Pages

Monday, November 25, 2013

Extend virtual machine partition and create single vmdk file from multiple files

As most of you are using VmWare for your day-today testing.
Sometimes you may have face the following issues and may be get angry.

1.  You have vmdk files spitted into 2GB files
     (suppose your HDD is of 40GB then you will 20 Vmdk files)
2.  You have created 10GB Vmdk file and afterward you require more HDD space.

Today in this blog I will just share with you few techniques to fix the above issues. 

                          How To create one vmdk file from multiple files

Please follow the following steps to create one Vmdk file from multiple files.

Step1.  Copy the vmware-vdiskmanager from vmware server/workstation edition to          
             %systemroot%\system32.you can get this by
             
           Going into C:\Program Files\VMware\VMware Server>
             or
            Going into C:\Program Files\VMware\VMware Workstation>  
            or
          You can also search for vmware-vdiskmanager from the Vmware installation folder

Step2:  After copying the exe file just run the following command.

C:\>vmware-vdiskmanager -r G:\VmS\2003_server\Windows_Server_2003-000001.vmdk –t 2 H:\mysinglefile.vmdk


{G:\ is the source drive folder where you have all the splitted 2Gb vmdk files.
H:\mysinglefile.vmdk is the location where it will create a single vmdk file.}


Step 3: After that run the Vm machine, if it gave some error message then try to 
            browse that single Vm disk.If still the error comes then  just create a new
            VM machine and after creating the new machine just replace the HDD of
            the newly created machine with the HDD (single vmdk file that you have  
            created).It will work.




                                   How To increase space of single vmdk file

There are two ways to do this 


1. Command based
2  GUI based

Command Based:

Step1:- Turn off the virtual machine;
Steps2:-Commit/remove all the snapshots if any. 
Step3:-Open a Command Prompt and go to:  

C:\Program Files\VMWare\VMWare Server or C:\Program Files\VMware\VMware Workstation

or if you have already copied this file to system32 folder then simply run the below command. 

Step4:-Run this command to expand the virtual disk:

vmware- vdiskmanager -x 12GB "My harddisk.vmdk"

Step5:-This only expands the disk and not the partition, you'll need to resize the partition
           table as well. This can be done by 3rd party tools like 'Partition Magic, but also
           with Diskpart.exe, a tool of Windows.
  
Step6:- Type the following commands to extend the partition.
             Power on the Virtual machine
       
1.      Open a Command Prompt and type:
diskpart
2.      Type:
list volume
Remember the volume number of your volume
3.      Type:
select volume <volume number>
4.      Type:
extend 

GUI Based

To extend the disk using GUI interface

Step1:- Power off the machine
Step2:-Goto the "Edit virtual machine setting" option on the main page.
Step3:- Click on the Hard Disk
Step4:- On the right hand side click on Utilities as shown below

Step5:- Click on expand and mention how much total space you require.Click OK
             It will start extending the disk

Step6:- Use the diskpart.exe utility to extend the partition.

Windows Server 2008 R2 Offline Domain Join

Today will share a nice feature of windows server 2008 R2 i.e. offline domain join.With the help of this new feature you can join any system in the domain without contacting the domain controller that mean if the client is not in contact with the DC , still it can be added into the Active directory.

Offline domain join is a new process that computers that run Windows 7 or Windows Server 2008 R2 can use to join a domain without contacting a domain controller. This makes it possible to join computers to a domain in locations where there is no connectivity to a corporate network

Requirements

You can run Djoin.exe only on computers that run Windows 7 or Windows Server 2008 R2. The computer on which you run Djoin.exe to provision computer account data into AD DS must be running Windows 7 or Windows Server 2008 R2. The computer that you want to join to the domain must also be running Windows 7 or Windows Server 2008 R2. 


By default, Djoin.exe commands target the domain controller that runs Windows 2k8 R2.However we can also use optional /downlevel parameter if we have to target the DC that is running older version than 2008 R2.

Two steps


There are basically two steps necessary to offline domain join a computer. First, you have to create the computer account in Active Directory. This process is called “provisioning.” The easiest way to do that is on an R2 domain controller. Djoin will create a base 64-encoded metadata as text file. This file then has to be used to offline domain join the Windows 7 machine.

