Archive for the ‘Windows 2008’ Category

Ctrl+Alt+Del takes forever to prompt for password

Monday, May 23rd, 2011

We saw an issue with a customer whose Ctrl+Alt+Del took forever to prompt for password. We looked at several things to try to figure it out. It was also happening when unlocking the workstations. We finally we found out…
(more…)

Posted in Active Directory, ALL, Computer HowTo, IT Guides, Windows 2008 | No Comments »

LTO-5 for data backup: The cure for storage woes?

Monday, November 22nd, 2010

For years, tape storage systems have played a key role in efforts to store data for backup and retrieval, archiving, and contingency planning purposes. More recently, tape has been called on to help preserve and safeguard data to meet data retention laws and regulations. The challenge is how to manage, retain, and safeguard the data volumes being generated today. To put the data explosion issue into perspective with respect to its impact on tape, consider that even in last year’s tough economic times shipped disk storage capacity grew at a remarkable rate. All of the data being placed on that new disk capacity needs to be backed up, and much of it must also be retained for long periods of time. New tape technology provides a solution. With a capacity to store 3 TB of data per cartridge, recently introduced Linear Tape-Open (LTO)-5 tapes offer twice the storage capacity of LTO-4 and about four times the capacity of LTO-3 systems.  

(more…)

Tags: , , , , ,
Posted in ALL, Computer HowTo, IT Guides, Virtualization, Windows 2003, Windows 2008 | No Comments »

Enable of Windows 2008 R2–the Active Directory Recycle Bin

Thursday, June 10th, 2010

Even in professionally managed network environments it is still possible for mistakes to happen. If an Active Directory object such as a user or computer account is accidentally deleted  network access will be lost. Worker productivity will decline until the account is restored and IT support costs will add to the total expense incurred by the organization.

In the past the best method to restore a deleted AD object is to reboot a domain controller into Active Directory Restore Mode, logon the computer with a special administrative account, and restore the Active Directory database from a backup file. The final steps are to run the NTDSUTIL command line utility to authoritatively restore the object in question and then reboot the computer into normal mode. This procedure is cumbersome, time consuming and requires that the backup file selected contains the most current version of the object.  Many administrators have wished that an easier method was available.

With the introduction of Windows Server 2008 R2 it is possible to enable an Active Directory Recycle Bin. Deleted AD objects can be restored complete with all object related attributes intact. These attributes includes user and computer account group memberships. In order to enable the Active Directory Recycle Bin all Domain Controllers in the Domain must first be upgraded to Windows Server 2008 R2. The Domain functional level of the Domain and the Forest must be raised to 2008 R2 functional level. This can be accomplished in the Domains and Trusts administrative console. If the Active Directory Forest was created using Windows 2000 or 2003 Server it is also necessary for a member of the Schema Admins group to update the Active Directory Schema by running the ADPREP /Forest Prep command on the Schema Master domain controller and the ADPREP /DomainPrep command on the Infrastructure Master computer. Raising functional levels may affect some applications that integrate with Active Directory, therefore it is important to research possible issues before raising the levels.

Once the functional levels are raised the Recycle Bin can be enabled using the following PowerShell command: “Enable-ADOptionalFeature -Identity <ADOptionalFeature> -Scope <ADOptionalFeatureScope> -Target <ADEntity>”. This command must be run using the Active Directory Module for Windows PowerShell  by an member of the Enterprise Administrators group.  Microsoft gives us an example of how this command would look when it is used to enable the Recycle Bin for the Contoso.com domain:

“Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature, CN=Optional Features,CN=Directory Service, CN=WindowsNT, CN=Services, CN=Configuration, DC=contoso, DC=com’ –Scope ForestOrConfigurationSet –Target ‘contoso.com’”

Now that the Recycle Bin is enabled, deleted object can be recovered using either PowerShell or the ldp.exe utility. This process is described by Microsoft here: http://technet.microsoft.com/en-us/library/dd379509(WS.10).aspx

Save yourself time and aggravation by enabling the Active Directory Recycle Bin soon!

