Archive

Archive for the ‘Windows’ Category

DNS netmask ordering

March 19th, 2014 No comments

One customer has two physical locations. Here is following IP setting for both locations:

Location 1 – IP range 10.0.0.0/23 and wpad server is 10.0.0.22

Location 2 – IP range 10.0.2.0/24 and wpad server is 10.0.2.22

When you create two same A records in DNS you get two IP addresses on DNS query. Order of DNS record is changing, because we have Round Robin enabled on our DNS servers. This is default behaviour.  Here is some testing with nslookup:

Same results were in both locations. What we wanted to achieve was that we need DNS servers to return IP address 10.0.0.22 in location Location 1 on first place and IP address 10.0.2.22 in location Location 2 on first place. To make it work we need to look on feature called netmask ordering on DNS servers. You can read more here.

Let’s transfer IP addresses in each location into binary:

10.0.0.0/23

00001010.00000000.00000000.00000000 — 00001010.00000000.00000001.11111111

10.0.2.0/24

00001010.00000000.00000010.00000000 — 00001010.00000000.00000010.11111111

Networks in both locations are same to 22 bit from begging. First different bit in 23rd. So we need to change netmask ordering on DNS server to use first 23 bits to compare when returning results to client. It means our netmask ordering has to be set to:

00000000.00000000.00000001.11111111 — 0x000001FF

We need to set it on all DNS server and restart DNS service:

Once we do this on server we can see following result in Location 1:

and following result in Location 2:

So now it’s all set and ready to go.

Have a great day,

RemoteApp Name problem

February 26th, 2014 No comments

At one customer I have implemented RemoteApp on Windows Server 2012 R2. Clients connecting to RemoteApp were Windows 7. Everything worked fine besides one computer. When I launched RemoteApp from application provided automatically using Control Panel, I received following error (This RDP file is corrupted. The remote connection cannot be started.):

When I tried to run application using Web portal everyhing worked fine.

Names of the RemoteApp contained diacritics and name was displayed in bad form:

So I tried to disable all diacritics in RemoteApp names and everything started to work as it should.

Weird things are:

  • There are not limits defined on web for RemoteApp names
  • There are not errors logged anywhere with saying anything about “bad name” in RemoteApp

So remember not to have any other characters in RemoteApp names besides clasis english ones.

Have a nice day,

 

Moj prvý pokus o prezentáciu na ShowIT 2013

February 12th, 2014 No comments

Nech sa paci LINKA.

 

Categories: Microsoft, Windows Tags: ,

Moje prednášky pre ShowIT 2014

February 12th, 2014 No comments

Na ShowIT tento rok som dostal priestor pre dve prednasky:

Deep-dive do Group Policy plus novinky Windows 2012 R2

Úložisko a de-duplikácia dát vo Windows 2012 R2 s podporou VDI

Casom budu aj videa 🙂

 

Categories: Microsoft, Windows Tags: , , ,

AVMA key in Hyper-V

November 26th, 2013 No comments

When you buy Windows Server 2012 R2 Datacenter edition you don’t have to activate every Windows Server 2012 virtual machine (Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard or Windows Server 2012 R2 Essentials.). There is new license key for Windows. It’s called Automatic Virtual Machine Activation (AVMA). You have to active Hyper-V host operating system. Then you use one of following AVMA keys for VMs on your Hyper-V hosts:

Datacenter Y4TGP-NPTV9-HTC2H-7MGQ3-DV4TW
Standard DBGBW-NPF86-BJVTX-K3WKJ-MTB6V
Essentials K2XGM-NMBT3-2R6Q8-WF2FK-P36R2

You use this keys using elevated command prompt on VM:

slmgr /ipk <AVMA_key>

When you do all of these steps all your Windows Server 2012 will be automatically activated. Even without  access of Internet from VM.

I hope something similar will be deployed on VMWare virtualization.

More oficial from Microsoft here.

Categories: Microsoft, Windows Tags:

Quickie: Delete all Offline files on Windows XP

November 19th, 2013 No comments

Couple days ago I migrated fileserver. We moved redirected My Documents for users on another server. We also hided these shares behind DFS namespace to make it more manageable in future. But we found out problem with this setup –  offline files. Windows XP kept offline copies of old and new redirected files. We had to clean this offline data database. I setup start up script:

@ECHO OFF
IF EXIST C:\OfflineFilesClean.txt (
  REM Do one thing
) ELSE (
  reg.exe add “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache” /v FormatDatabase /t REG_DWORD /d 1 /f
  echo Vymazane > C:\OfflineFilesClean.txt
)

This script was dedicated just for Windows XP, so I had to apply GPO using WMI filter:

SELECT * FROM Win32_OperatingSystem WHERE Version LIKE “5.1%” and ProductType = “1”

This script would work also on Windows 7 and Windows 8, but those OS didn’t have problem.

That’s all for today,

News in DHCP client since Windows 7

September 26th, 2013 No comments

Imagine you have DHCP server on network. You have all Windows XP and older clients. When DHCP server was not accessible on network during client’s startup, client computer couldn’t get IP address and it assigned APIPA address. This was a problem. So let’s look what’s new since Windows 7.

