Category: Windows Server

Collection of useful Powershell commands for Server Administration

Collection of useful Powershell commands for Server Administration

Below is a list of useful Powershell commands that I use day to day – This list will be built upon over time:

Windows Server:

Get a list of running services:
Get-Service | Where-Object {$_.Status -eq "Running"}

Microsoft Exchange Server

Connect to Office 365 Exchange Online:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session

Get list of permissions on a users Mailbox Calendar:
get-MailboxFolderPermission -Identity [email protected]:\Calendar

Add a permission onto a users Mailbox Calendar:
Add-MailboxFolderPermission -Identity [email protected]:\calendar -User [email protected] -AccessRights Editor

Office 365 Administration

Connect to Office 365 via Powershell:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Connect-MsolService -Credential $UserCredential

Other Articles that may interest you:
Powershell Cmdlets to remember for the Microsoft 70-346: Managing Office 365 Identities and Requirements Exam

Powershell Cmdlets to remember for the Microsoft 70-347: Enabling Office 365 Services Exam

Windows Server Backup – “The filename, directory name, or volume label syntax is incorrect”

Windows Server Backup – “The filename, directory name, or volume label syntax is incorrect”

Problem:

I had used AOMEI Server Edition to re-size the Partitions on a Windows 2008 R2 Server. Once the re-size was complete the server functioned as normal but the Window Server Backup stopped working.

I was getting Error Event 146 in the Backup Log with the message:

A volume VOLUME_NAME included for backup is missing. This could be because the volume is dismounted, reformatted or disk is detached.”

For more information about this error see the TechNet Article here:

In my case I could not remove the Volume from Windows Server Backup. Attempting to modify the backup Schedule via the GUI gave me the error:

The filename, directory name, or volume label syntax is incorrect

Solution:

To resolve the issue I disabled Windows Backup via the GUI. I then re-setup the backup as normal with a single External Backup Drive. This retained my current backups and did not format the drive.

I then added the other drives into the Backup Schedule via the “wbadmin enable backup -addtarget” command. For more information on this command see here:

The backups then worked as they should.

Unable to add a new Backup Destination via the Windows Backup Console

Unable to add a new Backup Destination via the Windows Backup Console

Problem:

Unable to add a new Windows Backup Destination to an existing Windows Backup Schedule via the Windows Backup mmc snap-in (Console).

Resolution:

Use wbadmin in an Elevated Command Prompt to add the new Destination Drive to the Backup Schedule.

Run the following command in an elevated command prompt to determine the Disk Identifier of the new disk:

wbadmin get disks

Based on the output, locate the disk that will be added to the scheduled backup. Make a note or copy the Disk Identifier (including the brackets). Be sure to copy the correct ID! If you don’t you could end up formatting another drive. The output will resemble the following:

Disk name: xxxxxxxxxxx
Disk number: x
Disk identifier: {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
Total space: xxx.xx GB
Used space : xxx.xx GB

Run the following command to add the new disk to the Scheduled backup. Use the Disk Identifier from the previous step as the “AddTarget” parameter.

wbadmin enable backup -addtarget:{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}

When you receive the following prompt, type Y for Yes.
“Do you want to enable scheduled backups with the above settings?”

Once this has been completed, open up the Windows Server Backup Console and make sure that you can see the new.

The only irritating thing about adding a drive via this method is that it allocated a long name to the disk. It’t not really a problem, its just annoying if you have a number of backup drives labelled as ‘Backup 1’ ‘Backup 2’ etc and then you have a generated disk name that doesn’t suit.

Microsoft KB Article:
https://support.microsoft.com/en-us/help/2009365/error-message-when-you-try-to-add-an-additional-disk-to-a-scheduled-backup-the-filename,-directory-name,-or-volume-label-syntax-is-incorrect

Configure a new NTP Server in Windows Server

Configure a new NTP Server in Windows Server

Configuring a new NTP Server in Windows Server

Open an Elevated Command Prompt:

Query the current Time Service using:
w32tm /query /status

Run the following Command to configure a new NTP Peer:
w32tm /config /manualpeerlist:uk.pool.ntp.org

Restart the Windows Time Service:

net stop w32time
net start w32time

Property Owner is not available for Database ‘[SUSDB]’. This property may not exist for this object, or may not be retrievable due to insufficient access rights.

Property Owner is not available for Database ‘[SUSDB]’. This property may not exist for this object, or may not be retrievable due to insufficient access rights.

Problem:

Unable to access the WSUS Database (SUSDB) from Microsoft SQL Management Studio.

Error:

When selecting properies on the SUSDB you get the below error message

Property Owner is not available for Database ‘[TEST]’. This property may not exist for this object, or may not be retrievable due to insufficient access rights.

error-propertyowner

Resolution:

Run Microsoft SQL Server Management Studio as Administrator
Connect to the WSUS SQL instance by putting the following into the servername: \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
Create a new query and type the following:

USE SUSDB
EXEC sp_changedbowner ‘DOMAN\Username’

Obviously change the DOMAIN\Username to you’re own… Execute the query. You should get a message below the query (Output window) saying that it completed successfully.

completedquery

Command Description:

USE SUSDB – This selects the Database SUSDB (The WSUS Database)
EXEC sp_changedbowner ‘DOMAN\Username’ – This changes the owner of the Database to your Admin account. Obviously replace the DOMAIN\USERNAME with your own details

Migrating DHCP Server configuration to a new Server- netsh

Migrating DHCP Server configuration to a new Server- netsh

Situation:

You have installed a new Server into an existing domain, or to replace an existing server. To save time you would like to export the DHCP Server Scope options and then import them into the new server.

Below is an easy way of migrating the DHCP Server settings with minimal effort. This will export all settings (Scope/Reservations etc).

Export Command on current server:

1) Open an Administrative Command Prompt
2) Use the following command to export the existing DHCP configuration:

netsh dhcp server export dhcp.txt all

3) Copy the dhcp.txt file to the new server

Import command on new server:
1) Open an Administrative Command Prompt
2) Use the following command to import the existing DHCP configuration:

netsh dhcp server import dhcp.txt all

Hopefully this has been useful to you.



Free up disk space in SBS2008 / SBS2011

Free up disk space in SBS2008 / SBS2011

I’ve written the below article as an overview on how to Free up disk space in SBS2008 and SBS2011.

Reclaiming Disk Space in SBS 2008 / SBS 2011.

The IIS Logs:

IIS logs in SBS 2008/2011 can grow pretty big. Check the following folder and sub directories:
C:\inetpub\logs\LogFiles

Delete the *.log files but do NOT delete the actual folders:

Top TIP:
Unless there is no other option, leave the last one month of logs so that they can be reviewed if ever required. They can always be moved to another volume if you don’t won’t to delete them.

The Windows Small Business Server logs folder:

Windows SBS generates a number of log files when utilising the SBS Console. These logs can become very large over time.

The SBS Log files can be found here:
C:\Program Files\Windows Small Business Server\Logs\

These logs can be moved or deleted if required to free up additional disk space. I’d always suggest moving a log file opposed to deleting it.

Console.log –
Console.log can become particularly big in some instances if you use the SBS Console. This log will continue to grow while the SBS Console is running and as you use the SBS wizards. The Windows SBS Manager service will need to be stopped in order to delete this log. The SBS Console will also need to be closed. Once the log has been moved/deleted, remember to restart the Windows SBS Manager Service.

Top TIP:
When using the SBS Console, make sure that it is closed afterwards. The console.exe process can sap server resources.

*.evtx files –
These are the event logs before the setup of the server completed, they can be safely removed if the server has been in production and had no setup issues.

W3wp.log –
Located in the C:\Program Files\Windows Small Business Server\Logs\WebWorkplace folder. This is the log for Remote Web Workplace (RWA).

MonitoringServiceLogs –
The C:\Program Files\Windows Small Business Server\Logs\MonitoringServiceLogs folder.
These are the logs for the Windows SBS Manager service. As such the service will need to be stopped prior to the logs deletion.

POP Connector Logs –
The POP3 connector log located in C:\Program Files\Windows Small Business Server\Logs\POP3Connector monitors the POP3 Service and keeps a log of the connections made to the POP Server. This log is typically only large if the POP Connector is being used. You will need to stop the Windows SBS POP3 Connector Service in order to delete these logs.

POP Connector Badmail –
If you the POP3 Connector is being used, you may end up with emails that failed to be delivered (rejected by the local Exchange server) in C:\Program Files\Windows Small Business Server\Data\badmail.

WSUS Cleanup Wizard:

Windows SBS 2008/2011 comes with Windows Server Update Services (WSUS) pre-installed. The database and content for this feature can grow massively over time. To help reduce this space, you can run the WSUS Cleanup Wizard:

To run the Server Cleanup Wizard :

1. Click Start>Administrative Tools> Windows Server Update Services

2. The WSUS Administration Console will open > Expand the server name> Select Options, and then Server Cleanup Wizard.

3. Select one option at a time and click next.

WSUS2

4. The wizard will begin the cleanup process and will present a summary when it has completed. Click Finish to complete the process.

