edwgon

This user hasn't shared any biographical information

Homepage: https://mytechstuffdotinfo.wordpress.com

Windows 10 Licensing On A Windows Server 2012 R2

Recently I began to get ready for Windows 10, and part of that process was to get our licensing servers up to date. Since I was getting multiple answers on Microsoft TechNet forums, I decided to open a call with Microsoft Support and get a definitive answer – all information below has been confirmed with Microsoft.

First, Windows Server 2008 R2 will be able to provide licenses for your Windows 10 fleet, with a catch. Microsoft will be deploying a Hotfix for Windows Server 2008 R2 in a month or two, maybe a bit longer, so if your organization can wait, then just hold on tight.

 
Note: Windows Server 2008 is not supported for Windows 10 licensing, this was made clear on my call to Microsoft Support!
 
After installing the Volume Activation feature, the following must be done to prepare Windows Server 2012 R2 to licensing Windows 10 clients.
  1. Add a Windows Server 2012 R2 HotFix, which can be found here
    1. Reboot server
  2. Add a SRV record to any of your primary domain controllers
    New SRV Record
  3. Wait for all domains to synchronize DNS information
  4. Install the correct KMS host server key
    1. You’ll need to go to licensing.microsoft.com and download the proper KMS host server key
    2. For Windows 10 licensing on a Windows Server 2012 R2 server, we’ll need the following key: Windows Srv 2012R2 DataCtr/Std KMS for Windows 10
    3. Use the following commands, in an elevated CLI, to register and activate the KMS host server key
      1. SLMGR /ipk CCCCC-XXXXX-PPPPP-KKKKK-MMMMM
      2. SLMGR /ato
  5. After allowing all DCs to synchronize, we’re going to run a command to make sure that the new KMS server is ready to authenticate clients
    a. nslookup -type=srv _vlmcs._tcp
    b. Copy and paste the command in step 5a onto a desktop and results should be as shown in the screenshot belowNslookup for SRV
  6. These steps will allow you to install the proper host server key and allow your Windows 10 clients to get licensed.

, , , , ,

Leave a comment

List All Disks (VMDKs) In A Virtual Machine (ESXi)

Using VMware PowerCLI, PowerShell, there’s a nifty way to get a list of all VMDKs associated with a virtual machine(s).

Here’s the command:

Get-Vm | Get-Harddisk | Select Parent, StorageFormat, Filename, CapacityGB, Name | Export-Csv -Path C:\SomeFolder\SomeOutputFile.csv –NoTypeInformation
This command lists all VMDKs for all virtual machines in your VMware cluster.

For this sample, I chose to output the following fields:
Parent, StorageFormat, Filename, CapacityGB and Name

This sample code will provide you something like this:



Leave a comment

Installing MS-DOS 6.22 Using Parallels 10

Here’s how I was able to install MS-DOS 6.22 on my iMac using Parallels 10.

I’m not going into details on how to create the virtual machine using Parallels, it’s easy to figure that out.


These settings worked for me on my iMac running Yosemite and Parallels 10.




Here is the hardware configuration for the MS-DOS 6.22 virtual machine.

CPU & Memory

Boot Order




Video




Mouse & Keyboard

Floppy Disk



CD/DVD 1

Hard Drive 1

And here are the final screenshots…



Leave a comment

NMIS 8.5.2G E-mail Notifications Using Exchange As Relay

In the past few weeks, I started working with NMIS. The application does a great job monitoring all sorts of devices. I decided to use the free version, so support is mainly based on whatever is found on the web or from NMIS’ email group.


It took me a few tries to enable email relay notifications in NMIS, and the few blogs that I found only touched on enabling email notifications using NMIS itself to deliver emails. In my case, I wanted to use my Exchange 2010 server to be the one responsible for delivering emails on behalf of NMIS.

Here’s what you’ll need:
  1. A working NMIS environment
    1. I downloaded the NMIS appliance and got the application to work in an hour.
  2. A working installation of a mail daemon in the linux box where NMIS is running
    1. For my environment I used sendmail, so most of these steps are related to sendmail.
  3. A working installation of Exchange server

Prepare Sendmail To Relay

  1. Logon to the linux server where NMIS is running from
  2. Go to /etc/mail directory
  3. run vi sendmail.cf
    1. You can use any file editor, I just prefer vi
  4. If using vi type: /DSsmtp
    1. /  does a search for string DSsmtp
  5. Once that line is found, then you’ll want to change it to:  DSsmtp.YourDomain.com
  6. Save the file and reload sendmail services


Prepare Exchange Server To Accept Relay

  1. Logon to your hub Exchange server
  2. Follow the next screenshot



Configure Emails, Notifications and Escalations in NMIS

It took me quite a bit of time to understand how notifications and escalations work in NMIS; there are many blogs that do a decent job explaining this topic, so I’m not going to go into details.

First, you have to setup Contacts in NMIS. NMIS creates some default contacts, so you can use one of these or create your own.


Note: Take a look at the field Contact, since I chose one of the default contacts created by NMIS, I’m using Contact1


Second, create your email notifications and escalations to send notifications to your contact.




Once again, I’m using a default notification and escalation. Notice that I’m using the same contact name, Contact1, to send notifications.



There is a catch though. This will send email  for all Level 1 and Level 4 notifications for ALL devices that you have added to NMIS. Prepare yourself for all the spam!

Let this run for a few days, so you learn what each level of notification is. Basically, Level 0 is severity major, Level 1 is a severity warning; this is based on the email notifications I gathered in a week of spamming. I use this to create filtered notifications, read along.

When you add devices to NMIS, hopefully you created groups and added these devices to different groups. Also, when you add devices to NMIS, you have to indicate what type of device is, and these fields will allow you to filter your notifications based on groups, type, etc. Here’s an example.



In this example, I’m receiving text message notifications for routers in my DataCenter group that generate Level 0 and Level 1 events.


Leave a comment

Deploy AutoDesk Building Design Suite Premium 2015 with SCCM 2012

In this post, I’m going to go over the deployment of AutoDesk Building Design Suite Premium 2015 using SCCM 2012.

  1. You’re going to use AutoDesk BDSP setup wizard to create the ‘image’ folder using AutoCAD’s own image building process. This process will allow you to perform a standard, or custom, installation of AutoDesk’s applications and features, so I’m not going into details about this. At the end of this process, AutoDesk’s wizard will create a SMS_SCCM scripts folder which contains text files that will allow you to install and un-install BDSP; we’re going to use these text files for the deployment.
  2. The SCCM client imposes a folder size on C:\Windows\ccmcache folder, so we’re going to have to use another script to call the installation process scripts created in step 1.
INSTALL.BAT (calls the script created by BDSP in step 1)

@ECHO OFF

REM MAP NETWORK SHARE DRIVE
REM THIS COMMAND ASSUMES THAT THE USER HAS ACCESS TO THIS SHARE
REM ALL USERS SHOULD HAVE READ ACCESS TO THE SHARE
NET USE X: “\\ServerName\LocationOfBDSPfiles” /user:SomeUser SomePassword

REM CHANGE DRIVES
X:

REM INSTALL AUTODESK BUILDING DESIGN SUITE STANDARD 2015
.\Img\Setup.exe /W /q /I Img\AutoDesk BDS Premium 2015.ini /language en-us

REM REMOVE DESKTOP SHORTCUTS

DEL /Q “C:\Users\Public\Desktop\3ds Max Design 2015.lnk”
DEL /Q “C:\Users\Public\Desktop\AutoCAD*.lnk”
DEL /Q “C:\Users\Public\Desktop\Autodesk*.lnk”
DEL /Q “C:\Users\Public\Desktop\Navisworks Simulate 2015.lnk”
DEL /Q “C:\Users\Public\Desktop\Raster Design 2015*.lnk”
DEL /Q “C:\Users\Public\Desktop\Revit 2015.lnk”

REM CHANGE BACK TO C: DRIVE
C:

REM REMOVE NETWORK SHARE DRIVE
NET USE X: /DEL


I use the previous script in SCCM to create the deployment package.




Here’s what I use for a Detection Method, basically I’m looking for BDSP executable files on the target computer.



This process works well for my environment.

Make a note that this installation may take hours (2-4)…



Leave a comment

Slow Logon And Logoff With Folder Redirection, Roaming Profiles And Offline Files

Note: Folder redirection, roaming profiles, offline files and others are part of Microsoft’s User State Virtualization. Before implementing it though, make sure that roaming profiles reside on a file server local the user’s network. You’ll avoid the issue I’m about to describe. This small piece of information is not mentioned in Microsoft’s documents. By the way, throughout all this ordeal, we’ve had BranchCache enabled and this didn’t speed up the user experience either.


Ever since we upgraded to Windows 7 Enterprise, our branch office users started complaining about extremely slow logon and logoff. In some instances, a user logon or logoff could take over ten minutes!


When we migrated our users from Windows XP Professional to Windows 7 Enterprise SP1 (x64), we enabled a few enterprise features:
  • Folder redirection (Desktop, Favorites, Links, Documents, Pictures, Videos, Searches and Contacts folders are redirected to a file server in our datacenter)
  • Roaming profiles (Users’ roaming profile folders are located on a file server in our datacenter)
  • Offline Files (Users’ home folders were set as offline files/folders)
Each branch office connects to our datacenter by means of a Internet based VPN connection. We provisioned each branch office with a business class Internet cable link connection with more than adequate bandwidth.
Each branch office has a local DC used only for authentication and printing purposes.

After three months of working with Microsoft, we finally came up to what seemed to be the cause(es) of the issue – folder redirection, AppData not redirected and the use of Dfs links!

Here’s an example on how we configured folder redirection in our environment.


In our environment, we take advantage of Dfs and its features almost everywhere, so it was natural for us to use Dfs links here as well.


Folder Redirection For AppData

As part of the troubleshooting process, Microsoft recommended us to configure folder redirection for AppData.

Originally, AppData was not redirected, so AppData resided on the user’s local computer/laptop. During a logoff process, logs revealed that AppData was causing delays because it had to write files the user’s roaming profile folder (roaming profile folders reside on a file server in our datacenter).

After making the change to our test group policy, and applying it to our test machine, this step improved the logon and logoff process drastically. Logon and logoff now took less than four minutes! However, we demanded for better improvements.

However, something else broke when we made this change…Acrobat Reader XI became unusable for it could not come out of its Not Responding… state. The quick fix for this – disable Protected Mode. Stick around for more details on this later on.


Enter Dfs (Distributed File System)…

The Microsoft case owner, running out of ideas by now, contacted his senior technical lead and he advised us to use server shares as opposed to Dfs links.

Now that we had folder redirected AppData, along with the other folders, we went ahead and changed each folder’s target to use a server share instead of a Dfs link.



Note: Even when using server shares Acrobat Reader XI would still not work properly. The Not Responding… messages weren’t as frequent, but it was still bad enough that users could get annoyed by the behavior. 

This was the winning change!


The Acrobat Reader XI fix

Basically, you’re going to either add the following registry entry or do it directly on Acrobat Reader.


Here’s the registry key:



If you want to do it directly on Acrobat Reader, then go to Preferences, Security (Enhanced) and then un-check Enable Protected Mode at startup. 


Not the end yet…

As of 4/2/2014, I’m now getting an average of 25 seconds logon and 35 seconds logoff on my test laptop at one of our branch office!

I’m now going to check what causes our Dfs domain infrastructure to behave this way.

As of 9/30/2014, the AppData re-direction workaround broke Internet Explorer browsing – pages take a very long time to load while browsing using IE (10 and up). I opened a case with Microsoft and it looks like the slow down of IE is by design because we’re re-directing AppData and AppData, in our environment, isn’t on a local server to the users’ network. We moved AppData to our central file server located on our data center in a co-location. Again, this bit of information isn’t found on Microsoft’s documentation, so be careful before you go re-directing AppData!
We’re now looking into possibly removing roaming profiles and AppData re-direction because this is affecting productivity for our users.



5 Comments

Deploy Windows Server 2008 R2 with SCCM 2012 and MDT 2013

In this article I’m going to show how to create a SCCM 2012 task sequence to deploy Windows Server 2008 R2 using Microsoft Deployment Toolkit 2013.

