Posts filed under ‘Windows’

Time Sync Issue on Virtualized Domain Controllers VM on Hyper-V and VMware

Dear Folks

Recently we noticed that our Domain Controller(VM) was throwing the Wrong time and forcing all the other servers and the client pc’s the wrong time.

Hence we started digging the problem by initially finding the source for our Domain Controller Clock it was found out by using the below command

w32tm /query status

Source: VM IC Time Synchronization Provider

This means the source is the Hyper-V Guest Integration Time Service.and in turn our Hyper-V server was having the wrong time.

Therefore what we did  is we disabled the  “Hyper-V Time Synchronization Service” via services. thereafter we ran the command mentioned above  and the source became

Source: Local CMOS Clock

Then we set the local clock on DC to the correct time and  noticed that all our servers and client started taking the time from the Domain Controller correctly.

So as a practice I would advice to do the same when your  DC is sittings as a VM on any Hypervisor to avoid time sync issues.

Update:1

As per the new recommendation Microsoft is saying to keep the Time Synchronization service enabled and make the below registry entry on the virtualized PDC emulator

reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider /v Enabled /t reg_dword /d 0

and add an external source.

Update:2

On the PDC Emulator role  server type the below command to check the communication between the NTP server.

w32tm /stripchart /computer:<target> /samples:<n> /dataonly

Then if it is working fine change the NTP as below;

w32tm /config /manualpeerlist:<peers> /syncfromflags:manual /reliable:yes /update

VMware

As per the VMware recommendation

– Keep the VM Tools Time Synchronization Disabled (By Default)

– Configure the ESXi host to use an external time source(Router / Switch / Public Server)

– Configure the PDC emulator for the external time source same as ESXi Host.

 

I would like to mention the few commands below which will be useful when dealing NTP issues on Windows;

To Stop/Start NTP
—————–
net stop w32time
net start w32time

To Remove and Install the service
———————————-
w32tm /unregister
w32tm /register

To Configure the PDC to use an external source:
———————————————–
w32tm /config /maunalpeerlist:”fortigate.test.com.sa” /syncfromflags:manual /reliable:yes /update

To Query the status
——————-
w32tm /query /status
w32tm /query /configuration (The output must shows the Type as NTP instead of NTDS5)

To force the time
—————–
w32tm /resync /rediscover
w32tm /config /update

To find the configuration
————————-
w32tm /query /configuration

To check the locaol NTP source
—————————–
w32tm /query /source

To manually check the time source
———————————
w32tm /stripchart /computer:fortigate.test.com.sa /samples:5 /dataonly

 

To force the member server to sync with the domain controllers available in the domain

w32tm /config /syncfromflags:domhier /update (If the NTP service is disabled make it to manual mode).
Advertisements

September 22, 2014 at 10:26 am 1 comment

Inaccessible boot device on Windows 2012 with EMC Networker

Hi

I would like to share my experience related to the above error.

Recently we received a call from our customer saying that 2 VM’s were not booting. We were in panic mode as these 2 servers are the domain controllers and the backup software which was supposed to do the BMR also failing.

Thereafter when we contacted Microsoft Support the team identified the error is due to the “nsrbbwi” key which being added on the Registry by our EMC Networker Backup Tool and once it was removed the servers booted normally.

Go to the below Registry via the Command Prompt from the System Recovery Options

ControlSet001\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}

ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F

Remove the Value for “Upperfilters” as it will be pointed to “nsrbbwi”

Reboot the server.

Source:-
-Microsoft PSS
-https://blogs.technet.com/b/mrmlcgn/archive/2014/02/20/after-installing-upgrading-emc-networker-version-8-1-1-windows-fails-to-boot-stop-error-7b-quot-inaccessible-boot-device-quot.aspx
Best regards

March 6, 2014 at 9:23 am Leave a comment

How to migrate the Hyper-V CSV’s to a new Storage

Dear Folks

Recently we sold a VNX 5300 storage to our customer and his intention was to migrate the data from his old EMC AX4 5i Storage.

We proposed him the SAN based migration option but customer was resisting and we have to do it on the Windows level.

The Environment

2 Node Windows 2008 R2 Hyper-V Cluster CSV enabled.
Ax4 5i Storage
EMC Powerpath Free Edition installed on both hosts.
2 FC HBA

Steps Performed.

– Initialized the new storage
– Configured the new LUN’s
– Connected a new HBA’ (Because the server was having only single free PCIE slot)
– Assigned the LUN’s to both the server.
– Logged in to one of the server ( which was the current owner for the CSV)
– Added the LUN as disk via Storage from Failover Cluster Manager)
– Added as CSV (via Cluster Shared Volume from Failover Cluster Manager)
– Exported the Virtual Machine to the new location on the C:\ClusterVolume(Can be any name as per your environment)\NewFolder –>Which will point it to the new disk)
– Deleted the VM from the Hyper-V Manager
– Imported VM again from the new location via the Hyper-V Manager.(Do not change any options from the Import Wizard)
– Finally Changed the Quorrum drive to the new LUN on the Storage via Change Cluster Quorrum Settings from the Failover Cluster Manager)
– Removed the Old Storage
– Fixed the Additional HBA
– Removed EMC Powerpath
– Enabled MPIO

Voila everything went smooth as ice.

Hope this article is useful and incase if you need any additional information please do not hesitate to contact me.

