Posts

Showing posts with the label Windows

Why Infrastructure Master should not be a Global Catalog server?

The most confusing question in Active Directory. Will try to explain this in a simpler way. Infrastructure Master role is responsible for managing any cross domain references. When we discuss about cross domain references, its essential to discuss about Phantom objects. An AD group is something which can hold members of its own domain and groups from other domain(Eg: Global group and Universal group). For a group in one domain to contain members from another domain, a pointer or cross-domain reference is required. This cross-domain reference is called a Phantom object .

Active Directory FSMO Roles

F ocus : Active Directory FSMO Roles FSMO - Expansion and its relevance FSMO is the short representation of Flexible Single Master Operations. Each of these word has its own significance. Operation Master is a set of roles which handles a separate operation. So why ‘Flexible’ & ‘Single’ used?

DHCP not getting authorized in Windows 2008

Symptom After creating a new DHCP server in Windows 2008 server ,failed to authorize the DHCP server. The server was throwing the below error while trying to authorize. ‘The specified servers are already present in the directory service’

Active Directory Global Catalog Server

F ocus: Global Catalog Server Global catalog (GC) is a role handled by domain controllers in an Active directory model.  The global catalog stores a full copy of all objects in the directory for its host domain and a partial copy of all objects for all other domains in the forest. 

Active Directory Backup and Restore in Windows 2008

F ocus: Active Directory Backup and restore Taking backup 1. Open command prompt and execute  “wbadmin start systemstatebackup -backuptarget:e:\”  - In Windows 2008, need to install the Windows server backup feature, as it is not installed by default. 2. Confirm that the backup is successful using the command  “wbadmin get versions”  Restoration 1. Restart the server in  Directory Service Restore Mode (DSRM) 2. Get the version ID of the available backup using  “wbadmin get versions”  3. Run the restoration using the command  “wbadmin start systemstaterecovery -version: versionID " Making the Restoration Authoritative 1. At a command prompt, type  ntdsutil , and then press ENTER. 2. Type  authoritative restore , and then press ENTER. 3. You will be prompted as "Active Instance not set. To set an active instance use "Activate Instance ". 4. Type  activate instance ntds  and then press ENTER 5. Then type the command  restore subtree dc=Domain_Name,dc=xxx and then pr

Enable replication - tombstone lifetime exceeded

Step 1 Run the  repadmin /showrepl  command on the domain controller that received the error to determine which domain controller has been disconnected for longer than a tombstone lifetime. Step 2 Modifying the registry

NSLOOKUP commands

NSLookup Nslookup is used for looking up name records from your DNS server. It is a helpful tool in diagnosing issues with the DNS server In command prompt type:

Cannot set folder permissions to AD groups in Windows 2003

Scenario I've an environment with Windows 2003 & Windows 2008 servers in  Windows 2000 Native mode . If I try to add any AD group in a folder security group of a Windows 2008 server, the AD group name won't get resolved.

Active Directory | KCC vs ISTG

F ocus : Active Directory KCC and ISTG KCC (Knowledge consistency checker) is responsible for generating site replication toplolgies between domain controllers. KCC runs in each DC of a domain and creates a

How to resolve space issue in SQL Server

It is quite normal to receive warning or critical messages from Nagios or any other monitoring tool related to space issue in SQL servers. The process to resolve the issue is quite simpler which is described below: Check for the server and drive which faces the issue. Log on to the server and check for any ERRORLOGs generated inside that particular drive. If you could find any errorlog files which consumes more size, then it should be removed by following the steps described below. Log on to SQL Server Management Studio and connect to those instances which are running on the SQL Server. Run the code below in all the individual databases available in all the instances. Exec (‘DBCC ErrorLog’) After executing the code, confirm the ERRORLOG files are renamed and consumes less space only.

How to restore SQL from an existing backup using Script

To validate the current backup file restore filelistonly from disk = 'E:\BackupLocation\BBB.bak'] To restore backup BBB to AAA restore database AAA from disk = 'E:\BackupLocation\BBB.bak' with move 'BBB' to 'D:\Data\Database\AAA.mdf', move 'BBB_log' to 'D:\Data\Database\AAA_log.ldf' restore filelistonly from disk = 'E:\BackupLocation\BBB.bak'

How to stop a service in 'Stopping' state

Find the PID of the affected service using the below query. sc queryex SPTimerV3 Will receive the below output on execution: SERVICE_NAME: SPTimerV3 TYPE : 10 WIN32_OWN_PROCESS STATE : 3 STOP_PENDING (STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x1 WAIT_HINT : 0x4e20 PID : 1696 FLAGS : Kill the PID of the service taskkill /PID 1696 /F

Useful commands for windows admin

To query ntp server of a server Net Time /querysntp To sync time of member servers with domain controller w32tm /resync /nowait To query FSMO roles in an environment netdom query fsmo To query the details of currently logged in users qwinsta -server servername To log off a currently logged in user using his session id rwinsta -server servername sessionid To query the membership details of a domain user DSQUERY USER -samid loginname | DSGET USER -memberof -expand To query the sharing & security details of a folder showacls To check whether an account is locked out NET USER loginname /DOMAIN | FIND /I "Account active" To unlock a domain user NET USER loginname /DOMAIN /ACTIVE:YES To query members in a domain net view To query the member DCs of a domain NETDOM QUERY DC To collect network statistics pathping ipaddress To query the current running tasks tasklist -svc To kill a currently running task using its pid number taskkill -pid pidnumber

Extend Windows Server 2008 evaluation period

By default Windows Server 2008 runs 60 days without being activated. But after this period, the server will prompt the annoying message during login "Evaluation period expired". Microsoft itself provides a tweak for this by extending the evalutaion period. The evaluation period can be extended for another 60 days upto three times. So in effect we can run the server for 180 + 60 days. This could be done by executing the below commands: To view the license status slmgr.vbs -dli  To extend for 60 days slmgr.vbs -rearm