613)
@@ Added new folders for cacls check for
system disks (HO40579)
@@20110825 AUSBIN CXC1371120/4 R8B
@@ Included new folders under cacls command
(HO66275)
@@20110311 AUSBIN CXC1371120/4 R9A
@@ Included the check for the cluster quorum
(HP33515 )
@@ Included the commands for APDISKDIAG
(HP46113 )
@@ Included commands related to EVO (HP41525 )
@@ Included commands related to HCS service
(HP41532)
@@
@@
@@
@@
@@Start logging to file.
@@The logfile name is set to
C:TempAP_Audit_R9A_"hostname"_"nodestate"_"osversion"_"date"_"time".log
@Z-
@R-
hostname
@COPY {_line1}{hostname}1 30
prcstate
@COPY {_line1}{nodestate}1 9
ver
@COPY {_line2}{osver} 1 22
@IF {osver} = "Windows NT Version 4.0" THEN SET {osver}="NT4"
@IF {osver} = "Microsoft Windows [Ver" THEN SET {osver}="WinS03"
@GETDATE {date} YYMMDD
@GETTIME {time} HHMM
@SET {_VERSION}=wf
@SET {cdt}=NO
dir C:Tempaudit.lite
@COPY {_line6}{light}40 10
@IF {light} = audit.lite THEN SET {cdt}=YES
del C:Tempaudit.lite >nul 2<&1
@LOG ON C:TempAP_Audit_R9A_{hostname}_{nodestate}_{osver}_{date}_{time}.log
@@
@GETTIME {start_hh} HH
@GETTIME {start_mm} MM
echo "AUSBIN CXC 137 1120/4 R9A"
cd /d C:
@COMMENT DATE={date}, TIME={time}
@SET {WinFIOLver}="WinFIOL version unknown"
@IF {_VERSION} = "wf" THEN GOTO WINFIOLver6
@LENGTH {_VERSION} {length1}
@IF {length1} = 2 THEN GOTO WINFIOLverCheck
@IF {length1} = 3 THEN GOTO WINFIOLverSPCheck
@IF {length1} > 3 THEN GOTO WinFIOLverUnknown
@LABEL WINFIOLverCheck
@COPY {_VERSION} {WinFIOLver1} 1 1
@COPY {_VERSION} {WinFIOLver2} 2 1
@SET {WinFIOLver}="WinFIOL " + {WinFIOLver1} + "." + {WinFIOLver2}
@GOTO WINFIOLend
@LABEL WINFIOLverSPCheck
@COPY {_VERSION} {WinFIOLver1} 1 1
8. @COPY {_VERSION} {WinFIOLver2} 2 1
@COPY {_VERSION} {WinFIOLver3} 3 1
@SET {WinFIOLver}="WinFIOL " + {WinFIOLver1} + "." + {WinFIOLver2} + " SP" +
{WinFIOLver3}
@GOTO WINFIOLend
@LABEL WINFIOLver6
@SET {WinFIOLver}="WinFIOL 6.4"
@LABEL WinFIOLverUnknown
@LABEL WINFIOLend
@COMMENT WinFIOL Version: {WinFIOLver}
dsdls | find "MML"
@SCAN {_line1} "MML" {pos}
@LENGTH {_line1}{length1}
@IF {length1} = 0 THEN GOTO NO_MML
@SET {mkah}=MML
@GOTO END_MML
@LABEL NO_MML
@SET {mkah}=NOMML
@LABEL END_MML
dsdls | find /i "ap2"
@LENGTH {_line1}{length1}
@IF {length1} = 0 THEN SET {ap_no}="ap1"
@COPY {_line1}{ap_no}1 3
@LOWCASE {ap_no}
@IF {ap_no}<> "ap2" THEN SET {ap_no}="ap1"
@@--------------------------------------------------------------------------
@@ Reason: To Identify and time stamp this audit.
@@
hostname
date /t
time /t
@@
@@--------------------------------------------------------------------------
@@ Reason: To get the operating system version.
@@
cd /d C:
ver
@COMMENT OS={osver}
@@
@@ Expected result: NT4 or WinS03.
@@
@@--------------------------------------------------------------------------
@@ Reason: To check if this node is Active or Passive.
@@
prcstate
@@
@@ Expected result: active | passive
@@
@@--------------------------------------------------------------------------
@@ Reason: Find out which hardware version, APG40/C2, APG40/C4 or APG43.
hwver
@COPY {_line3}{hwver}1 8
@LENGTH {_line3}{length1}
@SET {bchwver} = ""
@IF {length1} = 0 THEN GOTO NO_HWVER
@IF {hwver}="APG40C/4" THEN GOTO HW_SET
@IF {hwver}="APG43" THEN GOTO HW_SET
@LABEL NO_HWVER
@SET {hwver}="APG40C/2"
@LABEL HW_SET
@COMMENT hwver={hwver}
@IF {hwver}="APG40C/4" THEN GOTO NOT_GEP
@IF {hwver}="APG40C/2" THEN GOTO NOT_GEP
9. reg query "HKLMSoftwareEricssonAdjunct ProcessorAPOS" /v HwVersion
@LABEL NOT_GEP
@SET {bc}=""
@@swrsid
@@COPY {_line1}{apzbcver}32 2
nels
@PASTE {systype} {_lines}
@COMPACT {systype}
@SIZE {systype} {numtype}
@SET {indextype} = 1
@WHILE {indextype} < {numtype}
@IF {systype[{indextype}]} MATCHES ".*not recognized.*" THEN GOTO NOT_BC
@BEFORE {APtype} {systype[{indextype}]} ":"
@IF {APtype} MATCHES ".*System Type.*" THEN @AFTER {CPtype}
{systype[{indextype}]} ":"
@IF {APtype} MATCHES ".*System Type.*" THEN @BEFORE {CPtype} {CPType} "-"
@IF {APtype} MATCHES ".*System Type.*" THEN @TRIM {CPtype}
@IF {APtype} MATCHES ".*Node Architecture.*" THEN GOSUB APG43_EVO
@INC {indextype}
@ENDWHILE
@COMMENT CPtype={CPtype}
@@IF {NodeArc} MATCHES ".*Component Based Architecture.*" THEN GOTO APG43_EVO
@IF {CPtype} = "Multi" THEN SET {bchwver}="BC"
@LABEL NOT_BC
@@COMMENT hwver={hwver}
@@COMMENT bchwver={bchwver}
@@ Expected result: APG40/C2, APG40/C4 or APG43 stored in var {hwver}.
@@--------------------------------------------------------------------------
@@ Reason: To get the computer name
@@
@SET {NODEA} = %COMPUTERNAME:~0,-1%A
@SET {NODEB} = %COMPUTERNAME:~0,-1%B
@@
@@--------------------------------------------------------------------------
@@ Reason: To get the system software history.
@@
swrsid -h
@@
@@ Expected result: A history list.
@@
@@--------------------------------------------------------------------------
@@ Reason: To check that correct software is installed.
@@
swrprint -a
@@
@@ Expected result: compare with proper CM-level.
@@--------------------------------------------------------------------------
@@ Reason: To check that software folders match swrprint above.
@@
dir /s C:acsdataFCHcurrent | findstr /I "CXC SETUP.EXE"
@@
@@ Expected result: compare with swrprint and the other node.
@@--------------------------------------------------------------------------
@@ Reason: To check which hot fixes and security patches are installed.
@@
@IF {hwver} = "APG43" THEN GOTO END_SECPATCHES
type "C:Program FilesFORCEhflist.txt"
cd /d C:temp && regedit /e C:temphfix.log "HKEY_LOCAL_MACHINESOFTWAREFORCE
ComputersLBBHotfix"
@T 5
if exist C:temphfix.log type C:temphfix.log && del C:temphfix.log
@@
@@ Expected result: R1.1 has to be installed before S3.2 is installed
@@ ,if not S2.4 might be corrupt.
10. @@ Note: This is not valid after R1.9
@LABEL END_SECPATCHES
@@--------------------------------------------------------------------------
@@ Reason: Check if the repair fix 109 22-APZ 212 30/4-494 was correct
installed.
@@
cd /d c:temp && regedit /e RunOnce.txt
"HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnce"
cd /d c:temp && regedit /e RunOnceEx.txt
"HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnceEx"
type RunOnce.txt && del RunOnce.txt
type RunOnceEx.txt && del RunOnceEx.txt
@@
@@ Expected Result: Empty keys, otherwise S2.4 installation is not completed.
@@--------------------------------------------------------------------------
@@ Reason: Check the registered IE version.
cd /d C:temp && regedit /e iever.log
"HKEY_LOCAL_MACHINESoftwareMicrosoftInternet Explorer"
@COMMENT IE_Ver
type iever.log | FindStr /R "^"Ve"
del iever.log
@@ Expected Result: The first Version key printed is the IE version.
@@--------------------------------------------------------------------------
@@ Reason: To check the diskeeper installer file/folder
@IF {hwver} = "APG43" THEN GOTO NO_DISKEEPER_INST
dir "C:WINNTInstaller" | findstr "2015A3F9-5EED-4C67-BD3A-FF024A40C22D"
@LABEL NO_DISKEEPER_INST
@@
@@--------------------------------------------------------------------------
@@ Reason: To Check for incorrectly installed files.
@@
dir "C:Program FilesAP" /s | findstr /ie ".1"
@@
@@ Expected result: No filenames ending with .1 should be printed.
@@--------------------------------------------------------------------------
@@ Reason: Check that SSH installation is correct. (SCS534984)
@@
dir "C:Program FilesF-Securessh server"
@@
@@ Expected result: No filenames ending with .1 should be printed.
@@--------------------------------------------------------------------------
@@ Reason: OSU: Check that no leftovers exist from any earlier OSU attempt. (TR
HG95576)
@@
@IF {osver} = "WinS03" THEN GOTO NO_NTDSNT4
cd /d c:temp && regedit /e Ntdsnt4.txt
"HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNTDS"
type Ntdsnt4.txt && del Ntdsnt4.txt
@@
@@ Expected result: No keys should exist.
