Currently report files for multiple customers are placed in a source folder monthly. These report files include the customer name and need to be uploaded a for each customer in a subfolder named “Backup Controle” of their own folder.
Notes:
- The customer’s root folder name can differ from the customer name used in the report files.
- The folder “Backup Controle” isn’t always located in the same relative location from the root folder
Example:
- The source report files folder contains:
- Backup Controle – Customer 1 – 12-2012.pdf
- Backup Controle – Customer 2 – 12-2012.pdf
- The customer’s root folder’s might be:
- C:\Customersroot\Cust1
- C:\Customersroot\Client2
- The “Backup Controle” folder might be located at:
- C:\Customersroot\Cust1\folder1\folder2\folder3\temp\folder4\Backup Controle
- C:\Customersroot\Client2\folder1\folder2\Backup Controle
This action was performed manually at first using the SharePoint web interface to browse to each customer’s folder and upload the report. This is ofcourse not the type of work you want to do. Using the SharePoint WebDAV you can perform this using Explorer and drag and drop, which would make it a bit more bearable.
It would however be even better if it could be automated and that’s just what we did with this script. The script contains a function where you can define for each customer:
- Which name filter specifies the customer for the report name. B.e. : “Customer 1” or “Customer 2”
- What the name of the folder is for the customer’s root folder. B.e. : “Cust1” or “Client2”
The script will then recursively look inside the customer’s folder for a folder matching the “Backup Controle” folder and will copy the report to it (assuming the report is not already there).
In this example you would call the function like this:
- Copy-FileMatchingFilterToCustomerFolder “Customer 1” “cust1”
- Copy-FileMatchingFilterToCustomerFolder “Customer 2” “client2”
Note: It is assumed that there is only one folder named “Backup” Controle in the customer’s folder.
Tags: copy, File, folder, move, Powershell, report
I’ve been around in the Windows world for quite some time and have studied quite a bit as well. As such I have always been taught that upgrading the functional level was irreversible. It also didn’t help that I got my Windows 2008 certification through beta exams before R2 was released and even before there were any books available.
Thanks to this blog post however, it came to my attentention that it is possible to lower the Forest and Domain Functional Level from 2008R2 to 2008 or from 2012 to 2008R2.
All of this can only be done using PowerShell as you can read in “Step by Step guide to lower Active Directory functional level” by Aman Sahota.
Tags: Active Directory, AD, domain functional level, forest functional level, functional level, guide, lower domain functional level, lower forest functional level, lower functional level, Powershell, raise domain functional level, raise forest functional level, raise functional level, step by step, step-by-step guide
[EDIT] 09-04-2013 : As described in my blog post, this script has become unnecessary for most people. This is because Microsoft to allow almost every Flash site by default. [EDIT]
[EDIT] 13-01-2013 : Apparently for Windows RT, the script doesn’t seem to be working yet. Unfortunately I have no Windows RT to troubleshoot and resolve the issue. [EDIT]
Windows 8 and Windows RT include support for Flash in Internet Explorer 10.
In Windows 8 there are however two version of Internet Explorer 10 that handle flash websites differently. First there’s Internet Explorer 10 Desktop, which is similar as the Internet Explorer you’ve been used to with previous versions of Windows. Then there’s also Internet Explorer 10 (non Desktop), which is the Internet Explorer in the new modern/Windows interface (Metro) that is full screen.
Internet Explorer 10 Desktop allows Flash for all websites. Internet Explorer 10 (Metro) only allows Flash for websites that have been whitelisted.
Especially for Windows tablets, Flash support can be a selling point because most other tablets don’t have Flash support. It is however confusing for regular consumers that not all their websites will work. By example a friend of mine who’s a hairdresser, uses http://www.kapperssite.nl to show her customers hair models and their haircuts. The site is however completely in Flash and that it is not working by default is very annoying.
