Copy windows features from a server to another

Sometimes you want to create the (almost) same server where you do not yet Chef or CF or some sort of DSC. The best resort is to use what you have: get-windowsfeature

Imagine you want to configure Server B from Server A and obviously those are microsoft windows servers…

#On server A
#export features
> Get-WindowsFeature | ? { $_.Installed -AND $_.SubFeatures.Count -eq 0 } | Export-Clixml .\serverA.xml
#copy the feature file over
> cp .\serverA.xml ‘\\serverB\c$\Files’

#On server B
PS C:\Files> ls
Directory: C:\Files
Mode LastWriteTime Length Name
—- ————- —— —-
-a—- 6/8/2017 4:15 PM 510824 ServerA.xml
PS C:\Files> Import-Module Servermanager
PS C:\Files> Import-Clixml .\ServerA.xml | Add-WindowsFeature
Success Restart Needed Exit Code Feature Result
——- ————– ——— ————–
True Yes SuccessRest… {Application Server, .NET Framework 4.5, W…
WARNING: You must restart this server to finish the installation process.

Voila, another posh timesaver.

Advertisements

Troubleshoot KMS

This is the recipe for a KMS activation. This should serve a minimum of 25 machines up to plenty.

You will need:

1 KMS server (aka kms)
1 network
1 or more server to be activated
1 Volume Product Key for your server to be activated
1 working DNS

First of all KMS uses DNS to find where the KMS server is. do a nslookup to find out if this is configure it. Please note the address and port

nslookup -type=SRV _vlmcs._tcp.domain.local
Server:  asterix.domain.local
Address:  172.24.1.20
_vlmcs._tcp.domain.local   SRV service location:
priority       = 0
weight         = 0
port           = 1688
svr hostname   = p1-kms1.domain.local
p1-kms1.domain.local       internet address = 172.24.5.126

Verify connectivity from the server to be activated to the KMS server using [address] and [port]

Do a

cscript.exe slmgr.vbs -dlv

to verify what you have. Expect the VOLUME_KMS_*_* channel.

Do a

cscript.exe slmgr.vbs -ato

to activate

and if you are looking for your keys, and not the key for the KMS server which you get from your MSFT licensing portal, go to technet: https://technet.microsoft.com/en-us/library/jj612867.aspx

The case of winrm that was configured properly but never worked

On 2 win2012-r2 servers (not core, and not DC, actually fresh install with all patching done) on the same subnet, I have configured winrm and psremoting but I still cannot do a remote session.

I have tried:

winrm qc
Enable-psremoting
Winrm e winrm/config/listener
PS C:\Windows\system32> winrm e winrm/config/listener
Listener [Source="GPO"]
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 10.81.1.153, 127.0.0.1, ::1, fe80::5efe:10.81.1.153%13, fe80::f1f9:11cd:8c30:39a9%12

Telnet to 5985 OK

Get-pssessionconfiguration -> v4

Set-Item wsman:\localhost\Client\TrustedHosts -value  *

so when I tried to identify or use etsn I get the following:

etsn
Connecting to remote server 10.81.1.153 failed with the following error message : The WinRM client cannot
process the request. Default authentication may be used with an IP address under the following conditions: the
transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use
winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more
information on how to set TrustedHosts run the following command: winrm help config. For more information, see the
about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ etsn 10.81.1.153
+ ~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (10.81.1.153:String) [Enter-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed



    winrm id -r:10.81.1.152 WSManFault Message = The WinRM client cannot process the request. Default authentication may be used with an IP address under t he following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authen ticated. For more information on how to set TrustedHosts run the following command: winrm help config.



Error number: -2144108101 0x803381BB The WinRM client cannot process the request. Default authentication may be used with an IP address under the following c onditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For m ore information on how to set TrustedHosts run the following command: winrm help config.