@LABEL NO_NTDSNT4
@@--------------------------------------------------------------------------
@@ Reason: To check that correct software is installed.
@@ A bug in Pragma Telnet Server Build 7 may result in no user profile being
created when user logs in using telnet.
@@ Upgrade to Pragma Telnet Server Build 10 is done with LBB Hotfix 5.3.1 (AC-
A16 for R9.1),
@@ however due to a problem at installation of LBB 5.3.1 the Pragma Telnet
Server remains on Build 7 although
@@ LBB Hotfix 5.3.1 shows that installation is successful and swrprint shows
that Pragma Telnet Server Build 10 is installed.
@@ Primus solution SCS494532 has been created, and the next check can be done:
@@
@IF {hwver} = "APG43" THEN GOTO NOP_PRAGMA
11. @IF {osver} = "WinS03" THEN GOTO NO_PRAGMA
type "C:Program FilesPragmaTelnetDreadme.txt" | findstr /C:"2000 Build"
dir "C:Program FilesPragmaTelnetDTELNETD.exe"
@@
@@ Expected result:
@@ Pragma TelnetServer 2000 Build 7
@@
@@ Directory of C:Program FilesPragmaTelnetD
@@ 10/03/02 08:33a 163,840 TELNETD.exe
@@ 1 File(s) 163,840 bytes
@@
@@ Note: The size of file TELNETD.exe is 163840 bytes for Build 7, and 172032
bytes for Build 10.
@@
@@ If wrong version of Telnet served is installed, the solution can be applied.
@LABEL NO_PRAGMA
@@--------------------------------------------------------------------------
@@ Reason: OSU: To check that no other user than Default is defined in the
Pragma Telnet Server.
@@
cd /d C:temp && regedit /e Pragma_HKLM.txt
"HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsers"
type C:tempPragma_HKLM.txt | find
"[HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsers"
@@
@@ Expected result: Nothing else than Default entries are printed
@@
@@ [HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsersDefault]
@@
[HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsersDefaultEnvironment]
@@
[HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsersDefaultTerminateStrin
gs]
@@
@@ Logging more pragma configuration data:
type C:tempPragma_HKLM.txt && del C:tempPragma_HKLM.txt
cd /d C:temp && regedit /e Pragma_Tel.txt
"HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetD"
type C:tempPragma_Tel.txt && del C:tempPragma_Tel.txt
cd /d C:temp && regedit /e Pragma_Env.txt
"HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsersDefaultEnvironment"
type C:tempPragma_Env.txt && del C:tempPragma_Env.txt
cd /d C:temp && regedit /e Pragma_Term.txt
"HKEY_LOCAL_MACHINESOFTWAREPragmaSystemsTelnetDUsersDefaultTerminateString
s"
type C:tempPragma_Term.txt && del C:tempPragma_Term.txt
@@
@LABEL NOP_PRAGMA
@@--------------------------------------------------------------------------
@@ Reason: AP: Multiple Time Zone Link List.
@@ No time difference between both the APG Nodes.
@@ CP:Time zones, GMT, summer time periods (if defined).
@@ No time deviation should exist between AP and CP clocks.
net time {NODEA} && net time {NODEB}
reg query {NODEA}HKLMSystemCurrentControlSetControlTimeZoneInformation
reg query {NODEB}HKLMSystemCurrentControlSetControlTimeZoneInformation
tzls -a
cd /d C:temp && regedit /e tz.log
"HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTimeZoneInformation"
@T 10
type C:temptz.log
@T 5
del C:temptz.log
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_1
13. @@ TERM=ansi
@@ TMP=C:TEMP
@@ USERDOMAIN=AP150DOM
@@ USERNAME=Administrator
@@ USERPROFILE=C:WINNTProfilesAdministrator
@@ windir=C:WINNT
@@
@@--------------------------------------------------------------------------
@@ Reason: OSU: Check default input language.
@@
@@ Some keyboards settings may cause Pragma to malfunction in Windows Server
2003.
@@ (TR HH28381, Italian Keyboard setting).
@@
@COMMENT Current user
@@locale ID (LCID):
cd /d C:temp && regedit /e KEYB.txt "HKEY_Current_UserKeyboard
LayoutPreload"
type C:tempKeyb.txt && del C:tempKeyb.txt
@@ LCID defined substitute:
cd /d C:temp && regedit /e Keyb.txt "HKEY_Current_UserKeyboard
LayoutSubstitutes"
type C:tempKeyb.txt && del C:tempKeyb.txt
@COMMENT Default user
@@ locale ID (LCID):
cd /d C:temp && regedit /e KEYB.txt "HKEY_Users.DEFAULTKeyboard
LayoutPreload"
type C:tempKeyb.txt && del C:tempKeyb.txt
@@ LCID defined substitute:
cd /d C:temp && regedit /e Keyb.txt "HKEY_Users.DEFAULTKeyboard
LayoutSubstitutes"
type C:tempKeyb.txt && del C:tempKeyb.txt
@COMMENT Administrator
reg query "HKU" | findstr -e 500
@LENGTH {_line1} {length}
@IF {length} = 0 THEN GOTO END_KEYB
@set {hku_admin} = {_line1}
@IF {osver} = "NT4" THEN GOTO NO_QUERY
REG QUERY "{hku_admin}Keyboard LayoutPreload"
REG QUERY "{hku_admin}Keyboard LayoutSubstitutes"
@GOTO END_KEYB
@LABEL NO_QUERY
@@ locale ID (LCID):
cd /d C:temp && regedit /e Keyb.txt "HKEY_USERS{key}Preload"
type C:tempKeyb.txt && del C:tempKeyb.txt
@@ LCID defined substitute:
cd /d C:temp && regedit /e Keyb.txt "HKEY_USERS{key}Substitutes"
type C:tempKeyb.txt && del C:tempKeyb.txt
@LABEL END_KEYB
@@
@@ Expected result: OSU: If 'Italian (Italy) - Italian' keyboard is the default
setting (00000410="it"),
@@ change it to
@@ English (United States) - US,00000409="us".
@@
@@--------------------------------------------------------------------------
@@ Reason: OSU: To check that no empty user variable PATH exist.
@@
@IF {osver} = "WinS03" THEN GOTO OSU_ONLY_NT4
cd /d C:temp && regedit /e hk_users.txt "HKEY_USERS"
type hk_users.txt | find /I "PATH"
del hk_users.txt
@@
@@ Expected result: No occurrences of "PATH"=""
14. @@
@@ It's a requirement before starting OSU that no empty user variable PATH
exist.
@@
@@--------------------------------------------------------------------------
@@ Reason: OSU: Check for file c:winntbackup.fts (TR HG66302).
@@
dir c:winntSystem32backup.fts
@@
@@ Expected result: file backup.fts present.
@@
@@ It's a requirement before starting OSU that the file exist.
@@ If it's missing a "dummy" file named backup.fts can be created or copied
@@ from the other node.
@@
@LABEL OSU_ONLY_NT4
@@--------------------------------------------------------------------------
@@ Reason: OSU: Check for directories that should be files (TR HG72032).
@@
dir C: /s /b /a /ad|findstr .|findstr /v /r ..*|findstr /v .|findstr /v
".IE5 assembly WinSxS profiles"
@@
@@ Expected result: No directories found that should be files.
@@ (OS2.EXE OS2SRV.EXE)
@@
@@--------------------------------------------------------------------------
@@ Reason: OSU: Check if Display of Legal Notice is active for PC-Anyware and
@@ Console login.
@@
@@
cd /d c:temp && regedit /e Legal_Notice.txt
"HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon"
type Legal_Notice.txt | find "LegalNoticeCaption"
type Legal_Notice.txt | find "LegalNoticeText"
del Legal_Notice.txt
@@ Expected result:
@@
@@ "LegalNoticeCaption"=""
@@ "LegalNoticeText"=""
@@
@@ For OSU it's a requirement that no Legal Notice message is displayed at
autologon.
@@
@@--------------------------------------------------------------------------
@@ Reason : Checking the verbosity files in C:acsdataFCR
@@
type {NODEA}C$acsdataFCRverbosity
type {NODEB}C$acsdataFCRverbosity
@@
@@ Expected result: This file should not present. Output for the above command:
@@ The system cannot find the file specified.
@@
@@--------------------------------------------------------------------------
@@ Reason: To verify that no memory/handle leaks exist.
@@ To check memory configuration, allocation and usage.
@@ To check the pagefile.
@@
pstat
@@
@@ Expected result: This is an example of reasonable values of an msc
@@Pstat version 0.3: memory: 785844 kb uptime: 1 0:26:56.631
@@
@@PageFile: ??C:pagefile.sys
@@ Current Size: 819200 kb Total Used: 1264 kb Peak Used 1272 kb
15. @@
@@ Memory: 785844K Avail: 549748K TotalWs: 329784K InRam Kernel: 2416K P:19140K
@@ Commit: 217596K/ 179384K Limit:1566560K Peak: 234464K Pool N: 9416K P:19208K
@@
@@--------------------------------------------------------------------------
@@ Reason: To make sure no serious alarms exist.
@@
alist
@@
@IF {nodestate} <> "active" THEN SET {cpno}="CP not"
@IF {mkah} <> "MML" THEN SET {cpno}="CP not"
@IF {mkah} <> "MML" THEN GOTO NO_PASSIVE_2
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_2
@IF {bchwver} = "BC" THEN GOTO BC_ALACP_CHECK
mml ALACP;
@GOTO BC_ALACP_END
@LABEL BC_ALACP_CHECK
mml -cp ALL ALACP;
@LABEL BC_ALACP_END
@COPY {_line1}{cpno} 1 5
@IF {cpno} <> "ALARM" THEN SET {cpno}="CP not"
@IF {cpno} = "CP not" THEN GOTO NO_PASSIVE_2
@COPY {_line5}{alacp} 10 9
@IF {bchwver} = "BC" THEN GOTO BC_ALLIP_CHECK
mml ALLIP:ALCAT={alacp};
mml ALLIP:ACL=A1;ALLIP:PRCA=39;
@GOTO BC_ALLIP_END
@LABEL BC_ALLIP_CHECK
mml -cp ALL ALLIP:ALCAT={alacp};
mml -cp ALL ALLIP:ACL=A1;ALLIP:PRCA=39;
@LABEL BC_ALLIP_END
@@
@@ Expected result: No APZ alarms should exist.
