Repairing User Shell Folders, Windows 7/8/8.1

Most organizations will use Group Policy to redirect user shell folders to a server in order to stream line backups of client workstations.  User shell folders are the 'profile' folders: Desktop, Documents, Favorites, Pictures, etc.  After migrating the redirected server to another server I have a single client whom simply won't take the new folder redirection:

The Shell Folders, should contain the redirected Desktop, Documents, etc.

Lets head into the registry to see what it says about the user shell folders, browse to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

The blurred text is the location of the OLD server, not good, Group policy is not working on this machine.  Easy fix, what we are going to do is change the old redirected keys back to the default %USERPROFILE% location:

Close regedit and log off and log back on as the user.  As soon as I logged on the shell folders pulled the group policy correctly and pointed to the new server location.  If it doesn't point to the new location, do another gpupdate /force to refresh the policies.  This was an isolated indecent on a single client, if you are still having issues make sure your group policy and active directory OU is properly configured: http://technet.microsoft.com/en-us/library/cc787386

Scheduling Overviewer to render your Minecraft server.

I am using Overviewer to render an isometric map of my Minecraft world, and have it scheduled so it updates every hour.  I am using vanilla Minecraft Server 1.7.2 and serving it with McMyAdmin.  To host the Overviewer html I am using Apache with the WAMP stack.

I have a Minecraft server folder on my C drive that is the home to the unpacked Overviewer directory.  Also inside of it is the McMyAdmin files and a second Minecraft folder for the server jar/world files.

In the Overviewer directory we are going to create a runoverviewer.bat that has:

overviewer.exe "C:\Minecraft Server 1.7\Minecraft\world" "C:\wamp\www" >> renderlog.txt

The scripts calls overviewer.exe and passes a couple of options, the first being the location of the server world folder, the second is where to output the rendered html, which is the Apache www root and I want to output to a log file using >>.

The first render took about 30 minutes, but subsequent renders only takes a few minutes.  Make sure you have plenty of space on as my render costs me about 2.5 GB of storage.  To schedule it I am using task scheduler to call the runoverviewer.bat file every hour:

I still have a lot to learn about Overveiwer, there are many options on how and where to render.  There are also ways to make 'signs' that can label different areas, and show the last known location of the player.  As I add these features to my render (hopefully) I will post it.

The End of an Era - RIP WinAMP

http://www.winamp.com/media-player/en

Winamp.com and associated web services will no longer be available past December 20, 2013. Additionally, Winamp Media players will no longer be available for download. Please download the latest version before that date. See release notes for latest improvements to this last release.
Thanks for supporting the Winamp community for over 15 years.

I have been a Winamp user since I was 14 or so and it has been installed on every computer I have owned (even ones I didn't own) since.  Winamp is the reason I got into music.  I remember I would use ripping tools to convert CD's to mp3's, using Winamp to organize my library.  This was in the napster era when digital music was taboo and the music industry, instead of embracing the convenience of mp3's shunned them and forced high priced ($26) CD's upon us.  More importantly, the napster/winamp era let me do something the music industry could never help me with, discover new music.  I was able to branch out from what was on the radio with a few clicks.  Winamp also got me into programming/scripting because of the Advanced Visualization Studio, which was a dynamic graphic display powered by beats of the music that was being played.  I made dozens of visualizations using geometry, loops, variables, it made me interested enough to go to school for computer science, of which I work in IT now.

Thank you Winamp.

Windows 8.1 IE 11 Protip: Disable Protected Mode so you can actually use IE 11

After migrating to Windows 8.1 on an SBS 2011 domain my IE 11 would always crash, getting the following error messages:

Internet Explorer has stopped working

And

We were unable to return you to msn.com

It's actually a really easy fix.  In the IE 11 window click on the Tools gears on the right and select Internet Options.  Under the Security Tab on the Internet zone UNCHECK Enable Protected Mode as shown below.

Click OK and restart IE 11.

Installing .NET 3.5 framework on Windows 8/8.1 in a domain environment with WSUS

If you have a Windows 8 or 8.1 machine in a domain environment with WSUS and try to add the feature .NET 3.5 framework it may fail with error code 0x800F0906, because it is looking in WSUS which may not host the bits.  A lot of people recommend using the media with DISM to install .NET 3.5 offline but I would rather get it from the Cloud because that is what Microsoft wants of its people.  Here's how:

On the client machine open gpedit.msc as an administrator.

Browse to Computer Configuration -> Administrator Templates -> System

Open Specify settings for optional component installation and component repair, enable it.

And make the following change:

Save the policy and close gpedit.

Try to add the .NET 3.5 feature now:

Outlook 2013 Protip: disable animations to speed up the responsiveness.

I am running Outlook 2013 on Windows 8 and they are supposed to be a match made in heaven.  Not so much for me, Outlook 2013 is at best clunky and slow, but I know my pc can handle it, core i3-3240, 8gb of ram with an ssd.  So in troubleshooting a ran across this trick to disable animations.  It disables animations for all office programs.

Open regedit and browse to: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common

Under Common create a new key:

And name it Graphics

Under the new Graphics key create a new DWORD

Name it DisableAnimation and give it a value of 1.

Double check it is created in: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Graphics

You can close regedit and because it is a HKCU change I recommend logging off and on of Windows.  After this change I noticed and snappier Outlook environment.

Windows 8 Protip: Turn off SmartScreen filter

Annoyed at the SmartScreen filter popups when you try to install a program just like I was?  Here's how to disable them:

Open up Control Panel and select System and Security:

Click on Action Center:

 Expand the Security box by clicking the down arrow on the right:

Under Windows SmartScreen select Change settings:

On the popup select Don't do anything.

Click OK and you are all set!

Mounting a 2.5" SDD in a 3.5" caddy tray for hot-swap servers

When it comes to installing servers there is only one thing I care about: air from the cold aisle flowing over the disks, into the CPU heat sinks and memory, out the back of the server and into the hot aisle.  The standard 3.5" to 2.5" desktop hard drive adapter is not going to work because the SATA port on the disk is not lined up with the backplane. I was disappointed with the quality of converter brackets I found when shopping around.  What I found was expensive, plastic, lacked screws, and blocked air from coming into the server chassis.  So I improvised.  Here is a caddy for a Dell PowerEdge 2950 and a Samsung 840 Pro 256GB:

 Tape, underused tool in IT:

Duct tape also works.

I was happy with the firmness of the tape and the SATA ports line up with the backplane beautifully:

I did a tray pull and insert about a dozen times with no issues.  It has been like this in production for a couple months now.  With the lack of adapter maximum air flow is achieved.  Totally non-conformist, but sometimes IT is like that.

Sonicwall NSA: When Your Upstream Provider Gives You Two (or multiple) Subnets

In this example our upstream provider (ISP) is giving us 173.240.220.3/24 on the WAN side, but let’s say we need more IP Addresses, so they are also giving us 173.240.230.1/24.  Since the WAN is defined as 173.240.220.3/24, we cannot simply make a NAT policy for the second subnet because it is out of the scope of the first subnet’s broadcast domain.  SonicWALL does not know 173.240.230.1/24 exists.  This is actually really easy to get working, but the documentation I found on it was for older SonicOS versions.  I am using the SonicWALL NSA220W demo portal available here.

Under Network -> Interfaces you can see our primary WAN subnet as the X1 interface:

First we need to make an Address Object for the second subnet.  Browse to Network -> Address Objects.  Under Address Objects click Add…  I named mine X1 Second Subnet, it’s going to be on the WAN side, with a range of IP addresses in the second subnet, like so:

Now we need to create a Route, so traffic coming into the second subnet gets routed to the primary subnet (X1).  Browse to Network -> Routing.  Under Route Policies Click Add… Source is going to be Any, Destination is going to be the new Address Object: X1 Second Subnet, Service: Any, Gateway: 0.0.0.0, Interface: X1, Metric: 10.  Like so:

Now with any NAT polices all you have to do is select an IP in the X1 Second Subnet to be translated to a LAN IP and the SonicWALL will know to route it through X1.

How to change the port RDP is listening on -> Windows Server 2008 r2

This one is super handy for those of us who are into security by obscurity.  The default RDP port is 3389, to change this you need to open regedit and browse to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

Right click to edit and select the Base Decimal and change the Value Data to a new port number.  Don't use one of the official ports though: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

After the change you will need to restart the machine for it to take effect.