5. Repeat steps 2-4 until you’ve gone through all the cleaned up options.

Note:
If the cleanup wizard has not been run in a while (or ever) it can take several attempts for the wizard to succeed. The wizard can crash so don’t be alarmed if you’re given an error. If the wizard crashes and you’re unable to open the WSUS Console then restart the following services and try again:

Windows Update / Windows Internal Database.

The SBS Move Data Wizards:

The SBS Console comes with a number of Wizards that allows the admin to move certain files and folders to other partitions. It is suggested that a good backup always be taken prior to the wizards being run. The Wizards can be accessed from the SBS Console> Backup and Server Storage> Server Storage. See the wizards on the right hand side.

– Move Exchange Server Data:
This moves both the exchange database file as well as your exchange transaction logs for all storage groups.

– Move Windows SharePoint Services Data:
This moves the SharePoint Content and Configuration databases.

– Move Users’ Shared Data:
This moves C:\Users\Shares\ directory and all sub directories

– Move Users’ Redirected Documents Data:
This moves C:\Users\FolderRedirections\ directory and all sub directories

– Move Windows Update Repository Data:
This moves the Windows Update repository data from C:\WSUS\WSUSContent and C:\WSUS\UpdateServicePackages. Please note it does NOT move the actual WSUS Database (SUSDB).

Move Wizards location:
Move-Data

Moving the WSUS Database:

The Windows Server Update Services Database can be relocated by doing the below. Again a good backup is recommended prior to proceeding:

– Launch SQL Server Management Studio Express console as an administrator. It is located under Start > Programs >Microsoft SQL Server 2008 R2 > SQL Server Management Studio Express.

– Fill in the following information and then click Connect

– Server type: Database Engine

– Servername: \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query

– Authentication: Windows Authentication

Auth1

– Expand Databases and right-click on SUSDB and select Tasks > Detach… from the context menu.

Auth2

– Select the “Drop Connection” checkbox and click OK.

DropDB

– Open Windows explorer and COPY the C:\WSUS\SUSDB folder to the new location on another partition.

– To reattach the database, right-click on Database and select Attach… from the context menu.

Auth4

– On the Attach Databases page select the Add button.

Auth5

– Browse to the new location of the SUSDB.mdf database and select OK twice to complete the move

Auth6

– Delete the old Database folder once you’re happy that it is working correctly.

Still running low on disk space?

Download and install TreeSize Free (http://www.jam-software.com/freeware/)
Run a scan on the drive and it will display all the folders on that drive as well as their file sizes. You can then see where the largest folders are and determine what else is taking up space.

Deleting old Windows Server Backups from an external hard drive

Deleting old Windows Server Backups from an external hard drive

I encountered an issue recently whereby one of our clients servers was running low on disk space. This resulted in the server being unable to complete a Windows Server Backup.  The backup destination in this instance was an external USB drive.

To resolve the issue I carried out the following steps:

  1. Opened Disk Management
  2. Right Clicked the backup partition on my backup drive and selected the option for ‘Change Drive Letter and Paths’
  3. Specified the drive letter as ‘F:’
  4. Opened an Elevated Command Prompt
  5. Ran the command ‘diskshadow’
  6. Ran the sub command ‘delete shadows oldest f:’
    (Ran the command multiple times until I was happy with the free disk space)
  7. Removed the Drive letter from Device Management

Please note, this is really only a temporary fix.  The correct solution is to replace the Backup drives with drives that had a bigger capacity.

Credit to the following article for finding this solution:
http://www.mcbsys.com/blog/2012/11/delete-old-windows-server-backups/



Server 2008 R2 (SBS2011) – DNS Access Denied – Network (Unauthenticated)

Server 2008 R2 (SBS2011) – DNS Access Denied – Network (Unauthenticated)

Recently I had a client with an SBS2011 who lost power to the server. Client PCs were unable to access the server resources and errored saying that the PC may have been compromised.

When the server had rebooted the network location had changed to Unauthenticated. When trying to access the DNS console I was getting an error saying Access Denied.

See below for reference:

DNS Access Denied

DCDiag was failing on connectivity but Active Directory Users and Computers was accessible.

After a while I managed to resolved the error by running the below command followed by a reboot:

nltest /sc_change_pwd:domainname.local

Command Description:
Changes the password for the trust account of a domain that you specify. If you run nltest on a domain controller, and an explicit trust relationship exists, then nltest resets the password for the interdomain trust account. Otherwise, nltest changes the computer account password for the domain that you specify. You can use this parameter only for computers that are running Windows 2000 and later.

Once the server had rebooted the network location changed back to ‘Domain’ and DNS was accessible. All client machines was then able to access the server.

Comments on my blog have indicated that this fix also works with Server 2012 R2.