I tracked this down to Moodle recording the wrong format for the intro. To fix all instances of this in the database I ran the following query:

UPDATE `mdl_assignment`
SET `introformat` = 1
WHERE `introformat` = 0 AND `intro` like '%<p%'

This updated the format for the 1400 or so assignments that had been copied and had this problem.

Update: On Rocks Mailing list Philip Papadopoulos mentioned a Python Script that will automatically add IPMI interface by matching the last 2 octets to that of node: Script

1. Create the IPMI Network

rocks add network ipmi subnet=10.2.0.0 netmask=255.255.0.0 servedns=true

2. Add access on head node

The IPMI network is sharing the same vlan as data, so I will multihome the Frontend with a second IP on IPMI subnet

This adds it to Rocks config, but it appears to have no effect so I also ran it manually

rocks add host interface localhost iface=eth0:1 ip=10.2.1.1 subnet=ipmi name=ipmi-frontend

Manually:

ifcfg eth0:1 add 10.2.1.1/16

Add a script to make it start at reboot

Just copy /etc/sysconfig/network-scripts/ifcfg-eth0 to ifcfg-eth0:1 and change the device and IP address.

DEVICE=eth0:1
HWADDR=00:xx:xx:xx:xx:xx
IPADDR=10.2.1.1
NETMASK=255.255.0.0
BOOTPROTO=static
ONBOOT=yes
MTU=1500

3. Set Password for IPMI

You can set a custom password for the IPMI system or use the default of admin

rocks set attr ipmi_password "password" shadow=yes

4. Add IPMI info for each node

Updated way:
Download the latest addInterface and ScarScript.py and run the following to add matching IP for each node.
If you are running Rocks 6.0/6.1 addInterface will not work for nodes whose card is not card eth0 (e.g. instead is em1). To fix this change line 67 to

"rocks list host interface %s | grep 'private ' | awk ' {print $4}'" %

for n in {0..6}; do
./addInterface compute-0-$n ipmi ipmi ipmi-0-$n
rocks set host interface channel compute-0-$n iface=ipmi channel=1;
done

Old Way:

node=0
for n in {254..245}; do
rocks add host interface compute-0-$node iface=ipmi ip=10.2.255.$n \
module=1 subnet=ipmi name=ipmi-0-$node;
rocks set host interface channel compute-0-$node iface=ipmi channel=1;
let node=$node+1;
done

Sync it

rocks sync host network

If you have every had DRAC set to use DHCP it needs to be set to static.

rocks run host "ipmitool lan set 1 ipsrc static" collate=yes

I also wanted to set the default gateway which is not set by the generated script and it will complain about network config if not set.

rocks run host "ipmitool lan set 1 defgw ipaddr 10.2.1.1" collate=yes

5. IPMI root Password

When I tried to connect using ipmitool and set password it reported NULL account disabled. To get around this is used the root account (id=2) and set a password for this.

rocks run host "ipmitool user set password 2 <password>"

6. Run the generated script on each node

rocks run host "sh /etc/sysconfig/ipmi"

7. Testing

ipmitool -I lan -H ipmi-0-0.ipmi -U root -P <password> chassis status

Also because our head node where compilation occurs uses a AMD Barcelona CPU and the work nodes use an older model I need to add a CFLAG of -tp k8-64

PGI Compilers

PGI have some info on common compilation optimisation at PGI Compilation

1. Download from Portland Group and save to ~/install/pgi. To download over SSH I use elinks as these can be left open in a disconnected screen session
2. Create a new directory and tar xzvf from there as it is a messy tar
3. Root: run ./install – 1. Single System Install
4. install dir: /share/apps/opt/pgi
5. add ACML, CUDA
6. update 2011 links
7. MPICH1, ssh
8. License keys, /share/apps/opt/pgi/license.dat
9. Copy an existing /share/apps/modulefiles/pgi version and update it for new version. Also update .version to new version.

OpenMPI

1. Download latest from OpenMPI and extract in ~/install/openmpi with tar xjvf
2. mkdir build;cd build
3. module load pgi
4. configure with

   env CC=pgcc FC=pgfortran F77=pgfortran CXX=pgcpp CFLAGS='-fast -tp=k8-64' FCFLAGS='-fast -tp=k8-64' FFLAGS='-fast -tp=k8-64' CXXFLAGS='-fast -tp=k8-64' \
   ../configure --prefix=/share/apps/opt/openmpi/1.4.4-pgi-11.10 --with-gnu-ld --with-sge --enable-static \
   --without-openib --disable-openib-ibcm --disable-ipv6 --disable-openib-connectx-xrc --disable-openib-rdmacm --disable-io-romio

   Compiling with Torque on Ethernet Cluster

   export MYINSTALLDIR=/share/apps/mpi/openmpi/1.6.4-pgi-13.04
   export CC=pgcc
   export CXX=pgcpp
   export F77=pgfortran
   export FC=${F77}
   export CFLAGS='-tp=bulldozer-64,barcelona-64,nehalem-64'
   export CXXFLAGS=${CFLAGS}
   export FFLAGS=${CFLAGS}
   export FCFLAGS=${FFLAGS}
    
   ../configure \
   --prefix=${MYINSTALLDIR} \
   --without-openib \
   --with-tm=/opt/torque \
   --disable-ipv6 \
   --enable-static \
   --with-gnu-ld \
   --disable-io-romio \
   2>&1 | tee configure-`date +%y%m%d-%H%M`.log

5. make -j 8
6. make check
7. root: module load pgi; make install
8. Copy an existing /share/apps/modulefiles/openmpi/ version and update it for new version. Also update .version to new version and recreate symlink.

MPICH2

These instructions are for PGI and Torque

1. Download latest MPICH2 and extract
2. module load pgi
3. Configure with

   export MYINSTALLDIR=/share/apps/mpi/mpich2/3.0.3-pgi-13.04
   export CC=pgcc
   export CXX=pgcpp
   export F77=pgfortran
   export FC=pgf90
   unset F90
   export CFLAGS='-tp=bulldozer-64,barcelona-64,nehalem-64'
   export CXXFLAGS=${CFLAGS}
   export FFLAGS=${CFLAGS}
   export FCFLAGS=${FFLAGS}
   unset F90FLAGS
   ./configure --prefix=${MYINSTALLDIR}  \
   --with-pbs=/opt/torque \
   2>&1 | tee configure-`date +%y%m%d-%H%M`.log

4. make -j 40
5. root: module load pgi; make install; make install-examples
6. Copy an existing /share/apps/modulefiles/mpich2/ version and update it for new version.

