Tag Archives: Windows Server 2008 R2

Microsoft Windows Server R2 or Windows 7 rebooting while configuring updates

Great tip from Josh -

If Microsoft Server R2 or Windows 7 is stuck rebooting while configuring updates (pic below), follow these steps -

Problem-Windows Server R2 stuck in boot loop

  • Boot from the Server 2008 DVD (or Windows 7)
  • Select the command prompt
  • Type   del c:\windows\winsxs\pending.xml    
  • (This can be done in safe MODE in SOME situations see below)
  • Once this is done, reboot to the HDD

If you use safe mode, you may get an access is denied when deleting 

  • Click the orb – All programs – Accessories, right-click “command prompt” and select “Run as Administrator” (or type CMD in the search box and right-click and Run as Administrator
  •  In this case, you may have to take ownership -

Type the following commands

takeown /f C:\Windows\winsxs\pending.xml

cacls C:\Windows\winsxs\pending.xml /G Username:F

del C:\windows\winsxs\pending.xml

Realtek PCIe GBE Family Controller performance issues

UPDATE-2013 driver now available!

If you have the Realteck PCIe GBE Family Controller adapter and are experiencing performance issues on your network, download the latest driver.  The driver (Version 7.65) is far superior to other Realteck PCIe GBE Family Controller drivers.   The driver is shown as 7.065 on the website.

Our performance issue involved ApplicationXtender an archive system that uses Microsoft SQL to scan documents.   This type of application is dependent on a reliable network and speed.

Old Driver
Average open time – 2 mins 30 secs (if the end user did not click the application, causing a hang)
Query time            -  45 secs to – query box
Query process time-  1 min 10 secs  - display document
New Driver
Average open time –  1-2 secs
Query time            -  1-2 secs to – query box
Query process time-  1-2 secs – display document

Navigate to http://www.realtek.com/downloads/ to obtain the latest driver.

Click on Communications Network ICs – Network Interface Controllers -
10/100/100M Gigabit Ethernet – PCI Express – Software (Select your OS – we are updating the Windows drivers)

Realtek site one   realtek site two

Realtek site three   realtek site four

Realtek site five

The US sites at the time of this writing produced a popup window that began the navigation over on Realtek’s site.   The UK site produced the download.

Realtek site six

The driver will be Driver_Win7_7065_11212012.zip.

Driver from site

You will notice that the 7.065 driver is really the 7.65 driver once it is installed (at the time of this writing).

Driverino old driver
 Old Driver

driverinfo

Go to the Advanced Tab and disable everything but Flow Control. 

turnoff

Remember when working with network card drivers, you will lose connectivity during the installation of drivers.

Another way to get detailed IP address information and control the Windows Firewall by a command line

You’ve probably used IPConfig to get your IP address and have even used IPConfig /all.   So what is another way to see your configuration?

netsh interface ip show config

This command gives your NIC card information

What if you wanted to open a port quickly on your client computers?  You can write a quick script and use -

netsh firewall set portopening tcp 445 smb enable    (Replace the 445 with the port number you need to open)

What rules have you set on your firewall?
netsh advfirewall firewall show rule name=all

The rules will ‘fly’ by so you can use the following command to ‘capture’ all of the rules to a text file
netsh advfirewall firewall show rule name=all >c:\text\firewallrules.txt

Or you can use these to turn it on or off -
netsh advfirewall set allprofiles state on
netsh advfirewall set allprofiles state off

View Open Files on Server 2008

Before rebooting a server, you should see who has open files so you won’t corrupt data or knock a user offline.

Server 2008 has moved where you can view these.

To see the open files, right click on computer.   Select Manage.  Click Roles – File Services – Share and storage management.  Choose Action and then manage open files.

 

Learn Windows Server 2008 r2 – Free

I was talking to Dawn (a co-worker) the other day and we thought back 10 years ago when she was in school….we didn’t have any of the resources that students have today.  Today students can learn on their own with a ton of resources on the web.

Microsoft has been criticised lately about innovation and today they have office.live.com allow anyone to have office for free on the web along with skydrive and 25 gb of storage for free.   Microsoft also has e-learning that has tons of free classes on software from Office, Windows, Security, Server, SharePoint and other free classes.   – Have you even seen Microsoft’s Technet?  Thousands of articles and How-to’s….

Microsoft even offers virtual servers you can test drive and evaluate.  This virtualization in the cloud is an excellent way to learn Server by using a real server and even printing the pdfs for the exercises.

This slideshow requires JavaScript.

How to increase Active Directory Speed

Active Directory is one of the mostly widely used models to push policies and to secure your enterprise.

