Ahoy there! This is my personal blog which I use as my memory extension and a medium to share stuff that could be useful to others.

Windows Archives

Given below are the port requirements for connectivity among the nodes of a WSFC (as per my experience with a WSFC comprising 4 nodes running Windows Server 2012 Standard). This connectivity is required for node join (during cluster creation) and normal cluster operations.

 

# PORT(S) PROTOCOL(S)
1. 3343 TCP and UDP
2. 135 TCP
3. 137 UDP
4. 49152-65535 UDP
5. N/A ICMP

 

NOTE:  The dynamic port range above may be customized, but I don’t know if it has to be as big as the default range.

Well, I was involved in building a multi-site (2 sites) WSFC using Windows Server 2012 Standard to host a SQL Server 2012 AlwaysOn Availability Group. After opening the required ports on the firewalls in both sites, we could not create a cluster. i.e. we could not join a node from the other site. When we opened all ports on our firewalls (just to test), the cluster could be created. When I raised a ticket with Microsoft and their technician pointed me to the same Microsoft KB Article which we referred to in the first place.

Our SysAdmins did not experience similar problems when creating Windows Server 2008 clusters, but those clusters were local to a site.

So, I enabled Windows Firewall Logging on the node on which I attempted to create a cluster and then tried to add a node from the remote site. From outbound connection logging, I observed that apart from the ports specified in the Microsoft KB article, the cluster creation was trying to “ping” the remote node. And ICMP was not allowed between our nodes across sites! When ICMP was enabled, our cluster was created.

I’m primarily from a *nix background and do not know if it is well known in the “Windows world” that ICMP is a requirement for WSFC. However,  Microsoft’s KB article on port requirements should have been comprehensive and mentioned ICMP.

UPDATE (07-AUG-2013): Microsoft Support just called me and acknowledged that this important information (ICMP required for WSFC) is missing from their public documentation and they would update the same KB article.

VN:F [1.9.22_1171]
Rating: +8 (from 8 votes)

For whatever reason, Microsoft stopped enabling the useful “Telnet Client” by default in its Operating Systems since Windows Server 2008 R2. So, on such OSes, the Telnet Client has to be enabled as a “Feature”.

After my first brush with Windows Server 2012, I realized that I must have shortcuts and commands handy to prevent the UI overhaul from impacting my efficiency.

So, here’s a handy command to install the Telnet client (run from the MS-DOS command prompt):

pkgmgr /iu:"TelnetClient"
VN:F [1.9.22_1171]
Rating: +9 (from 15 votes)

Windows Server 2003 RDC Exception

Earlier today, an application owner wanted his Windows Server 2003 SP2 VM restarted. So, I opened a Remote Desktop Connection (RDC) session to the VM and restarted it. After the VM started, I received the following exception when I tried to open an RDC session to the VM:

 

Win2003_RDC

Since I could no longer login via an RDC, I used the VMware vCenter to open a Console session to the VM and did the following:

  • Checked if Remote connections were enabled (had to be enabled as I logged in earlier to restart the VM). This feature was enabled. So, (1) in the above exception message was ruled out.
  • Checked Network Level Authentication (NLA). It was not supported. So, (2) in the above exception message was ruled out.
  • I could telnet from my laptop to port 3389 on the VM. So, (3) in the above exception message was ruled out.
  • Finally, I just restarted the VM again and I was surprised to find that I could then open an RDC session to the VM.

So, restarting the Windows Server 2003 SP2 VM via the console fixed the problem. I later searched the www and observed that many users experienced the same problem and the “console operation” was used to fix the problem.

I haven’t found the root cause yet (not happy), but don’t have the time to look into it now …

VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Assuming you have a text file (e.g. C:\ADGroups.txt) containing multiple Active Directory (AD) Groups with one AD group per line, you may use an MS-DOS script similar to the following to create all those AD Groups in your Active Directory domain.

for /F "tokens=* delims= " %%G in (C:\ADGroups.txt) do (
 dsadd group CN="%%G",OU="Human Resources",OU="IT",DC=MYAD,DC=CYBERGAV,DC=IN
)

NOTE:
(1) If you are typing the script above at the MS-DOS command prompt, then replace %%G by %G.
(2) The “for” statement above, ensures that AD Groups containing blankspaces are read correctly.

VN:F [1.9.22_1171]
Rating: +6 (from 6 votes)

This article details the steps which I performed to migrate (storage vMotion) a bunch of VMs running Windows Server 2003 Enterprise/Standard (32-bit) from a standalone ESX 3.5.0 host to and ESXi 4.1.0 cluster. With respect to OSes, I’m primarily a Linux Admin and since I encountered a few hiccups which would not have occurred on Linux systems (for the same exercise), I decided to blog this stuff.

STEP 1: Get the VM ready to leave ESX 3.5.0

  • Shutdown the Windows Server 2003 OS on the VM hosted on the standalone ESX 3.5.0 host.

 

STEP 2: Move the VM off the ESX 3.5.0 host

  • Migrate the VM (host and datastore) to an ESXi 4.1.0 cluster host which has access to the same networks as the ESX 3.5.0 host. This step could take a while depending on your environment.

NOTE: All the remaining steps are performed on the ESXi 4.1.0 cluster host.

 

STEP 3: Upgrade the VM’s VMware Tools

  • Edit Settings and select the appropriate network for the NIC.
  • Power on the VM
  • Upgrade VMware Tools (because your VM is now on a higher version hypervisor). You may do this by either clicking the VMware Tools icon in the system tray or by using the vSphere client to mount the VMware Tools CD and install.

 

STEP 4: Some tweaks to avoid issues

With the newer version of VMware Tools, you’ll be able to use the vmxnet3 NIC driver. However, switching drivers requires removing/adding a NIC and this causes IP address clashes in Windows Server 2003 (the IP address is still associated with the old adapter, although not visible in “Network Connections”). Refer this Microsoft KB article. So, to avoid this issue, I did the following:

  • Execute the command “ipconfig /all” at the MSDOS prompt and collect/store all the network configuration for later reference.
  • Open the Network Connection settings, click on TCP/IP Properties and select the options “Obtain an IP address automatically” and “Obtain DNS server address automatically”. Basically, remove the static IP and switch to dynamic IP and DNS. This action clears any configuration associated with the static IP address from the Windows system.
  • Shutdown (not restart!) the OS.

 

STEP 5: Upgrade the VM’s Virtual Hardware

  • Right-click the powered down VM and select the option to upgrade the virtual hardware. This action will upgrade your virtual hardware from version 4 to version 7.
  • Edit settings for the VM and do the following:
    • Remove the existing NIC (which was configured when the VM was on ESX 3.5.0).
    • Add a new NIC and select the VMXNET 3 driver as well as the appropriate network.
  • Power on the VM. As soon as the VM powers on, you will be prompted to restart the OS for the new hardware to work properly. Click “Yes” to reboot.

 

STEP 6: Configure the VM’s Network Connection

  • When the VM powers up after the previous step, open the Network Connection settings and using the settings stored earlier (STEP 4), configure the vmxnet 3 adapter.

 

STEP 7:  Test the VM after migration

 

NOTE:

  1. A storage vMotion had to be performed since the standalone ESX 3.5.0 and the cluster ESXi 4.1.0 hosts did not share storage. Although this migration can be done in 2 steps without downtime (first change host and then change datastore or vice versa), downtime is required for upgrading VMware Tools and the Virtual Hardware.
  2. The standalone ESX 3.5.0 host and the ESXi 4.1.0 cluster hosts did not have access to the same dedicated vMotion network. However, since all the hosts were on the same Management network, this network was used for the migrations (competing with other management traffic) and thus this exercise took a long time.
VN:F [1.9.22_1171]
Rating: +2 (from 2 votes)

Given below are some tips from my scratchpad on working with files and directories in PowerShell. These are just basic tips and by no means exhaustive. Check out the book “Windows PowerShell in Action” by Bruce Payette, an excellent book on PowerShell authored by the lead developer of the language.

