Too many NICs register in DNS – how to remove with Powershell

For those of you (like me) that have decided to move to Hyper-V 2012R2 (the free version, or the core version of Server 2012R2), you may run into this issue. Namely, you have more than one NIC that is registering with DNS. In a full server installation, you would open up the IPv4 properties of the NIC in question, go to the DNS tab, and uncheck the “Register this connection’s addresses in DNS” box. If you’re doing it like me, you have to use powershell. Here’s how I did it:

In Powershell (this is for a remote powershell session, you can skip the first command if you’re logged on to the host machine):

Enter-PSSession –ComputerName SERVERNAME –Credential ADMINUSER

{Enter prompted password}

Get-NetAdapter

Lists all adapters on host.

Get-NetAdapter ADAPTERNAME | Set-DNSClient –RegisterThisConnectionsAddress $False

Turns off the registration, found when right clicking IPV4 settings of an adapter, selecting DNS tab, and it’s the checkbox near the bottom in the GUI.

Get-NetAdapter ADAPTERNAME | Get-DNSClient

Should show “False” under appropriate area.

Finally, in DNS:

Delete the improper IP Address.

And that should do it!

Strange drive after update….

After weekend updates, several servers showed a random new mapped drive – but only in file explorer. It did not show up in Storage Management. Looking at it, some update had decided the EFI partition needed a drive letter….

This was on Server 2012R2, by the way – here’s the fix:

Administrative command prompt;

diskpart

list volume (find the one about 100 mb)

select volume #

remove

exit

And that’s it – ghost volume gone, EFI volume still where it’s supposed to be. Here’s the link I found that explained it to me….

https://www.tenforums.com/drivers-hardware/57417-hide-system-partition-shows-explorer-but-not-disk-management.html

Certifications

Life gets busy, especially in the IT world. Deadlines are destroyed by that last minute project that needed to be done yesterday. Except you just heard about it 5 minutes ago…. Our priorities change as the day passes and for those of us that plan and document our days, it can get frustrating trying to stay on the schedule – even if the only schedule we have is one we create for ourselves. It’s a good thing I like this sort of environment!

It is always good to allocate time not only for continuing education but also for demonstrating what you know via certifications. This is what I have been doing this week, in addition to the usual things that keep me busy – I finished a long process and completed my MCSE-Private Cloud certification. While the test was challenging, the fact that I work with almost all of the System Center suite on a daily basis helped me through it. It also pointed out where I need to spend some time (Azure, which we don’t use since our clouds are all internal, but I’m going to learn it and see if we want to go hybrid).

This is me.

Adding Exceptions to DND in Avaya IP Office

Some days its printers, some days its phones – and you just never know when. Some days it is both of them, like today. Funny how most of us don’t get certifications or official training in either category… but anyway, today I needed to set exceptions to Do Not Disturb for internal users (i.e., DND was active for external users, but internal extensions bypassed the DND block). In Avaya IP Office, do the following:

Log in to IP Office Manager;

Navigate to the “User” section;

Select a User;

Select the tab “DND”;

Under the Do Not Disturb Exception List, enter the internal extension you wish to bypass the user created DND. For example, John Smith at Extension 1234 would be 1234, or you can allow everyone in the range 1200 to 1299 with 12XX.

Hit OK, then OK again, then  Save/Merge it. All done!

Handy link:

http://marketingtools.avaya.com/knowledgebase/user/ipoffice/mergedProjects/selfadmin/_frame2.html?SelfAdmin_DND.html

 

Compliance Check!

Today was one of those general busy days – nothing major accomplished, but lots of boxes checked off – fix this printer, set up that new user, diagnose an issue with server X…

And then one of those long standing things on the ‘horizon’ creeps back into focus – just when do those security updates end for that software, putting things out of compliance? For me, it’s HIPAA, for you it might be Sarbanes-Oxley, FERPA, or pick your regulatory guidelines. Here’s a handy link:

https://support.microsoft.com/en-us/lifecycle

Big date for me is October 10th, 2017 – if you have anything with any Office 2007 on it, then it is for you as well. No more updates after that! If you’re wondering about Windows 7, you have until 2020 but you REALLY should update before that. If you have been in the nightmare update cycle lately, you know what I’m talking about. Make sure you use WSUS because manual on re-installs is a real pain right now…

Hyper-V 2012 R2 – No active network adapters found. (!)

This is not the sort of message you want to see…

Scenario: when logging in to a virtual host running Hyper-V 2012 R2 (that’s the free version, so it’s a stripped down version of core) you find this obscure error. The positive of HV2012R2 is that it’s free, it’s clean, it’s lean, and it’s specific. The negative is that your friend google doesn’t have loads of people who have had your same issue, so off you go into Technet land.

First, going to command prompt (at least I was able to remote to this server, which is 100 miles away, and it one of three that have/had this issue) I ran the standby “ipconfig” and I actually had configured network adapters. Since Microsoft has moved everything they can to Powershell, I figured part of the startup was running “Get-NetworkAdapters”. If I clicked on the “ok” in the error message, I got the following:

C:\Windows\System32\en-US\sconfig.vbs(253, 1) (null): 0x80041017

OR

C:\Windows\System32\en-US\sconfig.vbs(1202, 5) (null): 0x8004106C

After digging around in various corners of the internet, I ended up running from command line:

net stop winmgmt

This action stopped the following:

System Center Virtual Machine Management Agent,

Hyper-V Virtual Machine Management,

User Access Logging Service,

IP Helper,

and SMS Agent Host.

It did NOT stop WMI (winmgmt.svc). That’s ok, because this solution worked anyway. Once these all stopped, I ran the following commands:

net start vmms

net start scvmmagent

net start ualsvc

net start iphlpsvc

net start cmmexec

net start winmgmt (NOTE – this one will already be running, but I did it anyway)

After I did the above, to check I ran a simple WMIC command that had previously failed (wmic bios get serialnumber). This now succeeded, so I logged off, then back on – and now sconfig.vbs ran as normal.

Following this, checking with Hyper-V Manager, Failover Cluster Manager, and System Center Virtual Machine Manager showed everything was back to normal.

It’s always nice when you can fix it without a restart.

Helpful links:

Lots of actual names of services here – https://www.windows-commandline.com/start-stop-service-command-line/

Time Sync and FSMO roles

After returning to work from vacation over Christmas/New Years, I discovered some – but not all – servers had time issues. Specifically, some servers were behind by about a minute and a half. For some background, I moved our FSMO roles to our secondary site in early December so that we could rewire our primary data center (mission accomplished…). Those roles are still in our secondary data center. All domain controllers are Windows Server 2012 R2. A step was missed, however, in that our previous FSMO domain controller was also our NTP server. This means the server that verified time outside of our domain was no longer holding the PDC Emulator role…..and time started to drift.

Since we have stayed under the threshold for Kerberos failure (about 4 minutes from what I can tell), this has not manifested in any “real” issue yet. I also tracked down the reason some servers were “on time” (i.e. they were synced with the original domain controller, which was still accurate) and some were “behind” (they were synced with the “new” primary domain controller). An old GPO was pointing these few servers to the wrong place….

Quick fix – after hours, migrate the roles back to the original site since we’re done with the rewire. Reduce the polling interval to 900 from the current 3600. Manually sync the other domain controllers, and in 15 minutes all should be synced and back to normal. Longer term we will retire the old GPO and document “time” changes for the next time we fail over these roles.

Here are a few helpful links:

https://support.microsoft.com/en-us/kb/816042

“It’s Simple!” – Time Configuration in Active Directory

Hello world!

New year, new website! I am streamlining the clutter and going with a simple, clean format. If you wish to find detailed information about me (professionally speaking), please click the LinkedIn or Spiceworks connections in the sidebar.