Forcibly Remove Dfs Nameserver

The following steps can be used to remove a Dfs nameserver that no longer exists in your environment.

1. Log on to a Dfs server
2. Open an elevated command line
3. We’re going to use dfsutil with the following parameters: dfsutil diag unmapdomroot \<domainname><DFSname> \<DFSrootserver><DFSshare>
   1. As a sample: dfsutil diag unmapdomroot \\DfsRootName\DfsFolderName \\Server_to_remove\DfsFolderName
4. No need to reboot just wait for replication

Renaming Windows Domain Controllers

The following are the steps needed to rename a domain controller; the steps have been tested up to Windows Server 2016.

Note: If your DC is also acting as a Dfs nameroot server, make sure you remove the nameserver from Dfs first!

From an elevated command line, type the following commands:

1. Add the new domain controller name NEW_DC; we’re replacing OLD_DC
   NETDOM COMPUTERNAME OLD_DC.companydomain.com /ADD:NEW_DC.companydomain.com
2. Designate the new name as the primary computer name; OLD_DC gets removed and NEW_DC is new primary name
   NETDOM COMPUTERNAME OLD_DC.companydomain.com /MAKEPRIMARY:NEW_DC.companydomain.com
3. Reboot domain controller
4. Now, let’s remove the old domain controller name from Active Directory
   NETDOM COMPUTERNAME NEW_DC.companydomain.com /REMOVE:OLD_DC.companydomain.com
5. Sync all DCs

In the event that you didn’t notice the warning on top and you went ahead and renamed the domain controller and you had Dfs services running on it, here are some instructions on how to manually remove Dfs nameserver and fix the issue.

1. Log on to the recently renamed domain controller
2. Open Regedit.exe
3. Go to HKLM\Software\Microsoft\DFS\Roots\domainV2
4. Delete the key found under domainV2 and reboot your server
5. Next, remove the Dfs share from the server
6. Now you can delete the Dfs folder
7. Done

WinPE Nic Drivers for DELL Optiplex 7050

While running the latest version of SCCM 2012 and latest up-to-date Boot Image, network drivers for DELL OptiPlex 7050 need to be injected in order for WinPE environment to work.

Luckily, storage and network drivers for the OptiPlex 7050 model can be found on DELL’s support site.

The following screenshot will show you the file you need to download.

Once you’ve downloaded it the CAB file, then go ahead and update your Boot Image file(s).

Vmware Port Mirror and MS Advanced Thread Analytics

The project was to install MS Advanced Thread Analytic Gateway in a virtual machine, in Vmware, to monitor a physical domain controller.

Hardware involved

1. Domain controller (physical) – DCServer1
2. DELL switch – switch1
3. ESXi host – host1
4. MS ATA Gateway – atagw1

Setup Port Mirroring at Physical Switch Level

DC server DCserver1 and ESXi host1 are physically connected to switch1. DCserver1 connects on port 40 and host1 connects on port 44 of the switch.

We’re going to configure port mirroring on switch1 as source being port 40 and destination port 44 and we’re going to use use both directions in our config. You can use the following link to configure port mirroring on DELL switches.

Configure Vmware for Port Mirroring

As mentioned before, host1 connects to switch1, and we’re going to use this connection (vmnic2) and create a new standard switch (that was my setup). So, at point, vmnic2 connects to port 44 on switch1.

Once your new standard switch is created (vSwitch2), then we’ll create a new port group (ATA-Capture). While creating port group ATA-Capture, make sure to enable Promiscuous Mode and set VLAN ID to All (4095) – this part crucial!

 

Configure Microsoft ATA Gateway VM

Your MS ATA Gateway will need to have two NICs. One NIC will be used for day to day work and the second NIC for capture. To make thing easier, rename the NIC to something like ‘Capture‘. Next, make sure that your Capture NIC belongs to the ATA-Capture port group.

At this point you should be able to install MS ATA Gateway software.

Deploy iTunes 12 & QuickTime 7

The following are steps to deploy Apple iTunes  12.5.3.1 and Apple QuickTime 7.79.80.95 using System Center Configuration Manager.

