MDT / Windows Error: The computer restartred unexpectedly or encountered an unexpected error.

Error: The computer restartred unexpectedly or encountered an unexpected error. Windows installation cannot proceed...The other day I came accross an issue with MDT when attempting to deploy an image to a new machine - although funnily enough it worked on several other machines so I could only imagine thast is was related to the hardware.When this error occurs you will want to refer to the windows setup logs that can be found here: C:\Windows\Panther or C:\Windows\System32\Sysprep\Panth...

Read more

Setting up centralized logging for deployment logs with MDT

For convienince I like to store all deployment logs in a central location so I don't need to mess around grabbing the logs of the local systems. Fortunately MDT provides us with the ability to do this with the 'SLShareDynamicLogging' parameter (which will write the logs on the fly to a specific directory). We simply need to modify our deployment share's customsettings.ini file e.g. SLShareDynamicLogging=\\mdtserver\DeploymentShare$\Logs Taken from TechNet - Microsoft gives us a quick overview of which logs pertain to what: Before the Image...

Read more

Setting up automatic deployment of Windows 7 with MDT and WDS

(Note: For this tutorial I will be doing all of the work on a Windows 10 box) There are a few pre-requisites for this: Windows 10 ADK: https://msdn.microsoft.com/en-us/windows/hardware/dn913721.aspx#deploy Windows Server 2008 / 2012 with the WDS role installed. Microsoft Deployment Toolkit: https://www.microsoft.com/en-us/download/details.aspx?id=48595 We should then launch the 'Depoyment Workbench' and create a new Deployment Share by right-hand clicking on the 'Deployment Share' node. Once created - expand our new deployment share node and...

Read more

Converting in-guest iSCSI LUNs to VMWare native VMDK disks

To give some pre-text for the point on this tutorial I should point in the specific circumstances vSphere Essentials Plus was being used - hence Storage vMotion was not available. ** Fornote: For this technique to work you are required to have at least 2 ESXI hosts in your environment ** Firstly unmount the disks and then disconnect the targets from the Windows iSCSI connector tool. Now in order to connect to iSCSI targets directly from the vSphere host we will need a VMKernel adapter associated with the relevant physical interface (i.e. the...

Read more

Creating a bootable deployment ISO for Windows Deployment Services

We should firstly install WAIK  for Windows 7 and WAIK for Windows 7 SP1 Supplement on the server that has WDS currently installed: https://www.microsoft.com/en-gb/download/details.aspx?id=5753 https://www.microsoft.com/en-us/download/details.aspx?id=5188 Now open the WDS snapin and right-hand click the relevent boot image and select 'Create Capture Wizard' >> and follow through the Wizard ensuring that 'Enter the name of the Windows Deployment Services server that you want to respond when you boot...' is set to your WDS server! Now...

Read more

How to view all IPTables rules quickly

iptables -vL -t filter iptables -vL -t nat iptables -vL -t mangle iptables -vL -t raw iptables -vL -t securi...

Read more

How to setup port forwarding with iptables / Netfilter (properly)

The first command tells the host that it is allowed to forward IPv4 packets (effectively turning it into a network router): echo "1" > /proc/sys/net/ipv4/conf/ppp0/forwarding echo "1" > /proc/sys/net/ipv4/conf/eth0/forwarding or better yet ensure that the ip forwarding persists after reboot: sudo vi /etc/sysctl.conf and add / amend: net.ipv4.ip_forward = 1 and to apply changes we should run: sudo sysctl -p Simple port forwarding: This is often applied when you have a service running on the local machine that uses an obscure port - for...

Read more

How to setup port forwarding with iptables / Netfilter (properly)

The first command tells the host that it is allowed to forward IPv4 packets (effectively turning it into a network router): echo "1" > /proc/sys/net/ipv4/conf/ppp0/forwarding echo "1" > /proc/sys/net/ipv4/conf/eth0/forwarding or better yet ensure that the ip forwarding persists after reboot: sudo vi /etc/sysctl.conf and add / amend: net.ipv4.ip_forward = 1 and to apply changes we should run: sudo sysctl -p Simple port forwarding: This is often applied when you have a service running on the local machine that uses an obscure port - for...

Read more

Controlling VPN traffic with VPN Filters on Cisco ASA

Typically (or by default rather) VPN traffic is NOT controlled by normal access controls on the interfaces and rather are controlled by VPN filters. They are fairly straight forward to apply - for example... We firstly create an ACL: access-list EU-VPN-FILTER permit ip 10.1.0.0 255.255.0.0 10.2.0.0 255.255.255.0 Then proceed by defing a group policy: group-policy MYSITE internalgroup-policy MYSITE attributes  vpn filter value EU-VPN-FITER And finally creating / amending the tunnel group so it uses the default policy we have created: tunnel-group...

Read more

The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles

The operation failed because: Active Directory Domain Services could not transfer the remaining data in directory partition DC=ForestDnsZones,DC=domain,DC=int to Active Directory Domain Controller \\dc01.domain.int. "The directory service is missing mandatory configuration information, and is unable to determine the ownership of floating single-master operation roles." I encountered this error while attempting to demote a Server 2008 server from a largely 2003 domain. By reviewing the dcpromo log (found below): %systemroot%\Debug\DCPROMO.LOG The...

Read more

Trusting a self-signed certifcate on Debian Jessie

I came across a number of how-to's on this subject although the vast majority were not that accurate for Debian Jessie. So we have a scenario where we have a local application on our machine that  uses a self-signed certificate that we would like to trust. Firstly download the ca-certificates package: apt-get install ca-certificates Proceed by obtaining our certificate we would like to import e.g.: openssl s_client -connect mywebsite.com:443 Extract the public key from the output and place it in a file called something like: yourhost.crt **...

Read more

Script to identify and drop all orphaned logins for SQL Server 2008+

The script can be found below (credit to: https://www.mssqltips.com): Use masterGoCreate Table #Orphans ( RowID int not null primary key identity(1,1) , TDBName varchar (100), UserName varchar (100), UserSid varbinary(85) )SET NOCOUNT ON DECLARE @DBName sysname, @Qry nvarchar(4000) SET @Qry = '' SET @DBName = '' WHILE @DBName IS NOT NULL BEGIN SET @DBName = ( SELECT MIN(name) FROM master..sysdatabases WHERE /** to exclude named databases add them to the Not In clause **/ name NOT IN ( 'model', 'msdb',...

Read more

Creating and applying a retention tags for mailbox / mailbox items

** Fornote: You must have setup in-place archiving before the below will take effect ** Using both a retention policy and tags we have the ability to allocate individual retention periods for objects (i.e. folders) within a mailbox. For example if we wished to create a root level retention policy on a mailbox so all mail items would be retained for 30 days - but we have a folder with holds archived email (lets call it 'Archived Items') - we could assign a retention period of 365 days. We would typically use rentention tags to set a retention...

Read more

Determining the cause of an ESXI host power failure / restart

Firstly ensure that there are no warning / error lights on the physical host.Check the event log for the specific ESXI host by going to;Host >> Tasks and Events >> TasksWe should then proceed by enabling SSH from the vSphere Client:Host >> Configuration >> Security Profile >> Services >> Properties and enable SSH.SSH into the host and run: cat /var/log/vmksummary.log You should typically see a regular heart-beat message - although around the time in question we encountered the folloeing event: 2013-01-01T12:30:04Z...

Read more

TCP / UDP Ports Required for Active Directory in an off-premise environment like AWS or Azure

Below are the required ports to get a new domain controller (Server 2008 and above) up and running:TCP 389UDP 389TCP 636TCP 3268TCP 3269TCP 88UDP 88TCP 53UDP 53TCP 445UDP 445TCP 25TCP 135TCP 5722UDP 123TCP 464UDP 464UDP 138TCP 9389UDP 67UDP 2535UDP 137TCP 139Dynamic Ports:TCP 49152-65535UDP 49152-65...

Read more

Manually configuring DC replication with Active Directory

Firstly we should ensure that all firewall ports are as should be if the replication will be between two different sites. So we go to Sites and Services >> Select our site >> Seelct our server >> Right-hand click on NTDS Settings  >> 'New Active Directory Connection' and select the DC you wish to replicate too.We then proceed to open up the newley created connection and on the General tab ensure that 'IP' for transport is selected and that the revelent naming contexts are being replicated.We can then do a repadmin /syncall...