FFTW3

1. Download latest stable from http://www.fftw.org/download.html
2. module load pgi openmpi

3. ./configure --enable-openmp --enable-mpi --prefix=/share/apps/opt/fftw/3.3.3-pgi-13.04 \
   CFLAGS="-O3 -fastsse -Mvect=sse -tp=k8-64e,bulldozer-64" F90=pgf90 CC=pgcc FC=pgfortran F77=pgfortran CXX=pgcp
   

4. make -j 8
5. root: make install
6. Copy an existing /share/apps/modules/other/fftw version and update it for new version. Also update .version to new version.

OpenBLAS

This replaces GotoBLAS2 as the BLAS library as Goto is no longer maintained.

To keep source up to date I use a GIT mirror, created with git clone git://github.com/xianyi/OpenBLAS I have also modified Makefile.rule and committed it to local mirror. In Makefile.rule I also needed to set architecture as head node is slightly different to compute nodes

1. cd ~/install/openblas/OpenBLAS
2. git pull to update source
3. module load pgi
4. make
5. root: make install PREFIX=/share/apps/opt/OpenBLAS/0.1-pgi-11.10
6. Copy an existing /share/apps/modulefiles/openblas version and update it for new version. Also update .version to new version.

VASP

Download latest version from VASP FTP server

VASP Lib

Vasp uses a shared library that is common across multiple versions. This only needs to be compiled once, and the makefile does not need any modification. I added a -tp k8-64 to FFLAGS and a clean section but they are not required.

1. extract vasp.5.lib for a new install and cd vasp.5.lib
2. module load pgi
3. make

VASP Executable

The VASP executable makefile has 2 sections for a standalone run time and an MPI runtime. In each of these sections you can build a complex versions and a gamma point only version. So if you compile them all there are 4 combinations used. I use the same make file but comment out the MPI section when compiling standalone. Alternatively you can have separate makefiles and latter use make -f filename

.SUFFIXES: .inc .f .f90 .F
#-----------------------------------------------------------------------
# Makefile for Portland Group F90/HPF compiler release 3.0-1, 3.1
# and release 1.7
# (http://www.pgroup.com/ & ftp://ftp.pgroup.com/x86/, you need
#  to order the HPF/F90 suite)
#  we have found no noticable performance differences between
#  any of the releases, even Athlon or PIII optimisation does
#  not seem to improve performance
#
# The makefile was tested only under Linux on Intel platforms
# (Suse X,X)
#
# it might be required to change some of library pathes, since
# LINUX installation vary a lot
# Hence check ***ALL**** options in this makefile very carefully
#-----------------------------------------------------------------------
#
# Mind that some Linux distributions (Suse 6.1) have a bug in
# libm causing small errors in the error-function (total energy
# is therefore wrong by about 1meV/atom). The recommended
# solution is to update libc.
#
# Mind that some Linux distributions (Suse 6.1) have a bug in
# libm causing small errors in the error-function (total energy
# is therefore wrong by about 1meV/atom). The recommended
# solution is to update libc.
#
# BLAS must be installed on the machine
# there are several options:
# 1) very slow but works:
#   retrieve the lapackage from ftp.netlib.org
#   and compile the blas routines (BLAS/SRC directory)
#   please use g77 or f77 for the compilation. When I tried to
#   use pgf77 or pgf90 for BLAS, VASP hang up when calling
#   ZHEEV  (however this was with lapack 1.1 now I use lapack 2.0)
# 2) most desirable: get an optimized BLAS
#   for a list of optimized BLAS try
#     http://www.kachinatech.com/~hjjou/scilib/opt_blas.html
#
# the two most reliable packages around are presently:
# 3a) Intels own optimised BLAS (PIII, P4, Itanium)
#     http://developer.intel.com/software/products/mkl/
#   this is really excellent when you use Intel CPU's
#
# 3b) or obtain the atlas based BLAS routines
#     http://math-atlas.sourceforge.net/
#   you certainly need atlas on the Athlon, since the  mkl
#   routines are not optimal on the Athlon.
#
#-----------------------------------------------------------------------

# all CPP processed fortran files have the extension .f
SUFFIX=.f

#-----------------------------------------------------------------------
# fortran compiler and linker
#-----------------------------------------------------------------------
FC=pgf90
# fortran linker
FCL=$(FC)

#-----------------------------------------------------------------------
# whereis CPP ?? (I need CPP, can't use gcc with proper options)
# that's the location of gcc for SUSE 5.3
#

CPP_ =  ./preprocess $*$(SUFFIX)

#-----------------------------------------------------------------------
# possible options for CPP:
# possible options for CPP:
# NGXhalf             charge density   reduced in X direction
# wNGXhalf            gamma point only reduced in X direction
# avoidalloc          avoid ALLOCATE if possible
# IFC                 work around some IFC bugs
# CACHE_SIZE          1000 for PII,PIII, 5000 for Athlon, 8000 P4
# RPROMU_DGEMV        use DGEMV instead of DGEMM in RPRO (usually  faster)
# RACCMU_DGEMV        use DGEMV instead of DGEMM in RACC (faster on P4)
#  **** definitely use -DRACCMU_DGEMV if you use the mkl library
#-----------------------------------------------------------------------

CPP    = $(CPP_) -DHOST=\"LinuxPgi\" \
          -DNGXhalf -DCACHE_SIZE=2000 -DPGF90 -Davoidalloc \
          -DRPROMU_DGEMV  \
#		  -DwNGXhalf

#-----------------------------------------------------------------------
# general fortran flags  (there must a trailing blank on this line)
# the -Mx,119,0x200000 is required if you use older pgf90 versions
# on a more recent LINUX installation
# the option will not do any harm on other 3.X pgf90 distributions
#-----------------------------------------------------------------------

#FFLAGS =  -Mfree -Mx,119,0x200000  -tp k8-64 -I/share/apps/opt/fftw/3.3.0-pgi-11.10/include
#Need k8-64 to allow it to run on older Opertons
#FFLAGS =  -Mfree  -tp k8-64,barcelona-64   # doubles exec size (36M->50M)
FFLAGS =  -Mfree  -tp k8-64

#-----------------------------------------------------------------------
# optimization,
# we have tested whether higher optimisation improves
# the performance, and found no improvements with -O3-5 or -fast
# (even on Athlon system, Athlon specific optimistation worsens performance)
#-----------------------------------------------------------------------

#OFLAG  = -O0 -g -DDEBUG
#OFLAG = -O3 -fastsse
OFLAG = -O2  -fastsse

#OFLAG_HIGH = $(OFLAG)
OFLAG_HIGH = -O3
OBJ_HIGH = nonlr.o nonl.o

OFLAG_LOW = -O1
OBJ_LOW = broyden.o

OBJ_NOOPT =
#DEBUG  = -g -O0
DEBUG  = -O0
INLINE = $(OFLAG)

#-----------------------------------------------------------------------
# the following lines specify the position of BLAS  and LAPACK
# what you chose is very system dependent
# P4: VASP works fastest with Intels mkl performance library
# Athlon: Atlas based BLAS are presently the fastest
# P3: no clue
#-----------------------------------------------------------------------

