Interesting technical links for Monday June 30


While I was mindlessly surfing I came across a few interesting links I thought I’d share.

Justin Ho posted about the D-Link router emulator pages and Blue Lock.

The D-Link router emulator pages show you what the configuration pages look like for various models of D-Link devices, which makes it nice when remotely supporting friends and family and you can’t see what they see.

Blue Lock is an open source program that locks your Windows PC if a particular Bluetooth device is not detected. For example, if you register your Bluetooth mobile phone with the program but then move away from your desk, the program will detect your phone is out of range and automatically lock your system, requiring the password to be entered to reactivate the system. Full Delphi source code is provided.

Dan Cunningham has released version 1.01 of his Workstation Migration Assistant program. As Dan puts it,

“The Workstation Migration Assistant is a visual wrapper for Microsoft’s User State Migration Tool, designed to simplify the capture / restore process for your end-users, and at the same time being highly configurable so that it can be customised to suit your organisations needs. Some of it’s features include:

  • Migrate via a pre-defined network storage location, external USB drive, or user-specified location. USB drive detection is automatic, and you can decide whether drives below a certain size are ignored (ie, memory sticks)
  • Optional Hard Disk Health Check will run a CHKDSK prior to capture and fix errors if any are found
  • Optional Encryption using a pre-defined company encryption key, or per-user customised encryption (for highly sensitive data that can’t be stored on a server without being encrypted)
  • Use different configurations for “XP Only” (XP > XP) migrations via Standard (XP > Vista and Vista > Vista)
  • Automatically run pre and post-capture / restore scripts and programs (very useful to further configure machine settings)
  • Migrate domain only accounts, or domain and local
  • Automatically exclude certain domain or local accounts from the migration
  • Automatically send log files to an e-mail address via SMTP after the migration
  • On-screen status during every stage of the migration, including ETA
  • Option to limit migrations to a certain size, i.e. if over 20GB of data to backup, then fail and inform user. This is also overridable
  • Automatic checks for USMT installation and optional download
  • Command-line automation
  • Super-pretty UI “

Cameron Fuller writes about his experience with Adding the first Windows 2008 DC running Server Core to a Windows 2003 Domain. I’ve previously used his data posted in Active Directory Stress Testing and Memory as a basis for sizing my virtual domain controller’s memory allocation.

The Sean Blog discusses diagnosing Windows crashes (blue screens), and mentions the Crash Analyzer Wizard. I’ve played with this tool before, since we get it with our Microsoft Volume License agreement. The wizard is a component of the Microsoft Diagnostics and Recovery Toolset, which is available from Microsoft as a 30 day evaluation.

Running Powershell On Windows Server 2008 Core


While being an unwilling participant in an excessively long conference call I was able to get Powershell up and running on my Server Core box, thanks to Dmitry’s detailed instructions.

Of course this is an unsupported configuration, which means Microsoft won’t help you if you experience problems.

Mark’s Windows 2008 DNS Server Command Line Cheat Sheet


If you’re a command line type administrator like myself you’ll want to check out Mark’s Mark’s DNS Server command line cheat sheet. He’s summarized the Windows Server 2008 CLI commands relating to DNS administration.

Function

DNSCMD option

Example

Comments

Do any dnscmd command on a remote system

dnscmd servername command

dnscmd main.bigfirm.com /zoneprint bigfirm.com

 

Create a primary zone

dnscmd /zoneadd zonename /primary

dnscmd /zoneadd bigfirm.com /primary

 

Create a secondary zone

dnscmd /zoneadd zonename /secondary master IP address

dnscmd /zoneadd bigfirm.com /secondary 192.168.1.1

 

Host a zone on a server based on an existing (perhaps restored) zone file

dnscmd /zoneadd zonename /primary /file filename /load

dnscmd /zoneadd bigfirm.com /primary /file bigfirm.com.dns /load

 

Delete a zone from a server

dnscmd /zonedelete zonename [/f]

dnscmd /zonedelete bigfirm.com /f

(without the /f, dnscmd asks you if you really want to delete the zone)

Show all of the zones on a DNS server

dnscmd /enumzones

dnscmd /enumzones

 

Dump (almost) all of the records in a zone

dnscmd /zoneprint zonename

dnscmd /zoneprint bigfirm.com

Doesn’t show glue records.

Add an A record to a zone

dnscmd /recordadd zonename hostname A ipaddress

dnscmd /recordadd bigfirm.com mypc A 192.168.1.33

 

Add an NS record to a zone

dnscmd /recordadd zonename @ NS servername

dnscmd /recordadd bigfirm.com @ A dns3.bigfirm.com

 

Delegate a new child domain, naming its first DNS server

dnscmd /recordadd zonename childname NS dnsservername

dnscmd /recordadd bigfirm.com test NS main.bigfirm.com

This would create the “test.bigfirm.com” DNS child domain unter the bigfirm.com DNS domain

Add an MX record to a zone

dnscmd /recordadd zonename @ MX priority servername

dnscmd /recordadd bigfirm.com @ MX 10 mail.bigfirm.com

 

Add a PTR record to a reverse lookup zone

dnscmd /recordadd zonename lowIP PTR FQDN

dnscmd /recordadd 1.168.192.in-addr.arpa 3 A pc1.bigfirm.com

This is the PTR record for a system with IP address 192.168.1.3

Modify a zone’s SOA record

dnscmd /recordadd zonename @ SOA primaryDNSservername responsibleemailipaddress serialnumber refreshinterval retryinterval expireinterval defaultTTL

dnscmd /recordadd bigfirm.com @ SOA winserver.bigfirm.com mark.bigfirm.com 41 1800 60 2592000 7200

Ignores the serial number if it’s not greater than the current serial number

Delete a resource record

dnscmd /recorddelete zonename recordinfo [/f]

dnscmd /recorddelete bigfirm.com @ NS main.bigfirm.com /f

Again, “/f” means “don’t annoy me with a confirmation request, just do it.”

Create a resource record and incorporate a nonstandard TTL

dnscmd /recordadd zonename leftmostpartofrecord TTL restofrecord

dnscmd /recordadd bigfirm.com pc34 3200 A 192.168.1.4

 

Reload a zone from its zone file in \windows\system32\dns

dnscmd /zonereload zonename

dnscmd /zonereload bigfirm.com

Really only useful on primary DNS servers

Force DNS server to flush DNS data to zone file

dnscmd /zonewriteback zonename

dnscmd /zonewriteback bigfirm.com

 

Tell a primary whom to allow zone transfers to

dnscmd /zoneresetsecondaries zonename /nonsecure|securens

dnscmd /zoneresetsecondaries bigfirm.com /nonsecure

That example says to allow anyone who asks to get a zone transfer

Enable/disable DNS NOTIFY

dnscmd /zoneresetsecondaries zonename /notify|/nonotify

dnscmd /zoneresetsecondaries bigfirm.com /nonotify

Example disables DNS notification, which is contrary to the default settings.

Tell a secondary DNS server to request any updates from the primary

dnscmd /zonerefresh zonename

dnscmd /zonerefresh bigfirm.com

 

Enable or disable dynamic DNS on a zone

dnscmd /config zonename /allowupdate 1|0

1 enables, 0 disables, 0 is default

 

Stop the DNS service

Either net stop dns or sc stop dns

 

(No dnscmd command for this)

Start the DNS service

Either net start dns or sc start dns

 

(No dnscmd command for this)

Install the DNS service on a 2008 full install system

servermanagercmd -install dns

 

 

Install the DNS service on a 2008 Server Core system

ocsetup DNS-Server-Core-Role

 

Case matters — ocsetup dns-server-core-role would fail

Uninstall the DNS service on a 2008 Server full install system

servermanagercmd -remove dns

 

 

Uninstall the DNS service on a 2008 Server Core system

ocsetup /uninstall DNS-Server-Core-Role

 

 

You’ll need to become intimately familiar with administering DNS via the command line if you’re running the Server Core version of Windows 2008.

