Thursday, January 22, 2009

SCCM 2007 / SMS 2003 SQL Package Related Query


-----------------------------------------------------------------------------------------------------------------------------------
SQL Query:-->
-----------------------------------------------------------------------------------------------------------------------------------
To know the package Name and ID

SELECT     PackageID, Name
FROM         dbo.v_Package
-----------------------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------------------------------
SQL Query:-->

If you want to filter with the package ID then modify the Query to

SELECT     PackageID, Name
FROM         dbo.v_Package
WHERE     (PackageID = 'YourPKGID')

-----------------------------------------------------------------------------------------------------------------------------------
-------------------
Thanks,
http://sccm07.blogspot.com/


Failed to remove package from SMS / SCCM Retired/ Correpted distrubution point

Failed to remove package from a retired distrubution point

 

Select * from pkgservers where NALpath like '%\\retired DP path\DP$'
Select * from pkgstatus where pkgserver like '%\\retired DP path\DP$'

by runing above two commands verifiy that you have got the correct Correpted DP package ID or not. then if you find it you can safly run the below two commands to delete.


Next delete entries from any of the above tables to the invalid dp share.

Delete from pkgservers where NALpath like '%\\retired DP path\DP$'
Delete from pkgstatus where pkgserver like '%\\retired DP path\DP$'

This will be same for SMS 2003 and SCCM 2007
-------------------
Thanks,
http://sccm07.blogspot.com/

Wednesday, January 21, 2009

OSD error

Current issues which I amruning :)
 
OSD
 
 
 
 

-------------------
Thanks,
http://sccm07.blogspot.com/

SCCM OSD All Log Files

Operating System Deployment Log Files
 
The following table lists and describes the operating system deployment log files.
Log File Name Description
CCMSetup.log Provides information about client-based operating system actions.
CreateTSMedia.log Provides information about task sequence media when it is created. This log is generated on the computer running the Configuration Manager 2007 administrator console.
DriverCatalog.log Provides information about device drivers that have been imported into the driver catalog.
MP_ClientIDManager.log Provides information about the Configuration Manager 2007 management point when it responds to Configuration Manager 2007 client ID requests from boot media or PXE. This log is generated on the Configuration Manager 2007 management point.
MP_DriverManager.log Provides information about the Configuration Manager 2007 management point when it responds to a request from the Auto Apply Driver task sequence action. This log is generated on the Configuration Manager 2007 management point.
MP_Location.log Provides information about the Configuration Manager 2007 management point when it responds to request state store or release state store requests from the state migration point. This log is generated on the Configuration Manager 2007 management point.
Pxecontrol.log Provides information about the PXE Control Manager.
PXEMsi.log Provides information about the PXE service point and is generated when the PXE service point site server has been created.
PXESetup.log Provides information about the PXE service point and is generated when the PXE service point site server has been created.
Setupact.log Setupapi.log Setuperr.log Provide information about Windows Sysprep and setup logs.
SmpIsapi.log Provides information about the state migration point Configuration Manager 2007 client request responses.
Smpmgr.log Provides information about the results of state migration point health checks and configuration changes.
SmpMSI.log Provides information about the state migration point and is generated when the state migration point site server has been created.
Smsprov.log Provides information about the SMS provider.
Smspxe.log Provides information about the Configuration Manager 2007 PXE service point.
SMSSMPSetup.log Provides information about the state migration point and is generated when the state migration point site server has been created.
Smsts.log General location for all operating system deployment and task sequence log events.Log file location:·         If task sequence completes when running in the full operating system with a Configuration Manager 2007 client installed on the computer: <CCM Install Dir>\logs·         If task sequence completes when running in the full operating system with no Configuration Manager 2007 client installed on the computer: %temp%\SMSTSLOG·         If task sequence completes when running in WindowsPE: <largest fixed partition>\SMSTSLOG

Note
<CCM Install Dir> is %windir%\system32\ccm\logs for most Configuration Manager 2007 clients and is <Configuration Manager 2007 installation drive>\SMS_CCM for the Configuration Manager 2007 site server. For 64-bit operating systems, it is %windir%\SysWOW64\ccm\logs.
TaskSequenceProvider.log Provides information about task sequences when they are imported, exported, or edited.
USMT Log loadstate.log Provides information about the User State Migration Tool (USMT) regarding the restore of user state data.
USMT Log scanstate.log Provides information about the USMT regarding the capture of user state data.

-------------------
Thanks,
http://sccm07.blogspot.com/

Tuesday, January 20, 2009

Remote Desktop Cut and Paste does not work

RDP Cut or Copy and Paste does not work

Issue:

When using RDP you may not be able to cut and paste information between your local and remote sessions.

Cause:

The rdpclip.exe processing may not be running on the remote system. Alternatively, the clipboard chain may be incomplete.

Workaround:

Restart the rdpclip.exe process on the remote system.

More Information:
The following article has a good article on Clipboard chaining;

http://blogs.msdn.com/ts/archive/2006/11/16/why-does-my-shared-clipboard-not-work-part-1.aspx


-------------------
Thanks,
http://sccm07.blogspot.com/

Windows 2008 eBooks Resources

eBooks


-------------------
Thanks,
http://sccm07.blogspot.com/

Analyzing Windows Kernel Dumps

Analyzing Windows Kernel Dumps

 

This post contains information on steps I took to investigate a kernel mode dump with a repeatable 0x7F bugcheck caused on a workstation when printing a specific document to a generic LaserJet 4000 on a remote print server.

After analysing the kernel dump, the problem appeared to be occurring in the kernel-mode GDI win32k.sys driver, and using this information I was able to find a hotfix that did resolve the issue.

I don't pretend to understand a large portion of what was visible in the kanalyze results, but the information that I did glean was enough to point to the hotfix very quickly.

