Exchange Sever
https://www.testexchangeconnectivity.com/
Office Communications Server (OCS)
https://www.testocsconnectivity.com/
Monday, December 21, 2009
Thursday, August 20, 2009
Virtualising existing domain controllers
Against VMwares recommendations I written up the safest way to virtualise a Domain Controller without demoting it to a standlone server as described here.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006996
Part 1. Install VM Converter
1. Install the standalone VM converter tool on trhe domain controller
Part 2 Boot server in Directory Recovery services mode
1. On your machine, select Run from the Start menu, type Mstsc /console, and click OK.
2. Type the FQDn of the DC
3. Log on to the server using a Domain admin account
4. On the DC, select Run from the Start menu, type sysdm.cpl, and click OK.
5. On the Advanced tab, click Settings in the Startup and Recovery section. Click Edit. This opens the boot.ini file in Notepad.
6. Add the following line to the end of the boot.ini file: /SAFEBOOT:DSREPAIR Save and close the boot.ini file.7. Disable the FRS services
8. Reboot the server.
9. Rdp to the server again (make sure you use the /console switch)
10. When you reconnect, the server should state that it’s in safe mode. Log on using the recovery console account
Part 3 Convert the domain controller
1. Use the Vmconvertor to convert the server
2. Resize disks as appropriate
3. Once conversion is complete shutdown the physical server and physically disconnects it from the network and do not reconnect for any reason!
Part 4 Clean up new virtual DC
1. Boot the new VM server in a network Isolated state the server should still be DSRM mode as we haven't removed the /SAFEBOOT:DSREPAIR from the boot .ini
2. Uninstall all HP software except HP Data Protector or other providor software
3. remove hidden Nics using Devcon http://support.microsoft.com/kb/269155
4. Assign the correct server to the VM NIC. Very important as this is a DNS server
5. Reboot server
6. Check event logs for hardware related issues
7. If all looks good remove the /SAFEBOOT:DSREPAIR from the boot.ini
8. Reenable the FRS services
9. Reboot the server and place back on the network. ( From this point forward we cannot role back to the original server)
Part 5.
1 . Check replication!
2. Check FRS Replication! If required do a non authoritative restore of Sysvol http://support.microsoft.com/kb/840674
3. Destroy the original Domain Controller!!!
4. Never Clone a DC as a Backup!!!
Cheers
Steve
Sunday, July 12, 2009
Monday, May 18, 2009
Powershell script to check for expired certificates
Had a request today to produce a report on all expired certificates on a server.At first I thought this would difficult but it turns out to be quite simple.
Once you get to the power shell the first thing you need to move into the certificate store.
cd cert:
You could list all certificates by simply running gci -recurse. For this exercise I was only interested in self sign certificates issued by "MyCompany"
gci -recurse | where {$_.Issuer -like "*MyCompany*"} . This command will produce a list of certificates where the issuer contains MyCompany so "Super MyCompany" or "MyCompany is tops" will be in the results list.
We can then reduce the output by only asking for only properties we're interested in. In this case instead of using format-table I've outputed the results to html using the convertTo-html cmdlet.
gci -recurse | where {$_.Issuer -like "*MyCompany*"} |ConvertTo-Html Subject, Issuer, Thumbprint, FriendlyName, Notbefore, Notafters |set-content c:\certs\certsreport.htm
This is all you need but if you want a report of already expired certificates we can filter the results by excluding any certificates the have expiry date less than today.
To do this set variabe with the value of todays date this can done with the following command.
$date=date
Here's the full code to produce html report of all expired certificates. Make sure the c:\certs dir exists.
cd cert:
$date=date
gci -recurse | where {$_.Issuer -like "*MyCompany*"} |where {$_.NotAfter -gt $date} |ConvertTo-Html Subject, Issuer, Thumbprint, FriendlyName, Notbefore, Notafters |set-content c:\certs\certsreport.htm
If want to send this in a email as an attachment here's the code.
cd cert:
$date=date
gci -recurse | where {$_.Issuer -like "*Clayton*"} |where {$_.NotAfter -gt $date} |ConvertTo-Html Subject, Issuer, Thumbprint, FriendlyName, Notbefore, Notafters |set-content c:\certs\certsreport.htm
$filename = “c:\certs\certsreport.htm”
$smtpServer = “smtp.cu.claytonutz.com”
$msg = new-object Net.Mail.MailMessage
$att = new-object Net.Mail.Attachment($filename)
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = “steve@mycompany.com”
$msg.To.Add(”destination@mycompany”)
$msg.Subject = “Certs Reports”
$msg.Body = “Expired Certificates”
$msg.Attachments.Add($att)
$smtp.Send($msg)
Regards,
Steve
Once you get to the power shell the first thing you need to move into the certificate store.
cd cert:
You could list all certificates by simply running gci -recurse. For this exercise I was only interested in self sign certificates issued by "MyCompany"
gci -recurse | where {$_.Issuer -like "*MyCompany*"} . This command will produce a list of certificates where the issuer contains MyCompany so "Super MyCompany" or "MyCompany is tops" will be in the results list.