Even checking all settings

PS C:\Windows\system32> winrm get wmicimv2/Win32_Service?Name=WinRM
Win32_Service
    AcceptPause = false
    AcceptStop = true
    Caption = Windows Remote Management (WS-Management)
    CheckPoint = 0
    CreationClassName = Win32_Service
    Description = Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management.
 WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service l
istens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a lis
tener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM se
rvice provides access to WMI data and enables event collection. Event collection and subscription to events require that
 the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but i
s preconfigured to share a port with IIS on the same machine.  The WinRM service reserves the /wsman URL prefix. To prev
ent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.
    DesktopInteract = false
    DisplayName = Windows Remote Management (WS-Management)
    ErrorControl = Normal
    ExitCode = 0
    InstallDate = null
    Name = WinRM
    PathName = C:\Windows\System32\svchost.exe -k NetworkService
    ProcessId = 868
    ServiceSpecificExitCode = 0
    ServiceType = Share Process
    Started = true
    StartMode = Auto
    StartName = NT AUTHORITY\NetworkService
    State = Running
    Status = OK
    SystemCreationClassName = Win32_ComputerSystem
    SystemName = server
    TagId = 0
    WaitHint = 0

PS C:\Windows\system32> winrm get winrm/config
Config
    MaxEnvelopeSizekb = 500
    MaxTimeoutms = 60000
    MaxBatchItems = 32000
    MaxProviderRequests = 4294967295
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = false
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts = *
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
        MaxConcurrentOperations = 4294967295
        MaxConcurrentOperationsPerUser = 1500
        EnumerationTimeoutms = 240000
        MaxConnections = 300
        MaxPacketRetrievalTimeSeconds = 120
        AllowUnencrypted = false
        Auth
            Basic = false
            Kerberos = true
            Negotiate = true
            Certificate = false
            CredSSP = false
            CbtHardeningLevel = Relaxed
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        IPv4Filter = * [Source="GPO"]
        IPv6Filter = * [Source="GPO"]
        EnableCompatibilityHttpListener = false
        EnableCompatibilityHttpsListener = false
        CertificateThumbprint
        AllowRemoteAccess = true [Source="GPO"]
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 7200000
        MaxConcurrentUsers = 10
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 25
        MaxMemoryPerShellMB = 1024
        MaxShellsPerUser = 30

again, both servers ping 152 amd 153, nslookup forward, reverse work fine. telnet to winrm port works, winrm services are up…only winrm doesn’t

I am running out of ideas, any suggestion is welcome…thanks!

From the 2 above systems, I am able to enter a pssession to a other fresh windows 2012 install. Still those 2 systems cannot accept sessions. Compare the global configuration elements, the only difference is the listening IP of the listeners settings. The rest is exactly the same – GPO for winrm works.

winrm get winrm/config - identical
winrm get winrm/config/client - identical
winrm get winrm/config/service - identical
winrm enumerate winrm/config/resource - identical
winrm enumerate winrm/config/listener - IPs are different
winrm enumerate winrm/config/plugin - identical
winrm enumerate winrm/config/service/certmapping - identical (Empty)

test-wsman from and to each servers do return information without errors.

> Test-WSMan 10.81.1.153


wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 3.0



> Test-WSMan 10.81.1.152


wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 3.0

In fact I never solved this. Nothing I tried worked and all settings from winrm/wsman seemed proper.

I eventually used a fresh install from a newer built – SW_DVD9_Windows_Svr_Std_and_DataCtr_2012_R2_64Bit_English_-4_MLF_X19-82891 – and it seemed solving the issue – same GPOs and default settings.

If you can think of anything, please let me know!

The DMZ server that did not want to update

Once upon a time there was a server placed in a DMZ that would not want to update…

symptoms: using sconfig, the server would say that no updates were available.

problems: wsus settings had been deployed

solution: remove wsus settings

It sounds easy said like this but somehow this client manages to present things a different way leading to wasting my time.

As I said, it all started with company X administrator saying they could not update this windows 2012 R2 core server while it worked yesterday. Indeed, once in sconfig, the server is in a workgroup, automatic updates is disabled and running get and install updates would results in no updates to apply.

Steering in this direction, I run

wuauctl /detectnow

I verify the wua version using

$WindowsUpdateAgentVer = (Get-ItemProperty -Path 'C:\Windows\System32\wuaueng.dll' -ErrorAction SilentlyContinue).VersionInfo.ProductVersion

> Write-Host $WindowsUpdateAgentVer

7.9.9600.16384

it looks like a bit out of date as I see a lot of 7.9.9600.256 on the web. I try updating it without success. This URL brings me to some other kb and download which did not work, I guess I am giving up this path and not try to install kb2919355 which is all above WUA update. None of the downloads from this URL do anything for me.

But wait, why did not I check the windowsupdate log? A stroll to c:\windows\windowsupdate.log showed me that it fails getting update lists from some wsus server!