#BLAS=   -lacml
# Following allows linking with modules
#BLAS=  -lopenblas -L/share/apps/opt/OpenBLAS/0.1-pgi-11.10/lib
# Hard code link
BLAS=  /share/apps/opt/OpenBLAS/0.1-pgi-11.10/lib/libopenblas.a
# use specific libraries (default library path points to other libraries)

# use the mkl Intel libraries for p4 (www.intel.com)
#BLAS=-L/opt/intel/mkl/lib/32 -lmkl_p4  -lpthread

# LAPACK, simplest use vasp.5.lib/lapack_double
#LAPACK= ../vasp.5.lib/lapack_double.o

# use atlas optimized part of lapack
#LAPACK= ../vasp.5.lib/lapack_atlas.o  -llapack -lblas -lacml
#LAPACK= ../vasp.5.lib/lapack_atlas.o  -llapack -lacml
#LAPACK= ../vasp.5.lib/lapack_atlas.o

# use the mkl Intel lapack
#LAPACK= -lmkl_lapack

#-----------------------------------------------------------------------

LIB  = -L../vasp.5.lib -ldmy \
     ../vasp.5.lib/linpack_double.o $(LAPACK) \
     $(BLAS) -lfftw3 -L/share/apps/opt/fftw/3.3.0-pgi-11.10/lib

# options for linking (none required)
#LINK    =  -tp k8-64

#-----------------------------------------------------------------------
# fft libraries:
# VASP.4.5 can use FFTW (http://www.fftw.org)
# since the FFTW is very slow for radices 2^n the fft3dlib is used
# in these cases
# if you use fftw3d you need to insert -lfftw in the LIB line as well
# please do not send us any querries reltated to FFTW (no support)
# if it fails, use fft3dlib
#-----------------------------------------------------------------------

FFT3D   = fft3dfurth.o fft3dlib.o  /share/apps/opt/fftw/3.3.0-pgi-11.10/lib/libfftw3.a
#FFT3D   = fftw3d+furth.o fft3dlib.o

#=======================================================================
# MPI section, uncomment the following lines
#
# one comment for users of mpich or lam:
# You must *not* compile mpi with g77/f77, because f77/g77
# appends *two* underscores to symbols that contain already an
# underscore (i.e. MPI_SEND becomes mpi_send__).  The pgf90
# compiler however appends only one underscore.
# Precompiled mpi version will also not work !!!
#
# We found that mpich.1.2.1 and lam-6.5.X are stable
# mpich.1.2.1 was configured with
#  ./configure -prefix=/usr/local/mpich_nodvdbg -fc="pgf77 -Mx,119,0x200000"  \
# -f90="pgf90 -Mx,119,0x200000" \
# --without-romio --without-mpe -opt=-O \
#
# lam was configured with the line
#  ./configure  -prefix /usr/local/lam-6.5.X --with-cflags=-O -with-fc=pgf90 \
# --with-f77flags=-O --without-romio
#
# lam was generally faster and we found an average communication
# band with of roughly 160 MBit/s (full duplex)
#
# please note that you might be able to use a lam or mpich version
# compiled with f77/g77, but then you need to add the following
# options: -Msecond_underscore (compilation) and -g77libs (linking)
#
# !!! Please do not send me any queries on how to install MPI, I will
# certainly not answer them !!!!
#=======================================================================
#-----------------------------------------------------------------------
# fortran linker for mpi: if you use LAM and compiled it with the options
# suggested above,  you can use the following lines
#-----------------------------------------------------------------------

FC=mpif90
FCL=$(FC)

#-----------------------------------------------------------------------
# additional options for CPP in parallel version (see also above):
# NGZhalf               charge density   reduced in Z direction
# wNGZhalf              gamma point only reduced in Z direction
# scaLAPACK             use scaLAPACK (usually slower on 100 Mbit Net)
#-----------------------------------------------------------------------

CPP    = $(CPP_) -DMPI  -DHOST=\"LinuxPgi\" \
     -DNGZhalf -DCACHE_SIZE=2000 -DPGF90 -Davoidalloc -DRPROMU_DGEMV \
#     -DwNGZhalf \

#-----------------------------------------------------------------------
# location of SCALAPACK
# if you do not use SCALAPACK simply uncomment the line SCA
#-----------------------------------------------------------------------

SCA=

#-----------------------------------------------------------------------
# libraries for mpi
#-----------------------------------------------------------------------

LIB     = -L../vasp.5.lib -ldmy  \
      ../vasp.5.lib/linpack_double.o $(LAPACK) \
      $(SCA) $(BLAS) -L/share/apps/opt/fftw/3.3.0-pgi-11.10/lib -lfftw3 -lfftw3_mpi

# FFT: only option  fftmpi.o with fft3dlib of Juergen Furthmueller

FFT3D   = fftmpi.o fftmpi_map.o fft3dfurth.o fft3dlib.o

#-----------------------------------------------------------------------
# general rules and compile lines
#-----------------------------------------------------------------------
BASIC=   symmetry.o symlib.o   lattlib.o  random.o

SOURCE=  base.o     mpi.o      smart_allocate.o      xml.o  \
         constant.o jacobi.o   main_mpi.o  scala.o   \
         asa.o      lattice.o  poscar.o   ini.o  mgrid.o  xclib.o  vdw_nl.o  xclib_grad.o \
         radial.o   pseudo.o   gridq.o     ebs.o  \
         mkpoints.o wave.o     wave_mpi.o  wave_high.o  \
         $(BASIC)   nonl.o     nonlr.o    nonl_high.o dfast.o    choleski2.o \
         mix.o      hamil.o    xcgrad.o   xcspin.o    potex1.o   potex2.o  \
         constrmag.o cl_shift.o relativistic.o LDApU.o \
         paw_base.o metagga.o  egrad.o    pawsym.o   pawfock.o  pawlhf.o   rhfatm.o  paw.o   \
         mkpoints_full.o       charge.o   Lebedev-Laikov.o  stockholder.o dipol.o    pot.o \
         dos.o      elf.o      tet.o      tetweight.o hamil_rot.o \
         steep.o    chain.o    dyna.o     sphpro.o    us.o  core_rel.o \
         aedens.o   wavpre.o   wavpre_noio.o broyden.o \
         dynbr.o    rmm-diis.o reader.o   writer.o   tutor.o xml_writer.o \
         brent.o    stufak.o   fileio.o   opergrid.o stepver.o  \
         chgloc.o   fast_aug.o fock.o     mkpoints_change.o sym_grad.o \
         mymath.o   internals.o dynconstr.o dimer_heyden.o dvvtrajectory.o vdwforcefield.o \
         hamil_high.o nmr.o    pead.o     mlwf.o     subrot.o   subrot_scf.o \
         force.o    pwlhf.o  gw_model.o optreal.o   davidson.o  david_inner.o \
         electron.o rot.o  electron_all.o shm.o    pardens.o  paircorrection.o \
         optics.o   constr_cell_relax.o   stm.o    finite_diff.o elpol.o    \
         hamil_lr.o rmm-diis_lr.o  subrot_cluster.o subrot_lr.o \
         lr_helper.o hamil_lrf.o   elinear_response.o ilinear_response.o \
         linear_optics.o linear_response.o   \
         setlocalpp.o  wannier.o electron_OEP.o electron_lhf.o twoelectron4o.o \
         ratpol.o screened_2e.o wave_cacher.o chi_base.o wpot.o local_field.o \
         ump2.o bse_te.o bse.o acfdt.o chi.o sydmat.o dmft.o \
         rmm-diis_mlr.o  linear_response_NMR.o