We can then reduce the output by only asking for only properties we're interested in. In this case instead of using format-table I've outputed the results to html using the convertTo-html cmdlet.
gci -recurse | where {$_.Issuer -like "*MyCompany*"} |ConvertTo-Html Subject, Issuer, Thumbprint, FriendlyName, Notbefore, Notafters |set-content c:\certs\certsreport.htm
This is all you need but if you want a report of already expired certificates we can filter the results by excluding any certificates the have expiry date less than today.
To do this set variabe with the value of todays date this can done with the following command.
$date=date
Here's the full code to produce html report of all expired certificates. Make sure the c:\certs dir exists.
cd cert:
$date=date
gci -recurse | where {$_.Issuer -like "*MyCompany*"} |where {$_.NotAfter -gt $date} |ConvertTo-Html Subject, Issuer, Thumbprint, FriendlyName, Notbefore, Notafters |set-content c:\certs\certsreport.htm
If want to send this in a email as an attachment here's the code.
cd cert:
$date=date
gci -recurse | where {$_.Issuer -like "*Clayton*"} |where {$_.NotAfter -gt $date} |ConvertTo-Html Subject, Issuer, Thumbprint, FriendlyName, Notbefore, Notafters |set-content c:\certs\certsreport.htm
$filename = “c:\certs\certsreport.htm”
$smtpServer = “smtp.cu.claytonutz.com”
$msg = new-object Net.Mail.MailMessage
$att = new-object Net.Mail.Attachment($filename)
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = “steve@mycompany.com”
$msg.To.Add(”destination@mycompany”)
$msg.Subject = “Certs Reports”
$msg.Body = “Expired Certificates”
$msg.Attachments.Add($att)
$smtp.Send($msg)
Regards,
Steve
Thursday, April 16, 2009
VI Client Open Console Attempt Fails
“error connecting: can not connect to host x.x.x.x: a connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.”
Mware Communities: Getting error when opening console … is a thread that was started back in April 2006 but has it’s most recent reply (as of this writing) from May 2008. It turns out that this problem has been an issue starting with ESX3.0 and has continued across several ESX versions. It is basically unexplained. There does not seem to be a solid understanding of what conditions cause this problem. There are replies from users who have experienced the issue whether connected to an ESX host or to VirtualCenter. There is a resolution that makes it go away, however.To fix the problem add the following line to the /etc/vmware/config file:
vmauthd.server.alwaysProxy = “TRUE”
I used nano from the Service Console to add the line to the file, and the problem instantly went away. I did not even have to restart any services. The steps for using nano to change this file are:
- type #nano /etc/vmware/config
- Add the line to the end of the file
- Press ctrl+x to save the changes
- enter “yes” when prompted
- hit enter to overwrite the file with the same file name
Tuesday, March 31, 2009
Update Notes field for all VM in your Organisation
The Systems Administration team had been assigned the task of updating all VM guest machines with a description. This would allow us to have an idea of who owned and what a server did.
I thought this should easy enough to achieve a powershell script but I then released I could do this in 2 lines.
$vminfo = import=csv c:\powershell\vminfo.csv
$vminfo |ForEach-Object {set-vm $_.vmserver -Description $_.vmdescription -confirm:$false}
First you'll need CSV of the VM servernames and descriptions
example of vminfo.CSV
Vmserver,VMDescription
server1,Server owned by:Mr T VMdescription goes here
server2,Server owned by:Mr T VMdescription goes here
$vminfo = import=csv c:\powershell\vminfo.csv
In the first line of the command, the Import-CSV cmdlet is used to retrieve the saved object
representation from thevminfo.csv file, create corresponding objects and store them in the $vminfo variable.
$vminfo |ForEach-Object {set-vm $_.vmserver -Description $_.vmdscription -confirm:$false}
The secondline use a Foreach loop to set the description of the server. $vminfo is now object you can play with.
$_.Vmserver and $_.VMDescription values come from the header line of the CSV file.
Foreach-object ( i.e each line in vminfo.csv) do the set-vm cmdlet. -confirm:$file supresses confirmation.
/ Steve D
I thought this should easy enough to achieve a powershell script but I then released I could do this in 2 lines.