WARNING: There was an error communicating with the endpoint at ‘http://wsus.xxx.ca/SimpleAuthWebService/SimpleAuth.asmx

Bummer, what did not I start here? I hop on the web to look for the reg key and delete it.

Stop-Service wuauserv
Remove-Item -Path 'HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\*' -recurse -force
Start-Service wuauserv

Once removed, I start an update again using sconfig – bingo – updates show up. I then finish it with my favorite WUA script and invoke-windowsupdate to keep things rolling.

It guess it would be so much better for sconfig to actually say there was an error instead of saying that there are no updates available for this server…

Add EMC Storage – PowerPath Driven – on Server 2012 R2 Core or Hyper-V 2012 R2 (well core as well)

For this recipe you will need:

  • 1 LUN (setup in a storage group that holds the server)
  • 1 PowerPath (here after PP) Key
  • 1 Diskpart

First, locate your latest PP bundle and install in CLI mode.

PS C:\windows\system32> etsn ptbtt-go-hv
[ptbtt-go-hv]: PS C:\> ls
Directory: C:\
Mode                LastWriteTime     Length Name
----                -------------     ------ ----
d----        11/21/2014   2:46 PM            logs
-a---         5/15/2014   4:45 PM   92347200 EMCPower.X64.signed.5.7.SP3.b509.exe

[ptbtt-go-hv]: PS C:\> EMCPower.X64.signed.5.7.SP3.b509.exe /s /v"/L*v C:\logs\PPsetup.log LICENSENUM=BUPJ-XB4E-LFC3-QYPY-MM92-QDWB NO_REBOOT=1"

Once finished you can log there to see if  all was successful.

[ptbtt-go-hv]: PS C:\logs> Get-Content .\PPsetup.log | Select-String "Installation completed successfully"

MSI (s) (E4:94) [14:48:24:606]: Product: EMC PowerPath 5.7 Service Pack 3 (64bit) -- Installation completed
successfully.

Hooray? well, go play with PowerMT.exe

[ptbtt-go-hv]: PS C:\> cd 'C:\Program Files\EMC\PowerPath'
[ptbtt-go-hv]: PS C:\Program Files\EMC\PowerPath> ls
Directory: C:\Program Files\EMC\PowerPath
Mode                LastWriteTime     Length Name
----                -------------     ------ ----
d----        11/21/2014   2:47 PM            Drivers
d----        11/21/2014   2:53 PM            Logs
d----        11/21/2014   2:47 PM            x86
-a---          2/7/2013   1:08 PM      17728 db_recover.exe
-a---         11/1/2010   4:13 AM        385 db_recover.exe.intermediate.manifest
-a---        11/24/2010   2:04 AM     531512 difxapi.dll
-a---          2/7/2013   1:10 PM      49472 EmcAdminProxy.dll
-a---         5/15/2014   5:20 PM    1125184 EmcAdminSvr.exe
-a---          2/7/2013   1:12 PM     516416 EmcLicTool.exe
-a---          2/7/2013   1:13 PM      27456 EmcLicTool_CHS.dll
-a---          2/7/2013   1:14 PM      27968 EmcLicTool_DEU.dll
-a---          2/7/2013   1:15 PM      27968 EmcLicTool_ESP.dll
-a---          2/7/2013   1:15 PM      27968 EmcLicTool_FRA.dll
-a---          2/7/2013   1:16 PM      27968 EmcLicTool_ITA.dll
-a---          2/7/2013   1:17 PM      27456 EmcLicTool_JPN.dll
-a---          2/7/2013   1:17 PM      27456 EmcLicTool_KOR.dll
-a---          2/7/2013   1:18 PM      27968 EmcLicTool_PTB.dll
-a---          2/7/2013   1:20 PM      29504 emcphostid.exe
-a---          2/7/2013   1:20 PM      27968 EmcpLogMsgs.dll
-a---         5/15/2014   5:20 PM    1117504 EmcpMgmtComp.exe
-a---         5/15/2014   5:20 PM     494400 EmcPowerPathAdmin.dll
-a---         5/15/2014   5:20 PM      39232 EmcPowMon.exe
-a---          2/7/2013   1:24 PM      31552 EmcPowPN22.dll
-a---          2/7/2013   1:25 PM      21312 EmcPowRes.dll
-a---         5/15/2014   5:20 PM     869696 EmcPowSrv.exe
-a---          2/7/2013   1:26 PM      39232 EmcpPerfmonPmiPrvdr.dll
-a---          2/7/2013   1:27 PM      36160 emcpreg.exe
-a---          2/7/2013   1:28 PM      10048 EmcpSvcErr.dll
-a---          2/7/2013   1:28 PM      26432 emcp_lic_rtl.dll
-a---         5/15/2014   5:20 PM    1137472 Emcp_mpapi_rtl.dll
-a---          2/7/2013   1:31 PM      91968 emcp_mp_rtl.dll
-a---         6/10/2003  10:00 PM      43430 Emc_PowerPath_Console.msc
-a---          2/7/2013   1:33 PM    1404224 libdb51.dll
-a---         11/1/2010   4:14 AM        385 libdb51.dll.intermediate.manifest
-a---         5/15/2014   5:20 PM    1748480 Libeay32.dll
-a---         5/15/2014   5:20 PM     303424 ManagementComp_Config.exe
-ar--        11/21/2014   3:38 PM         22 mpaa.excluded
-ar--        11/21/2014   3:38 PM        244 mpaa.lams
-a---         5/15/2014   5:20 PM     332608 powermig.exe
-a---         5/15/2014   5:20 PM     270144 powermigcl.exe
-a---         5/15/2014   5:20 PM    1181504 powermt.exe
-a---        12/18/2012   6:12 PM      23639 powerpath.man
-a---         5/15/2014   5:20 PM     304448 PowMigSrvc.exe
-a---         5/15/2014   5:20 PM     222016 ppinstall.exe
-a---         5/15/2014   5:20 PM     490304 ppRemoveAll.exe
-a---          2/7/2013   1:49 PM      55104 pthreadVC2.dll
-a---         5/15/2014   5:20 PM       5279 server.pem
-a---         5/15/2014   5:20 PM     360448 Ssleay32.dll

