Wednesday 19 December 2012

Deleting pending or failed certificate requests

As per:

http://blogs.technet.com/b/askds/archive/2010/08/31/the-case-of-the-enormous-ca-database.aspx

For example, if you want to delete all failed and pending requests submitted by the 19/December/2012, the command is:

certutil -deleterow 12/19/2012 Request

Tuesday 25 September 2012

Getting a list of persistently mapped drives

There are many scripts on the Internet I found that allow you to enumerate which drives a user has currently mapped. What I needed was a list of drives mapped persistently (thus manually), which would exclude drives user has just mapped temporarily as well as drives mapped by other scripts. Here's the VBSCRIPT I came up with:


' List Persistently Mapped Network Drives
Option explicit

const HKEY_CURRENT_USER = &H80000001

Dim strComputer
Dim objReg
Dim objShell
Dim arrSubKeys
Dim i
Dim strRemotePath

strComputer = "."

Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
Set objShell = Wscript.CreateObject("WScript.Shell")

objReg.EnumKey HKEY_CURRENT_USER, "Network", arrSubKeys

If IsArray(arrSubKeys) Then
    For i=0 to UBound(arrSubKeys)
        objReg.GetStringValue HKEY_CURRENT_USER, "Network\" & arrSubKeys(i), "RemotePath", strRemotePath
        objShell.Run ("%comspec% /K echo " & arrSubKeys(i) & ": is mounted to " & strRemotePath &_
            ">> \\server\share\%USERNAME%_on_%COMPUTERNAME%.txt"),0
    Next
Else
    objShell.Run ("%comspec% /K echo No persistent mappings found>> \\server\share\%USERNAME%_on_%COMPUTERNAME%.txt"),0
End If


Specify the script above as the Logoff script using a GPO and after a few days/weeks you will have a full list of who has mapped what and where, so that then a decision can be made as to how to migrate from manual drive mappings to automated ones.

Monday 17 September 2012

SCOM 2012 - Override Logical Disk Fragmentation Level monitor

 

Operations Manager is great, but it may be annoying at times. One of the things I did was to disable alerts pertaining to disks being too fragmented. It is, of course, a good monitor, except that I don't care about drives with no drive letter assigned (DPM volumes, recovery partitions, etc.) - we cannot defragment them anyway. Also, I am not interested in the fragmentation level of the file systems that are underutilised (some have only a few files on them and I want to exclude them also). So I will be excluding filesystems (Logical Disks) that are less than 10% full.

Here's how to do this:

Create a group that includes all logical drives with no drive letter assigned.

Start by creating a new group under Authoring:

Name the group and assign it to a management pack (better create your own one first):

Leave the Explicit Members list blank, and create a dynamic inclusion rule in the next step:


The resulting inclusion rule should look like this:

Finish the wizard and check the group membership:

Create a group that includes all logical drives with over 90% free space

This one is a bit trickier and took me a while to figure out, all because the Logical Disk type/class does not have Free Disk Space attribute pre-defined by Microsoft - so we have to create one first. In fact, you may have to create two - one for Server 2003 and one for Server 2008 if you are using both OSes in your environment. Here we'll go through creating one for Server 2008.

Under Authoring -> Management Pack Objects -> Attributes select Create a New Attribute:

 
 
 

Time to create a new group:
 
 

Finish the wizard and check the group membership:

Create an override

Find the Windows Server 2008 Logical Disk Fragmentation Level monitor and choose to override the monitor for a group:

 

All done, enjoy the peace and quiet :).

There is, perhaps, a more straight forward way of doing this, so if you know one then please let me know.

Friday 14 September 2012

Remove a Driver Package from the Driver Store

I had a problem recently when my HP SIM was reporting that the software on one of the server is not up to date. Upon inspection it turned out it was complaining about an outdated NIC driver. I couldn't update the driver because it was for a NIC mode that was not present in the system (perhaps it was at some stage in the past). This is what it looked like:



I found the following link to uninstall the driver:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff557255%28v=vs.85%29.aspx

I also found this one, but had no chance to test it:
http://technet.microsoft.com/en-us/library/cc730875.aspx

Using the first link above did not resolve the issue.
I was not able to use the second link since pnputil.exe did not list the troublesome driver.

I ended up manually cleaning up the registry from all references to bxvbda.sys and netbvbda.inf files.

Thursday 13 September 2012

Manually move Server 2008 cluster groups

Only user-added apps/services can be moved to another node using the Failover Cluster Management utility. To move the remaining groups manually use the cluster command:

C:\>cluster group
Listing status for all available resource groups:

Group                Node            Status
-------------------- --------------- ------
Available Storage    Node1           Online
Cluster Group        Node1           Online
MyApp                Node2           Online

C:\>cluster group "Available Storage" /move

Moving resource group 'Available Storage'...

Group                Node            Status
-------------------- --------------- ------
Available Storage    Node2           Online

C:\>cluster group "Cluster Group" /move

Moving resource group 'Cluster Group'...

Group                Node            Status
-------------------- --------------- ------
Cluster Group        Node2           Online


C:\>cluster group
Listing status for all available resource groups:

Group                Node            Status
-------------------- --------------- ------
Available Storage    Node2           Online
Cluster Group       
Node2           Online
MyApp               
Node2           Online