Source: http://support.microsoft.com/kb/306759/en-us

This made me shed a single tear...

From the CentOS 6.4 release notes:

4. Major changes

• Microsoft Hyper-V drivers have been added to allow CentOS to be more efficient as a Virtual Machine when installed on Microsoft Hyper-V server. 

Joyous Day!

The Greatest Toy KIT in the Universe!

I have been watching Jaimie of the Giant Robot Project fame build a giant robot by hand using scrapped parts for almost 7 years.  He is now crowd funding on Kickstarter to sell his toy based on his giant robot as a kit!

Check out Jaimie build his robot: http://www.youtube.com/user/JMEMantzel

Support him putting educational toys in the hands of children: http://kck.st/12BVJ8x

MVA: Windows Server 2012 r2 Jump Start - My Notes and Takeaway

Just finished the live broadcast of Windows Server 2012 r2 at the Microsoft Virtual Academy with Rick Claus and Corey Hynes.  This was another excellent presentation from these guys split over two long days.  I tried to type notes as fast as I could but these don't do the presentation justice.  This is an ugly dump of my notes and if I find any inaccuracies I will correct them.  Sadly I missed the section on Storage, I will get caught up on it once the broadcast is published, and I will update these notes.

Server 2012 r2

• Server 2012 user cals will work on server 2012 r2
• Can’t in place migrate from 2012 to 2012 r2
• Can’t in place migrate from 2012 r2 preview to 2012 r2 RTM
• 2012 r2 Std = 2 free VM’s

Virtualization

• VHDX = 64TB max size
• Can live migrate vm’s from 2012 host to 2012 r2 host, but not the reverse
• VM’s support direct attached nic teaming
• Gen 2 virtual machine:
• Hot add cd/dvd-rom drive
• Boot from UEFI firmware
• Faster to install and boot because of VM Bus
• Enhanced session mode:
• Can copy and paste with RDP between host and guests
• Can convert VHD to VHDX
• VHDX can grow and shrink while the vhdx stays online.
• VM metrics, live graphs of cpu, memory, disk IOPS, of VM’s
• Live snapshotting of Linux VM’s, can backup live linux VM’s
• Right click -> Clone a live VM
• Move the VHD location of a live VM to a different spot with no downtime
• A VHDX located on shared storage can be mounted to multiple VM’s natively
• Cluster aware updating, pushes WSUS updates at different times so VM’s don’t get bogged down
• Replicate VM’s without a domain by using certificate based authentication, Kerberos not required.
• Automatic VM activation using a generic key, as long as host is activated, the VM’s will be too.

Networking

• Software defined networking, use policies for network configuration instead of hitting hosts and VM’e one at a time.
• IP payloading with GRE, allows two networks w/ same subnet address to talk to each other, without NATing
• Use powershell to edit smart switch configurations
• One tool/command can edit nic ports on server and ports on the switch
• SMB multichannel, loads can be split to multiple nics on different networks
• RSS – receive side scaling allows network cpu processing to spread across all cores.
• Live networking monitoring of vm’s at the host level
• Ping has been replaced by ps commandlet: Test-NetConnection
• Alias= tnc
• Ping port: tnc 192.168.1.1 rdp
• tnc alone will test internet connection of pc/server

Management

• Using powershell with OMI and SMI-S standards you can modify third party switches or storage devices.
• Connect directly to iDRAC from VMM or powershell
• Check out the Microsoft Script Center for powershell scripts
• Powershell in a web browser. http://servername.local/pswa
• Has session saving
• Use powershell to create tasks/jobs, custom triggers
• Multiple levels of server desktop environment
• “Desktop experience” with metro apps
• Full server with metro gui
• Server core with management graphic shell
• Server core
• Server core can be updated to gui with a simple restart
• RSAT does not require a domain, can manage workgroup servers
• Use powershell to pipe role installs to multiple servers
• Desired state configuration:
• Powershell commands to tell servers what configurations/roles are needed
• Use MOF file as template for system settings, roll out to multiple servers at once.
• Domain not required
• Windows Server Essentials is a role now, can be installed to any server
• Comes with the pretty SBS stuff
• Comes with RWW

