Backtrack:  
Blog
 
showing all posts
Prevent Cisco AnyConnect from removing Connections tab from Internet Options
edited by on September 2nd 2015, at 10:02
Older versions of the Cisco AnyConnect VPN client seems to remove the Connections tab from Internet Options, whenever a VPN connection is made. The tab is restored upon a graceful disconnect of the connection. But sometimes, if the user abruptly closes the connection (e.g. the computer shuts down incorrectly), in which case, the Connections tab is not restored and stays hidden forever. Users are then no longer to go to Internet Options to adjust e.g. proxy settings.

AnyConnect creates a registry key to hide the Connections tab on a connect, and removes it on a disconnect:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel] "ConnectionsTab"=dword:00000  ...
 
Purge migrated or disabled mailboxes in Exchange
edited by on September 1st 2015, at 16:24
If a mailbox gets migrated or disabled (= disconnected), the mailbox is not removed from the mailbox database right away. Instead, Exchange uses the retention configuration of the mailbox database in which the mailbox was stored. This is useful if a restore of the mailbox is needed (e.g. in case of accidental deletion).

However, sometimes it may not be necessary to have the mailbox available for undelete. E.g. when you have migrated a large number of mailboxes, you may not wish to keep the old mailbox copies to free up disk space. In that case, you can manually "purge" the mailbox from the mailbox database.

Note that this only works with a disconnected mailbox. These are mailboxe  ...
 
Reclaim virtual disk space on DataCore SANsymphony-V
edited by on August 31st 2015, at 15:50
You can reclaim previously allocated but unused disk space from your virtual disks by returning unused SAUs to the disk pool.

In order to reclaim space, files must be permanently deleted from disk. Space can only be reclaimed on a per-SAU base, meaning that the entire SAU must be empty and zeroed before it can be returned. If a single byte is in use on a SAU, the entire SAU cannot be returned.

Space reclamation can be done on any type of virtual disk, but depending on the type, there are some factors to account for. In case of a mirrored or dual virtual disk, the disk cannot be in recovery mode and its sync should be "up to date".

Running reclamation simultaneously is possible i  ...
 
Faster alternative to SDelete
edited by on August 31st 2015, at 12:10
To reclaim space in virtual environments and thin provisioned storage facilities, SDelete from SysInternals is probably the most used tool on Windows to clear out unused space of a volume, allowing the SAN to release these data blocks back to the storage pool.

But while SDelete is robust, it has a few (minor) limitations:

It cannot handle mount points, only logical drives (i.e. volumes mounted on a logical drive letter).

It is rather slow on very large file systems.

I found an alternative online in the form of a Powershell script at this thread, written by David Tan, who in turn based it on a script found here.

The script creates an empty ("zeroed") 1 GB file and copies that f  ...
 
Get volume and logical drive info through Powershell (local/remote)
edited by on August 31st 2015, at 11:45
Powershell can also handle queries through WMI, allowing you retrieve all kinds of system information from local and remote systems running Windows. This also includes information about volumes, logical drives and shares.

For this to work on remote systems, you need to have Remote Management enabled. Starting from Server 2012, this is already enabled by default.

The commands use the Get-WmiObject cmdlet to retrieve the information. If no computer name is specified, the information will be retrieved from the system running the cmdlet. In order to connect to a remote system, run the cmdlet while specifying the computer name of the remote host with the -ComputerName parameter.

For example, t  ...
 
Reclaim disk space on Exchange 2010/2013 mailbox servers
edited by on August 28th 2015, at 10:05
Exchange mailbox database files (EDB-files) grow in size as the data within them grows. But when data is removed, their file sizes will not shrink back. Instead, the file will contain "white space", which will be re-used if additional space is needed again.

Older versions of Exchange (2007 and earlier) did (limited) automatic space reclamation as part of their online database maintenance routines. Starting from Exchange 2010, these maintenance routines have changed and space reclamation no longer occurs. It is up to the Exchange administrator to perform space reclamation if the need arises.

There are two viable methods for reclaiming disk space, each having their pros and cons:

  ...
 
Can I reboot witness server of a two member Exchange DAG?
edited by on August 27th 2015, at 11:51

You can reboot a DAG witness server but only if your DAG cluster is operating with all of its members online.

An FSW (file share witness) will only come into play during a failover scenario. This means that it will become a problem if a DAG member fails at the exact same moment your FSW is rebooting, because the remaining DAG member will then not achieve majority, causing the cluster to fail completely.

