Installing WSUS 3.0 SP1
So i was installing WSUS 3.0 SP1 and I thought I would put all the links i used here.
You need to download the installer HERE
you will need the .net framework installed before installing this or you will get the following error.
Error Message:
WusSetup.exe – Unable To Locate Component
This application failed to start because mscoree.dll was not found. Re-installing the application may fix this problem.
Ms article related to it HERE
.net Framework download link HERE
Unable To Browse To Sharepoint From Clients
Every now and then a single client will stop being able to browse to sharepoint, they will get a 404 or 504 error or something. Sharepoint works fine for everyone else but whenever this specific client tries to go there its just a plain error, It’s to do with credential caching and heres the solution.
Solution
In IE -> tools->options->security->local intranet->custom level->(scroll to the bottom)->”prompt for user name and password”
Access the site once like this and it will prompt for credentials, enter your correct credentials.
Then set that back to “automatic logon only” in intranet zone
Gpresult On 2003 Native Domain Shows 2000
This did come as a shock to me but due to the age of the application it still only identifies Native 2003 domains as 2000 Domains, so no need to panic like I did and wonder what massive part of your network just broke.
Example gpresult on a native 2003 domain:
------------------------------------------------------------------
C:\>gpresult
Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 27/03/2008 at 11:16:03 AM
RSOP results for domain\user.name on computername : Logging Mode
----------------------------------------------------------------------
OS Type: Microsoft Windows XP Professional
OS Configuration: Member Workstation
OS Version: 5.1.2600
Domain Name: domainname
Domain Type: Windows 2000
Site Name: sitename
Roaming Profile:
Local Profile: C:\Documents and Settings\user.name
Connected over a slow link?: No
How to find FSMO roles in a Domain
FSMO Roles are extremely important to Active Directory and understanding where they lie and how they all work (eg. some roles only exist once on a domain) should be at the top of your list of “things to know” if you aren’t already well versed on it.
Wiki - FSMO Explained
Windows Networking explain FSMO
Petri explanation of FSMO
I found this Technet Blog to be extremely useful in the most efficient ways to find where your roles lie.
On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.
Type roles, and then press ENTER.
Type connections, and then press ENTER.
Type connect to server
At the server connections: prompt, type q, and then press ENTER again.
At the FSMO maintenance: prompt, type Select operation target, and then press ENTER again.
At the select operation target: prompt, type List roles for connected server, and then press ENTER again.
Type q 3 times to exit the Ntdsutil prompt.
Petri has an article on the matter but i find his ways a little more involved than the technet above from Mark.
I find that no matter how confident I am that I have removed all FSMO from a domain controller before demoting it, I still use this to double check.
Define IP Address via Commandline
A very interesting situation i came across when migrating a server into ESX.
I coudlnt’t change the ip address through network connections as they weren’t appearing there and the network connections panel would lockup.
The server was showing them in ipconfig but i coudln’t change the ip adresses to define them, my only choice was to do it via commandline.
This is where the netshell comes into its own, the following command was what i used. As soon as i made the specific change the adaptors became available in the network connections menu.
I cant explain why this was an issue but due to migrating from a physical install to a virtualised one i was willing to go with it.
The source=static part is to define static instead of dhcp.
Command
netsh interface ip set address name="local area connection” source=static addr=10.0.0.1 mask=255.255.255.0
unfortunately the vlan my servers sit in dont have dhcp or the following command would help at least get an ip on the NIC and allow me to administer it that way, but maybe you want to so here it is.
netsh interface ip set address “Local Area Connection” dhcp
netsh interface ip set dns “Local Area Connection” dhcp
Determining which NIC to alter
luckily i could still access the commandline so i can do an ipconfig and find the name of the NIC, you may want to change a different one than the primary and say its the second one you can use the command below to give you an idea of how that should be put in.
“local area connection 3”
Defragmenting Exchange Server 2000 and 2003 without enough disk space
Up until now Petri.co.il has been one of my local haunts for info on how to do certain tasks, sometimes I find he has things laid out in a certain way that aren’t always suitable for me. Generally if I’m going back for a second or third time just to get a command out of his site I want a more “concise” explanation. For those who still need to be walked through it properly I still strongly recommend him as his site contains allot of good info.
http://www.petri.co.il/defragment_exchange_2000_2003_server_databases.htm
For those who just need the nitty gritty like me, here’s the quick reference version.
Dismount your store -> Exchange System Manager -> go to DB and right click (Dismount)
Not dismounting will give this error: Operation terminated with error -550
You can find your database easily by doing a file search for priv1.edb if you are not sure.
You will do the defrag with eseutil which is in the exchange dir (again do a file search for it if you can’t find it)
Please note my Drive names are different to the default as I don’t mount my store with anything else, my log files and my store are both separate partitions from each other as well as all other windows components to keep performance up at a maximum.
F: = where my store exists
H: = where I have enough disk space to perform the defrag as you need about 130% of the store to do a defrag and i didn’t have that on the partition the store currently exists on.
F:\bin>eseutil /d “f:\mdbdata\priv1.edb” /t “h:\mdbdata\tempdfrg.edb” /f “h:\mdbdata\tempstrm.stm”
Make sure to do a full backup after this as your old backups are no longer valid, that’s why it’s best to do this whole process in a big after hours outage window. Note that it can take some time to do a defrag (approx an hour for 5gb of store)
Specify the streaming files location (if it’s not in the default with your edb)
http://support.microsoft.com/?kbid=254132
Error 550 when using eseutil – database still mounted
http://support.microsoft.com/?kbid=232301
Australian 2008 Timezone Changes / Updates
Australian timezones call back delta and spring forward delta will be extended this year (2008), I’ve listed a whole bunch of links and article links below to help you in getting things patched in time for this change.
Server 2003 Package (x86)
http://www.microsoft.com/downloads/details.aspx?FamilyId=308D599A-164A-40F6-B2A2-5DD5728FE5B4
Server 2003 Package (x64)
http://www.microsoft.com/downloads/details.aspx?FamilyId=940AD40D-3088-4CD0-B0DC-F517594C904D&displaylang=en
Vista Package (sp1 doesnt need the update)
http://www.microsoft.com/downloads/details.aspx?FamilyId=F75E30D4-3036-4970-BC16-48A96E1CEDC7
XP Package
http://www.microsoft.com/downloads/details.aspx?FamilyId=FBC1661D-E017-4A7F-9CDE-F44CAE1F8DC9
Outlook 2003
Requires sp2 or sp3 installed
http://support.microsoft.com/kb/947674
requires a request to MS for the patch
Outlook 2007
http://www.microsoft.com/downloads/details.aspx?familyid=2714320d-c997-4de1-986f-24f081725d36&displaylang=en
odd name for the patch but this is the one to use.
Windows Mobile Update (cab file to be installed on phone)
http://www.microsoft.com/downloads/details.aspx?FamilyId=0D6FC192-3142-4473-B435-B514E4B360A5&displaylang=en
Windows Mobile Update (run on desktop with phone connected)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3BD7C55C-8AC1-4821-81FE-3F4ADA831FE0&displaylang=en
Microsoft Exchange 2003
Exchange is a little tougher, you have to request the patch which makes it a slower process and will catch people out who only patch after the daylight savings changes happen and realise they haven’t patched their mail server(s).
You need to be at, at least Service Pack 1 in exchange 2003 and I would suggest using the excuse to go to SP2. To check your service pack there are two methods, I find the method that is actually listed on a Cisco page of all places as one of the easiest ways.
http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_tech_note09186a00801675b8.shtml
you basically find the store.exe in your exchsrvr\bin directory and go to the properties and in the version comments it displays your service pack level.