Provisioning


The command to provision the computer account on an R2 domain controller looks like this:

C:\Users\Administrator\Desktop>djoin /provision /domain dc1.com /machine client1 /savefile domain_join.txt


This command will add a computer account named client1 in the AD database that can be seen on AD console.

NOTE:-If you don’t have a Windows Server 2008 R2 domain controller, you can run djoin.exe with the /downlevel parameter on a Windows 7 machine that is already a domain member.

 
Offline domain join


Then you have to copy that txt to the computer that has to be joined to the domain and launch this command:

C:\Users\Administrator\Desktop>djoin /requestODJ /loadfile domain_join.txt /windowspath %SystemRoot% /localos

 

Note:Issuing the above command on a domain controller will result in a broken Active Directory Domain Controller with the only option left is demote/promote.


After issuing the above command you need to reboot the system and the system will be in the domain now.


You can get more parameters by using djoin help

C:\Users\Administrator\Desktop>djoin //
Usage: djoin.exe [/OPTIONS]

  /PROVISION  - Provision a computer account in the domain
      /DOMAIN <Name> - <Name> of the domain to join
      /MACHINE <Name> - <Name> of the computer joining the domain
      /MACHINEOU <OU> - Optional <OU> where the account is created
      /DCNAME <DC> - Optional <DC> to target for account creation
      /REUSE - Reuse any existing account (password will be reset)
      /SAVEFILE <FilePath> - Save provisioning data to a file at <FilePath>
      /NOSEARCH - Skip account conflict detection, requires DCNAME (faster)
      /DOWNLEVEL - Support using a Windows Server 2008 DC or earlier
      /PRINTBLOB - Return base64 encoded metadata blob for an answer file
      /DEFPWD - Use default machine account password (not recommended)

  /REQUESTODJ  - Request offline domain join at next boot
      /LOADFILE <FilePath> - <FilePath> specified previously via /SAVEFILE
      /WINDOWSPATH <Path> - <Path> to the Windows directory in an offline image
      /LOCALOS - Allows /WINDOWSPATH to specify the locally running OS.
                 This command must be run as a local Administrator.
                 This option requires a reboot for changes to be applied.

Offline Hardware diagnostic test on HP servers

Guys, Very useful article.Just wanna share with you.

The HP Insight Diagnostics utility is a Hardware diagnostic tool available with HP SmartStart CDs. You can launch this tool by booting to HP SmartStart CD. HP Insight Diagnostics tool is helpful when you do the hardware troubleshooting on a server.
 
HP Insight Diagnostics (Using SmartStart CD) is also used  to check if all the hardware devices installed on your Server is recognized by the server OR functioning properly.

Offline Hardware test using SmartStart CD:

1. Boot the server using Smart Start CD (It might take some time, be patient!) SmartStart CD boot 2. Now you will be at Language and Keyboard Selection page.
3. Select language as English (US), keyboard layout as US English and click Next. SmartStart CD Language Selection4. Accept HP EULA by clicking Agree button (You have no choice here lol  :D )SmartStart CD EULA5. Now you are the Home page of SmartStart CD (Check below provided screenshot)
6. Click on Maintenance button. SmartStart CD Home7. Now you are at the Maintenance Options window (Check below provided screenshot)
8. Select HP Insight Diagnostics. SmartStart CD Maintanance window9. HP Insight Diagnostics window will load and generate hardware report in a moment. SmartStart CD Insight Diagnosis10. Now you will be at the System Survey main page.
SmartStart CD Survey window updated
11. Click on the Test tab. You will be at the below provided screen.
12. Click on Complete Test tab.
SmartStart CD Hardware Offline test13. Select Test mode as Unattended
14. Ensure that the option Stop on first error is unchecked.
15. Set the Number of loops to 15 (Set 7 as minimum)
Note:-The above step is the main step ( 1 loop takes approx 1.5hrs-2hrs depend on your hardware)
SmartStart CD Hardware Offline Complete test tab
16. Select All Devices in the list of devices
17. Click on Begin Testing button
HP SmartStart CD Offline Start the test
18. Now the test will run on all hardware. This process might take hours to complete.
      To save the logs you must require external drive.
HP SmartStart CD Offline test completed
19. Click on the Logs tab
20. Click on the Diagnosis Log sub-tab.
21. Click Save to save the report.
HP SmartStart CD Diagnosis logs
22. Click on the Test Log sub-tab.
23. Click Save to save the report.
Hp SmartStart CD Test log
24. Click on the Error Log sub-tab.
25. Click Save to save the report.
Hp SmartStart CD Error logs
26. Also save the Integrated Management Log.
27. To save the report, click on Save button at the bottom of page.
SmartStart CD IML logs28. Success!! You have generated all the Offline diagnostics logs!
29. Click on Exit Diagnostics button.
30. Reboot/Restart you Server.