# Directory Listing
PS C:\POWERSHELL> dir


    Directory: C:\POWERSHELL


Mode                LastWriteTime     Length Name
----                -------------     ------ ----
-a---        12/29/2010  12:01 PM       1929 PowerShellTips.ps1
-a---        12/29/2010  10:40 AM         50 test1.txt

# Number of files in a directory
PS C:\POWERSHELL> (dir).count
3
PS C:\POWERSHELL> (dir).length
3
# Number of files matching a pattern
PS C:\POWERSHELL> (dir *.ps1).count 
1

# Number of lines in a file
PS C:\POWERSHELL> ${C:PowerShellTips.ps1}.length
141
PS C:\POWERSHELL> (Get-Content .\PowerShellTips.ps1).length
141
PS C:\POWERSHELL> (Get-Content .\PowerShellTips.ps1).count
141

# Largest file in a directory
PS C:\POWERSHELL> dir | Sort-Object -property length -Descending | Select-Object -first 1 | foreach-object {$_.length}
7157724

# Files created in the last 31 days
PS C:\POWERSHELL> dir | ?{$_.lastwritetime -ge ([datetime]::Now).AddDays(-31)} | %{"I am " + $_.Name}
I am PowerShellTips.ps1
I am test1.txt

PS C:\POWERSHELL> dir | %{if ($_.lastwritetime -ge ([datetime]::Now).AddDays(-31)) {"I am " + $_.Name}}
I am PowerShellTips.ps1
I am test1.txt
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

PowerShell DateTime Operations

Given below are useful tips on PowerShell DateTime operations (from my 2010 scratchpad):

# Get Formatted DateTime
PS C:\> Get-Date -Format "dd/MM/yyyy"
28/12/2010

PS C:\> $(Get-Date -Format "yyyyMMddHHmmss") + ".log"
20101228064357.log

# Time till New Year
PS C:\> $now = [datetime]::Now
PS C:\> [datetime] ([string] ($now.Year+1) + "-01-01") - $now


Days              : 3
Hours             : 17
Minutes           : 14
Seconds           : 28
Milliseconds      : 970
Ticks             : 3212689708670
TotalDays         : 3.7183908665162
TotalHours        : 89.2413807963889
TotalMinutes      : 5354.48284778333
TotalSeconds      : 321268.970867
TotalMilliseconds : 321268970.867

# Days between dates
PS C:\> [string] $([datetime] "01/26/2010" - [datetime] "01/01/2010").Days + " Days"
25 Days

# DateTime Comparison
PS C:\> [datetime]::Compare([datetime] "01/01/10", [datetime] "01/01/11")
-1
PS C:\> [datetime]::Compare([datetime] "01/01/10", [datetime] "01/01/09")
1
PS C:\> [datetime]::Compare([datetime] "01/01/10", [datetime] "01/01/10")
0
PS C:\> [datetime]::Compare([datetime] "01/01/10 20:00", [datetime] "01/01/10 19:00")
1

# Add and Subtract Time
PS C:\> [datetime]::now

December-28-10 11:01:17 AM


PS C:\> ([datetime]::now).AddHours(1)

December-28-10 12:01:37 PM


PS C:\> ([datetime]::now).AddHours(-1)

December-28-10 10:01:42 AM
VN:F [1.9.22_1171]
Rating: +2 (from 2 votes)

One method of determining your PowerShell version is to check the Windows Registry at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine. Given below are other(recommended) methods of obtaining version information for your PowerShell:

PS C:\POWERSHELL> $PSversiontable

Name                           Value
----                           -----
CLRVersion                     2.0.50727.3053
BuildVersion                   6.0.6002.18111
PSVersion                      2.0
WSManStackVersion              2.0
PSCompatibleVersions           {1.0, 2.0}
SerializationVersion           1.1.0.1
PSRemotingProtocolVersion      2.1


