30 September 2014

How to backup your CA

1.      In Server Manager, click Tools > Certificate Authority.
2.      Right-click your certificate authority name, select All Tasks > Backup CA.... On the Wizard            Welcome page, click Next
3.      Select the Private key and CA certificate and Certificate database and certificate database            log items to backup.
4.      Enter c:\backup in the backup path field and click Next > OK on the popup to create the                      directory.
5.      Enter a strong password on the Select a Password page and click Next > Finish.

An alternate method is to use the command certutil –backup c:\backup at command prompt and then enter a password when prompted.
Now we have backed up the private key, database and log files.
Next, we need to back up the CA’s registry settings.

6.      Using command prompt, execute the following command:
Reg save HKLM\System\CurrentControlSet\Services\CertSvc c:\backup\CAconfig.hiv
7.      Copy the CApolicy.inf file (if exists) to C:\Backup.
8.      Using command prompt, execute the following command:         Certutil –v –CAtemplates > C:\Backup\Templates.txt

More info can be found here

22 September 2014

Update-Help through Authenticating proxy

After installing Powershell 4.0 it's a good idea to update the help files, but if your behind an authenticating proxy like me (at work at least) here's a quick way to get things updated.

The error displayed:

PS C:\Windows\system32> Update-Help
Update-Help : Failed to update Help for the module(s) 'Microsoft.PowerShell.Management, CimCmdlets, ISE, Microsoft.Powe
rShell.Diagnostics, Microsoft.PowerShell.Host, Microsoft.PowerShell.Security, Microsoft.PowerShell.Utility, Microsoft.W
SMan.Management, PSDesiredStateConfiguration, PSScheduledJob, PSWorkflow, PSWorkflowUtility, Microsoft.PowerShell.Core'
 with UI culture(s) {en-US} : Unable to connect to Help content. The server on which Help content is stored might not b
e available. Verify that the server is available, or wait until the server is back online, and then try the command aga
in.
At line:1 char:1
+ Update-Help
+ ~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Update-Help], Exception

    + FullyQualifiedErrorId : UnableToConnect,Microsoft.PowerShell.Commands.UpdateHelpCommand


$webclient = New-Object System.Net.WebClient
$creds = Get-Credential #Prompts for credentials



$webclient.Proxy.Credentials = $creds
Update-Help

PowerShell versions on what Windows versions

PowerShell VersionRelease DateDefault Windows VersionsAvailable Windows Versions
PowerShell 1.0November 2006Windows Server 2008 (*)Windows XP SP2Windows XP SP3Windows Server 2003 SP1Windows Server 2003 SP2Windows Server 2003 R2Windows VistaWindows Vista SP2
PowerShell 2.0October 2009Windows 7
Windows Server 2008 R2 (**)
Windows XP SP3Windows Server 2003 SP2Windows Vista SP1Windows Vista SP2Windows Server 2008 SP1Windows Server 2008 SP2
PowerShell 3.0September 2012Windows 8
Windows Server 2012
Windows 7 SP1Windows Server 2008 SP2Windows Server 2008 R2 SP1
PowerShell 4.0October 2013Windows 8.1
Windows Server 2012 R2
Windows 7 SP1Windows Server 2008 R2 SP1Windows Server 2012
PowerShell 5.0April 2014 (***)Windows 9?Windows 8.1Windows Server 2012 R2
* Has to be installed through Server Manager
*** Release date of public review; current public preview version is September 2014


For more info go to: https://4sysops.com

Biggest Free E-Book collection online, and download them all with Powershell

I came across this blog: http://blogs.msdn.com/b/mssmallbiz

It lists almost 300 free e-books:

Windows 8.1
Windows 8 
Windows 7 
Office 2013
Office 365
Office 2010
SharePoint 2013 
Dynamics CRM
PowerShell
Exchange Server
Lync 2013
System Center
Azure 
Cloud
SQL Server

and much more.
Nice to have right?
But since you have to download them one by one, i found this script in the comments (Thanks Todd) and it works like a charm.

First download the MSFTEbooks.txt file from here
Then paste the below Powershell script directly in Powershell or run it from a ps1 file.
Edit your file locations to your corresponding folder locations.

