Infra World

Check Patch Compliance in Windows Computer or Server

How to Check Patch Compliance in Windows Computer or Server

Before checking, First you need to know what the latest patch/update/KB.no available for the particular Classification (like Security Updates/Updates) for a particular product (like Windows Server 2008 R2).
if you dont know that use, below link to browse the lates update information available in microsoft.

Link: https://www.catalog.update.microsoft.com/home.aspx

Enable temporary profile creation on the computer

How to Enable Creating Temporary Profile on a Computer ?

Purpose: To save the disk space on shared computer, whenever users login to the given systems with temp profile only. User profile folder should not be created. After logoff, it will delete the profile

How To:

Note: Makesure to delete all the existing user profile, if user profile exists for the user trying to login, it will not create a Temp Profile.

Add 'domain users" group to local 'Guests' group on computer where you want to enable the Temp Profile.

Reboot the computer and check.

How to Enable Hibernate Option in Start Menu

How to Enable Hibernate Option in Start Menu ?

Just Run below command to enable Hibernate, no need to apply this setting through GPO
CMD> powercfg /h on

Enable Active Directory module for Windows Powershell in workstation

Enable Active Directory Modules in workstation

Work Instruction:
Open Control Panel and navigate to below path
Programs > Programs and Features > Trun Windows features on or off >Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools > Active Directory module for Windows Powershell.
Click 'OK' button
once loading is completed, open powershell and run below cmd to see if modules are loading.
PS>import-module activedirectory

Powershell script to create Bulk User Accounts and add then to AD group in parllel.

Powershell script to create Bulk User Accounts and add them to AD group in parllel.
Purpose: Request to Create bulk user accounts like 100+ for testing and add to AD Group
Comment for improvement

Script:
Import-Module ActiveDirectory
$totalusers = <Provide the no of users you want to create, Ex: 50>
for ($i=0; $i -lt $totalusers; $i++)
{
  $userID = "{0:00}" -f ($i + 1)
//below is cmd to user account name like Test01, Test02...etc; change the cmd according to the format.
  $userName = "Test$userID"

  Write-Host "Creating AD user" ($i + 1) "of" $totalusers ":" $userName
New-ADUser -Name $userName -Path "<OU path to create user Account;ex:CN=Users,DC=XX,DC=XXXXX,DC=XXX" -SamAccountName $userName -AccountPassword (ConvertTo-SecureString "<EnterPassword>" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true -Description "Description of the Account" -Notes "<any notes if you would like to add>" -PasswordNeverExpires $True -UserPrincipalName $_."userName" + "@<DomainName,ex:XXXXXX.com>" -GivenName $userName -DisplayName $userName
//you can comment out below line, if you wouldn't like to add user to any ad group
Add-ADGroupMember "<AD group name to add User to>" $userName;
}

Powershell Script to Replicate OU Structure from Source OU to Target OU.

Powershell Script to Replicate OU Structure from Source OU to Target OU.

Purpose of the Script: i wrote the script to replicate the OU & Sub OU Structure from one OU to Another OU, the below script will take a backup of Source and Target OU before and after replication to CSV file.
Note: test it in test OU's before running in Prod OUs, it worked like charming.
Post comments for improvements.

Script:
import-module activedirectory
####Current OU Structure in Source & target for reference#####
Get-ADOrganizationalUnit -Filter * -SearchBase "<OU Path; ex: OU=TestOU1,DC=XX,DC=XXXXX,DC=com>" -Properties canonicalname | select DistinguishedName | export-csv ./BeforeSourceOUReplication.csv
Get-ADOrganizationalUnit -Filter * -SearchBase "<OU Path; ex: OU=TestOU2,DC=XX,DC=XXXXX,DC=com>" -Properties canonicalname | select DistinguishedName | export-csv ./BeforeTargetOUReplication.csv
##################
$sourceOU = "<OU Path; ex: OU=TestOU1,DC=XX,DC=XXXXX,DC=com>"
$destinationOU = "<OU Path; ex: OU=TestOU2,DC=XX,DC=XXXXX,DC=com>"
##################
#--------Main
##################
$adPath= "LDAP://" + $destinationOU
#Create OUs
$objDomain=New-Object System.DirectoryServices.DirectoryEntry($adPath)
$ObjSearch=New-Object System.DirectoryServices.DirectorySearcher($ObjDomain)
[array] $OUs = @()
$OUs = dsquery * $sourceOU -Filter "(objectCategory=organizationalUnit)" -limit 0
$OUsorted = $OUs | sort-object { $_.Length}
for ($k=0; $k -le $OUsorted.Count -1; $k++)
{
    $OUtoCreate = ($OUsorted[$k] -replace $sourceOU,$destinationOU).ToString()
    $OUSearch = ($OUtoCreate -replace '"',"").ToString()
    $ObjSearch.Filter = "(&(objectCategory=organizationalUnit)(distinguishedName="+ $OUSearch + "))"
    $allSearchResult = $ObjSearch.FindAll()
    if ($allSearchResult.Count -eq 1)
    {
        "No changes were done on = " + $OUtoCreate
    }
    else
    {
        dsadd ou $OUtoCreate
        "OU Creation = " + $OUtoCreate
    }
}
####OU Structure after replication in Source & target for validation####
Get-ADOrganizationalUnit -Filter * -SearchBase "<OU Path; ex: OU=TestOU1,DC=XX,DC=XXXXX,DC=com>" -Properties canonicalname | select DistinguishedName | export-csv ./AfterSourceOUReplication.csv
Get-ADOrganizationalUnit -Filter * -SearchBase "<OU Path; ex: OU=TestOU2,DC=XX,DC=XXXXX,DC=com>" -Properties canonicalname | select DistinguishedName | export-csv ./AfterTargetOUReplication.csv

