tag:blogger.com,1999:blog-31595664981267349752024-03-19T12:14:38.761+02:00Kim Hellman - Being right is better than being greatBlog to share tips and tricks that I come across in my role as a Technical Architect at Knowledge Factory.khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.comBlogger23125tag:blogger.com,1999:blog-3159566498126734975.post-82167995609426493862014-10-09T16:41:00.000+03:002014-10-09T16:41:01.474+03:00"This theme can't be applied to the desktop"I'm currently configuring a new Windows Server 2012 R2 RDS environment for my customer to migrate to from their existing Windows Server 2008 R2 TS farm and this error message had been bothering me for quite some time: "This theme can't be applied to the desktop"<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9g2oz7_HGzAy-uoSvCLt7_G_Q8ePM1F4X_pmaiF6sh6LahdemtAWVGHAoRtj5bFvXiW2jX_fd0XYL_c5aAR4OqT-dWxp8bMbgbLFFdBknFtr49A9JINIkef4LyuFlPbvOGsTZIdNVYIA/s1600/theme-message.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9g2oz7_HGzAy-uoSvCLt7_G_Q8ePM1F4X_pmaiF6sh6LahdemtAWVGHAoRtj5bFvXiW2jX_fd0XYL_c5aAR4OqT-dWxp8bMbgbLFFdBknFtr49A9JINIkef4LyuFlPbvOGsTZIdNVYIA/s1600/theme-message.jpg" height="126" width="320" /></a></div>
The error message appeared every time a user tried to start a RemoteApp program from the new RDS environment. The investigation concluded that a new user which had never logged in to the old TS environment did not get the error message, only users with an existing profile. Users were logging in from Windows 7 workstations/laptops. After some testing with various GPO settings under User Configuration\Administrative Templates\Control Panel\Personalization I discovered that forcing all users to use the Aero Theme solved the problem. <br />
<br />
Under User Configuration\Administrative Templates\Control Panel\Personalization configure the setting "Load a specific theme" with "%windir%\Resources\Themes\aero.theme"khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com11tag:blogger.com,1999:blog-3159566498126734975.post-33491255300314323332014-03-10T09:00:00.000+02:002014-03-10T09:00:05.858+02:00CAU - Target name resolution error<span class="hps">If</span> <span class="hps">removal of the</span> <span class="hps">CAU</span> <span class="hps">for a Windows</span> <span class="hps">Server 2012</span> <span class="hps">R2</span> <span class="hps">Failover</span> <span class="hps">Cluster</span> <span class="hps">has failed or</span> <span class="hps">if anyone</span> <span class="hps">has tried</span> <span class="hps">manually</span> <span class="hps">clean up</span> <span class="hps">the CAU</span><span>, the following</span> <span class="hps">error might appear</span> <span class="hps">in Server Manager</span><span>.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1uMcAjnYGPUdXTWJ5fSbuHVkKsOgt6a9B1ux4TRwuEZl25YdE0DuemZgbfBiRtD_LczP78fygvSGz7mwvGfWXn_xDxRFN1S3jUkKf8P47E2F63ijldDYwZI_ADOHb8CNpoCEtltsPxcE/s1600/Capture1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1uMcAjnYGPUdXTWJ5fSbuHVkKsOgt6a9B1ux4TRwuEZl25YdE0DuemZgbfBiRtD_LczP78fygvSGz7mwvGfWXn_xDxRFN1S3jUkKf8P47E2F63ijldDYwZI_ADOHb8CNpoCEtltsPxcE/s1600/Capture1.JPG" height="78" width="400" /></a></div>
<div align="left" class="separator" style="clear: both; text-align: center;">
</div>
<div align="left" class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: left;">
A look in the logs shows...:</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
Log Name: System</div>
<div class="separator" style="clear: both; text-align: left;">
Source: DistributedCom</div>
<div class="separator" style="clear: both; text-align: left;">
Event ID: 10028</div>
<div class="separator" style="clear: both; text-align: left;">
Level: Error</div>
<div class="separator" style="clear: both; text-align: left;">
User:</div>
<div class="separator" style="clear: both; text-align: left;">
OpCode: Info</div>
<div class="separator" style="clear: both; text-align: left;">
More Information: Event Log Online Help</div>
<div class="separator" style="clear: both; text-align: left;">
Logged:</div>
<div class="separator" style="clear: both; text-align: left;">
Task Category: None</div>
<div class="separator" style="clear: both; text-align: left;">
Keywords: Classic</div>
<div class="separator" style="clear: both; text-align: left;">
Computer:</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
"DCOM was unable to communicate with the computer CAU-name.domain.local using any of the configured protocols; requested by PID b54 (C:\Windows\system32\ServerManager.exe)."</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj6Sa2b88LA7Vmh1Kzitddni9dVxWyo_r54WnDf8JyElctHp37Tx5UaqaMt0Nno7xJp8rcmGPUR1zFx5tD81P6PFP6T-j5e5hvKsGM3NK1abvc5wvsUvPgCzqqXkYH91NgOREa5kJHQ2Y/s1600/Capture4_2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj6Sa2b88LA7Vmh1Kzitddni9dVxWyo_r54WnDf8JyElctHp37Tx5UaqaMt0Nno7xJp8rcmGPUR1zFx5tD81P6PFP6T-j5e5hvKsGM3NK1abvc5wvsUvPgCzqqXkYH91NgOREa5kJHQ2Y/s1600/Capture4_2.jpg" height="338" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div align="left" class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: left;">
....and/or:</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
Log Name: System</div>
<div class="separator" style="clear: both; text-align: left;">
Source: FailoverClustering</div>
<div class="separator" style="clear: both; text-align: left;">
Event ID: 1228</div>
<div class="separator" style="clear: both; text-align: left;">
Level: Error</div>
<div class="separator" style="clear: both; text-align: left;">
User: System</div>
<div class="separator" style="clear: both; text-align: left;">