Read more

Forcing replication of the SYSVOL share

The other day I identified a newly installed domain controller that had not created the SYSVOL share - in order to initiate this I did the following: Open regedit and go to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters and set the value of 'SysvolReady' to 0 and then set it again to '1'. Failure to replicate the SYSVOL folder will cause some pretty serious problems with features such as group policy and the like. To perform a manual / force replication we run: ntfrsutl.exe forcerepl "sourcedc" /r...

Read more

Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set

The other day I came across an error while troubeshooting a problem I had from a run of dcdiag: Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have   Replicating Directory Changes In Filtered Setaccess rights for the naming context:DC=ForestDnsZones,DC=my,DC=domainError NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have   Replicating Directory Changes In Filtered Setaccess rights for the naming context:DC=DomainDnsZones,DC=my,DC=domain This indicates a permission problem with the ENTERPRISE DOMAIN CONTROLLERS...

Read more

Using a vmdk / virtual disk from a VMWare Workstation / Player product in ESXI

I attempted to use a vmdk from a virtual machine hosted on a PC running VMWare Player with an ESXI instance by simply copying the vmdk over SFTP directly to the ESXI datastore and then attaching the disk to a newly created VM on the ESXI host.Although unfortuantely it wasn't as simple as that as when attempting to turn on the VM I recieved the following errror message in the vSphere client:"An unexpected error was received from the ESX host while powering on VM XXXXX. Reason: Failed to lock the file. Cannot open the disk '/vmfs/volumes/11fed2c5-81a6f17c-558h-553f/VM01/DISK01.vmdk'...

Read more

Introducing the first Windows Server 2008 R2 DC into a Server 2003 domain.

1. Firstly ensure that all DC's are 2003 and decomission any older versions e.g. NT 4.0, 2000 etc.2. Raise the domain functional level to 'Windows Server 2003' by going to 'AD Domains and Trusts' MMC snapin and right-hand clicking the domain node and select "Raise Domain Functional Level..."3. Find out which DC holds the schema and infrastructure FSMO roles: http://blog.manton.im/2015/02/how-to-query-and-move-fsmo-roles-with.html4. Ensure that there are no outstanding issues with the domain / forest with dcdiag e.g.:dcdiag /vand ensure that replication...

Read more

Delete specific email meesage from a server / mailbox database with Exchange shell

We should firstly ensure that the user has necessary permissions by assigning thier security group the relvent role: New-ManagementRoleAssignment -Name "Import Export Mailbox Admins" -SecurityGroup "*SecurityGroupName*" -Role "Mailbox Import Export" To find an email sent by a user to a numbero users on a specific date / subject we can use: Get-Mailbox -Server  ExchangeServer | Search-Mailbox -SearchQuery 'Subject:"*My Subject*" AND From:"Joe Bloggs" AND Sent:"11/13/2015"' -targetfolder "Inbox" -targetMailbox "Admin Email" -logonly -loglevel...

Read more

Moving and removing public folder database replication with Exchange 2010

If you have recently upgraded from an earlier version of Exchange too Exchange 2010 and you have now decided to decomission the oldere version of Exchange you might be required to move all of your existing public folders to the newer server. We should firstly add our Exchange 2010 server as a replica to ensure the migration goes smoothly by making use of the following script: .\AddReplicaToPFRecursive.ps1 -TopPublicFolder "\" -ServerToAdd "Exchange 2010 Server" and also ensuring the 'SYSTEM' public folders are added as well: .\AddReplicaToPFRecursive.ps1...

Read more

Checking for bad sectors with badblocks and fsck

Badblocks in a linux utility that scan storage media for bad blocks. It can be operated in serveral modes:- Destructive mode: Where block data will be wiped, as each sector is overwritten by random data and read. This mode is potentially very dangerous and should typically be only applied on disks that are brand new or you are not worried about losing the data on them!- Non-destructive mode: Where block data is checked, although rather than overwriting the original block data (effectively wiping it) the block data is firstly backed up. This mode...

Read more

Performing an off-site backup with AWS using Veeam Backup and Replication

It is now possible to backup from Veeam to AWS through the use of the AWS Storage Gateway service. To explain how it works: AWS Storage Gateway allows you to create a Virutal Tape Library Gateway - than simply speaking is a way of creating a virtual tape drive in the cloud that can hook upto other AWS services such as S3 and Glacier. You are required to download the AWS Storage Gateway virtual appliance to act as an intermetriaty to effectively proxy the data between the Veeam server and AWS. Although in order to hook Veeam upto the virtual appliance...

Read more

How to enable an AD security group for use with Exchange

By default when you want to use an AD security group within Exchange - lets say for example within a transport rule you will notice that by default they are not available.So in order to make the security groups accessable we need to 'mail-enable' them: AKA mail enabled security groups. In order to do this we should firstly ensure that the security group's scope is 'Universal' NOT 'Global' as it is by default.We can then proceed to go to the Exchange Management Console >> Recipient Configuration >> right-hand click 'Distribution Group'...

Read more

Deleting old backups from Windows Backup Sets

Although you can do this via the control panel >> Windows Backups - if you are using a thrid party product that is utilizing the Windows Backup engine you will need to use the wbadmin tool. I was recently required to clear out several older windows backups to free some space on the disk. Firstly we can  view all backups within a backup set with something like: wbadmin get versions -backupTarget:"B:\" (where B: is the root of the backup.) We can use the vssadmin tool to list all of our VSS backups with: vssadmin list shadows /for=b: and...

Read more

Exchange Routing Groups

Routing groups are used to provide communication between to Exchange servers - typically between two different versions of Exchange e.g. Exchange 2010 and Exchange 2003. The two servers that form the source and destination of the routing are reffered to as 'bridgehead servers'. In order to view information about current routing groups we can use: Get-RoutingGroupConnector | FL Routing group connectors are unidrectional routes between two bridgehead servers i.e. a seperate routing group has to be defined for both incoming and outgoing mail. In...

Read more

Installing missing Intel I217-V for Debian

This firmware was not included as part of a readily available package within Debian and so needed to be installed from Intel's website: https://downloadcenter.intel.com/download/15817/Network-Adapter-Driver-for-PCI-E-Gigabit-Network-Connections-under-Linux- Firstly ensure we have the appropriate kernel headers with: sudo apt-get install linux-headers-$(uname -r) So we simply unzip the gzip file: tar zxvf e1000e-3.2.* cd e1000e-3.2.4.2 make install  and then activate the module with: sudo modprobe e1000e  Finally confirm the module...

Read more

log_reuse_wait: 'Replication' status appearing

After being unable to shrink a specific database log file to a zero (or something near that) I became slightly puzzled why a 30GB log file would only truncate to about 15GB - after some research I found out that sometimes after replication has been turned on and then stopped - the log_reuse_wait value has not changed back to it's default and is still set at '6' - which tells us that the log file witholds some transactions in the log for use with replication.I ran the following command to retireve log_reuse_wait information for each database:SELECT...

Read more

Microsoft Exchange: The properties on this object have invalid data.

Firstly we need to identify what is causing the issue - so we can review the distribution group with something like: Get-DistributionGroup "Testing(123)" | FL and ensure there are no invalid objects within that group with something like: Get-DistributionGroupMember "Testing(123)" | FL In my event after issuing the first command I was presented with the following warning at the bottom of the output: WARNING: The object mydomain.int/Users/Alerts has been corrupted, and it's in an inconsistent state. The following validation errors happened: WARNING:...

Read more

How to shrink / truncate a database log file within SQL Server

Firstly ensure that the database recovery model is set too 'Simple': Right hand click on the database >> Properties >> Options >> Recovery Mode = Simple. Then right-hand click on the database again and select 'Tasks' >> 'Shrink' >> Files - from here you should ensure that the file type is set to 'Log' and the Shrink action 'Reorganize pages before releasing unused space' is selected and enter a value in MB to shrink the log file too and finally hit OK. Change if recovery model back to 'Full' (if applicable) and...