@@
@@--------------------------------------------------------------------------
@@ Reason: To check status of the LAN's towards the AP directory service.
@@
@IF {bchwver} = "BC" THEN GOTO BC_APAMP_CHECK
mml APAMP;
@GOTO APAMP_CHECK_END
@LABEL BC_APAMP_CHECK
mml -cp ALL APAMP;
@LABEL APAMP_CHECK_END
@@
@@ Expected result: The STATUS shall be: one ACTIVE and one PASSIVE
@@ link towards each node.
@@
@LABEL NO_PASSIVE_2
@@--------------------------------------------------------------------------
@@ Reason: To check status of the directory service (internal in the AP
@@ and towards the cp.
@@
dsdls -a
@@
@@ Expected result: Both the internal AP node and the cp0 should be
@@ listed with their applications registered within dsd.
@@
@@--------------------------------------------------------------------------
@@ Reason : To check the AP node number
@@
phaprint ACS_ALHEXECBIN_apNodeNumber
@@
@@Expected result: The AP node number should be listed
@@
16. @@--------------------------------------------------------------------------
@@ Reason: To check that the communication devices are working properly.
@@
@IF {mkah} <> "MML" THEN GOTO NO_MML_OR_AP2
@IF {nodestate} <> "active" THEN GOTO NO_CP
@IF {cpno} = "CP not" THEN GOTO NO_CP
@IF {bchwver} = "BC" THEN GOTO BC_OCTDP_CHECK
mml OCTDP;
@GOTO OCTDP_CHECK_END
@LABEL BC_OCTDP_CHECK
mml -cp ALL OCTDP;
@LABEL OCTDP_CHECK_END
@@
@@ Expected result: Connections should exists over both devices
@@ (around 30), they should be in state NORMAL.
@@
@@--------------------------------------------------------------------------
@@ Reason: EXCHANGE IDENTITY DATA
@@
@IF {bchwver} = "BC" THEN GOTO BC_IOEXP_CHECK
mml IOEXP;
@GOTO IOEXP_CHECK_END
@LABEL BC_IOEXP_CHECK
mml -cp ALL IOEXP;
@LABEL IOEXP_CHECK_END
@@
@@ Expected result: EXCHANGE IDENTITY DATA
@@
@@ IDENTITY
@@ 4101R1KREF240CM013 626
@@
@@--------------------------------------------------------------------------
@@ Reason: To check the CP hardware versions.
@@
@SET {apzversion} = 0
@IF {bchwver} = "BC" THEN GOTO BC_DPHIP_CHECK
mml DPHIP;
mml SAOSP;
@GOTO BC_DPHIP_END
@LABEL BC_DPHIP_CHECK
mml -cp ALL DPHIP;
mml -cp ALL SAOSP;
@LABEL BC_DPHIP_END
@@
@@ Extracting the APZ Version and Type
@@
mml saosp | find "APZ VERSION"
@SCAN {_line1} "APZ VERSION" {pos}
@SET {pos} = {pos}-5
@COPY {_line1}{apzver} {pos} 3
@TRIM {apzver}
@@
mml saosp | find "APZ TYPE"
@SCAN {_line1} "APZ TYPE" {pos}
@SET {pos} = {pos}-5
@COPY {_line1}{apzver1} {pos} 3
@TRIM {apzver1}
@CONCAT {apzversion} {apzver1} {apzver}
@@
@@ Expected result: A printout of the hardware identities of all
@@ the boards in the CP. Check IPNX, IPNA or IPNAX versions.
@@
@@ Recommended lowest versions:
@@ IPNX and IPNA:
17. @@ IPNX ROJ 207 503/1 R2A
@@ RPIRS-1 ROJ 207 124/2 R2A (IPNA)
@@
@@ IPNAX:
@@ IPNAX ROJ 208 435/1 R2A
@@ IPNAX ROJ 208 435/2 R1A
@@
@@--------------------------------------------------------------------------
@@ Reason: To check the CP EVENT RECORD.
@@
@IF {bchwver} = "BC" THEN GOTO BC_DIRCP_CHECK
mml DIRCP;
@GOTO BC_DIRCP_END
@LABEL BC_DIRCP_CHECK
mml -cp ALL DIRCP;
@LABEL BC_DIRCP_END
@@
@@ Expected result: A printout of the CP EVENT RECORD
@@
@@--------------------------------------------------------------------------
@@ Reason: To check the IPN status.
@@ Note: Only for Classic, APZ 212 3X
@@
@IF {apzver} > "33" THEN GOTO NO_IPN
mml "OCINP:IPN=ALL;OCSIP:IPN=ALL;OCESP:IPN=ALL;"
@LABEL NO_CP
ipnaadm -list
dir K:OCSlogs
@LABEL NO_MML_OR_AP2
@IF {ap_no} = "ap2" THEN GOTO NO_IPN_AP2
@@ To avoid printing ipn for other than classic apz's
@@ will only work if win.ini is correct.
type C:winntwin.ini | find "y="
@COPY {_line1}{wininiver} 11 1
@SET {classic}=0
@IF {wininiver} = "c" THEN SET {classic} = 1
@IF {wininiver} = "C" THEN SET {classic} = 1
@IF {classic} <> 1 THEN GOTO NO_IPN
@@ IPN to find out if last ipn fc was correct.
type C:tftpbootboot.ipn0
type C:tftpbootboot.ipn1
type C:tftpbootboot.ipn2
type C:tftpbootboot.ipn3
@@
fc c:tftpbootboot.ipn0 c:tftpbootboot.ipn1
fc c:tftpbootboot.ipn2 c:tftpbootboot.ipn3
@@
type c:"Program Files"APOCSconfboot.ipnX.cp_loading
type c:"Program Files"APOCSconfboot.ipnX.not_loading
@@
fc c:tftpbootboot.ipn0 c:"Program Files"APOCSconfboot.ipnX.cp_loading
@@
fc c:tftpbootboot.ipn1 c:"Program Files"APOCSconfboot.ipnX.cp_loading
@@
fc c:tftpbootboot.ipn2 c:"Program Files"APOCSconfboot.ipnX.not_loading
@@
fc c:tftpbootboot.ipn3 c:"Program Files"APOCSconfboot.ipnX.not_loading
@@
@@ Expected result: Correct versions on board and in configuration files.
@@ For an AP-2 ipnaadm -list should normally be empty
@@--------------------------------------------------------------------------
@@ Reason: To get the IPN osdumps.
@@
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_4
18. @@IPNA00:
@@for %i in (k:ocslogs*ipna00*) do echo "Typing %~ni " && ipnaadm -osdump
-get %~nxi
@@IPNA01:
@@for %i in (k:ocslogs*ipna01*) do echo "Typing %~ni " && ipnaadm -osdump
-get %~nxi
@@
@@ Expected result: The IPN osdumps are printed for later analysis.
@@
@GOTO NO_PASSIVE_4
@LABEL NO_IPN_AP2
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_4
ipnaadm -list
@LABEL NO_IPN
@LABEL NO_PASSIVE_4
@@--------------------------------------------------------------------------
@@ Reason: Check network status.
@@
netstat -an
@@
@@ Expected result: Total Connections: 400-500
@@ ESTABLISHED: 75-100
@@ LISTENING: 200-300
@@ TIME_WAIT and CLOSE_WAIT: Varies a lot.
@@
@@--------------------------------------------------------------------------
@@ Reason: Network statistics.
@@
netstat -s
@@
@@ Expected result: Statistics
@@
@@--------------------------------------------------------------------------
@@ Reason: Verify that no important corrections are missing.
@IF {mkah} <> "MML" THEN GOTO NO_PASSIVE_5
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_5
@IF {bchwver} = "BC" THEN GOTO BC_PCORP_CHECK
mml "PCORP:BLOCK=APAP&MTAP&JTP&OCAD&OCADM&OCITS&AD2";
@GOTO PCORP_CHECK_END
@LABEL BC_PCORP_CHECK
mml -cp ALL "PCORP:BLOCK=APAP&MTAP&JTP&OCAD&OCADM&OCITS&AD2";
@LABEL PCORP_CHECK_END
@@
@@ Expected result: Corrections according to current CM/ACA level.
@@
@@--------------------------------------------------------------------------
@@ Reason: To check that no buffer congestions are present.
