Friday, March 26, 2010

Monitoring Disk Performance on Windows

If you suspect that your system’s hard disk might be a bottleneck for the system, then there are two counters that you should examine within the Physical Disk performance object. The counters are % Disk Time and Current Disk Queue Length. These are found in Windows Performance Monitor.

The % Disk Time counter works very similarly to the % Processor Time counter that I talked about earlier. It shows you what percentage of the time the hard disk is busy. You want this counter’s average value to be as low as possible (but not zero). An average value of 90% or above indicates that the hard disk can’t keep up with the demand. This could be due to a hard disk that is too slow, or it could be caused by excessive paging. I will talk more about paging in the section on memory.

The Current Disk Queue Length counter tells you how many I/O operations are waiting for the hard disk to become available. Again, this number should be as low as possible. Experts give differing opinions of what is an acceptable value, but my opinion is that the average disk queue length should be three or less.

The content of this blog post was written by Brien M. Posey.

Saturday, March 20, 2010

Error with ImageX WAIK 1.1

I mounted a .wim file I had been working on which contained some imaging software:

imagex /mountrw c:\boot\winpe.wim 2 c:\image

This makes it available in the "image" folder.



I then went and edited a bat script on the image. Once the changse to the script inside the wim file had been completed I went to unmount the image and commit the changes using the following command:

imagex /unmount /commit c:\image



However I received the following error:

Unmount error: Changes to the Image could not be commited.
More Info:
The data is invalid.

After I remounted the image, I checked, the changes stuck. This error is bogus, it is saying the data didn't commit when it did. Maybe this is because I never added any new files, I only modified an existing one?

Anyway if you see this error, just ensure you check the file - ensure your changes stuck and ignore the error in future.

Friday, March 19, 2010

Exchange 2010 Prerequisites

When installing any Exchange 2010 role ensure you check out the Prerequisites. This site tells you exactly which roles and features you need for each exchange server. It even shows you how to use the handy scripts that come with Exchange 2010 so that Exchange 2010 installs the Roles and Features for you. This is a must read article if your setting up Exchange 2010 in your organization:

http://technet.microsoft.com/en-us/library/bb691354.aspx

No Interfaces Available in NLB

When creating an Network Load Balancing Cluster in NLB no interfaces were coming up as being available when creating the cluster. This was on Server 2008 R2, however it would be the same on Server 2008 and possibly 2003.

Interfaces available for configuring a new cluster

None



I did have two interfaces available on my server however:



The server that I was trying to provision NLB for was virtual using vSphere. The reason no interfaces came up was because this server was cloned from a template using VMWare. To resolve the issue I used Sysprep located in c:\windows\system32\sysprep on Server 2008.

See the following link for instructions on how to do this:

http://clintboessen.blogspot.com/2009/12/sysprep-2008-server.html

I recommend syspreping all your server templates regardless which hyper visor your running.

Fixed:

Wednesday, March 17, 2010

NTBackup Batch Script - File Names by Date

I had a client that needed a NTBackup Script that created backup file names by date. I wrote one but it took me 45 minutes so I thought I'd put it on the internet.

for /f "tokens=2-4" %%i in ('echo %date%') do (
set today=%%i
)
for /f "tokens=1-3 delims=/" %%a in ('echo %today%') do (
set month=%%a
set day=%%b
set year=%%c
)

C:\WINDOWS\system32\ntbackup.exe backup "@C:\BackupSelection.bks" /v:yes /r:no /rs:no /hc:off /m normal /j "BackupJob" /l:s /f "C:\%year%-%month%-%day%.bkf"

Monday, March 15, 2010

Add Site to Local Intranet Zone Group Policy

Users in a network were experiancing the following error whenever they open an access database:

Microsoft Access cannot open this file.

This file is located outside your intranet or on an untrusted site. Microsoft access will not open this file due to potential security problems.

To open this file, copy it to your machine or an accessible network location.




Microsoft KB303650 explains how to resolve this by adding the domain name to the local intranet site in internet options.

1. In Internet Explorer, click Tools, and then click Internet Options.
2. On the Security tab, click Local intranet, and then click Sites.
3. Click Advanced, and then type: *.domain.com or an IP address range (for example, 157.54.100-200.*) in the Add this Web site to the zone box, where domain.com is your company and top-level domain names.
4. Click Add, click OK, click OK, and then click OK again to close the Internet Options dialog box.


