Posts

Showing posts with the label Windows

Why Infrastructure Master should not be a Global Catalog server?

The most confusing question in Active Directory. Will try to explain this in a simpler way.
Infrastructure Master role is responsible for managing any cross domain references. When we discuss about cross domain references, its essential to discuss about Phantom objects.
An AD group is something which can hold members of its own domain and groups from other domain(Eg: Global group and Universal group). For a group in one domain to contain members from another domain, a pointer or cross-domain reference is required. This cross-domain reference is called a Phantom object.

Active Directory FSMO Roles

Focus : Active Directory FSMO Roles


FSMO - Expansion and its relevance

FSMO is the short representation of Flexible Single Master Operations. Each of these word has its own significance. Operation Master is a set of roles which handles a separate operation. So why ‘Flexible’ & ‘Single’ used?

DHCP not getting authorized in Windows 2008

Symptom
After creating a new DHCP server in Windows 2008 server ,failed to authorize the DHCP server. The server was throwing the below error while trying to authorize.
‘The specified servers are already present in the directory service’

Active Directory Global Catalog Server

Focus: Global Catalog Server Global catalog (GC) is a role handled by domain controllers in an Active directory model. The global catalog stores a full copy of all objects in the directory for its host domain and a partial copy of all objects for all other domains in the forest.

Active Directory Backup and Restore in Windows 2008

Focus: Active Directory Backup and restore

Taking backup

1. Open command prompt and execute “wbadmin start systemstatebackup -backuptarget:e:\” 
- In Windows 2008, need to install the Windows server backup feature, as it is not installed by default.
2. Confirm that the backup is successful using the command “wbadmin get versions” 

Restoration

1. Restart the server in Directory Service Restore Mode (DSRM)
2. Get the version ID of the available backup using “wbadmin get versions” 
3. Run the restoration using the command “wbadmin start systemstaterecovery -version:versionID"

Making the Restoration Authoritative

1. At a command prompt, type ntdsutil, and then press ENTER.
2. Type authoritative restore, and then press ENTER.
3. You will be prompted as "Active Instance not set. To set an active instance use "Activate Instance ".
4. Type activate instance ntds and then press ENTER
5. Then type the command restore subtree dc=Domain_Name,dc=xxx
and then press ENTER:
Note: In windows 2008,…

Enable replication - tombstone lifetime exceeded

Step 1
Run the repadmin /showrepl command on the domain controller that received the error to determine which domain controller has been disconnected for longer than a tombstone lifetime.

Step 2
Modifying the registry

NSLOOKUP commands

NSLookup
Nslookup is used for looking up name records from your DNS server. It is a helpful tool in diagnosing issues with the DNS server In command prompt type:

Cannot set folder permissions to AD groups in Windows 2003

Scenario

I've an environment with Windows 2003 & Windows 2008 servers in Windows 2000 Native mode. If I try to add any AD group in a folder security group of a Windows 2008 server, the AD group name won't get resolved.

Active Directory | KCC vs ISTG

Focus : Active Directory KCC and ISTG

KCC (Knowledge consistency checker) is responsible for generating site replication toplolgies between domain controllers. KCC runs in each DC of a domain and creates a

How to resolve space issue in SQL Server

It is quite normal to receive warning or critical messages from Nagios or any other monitoring tool related to space issue in SQL servers. The process to resolve the issue is quite simpler which is described below:
Check for the server and drive which faces the issue.Log on to the server and check for any ERRORLOGs generated inside that particular drive.If you could find any errorlog files which consumes more size, then it should be removed by following the steps described below.Log on to SQL Server Management Studio and connect to those instances which are running on the SQL Server.Run the code below in all the individual databases available in all the instances.Exec (‘DBCC ErrorLog’)
After executing the code, confirm the ERRORLOG files are renamed and consumes less space only.

How to restore SQL from an existing backup using Script

To validate the current backup file

restore filelistonly from disk = 'E:\BackupLocation\BBB.bak']

To restore backup BBB to AAA

restore database AAA
from disk = 'E:\BackupLocation\BBB.bak'
with
move 'BBB' to 'D:\Data\Database\AAA.mdf',
move 'BBB_log' to 'D:\Data\Database\AAA_log.ldf'
restore filelistonly from disk = 'E:\BackupLocation\BBB.bak'

How to stop a service in 'Stopping' state

Find the PID of the affected service using the below query.
sc queryex SPTimerV3


Will receive the below output on execution:

SERVICE_NAME: SPTimerV3
TYPE : 10 WIN32_OWN_PROCESS
STATE : 3 STOP_PENDING
(STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x1
WAIT_HINT : 0x4e20
PID : 1696
FLAGS :


Kill the PID of the service
taskkill /PID 1696 /F

Useful commands for windows admin

To query ntp server of a server Net Time /querysntp
To sync time of member servers with domain controller w32tm /resync /nowait
To query FSMO roles in an environment netdom query fsmo
To query the details of currently logged in users qwinsta -server servername
To log off a currently logged in user using his session id rwinsta -server servername sessionid
To query the membership details of a domain user DSQUERY USER -samid loginname | DSGET USER -memberof -expand
To query the sharing & security details of a folder showacls
To check whether an account is locked out NET USER loginname /DOMAIN | FIND /I "Account active"
To unlock a domain user NET USER loginname /DOMAIN /ACTIVE:YES
To query members in a domain net view
To query the member DCs of a domain NETDOM QUERY DC
To collect network statistics pathping ipaddress
To query the current running tasks tasklist -svc
To kill a currently running task using its pid number
taskkill -pid pidnumber

Extend Windows Server 2008 evaluation period

By default Windows Server 2008 runs 60 days without being activated. But after this period, the server will prompt the annoying message during login "Evaluation period expired". Microsoft itself provides a tweak for this by extending the evalutaion period. The evaluation period can be extended for another 60 days upto three times. So in effect we can run the server for 180 + 60 days.

This could be done by executing the below commands:

To view the license status

slmgr.vbs -dli 

To extend for 60 days

slmgr.vbs -rearm