All post

Monday, July 20, 2009

"I need an up-to-date list of disk space usage for all servers, on my desk in 5 minutes"

3:30 PM No Comments

Sounds familiar?

With (native) Windows XP Professional or Windows Server 2003 commands:

    FOR /F %%A IN (servers.txt) DO (
       WMIC /Node:%%A LogicalDisk Where DriveType="3" Get DeviceID,FileSystem,FreeSpace,Size /Format:csv | MORE /E +2 >> SRVSPACE.CSV
   )

The only prerequisites are:

  1. SRVSPACE.CSV should not exist or be empty,
  2. a list of server names in a file named SERVERS.TXT, one server name on each line,
  3. and WMIC.EXE, which is native in Windows XP Professional, Windows Server 2003 and Vista.

The CSV file format is ServerName,DeviceID,FileSystem,FreeSpace,Size (one line for each harddisk partition on each server).

If you have a strict server naming convention, SERVERS.TXT itself can be generated with the NET command:

    FOR /F "delims=\  " %%A IN ('NET VIEW ^| FINDSTR /R /B /C:"\\\\SRV\-"') DO (>>SERVERS.TXT ECHO.%%A)
Notes: (1) assuming server names start with "SRV-"; modify to match your own naming convention.
(2) delims is a backslash, followed by a tab and a space.

Delete a computer account

3:30 PM No Comments

With native Windows 2000 commands:

    NETDOM /DOMAIN:MyDomain MEMBER \\computer2Bdeleted /DELETE

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

List all workstations

3:30 PM 5 Comments

With native Windows 2000 commands:

    NETDOM QUERY /D:MyDomain WORKSTATION

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

Find the primary domain controller

3:29 PM No Comments

With native Windows 2000 commands:

    NETDOM QUERY /D:MyDomain PDC

or, to find the FSMO with (native) Windows Server 2003 commands (Active Directory only):

    NETDOM QUERY /D:mydomain.com FSMO

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

List all domain controllers

3:28 PM No Comments

With native Windows 2000 commands:

    NETDOM QUERY /D:MyDomain DC

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

With (native) Windows Server 2003 commands (Active Directory only):

    DSQUERY Server

or, if you prefer host names only (tip by Jim Christian Flatin):

    DSQUERY Server -o rdn

How do I reset someone's password?

3:25 PM No Comments

With the native NET command:

    NET USER loginname newpassword /DOMAIN

With (native) Windows Server 2003 commands:

    DSQUERY USER -samid loginname | DSMOD USER -pwd newpassword
Note: To prevent the new password from being displayed on screen replace it with an asterisk (*); you will then be prompted (twice) to type the new password "blindly".

What groups is this user a member of?

3:23 PM No Comments

In Windows NT 4 and later, users usually are members of global groups. These global groups in turn are members of (domain) local groups. Access permissions are given to (domain) local groups.
To check if a user has access to a resource, we need to check group membership recursively.
With (native) Windows Server 2003 commands:

    DSQUERY USER -samid loginname | DSGET USER -memberof -expand

What is the full name for this login name?

3:23 PM No Comments

With the native NET command:

    NET USER loginname /DOMAIN | FIND /I " name "

With (native) Windows Server 2003 commands:

    DSQUERY USER -samid *loginname* | DSGET USER -samid -display
Note: The NET command may seem more universal, because it requires neither Active Directory nor Windows Server 2003 commands, but it is language dependent!
For non-English Windows you may need to modify FIND's search string.

What is this collegue's login name?

3:22 PM No Comments

My collegues often forget to mention their logon account name when calling the helpdesk, and the helpdesk doesn't always ask either. I suppose they expect me to know all 1500+ accounts by heart.
With (native) Windows Server 2003 commands only:

    DSQUERY USER -name *lastname* | DSGET USER -samid -display
Note: Windows Server 2003's "DSTools" will work fine in Windows 2000 and XP too, when copied.
Keep in mind, however, that some Windows Server 2003 Active Directory functionality is not available in Windows 2000 Active Directories.

Who is logged on to a computer?

3:20 PM No Comments

We often need to know who is currently logged on to a remote computer.
With native Windows commands only:

    NBTSTAT -a remotecomputer | FIND "<03>" | FIND /I /V "remotecomputer"

The first name in the list usually is the logged on user (try playing with the NET NAME command to learn more about the names displayed by NBTSTAT).
This is the fastest way to find the logged on user name, and the results that you do get are correct, but NBTSTAT won't always return a user name, even when a user is logged on.

