Assigning an IP Address to an APC Network Management Card without having the APC software.

I work for a company that does Electrical construction and design. When I took this job I though that would translate into having little things like plenty of power in the server room, well documented wiring, and maybe having everything in the building(s) on UPS units. I should have known better.

Much like most IT Professionals home networks are kinda messy, working for a company full of electricians translates to wiring… issues.

We do have a generator, and we do have a building UPS in the main building. That UPS is 15 years old. The UPS battery had never been replaced when I got here (it basically had a runtime measured in microseconds). Only some outlets are on the UPS circuits. The server room is in another building. That building is on the generator, but there is only one circuit that is on the UPS. That circuit was for the 17 year old Toshiba PBX that was mounted (I kid you not) in a cupboard in the bathroom in that building.

The servers were on UPS units. APC SmartUPS 1500 units. Four of them. That were 6 years old. With batteries that had never been replaced. Desk units that were housed on shelves in the rack. That were at approximately 150% of draw capacity (when all servers were at peak draw). Unconnected in any way to any of the servers.

This meant that if the power failed (which is does, because this is an older part of town), most of the workstations would go down, and the generator would kick on. Approximately 1/1000000000 of a second before the UPS batteries on the servers and the few workstations on building UPS circuits ran out. Most of the time.

So clearly my first priority was to get the servers on a UPS that was correctly sized for the draw, with fresh batteries. Enter the APC SmartUPS RT 5000 with two battery arrays. This unit will handle all of our current servers, with about 30% extra capacity for expansion. I bought this unit with a Network Management Card so that I could remotely monitor the unit. And then never configured it. I’m not going to make excuses, it was just one of those things where I got busy and forgot.

Until I needed to get access to a UPS in the other building. This got me thinking about the UPS on the servers. So I plugged the NMC into one of the switches, and… nothing.

As it turns out, the NMC in this particular unit will not pull a DHCP lease without intervention through some APC software that ships with the unit. Which I cannot find. Not an insurmountable issue.

Enter the ARP command.

Address resolution protocol (ARP) can be used to configure the NMC. All we need is the MAC address of the NMC.  The MAC address is located on the quality assurance slip that shipped with the NMC, and is also located on a white sticker on the NMC itself.Unfortunately the QA slip is long gone, and the sticker on the NMC with the MAC printed on it is on once of the actual circuit boards of the NMC, now safely concealed inside the UPS.

Now I DO NOT recommend that you do this, but it is possible to remove the NMC with the UP running. If you feel like taking your life in your own hands, you could just unscrew the NMC and pull it out of the UPS without taking the UPS offline. Which is what I did.

Now we just need a computer on the same subnet.

Open up a command prompt and type the following (MAC Address format: xx-xx-xx-xx-xx-xx):


Hit Enter.

Next, use Ping with a size of 113 bytes to assign the IP address defined by the ARP command.

Use one of the following Ping commands (To clarify, the -l option is the letter L but must be lowercase when executing the command):

Windows command format: ping [IP_ADDRESS_ASSIGNED_ABOVE] -l 113

*NIX command format: ping [IP_ADDRESS_ASSIGNED_ABOVE] -s 113

Now, you can Telnet to the card by typing: telnet [IP_ADDRESS_OF_THE_NMC]

Use “apc” for username and password.

Configure/apply any additional changes.

Log out to save changes.

That’s it, now you can use the web interface of the NMC to make configuration changes or retrieve information from the UPS unit.

All of this could have been avoided had I simply taken 30 minutes to configure the UPS when I installed it, or even taken 5 minutes to document the MAC and put all of the paperwork that came with the UPS in a folder in my file cabinet. Learn from my mistakes, DOCUMENT EVERYTHING.


PowerShell Function: Find-Hotfix

Every now and then you’ll need to verify whether or not a given hotfix is installed on a particulat computer (or group of computers). This function takes all the work out of that task.

    ##  FUNCTION.......:  Find-Hotfix
    ##  PURPOSE........:  Finds computers with a specified Microsoft Hotfix
    ##                    installed.
    ##  REQUIREMENTS...:  PowerShell v2.0
    ##  NOTES..........:  
    Function Find-Hotfix {
         Finds computers with a specified Microsoft Hotfix installed.