Howto: Enable Automatic Updates in Windows 2008 Server Core


Windows 2008 Server Core uses the SCregEdit.wsf script found in C:\Windows\System32 to configure Automatic Updates behavior.

To view the current Automatic Updates settings, from the command prompt type:

c:\windows\system32\scregedit.wsf /AU /v

The following values correspond to the response generated by the scregedit.wsf script.

1 = Automatic Updates Disabled

4 = Automatic Updates Enabled

To enable Automatic Updates, from the command prompt type:

c:\windows\system32\scregedit.wsf /AU 4

To disable Automatic Updates, from the command prompt type:

c:\windows\system32\scregedit.wsf /AU 1

Note:

I’ve seen all over the Internet people posting that the syntax to enable AU is:

Cscript c:\windows\system32\ scregedit.wsf /au /4

I can tell you for sure using the syntax on the line above will generate the following error:

“Parameter 1 : Parameter type mismatch expected DWord.”

Make sure there is no leading slash before the numbers 1 or 4. There is a slash before the letter v when viewing current AU settings.

Howto: Configure the Windows 2008 Server Core Screensaver Activation Period


By default the Windows 2008 Server Core screensaver will activate after 600 seconds (10 minutes) of inactivity.

To change the amount of time the screensaver waits to activate, edit the following registry key:

HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut

I changed mine from 600 seconds (10 minutes) to 1200 seconds (20 minutes).

Sander has several other Desktop related settings you can configure for Server Core on his blog.

Howto: Enable Remote Desktop on a Windows 2008 Server Core System


Windows 2008 Server Core uses the SCregEdit.wsf script found in C:\Windows\System32 to configure Terminal Services (TS) behavior. TS is the method of remote controlling your Server Core system through Remote Desktop (RDP).

To view the current Terminal Server settings for Vista/Windows 2008 clients, at the server command prompt type:

c:\windows\system32\scregedit.wsf /AR /v

The following values correspond to the response generated by the scregedit.wsf script.

1 = Terminal Services Disabled (remote access disabled)

0 = Terminal Services Enabled (remote access enabled)

To enable Terminal Services access from Vista/Windows 2008, at the server command prompt type:

c:\windows\system32\scregedit.wsf /AR 0

To disable Terminal Services access from Vista/Windows 2008, at the server command prompt type:

c:\windows\system32\scregedit.wsf /AR 1

Note:

The /AR setting applies to Windows Vista/2008 machines. If you want to allow Terminal Services connections to the Windows 2008 server from Windows XP machines, you have to use the /CS switch.

To view the current Terminal Server settings for Windows XP clients, at the server command prompt type:

c:\windows\system32\scregedit.wsf /AR /v

To enable Terminal Services access from Windows XP, at the server command prompt type:

c:\windows\system32\scregedit.wsf /CS 0

To disable Terminal Services access from Windows XP, at the server command prompt type:

c:\windows\system32\scregedit.wsf /CS 1

You could also edit the registry directly to enable Terminal Services using the same registry entry I wrote about when describing how to enable remote access for Windows XP machines remotely.

Finally you will need to create a hole in your server’s Windows Firewall for inbound RDP traffic on port 3389. KB 947709 details how to use the netsh advfirewall firewall command to configure the firewall in several different ways. I suggest running the following at the server command prompt:

netsh advfirewall firewall set rule group=”remote desktop” new enable=yes

Howto: Shut down or reboot a Windows 2008 Server Core System


To shut down a Windows 2008 Server Core System, at the command prompt type:

Shutdown -s -t xx

where

-s = shut down

-t xx = time to wait before shutting down in seconds, where xx =0 to 600

To shut down a Windows 2008 Server Core System immediately, at the command prompt type:

Shutdown -s -t 0

where 0 = wait zero seconds (shut down immediately)

To restart a Windows 2008 Server Core System, at the command prompt type:

Shutdown -r -t xx

where

-r = reboot

-t xx = time to wait before shutting down in seconds, where xx = 0 to 600

To restart a Windows 2008 Server Core System immediately, at the command prompt type:

Shutdown -r -t 0

where 0 = wait zero seconds (reboot immediately)