Ondrej Žilinec – IT Blog

Here is my best practice to re-create tape library under Symantec Backup Exec (I used version 12.5):

• Delete all tape devices from Symantec
  • You must disable Robotic Library first by unchecking “Enable”

• When it’s disabled you can “Delete” tape Drives and then Robotic Libraries

• Uninstall all Symantec drivers using tapeinst.exe
  • In Symantec installation directory look for file tapeinst.exe file and run it.
  • Choose to “Uninstall and remove all Symantec devices…” and run it.

• There shouldn’t be any tape drives and media changers in Device Manager at this time

• Reboot server

• Install Symantec drivers using tapeinst.exe
  • In Symantec installation directory look for file tapeinst.exe file and run it.
  • Choose to “Use Symantec tape drivers for all supported tape devices” and run it

• Now you should see new devices in Device Manager

• Create new tape devices using hotswap.exe
  • This is really straightforward process without need of any explanation.

And you are all done 🙂

Remarks:

• Sometimes this process doens’t work and you need to change SCSI ID if your library allows it.
• Symantec website about tapeinst.exe
• Symantec website about hotswap.exe

Thanks to Róbert Švec for refreshing my memories 🙂

Here is one reason why I don’t like ESET Antivirus:

I don’t think it needs any comments 😀

Here is official website I saw it at.

Last night I removed Domain Controller Role from Exchange 2007 server and we had problem in the morning with Exchange Outlook Web Access (OWA). We couldn’t log in at all. Symptomps:

• Form based authentification was enabled, but Basic was proposed to clients instead
• When users logged in they received 440 Login Timeout error

After couple minutes of googling I found this article which solved problem.

IMHO when computer was demoted from domain controller role it created local SAM database and didn’t use domain created accounts IUSR_ComputerName and IWAM_ComputerName.

When you want to use system variables in GPO Preferences you can do so. For example: if you want to create folder on user’s desktop called as computer name, you can use variable in New Folder Properties:

If you don’t know what variables you are able to use in Preferences input fields you can press F3 and it will display you a list of variables you can use:

I just found info at Microsoft.

More often I see people (IT admins) not understand differences between Local Service Accounts so I decided to write more about it:

SYSTEM

This account has full access to local computer. It can access network resources with rights (account) of the computer. This account has full access to domain it self when used on Domain Controller.

LOCAL SERVICE

This account has same right as local Users group. It goes to network as annonymous user (null session).

NETWORK SERVICE

It’s almost same as LOCAL SERVICE. Only difference is that it uses computer account to access network resources.

Today I was solving problem with open relay Exchange server. I came to server and it was full of SPAM e-mail messages. I needed to clean all this mess from Submission queue. I used following command:

Get-Message -Filter {FromAddress -eq “<>”} -Server MAILSERVER | Remove-Message

That’s all folks 🙂

I was just browsing Internet a looking for built-in utilities in Windows. I found one nice one getmac.exe which can get the list of MAC addresses on local or remote computer. It’s nice utility and it’s better to use it to find out MAC addresses, because looking into ipconfig /all verbose output is very time consuming (look in it when IPv6 is enabled). 🙂

Also ipconfig cannot be run on remote machine without using other utility (for example psexec).

More information here.

Just a quick image about differences between “old” Software Restricion Policy and “new” AppLocker:

Now it’s easy to describe and remember.

Sometimes you need to find out some basic informations about user in domain when you are regular user. You can use command:

net user USER_name /domain

and you get some informations:

net user /domain

Thanks to my coleague Peter Ivanco 🙂

I had to change NTP servers on 40 ESX servers today. When I started to click this settings via vShere Client I was bored after two pieces 🙂 Then I have decided to use vShere PowerCLI.

Run vShere PowerCLI. Then I had to connect to Virtual Infrastructure server:

Connect-VIServer vCenterSERVER_Name.domain

List all ESX servers and put this list into variable:

$hosts=Get-Cluster Cluster | Get-VMHost

And the last, run couple commands to proceed:

ForEach ($ESX in $hosts)

{

     Remove-VMHostNtpServer -NtpServer “NTP_SERVER_OLD1” -VMHost $ESX | Out-Null;

     Remove-VMHostNtpServer -NtpServer “NTP_SERVER_OLD2” -VMHost $ESX | Out-Null;

     Add-VmHostNtpServer -NtpServer “NTP_SERVER_NEW_01” -VMHost $ESX | Out-Null;

     Add-VmHostNtpServer -NtpServer “NTP_SERVER_NEW_02” -VMHost $ESX | Out-Null;

     Get-VMHostService -VMHost $ESX | Where-Object {$_.key -eq “ntpd” } | Restart-VMHostService -Confirm:$false | Out-Null

}

And everything was set in couple of seconds 🙂

Remove-VMHostNtpServer – removes NTP settings for ESX

Add-VMHostNtpServer – adds NTP settings for ESX

Last command restarted ntpd service.

Have a nice day,