Archive

Archive for the ‘Windows Server 2012’ Category

Failed to gracefully demote domain controller

December 5, 2013 Leave a comment

I was getting ready to upgrade the hardware and server version on an old Windows Server 2008R2 domain controller when I ran into a interesting problem. After launching DCPROMO and going through the steps, I received an error that said “The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles”.

After doing some research, it turns out that the domain controller has incorrect information as to the FSMO operation master owner. It is set to a domain controller that has been deleted or does not exist. In my case, the person before me must have improperly decommissioned a domain controller, leaving cruft behind in the AD. I launched ADSIEdit on the domain controller I was trying to remove and went to the infrastructure container and sure enough under “fSMORoleOwner” is had garbage.

When I tried to edit the value, I received an error stating “Operation Failed. Error code: 0x20ae The role owner attribute could not be read 000020AE: SvcErr: DSID-03152BF7, Problem 5003 (WILL_NOT_PERFORM) Data 0”. If you receive this error message when trying to change the value of “fSMORoleOwner”, you must change the value from the domain controller that holds the FSMO role. Once you change it there, depending on your replication scheme, the change should be updated on the domain controller you are trying to demote and it should now allow you to complete the process.

VirtualBox Error 0x000000C4

November 21, 2013 5 comments

I recently tried to upgrade a Windows 8 VirtualBox virtual machine to Windows 8.1 and ran into an error during the process. If I tried to run the upgrade from within the operating system (which is the required way), I received an error stating that my system did not meet system requirements. Specifically it mentions that my processor does not support “CompareExchange128”. After doing some research, I figured out how to turn on support for that in VirtualBox.

In Linux type the following in a terminal:
VBoxManage setextradata [vmname] VBoxInternal/CPUM/CMPXCHG16B 1
NOTE: Be sure to replace [vmname] with the name of your virtual machine.

In Windows type the following in a command prompt:
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" setextradata [vmname] VBoxInternal/CPUM/CMPXCHG16B 1
NOTE: Be sure to replace [vmname] with the name of your virtual machine.

This also affects individuals installing Windows Server 2012 R2 on VirtualBox.

Command Line Activation Tools for Windows and Office

November 21, 2013 2 comments

If your a Windows Administrator, you should be familiar with the following tools. slmgr.vbs is a command line software licensing management tool for Windows. It works with Windows Activation (Retail and MAK) as well as Key Management Service (KMS). You can call it from anywhere in a command prompt. slmgr.vbs has many options including installing a product key, uninstalling a product key, displaying license information, and activating. For a complete list of options, visit the following TechNet article.

opss.vbs is also a command line software licensing management tool but for Microsoft Office. It also works with Windows Activation (Retail and MAK) as well as Key Management Service (KMS).

  • Office 2010 (32-bit) on a 32-bit version of Windows:
  • cscript "C:\Program Files\Microsoft Office\Office14\OSPP.VBS"

  • Office 2010 (32-bit) on a 64-bit version of Windows:
  • cscript "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.VBS"

  • Office 2010 (64-bit) on a 64-bit version of Windows:
  • cscript "C:\Program Files\Microsoft Office\Office14\OSPP.VBS"

  • Office 2013 (32-bit) on a 32-bit version of Windows:
  • cscript "C:\Program Files\Microsoft Office\Office15\OSPP.VBS"

  • Office 2013 (32-bit) on a 64-bit version of Windows:
  • cscript "C:\Program Files (x86)\Microsoft Office\Office15\OSPP.VBS"

  • Office 2013 (64-bit) on a 64-bit version of Windows:
  • cscript "C:\Program Files\Microsoft Office\Office15\OSPP.VBS"

For more information on opss.vbs visit the following TechNet article.

You can easily use these tools to install and activate a product key in a batch script and deploy it to a large number of machines.

How to Use a Command Prompt During GUI-Mode Setup

June 29, 2013 2 comments

In some cases, it may be helpful to have access to a command prompt during GUI-mode Setup for the purposes of troubleshooting, partitioning the disk, copying drivers, starting and stopping services, starting tools such as Task Manager, or other for other needs.

To gain access to a command prompt during GUI-mode Setup, press SHIFT+F10.

Using Network Time Protocol with Windows Server

April 2, 2013 1 comment

We all know that time synchronization is a crucial aspect for all the computers on the network, especially servers. In Windows, client computers obtain the time from domain controllers and the domain controllers obtain their time from the domain’s primary domain controller operation master. The primary domain controller obtains its  time from an external source, usually Microsoft (time.windows.com). If you would like to have your primary domain controller synchronize with a NTP server, the process is fairly simple. My department maintains our own SNTP servers but you could use one from the NTP Pool Project.