         This function reads a list of computernames (one per line), checks each
         to determine if the specified hotfix is installed, and displays a list
         of all computers and the status of the hotfix for that computer.
        .PARAMETER FileName
         Full path and filename of the file containing a list of computers to
         check (one computer name per line). THis is a mandatory parameter. If
         you omit it, you will be prompted to enter a value before the function
         The KB number of the hotfix to check for (just the number). This is a
         mandatory parameter. If you omit it, you will be prompted to enter a
         value before the function continues.

         C:\PS>Find-Hotfix c:\list.txt 2564958

         This example will check all computers listed in the file "c:\list.txt"
         for hotfix KB2564958.

         Sample output:
         Wkstn01    HOTFIX NOT FOUND
         Wkstn02    Security Update
         Wkstn03    HOTFIX NOT FOUND
         Svr01      Security Update
         Svr02      Security Update

         C:\PS>'c:\list.txt' | Find-Hotfix -KB:2564958

         This example does the same thing as Example 1, but the list of
         computers to check is being passed to the Function using pipelining.

         NAME......:  Find-Hotfix
         AUTHOR....:  Joe Glessner
         LAST EDIT.:  21MAR12
         CREATED...:  10APR11

                Param (                        
                )#End Param
        $ErrorActionPreference = "SilentlyContinue"
        $ComputerNames = Get-Content $FileName
        $KBN = "kb" + $KB

        ForEach ($Computer In $ComputerNames) {
            $StrQuery = "select * from win32_pingstatus where address = '" +
            $Computer + "'"
            $WMI = Get-WMIObject -query $StrQuery
            If ($wmi.statuscode -eq 0) {
                $CheckKB = GWMI Win32_QuickFixEngineering -computer $Computer |
                Where-Object {$_.hotfixid -eq $KBN} |
                Select-Object hotfixid, description
                    If ($CheckKB.hotfixid -eq $KBN) {
                        Write-Host -f green $Computer `
                        "`t" $CheckKB.Description "`r"
                    }#END: If ($CheckKB.hotfixid -eq $KBN)
                    Else {
                        Write-Host -f red $Computer `
                        "`t" "HOTFIX NOT FOUND" "`r"
                    }#END: Else
            }#END: If ($wmi.statuscode -eq 0)
            Else {
                Write-Host -f yellow $Computer "`t" "Ping failed!" "`r"
                }#END: Else
        }#END: ForEach ($Computer In $ComputerNames)
    }#END: Function Find-HotFix

Command Line Kung Fu: Remotely uninstall software from the command line

Until that day I am just going to have to settle for removing the game P2P downloader music “player” software you decided (all on your own like a real grown up) that you needed to install on your work computer, but that is actually adware infested spyware infested trojan infested virus ridden specifically prohibited by our company computer use policy.

Oh, you didn’t know I could do that? Yep. Here is just one way that I can wipe out your WoW client bittorrent client kazaa client pr0n dialer newly installed software using WMI.

Step 1: Cut a hole in a box Enter WMIC

  1. Fire up a command prompt as the domain administrator. From a run prompt, type: Runas /user:domainAdmin@yourDomain cmd {ENTER}
  2. Enter the password for that account when prompted.
  3. Enter WMIC by typing the following: wmic {ENTER} (you could do this directly from the run dialog, but for this example we’ll do it this way)

Step 2: Search and Destroy

  1. Use WMIC to list all installed WMI compliant software. Type: /node:COMPUTERNAME product get name,version,vendor {ENTER} (this will list installed software along with the vendor name and version).
  2. If you have special characters like “-” or “/” in the computer name you need to use ‘ characters in order to get information from that client. So if the client computer name is test-machine, you’ll need to enter it as: ‘test-machine’
  3. Call for uninstallation using WMI. If we wanted to remove Nero 7 Essentials, the command would look something like: /node:COMPUTERNAME product where name=”Nero 7 Essentials” call uninstall {ENTER}

At this point WMIC will prompt you to confirm the removal with something that will look like this: Execute (\\COMPUTERNAME\ROOT\CIMV2:Win32_Product.IdentifyingNumber=”{6CA9502E-177F-43A0-A37B-6EF47081A658}”,Name=”Nero 7 Essentials”,Version=”7.03.0279″)->Uninstall() (Y/N/?)?

If you reply “y”, WMI compliant software will run the default uninstallation procedures without the user needing to do anything (nor will they be notified).

Not all software can be removed using this method, however I find that enough can that it is a very useful trick to know.

WMIC is a very powerful tool, if you’d like to learn more about it, start here.

%d bloggers like this: