Install a Root Certificate Authority on a Windows Server

Here I’m going to share the steps to configure a Certificate Authority in your environment with a windows based server. Most of the companies use Active Directory Certificate Services (AD CS) as their root Certificate Authority.

This root CA can be stand-alone or Enterprise CA, in my case I don’t have another CA and I’m installing this as an Enterprise CA on Windows Server 2008 R2.
Jump in to your server and open the Server Manager and add a new role by clicking the “Add Roles” option and click “Next” on the second step

Read More

SQL ODBC Connection Failure : SQLState: ‘08001’ SQL Server Error: 2

I wanted to configure a separate SQL server to do a vCenter migration and I was getting errors to connect to the DB server, I was able to fix this issue after doing some changes in the SQL server. Here, I thought to post the steps that I took to resolve the issue. I believe this post will help others who involved with the configuration and resolve these type of issues in the middle of their configuration without wasting more time on this.

I have installed a fresh SQL 2008 R2 server with the custom SQL instance (SQL Express instance name is not the default one). Installed the relevant SQL Native client and tried to connect to the DB Server. It was throwing the below error message
I did a search in the internet there were lots of different different post with the solutions. However this is how fixed this problem.

Read More

MDT 2013 reference Image Deployment error

I was working on a MDT 2013 Deployment and I was deploying a reference Image to test the MDT System. I got the below error message on the screen.

“Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:

  1. Insert your windows installation disc and restart your computer.
  2. Choose your language settings, and then click “Next.”
  3. Click “Repair your computer.”
If you do not have this disc, contact your system administrator or computer manufacturer for assistance. 
        File:  WindowsSystem32bootwinload.exe
        Status:  0xc000000f
        Info: The application or operating system couldn’t be loaded because a required file is missing or contains errors. “
I have mounted the captured image using DISM command
  • dism /mount-wim /wimfile:”E:ISOImagesCapture Image1CapIMG.wim” /index:1 /mountdir:”C:CapIMGMount”
Tried to unmount the image
  • dism /unmount-wim /mountdir:”C:CapIMGMount” /commit
Unmount was not successful and I have discarded the Mount point 
  • dism /unmount-wim /mountdir:”C:CapIMGMount” /discard
This time successfully unmounted the disk and tried again. 
It was working fine with MDT. 

Group Policy Preferences – Local Users and Groups password behavior changed : MS14-025

When it comes to Windows Active Directory environment system administrators needs to deploy Domain users as Local computer admins via Group Policy. You can simply do that in several ways like using Restricted Groups and Local Users and Groups section in the Windows settings. 
Here I’m more focusing on the local users and Groups in Windows settings | Control Panel section. You can simply create a GPO , edit and go to “Preferences | Control Panel | Local Users and Groups” as shown in below. 
You can simply administer these pushed local account as a normal domain user account, you can Create, Replace, Update, Delete accounts and you can change user account associated attributes as a normal domain account for these local accounts. 
But Microsoft has decided storing passwords (CPassword attribute) in Group Policy as a security breach and issued a patch (MS14-025) to disable this option in Windows. Once you install this hotfix these password fields will be grayed out.

Also below warning message will be displayed and will notify the security breach when you apply the “New Local User Properties”
As a security guidance finally Microsoft is blocking the feature which stores the passwords in Group Policy in their own system. However this patch is not automatically push in to the Server, this feature will be disabled only if you explicitly install it on your system.
This fix is available for all the available group policy consoles and can be found in here

How to create a Template in Hyper-V

If you are a Virtualization Engineer you might need to deploy VMs within few minutes for your requirements. You can follow the traditional way which you can build the VM from the scratch, install the OS and patch the server. This will reasonable time and sometimes you can’t wait until you complete this process. 
In a situation like this VM templates come in to play and will help you to quicker your process. In VMware there is a direct option to convert a VM to a template and in Hyper-V it is bit different. Here I’m going to show you how you can build your own template and deploy a VM from the template within few minutes. 
At least one time you need to follow the traditional way and you need to install and patch the server from the scratch. 
Once you done that, we can run the “sysprep” tool and “generalize” the current OS. If you select the “Generalize” option it will remove the unique information from your installation. Then it will start as a Windows fresh installation. 
  • Start your cmd as an “Administrator” and run the “sysprep” tool from “C:WindowsSystem32Sysprepsysprep.exe” location 

  • Once you get  the “System Preparation Tool” select the “Generalize” option and select Shutdown Option as “Shutdown” 
  • Now go to your VM installation folder and get the VHDX/VHD as your base VM VHDX disk. So in Hyper-V this is the Template. If you need you can rename it as “Template.vhdx” or any suitable name. Take a copy of VHDX as the HDD of your VM.
  • Now you need to create a new Hyper-V VM with your requirements CPU,RAM and all the other Hardware requirements except the OS HDD. Here I’m not going to show you how to create a VM in Hyper-V. At the “Connect Virtual Hard Disk” step you can select “Use an existing virtual hard disk” option or “Attach a virtual hard disk later” option I would recommend “Attach a virtual hard disk later”option. 
Note : If you are using a generation 1 VM you need to add this HDD as a IDE Controller and if it is a Generation 2 VM you can use it as an iSCSI disk since there is a boot missing issue exists if you use an iSCSI bootable disk with generation 1 VM. (You can’t use Generation 1 VM HDD for Generation 2VM).
  • Once you are done with VM creation power on the new Virtual Machine.

Now you can deploy any number of VMs from this template HDD, But you need to create a new VM allocating all the virtual hardware.

VMDK (VMware) to VHD (Hyper-V) Conversion

If you are a Virtualization Engineer you may experienced this requirement in your Virtualization Environment. As everybody know VMware and Hyper-V are major Virtualization products in the current Vortualization environment. 
Sometimes you might need to move in to VMware to Hyper-V and Hyper-V to VMware. Here I’m going to show you how to convert your VMware Virtual Machine to Hyper-V Virtual Machine. VMDK is the VMware HDD file type and VHD/VHDX are the Hyper-V file systems. What I’m going to do is convert VMDK file system (VMware HDD) to VHDX (Hyper-V HDD). Before you do that you need to download the  Microsoft Virtual Machine Converter and convert my VMDK file in to VHDX file format. Then create a VM in your Hyper-V environment ,attach the disk and boot the VM. Installation of this Microsoft Virtual Machine Converter is a pretty straight forward and hope you can manage the installation.

Also I would like to compare the VHD and VHDX Disk formats:

VHD Features

  • VHDs use a 512 byte block size internally
  • VHDs are limited to a 2TB
  • VHDs can’t be resized live.
  • Supported to Windows Server 2008, 2008 R2, 2012 and 2012 R2

VHDX Features

  • VHDXs use 4KB and allign really well with new HDDS (3TB+) – Best to format in NTFS File system 
  • Great handling of Snapshots
  • UP to 64TB Disk size support
  • Only Supported on Windows 8, Windows 2012 and Later 

We are going to do this from Windows Powershell and there are lots of things that we can do from these cmdlets. This is just a one use of this powerful tool.

First run your Powershell as an administrator and import the module in to the Powershell, you can use the below command:

Import-Module ‘C:Program FilesMicrosoft Virtual Machine ConverterMvmcCmdlet.psd1’

If you not import this module you can see the below execution error on the Powershell console:

Now execute the below command to start the conversion :

 ConvertTo-MvmcVirtualHardDisk -SourceLiteralPath < Source VMDK file name and path> -VhdType DynamicHardDisk -VhdFormat vhdx -DestinationLiteralPath < Destination VHD File name and path>

Now this will start the conversion

You can see the below completion screen after that.

Check your VHDX HDD under your destination folder

Now add this HDD to your Hyper-V server and Start. Now you are running the same server in Hyper-V environment.

Now you need to setup the IP Settings. All done. 

Channel9 : Microsoft’s Largest Cloud VMs – Azure GS Series

From Channel 9 : “The GS series is powered by the Intel Xeon E5 v3 family processors, the GS-series can have up to 64TB of storage, provide 80,000 IOPs (storage I/Os per second) and deliver 2,000 MB/s of storage throughput. It offers the highest disk throughput, by more than double, of any VM offered by another hyperscale public cloud provider. Furthermore, both the G-series and GS-series offer up to 20 Gbps of network bandwidth, more than double that of the closest VMs of any hyperscale public cloud provider.”

See Mark Russinovich ( CTO of Azure ) demos the new GS variant of VMs on Azure on Channel 9

DNS Delegation : Access external website with the same name as your Windows domain name

As an IT administrator or Systems Engineer sometimes you may aware with this issue if you have the company website with the same name as your Windows domain. You can simply delegate your website hosted external name servers to resolve these DNS requests.

In my case I have an internal domain with TECHCRUMBLE.NET name and I’m not able to access my blog with the computers which are in the LAN network. 

Here , I’m going to show you how to create a “DNS Delegation” in my DNS server to resolve the requests with the help of external hosted nameservers. 
Let’s jump in to the DNS Server and start the configuration.
  • Right click on your domain name and select “New Delegation…”

  • Then it will start the “New Delegation Wizard” , click “Next” to continue 

  • At the next step type “www” on the “Delegated Domain” text box and click “Next” to continue 
  • At the next step click on “Add…” button 
  • Under “New Name Server” window type the external Name server FQDN and click on “Resolve” to resolve the name server, once it successfully resolved the IP Address of the external name server click on “OK” to add the record. 
  • Add all the available name servers and click “Next” to continue 
  • Click on “Finish” to complete the configuration 

  • Check and confirm the name servers under “www” delegation 
  • All done! , now try to access the website 
There we go,… now you can access your website from your internal network. 
Thank You for viewing my post.