The websites that have been whitelisted are defined in your local appdate folder. By example: “C:\Users\Bjorn\AppData\Local\Microsoft\Internet Explorer\IECompatData\iecompatdata.xml”. This file also contains information about websites and which compatibility mode should be used for each. The segment between <flash> and </flash> contains the websites that have been whitelisted for flash. You can manually modify this file as described here: http://forum.xda-developers.com/showthread.php?t=1961793
Basic steps include:
- Modifying the iecompatdata.xml to add the websites you want to whitelist for Flash. Wildcards don’t work unfortunately.
- Open Internet Explorer 10 Desktop, press ALT, Tools, “Compatibility View setting”. Then Disable “Download updated compatibility lists from Microsoft”. This way Microsoft won’t overwrite the updates you’ve made in step 1.
- Delete the IE10 browser history. The disadvantage of this method however is, that you won’t be taking advantage of future compatibility updates because you’ve disabled the update functionality. Leaving it enabled however means that you you would have to keep re-adding sites you want to whitelist for Flash.
As a workaround, I’ve created this script that will automatically perform these tasks:
- Disable “Download updated compatibility lists from Microsoft”
- Close all internet explorer processes.
- Download the latest iecompatdata.xml to the appropriate folder. Currently the latest version is: https://iecvlist.microsoft.com/ie10/201206/iecompatviewlist.xml
The script however will dynamically look for the latest versions by modifying the date in the url.
- Combine the data from the latest iecompatdata.xml with websites you want to whitelist for Flash (specified in “C:\Users\Bjorn\AppData\Local\Microsoft\Internet Explorer\IECompatData\flashsitestoadd.txt).
- Backup the original iecompatdata.xml and store the modified iecompatdata.xml
- Clear the Internet Explorer browsing history.
Because automatic downloading of updated compatibility lists has been disabled, I advise to schedule the script to run on a regular basis (by example monthly). For instructions read this blog post: http://blogs.technet.com/b/heyscriptingguy/archive/2012/08/11/weekend-scripter-use-the-windows-task-scheduler-to-run-a-windows-powershell-script.aspx Keep in mind that this will clear your Internet Explorer browsing history though.
Tags: automation, Compatibility list, Flash, Internet Explorer, Internet Explorer 10, Powershell, Script, Scripting, Whitelist, Windows, Windows 8, Windows RT
Many companies and people in the past have encountered where they lost users, groups or other resources from Active Directory either by disaster or human error. Since Windows Server 2008 R2, you can use the Active Directory Recycle Bin to easily recover from this.
The AD Recycle Bin features requires a forest functional level of Server 2008 R2 or higher and is disabled by default. Also, once it has been enabled it cannot be disabled.
With Windows Server 2008 R2 you could only enable the AD Recycle Bin using Windows PowerShell and you could also only restore objects using CLI. With Windows Server 2012 you can both enable and restore very easily from the GUI using Active Directory Administrative Center (ADAC).
The script can be found here.
The script basically performs the following steps:
- Determine the current forest.
- Use parts of the current forest name to dynamically generate a command that is appropriate for every environment to enable the Active Directory Recycle Bin Feature.
- If the Active Directory Recycle Bin Feature hasn’t been enabled yet, enable it.
Even though it has become very easy to do using the GUI in Windows Server 2012, automating is Always better. Therefore I also added it to the script I used in: Home LAB Setup guide – 04 Configuring Server 2012 VM as DC with DNS and DHCP using PowerShell
Tags: Active Directory, active directory recycle bin, AD, AD Recycle Bin, automation, Powershell, recycle bin, Script, Scripting, Windows
In the first part of this LAB setup guide, I described the hardware selection process.
In the second part I described the hypervisor selection and installation.
In this post I will describe the VM guest considerations and preparations.
VM guest considerations
Considerations for your VM guests:
- Use legacy network adapter ? Could be necessary for by example PXE boot.
- In most cases the regular network adapters will be the best choice.
- How much memory to assign ? Should I use dynamic memory in Hyper-V ? Should I overcommit using VMware ?
- In most cases for your home lab it is probably best to use dynamic memory / overcommit. Some applications however might not work correctly, or you might not have the desired outcome.
- How many virtual CPUs should I assign ?
- Should I store my VMs on a single physical disk or on multiple physical disks ?