February 6, 2014 at 8:07 am Leave a comment

How to Disable IPV6 on Windows

Dear Folks

Some of us will encounter the below error message on a DNS server installed on Windows 2008 / 2012

nsllokup

 

 

But this is not a real problem ,and there will be no technical glitches based on this also Microsoft do not recommend disabling the IPV6 on Windows and Exchange servers.

Still if you want to hide this error you could do either of the below option

Option 1

1.identify the name of the LAN connection using ipconfig(in my LAB the name of the connection is “Local Area Connection”

2. netsh interface ipv6 delete dnsserver “Local Area Connection” ::1

Option2

1.netsh interface ipv6 show interfaces

2.netsh interface ipv6 delete dnsserver name=”IDX#” address=::1

NOTE:- Keep reading on IPV6 and Microsoft guidelines and discussion since these are getting updated frequently

Good Luck..

May 15, 2013 at 10:47 am Leave a comment

Active Directory Domain Servers could not transfer the remainig data in directory partiiton

Hi

Recently I faced an issue with one of our clients where he was unable to  run the DCPromo to demote the server , he was getting the below error.

The server operating system was Windows 2008 R2.

01-Floating single-master operation roles

After some research I found out that the reason is that the fsMORoleOwner  attribute was pointing to an incorrect entry ,it may contain an entry such as “0ADEL:123456f8-1238-1233-1230-123456361b8b”  But the actual FSMO role owner is   dc1.test.local.

I was trying to change the attribute via ADSI Edit  on the server which I need to demote  , But again I was faced with the below error.

dc

So  if anybody faces a similar incident  , they should do the below steps. by log in to the current domain controller which was holding the schema master role

* Identify the current FSMO Role Owner by

netdom /query fsmo

1 Login to the current owner  ,  and open the ADSI Edit

2 Connect to the DC=ForestDnsZones,DC=test,DC=lab

3 Right click on  CN=Infrastructure  go to Properties

4 On CN=Infrastructure Properties   click on fsMORoleOwner attribute and click on edit  you will find an incorrect entry  as below fsmo_Wrong_entry

5 Clear the text and enter the below text.

CN=NTDS Settings,CN=dc,CN=Servers,CN=HeadOffice,CN=Sites,CN=Configuration,DC=test,DC=local.

After the above steps   repeat the step2  to connect it to the  DC=DomainDnsZones,DC=test,DC=lab and repeat the steps 3,4 & 5

 

Voila Press OK and close the ADSI Edit  and now login to  the server where you want  to demote and run the DCPromo command and now you will be able to complete the wizard without any error

“I would like to thank “Antonie Khater” for his blog entry which was really helping me to focus in to the right direction”

 

 

 

 

 

 

May 6, 2013 at 9:14 am Leave a comment

Error code: 0x800F0906 while installing Microsoft .NET Framework 3.5

Hi Friends

 

Those who try to install .NET Framework through “Windows Feature” on Windows 8 or 2012 may receive the above mentioned error.

The quickest workaround for this issue ,

– Insert the Windows 8 or Windows 2012 Media

– Type the below command on the elevated Command Prompt.

Dism /online /enable-feature /featurename:NetFx3 /All /Source:<drive>:\sources\sxs /LimitAccess ( Replace the <drive> with your DVD Drive letter

 

Source:TechNet

Good Luck…

April 10, 2013 at 1:50 pm Leave a comment

How to reinstall the failed Additional Domain Controller on Windows 2012

Hi Folks

Recently I faced an issue with a customer where we have installed a Windows 2012 Additional Domain Controller as a Virtual Machine  on Hyper-v Server , he was getting the below error.

error

So  I was trying with all the CHKDSK , Last Known Good Configuration , Directory Restore mode  BUT everything failed, Including the below suggestion on Technet forums

http://social.technet.microsoft.com/Forums/en-US/winserverhyperv/thread/22e97f03-7308-43bd-9fa7-3d3560bf67bf/

Since  I had to meet the SLA  on solving the ticket , I decided to re-install the Additional Domain Controller on the same name ,which will avoid me of  Cleaning the metadata and other complex task.

So I  performed the follow steps.

  • Re-installed the Windows 2012  Guest on Hyper-V
  • Change the name to my previous Additional Domain Controller name.
  • Open the Powershell
  1. Add-WindowsFeature AD-Domain-Services –> This will install the Active Directory Domain Services.
  2. Import-Module ADDSDeployment
  3. Install-ADDSDomainController  -AllowDomainControllerReinstall -Credential (Get-Credential) -DomainName “test.local”This will prompt you  to enter the credential , make sure you enter the credential either in  DOMAINNAME\Administrator OR Administrator@DOMAINNAME
    Secondly it will prompt you to enter the Directory Restore Password
  4. That’s all it will promote the new server as a domain controller , you do not need to do anything on DNS or other related services.
  5. Finally you  will need to install the ADDS Management Tools  to Manage the Active Directory components you could do it via PowershellImport-Module ServerManager
    Add-WindowsFeature RSAT-AD-PowerShell,RSAT-AD-Tools and hit enter

              OR via the GUI

addfeature

Voila… My problem was solved .  Good luck Guys….

April 1, 2013 at 9:15 am 2 comments

Older Posts Newer Posts


Archives

Categories

Follow Hope you like it.. on WordPress.com

Blog Stats

  • 19,406 hits

%d bloggers like this: