Monday, February 3, 2020
To test out the MAP Toolkit, I wanted to have some Linux machines for it to detect.
I created a virtual machine with an empty virtual had drive file and associated the latest Mint ISO file to the DVD drive.
On boot-up, I see it didn't like the ISO:
"The image's hash and certificate are not allowed (DB)"
It says "not allowed" rather than missing, corrupt or whatever so looks like a Secure Boot problem, as discussed here:
So into Powershell:
[hyper-v-host]: PS C:\> get-vm
Name State CPUUsage(%) MemoryAssigned(M) Uptime Status Version
---- ----- ----------- ----------------- ------ ------ -------
Linux Mint Off 0 0 00:00:00 Operating normally 8.0
[hyper-v-host]: PS C:\> get-vm -name "Linux mint"
Name State CPUUsage(%) MemoryAssigned(M) Uptime Status Version
---- ----- ----------- ----------------- ------ ------ -------
Linux Mint Off 0 0 00:00:00 Operating normally 8.0
[hyper-v-host]: PS C:\> get-vm -name "Linux mint" | Get-VMFirmware
VMName SecureBoot SecureBootTemplate PreferredNetworkBootProtocol BootOrder
------ ---------- ------------------ ---------------------------- ---------
Linux Mint On MicrosoftWindows IPv4 {Drive, Network, Drive}
[hyper-v-host]: PS C:\> get-vm -name "Linux mint" | set-VMFirmware -EnableSecureBoot off
After which, restarting the virtual machine gives me:
Sunday, February 2, 2020
In my test environment, which isn't optimally configured, new installations can't find the domain as they are not pointing to the domain's DNS. Instead they default to the hub which forwards all DNS requests to the Default Gateway and the Internet.
I can fix this on a case-by-case basis through the Control Panel:
- Go to 'Control Panel \ Network and Internet \ Network Connections'
- Right-click the network adapter and choose 'Properties'
- Select "Internet Protocol version 4 (TCP/IPv4) and click 'Properties'
- On the General tab, select "Use the following DNS server addresses:"
- For "Preferred DNS server:", enter the IP address of the DNS machine for the test domain
- For "Alternate DNS server:", enter the IP address of the Internet router
- Click 'OK', then 'Close'
Alternatively, if there is no Desktop Experience (i.e. Core) then the following Powershell command will do the same thing:
Set-DNSClientServerAddress –interfaceIndex 15 –ServerAddresses (“192.168.0.1”,”10.0.0.2”)
You may need to find the interface index first with Get-NetIPInterface:
ifIndex InterfaceAlias AddressFamily NlMtu(Bytes) InterfaceMetric Dhcp ConnectionState PolicyStore
------- -------------- ------------- ------------ --------------- ---- --------------- -----------
1 Loopback Pseudo-Interface 1 IPv4 4294967295 75 Disabled Connected ActiveStore
45 Local Area Connection* 27 IPv4 1500 25 Disabled Disconnected ActiveStore
32 Ethernet 8 IPv4 1500 5 Enabled Disconnected ActiveStore
23 Bluetooth Network Connection 7 IPv4 1500 65 Enabled Disconnected ActiveStore
15 WiFi IPv4 1500 50 Enabled Connected ActiveStore
References
Tuesday, January 28, 2020
A generous contact has loaned me a rack mounted server to turn into a Windows Hyper-V host.
I don't have a rack to mount the machine in so have made use of a glass and chrome TV stand instead.
Screams like banshees for a couple of minutes when switched on but pretty quiet the rest of the time.
The machine seemed to be running Linux (like I’d know) so I decided to burn the installation software onto a DVD and boot off that. Searching around, I found the sold writeable DVD in the house – a lovely, unused 4.8GB disk. Sadly, the Windows server ISO was over 6Gb so wasn’t going to fit. This was when I learnt how many different capacities of 12cm DVD disks there are.
- Single-sided, single layer – 4.7GB (your standard, off-the-shelf product)
- Single-sided, double layer – 8.54GB
- Double-sided, single layer – 9.4GB
- Double-sided, double layer – 17.08GB
Giving up on that, I bought a ridiculously cheap pack of 16GB USB sticks.
Rufus can write the ISO to a USB stick and make the whole thing bootable. Unfortunately, not always reliably:
To ensure the ISO I was using was intact, I decided to re-download it.
This time, though, I noticed an “Microsoft Hyper-V Server 2016” option and used that instead.
Rufus worked this time and the server installation completed
but I now seem to have installed the Core version – no graphical applications; just Notepad.exe and the command line.
This going to be interesting.
Time to dust off the Powershell.
Monday, January 27, 2020
A little too late, it could be argued, I’ve decided to refresh my Windows server skills to improve my job prospects. Looking at my MCSE certification, the story is quite woeful. Although I was sitting (and passing) MCP exams up until I left Microsoft in 2010, none of the products were particularly leading edge at the time. The last exam I passed, for example, was 70-299 - “Implementing and Administering Security in a Microsoft Windows Server 2003 Network”. On reflection, it may have been more useful to instead go for 70-649 “Upgrading Your MCSE on Windows Server 2003 to Windows Server 2008” which came out in 2007.
That means I’m back on the MCP trail where setting myself a certification target will generate the self-study required to pass. I’m going for Windows server 2016 on the assumption that more companies will be running this operating system rather than last year’s release. There are three to pass before achieving “MCSA: Windows Server 2016” certification:
- 70-740 Installation, Storage, and Compute with Windows Server 2016
- 70-741 Networking with Windows Server 2016
- 70-742 Identity with Windows Server 2016
((743 “Upgrading Your Skills to MCSA: Windows Server 2016” is unavailable as I don’t already have the qualifying MCSA: Windows Server 2008 or 2012 R2 certification))
I’ve booked myself in for the first one so need to get to work on learning. There’s a lot of online training to use but a hands-on server lab is essential although not usually the sort of thing most people have at home (although looking at the demographic I associate with, it does depend who you know as to what counts as “usual”).
Looking at hardware, I definitely don’t want to repurpose my Microsoft Surface but there are a couple of old desktops lying around which I could make use of instead. Or not…
System Requirements
- Processor - Minimum: 1.4 GHz 64-bit processor
Well, they can be used to run Linux instead which is going to be another learning project.
Luckily, Sue has been complaining that her PC, an old 64-bit Dell Dimension E520, needed replacing after 10 years of service. After buying a new Dell Inspiron, the E520 was designated ‘test server’.
The DataCentre evaluation ISO downloaded from Microsoft installed easily enough and the PC was soon a domain controller of its own forest. Next step was to add some features so I could create some virtual machines to play with Hyper-V and Nano servers. Unfortunately, this was when I discovered that not all PCs can support virtualisation, which was a surprise.
Friday, January 10, 2020
My wife has finally replaced her desktop with a new one, releasing the old one for me to make into a test server. It's 64-bit so can run Windows 2016 datacentre edition which I download an evaluation version of. I was looking forward to creating a range of virtual machines to play with but Windows reported that the hardware wouldn't support this.
Running MSINFO32.EXE to have a look at the processor:
Hyper-V - VM Monitor Mode Extensions - "No"
Hyper-V - Second Level Address Translation Extensions - "No"
Hyper-V - Virtualization Enabled in Firmware - "No"
Hyper-V - Data Execution Protection - "Yes"
Oh dear. 1 out of 4 isn't really good enough 
Nothing in the setup to indicate virtualisation is an option:
So can't just swap out the CPU for a better one as the 2007 BIOS doesn't support the functionality I want anyway.
Wednesday, July 4, 2018
I have a manual process where I :
- Drag emails from Outlook on PC1 to a shared folder, creating *.msg message files
- Drag message files from shared folder to Outlook 2010 on PC2, creating emails.
There's a resource limit to how many message files can be converted to emails in one go so step 2 is usually performed in chunks. Step 1 just handles however many emails you're dragging to the folder.
Recently, this has stopped working for files over 1MB in size (roughly).