OpCode: Info</div>
<div class="separator" style="clear: both; text-align: left;">
More Information: Event Log Online Help</div>
<div class="separator" style="clear: both; text-align: left;">
Logged:</div>
<div class="separator" style="clear: both; text-align: left;">
Task Category: Network Name Resource</div>
<div class="separator" style="clear: both; text-align: left;">
Keywords:</div>
<div class="separator" style="clear: both; text-align: left;">
Computer:</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
"Cluster network name resource "CAU-name" encountered an error enabling the network name on this node. The reason for the failure was:</div>
<div class="separator" style="clear: both; text-align: left;">
"Unable to obtain a logon token"</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
The error code was "1326".</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
You may take the network name resource offline and online again to retry."</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxYEcvjIhRo9_ajBWgEoLKaKZC78XOJflI5OOH15B_LjoMUEcqV3IZeGzIDuT0yrFyDk1zob6QVRCqaXa0raw4jHWNUE_JnE_VPASt6psAA60JhyphenhyphenqNNq8mkk0xElwgZoyQGJ_IZvQ929M/s1600/Capture5_2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxYEcvjIhRo9_ajBWgEoLKaKZC78XOJflI5OOH15B_LjoMUEcqV3IZeGzIDuT0yrFyDk1zob6QVRCqaXa0raw4jHWNUE_JnE_VPASt6psAA60JhyphenhyphenqNNq8mkk0xElwgZoyQGJ_IZvQ929M/s1600/Capture5_2.jpg" height="250" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<span class="hps">If</span> <span class="hps">you do not see</span> <span class="hps">any trace of</span> <span class="hps">CAU</span> <span class="hps">but still</span> <span class="hps">see these</span> <span class="hps">error messages</span> <span class="hps">is</span> <span class="hps">probably</span> <span class="hps">the reason</span> <span class="hps">that</span> <span class="hps">CAU</span><span>'s</span> <span class="hps">Distributed Network</span> <span class="hps">Name</span> <span class="hps">is</span> <span class="hps">left</span> <span class="hps">lying around</span> <span class="hps">in</span> <span class="hps">the Failover</span> <span class="hps">Cluster.</span> <span class="hps">CAU</span><span>'s</span> <span class="hps">Distributed Network</span> <span class="hps">Name</span> <span class="hps">will be added</span> <span class="hps">up</span> <span class="hps">automatically</span> <span class="hps">during configuration</span> <span class="hps">of</span> <span class="hps">CAU</span> <span class="hps">but</span> <span class="hps">does not appear in</span> <span class="hps">the Failover</span> <span class="hps">Cluster</span> <span class="hps">Manager</span><span>, but</span> <span class="hps">is hidden.</span> <span class="hps">Use</span> <span class="hps">PowerShell to</span> <span class="hps">list</span> <span class="hps">Cluster</span> <span class="hps">Resources and </span><span>you will</span> <span class="hps">see</span> <span class="hps">the CAU</span><span>'s</span> <span class="hps">Distributed Network</span> <span class="hps">Name.</span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<ol>
<li><div class="separator" style="clear: both; text-align: left;">
Open an elevated Powershell window</div>
</li>
<li><div class="separator" style="clear: both; text-align: left;">
Specify Get-ClusterResource -Cluster "Cluster Name"</div>
</li>
<li><div class="separator" style="clear: both; text-align: left;">
<img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDLyYONuZE-dJx-_6GzqE1D809Mt3IlwcsLZ1lPKLkatPSFo5x6GW_WrcHJY7KfnooAY49sx6o5caz86FwnHveq1D4byuFdktqPGndvUbVsKyd8uJ0iGkKc8oLabZ9X_lljaTbsjUv7cg/s1600/Capture2.JPG" height="39" width="320" /></div>
</li>
<li><div class="separator" style="clear: both; text-align: left;">
Remove-ClusterResource "Name"</div>
</li>
</ol>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com4tag:blogger.com,1999:blog-3159566498126734975.post-57742012243576720842014-03-03T09:00:00.000+02:002014-03-03T09:00:01.416+02:00How to disable Cluster Aware Updating (CAU)Have you ever wanted to disable Cluster Aware Updating perhaps just for a while or even permanently? The problem is that you might get recurring an Kerberos Security error in Server Manager on one of your cluster nodes. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg93TV3JAquQD9EnYqkkopFurrWrc6_o23dRkOSSxnoA8rJ6g8PdiqQv1WDWboGoU0sq-jQYyyE5dvOEYexPEmf1N3wM1BGmlOLz0U5KQ4j3LLbodJf0aVZ5o2cwLj-o70-tigWjLXOEKs/s1600/CAU1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg93TV3JAquQD9EnYqkkopFurrWrc6_o23dRkOSSxnoA8rJ6g8PdiqQv1WDWboGoU0sq-jQYyyE5dvOEYexPEmf1N3wM1BGmlOLz0U5KQ4j3LLbodJf0aVZ5o2cwLj-o70-tigWjLXOEKs/s1600/CAU1.JPG" height="93" width="400" /></a></div>
<br />
The error message below will appear in the system log:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnzqaFxI2iBrYotJnAolFMf7V5mAD7LIDbtcZhvT4mBc64HnTG68vncp8IU2xFiKeKHGFG_ob1Fq3jUldwkbYBD5naWfK2kCMQjy3yEfM12-RL1I0WyfogtMR7jzjSPB7YU7Mn01ypmB4/s1600/CAU2_2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnzqaFxI2iBrYotJnAolFMf7V5mAD7LIDbtcZhvT4mBc64HnTG68vncp8IU2xFiKeKHGFG_ob1Fq3jUldwkbYBD5naWfK2kCMQjy3yEfM12-RL1I0WyfogtMR7jzjSPB7YU7Mn01ypmB4/s1600/CAU2_2.jpg" height="313" width="400" /></a></div>
<br />
"The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server "server name". The target name used was HTTP/server_name.domain.local. This indicates that the server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target server is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain "domain.local" is different from the client domain "domain.local" check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server."<br />