However how do you do this using group policy?

Simply perform the following actions:

Computer Configuration>Administrattive Templates>Windows Components>Internet Explorer>Internet Control Panel>Security Page...

Then here you can find the policy for "Site to Zone Assignment List"

You will need to enable it then add your url's right in there. Each zone assignment is going to have a numerical value. For entries into the trusted zone, use the value "2".

Thursday, March 11, 2010

Robocopy Bat File Loops

If your robocopy bat file loops its because you called it robocopy.bat. Try calling the bat file anything else other then robocopy. This is because it will continuously launch itself.

Wednesday, March 10, 2010

Determine What Version of Windows 2003 a CD-KEY Belongs To

You have a server that is running Windows 2003 Server which you need to format and reload.

You are able to get the CD-Key out of the registry easy using a free program such as produkey (http://www.nirsoft.net/utils/product_cd_key_viewer.html).



How do you know what version of the windows media uses? There are five channels that you can obtain a copy of Microsoft Windows Server 2003:
- Retail
- Evaluation
- Volume licensing programs
- OEM
- Checked build

The following Microsoft Knowledge Base article shows how to determine the windows flavour using a variety of methods. I use the Product ID method.

http://support.microsoft.com/kb/889713

Tuesday, March 9, 2010

File Replication Service Error 13568

All users on the network were randomly experiancing group policy fail... depending on what what domain controller they authenticated against.

Users were getting errors in their application logs such as:

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1058
Date: 10/03/2010
Time: 11:44:04 AM
User: NT AUTHORITY\SYSTEM
Computer: Z9044619H
Description:
Windows cannot access the file gpt.ini for GPO cn={933CBEC9-6930-4AE2-B356-1F6900870771},cn=policies,cn=system,DC=domain,DC=local. The file must be present at the location <\\domain.local\SysVol\domain.local\Policies\{933CBEC9-6930-4AE2-B356-1F6900870771}\gpt.ini>. (The system cannot find the path specified. ). Group Policy processing aborted.



On the PDC Emulator I verified that FRS replication was broken:



The following error was being logged in the FRS Event Logs on the domain controller:

Event Type: Error
Event Source: NtFrs
Event Category: None
Event ID: 13568
Date: 5/03/2010
Time: 2:05:01 AM
User: N/A
Computer: PHCSAPPS1
Description:
The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.

Replica set name is : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
Replica root path is : "c:\windows\sysvol\domain"
Replica root volume is : "\\.\C:"
A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found. This can occur because of one of the following reasons.

[1] Volume "\\.\C:" has been formatted.
[2] The NTFS USN journal on volume "\\.\C:" has been deleted.
[3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
[4] File Replication Service was not running on this computer for a long time.
[5] File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:".
Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
[1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.
[2] At the poll following the deletion this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.

WARNING: During the recovery process data in the replica tree may be unavailable. You should reset the registry parameter described above to 0 to prevent automatic recovery from making the data unexpectedly unavailable if this error condition occurs again.

To change this registry parameter, run regedit.

Click on Start, Run and type regedit.

Expand HKEY_LOCAL_MACHINE.
Click down the key path:
"System\CurrentControlSet\Services\NtFrs\Parameters"
Double click on the value name
"Enable Journal Wrap Automatic Restore"
and update the value.

If the value name is not present you may add it with the New->DWORD Value function under the Edit Menu item. Type the value name exactly as shown above.



To fix this problem perform the following steps:

1. Expand "HKLM\System\CurrentControlSet\Services\NtFrs\Parameters"

2. Change value for "Enable Journal Wrap Automatic Restore" from 0 to 1. If the DWORD Value does not exist, create a new one with the exact spelling as above, including spaces but without the quotes.



3. Stop the NTFRS Service (open a command prompt and type "net stop ntfrs")

4. Start the NTFRS Service (net start ntfrs)

5. Monitor the File Replication Service Event Logs for events:
• 13553 – The DC is performing the recovery process
• 13554 – The DC is ready to pull the replica from another DC.
• 13516 - At this point go to step 6. (the problem is resolved if you receive this event)





6. Using a command prompt type: "net share" and look for the Netlogon and Sysvol Shares to appear. The Journal Wrap error is only fixed after the Domain Controller receives the new SYSVOL replica from a peer Domain Controller. This may take a period of time depending on where your peer DC is located and on bandwidth.