The following steps were taken to analyse the kernel dump created by the stop 0x7F error:

  1. Install debugging tools, The Kanalyze guide recommends version 6.5.3.8 32-bit (the most recent is dbg_x86_6.9.3.113.msi)
  2. Install Kanalyze 8.1. The default directory is c:\kktools\kanalyze8.1
  3. Copy c:\kktools\kanalyze8.1\x86\*.* to the '\Program Files\Debugging Tools for Windows' directory (including the plug-ins subdirectories)
  4. Run '\Program Files\Debugging Tools for Windows\kanalyze.exe
    1. Perform a new memory dump
    2. Type the location of the dump file (usually c:\windows\memory.dmp if a local dump)
    3. Leave the symbol and binaries path to the HTTP locations (requires Internet access)
    4. Select 'Show Detail' and then Next
    5. The crashdump analysis will begin, which can be relatively time consuming (~30 minutes for the small 87MB crashdump of my workstation).
  5. When the analysis is complete, select 'Browse' to view the results, including
    1. Analysis Summary – The automatically generated summary, providing a best-guess of the potential cause of the crash. Note that in this crash, the AnalysisSummary.txt file shows that the best guess was rdbss.sys – the redirected drive buffering subsystem, used by the SMB mini-redirector.
    2. Analysis TriageInfo CrashStackInfo – Information on the kernel stack at the time of the crash. For this crash, this information seems more useful, as it shows the GDI bitblt and dithercolor functions being called, followed by a divide by zero trap in the kernel and the bugcheck. This gives quite a bit more information to go on when searching for cause and resolution
    3. Analysis TriageInfo CrashProcess – The process that caused the crash, in this case, winword.exe, providing information on the memory and processed (useful for other areas in the debug namespace)
    4. Analysis TriageInfo CrashThread – The thread that caused the crash, in this case, the kernel thread ID and start address space, useful for other areas in the debug namespace
    5. Analysis Deadlock – Current deadlocks – conflicts between threads trying to exclusively access code. Locks occur constantly, but a deadlock can occur when two or more threads have code locked and are waiting for the other(s) to continue. The deadlock in this scenario is presumed to be a result of the divide by zero kernel error, and not causative
    6. Root – Provides an interesting overview of the memory allocation of the system, including boot, HAL, non-paged/paged, kernel and usermode address spaces.

The following stack information from the crash dump was what pointed me in the hotfix direction, the bitblt and drvdither calls which resulted in a divide by zero error in the kernel:

            +------------+           |            |   StackLimit   = aa1f5000           +------------+           |      :     |           +------------+           |            |   KernelStack  = aa1f85d8           +------------+    /|     |            |     |     |      :     |     |     |            |   stack   +------------+   growth  |            |   InitialStack = aa1f9000           +------------+  ChildEBP Ret-Addr Called Procedure --------------------------------------------------------------------------- aa1f8984 80596813 nt!KeBugCheck + 14 aa1f89dc 8053d60f nt!Ki386CheckDivideByZeroTrap + 41 aa1f89dc bf903230 nt!KiTrap00 + 83 aa1f8a94 bf81af4d win32k!UMPDDrvDitherColor + 7d aa1f8b24 bf826e70 win32k!bGetRealizedBrush + 2bd aa1f8b3c bf82f869 win32k!pvGetEngRbrush + 1f aa1f8b98 bf805363 win32k!EngBitBlt + 283 aa1f8be8 bf80bd41 win32k!GrePatBltLockedDC + 1ea aa1f8d54 8053c9fa win32k!NtGdiFlushUserBatch + 689 aa1f8d70 aaea754a nt!KiFastCallEntry + ca aa1f8ddc 805411c2 rdbss!RxpWorkerThreadDispatcher + 18a aa1f8de8 00000000 nt!KiThreadStartup + 16  

Notes:

  1. The analysis requires more than a minidump. Use sysdm.cpl Advanced Startup and Recovery Settings to write at least a 'Kernel memory dump', rather than a small / minidump.
  2. The console can be used to execute plug-in commands, or standard kernel debug commands (eg VIEWCMD or kd !ntsdexts.locks). Either click on the console button, or use the File Command Window menu option on the browser

References

Debugging Tools – v6.5.3.8:
http://msdl.microsoft.com/download/symbols/debuggers/dbg_x86_6.5.3.8.exe

Kernel Memory Space Analyzer Version 8.1
http://www.microsoft.com/Downloads/details.aspx?FamilyID=e84d3b35-63c3-445b-810d-9fed3fdeb13f&displaylang=en

First Step Guide to Kernel Memory Space Analyzer V8.1 (Kanalyze)
http://download.microsoft.com/download/8/3/5/835efd1b-d801-4aa5-84ab-c4809fb493f4/Kanalyze%20First%20Step%20Guide%20V8.1.ppt

BitBlt
http://msdn.microsoft.com/en-us/library/ms532278(VS.85).aspx

DrvDitherColor
http://msdn.microsoft.com/en-us/library/ms793395.aspx

Debugging Deadlocks (No Ready Threads)
http://msdn.microsoft.com/en-us/library/cc267852.aspx

Error message when you try to print after you install the GDI security update 925902: "Stop 0x0000007F"
http://support.microsoft.com/kb/935843


-------------------
Thanks,
http://sccm07.blogspot.com/

This was a basic overview of the ‘for’ command

This was a basic overview of the 'for' command

This is the first in a series of posts containing information on what I consider the building blocks to automate repetitive tasks at the Windows command-line. These components are the for, find, findstr, set, if and echo commands, control files used for data input, combined with errorlevels, command concatenation, nested loops and if/then/else constructs.

Described in this post is the 'for' command, the most important component in command-line automation. This command provides several methods of looping through a list, and running a command against each element in that list. Use the 'for /?' to get Microsoft help on this command.

Using the 'for' command with one of the syntaxes below provides many benefits, including:

  • Repeatability – If you save the command you run, it can be re-run several or hundreds of times
  • Change control and testing – It's easy to record what you are planning and simple to run the same commands in a test-lab environment. The output of commands can also be redirected to file, making accountability much easier. Using control files also provides a straightforward method of recording the targets of various actions, knowing that you have one master list, and do not risk accidentally missing an entry.
  • Documentation – Implementation using a series of commands very easily translates to an as-built document – with the added benefit of providing a quicker DR process.
  • Efficiency – Even though designing the command for the first run may not be as quick as using the GUI, every time after that will usually be much quicker, and previous commands can often be quickly adapted to new tasks.

You can use the 'for' command to:

Process a set of filenames or string literals

The filenames or literals can either be directly named in a space-separated set, or you can use wildcards to process more than one file. For example:
for %i in (*.txt) do echo %i
for %i in (test1.txt test2.txt) do echo %i

For example, I would use this syntax if I'm trying to:

Quickly execute something against a group of machines, eg ping each machine:
for %i in (server1 server2 server3 server4) do ping -n 1 %i

Process a series of data files that I have created from another process, eg this uses the regview utility to export the registry entries modified by *.pol files into *.txt:
for %i in (*.pol) do regview %i > %i.txt

Quickly execute the same command with a different variable, eg use the setprinter utility to view all levels of configuration for the specified printer (you could also use for /l in this example):
for %i in (0 1 2 3 4 5 6 7 8 9) do setprinter -show \\server\printer %i

Process a set of directories

The directory names can either be directly named in a space-separated set, or you can use wildcards to process more than one directory. For example:
for /d %i in (%windir%\*) do echo %i
for /d %i in (c:\temp c:\windows) do echo %i

I would use this syntax if I'm trying to do something with each top-level directory, for example:

Report or set ACLs:
for /d %i in (%rootDir%\*) do icacls %i /save %~ni.txt

Rename all the top-level directories to start with a new prefix:
for /d %i in (%rootDir%\*) do ren %i New-%~ni

Process the contents of a text file, line by line

The contents of a file – which I usually refer to as a control file – can be read line-by-line and your command would be run once for each line, substituting tokens from the control file. This provides unlimited capability – construct a control file through any means available and you can then process the entries one-by-one and run a command against that entry.

Note that in Vista at least, just a LF is enough to separate the lines, rather than the Windows standard CR+LF.

For example, assuming you have a control file with a list of servers or workstations, you could:

Lookup the IP address of each machine:
for /f %i in (test.txt) do nslookup %i

Ping each machine:
for /f %i in (test.txt) do ping %i

Remote dir of each machine:
for /f %i in (test.txt) do dir \\%i\c$

I use this constantly to run a command against multiple AD objects, machines, printers, or other network devices, whether the command queries or checks something, or makes a change to each device.

Process the results of a command, line by line

The results of almost any command can be used as the looping mechanism for a 'for /f' command, providing an in-memory control file. For example, you could:

Find the local hostname and then nslookup the computer (you could also use %computername% for this):
for /f %i in ('hostname') do nslookup %i

Query the local Active Directory for a list of DCs (server records) and lookup the IP of each DC:
for /f %i in ('dsquery server -o rdn') do nslookup %i

Recursively enumerate a path

It's possible to recursively enumerate files or directories from a specified starting location, passing each to the body of the for loop. This provides a rudimentary search and response facility, allowing you to traverse a tree looking for objects of a particular type – and then execute something for each found.

For example, you could search from the root of C: for *.txt files, and then report the filename and size (you would just use dir /s if all you wanted to do was echo)
for /r c:\ %i in (*.txt) do echo %i %~zi

Step through a sequence of numbers and execute for each

The 'for /l' option allows stepping through a sequence of numbers, passing the number as a parameter to the body of the 'for' loop.

I don't use this method very often, but it would be another method to the setprinter command above:
for /l %i in (1,1,9) do setprinter -show \\server\printer %i

Variable Expansion

When using 'for', 'for /f' and 'for /d' variable references can also be modified to return substrings or additional information. Note that when using 'for /f', most of these only make sense if you are processing lists of files or directories, but if you did have a control file with files/paths variable expansion does work as expected.

This substitution can be very useful, particularly when constructing parameters to pass to the command in the body of the 'for' loop. For Example:

If you had a number of control files that you wanted to process, outputting the results to a same-named log file:
for %i in (c:\temp\*.txt) do echo Do something with %i > %~ni.log

If the output of a previous command wrapped the results in quotes, but you need to append/prepend something else you can easily remove surrounding quotes:
for /f %i in ('echo "c:\windows"') do echo %~i\temp

Given a list of files, echo those that are zero bytes in size:
for %i in (c:\temp\*.txt) do @if %~zi == 0 @echo %i

Given a full path, split into drive, path and filename:
for %i in (c:\windows\temp\test.txt) do echo %~di %~pi %~nxi

Tokens, delimiters and skipping lines

The simple functionality of the 'for /f' command can be extended very easily with three options:

  1. Tokens – By default only the first token is returned in the variable specified. You can change this behaviour to return one or more tokens, eg tokens=2,3,5 or tokens=1-3 would populate %i, %j and %k with the respective tokens
  2. Delimiters – Instead of the normal space and tab delimiters, one or more alternate characters can be specified. For example, you can specify a comma as a delimiter to process as CSV file
  3. Skipping lines – the skip command can be used to skip one or more lines from the start of a control file, useful when trying to skip a header line, or bypass logo information in a command result.

These options can be used individually or as a combination, for example:

Skip the first line of the control file:
for /f "skip=1" %i in (test.txt) do echo %i

Skip the first line, and use comma's as the delimiter:
for /f "skip=1 delims=," %i in (test.txt) do echo %i

Skip the first two lines, use the second token, separated by comma and space:
for /f "skip=2 tokens=2 delims=, " %i in (test.txt) do echo %i

This was a basic overview of the 'for' command, future posts will build on this foundation with multiple commands, error levels, if/then/else statements and nested 'for' loops.