 
MDT 2013 has some features not found in SCCM 2012, such as installing Windows Server 2008 Roles and Features during a task sequence.
 
First, let’s get all the requirements out of the way.
Important: this document assumes that you have a working SCCM environment, and that you have a good background with SCCM 2012.
  1. Make sure to have an Operating System Images and an Operating System Installers ready for Windows Server 2008 R2 already installed in SCCM
  2. Download, install and configure Microsoft Deployment Toolkit 2013 (Make sure to perform these steps on the SCCM server!)
    1. Make sure MDT is properly installed

  3. Once you make sure that MDT is properly installed, then you need to create a MDT package in SCCM
    1. Basically, from the MDT installation folder, you’re going to copy the following folders to a network share that you’ll use to create the SCCM package: Control, Scripts, Servicing and Tools
    2. Once in the create package wizard, make sure you select This package contains source files and point it to the network share you created in step 2.1
    3. In the Program Type screen, select Do not create a program
    4. Once finished, make sure to Distribute Content
  4. Make sure these steps are done properly or you’ll have major issues with the rest of this how-to. I found some great information about creating an MDT package on this link
 
Create MDT Task Sequence for Windows Server 2008 R2
  1. Click on Create MDT Task Sequence
  2. In the Choose Template screen, select Server Task Sequence
  3. In the General screen, provide a name and description for the task sequence
  4. In the Details screen, provide the domain and domain account that will be used to join such domain. Also provide organization name and product key number for the installation of the server OS
  5. In Capture Settings screen, select This task sequence will never be used to capture an image
  6. In Boot Image screen, select your WinPE boot image, in my case that will be Boot image (x64)
  7. In MDT Package screen, you’re going to select the MDT package created earlier in this how-to (this portion will either make or break this how-to)
  8. In OS Image screen, select the Windows Server 2008 R2 WIM file (Described in requirements step 1)
  9. In OS Image Index, select the version of server you want to run, in my case it will be Sever 2008 R2 Enterprise
  10. In Client Package, select the SCCM client package that you’ve been using in your environment
  11. In Settings Package screen, in my case I selected just any package from the list…because I’m going to disable these tasks later on
  12. In Sysprep Package, there’s only one option already selected, so just hit Next button
  13. Hit Next until you get to Finish
Next, I’m going to Edit the previously created task sequence.
If you completed the requirements, you should not have any problems following these screenshots.
 
I deploy Windows Server 2008 R2 with only one partition, and that partition is labeled as Local Disk and uses drive letter C
Format & Partition Disk.png
Drive Letter Variable.png
Note: Grayed out steps are those that I do not use in my deployments. You’ll see that there are many steps grayed out by me, it’s up to you to disable them for your environment
Back in step 11, I asked you to pick any package from the list because I was going to disable it in the task sequence. Now, go through every single step in this task sequence and disable that package you selected for step 11. Again, this works for me and my environment.
There is one exception to this rule though, and you’ll see it soon!
In this step, we’re going to enable the Gather step found in the Install\Refresh Only section. Here’s the exception I mentioned earlier.
Gather

 

Also, pay close attention to the following fields in Apply Operating System Image section:

  • Destination – Logical drive letter stored in a variable
  • Variable name – System
    • System is used for drive letter, in this case C:

Apply Operating System

Next, we’re going to configure the Apply Windows Settings section.
Here, you’re going to type your company’s name and user name for this server, also you’ll need the server’s product key numbers.
In our environment, we have a licensing server, so I set the Licensing server field to Do not specify. Make sure you set the Time Zone as well.

Apply OS Settings

Now, we’re going to Apply Network Settings to our server installation.
This section will allows us to join this server to the domain. You can specify your domain name and the domain organizational unit (OU) where the server account can be placed.
The account used to join the server to the domain can be just a regular domain account.

Apply Network Settings
We’re now going to load drivers to our server installation, this is a nice to have option, but not required. Obviously, you have to have the driver packages created previously.

Apply Driver Package
Next, we’re going to load the SCCM client to our server installation. In this section, I’m loading the default SCCM client, which comes with SCCM installation, and I’m also installing a hotfix for the SCCM client.