7. Change value for "Enable Journal Wrap Automatic Restore" from 1 to 0.

Monday, March 8, 2010

Recreate All Certificate Templates in Active Directory

If you have no Certificate Templates in Active Directory because someone deleted them, you can recreate all the default ones with a single command on a domain controller. This applies for Enterprise Certificate Authorities only.



You can then recreate them with the following command:

regsvr32 /i:i /n /s certcli.dll



Saturday, March 6, 2010

Error Code 80070490 when installing KB967723

When installing the security update KB967723 via Windows Automatic Updates you may recieve the following error code 80070490 on:
- Windows Server 2008 (All Editions) x86
- Windows Server 2008 (All Editions) x64



It is important that this update is installed as it fixes a vulnerability in the windows TCP/IP stack that could allow remote code execution. This vulnerability does not exist in:
- Windows 2000 (All Editions)
- Windows XP
- Windows 2008 R2 (All Editions)
- Windows 7 (All Editions

Please see the following link for more information on this Vulnerability:

http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx

If you experience this problem, download the patch manually and install it. The error is caused with the way the automatic application opens this particular hotfix.

Download KB967723 from the following site:

For Windows Server 2008 32bit:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=35c1d5a9-a953-4fc6-90c0-d2358c7b89e6

For Windows Server 2008 64bit:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6e46822e-f79d-492d-ad01-ee680ad324f5

Install it manually:



How To Upgrade Windows 7 RC to Windows 7 RTM

I setup Windows 7 RC (Release Candidate) on my media center. However a few days ago the RC finally expired. When trying to do an upgrade to Windows 7 RTM I got the following message:

You can't upgrade this prerelease of Windows 7. Go online to see how to install Windows 7 and keep your files and settings.



Well there actually is a way to upgrade windows 7 from an RC or Beta copy. To do this follow my instructions:

1. Copy the entire contents of the Windows 7 RTM media to a folder on your local hard disk.

2. Once copied open the sources folder, it is the directory right under the root of the DVD.

3. Open the file cversion.ini in a text editor such as Notepad.

4. Modify the file to look like the following and save it:

Original content of cversion.ini:
[HostBuild]
MinClient=7233.0
MinServer=7100.0

Change it to:
[HostBuild]
MinClient=7000.0
MinServer=7100.0

Run the setup.exe file that sites on your hard disk while in windows. It will boot up Setup and give you an option to upgrade. Follow through the steps until the upgrade is complete.

!! Invalid loop location/gparted.dat

I was trying to resize a partition using gparted however when booting up gparted live 0.3.4-11 I was recieving the following error.

!! Invalid loop location/gparted.dat
!! Please export loop with a valid location or reboot and pass a proper loop=...
!! kernel command line!

I had an ASUS P5QL-E motherboard. In the BIOS under Storage Configuration I changed SATA Configuration from:

Enhanced IDE to Compatible IDE

I then rebooted my system and GParted loaded fine...

Thursday, March 4, 2010

DFS Error - Windows Server 2008

In Windows Server 2008 or Windows Server 2008 R2 when trying to add a DFS namespace that use to be there but is now deleted you may recieve the following error:

The server you specified already hosts a namespace with this name. Please select another namespace name or another server to host the namespace.



This is because sometimes it leaves registry keys behind. To fix it:

1. Run “dfsutil.exe diag viewdfsdirs c: RemoveReparse” to remove all DFS folders from this host (it’s not possible to remove only a part of them, so be sure). If your DFSRoot was not placed on the c: drive, replace the parameter “c:” with the proper drive letter. NOTE THIS REMOVES ALL NAMESPACES (be careful on production DFS servers)

2. Delete the following three registry keys/values:
HKLM\SOFTWARE\Microsoft\Dfs\Roots\Domain\YourOldNamespace
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares\YourOldNamespaceShare
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares\Security\YourOldNamespaceShare

3. Reboot your Windows Server. The restart of the both services Dfs (DFS Namespace) and LanmanServer (Server) is not sufficient enough.