WindowsAdminGuru BLOG

. Previously, explained how inefficiencies in an NTFS can slow down a system and suggested a few ways Windows administrators can format an NTFS to improve performance. In this article, I will continue the discussion by sharing some additional techniques with you, while demonstrating how certain security features can slow down NTFS. Disable last access date As most administrators know, the NTFS was created with security in mind. Of course, some NTFS security features are more important than others. One security feature that you might be able to live without is the mechanism that updates the date and time a file was most recently accessed. Although this type of information can sometimes be handy, refreshing a file's last access date and time stamp does consume I/O cycles. If you aren't worried about knowing the last time that files on a volume were accessed, you can disable this feature to give NTFS performance a minor boost. Before I continue, I should clarify that the informati

. In Windows 2003 Server SP1, you may get the error "The Error Log File is Corrupt" when trying to access the System Event Log in Event Viewer. Microsoft corrected this issue in Windows 2000 and 2003 Server with the latest Service Packs. However, 2003 SP1 resulted in the message showing up again in certain situations. The original method to resolve the issue was the following: 1. Disable the Event Viewer Service 2. Restart the server 3. Delete the C:WINDOWS\system32\config\SysEvent.Evt file 4. Re enable the Event Viewer service and see that the log files are no longer corrupt. Unfortunately, the above method may not work with 2003 SP1 because the root of the problem stems from the network card sending an improperly formatted event message to the event log. To resolve the problem, change the network card to run in full duplex mode. The corrupt system log message should then go away. .

Error Message: Time Provider NtpClient: No valid response has been received from domain controller after 8 attempts to contact it. This domain controller will be discarded as a time source and NtpClient will attempt to discover a new domain controller from which to synchronize. Event 38 The time provider NtpClient cannot reach or is currently receiving invalid time data from (ntp.dIP address -> IP address). Event 29 The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 30 minutes. NtpClient has no source of accurate time. Event 47 Time Provider NtpClient: No valid response has been received from manually configured peer time.windows.com,0x1 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. Resolution: Go to Command Prompt: Start --> Run --> CMD --

Update: You can now download Windows Server 2003 R2 here: microsoft.com. Today I attempted to install Windows Server 2003 Administration Tools Pack (adminpak.msi) but the installer instantly quit with the message "Windows Server 2003 Administration Tools Pack can only be installed on Windows XP Professional with QFE Q329357 applied, or on Windows XP Professional Service Pack 1 or later, or on computers running Windows Server 2003 operating systems." When researching if R2 needed a different version, I came upon the page "Windows Server 2003 R2 Administration Tools Pack (x86)." Judging from the title, I'd assume this was the file I was looking for but these files are actually for other OSes that want to manage the new services which come with R2. The only place I have found the adminpak.msi for 2k3 R2 has been on the CD itself. You can find the file within your i386 folder on your R2 CD.

For years I've used Windows Server 2003 and for years, I've been missing some of my favorite features from Windows Powertoys. The Image Resizer Powertoy is definitely one that came in really handy when I used XP. Unfortunately, anytime I tried to run it under 2k3, I would receive the message The powertoys require Windows XP or a service pack. They will not function on a version of WIndows ealrier or later than Windows XP Recently, when trying to extract MacBook drivers, I learned about InstallShield's "/V /a" switch and I decided to try it on ImageResizerPowertoySetup.exe. I downloaded the file from the Microsoft PowerToys for Windows XP webpage and saved it to my D: drive. I then ran D:\ImageResizerPowertoySetup.exe /V /a and extracted the contents to D:\temp. I saw that a folder called "system32" was created. I then moved the file phototoys.dll to C:\windows\system32 then went to Start -> Run -> regsvr32 phototoys.dll. Voila! "Resize Picture