@@
@IF {bchwver} = "BC" THEN GOTO BC_LABUP_CHECK
mml LABUP;
@GOTO LABUP_CHECK_END
@LABEL BC_LABUP_CHECK
mml -cp ALL LABUP;
@LABEL LABUP_CHECK_END
@@
@@ Expected result: NCONG = 0
@@
@LABEL NO_PASSIVE_5
@@--------------------------------------------------------------------------
@@ Hardware dependent checks
@IF {bchwver}="BC" THEN GOSUB BC_HW
@IF {hwver}="APG43" THEN GOSUB APG43_HW
@IF {hwver}="APG40C/4" THEN GOSUB HW_C4
@IF {hwver} = "APG40C/2" THEN GOSUB HW_C2
19. @@--------------------------------------------------------------------------
@@ Reason: To verify the LINK SPEED in the SCB-RP boards
@@
@@IF {hwver} <> "APG43" THEN GOTO SCB_END
@@hwcls | findstr "SCB-RP"
@@PASTE {SCBInfo} {_lines}
@@COMPACT {SCBInfo}
@@SIZE {SCBInfo} {nlines}
@@IF {nlines} <=1 THEN GOTO SCB_END
@@SET {indexval} = 1
@@SET {SCBRP_AP2} = 0
@@WHILE {indexval} < {nlines}
@@COPY {SCBInfo[{indexval}]} {chkipval} 1 8
@@TRIM {chkipval}
@@IF {chkipval} MATCHES "1.2.0.4" THEN GOTO STORE_IP_AP1
@@IF {chkipval} MATCHES "15.2.0.4" THEN GOTO STORE_IP_AP2
@@GOTO IP_STORED
@@LABEL STORE_IP_AP2
@@SET {SCBRP_AP2} = 1
@@LENGTH {SCBInfo[{indexval}]} {Lenval_AP2}
@@COPY {SCBInfo[{indexval}]} {FullLine_AP2} 1 {Lenval_AP2}
@@CUT {slotval_AP2} {FullLine_AP2} COL 2 Sep " "
@@IF {slotval_AP2} MATCHES "25" THEN GOTO Slot_IP25_AP2
@@ Storing IP Address of SCB-RP with Slot 0
@@CUT {IPvalue0A_AP2} {FullLine_AP2} COL 6 Sep " "
@@CUT {IPvalue0B_AP2} {FullLine_AP2} COL 7 Sep " "
@@GOTO IP_STORED
@@ Storing IP Address of SCB-RP with Slot 25
@@LABEL Slot_IP25_AP2
@@CUT {IPvalue25A_AP2} {FullLine_AP2} COL 6 Sep " "
@@CUT {IPvalue25B_AP2} {FullLine_AP2} COL 7 Sep " "
@@GOTO IP_STORED
@@LABEL STORE_IP_AP1
@@LENGTH {SCBInfo[{indexval}]} {Lenval}
@@COPY {SCBInfo[{indexval}]} {FullLine} 1 {Lenval}
@@CUT {slotval} {FullLine} COL 2 Sep " "
@@IF {slotval} MATCHES "25" THEN GOTO Slot_IP25
@@ Storing IP Address of SCB-RP with Slot 0
@@CUT {IPvalue0A} {FullLine} COL 6 Sep " "
@@CUT {IPvalue0B} {FullLine} COL 7 Sep " "
@@GOTO IP_STORED
@@ Storing IP Address of SCB-RP with Slot 25
@@LABEL Slot_IP25
@@CUT {IPvalue25A} {FullLine} COL 6 Sep " "
@@CUT {IPvalue25B} {FullLine} COL 7 Sep " "
@@LABEL IP_STORED
@@INC {indexval}
@@ENDWHILE
@@
@@ Connecting to SCB-RP Slot 0 using Telnet with IPA
@@
@@COMMENT Connecting to SCB-RP Slot 0 with IPA : {IPvalue0A}
@@telnet /R {IPvalue0A}
@@GOSUB SCB_Information
@@
@@ Connecting to SCB-RP Slot 0 using Telnet with IPB
@@
@@COMMENT Connecting to SCB-RP Slot 0 with IPB : {IPvalue0B}
@@telnet /R {IPvalue0B}
@@GOSUB SCB_Information
@@
@@ Connecting to SCB-RP Slot 25 using Telnet with IPA
@@
@@COMMENT Connecting to SCB-RP Slot 25 with IPA : {IPvalue25A}
20. @@telnet /R {IPvalue25A}
@@GOSUB SCB_Information
@@
@@ Connecting to SCB-RP Slot 25 using Telnet with IPB
@@
@@COMMENT Connecting to SCB-RP Slot 25 with IPB : {IPvalue25B}
@@telnet /R {IPvalue25B}
@@GOSUB SCB_Information
@@
@@
@@ Checking the SCB-RP for AP2 Configurations
@@
@@IF {SCBRP_AP2} <> 1 THEN GOTO SCB_END
@@
@@ Connecting to SCB-RP Slot 0 using Telnet with IPA on AP2 Machine
@@
@@COMMENT Connecting to SCB-RP Slot 0 for AP2 with IPA : {IPvalue0A_AP2}
@@telnet /R {IPvalue0A_AP2}
@@GOSUB SCB_Information
@@
@@ Connecting to SCB-RP Slot 0 using Telnet with IPB on AP2 Machine
@@
@@COMMENT Connecting to SCB-RP Slot 0 for AP2 with IPB : {IPvalue0B_AP2}
@@telnet /R {IPvalue0B_AP2}
@@GOSUB SCB_Information
@@
@@ Connecting to SCB-RP Slot 25 using Telnet with IPA on AP2 Machine
@@
@@COMMENT Connecting to SCB-RP Slot 25 for AP2 with IPA : {IPvalue25A_AP2}
@@telnet /R {IPvalue25A_AP2}
@@GOSUB SCB_Information
@@
@@ Connecting to SCB-RP Slot 25 using Telnet with IPB on AP2 Machine
@@
@@COMMENT Connecting to SCB-RP Slot 25 for AP2 with IPB : {IPvalue25B_AP2}
@@telnet /R {IPvalue25B_AP2}
@@GOSUB SCB_Information
@@LABEL SCB_END
@@--------------------------------------------------------------------------
@@ Reason: Check that the IIS Meta database is consistent.
@@
@IF {osver} = "WinS03" THEN GOTO NOMD
mdutil enum_all
@@
@@ Expected result: Readable ACSII output.
@@
@@--------------------------------------------------------------------------
@@ Reason: Check FTP Sites settings.
@@
mdutil get MSFTPSVC/
mdutil get MSFTPSVC/1
mdutil get MSFTPSVC/2
mdutil get MSFTPSVC/3
@@
@@ Expected result:
@@AllowAnonymous "Default FTP Site" = 0 ,APIO_1 & APIO_2 = 1
@@LogType "Default FTP Site" = 1 ,APIO_1 & APIO_2 = 0
@LABEL NOMD
@@--------------------------------------------------------------------------
@@ Reason: Dump the Users in the System.
@@
userdump
@@
@@ Expected result: 1) Simple test of PDC/BDC communication
21. @@ 2) Both service users exist and are not Locked or
@@ Disabled.
@@
@@ OSU: Make sure that Administrator doesn't have membership in
@@ groups 'Guests' and 'Domain Guests'.
@@ OSU: Performing an upgrade using an account that will expire during the
upgrade
@@ can cause unpredictable behaviour in the AP.
@@ Please verify the expiry data and modify or remove if required.
@@
@@--------------------------------------------------------------------------
@@ Reason: Check that the virtual directories are correct.
@@
ftpls
vdls -n "Default FTP Site"
vdls -n "APIO_1"
vdls -n "APIO_2"
@@
@@ Expected result: Only absolute paths are used, no "shares" used.
@@
@@ OSU: "Default FTP Site" has to be "C:Inetsrvftproot"
@@
@@ Example:
@@
@@C:>ftpls
@@Microsoft (R) Windows Script Host Version 5.6
@@Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
@@
@@Site Name "Default FTP Site"
@@IP Address:Port: ":21:"
@@Physical Path "c:inetsrvftproot"
@@Site Status "STARTED"
@@
@@Site Name "APIO_1"
@@IP Address:Port: "192.168.169.1:21:"
@@Physical Path "c:inetsrvcpftproot"
@@Site Status "STARTED"
@@
@@Site Name "APIO_2"
@@IP Address:Port: "192.168.170.1:21:"
@@Physical Path "c:inetsrvcpftproot"
@@Site Status "STARTED"
@@
@@
@@C:>vdls -n "Default FTP Site"
@@Microsoft (R) Windows Script Host Version 5.6
@@Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
@@
@@Virtual Directory ACS
@@Physical Path "C:ACSdataFTP"
@@
@@Virtual Directory ftpvol
@@Physical Path "G:ftpvol"
@@
@@Virtual Directory images
@@Physical Path "M:images"
@@
@@Virtual Directory tcm_load
@@Physical Path "v:apz"
@@
@@
@@C:>vdls -n "APIO_1"
@@Microsoft (R) Windows Script Host Version 5.6
@@Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
22. @@
@@Virtual Directory APZ
@@Physical Path "V:APZ"
@@
@@Virtual Directory cpa
@@Physical Path "V:APZdataCPACPHWcrash"
@@
@@Virtual Directory cpb
@@Physical Path "V:APZdataCPBCPHWcrash"
@@
@@Virtual Directory CPSDUMP
@@Physical Path "L:CPSdataFTP"
@@
@@Virtual Directory CPSLOAD
@@Physical Path "L:FMSdataCPFRELVOLUMSW"
@@
@@
@@C:>vdls -n "APIO_2"
@@Microsoft (R) Windows Script Host Version 5.6
@@Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
@@
@@Virtual Directory APZ
@@Physical Path "V:APZ"
@@
@@Virtual Directory cpa
@@Physical Path "V:APZdataCPACPHWcrash"
@@
@@Virtual Directory cpb
@@Physical Path "V:APZdataCPBCPHWcrash"
@@
@@Virtual Directory CPSDUMP
@@Physical Path "L:CPSdataFTP"
@@
@@Virtual Directory CPSLOAD
@@Physical Path "L:FMSdataCPFRELVOLUMSW"
@@
@@--------------------------------------------------------------------------
@@ Reason: Check anonymous logon setting for the FTP Sites. (TR HH29261)
@@
@IF {osver} = "NT4" THEN GOTO NO_WMIC
wmic /namespace:rootMicrosoftIISv2 path IIsFtpServerSetting WHERE
"ServerComment='Default FTP Site'" GET AllowAnonymous
wmic /namespace:rootMicrosoftIISv2 path IIsFtpServerSetting WHERE
"ServerComment='Default FTP Site'" GET LogType
wmic /namespace:rootMicrosoftIISv2 path IIsFtpServerSetting WHERE
"ServerComment='APIO_1'" GET AllowAnonymous
wmic /namespace:rootMicrosoftIISv2 path IIsFtpServerSetting WHERE
"ServerComment='APIO_1'" GET LogType
wmic /namespace:rootMicrosoftIISv2 path IIsFtpServerSetting WHERE
"ServerComment='APIO_2'" GET AllowAnonymous
wmic /namespace:rootMicrosoftIISv2 path IIsFtpServerSetting WHERE
"ServerComment='APIO_2'" GET LogType
@@
@@ Expected result:
@@ 'Default FTP Site': AllowAnonymous = FALSE, LogType = 1
@@ 'APIO_1': AllowAnonymous = TRUE, LogType = 0
@@ 'APIO_2': AllowAnonymous = TRUE, LogType = 0
@@
@LABEL NO_WMIC
@@--------------------------------------------------------------------------
@@ Reason: To check that file attributes are correctly set.
@@
attrib C:*
@@
23. @@ Expected result: Check that these files have following attributes except
@@ for the A attribute that can be either set or not.
@@ NT4:
@@ A R C:AUTOEXEC.BAT
@@ A S C:boot.ini
@@ A SH C:BOOTSECT.DOS
@@ A H C:burinfo.txt
@@ A R C:COMMAND.COM
@@ A SHR C:IO.SYS
@@ A SHR C:MSDOS.SYS
@@ A SHR C:NTDETECT.COM
@@ A SHR C:ntldr
@@
@@ WinS03:
@@ A SHR C:boot.ini
@@ SH C:BOOTSECT.DOS
@@ A SHR C:MSDOS.SYS
@@ A SHR C:NTDETECT.COM
@@ A SHR C:ntldr
@@ A SH C:pagefile.sys
@@
@@--------------------------------------------------------------------------
@@ Reason: To check that files and that their attributes are correct on E:
partition.
@@ (TR HG70690)
@@
@SET {attflag}= "/S"
@IF {osver} = "WinS03" THEN SET {attflag}= "/S /D"
attrib E:* {attflag}
@@
@@ Expected result: Check that these files have following attributes except
@@ for the A attribute that can be either set or not.
@@
@@ A SHR E:BOOT.INI
@@ A SHR E:ntdetect.com
@@ A SHR E:ntldr
@@
@@ A E:cmdcons*
@@ A SHR E:boot.ini
@@ SHR E:cmdcons
@@ A SHR E:cmldr
@@ A SHR E:NTDETECT.COM
@@ A SHR E:ntldr
@@ SH E:System Volume Information
@@
dir /a:h e:
@@
@@ Expected result:
@@ NT4:
@@ Volume in drive E is ntboot
@@ Volume Serial Number is 5C4F-3ADC
@@
@@ Directory of e:
@@
@@ 10/24/00 08:23a 540 BOOT.INI
@@ 01/26/00 05:35p 26,832 ntdetect.com
@@ 01/09/04 01:33p 156,496 ntldr
@@
@@ WinS03:
@@ c:winntprofilesAdministrator>dir /a:h e:
@@ Volume in drive E is ntboot
@@ Volume Serial Number is A469-E377
@@
@@ Directory of e:
24. @@
@@ 08/24/2005 06:54 PM 641 BOOT.BAK
@@ 10/28/2005 09:14 AM 641 boot.ini
@@ 10/28/2005 09:14 AM <DIR> cmdcons
@@ 03/25/2005 03:00 PM 298,096 cmldr
@@ 03/25/2005 03:00 PM 47,772 NTDETECT.COM
@@ 03/25/2005 03:00 PM 295,536 ntldr
@@ 03/09/2006 01:00 PM <DIR> RECYCLER
@@ 10/28/2005 08:58 AM <DIR> System Volume Information
@@ 5 File(s) 642,686 bytes
@@ 3 Dir(s) 20,492,288 bytes free
@@
@@ Note! Check that the hidden directory cmdcons is present on WinS03.
@@--------------------------------------------------------------------------
@@ Reason: To check that the AP boots from correct partition.
@@
type e:boot.ini
@@
@@ Expected result:
@@ NT4:
@@ [boot loader]
@@ timeout=3
@@ default=multi(0)disk(0)rdisk(0)partition(2)WINNT
@@ [operating systems]
@@ multi(0)disk(0)rdisk(0)partition(2)WINNT="2 Windows NT Enterprise Server
Version 4.00 org"
@@ multi(0)disk(0)rdisk(0)partition(2)WINNT="2 Windows NT Enterprise Server
Version 4.00 org [VGA mode]" /basevideo /sos
@@ multi(0)disk(0)rdisk(0)partition(3)WINNT="3 Windows NT Enterprise Server
Version 4.00 org Backup"
@@ multi(0)disk(0)rdisk(0)partition(3)WINNT="3 Windows NT Enterprise Server
Version 4.00 org Backup [VGA mode]" /basevideo /sos
@@
@@ WinS03:
@@ [boot loader]
@@ timeout=3
@@ default=multi(0)disk(0)rdisk(0)partition(2)WINNT
@@ [operating systems]
@@ multi(0)disk(0)rdisk(0)partition(2)WINNT="Windows Server 2003 Enterprise"
/fastdetect
@@ multi(0)disk(0)rdisk(0)partition(2)WINNT="Windows Server 2003 Enterprise
[VGA mode]" /basevideo /sos /noguiboot /bootlog /safeboot:minimal
@@ multi(0)disk(0)rdisk(0)partition(3)WINNT="Windows Server 2003 Enterprise
Backup" /fastdetect
@@ multi(0)disk(0)rdisk(0)partition(3)WINNT="Windows Server 2003 Enterprise
Backup [VGA mode]" /basevideo /sos /noguiboot /bootlog /safeboot:minimal
@@ C:CMDCONSBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
@@
@@--------------------------------------------------------------------------
@@ Hardware dependent ACL checks
@IF {cdt} = YES THEN GOTO SKIP_ACL
@IF {hwver}="APG43" THEN GOSUB APG43_ACL
@IF {hwver}="APG40C/4" THEN GOSUB APG40_ACL
@IF {hwver} = "APG40C/2" THEN GOSUB APG40_ACL
@LABEL SKIP_ACL
@@--------------------------------------------------------------------------
@@ Reason: To print the IntegrityAP Baseline.
@@
@IF {hwver}="APG43" THEN GOTO APG43_IntegrityAP
type C:acsdatafchcurrentCXC1371063IntegrityAP.dir
@GOTO IntegrityAP_END
@LABEL APG43_IntegrityAP
type C:acsdatafchcurrentCXC1371132IntegrityAP.dir
@LABEL IntegrityAP_END
25. type C:WINNTsystem32IntegrityAP.dir
@@
@@ Expected result: Baseline
@@
@@--------------------------------------------------------------------------
@@ Reason: To check if baseline files exist on this system
@@
dir C:acslogslct
@@ Expected result:
@@ 11/16/05 03:59p 583,090 IntegrityAP.da2
@@ 11/16/05 03:59p 312,671 IntegrityAP.dat
@@
@@--------------------------------------------------------------------------
@@ Reason: To check that LCTBIN CNI 4-203 is implemented correct.
@@
cacls %Systemroot%repair
@@ Expected result:
@@ NT AUTHORITYSYSTEM:(OI)(CI)F
@@ BUILTINAdministrators:(OI)(CI)F
@@
@@--------------------------------------------------------------------------
@@ Reason: To check the contents of win.ini.
@@
type c:winntwin.ini
@@
@@ Expected result: APZ 212 40:
@@ -----------
@@ Mode=1002
@@ Server=1
@@ Directory=V:APZdataBOOT
@@ Maximum Block Size=1450
@@
@@ APZ 212 30/33:
@@ --------------
@@ Directory=c:tftpboot
@@ Server=1
@@ Maximum Block Size=512
@@ Mode=1002
@@--------------------------------------------------------------------------
@@ Reason: MS Diagnostic report.
@@
@IF {osver} = "WinS03" THEN GOTO NO_WINMSD
cd /d C:TEMP && winmsd /a
@T 6
find "Free:" %computername%.txt
find "Handles" %computername%.txt
find "Service Account" %computername%.txt | find ""
type %computername%.txt
@@
@@ Expected result: MS Diagnostic report
@@ Check Free/Total disk space,labels, number of Handles etc.
@@ Check that same service user runs the services.
@@ Passive node should only see disk C: D: E: F:
@@ OSU: correct labels and in lower case only.
@@ OSU: If the any of the two points below isn't true this is
an indication
@@ of that the labels might be incorrect. It must be
investigated in detail and
@@ if needed corrected before any attempt to start the
repartitioning.
@@ (TR HG69453 and HG58613)
@@
@@ 1. Sectors per cluster: 1 is ntserv
@@ Sectors per cluster: 4 is ntbackup
26. @@
@@ 2. The line with "Total: 2,086,559 KB" is ntserv
@@ The line with "Total: 2,086,558 KB" is ntbackup
@@
@@
@@ OSU: Check required free disk space on E: 19 MByte (TR
HG87416).
@@
@@ examples:
@@
@@Drives Report
@@----------------------------------------------------------------------
@@C: (Local - NTFS) ntbackup Total: 2,086,558 KB, Free: 305,108 KB
@@ Serial Number: DCD6 - D112
@@ Bytes per cluster: 512
@@ Sectors per cluster: 4
@@ Filename length: 255
@@D: (Local - NTFS) ntserv Total: 2,086,559 KB, Free: 1,156,650 KB
@@ Serial Number: 440C - 3067
@@ Bytes per cluster: 512
@@ Sectors per cluster: 1
@@ Filename length: 255
@@E: (Local - NTFS) ntboot Total: 30,208 KB, Free: 27,741 KB
@@ Serial Number: 5C4F - 3ADC
@@ Bytes per cluster: 512
@@ Sectors per cluster: 1
@@ Filename length: 255
@@F: (Local - NTFS) ntdump Total: 4,097,516 KB, Free: 4,049,360 KB
@@ Serial Number: C881 - 6A04
@@ Bytes per cluster: 512
@@ Sectors per cluster: 8
@@ Filename length: 255
@@
@@
@@----------------------------------------------------------------------
@@ Reason: Print the Service User profile (NT4).
