The Centauri Files

Adventures in System Administration

MySQL 9.7 Installation Issues

MySQL 9.7, the latest LTS version, was released on April 21, 2026. It’s too new to be available from the various Linux distribution repositories where MySQL 8.4, the previous LTS version, is the current offering. If you want to use MySQL 9.7, you’ll need to install it from the Oracle repositories. But there are problems. As my testing was done on AlmaLinux, these issues apply to RHEL-based distributions. However, Debian/Ubuntu users should take note and be ready for possible speed bumps.

Oracle didn’t release a new repo package for MySQL 9.7. Instead, they updated the existing MySQL 8.4 repo package to add MySQL 9.7. When you go to the download page for the MySQL Community Server Yum Repository, you’ll find the repo packages are all mysql84-community-release RPMs. There is no mention that the repo package will install MySQL 9.7.

PS-BackupMySQL: MySQL/MariaDB Backup for Windows


Whether on Linux or Windows, it’s imperative that MySQL databases be regularly backed up to prevent data loss. And any data loss is much more likely to be from human error than a system failure. But the installers for MySQL and MariaDB do not touch on database backups beyond installing the mysqldump utility. Information to be found for backing up MySQL databases pertains mostly to Linux, and the plethora of backup scripts available for Linux are generally not suitable on Windows.

To fill this gap, I created the PS-BackupMySQL package. It provides the PowerShell script Backup-MySqlDatabases to back up all user databases and the mysql system database. (Other system databases are dynamically created and do not need to be backed up.) It’s designed to be run interactively or from a Windows scheduled task to back up databases on a regular schedule. And since databases that are backed up may eventually need to be restored, the script Restore-MySqlDatabases is provided to restore databases – one, many, or all – from the backup files. Also included are Create-MySqlBackupUser which simplifies creating a backup user with only those privileges needed to back up the databases and Create-MySqlBackupTask to create a Windows scheduled task to back up the databases.

Listing IP Address on Windows


There are times I need to get the list of the IP addresses – usually just IPv4 addresses since use of IPv6 addresses is still not widespread yet – on a Windows server. There are various ways to do this. One of the simplest is to use ipconfig. This is a command-line utility that has been a part of Windows since the early days. Without any options, it returns the IP addresses and subnet masks for every network adapter.

Note the link-local IPv6 address includes a scope id (% followed by the network adapter id). Because link-local addresses are not guaranteed to be globally unique, the scope id is used to identify the network adapter used for the address. This is important on systems with multiple network adapters.

MySQL Configuration Files

Since I recently posted MariaDB client and sever options files, it’s only fitting that I post options files for MySQL. Since MariaDB and MySQL have diverged since version 5 when MariaDB was a drop-in replacement for MySQL, options files can no longer be shared between the two without modification.

MySQL has many options for both the client and server than can be adjusted (or tuned) to provide better performance. For most, the default settings are fine and never need to be adjusted. A few, however, should be adjusted for optimal performance. This is particular true for the InnoDB storage engine. The option innodb_buffer_pool_size, which sets the size of the in-memory buffer pool, is probably the most important option to boost performance. It can be set up to 80% of the total memory on the server, but the default is very inadequate 128 MB.

Another option is max_allowed_packet which is used by both client and the server. This sets the maximum size for a data packet or generated/intermediate string. It must be large enough to hold the largest record or BLOB. The client default is a very anemic 16 MB. The server default is better but only 64 MB.

MariaDB Configuration Files

MariaDB has many options for both the client and server than can be adjusted (or tuned) to provide better performance. For most, the default settings are fine and never need to be adjusted. A few, however, should be adjusted for optimal performance. This is particular true for the InnoDB storage engine. The option innodb_buffer_pool_size, which sets the size of the in-memory buffer pool, is probably the most important option to boost performance. It can be set up to 80% of the total memory on the server, but the default is very inadequate 128 MB.

Another option is max_allowed_packet which is used by both client and the server. This sets the maximum size for a data packet or generated/intermediate string. It must be large enough to hold the largest record or BLOB. The client default is not too shabby at 1 GB, but the server default is an anemic 16 MB.

The MariaDB packages for Debian and Red Hat based distributions do install options files (also known as defaults files) for both the client and server, but they are largely placeholders, setting very few or no options. And they have no comments about any of the options. This makes it difficult to know which options should be adjusted for best performance. The options are documented on the MariaDB Documentation site, but this means wading through a long list of options trying to find the ones of interest.