"Cannot copy the items. Cannot open file: C:\Folder\Filename.msg to Outlook\Filename.msg.... The file may not exist, you mat not have permission to open it, or it may be open in another program. Right-click the folder that contains the file, and then click Properties to check your permissions for the folder."
Neither explanation would appear to be correct as small message files are imported into Outlook fine.
Solution I found:
- Double-click the message file to open up the email
- Choose the 'Move' icon from the toolbar
- Choose 'Copy to Folder...' (everything else is greyed out)
- Choose destination Outlook folder and click OK.
- Email appears in destination folder even though dragging the original wouldn't work
{Shrug}
Thursday, July 28, 2016
I’m installing a product that runs a service under a pre-determined logon account. I needed to rename the created account afterwards to get round a conflict somewhere else. Sounds simple – just modify the account’s logon name and update the service’s “log on as” properties to match it.
The obstacle was that the password was secret for compliance reasons. All the sleight of hand I tried just ended up in logon failures and the service being unable to start.
or
_-1161398336.png "2016-07-28 (3)_-1161398336.png")
Solution was to hack the registry. Always a favourite. ((Thanks to Stan Nyks for the answer))
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyService\ObjectName contains the account name used by the service. All I needed to do was rename the account in Computer Management and then modify the ObjectName value to .\MyRenamedAccount.
Pleasantly surprised to find the service still worked afterwards.
Wednesday, April 27, 2016
Last Saturday my Windows 10 PC refused to boot
Recovery
There was a problem with a device connected to your PC
An unexpected I/O error hs occurred
File:\Boot\BCD
Error code: 0xc00000e9
The problem can happen when a removable storage device is removed while it's in use or is failing. Properly connecting any removable storage and restarting your PC may fix this problem.
This screen would display for a while and then the PC would reboot, only to fail again.
Tried the basics, such as rebooting, unplugging from the mains for a few hours and rebooting, glaring, all to no affect.
Yesterday I popped the drive into the data centre server array that sits on top of the fridge in the study. This was to see if I could get any useful data off the drive before playing with it.
First thing that happened was that CHKDSK kicked in for a looooong time, eventually creating a 4.4 MB txt file report. No-one wants to see that amount of error reporting on a disk drive.
Huge amount of "Deleting extended attributes set due to the presence of reparse point in file xxxxxx."
I've looked up Reparse Points but am none the wiser.
After moving all user data to a safer place, I put the (much emptier) drive back in my PC and powered up, only to see the same recovery error.
Went off to look for some USB sticks to make into bootable repair tools. The first one (from work) was dead. Second, some shiny marketing thing for Biztalk 2004, was detected but failed to load. While I was searching for more USB sticks, I noticed my faulty PC had a log-on screen...
Seemed that it must have been rebooting quietly to itself and eventually repaired whatever was wrong.
Logged on, checked the event logs and found that the drive had a bad block (well diagnosed, Sue). Must have a look in the CHKDSK log file to see if the problem was fixed when I moved the drive to the server. Otherwise, all my work would have been for nothing as the solution would have been to just let Windows keep rebooting until it magically cured itself.
Tuesday, October 20, 2015
Let’s say you have machines in an old school workgroup without a domain and you want to change the name of that workgroup.
In the Windows 10 user interface, where should you go?
Is it Settings? Where you can change the computer name or join a domain.
No, that would be far too sensible.
You have to use Control Panel, just like in the old days.
Monday, October 19, 2015
To check my PC is up to date on Windows 10 display drivers, I installed the “Intel Driver Update Utility”. After a quick scan, I was surprised to see I was apparently 5 major versions behind current!
So the 10.x software is dated quite recently - August 17th, 2015.
The 15.x software, though, is actually dated a few weeks earlier - 29th July 2015.
That makes a lot of sense. Both from Intel. Both drivers for “Intel HD Graphics”.
And once installed? I’ve downgraded to 10.18.10.4252 from 10.18.10.4276.
That was a waste of time.
Surprise, surprise, Windows Update has “Intel Corporation - Graphics Adapter WDDM1.0, Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel(R) HD Graphics” waiting to install.