@@
regedit /e C:TEMPServiceUser.txt "HKEY_LOCAL_MACHINESoftwareEricssonAdjunct
ProcessorACSlct"
type C:TEMPServiceUser.txt
@SCAN {_line4} "=" {pos}
@SET {pos} = {pos}+2
@COPY {_line4}{serviceuser} {pos} 20
@COMMENT Service user={serviceuser}
dir /a C:winntprofiles{serviceuser}
dir /a /s C:winntprofiles{serviceuser}
@@
@@ Expected Result: Folders according to example below.
@@
@@ C:temp>dir /a C:winntprofilesGZYcVOiSHqSf1S7GY1AF
@@ Volume in drive C is ntserv
@@ Volume Serial Number is 5C0B-41E7
@@
@@ Directory of C:winntprofilesGZYcVOiSHqSf1S7GY1AF
@@
@@ 03/30/06 01:55p <DIR> .
@@ 03/30/06 01:55p <DIR> ..
@@ 03/30/06 01:55p <DIR> Application Data
@@ 03/30/06 01:55p <DIR> Cookies
@@ 03/30/06 01:55p <DIR> Desktop
@@ 03/30/06 01:55p <DIR> Favorites
@@ 03/30/06 01:55p <DIR> History
@@ 03/30/06 01:55p <DIR> Local Settings
@@ 03/30/06 01:55p <DIR> NetHood
27. @@ 03/31/06 08:58a 147,456 NTUSER.DAT
@@ 03/31/06 08:58a 1,024 ntuser.dat.LOG
@@ 03/30/06 01:55p <DIR> Personal
@@ 03/30/06 01:55p <DIR> PrintHood
@@ 03/30/06 01:55p <DIR> Recent
@@ 03/30/06 01:55p <DIR> SendTo
@@ 03/30/06 01:55p <DIR> Start Menu
@@ 03/30/06 01:55p <DIR> Templates
@@ 17 File(s) 148,480 bytes
@@ 407,070,208 bytes free
@@
del C:TEMP%computername%.txt
cd /d C:
@LABEL NO_WINMSD
@@--------------------------------------------------------------------------
@@ Reason: Check setupservices.def
type C:Winntsystem32setupservice.def
@@ Expected result:
@@
@@ClusSvc
@@LBBAM_Service
@@# Start of lines belonging to CXC1371062 R5E BURBIN
@@burserver
@@# End of lines belonging to CXC1371062
@@# Start of lines belonging to CXC1371059 R2B PRCBIN
@@ACS_PRC_IspService
@@# End of lines belonging to CXC1371059
@@# Start of lines belonging to CXC137499 R4D SFCBIN
@@ACS_SFC_Recovery
@@# End of lines belonging to CXC137499
@@# Start of lines belonging to CXC1371092 R1C ALOGBIN
@@ACS_ALOG_BufMan
@@ACS_ALOG_SysMon
@@ACS_ALOG_SecLog
@@# End of lines belonging to CXC1371092
@@# Start of lines belonging to CXC1371060 R1E FCHBIN
@@acs_fch_server
@@# End of lines belonging to CXC1371060
@@ Only present from AGM015:
@@# Start of lines belonging to CXC1371117 R1A FCRBIN
@@ACS_FCR_Server
@@# End of lines belonging to CXC1371117
@@# Start of lines belonging to CXC1371091 R2B NSFBIN
@@acs_nsf_server
@@# End of lines belonging to CXC1371091
@@
type C:Winntsystem32setupservice.def | findstr /v #
@@ Expected result:
@@ ClusSvc
@@ LBBAM_Service
@@ burserver
@@ ACS_PRC_IspService
@@ ACS_SFC_Recovery
@@ ACS_ALOG_BufMan
@@ ACS_ALOG_SysMon
@@ ACS_ALOG_SecLog
@@ acs_fch_server
@@ acs_nsf_server (from AGM015)
@@ ACS_FCR_Server (from AGM015)
@@
@@--------------------------------------------------------------------------
@@ Reason: Check lct configuration of the service account
@@
cd /d c:temp && regedit /e lct.txt
28. "HKEY_LOCAL_MACHINESOFTWAREEricssonAdjunct ProcessorACSLCT"
type lct.txt && del lct.txt
@@ Expected result: The currently existing service account.
@@ Check that it correspond to the account used by the services
printed above.
@@
@@--------------------------------------------------------------------------
@@ Reason: Check automatically started applications.
@@
cd /d c:temp && regedit /e auto_HKLM.txt
"HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun"
cd /d c:temp && regedit /e auto_HKCU.txt
"HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun"
cd /d c:temp && regedit /e auto_HKU.txt
"HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun"
type auto_HKLM.txt
type auto_HKCU.txt
type auto_HKU.txt
del auto_HK*.txt
@@ Expected result: To identify incorrect configured applications.
@@
@@--------------------------------------------------------------------------
@@ Reason: Check workstation and server configuration.
@@
net config workstation
net config server
@@
@@ Expected result:
@@Computer name [NODE NAME]
@@User name Administrator
@@
@@Workstation active on NetBT_E100B1 ([mac]) NetBT_E100B2 ([mac])
NetBT_E100B4 ([mac]) NetBT_E100E5 ([mac])
@@Software version Windows NT 4.0
@@
@@Workstation domain [DOMAIN NAME]
@@Logon domain [DOMAIN NAME]
@@
@@COM Open Timeout (sec) 3600
@@COM Send Count (byte) 16
@@COM Send Timeout (msec) 250
@@
@@Server Name [NODE NAME]
@@Server Comment
@@
@@Software version Windows NT 4.0
@@Server is active on NetBT_E100B1 ([mac]) NetBT_E100B1
([mac]) NetBT_E100B4 ([mac]) NetBT_E100B4 ([mac]) NetBT_E100B2 ([mac])
@@NetBT_E100B2 ([mac]) NetBT_E100E5 ([mac]) NetBT_E100E5 ([mac]) NetBt_If4
([mac]) NetBt_If2 ([mac])
@@
@@Server hidden No
@@Maximum Logged On Users Unlimited
@@Maximum open files per session 2048
@@
@@Idle session time (min) 15
@@--------------------------------------------------------------------------
@@ Reason: To check the IP Configuration.
@@
ipconfig /all | findstr /I "Primary"
ipconfig /all
@@
@@ Expected result: Verify the settings on the adapters as shown below.
@@
33. @@--------------------------------------------------------------------------
@@ Reason: OSU: To check that an up-to-date backup is available.
@@ and up-to-date backup archives exists on datadisk
@@
@@ alternative: type d:burinfo.txt
@@
burverify -d
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_8
@IF {osver} = "NT4" THEN GOTO K_Images
@IF {hwver} = "APG43" THEN GOTO K_Images
dir /s M:images
@GOTO NO_PASSIVE_8
@LABEL K_Images
dir /s K:images
@LABEL NO_PASSIVE_8
dir /od c:bur
dir /od C:acsdataBUR
@@
@@ Expected result:
@@ Imagename: cm312_apnnb
@@ Date: 10/19/04 4:32:46 PM
@@ Node: APnnB
@@ Status: OK (8948 files and 778 directories copied, 0 locked files)
@@
@@ OSU: No "big" ddi files should exist (Normal size ~50KByte)
@@
@@--------------------------------------------------------------------------
@@ Reason: Make sure things in C: are ok.
@@
dir /A c:
@@
@@ Expected result: No large temporary files.
@@ OSU: Check required free disk space
@@ Check that directory $oem$ and no other suspicious
@@ files or folders exist.
@@--------------------------------------------------------------------------
@@ Reason: To list the C drive directory structure.
@@
tree C: /A
@@
@@ Expected result: Directory PATH listing for volume ntserv.
@@
@@--------------------------------------------------------------------------
@@ Reason: To check the virus signature version.
@@
inocmd32 -sig
@@
@@ Expected result: The versions should be up-to-date.
@@
@@ InoculateIT Signature version: virsig.da0 23.67.35 2004/11/18
@@ Vet Signature version: vet.da1 11.07.8745 2004/11/19
@@
@@--------------------------------------------------------------------------
@@ Reason: To check the antivirus exclusion settings.
@@Valid AVIRBIN CXC1371268/4 R1A APZ 212 30/4-1240
cd /d C:temp && regedit /e antivir.txt
"HKEY_LOCAL_MACHINESoftwareComputerAssociateseTrustITMCurrentVersionRealtim
e"
if exist antivir.txt type antivir.txt | find "szExcludeProcessNames"
if exist antivir.txt type antivir.txt | find "szExcludeDirs" && del antivir.txt
@@Valid AVIRBIN CXC1371065/4 R2D APZ21230/4-131
cd /d C:temp && regedit /e antivir.txt
"HKEY_LOCAL_MACHINESoftwareComputerAssociateseTrustAntivirusCurrentVersionR
ealtime"
34. if exist antivir.txt type antivir.txt | find "szExcludeProcessNames"
if exist antivir.txt type antivir.txt | find "szExcludeDirs" && del antivir.txt
@@
cd /d C:temp && regedit /e antivir.txt
"HKEY_LOCAL_MACHINESoftwareComputerAssociatesInoculateIT6.0Realtime"
if exist antivir.txt type antivir.txt | find "szExcludeProcessNames"
if exist antivir.txt type antivir.txt | find "szExcludeDirs" && del antivir.txt
@@Valid for AVIRBIN CXC1371035/4 R1E APZ21220/5-1086 (China)
cd /d C:temp && regedit /e antivir.txt
"HKEY_LOCAL_MACHINESoftwareComputerAssociateseTrustAntivirusInoculateIT6.0R
ealtime"
if exist antivir.txt type antivir.txt | find "szExcludeProcessNames"
if exist antivir.txt type antivir.txt | find "szExcludeDirs" && del antivir.txt
@@
@@ Expected result: Processes and partitions currently excluded.