Some of these steps were taken as tips from the following links:

1. Link one
2. Link two

I’m not going into details, but rather I’m going to point out some of my specific changes.

Get the MSI files for iTunes and QuickTime

Download the latest version of iTunes and QuickTime. In case you’re wondering why QuickTime, well, it’s a requirement for iTunes.

You’re going to get the MSI files for both applications by running the executable files (do not click the Next button in the installation wizard), once you run the executable files, then open file explorer and type %TEMP% in the location bar. Now look for a recently created folder and you’ll find the MSI files there, next, copy these files to your deployment folder. You’re going to perform these steps for iTunes and QuickTime.

Create QuickTime deployment

First, we’ll use Microsoft’s Orca tool to edit the QuickTime.msi file, we’re going to make the following changes:

1. From View menu, select Summary Information. Within this window in languages field remove all but 1033, then press OK
2. Click Property table and change the following fields:
   1. REGSRCH_DESKTOP_SHORTCUTS to 0
   2. REGSRCH_MEDIA_DEFAULTS to 0
   3. SCHEDULE_ASUW to 0
   4. Create a new row REENABLEAUTORUN and set this to 0 (disables auto-run)
3. Click LaunchCondition table and drop the “NOT BNEWERPRODUCTISINSTALLED” row
4. In the Checkbox table set all values to 0. If a manual install is done of the application then all the install options are uncheked by default
5. Save the MSI

You’re now ready to create the application deployment task.

For my environment, I’m not using a script as the installation method (the links mentioned above use scripts), I use the MSI file; however, I’m using the following installation command:

msiexec /i “QuickTime.msi” ASUWISINSTALLED=0 SCHEDULE_ASUW=0 REGSRCH_INSTALL_ASU=0 /q

Create iTunes deployment

First, we’ll use Microsoft’s Orca tool to edit the QuickTime.msi file, we’re going to make the following changes:

1. From View menu, select Summary Information. Within this window in languages field remove all but 1033, then press OK
2. Click Property table and change the following fields:
   1. REGSRCH_DESKTOP_SHORTCUTS to 0
   2. SCHEDULE_ASUW to 0
   3. IAcceptLicense to Yes
3. In the Checkbox table, we’re going to change the following:
   1. ChkOptInstASU to 0
   2. ChkOptInstShortcuts to 0
4. In the Shortcut table, we’ll remove QuickTimePlayer_Desktop and QuickTimeUninstaller. This will remove those shortcuts
5. From the LaunchCondition table drop NOT BNEWERPRODUCTISINSTALLED field
6. Save the MSI

I tried using the MSI files to create the deployment, but it became too complex as iTunes requires all pre-requisite files to be on the system before iTunes gets to be installed.

Here’s the installation script I use:

@ECHO OFF
start /wait msiexec /i AppleApplicationSupport.msi /passive
start /wait msiexec /i AppleApplicationSupport64.msi /passive
start /wait msiexec /i AppleMobileDeviceSupport6464.msi /qn
start /wait msiexec /i Bonjour64.msi /qn
start /wait msiexec /i itunes6464.msi /passive

Here’s the removal scrlipt I use:

REM remove application support 32
start /wait msiexec /x {F2871C89-C8A5-42EE-8D45-0F02506385A6} /q

REM remove application support 64
start /wait msiexec /x {9BC93467-75D1-4AA4-BD58-D9C51D88DFAB} /q

REM remove mobile device support 6464
start /wait msiexec /x {55BB2110-FB43-49B3-93F4-945A0CFB0A6C} /q

REM remove bonjour 64
start /wait msiexec /x {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} /q

REM remove itunes uninstall
start /wait msiexec /x {554C62C7-E6BB-40F1-892B-F0AE02D3C135} /q

 

Note that the product codes listed above are specific for the version of QuickTime and iTunes that came from the installation program downloaded from Apple.

Next, in Configuration Manager, make sure you the QuickTime deployment package as a dependency for the iTunes package.

As for a detection method, since we have an MSI, you can use that as your detection method.