I prepared following scenario:

  • One DHCP server Windows Server 2012 – 192.168.0.10
  • One DHCP server Windows Server 2012 acting as default gateway – 192.168.0.11
  • One Windows 8 client – DHCP assigned
  • One Windows 7 client – DHCP assigned

When I client wants to get TCP/IP settings from DHCP server, there are four DHCP packets (DISCOVER, OFFER, REQUEST and ACK) going on network. Network dump on DHCP server:

This is normal behaviour even in old clients. Now I shutdown client and stop DHCP server. When I started client computer I found out that client computer has IP address it received from DHCP server before reboot.

So let’s restart client again and see what happends. Client computer has same TCP/IP settings, it had before reboot (TCP/IP settings received from DHCP server before I stopped DHCP server). Client computer keeps asking DHCP server to renew TCP/IP settings (using DHCP REQUEST):

So how client computer knows if it has to set cached TCP/IP settings before DHCP server stopped to respond? I assume it depends on gateway and its IP or MAC address. So let’s disconnect gateway from network and reboot client computer. Now client has APIPA TCP/IP settings and it looks for DHCP server by DHCP DISCOVERY:

It means it depends on health of gateway if client keeps TCP/IP settings assigned by DHCP or not. I haven’t seen any ICMP packet to check network healt of gateway so I assume it check MAC address. So let’s look for ARP packets from client to gateway. Looks like client asks for MAC address of saved default gateway IP address. When it received answer, it sets TCP/IP settings to cached TCP/IP settings:

Question is if client computer compares MAC address to some saved one or it just waits for ARP response and doesn’t care of MAC address. Let’s change MAC address of default gateway. Client keeps asking via ARP for MAC address. MAC address is different and client doesn’t set its saved TCP/IP settings (it sets APIPA settings):

So where client computer saves MAC address of default gateway?

Yes, in registry. 🙂 It’s saved under registry key:

and there are subkeys for each interface and under this key there is binary value called DhcpGatewayHardware which contains MAC address:

When client starts it checks for MAC address of its saved default gateway IP address. Then it compares to saved MAC address from registry. If these two MAC addresses don’t match, client deletes all saved TCP/IP settings from registries and uses APIPA (if there is not Alternate Configuration). In background it still looks for DHCP server by sending DHCP DISCOVER packets.

So now we have smaller problem on Mondays when DHCP server is down (of course by accident 🙂 ) and everyone is trying to get to network resources 🙂

I haven’t find any article about this new behaviour on oficial Microsoft websites.

That’s all folks,

 

Quickie: Insert date and time into Notepad document

September 23rd, 2013 No comments

When I do some change I note when and what I have done. I use notepad. I used to type date and time to every step I made, for example during migration. My colleague Robert Švec told me about key F5 which puts actual date and time into notepad document 🙂

That’s just a quick quickie today.

Categories: Quickie, Windows Tags: , , ,

Problem with WSUS client

August 14th, 2013 No comments

 

Today I had problem on one server Windows Server 2008 R2. This server logged error 800B0001 with Windows Update Client:

 

Error 800B0001

 

When I looked at event viewer I saw same error:

  error 0x800b0001

 

and WindowsUpdate.log logged following:

 

 

I knew about one issue which is described in this article. But this article didn’t help. When I looked for file C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab, I found out there isn’t such a file. I copied this file from other server Windows Server 2008 R2 and now everything works fine 🙂

So in Microsoft world .cab file is not trusted if it doesn’t exist! 😀 Coool.

 

 

Implementing Remote Assistance into context menu of ADUC

August 6th, 2013 5 comments

Couple days ago I wrote about Remote Assistance. I wanted to make this feature as close as possible to administrators so I decided to implement special item in context menu of ADUC. Let’s do it.

We need to prepare script first. I wrote very simple one:

==========


‘ Script to run Remote Assitance on domain computer

Set wshArguments = WScript.Arguments
Set objUser = GetObject(wshArguments(0))


‘ Check if Remote Assistance is installed

Set fso = CreateObject(“Scripting.FileSystemObject”)
If (fso.FileExists(“C:\Windows\System32\msra.exe”)) Then
 ‘ Is istalled
 Set objShell = WScript.CreateObject(“WScript.Shell”)
 Return = objShell.Run(“C:\Windows\System32\msra.exe /offerra ” & objUser.dNsHostName, 1, true)
Else
 ‘ Is not installed, error.
 Wscript.Echo “Microsoft Remote Assistance is not installed on this machine.”
End If

==========

Let’s save this script as .vbs file into \\DOMAIN.LOCAL\NETLOGON directory. Now when we have a script, we need to create context menu in ADUC. This can be accomplished using ADSI Edit tool. Start ADSI Edit tool and look for CN=409,CN=DisplaySpecifiers,CN=Configuration,DC=domain,DC=local. There look for CN=computer-Display. Right-click on CN=computer-Display and select Properties.

 

aduc01

 

In attribute adminContextMenu add following line:

2, &Remote Assistance,\\domain.local\NETLOGON\RemoteAssistance.vbs

Description:

2 – order number

&Remote Assistance – name of the item in context menu

\\domain.local\NETLOGON\RemoteAssistance.vbs – command to run

When you click OK, OK in ADSI Edit your work is done. Now when you click on computer account you can see and use following context menu item:

 

aduc02

 

And that’s all folks.