- Should I use virtual disks or pass-through disks ?
- For VMs that I use for testing, I use virtual disks because they provide more flexibility.
- For my file server I choose to use pass-through disks so I can simply remove the disk from my server and place them in another system. I’m also afraid that should you encounter an issue when using a virtual disk, that the chance is greater that you lose everything because the virtual disk will break.
- When I use virtual disks, should I use thin provisioned disks or thick provisioned disks ?
- Thick provisioned disks are supposed to deliver better performance, but at the cost of more disk space. Also for a home LAB I doubt the performance loss is minimal and acceptable, so I would go with thin provisioned disks. Also when using SSD disks, space is costly and limited. Be sure to monitor disk space usage though.
- Should I use differencing disks in Hyper-V / linked clones in VMWare ?
- When you plan to use multiple VMs running the same operating system, you can save space by using differencing disks / linked clones. This also impacts the disk I/O however, so monitor it to see if it fits your needs. Since I use SSD disks and run multiple VMs with the same OS, I use differencing disks.
VM guest preparations
An home LAB is not complete without VM guests ofcourse. The basic methods for provisioning are:
- Using pre-prepped VMs that are provided by third parties like by example Microsoft and VMWare. For VMWare there is even a virtual appliance Marketplace.
- Installing VMs manually every time.
- Using 3rd party deployment tools to provision operating systems to VMs. By example System Center Configuration Manager.
- Deploying VMs from templates you create manually.
Often you’ll use a combination of the methods. In my case I’ll deploy many instances of the same guest OS versions for my test lab. I’ll often deploy various versions of Windows multiple times. Therefore I create my own templates for my test lab.
Basic actions for template creation are:
- Installation of the operating system
- Installing the Hyper-V Integration Component (or VMWare tools).
- Adding roles and features I expect to be using in (the majority of) my VMs.
- Downloading and installing the latest updates.
- Performing sysprep to generalize the installation and choosing to turn off the system afterwards.
DO NOT TURN ON THE SYSTEM, otherwise you need to run sysprep again.
- Saving the virtual disk files for future use.
- If you’re going to be using differencing disks, you will use this disk as the parent disk. Make sure you set it to read-only.
Using this approach I’ve created my own templates consuming 180GB and covering most of the operating systems I (can) encounter and want to test with:
Windows2003-Enterprise-R2-SP2-x64-ParentDisk-Readonly.vhdx
Windows2003-Enterprise-R2-SP2-x86-ParentDisk-Readonly.vhdx
Windows2008-SP2-x64-ParentDisk-Readonly.vhdx.vhdx
Windows2008-SP2-x86-ParentDisk-Readonly.vhdx.vhdx
Windows2008R2-SP1-x64-ParentDisk-Readonly.vhdx
Windows2012-Datacenter-Core-ParentDisk-Readonly.vhdx
Windows2012-Datacenter-GUI-ParentDisk-Readonly.vhdx
Windows7-Enterprise-SP1-x64-ParentDisk-Readonly.vhdx
Windows7-Enterprise-SP1-x86-ParentDisk-Readonly.vhdx
Windows8-Enterprise-x64-ParentDisk-Readonly.vhdx
Windows8-Enterprise-x86-ParentDisk-Readonly.vhdx
WindowsVista-Enterprise-SP2-x64-ParentDisk-Readonly.vhdx
WindowsVista-Enterprise-SP2-x86-ParentDisk-Readonly.vhdx
WindowsXP-Pro-SP3-ParentDisk-Readonly.vhdx
WindowsXP-Pro-x64-ParentDisk-Readonly.vhdx
Storing backups and ISO files
When you have files that have lots of similar data, they are very suitable for deduplication. Also read this great blog post if you want to know how it works.. With for example ISO files and powered-off VMs you can save a lot of space. You should however not configure this for files that change on a regular basis like by example actively running VMs. With Server 2012, you can easily enable deduplication for volumes. Also keep in mind that these files do not require high IOPS, so you can store them on slower disks.