Yes.............Life is a batch, and then you FLY -------------------

 

-------------------
Thanks,
http://sccm07.blogspot.com/

Finding duplicate DNS records

Finding duplicate DNS records

 

Internal DNS in many organisations is usually a little messy and if tasked with cleaning it, my first step would be to identify duplicate records in DNS - either an IP address that is recorded against multiple host names or a host name with multiple host (A) records. Assuming you have a file containing one record per line, this is fairly simple to report on.

The following examples use dnscmd.exe, which assumes Windows 2000/2003 DNS, but you could use any input, as long as it contains a name and an IP.

The two commands:

  1. dnscmd %dnsServer% /enumrecords test.local @ /additional /continue | find /i /v "Aging:" | find /i "192.168" > DNSRecords.txt
  2. echo. > DuplicateIPs.txt & (for /f "tokens=1,4" %i in (DNSRecords.txt) do @if "%j" NEQ "" @find /i "%j" DuplicateIPs.txt >nul & if errorlevel 1 for /f "tokens=1" %m in ('"findstr /i "%j$" DNSRecords.txt | find /i /c "%j""') do @if %m GTR 1 (@echo %j,%m: & findstr /i "%j$" DNSRecords.txt & echo.) >> DuplicateIPs.txt) & type DuplicateIPs.txt


The first command uses dnscmd to enumerate the records from the root of the test.local zone and exclude aging (dynamic DNS) records. The last find command further filters the output by IP, which can be useful when targeting specific subnets/sites. You might also want to check aging dynamic records instead of static to see how well scavenging is working – if you do, just change the tokens to 1,5 instead of 1,4 (as the aging data is another token separating the name and IP).

The second command:
  1. Creates a new file called DuplicateIPs.txt in the current working directory
  2. Iterates through each line in the DNS record dump, extracting the first and fourth token (Name and IP)
  3. The commands in the first FOR loop check there is a value, then check the value hasn't already been processed in the duplicate list (otherwise you'd have duplicates of each duplicate) and then counts the duplicates and appends them to the file.
  4. The final command types the duplicate IP file created by the for loop iteration.

For example, supposing your DNS export contained the following records:
 printer1 3600 A 192.168.10.100 printer2 3600 A 192.168.10.101 printer3 3600 A 192.168.10.100 printer4 3600 A 192.168.10.102 printer5 3600 A 192.168.10.103 printer6 3600 A 192.168.10.100 printer7 3600 A 192.168.10.102 


After running the second command above, a file called DuplicateIPs.txt would be created and then typed to the prompt:
 192.168.10.100,3: printer1 3600 A 192.168.10.100 printer3 3600 A 192.168.10.100 printer6 3600 A 192.168.10.100  192.168.10.102,2: printer4 3600 A 192.168.10.102 printer7 3600 A 192.168.10.102 


The command below is modified to report duplicate names instead of IP addresses. This was done by using the first token (%i) instead of the second (%j), and modifying the findstr command to use a literal string search ending with a space rather than the regular expression EOL:

echo. > DuplicateIPs.txt & (for /f "tokens=1,4" %i in (DNSRecords.txt) do @if "%i" NEQ "" @find /i "%i" DuplicateIPs.txt >nul & if errorlevel 1 for /f "tokens=1" %m in ('"findstr /i /c:"%i " DNSRecords.txt | find /i /c "%i""') do @if %m GTR 1 (@echo %i,%m: & findstr /i /c:"%i " DNSRecords.txt & echo.) >> DuplicateIPs.txt) & type DuplicateIPs.txt


If you wanted a summary rather than the detail of each duplicate, you could also run the following command:

echo. > DuplicateIPSummary.txt & (for /f "tokens=1,4" %i in (DNSRecords.txt) do @if "%j" NEQ "" @find /i "%j" DuplicateIPSummary.txt >nul & if errorlevel 1 for /f "tokens=1" %m in ('"findstr /i "%j$" DNSRecords.txt | find /i /c "%j""') do @if %m GTR 1 (@echo %j,%m) >> DuplicateIPSummary.txt) & type DuplicateIPSummary.txt


In the example above, this would produce the following report:
 192.168.10.100,3 192.168.10.102,2 


I use this sort of command to generate reports on duplicates, in this case from DNS, but it could also be useful in DHCP, WINS, or any number of Active Directory objects/attributes. People (myself included) are often wary of automated processes that make changes, but this is an excellent example of how powerful read-only automated commands can be – you can take thousands of objects and produce a report in seconds to quickly identify inconsistencies in an environment.

Dnscmd Overview
http://technet.microsoft.com/en-us/library/cc778513.aspx
-------------------
Thanks,
http://sccm07.blogspot.com/

Find the URLs of the currently running Internext Explorer Windows


' VBScript
' Find the URLs of the currently running Internext Explorer Windows

' References:
http://windowssdk.msdn.microsoft.com/en-us/library/ms630310.aspx
http://msdn.microsoft.com/library/default.asp?url=/workshop/browser/webbrowser/reference/objects/internetexplorer.asp

Const IE_EXE = "iexplore.exe"

Call FindCurrentURLs(strURLSet)
WScript.Echo strURLSet

wscript.quit(0)

Function FindCurrentURLs(ByRef strURLSet)
 Dim objShell, objWindowSet, objWindow
 Dim strwindowName, strURL, strFullName

 Set objShell = CreateObject("Shell.Application")    ' Create a Windows shell automation object
 Set objWindowSet = objShell.Windows      ' Get the collection of open windows belonging to the shell

 Wscript.Echo "Processing " & objWindowSet.Count & " windows"   ' Report how many instances were found

 For Each objWindow in objWindowSet      ' For each InternetExplorer object in the ShellWindows set
  strFullName = objWindow.FullName     ' Get the full path and executable of this window
  If InStr(1, strFullName, IE_EXE, 1) <> 0 Then    ' Is this an IE shell object?
   strURL = objWindow.LocationURL     ' Get the URL

   If strURL <> "" Then
    strURLSet = strURLSet & vbCRLF & strURL   ' Append to the set of URLs
   End If
  Else         ' No, probably explorer.exe skip
   WScript.Echo "Skipped " & strFullName & " - not IE"
  End If
 Next

 If Len(strURLSet) >= Len(vbCRLF) Then strURLSet = Right(strURLSet, Len(strURLSet) - Len(vbCRLF)) ' Strip the leading vbCRLF
 
 Set objShell = Nothing
 Set objWindowSet = Nothing : Set objWindow = Nothing
End Function

-------------------
Thanks,
http://sccm07.blogspot.com/

Enumerating URLs in Internet Explorer

Enumerating URLs in Internet Explorer

 

# PowerShell

$shell = new-object –com Shell.Application

$windows = $shell.Windows()

write-output ($windows.count.ToString() + " windows found")
foreach ($window in $windows) {
  if ($window.FullName -like "*iexplore*") {
    write-output ($window.LocationURL + ", " + $window.LocationName)
  }
}

$shell = $null



' VBScript
' Find the URLs of the currently running Internext Explorer Windows

' References:
http://windowssdk.msdn.microsoft.com/en-us/library/ms630310.aspx
http://msdn.microsoft.com/library/default.asp?url=/workshop/browser/webbrowser/reference/objects/internetexplorer.asp

Const IE_EXE = "iexplore.exe"

Call FindCurrentURLs(strURLSet)
WScript.Echo strURLSet

wscript.quit(0)

Function FindCurrentURLs(ByRef strURLSet)
Dim objShell, objWindowSet, objWindow
Dim strwindowName, strURL, strFullName

Set objShell = CreateObject("Shell.Application")    ' Create a Windows shell automation object
Set objWindowSet = objShell.Windows      ' Get the collection of open windows belonging to the shell

Wscript.Echo "Processing " & objWindowSet.Count & " windows"   ' Report how many instances were found

For Each objWindow in objWindowSet      ' For each InternetExplorer object in the ShellWindows set
  strFullName = objWindow.FullName     ' Get the full path and executable of this window
  If InStr(1, strFullName, IE_EXE, 1) <> 0 Then    ' Is this an IE shell object?
   strURL = objWindow.LocationURL     ' Get the URL

   If strURL <> "" Then
    strURLSet = strURLSet & vbCRLF & strURL   ' Append to the set of URLs
   End If
  Else         ' No, probably explorer.exe skip
   WScript.Echo "Skipped " & strFullName & " - not IE"
  End If
Next

If Len(strURLSet) >= Len(vbCRLF) Then strURLSet = Right(strURLSet, Len(strURLSet) - Len(vbCRLF)) ' Strip the leading vbCRLF

Set objShell = Nothing
Set objWindowSet = Nothing : Set objWindow = Nothing
End Function


-------------------
Thanks,
http://sccm07.blogspot.com/

Removing Distribution Points if not needed

If a server is decommissioned before removing SMS, orphaned Distribution Points are left in the SMS 2003 database. This becomes apparent in the SMS Administrator Console when trying to add a package to a Distribution Point, showing blank DP entries.


Method 1 - Use the CleanDP.vbs VBScript

cscript CleanDP.vbs %server%


Method 2 - Use WMIC


Query for the distribution points for the server:

wmic /namespace:\\root\sms\site_%sitecode% /node:%server% path sms_distributionpoint WHERE "ServerNALPath like '%serverToDelete%'" get *

And then execute the delete method against the distribution point:

wmic /namespace:\\root\sms\site_%sitecode% server% path sms_distributionpoint WHERE "ServerNALPath like '%serverToDelete%'" delete

Note that the delete command can be quite powerful, use the /interactive:on global switch to prompt for each deletion.

Method 3 - Use the WMI CIM Studio

The Microsoft WMI CIM Studio application provides a GUI interface for WMI management, allowing connections to servers and paths, along with executing WQL queries and providing the possibility of deleting the result set.

' -- CleanDP.vbs
'
' Update strSiteServer and strSiteCode, and uncomment the objDP.Delete_ line
'
strSiteServer = "SERVER"
strSiteCode = "AAA"

If WScript.Arguments.UnNamed.Count = 1 Then
strServer = WScript.Arguments.UnNamed(0)
Else
WScript.Echo "Provide a server to delete all the packages from"
WScript.Quit(2)
End If

wscript.echo strserver

Set objNameSpace = GetObject("winmgmts:" & "\\" & strSiteServer & "\root\sms\site_" & strSiteCode)

strQuery =  "SELECT * " & _
  "FROM SMS_DistributionPoint " & _
  "WHERE ServerNalPath Like '%" & strServer & "%'"

Set objDPSet = objNameSpace.ExecQuery(strQuery)
For each objDP in objDPSet
wscript.echo objDP.PackageID & ", " & objDP.SiteCode & ", " & objDP.ServerNALPath & ", " & objDP.Status
'objDP.Delete_
Next

'--

-------------------
Thanks,
http://sccm07.blogspot.com/

Useful DNS, DHCP and WINS command-line operations

Useful DNS, DHCP and WINS command-line operations

 

The commands below are a subset of the complete command list found in Useful command-lines, and are command-line operations for core network services - DNS, WINS and DHCP. Most of these commands are queries, useful for once-off or repeated information gathering for reporting, trending, troubleshooting or diagnostics.

Each command-line can be copied and pasted at the command prompt, if you use a batch file you'll need to reference variables with double-percent (%%).

DNS command-line operations


Query DNS forest-wide partition replica
dsquery * "DC=ForestDNSZones,dc=forestRootDomain

Add a CNAME record to DNS
dnscmd %server% /recordadd %zone% %AliasName% CNAME %HostnameAliasing%

Query zone resource records on a Microsoft DNS server
wmic /namespace:\\root\microsoftdns /node:%server% path MicrosoftDNS_ResourceRecord WHERE ContainerName='%zone_name%'

nslookup with debug information
nslookup -debug %IP%

DSQuery authorised DHCP Servers
Dsquery * "cn=NetServices,cn=Services,cn=Configuration, DC=forestRootDomain" -attr dhcpServers

Enumerate all records from a DNS zone
dnscmd /enumrecords @ /additional /continue > DNS_all.txt

Lookup SRV records from DNS
nslookup -type=srv _ldap._tcp.dc._msdcs.{domainRoot}

DNS Information
for /f %i in ('dsquery server -domain %userdnsdomain% -o rdn') do dnscmd %i /info

DNS Zone Detailed information
dnscmd /zoneinfo %userdnsdomain%

DNS Zones in AD
for /f %i in ('dsquery server -o rdn') do Dsquery * -s %i domainroot -filter (objectCategory=dnsZone)

Enumerate DNS Server Zones
for /f %i in ('dsquery server -o rdn') do dnscmd %i /enumzones

Print DNS Zones
dnscmd DNSServer /zoneprint DNSZone

Add a host record in DNS
dnscmd %dnsserver% /recordadd %zone% %relative_name% A %ip%

Find aging records from an enumerated zone
find /i "aging:" DNS_all.txt > DNS_aging.txt

DNS Scavenging check, based on the output of aging records from dnscmd.exe
cscript DNSScavengeTest.wsf /f:DNS_aging.txt

Query DNS objects from the directory
dsquery * DC=,CN=MicrosoftDNS,cn=System,dc=

Start DNS scavenging
dnsmd /startscavenging

Delete a host record from DNS
dnscmd %server% /recorddelete %zone% @ A %IP%

Determine the DNS suffix search list set through policy for a computer
reg query "\\%Computer%\HKEY_LOCAL_MACHINE\software\policies\microsoft\Windows NT\DNSClient" /v SearchList

Query for the zones hosted on a Microsoft DNS server
wmic /namespace:\\root\microsoftdns /node:%server% path MicrosoftDNS_Zone

Find DNS Forwarder information from dnscmd output
for %b in (DNS*.txt) do @for /f "skip=2 delims=[]" %i in ('"find /i /N "Forwarders:" %b"') do @for /f "skip=2 delims=[]" %m in ('"find /i /N "Command completed successfully." %b"') do @for /f %p in ('set /a %m-%i') do echo tail -%p %b

List primary reverse lookup zones from a DNS server
dnscmd %server% /EnumZones /secondary /reverse

List allowed secondary servers for the specified zone
dnscmd %server /zoneinfo %ip%.in-addr.arpa SecondaryServers


DHCP command-line operations

Netsh authorised DHCP Servers
netsh dhcp show server

DHCP server information
netsh dhcp server \\DHCP_SERVER show all

DHCP server dump
netsh dhcp server \\DHCP_SERVER dump > dhcp.txt

Last 50 leases on DHCP servers
for /f %i in (DHCPServers.txt) do echo %i && tail -50 \\%i\c$\WINNT\system32\dhcp\DhcpSrvLog.Tue

Active DHCP leases
For /f %i in (DHCPServers.txt) do for /f "delims=- " %j in ('"netsh dhcp server \\%i show scope find /i "active""') do netsh dhcp server \\%i scope %j show clientsv5 >> DHCPClients_%i.txt

DHCP clients from all servers
Find /i "255." DHCPClients_*.txt find /i "255." > DHCPClientsAll.txt

DHCP Server Active Scope Info
For /f %i in (DHCPServers.txt) do netsh dhcp server \\%i show scope find /i "active" >> DHCPInfo_%i.txt

Find Subnets from DHCP clients
FindSubnets.bat 'Output from Active DHCP leases'

Resolve DHCP clients hostnames
for /f "tokens=1,2,3 delims=," %i in (Output from 'Find Subnets from DHCP clients') do @for /f "tokens=2 delims=: " %m in ('"nslookup %j find /i "Name:""') do echo %m,%j,%k,%i

Find two online PCs per subnet
Echo. > TwoClientsPerSubnet.txt & for /f "tokens=1,2,3,4 delims=, " %i in ('"find /i "pc" 'Output from Resolve DHCP clients hostnames'"') do for /f "tokens=3 skip=1 delims=: " %m in ('"Find /i /c "%l" TwoClientsPerSubnet.txt"') do If %m LEQ 1 for /f %p in ('"ping -n 1 %i find /i /c "(0% loss""') do If %p==1 Echo %i,%j,%k,%l >> TwoClientsPerSubnet.txt

Find unique Subnets
for /f "delims=" %i in (Output from FindSubnets) do @Find /i "%i" UniqueSubnets.txt 1>nul 2>nul & @if ErrorLevel 1 echo %i >> UniqueSubnets.txt

Find DHCP Scopes not in AD
for /f "tokens=1,2" %i in (Output from 'Find Unique Subnets') do @for /f "skip=2 delims==" %m in ('find /i "%j" SubnetMaskShorthand.txt') do @find /i "%i/%m" Output from 'AD Subnet and Site Information' >NUL & @If ErrorLevel 1 for /f "skip=1 tokens=2 delims=:" %p in ('find /i /c "%i %j" Output from 'Find Subnets from formatted output'') do @Echo %i/%m,%p

DHCP Clients Per AD Site
for /f "tokens=1,2,3 delims=/ " %i in (Output from 'AD Subnet and Site Information') do @For /f "skip=2 tokens=1,2 delims==" %m in ('find /i "%j=" SubnetMaskShorthand.txt') do @For /f "skip=1 tokens=2 delims=:" %p in ('find /i /c "%i,%n" Output from 'Find Subnets from DHCP clients') Do @Echo %i/%m,%p,%k