Microsoft do offer the SPCheck tool for those who wish to check on that as well as a large number of other components.
http://support.microsoft.com/kb/279631
Exchange 2003 SP2 page with request link
http://support.microsoft.com/kb/943068
Full Technet Article with all the appropriate links (alot of which used here)
http://technet.microsoft.com/en-au/bb887637.aspx
2008 daylight savings planning pdf
http://download.microsoft.com/documents/australia/timezone/Australia2008DaylightSavingPlanningGuide.pdf
Deploy Macromedia Flash Player via MSI in Group Policy
I was having issues with users who are limited to user or power user levels and unable to view flash based sites, my solution was to deploy the MSI of flash via group policy.
i have linked to the MSI on Macromedias site below.
Set NTP Time on Windows Server 2003
When you have multiple servers it is best to only have one going out to the internet for NTP and the rest of your servers feeding off that box (as long as its reliable) to reduce network traffic and NTP traffic. Below i list all the commands i found handy in doing this, please note that server.ip is the ip address of the box that is getting time from the internet.
These commands can be as useful when trying to change the ntp server that your windows servers use or to check what server they use.
---------------------------------------------------------------
Short List of Commands
net time /setsntp:server.ip
net stop w32time
net start w32time
net time /querysntp
net time \\server.ip
Example commands in Action
net time /setsntp:server.ip
The command completed successfully.
net stop w32time
The Windows Time service is stopping.
The Windows Time service was stopped successfully.
net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.
net time /querysntp
The current SNTP value is: server.ip
The command completed successfully.
net time \\server.ip
Current time at \\server.ip is 24/07/2007 5:18 PM
The command completed successfully.
Microsoft Exchange 0x8004010F error
I had a friend call me asking me about a problem that he was having where he did a migration of users from one exchange server to another and removed the original exchange server from the domain.
He removed the server properly through demotions but the outlook clients would always give an 0x8004010F error when they did a send and receive.
This error relates to the offline address book that the server holds for clients, when he moved the users the address book was still caching entries from the original server.
Error Message:
When you try to synchronize the offline address list on a Microsoft Exchange Server “0x8004010F An object could not be found”
If you try to send an e-mail message after you receive this error message, you may receive the following error message in Outlook 2003:
Task ‘Microsoft Exchange Server’ reported error (0x8004010F): ‘The operation failed. An object could not be found.’
I’ve linked to the KB article below that you need to finish off, but basically you need to follow the steps below first.
Exchange System Manager -> Offline Address Lists -> (Delete) “Default Offline Address List”
Once this has been removed you will need to add it again, this is done with the following steps:
Right Click “Offline Address Lists” -> New -> Offline Address List -> make the name “Default Offline Address List” ->
Choose your offline address list server as the exchange server -> click next -> Select the address list as the “default global address list” -> Next**
-> Finish
**Note the message here where it says “The Public folder that will contain this Offline Address List will be created during store maintenance period on [servername]. Therefore this Offline Address List will not be available to clients until that time.
- This message indicates that the rebuild will not occur until the maintenance cycle and for most people that will mean, come back tomorrow.
This KB Link is only relevant if the above did not fix your issues, depending on how you went about the removal the below may or may not be applicable.
MS KB Link
Microsoft KB 905813
Deploying Vista using WDS
Or maybe you are just curious to see how the new XML format has turned out as i was, this gives you a good indication of what you can expect to have to do to get things running.
I’m using WDS to deploy XP myself, so this isn’t exactly how i do my deployments but its good to see where its going and maybe by the time vistas replacement comes out i’ll be ready to replace the desktop OS in my company.
Link to article HERE.
Printers Not Appearing In Active Directory When Published
So Printers are being added but they aren’t appearing in AD even when you tick the box in the sharing tab “List in the Directory” they still do not appear.
Of note is when you add a new printer into your printer list the local events will show an Event ID 9 (System Event Log). What should happen when its added to AD is you see an Event ID 36, In my case I didn’t see this event at all.
Googling around I noticed that the fix most people were going for is to reboot the server, in my case fortunately that is a primary file server in one of my larger sites so was not an option. The issue is actually stemming from the good ol’ Print Spooler Service; all you need to do is restart that service and all those printers that you added and haven’t appeared will now all be there. Event ID 36 will also appear in logs if you are doing this remote and can’t actually see the list for whatever reason. The problem seems to just happen over time as after a print spooler service restart i can still add printers and they update straight away but if i leave the server up for a lengthy period of time (Days/Weeks) i notice i have to restart the service, im not sure if this is by design or one of MS little ‘quirks’ but its a hacky solution to an unfixable problem from what i found.
