Tuesday, December 31, 2013

Kaviza VDI in a Box extra Computers in AD

Problem: At some point Kaviza or VDI in a Box did not remove deactivated computers from AD either due to an improper shutdown, timing issue,… finding out which are in use and are not can take some time. Here is how I sped up the cleanup process.

Solution: Follow the steps below to export your computer names to bat log file. Then edit the bat file to ping the systems and export to a log file then review the results and clean up ad.

All of my Kaviza systems have the same prefix of FBWKVFB-x so I ran the following command to pull the list from AD and export to a bat file:

Dsquery computer domainroot –name FBWKVFB-* > c:\kavizapc.bat

then edit the bat file and use the find and replace command to replace the excess fields. Here is an example of the unedited output:

"CN=FBWKVFB-7C246DT,OU=SBComputers,OU=Computers,OU=MyBusiness,DC=ad,DC=domain"

Find
“CN=
Replace with
Ping –4    
                              
Note: the “-4” command is to use IPV4 ping only if you want to ping IPV6 only use –6 instead

Find
OU=S
BComputers,OU=Computers,OU=MyBusiness,DC=ad,DC=domain”s”
Replace with
>> C:\kavizaping.txt

On the first line remove the first “>” so it will look similar to this:

Ping FBWKVFB-7C246DT> c:\Kavizaping.txt
Ping FBWKVFB-114URFF>> c:\Kavizaping.txt

You can now run the Kavizapc.bat and view the output in C:\Kavizaping.txt:

Ping request could not find host FBWKVFB-7C246DT. Please check the name and try again.
Ping request could not find host FBWKVFB-114URFF. Please check the name and try again.

Any of the desktops that failed to ping are likely your excess systems that need removed.

Note: Just because they pinged does not mean they are still valid as your DNS records may not be up to date. If in doubt use the ping logs to do a reverse query for example here is a positive result:

Pinging FBWKVFB-MJJLD4K [192.168.100.100] with 32 bytes of data:
Reply from 192.168.100.100: bytes=32 time=3ms TTL=128

To confirm that IP really is FBWKVFB-MJJLD4K you can run the following command:

Ping –a 192.168.100.100

The first line of the results should show you the same PC name:

pinging FBWKVFB-MJJLD4K.ad.domain [192.168.100.100] ….

Friday, December 27, 2013

Server 2012 Hyper-V Free Changing Network Switch Command

Problem: You need to change your network interface/Switch on a VM from the Command line interface on your Server 2012 Hyper-V free console

Solution: Use the following powershell commands:

Note: you do not need to download or install any third party Powershell add-ons to perform these tasks.

In the Administrative window type in “Powershell.exe” and enter

image

Now List your VM’s by typing “Get-VM”

image

Now we will check its current “switch” by typing in “Get-VMNetworkAdapter”
which will then prompt you for the VMname or names you wish to query

image

Now we will change its current “switch” to my switch named “HV VM TRAFFIC”  by typing in “Connect-VMNetworkAdapter –Switchname “HV VM TRAFFIC” which will then prompt you for the VMname or names you wish to change to this switch

image

Now we will check its current “switch” by typing in “Get-VMNetworkAdapter”
which will then prompt you for the VMname or names you wish to query

image

As you can see above the SwitchName is now “HV VM TRAFFIC”

Server 2012 Hyper-V Free Command Start,Shutdown,Restart VM

Problem: You need to shutdown restart or start a VM from the Command line interface on your Server 2012 Hyper-V free console

Solution: Use the following powershell commands:

Note: you do not need to download or install any third party Powershell add-ons to perform these tasks.

In the Administrative window type in “Powershell.exe” and enter

image

Now List your VM’s by typing “Get-VM”

image

You can see x-UMVM1 is off to turn it on type in “Start-VM “VMname””

image

To check the status you can either type in “Get-VM” and see all VM’s or you can type in “Get-VM “VMname”” to see just the VM you are working on:

image

To shutdown your VM cleanly type in “Stop-VM “VMname””

image

Again to check the status you can either type in “Get-VM” and see all VM’s or you can type in “Get-VM “VMname”” to see just the VM you are working on:

image

To do a HARD restart of you VM type in “restart-VM “VMName””

image

Note: I would recommend you do a Stop and start instead if possible

Monday, December 16, 2013

How to Setup Static IP Passthrough on ATT Uverse

Problem: You are changing from DSL or other internet service to use Uverse for your business. You need to have an external facing IP address for email, website, remote access or other traffic.

Solution: First you should have an external facing firewall.  Second when you purchase your Uverse account make sure you specify that you need external Static IP addresses. Third follow the steps below:

Once the ATT installation technician relays to you your IP information including your usable addresses, Modem IP, subnet mask, and DNS information. Setup your externally facing firewall with one of the usable addresses using the new schema settings.

Once your external firewall is ready log onto the ATT Uverse Modem

Note: you will need the Access Code located on the label of the modem

Once on the router select “Firewall” >“IP Passthrough”

Select “Default Server” and enter in the IP address of your externally facing firewall and “Save” as shown below:

clip_image001

You will then be prompted to restart the modem which will take at least 2 minutes

This should open up ALL ports externally coming IN to that external IP address.

Warning: If do not have a firewall in place you have opened the flood gates.

You need to call ATT and have them open port 25 out if you are hosting an exchange or other SMTP email server as port 25 OUT is blocked by default.

Once they say port 25 is open you test by using telnet

Telnet smtp.gmx.com 25

clip_image002

If you see the following SMTP may not be open. Try another domain or smarthost and ask ATT to run their test tool again to confirm 25 is open:

clip_image003

If you see the following connection is made then SMTP out is enabled:

clip_image004

Note: If using McAfee SAAS/MXLogic or other email filtering service you may need to change your inbound and outbound servers to match your new IP schema for EACH domain alias. The quickest way to change domains on McAfee Saas in “Email Protection Setup” for “Inbound Servers” and “Outbound Servers” is to click on the domain name on the right and a dropdown will appear to let you select your other domains.

Wednesday, December 11, 2013

Windows 8 Checkdisk or CHKDSK stops at 28%

Problem: Either you set chkdsk to run at next restart or Windows did due to a problem with the drive. Initially the check disk pauses at 0%-2% for a minute or two then it jumps up to 28% and appears to stop or hang. You see no change in 15-30 minutes.

Solution: WAIT! The older chkdsk program does not show an accurate percentage of the process as it runs. It will tend to stop at 28% for a long time, even well over an hour or more, depending on the data, drive, and your need for it to finish quicker. Just about the time you are ready to give up it will jump to Completed. 

Quickbooks 2014 Installation Hangs at registration

Problem: You upgraded or installed Quickbooks 2014 you registered online and it hangs the first time you try to logon to your data file at local registration.

Solution: Skip the local registration initially, Open the data file and convert as necessary if upgrading. Once you are in the data file then initiate the registration after using the tab in the top right corner. In my instance it appeared to get confused and lock up when trying to perform both tasks.  

Tuesday, November 19, 2013

Office 365 Missing Email in Outlook

Depending on your GPO or other settings you may not see all of your email as it is not caching them all locally. When you go office.com online you see all the email in your inbox and sent items.

What you can do to get more email cached locally is to change your default account settings by opening Outlook.

Select “File”
Select ” Account Settings”
on the “Email” tab Highlight your Office 365 Exchange account and select “Change”

You can then revise the “Offline Settings” Cached offline settings by moving the slider as shown below:

clip_image001

Office 365 Saving Email Account Licenses and Money

Office 365 while not an expensive email hosting product, its costs can add up quickly as your company expands and/or you add service email accounts. Here is a way to save a few dollars on those special email accounts.

External send only email option: (copier)

First setup your free external service account email addresses. For example I like to use http://www.gmx.com/ because it is free and you can use it for SMTP relaying. In this example I will setup an email address for my copier to send from:

domaincopierservice@gmx.com

This will avoid using an office 365 account. I can then setup my copier to relay SMTP directly through GMX as shown below.

clip_image002

Note: you may need to open up SMTP from the copier to the outside. Additionally I would recommend you block SMTP from other IP addresses internally to avoid a malware infection that sends SMTP and blacklists your domain and IP.

Note: You may also need to whitelist or mark that email address as not junk. You can test the email address by composing and sending an email from the GMX.com inbox interface.

External forward account option: (domain email address for external board members)

In my example let’s say you have an external board member that does not receive email regularly however needs a domain address that you can forward to their main email address. For example accountant@yourdomain.com forwards to CPA@DoweyCheatemHowe.com without sharing the address CPA@DoweyCheatemHowe.com to the general public as your accountant.

To do so follow steps below “The solutions is you setup a contact in Office365 using these steps” and in the examples replace:

domainfacespace@gmx.com with the example CPA@DoweyCheatemHowe.com facespace@yourdomain.com with the example accountant@yourdomain.com

External temporary email account option: (temporary social media address)

First setup your free external service account email addresses. Again I like to use http://www.gmx.com/ because it is free. In this example I will setup an email address for me to relay my social media into.

domainfacespace@gmx.com

Of course you want your social media or other address to have an email address that matches your domain and you many not want to publish domainfacespace@gmx.com

The solution is you setup a contact in Office365 using these steps:

Logon as Admin and on the right select the drop down on the right and select “Exchange” as shown below:

clip_image003

Select “recipients”, “contacts” and select “+” to add a new “Mail Contact

clip_image005

Enter in your information for the contact as shown in the example below and save. I recommend adding “External” or “External GMX” as the suffix. (You will see why in the next step)

clip_image007

Select “recipients”, “groups” and select “+” to add a new “Distribution Group

clip_image009

Now enter in your information as shown in the example below. By adding the “External”.. . on the previous step you can now use FaceSpace@yourdomain.com as the distribution email address. You will have to have an “Owner” for the group to add one click on the “+” to add one then scroll down.

clip_image011

After you scroll down you can now add the “Face Space External GMX” contact you just added as a member (recipient). Then select “Closed” for group membership options and save.

clip_image013

You can now receive email as FaceSpace@yourdomain.com and access it using the GMX console.

Monday, September 9, 2013

Hyper-V 2012 VM will not delete from Hyper-V Manager

Caution: Make sure you have a backup and you do not need this VM or its data. “you break it you bought it…”

First we need to locate the proper GUID name to delete the VM. To do so start Powershell as an Administrator and use the following command:

Get-WmiObject -Namespace root\virtualization -class msvm_computersystem | select elementname, operationalstatus, processid, name| ft –auto

clip_image002

Note: In the example above if there was a VM it would show the process id and GUID name of the VM under my host name of TMGKOW8LT.

Now that you know the GUID, browse to your Virtual Configurations path, in my case E:\Hyper-V\Virtual Machines\ locate the proper GUID folder and .XML file and delete them both

Browse to your Virtual Hard Disks path in my case E:\Hyper-V\Virtual Hard Disks\ locate the proper hard disk and delete

Now we need to delete the reference in Hyper-V to the VM typically this is located in C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\ and delete the GUID .xml

With a refresh of your Hyper-V manager the VM should be gone.

Credit References:
http://www.petri.co.il/get-hyper-v-virtual-machine-process-id-and-guid.htm

Monday, June 3, 2013

Server 2012 Hyper-V Free Workgroup Setup and Management

Log onto your Microsoft Live account and Download the installation media here:
http://aka.ms/hv2012gs

Run the Setup and restart as necessary.