If you want to check how much space you can save without installing Server 2012 and its deduplication feature, you can also run the deduplication evalutation tool (ddpeval.exe) on Windows 7, Windows 8, Windows 2008 R2 or Windows Server 2012. You can even “hack” Windows 8 Pro to allow deduplication.
I was able to reduce the used disk space with 75% from 215 GB to 50 GB. This was with ISO files and the backups of the parent disks I created earlier (not the ones in use).
In the next post I will describe configuring Server 2012 VM as DC with DNS and DHCP using PowerShell.
Tags: hypervisor, ICT, lab, virtualization
In the first part of this LAB setup guide, I described the hardware selection process. In this second part I will be describing the hypervisor selection and installation.
Hypervisor selection
First of all, you have to decide on which bare metal hypervisor(s) you wish to use. Personally I prefer Microsoft Hyper-V and VMWare ESXi. Alternatives include but are not limited to Citrix XenServer, Xen, KVM, Red Hat Enterprise Virtualization. I don’t have much experience with these hypervisors though.
Characteristics that could influence your choice of hypervisor:
- Supported hardware.
- Performance of the hypervisor.
- Features of the hypervisor. By example when using Transparent Memory Page Sharing, it requires less memory when you run many highly identical systems on a host.
- Footprint / attack surface.
- Supported methods for running the OS. By example run from USB stick.
- Price (many hypervisors have free versions available, compare features).
- Support (for a home lab probably not that important).
- Available documentation / study resources.
- How active the community behind it is.
- Supported VM / guest operating systems.
- Ease-of-use.
- Availabilty of downloadable virtual appliances (VMWare) or pre-prepped environments (Microsoft) without having to (try and) convert them.
Everyone needs to determine which hypervisor best meets their needs. Personally I mainly work with Microsoft software and decided to use Hyper-V 3.0 in Windows Server 2012. It’s convenient for me to be able to easily load pre-prepped environments that are provided by Microsoft (in Hyper-V format). I also run Client Hyper-V on my Windows 8 laptop, which makes it easier for me to take my VM’s with me. I do plan to keep up with VMWare developments as well though, so I will create a bootable USB flash drive to boot in VMWare from time to time.
Hypervisor installation
- Before installing the hypervisor, make sure that virtualization related settings are enabled. The names of these settings may differ. Examples are Intel VT (Virtualization Technology), AMD-V and Hardware DEP (Data Execution Prevention), EM64T, Execute Disable Bit. During installation you will get prompted normally though if you have forgotten to enable these.
- There are often many options with regards to the installation. By example do a GUI install or a scripted/CLI install. Or install/run from normal harddisk or flash drive. With Server 2012 Hyper-V you can choose to run it in Windows Server 2012 core or in the GUI version. I chose to use the Server 2012 GUI Hyper-V installation because I’m not sure if my raid management software will work from within the core version.
- Installation of the hypervisor is normally pretty straight forward. But before you install, read the documentation.
- After you’re done installing, you still need to configure the settings to meet your requirements. Preferrably you’ve already created and documented your own design.
- Don’t forget to configure hardware monitoring if possible. In my case I’ve configured my raid controller management software to send e-mails when storage related issues are detected.
- Think about and implement a strategy for backing up and recovering your hypervisor. There are numerous programs for backing up and most are free for personal use. I have no personal experience with specific products, but VeeAm has a good reputation and I’ll be trying if for my lab. Also if you’re a Microsoft Certified Professional, you can get a free NFR license for Veeam Backup & Replication v6.5 for Hyper-V. The same is true if you’re a VMWare Certified Professional (VCP).
In the next post I will describe the VM guest preparations, installations and storage strategy.
Tags: Citrix, Citrix XenServer, ESXi, ESXi 5.1, guest, Hyper-V, Hyper-V 3.0, hypervisor, ICT, KVM, lab, Red Hat Enterprise Virtualization, RHEV, virtualization, VM, VMware ESXi, Windows Server 2012, Xen, XenServer
As you will probably know by now, I’m really into ICT. I mainly focus on virtualization and Microsoft technoIogies. As such, I try to:
- Keep up with new ICT developments
- Improve my knowledge and skills for both old and new ICT technologies
- Get certified in many different areas of ICT.