Tags:
Posted in ALL, Computer HowTo, IT Guides, Windows 2008 | No Comments »

Keep the “Advanced Features” view always on in Active Directory Users and Computers MMC

Tuesday, June 8th, 2010

“Is there a way to keep the “Advanced Features” view always on?”

If you start a blank management console, add the ADUC snap-in, turn on Advanced Features view, and save the console, whenever you use *that* console file, Advanced Features will be on.

1. Launch a blank Microsoft Management Console: Start-> Run… mmc.exe

2. In the MMC menus, choose File->Add/Remove Snap-in… (or Ctrl+M)

3. Select “Active Directory Users and Computers” and hit the “Add >” button in the middle.

4. Hit OK to finish adding the snap-in.

5. Back in the console, select the Active Directory Users and Computers node under the “Console Root.”

6. Right-click on that ADUC node and choose “New Window from Here” in the menu.

7. In the MMC menus, choose  View->Advanced Features (this turns on the Attribute Editor, Security, Object, and other tabs as well as several other features in menus and makes other objects visible).

8. In the MMC menus, choose  File->Save (or Ctrl+S), specify a file name folder, file name, and hit the Save button.

9. In the MMC menus, choose  File->Options… and choose “User mode – limited access, single window,” then check the “Do not save changes to this console” checkbox, and finally hit OK.

10. In the MMC menus, choose “Save As…” and save under a different file name, and choose “Yes” when warned about the single window interface option.

11. In the MMC menus, choose File->Exit

12. Launch the second console you saved (in step 10) and use it – it should always have Advanced Features turned on.

13. If you need to make changes to other settings in the console, open the first console you saved (in step 8), adjust whatever other options you want, then repeat steps 9, 10, and 11 using a different file name in step 10 this time to distinguish the new settings.

Tags:
Posted in Active Directory, ALL, Windows 2003, Windows 2008 | No Comments »

Setup Windows 2008 Server Core – Networking Commands

Wednesday, April 28th, 2010

When you install windows core server, you first need to configure the network component so that it can talk to the network and then managed remotely which would simplify your administration and reduce your frustration.

I have gathered a lot of these commands for you so you do not have to try to reinvent the wheel like I did.

Here is the start of you Networking and Firewall related commands for Server Core.  To configure the IP address you will have to remember (or learn) Netsh.  In my example I use “Local Area Connection”  The quotes are needed due the spaces.  If you renamed your connection name then you will want to use the new name in its place.

Configure a Static IP Address on Server Core:
Netsh int ipv4 set address Local Area Connection static 10.1.1.10 255.255.255.0 10.1.1.1
Netsh int ipv4 set dnsserver Local Area Connection static 10.1.1.5 primary
Netsh int ipv4 set winsserver Local Area Connection static 10.1.1.6 primary

Configure a Dynamic (DHCP) IP Address on Server Core:
Netsh int ipv4 set address Local Area Connection source=dhcp

Change the name of the network interface on Server Core:
Netsh int set interface name = Local Area Connection newname = Primary Network 

The Windows Firewall is a blessing to some and a curse to others. Either way it is installed by default and you have to understand the commands that are needed to configure the basics and in some cases some advanced commands.

Disable firewall:
netsh firewall set opmode disable

Server Core can be managed by using MMCs from a remote server. However with the firewall being on by default you will have to allow these tools to work remotely.  The first thing to note here is how to translate the MMC Snap-in to Windows Firewall Rule Group.

Event Viewer – Windows Firewall Rule Group – Remote Event Log Management
Services – Windows Firewall Rule Group – Remote Services Management
Shared Folders – Windows Firewall Rule Group – File and Printer Sharing
Task Scheduler – Windows Firewall Rule Group – Remote Scheduled Tasks Management
Reliability and Performance – Windows Firewall Rule Group – Performance Logs and Alerts and Windows Firewall Rule Group – File and Printer Sharing
Disk Management – Windows Firewall Rule Group – Remote Volume Management
Windows Firewall with Advanced Security – Windows Firewall Rule Group – Windows Firewall Remote Management

To enable all of these rules follow use this command:
Netsh advfirewall firewall set rule group=remote administration new enable=yes

Posted in ALL, Computer HowTo, Windows 2008 | No Comments »