Recently, we found that one of our DNS servers was resolving external hostnames unacceptably slow -- about 5 seconds, give or take. The resolution was so slow, in fact, that all of the clients hopped on to the secondary DNS server thinking that the primary had gone down. After logging on to the server to troubleshoot, I could see that: 1. Pinging external hostnames worked well after the hostname resolved. So did traceroute. 2. Caching wasn't working at all 2. Other AD DNS servers on the network were resolving external hostnames quickly 3. The root servers were all there but I deleted and reloaded them anyway - Note: you can actually load root servers from a root server which is cool 4. Internal hostname resolution was extremely fast 5. A reboot didn't help (you may laugh but this has solved severe AD problems for me) Because the other AD Servers were picking up the slack, I decided to come back to it later. I went out and had dinner with a friend then returned after a few h

I recently attended a Longhorn Roadshow in Santa Clara and learned quite a bit about Microsoft's emphasis on virtualization in Longhorn. A lot of companies are going towards virutalizing servers, even those still running NT or Exchange 5.5. The main reasons seem to be saving rackspace and saving electricity (fewer machines, less A/C) which both translate to saving money. Fortunately, my employer now has the infrastructure setup and virtualization on a mass scale seems like a possiblity. After a quick evaluation, I don't have much faith in Microsoft's current Virtual Server product but an evaluation of ESX Server 3.0 has proven impressive. VMWare has it together and it is likely the solution I'll be recommending in '08 when we're ready to move forward. That said, it's been tough installing Longhorn x64 on VMWare ESX server. It should be expected, though; the support for Longhorn x64 isn't even experimental yet -- it's non-existent. I had to select Vis

I'd like to start this post with a warning: I'm only 29 years old but already have permanent damage to my shoulder caused by overusage while working/playing on the computer. Two years ago, I had to claim workman's comp because I was disabled for a few weeks, barely being able to even stand because of an excruciating pain in my shoulder - even gravity put too much pressure on it. I didn't know what was happening at first, I thought it just needed to "pop" but as it turned out, I had tendonitis/bursitis from repetitive mouse/keyboard usage. While the damage was permanent, the pain went away after a terribly painful cortisone shot was injected right into my shoulder. By that time, calcium had built up and I heard the needle crush right through it. Ugh, even with lots of Vicodin and some other topical pain killer, it was still unbelievably painful. To stop the problem from recurring, I had my desk evaluated by an ergonomic specialist and ended up buying a new chai

While my firm explores using WebDAV and SharePoint 2007 for exchanging large amounts of files, we're temporarily using FTP dropboxes to fill the void. Last Monday, I setup 11 new accounts and it took a total of one hour to complete the same 15 step process (give or take) for each account. By the time I was finished, I decided automating FTP account creation would be my first PowerShell project. What you see below is part of that project. The code below creates a virtual directory in the "Default FTP Site" of the machine that is running the PowerShell script. The virtual directory called "NewUser" is mapped to C:\FTP\NewUser and is set to be both readable and writable. For the record, I couldn't get WMI to work (get-wmiobject) and that's the reason I decided to use the .NET's Directory Services support. server = $env:computername $service = New-Object System.DirectoryServices.DirectoryEntry("IIS://$server/MSFTPSVC") $site = $service.psbase.c

The code but wanted to try to see if I could use my Recordset/ADsDSOObject skrills to shorten the code. The outcome isn't any shorter but it does get the version, so that's cool. Thanks, Sharfa, for pointing me towards the WMI Exchange_Server thing, too. '**************************************************************************** ' This script created by Chrissy LeMaire (clemaire@gmail.com) ' Website: http://netnerds.net/ ' ' This script finds all Exchange Servers in AD. Includes Exchange Version. ' ' Run this script with admin privs on any computer within a domain. ' ' This script has only been tested on Windows Server 2003 ' ' NO WARRANTIES, USE THIS AT YOUR OWN RISK, etc. '***************************************************************************** Set objAdRootDSE = GetObject("LDAP://RootDSE") Set objRS = CreateObject("adodb.recordset") varConfigNC = objAdRootDSE.Get("configurationNamingContext&q

Recently, someone asked if there was a way to be notified when servers have been added to an Active Directory domain. I looked around the Internet and it seems there's not a direct way to do this without some large software package. So in lieu of having an instant notification, I created a script that tallies up newly added user and computer accounts and emails the admin with all the info. This script is initially setup to be run once a day, but you can modify to whatever frequency you want. I really expected this to take at most a couple hours to write but parsing through all the data turned out to take a heckofa lot of time. From converting the desired comparison date to UTC to parsing the AD attribute memberOf, I spent a good day working on this. I learned a lot, though and found this page which details the AD schema to be very helpful. If you need anything more than this, you may want to consider an enterprise-type administration package such as Microsoft's MOM. ADAddedUser

So I'm making the move to PowerShell. It's painful learning such alien (to me) concepts but books like Lee Holmes' PowerShell: The Definitive Guide help a ton. I was fortunate enough to be the editor for Chapters 1-5 and got a sneak preview. It's a fantastic book and can't wait to receive the title, complete with indexes! For now, I'm searching both the 36 Word documents and the sample code for solutions using Vista's built-in search functions. My first task, which I'll explain in later posts, includes some AD stuff. One tiny part of the equation is dynamically finding the FQDN of the current Active Directory domain. This should be easy! Using RootDSE, it's super easy to find out the DistinguishedName or even the FQDN of the domain controller being queried, so wouldn't there be a similar entry for FQDN of the whole domain? Apparently not (or if it's there, I can't find it). I've spent the morning and part of last night digging through

When creating a new Active Directory user from the command line in PowerShell, you will likely find yourself using Read-Hosts's asSecureString switch when entering the password. $password = Read-Host "Enter password" -AsSecureString Next, you'll probably look around the Internets for a few hours or so trying to figure out how to change the password of the newly created user. You will soon discover that the user creation process in PowerShell 1.0 isn't very straightfoward and it even requires a specific order for proper account creation. First, you create the account, then you set some basic properties, next you call SetInfo(), and finally you invoke setPassword using the follwing syntax: $newUser.psbase.Invoke("SetPassword",$password) Now you may find yourself with the following exception: Exception calling "Invoke" with "2" argument(s): "Exception has been thrown by the target of an invocation." Originally, this post mentio

Last night I got locked out of my Compaq DL360's iLO. I searched the web to find how to reset the Administrator password and read that, for the most part, I'd have to be at the console. Bah! My servers are in San Jose and I'm up here in San Francisco, I didn't want to make a trip just to reset my passwords. I continued to look around the web for a solution and found that I could reset the Administrator password (or even add another user with admin privs) using Compaq's Remote Insight Board Command Language. Apparently, if you are processing RIBCL commands through your given operating sytem so long as you have the rights to login to the server. I logged in as my Windows Domain Admin and performed the following steps (Linux users, you can download the RPM for HPONCFG): 1. I installed SNMP because it was a preprequesite for HP Insight Management Agents. 2. I dowloaded and installed the HP Insight Management Agents. 3. I then downloaded HP Lights-Out Online Co

. Disable SMB windows server 2003 / 2000 / 98 / NT Registry values associated with Group Policy configuration for Windows Server 2003, Windows XP, and Windows 2000 Client In Windows Server 2003 and Windows XP, the "Microsoft network client: Digitally sign communications (if server agrees)" Group Policy, and in Windows 2000, the "Digitally sign client communication (when possible)" Group Policy map to the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters Value Name: EnableSecuritySignature Data Type: REG_DWORD Data: 0 (disable), 1 (enable) Note The default value in Windows Server 2003, Windows XP, and Windows 2000 is 1 (enabled). In Windows Server 2003 and Windows XP, the "Microsoft network client: Digitally sign communications (always)" Group Policy, and in Windows 2000, the "Digitally sign client communication (always)" Group Policy map to the following registry subkey: HKEY_LOCAL_MACHIN