Using WMIC (Windows XP Professional and later):

    WMIC /Node:remotecomputer ComputerSystem Get UserName

This is arguably the most reliable (native) command to find out who is logged on.

With the help of SysInternals' PSTools:

    PSLOGGEDON -L \\remotecomputer

or:

    PSEXEC \\remotecomputer NET CONFIG WORKSTATION | FIND /I " name "

or:

    PSEXEC \\remotecomputer NET NAME

or:

    PSEXEC \\remotecomputer NETSH DIAG SHOW COMPUTER /V | FIND /i "username"

or:

    FOR /F %%A IN ('REG Query \\remotecomputer\HKU ˆ| FINDSTR /R /B /C:"HKEY_USERS\\S-1-5-[0-9][0-9]-[0-9-]*$"') DO (
       FOR /F "tokens=3 delims=\" %%B IN ('REG Query "\\remotecomputer\%%A\Volatile Environment"') DO (
           SET LoggedinUser=%%B
       )
   )

NETSH and WMIC are for XP or later, and are the most reliable of all commands shown here.
WMIC requires WMI enabled remote computers and Windows XP on the administrator's computer; NETSH requires Windows XP on the remote computers.

PSLOGGEDON is a more accurate solution than NBTSTAT, but it will return the last logged on user if no one is currently logged on.

The NET and NBTSTAT commands show more or less identical results, but the NBTSTAT command is much faster.

The REG command is accurate, but may need to be modified depending on the version used. As displayed here, the code is written for REG.EXE 3.0 (XP).

If you want to search lots of computers for logged on users, I recommend you try NBTSTAT first (fast, but it won't always return the user name!), and only switch to NETSH, REG or WMIC (accurate) if NBTSTAT doesn't return a user name.

Credits: Jiří Janyška (WMIC command) and Matthew W. Helton (NETSH command).

How many users are logged on/connected to a server?

3:17 PM No Comments

Sometimes we may need to know how many users are logged on to a (file) server, like maybe when there is a performance degradation.
At the server's console itself, with native commands only:

    NET SESSION | FIND /C "\\"

Remotely, with the help of SysInternals' PSTools:

    PSEXEC \\servername NET SESSION | FIND /C "\\"

By replacing FIND /C "\\" by FIND "\\" (removing the /C switch) you'll get a list of logged on users instead of just the number of users.

Domain implementation and Group policies brief overview

10:31 AM No Comments

Thursday, July 9, 2009

Backing Up Domain Controllers

8:02 PM No Comments

It is important to back up your domain controllers to ensure their availability. Backing up a domain controller is like backing up a Microsoft® Exchange member server. The primary difference between backing up a domain controller and backing up an Exchange member server is that you do not have Exchange databases to consider when you back up a domain controller. The method that you use to back up your domain controller depends on the disaster recovery strategy you choose.

When you use Backup to back up the System State data of a domain controller, you also back up the Active Directory® directory service database. To back up the System State data of a domain controller that is running Active Directory, you can use the same procedure as you would for a server that is not a domain controller. However, you must also back up additional files, such as the Active Directory database and log files, and all other files for the system components and services on which Active Directory depends.

The following Active Directory files are part of a System State data backup of a domain controller. By default, these files are located in the Active Directory folder in %SystemRoot%\Ntds.

Active Directory files to back up

File type Definition

Ntds.dit

The Active Directory database.

Edb.chk

The checkpoint file.

Edb*.log

The transaction log files; each file is 10 megabytes (MB).

Res1.log and Res2.log

The reserved transaction log files.

In addition to the System State data, you must also back up the Microsoft Windows® boot partition and system partition when you perform either a Windows backup or a full computer backup of a domain controller.

Circular logging for Active Directory is enabled on domain controllers and cannot be turned off. If you lose all your domain controllers to a disaster and must restore a backup of Active Directory, you will lose data that was written to Active Directory after the backup set was made. Therefore, make regular backups of Active Directory. It is recommended that you back up one domain controller nightly.