Read more

Checking / repairing a database or table for consistency errors / corruption with MSSQL

If you encounter consistency errors such as: The Database ID 5, Page (1:4835927), slot 7 for LOB data type node does not exist. This is usually caused by transactions that can read uncommitted data on a data page. Run DBCC CHECKTABLE. We should firstly find identify the database ID 5 by running: SELECT DB_NAME(2) AS Database_Name; (where '5' is the database ID in question.) DBCC CHECKDB ('MYDATABASE') WITH ALL_ERRORMSGS,NO_INFOMSGS We can also check an induvidual table with: USE MYDATABASE DBCC CHECKTABLE ('YourTable'); WITH ALL_ERRORMSGS,NO_INFOMSGS If...

Read more

Re-building database log files that have been corrupted for MSSQL

Firstly check the database for log corruption with: Bare in mind that DBCC CHECKDB WITH ALL_ERRORMSGS,NO_INFOMSGS will NOT check the logs and hence will not identify any corruptino in the logs! You should also check the event log for any hardware or MSSQL related errors such as: "Description: Executing the query "BACKUP LOG [PCDB_PROD] TO  DISK = E'\\MyDatabase2..." failed with the following error: "BACKUP detected corruption in the database log. Check the errorlog for more information." and you could also run chkdsk to identify any...

Read more

Checking VM and datastore performance issues with ESXTOP

SSH into the ESXI host and launch ESXTOP: esxtop Hit 'v' on the keyboard to display the VM view. Now hit 'f' and ensure that the 'F', 'G' and 'H' are selected so that the latency stats are displayed. Hit enter and review LAT/rd and LAT/wr stats. As a rough baseline typically anything above 20ms is considered poor performance, anything below this should be acceptable in most cases. You can also view the overall performance of a whole datastore by pressing the 'u' key (and ensuring the appropriate latency fields are included.) again as a guideline...

Read more

Throttling a VM's IOPS - vSphere 6

By default there is no disk I/O throttling setup within vSphere - in order to get an idea of how many IOPS the machine is hitting we should firstly use esxtop to provide the information:SSH into the ESXI host >> run the 'esxtop' command >> press the 'v' key to go into the VM view.You can then confirm the IOPS by observing the CMDS/s column.Dependent on your disk setup you could also make use of an IOPS calculator to give you an estimate of what kind of IPOS you should be expecting:http://www.thecloudcalculator.com/calculators/disk-raid-and-iops.htmlOnce...

Read more

How to check the queue depth of a storage controller using ESXTOP

 From http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1027901 To identify the storage adapter queue depth: Run the esxtop command in the service console of the ESX host or the ESXi shell (Tech Support mode). For more information, see Using Tech Support Mode in ESXi 4.1 and ESXi 5.0 (1017910) or Tech Support Mode for Emergency Support (1003677) . Press d. Press f and select Queue Stats. The value listed under AQLEN is the queue depth of the storage adapter. This is the maximum...

Read more

My collection of useful Powershell commands

The below is (or rather will be) a compilation of powershell commands that have come in handy for myself during day to day operations. Ensure all users in a specific OU have thier accounts set to "Password Never Expires": Get-AdUser -Filter * -SearchBase "OU=myou,DC=my,DC=domain" -Server dc01 | Set-ADUser -PasswordNeverExpires $true -Credential administrat...

Read more

Error: A binding for this client already exists.

When attempting to add a reservation into a Cisco 1841 I encountered the following error message: A binding for this client already exists. when running: client-identifier 0100.0111.001e.48 To resolve firstly identify which IP address the MAC address is assosiated with - this can be performed with: show ip dhcp binding Identify the assosiated IP and then simply run the following command to remove the binding: clear ip dhcp binding <ip-address> You should now be able to run the client-identifier command aga...

Read more

Setting up a reverse proxy for several websites with IIS and TMG 2010

Firstly launch the Forefront TMG Console and go to the "Firewall Policy" node and select "Publish Web Sites" on the Tasks" navigation window on the far left.In the wizard give the rule name something like "Reverse Proxy" >> Next >> Allow >> Select "Publish multiple Web sites" >> Add your desired site.The wizard will also ask you to create a new 'Listener' - assign or add an additional IP address to your 'External' adapter.Make the appropriate DNS entries into your DSN system and proceed by going to IIS and setting up our...