Requires Powershell v3.0:

$booklist = Get-Content "D:\_DATA\Scripts\MSFTEbooks.txt"

$destination = "D:\_DATA\Downloads\E-Books"

foreach ($url in $booklist){

   if ($url.StartsWith("http")){
       $result = Invoke-WebRequest -Uri $url -outfile $destination\temp.tmp -PassThru
       if ($result.statuscode -eq "200"){
           $filename = join-path $destination (Split-Path -leaf ($result.BaseResponse.ResponseUri))
           Write-Host $filename
           Rename-Item $destination\temp.tmp $filename
       }
   }
}

While downloading it looks like this:



18 September 2014

Enable Powershell remoting and access denied

To check if Powershell Remoting is turned on:
Enter-PSSession -ComputerName localhost If all goes well the output is shown like this:
[PS] C:\Windows\system32>Enter-PSSession -ComputerName localhost [localhost]: PS C:\Users\Username\Documents> In some cases you get an error stating that "Access denied", but doenst really give enough info on why access is denied. From an elevated command prompt run the following command:
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f After that, re-launch the Powershell prompt as admin and re-run Enable-PSSRemoting

Enable Out of Office thru Powershell

Enable Out of Office thru Powershell

Set-MailboxAutoReplyConfiguration -identity “user@domain.com” –AutoReplyState Scheduled –StartTime “mm/dd/yyyy” –EndTime “mm/dd/yyyy” –ExternalMessage “The mesage you want to be displayed in the reply” -InternalMessage “The mesage you want to be displayed in the reply

If User needs external OOO as well: 

-ExternalAudience:All parameter should be used.

Removing Out of office by Exchange Shell:

Set-MailboxAutoReplyConfiguration “username@domain.com” –AutoReplyState Disabled –ExternalMessage $null –InternalMessage $null

Check the OOO that has been configured:

Get-MailboxAutoReplyConfiguration -Identity “username@domain.com”

16 September 2014

Clean scan engine folders for Forefront Protection for Exchange 2010

How to clean up the Forefront folders for all the scan engines used by Forefront.

Disk space can be hogged by these folder even though the update mechanism built in Forefront itself is configured to delete the old and obsolete scan-engines and pattern files.

If for some reason the disks are filling up, you can manually clean up the folders (delete its content really) and after that the update mechanism downloads the needed engines and patterns automatically.

First stop all related Exchange services:
get
-service *exchange*|stop-service
The stop all related Forefront services:
get-service *fpe*|stop-service

Then delete all files in
c:\Program Files (x86)\Microsoft Forefront Protection for Exchange Server\Data\Engines\x86
&
c$\Program Files (x86)\Microsoft Forefront Protection for Exchange Server\Data\Engines\amd64

Restart the server, reenable automatic management of updates, or manually start the update process.
Watch the folders getting filled with the latest patterns and engines.

10 September 2014

Using Hyper-V with a Wireless Network Adapter

Out of the box Hyper-V does not support connecting virtual machines to wireless network adapters.  As a primarily server focused product this is a reasonable limitation - especially given that we need to do to get wireless network adapters to work with virtual machines.  But all is not lost - it is possible to setup an internal virtual network and utilize Internet Connection Sharing to get you up and going.
The first thing to do is to create a new internal virtual network switch:
  1. Open the Hyper-V Manager and select your server.
  2. Select Virtual Network Manager... from the action pane (on the right).
  3. Select New virtual network and choose to Add an Internal network.
  4. Give the new virtual network the name you want hit OK.
Now to setup Internet Connection Sharing:
  1. Open the Control Panel and open Network and Sharing Center.
  2. Select Manage network connections from the list on the left.
  3. Locate the icon for your wireless network adapter, right click on it and select Properties.
  4. Change to the Sharing tab.
  5. Check Allow other network users to connect through this computer's Internet connection.
  6. If you have multiple network adapters you will need to select the specific entry for the internal virtual network switch.
  7. Click OK.
You can now connect virtual machines to the internal virtual network and allow them to access the Internet through your wireless network adapter.

Source

Install Windows Server 2008 R2 on VHD bual boot on Windows 7

Great article on TechRepublic:

How to install Windows Server 2008 R2 with yper-V and Windows 7 on the same partition


By Colin Smith in Data Center, September 20, 2010
Blogger Colin Smith explains how to install Windows Server 2008 R2 with Hyper-V and Windows 7
on the same disk partition by booting from a VHD that contains the entire WS2K8R2 OS 
within a single, portable file.

Typically, dual-booting multiple operating systems requires repartitioning a disk, which isn't always
desirable, especially if you already have a multi-boot environment with Windows and Linux. What 
I am proposing is booting from a VHD - a virtual hard disk that contains the entire Windows Server
2008 R2 OS installation within a single, portable file hosted by your Windows 7 file system.What's
different about this post from the other boot-from-VHD posts out there? Admittedly, I did learn how
to create and install into VHD from some of the TechNet posts, but they focus on creating VHDs from within the WinPE console. Unfortunately, most of us work in Windows, not WinPE. 
So, what I have attempted here is to show you how to create the VHD from Windows 7 (or Windows Server 2008 R2), so that you can create VHDs for other purposes in addition to just an OS install. Additionally, I'll try to provide some other scenarios where you might want to consider using VHDs.