Consider the following recommendations before you back up a domain controller:

  • Create a Windows backup set of at least one domain controller to preserve the Active Directory information which is vital to your Exchange servers. If you make changes to your Exchange organization such as (but not limited to) adding new servers, moving users, or adding new storage groups and databases, it is highly recommended that you make a new backup of a domain controller to preserve these changes to Active Directory. You can use the backup of a domain controller to restore the domain controller and the version of Active Directory that was on the domain controller at the time that it was backed up. Additionally, you can choose whether this Active Directory information replicates to other domain controllers. By default, the backup utility (Backup) in Windows Server 2003 performs non-authoritative restores of Active Directory information. Active Directory objects that are part of an authoritative restore replicate from the restored domain controller to the other domain controllers on the network. The Active Directory objects from the backup replace the Active Directory objects in the domain, regardless of the update sequence numbers (USNs). For more information about authoritative restores, see Microsoft Knowledge Base article 241594, "HOW TO: Perform an Authoritative Restore to a Domain Controller in Windows 2000."
  • Create Windows backup sets frequently enough to make sure that they are valid backups. If the date of your System State data backup exceeds the maximum age limit set in Active Directory, the backups are not valid, and your Windows Server 2003 operating system prevents you from restoring Active Directory. For more information, see Knowledge Base article 216993, "Useful shelf life of a system-state backup of Active Directory."
  • Re-create the failed domain controller and populate its copy of Active Directory through replication from the unaffected domain controllers in your organization, instead of restoring your data from a backup.
  • Perform a non-authoritative restore of Active Directory from backup, and then allow the other domain controllers on the network to update the restored domain controller. This method is especially useful when you have a slow link over which to replicate data, a large Active Directory database, or both.

Friday, June 26, 2009

network monitoring software WhatsUpGold

6:36 PM No Comments
network monitoring software/
WhatsUp Gold - Network Monitoring Utility

WhatsUp Gold network management software monitors over 100,000 networks worldwide. At Ipswitch we’ve been dedicated to IT managers for over 15 years and listen to our customer’s network needs.

We strive to simplify your complex networks with easy to understand network management products coupled with excellent support from our own network engineers.

Description
===========
 WhatsUp Gold monitors vital network elements and system
 services and generates an alarm when there is a problem.
 It also facilitates remote support and diagnosis by
 providing beeper, pager, e-mail, and voice notifications
 and allowing users to view the status of a network map
 from a Web browser.

 Designed for PCs operating with Windows NT 4.0 or later,
 Windows 2000, 98, 95, Me, WhatsUp Gold can be installed
 wherever needed and does not require expensive,
 dedicated hardware. It will run in the background on your
 PC. WhatsUp Gold will work with any 32-bit TCP/IP stack,
 such as those bundled with Windows NT and Windows. You
 can configure WhatsUp Gold and start monitoring your
 network without any special training.


New Features (WhatsUp Gold 6.0x)
===============================
- Web Interface now allows web security per map.
- Updated User Interface - toolbars, icons and dialogs made
 more user friendly and intuitive.
- Modified menu layout and context menus.
- Map Improvements: Maps are now vector-based graphics that allow
 snap-to-grids, zoom in and out, and the ability to resize maps
 independently. Map properties now have unlimited color choices.
- Log Improvements: Improved the log file display to allow
 filtering, printing, saving and copying. Also improved the
 management of the log file size.
- Customizable notification plug-in system
- Added an SNMP Viewer tool that lets you quickly view the status
 of interfaces on an SNMP device.
- Performance Reports now allow on-demand reporting, and the ability
 to generate an hourly performance report.
- Added a tool to receive syslog messages.

Installation
============
NOTE: To view performance graphs with WhatsUp Gold, you must
have the ODBC32.dll installed.  (If you have Office 97/98/00
or Windows 2000 it is already installed.)

To install or upgrade WhatsUp Gold:
- If you purchased a WhatsUp Gold CD-ROM, insert the CD-ROM.
  If it does not run automatically, click Start, select Run,
  and then enter the CD path followed by Autorun.exe.
  For example, d:Autorun.exe
- If you downloaded WhatsUp Gold from our web site, run the
  downloaded application, wugoldec.exe.