DHCP Servers Per AD Site
for /f "tokens=1,2 delims=/" %i in (SiteClientCounts.txt) do @for %k in ("Output from 'DHCP Server Active Scope Info'") do @find /i "%i" "%k" >nul & If ErrorLevel 0 if Not ErrorLevel 1 echo %i/%j,%~nk

Total DHCP Scopes
find /i "subnet" "Output from DHCP server information" find /i "subnet"

WINS command-line operations

WINS serer information
Netsh wins server \\WINS_SERVER dump > wins.txt

WINS Statistics
for /f "tokens=1,2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show statistics >> WINSConfig_%j.txt

WINS Record counts per server
for /f "tokens=1,2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show reccount %i >> WINSRecordCount.txt

WINS Server Information
for /f "tokens=2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show info >> WINSConfig_%i.txt

WINS Server Dump
for /f "tokens=2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i dump > WINSConfig_%i.txt

WINS Static Records per Server
netsh wins server \\LocalWINSServer show database servers={} rectype=1

Use WMI to find the WINS entries for DNS-enabled NICs on a list of servers
for /f %i in (servers.txt) do @for /f "skip=1" %m in ('"wmic /node:%i path Win32_NetworkAdapterConfiguration WHERE FullDNSRegistrationEnabled=True get WINSPrimaryServer"') do @echo %i,%m

Set the WINS entry for the specified network
psexec \\%server% netsh interface ip set wins "Local Area Connection" static %WINSIP%

-------------------
Thanks,
http://sccm07.blogspot.com/

SMS / SCCM Web Reports Error 500

Large SMS Web Reports return Error 500

When executing large SMS report queries with thousands of rows from an SMS reporting server running on Windows Server 2003 with IIS 6.0, a HTTP 500 error may be returned. This post describes the ASP buffer overflow error that can occur and how to resolve the issue.

After turning off friendly errors, what is actually being returned is an ASP 0251 buffer overflow error, because the response buffer is not large enough. This is due to the default ASP response buffer set using the AspBufferingLimit property in the metabase, configurable at several locations throughout the metabase (see the 'AspBufferingLimit Metabase Property in IIS 6.0' reference below for more information).

Use the standard Windows adsutil.vbs VBScript to read/modify the w3svc/aspbufferinglimit. The default size returned in 2003 Server RTM is 4194304 bytes (4MB), resulting in buffer overflow errors when large queries are executed with thousands of records.

When I've seen this problem, changing the value to 8388608 (8MB) resolved the issues with queries that were found returning this error.

References

SMS Related article on the problem:
http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/tfaq10.mspx

AspBufferingLimit Metabase Property in IIS 6.0:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/ea7e9c3f-d0c8-4e5c-8965-0d0429a3b8f1.mspx?mfr=true

ASP IIS Errors:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/92418a99-d447-4be7-abc9-a064939e397b.mspx?mfr=true

Tuning ASP Metabase Settings:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/8e54be6e-cdb4-42d6-a270-8a35df8f5a82.mspx?mfr=true
-------------------
Thanks,
http://sccm07.blogspot.com/

One batch file for Active Directory diagnostics

One batch file for Active Directory diagnostics.
Simply set the variables for DCs, and it will collect information about your Active Directory environment. This is useful for troubleshooting, benchmarking, analysis and history. All operations are read-only.

::
:: Changes:
:: 21/09/2006, Initial version
:: 18/02/2008, Updated commands to be more generic and use variables for DC/DN/FQDN commands
:: 19/02/2008, Updated 'Subnet Information' to return a mapping of subnet to site.
:: 20/02/2008, Updated 'Find all connection objects' to provide more information
::
:: Author:
:: Wayne Martin
::
:: Use:
:: Perform various diagnostic commands against a domain and capture the output for analysis and history
::
:: Notes:
:: Most commands will work against a 2000 domain, but some are targeted at 2003-only functionality
::
:: Requires:
:: acldiag.exe
:: AdFind.exe
:: adrestore.exe
:: dcdiag.exe
:: dnscmd.exe
:: dsastat.exe
:: FILEVER.EXE
:: gpotool.exe
:: ldifde.exe
:: netdiag.exe
:: nltest.exe
:: psexec.exe
:: Psinfo.exe
:: repadmin.exe
:: setspn.exe


:Start

Set Server=%DC1%
Set SecondDc=%DC2%
Set ThirdDC=%DC3%
Set TimeServer=%TIME%
Set DomainDN=DC=domain,DC=com
Set DomainFQDN=domain.com

:: Make the directory for the output
If not Exist .\Diag md Diag

:: FSMO Roles
ntdsutil roles Connections "Connect to server %Server%" Quit "select Operation Target" "List roles for conn server" Quit Quit Quit >>"Diag\FSMO_Roles_%Server%.txt

:: Domain Controllers
Nltest /dclist:%userdnsdomain% >>"Diag\Domain_Controllers_%computername%.txt

:: Domain Controller IP Configuration
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do psexec \\%%i /s ipconfig /all >>"Diag\Domain_Controller_IP_Configuration_%%i.txt

:: Domain Controller SystemInfo
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do systeminfo /s %%i >>"Diag\Domain_Controller_SystemInfo_%%i.txt

:: AD Database disk usage
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do dir \\%%i\admin$\ntds >>"Diag\AD_Database_disk_usage_%%i.txt

:: Global Catalog Servers from DNS
dnscmd %Server% /enumrecords %userdnsdomain% _tcp find /i "3268" >>"Diag\Global_Catalog_Servers_from_DNS_%Server.txt

:: Global Catalog Servers from AD
dsquery * "CN=Configuration,%DomainDN%" -s %Server% -filter "(&(objectCategory=nTDSDSA)(options:1.2.840.113556.1.4.803:=1))" >>"Diag\Global_Catalog_Servers_from_AD_%Server%.txt

:: DNS Information
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do dnscmd %%i /info >>"Diag\DNS_Information_%%i.txt