How RPC Works

Hello Guys, Today will share some idea about how RPC works.

An RPC service configures itself in the registry with a universally unique identifier (UUID). UUIDs are well-known identifiers, unique for each service and common across all platforms. When an RPC service starts, it obtains a free high port and registers that port with the UUID. Some services use random high ports and  others try to use the same high ports all the time (if they are available).

Below is the the diagram that shows How RPC works.






When a client wants to communicate with a particular RPC service, it cannot determine in advance which port the service is running on. It establishes a connection to the server's portmapper service (on 135) and requests the service it wants by using the service's UUID. The portmapper returns the corresponding port number to the client and closes the connection. Finally, the client makes a new connection to the server by using the port number it received from the portmapper.Because it is impossible to know in advance which port an RPC service will use, the firewall must permit all high ports through.
 
When a program tries to connect to a RPC, it requests a free port from the system. The system randomly generates the port no and give it to program requesting the port no. The default dynamic range is 1024-65535. System can give out the ports available from this range randomly.
  • KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters
  • Entry Name: TCPWindowSize
  • Type: DWORD
  • Value: 65535

Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535. This is a change from the configuration of earlier versions of Windows that used a default port range of 1025 through 5000

Below are some Kb for more details about RPC Configuration in different scenarios.

How to configure RPC dynamic port allocation to work with firewalls


         If you want to specify static ports for known services on DC like 
         Netlogon, NTDS, FRS etc. then follow the articles below.

Restricting Active Directory replication traffic to a specific port


How to restrict FRS replication traffic to a specific static port


Windows Server 2012 Dynamic Access Control

As you all must be aware about that Microsoft is working on 2012 and launched a version of server 2012

Today I will share one of the nice feature of server 2012 i.e. Dynamic Access Control

What is Dynamic Access Control

It is a new security feature that uses a file-system authorization mechanism that gives you the ability to define centrally managed file-access policies at the domain level which apply to every file server in the domain.
It doesn’t replace the existing NTFS permissions though. .
This security feature is claim based security feature.Claims are Active Directory attributes defined to be used with Central Access Policies. The claims can be set for both users and devices. Microsoft added a new container to the Active Directory Administrative Center to implement this new feature.

To configure centralized file-access policies through Dynamic Access Control, we need to configure the following parts.

1.  Claim Type
2.  Resource properties for files
3.  Resource property lists ( add resource property to global)
4.  Create new central access rule
5.  Create central access policy

Below is the screen shot of all the above mentioned steps.




What is the need


1.  Create simpler authorization models for file based resource
2.  Stop creating 1000s of groups to control access
3.  Classify files
4.  Control access to file based on AD attributes
5.  Deploy the access model
Let's deploy this DAP to have a better understanding of it.
I have promoted a server to a domain controller (not mentioned how to promote a server to a domain controller here) and the server name is server12.com
Configure Claim type for Users: In this step, you will add existing Active Directory attributes to the list of attributes which can be used when evaluating dynamic access control. The user’s department value will be part of the calculation that determines if they have access to specific files.
After login to the DC , you can just open the Active Directory Administrative Center to start configuring the Dynamic Access Policy (DAP).
Click on Claim type and then click on create new  and here I am selecting Department and Country
and the classes here I selected is for User (You can create new one as well)
Configure Resource properties for files :In this step, you will configure the properties which will be downloaded by file servers and used to classify files. Further dynamic access control rules will compare user attribute values with resource properties. You can enable existing properties or create new ones.
Click on resource property and here you can select the existing resource properties or also you can create the new ones, I have selected Country and Department.

