Thursday, August 25, 2011

Using "Load Hive" modifies the user registry

In Registry Editor, we can use "Load Hive" to load the user registry setting. After loading the user registry, we can modify the settings which are affected the user.

Assuming that Administrator would like to modify Peter's registry.

1. At a Windows, log in as Administrator.
2. Launch "Registry Editor".
3. Select "HKEY_Users".
4. On the menu, click "File > Load Hive".
5. Navigate to "Peter Directory", select "NTUSER.DAT".


6. Click "Open".
7. Under "Key Name", type "Peter".


Now, you can modify Peter'registry. 
8. After modifying Peter's registry, select "Peter". 
9. On the menu, click "File > Unload Hive" to save the settings of Peter's registry.

This posting is provided “AS IS” with no warranties, and confers no rights!

Wednesday, August 24, 2011

Using "Newsid.exe" with your Windows Server 2003 or Windows XP template

In VM environment, you can make a template for deploying. After deploying the template, the Windows has to be generated a new sid.

What is new sid?
NewSID is a program that changes a computer's SID. It is free and is a Win32 program, meaning that it can easily be run on systems that have been previously cloned.

Download link

Lab
1. Download and save newsid.exe as C:\Windows\System32.
2. Launch "Windows Explorer".
3. Navigate to "C\Windows\System32".
4. Right-click "newsid.exe", select "Properties".
5. Click "Unblock".


6. Click "OK".
7. Double-click "newsid.exe".
8. Click "Agree".
9. Click "Cancel".
10. Close "Windows Explorer".
11. Launch "Registry Editor".
12. Navigate to "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce"
13. Right-click "Runonce", select "New > String Value".
14. Enter the name as "Newsid".
15. Double-click "Newsid".
16. Under "Value data", type ["C:\Windows\System32\newsid.exe"].


17. Click "OK".


18. Close "Registry Editor".
19. Shut down this computer.

Now, you can make this computer be a VM template.

When you deploy a new computer from this template, the "newsid.exe" will run after you log in.


This posting is provided “AS IS” with no warranties, and confers no rights!

Sunday, August 21, 2011

Using Active Directory Load Balancing tool (ADLB) to rebalance inbound connections for Windows Server 2003 and Windows Server 2008 domain controllers

In pre-Windows Server 2008 R2, inbound connections from sites typically targeted one domain controller in the hub site with requests.

DC01

DC11

DC21

DC31

Remark: Every domain controller installed Windows Server 2003 is  a bridgehead server in my lab.

For more information for Bridgehead Server selection improvements, please read the following articles:

Bridgehead server selection

Bridgehead Server Selection Improvements in Windows Server 2008 and Windows Server 2008 R2

To solve the above problem, we can run the "Active Directory Load Balancing" tool to rebalance inbound connections in the hub site.

When should we use Active Directory Load Balancing tool?

According to the document, Planning the Physical Structure for a Branch Office Deployment, of Microsoft , if the number of sites is greater than 50 and less than or equal to 200, you should use the ADLB tool.

As soon as you begin your deployment, you can start using ADLB to keep your intersite replication optimized as you continue to add more sites. Use ADLB to optimize your site replication whenever your environment is changing, such as during the deployment process. After you are finished making all of the changes, however, you should stop using ADLB on a daily basis and run it only as needed. For example, during deployment operations, set up a scheduled task to run ADLB once a day. After you have finished the deployment, remove the task from the schedule.

Active Directory Load Balancing tool is included in Windows Server 2003 Resource Kit.

Download link:

How to use it
1. Download and install Windows Server 2003 Resource Kit in a domain controller being in Hub site.
2. Launch the "Command Shell" of Windows Server 2003 Resource Kit.
3. Perform "adlb /server:%computername% /site:<Hub Site Name> /log:C:\adlb.txt /v


4. Launch "Active Directory Sites and Services" to verify the result.

DC01

DC11

DC21

DC31

As a result, the inbound connections are rebalanced.

This posting is provided “AS IS” with no warranties, and confers no rights!

Saturday, August 20, 2011

Service Control Manager (Event ID 7000) in Windows Server 2008 R2 installed Backup Exec 2010 R3

In my production environment, one of the servers is installed Backup Exec 2010 R3 with Library Expansion Option and select to use "Symantec device drivers for all tape devices".


Symptom
After I restarted the server, I found there are a lot of error events in System log of Event Viewer.



Cause
I found the reference form Symantec. It said that "SCSIChanger is a driver of Backup Exec for the robotic library support and depends on SCSI Mini port class. During start of SCSIChanger, Windows 2008 R2 server requests to start all of the SCSI Mini port class device drivers and reports the startup failure even though the devices are not connected".