 

Install SCCM Client

 
Now, we’re getting to the section where we’ll be adding server roles and features. As a matter of fact, this is the main reason why I decided to use MDT to deploy my Windows 2008 R2 servers.
Roles and FeaturesNote: It’s very important to make sure that Use Toolkit Package, Gather and Tattoo steps precede the Install Roles and Features section.
This section is pretty much self explanatory, just select the server roles and features you want to add then continue.

I have disabled some section (New Computer Only and Capture the Reference Machine) on purpose, you don’t have to to that.


See you all next time! 🙂
 
 
 
 
 
 
 
 
 

6 Comments

Last Server Reboot

I had a need to find out when was the last time my Windows servers were rebooted, so I found a piece of PowerShell code that I modified to suit my needs.


This piece of code has been greatly modified from the original.

This code has the following requirements:
  1. Excel must be installed on the computer running the script
  2. You will need server admin access to perform query
  3. A text file with a list of servers, no need to add \\ before server name


<# read parameter and assign it to $textFile
we're only expecting one parameter, which is the path to a
file containing a list of server/computer names #>

$textFile = $args[0]

# Let's make sure the file actually exists
If (($textFile -ne $null) -and (Test-Path $textFile))
{
# Create an Excel object file to show output
$excelApp = New-Object -comobject Excel.Application
$excelApp.visible = $True

$b = $excelApp.Workbooks.Add()
$excelWorksheetColumns = $b.Worksheets.Item(1)

$excelWorksheetColumns.Cells.Item(1,1) = "Server"
$excelWorksheetColumns.Cells.Item(1,2) = "IP Address"
$excelWorksheetColumns.Cells.Item(1,3) = "Last Boot Time"

$d = $excelWorksheetColumns.UsedRange
$d.Interior.ColorIndex = 19
$d.Font.ColorIndex = 11
$d.Font.Bold = $True
$d.EntireColumn.AutoFit()
$excelWorksheetRow = 2

# read the contents of the file
$fileContents = Get-Content $textFile

ForEach ($computerName in $fileContents)
{
# if server is IP Enabled, we're going to get DNS Host Name and its IP Address
$networkAdapterConfiguration = Get-WmiObject Win32_NetworkAdapterConfiguration -computername $computerName | Where {$_.IpEnabled -Match "True"}

# collect and display, to Excel sheet, server's FQDN and IP address
ForEach ($detailsNetworkAdapterConfiguration in $networkAdapterConfiguration)
{
$excelWorksheetColumns.Cells.Item($excelWorksheetRow, 1) = $detailsNetworkAdapterConfiguration.DNSHostName
$excelWorksheetColumns.Cells.Item($excelWorksheetRow, 2) = $detailsNetworkAdapterConfiguration.IPAddress
}

$date = New-Object -com WbemScripting.SWbemDateTime
$computerOsInfo = Get-WmiObject Win32_OperatingSystem -computername $computerName

ForEach ($memberComputerOsInfo in $computerOsInfo)
{
$date.value = $memberComputerOsInfo.lastBootupTime
If ($memberComputerOsInfo.Version -eq "5.2.3790" )
{
$excelWorksheetColumns.Cells.Item($excelWorksheetRow, 3) = $date.GetVarDate($True)
}
Else
{
$excelWorksheetColumns.Cells.Item($excelWorksheetRow, 3) = $date.GetVarDate($False)
}
}

# move to the next Excel rows by 1
$excelWorksheetRow = $excelWorksheetRow + 1
}
}
Else
{
# Checking user input and displaying a warning if no proper syntax was used
Write-host "`nPath was not found, or no parameter was used.`nPlease run: Get-Help Get-LastReboot" -ForegroundColor Yellow
}

<#
.SYNOPSIS
View the last time a computer was rebooted.

.DESCRIPTION
This script will display the last time the computer was rebooted.
The script will require one parameter, the path to the text file containing the list of computer names.

.LINK
Get-LastReboot

.EXAMPLE
Example 1 - Simple use
Get-LastReboot C:\SomeFolder\ListOfServers.txt
#>

Leave a comment

Pin & Unpin Icons To The Windows 7 Taskbar

During the deployment of Windows 7, I was given the task to find out a way to pin and unpin icons to the taskbar.