Found powermt, let’s use it.

[ptbtt-go-hv]: PS C:\Program Files\EMC\PowerPath> .\powermt.exe display dev=all
Pseudo name=harddisk1
VNX ID=APM00141276882 [TTBTT-GO-HV_SG]
Logical device ID=6006016009B03800F71D7ED4B571E411 [FSP_LUN31_SPB_6882_PTBTT-GO-HV_X_200G]
state=alive; policy=CLAROpt; queued-IOs=0
Owner: default=SP B, current=SP B       Array failover mode: 4
==============================================================================
--------------- Host ---------------   - Stor -  -- I/O Path --   -- Stats ---
###  HW Path               I/O Paths    Interf.  Mode     State   Q-IOs Errors
==============================================================================
2 port2\path0\tgt1\lun0  c2t1d0      SP A3    active   alive      0      0
2 port2\path0\tgt0\lun0  c2t0d0      SP A2    active   alive      0      0
1 port1\path0\tgt1\lun0  c1t1d0      SP B3    active   alive      0      0
1 port1\path0\tgt0\lun0  c1t0d0      SP B2    active   alive      0      0

Looks like you see your disk? Expose it to windows for storing let’s VMs – this is pretty useful for hyper-v hypervisor!

[ptbtt-go-hv]: PS C:\Program Files\EMC\PowerPath> diskpart
Microsoft DiskPart version 6.3.9600
Copyright (C) 1999-2013 Microsoft Corporation.
On computer: PTBTT-GO-HV
DISKPART>
[ptbtt-go-hv]: PS C:\Program Files\EMC\PowerPath> exit

Sometimes powershell session don’t play nice with output redirection and things like diskpart from let you in the interactive mode. Fear not, use psexec instead and use diskpart to create that disk.

PS H:\> cd .\Tools\sysinternals
PS H:\Tools\sysinternals> .\psexec.exe \\ptbtt-go-hv cmd
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.
C:\Windows\system32>diskpart
Microsoft DiskPart version 6.3.9600
Copyright (C) 1999-2013 Microsoft Corporation.
On computer: PTBTT-GO-HV
DISKPART> list disk
Disk ###  Status         Size     Free     Dyn  Gpt
--------  -------------  -------  -------  ---  ---
Disk 0    Online          135 GB      0 B
Disk 1    Offline         200 GB   200 GB
DISKPART> select disk 1
Disk 1 is now the selected disk.
DISKPART> online disk
DiskPart successfully onlined the selected disk.
DISKPART> list disk
Disk ###  Status         Size     Free     Dyn  Gpt
--------  -------------  -------  -------  ---  ---
Disk 0    Online          135 GB      0 B
* Disk 1    Online          200 GB   200 GB
DISKPART> select disk 1
Disk 1 is now the selected disk.
DISKPART> list volume
Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
----------  ---  -----------  -----  ----------  -------  ---------  --------
Volume 0     E   IRM_SHV_X64  UDF    CD-ROM      1917 MB  Healthy
Volume 1     D   RECOVERY     NTFS   Partition   3072 MB  Healthy
Volume 2         System Rese  NTFS   Partition    350 MB  Healthy    System
Volume 3     C                NTFS   Partition    132 GB  Healthy    Boot
DISKPART> create partition primary

