Jan
26

Unable to unauthorize DHCP Server

Categories:

by

From time to time I see old/orphaned objects in the DHCP Server authorized lists. This happens often when you change IP address and DNS is not resolving the old IP address.

When you try to unauthorize following error message appears:

—————————

DHCP

—————————

There is no such object on the server.

—————————

OK

—————————

What you need to do is removing some references in AD.

  1. Open Adsiedit
  2. Connect to “CN=NetServices,CN=Services,CN=Configuration,DC=Your Domain,DC=com”
  3. Expand, and then you should see CN = DhcpRoot.
  4. Edit dhcpServers attribute on DhcpRoot to reflect (delete the orphaned servers)
  5. Verify the Authorized list in DHCP

 

 

This post has no tag

Leave comment

Jan
13

VSS error and no Active Directory partition Backup

Categories:

by

I had a strange issue on two 2008 domain controllers. I was just taking a health check before I started my assigned task. I scrambled through the event logs for errors and found this one on both of them:
image

Okay, so there has been no system state backup of these servers in some time.  The next thing I did was to check the backup.  The costumer uses a cloud based backup system that uses VSS to take backup. Everything in the backup logs looked okay. I also verified that system state was checked, and it was. I then checked if there was any newer version of the backup software. But the customer had the most recent one. Yeah…. What now?

I then looked again over the event logs on the domain controllers and found this one at same time the backup runs:

image

“ Volume Shadow Copy Service error: Unexpected error VSS_E_WRITER_STATUS_NOT_AVAILABLE “

I than did a hotfix search and finally stumbled over this one:
http://support.microsoft.com/kb/970770

The most time consuming was to find the right hotfix. There are pretty many when you search for VSS and 2008.

I then installed this hotfix on both and booted them. Then I retried the backup and the problem went away. And of course Directory services stopped complaining about the no backup of directory partition issue.

Hope this helps someone else with the same problem.

Tags: , , ,

Leave comment

Jan
04

Hydrating on Virtualbox

Categories:

by

Johan Arwidmark has made some excellent hydration solutions that are time saving. (http://www.deploymentresearch.com/Blog/tabid/62/EntryId/29/YAHK-Yet-Another-Hydration-Kit-This-one-for-ConfigMgr-2012-Beta-2.aspx ).
I am currently stuck on Oracle virtualbox as my hypervisor (at least until Windows 8 is in beta). I therefore took the liberty of creating script number 4 in the hydration solution for CM2012Beta that creates the VM’s to do it on virtualbox. I know it is not a pretty/good looking PowerShell script, but it does what it is supposed to do. So the script looks like this:

# Addition to Johans Arwidmarks Hydration kit using Sun Virtualbox instead of Vmware or Hyper-V.
# http://www.deploymentresearch.com/Blog/tabid/62/EntryId/29/YAHK-Yet-Another-Hydration-Kit-This-one-for-ConfigMgr-2012-Beta-2.aspx
# Author: Oddvar Moe, http://msitpros.com

$PathToExe = "C:\program files\oracle\virtualbox\"

#HYDRATION-DC01
$VM = "HYDRATION-DC01"
$DiskLocation = "C:\VMs\$VM\disk1.vhd"
md C:\VMs\$VM
cd $PathToExe
.\VboxManage.exe createhd --filename $DiskLocation --size 300000 --format VHD | out-null
.\VboxManage.exe createvm --register --name $VM --ostype Windows7_64 | out-null
.\VBoxManage.exe storagectl $VM --name "IDE Controller" --add ide --controller PIIX4 --hostiocache on | out-null
.\VBoxManage.exe storageattach $VM --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium emptydrive
.\VBoxManage.exe storagectl $VM --name "Sata Controller" --add sata --sataportcount 1 | out-null
.\VBoxManage.exe storageattach $VM --storagectl "Sata Controller" --port 0 --type hdd --medium $DiskLocation | out-null
.\VboxManage.exe modifyvm $VM --memory 1024 --vram 21 --pae off | out-null
.\VboxManage.exe modifyvm $VM --nic1 intnet --macaddress1 00155D000011 | out-null
.\VBoxManage.exe modifyvm $VM --dvd C:\HydrationServers\HydrationServers.iso | out-null

#HYDRATION-DC02
$VM = "HYDRATION-DC02"
$DiskLocation = "C:\VMs\$VM\disk1.vhd"
md C:\VMs\$VM
cd $PathToExe
.\VboxManage.exe createhd --filename $DiskLocation --size 300000 --format VHD | out-null
.\VboxManage.exe createvm --register --name $VM --ostype Windows7_64 | out-null
.\VBoxManage.exe storagectl $VM --name "IDE Controller" --add ide --controller PIIX4 --hostiocache on | out-null
.\VBoxManage.exe storageattach $VM --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium emptydrive
.\VBoxManage.exe storagectl $VM --name "Sata Controller" --add sata --sataportcount 1 | out-null
.\VBoxManage.exe storageattach $VM --storagectl "Sata Controller" --port 0 --type hdd --medium $DiskLocation | out-null
.\VboxManage.exe modifyvm $VM --memory 1024 --vram 21 --pae off | out-null
.\VboxManage.exe modifyvm $VM --nic1 intnet --macaddress1 00155D000012 | out-null
.\VBoxManage.exe modifyvm $VM --dvd C:\HydrationServers\HydrationServers.iso | out-null

#HYDRATION-CM01
$VM = "HYDRATION-CM01"
$DiskLocation = "C:\VMs\$VM\disk1.vhd"
md C:\VMs\$VM
cd $PathToExe
.\VboxManage.exe createhd --filename $DiskLocation --size 300000 --format VHD | out-null
.\VboxManage.exe createvm --register --name $VM --ostype Windows7_64 | out-null
.\VBoxManage.exe storagectl $VM --name "IDE Controller" --add ide --controller PIIX4 --hostiocache on | out-null
.\VBoxManage.exe storageattach $VM --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium emptydrive
.\VBoxManage.exe storagectl $VM --name "Sata Controller" --add sata --sataportcount 1 | out-null
.\VBoxManage.exe storageattach $VM --storagectl "Sata Controller" --port 0 --type hdd --medium $DiskLocation | out-null
.\VboxManage.exe modifyvm $VM --memory 4096 --vram 21 --pae off | out-null
.\VboxManage.exe modifyvm $VM --nic1 intnet --macaddress1 00155D000013 | out-null
.\VBoxManage.exe modifyvm $VM --dvd C:\HydrationServers\HydrationServers.iso | out-null

I tried to search for PowerShell modules that add virtualbox cmdlets, but I could not find any. That is not entirely true since I found this one: http://jdhitsolutions.com/blog/2011/06/managing-virtualbox-with-powershell/

But it did not have all the cmdlets I needed, so I wrote a simple script instead. This script can of course be used as an example when you need to create a bunch of virtual servers in virtualbox for other needs also.  Hope you find this useful.

Tags: , , ,

Leave comment

Jan
04

AD discovery CM 2012 Feature I love

Categories:

by

I must say that I am please to see that they finally have this feature implemented in CM 2012.

image
Only discover computers that have logged on to a domain in a given period of time.

Many customers do not have any control of the computer objects that actually are in use. This will sure help on getting better status on actual clients that are in use. Great!

Tags: , , ,

Leave comment

Jan
02

Modify the task manager

Categories:

by

I got a challenge when trying to add some columns in the task manager under processes in a deployment for a colleague.
image
He wanted to automatize so that every one got the same task manager view. I started out searching for scripts that would do this for me. Could not find any. Okay, so I am on my own again trying to figure this one out. I fired up Process monitor to try to figure out what happens when I change columns. I changed the filter to show only Operation equals RegSetValue. I then started the monitoring and changed the layout of the task manager, but then nothing showed up in Process monitor. That was strange. I then thought about other applications that actually does not write anything to the registry until they are closed. So I repeated the whole thing and closed the task manager. And there it was. I found the registry keys that controls the layout of the task manager.
image

It was the following keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\TaskManager\Preferences

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\TaskManager\UsrColumnSettings

And of course this is binary so the easiest way is just to make the changes, remember to close the task manager and then export the keys. (editing binary values directly is hard!)

So now you can just import this settings to either the default profile or run the import during logon or add it to your build image…… I leave that up to your preferred method.

Hope this helps someone that want to customize the task manager.

Tags: , ,

Leave comment

Jan
02

Ignore original message, Spellcheck Outlook 2010

Categories:

by

There is an feature in outlook which should get the spellcheck to ignore original message text in reply or forward. Which can be found if you press the File -> Option ->Mail

You would believe that when you check the checkbox it should work.
However it’s not that simple. There is a big chance that you will still experience that it infect does check the original text.

In my case the function only work if I had the “Mark grammar as you type” checked and “Check grammar with spelling” unchecked. as displayed below

When I checked my friend Google a lot of users are struggling with this on several outlook versions. I have only tested it on the 2010 32bit version but give it a try and please comment if it helps you with another version.

 

 

 

 

 

 

 

Tags: ,

Leave comment

Dec
15

Install ActiveX for all users on 2008R2 Remote Desktop Server

Categories:

by

This is primary notes for my self, because for some reason I always spend much time dealing with this during installation of Remote Desktop Servers.

First of all there is a part of Windows that is called ActiveX Installer Service that needs to be configured. This is default enabled in Windows 7. In Vista you have to add this as feature through add windows features. I always assume that if something is in Windows 7 it is also implemented in the Server 2008 R2 OS, since it is the same core (and on Vista and 2008). In this case this is not true at all. In order to get Server 2008 R2 to enable the ActiveX installer service there is a hotfix required. The same goes for 2008.

ActiveX installer service for 2008 R2 Hotfix: http://support.microsoft.com/kb/2508120
ActiveX installer service for 2008 Hotfix: http://support.microsoft.com/kb/2582841

Okay, so after installing this hotfix you can start configuring the ActiveX installer Service with Group policy. Yoho!

 

Edit your group policy that affects your Remote Desktop Server and browse to the following:
image

Here you will have a setting that you want to edit (Approve Installation Sites for ActiveX Controls):
image

But before you enable this you have to know where the ActiveX is coming from. In my scenario it was coming from http://webint.customer.local/ . Edit the setting and choose enable and click show:
image

image

You might want to understand the value field in this setting. You have 4 different switches.

The first one controls what to do when installing ActiveX controls that have trusted signatures.
0 = Prevents users from installing
1 = Prompts the user before installing
2 = Installs ActiveX

The second controls what to do when the signed ActiveX is not the trusted root.
0 = Prevents users from installing
1 = Prompts the user before installing
2 = Installs ActiveX

The third controls what to do when the ActiveX is unsigned.
0 = Prevents users from installing
1 = Installs the unsigned ActiveX

The fourth controls what to do when any errors are returned in a https session:
0 = Specifies that the connection must pass all verification checks. (default).
0×00000100 = Ignore errors caused by unknown certification authorities (CAs).
0×00001000 = Ignore errors caused by an invalid common name (CN).
0×00002000 = Ignore errors caused by a certificate’s date.
0×00000200 = Ignore errors caused by improper certificate use.

So in my scenario I want to install this no matter what so my values are 2,2,1,0 . Since the connection is not HTTPS I can safely set 0 in last control since there are no certificate involved in the connection to the web server.

To verify it is working you can have look in the event log:
image

If it fails the event ID is 4097.

More detailed information on this here :
http://technet.microsoft.com/en-us/library/dd631688(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc721964(WS.10).aspx

Now it is up to Internet Explorer to handle the ActiveX as an add-on. So if the ActiveX is denied then you need to adjust the settings regarding the ActiveX in the Zone it lives in. I choose to set this setting per user under the intranet zone, because this web service is in this zone.

image

I adjust the following settings for my ActiveX:
image

Hopes this helps someone else having the same problem.

Tags: , ,

Leave comment

Dec
08

How to control the Devices and Printers pop-up

Categories:

by

I guess you have seen this before:

image

I wanted to prevent users from getting this. I see no reason why they should. I found the registry key that controls its behavior. I could not find any Group policy setting for this. (that’s strange)

“HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Metadata”
Under this key there should be a REG_DWORD that is called: PreventDeviceMetadataFromNetwork and should have the value of 0 to allow icons to be retrieved from the internet automatically.  

image

Tags: ,

2 comments

Dec
07

Remove Exchange 2007 server after upgraded to Exchange 2010

Categories:

by

Hi,

After the co-exist with Exchange 2007 and Exchange 2010 had worked fine for a while I wanted to remove the Exchange 2007 servers.

No problems with removing CAS server. But when removing the mailbox role was not as easy as I thought it would be. When I had replicated all the public folders, and runned MoveAllReplicas.ps1, I checked with Get-PublicFolderStatistics. No folders listed! But when I tried to delete the Public Folder database I got the following error message:

——————————————————-
Microsoft Exchange Error
——————————————————–
The public folder database ‘Public Folder Database’ cannot be deleted.

Public Folder Database
Failed
Error:
Object is read only because it was created by a future version of Exchange: 0.10 (14.0.100.0). Current supported version is 0.1 (8.0.535.0).

 

——————————————————–
OK

 

I also tried to remove it trough EMS.

Solution: Remove it from Exchange 2010 EMS. I used following command: Get-PublicFolderDatabase – Server “nameofserver” | Remove-PublicFolderDatase

Woila!

Tags: ,

Leave comment

Dec
06

Exchange 2010 SP2 Released

Categories:

by

http://www.microsoft.com/download/en/details.aspx?id=28190

Read What’s new

http://technet.microsoft.com/en-us/library/hh529924.aspx

 

Tags: ,

Leave comment

Older posts «

QR Code Business Card