Note that if you reboot the FWS often in a short period, the cluster will mark the FWS as unreliable and fail the cluster. In that case, you should manually bring it back online by running the following PS cmdlet on a DAG member:

Get-ClusterResource | Start-ClusterResource
 
Data Warehouse failed to request a list of management packs from SQL RS server
edited by on August 26th 2015, at 16:51

Your SCOM environment may produce the following alert on the RMS server:

Alert
Alert: Data Warehouse failed to request a list of management packs from SQL RS server
Source: 24c6a0cc-5f00-4a8c-9a40-fa4d4218c2e3
Path: Not Present
Last modified by: System
Last modified time: 8/26/2015 3:55:52 PM Alert description: Data Warehouse failed to request a list of management packs which contain reports deployed to SQL Reporting Services Server.
WebException: The operation has timed out

Check whether the data warehouse write user has a proxy server active. If this is the case, log in with that user on the RMS, and disable the proxy, or reconfigure it so it bypasses local addresses.

 
Disable first run file format selection for Office 2013
edited by on August 26th 2015, at 14:33
Due to decisions made by European Union, EU-versions of Office 2013 require the selection of the default file format when starting Office (usually Word or Excel) for the first time:



You can disable this dialog by creating the following registry key (can be used with group policy or logon script too):

In the registry, locate the key:HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\General

Create the following value:Name: ShownFileFmtPrompt

Type: DWORD (32-bit)

Value: 1



Users starting an Office program for the first time will now not be prompted to choose the default file format. The default file format will default to Open XML (DOCX, XLSX, etc).

I've noticed that when upgrad  ...
 
Clearing Exchange 2013 performance (diagnostics) logs using Powershell
edited by on August 26th 2015, at 10:38
Exchange 2013 has several performance counters running by default. While this is useful for diagnostic purposes, it also can take up a lot of disk space (can go over 1 GB a day). You can use Powershell to clear out older performance logs.

gci 'S:ExchangeLoggingDiagnosticsDailyPerformanceLogs','S:ExchangeLoggingDiagnosticsPerformanceLogsToBeProcessed' | gci -Include '*.log','*.blg' -Recurse | ? LastWriteTime -lt (Get-Date).AddDays(-7) | Remove-Item

Replace the paths to the daily performance logs and performance logs to be processed. You can also adjust the number of days it needs to keep (in the example, it's 1 week). In the example, we remove the files, but you could just as easily move th  ...
 
Renew certificates on ADFS 3.0 (2012 R2)
edited by on August 24th 2015, at 16:20
Occasionally (usually once a year), you may have to renew your SSL certificate of your Active Directory Federation Services server, used for your Office 365 Single Sign-On setup. In past versions, this was done quite easily through IIS. However, since 2012 R2 (a.k.a. ADFS 3.0), ADFS no longer uses IIS and it gets a little bit more complicated.

Outlined in this short article are the steps you need to do in order to renew or replace your SSL certificate on a Windows 2012 R2 server, running ADFS 3.0.

First, renew or request a new SSL certificate through your Certificate Authority (such as GoDaddy, Enom, etc.). How to do this depends greatly on the CA. As ADFS on 2012 R2 no longer uses IIS, yo  ...
 
Certificate renewal using the same private key (e.g. GoDaddy)
edited by on August 24th 2015, at 16:09
Certain Certificate Authority providers, such as GoDaddy allow you to renew an SSL certificate using the same CSR and private key. This greatly simplifies the procedure to renew a certificate, but this can also complicate things if you don't have your private key readily available.

On a server running ADFS 3.0 for instance, you do not have IIS available to allow an easy SSL certificate renewal (or even a request). Or perhaps, you lost the current private key, or it is located somewhere where it's not easily accessible.

Luckily, there's a fairly easy way to extract the private key from the previous SSL certificate on your Windows server. By using the Windows Certificate store functionality   ...
 
MSExchange ADAccess Event 2937
edited by on August 24th 2015, at 12:45
The following errors may be logged in an environment that has been upgraded to a new version of Exchange (usually 2003 to 2010), or a service pack to Exchange (2010) has been installed.

MSExchange ADAccess Event ID 2937
Log Name: Application
Source: MSExchange ADAccess
Date: 9/26/2010 9:12:29 AM
Event ID: 2937
Task Category: Validation
Level: Warning
Keywords: Classic
User: N/A
Computer: server.contoso.com

The reason for this error is that an AD attribute of an item (e.g. mailbox, connector, routing group, etc) is pointing to the DN of a server which has recently been deleted from AD. As long as the object is still physically present in   ...
 
MSExchangeSA event 9385 "failed to read the membership..."
edited by on August 24th 2015, at 12:06
You may encounter the following errors in the Application event log:

MSExchangeSA Event ID 9385
Microsoft Exchange System Attendant failed to read the membership of the universal security group '/dc=com/dc=domain/ou=Microsoft Exchange Security Groups/cn=Exchange Servers'; the error code was '8007203a'. The problem might be that the Microsoft Exchange System does not have permission to read the membership of the group.

If this computer is not a member of the group '/dc=com/dc=domain/ou=Microsoft Exchange Security Groups/cn=Exchange Servers', you should manually stop all Microsoft Exchange services, run the task 'add-ExchangeServerGroupMember,' and then restart all Microsoft Exchange servic  ...
 
Installing SCCM 2012 (R2) console
edited by on August 24th 2015, at 11:36

You can quickly and easily install the System Center Configuration Manager console on a management server or workstation.

There are no particular prerequisites for installing the console.

Run the following command line to install the console on the current computer, and to the default location.

"\\SmsServer.domain.local\SMS_SiteName\bin\i386\consolesetup.exe" /q TargetDir="%programfiles%\ConfigMgrConsole" EnableSQM=0 DefaultSiteServerName=SmsServer.domain.local

Adjust the parameters accordingly:

  • SmsServer.domain.local: the FQDN of your server running SCCM (ConfigMgr).
  • SiteName: the site name of the SCCM site.
 
Installing SCOM 2012 (R2) Operations Console
edited by on August 24th 2015, at 10:31
Installing the SCOM 2012 R2 Operations console on a management server or workstation requires the installation of quite a few dependencies. As they are not clearly listed, here's a list of them, to be downloaded and installed in order.

Vista, Server 2008 or earlier: download and install Windows Installer 4.5

From Microsoft SQL Server 2012 Feature Pack, download and install Microsoft System CLR Types for Microsoft SQL ServerĀ® 2012:SQLSysClrTypes.msi (32-bit)

SQLSysClrTypes.msi (64-bit)



Download and install Microsoft Report Viewer 2012 Runtime

With these prerequisites installed, you should now be able to install the Operations Manager console using the SCOM 2012 R2 install media. Run s  ...
 
Installing SCOM 2012 Operations console
edited by on August 24th 2015, at 10:29

Installing the SCOM 2012 (no R2) Operations console on a management server or workstation requires these prerequisites:

  1. Download and install Microsoft Report Viewer Redistributable 2008

After installation, re-run setup.exe from the System Center 2012 media and select to install the Operations console. The presence of required software components will be verified, but with the runtime installed, the check should pass without errors.

 
Mail-enable multiple accounts with Powershell
edited by on August 21st 2015, at 11:06

You can mail-enable multiple accounts with a single Powershell command. Look below for some examples:

Mail-enable AD accounts whose first name is John:

Get-ADUser -Filter * | Where {$_.GivenName -like "John"} | ForEach-Object { Enable-Mailbox -Identity $_.DistinguishedName }

Mail-enable all accounts in an OU called Engineering:

Get-ADUser -Filter * -SearchBase "OU=Engineering,DC=contoso,DC=local" | ForEach-Object { Enable-Mailbox -Identity $_.DistinguishedName }
 
Disable SSL certificate warning in vSphere PowerCLI
edited by on August 21st 2015, at 10:23

If your vCenter server has a self-signed certificate, you will get a warning about this when connecting to it from vSphere PowerCLI. You can disable this warning through PowerCLI with the Set-PowerCLIConfiguration cmdlet.

  1. Start an elevated vSphere PowerCLI (right-click, Run as Administrator).
  2. Enter the following cmdlet:
    Set-PowerCLIConfiguration -InvalidCertificateAction Ignore
    Press Enter again to confirm the change.

After making the change, new connections to the vCenter server will no longer produce a warning about the certificate.

 
Legacy public folder access for Exchange 2013 users
edited by on August 20th 2015, at 16:26
The way public folders work has been changed radically in Exchange 2013. Starting from Exchange 2013, public folders are basically stored in a regular mailbox, and then published as public folders. With Exchange 2010 being the last version to support so-called "legacy" public folders, Exchange 2013 is not able to access these folders. As a consequence, if you're in the middle of a migration from Exchange 2007/20102010 to 2013, or are running a mixed environment, and you still have these legacy public folders on your Exchange 2010, you will notice that users with a mailbox migrated on Exchange 2013 will no longer be able to access these public folders. As Exchange 2013 no longer sup  ...
 
showing all posts
 
 
« April 2024»
SunMonTueWedThuFriSat
 123456
78910111213
14151617181920
21222324252627
282930    
 
Links
 
Quote
« Crude, but effective... »
Seven Of Nine