PS C:\POWERSHELL> $PSversiontable.PSVersion

Major  Minor  Build  Revision
-----  -----  -----  --------
2      0      -1     -1

PS C:\POWERSHELL> [string]$PSVersionTable.PSVersion.Major+"."+$PSVersionTable.PSVersion.Minor
2.0

VN:F [1.9.22_1171]
Rating: +1 (from 1 vote)

Automate Requests for New Certificates

Recently, all Windows XP workstation users within a corporate domain were required to request and install a certificate from the Enterprise Certificate Authority (CA). Typically, the Certificate Manager Management console Snap-in Control (certmgr.msc) is used to request new certificates, as in the screenshot shown below. So, I was required to automate this process using a script that could be pushed to all the Windows XP workstations and executed.

certmgr

A tool called certreq.exe enables command-line execution of the steps performed by certmgr.msc. Hence, I developed a simple MS-DOS batch script using certreq.exe to automate the process of requesting new certificates from a CA. You may download the ZIP file below to view/use the script:

Download RequestCert.zip

Instructions to use RequestCert.zip:

(1)   Unzip RequestCert.zip using WinZip, 7-zip or your favourite decompression software. A directory called RequestCert will be created with the following files:

  • RequestCert.bat : This is the MS-DOS batch file that uses certreq.exe to automate the Certificate Request process
  • RequestCert.inf : This is the setup file containing information required by certreq.exe.
  • certreq.exe : Microsoft tool (bundled with Windows SDK) 

(2)    Edit RequestCert.bat and set the value for the variables CA_SERVER (FQDN/IP/hostname of the CA server) and CA_NAME (Name of the CA).

(3)    Edit RequestCert.inf and set the value of CertificateTemplate, if required.

(4)    Execute RequestCert.bat

 

NOTE: RequestCert.bat met my requirement which was really basic. You may amend the script and the INF file to automate Certificate Requests for other requirements.

VN:F [1.9.22_1171]
Rating: +4 (from 6 votes)

Cannot connect to port 25 on a Mail server

Problem:

Cannot connect to port 25 on an MS Exchange server to use its SMTP service. A telnet test gave the following error:

telnet xx.xx.xx.xx 25
Connecting To xx.xx.xx.xx…Could not open connection to the host, on port 25: Connect failed

Background & Analysis:

One of my batch scripts used blat to send emails. However, I could not use the SMTP service on the Exchange Server. After liaising with the Exchange and Network administrators, we determined the following:

  • There was no firewall between my machine and the Exchange server and a tracert completed quickly in just 2 hops.
  • There was no firewall on the Exchange server.
  • The firewall on my machine was turned off.
  • The SMTP service was listening at port 25 on the Exchange server and was functioning properly.

Solution:

The McAfee Anti-Virus log on my machine had the following entry:

16/12/2010 12:41:02 PM Blocked by port blocking rule C:\WINDOWS\system32\telnet.exe Anti-virus Standard Protection:Prevent mass mailing worms from sending mail xx.xx.xx.xx:25

So, it was the McAfee anti-virus software that blocked outbound connections to port 25. To resolve this problem, you can add an exception to the anti-virus policy that permits your mail program (in my case, it was blat) to initiate connections to port 25 (recommended) or you may disable the anti-virus (not recommended).

Root Cause:

The Anti-virus software on the source machine had a policy enabled which prevented outbound connections to port 25.

 

NOTE:
(1) The solution above describes a successful problem-solving experience and may not be applicable to other problems with similar symptoms.
(2) Your rating of this post will be much appreciated. Also, feel free to leave comments.

 

VN:F [1.9.22_1171]
Rating: +3 (from 7 votes)

How to send emails using blat

Blat is a handy Win32 console utility that enables you to send emails via the command line, on Windows machines. This is especially useful within batch scripts.