vasp: $(SOURCE) $(FFT3D) $(INC) main.o
	rm -f vasp
	$(FCL) -o vasp main.o  $(SOURCE)   $(FFT3D) $(LIB) $(LINK)
makeparam: $(SOURCE) $(FFT3D) makeparam.o main.F $(INC)
	$(FCL) -o makeparam  $(LINK) makeparam.o $(SOURCE) $(FFT3D) $(LIB)
zgemmtest: zgemmtest.o base.o random.o $(INC)
	$(FCL) -o zgemmtest $(LINK) zgemmtest.o random.o base.o $(LIB)
dgemmtest: dgemmtest.o base.o random.o $(INC)
	$(FCL) -o dgemmtest $(LINK) dgemmtest.o random.o base.o $(LIB)
ffttest: base.o smart_allocate.o mpi.o mgrid.o random.o ffttest.o $(FFT3D) $(INC)
	$(FCL) -o ffttest $(LINK) ffttest.o mpi.o mgrid.o random.o smart_allocate.o base.o $(FFT3D) $(LIB)
kpoints: $(SOURCE) $(FFT3D) makekpoints.o main.F $(INC)
	$(FCL) -o kpoints $(LINK) makekpoints.o $(SOURCE) $(FFT3D) $(LIB)

clean:
	-rm -f *.g *.f *.o *.L *.mod vasp ; touch *.F

main.o: main$(SUFFIX)
	$(FC) $(FFLAGS)$(DEBUG)  $(INCS) -c main$(SUFFIX)
xcgrad.o: xcgrad$(SUFFIX)
	$(FC) $(FFLAGS) $(INLINE)  $(INCS) -c xcgrad$(SUFFIX)
xcspin.o: xcspin$(SUFFIX)
	$(FC) $(FFLAGS) $(INLINE)  $(INCS) -c xcspin$(SUFFIX)

makeparam.o: makeparam$(SUFFIX)
	$(FC) $(FFLAGS)$(DEBUG)  $(INCS) -c makeparam$(SUFFIX)

makeparam$(SUFFIX): makeparam.F main.F
#
# MIND: I do not have a full dependency list for the include
# and MODULES: here are only the minimal basic dependencies
# if one strucuture is changed then touch_dep must be called
# with the corresponding name of the structure
#
base.o: base.inc base.F
mgrid.o: mgrid.inc mgrid.F
constant.o: constant.inc constant.F
lattice.o: lattice.inc lattice.F
setex.o: setexm.inc setex.F
pseudo.o: pseudo.inc pseudo.F
poscar.o: poscar.inc poscar.F
mkpoints.o: mkpoints.inc mkpoints.F
wave.o: wave.F
nonl.o: nonl.inc nonl.F
nonlr.o: nonlr.inc nonlr.F

$(OBJ_HIGH):
	$(CPP)
	$(FC) $(FFLAGS) $(OFLAG_HIGH) $(INCS) -c $*$(SUFFIX)

$(OBJ_LOW):
	$(CPP)
	$(FC) $(FFLAGS) $(OFLAG_LOW) $(INCS) -c $*$(SUFFIX)

$(OBJ_NOOPT):
	$(CPP)
	$(FC) $(FFLAGS) $(INCS) -c $*$(SUFFIX)

fft3dlib_f77.o: fft3dlib_f77.F
	$(CPP)
	$(F77) $(FFLAGS_F77) -c $*$(SUFFIX)

.F.o:
	$(CPP)
	$(FC) $(FFLAGS) $(OFLAG) $(INCS) -c $*$(SUFFIX)
.F$(SUFFIX):
	$(CPP)
$(SUFFIX).o:
	$(FC) $(FFLAGS) $(OFLAG) $(INCS) -c $*$(SUFFIX)

1. extract vasp.5.2.12 for the current version
2. module load pgi openmpi openblas fftw
3. Add makefile above or customise your own
4. In makefile correct paths for libraries and features to enable.
5. make
6. Copy the compiled vasp executable to destination. I use vasp and vasp.g for gamma point.

Gamma Point

1. Use same makefile as above but add -DwNGXhalf to CPP options

Quantum Espresso

1. Download latest version from http://www.quantum-espresso.org/download.php as well as the examples
2. tar xzvf both the src and examples. They end up in same directory
3. module load pgi openmpi openblas fftw3

4. ./configure F90=pgf90 FC=pgf90 F77=pgf77 CC=pgcc MPIF90=mpif90 \
   FFLAGS="-fast -O2 -tp=k8-64e,bulldozer-64" CFLAGS="-fast -O3 -tp k8-64e,bulldozer-64" \
   FFT_LIBS="-L/share/apps/opt/fftw/3.3.3-pgi-13.04/lib -lfftw3 -lfftw3_mpi" \
   BLAS_LIBS="-L/share/apps/opt/OpenBLAS/0.2.6-pgi-13.04/lib -lopenblas" \
   LAPACK_LIBS="-L/share/apps/opt/OpenBLAS/0.2.6-pgi-13.04/lib -lopenblas" \
   LIBDIRS="/share/apps/opt/fftw/3.3.3-pgi-13.04/lib /share/apps/opt/OpenBLAS/0.2.6-pgi-13.04/lib"

5. make pw pp -j8
6. make all -j8
7. to test: cd examples, modify environment_variables (e.g. tmp dir and mpirun -np ),  ./run_all_examples, then compare example??/results to reference
8. root: copy entire espresso-4.3.2 directory to /share/apps/opt/espresso/4.3.2/pgi-openmpi
9. Copy an existing /share/apps/modulefiles/espresso module and update it for new version. Also update .version to new version.

1. make -j 8
2. root: module load pgi; make install
3. Copy an existing /share/apps/modulefiles/openmpi/ version and update it for new version.

