Things I learned once, and don't want to look up again

So I’ve been playing with server core for few days now. I’m really starting to get the hang of the interface. I did however, goof something up. I accidentally created a virtual switch on the wrong NIC. I still think the way MS assigns the NICs is silly. the NICs are labled 1-4 on the box, but MS just seems to randomly pick adaper numbers. Probably not random, I just don’t know the answer. thats for another blog post, I suppose.

Regardless, I found myself needing to remove that virtual switch. Turns out someone smart figured out how to do that. found a way to make it happen. In a nutshell, he found a way to create an object reference to the WMI class “MSVM_VirtualSwitchManagementService”. Very cool! anyway, here’s the steps. basic even for those of us who need a complete walkthrough:

1. download the hyper-v module. you’ll need that for the commands to function. You can download from

2. right click on the .zip file and unblock it. then move it to your server. I use a network mapped drive that I can access from my server. Copy the file to where the rest of your modules are:
c:\Windows\System32\WindowsPowerShell\v1.0\Modules

3. Check to make sure powershell can find it. open powershell from the command prompt by simply typing “powershell”. Then enter the command

Get-Module -list

4. Import the module.

import-module HyperV

Now the fun stuff. the POWERSHELL!

Set your execution policy to unrestricted for this session.

Set-ExecutionPolicy Unrestricted

Create a variable and set it equal to that WMI class
$HVSwitchObj = Get-WMIObject –class “MSVM_VirtualSwitchManagementService” –namespace “root\virtualization” –computer “.”

Select the virtual switch to be deleted. Again we create a variable for that

 $HVSwitch = Choose-VMSwitch

Then delete that offending switch!

$HVSwitchObj.DeleteSwitch($HVSwitch)

GONE! fun. right? any props should go to Roger Johnson. he put the hard part together. I just added some of the basic stuff at the begining.

So, I finally have moved into a realm where I want to squeeze as much power out of my new servers. My latest purchase is a nice Dell 710 with a boat load of ram in it. I want that to be my hypervisor managing only the network connections. LOW OVERHEAD. That sounds great to me. Trouble is, I’ve never acutally configured a server without a GUI. I’ve dabbled in powershell and I’ve done plenty of unix/linux work from the command line though. How hard can it be?

Very, it turns out. I’m having a lot of inconsitent problems. I had no problem installing the OS. that went fine. I was even able to find plenty of documentation out there on, but not limited to Microsoft’s site. But I’m having strange problems I can’t find answers to.

The biggest is that I can enable remote desktop (can we really call it that in core? its just a command line prompt) but I cannot remotely access the event viewer, Hyper-v or disk managment…. I’ve configured it to do so.

first I found the sconfig command.

sconfig

That allowed me to “enable” remote access, turn on and install updates and powershell access. RDP seems to function fine. No other functionality is working. with Hyper-v I get RPC connection errors and network path not found with the remote computer managment.

the odd part is this: i removed the computer from the domain, re-added it and then I had access. This was late at night so I called it a win and went home. The next day I got back and there is no connection. restarted the server (its not in production yet) and still no love? what changed?

More as I work this out……

Update:

I spoke with my friend Steve who pointed out that I may be having firewall issues. so I turned it off!

netsh advfirewall set allprofiles state off

Totally worked. I suspected as much, but think my settings aren’t sticking. What could cause this to happen? without me making any changes? GPO!!! (thanks again Steve, good to have friends.)

So I poped open my Group Policy Managment, looked up my server and the GPOs that are applied to it. Turns out there is a firewall policy applied to EVERY computer in my network. Upon inspection I see that there is a section that “allow inbound remote administration exception”. The question is this, “is this policy over-writting the policy in place or is it appending?” I’d think over-writting due to my funny errors. The policy itself is only set to enable remote access. Since I am enabling the policy, does it require that I explicitly set the rules for all the remote access? good question! I disabled the GPO that was setting some firewall options. Restart on the server to get the new GPO setup and viola, connections are working fine. the GPO was interfering. I’m a bit suprised, and now I have a bunch more work to get my GPOs set to provide what that old GPO did without messing up my new systems.
After all the basics got ironed out, I then found a nifty tool for configuring core installations. called Core configurtor 2.0 you can find it here
Core configurator 2.0
Make sure to copy it to a tools folder on your C:\
then you can run it by typing

cscript Start_Coreconfig.wsf

This tool gave me the ability to use a GUI to set some of the things I needed done. I did google for each command I was going to need and entered them one at a time. That’s the hard way. Done that, time for something easier.

Go to “Volumes” and then “Block Devices”. For your 4TB volume, what is the label type? If it says “msdos”, as I said, you cannot have a “msdos” partition table and use more than 2TB. If it says “gpt” then you may have hit upon a bug.

If it says “msdos” then do the following:
- Remove any volumes, volume groups, physical partitions, etc. that you created on that disk.
- Open a command prompt
- Run “parted /dev/sda” (substitute the appropriate device name)
- Type “print” (you should see the total size of the disk and the label type)
- Type “mklabel gpt”
- Type “print” (to make sure that the label has changed)
- Type “q” (to quit)
- Close the command prompt

Back in the web admin, refresh the “Block Devices” page and see if it now shows a label of “gpt”. If it does, create your physical partition, volume group, etc. If it doesn’t, reboot.

This command will make all space on diskgroup 0 contiguous

navigate to the following ( make sure you have the dell powervault client software installed)

c:\program files (x86)\Dell\MD Storage Manager\client

smcli -n gfpdiscsi01 -c “start diskGroup [0] defragment;”

new project! I’ve been working on installing lync 2010 in my environment. Here’s some prelim notes. I’ll update as I go.

Running the Console:

I attempted to launch the console both with the start menu link directly on the server and by going to https://servername/cscp

both gave me the following error.