Many IT personnel complain of degrading performance after a period of time.   Although Windows tries to keep Active Directory defragged, the Active Directory database can begin to grow even when you delete users and adjust it.  More on this later….

  • Memory (Always use 64bit Windows – Migrate to Server 2008 R2)  - use 8gb or more when possible
  • Memory Speed – Look for HyperX and other high quality memory
  • Motherboard Choice – FSB, Chipset,  ports, controllers  (Motherboard selection should come after CPU)
  • Processor – select multi-core/multi-CPU
  • Power –  We live in a ‘Green’ world but don’t rob your system of power
  • Hard Disks – Use SATA 6.0 for small / medium enterprises and SCSI for large enterprises
    -Put your OS on one drive, active directory on a second drive
  • Defrag Active Directory (2008)
So how do you defrag Active Directory?

 

Two-step authentication verifies user logins for your computer

PhoneFactor offers a two-step authentication when logging on to your computer.  This helps to verifiy user logins for a workstation or server.

How does it work?

Enter your username and password into your computer.   PhoneFactor then calls you.  Press the # or enter a PIN number or PhoneFactor can send you a text message containing a one-time passcode where you reply with your password or PIN.

A third factor of authentication allows you to speak a short passphrase into your phone during the authentication process.

PhoneFactor is free.  Other packages are available for medium and large organizations.

Deploying IPv6 in Server 2008 and Server 2008 R2

Deploying IPv6 in Server 2008 and Server 2008 R2

Microsoft has made changes to common features of obtaining and using IP addresses.  With the end of IPv4 coming, DNS support and DHCP are the two biggest changes.

One change known as Intra-Site Automatic Tunnel Addressing Protocol or ISATAP.  Server 2008 will not generate ISATAP if no ISATAP router is in your network.   This prevents computers and nodes from connecting to your server using IPv6 packets that are encapsulated in IPv4 packets.  ISATAP can be enabled manually to support any IPv6 apps that you have.

This can be done by going to a command prompt and typing: netsh interface ipv6 istap set state enabled

FYI – Windows Server 2003, Windows 7, Windows Vista and Windows XP (with service packs) will allocate an address to the ISATAP interface even when the hostname (ISATAP) cannot be resolved.

Planning on configuring an ISATAP server?  You can enable a Server 2008 DNS to serve responses to any queries for an A record fo the hostname ISATAP.

Open the registry.  Navigate to the entry -

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\GlobalQueryBlockList

Remove the ISATAP entry and restart your DNS Server.  If you have multiple DNS Servers, you will need to make this change if ISATAP is defined in the DNS.

When you plan for IPv6, you’ll need to decide to use public (globally aggregatable) or private ip addressing.   So here you go – if you decide on public, you have to get an IPv6 address prefix from your ISP. Note: If they don’t provide support of IPv6 at this time, you can get one from a tunnel provider.

Many administrators are deciding to use private IPv6 addresses (known as locally unique address).  This allows them to become familiar with IPv6.  They can then get global addresses later.  During this transition, examine all of the devices in your network and look for devices that will need to be upgraded.   IPv6 and IPv4 are designed to work together for now.  The primary infrastructure (during your IPv6 examination) of your network that takes computers out to the internet are the computer’s operating system, switches (managed), DHCP Servers, DNS Servers, firewalls, load balancers (gateways/load balancers) and your router.   Managing and migrating to Server 2008 and utilizing private IPv6 gets you to a point where all you have to do is wait on your ISP.  Once you have your infrastructure in place, this will give you time to ‘play’ with your network and IPv6.

Most networks today (medium to large) use private IPv4 addresses.  These networks usually rely on a NAT device such as a firewall or router that allows a transition from private (10.x.x.x, 172.16.x.x or 192.168.x.x) to a public number.

So what happens once your devices are in place?   Routers will begin to support router solicitation.  In other words, your router will advertise a unique IPv6 address prefix on each interface that attaches to it.  So if you use global (public) aggregatable IPv6 addresses, you will probably get an IP address that begins with 2001::/16.  If you get locally IPv6 address, they will begin with fd00::/8.

And just for the record, Dawn, Mike and I will pull our hair out before it is over.

Look for our future article on configuring the server.

Inactive User Monitor

Want to know who is not logging in to your servers?  Need to clean up a computer’s users and help protect the security of your computers.  Inactive User Monitor allows you to see who has not logged in over a specific period of time.  A paid for version automatically notifies you and changes system information on the user account or can be customized to meet your needs.

NetWrix supplies many free programs that are useful with basic features.   This organization has SQL monitoring, file server monitor, disk space monitor and many other excellent programs available for free or paid additions.