Previously I used Multiple PDF Printer but this no longer works with Acrobat X. Instead I created an Action Wizard that allows you to select the folder with all the PDFs and it will print them all to your default printer with the default settings.

I then added another step to the action that uses Javascript to extract the student’s name from the file name and added it as a header to each page of that file. Finally this was modified so that the name is always on the outer edge, when it is printed back to back and stapled on the left.

To create this you can follow the following directions or import the attached action. Note: There is a file embedded within this post, please visit this post to download the file.

Acrobat X - Edit Action

In Acrobat X:

1. File -> Action Wizard -> Create New Action
2. Click More Tools and then click Execute JavaScript and then click Print.
3. Change Start with to Ask when Action is Started
4. Click on the Options button for JavaScript and paste in the following:

var strFilename = this.documentFileName;
// A regular expression to acquire the base name of the file
// Removes everything before last underscore for Ghosted_EnrolmentForm_
var re = /.*\/|.*_|\.pdf$/ig;
// Get student name by stripping path and everything to left of underscore
var strFilename = strFilename.replace(re,"").replace(",",", ");
var pageAmount = this.numPages; // Finds the length of the PDF

for (i = 0; i 	{
	if (i % 2 == 0) {
		// Odd
		this.addWatermarkFromText({
			cText: strFilename,
			nStart: i,
			nEnd: i,
			nFontSize: 11,
			nTextAlign: app.constants.align.right,
			nHorizAlign: app.constants.align.right,
			nVertAlign: app.constants.align.top,
			nHorizValue: -28, nVertValue: -10
		});
	}	else  {
		// Even
		this.addWatermarkFromText({
			cText: strFilename,
			nStart: i,
			nEnd: i,
			nFontSize: 11,
			nTextAlign: app.constants.align.left,
			nHorizAlign: app.constants.align.left,
			nVertAlign: app.constants.align.top,
			nHorizValue: 28, nVertValue: -10
		});
	}
}

5. Click OK. Then click Saveand type in a name for the action and a description.
   

   Add Folders or Files

6. Set your default printer and printer settings to how you want your documents to print (e.g. Double sided, Stapled).
7. File -> Action Wizard -> <Your new action>
8. Click Next on summary screen. You may tick Don’t show again box if you wish.
9. Click Add Files… drop down and choose Add Folders… and select the folder holding the PDFs.
10. Click Next and it will start adding the header and printing the files.

Useful Links:

• Base for the JavaScript header is from Steve Wareham’s block post on Adding a Dynamic Stamp to a PDF.
• The code to extract file name is from Adobe JavaScript Reference

The problem with this is when an email is sent to a mail enabled group, all the member groups of that group must be mail enabled for their members to receive the email. So I needed to bulk mail enable a container of groups, and also hide these new groups from the Address Book as they don’t need to be visible to staff.

Exchange 2010 only allows you to mail enable a group if it is a Universal group, and then only one at a time from the EMC. To convert all the Global groups in a particular container to universal groups, I used the following Power Shell command.

Import-Module ActiveDirectory
# List Tables
Get-ADGroup -SearchScope Subtree -SearchBase "OU=StaffGroups,OU=Staff,DC=win" -Filter {GroupCategory -eq "Security" -and GroupScope -eq "Global"}  | Format-Table

# Convert Global groups to Universal
Get-ADGroup -SearchScope Subtree -SearchBase "<code>OU=StaffGroups,OU=Staff,DC=win</code>" -Filter {GroupCategory -eq "Security" -and GroupScope -eq "Global"}  | Set-ADGroup -GroupScope Universal

Once converted to Universal groups I wanted to Enable the Groups as Distribution groups in Exchange and hide them from the global Address Book. These groups are role based and need to exist for group expansion in Exchange, but I don’t want them visible to everyone.

# Load AD Modules
Import-Module ActiveDirectory

# Load Exchange Snapins
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
. $env:ExchangeInstallPath\bin\RemoteExchange.ps1
Connect-ExchangeServer -auto

# Get list of Groups not Mail Enabled
$b = Get-ADGroup -SearchScope Subtree -SearchBase "OU=StaffGroups,OU=Staff,DC=win" -Filter {GroupCategory -eq "Security" -and GroupScope -eq "Universal" -and mail -notlike "*"}

# Enable email for each group, use the Group name without spaces as Alias
$b | ForEach-Object { Enable-DistributionGroup -Identity $_.DistinguishedName -Alias ($_.Name -replace '\s|,|\.') }

# Hide the newly created groups from Global Address book
$b | ForEach-Object { Set-DistributionGroup -Identity $_.DistinguishedName -HiddenFromAddressListsEnabled $true}
 

Notes:

• Details on replacing letters for alias is from here.
• Mike Pfeiffer’s blog had great instructions on how to load Exchange snap-ins into a normal PowerShell session, such as in ISE.
• I found a few sites that mentioned using get-group instead of get-adgroup. Not sure why the wrong command is given. Petri

Disabled NetBIOS

After disabling NetBIOS for the server used by our Fuji-Xeros ApeosPort-II 4000 Photocopier, the Network Scanning feature was unable to upload the scanned file to the SMB server. Instead it would return a 027-516 error code.

To verify the problem I Enabled NetBIOS and it immediately started working again.

I contacted Fuji-Xerox to check if they had a fix for the problem. I was advised that this can only be changed in newer versions, ApeosPort >=3, and that is was considered a “Feature”. The only way for an AP-II device to work with a server with NetBIOS disabled is to use the FTP transmit method.

AP-III NetBIOS Setting

After checking on one of our ApeosPort-III C3300, I found the page mentioned that allows the setting to be changed.

It appears that the use of NetBIOS by the APII is hardcoded and although it has DNS settings set, they are ignored for server name resolution. Considering this Photocopier is still being produced and sold I find it interesting that it relies on outdated protocols like NetBIOS. (ApeosPort-II 3000, 4000, 5010, 6000, 7000 are the main black and white photocopiers available to DET NSW Schools)

Papercut can run on a Windows Server (2003, 2008 or 2008 R2) using windows print queues or a Novell Linux OES server with iPrint (CUPS & SAMBA), it is written in Java with some wrappers for the OS in use.

We originally ran it on a Server 2003 R2 (x86) but have recently updated to a Windows 2008 R2 (x64)print server. The main reason for the upgrade was to provide up to date drivers for Windows 7 32 & 64bit. We also run the Papercut MF version which costs A LOT more, but allows you to use it with external devices, such as photocopiers.

Papercut has some really useful features, Card recharge allows you to generate top up cards and print them out yourself. Then you just cut them up and given them to the office (or canteen) to sell to the students. Makes recharging much easier and no need for office staff to login to an admin console to top up accounts.

We recently had a student laptop roll-out (NSW DER), these laptops are not on our domain so needed an alternative way to print. Papercut has a feature called WebPrint which allows students to upload MS office or PDF files to a website and have them printed to the chosen printer. You need to run software for it on a windows pc (server or client) which automatically opens the document and prints it to the chosen printer. As our Print server is running Windows and is a virtual machine we just configured it to auto-login as a limited user we created and installed Office, and Acrobat.

We use the reports function for auditing staff accounts and charging printer usage back to faculties. Staff are automatically added to different charge accounts based on their AD group membership.

We have just started using Advanced Scripting to charge staff different prices than students on shared copiers and printers.
The following script is what we use, as it is based on how faculties are invoiced at the end of each term. It is based on the Papercut recipe “Discount for staff” with a few changes.

/*
* Change Pricing for staff
*
* Staff are charged based on cost to school.
*
*/
function printJobHook(inputs, actions) {

var DISCOUNT_GROUP   = "Staff-All";
var COST_COLOUR  = 0.07; // Click Rate of Colour
var COST_BW  = 0.02;  // Click Rate of B/W
var COST_A4  = 0.01;  // Price per page of A4
var COST_A3  = 0.03;  // Price per page of A3

/*
* This print hook will need access to all job details
* so return if full job analysis is not yet complete.
* The only job details that are available before analysis
* are metadata such as username, printer name, and date.
*
* See reference documentation for full explanation.
*/

if (!inputs.job.isAnalysisComplete) {
	// No job details yet so return.
	return;
}

if (inputs.user.isInGroup(DISCOUNT_GROUP)) {
	// Debug messages are written to [install-path]/server/logs/server.log
	actions.log.debug("Cost before discount: " + inputs.job.cost);

	// Initial 0
	var newCost = 0;

	// Includes Duplex
	if (inputs.job.paperSizeName == "A4") {
		newCost = inputs.job.totalSheets * COST_A4;
	}
	else {
		newCost = inputs.job.totalSheets * COST_A3 ;
	}

	newCost += inputs.job.totalGrayscalePages * COST_BW;
	newCost += inputs.job.totalColorPages * COST_COLOUR;

	 actions.job.setCost(newCost);

	actions.log.debug("Staff Pricing on " + inputs.job.printerName + " For " + inputs.job.totalSheets +
		" sheets had " + inputs.job.totalGrayscalePages + " B/W & " +
		inputs.job.totalColorPages + " Colour, Cost after discount: " + newCost);

	// Record that as discount was applied in the job comment.
	actions.job.addComment("Staff Pricing applied. Had " + inputs.job.totalGrayscalePages + " B/W & " +
	inputs.job.totalColorPages + " Colour");
	}
}

Other useful features:

• Students and staff see a summary of how many pages they are going to print, which helps reduce accidental printing of entire chapters of text instead of just a few pages.
• Logs and statistics show which printers are getting used, how much is getting printed, and who printed the document but didn’t collect it.
• Great support. I have contacted them over a number of issues and they have always gotten back quickly with good ideas, or have added features in later versions.

Downsides:

• Although the price for education version of Papercut NG is not too bad, to get the MF version which supports copiers it costs around twice as much. Also you then need cost recovery devices for the copiers ~AUD$1,800 each, and there are annual support and maintenance costs ~AUD$1,000/year.

If you want to get an idea of how much printing your staff and students or just want to keep a record of who is printing what (like you could do easily with iPrint)  try the free Papercut Print Logger.

Here are some simple VBScripts that can be added to a log on script or similar to pre-fill these for the user. Once you know the registry location where the identity information is stored it is quite easy to fill those values as part of a login script.

Microsoft Office

' Original MS Office script written by David Isaacs
Set oShell = CreateObject("WScript.Shell")

On Error Resume Next

strUsername = oShell.ExpandEnvironmentStrings("%USERNAME%")
strUserdomain = oShell.ExpandEnvironmentStrings("%USERDOMAIN%")

Set oUser = GetObject("WinNT://" & strUserdomain & "/" & strUsername & ",user")

oShell.RegWrite "HKCU\Software\Microsoft\Office\Common\UserInfo\UserInitials", strUsername
oShell.RegWrite "HKCU\Software\Microsoft\Office\Common\UserInfo\UserName", oUser.Fullname

Adobe Acrobat Pro and Reader

This will set the full name, office, email address and your company for multiple versions of Acrobat and Acrobat reader. You can add even more versions by adding extra lines to the array.

Also if you modified Acrobat to install with Acrobat.com disabled, but now wish to enable it this will enable it. We originally had it disabled, but found email and network form submission did not work properly until it was enabled.

The method for accessing the AD User object was posted by Mike Walker in this thread.

' Configure Adobe Acrobat default settings
' Written by James Rudd
Set oShell = CreateObject("WScript.Shell")
Set oFso = CreateObject("Scripting.FileSystemObject")

' Set the different registry paths for Acrobat
Dim regPaths(2)
regPaths(0) = "HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\"  'For Acrobat Pro 9
regPaths(1) = "HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\"  'For Acrobat Reader 9
regPaths(2) = "HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\8.0\"  'Same for Acrobat Reader 8

On Error Resume Next

' Create the ADSystem Information Object
Set objADSystemInfo = CreateObject("ADSystemInfo")
' Get the current information into a new Object
Set objUser = GetObject("LDAP://" & objADSystemInfo.UserName)

For Each regPath In regPaths
 'Enable Acrobat.com by deleting key that contains disabling entries.
 oShell.regdelete regPath & "Workflows\"

 'Set Acrobat Identity Info
 oShell.RegWrite regPath & "Identity\tEMail", objUser.mail, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tName", objUser.givenName & " " & objUser.sn, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tFirstName", objUser.givenName, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tLastName", objUser.sn, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tCorporation", "Your Company Name", "REG_SZ"
 oShell.RegWrite regPath & "Identity\tDepartment", objUser.physicalDeliveryOfficeName, "REG_SZ"

 'Set Default Acrobat Collaboration details
 oShell.RegWrite regPath & "ShareIdentity\tEMail", objUser.mail, "REG_SZ"
 oShell.RegWrite regPath & "ShareIdentity\tFullName", objUser.givenName & " " & objUser.sn, "REG_SZ"
 oShell.RegWrite regPath & "ShareIdentity\tCorporation", "Your Company Name", "REG_SZ"
 oShell.RegWrite regPath & "ShareIdentity\tDepartment", objUser.physicalDeliveryOfficeName, "REG_SZ"
Next

Combined

The following script combines both Office and Acrobat data in to one, and reuses the same data objects rather than use two different connection techniques.