Could not load type System.ServiceModel.Activation.HttpModule

What it boiles down to was that the IIS server was installed AFTER  .net  framework 4. The fix is simple. re-register aspnet and IIS.

aspnet_regiis.exe -iru

Adding users:

You cannot add users via the console who already belong to the domain admin’s group. You’ll have to do it via powershell. To make it easy - for those of us who are new at powershell - you can use the Lync Server Management Shell right in the start menu.

Enable-CsUser -Identity "User Name" -RegistrarPool "Name.of.your.server"
-SipAddressType SamAccountName  -SipDomain "domain.local"

Please note that you can change the SamAccountName to use whichever method you like to generate sip address type. the ref link below has options.

Reference:technet.microsoft.com/…/gg398711.aspx

I learned something today! That makes it a good day, and its only 8:30am.  A while back I stood up a new virtual server. I have a few of them and they all use my Dell Powervault to hold the VM files. This works well for a number of reasons. The powervault and servers use their own gigabit LAN to transfer data. Nice and fast. The powervault is fault tolerant, so I sleep better at night.  I tried something new this time though. I created a host group, consisting of two virtual machine hyper-visors. I gave them both access to the same virtual disk. All was well for a while. then one of my servers got itself corrupted. (see my previous post about backing up servers!) Then another got corrupted. The second hyper-visor couldn’t even see the virtual disk anymore even with a bunch of fiddling. That’s tech-speak for troubleshooting until my eyes bleed.

After a lengthy call with Dell’s customer support I found out that even though their documentation shows you how to share a virtual disk between computers, DON’T DO IT. Apparently this can and does cause disk corruption because Microsoft doesn’t play well when sharing a file system. Supposedly I can only get away with this if I had the two hyper-visors clustered. Which I don’t.  Any way, something new!

So I usually keep my virtual servers all nice and backed up just in case something dies. My production servers are backed up nightly, databases more frequently…. You get the drill. Backup or die.

Today I died. I have a server that I reserve for IT use. Holds some tools that scan my network, keep an inventory and host an internal blog for notes and whatnot. I don’t back that one up. Stupid, stupid, stupid. I figured it wasn’t REALLY production. Not THAT important. When it died, I sure realized how important it became. Enough of berating myself. On the the issue!

So the server rebooted itself. One of my other monitoring tools (nagios) let me know it went down, then came up, then went down….

When I attempted to connect, nothing. no website access, no RDP. The console through Hyper-V manager didn’t fly either. I’d see the message “Windows module installer is loading” followed by “Preparing to configure Windows”. Then the server would reboot. Rinse repeat ad nauseum.

I googled around some and found a number of faux fixes that didn’t work for me. mostly boot into safe mode and remove the offending hotfix. No dice. Then I remembered that I had downloaded Microsoft Deployment and Recovery tools from Technet. I gave that a shot. The automated recovery tools didn’t work. So I loaded up the System manager from the tools menu and just disabled the windows module installer. Low and behold it worked. It did load once, then reboot though. I quickly backed up my databases and files and got the heck out of dodge. Data saved!

Just a note, I was able to attach the .vhd file to another functioning server to get direct access to the file structure. Its just SO much easier to do database backups from the tools themselves than moving the flat files.

So the other day a few friends and I were discussing some odd behavior that IPV6 has. I noticed early on that it plays havoc with my DNS between IPv4 and IPv6 workstations and their respective connections to servers. Steve Murawski mentioned that he had problems with bandwidth regarding IPv6 and its desire to tunnel over IPv4. Now I don’t have all the details but disabling IPv6 and its attendant interface objects seems to solve both the DNS and network slowdown issue. I slapped a quick and dirty powershell script together that allowed me to quickly update my servers to remove the IPv6 suite. I should note that the commands are also courtesy of Steve. Thanks Steve!

Some of you may have seen where I made a mistake with my script. this has been updated on 12-23. You can still use my original commands so long as you do them live at the command window. As a script, it fails. So enter the commands one at a time and all is well. This doesn’t help much unless its a script though. So the second block of code is updated to work as a script.

Enter-PSSession PUT COMPUTER NAME HERE
Write-Host "Disabling isatap"
netsh interface isatap set state disabled
Write-Host "Disabling teredo"
netsh interface teredo set state disabled
write-host "Disabling 6TO4"
netsh interface 6TO4 set state disabled

Write-Host "Showing interfaces"

netsh.exe interface ipv6 show interfaces
ipconfig
ipconfig /registerdns
Exit-PSSession

Just a note for me, if you see the system.dns exception, remember to show hidden devices and remove the extra 6t04 and teredo adapters.
Use this section if you want to execute this as a script.

#* Filename: KillStupidIPV6.ps1
#*=====================================================================
#* Created: [12-21-10]
#* Author: Tim Lemmers
#* email: tim@liquidclever.com
#
#*=====================================================================
#get the remote computer name from User input

$Srv = Read-Host "Type Machine name"

$session = new-pssession -ComputerName $Srv
Invoke-command -session $session -scriptblock { netsh interface isatap set state disabled }
Invoke-command -session $session -scriptblock { netsh interface teredo set state disabled }
Invoke-command -session $session -scriptblock { netsh interface 6TO4 set state disabled }
Invoke-command -session $session -scriptblock { netsh.exe interface ipv6 show interfaces }
Invoke-command -session $session -scriptblock {  ipconfig }
Invoke-command -session $session -scriptblock { ipconfig /registerdns }

I nearly forgot! you may need to enable remote access to your servers. the best way I’ve found to do so is this:

Enable-PSRemoting 

Found a pretty cool link from the Powershell User group I attend.

http://code.msdn.microsoft.com/PowerShellPack

Keep that powershell alive with some added functionality from this powershell pack.