Powershell Script for AD GPO Replication

Powershell Script for AD GPO Replication:

Purpose: I got 1 project request that i have to replicate the current OU Structure to Another location/OU in same domain. So i wrote a script to replicate the OU structure, later customer requested to link the GPOs as it was in Source OU to target OU. so i wrote below script.
OU replication powershell script i will post in another post.

Ex:
SourceOU:
TestOU1
GPOLink1
GPOLink1
OU2
GPOLink3
GPOLink4
TargetOU:
TestOU2
GPOLink1
GPOLink1
OU2
GPOLink3
GPOLink4

Script:
# Import the Active Directory module
import-module activedirectory
# Import the Group Policy module
Import-Module GroupPolicy
# Source for GPO links
$Source = "<OU Path;Ex: OU=Test1,DC=XX,DC=XXXXX,DC=com>"
# Target where we want to set the new links
$Target = "<OU Path;Ex: OU=Test2,DC=XX,DC=XXXXX,DC=com>"
##################
#Main Function
##################
[array] $OUs = @()
$OUs = dsquery * $Source -Filter "(objectCategory=organizationalUnit)" -limit 0
$OUsorted = $OUs | sort-object { $_.Length}
for ($k=0; $k -le $OUsorted.Count -1; $k++)
{
#$OUsorted[4]
    $sourceOuSearck = $OUsorted[$k].ToString()
    $sourceOulink = ($sourceOuSearck -replace '"',"").ToString()
    $linked = (Get-GPInheritance -Target $sourceOulink).gpolinks
    $targetlinkpoint = ($OUsorted[$k] -replace $Source,$Target).ToString()
    $TargetOULink = ($targetlinkpoint -replace '"',"").ToString()

    # Loop through each GPO and link it to the target
     foreach ($link in $linked)
     {
            $guid = $link.GPOId
            $order = $link.Order
            $enabled = $link.Enabled
        if ($enabled)
        {
            $enabled = "Yes"
                # Create the link on the target
                New-GPLink -Guid $guid -Target $TargetOULink -LinkEnabled $enabled -confirm:$false
                # Set the link order on the target
                Set-GPLink -Guid $guid -Target $TargetOULink -Order $order -confirm:$false
        }
        else
        {
            $enabled = "No"
        }
    }
}

LDAP User authrntication failed on 3rd party application (or) DCdiag failed return value = 81 (or) Naming information cannot be located.

Error's:
LDAP User authentication failed on 3rd party application connecting to AD for authentication.
DCdiag CMD failed.
Naming information cannot be located

Issue:
Customer reported Unable to login to tools applications console's.

Resolution:

First check the replication status, using below cmd
CMD>> repadmin /showrepl * /csv >showrepl.csv
run the above cmd on any domain controller, it will generate a report, check if you have any replication error and when the last sync was happened in the report.
if some error reported, then note the destination & source DC name.
then go to the domain controller rdp, run the below cmd in Command line.
CMD >> dcdiag
if you get below error message, then there is authentication issue on that domain controller.
fix: reboot the DC and re-run "dcdiag" CMD, if it is succussfull, then issue is resolved.
in our case, it was because some patch installed in the DC, which caused the services hanging.

Error:
Performing initial setup:
   Trying to find home server...
   Home Server = XXXXXXXXX
   Ldap search capability attribute search failed on server XXXXXXXXX,
   return value = 81

Error: Call "StorageResourceManager.RecommendDatastores" for object "StorageResourceManager" on vCenter Server "" failed.

Issue: Unable to Migrate a VM from 1 Datestore to another datastore, after the validation step in migration, the next window is keep process/blank screen and getting below error message. (Vcenter Client)

Error: Call "StorageResourceManager.RecommendDatastores" for object "StorageResourceManager" on vCenter Server "<VCenterServer>" failed.

Fix:
The issue is with the VM version & vSphere Client Version, try the migration from VMware vSphere Web Client, it will work

Url: https://<vCenterServerIP>:9443/vsphere-client/

In case, i was able to migrate the VM from VMware vSphere Web Client.

General ESXi Commands

1. How to Retrieves the hard disks of the virtual machine named VM
CMD> Get-HardDisk -VM <VirtualMachine Name>

2. How to List all Volumes on ESXi host
CMD> esxcfg-volume –l

3. How to Persistant Mount the Volume from CLI.
CMD> esxcfg-volume –M "<DatastoreName>"

Subscribe To

Follow me at