' Configure Adobe Acrobat and MS Office user settings
' Written by James Rudd

Const strCompanyName = "Your School Name"

Set oShell = CreateObject("WScript.Shell")
Set oFso = CreateObject("Scripting.FileSystemObject")

' Create the ADSystem Information Object
Set objADSystemInfo = CreateObject("ADSystemInfo")
' Get the current information into a new Object
Set objUser = GetObject("LDAP://" & objADSystemInfo.UserName)

On Error Resume Next

'Office Details
oShell.RegWrite "HKCU\Software\Microsoft\Office\Common\UserInfo\UserInitials", objUser.sAMAccountName, "REG_SZ"
oShell.RegWrite "HKCU\Software\Microsoft\Office\Common\UserInfo\UserName", objUser.givenName & " " & objUser.sn, "REG_SZ"
' If set by installer Company Name is overidden on load.
oShell.RegWrite "HKCU\Software\Microsoft\Office\Common\UserInfo\Company", strCompanyName, "REG_SZ"

' Set the different registry paths for Acrobat
Dim regPaths(2)
regPaths(0) = "HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\"  'For Acrobat Pro 9
regPaths(1) = "HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\"  'For Acrobat Reader 9
regPaths(2) = "HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\8.0\"  'Same for Acrobat Reader 8

For Each regPath In regPaths
 'Enable Acrobat.com by deleting key that contains disabling entries.
 oShell.regdelete regPath & "Workflows\"

 'Set Acrobat Identity Info
 oShell.RegWrite regPath & "Identity\tEMail", objUser.mail, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tName", objUser.givenName & " " & objUser.sn, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tFirstName", objUser.givenName, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tLastName", objUser.sn, "REG_SZ"
 oShell.RegWrite regPath & "Identity\tCorporation", "Your Company Name", "REG_SZ"
 oShell.RegWrite regPath & "Identity\tDepartment", objUser.physicalDeliveryOfficeName, "REG_SZ"

 'Set Default Acrobat Collaboration details
 oShell.RegWrite regPath & "ShareIdentity\tEMail", objUser.mail, "REG_SZ"
 oShell.RegWrite regPath & "ShareIdentity\tFullName", objUser.givenName & " " & objUser.sn, "REG_SZ"
 oShell.RegWrite regPath & "ShareIdentity\tCorporation", strCompanyName, "REG_SZ"
 oShell.RegWrite regPath & "ShareIdentity\tDepartment", objUser.physicalDeliveryOfficeName, "REG_SZ"
Next

This post is to assist in the setup of a BackupPC system able to backup in use files by using MS volume snapshots. It also has the benefit of only having the RSync daemon running during the backup which increases security.

This method is based on some other posts I have seen using VShadow, Backing Up Open Files on Windows with Rsync, and some suggestions on DiskShadow but goes further in using RSync as a system service giving full access to files, and removing the need to use winexe.

General Outline

1. Create a new user backuppc (try to match case of the user on Linux). Very limited rights
2. Install Cygwin with RSync, OpenSSH and configure them
3. Create a scheduled task to run as SYSTEM when triggered by a certain event
4. Set BackupPC server for passwordless login to host and modify Pre/Post Dump Cmds

Overview

In Windows 7 and Server 2008 R2 elevation is required to create snapshots. As a remote SSH connection cannot bypass UAC a way is needed to create the snapshot, bypassing the elevation prompt. I also wished to run the Rsync Daemon as SYSTEM user so it has rights to view all files.

To do this I moved all the elevated tasks into a Task Scheduler item that is set to run as SYSTEM, and is triggered by an Event log event.

1. BackupPC performs a password-less key SSH logon to client
2. It runs a script which creates an event log entry and then waits for RSync to start before returning to BackupPC and starting the backup.
3. Task scheduler is triggered by Event Log and starts DiskShadow as SYSTEM.
4. Disk shadow creates a shadow of any chosen volumes, mounts them and then starts RSync.
   It then waits for a file to be created by BackupPC at the end of the backup telling it to stop RSync and delete the snaphots.

Flow and triggers

Host PC

Create a new user, backuppc, you can limit this account further in Security policy after everything is configured.

Create a BackupPC folder and add the following scripts to it. These are also available in a zip file. Note: There is a file embedded within this post, please visit this post to download the file. You will need to modify paths depending on where you create the folder. I used C:\cygwin\BackupPC but a better location may be C:\cygwin\usr\share\BackupPC

Most of these scripts are just modified versions of the ones written for VShadow, changed to work with DiskShadow and Task Scheduler.

pre-cmd.vbs

' This file starts the commands
' It will start the snapshot process and quite once RSync is running

Const Rsync = "C:\cygwin\var\run\rsyncd.pid"
Const Flag = "C:\cygwin\var\run\wake.up"
Set fso = CreateObject("Scripting.FileSystemObject")
'
' Pid file shouldn't be there already
' Check /stop service , still there delete
'
If DoesFileExist(Rsync)=0 Then
	fso.DeleteFile(Rsync)
End If
'
' Nor should "wake.up"
'
If DoesFileExist(Flag)=0 Then
   fso.DeleteFile(Flag)
End If

Set objShell = CreateObject("WScript.Shell")
' objShell.Exec "C:\BackupPC\backuppc.cmd > " & Log

' This writes event log entry that triggers task scheduler to start system process
' that takes snapshot and starts RSync
objShell.Exec "Logevent.exe -r ""BackupPC"" -e 10 -s S ""Backup Start"" "
Wscript.Echo "Sent BackupPC Event Log Trigger"

'
' Just sleep until the file "rsyncd.pid" appears
'

While DoesFileExist(Rsync)
   wscript.sleep 10000
Wend

' functions

function DoesFileExist(FilePath)
Dim fso
	Set fso = CreateObject("Scripting.FileSystemObject")
	if not fso.FileExists(FilePath) then
		DoesFileExist = -1
	else
		DoesFileExist = 0
	end if
	Set fso = Nothing

end function

backuppc.cmd

c:
cd C:\cygwin\BackupPC
diskshadow /s DiskShadowScript.txt /l C:\cygwin\var\log\diskshadow.log
del C:\cygwin\var\tmp\*.cab /q
c:cd C:\cygwin\BackupPCdiskshadow /s DiskShadowScript.txt /l C:\cygwin\var\log\diskshadow.log
del C:\cygwin\var\tmp\*.cab /q

DiskShadowScript.txt

#DiskShadow script file

#Make shadows persistent, No writers as data volume

# If backing up C: and any app files (ntds, database, etc) use writers

#SET CONTEXT PERSISTENT NOWRITERS

SET CONTEXT PERSISTENT

#Cab location for process

SET METADATA C:\cygwin\var\tmp\backup.cab

SET VERBOSE ON

BEGIN BACKUP

#Alias volume with alias

ADD VOLUME C: ALIAS SystemData

ADD VOLUME F: ALIAS UserData

#Create Snapshot

CREATE

#Expose the volume and run command file then unexpose

EXPOSE %UserData% B:

EXPOSE %SystemData% T:

EXEC C:\cygwin\BackupPC\Serverbackup.cmd

UNEXPOSE B:

UNEXPOSE T:

END BACKUP

#Delete the shadow copy

DELETE SHADOWS SET %VSS_SHADOW_SET%

#End of script

Serverbackup.cmd

REM Start RSync now that Snapshots are created

net start rsyncd

REM Need to wait until backup completed

cscript "C:\cygwin\BackupPC\sleep.vbs"

Logevent.exe -r "BackupPC" -e 20 -s S "Backup Completed"

sleep.vbs

Const Rsync = "C:\cygwin\var\run\rsyncd.pid"
Const Flag = "C:\cygwin\var\run\wake.up"
Set fso = CreateObject("Scripting.FileSystemObject")

' Just sleep until the file "rsyncd.pid" appears
While DoesFileExist(Rsync)
   wscript.sleep 10000
Wend

' Now sleep until the file "wake.up" appears
While DoesFileExist(Flag)
   wscript.sleep 10000
Wend

fso.DeleteFile(Flag)

' It's time to kill Rsync
'Stop Service
strServiceName = "rsyncd"
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colListOfServices = objWMIService.ExecQuery("Select * from Win32_Service Where Name ='" & strServiceName & "'")
For Each objService in colListOfServices
    objService.StopService()
	Wscript.Echo "RSyncD Stopped"
Next

' Wait for Rsync to let go
wscript.sleep 5000

' Delete PID file
If DoesFileExist(Rsync)=0 Then
   fso.DeleteFile(Rsync)
End If

' functions
function DoesFileExist(FilePath)
Dim fso
	Set fso = CreateObject("Scripting.FileSystemObject")
	if not fso.FileExists(FilePath) then
		DoesFileExist = -1
	else
		DoesFileExist = 0
	end if
	Set fso = Nothing

end function

Cygwin

Install Cygwin and choose to install packages RSync and OpenSSH

Start an elevated Cygwin (Run as an Administrator )

Config

Cygwin 1.7 changes the way to ignore NT Security from the nontsec environment to modifying fstab file.

In your prefered editor modify /etc/fstab and uncomment the bottom line and add noacl as below, this tells it to ignore security :

none /cygdrive cygdrive binary,noacl,posix=0,user 0 0

Run following to update group and user lists (if on a domain only add the users you want)

[bashlight=1]mkpasswd –l >/etc/passwd
mkgroup –l /etc/group[/bash]

OpenSSH

Configure Open SSH using ssh-host-config, create both the accounts it suggests for privilege isolation and running the service (cyg_service & sshd).
This should also automatically add the Firewall Exceptions (SSHD).

Setting up Keyless

Login as backuppc user.
Use

runas /user:backuppc cmd

Or

runas /user:domain\backuppc cmd

Run c:\cygwin\Cygwin.bat to start Cygwin as BackupPC user

You need to add the id_rsa.pub file from the BackupPC user on BackupPC server to C:\cygwin\home\backuppc\.ssh\authorized_keys If you have not already created one follow the instructions below in BackupPC – SSH section.

RSync

To install RSync as a system service use:

C:\cygwin\bin\cygrunsrv.exe -I rsyncd -d "RSync Daemon" -O --type manual -p /bin/rsync.exe -f "Used by BackupPC to remotely access files for backup" -a " --config=/etc/rsyncd.conf --daemon --no-detach"

Modify the /etc/rsyncd.conf file to reflect what drives you want to backup. It is better to edit this file later after you have modified the DiskShadowScript.txt and changed which drive letter it exposes shadows as.

Add a RSync exception to the firewall.

Open Windows Firewall with Advanced Security and choose Inbound Rules, New Rule, Program,  Next

Browse to C:\cygwin\bin\rsync.exe and then choose your options and name the rule

When finished open the rule, click Scope tab and add a Remote IP, that of the BackupPC server. This restricts RSync to only be accessible from BackupPC. You may also wish to similarly modify SSHD to only allow SSH access from BackupPC server.

DiskShadow

If you are backing up a windows Server 2008 or 2008 R2 host you already have DiskShadow installed. However, if you are running Windows 7 or Vista you will need to grab a copy from an equivalent server (x86 or x64). It is located in the System32 directory and you will also need the language file from the en-US folder.

I have zipped the files needed for x86 and x64 if you do not have immediate access to a Server.Note: There is a file embedded within this post, please visit this post to download the file. (The x86 files are from Server 2008 and x64 are from 2008 R2)

Copy the files from your architecture to the system32 directory and en-US subdirectory.

LogEvent

To generate the custom event log entry a tool from the Windows 2000 Resource kit is used, LogEvent, (Download). This needs to be either placed in the Path (e.g. Windows dir) or scripts need to directly call it.

Task Scheduler

The easiest way to configure this is to manually run LogEvent once to generate an event in the log.

Logevent.exe -r "BackupPC" -e 10 -s S "Backup Start"

Then open Event Viewer, Select the new BackupPC event and choose Attach Task to this Event, and in the wizard click next until it asks for the program, then give it C:\cygwin\BackupPC\backuppc.cmd

On Final page choose to Open Properties when you click Finish

Click the Change User or Group button and type in System as the user  and click OK. Also tick the Run with highest privileges box

BackupPC Server

SSH

This section is only needed if you do not already have keys generated for the backuppc user.

Login as backuppc user, either with password or simply “su – backuppc” from root

Generate SSH Keys, ssh-keygen –t rsa, do not set a password. Copy id_rsa.pub into C:\cygwin\home\backuppc\.ssh \authorized_keys

Test by running ssh -v backuppc@host to test the connection

BackupPC Host File

In the web interface change the following for the host.

DumpPreUserCmd:  $sshPath -q -x -l backuppc $host cscript "C:\cygwin\BackupPC\pre-cmd.vbs"
 DumpPostUserCmd: $sshPath -q -x -l backuppc $host echo "Complete: $xferOK" > /var/run/wake.up

Test Run

If you have existing backups from a previous RSync config, it is a good idea to run a full backup to ensure any in use files are part of the base. In my case I also changed the noacl flag which affected the file attributes RSync sees.

Tips

Set your antivirus to exclude the exposed drives. As they are read only it just slows down the reading of files by RSync.

Downloads

Updates

• While writing this up I found a good alternative way of using VShadow with SSH to backup in use files, that uses the AT command instead of task scheduler to get around UAC, BackupPC with ssh/rsync/VSS on Windows Server. The only down side to this method is the SSH connection requires an Admin account, but if configured securely this should be fine. It also a lot simpler to configure as it does not require configuring Task Scheduler.
• There is a great script for managing VSS by Mark Baggett and Tim “LaNMaSteR53″ Tomes VSSOwn.vbs which was discussed in one of there security blog posts, Safely Dumping Hashes from Live Domain Controllers