Read more

Performing a test DR recovery of a virtual machine with vSphere Replication

Unless you are using vSphere Replication with Site Recovery Manager you will not be able to perform a 'test recovery' (i.e. recover the VM while the source site/VM is still active/online). The process you could follow in case you would like to keep your primary site online is as follows:1. Perform Recovery using the second option (Recover with latest available data). In this way you would not need to power off source VMs and your primary site will be online.2. After recovery is complete, stop the replications (which will be in Recovered state)3....

Read more

Using the Active Directory Powershell module with Windows Server 2003

In order to perform this you will need to firstly install Powershell 2.0 on the server 2003 instance:http://www.microsoft.com/en-us/download/details.aspx?id=4045Unfortunately we have to issue our powershell commands from a Windows 7 (or Server 2008 R2+) if we wish to use the 'ActiveDirectory' module.Ensure that the following hotfix is installed on the Server 2003 instance:*** Firstly ensure that the LATEST version of the .NET framework is installed before proceeding! *** You should also install the hotfix for .NET Framework 3.5.1 (KB969166) which...

Read more

Remoting into Windows Server 2003/2008/2012 using Powershell / PSSession

On the server you wish to remote to we should ensure that the server is setup for powershell remote session (e.g. firewall etc.) by running the following from powershell: Enable-PSRemoting and authorize the connecting machine (the Windows 7 box) to connect to the server instance: Set-Item wsman:\localhost\Client\TrustedHosts client.my.domain -Concatenate -Force We then initiate the session with: $securePassword = ConvertTo-SecureString "Password" -AsPlainText -force $credential = New-Object System.Management.Automation.PsCredential("domain\username",$securePassword) $session...

Read more

Setup LinOTP with FreeRadius

We shall firstly install and configure LinOTP from thier repositories (I will be using Debian for this tutorial)Add the following line to your /etc/apt/sources.list: deb http://www.linotp.org/apt/debian jessie linotp and then install the linotp packages: apt-get update && apt-get install linotp linotp-useridresolver linotp-smsprovider linotp-adminclient-cli linotp-adminclient-gui libpam-linotp Install mysql server and client: apt-get install mysql-server mysql-client Setup useraccount called 'linotp2' and database named 'LinOTP2' with...

Read more

Checking VMFS for file system errors with VOMA

Checking VMFS for errors might arise when you are unable to modify or erase file on a VMFS datastore or problems accessing specific files.Typically using VOMA should be done when one of the following occurs:SAN outageRebuilt RAIDDisk replacement ** Important ** Before running voma ENSURE that all VM's are turned off on the datastore or ideally migrated onto a completely different datastore.You should also ensure that the datastore is unmounted on ** ALL ** ESXI hosts (you can do this through vSphere)!SSH into the ESXI host and run the following:voma...

Read more

Installing a self-signed certifcate as a trusted root CA in Debian

Firstly copy your certifcate to /usr/share/ca-certifcates: cp /path/to/certificate.pem /usr/share/ca-certificates and then ensure the ca-certifcates package is installed with: apt-get install ca-certificates and finally install the certifcate with: dpkg-reconfigure ca-certificates Select 'Yes' at the dialog prompt and ensure that your certifcate is check...

Read more

Windows Server Enterprise 2003 x86 on VMWare

Windows Server Enterprise 2003 x86 can support upto 64GB of RAM (with PAE enabled) - although be aware that when running under the ESXI hypervisor / vSphere having the 'Memory Hot Plug' enabled under Memory section in the VM settings can cause issues if you are using over 4GB of RAM and you should disable it as it is not compatible with ESXI 6.0 (at least in my testing.)If you have it enabled you get all sorts memory errors, services etc. failnig to start at boot and a partially working OS!This scenerio can arise when importing Server 2003 VM's...