Solution
Symantec provides the following solutions for us:
1. The messages can be ignored safely because the devices are not connected to the server.

or 

2. To disable the message please perform one of following:
A) Do not install the robotic library support if a robotic library is not connected to the server.
B) Change start type of the drivers registry to 0x4 (disabled)

For security audit issue, I have to change all start type of the drivers registry to 0x4 (disabled).


Reference:
Startup failures are reported for SCSI mini port device drivers when a Media Server is running on Windows Server 2008 R2

Event ID 7000 or 7026 is logged in the System log on a computer that is running Windows 7, Windows Vista, Windows Server 2008 R2, or Windows Server 2008

CurrentControlSet\Services Subkey Entries
http://support.microsoft.com/kb/103000

This posting is provided “AS IS” with no warranties, and confers no rights!

HP Fibre Channel (Event ID 6) in Windows Server 2008 R2

If a HP Fibre Channel card doesn't connect to fibre switch, the windows generates Event ID 6 in the event log.


Make sure the connectivity of the fibre card and fibre switch.

This posting is provided “AS IS” with no warranties, and confers no rights!

Thursday, August 18, 2011

Performance Logs and Alerts (Event ID 2004) in Windows Server 2003

Symptom
In my production environment, when I try to run the counter log, it shows the following error message.


I launched the Event Viewer and checked the Application Log. I found the warning log which is Event ID 2004.


Solution
1. At the server, launch "Windows Explorer".
2. Navigate to the directory saved logs.
3. Right-click the directory, select "Properties".
4. Select "Security" tab.


5. Make sure "NETWORK SERVICE" account is added and assigned "Allow - Modify".

If the "NETWORK SERVICE" account is removed, it shows the above error when you start the counter log.

This posting is provided “AS IS” with no warranties, and confers no rights!

Monday, August 15, 2011

How to view Flexible Single Master Operations (FSMO) quickly

We can perform the following command to view fsmo.

1. At a domain controller, log in as Domain Administrator.
2. Launch "Command Prompt".
3. Enter "netdom query fsmo".


This posting is provided “AS IS” with no warranties, and confers no rights!

How to check which domain controller you are logged in

We can perform the following command to check which domain controller you are logged in.

1. At a workstation, launch "Command Prompt".
2. Enter "Set logonserver".


3. Or enter "echo %logonserver%".


This posting is provided “AS IS” with no warranties, and confers no rights!

Saturday, August 13, 2011

Installing Linux Integration Services Version 3.1

Microsoft released "Linux Integration Services Version 3.1" on 27-Jul-2011. This version of Linux Integration Service supports the following operating systems and virtual CPU (vCPU) configurations:

Red Hat Enterprise Linux 6.0 and 6.1 x86 and x64 (Up to 4 vCPU)
CentOS 6.0 x86 and x64 (Up to 4 vCPU)

Linux Integration Services for Hyper-V provides the following functionality:

  • Driver support: Linux Integration Services supports the network controller and the IDE and SCSI storage controllers that were developed specifically for Hyper-V.
  • Fastpath Boot Support for Hyper-V: Boot devices now take advantage of the block Virtualization Service Client (VSC) to provide enhanced performance.
  • Timesync: The clock inside the virtual machine will remain synchronized with the clock on the virtualization server with the help of the pluggable time source device.
  • Integrated Shutdown: Virtual machines running Linux can be shut down from either Hyper-V Manager or System Center Virtual Machine Manager by using the “Shut Down” command.
  • Symmetric Multi-Processing (SMP) Support: Supported Linux distributions can use up to 4 virtual processors (VP) per virtual machine.
  • Heartbeat: Allows the virtualization server to detect whether the virtual machine is running and responsive.
  • KVP (Key Value Pair) Exchange: Information about the running Linux virtual machine can be obtained by using the Key Value Pair exchange functionality on the Windows Server 2008 virtualization server.

Remark: SMP supports is not available for 32-bit Linux guest operating systems running on Windows Server 2008 Hyper-V or Microsoft Hyper-V Server 2008.

Download link:

Installing Linux Integration Services
Prerequisites
Before installing the linux which is CentOS or Red Hat Enterprise, you have to install "Legacy Network Adapter" for this VM. You must not install the "synthetic network adapter". If you install "synthetic network adapter" for the VM, you can't find the network adapter for which you installed the Linux Integration Services.


Lab
Assuming the CentOS was installed.
1. Insert "Linux IC v3.0" into the CentOS VM.
2. Log in as root.
3. Enter "ifconfig".


CentOS can't detect the network adapter.