<br />
The solution is quite simple but perhaps not obvious even though it's stated in the error message. What you need to do is to add two SPN's to your CAU account.<br />
<br />
<ol>
<li>Open an elevated command prompt</li>
<li>setspn -S http/CAU-account-name CAU-account-name</li>
<li>setspn -S http/CAU-fqdn-account-name CAU-account-name</li>
</ol>
<br />khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com7tag:blogger.com,1999:blog-3159566498126734975.post-47449164873091393132014-02-24T09:00:00.000+02:002014-02-24T09:25:23.486+02:00Unblock IPAM access to a DCTo roll out the Windows Server 2012 IPAM feature should be "a walk in the park" and it normally is but a while ago I was really struggling helping a customer out with this. I had made the configuration using GPO's and verified my settings several times but I kept getting the error "Unblock IPAM Access":<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig86zMoRY5KL35BsK9rw9khtaWQ3XYctThuKmiZC4rbMH1lStDymaK53REhHKJpeNeGye5YIlv_xDEpoxqcsVgBH3NR1wBRfbuVhyDGmLLA5nHQAlZ59kmEEOo9e8vTljeeLbGsgzpTjA/s1600/ipam1_2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig86zMoRY5KL35BsK9rw9khtaWQ3XYctThuKmiZC4rbMH1lStDymaK53REhHKJpeNeGye5YIlv_xDEpoxqcsVgBH3NR1wBRfbuVhyDGmLLA5nHQAlZ59kmEEOo9e8vTljeeLbGsgzpTjA/s1600/ipam1_2.jpg" height="242" width="400" /></a></div>
<br />
<br />
The solution was actually ridiculously simple. Editing the problem server in the IPAM Server Inventory panel to untick DNS - OK - then reticked DNS fixed it.khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com6tag:blogger.com,1999:blog-3159566498126734975.post-25570803759368676792014-02-13T13:24:00.001+02:002014-02-13T13:24:37.683+02:00AD DS operation failed - Dcpromo error - FSMO role broken<span class="hps">I</span> <span class="hps">was about to </span><span class="hps">remove</span> <span class="hps">a domain controller</span> <span class="hps">of a customer</span> <span class="hps">so many times before</span> <span class="hps">when the error</span> <span class="hps">below</span> <span class="hps">appeared.</span><br />
<br />
Active Directory Domain Services Installation Wizard<br />
---------------------------<br />
The operation failed because:<br />
<br />
Active Directory Domain Services could not transfer the remaining data in directory partition DC=ForestDnsZones,DC=company,DC=com to<br />
Active Directory Domain Controller <a href="file://dc.company.com/">\\DC.company.com</a>.<br />
<br />
"The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles."<br />
<br />
<br />
Very strange considering that running "netdom query fsmo" <span class="hps">gives the result</span> <span class="hps">that one of</span> <span class="hps">the other domain controllers</span> <span class="hps">owns</span> <span class="hps">all</span> <span class="hps">FSMO</span> <span class="hps">roles</span>. The Event Viewer is in this case your best friend. <br />
<br />
<blockquote>
Log Name: Directory Service <div>
Source:
Microsoft-Windows-ActiveDirectory_DomainService </div>
<div>
Date: 2014-02-01
14:44:13</div>
<div>
Event ID: 2091 </div>
<div>
Task Category: Replication
</div>
<div>
Level: Warning </div>
<div>
Keywords: Classic </div>
<div>
User:
ANONYMOUS LOGON </div>
<div>
Computer: DC.COMPANY.COM </div>
<div>
Description:</div>
Ownership of the following FSMO role is set to a server which is deleted or
does not exist. <div>
</div>
</blockquote>
<br />
The DC mentioned in the Event Viewer warning was an old Windows Server DC removed more than 5 years ago!<br />
<br />
Let's move on, make sure to open ADSIEdit on the affected
FSMO Role owner<em> </em>and make the necessary changes there.<br />
<br />
<br />
How to obtain the correct setting:
<br />
<ol>
<li>On the affected role owner open ADSIEdit.
<li>Click on Default Naming Context [DC.Company.Com].<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXeIhhBIEES_5p0BlAwp1cX8aArZp-XFrXcYEJGKvvD-ep5TBWeM3RdSP1QoHkiZzbhjL6MjpKbBS_9RyqLOtdNl5A-nW_eugzmFxL4-fqPJd46fKyHL44Id3qYSpWkj8iAmnuk7TsqUs/s1600/FSMO1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXeIhhBIEES_5p0BlAwp1cX8aArZp-XFrXcYEJGKvvD-ep5TBWeM3RdSP1QoHkiZzbhjL6MjpKbBS_9RyqLOtdNl5A-nW_eugzmFxL4-fqPJd46fKyHL44Id3qYSpWkj8iAmnuk7TsqUs/s1600/FSMO1.JPG" height="319" width="320" /></a></div>
</li>
<li>Click on DC=Company,DC=Com.
<li>Double click on CN=Infrastructure at the bottom of the list of folders.
<li>Locate the fSMORoleOwner attribute and click on it.
<li>Click the Edit button.
<li>CTRL+C to copy the contents of the attribute.
<li>Click CANCEL twice. </li>
</li>
</li>
</li>
</li>
</li>
</li>
</ol>
<br />
<ol>
<li>Correct the problematic settings:
<ol>
<li>Right click the ADSI Edit root and click on Connect to…
<li>Use the following connection point:
<ol>
<li>DC=DomainDNSZones,DC=Company,DC=Com<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLq57kGIr5ZDx76sA7MnuFgMjASK-JRiv6FJVCccML2Js2Abrdk606NeaD8IqhTSHud0Qy8bg1ItiUHteI9cJwganrh0l4bQQYMHSrsLHluT725QP3-EGUvRLz87u_9nKgJQlEmKSQIYM/s1600/FSMO2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLq57kGIr5ZDx76sA7MnuFgMjASK-JRiv6FJVCccML2Js2Abrdk606NeaD8IqhTSHud0Qy8bg1ItiUHteI9cJwganrh0l4bQQYMHSrsLHluT725QP3-EGUvRLz87u_9nKgJQlEmKSQIYM/s1600/FSMO2.JPG" height="316" width="320" /></a></div>
</li>
</ol>
<li>Click on Default Naming Context [DC.Company.Com] to
populate it.
<li>Click on DC=DomainDNSZones,DC=Company,DC=Com folder.
<li>Double click on CN=Infrastructure.
<li>Locate the fSMORoleOwner attribute and click on it.
<li>Click the Edit button.
<li>CTRL+V to paste the correct setting.
<li>Click OK and then Apply.