For my fellow administrators in the North American continent, you would use:

  • 0.north-america.pool.ntp.org
  • 1.north-america.pool.ntp.org
  • 2.north-america.pool.ntp.org
  • 3.north-america.pool.ntp.org

I recommend you use the DNS name instead of an IP address because the IP addresses may change in the future for what ever reason. Now lets configure our primary domain controller to synchronize with our NTP server.

      1. Sign into your primary domain controller with Administrator credentials. If you do not know which of your domain controllers is the primary domain controller, you can query a domain controller using netdom. Use the command ‘netdom /query fsmo’.
      2. Open a command prompt window.
      3. Stop the W32Time service by using the command ‘net stop w32time’.
      4. Now it is time to configure the external NTP source. Use the command: w32tm /config /syncfromflags:manual /manualpeerlist:<NTP Servers here> /reliable:yes
      5. Start the W32Time service again by using the command ‘net start w32time’.

NOTE: If you are going to use more than one NTP server, you must enclose them in quotes and delimit each entry with a space. Ex: “ntp1.domain.com ntp2.domain.com ntp3.domain.com”.

The Windows Time Service should begin to synchronize the time with external NTP server you chose. You can view your current configuration by using the command ‘w32tm /query /configuration’ and check your Event Viewer for any error messages.

Google Chrome User Settings with Roaming Profiles

September 4, 2012 2 comments

Google Chrome is becoming increasingly popular among users. Google Chrome recently surpassed Internet Explorer in market share. According to numbers from StatCounter, Google’s browser finally averaged higher traffic than Internet Explorer for the first time over a full seven-day stretch. From May 14th through May 20th, the Google’s Web browser garnered a 32.76% share, ahead of Microsoft’s 31.94% and Mozilla Firefox’s 25.47% share. It has grown quite popular among students and professors at my university and among enterprise environments.

A problem was recently reported to me that Google Chrome was not storing user’s information once they logged out of a computer. Looking into the issue, I realized what was going on. Google Chrome stores information in the local application data folder of the user’s profile. This folder is not uploaded when the user logs off a computer.

Windows XP/2003:

C:\Documents and Settings\<username>\Local Settings\Application Data\Google\Chrome\User Data\Default

Windows Vista/7:

C:\Users\<username>\AppData\Local\Google\Chrome\User Data\Default

I needed to be able to tell Google to save it’s user data in the Roaming folder which is uploaded when they log off, and not the local application data folder. This can be achieved by passing the user data directory as an argument when running Chrome’s executable but that would require making that change manually of hundreds of computers.

Luckily, Google has provided administrators with tools to make deployment and management easier.

I had recently installed the ADM template that Google provides administrators to set the home page as well as some other common settings for our public laboratory computers. In that ADM template, is the option to set the user data directory to one of your choosing. Google Chrome uses it’s own set of variables rather than using the standard Windows environmental variables.

The current list of Chrome variables on Windows includes:

  • %APPDATA% = ${roaming_app_data}
  • %LOCALAPPDATA% = ${local_app_data}
  • %USERNAME% =  ${user_name}
  • %COMPUTERNAME% = ${machine_name}
  • %USERPROFILE% = ${profile}
  • %PROGRAMFILES% =  ${program_files}
  • %WINDIR% =  ${windows}
  • ${documents} – The “Documents” folder for the current user. (“C:\Users\Administrator\Documents”)
  • ${global_app_data} – The system-wide Application Data folder. (“C:\AppData”)

So what I did was set the user data directory to the roaming data directory like so:

${roaming_app_data}\Google\Chrome\User Data

After performing a group policy update, the machines were correctly storing user’s data in their roaming profiles.

Microsoft Releases Windows 8 and Server 2012 Previews

May 31, 2012 Leave a comment

Today, Microsoft has released the Windows 8 Release Preview and the Release Candidate of Windows Server 2012. We have already seen developer previews and betas released in the past couple of months for both of these products. The Windows Server 2012 Release Candidate includes a made-over Server Manager and replaces the Start Menu with the new Metro UI. Windows Server 2012 will include new features such as the new Resilient File System for handling heavy-duty data and managing shared storage across machines. Applications that run on Windows Server 2008 and Windows Server 2008 R2 are expected to be compatible with the new version upcoming version.