Archive for category Windows Server 2012 R2

Forcibly Remove Dfs Nameserver

The following steps can be used to remove a Dfs nameserver that no longer exists in your environment.

  1. Log on to a Dfs server
  2. Open an elevated command line
  3. We’re going to use dfsutil with the following parameters: dfsutil diag unmapdomroot \<domainname><DFSname> \<DFSrootserver><DFSshare>
    1. As a sample: dfsutil diag unmapdomroot \\DfsRootName\DfsFolderName \\Server_to_remove\DfsFolderName
  4. No need to reboot just wait for replication

Leave a comment

Renaming Windows Domain Controllers

The following are the steps needed to rename a domain controller; the steps have been tested up to Windows Server 2016.

Note: If your DC is also acting as a Dfs nameroot server, make sure you remove the nameserver from Dfs first!

From an elevated command line, type the following commands:

  1. Add the new domain controller name NEW_DC; we’re replacing OLD_DC
    NETDOM COMPUTERNAME OLD_DC.companydomain.com /ADD:NEW_DC.companydomain.com
  2. Designate the new name as the primary computer name; OLD_DC gets removed and NEW_DC is new primary name
    NETDOM COMPUTERNAME OLD_DC.companydomain.com /MAKEPRIMARY:NEW_DC.companydomain.com
  3. Reboot domain controller
  4. Now, let’s remove the old domain controller name from Active Directory
    NETDOM COMPUTERNAME NEW_DC.companydomain.com /REMOVE:OLD_DC.companydomain.com
  5. Sync all DCs

In the event that you didn’t notice the warning on top and you went ahead and renamed the domain controller and you had Dfs services running on it, here are some instructions on how to manually remove Dfs nameserver and fix the issue.

  1. Log on to the recently renamed domain controller
  2. Open Regedit.exe
  3. Go to HKLM\Software\Microsoft\DFS\Roots\domainV2
  4. Delete the key found under domainV2 and reboot your server
  5. Next, remove the Dfs share from the server
  6. Now you can delete the Dfs folder
  7. Done

2017-06-10_1708

Leave a comment

Vmware Port Mirror and MS Advanced Thread Analytics

The project was to install MS Advanced Thread Analytic Gateway in a virtual machine, in Vmware, to monitor a physical domain controller.

Hardware involved

  1. Domain controller (physical) – DCServer1
  2. DELL switch – switch1
  3. ESXi host – host1
  4. MS ATA Gateway – atagw1

Setup Port Mirroring at Physical Switch Level

DC server DCserver1 and ESXi host1 are physically connected to switch1. DCserver1 connects on port 40 and host1 connects on port 44 of the switch.

We’re going to configure port mirroring on switch1 as source being port 40 and destination port 44 and we’re going to use use both directions in our config. You can use the following link to configure port mirroring on DELL switches.

Configure Vmware for Port Mirroring

As mentioned before, host1 connects to switch1, and we’re going to use this connection (vmnic2) and create a new standard switch (that was my setup). So, at point, vmnic2 connects to port 44 on switch1.

Once your new standard switch is created (vSwitch2), then we’ll create a new port group (ATA-Capture). While creating port group ATA-Capture, make sure to enable Promiscuous Mode and set VLAN ID to All (4095) – this part crucial!

port-group

 

Configure Microsoft ATA Gateway VM

Your MS ATA Gateway will need to have two NICs. One NIC will be used for day to day work and the second NIC for capture. To make thing easier, rename the NIC to something like ‘Capture‘. Next, make sure that your Capture NIC belongs to the ATA-Capture port group.

At this point you should be able to install MS ATA Gateway software.

Leave a comment

Install Hyper-V Role to Windows Server 2012 R2 During OS Deployment

There are plenty of blogs about this subject, however, many of these blogs are outdated and some of their tips do not work properly for Windows Server 2012 R2. Also, in my case, I’m not using MSDT to install features and roles, but instead I’m using a captured WIM image.

To install Hyper-V role, just add a “Run Command Line” task, towards the end of the task sequence, Install Operating System task.

I’m using the following PowerShell command:

Powershell.exe -Command "&amp; {&amp;'Install-WindowsFeature' –Name Hyper-V -IncludeManagementTools -Restart}"

2016-10-28_1124

Also, here’s an interesting link that discusses this particular issue.

Leave a comment

Get Active Network Adapter

Recently I had the need to create a script to find out what was the active network adapter in our server, so after some ideas from the web, I came up with a one line PowerShell script that helped me achieve my goal.

Note: Get-NetAdapter is a PowerShell commandlet that’s present on Windows 8 and Windows Server 2012 R2. This command will not work on Windows 7.

Get-NetAdapter | Where-Object {($_.LinkSpeed -eq “1 Gbps”) -and ($_.Status -eq ‘Up’)}

In this line, I’m basically getting the adapter with status ‘Up’ and with a linkspeed equals to ‘1 Gbps’. One can change LinkSpeed property to match your server’s network adapter speed(s).

Leave a comment

Windows 10 Licensing On A Windows Server 2012 R2

Recently I began to get ready for Windows 10, and part of that process was to get our licensing servers up to date. Since I was getting multiple answers on Microsoft TechNet forums, I decided to open a call with Microsoft Support and get a definitive answer – all information below has been confirmed with Microsoft.

First, Windows Server 2008 R2 will be able to provide licenses for your Windows 10 fleet, with a catch. Microsoft will be deploying a Hotfix for Windows Server 2008 R2 in a month or two, maybe a bit longer, so if your organization can wait, then just hold on tight.

 
Note: Windows Server 2008 is not supported for Windows 10 licensing, this was made clear on my call to Microsoft Support!
 
After installing the Volume Activation feature, the following must be done to prepare Windows Server 2012 R2 to licensing Windows 10 clients.
  1. Add a Windows Server 2012 R2 HotFix, which can be found here
    1. Reboot server
  2. Add a SRV record to any of your primary domain controllers
    New SRV Record
  3. Wait for all domains to synchronize DNS information
  4. Install the correct KMS host server key
    1. You’ll need to go to licensing.microsoft.com and download the proper KMS host server key
    2. For Windows 10 licensing on a Windows Server 2012 R2 server, we’ll need the following key: Windows Srv 2012R2 DataCtr/Std KMS for Windows 10
    3. Use the following commands, in an elevated CLI, to register and activate the KMS host server key
      1. SLMGR /ipk CCCCC-XXXXX-PPPPP-KKKKK-MMMMM
      2. SLMGR /ato
  5. After allowing all DCs to synchronize, we’re going to run a command to make sure that the new KMS server is ready to authenticate clients
    a. nslookup -type=srv _vlmcs._tcp
    b. Copy and paste the command in step 5a onto a desktop and results should be as shown in the screenshot belowNslookup for SRV
  6. These steps will allow you to install the proper host server key and allow your Windows 10 clients to get licensed.

, , , , ,

Leave a comment