<li>Repeat steps 2.1-2.9 to correct
DC=ForestDNSZones,DC=Comapny,DC=Com. </li>
</li>
</li>
</li>
</li>
</li>
</li>
</li>
</li>
</li>
</ol>
</li>
</ol>
<br />
Once the above steps were completed on the FSMO Role owner for Infrastructure
I was able to properly demote the DC.khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com49tag:blogger.com,1999:blog-3159566498126734975.post-87019200885439587962014-01-27T09:00:00.000+02:002014-01-27T09:00:02.406+02:00Windows Server 2012 R2 - Virtual hard disk sharing limitations<span class="hps">There is quite a</span> <span class="hps">lot written</span> <span class="hps">about how good</span> <span class="hps atn">the new "</span>virtual <span class="hps">harddisk</span> <span class="hps">sharing"</span> feature <span class="hps">is</span> <span class="hps">in Windows</span> <span class="hps">Server 2012</span> <span class="hps">R2, and</span> <span class="hps">I</span> <span class="hps">agree that</span> <span class="hps">it</span> <span class="hps">is</span> <span class="hps">very good feature</span> <span class="hps">but there is</span> <span class="hps">not as</span> <span class="hps">much written</span> <span class="hps">about the limitations</span>. <span class="hps">When</span> <span class="hps">you</span> <span class="hps">enable</span> <span class="hps">the function</span> <span class="hps">it says</span> <span class="hps">"Some</span> <span class="hps">virtual machine</span> <span class="hps">and</span> <span class="hps">virtual</span> <span class="hps">hard</span> <span class="hps">disk</span> <span class="hps">features</span> <span class="hps">will</span> <span class="hps">be</span> <span class="hps">disabled</span> w<span class="hps">hen</span> <span class="hps">this</span> <span class="hps">setting</span> <span class="hps">is</span> <span class="hps">enabled"</span>. <span class="hps">Already known limititations and already published on other blogs are:</span><br />
<ul>
<li>You cannot do host-level backups of the guest cluster. This is the same as it always was. You will have to install backup agents in the guest cluster nodes and back them up as if they were physical machines.</li>
<li>You cannot perform a hot-resize of the shared VHDX. But you can hot-add more shared VHDX files to the clustered VMs.</li>
<li>You cannot <em>Storage</em> Live Migrate the shared VHDX file. You can move the other VM files and perform normal Live Migration</li>
</ul>
<br />
There are also some limitations for virtual machines managed by VMM:<br />
<ul>
<li>You cannot create a checkpoint on a virtual machine that has shared virtual hard disks.</li>
</ul>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijt_tZtTmqgispcOeIp2b3AmF6P18MBFRie2GuxzIACiFp3Jhr-oh9iuNFrpJxJfFidq-FDc_rnW3N5kEjd3_JXMu3QjMDCY5Abc3ZULHwnm-Lnq3zEdO5w_sK-0xqLrc06twCbGfPtQ8/s1600/VMM1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijt_tZtTmqgispcOeIp2b3AmF6P18MBFRie2GuxzIACiFp3Jhr-oh9iuNFrpJxJfFidq-FDc_rnW3N5kEjd3_JXMu3QjMDCY5Abc3ZULHwnm-Lnq3zEdO5w_sK-0xqLrc06twCbGfPtQ8/s1600/VMM1.JPG" height="115" width="320" /></a></div>
<br />
<br />
<ul>
<li>You cannot change properties of a virtual machine with shared virtual hard disks. </li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSkEUqanUzwUvEPjxQfG0a35pElEJJslg1YAWgLvMBc07DB8l9po1vO-RGcGEaVzI5W7uaaMH5cWCCs9ag2kGTNQdb0MMWoW1tQUSY6sUrPfX7ySyPx-K9iK5DHxelIj-er1m1OCNnyow/s1600/VMM2.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSkEUqanUzwUvEPjxQfG0a35pElEJJslg1YAWgLvMBc07DB8l9po1vO-RGcGEaVzI5W7uaaMH5cWCCs9ag2kGTNQdb0MMWoW1tQUSY6sUrPfX7ySyPx-K9iK5DHxelIj-er1m1OCNnyow/s1600/VMM2.JPG" height="83" width="320" /></a></div>
<br />
<br />
However you can change properties of a virtual machine managed by VMM with powershell.<br />
<ul>
</ul>
khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com1tag:blogger.com,1999:blog-3159566498126734975.post-2701510442802253532014-01-20T09:00:00.000+02:002014-01-20T09:00:03.295+02:00KMS server "STATUS_SUCCESS" error<span class="hps">The error message</span> <span class="hps">below</span> <span class="hps">has to be one</span> <span class="hps">of the most</span> <span class="hps alt-edited">funnier</span> <span class="hps">in a long time</span> <span class="hps">...</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiS029kws7GcPQ_Ld5qPiZtO5I_lurq14lLrBB2_XLLTYFSNM5nZed8VHcyCkdQpLFBLs1wtkD8BT728M_mTHt1DkJUa2lf5lyeP8Xw92ccR4cREn4BJfl-gO03MAoXth9C6TY703Qx3E/s1600/kms3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiS029kws7GcPQ_Ld5qPiZtO5I_lurq14lLrBB2_XLLTYFSNM5nZed8VHcyCkdQpLFBLs1wtkD8BT728M_mTHt1DkJUa2lf5lyeP8Xw92ccR4cREn4BJfl-gO03MAoXth9C6TY703Qx3E/s1600/kms3.JPG" height="271" width="400" /></a></div>
<br />
<br />
<span class="hps">So</span> did<span class="hps"> I succeed </span><span class="hps">or not?</span> <span class="hps">It says</span> <span class="hps atn">"</span><span>Success"</span> <span class="hps">but</span> <span class="hps">at the same time</span> <span class="hps">it's</span> <span class="hps">an error</span><span>.</span> <span class="hps">Confusing</span> <span class="hps">is surely the</span> <span class="hps">least one can say </span><span>;)</span><br /><br /><span class="hps">So what</span> <span class="hps">was</span> <span class="hps">I</span> <span class="hps">doing</span> <span class="hps">then</span><span>?</span> <span class="hps">Well, I was about to</span> <span class="hps">move /</span> <span class="hps">re-install a</span> <span class="hps">KMS</span> <span class="hps">server</span> <span class="hps">on Windows</span> <span class="hps">Server 2012</span> <span class="hps">R2 and</span> <span class="hps">when I got to</span> <span class="hps">the last page and</span> <span class="hps atn">clicked "</span><span>commit</span><span>"</span><span>, I got</span> <span class="hps">the error message.</span><br /><br /><span class="hps">The cause of</span> <span class="hps">the error and</span> <span class="hps">also visible</span> <span class="hps">in the picture below</span> <span class="hps">is that</span> <span class="hps">the wizard</span> <span class="hps">does not enter the </span><span class="hps atn">right "</span><span>KMS</span> <span class="hps">TCP</span> <span class="hps">listening</span> <span class="hps">port"</span> <span class="hps">automatically.</span> <span class="hps">The port</span> <span class="hps">should</span> <span class="hps">be</span> <span class="hps">1688</span> <span class="hps">and</span> if <span class="hps">you enter </span><span class="hps">this the wizard goes through.</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm42rv6Fz-5LEfkiyn8zM4as4K5vZGdNW-EdWAbZWRBCy1sLWZp37ivLb5ymXpvBboi1GvO53bd7RwrcA9vZ7BuJSH2YuL5Pe3shRfirB-mumkSjHgta5OiEeQDkLSwo2FQpRDBVVRVag/s1600/kms2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm42rv6Fz-5LEfkiyn8zM4as4K5vZGdNW-EdWAbZWRBCy1sLWZp37ivLb5ymXpvBboi1GvO53bd7RwrcA9vZ7BuJSH2YuL5Pe3shRfirB-mumkSjHgta5OiEeQDkLSwo2FQpRDBVVRVag/s1600/kms2.JPG" height="270" width="400" /></a></div>