@@ The example is valid for AVIRBIN CXC1371065/4 R2H APZ21230/4-371
@@
@@ Excluded Processes:
@@ "szExcludeProcessNames"="acs_msd_service|acs_rtr_service|acs_usa_sysloga|
aes_afp_server.|aes_cdh_server.|
@@ aes_dbo_server.|burServer.exe|cidaemon.exe|cps_busrv.exe|fms_cpf_server.|
fosffc.exe|mcs_adh_adm.exe|
@@ mcs_mts_adm.exe|ntagent.exe|pes_clh_server.|rdt.exe|stsmain.exe|stsprov.exe"
@@
@@ Excluded Dirs
@@ "szExcludeDirs"="C:acsdataFtpmktrbuild|K:ImagesnodeA|
K:ImagesnodeB|L:FMSData|Y:RDT"
@@
@@--------------------------------------------------------------------------
@@ Reason: Check that A-node is PDC and that B-node is BDC in the domain
@@ and that domain related communication works between the nodes.
@IF {osver} = "WinS03" THEN GOTO ERNST
netdom query
netdom bdc
@LABEL ERNST
@@
@@ Expected result: NT4
@@ Netdom query command on A-node:
@@ -------------------------------
@@
@@ NetDom 1.8 @1997-98. Written by Christophe Robert - Microsoft.
@@
@@ Querying domain information on computer WELOVEAPG40A ...
@@ Computer WELOVEAPG40A is a domain controller of WELOVEAPG40DOM.
@@ Searching PDC for domain WELOVEAPG40DOM ...
@@ Found PDC WELOVEAPG40A
@@ Connecting to WELOVEAPG40A ...
@@ Computer WELOVEAPG40A is the PDC of WELOVEAPG40DOM.
@@
@@ Netdom query command on B-node:
@@ -------------------------------
@@
@@ NetDom 1.8 @1997-98. Written by Christophe Robert - Microsoft.
@@
@@ Querying domain information on computer WELOVEAPG40B ...
@@ Computer WELOVEAPG40B is a domain controller of WELOVEAPG40DOM.
@@ Searching PDC for domain WELOVEAPG40DOM ...
@@ Found PDC WELOVEAPG40A
@@ Connecting to WELOVEAPG40A ...
@@ Verifying secure channel on WELOVEAPG40B ...
@@
@@ Secure channel established successfully with WELOVEAPG40A for domain
WELOVEAPG40DOM.
@@
35. @@
@@ Netdom bdc command on A-node and B-node:
@@ ----------------------------------------
@@
@@ NetDom 1.8 @1997-98. Written by Christophe Robert - Microsoft.
@@
@@ Searching PDC for domain WELOVEAPG40DOM ...
@@ Found PDC WELOVEAPG40A
@@ Connecting to WELOVEAPG40A ...
@@ Listing BDCs of WELOVEAPG40DOM ...
@@
@@ BDC 1 = WELOVEAPG40B
@@
@@--------------------------------------------------------------------------
@@ Reason: Display connections to shared network resources.
@@
net use
@@
@@ Expected result: No entries in the list.
@@
@@ New connections will be remembered.
@@
@@
@@ There are no entries in the list.
@@
@@ OSU: Mapped connections will only be listed for current user.
@@ If this AP Audit script is run with an account other than Administrator
(e.g. ossuser),
@@ 'net use' should also be executed manually with the Administrator
account.
@@--------------------------------------------------------------------------
@@ Reason: Check information about all of the resources
@@ that are shared on the local computer.
@@
@@
net share
@@
@@ Expected result: Example printout from AC-M4225 system.
@@
@@ Share name Resource Remark
@@
@@
@@
-------------------------------------------------------------------------------
@@ E$ E: Default share
@@ ADMIN$ C:WINNT Remote Admin
@@ Q$ Q: Default share
@@ IPC$ Remote IPC
@@ R$ R: Default share
@@ C$ C: Default share
@@ S$ S: Default share
@@ D$ D: Default share
@@ Y$ Y: Default share
@@ L$ L: Default share
@@ F$ F: Default share
@@ V$ V: Default share
@@ G$ G: Default share
@@ K$ K: Default share
@@ J$ J: Default share
@@ M$ M: Default share
@@ Images K:Images
@@ NETLOGON C:WINNTsystem32ReplImportS Logon server share
@@ Share CPS L:
@@ Share FMS L:
36. @@ Share J J:
@@ Share K K:
@@ Share LOGS K:
@@ Share MCS M:
@@ Share R R:
@@ Share S S:
@@ The command completed successfully.
@@
@@--------------------------------------------------------------------------
@@ Reason: To check that all services expected to run really runs.
@@
net start
@@
@@ Expected result: A list of all running services.
@@ Do an extra check on that:
@@ ACS_FCH_server, Messenger, FTP server and AntiVirus
@@ services are running.
@@
@@ Example from an active node on AC-M4225 level.
@@
@@ These Windows NT services are started:
@@
@@
@@ ACS_ACSC_Logmaint
@@ ACS_ALH_EXEC
@@ ACS_ALOG_BufMan
@@ ACS_ALOG_Main
@@ ACS_ALOG_SecLog
@@ ACS_ALOG_SysMon
@@ ACS_CHB_ClockSyncService
@@ ACS_CHB_HeartBeatService
@@ ACS_DSD_service
@@ ACS_FCH_Server
@@ ACS_MSD_service
@@ ACS_MSD_service_1
@@ ACS_MSD_service_2
@@ ACS_MSD_service_3
@@ ACS_MSD_service_4
@@ ACS_MSD_service_5
@@ ACS_MSD_service_6
@@ ACS_MSD_service_7
@@ ACS_NSF_Server
@@ ACS_PRC_ClusterControl
@@ ACS_PRC_CountReboot
@@ ACS_PRC_eva
@@ ACS_PRC_IspLogger
@@ ACS_PRC_LBB
@@ ACS_RTR_service
@@ ACS_RTR_service_1
@@ ACS_RTR_service_2
@@ ACS_RTR_service_3
@@ ACS_RTR_service_4
@@ ACS_RTR_service_5
@@ ACS_RTR_service_6
@@ ACS_RTR_service_7
@@ ACS_SFC_Recovery
@@ ACS_SSU_Monitor
@@ ACS_USA_SyslogAnalyser
@@ AES_AFP_server
@@ AES_CDH_server
@@ AES_DBO_server
@@ Alerter
@@ AM-Service
@@ burServer
37. @@ Cluster Server
@@ Computer Browser
@@ CPS_BUSRV
@@ DisableInactiveUserAccountsService
@@ Diskeeper
@@ Distinct TFTP
@@ DPTSRV
@@ Ethernet NDIS
@@ eTrust Antivirus Job Server
@@ eTrust Antivirus Realtime Server
@@ eTrust Antivirus RPC Server
@@ EventLog
@@ F-Secure SSH Server
@@ FMS_CPF_server
@@ FTP Publishing Service
@@ gatherer
@@ IIS Admin Service
@@ InetD
@@ Last Login Service
@@ LBBAM Service
@@ MAS_CPTASP_cptcentral
@@ MAS_CPTASP_cptcentral_A
@@ MAS_CPTASP_cptcentral_B
@@ MAS_CPTASP_cptheartbeat
@@ MCS_ADH_Adm
@@ MCS_AIAP_Adm
@@ MCS_ALDA_ADM
@@ MCS_ALEC_ADM
@@ MCS_ALIS_ADM
@@ MCS_MTS_ADM
@@ Messenger
@@ Microsoft DHCP Server
@@ Net Logon
@@ NT LM Security Support Provider
@@ OCS_IPNAADM
@@ OCS_OCP_echo
@@ pcAnywhere Host Service
@@ PES_CLH_server
@@ Plug and Play
@@ Protected Storage
@@ Remote Procedure Call (RPC) Locator
@@ Remote Procedure Call (RPC) Service
@@ Server
@@ SoftWareListService
@@ Spooler
@@ stsmain
@@ stsopcf
@@ stsprov
@@ Task Scheduler
@@ TCP/IP NetBIOS Helper
@@ Workstation
@@
@@ The command completed successfully.
@@
@@--------------------------------------------------------------------------
@@ Reason: Verify cached netbios names and lmhost entries matches.
@@
nbtstat -c
@@ Expected result: (NT4)
@@ NetBIOS Remote Cache Name Table
@@
@@ Name Type Host Address Life [sec]
@@--------------------------------------------------------------------------
@@
38. @@WELOVEAPG40DOM<1C> GROUP 192.168.202.1 -1
@@WELOVEAPG40DOM<1B> UNIQUE 192.168.202.1 -1
@@WELOVEAPG40B <03> UNIQUE 192.168.202.2 -1
@@WELOVEAPG40B <00> UNIQUE 192.168.202.2 -1
@@WELOVEAPG40B <20> UNIQUE 192.168.202.2 -1
@@WELOVEAPG40A <03> UNIQUE 192.168.202.1 -1
@@WELOVEAPG40A <00> UNIQUE 192.168.202.1 -1
@@WELOVEAPG40A <20> UNIQUE 192.168.202.1 -1
@@
type C:winntsystem32driversetclmhosts
@@ Expected result:
@@
@@192.168.202.1 AP143A #PRE #DOM:AP143DOM
@@192.168.202.2 AP143B #PRE #DOM:AP143DOM
@@192.168.202.1 "AP143DOM 0x1b" #PRE
@@
@@ Note: The lmhosts file should not exist in WinS03
@@--------------------------------------------------------------------------
@@Check content of hosts and compare them between A and B node
type c:winntsystem32driversetchosts
@@ Expected result: Classic
@@ 127.0.0.1 localhost
@@ # Start of lines belonging to CXC137442 R3D TOCAPBIN
@@ 192.168.169.1 ap1a-l1 ap1a
@@ 192.168.170.1 ap1a-l2 ap1a
@@ 192.168.169.2 ap1b-l1 ap1b
@@ 192.168.170.2 ap1b-l2 ap1b
@@
@@ 192.168.169.128 cp0ex-stoc0-l1 cp0ex cp0
@@ 192.168.170.128 cp0ex-stoc1-l2 cp0ex cp0
@@ 192.168.169.129 cp0sb-stoc0-l1 cp0sb
@@ 192.168.170.129 cp0sb-stoc1-l2 cp0sb
@@ # End of lines belonging to CXC137442
@@ 192.168.169.33 ap_1
@@ 192.168.169.33 app_apio
@@ 192.168.169.33 app_sts
@@ 192.168.169.33 app_gatherer_global
@@ 192.168.169.33 app_global_gatherer
@@
@@ Expected result: APZ 212 50
@@ 127.0.0.1 localhost
@@ # Start of lines belonging to CXC137442 R3L TOCAPBIN
@@ 192.168.169.1 ap1a-l1 ap1a
@@ 192.168.170.1 ap1a-l2 ap1a
@@ 192.168.169.2 ap1b-l1 ap1b
@@ 192.168.170.2 ap1b-l2 ap1b
@@
@@ 192.168.169.128 cp0ex-stoc0-l1 cp0-Aside cp0ex cp0
@@ 192.168.170.128 cp0ex-stoc1-l2 cp0-Aside cp0ex cp0
@@ 192.168.169.129 cp0sb-stoc0-l1 cp0-Bside cp0sb
@@ 192.168.170.129 cp0sb-stoc1-l2 cp0-Bside cp0sb
@@ # End of lines belonging to CXC137442
@@ 192.168.169.33 ap_1
@@ 192.168.169.33 app_apio
@@ 192.168.169.33 app_sts
@@ 192.168.169.33 app_global_gatherer
@@ 192.168.169.33 app_gatherer_global
@@
@@--------------------------------------------------------------------------
@@ Reason: Check that the quorum logging is ok.