DiskPart has encountered an error: The media is write protected.
See the System Event Log for more information. 

Oops, I am not sure what a a disk is defaulted to read-only. Let’s change it manually.

DISKPART> attributes disk
Current Read-only State : Yes
Read-only  : Yes
Boot Disk  : No
Pagefile Disk  : No
Hibernation File Disk  : No
Crashdump Disk  : No
Clustered Disk  : No

DISKPART> attributes disk clear readonly

Disk attributes cleared successfully.

DISKPART> list disk

Disk ###  Status         Size     Free     Dyn  Gpt
--------  -------------  -------  -------  ---  ---
Disk 0    Online          135 GB      0 B
* Disk 1    Online          200 GB   200 GB

DISKPART> create partition primary

DiskPart succeeded in creating the specified partition.

DISKPART> list volume

Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
----------  ---  -----------  -----  ----------  -------  ---------  --------
Volume 0     E   IRM_SHV_X64  UDF    CD-ROM      1917 MB  Healthy
Volume 1     D   RECOVERY     NTFS   Partition   3072 MB  Healthy
Volume 2         System Rese  NTFS   Partition    350 MB  Healthy    System
Volume 3     C                NTFS   Partition    132 GB  Healthy    Boot
* Volume 4                      RAW    Partition    199 GB  Healthy

DISKPART> select volume 4

Volume 4 is the selected volume.

DISKPART> format fs=ntfs quick

100 percent completed

DiskPart successfully formatted the volume.

DISKPART> list volume

Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
----------  ---  -----------  -----  ----------  -------  ---------  --------
Volume 0     E   IRM_SHV_X64  UDF    CD-ROM      1917 MB  Healthy
Volume 1     D   RECOVERY     NTFS   Partition   3072 MB  Healthy
Volume 2         System Rese  NTFS   Partition    350 MB  Healthy    System
Volume 3     C                NTFS   Partition    132 GB  Healthy    Boot
* Volume 4                      NTFS   Partition    199 GB  Healthy

DISKPART> assign letter=f

DiskPart successfully assigned the drive letter or mount point.

DISKPART> list volume

Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
----------  ---  -----------  -----  ----------  -------  ---------  --------
Volume 0     E   IRM_SHV_X64  UDF    CD-ROM      1917 MB  Healthy
Volume 1     D   RECOVERY     NTFS   Partition   3072 MB  Healthy
Volume 2         System Rese  NTFS   Partition    350 MB  Healthy    System
Volume 3     C                NTFS   Partition    132 GB  Healthy    Boot
* Volume 4     F                NTFS   Partition    199 GB  Healthy

DISKPART> exit

Leaving DiskPart...

C:\Windows\system32>f:
f:


F:\>mkdir "Virtual Machines"
mkdir "Virtual Machines"

F:\>dir
dir
Volume in drive F has no label.
Volume Serial Number is 6C59-E0A3

Directory of F:\

11/21/2014  03:49 PM    <DIR>          Virtual Machines
0 File(s)              0 bytes
1 Dir(s)  214,617,317,376 bytes free


cmd exited on ptbtt-go-hv with error code 0.
PS H:\Tools\sysinternals>

Keeping an eye on DFS-R

I’ve never really used DFS-R with many file servers but here I am. And the company I work with has been having issues with replication since a member had been taken offline and back.

Due to maintenance they had disabled the member from the namespace servers of that namespace and disabled it from the memberships. When the server was up again, they re-enabled memberships for DFS and replication accordingly

To me, it seems like a good idea but somehow this member is now having issues. Nothing gets in or out as for replications go.