Well, the process is rather easy, but it takes two steps.
  1. Find out the verbs associated with the application you want to pin/unpin to the taskbar.
  2. Execute the proper verb that will pin or unpin the application.
Note: This code isn’t mine, I modified it a bit to suit my needs

1. Let’s find the verbs

Here’s the VB code that handles that:

Const CSIDL_COMMON_PROGRAMS = &H17 
Const CSIDL_PROGRAMS = &H2 
Set objShell = CreateObject(“Shell.Application”) 
Set objScript = CreateObject( “WScript.Shell” )

REM The original code had the following line as part of it
REM Set objFolder = objShell.Namespace(“C:\Program Files\Internet Explorer”)

REM In my case, I’m pointing directly to the user path where all taskbar shortcut files are located
Set objFolder = objShell.Namespace(“C:\Users\” & objScript.ExpandEnvironmentStrings ( “%USERNAME%” ) & “\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar”)

REM I want to see a list of verbs pertaining to IE link file
Set objFolderItem = objFolder.ParseName(“Internet Explorer.lnk”) 
Set colVerbs = objFolderItem.Verbs 

For Each objVerb in colVerbs 
    Wscript.Echo objVerb 
Next
You can get verbs from .exe or .lnk files.
Here’s the output for that code (the output will change based on your computer):
cscript /nologo GetVerbs.vbs
&Open
Open file locat&ion
&Enable/Disable Digital Signature Icons
Run as &administrator
Edit with &Notepad++
Scan with System Center 2012 Endpoint Protection…
Unpin from Tas&kbar
Pin to Start Men&u
Restore previous &versions

Cu&t
&Copy
Create &shortcut
&Delete
Rena&me
P&roperties
2. Let’s pin, or unpin, to the taskbar
The code that handles pinning or unpinning to the taskbar is here:
Const CSIDL_COMMON_PROGRAMS = &H17 
Const CSIDL_PROGRAMS = &H2 
Set objShell = CreateObject(“Shell.Application”) 
Set objScriptShell = CreateObject( “WScript.Shell” )

REM Unpin Internet Explorer 64-bit from the taskbar
Set objFolder = objShell.Namespace(“C:\Users\” & objScriptShell.ExpandEnvironmentStrings ( “%USERNAME%” ) & “\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar”)

Set objFolderItem = objFolder.ParseName(“Internet Explorer (64-bit).lnk”) 
Set colVerbs = objFolderItem.Verbs

For Each objVerb in colVerbs 
    If Replace(objVerb.name, “&”, “”) = “Unpin from Taskbar” Then objVerb.DoIt 
Next

REM Pin Internet Explorer to the taskbar
Set objFolder = objShell.Namespace(“C:\Program Files (x86)\Internet Explorer”)

Set objFolderItem = objFolder.ParseName(“iexplore.exe”) 
Set colVerbs = objFolderItem.Verbs

For Each objVerb in colVerbs 
    If Replace(objVerb.name, “&”, “”) = “Pin to Taskbar” Then objVerb.DoIt 
Next
As soon as the script finishes the results are shown in the taskbar.

Leave a comment

No OST for Outlook 2010 on a Terminal Server

We had installed Microsoft Office 2010 on our Windows 2008 R2 Terminal Servers, and we didn’t customize the Office 2010 installation. I was looking for a way to prevent Outlook from generating a new OST file whenever a new user logged on to our Terminal Servers, in addition, I wanted the Outlook profile to be generated automatically.

Enter Group Policy Objects!

Since these policies are applied only for the TS servers, I moved the the computer accounts to a new Organization Unit (OU) that I created for these servers. I linked the new GPO to this OU. There are many documents that show how to do these steps, so I won’t be going over this.

The key point to remember for this GPO to work is: loopback processing mode

The above is true especially if your TS servers inherit policies from top level GPOs.

In my case, I was concerned about making changes to the user configuration section, to be more specific, to the Outlook 2010 settings.

The screenshot basically shows what needs to be done in order to achieve this goal.


1 Comment