@IF {nodestate} <> "active" THEN GOTO NO_PASSIVE_9
@@
@IF {osver} = "WinS03" THEN GOTO WinS_QUORUM
dir J:MSCS
39. @GOTO NO_PASSIVE_9
@LABEL WinS_QUORUM
dir I:MSCS
@@ Expected result: Only one quolog.log and one chk****.tmp should exist.
@@
@LABEL NO_PASSIVE_9
@@--------------------------------------------------------------------------
@@ Reason: Check that everything in cluster is up and running.
@@
@IF {nodestate} = "undefined" THEN GOTO NO_PING
cluster res | findstr /vie online
@@ Expected result: Empty printout if all resources are online.
@@
cluster /ver
cluster /quorum
cluster /list
cluster node
cluster group
cluster res
@@ Recursive cluster res printing is not supported in WinFIOL versions older
than 7.0.1.
@IF {_version} = "wf" THEN GOTO contclus
@IF {_version} <= "700" THEN GOTO contclus
cluster res
@PASTE {clusterRes} {_lines}
@COMPACT {clusterRes}
@SIZE {clusterRes} {numRes}
@SET {indexRes} = 4
@WHILE {indexRes} < {numRes}
@BEFORE {clusterResource} {clusterRes[{indexRes}]} " "
@TRIM {clusterResource}
@AFTER {tmp} {clusterRes[{indexRes}]} {clusterResource}
@TRIM {tmp}
@BEFORE {clustergroup} {tmp} " "
@IF {clusterResource} MATCHES ".+RGAPM_0" THEN @SET {clustergroup}="RGAPM_0"
@IF {clusterResource} MATCHES ".+RGAPM_1" THEN @SET {clustergroup}="RGAPM_1"
@IF {clusterResource} MATCHES ".+RGAPM_[01]" THEN @BEFORE {clusterResource}
{clusterResource} " RGAPM"
@IF {clusterResource} MATCHES ".+Cluster Group" THEN @SET
{clustergroup}="Cluster Group"
@IF {clusterResource} MATCHES ".+Cluster Group" THEN @BEFORE
{clusterResource} {clusterResource} " Cluster Group"
@IF {clusterResource} MATCHES ".+Disk Group" THEN @SET {clustergroup}="Disk
Group"
@IF {clusterResource} MATCHES ".+Disk Group" THEN @BEFORE {clusterResource}
{clusterResource} " Disk Group"
@IF {clusterResource} MATCHES ".+PMC860 Group" THEN @SET
{clustergroup}="PMC860 Group"
@IF {clusterResource} MATCHES ".+PMC860 Group" THEN @BEFORE
{clusterResource} {clusterResource} " PMC860 Group"
@COMMENT res="{clusterResource}", grp="{clustergroup}"
cluster res "{clusterResource}" /listowners
@INC {indexRes}
@ENDWHILE
@LABEL contclus
cluster res /prop
cluster res /priv
cluster netint
cluster netint /prop
cluster net /prop | sort | find "Role"
@@ Expected result:
@@ Cluster node: Status shall be UP
@@ Cluster group: Status shall be Online
@@ Cluster res: Status shall be Online
40. @@
@@ OSU: Check that both node names ends with 'A' or' B' in UPPERCASE.
@@ Node name must not contain _ (underscore).
@@ Otherwise the script will stop in the SelfTest execution, with "Error
resolving
@@ node names by naming conventions" (Both nodes will be seen as BDC's.)
@@
@@ OSU:
@@ In WinNT4 it should look like this:
@@
@@ C:>cluster net /prop | sort | find "Role"
@@ Heartbeat 1 Role 1 (0x1)
@@ Heartbeat 2 Role 1 (0x1)
@@ IPN100-1 Role 2 (0x2)
@@ IPN100-2 Role 2 (0x2)
@@ Local Maintenance Role 2 (0x2)
@@ Public Role 2 (0x2)
@@
@@ In W2K3 it should look like this (this is more useful for ALAN than anything
else):
@@
@@ c:winntprofilesAdministrator>cluster net /prop | sort | find "Role"
@@ D Heartbeat 1 Role 1 (0x1)
@@ D Heartbeat 2 Role 1 (0x1)
@@ D IPN100-1 Role 2 (0x2)
@@ D IPN100-2 Role 2 (0x2)
@@ D Local Maintenance Role 2 (0x2)
@@ D Public Role 2 (0x2)
@@
@@
@@ 1 = Internal cluster communications only (private network)
@@ 2 = Client access only (public network)
@@ 3 = All Communications (mixed network)
@@
@@--------------------------------------------------------------------------
@@ Reason: Check that preferred owners are correct.
@@
cluster group RGAPM_0 /listowners
cluster group RGAPM_1 /listowners
cluster group "Disk Group" /listowners
cluster group "Cluster Group" /listowners
@IF {hwver} = "APG43" THEN GOTO NO_PMC860
cluster group "PMC860 Group" /listowners
@LABEL NO_PMC860
@@
@@ Expected result:
@@ Preferred Owner Nodes: RGAPM_0 -> A-node, RGAPM_1 -> B-node
@@ the other groups shall be empty.
@@--------------------------------------------------------------------------
@@ Reason: OSU: Check the other nodes public network interface.
cluster netint /prop | find "Public" | find "Address"
@COPY {_line1}{ping1} 57 20
@LENGTH {_line1}{length1}
@IF {length1} = 0 THEN GOTO NO_PING
@IF {ping1} = "mapper." THEN GOTO NO_PING
@COPY {_line2}{ping2} 57 20
@COPY {_line3}{ping3} 57 20
@LENGTH {_line2}{length2}
@IF {length2} = 0 THEN SET {ping2}={ping3}
ping {ping1}
ping {ping2}
ping {ping1}
ping {ping2}
@@ Expected result: Lost = 0 (0% loss)
41. @LABEL NO_PING
@@--------------------------------------------------------------------------
@@ Reason: Check that clustername and cluster ip-address works from both nodes.
cluster res "Cluster IP Address" /priv | find "Address A"
@LENGTH {_line1}{length1}
@IF {length1} = 0 THEN @GOTO NO_CLUS
@COPY {_line1}{pingu} 56 20
@IF {pingu} = " mapper." THEN GOTO NO_CLUIP
ping {pingu}
@@ Expected result: Lost = 0 (0% loss)
@GOTO NO_CLUIP
@LABEL NO_CLUS
cluster res "Cluster IP Address" /priv | find "Address"
@COPY {_line3}{pingu} 34 20
@LENGTH {_line3}{length3}
@IF {length3} = 0 THEN @GOTO NO_CLUIP
ping {pingu}
@@ Expected result: Lost = 0 (0% loss)
@LABEL NO_CLUIP
cluster /ver
@LENGTH {_line1}{length1}
@IF {length1} = 0 THEN GOTO NO_PONG
@COPY {_line1}{clustername} 18 32
ping {clustername}
@@ Expected result: Reply from both cluster name and cluster ip address
@@ Lost = 0 (0% loss)
@LABEL NO_PONG
@@--------------------------------------------------------------------------
@@ Reason: OSU: SearchList must be empty before starting OSU.
cd /d C:temp && regedit /e tcpip_parameters.log
"HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters"
type C:temptcpip_parameters.log | findstr SearchList && del
C:temptcpip_parameters.log
@@
@@ Expected result: "SearchList"=""
@@--------------------------------------------------------------------------
@@ Reason: To check the shutdown event tracker
@@
Reg query "HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows
NTReliability"
@@
@@ Expected result:
@@
@@ HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTReliability
@@ ShutdownReasonOn REG_DWORD 0x0
@@ SnapShot REG_DWORD 0x1
@@--------------------------------------------------------------------------
@@ Reason: To check for the reserved ports.
reg query
"HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters" /v
ReservedPorts
@T 2
@@
@@ Expected result: Reserved port numbers 2345-2346
@@ IF port number 2345 - 2346 is not reserved then Primus SCS819024 have to be
applied.
@@--------------------------------------------------------------------------
@@ Reason: To check the paths for FTP logs.
@@
dir c:winntsystem32LogFiles
@@
@@ Expected result: MSFTPSVC1 .....
@@
@@ To be compared with the settings in LOGMBIN CXC1371079/4 R1A