A proper lab environment is a prerequisite to do so. Because of virtualization however, this has become so much easier (and cheaper) than before.
In the next couple of blog posts I will try to document the steps I’m taking to build my lab. Today I’m staring the series with the hardware selection. The important part of the hardware I use for my environment is as follows:
- Mainboard: Gigabyte GA-H77M-D3H
- CPU: Intel Core i5 3570 quadcore
- Memory: 32GB
- SATA controller : IBM M1015 (flashed to LSI9211-8i)
- VM storage: 2 * 512GB SSD Samsung 830 series
- Non VM storage: 2 * 2TB SATA
To me it was important that my machine would be able to run both Microsoft Hyper-V 3.0 as well as VMware ESXi 5.1 properly. Both have hardware requirements, but VMware ESXi 5.1 is generally more restrictive with regards to supported hardware. Very simply put, it means that the mainboard, CPU, network and storage controller need to be compatible with the features you require.
Normally you would check supported hardware on the official hardware compatibility list (HCL) of the vendor, but these are generally aimed at real server hardware and do not support/contain consumer hardware. So before buying hardware, check on forums to see what combinations of hardware are working for other people and choose the one that matches your desires best. You can also google for ESXi whitebox.
Furthermore, I plan to run many systems at the same time, hence the 32GB of memory and the 2 fast 512GB SSD disks. Besides the fast, but small SSD you generally also need more storage to store other files like by example operating system images and tools.
The next post is about the Hypervisor selection and installation.
Tags: hardware, hardware compatibilty, hardware compatibilty list, hardware selection, HCL, ICT, lab, support, virtualization
I created this script to automate extracting English only MSP files from CAB files in the SCOM 2012 Update Rollup 3 (UR3) files. By default it will delete extracted non-English versions. With some minor modifications it can be used for any CAB file though, not just SCOM 2012 Update Rollup 3. It includes a lot of comments, so it is manageable and can be used for getting to know PowerShell better.
SCOM 2012 Update Rollup 3 can be downloaded here : http://catalog.update.microsoft.com/v7/site/search.aspx?q=2750631
The issue with SCOM 2012 Update Rollup 3 is that after downloading you’ll end up with a total of 41 CAB files. The large number of files is because they are for different components and in multiple languages. And what is even worse, is that the file names do not show which file is for which language.This script will extract all cab files to a subfolder and will then removes the non English ones. Below are some of the example files in Update Rollup 3 to give you an idea about the nondescriptive file names:
- all-kb2750631-amd64-console_1af57997fba722cdd3dfe4b2ddb4b8d8d829dd6f.cab
- all-kb2750631-amd64-console_3d61c9e090622b2b59ee8bf7b13b922e815bdf15.cab
- all-kb2750631-amd64-console_494a77ddaa09206f8f61ecdfb2edfcd1e82a497c.cab
- all-kb2750631-amd64-console_69bb307dbd450cfd8b732c2ac3845c9870bdc6d0.cab
- all-kb2750631-amd64-console_71c65fc2ded6769edbf610958780b5a8ac374f8c.cab
Deploying SCOM 2012 components and updates to them can be done in multiple ways: http://technet.microsoft.com/en-us/library/hh551142.aspx
Most of the work while updating will probably be updating the agents. Basically for SCOM 2012 there are 2 major ways to install agents:
- Push installation (initiated from SCOM 2012). Updates can then also be deployed from within SCOM (Remotely Manageable = Yes). Push installation is often preferred, because it is easy and also allows you to push updates to clients from within SCOM 2012. The downside however is that it also requires a lot of open ports (including RPC) which might not always be acceptable: http://support.microsoft.com/kb/2566152. Push install and update install can also consume a lot of bandwidth and depending on your architecture (b.e. WAN links), the push install might not be the best way.
- A manual installation (anything that is not a push installation). Updates cannot be deployed from within SCOM (Remotely Manageable = No). Manual installation includes running setup manually, using a GPO software install or using deployment tools like System Center Configuration Manager). Using the GUI, you cannot simply set an agent back to remotely manageable = Yes. You can change this in SQL though, but keep in mind that connectivity requirements still need to be met.