First of, there are a few essential reads for DFS-R. I really recommend spending some time reading those as a refresher or even guidance.

http://blogs.technet.com/b/askds/archive/2007/10/05/top-10-common-causes-of-slow-replication-with-dfsr.aspx

http://blogs.technet.com/b/askds/archive/2010/11/01/common-dfsr-configuration-mistakes-and-oversights.aspx

Also I highly recommends this article shall you want to remember what is means to be a member of the Replication Group.

http://www.adshotgyan.com/2010/12/dfsr-replication-group-in-windows-2008.html

 

Here we go. I just want to share a few things I do and look for when I starting looking for troubles.

Check the Health of a Replication Group (RG)

> dfsradmin health new /rgname:RG_NAME /refmemname:FROM_THE_VIEW_OF_WHICH_MEMBER /domain:YOUR_DOMAIN /ReportName:c:\scripts\dfsmonitor\health\RGNAME_health_rpt.html

This report will tell you what is it doing and if it encountered any errors without having to parse the event logs. Shall you want to automate this, have a look at this basic script.

Do a file replication/propagation test

dfsrdiag offers many options, one of them is to test propagation of a file to the various members of the RG. You would do the following

> dfsrdiag.exe propagationtest /rgname:RG_NAME /rfname:REPLICATION_FOLDER_TO_TEST /testfile:A_FUNNY_NAME

Operation Succeeded

You then will want to wait a little bit for things to happen and after a few minutes verify what has happened with the propagationreport option.

> dfsrdiag.exe propagationreport /rgname:RG_NAME /rfname:REPLICATION_FOLDER_TO_TEST /testfile:A_FUNNY_NAME /reportfile:c:\scripts\dfsmonitor\propagationtest.xml

PROCESSING MEMBER A[1 OUT OF 3]
PROCESSING MEMBER B[2 OUT OF 3]
PROCESSING MEMBER C[3 OUT OF 3]

Total number of members: 3

Number of disabled members: 0

Number of unsubscribed members: 0

Number of invalid AD member objects: 0

Test file access failures: 0

WMI access failures: 0

ID record search failures: 0

Test file mismatches: 0

Members with valid test file: 3

Operation Succeeded

Verify backlogs

>dfsrdiag.exe backlog /rgname:RG_NAME /rfname:REPLICATION_FOLDER_TO_TEST /smem:SOURCE_MEMBER /rmem:TARGET_MEMBER

This will give the number of files in the queue and will list them if you wish. This said it will only output 100 by default.

You can also use this script in order to keep track of the backlogs.

Restart the DFS-R service

If things seems stuck after you checked everything above and the DFS-R log usually located in c:\windows\debug\log. You might want to restart the service once

> Get-Service *dfsr* | Restart-Service

WARNING: Waiting for service ‘DFS Replication (DFSR)’ to finish stopping…

> Get-Service *dfsr*

Status   Name               DisplayName

—–   —-               ———–

Running DFSR               DFS Replication

In the end

If you have read all this and still not sure how to fix your replication issues: contact microsoft. Any mistake while playing with members and their RGs may render files inaccessible for your users. This said I am yet to find a good way to monitor all of my RGs beside loading those health reports. I wish there was a better way to check what is going on, what files it is working on, the queues, the state of the members and so on in a single MMC.

I also want to list here a few other article that may help troubleshooting and recreating your RGs.

Clearing Conflits and Deleted folders

http://blogs.technet.com/b/askds/archive/2008/10/06/manually-clearing-the-conflictanddeleted-folder-in-dfsr.aspx

Preseeding another member

http://blogs.technet.com/b/askds/archive/2010/09/07/replacing-dfsr-member-hardware-or-os-part-2-pre-seeding.aspx

 

 

Get Remote Server Administration Tools on windows 7 or 8

When I get a new PC I always forget how to get the RSAT on my machine so here a little reminder.

Really it is 2 steps: 1. Install the package, 2. Enable the features

Install the package

The link should get you to the download link for your version of windows and corresponding servers. Go and get the appropriate package.

Then install the package, I usualy go with

windows6.1-KB958830-X64.msu /quiet

Enable the features

And the thing that always gets me, is that all of those feature are not enabled after the installation of the package, you should then enable those when installed. To do so use the mighty commandline or windows feature GUI from the control panel if you wish.

dism /online /get-feature

This command will list all of the features you have and look for anything RemoteServerAdministrationTools

Then user the enable-feature to enable the feature!

dism /online /install-feature /featurename:RemoteServerAdministrationTools /featurename:RemoteServerAdministrationTools-<FeatureName>

I wish there was a get-windowsfeature for workstation as well…