After installing you will be prompted to create a default Administrator password.
After setting up your password log onto the server. It will open a command prompt and basic management console as shown below:

image

The menus are straight forward and will prompt you through the process I underlined my settings:

1) Domain/Workgroup: to add to domain, setup workgroup name
2) Computer Name: 1
3) Add Local Administrator: I would recommend creating at least one additional administrator
4) Configure Remote Management: Enable or Disable
5) Windows Update Settings: Manual or Automatic
6) Download and Install Updates:
7) Remote Desktop: Enable or Disable and authentication methods
8) Network Settings: Configure as Static or DCHP Settings including DNS
9) Date and Time:
10) Help improve the product with CEIP: Customer Experience Improvement Program Enable or Disable
11) Log Off User:
12) Restart Server:
13) Shut Down Server:
14) Exit Command Line :

After you configure your host as recommended above you now can RDP into it from you desktop

For credentials use “.\administrator” or “ .\” the account you created.

Once logged on to your Free 2012 Hyper V server go to the command prompt and open Powershell by typing in Powershell.exe as shown below:

image

At the PS prompt enter in the following commands to modify your firewall to enable the following in order:

netsh firewall set service type=RemoteAdmin mode=enable

image

 

netsh advfirewall firewall SET rule group="Remote Administration" new enable=yes

image

netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes

image

netsh advfirewall firewall set rule group="Remote Service Management" new enable=yes

image

netsh advfirewall firewall set rule group="Performance Logs and Alerts" new enable=yes

image

Netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes

image

Netsh advfirewall firewall set rule group="Remote Scheduled Tasks Management" new enable=yes

image

netsh advfirewall firewall set rule group="Remote Volume Management" new enable=yes

image

netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes

image

netsh advfirewall firewall set rule group="Windows Firewall Remote Management" new enable =yes

image

netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable =yes

image

netsh advfirewall firewall add rule name="Microsoft Management Console" dir=in action=allow program="%windir%\system32\mmc.exe" enable=yes profile=private

image

Type “Exit to exit powershell

Type in “WinRM quickconfig” enter


Tasks on Remote Management PC:

Install Server RSAT on your workstation download it here:
http://www.microsoft.com/en-us/download/details.aspx?id=7887

Open Powershell as and Administrator

Type in the following:

Set-item WSMAN:\localhost\Client\TrustedHosts –Value “HYPERVServer” –concatenate

image

image

Allow Anonymous DCOM Access:

Run DCOMCNFG
Console Root > Component Services > Computers > My Computer
Right click > Properties > "COM Security"
Access Permission> Edit Limits as shown below:

image

Check "ANONYMOUS LOGON" under Remote Access as shown below:

image

You need to add DNS reference to the hosts file for your Hyper-V server. Located at C:\Windows\System32\Drivers\ETC\hosts as shown below:

image

Add the IP and Name such as my example below:

image

Note: Due to permissions it may not let you save after editing in the same location. Edit and save elsewhere such as the desktop and then drag to and replace the existing host file.

Do a quick Ping to test to confirm:

image

Now open RSAT and select “Add other servers to manage” as shown below:

image

Select the DNS tab and enter in your Hyper-V server name as shown below:

image

Select the Search and then the server and the arrow to add it to your servers list:

image

Once it appears in the list select “OK”:

image

Once back to RSAT select All Servers and you will see the following “Kerberos authentication error”:

image

Right Click on the HyperV server and select “Manage As…”:

image

Enter in the Hyper-V server \ user and password> Check “Remember my credentials” and “OK”:

image

It should then connect properly:

image

Right Click on the HyperV server and select “Hyper-V Manager”:

image

You should now see and be able to manage your Hyper-V server as shown below:

image

Credit References:

Jason Powell

http://blogs.technet.com/b/keithmayer/archive/2013/04/05/getting-started-with-hyper-v-server-2012-hyperv-virtualization-itpro.aspx#.UafVCerD-M8

http://pc-addicts.com/remotely-manage-hyper-v-server-2012-core/

http://serverfault.com/users/66435/molotch