VDI

• RDS tools are in server manager and not stand alone administration tools
• Rdweb as a web portal for RDS
• Pooled vs Private remote desktops
• Pooled: uses differencing disk for saved state, can roll back state when you log off
• Private: individual vm
• Session shadowing
• User profile disks: Vhds can store personal data, then roll back a saved state, and the personal data will be saved.  
• User profile is a mount point to the vhd on a network share.  
• User profile folder will follow you from vm to vm.
• Hyper-v settings on master vm get rolled to the pooled vm’s
• Dynamically add/remove monitors for RDP sessions

In summary server 2012 r2 is ridiculous, I am very impressed.  Going from 2012 to 2012 r2 seems like a bigger upgrade than 2008 r2 to 2012.  MS is focused on making stuff easier, having the technology work for us.  Once the stream and the slides becomes available I will link them here.

Saving a Dell PE 2950 from the graveyard by turning it into an archive server

The Dell PE 2950 came with a Perc 5/i raid controller that supports up to 2 TB single disks.  It has 6 hot swap bays for a total of 12 TB, it does not support raid6 and a raid5 is not recommended with large disks.  A raid10 would bring the usable storage to 6 TB, much less than what we need.  After some research I decided to upgrade the Perc 5/i to a Perc h700 that can support 4 TB drives and a raid6, which will put us at ~16 TB usable.  This post is NOT instructions on how to install a PERC H700 in a Dell PE 2950, if you are going to do this you do so at your own risk, and wear an anti-static wrist strap!

The humble PERC 5/i and the area we are going to be working with: 

no battery :-(

SAS cables removed:

5/i removed:

Two screws hold the 5/i onto the caddy, the blue clip had to be removed:

The blue clip would not fit because of the heatsink on the h700.  Earthquakes are not an issue in this part of the country so it should be ok.  It fit into place firmly enough.  1GB of ram and a battery:

I had to buy Mini-SAS SFF-8087 to SFF-8484 cables, 18 inch was the shortest cable I could find and as you can see they are too long.  BE CAREFUL when routing these, take it slow and bend slowly.  The SAS-B (right side) on the backplane is gracefully bent because of the cd-rom drive is in the way:

This is a good sign, however disks 4&5 show up as 6&7.  Weird, but consistent with the research I have read:

Raid6 is preferred over raid5 nowadays, raid10 would be overkill for a static archive box:

We should be good: 

If you look carefully the lights on 4&5 (6&7 now) on the very right do not light up.  Once again weird, but consistent with what I have read:

14902GB C: drive? Can't because there is no UEFI on the Dell 2950:

After installing Server 2012 I formatted the storage space:

And here is what Dell OpenManager Server Administrator is saying about the disks:

Openmanage is showing disks 0-3 being members of 'connector 0' and disks 4-5 being members of 'connector 1':

Scheduling Robocopy, something I need to do WAY more of

Create a c:/scripts folder to house your robocopy bat script and create a backupfiles.bat inside of it.

This is an example of a robocopy line I use most often:

robocopy "C:\Source" "E:\Destination" /MIR /LOG:"C:\scripts\backupfileslog.txt"

Save this in your bat file.  The /MIR switch will mirror the source to the destination, copying the subfolders and purging stuff that no longer exists in the source.  The /LOG switch will output the job status to a file.

Launch taskschd.msc and under 'Task Scheduler Library' right click and Create Basic Task:

Give it a name and I usually schedule it daily early in the morning:

You are going to want to start a program and select your bat script:

Click finish and we need to make it so it runs when I am logged off the computer/server so right click on the job and click properties.  Under the General Tab select Run whether user is logged on or not:

Click OK and we are all set.  You can run the job now by right clicking on it and selecting Run.  Check your log file and you can see the status of the robocopy job:

This is a really easy way to make sure your important stuff gets backed up.  Robocopy doesn't do VSS so you can't copy locked files, for that look into Hobocopy: https://github.com/candera/hobocopy

Learn more about robocopy: http://ss64.com/nt/robocopy.html