<br />
<br />
<br />
khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com1tag:blogger.com,1999:blog-3159566498126734975.post-26114779146203050932014-01-15T12:25:00.001+02:002014-01-15T16:31:04.169+02:00Empty "Add Storage Devices Wizard" in SCVMM 2012 R2<span class="hps"><span class="hps">The other day</span>, I would <span class="hps">configure an</span> <span class="hps atn">SMI-</span>S <span class="hps alt-edited">connection</span> <span class="hps">from</span> <span class="hps">SCVMM</span> <span class="hps">2012</span> <span class="hps">R2 to</span> <span class="hps">the customer's</span> <span class="hps">HP</span> <span class="hps">P2000</span> <span class="hps">G3</span> <span class="hps">MSA</span> <span class="hps">SAN.</span> <span class="hps">I</span> <span class="hps">could</span> <span class="hps">run through</span> <span class="hps">the "Add</span> <span class="hps">Storage</span> <span class="hps">Devices</span> <span class="hps">Wizard"</span> <span class="hps">and</span> <span class="hps">added the</span> <span class="hps">SAN</span> <span class="hps">without any problem</span> <span class="hps">but it could not</span> <span class="hps">find</span> <span class="hps">neither</span> <span class="hps">vDisk's</span> <span class="hps">or</span> any <span class="hps">LUN's.</span> <span class="hps">I</span> <span class="hps">verified the following</span>:</span><br />
<span class="hps"><br /><span class="hps">•</span> <span class="hps atn">SMI-</span>S <span class="hps">was</span> <span class="hps">enabled</span> <span class="hps">in</span> the <span class="hps">SAN</span><br /><span class="hps">•</span> The <span class="hps">Run As</span> <span class="hps">account</span> <span class="hps">had</span> <span class="hps atn">SMI-</span>S a<span class="hps">ccess</span> <span class="hps">to</span> <span class="hps">the SAN</span><br /><br /><span class="hps"><span class="hps">The solution: To</span> <span class="hps">connect</span> <span class="hps">using Telnet</span> <span class="hps">to the</span> <span class="hps">SAN</span> <span class="hps">and run</span> <span class="hps">the command "reset </span><span class="hps">SMIS</span>-configuration" <span class="hps">for both</span> <span class="hps">controllers</span>. <span class="hps">Next,</span> <span class="hps">the wizard</span> <span class="hps">could</span> <span class="hps">find</span> <span class="hps">vDisk's</span> <span class="hps">and</span> <span class="hps">LUN</span>'s in the <span class="hps">SAN</span><span class="hps">.</span></span></span>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-68296236623004076992013-10-28T08:00:00.000+02:002013-10-28T08:00:02.913+02:00Event ID 12339 and 12344: File Server Resource Manager failed to find claim list<strong>Problem</strong>: You are running a Windows Server 2012 file server and you see the error messages in your logs every 15 minutes or so.<br />
<br />
1) Event ID: 12339<br />
File Server Resource Manager failed to find the claim list 'Global Resource Property List' in Active Directory (ADsPath: <a href="ldap://dc1.domain.local/CN=Global">LDAP://dc1.domain.local/CN=Global</a> Resource Property List,CN=Resource Property Lists,CN=Claims Configuration,CN=Services,CN=Configuration,DC=domain,DC=local). Please check that the claims list configured for this machine in Group Policy exists in Active Directory.<br />
2) Event ID: 12344<br />
File Server Resource Manager finished syncing claims from Active Directory and encountered errors during the sync (0x80072030, There is no such object on the server.) Please check previous event logs for details.<br />
<br />
Solution: You can either upgrade the Active Directory schema to version 56 (Windows Server 2012) or safely ignore the error messages. <br />
<br />
If you can update the schema of your domain. Follow these steps:<br />
<br />
1)<br />
log on to Windows Server 2012 as Administrator of your domain<br />
2)<br />
Copy from "support \adprep" in the media of Windows Server 2012 to "c:\"<br />
3)<br />
run this command<br />
c:\adprep\adprep.exe /forestprepkhellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com1tag:blogger.com,1999:blog-3159566498126734975.post-82663281602010507052013-10-21T08:00:00.000+03:002013-10-21T09:40:15.386+03:00Event ID 12306 FSRM SMTP cannot send email <div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<b style="mso-bidi-font-weight: normal;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span closure_uid_wl772x="146" style="font-family: Calibri;"><span name="subject">File Server Resource Manager Windows Server 2012 - SMTP cannot send email to Exchange Server 2007</span></span></span></b></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
</div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<b style="mso-bidi-font-weight: normal;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span closure_uid_wl772x="146" style="font-family: Calibri;">Problem:</span></span></b></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;">Event ID: 12306</span></span></div>
<div class="MsoNormal" closure_uid_wl772x="193" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;">Event Source: SRMSVC</span></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
</div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;">Event Viewer Application logs: </span></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;">A File Server Resource Manager Service email action could not be run. </span></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
</div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;">Error-specific details:</span></span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;">Error: IFsrmEmailExternal::SendMail, 0x8004531c, Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send as this sender.</span></span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;"></span></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;"><strong>Solution:</strong></span></span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="font-family: Calibri;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="color: white; font-family: Calibri;">The problem is that your file server does not have the rights to authenticate against an Exchange Server using the computer account (domain\computername$ format) account of the server. This computer account must be granted send as permissions on the mailbox that you are trying to send as, or it will fail with this error. What you need to do is to run the command below on the mailbox you would like to send as, on your Exchange server.<br /><br /><br /> Add-ADPermission -Identity "Mailbox Display Name" -user "Domain\ServerName$" -extendedrights "Send-as"</span></span></span></span></div>
khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com1tag:blogger.com,1999:blog-3159566498126734975.post-52079469857898571472013-10-14T08:00:00.000+03:002013-10-14T08:00:04.862+03:00Remove character from folder nameHave you ever needed to remove a character from a bunch of folders? This Powershell script does the trick.<br />
<br />
<br />
<div class="MsoNormal" style="margin: 0cm 0cm 0pt;">
<span lang="EN-US" style="mso-ansi-language: EN-US;"><span style="font-family: Calibri;">Get-ChildItem
-name | ForEach-Object { Move-Item $_ $_.replace("<em>character to remove</em>", "") }</span></span></div>
khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-32312373350670105652013-10-07T08:00:00.000+03:002013-10-07T08:00:01.451+03:00Unable to delete a DC - dcpromo errorDeleting a DC is most of the time a rather straightforward procedure but a few weeks ago i received the error message below trying to uninstall a customers DC. <br />
<br />
"The operation failed because: the attempt at remote directory server serverx.customerdomain.local to remove directory server CN=ServerX,CN=Servers,CN<wbr></wbr>=customerdomain,<wbr></wbr>CN=Sites,C<wbr></wbr>N=Configur<wbr></wbr>ation...<br />
was unsuccessful. <b>"Access is denied"</b><br />
<strong></strong><br />
The account which i was running dcpromo with was both Domain Admin and Enterprise Admin, i could ping the other DC's, i checked with ADSI edit that my account had the rights to delete the DC. Everything seemed ok. <br />
<br />
So what was the problem? I had a look in Sites and Services and found the solution to my problem. The DC had the checkbox "Protect object from accidental deletion" ticked. I unchecked the tickbox and could then run the dcpromo without any problems.khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-64446301248742711612013-10-04T13:26:00.000+03:002013-10-04T13:26:08.458+03:00Windows Server 2008 R2 DHCP problem "The parameter is incorrect"A few weeks ago I was decommissioning a domain controller which had the DHCP server role installed. When I tried to unauthorize the server I received the following error: <br />
<br />
"The parameter is incorrect"<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCLvLpjKdzk_7aP5fQlaEf3gNNQPBFPSk7Oq7FG2aWDsIBhRR0GMgGvDoj8b7G18zjwpgsjSyqySv4gANbH8aAEwtgJ2fIsz5zlP-IMZuRegBJGJtZV-gYfIYSsrVFSDp23XXOyivBtpM/s1600/unauthorize.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="257" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCLvLpjKdzk_7aP5fQlaEf3gNNQPBFPSk7Oq7FG2aWDsIBhRR0GMgGvDoj8b7G18zjwpgsjSyqySv4gANbH8aAEwtgJ2fIsz5zlP-IMZuRegBJGJtZV-gYfIYSsrVFSDp23XXOyivBtpM/s320/unauthorize.PNG" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3AIUE_hHmxKYIq3clDrrv-GuXjhyNpeY5tDOVJsig-HbbBFJMVLpw1cL7icPZF_DNvXZOLl8-C-KAAufqA5_pJIPGEJl5dBNCsXqWf7pvU_DWvRsII2wB_N8jSa8e3qkNLL33VMEzaM8/s1600/dhcp_Error.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3AIUE_hHmxKYIq3clDrrv-GuXjhyNpeY5tDOVJsig-HbbBFJMVLpw1cL7icPZF_DNvXZOLl8-C-KAAufqA5_pJIPGEJl5dBNCsXqWf7pvU_DWvRsII2wB_N8jSa8e3qkNLL33VMEzaM8/s1600/dhcp_Error.PNG" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<ul>
<li>I verified that the server was authorized in Active Directory</li>
<li>I verified that I had sufficient rights to unauthorize the server</li>
</ul>
<br />
These are the steps that solved the problem:<br />
<ol>
<li>Stop DHCP service</li>
<li>Delete the DHCP server object from the DHCP console</li>
<li>Re-add the DHCP server to the DHCP console</li>
<li>Start the DHCP service</li>
<li>Try again to unauthorize the DHCP server</li>
</ol>
khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-87074462682419630472012-08-28T09:48:00.001+03:002013-09-30T17:51:58.653+03:00Are Vmware afraid of Hyper-V 3.0?<span class="hps">For some odd reason</span> <span class="hps">skips</span> <span class="hps">now</span> <span class="hps">Vmware</span> <span class="hps">their</span> <span class="hps alt-edited">yelled at</span> <span class="hps">pricing model, just as Microsoft releases </span>Windows Server 2012. Interesting... :) (article in Swedish)<br />
<br />
<a href="http://www.idg.se/2.1085/1.462441/vmware-slopar-utskalld-prismodell">http://www.idg.se/2.1085/1.462441/vmware-slopar-utskalld-prismodell</a>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-30655075625916624522012-05-21T13:48:00.003+03:002013-09-30T17:52:32.039+03:005 seconds of fameA nice series of articles about System Center 2012 where i have a comment about news and enhanced integration in SCVMM 2012. (article in Swedish)<br />
<br />
<a href="http://techworld.idg.se/2.2524/1.448493/system-center-skolan-lektion-2-en-narmare-titt">http://techworld.idg.se/2.2524/1.448493/system-center-skolan-lektion-2-en-narmare-titt</a>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com1tag:blogger.com,1999:blog-3159566498126734975.post-30414070493881320452012-02-21T16:51:00.003+02:002013-09-30T18:00:29.060+03:00How to route between internal networks in Hyper-V<span class="hps">If you have a</span> <span class="hps">Hyper-V</span> <span class="hps">lab environment</span> <span class="hps">and want to make</span> <span class="hps">it</span> <span class="hps">a little</span> <span class="hps">more like</span> <span class="hps">a corporate network</span> <span class="hps alt-edited">then</span> <span class="hps">you</span> <span class="hps">might</span> <span class="hps">want to</span> <span class="hps">set up multiple</span> <span class="hps">networks and</span> <span class="hps">routing</span> <span class="hps">between</span> <span class="hps">them.</span> <span class="hps">But how</span> would you accomplish that<span>?</span> <span class="hps">There are different</span> <span class="hps">ways to solve it</span> <span class="hps">as</span> <span class="hps">a</span> <span class="hps">Vyatta</span> <span class="hps">router</span> <span class="hps">(or any other</span> <span class="hps">small</span> <span class="hps">Linux firewall</span><span>) or perhaps</span> <span class="hps">a</span> <span class="hps">Forefront</span> <span class="hps">TMG</span><span>.</span> <span class="hps">The way</span> <span class="hps">that I chose</span> <span class="hps">and</span> <span class="hps">that</span><span>'s very simple</span><span>, you can read</span> <span class="hps">about</span> <span class="hps">on</span> <span class="hps">the following</span> <span class="hps">page</span><span>.</span><br />
