Latest Entries »

New blog

Hi all I am now blogging over here

http://blogs.technet.com/b/parallel_universe_-_ms_tech_blog

Thanks for reading :)

Troubleshooting KMS

I had an interesting situation today around troubleshooting KMS and trying to figure out what was happening. I was told the server was not working at all and could not be probed from the likes the VAMT (volume activation tool) from Microsoft Corporation. Here is the steps I took to help me determine the root cause of the KMS failures.

1. Logged on to server and did a quick check on the health. This involved looking at the ip configuration, the event viewer and the task manager.

I did notice something funny with the ip configuration but nothing that would be directly related to KMS health. Event viewer was client and task manager showed nothing out of the ordinary

2. Next step was to see if KMS was indeed running and listening on the box in question

I opened a command from and issues a netstat –an |more. This command displays the connections listening on the box and one of the first entries in the list was TCP 1688 listening on All addresses. Which means it is ok and discounts my ip configuration issue in step 1

3. Next we looked at the DNS records and check the srv record by using the following command from a command prompt nslookup –type srv _vlmsc._tcp

This returned the correct server name and port.

4. Next we checked the licensing information on the KMS server to ensure it actually has something to hand out to clients. To do this I ran slmgr /dli from a command prompt and a screen pop up display license information and general statistics was shown. I saw no licenses installed. This is obviously a big problem!

5. I completed one final check, I am aware there was no license problems but I needed to know that if there was licenses could a client actually connect to port 1688 on the KMS. I logged onto a client and from a command prompt ran telnet servername 1688 and hit return. The connection was refused and highlighted a second problem to me. Since I already knew the server was listening on this port locally on the box I knew it was probably that windows firewall was activated. I checked the server configuration and the firewall was indeed turned on and the rule for KMS was disabled. I enabled the rule and reconnected successfully.

Following up I obtained license keys and installed them onto the KMS server.

From a client I ran again from the command prompt SLMGR –dlv to see if it would successfully contact the KMS server and it did

Problem solved!

So as you can guess i am on a journey about learning powershell and i am trying to do things which might be useful.

This is a straight forward piece of script to help you baseline you lync installation.

My next edits to this script will output to files for comparison later and also i am going to section things into functions and also create a little menu system but here it the bones of a working script as it is… enjoy!

 

write-host “Welcome to the resource utilization baseline test” -Foregroundcolor Green -Backgroundcolor Black
write-host “Please confirm how long you want these tests to run for” -Foregroundcolor Green -Backgroundcolor Black
write-host “For exampe you may want to sample every 1 second for a max samples of 1000″ -Foregroundcolor Green -Backgroundcolor Black
write-host “This will give you 1000seconds of samples… you may want this longer” -Foregroundcolor Green -Backgroundcolor Black
write-host “depending on the environmnet” -Foregroundcolor Green -Backgroundcolor Black
write-host “Comments and Suggestions to johm@microsoft.com or on Twitter: @mccabej” -foregroundcolor Yellow -backgrouncolor red
write-host “Please be kind i am still learning powershell :)” -foregroundcolor Yellow -backgrouncolor red
write-host
$sampleinttime = Read-host (“Please enter how often you want to sample in secs and press enter:”)
$maxsamp = Read-host (“Please enter the amount of samples you want to take and press enter:”)

write-host “Performing Resource Utilization Baseline Tests…….” -Foregroundcolor Green -Backgroundcolor Blue
write-host
write-host
write-host
$result = get-counter -counter “\Processor(_total)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$proctimetotal = $avg.average
write-host “Baseline Processor Time Overall” $proctimetotal -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(RTCSRV)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$proctimertcsrv = $avg.average
write-host “Baseline Processor Time for RTCSRV” $proctimertcsrv -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(IMMcuSvc)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$proctimeimmcusvc = $avg.average
write-host “Baseline Processor Time IMMcuSvc” $proctimeimmcusvc -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Memory\Pages/sec” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$mempages = $avg.average
write-host “Baseline for Memory Pages/sec” $mempages -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Network Interface(*)\Bytes Total/sec” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$netint = $avg.average
write-host “Baseline For Network Interfces Bytes Total/sec” $netint -Foregroundcolor Green -Backgroundcolor Blue

write-host
write-host
write-host
write-host “Performing User Load Baseline Tests…….” -Foregroundcolor Green -Backgroundcolor Blue
write-host
write-host

write-host

$result = get-counter -counter “\LS:SIP – 01 – Peers(*)\SIP – 001 – TLS Connections Active” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$tlsconnectionsactive = $avg.average
write-host “Baseline SIP – 001 – TLS Connections Active” $tlsconnectionsactive -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\LS:SIP – 01 – Peers(*)\SIP – 000 – Connections Active” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$connectionsactive = $avg.average
write-host “Baseline SIP – 000 – Connections Active” $connectionsactive -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\LS:SIP – 02 – Protocol\SIP – 001 – Incoming Messages/sec” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$incomingmsgpersec = $avg.average
write-host “Baseline SIP – 001 – Incoming Messages/sec” $incomingmsgpersec -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\LS:ImMcu – 00 – IMMcu Conferences\IMMCU – 000 – Active Conferences” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$immcuactiveconf = $avg.average
write-host “Baseline ImMCU Active Conferences” $immcuactiveconf -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\LS:ImMcu – 00 – IMMcu Conferences\IMMCU – 001 – Connected Users” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$immcuconusers = $avg.average
write-host “Baseline ImMCU Connected Users” $imccuconusers -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\LS:USrv – 00 – REGDBStore\USrv – 002 – Queue Latency (msec)” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$queuelatency = $avg.average
write-host “Baseline USrv – Queue Latency” $queuelatency -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\LS:USrv – 00 – REGDBStore\USrv – 004 – Sproc Latency (msec)” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$sproclatency = $avg.average
write-host “Baseline USrv – Sproc Latency” $sproclatency -Foregroundcolor Green -Backgroundcolor Blue

 

write-host
write-host
write-host
write-host “Performing Multipoint Conferencing Unit Resource Baseline Tests…….” -Foregroundcolor Green -Backgroundcolor Blue
write-host
write-host

write-host

$result = get-counter -counter “\Memory\Pages/sec” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$mempages = $avg.average
write-host “Baseline for Memory Pages/sec” $mempages -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Network Interface(*)\Bytes Total/sec” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$netint = $avg.average
write-host “Baseline For Network Interfces Bytes Total/sec” $netint -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Processor(_total)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$proctimetotal = $avg.average
write-host “Baseline Processor Time Overall” $proctimetotal -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(ASMCUSVC)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$asmcusvc = $avg.average
write-host “Baseline Processor Time for ASMCUSVC” $asmcusvc -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(AVMCUSVC)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$avmcusvc = $avg.average
write-host “Baseline Processor Time for AVMCUSVC” $avmcusvc -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(DataMCUsvc)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$datamcusvc = $avg.average
write-host “Baseline Processor Time for Datamcusvc” $datamcusvc -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(meetingmcusvc)\% Processor Time” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$meetingmcusvc = $avg.average
write-host “Baseline Processor Time for meetingmcusvc” $meetingmcusvc -Foregroundcolor Green -Backgroundcolor Blue

 

$result = get-counter -counter “\Process(ASMCUSVC)\Private Bytes” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$asmcusvcpb = $avg.average
write-host “Baseline Private Bytes for ASMCUSVC” $asmcusvcpb -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(AVMCUSVC)\Private Bytes” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$avmcusvcpb = $avg.average
write-host “Baseline Private Bytes for AVMCUSVC” $avmcusvc -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(DataMCUsvc)\Private Bytes” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$datamcusvcpb = $avg.average
write-host “Baseline Private Bytes for Datamcusvc” $datamcusvc -Foregroundcolor Green -Backgroundcolor Blue

$result = get-counter -counter “\Process(meetingmcusvc)\Private Bytes” -sampleinterval $sampleinttime -maxsample $maxsamp
$avg = $Result | Foreach-object {$_.CounterSamples}| Measure-object -Property CookedValue -Average
$meetingmcusvcpb = $avg.average
write-host “Baseline Private Bytes for meetingmcusvc” $meetingmcusvc -Foregroundcolor Green -Backgroundcolor Blue

i am adding to this script but take it and try it out for yourself…

#****************************************************************

# This script will test direct access
# it is very much work in progress and will be modified…
# at the minute this script will test which tunnel mode you are using
# i have a deep problem into teredo and will do the reset!

$useteredo = “0″
$use6to4 = “0″
$usehttps = “0″

$6to4 = netsh interface 6to4 show state
write-host “Checking to see if you are using 6to4……..”
Foreach ($6 in $6to4)
{
if ($6 -match “disabled”)
{
write-host “6to4 protocol is disabled”
write-host “You must be behind a NAT Device..”
}
else
{
$use6to4 = “1″
}

}

$teredo = netsh interface teredo show state
write-host “Checking to see if you are using teredo……..”
Foreach ($t in $teredo)
{
if ($t -match “disabled”)
{
write-host “Teredo protocol is disabled”
write-host “Your NAT Device Seems to be blocking UDP 3544″
}
else
{
$useteredo = “1″

}

}

$iphttps = netsh interface httpstunnel show interface

Foreach ($i in $iphttps)
{
 

if ($i -match “disabled”)
{
write-host “IPHTTPS protocol is disabled”

}

else
{
$usehttps = “1″

}

}

if($useteredo -eq “1″)
{
write-host “You are using Teredo”
$teredo1 = netsh interface teredo show state
$teredo2 = $teredo1 | where-object {$_ -match “Server Name”} |foreach-object {$_.Split(“:”)[1].Trim()}
$teredo3 = $teredo2.split(“(“)
Write-Host
Write-Host
Write-host “Direct Access Public Hostname is…. :” $teredo3[0]
Write-Host
Write-Host “Pinging host….” $teredo3[0]
$ping = ping $teredo3
$ping1 = $ping | Where-Object{ $_ -match “Request”}
$ping2 = $ping | Where-Object{ $_ -match “Reply”}
Write-Host
Write-Host
if ($ping1 -ne $null)
{
write-host $teredo3[0] “could not be contacted”
$noreach = 1
}
elseif ($ping2 -ne $null)
{
Write-Host $teredo3[0] “could be reached”
$noreach = 0
}

if ($noreach = 1)
{
write-host “Testing Internet Connection…..”
$testhost = “tpm.daccess.microsoft.com”
$inettest = ping $testhost
$inettest1 = $inettest | Where-Object{ $_ -match “Reply”}

if ($inettest1 -ne $null)
{
Write-Host “You have a connection to the internet!”
}
else {write-host ” you have no internet connection please check with your provider”}
}

}
elseif($use6to4 -eq “1″)
{
write-host “You are using 6to4″
}
elseif($usehttps -eq “1″)
{
write-host “You are using HTTPSTUNNEL”
}
else
{write-host “All protocols are disabled”}

#*************************************************************************************************

I work with a customer who deletes the profile every night, this is a nightmare for the user as some key data would be lost every evening, roaming profiles are not an option in this case, but the machines do have a second partition so what we do is use folder redirection, so it goes outside the scope of the profile deleting utility and the info is there when the user logs on!

 

 

Disclaimer – please test this on your system before rolling out to production, i am not responsible and will not be held to any accountability for any misuse …

 

1. Logon to your DC

2. Open Group Policy Management Console

3. Expand to the highest level point in the chain you wish to have to group policy apply from

In the below example we are starting directly under the forest root, which will affect all users.

clip_image002

4. Right Click and Select Create a GPO in this domain and link it here….

clip_image003

5. Enter in a descriptive name i.e. outlook signature redirection and click ok

clip_image004

6. Right click the GPO and select edit

7. Expand à User Configuration à Policies à Windows Settings à Folder Redirection à Appdata (Roaming)

clip_image006

8. Right Click Appdata (Roaming) and select Properties

clip_image007

9. Select the settings as below which reflect your environment and click ok

clip_image008

This is the next part to it Smile

so it will check the users home directory attribute, browse the directory for files that have not been accessed in 30 days and then create a report and send an email to the user…

 

going to add in the next few days, some control logic for errors etc… in the next few days…. so what out for an update…

comments welcome on how to make it better…

 

 

