Posts

Showing posts from 2014

Powershell for IP information of remote machines

First off, I must appologise, this Power shell script is not my own.  Worst, I cannot remember where I got the script from.  I will endeavour to credit the author as soon as I find them. With that in mind...Some time ago I needed to find out what the DNS settings on our servers were, and as they are manually configured i.e. no DHCP this would mean jumping on each box (200+) and taking a peak.  This screamed Power Shell at me! This little script will run off and return to you the IP configuration of any server you can access.  It does a nice little check to see if the server is on first before trying to get the IP information. I added the write out to a file bit but the original just had the output sent to the console. Here's the code. [cmdletbinding()] param (     [parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]     [string[]]$ComputerName = $env:computername )             begin {} process {     foreach ($Computer in $ComputerNa

Printer drivers on Citrix XenApp 6.5

We've been having some fun with printer drivers on our XenApp 6.5 farm recently. We were able to track this down to some 3rd party drivers (I know, I know!) I used the cool Citrix tool PrintDective from here  http://support.citrix.com/article/CTX116474   to show me all the 3rd party (non-native) drivers we had installed on the server. Once I had found the 3rd party drivers I had a devil of a time removing them.  They were always in use - even if I was the only user on the server!  It was as if the drivers would not remove! I used the following procedure from  https://social.technet.microsoft.com/Forums/windows/en-US/b6c03300-fbed-4604-85fe-edbb811d769e/failed-to-remove-printer-driver  to remove the drivers and packages.  And now all is well in my Citrix farm.  Xen. :) 1. Then we stopped print spooler 2. In registry we opened HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Print Processors\ 3. We renamed all Print Processors that were l

Veeam Report

I was unhappy with the automatic notifications given out by Veeam so I made my own. I used the Exchange Health Check Power Shell as a guide and here's mine. Basically this Power Shell runs through the Veeam sessions in the last 24hours and reports on the statuses of each vm within that session, I pull out the time for each vm to backup (Duration) and the amount of Restore Points each VM has. One thing to note is that if you rename a job in Veeam this does not change the name of the session.  I had to add some code to work around a renamed job as I was getting no information for the Restore Points.  I left this out of the posting as this was particular to my environment and may not be in yours. Here's a mock up of what you can expect to see... Here the Veeam job, Contoso Infra has eight VMs and the job, Contoso Services has 3. Veeam 24hr Backup Report - 2014/10/27 Contoso Infra Server Name Status Duration

CentOS 7

Well keeping up with the times (sort of) I thought I'd blitz my CentOS 6 vm and build a new one.  Also this gives me an opportunity to test out my last post and re-install everything AGAIN. Fun. Well it started out fun. :) It seems things have changed ALOT since CentOS 6 New firewall for starters.  Gone is "service start smb".  Gone is chkconfig! What! Oh well new day new tricks.  It looks like chckconfig and service are now combined into one command systemctl - ok this makes good sense.  I like it. For example to enable Apache to persist between boots systemctl enable httpd and to stop Apache systemctl stop httpd simple. I like the new firewall too. fairewall-cmd to control it.  Nice.  To me at least this is much more intuitive to use with the zones and such than using iptables directly. Learning learning learning!!!

Squid 3.5 forward proxy on CentOS

I've been looking into providing a good proxy server to replace the old stalwart Threat Management Gateway which is now out of support and development from Microsoft. Having recently passed my Redhat exam I thought I would look for something a bit LINUX based to run the proxy.  This led me to find SQUID. http://www. squid -cache.org There is plenty of documentation around how to set up the proxy.   Typically with LINUX, the documentation is written assuming that the reader knows what is going on  and is not a beginner. I got the basic proxy up and running pretty quickly.  I even had WPAD working correctly!   The defaults all worked! However the sticking point was how to get Squid to use an Active Directory group to determine who has  access to the Internet. Here's how I implemented the whole thing.  From start to finish.  As much as I can remember.   Obviously I'll omit the days of effort pursuing failures and just present the successes so it looks like

Better late than never...

Ok.  So here's the rub.  I didn't know this till this morning. You can put nslookup into debug mode! This means you can find where those pesky "Non-Authoritive answers" came from! Awesome. Here's how: C:\>nslookup -d2 bingo.

Breaking MDT with legal notices

I've been getting MDT working here and one of the annoyances is the corporate "required" legal notice pop up. This breaks MDT.  The build process requires the local admin to log in and out a few times. There are a few work-arounds which I came up with however none are as simple and cool as the one suggested by Alex's blog http://blogs.msdn.com/b/alex_semi/archive/2009/08/28/avoiding-legan-notice-that-breaks-mdt-autologon.aspx Basically the idea is:  Delay the domain join until the last minute.  This avoids ever applying the GPO which forces the legal notice. Excellent.

Security Policy 1001

We had an annoying warning showing every 5 minutes on our Read Only Domain Controllers.  This didn't affect service but meant we were losing our logs of important events (should the have occurred) "Security policy cannot be propagated. Security Configuration Server (in services.exe) is not ready. This is probably in system reboot. Policy will be tried again in the next propagation." Source: SceCli Event: ID 101 We tracked this down to a GPO which was populating the local Administrators group. Obviously a Domain Controller has no local users or groups so this was causing the issue. Ensuring that the GPO did not apply to the Domain Controllers - yes the GPO was linked at the root! fixed the issue. It is strange that we did not see the warnings on our main Domain Controllers only on the Read Only DC's as this would have affected all DCs the same (I would have thought)

windows update error 8024402c

Just doing some patching this weekend and came across this error on one of our servers. windows update error 8024402c No much help on the web - that worked for me so I checked out the windowsupdate.log The update failed to find our WSUS server. So I checked if I could ping the server.  I couldn't. This was due to the DNS suffixes being incorrect. I fixed that and now updates are working! Hope this helps :)

Double vision...one GPO applying twice.

We have a script which runs IE when a user logs in. On our RDS servers we found that users were seeing two instances of IE opening. This is caused by the User Group Policy loopback processing mode being enabled. We need this mode enabled for various reasons so just turning this off wouldn't help. The GPO applying the logon script needs to be on the root OU due to the design of AD.  Something which I wish to change but being relatively new here I am loathed to rock that boat... Luckily I was able to change the loopback mode from merge to replace, in some cases this would lead to some hefty changes, but for us this worked! A good explanation is here http://blogs.technet.com/b/askds/archive/2013/02/08/circle-back-to-loopback.aspx However the long and short is that: In merge mode user policies which are in scope of the computer object are applied along with the policies within scope of the user object.   In replace mode only the user policies in scope of the compute

Exchange 2010 health check

A long time ago I found some really useful powershell to report on the health of my Exchange 2010 environment. Whilst this is pretty much a straight cut-n-paste job I have made some changes and kept the more relevant (at least to me) data whilst removing columns I thought we not adding "value".   I added a feature to look up a file called: C:\Scripts\HealthCheck\MailboxServers.csv which is a key/value pair of Mailbox name and mailbox Server name.  This will show you if a mailbox has failed over from the designated mailbox server.   For example, if database1 and database2 are running on my_mbx_server1 and database3 is running on my_mbx_server2 then:  my_mbx_server1, database1 my_mbx_server1, database2 my_mbx_server2, database3 The code will read this file in and check that all mailboxes are running on the designated mailbox servers, if not, the cell is highlighted in red with some text detailing where the mailbox has moved from. Probably the best wa

AD Protected from Accidental Deletion

I ran into something today so I thought I'd post my solution to speed things up for people... I had to remove a load of sub OUs from our AD.  This seemed  relatively straight forward until I the deletion failed due to all the OUs being protected from accidental deletion. This is a good thing. Here's the powershell to disable this: you will need to have the AD powershell add-in... Import-Module ActiveDirectory To turn off protection... Get-ADObject -LDAPFilter "objectclass=organizationalUnit" -SearchBase "OU=UserObjects,OU=USA,DC=CONTOSO,DC=COM" | Set-ADObject -ProtectedFromAccidentalDeletion $false I then ran the same thing again but set it to true to re-enable the protection Get-ADObject -LDAPFilter "objectclass=organizationalUnit" -SearchBase "OU=UserObjects,OU=USA,DC=CONTOSO,DC=COM" | Set-ADObject -ProtectedFromAccidentalDeletion $true

More Veeam woes...

Happy New Year! For some reason our replication - using Veeam V7 stopped working. The error in the job log was: Exception from server: Failed to open VDDK disk [[DISK_ID] SERVERNAME_replica_1/DISKNAME-000002.vmdk] ( is read-only mode - [false] ) Failed to open VMDK. Logon attempt with parameters [VC/ESX: [VEEAMSERVERNAME];Port: 443;Login: [****];VMX Spec: [moref=vm-40323];Snapshot mor: [snapshot-40842];Transports: [hotadd:nbd];Read Only: [false]] failed because of the following errors: Failed to process [srcReplicateVddkDiskContent] command. So looking around on Google didn't yield much apart from a lot of dead ends, finally one page had the answer! http://www.blackforce.co.uk/2013/12/05/veeam-7-error-failed-to-open-vddk-disk Which simply says check the proxies for any attached disks and remove them.  These disks should be removed after the job completes but for some reason they did not. I just went into the Edit Properties (on vSphere) for each proxy server and c