Read more

Enabling isakmp and ipsec debugging on Cisco ASA and IOS Router

On the ASA / router run: config t monitor logging 7 // This allows you to see the output on vty lines e.g. telnet / SSH sessions debug crypto isakmp 127 debug crypto ipsec 127 We can also filter the logging to a specific VPN peer e.g.: debug crypto condition peer 1.1.1.1 If you are not seeing any expected output verify whether syslog is turned on with: show logging If it is you can use ADSM under Monitoring >> Logging to view / filter etc. the logs. To help debug any VPN issues you can also use the following command to troubleshoot...

Read more

Setting up log shipping with MSSQL

Log shipping is a process that allows you to create a secondary copy of a database for failover / backup purposes by transporting logs from one database to the other by means of backing up and restoring logs between the primary and secondary (AKA standby) database.TYpically log shipping should be performed between two of the same MSSQL version, although it is possible to perform it between different versions - not all variations are supported (check firstly!)The SQL Server Agent handles and processes the log shipping and is typically setup on the...

Read more

Full vs Simple Recovery Model in MSSQL

MSSQL offers a number of recovery models that can be employed - of which 'Full' and 'Simple' are the most common types.The simple recovery model provides you with a complete backup of the database that you can restore - although does not provide point in time recovery.Typically it should be used for transient databases or very hot databases and where data loss is not critical.Where as a 'full' recovery model keeps all of the logs for the database until a backup occurs or logs are truncated. This provides you with the ability to perform point-in-time...

Read more

Resolved: Resolving the CID mismatch error: The parent virtual disk has been modified since the child was created.

When performing snapshotting operations within VMware a delta disk is created for all compatible disks. The delta vmdk file holds all of the changes made from the point-in-time that the snapshot was performed. Typically you would have a base disk e.g. CDRIVE.VMDK - the delta disk would look something like CDRIVE-0000000001.vmdk, incrementing the integer with each snapshot taken.I came accross a situation the other day where VMWare was complaning that my the parent disk had a different CID (a unique identifer for a disk / VMDK that changes whenever...

Read more

SBC (Session Border Controller) vs Traditional Firewall

To summerise a firewall typically works on layer 3, 4 and sometimes partially on 7 (e.g. FTP / limited SIP awareness) A SBC works on layer 7 and can fully understand VOIP traffic, meaning that it can: - Block denial of service attacks - Detect spoofed / malicious SIP packets - Close and open RTP ports as nesacasery - Transcode between different media protocols The major seeling point of an SBC is used to provide interopability between different SIP solutions, since SIP implmentations quite often devaite from each other. SIP utilizes RTP (Real-time...

Read more

Throttling the I/O of Windows Server Backup

I noticed by default that Windows Backup / Windows Server Backup does not have any built-in way to throttle disk IO during backups. When backups overun this can cause a pretty severe impact on services / users relying on the machine. Although fortunatly windows provides a native API to control I/O on processes - now lucky for us Process Hacker can do this for us... Firstly select the process and right-hand click selecting I/O Priority and choosing...

Read more

Restore a Windows Server Backup job

There was an occasion where for some reason a Windows Server backup job had mysteriously dissapeared from the Windows Server Backup GUI and was not visible from wbadmin. Although we need not worry as we can simply use the wbadmin utility to import the job's catalog file and viola - we are on track again: wbadmin restore catalog -backupTarget:C:\path\to\backupdestinatio...

Read more

Fiber Optics and Switches 101

Typically when dealing with fiber connections you will have either an LC or SC cable that will go over a patch panel and terminate on both sides on a switch with a transiever module such as the MGBSX1 transiever commonly used on Cisco switches.Two main types single mode and multimode:Single Mode - Offers less bandwidth, although can transmit further distances (around 5KM maximum)Multimode - Offers more bandwdith but at a reduced maximum distance (between 300 - 600 meters approx) Two common connector types:SC - 1.25mm in diameterLC - Older 2.5mm...

Read more

Importing your physical and virtual machines into AWS

AWS provides you with the ability to import on-premise machines into thier cloud. Firstly if your existing machine is physical you should download the vCenter converter from below: https://www.vmware.com/products/converter Once you have converted your physical machine into a virtualized format you should download and install the AWS Command Line Interface from: http://aws.amazon.com/cli/ There are also some pre-requisites on importing / exporting machines from AWS - including the operating system support: - Microsoft Windows Server 2003 (with...

Read more