Backing Up MySQL and MariaDB Databases

Having regular backups of MySQL and MariaDB databases is vitally important to ensure that data can be recovered in the event of corruption (which could be caused by a system failure or malicious software such as ransomware) or human error (such as when a user accidentally deletes a row, table, or entire database). MySQL and MariaDB provide a utility program to back up the databases – namely mysqldump (which is mariadb-dump for MariaDB 1.5 and higher) – but neither provides a program or script that allows backups to be easily automated. Aptum Technologies (my employer) provides a script allowing customers to back up the databases from a cron job. The original was a very basic script which didn’t have much flexibility. Using this as foundation, I rewrote the backup script and enhanced it over the years to improve its functionality and add features.

The script – backup-mysql – uses mysqldump to create a logical backup of each database. Each database is backed up to a separate file and then compressed using gzip (or pigz on systems with two or more processors). The database backup files are then archived to a tar file. This archive file is not compressed since the individual database backup files are already compressed. And a log file is created with information about the backup operation. Any errors that occur are recorded in the log file.

Disabling ISAPI Filters When Not Allowed By IIS Manager

A client recently had problems with an IIS website. The website was serving only static image files. No dynamic pages created by a rendering engine. But all requests for this website were returning a 500 Server Error. I traced the problem to an ISAPI filter installed by ColdFusion. (Yes, ColdFusion is still a thing.)

ColdFusion is a Java application and uses Apache Tomcat to render its web pages. To interface with IIS, it installs an ISAPI filter to proxy requests from IIS to ColdFusion’s Tomcat engine. The IIS sites for the ColdFusion pages were working fine, but the site for the static image files was reporting an error that it could not load the ColdFusion ISAPI filter. This caused Windows to shut down the IIS worker processes and return a 500 Server Error. The cause was likely a configuration error for the ColdFusion Tomcat Connector. Since the website didn’t need to use ColdFusion, the client’s preferred to simply remove the Tomcat ISAPI filter for the site. However, IIS Manager was not allowing the filter to be removed.

To understand why the ISAPI filer could not be removed requires digging into the structure of the IIS configuration.

SQL Server – Secure By Default

Enhancements to SQL Server Network Connection Security Through Breaking Changes

With the introduction of SQL Server 2022, Microsoft began a new initiative known as secure by default. This initiative is in response to vulnerabilities in the Tabular Data Stream (TDS) protocol – the protocol used for data communication between a client and SQL Server – discovered by Summit Security Group which allowed a man-in-the-middle attack. As more SQL Server workloads are moved to public clouds like Azure, connections over the Internet will be become more common. Microsoft has therefore taken steps to secure the network connection between the client and SQL Server

Changes to implement secure by default revolve around encryption. Use of encryption for the connection has long been optional and the default was not to use encryption. Secure by default now requires client drivers to use encryption unless explicitly disabled, and this is a breaking change that can cause connections using default settings to fail. It’s not the use of encryption itself that is the problem. Rather it’s because the certificate used by SQL Server to encrypt the connection is validated to ensure it’s a trusted certificate. A trusted certificate is one that is issued by a trusted certificate authority. When SQL Server uses a self-signed certificate – which, by definition, is not a trusted certificate – the validation fails and the connection is not allowed.

Listing and Moving Active Directory FSMO Roles

FSMO is an Active Directory term that stands for Flexible Single Master Operation. Although Active Directory uses a multi-master enabled database, which provides the flexibility of allowing changes to occur on any domain controller, certain operation requires a single-master model where only one domain controller is allowed to process updates to prevent conflicting updates.

Domain Administrator Cannot Open Ethernet Adapter Settings

Creating a new Active Directory forest and domain on Windows Server 2019 recently, I found the domain administrator could not open Network Connections. This happened when right-clicking on the Network icon on the Task Bar to open Network & Internet Settings, selecting Ethernet, and clicking on “Change adapter options”.

This only occurs when trying to open Network Connections through Windows Settings. There are no problems opening Network Connections through Control Panel or directly by running ncpa.cpl. And it only affects the domain administrator. Other users do not experience this problem. But the domain administrator has this problem on any computer in the domain.

Page 1 of 2

Copyright © 2026 Charles Rutledge

Powered by WordPress & Theme by Anders Norén