Added two values in Department (Finance and ITSupport)


Added two values in Country (Norway and USA)
Add resource properties to global list :Each resource property must be added to at least one resource property list before it is downloaded by file servers. The global resource property list is downloaded by all file servers.
Add both Country and Department here.
 Create a new Central access rule :- In this step, you will create a new central access rule. This is similar to an access control list (ACL) in that it describes which conditions must be met in order for file access to be granted. 
First of all mention the name of the rule and then 
 In the Target resource option under Central access rule , you can add different conditions as mentioned below. (like department exists or country exists)
 In Permissions, select "Use the following permissions as current permissions".
NOTE: This setting enforces dynamic access control. The default setting will only create audit log entry.
Then you need to select Edit button then click Add ,click Select a principal, and then type Authenticated. click OK, In Permissions, check the Full Control check box.
Click on Add condition
Here I have selected :
User department Equals to Resource deprtment
User Country Equals to Resource Country
Create a Central Access Policy:-In this step, you will create a central access policy. A central access policy is a group of rules that are enforced as a unit. A file or folder can have only one central access policy applied to it. 
Just click on CAP and then click on new and then on Add to add the Central access rule.
add the user-resource match rule here
Publish the central access policy with GPO:-In this step, You need to create a new group policy to publish the central access policy.
Go to GPMC and then select your domain and then create new GPO and named it as "Dynamic Access"
In Security Filtering, click Authenticated Users, click Remove, and then click OK. and then click on add and add the file server where you want to implement this Policy.
Right-click Dynamic Access Policy, and then click Edit.  Navigate to Computer 
Configuration/Policies/Windows Settings/Security Settings/File System, and then click Central Access Policy. On the Action menu, click Manage Central Access Policies and click on CAP (the policy you created) and then close the GPMC.

Enable Kerberos Armoring for domain controllers :-In this step, you will enable Kerberos Armoring for domain controllers, which ensures that Kerberos tickets contain the required claims information which can then be evaluated by file servers.
To do this click on Default Domain policy and then click on edit and then Navigate to
Computer Configuration/Policies/Administrative Templates/System/KDC. 
Click "KDC Support for claims, compound authentication, and Kerberos armoring" and enable it.

 Note:- To update the policy you can run gpupdate /force
Configure classification data to the file share:In this step, you will classify the files in the file share by adding and configuring the resource properties.
Here i have created share folder name as "Shares".Right clik on it and then select properties, then classification,


Then you can select the appropriate Country and department entries that must be matched with the user's
attributes in the AD and after getting the successful match, it will allow user to access this folder.
After that go to securtiy permissions>>Advanced tab and then go to Central Policy and select the policy you want to implement on the folder as shown below
After that you can apply and close all the boxes by pressing OK.
Now your DAP is implemented successfully on that folder and now all the users who will match the condition mention will have access to this folder , rest will not have access to this folder.
If you want to test the effective permission on a user you can just right click the folder and go to securtiy permissions>>Advanced tab and then goto Effective permissions tab as shown below and then search for the user for which you want to check the permissions.
Here you can see Rahul is the user that has matched with the defined condition and can access the folder and you can see the permissions with green.

How to change SID in Windows Server 2008 R2

Most of the tech guys usually work on VMware and some other Virtual platforms and usually install the same OS to create multiple copies. You can do this copy by two methods.

1.      By cloning the virtual machine
2.      By Changing the SID of the OS so that it will not conflict.

In previous version of Windows like 2003 we usually use NewSID.exe that is recommended by Microsoft to changing the SID. But if you will use this NewSID.exe with windows server 2008 it will work but if you will use this for Windows Server 2008 R2 then your OS will be crashed and will be rebooted in recovery mode every time you restart.