Given below are some how-tos on basic uses of blat. Refer the blat syntax page for more options with blat. The commands below have been tested on Windows Server 2003 with blat v2.6.2, unless otherwise stated.

HOW-TO 1: Configure the SMTP Relay for blat

The blat utility can perform functions of both an MUA and an MTA. Before using blat, you may configure certain options in the Windows Registry to avoid typing them repeatedly whenever sending emails (using overrides on the command line). An example configuration is given below:

blat -installSMTP mymailer.smtp.xyz.com sender@xyz.com 5 25
#
# where:
# mymailer.smtp.xyz.com => SMTP Relay host's domain name
# sender@xyz.com => sender's email address
# 5 => Number of retries (default=1)
# 25 => SMTP Server port (default=25)
#

After executing the command in the above example, your Windows Registry should have entries for blat as shown in the image below:

Blat_RegistryInstall

HOW-TO 2: Send email with empty body

blat -s "Test mail" -i "Cybergavin Tester" -to test@abc.com -body " "
#
# where:
# -s => Subject (NOTE: If you don't provide a subject, then default subject is
#     "Contents of file: stdin.txt"
# -i => Sender's Name (NOTE: Sender's email address already configured in STEP 1)
# -to => Recipient's Email Address
# -body => blank body (blankspace within double-quotes)
#

NOTE: To send email with a body, just type the message within double-quotes in the -body option.

HOW-TO 3: Send email with body from a file

blat body.txt -s "Test mail" -i "Cybergavin Tester" -to test@abc.com
#
# where:
# -s => Subject (NOTE: If you don't provide a subject, then default subject is
#     "Contents of file: stdin.txt"
# -i => Sender's Name (NOTE: Sender's email address already configured in STEP 1)
# -to => Recipient's Email Address
# body.txt => file containing message body
#

HOW-TO 4: Send attachment(s)

blat -s "Test mail" -i "Cybergavin Tester" -to test@abc.com -body "Please see attached"
 -attach test.txt
#
# where:
# -s => Subject
# -i => Sender's Name
# -to => Recipient's Email Address
# -body => Message Body
# -attach => Binary File to be attached
#

HOW-TO 5: Send HTML email

blat body.html -s "Test mail" -i "Cybergavin Tester" -to test@abc.com -html
#
# where:
# -s => Subject (NOTE: If you don't provide a subject, then default subject is
#     "Contents of file: stdin.txt"
# -i => Sender's Name (NOTE: Sender's email address already configured in STEP 1)
# -to => Recipient's Email Address
# body.html => file containing message body in HTML format
# -html => Use HTML format (Content-Type : text/html)
#

VN:F [1.9.22_1171]
Rating: +35 (from 39 votes)

Last weekend, I upgraded Windows Vista Ultimate to Windows 7 Ultimate on my Dell Studio xps laptop. I chose to upgrade, rather than perform a complete installation because I have too many programs and a lot of data on my laptop and I didn’t want any overhead in dealing with them. It’s just around seven months since I purchased my laptop and already my DVD drive isn’t working (will need to contact Dell Support and use the warranty). This is 2nd time I’m using the warranty on a Dell laptop to replace a DVD drive (the first time was with my Dell Inspiron 8500), but I still chose to buy Dell, only because Dell provided the most customization options when purchasing the laptop (now running out of patience with Dell).

So, with my DVD drive bust, I needed to perform the upgrade from a USB flash drive. I’ve been using USB flash drives for a few years and since the last couple of years, I’ve stuck with the retractable SanDisk Cruzer Titanium USB flash drives. I like the retractability and the solid build of these drives. I have the 2 GB and 8 GB capacities of the SanDisk flash drive and had to use the 8 GB  flash drive for the upgrade. The upgrade steps I performed are given below:

STEP 1: Choose the correct upgrade edition of Windows 7 Ultimate.