$vminfo = import=csv c:\powershell\vminfo.csv
$vminfo |ForEach-Object {set-vm $_.vmserver -Description $_.vmdescription -confirm:$false}
First you'll need CSV of the VM servernames and descriptions
example of vminfo.CSV
Vmserver,VMDescription
server1,Server owned by:Mr T VMdescription goes here
server2,Server owned by:Mr T VMdescription goes here
$vminfo = import=csv c:\powershell\vminfo.csv
In the first line of the command, the Import-CSV cmdlet is used to retrieve the saved object
representation from thevminfo.csv file, create corresponding objects and store them in the $vminfo variable.
$vminfo |ForEach-Object {set-vm $_.vmserver -Description $_.vmdscription -confirm:$false}
The secondline use a Foreach loop to set the description of the server. $vminfo is now object you can play with.
$_.Vmserver and $_.VMDescription values come from the header line of the CSV file.
Foreach-object ( i.e each line in vminfo.csv) do the set-vm cmdlet. -confirm:$file supresses confirmation.
/ Steve D
Tuesday, March 24, 2009
Blog dedication "But ya f#$% one goat..."
Hi All,
Here's my first blog ever!
This afternoon I was writing some powershell code and I was one keystroke away from destroying most of my virtual enivornment and I thought I'd start technology blog that was dedicated to techos who have been dogged by there mistakes.
If you don't know what "But ya f#$% one goat..." reference means here's the Joke below.
A Scottish old timer in Scotland, in a bar, talking to a young man. The Old Man says, "Lad, look out there to the field. Do ya see that fence? Look how well it's built. I built that fence stone by stone with me own two hands. I piled it for months.""But do they call me McGreggor-the-Fence-Builder? Nooo..."Then the old man gestured at the bar.
"Look here at the bar. Do ya see how smooth and just it is? I planed that surface down by me own achin' back. I carved that wood with me own hard labour, for eight days.""But do they call me McGreggor-the-Bar-builder? Nooo...
"Then the old man points out the window. "Eh, Laddy, look out to sea...Do ya see that pier that stretches out as far as the eye can see? I built that pier with the sweat off me back. I nailed it board by board.""But do they call me McGreggor-the-Pier-Builder? Nooo...
"Then the old man looks around nervously, trying to make sure no one is paying attention."But ya fuck one goat..."
For those who'd like to delete all of there virtual machines here's a great one liner for you. you'll need to install VI tookit before you can do any of this. To get it go here http://vmware.com/go/powershell.
No warranty blah blah blah
get-vm *remove-vm -deletefromdisk -confirm:$false
Essentialy you use the get-vm command to list all your virtual machines you then pipe it to remove-vm to the remove-vm. Then -confirm:$false supresses confirmation. $false is pre defined variable in powershell user get-var to check out the rest.
Remember everyone makes mistakes especially people who are lazy and copy paste code with out releasing there impact.
Cheers,
SteveD
Here's my first blog ever!
This afternoon I was writing some powershell code and I was one keystroke away from destroying most of my virtual enivornment and I thought I'd start technology blog that was dedicated to techos who have been dogged by there mistakes.
If you don't know what "But ya f#$% one goat..." reference means here's the Joke below.
A Scottish old timer in Scotland, in a bar, talking to a young man. The Old Man says, "Lad, look out there to the field. Do ya see that fence? Look how well it's built. I built that fence stone by stone with me own two hands. I piled it for months.""But do they call me McGreggor-the-Fence-Builder? Nooo..."Then the old man gestured at the bar.
"Look here at the bar. Do ya see how smooth and just it is? I planed that surface down by me own achin' back. I carved that wood with me own hard labour, for eight days.""But do they call me McGreggor-the-Bar-builder? Nooo...
"Then the old man points out the window. "Eh, Laddy, look out to sea...Do ya see that pier that stretches out as far as the eye can see? I built that pier with the sweat off me back. I nailed it board by board.""But do they call me McGreggor-the-Pier-Builder? Nooo...
"Then the old man looks around nervously, trying to make sure no one is paying attention."But ya fuck one goat..."
For those who'd like to delete all of there virtual machines here's a great one liner for you. you'll need to install VI tookit before you can do any of this. To get it go here http://vmware.com/go/powershell.
No warranty blah blah blah
get-vm *remove-vm -deletefromdisk -confirm:$false
Essentialy you use the get-vm command to list all your virtual machines you then pipe it to remove-vm to the remove-vm. Then -confirm:$false supresses confirmation. $false is pre defined variable in powershell user get-var to check out the rest.
Remember everyone makes mistakes especially people who are lazy and copy paste code with out releasing there impact.
Cheers,
SteveD
Subscribe to:
Posts (Atom)