<br />
<a href="http://www.infotechguyz.com/server2008/hypervrouting.html">http://www.infotechguyz.com/server2008/hypervrouting.html</a>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-42993471329276168042012-02-20T16:19:00.000+02:002013-11-05T10:36:53.612+02:00How to configure NTP server for Windows Server 2008 R2<span class="hps">To configure the</span> <span class="hps">NTP server</span> <span class="hps">in Windows is</span> <span class="hps">not exactly</span> <span class="hps">complicated, but</span> <span class="hps">because you get</span> <span class="hps">various</span> <span class="hps">different suggestions</span> <span class="hps">when</span> <span class="hps">googling</span> <span class="hps">I thought</span> <span class="hps">I would just write</span> <span class="hps">a</span> <span class="hps">short tutorial</span> <span class="hps">that I know</span> <span class="hps">works.</span> <span class="hps">Instruction is</span> <span class="hps">verified</span> <span class="hps">on Windows Server</span> <span class="hps">2008 R2.</span> <span class="hps">What is needed</span> <span class="hps">is essentially</span> <span class="hps">three</span> <span class="hps">short lines</span>:<br />
<br />
<pre>w32tm /config /manualpeerlist:pool.ntp.org,0x8 /syncfromflags:MANUAL
net stop w32time
net start w32time</pre>
<br />
Don't forget to disable time sync if you have virtual server. <br />
<br />
<span class="hps">Which</span> <span class="hps">NTP</span> <span class="hps">Server</span> <span class="hps">should you </span><span class="hps">choose?</span> <span class="hps">Or</span> <span class="hps">should you choose</span> <span class="hps">several</span>? <span class="hps">Yes,</span> <span class="hps">redundancy</span> <span class="hps">is never wrong</span>, and considering <span class="hps">how easy it is</span> <span class="hps">to set up several,</span> <span class="hps">it is preferred</span>. <span class="hps">SP</span> <span class="hps">Technical Research Institute</span> <span class="hps">provides a free</span> <span class="hps atn">time </span>sync <span class="hps">service.</span><br />
<br />
So, tell me. <span class="hps">Give me an example</span>. <span class="hps alt-edited">Coming</span> <span class="hps">below</span> <span class="hps">...</span><br />
<span class="hps">Run the following</span> <span class="hps">in</span> <span class="hps">a</span> <span class="hps">elevated</span> <span class="hps">command prompt</span>:<br />
<br />
<pre>w32tm /config /manualpeerlist:"ntp1.sp.se,0x8 ntp2.sp.se,0x8" /syncfromflags:MANUAL</pre>
<span style="font-family: "Courier New", Courier, monospace;">net stop w32time<br />net start w32time</span><br />
<br />
<span class="hps">P.S.</span> <span class="hps">One tip is</span> <span class="hps">of course</span> <span class="hps">to check</span> <span class="hps">the system log</span> <span class="hps alt-edited">afterwards</span> <span class="hps">to see</span> <span class="hps">that</span> the time sync <span class="hps">seems to work.</span>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-68593545497093156912011-09-15T15:22:00.000+03:002013-10-03T14:49:25.286+03:00How to export a list of users from an Active Directory group<span a="undefined" c="4" closure_uid_ornxji="148" id="result_box" lang="sv" td="null"><span class="hps" closure_uid_ornxji="88" td="null"><span class="hps">Every now</span> <span class="hps">and then you will</span> <span class="hps">come</span> <span class="hps">across</span> <span class="hps">these little</span> <span class="hps">annoying</span> <span class="hps">problems while working</span> <span class="hps">with Active Directory,</span> <span class="hps">which</span> <span class="hps">should be easy to</span> <span class="hps">solve</span> <span class="hps">but</span> <span class="hps">requires special tools</span><span>,</span> <span class="hps">for example, that</span> <span class="hps">there is no</span> <span class="hps">way to export</span> <span class="hps">all</span> <span class="hps">members of a group</span> <span class="hps">in Active Directory</span> <span class="hps">Users</span> <span class="hps">& Computers</span> <span class="hps">.</span> <span class="hps">That's when</span> <span class="hps atn">"</span><span>dsquery</span><span class="atn">" and "</span><span>dsget</span><span>" comes</span> <span class="hps">into the picture.</span> <span class="hps">Here is</span> <span class="hps">how to</span> <span class="hps">list</span> <span class="hps">all members of</span> <span class="hps">a particular group.</span></span></span><br />
<br />
<span a="undefined" c="4" closure_uid_ornxji="148" lang="sv" td="null"><span class="hps" closure_uid_ornxji="139" td="null">List all members of the group "MYGROUP":</span></span><br />
<br />
<span a="undefined" c="4" closure_uid_ornxji="148" lang="sv" td="null"><span class="hps" closure_uid_ornxji="139" td="null"><em>dsquery group -name MYGROUP | DSGET group -members</em><br />
<br />
<span class="hps">You can always</span> <span class="hps">send the results</span> <span class="hps">to a text file</span> <span class="hps">by adding</span> "> mygroup-members.txt" in the end.</span></span>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-47691744201275318312011-03-22T11:32:00.000+02:002013-10-03T14:54:14.838+03:00Shortcut key for new folder<span class="hps">Something</span> <span class="hps">that I</span> have <span class="hps">always missed</span> <span class="hps">in</span> <span class="hps">Windows Explorer</span><span>, and</span> <span class="hps">today</span> <span class="hps">found out</span> is <span class="hps">that there</span> <span class="hps">is now a shortcut</span> <span class="hps">to create</span> <span class="hps">a new folder</span><span>!</span><br />
<br />
<ul>
<li> CTRL + Shift + N: Creates a new folder in Windows Explorer</li>
</ul>