Upgrading
=========
If you are upgrading from a previous version of WhatsUp
Gold or WhatsUp, you should note the following:
--  Back up any network maps (.db for WhatsUp and .wup for
   WhatsUp Gold). (When you open a .db file in WhatsUp Gold,
   the file is automatically converted to the .wup format
   and saved with a .wup extension.)
--  Back up your SERVICES.INI and HOSTTYPES.INI files.
   During installation, WhatsUp Gold will ask if you want
   to overwrite your old SERVICES.INI and HOSTTYPES.INI
   files; answer No.
--  Be sure that WhatsUp Gold has completely shut down
   before doing an upgrade installation. If you exit
   WhatsUp Gold during a poll, it may take up to 30 seconds
   for WhatsUp Gold to remove itself from memory. If you
   press Ctrl+Alt+Del, WhatsUp Gold will remain in the Windows
   task list until it is removed from memory.
--  Defined notifications are stored in a file named
   IPNOTIFY.INI in your Windows or NT directory.
   This file is shared by other Ipswitch products and is
   therefore not deleted or replaced when you upgrade.



Download here

Monday, June 22, 2009

Official Ways to Disable or Manually Uninstall the Microsoft Windows Genuine Advantage Notifications from Microsoft

6:59 PM No Comments

has released step-by-step removal instructions to disable or manually uninstall pilot or pre-release version of Microsoft Windows Genuine Advantage (WGA) Notifications (KB905474) which is versions that range from 1.5.0527.0 to 1.5.0532.2, although the instructions can also be used to uninstall the updated release and general release of the anti-piracy tool, but it will not be supported. Instead, Microsoft recommends to install general release of WGA Notifications (1.5.0540.0) to replace and uninstall the pre-release version during the pilot program.

If you uninstall or WGA Notifications component in your Windows computer which is part of the Windows Genuine Advantage program, Microsoft will offer the general release version of WGA Notifications at a later date (actually is immediately if you check for updates via Windows Update) through the Microsoft Automatic Update service or Windows / Microsoft Update service. So you must unselect the updates or reject the EULA when asked to install again. Microsoft instructions can be found here, or listed below.

Disable WGA Notifications

  1. Log on to the computer by using an account that has administrative permissions.
  2. Make sure that the WGA Notifications version that exists on the computer is a pilot version listed above. The version format for the pilot version is 1.5.0532.x. In this case, you can uninstall versions 527-532 only (Note: the steps should disable other version of WGA Notifications too). To find the WGA Notifications version, follow these steps:
    1. Click Start, and then click Control Panel.
    2. Double-click Add or uninstall Programs, locate and then click Windows Genuine Advantage Notifications, and then click Click here for support information.
    3. In the Support Info dialog box, verify the version number, and then click Close.
  3. Rename the following files by changing the extension to .old:

Rename %Windir%\system32\WgaLogon.dll to %Windir%\system32\WgaLogon.old
Rename %Windir%\system32\WgaTray.exe to %Windir%\system32\WgaTray.old

  1. Restart the computer.

Uninstall WGA Notifications Manually

  1. Log on to the computer by using an account that has administrative permissions.
  2. Make sure that the WGA Notifications version that exists on the computer is a pilot version that range from 1.5.0527.0 to 1.5.0532.2 (Note: other versions should works too). To find the WGA Notifications version, follow these steps:
    1. Click Start, and then click Control Panel.
    2. Double-click Add or uninstall Programs, locate and then click Windows Genuine Advantage Notifications, and then click Click here for support information.
    3. In the Support Info dialog box, verify the version number, and then click Close.
  3. Rename the following files by changing the extension to .old:

Rename %Windir%\system32\WgaLogon.dll to %Windir%\system32\WgaLogon.old
Rename %Windir%\system32\WgaTray.exe to %Windir%\system32\WgaTray.old

  1. Restart the computer.
  2. Unregister LegitCheckControl.dll by using Regsvr32 with these steps:
    1. Click Start, click Run, type cmd, and then click OK.
    2. At the command prompt, type the following, and then press ENTER:

Regsvr32 %Windir%\system32\LegitCheckControl.dll /u

  1. Restart the computer.
  2. Click Start, click Run, type cmd, and then click OK.
  3. At the command prompt, delete the following files by typing the Del command and follow by pressing ENTER after you type each command.

Del %Windir%\system32\wgalogon.dll
Del %Windir%\system32\WgaTray.exe
Del %Windir%\system32\LegitCheckControl.dll

  1. At the command prompt, type regedit.
  2. Locate and then right-click the following registry subkeys. Click Delete after you locate each subkey.
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Winlogon\Notify\WgaLogon
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Winlogon\Notify\WgaLogon
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows \CurrentVersion\removeremove\WgaNotify
Restart the computer
Subscribe to: Posts (Atom)