In this blog i will describe you how to change SID on Windows Server 2008 R2.
The method is to use sysprep. 

First, click on  Start->Run, type sysprep and press OK.


This will open sysprep folder which is located in c:\Windows\System32. Open sysprep application.



This will open System Preparation Tool 3.14 window. As a System Cleanup Action select Enter System Out-of-Box Experience (OOBE).

Important: select Generalize if you want to change SID, it’s not selected by default.

As Shutdown Options select Reboot.




It will take some time for sysprep to finish.




After rebooting you will have to enter some data, like Country or region, Time and currency and Keyboard input.



Also, you will have to accept EULA. After booting, in Server Manager you’ll see that everything is changed, if you had some settings that you had configured earlier that will be changed as you have some new OS.



You can check the SID if you want to check
Also you can use the PsGetSid that is very small utility to check the SID

How to Analyze Windows Memory Dump

Today here I am going to explain about how to analyze the memory dump.
As in my previous post I have describe to you: How to create memory dump and where you can find that dump file.
Let’s say you have configured a memory dump on a server and server got unexpected down with BSOD.

Now you need to go to the default location i.e. %SystemRoot%\Memory.dmp for the memory dump file.
You can find the memory.dmp as below.











This memory.dmp file is the dump file for complete dump. Now you need to analyze it ;)
There are bundle of software in the market for the same, some are free of cost and some are licensed.
Microsoft has tool that we can use to analyze the memory dump on Microsoft platforms called as windows debugger (dbg_x86_6.11.1.404). You can download it from here.

After downloading the debugger you need to do little bit configuration before analyzing the dump.










Now you need to configure the symbol path for it. Before doing it just do the following
  1.      Create a folder named “symbols” without quotes in the root drive.
  2.      Open the Windbg and then go to FileàSymbol file path.
  3.     Set the path to “SRV*c:\symbols*http://msdl.microsoft.com/download/symbols “without quotes.
Symbol Path:- Symbol files provide a footprint of the functions that are contained in executable files and dynamic-link libraries (DLLs).Additionally, symbol files can present a roadmap of the function calls that lead to the point of failure.
Now the configuration is done, now you need to open the dump file in the debugger.

Now you need to open dump file , To do this goto File-->Open Crash Dump


















After you open the Memory.dmp, it will make some calculation and load the symbols as below.




























Now you need to write the command "!analyze -v " to get the details

After this command you will get the details about the reason behind the Crash :)

The reason for the crash was fltmgr.sys file.

As you all are System Admins so you must have good google search skills,Now just google it and get the reason for the same.
I have found the reason and the there is some Hotfix from Microsoft for this error.

http://support.microsoft.com/kb/955087

This is How we can Analyze the dump.Please comment if you need any other help from my side.

Saturday, November 23, 2013

Not able to search in OWA

Not able to search in OWA- Event id 9877

When you try to search something in OWA (outlook web access), you will get an error “The action couldn’t be completed.  Try again later.” We are having exchange 2010 and below is the error generated in the event log.

Log Name:      Application
Source:        MSExchangeIS Mailbox Store
Date:          8/8/2012 2:27:32 AM
Event ID:      9877
Task Category: Content Indexing
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      test.domain.com
Description:
Content Indexing function 'CISearch::EcGetRowsetAndAccessor' received an unusual and unexpected error code from MSSearch.
Mailbox Database: Mailbox Database 1443934757
Error Code: 0x80043629

 
This issue happens because of the Symbolic Links. Symbolic links are the links to registry for each languague. When you are uninstalling or removing any software or role in the server, there will be chances that these links will also be removed. Reinstalling the Symbolic links can resolve the issue.