Printers Dissapearing From Active Directory
Whilst looking through issues for another printing problem closely related I came across an old issue I had that I thought best I put up here for safe keeping as I’m sure it will happen to me or someone else again.
Printers in the Active Directory printer list can sometimes just disappear for no reason at all; this is actually due to a bigger problem in your network. In my case it was one site where AD was not replicating properly and as such it couldn’t contact the main print server and just deleted all the printers. This is known as Printer Pruning, I’ve got the official MS article HERE
The quick and easy fix for this is just to go into the printers sharing tab, un-tick the List in the Directory option, hit apply and re-tick it. If that doesn’t work un-tick, restart spooler, tick again and restart spooler to be 100% sure it’s applying.
Please note this is exposing a bigger issue where AD is not communicating properly and should be investigated straight away (now that your printers are working and your users aren’t screaming at you anymore because they can’t print their tenders). You should be seeing logs reporting problems in replication and fix them as soon as possible.
Windows XP SP3 - Release Notes Reviewed And Simplified
Windows XP SP3 (Service Pack) entered RC2 (Release Candidate), that means a registry key change and uninstalling any previous versions to install it.
The notable add-ons which have been “back ported” from 2008 and Vista are the following:
Black Hole Router Detection – http://support.microsoft.com/kb/159211
Resource reference helps you to understand technically what a black hole router is and what to do to detect one. This seems really out there to me as I have never come across this myself (that I know of). But oh well one more thing running in the background can’t hurt…. Can it?
Network Access Protection (NAP)
NAP FAQ - http://www.microsoft.com/technet/network/nap/napfaq.mspx
Lashed straight from the FAQ:
NAP is one of the most desired and highly anticipated features of Microsoft® Windows® Server 2008. NAP is a new platform and solution that controls access to network resources based on a client computer’s identity and compliance with corporate governance policy. NAP allows network administrators to define granular levels of network access based on who a client is, the groups to which the client belongs, and the degree to which that client is compliant with corporate governance policy. If a client is not compliant, NAP provides a mechanism to automatically bring the client back into compliance and then dynamically increase its level of network access.
The NAP platform is built into Windows Vista™, Windows Server 2008, and Windows® XP Service Pack 3.
Windows Imaging Component – http://go.microsoft.com/fwlink/?LinkId=110598
Another image writer, enough said and really who cares when there are so many other alternatives out there already.
WPA2 Support
WPA2 will be part of this service pack and will make many admins sigh with relief that its no longer an issue of a single hotfix.
Apple Bootcamp
Wow i hope this is planned to be fixed by the final release!
On a variety of systems running bootcamp will get an “out of disk space” error will occur and the fix is a registry key change. Instructions given below from msoft.
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
3. On the Edit menu, point to New, and click String Value.
4. In the text box under the Name column, type BootDir and press ENTER.
5. Right-click the name BootDir, and then click Modify.
6. In the Edit String Value dialog box, type the drive letter for your system drive, and then click OK. For example, if your system drive is C:, type C:\.
7. Close Registry Editor.
After you have created this registry key (or if you created this key when you installed a previous version of this Service Pack), you can proceed with the installation.
Dell Latitude D430 SSD Lockups
We recently got our hot sticky mits on a brand new Latitude D430 with the sexy 36gb SSD (Solid State Disk)
Problem: Throwing Down XP with outlook 2007 seemed to cause all manner of issues, lockups galore! A move to vista saw the lockups fall back to just Outlook, it seems the that the way in which Outlook stores and writes to the file is affecting the SSD’s ability to write to such a big file. The next test will be to drop back to outlook 2003 and see if the issue goes away.
The only assistance I can give is that a big OST makes the issue more and more apparent, dropping down the size to below 200mb got rid of all the freezing issues. Its a limitation of the write speeds of big files to the current SSD tech