Why would you want to boot from a VHD?
There are several reasons:

  • There is no requirement to repartition your hard drive, which in itself tends to waste disk space since most partitions are typically over provisioned.
  • It simplifies image management for both VMs and physical systems as the same VHDs can be repurposed for both use cases.
  • You can move the VHD to a Hyper-V server or port it to another virtualization platform like ESX, Virtual Box, Xen , etc., that supports VHDs.
  • The VHD can be configured to be thin provisioned. This means that you can set the maximum size of the VHD and it will appear to the guest OS as a full partition, but in the host OS, it will only consume as much disk space as required to contain the entire guest OS. The VHD will grow in size up to the maximum as blocks are written to (allocate on write).
  • You can remove the entire OS by simply removing a single file and updating your boot menu.
  • It allows you to boot easily from an external device like an eSATA drive (USB or remote storage are not supported for Windows 7 or Windows Server 2008 R2 - Hyper-V Server is supported on USB/Flash )
  • You can easily back up the entire OS as a single file (like you would a VM).
  • You can have versioned OSs using a differencing disk to create a parent child relationship between VHDs. This can be very disk space friendly if you manage many images.
What you'll need:
  • A system capable of running Hyper-V (Intel VT or AMD-V enabled)
  • Windows 7 installed
  • 15 GB of free disk space
  • The ISO for Windows Server 2008 R2
Note: In the examples below, I am doing everything on drive C: and assigning drive letter Q: to the VHD but you can use any drive that Windows 7 has available.

Preparing the VHD
First we'll need to create a VHD on the Windows 7 system using the DISKPART command:
1.       From the Start->All Programs->Accessories right-click the Command Prompt and select "Run as Administrator" - DISKPART will launch and you will be put into the DISKPART CLI shell.
2.       Let's have a look at what volumes DISKPART can see. Type:
list vol↵
Take note of what you see.
3.       To create a minimal size VHD that can grow to a maximum size of 15000MB type:
create vdisk file=c:\win2k8r2.vhd maximum=15000 type=expandable↵
4.       To set the focus of DISKPART to the newly created VHD type:
select vdisk file=c:\win2k8r2.vhd↵
5.       To attach the virtual disk to the system type:
attach vdisk↵
6.       We will need a primary partition within the virtual disk to make the VHD bootable; type:
create partition primary↵
7.       Although the partition can be formatted as part of the Windows Server installation, I prefer to do it now. To format the partition with the NTFS file system, type:
format fs=ntfs quick label="NewVHD"↵
8.       We don't really need to assign a drive letter to the VHD at this point since during the install of Windows Server, it will get a different drive letter anyway, but it makes it more convenient to investigate the VHD from Windows 7. Assign the drive letter Q: to the new partition by typing:
assign letter=q: ↵
9.       Let's have a look at what volumes DISKPART can see now.  Type:
list vol↵
You should see the new volume available with a size of 14GB.
10.   To exit the DISKPART shell type:
exit↵
11.   To exit the command  shell type:
exit↵
12.   Use Windows Explorer to see what size the file c:\win2k8r2 that contains the VHD is. It should be around 80MB. It will grow from here as we add contents to the volume.
13.   For fun use right click Computer from the Start Menu and you should see drive Q: mounted. You can check the properties of drive Q: by right clicking it.

Installing Windows Server
Now we are ready to install Windows Server 2008 R2 onto the newly formatted partition within the VHD. I'll provide general instructions here, just highlighting the differences from a standard installation.
1.       Boot from the Windows Server 2008 R2 ISO. At the screen that prompts you to select a language press SHIFT+F10 to access the WinPE console.
2.       To launch the DISKPART CLI shell:
diskpart↵
3.       Let's have a look at what volumes DISKPART can see. Type:
list vol↵
4.       To set the focus of DISKPART to the previously created VHD, type:
select vdisk file=c:\win2k8r2.vhd↵
5.       To attach the virtual disk to the system, type:
attach vdisk↵
6.       Let's have a look at what volumes DISKPART can see. Type:
list vol↵
7.       To exit the DISKPART shell, type:
exit↵
8.       To exit the WinPE shell, type:
exit↵
9.       Return to the Windows Server 2008 R2 setup and select Custom (advanced) as the installation type, not Upgrade.
10.   When prompted for the installation location, select the newly formatted volume that has the label NewVHD.
11.   Perform the remainder of the installation as usual.
12.   When you reboot you will notice that you get a boot menu allowing you to select the OS of your choice. Select Windows Server 2008 R2.
13.   Turn on the Hyper-V role.

Now you have a dual boot Windows 7 and Windows Server 2008 R2 system that can also run the Hyper-V role even though it is not installed in its own partition of a physical disk.
At this point, you could migrate your Windows 7 installation to a VHD so that both of your operating systems are booting from VHDs. If you choose this route, the Disk2vhd tool might prove useful.

You could also use the VHD that you just installed Windows Server into as a Hyper-V (or ESX) virtual machine (you will need to recreate or modify the BCD store first).
By the way, the size of the VHD you created will probably be around 6 GB when viewed from the Windows 7 instance.