Techibee.com

Using powershell, we can query the status of a given windows cluster and instances inside it. With Windows 2008, MS is offering this ability. You need to import the failoverclusters  module to use the cmdlets available to manage windows cluster.

Import cluster module:

Import-module failoverclusters

Using this module you can do variety of things in cluster like adding and deleting disk, adding and deleting network interfaces, adding and deleting any other cluster resources, what not, you can do majority of operations with this powershell module.

Now I will give you a little example about how to connect to a cluster and get instances hosted on it.

Get-Cluster -Name cluster1.domain.com | Get-ClusterGroup

The above will connect to cluster1.domain.com and returns the status of groups/instances hosted on this cluster. You can also see preferred nodes, fail-over, fail-back settings for a given group, etc. I will try to post about them when I get a changes.

For your quick reference, I am posting the cluster cmdlets (source: technet)

While having some discussion with my wife today, I came across an interesting scenario where “Active Directory Users and Computers” MMC is not showing the “Live Communications Server” tab in user properties though the LCS administrator tools are installed. I searched about same problem in internet and looks like many people have already experienced this. For some, enabling the “advanced features” option in dsa.msc MMC fixed the issue and some people installed the console on XP computers to work around the problem.

In the particular case where my wife did the troubleshooting, she found that LCS administrator tools are of 32-bit version and they were installed on a 64-bit OS server. So, what is the problem? 64-bit OS supports 32-bit right? what is the problem?.

The problem is that, when you launch dsa.msc MMC from run command, it will fire-up 64-bit version of MMC which looks like has some troubles in taking with 32-bit version of LCS tools. Hence, it is not loading the LCS related tabs in the properties of any user accounts.

To work around this problem, one can open dsa.msc in 32-bit mode by just simply typing the below command.

dsa.msc -32

You can use the similar trick to launch any MMC in 32-bit mode. After opening, just look the process name in task manager, you will find mmc.exe*32 which indicates a 32-bit process name. You will find normal mmc.exe if you run mmc without -32 switch.

I somehow felt this is interested topic every systemadmin should aware. Hence authored this post.

Hope this helps. Happy learning…

You might see the error message outlined in subject while installing/uninstalling software on windows 2003 computer by connecting to terminal services. We all know that application installation has certain limitations when it comes to terminal services (anyone know why?). In such cases if you still want to install/uninstall the application on these terminal services enabled servers, you need to choose one of the following methods.

If this the requirement is just one of the case, then option#1 best suits you.

Option#1:

start mstsc with /console or /admin option and then connect to the server. This allows you to connect to the console of the server directly eliminating terminal services piece from you way.

Go to start -> Run -> type “mstsc /admin /v:servername” and click OK if you are using RDP client v6 or above

Go to start ->Run -> type “mstsc /console /v:servername” and click OK if you are using legacy version of RDP client.

Option#2:

If your administrators are expected to install applications on servers by connecting via terminal services, then you need to make sure that application installation is allowed. You can do it via group policies.

“computer configuration” -> “administrative templates” -> “windows components” -> “windows installer” -> “allow admin to install from terminal server session” should be enabled

Hope this helps.

Are you in need of a script which uninstall patches from both local and remote computers? You landed at right place. Today I came across a question in one of the forum asking for a way to uninstall patches/security updates/hotfixes from llocal or remote computers. While this is an easy thing to perform on local computers, it is little tricky when it comes to remote computers. I thought about it some time and finally came up with below code which works for both local and remote computers. All it does is, constructs a uninstall command for the given patch and executes that using WMI process class.

This script comes handy for you when you want to uninstall patches from Windows 2008 Core server which don’t have a GUI and can’t perform uninstallations the way you do in regular windows 2008 OS.

Here is the code:

function Uninstall-Hotfix {
[cmdletbinding()]
param(
$computername = $env:computername,
[string] $HotfixID
)            

$hotfixes = Get-WmiObject -ComputerName $computername -Class Win32_QuickFixEngineering | select hotfixid            

if($hotfixes -match $hotfixID) {
    $hotfixID = $HotfixID.Replace("KB","")
    Write-host "Found the hotfix KB" + $HotfixID
    Write-Host "Uninstalling the hotfix"
    $UninstallString = "cmd.exe /c wusa.exe /uninstall /KB:$hotfixID /quiet /norestart"
    ([WMICLASS]"\$computernameROOTCIMV2:win32_process").Create($UninstallString) | out-null            

    while (@(Get-Process wusa -computername $computername -ErrorAction SilentlyContinue).Count -ne 0) {
        Start-Sleep 3
        Write-Host "Waiting for update removal to finish ..."
    }
write-host "Completed the uninstallation of $hotfixID"
}
else {            

write-host "Given hotfix($hotfixID) not found"
return
}            

}

Usage:

Uninstall-HotFix -ComputerName PC1 -HotfixID KB123456

After you install Windows 2008 R2 Core Server from media, you notice that powershell is installed by default. PowerShell is essential in Core environment to administer core operating system. So, it is recommended to install powershell after you install Core operating system to take full advantage of this powerful programming language in configuring the several OS parameters. Today, I installed a core server and thought of writing a articles on how to install powershell in Core.

Procedure to install powershell in Windows 2008 R2 Server Core:

1. Logon to the Server with administrator account and start server configuration wizard by typing “SCONFIG” in command prompt.
   