I first obtained the Windows 7 Ultimate N edition and then during installation, a window popped up telling me that I cannot upgrade from Windows Vista Ultimate to Windows 7 Ultimate N and need to do a complete install.

Refer to the Windows 7 upgrade paths to ensure you obtain the correct Windows 7 edition for your upgrade.

STEP 2: Download/Copy the Windows 7 Ultimate ISO image to your hard drive (use SSD if you have one for faster copying).

I downloaded the Windows 7 Ultimate ISO image (en_windows_7_ultimate_x64_dvd_x15-65922.iso – around 3 GB) to my laptop’s HDD.

If you’re downloading the ISO image, ensure that you have sufficient free space in your download location and you turn off your computer’s power saving feature so that your computer does not sleep.

Downloading the ISO frustrated me – my first attempt failed because Google Chrome simply balked after downloading 2.8 GB, my second attempt (using Mozilla Firefox) failed because my laptop went to sleep and I finally downloaded the entire ISO image successfully on my third attempt.

STEP 3: Create a Windows 7 Ultimate bootable USB flash drive

You cannot install/upgrade Windows 7 directly from the ISO. You first need to create Windows 7 bootable media. Popular media are DVDs and USB flash drives (USB 2.0 flash drives are faster than current DVDs for data reading/writing operations and this advantage will significantly increase with USB 3.0). Microsoft provides a free Windows 7 USB/DVD Download tool. If Microsoft removes this tool from their website (I believe there was an issue with using some open source code in the software), then you can get it from other websites or let me know and I can provide you with the tool. Screenshots of the tool are given below:

windows7 USB/DVD Download Tool - STEP 1

Windows 7 USB/DVD Download Tool - STEP 2

Windows 7 USB/DVD Download Tool - STEP 3 

Windows 7 USB/DVD Download Tool - STEP 4 

STEP 4: Prepare for Upgrade

Use the Windows 7 Upgrade Advisor to ensure you meet all the requirements for the upgrade. I had to install Windows Vista Ultimate updates and SP1 to meet the requirements.

 

STEP 5: Upgrade

Click the “setup” file on your Windows 7 Ultimate bootable flash drive and proceed with the upgrade. You will be required to reboot your computer a few times. I don’t remember how long this process took as I was doing it while half asleep at night. All I know, come dawn, I woke up to Windows 7 Ultimate on my laptop.

My first impressions of Windows 7 Ultimate:

So, I’ve used Windows 7 Ultimate only for a week and haven’t really explored much, but some of the good features that impressed me straight away:

(1) Very fast: Windows 7 Ultimate is the fastest Windows OS I have ever used. Perhaps, running the 64-bit version on a dual-core chip with 4 GB plays a major role, but I can perform routine operations quickly.

(2) Jump Lists: No more looking for “Recent Documents” and thinking about where you stored a specific resource. Just use the “jump list” on the appropriate program and you can jump right away to what you want. Given below is a screenshot of my Adobe Reader jump list displaying the recent pdf files I used.

AcrobatReader_JumpList

(3) Snap: Drag windows to screen edges and they resize appropriately. I found this especially useful when using programs that required me to “drag and drop” files from an explorer window into the program’s window (an example of such a program is the Samurai Thread Dump Analyzer).

Well, there is a lot more for me to explore in Windows 7 and I’m specifically interested in Windows 7 Ultimate features like SUA.

VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

If you’re familiar with the UNIX touch command to modify the access and modification times of a file or directory and are looking for an easy equivalent on Windows, you can use Stefan Küng’s SKTimeStamp. Stefan Küng is the lead developer of TortoiseSVN

Check out some screenshots of SKTimeStamp below:

Installation (note the Tortoise watermark)

SKTimeStampSetup

Timestamps on file before modification (note the TimeStamps tab)

SKTimeStamp adds a TimeStamps tab

 

Timestamps on file after modification

SKTimeStampAfterTime

VN:F [1.9.22_1171]
Rating: +1 (from 1 vote)