Requires at least Windows Server 2008 R2 or Windows 7.khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-82152253974762017902011-03-17T14:44:00.000+02:002013-10-03T14:58:15.172+03:00Hidden computers in WSUS<span class="hps">Client machines </span><span class="hps">created</span> <span class="hps">from</span> <span class="hps">an</span> <span class="hps">image</span> <span class="hps">with</span> <span class="hps">a duplicate</span> <span class="hps">client ID</span> <span class="hps">appears only</span> <span class="hps">once</span> <span class="hps">in the WSUS</span> <span class="hps">admin</span> <span class="hps">console</span><span>.</span> <span class="hps">Each client</span> <span class="hps">must have a unique</span> <span class="hps">ID generated</span> <span class="hps">for</span> <span class="hps">each individual installation.</span> <span class="hps">WSUS</span> <span class="hps">admin</span> <span class="hps">console</span> <span class="hps">will</span> <span class="hps">display only one</span> <span class="hps">client for each</span> <span class="hps">unique ID.</span> <span class="hps">If you have</span> <span class="hps">multiple clients</span> <span class="hps">created from</span> <span class="hps">an</span> <span class="hps">image</span> <span class="hps">that share the</span> <span class="hps">same ID</span><span>, only one</span> <span class="hps">appears in the</span> <span class="hps">WSUS</span> <span class="hps">admin</span> <span class="hps">console</span><span>.</span> <span class="hps">All</span> <span class="hps">clients</span> <span class="hps">will check in</span> <span class="hps">and</span> <span class="hps">receive updates</span><span>, but only one</span> <span class="hps">will appear</span> <span class="hps">and display the status</span> in<span class="hps"> the</span> <span class="hps">WSUS</span> <span class="hps">admin</span> <span class="hps">console.</span> <span class="hps">In cases</span> <span class="hps">where clients</span> <span class="hps">do not check in</span><span>,</span> <span class="hps">and</span> <span class="hps">they were created</span> <span class="hps">from</span> <span class="hps">an</span> <span class="hps">image</span><span>,</span> <span class="hps">the following steps will</span> <span class="hps">restore the</span> <span class="hps">existing</span> <span class="hps">duplicate</span> <span class="hps">client ID.</span><br />
<span class="hps"></span><br />
<br />
<span title="Klicka om du vill visa alternativa översättningar">a. Run regedit and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate<br />
b. Delete the PingID, SUSClientID and the AccountDomainSID values<br />
c. Stop and start the Wuauserv Service<br />
d. From the command prompt run: wuauclt /resetauthorization /detectnow</span><span title="Klicka om du vill visa alternativa översättningar"></span>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-64544292878059643122011-02-01T12:03:00.000+02:002013-10-03T15:03:15.175+03:00Automatic creation of user folders for home, roaming profile and redirected folders<span class="hps">Every now and then</span> <span class="hps">I get</span> <span class="hps">the question:</span><span class="hps"> "how do you</span> <span class="hps">automatically</span> <span class="hps">create</span> <span class="hps">user</span> <span class="hps">home</span> <span class="hps">folder</span><span>,</span> <span class="hps">roaming</span> <span class="hps">profile</span> <span class="hps">and/or</span> <span class="hps">redirected</span> <span class="hps">folders?".</span> <span class="hps">Luckily,</span> <span class="hps">Microsoft</span> <span class="hps">Directory Services</span> <span class="hps">team</span> <span class="hps">posted</span> <span class="hps">a</span> <span class="hps">very</span> <span class="hps">good</span> <span class="hps">article on this</span><span>.</span><br />
<br />
<a href="http://blogs.technet.com/b/askds/archive/2008/06/30/automatic-creation-of-user-folders-for-home-roaming-profile-and-redirected-folders.aspx">http://blogs.technet.com/b/askds/archive/2008/06/30/automatic-creation-of-user-folders-for-home-roaming-profile-and-redirected-folders.aspx</a>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-15904989141795636622011-01-25T17:09:00.000+02:002013-10-03T15:10:16.096+03:00How to install network shared printer in Windows 7 without admin rights<span class="hps">In Windows XP</span><span>, you can</span> <span class="hps">install a network printer</span> <span class="hps atn">as a "</span><span>normal" user</span> <span class="hps">but</span> <span class="hps">not</span> <span class="hps">in Windows 7.</span><span class="hps"> Windows 7 and</span> <span class="hps">Windows Server 2008 R2</span> <span class="hps">requires that the</span> <span class="hps">printer installation</span> <span class="hps">package</span> <span class="hps">is</span> <span class="hps">digitally signed</span> <span class="hps">or</span> <span class="hps">built into Windows</span><span>.</span> <span class="hps">This means that</span> <span class="hps">most printers</span> <span class="hps">can not</span> be added by <span class="hps">a</span> <span class="hps">normal user</span> <span class="hps">without administrator</span> <span class="hps">rights</span> <span class="hps">on their computer.</span> <span class="hps">Microsoft</span> <span class="hps">has written</span> <span class="hps">an excellent article on</span> <span class="hps">how to make a</span> <span class="hps">Group Policy</span> <span class="hps">that allows</span> <span class="hps">ordinary users</span> <span class="hps">with Windows 7</span> <span class="hps">to install the</span> <span class="hps">printer</span> <span class="hps">without having to be</span> <span class="hps">an administrator</span> <span class="hps">on their computer.</span><br />
<br />
<br />
<a href="http://technet.microsoft.com/en-us/library/cc753269.aspx">http://technet.microsoft.com/en-us/library/cc753269.aspx</a>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0tag:blogger.com,1999:blog-3159566498126734975.post-37996834690759949832011-01-10T12:03:00.000+02:002013-10-03T15:13:13.355+03:00How to manage KMS activation in an environment with multiple domains<span class="hps">To successfully</span> <span class="hps">launch a</span> <span class="hps">KMS</span> <span class="hps">server</span> <span class="hps">is usually</span> <span class="hps">pretty</span> <span class="hps">straightforward</span><span>, but if you</span> <span class="hps">have multiple</span> <span class="hps">domains that</span> <span class="hps">KMS</span> <span class="hps">server needs to</span> <span class="hps">handle.</span> <span class="hps">How</span> <span class="hps">do you do</span><span>?</span> <span class="hps alt-edited">That</span> <span class="hps">has</span> <span class="hps">Shariq</span> <span class="hps">Sheik</span> written <span class="hps">a good article</span> <span class="hps">about.</span><br />
<br />
<a href="http://www.shariqsheikh.com/blog/index.php/201008/can-one-kms-server-activate-clients-in-multiple-domains/">http://www.shariqsheikh.com/blog/index.php/201008/can-one-kms-server-activate-clients-in-multiple-domains/</a>khellmanhttp://www.blogger.com/profile/14957191780573006714noreply@blogger.com0