2. Select option “4” in Server Configuration wizard to enter into “Configure Remote Management”
   
3. Select option “2” to install powershell (Enable Windows PowerShell)
   
4. Reboot the server if prompted
   

This completes the installation. Now you can start powershell by starting the process “powershell.exe” either from command prompt or from task manager.

Hope this helps…

I inspired from my previous post,  and decide to do some network interface related operations from command line as they helps me when managing Windows 2008 Core Operating system. Another command that I am going to provide now is to disable network connection from command line.

netsh interface set interface name=”Local Area Connection 1″ admin=DISABLED

In about command, “Local Area Connection 1″ is the name of the connection that you want to disable. You can change the value of “Admin” to “Enable” to enable back the network connection. Similarly, if you want to rename the network connection, you can use newname parameter. Below is the command.

netsh interface set interface name=”Local Area Connection 1″ newname=”My NIC1″

Above command renames “Local Area Connection 1″ network to “My NIC1″.

Hope this helps…

When you are working on Windows 2008 core, you get requirement to disable firewall functionality to allow all programs communication. The default firewall settings blocks most of the ports(including remote management) and administrator has to explicitly open them on need basis. The default Core console allows you to perform only few network operations like listing and assigning IP address, but if you want to perform advanced operations like disabling firewall functionality in all profiles(see my post http://techibee.com/windows-2008/what-is-domain-public-and-private-profiles-in-windows-2008-firewall/478 for different profiles in 2008 firewall), you need to rely on some command line options.

Netsh is one of the very useful command line utilities in windows environment. Now in this post, I will show you how to disable firewall profiles(Private, public, domain) on a windows 2008 Core. You need this command in Server Core environment because, you cannot manage firewall remotely as there is a provision and you can not manage it from local host as core supports no GUI. Only option is command line utility.

Now, let us see how we can disable firewall functionality from all profiles

netsh advfirewall set allprofiles state off

If you want to turn off the firewall for individual  profiles use the below commands

netsh advfirewall set domainprofile state off

netsh advfirewall set privateprofile state off

netsh advfirewall set publicprofile state off

You can turn on firewall back by simply replacing “off” with “on” in above commands.

Netsh utility allows us to perform more set of operations on different components of operating system. You can explore the help(netsh /?) to lean about it further.

You can also download a NetSH Technical reference guide from MS website. Refer to http://techibee.com/general/download-netsh-technical-reference-for-windows-2008windows-7/494 for more details.

Hope this helps.

Microsoft has released a tool which helps you in blocking the installation of Windows 7/Windows 2008 R2 Service Pack 1 through windows Updates. You can download it from here.

This download contains three files.

1. SPBlockingTool.exe — A microsoft executable

2. SPReg.bat  –  A batch script

3. NoSPUpdate.ADM — A ADM file to use with GPOs

The installation of service pack 1 through Windows Update can be stopped with one of the above above given tools. If you plan to use the executable, you need to pass /B switch to it to block the installation and /U switch to unblock the installation. Similar functionality can be achieved with BAT script also. It helps you to run against remote system as well. Third approach is using the ADM file in your Group Policies. This GPO procedure is very straight forward and like using any other ADM file.

Irrespective of approach you use, it creates a key value name “DoNotAllowSP” and sets it to “1” under HKLMSoftwarePoliciesMicrosoftWindowsWindowsUpdate registry key to block the installation. It deletes this newly created key when you instruct it to unblock the installation restriction.

Hope this helps you.

Since windows core provides a CLI based interface, it necessitates learning command line stuff for system administrators. Though most of the tasks can be performed remotely, tasks related to network has to be done from the Core console itself. Here in this post, I will provide you two simple commands to enable and disable network connections from Windows 2008 Core console.

First let’s see the list of network adapters available in the server.

Netsh interface ipv4 show interface

Now disable the connection with name “Local Area Connection 2″

netsh interface set interface “Local Area Connection 2″ DISABLE

Similarly, to enable a connection back, just replace DISABLE with ENABLE in above command.

I recommend doing these operations from server console(or ILO/DRAC) directly as this can cause network interruptions and running these commands can take your server out of network. Cross verify the commands and run them with caution.

Windows Firewall is one of the components which is enhanced greatly from windows XP to windows 7. In windows 7 it acts as two way firewall(Inbound/Outbound) with many advanced security features. This is also called as “Windows Firewall with Advanced security” in Window s7.

The more features, the more details you need it for troubleshooting issues. Since this version of firewall acts as a bi-directional one, you need good amount logging to troubleshoot network connection level issues on windows 7 and windows 2008 R2.

This article talks about how to enable this logging, location of log files, and few more options avaiLalble in logging.

Enabling Logging in Windows 7/Windows 2008 firewall.

It is pretty easy. If you want to enable on a single computer, just go to Start -> RUN -> and type  wf.msc , this opens up “Windows Firewall with Advanced Security”.

Now Right click on “Windows Firewall With Advanced Security on Local Computer” and go to properties which opens below page.

Select “Customize” option under logging.

There browse for log files location where you want to place the logs and also choose the size limit for log files.

Your Logging will not start until you select “YES” for one of the following options. 1) Log dropped packets 2) Log Successful connections.

Click OK twice to complete your configuration.

This completes the configuration.

In my next post I will talk about how to analyze these logs files. Hope this information helps you.