With Update Rollup 3, it is now possible to leverage WSUS / Microsoft Update to deploy updates (not the inital agent) to all SCOM 2012 components. I predict this will probably become the preferred way of updating SCOM 2012 for most companies:
+ It does not require many ports on your firewall to be opened.
+ Better bandwidth management (local WSUS, BranchCache, BITS).
+ Auto detects components on systems (component updates are not forgotten).
+ Still in control of when which updates are deployed/approved.
+ Leverage existing patch/update management procedures and systems WSUS/SCCM (standardization).
– Initial agent installation cannot be performed using WSUS.
PS: Also check these great blog posts when deploying Update Rollup 3:
Tags: Background Intelligent Transfer Service, BITS, BranchCache, CAB, cab files, decompress, extract, ICT, manual install, Microsoft, Microsoft System Center Operations Manager 2012, Microsoft Update, operations management, operations manager, Operations Manager 2012, OpsMgr, OpsMgr 2012, OpsMgr 2012 Update Rollup 3, OpsMgr2012, Patch Management, Powershell, push install, Remotely Manageable, rollup, SCCM, SCOM, SCOM 2012, SCOM 2012 Update Rollup 3, SCOM2012, service pack, System Center, System Center Configuration Manager, System Center Operations Manager, System Center Operations Manager 2012, testing environment, Update Management, update rollup, Update Rollup 3, WSUS
In a previous blog post I explained how to use PowerShell remoting to determine OpsMgr Components File Versions.
As an alternative you can also use a local PowerShell script. And what is even easier in my opinion, is creating an agent task. This means you can run the the script against multiple targets and show its result all from within the SCOM 2012 console.
The local PowerShell script can be found here. A management pack containing the agent task and the PowerShell script can be found here.
Based on internet info,these are the version numbers:
SCOM 2012 Cumulative Update 1 / Update Rollup 1 version = 7.0.8560.1021
SCOM 2012 Cumulative Update 2 / Update Rollup 2 version = 7.0.8560.1027
SCOM 2012 Cumulative Update 3 / Update Rollup 3 version = 7.0.8560.1036
SCOM 2012 SP1 beta = 7.0.8925.0
Thanks go out to Derek Har for his blog post that helped me to embed the PowerShell script in the SCOM 2012 management pack.
To give you an idea what the output looks like in SCOM 2012, here are some screenshots:
Bjorn_Tasks_Powershell-Get-SCOMfileversions_01
Bjorn_Tasks_Powershell-Get-SCOMfileversions_02
Tags: ICT, management pack, Microsoft, Microsoft System Center Operations Manager 2012, MP, operations management, operations manager, Operations Manager 2012, OpsMgr, OpsMgr 2012, OpsMgr MP, OpsMgr2012, rollup, SCOM, SCOM 2012, SCOM 2012 SP1, SCOM MP, SCOM2012, service pack, SP1, System Center, System Center Operations Manager, System Center Operations Manager 2012, testing environment, update rollup
Microsoft Technology Associate (MTA) courses and exams are aimed at people new to specific IT areas of expertises. Previously these exams were available only to academic students, faculty, and staff. Now, anyone can take these exams.
Exams available at this moment are:
- Exam 98-349: Windows Operating System Fundamentals
- Exam 98-365: Windows Server Administration Fundamentals
- Exam 98-366: Networking Fundamentals
- Exam 98-367: Security Fundamentals
- Exam 98-364: Database Fundamentals
- Exam 98-361: Software Development Fundamentals
- Exam 98-362: Windows Development Fundamentals
- Exam 98-363: Web Development Fundamentals
- Exam 98-372: .NET Fundamentals
- Exam 98-375: HTML5 App Development Fundamentals
More information about MTA can be found here.
Also to stay up-to-date regarding Microsoft learning and certification news, be sure to follow developments on the Born To Learn blog.
Tags: Born To Learn, certification, ICT, Microsoft, Microsoft Technology Associate, MTA
blog.bjornhouben.com 