Steps to fix this issue:

1) Download the script Repair-ExchangeSearchSymlinks.ps1 from the below link:
http://gallery.technet.microsoft.com/scriptcenter/16afe88b-6c6d-49a3-8b03-2a2ece27f61a

Below is the script and can be saved in .ps1 format:
======================

write-host "Attempting to repair symbolic links" 
 
write-host "Stopping msftesql-exchange and msexchangesearch services" 
stop-service -Force msexchangesearch 
stop-service -Force msftesql-exchange 
 
$rval = get-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.Setup -ea SilentlyContinue 
if(!$rval) 
{ 
    add-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.Setup -ea SilentlyContinue 
} 
 
write-host "Installing symbolic links" 
Install-ContentIndexingService –HubOnlyFilterRegistration 
 
if(!$rval) 
{ 
    Remove-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.Setup -ea SilentlyContinue 
} 
 
write-host "Starting msftesql-exchange and msexchangesearch services" 
start-service msexchangesearch 
start-service msftesql-exchange 
 
write-host "Symbolic links restored." 
write-host "Please run test-exchangesearch to verify installation."
======================== 

2) Copy the Repair-ExchangeSearchSymlinks.ps1 script to the Scripts directory on the Mailbox server (default installation is C:\Program Files\Microsoft\Exchange Server\v14\Scripts).
3) On the afflicted Mailbox server, open the Exchange Management Shell by right-clicking and selecting “Run as Administrator”.
4) Within the Exchange Management Shell(EMS), navigate to the Exchange Scripts directory.
5) Within the Exchange Management Shell, run the following script:
.\Repair-ExchangeSearchSymlinks.ps1
6) Now reset the index file by issuing the below command within the EMS:
.\ResetSearchIndex.ps1 -All  (this is for all databases in the server)

If you want to reset on particular database then:
.\ResetSearchIndex.ps1 -(database name)

Wait for few hours for the indexing to rebuild on the server. If the issue still exists, try to restart the server or Information store service.

Install and Configure Windows Server 2012 R2 Essentials

Windows Server 2012, codenamed "Windows Server 8", is the sixth release of Windows Server. It is the server version of Windows 8 and succeeds Windows Server 2008 R2. Two pre-release versions, a developer preview and a beta version, were released during development. The software was generally available to customers starting on September 4, 2012.
In this easy step by step guide, we will learn how to install and activate Windows Server 2012.
Before you start make sure you have the minimum requirements to install Windows Server (Windows Server Requirements):

Processor: Minimum: 1.4 GHz 64-bit processor
Ram: Minimum: 512 MB
Disk Space: Minimum: 32 GB
Other requirements:
  • DVD drive
  • Super VGA (800 x 600) or higher-resolution monitor
  • Keyboard and Microsoft® mouse (or other compatible pointing device)
  • Internet access
 You can then download the evalution copy of Windows Server 2012 from here, Download the ISO and burn it to some DVD:
http://technet.microsoft.com/en-US/evalcenter/hh670538.aspx?ocid=&wt.mc_id=TEC_108_1_33

Now that we have everything we need, We can Start:
1- Insert the Windows Server 2012 DVD, and once you get the following message press Enter to boot from the setup
2- Wait for a while till the setup loads all necessary files (Depending on your machine, it will take couple of minutes)
 3- Once the setup files are loaded, the setup will start with the following screen. You can change these to meet your needs (the default values should be fine for now)
 4- Once you click Next, you can start the installation, click "Install now"
5- You will see the following screen, wait until it finishes loading
6- In the following setup screen, you will see four options. Select Windows Server 2012 DataCenter Evaluation (Server With GUI).
7- After you click Next from previous screen, Read the License terms, tick the "I accept the license terms" and click Next
8- Now It will ask you for the drive (or partition) you want to install Windows on. Here I'm installing it on the one partition I have here. NOTE: This will remove the content of the partition. Either you create a partition to install windows on, or you can test this on a testing machine
9- Now once we picked our partition, clicking on next from previous screen will start the setup. This process might take a while.
10- Once the setup is done, it will restart and start your Windows Server 2012 for the first time. It will ask you then to set up a password for the Administrator user
11- The setup will finalize your settings, might take a couple of minutes

12- Once the setup is done, you can log in for the first time to your Windows Server, as the screen says, press Ctrl+Alt+Delete to log in, and use the password you set in the setup process


13 - Once you Log in, Windows Server 2012 will show the Server Manager


Congratulations! you have now Windows server 2012 Installed with Datacenter.