******************************************************************************************************

import-module ActiveDirectory
write-host "Checking For HomeDirectory Attribute…."
$enabledusers = get-aduser -filter {Enabled -eq "True"} -properties Homedirectory |where {$_.HomeDirectory -ne $null}

Foreach ($u in $enabledusers)
{
    write-host "Current User…." $u.Name
    write-host "You Home Directory is…" $u.HomeDirectory
    $pathtocheck = $u.homedirectory

    $statuscheck = get-childitem $pathtocheck -Recurse

    Foreach ($s in $statuscheck)

    {
   

    $access = $s | % {(get-date) – $_.LastAccessTime }
        if ($access.days -ge 2)
        {
        #write-host $s.fullname
        #write-host "File Was Last Accessed" $access.days "Days Ago"

        $outputfilename = ( "c:\" + $u.samaccountname + "30dayReport.csv")
        #$outputfilename
        $s |format-table -property Fullname |out-file $outputfilename -append
        $attachment = $outputfilename
        }
   
   
    }

$emailto = ("<" + $u.samaccountname + "@test.com>")
$emailfrom = "<admin@test.com>"
$smtpserver = "dc-01.contoso.local"

Write-host "Sending Report….."
send-mailmessage -to $emailto -from $emailfrom -subject "warning you have files which have not been accessed in over 30days" -smtpserver $smtpserver -attachment $attachment

 

*********************************************************************************************************

 

}

To enable verbose info at logon enable this reg key

 

To use enable verbose status messages by editing the registry, follow these steps:

  1. Click Start, and then click Run.
  2. In the Open box, type regedit, and then click OK.
  3. Locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

  4. On the Edit menu, point to New, and then click DWORD Value.
  5. Type verbosestatus, and then press ENTER.
  6. Double-click the new key that you created, type 1 in the Value data box, and then click OK.
  7. Quit Registry Editor.

Info taken from http://support.microsoft.com/kb/325376

this is for my reference as i am dealing with a lot of xp clients at the minute..

so this is the next level… with one more step to add later on…

and remember this is me beginning to play with powershell i am sure there are nicer ways to code…

this will check a users properties for the homedirectory attribute and then scan their home directory and see what files have not been used in the last 30days and write the results out to a csv file

I plan to add to this script but this is the core of it so far…

 

import-module ActiveDirectory
write-host "Checking For HomeDirectory"
$enabledusers = get-aduser -filter {Enabled -eq "True"} -properties Homedirectory |where {$_.HomeDirectory -ne $null}

Foreach ($u in $enabledusers)
{
    $u.Name
    $u.HomeDirectory
    $pathtocheck = $u.homedirectory

    $statuscheck = get-childitem $pathtocheck -Recurse

    Foreach ($s in $statuscheck)

    {

    $access = $s | % {(get-date) – $_.LastAccessTime }
        if ($access.days -ge 2)
        {
        write-host $s.fullname
        write-host "File Was Last Accessed" $access.days "Days Ago"
        $s |format-table -property Fullname |out-file c:\results.csv -append
        }
   
    }

}

This is actually part of a larger script but i taught it might be useful for some people.

basically place it in the root directory of your system or the root of the directory you want to check i.e. a users home directory run the script and it will output a CSV file with the results…

enjoy

 

*********************************************************************************************

$statuscheck = get-childitem -Recurse

Foreach ($s in $statuscheck)
{

    $access = $s | % {(get-date) – $_.LastAccessTime }
    if ($access.days -ge 2)
    {
    write-host $s.fullname
    write-host "File Was Last Accessed" $access.days "Days Ago"
    $s |format-table -property Fullname |out-file d:\results.csv -append
    }
   
}

 

*********************************************************************************************

i have been working with computers for a lot of years… which you can take as good or bad…. but one of the things you do learn is the symptoms of a problem about to occur and how to determine a healthy environment.. you become quite able to look at logs, AD etc… and determine if it is operating correctly.

This is not so easy for everyone…. (thankfully!!!) Smile with tongue out

So to help with the process check this download out

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=dd7a00df-1a5b-4fb6-a8a6-657a7968bd11

This is the Microsoft IT Environment Health Scanner and i am very impressed by this little tool.

It will scan your environment and show you potential problems… very worth the download and a little play!

Follow

Get every new post delivered to your Inbox.