4. Enter "mount /dev/cdrom /media/" to mount the CD.


5. For 32-bit Linux, enter the following commands to install "Linux Integration Services".

rpm -ivh /media/x86/kmod-microsoft-hyper-v-rhel6-60.1.i686.rpm
rpm -ivh /media/x86/microsoft-hyper-v-rhel6-60.1.i686.rpm

6. For 64-bit Linux, enter the following commands to install "Linux Integration Services".

rpm -ivh /media/x86_64/kmod-microsoft-hyper-v-rhel6-60.1.x86_64.rpm


rpm -ivh /media/x86_64/microsoft-hyper-v-rhel6-60.1.x86_64.rpm


7. Enter "nano /etc/sysconfig/network-scripts/ifcfg-eth0" to edit the network adapter.
8. Modify the content as the following:

DEVICE="seth0"
HWADDR="<Default MAC address>"
NM_CONTROLLED="no"
ONBOOT="yes"
TYPE=Ethernet
NAME="Seth0"
IPADDR="<IP Address>"
NETMASK="<Subnet Mask>"
GATEWAY="<Gatewat IP>"


9. Press "Ctrl + O" to save.
10. Press "Ctrl + X" to exit nano.
11. Enter "halt" to shut down the VM.
12. Edit the VM hardware setting.


13. Write down the current MAC address, remove the "Legacy Network Adapter".
14. Add a Network Adapter.
15. Select "Network Adapter".
16. Next to "MAC Address", select "Static".
17. Type the MAC address which you wrote down.


18. Click "OK".
19. Power on the VM.
20. Log in as root.
21. Enter "ifconfig".


The Linux Integration Services was installed in the CentOS and the "synthetic network adapter" work properly.

This posting is provided “AS IS” with no warranties, and confers no rights!

Friday, August 12, 2011

Do you trust this printer in Windows 7

When a user add the network printer in Windows 7, the user will see the "Do you trust this printer" popup.


After clicking "Install driver", the user has to enter the administrator user name and password.


To solve this problem, we need to modify the group policy settings.

1. At a domain controller, log in as Domain Administrator.
2. Launch "Group Policy Management Console".
3. Right-click the group policy which is assigned to workstations, select "Edit".
4. Expand "Computer Configuration > Policies > Administrative Templates > Printers".


5. At right pane, double-click "Point and Print Restrictions".
6. Select "Enabled".
7. Next to "When installing drivers for a new connection", select "Do not show warning or elevation prompt".
8. Next to "When updating drivers for an existing connection", select "Do not show warning or elevation prompt".


9. Click "OK".
10. Close "Group Policy Management Editor".

After workstations received the policy, it doesn't show  "Do you trust this printer" popup when a user add a network printer.

Reference:

How to find World Wide Name (WWN) in Windows Server 2008 and 2008 R2

In Windows Server 2003, you have to install "Fibre Channel Information Tool". Perform "fcinfo" to find the  World Wide Name (WWN). In Windows Server 2008 or 2008 R2, you can use "Storage Explorer" to show the WWN.

1. At the server, launch "Storage Explorer".
2. Expand "Storage Explorer > Servers > <Server Name>".


Related post:

This posting is provided “AS IS” with no warranties, and confers no rights!

Sunday, August 7, 2011

Inter-Site Topology Generator

The Inter-Site Topology Generator (ISTG), which is responsible for managing the inbound replication connection objects for all bridgehead servers in the site in which it is located. There is only 1 Inter-Site Topology Generator per site and the first server in the site becomes the ISTG for the site.

Connection objects for bridgehead servers for inter-site replication are created differently. The KCC on one domain controller (regardless of the domain) in each site is responsible for reviewing the inter-site topology and creating inbound replication connection objects as necessary for bridgehead servers in the site in which it resides. This domain controller is known as the Inter-Site Topology Generator (ISTG). The domain controller holding this role may not necessarily also be a bridgehead server.

When the ISTG determines that a connection object needs to be modified on a given bridgehead server in the site, the ISTG makes the change to its local Active Directory copy. As part of the normal intra-site replication process, these changes propagate to the bridgehead servers in the site. When the KCC on the bridgehead server reviews the topology after receiving these changes, it translates the connection objects into replication links that Active Directory uses to replicate data from remote bridgehead servers.

Reference:

We can determine the ISTG by the following steps:
1. At a domain controller, log in as Domain Administrator.
2. Launch "ADSI Edit".
3. Right-click "ADSI Edit", select "Connect to".
4. Next to "Select a well known Naming Context", select "Configuration".


5. Click "OK".
6. Expand "Configuration > CN=Configuration,DC=<Domain>,DC=com > CN=Sites > CN=<Site Name>.


7. At right pane, right-click "CN=NTDS Site Settings", select "Properties".
8. Next to "interSiteTopologyGenerator".


9. Click "Edit".


10. You can modify the "CN=<Server Name>", click "OK" twice.

Remark: This option is per site setting.

Reference:
http://support.microsoft.com/kb/224599

This posting is provided “AS IS” with no warranties, and confers no rights!