wbadmin to include all volumes
I am not sure why but I ended having to use wbadmin to do a full backup of a server. I usually do a -criticalonly to get a bare-bone restore of some windows 2008 r2 servers but I needed a include everything a specific server had.
I took me almost an hour to figure out how to use the -include parameter.
As from technet or the embedded help:
-include Specifies the comma-delimited list of items to include in the
backup. You can include multiple volumes. Volume paths can be
specified using volume drive letters, volume mount points, or
GUID-based volume names. If you use a GUID-based volume
name, it should be terminated with a backslash (\). You can
use the wildcard character (*) in the file name when
specifying a path to a file. Should be used only when the
-backupTarget parameter is used.
This said if I listed the volumes separated by a comma it would not let me. So just to save time to someone trying to do something like: wbadmin start backup -backuptarget:\\somewhere\here -systemstate -vssfull -allcritical -quiet -include:a:,b:,c:,d:,e:[...] to put the list of volumes to include between double quotes. -include:"a:,b:,c:,d:,e:[...]"
I cannot believe that this is not mentioned anywhere.
Windows 2008 x Data Protector: Can not connect to the SCM (Service Control Manager)
I noticed this a while ago but a colleague came to me with this problem. Luckily - and because I have short memory, I documented the process accordingly - which he did not read... anyways.
With windows 2008R2, in order to deploy the client to the server - locally or remotely - one will need to make sure the account used to deploy the agent is in the inet password account list and part of the install server user list. If not it will need to be added as follow.
C:\Program Files\OmniBack\bin>omniinetpasswd -add youraccount@domain.net
C:\Program Files\OmniBack\bin>omniinetpasswd.exe -inst_srv_user youraccount@domain.net
Use -list to get a list of users already in the list. If you do not add your account, you will have to use the backup service account to deploy any clients.
Troubleshooting windows key management
I have recently been deploying a few windows 2008 R2 and I ran into some activation issues. Where the KMS could not be found and/or did not activate the servers.
First off, there a few commands and output that will give you a good starting point.
C:\Windows\system32>cscript slmgr.vbs /dlv
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.Software licensing service version: 6.1.7600.16385
Name: Windows Server(R), ServerStandard edition
Description: Windows Operating System - Windows Server(R), RETAIL channel
Activation ID: 039998e3-3ef5-4adf-b758-mnbvczxlkjjhh
Application ID: 55c92734-d682-4d71-983e-lkdaskdjaskl
Extended PID: 00477-4444-444-000000-00-1033-7600.0000-3482009
Installation ID: 006386735361234567898785803475982043689521915735258065
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88342
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88343
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88345
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88344
Partial Product Key: 2YYCD
License Status: Initial grace period
Time remaining: 43200 minute(s) (30 day(s))
Remaining Windows rearm count: 2
Trusted time: 4/27/2010 11:09:12 AM
Or its equivalent with less information slmgr /dli.
In that case, it seems that KMS client is not even set here.
First off, you may want to tell the server where to look to get Keys using the following commands.
To know which server should be register you may want to check the DNS record that
C:\Windows\system32>nslookup -type=srv _vlmcs._tcp.xxxx.net
Server: rrrpdcad02.xxxx.net
Address: 10.9999.15_vlmcs._tcp.xxxx.net SRV service location:
priority = 0
weight = 0
port = 8081
svr hostname = rrrmskms01.xxxx.net
rrrpmskms01.xxxx.net internet address = 10.99.98.97
With this information you can now register for this server.
C:\Windows\system32>cscript slmgr.vbs /skms rrrpmskms01:1688
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.Key Management Service machine name set to rrrmskms01:1688 successfully.
You will then need to enter a valid key if not already done with you unattended install. Please check the below table with MS provided keys for activation using KMS.
C:\Windows\system32>cscript slmgr.vbs -ipk YC6KT-GKW9T-YTKYR-T4X34-R7VHC
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.Installed product key YC6KT-GKW9T-YTKYR-T4X34-R7VHC successfully.
then trying the activation using the command below I would get another error.
C:\Windows\system32>cscript slmgr.vbs /ato
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.Activating Windows Server(R), ServerStandard edition (039998e3-3ef5-ddasdasdass8-d25fa0128ff4) ...
On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x80072EE2' to display the error text.
Error: 0x80072EE2
Using the mentioned command I would find that 0x80072EE2 means that the operation timed out. Very well, then I may facing some communication errors.
Indeed, as you may have noticed I made a mistake above not using the right port. I used 1688 which the default port instead.
You can also check on your KMS for a status using the slmgr /dlv command:
Key Management Service is enabled on this machine
Current count: 50
Listening on Port: 8081
DNS publishing enabled
KMS priority: Normal
Be sure to use the port that is given by the volume license DNS entry and make sure it communicates. As you may have guessed there are 2 ways a new server where a KMS is install will register. Of course after changing to the right port and can try -ato (activation) again.
- by using the DNS to automatically locate the KMS
- or just register it manually using the commands above
When rightfully registered the /dli or /dlv will give you something like that:
C:\Windows\system32>cscript slmgr.vbs -dli
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.Name: Windows Server(R), ServerStandard edition
Description: Windows Operating System - Windows Server(R), VOLUME_KMSCLIENT channel
Partial Product Key: R99HC
License Status: Licensed
Volume activation expiration: 259200 minute(s) (180 day(s))Key Management Service client information
Client Machine ID (CMID): 70e4de42-rewa-4c93-gf45-a6d372bc0a19
Registered KMS machine name: rrrpmskms01.xxxx.net:8081
KMS machine extended PID: 55041-009999-313-09999-03-1033-6002.0000-3442009
Activation interval: 120 minutes
Renewal interval: 10080 minutes
KMS host caching is enabled
Activation Keys table (taken from here)
| Operating System Edition | Product Key |
|---|---|
| Windows 7 | |
| Windows 7 Professional | FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4 |
| Windows 7 Professional N | MRPKT-YTG23-K7D7T-X2JMM-QY7MG |
| Windows 7 Enterprise | 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH |
| Windows 7 Enterprise N | YDRBP-3D83W-TY26F-D46B2-XCKRJ |
| Windows 7 Enterprise E | C29WB-22CC8-VJ326-GHFJW-H9DH4 |
| Windows Server 2008 R2 | |
| Windows Server 2008 R2 HPC Edition | FKJQ8-TMCVP-FRMR7-4WR42-3JCD7 |
| Windows Server 2008 R2 Datacenter | 74YFP-3QFB3-KQT8W-PMXWJ-7M648 |
| Windows Server 2008 R2 Enterprise | 489J6-VHDMP-X63PK-3K798-CPX3Y |
| Windows Server 2008 R2 for Itanium-Based Systems | GT63C-RJFQ3-4GMB6-BRFB9-CB83V |
| Windows Server 2008 R2 Standard | YC6KT-GKW9T-YTKYR-T4X34-R7VHC |
| Windows Web Server 2008 R2 | 6TPJF-RBVHG-WBW2R-86QPH-6RTM4 |
Restore an account from AD
Today I ran into a situation where someone accidentally deleted an account by mistake. It is pretty easy to solve something like that when you have the right tools.
For this recipe, you will need:
- adrestore, a great tool from our friend Mark
- Admin rights on AD, to perform what you have to do
For your sake, AD keeps deleted record for 30 days by default. If it was an important account, there are great chances you notice it is missing before the 30 days. Past those 30 days, you will need to use the "standard authoritative" AD backup method.
Your application using the deleted account will complain and a query on AD reveals it is not there. Not a problem, just follow the 4 easy steps below:
1. Restore the missing account
adrestore.exe -r MissingAccount
Enumerating domain deleted objects:
cn: MissingAccount
DEL:eab4d5e6-493b-4a64-aae8-360e730a5938
distinguishedName: CN=MissingAccount\0ADEL:eab4d5e6-493b-4a64-aae8-360e730a5938,CN=Deleted Objects,DC=rgare,DC=net
lastKnownParent: OU=Service Accounts,OU=Users,OU=Montreal (MTL),DC=COMPANY,DC=net
Do you want to restore this object (y/n)? y
Restore succeeded.
Found 1 item matching search criteria.
2. Query to check its existence
dsquery user -name MissingAccount
"CN=MissingAccount,OU=Service Accounts,OU=Users,OU=Montreal (MTL),DC=COMPANY,DC=net"
3. Reset Password as restored account comes back empty
net user /domain MissingAccount Password
4. Activate Account
dsquery user -name MissingAccount| dsmod user -disabled no
dsmod succeeded:CN=MissingAccount,OU=Service Accounts,OU=Users,OU=Montreal (MTL),DC=COMPANY,DC=net
At this point and under 3 minutes, the deleted account is restored and ready to be used. It even kept its SID but you will have to repopulate some of its attributes such as Description and so on.
Make sure your PC is ready when you arrive in the office
You know you try to make your personal PC as efficient as it can be. In the office it is a different story especially when you have bunch of mandatory compliance stuff to load on startup. That's when regulatory compliance becomes a real pain. Well if it takes 20 minutes to load everything and you cannot do anything then you should try to use from technologies that are available around you.
1. My computer's BIOS supports autostartup, so I have it set to come on at 7:20AM every day (I arrive at the office at 8AM).
2. I use TweakUI to autologin to the computer, use kb315231 otherwise. This gets it starting and lets all the startup programs take however long they need to get going.
3. REMAIN COMPLIANT. I have a shortcut in my startup menu with a target of: %windir%\system32\rundll32.exe user32.dll, LockWorkStation, which locks the workstation. This way, if anyone tries to power up my computer when I'm not there, they can't do anything, remember you are an admin.
4. I have a batch program in my startup menu with this command shutdown -s -t 7200 -c "If I'm not here, this computer will shut itself down." -f, which will shut the PC down in 2 hours. That way, if I'm out sick, the PC isn't on all day. Of course, if I'm late, I have 'till 9:20 or so to make it to my desk and abort the destruct sequence with #5...
5. I have a subfolder of Startup called Abort Shutdown, with a batch file in it with the command shutdown -a, which will (duh) abort the shutdown when I click it. The folder is open when I arrive, and the batch file is sitting there, waiting to be clicked on.
So, in the 40 minutes before I arrive, everything gets rolling. While 40 minutes might seem excessive, they are other things you may want to have your computer do while waiting for you such as backup or other sync.
This also works well in the middle of the day when a restart is required. I can fire and forget -- go get a double-double or something, and I don't have to come back just to log in and wait some more. By the time I'm back, it's ready to rock and roll.
Twits
- I think that my neighbor speaks super loud on the phone so she can get an office. can I get earplugs? 4 days ago
- Waiting... (@ Toronto East General Hospital) http://t.co/F6JUyNig 6 days ago
- Not sure I like the noisy and crowdy ambiance but the food and service is just awesome... I must go ahead but not o... http://t.co/4u31XOfT 6 days ago
- Not sure why it used to be much better...it was not what we order trying to make veal as beef?! Services was not ev... http://t.co/vQIijnPi 6 days ago
- I'm at Future Bakery & Café (483 Bloor St W, at Brunswick Ave., Toronto) http://t.co/0IwmUxyF 1 week ago
ING Direct Referal
Blogroll
Follow me
Jp
- ののちゃんのDO科学
- dictionnaire-japonais
- Jetaa Toronto
- Nihongo Juku
- Pera Pera Penguin
- SmartImports
- SpeedAnki
- WhiteRabbit
- 大人の漢字クイズ
KitKatNeko