Install Hyper-V Role to Windows Server 2012 R2 During OS Deployment

There are plenty of blogs about this subject, however, many of these blogs are outdated and some of their tips do not work properly for Windows Server 2012 R2. Also, in my case, I’m not using MSDT to install features and roles, but instead I’m using a captured WIM image.

To install Hyper-V role, just add a “Run Command Line” task, towards the end of the task sequence, Install Operating System task.

I’m using the following PowerShell command:

Powershell.exe -Command "& {&'Install-WindowsFeature' –Name Hyper-V -IncludeManagementTools -Restart}"

Also, here’s an interesting link that discusses this particular issue.

New Windows 7 Install Not Updating

There’s an issue with brand new installations of Windows 7. If you’re trying to patch/update a brand new Windows 7 installation, Windows Updates will sit there for days without patching anything.

It turns out that, a while back, Microsoft updated their patching servers and because of that, brand new Windows 7 installations will fail to patch until you install the following KBs:

KB3102810
KB3135445
KB3138612

Some of these KBs will not say that will not apply, but keep trying the others and one will fix the Windows Update issue with newly installed Windows 7.

A while back, I opened a Technet case on Microsoft’s forums and here’s the original link.

 

Run PowerShell Script in Schedule Tasks

The following will allow you to run a Powershell script as a scheduled task. These instructions have been tested on a Windows 7 64bit computer.

Before proceeding, make sure your Powershell script runs without any errors. The best way to make sure your script is running fine is by calling it from a command prompt.

Note: Make sure you run Set-ExecutionPolicy from an elevated Powershell window to make sure your system (Windows 7) is allowed to run Powershell scripts.

1. Open a Command Prompt window
2. Run: powershell -file <your ps script file>
3. Make sure it executes properly

 

Now, open Windows 7 Task Scheduler:

1. In the Actions tab
2. Power shell is found at: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
   1. You can also just use powershell.exe
3. In Add arguments (optional) field, add the following: -File “C:\Path-to-your-script\Your-ps-script.ps1”
   1. Sample: -File “C:\Program Files (x86)\Info Folder\Get-Speed.ps1”
4. In Start in (optional) field, add the following: C:\Program Files (x86)\Info Folder
   1. Sample: C:\Program Files (x86)\Info Folder

I’m not going to go over the other sections as this is the main section to be able to execute Powershell scripts from Schedule Tasks.

Get Active Network Adapter

Recently I had the need to create a script to find out what was the active network adapter in our server, so after some ideas from the web, I came up with a one line PowerShell script that helped me achieve my goal.

Note: Get-NetAdapter is a PowerShell commandlet that’s present on Windows 8 and Windows Server 2012 R2. This command will not work on Windows 7.

Get-NetAdapter | Where-Object {($_.LinkSpeed -eq “1 Gbps”) -and ($_.Status -eq ‘Up’)}

In this line, I’m basically getting the adapter with status ‘Up’ and with a linkspeed equals to ‘1 Gbps’. One can change LinkSpeed property to match your server’s network adapter speed(s).

Deploying Oracle JAVA

As of JAVA 8 Update 73, this is the easiest way I’ve found to deploy JAVA on a corporate environment.

1. Download JAVA from here
   1. You’re going to select the Windows Offline download option
2. Take a look at the many installation options now available for the JAVA EXEcutable file, those options can be found here
3. From an elevated command line, you’re going to run the JRE executable file with the options you select from step 2
   1. Here’s just a sample command line (all in one line):
   2. jre-8u73-windows-i586.exe EULA=Disable INSTALL_SILENT=Enable AUTO_UPDATE=Disable REBOOT=Disable REMOVEOUTOFDATEJRES=1
   3. You should be able to find the meaning of each installation option by reading the document in step 2. In essence, I’m installing JAVA and accepting the EULA, a silent install with JAVA auto update disabled as well as removing any outdated installations of JAVA and finally rebooting is disabled.

Note: Here’s a great JAVA 8 deployment blog in case you need other means of installing it

 

For those using System Center Configuration Manager 2012 (SCCM 20120), one of the ways to create an application deployment would be to use ‘manual’ deployment type and use a script to install JAVA. In the script I used, I was able to use START /WAIT command to execute the JRE file.