:: DNS Zone Detailed information
dnscmd %Server% /zoneinfo %userdnsdomain% >>"Diag\DNS_Zone_Detailed_information_%server%.txt

:: Garbage Collection and tombstone
dsquery * "cn=Directory Service,cn=Windows NT,cn=Services,cn=Configuration,%DomainDN%" -s %Server% -attr garbageCollPeriod tombstoneLifetime >>"Diag\Garbage_Collection_and_tombstone_%server%.txt

:: Group Policy Verification Tool
gpotool.exe /checkacl /verbose >>"Diag\Group_Policy_Verification_Tool.txt

:: AD OU membership
dsquery computer -s %Server% -limit 0 1>>"Diag\AD_OU_membership_%server%.txt

:: AD OU membership
dsquery user -s %Server% -limit 0 1>>"Diag\AD_OU_membership_%server%.txt

:: List Service Principal Names
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do setspn -L %%i >>"Diag\List_Service_Principal_Names_%%i.txt

:: Compare DC Replica Object Count
dsastat -s:%server%;%SecondDC%;%ThirdDC% -p:999 >>"Diag\Compare_DC_Replica_Object_Count.txt

:: Check AD ACLs
acldiag %DomainDN% >>"Diag\Check_AD_ACLs.txt

:: NTFRS Replica Sets
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do ntfrsutl sets %%i >>"Diag\NTFRS_Replica_Sets_%%i.txt

:: NTFRS DS View
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do ntfrsutl ds %%i >>"Diag\NTFRS_DS_View_%%i.txt

:: Domain Controllers per site
Dsquery * "CN=Sites,CN=Configuration,%DomainDN%" -s %server% -filter (objectCategory=Server) >>"Diag\Domain_Controllers_per_site_%%i.txt

:: DNS Zones in AD
for /f %%i in ('dsquery server -o rdn') do Dsquery * -s %%i domainroot -filter (objectCategory=dnsZone) >>"Diag\DNS_Zones_in_AD_%%i.txt

:: Enumerate DNS Server Zones
for /f %%i in ('dsquery server -o rdn') do dnscmd %%i /enumzones >>"Diag\Enumerate_DNS_Server_Zones_%%i.txt

:: Subnet information
dsquery * "CN=Subnets,CN=Sites,CN=Configuration,%DomainDN%" -s %server% -attr cn siteObject description location >>"Diag\Subnet_information_%server%.txt
::Dsquery subnet -s %server% >>"Diag\Subnet_information_%server%.txt

:: List Organisational Units
Dsquery OU -s %server% >>"Diag\List_Organisational_Units_%server%.txt

:: ACL on all OUs
For /f "delims=" %%i in ('dsquery OU -s -s %server%') do acldiag %%i >>"Diag\ACL_on_all_OUs.txt

:: Domain Trusts
nltest /domain_trusts /v /server:%server% >>"Diag\Domain_Trusts_%server%.txt

:: Print DNS Zones
dnscmd %Server% /zoneprint %DomainFQDN% >>"Diag\Print_DNS_Zones_%server%.txt

:: AD Subnet and Site Information
dsquery * "CN=Subnets,CN=Sites,CN=Configuration,%DomainDN%" -s %server% -attr cn siteObject description location >>"Diag\AD_Subnet_and_Site_Information_%server%.txt

:: AD Site Information
dsquery * "CN=Sites,CN=Configuration,%DomainDN%" -s %server% -attr cn description location -filter (objectClass=site) >>"Diag\AD_Site_Information_%server%.txt

:: Printer Queue Objects in AD
dsquery * domainroot -filter "(objectCategory=printQueue)" -s %server% -limit 0 1>>"Diag\Printer_Queue_Objects_in_AD_%server%.txt

:: Group Membership with user details
dsget group groupDN -members dsget user -samid -fn -mi -ln -display -empid -desc -office -tel -email -title -dept -mgr >>"Diag\Group_Membership_with_user_details_%server%.txt

:: Site Links and Cost
dsquery * "CN=Sites,CN=Configuration,%DomainDN%" -s %server% -attr cn cost description replInterval siteList -filter (objectClass=siteLink) >>"Diag\Site_Links_and_Cost_%server%.txt

:: Check time against Domain
w32tm /monitor /computers:%server%,%SecondDC%,%ThirdDC%,%TimeServer% >>"Diag\Check_time_against_Domain.txt

:: Domain Controller Diagnostics
for %%i in (%server% %SecondDC% %ThirdDC%) do dcdiag /s:%%i /v /e /c >>"Diag\Domain_Controller_Diagnostics_%%i.txt

:: Domain Replication Bridgeheads
repadmin /bridgeheads >>"Diag\Domain_Replication_Bridgeheads.txt

:: Replication Failures from KCC
repadmin /failcache >>"Diag\Replication_Failures_from_KCC.txt

:: Inter-site Topology servers per site
Repadmin /istg * /verbose >>"Diag\Inter-site_Topology_servers_per_site.txt

:: Replication latency
repadmin /latency /verbose >>"Diag\Replication_latency.txt

:: Queued replication requests
repadmin /queue * >>"Diag\Queued_replication_requests.txt

:: Show connections for a DC
repadmin /showconn * >>"Diag\Show_connections_for_a_DC.txt

:: Replication summary
Repadmin /replsummary >>"Diag\Replication_summary.txt

:: Show replication partners
repadmin /showrepl * /all >>"Diag\Show_replication_partners.txt

:: All DCs in the forest
repadmin /viewlist * >>"Diag\All_DCs_in_the_forest.txt

:: ISTG from AD attributes
dsquery * "CN=NTDS Site Settings,CN=CLB,CN=Sites,CN=Configuration,%DomainDN%" -s %server% -attr interSiteTopologyGenerator >>"Diag\ISTG_from_AD_attributes_%server%.txt

:: Return the object if KCC Intra/Inter site is disabled for each site
Dsquery site dsquery * -attr * -s %server% -filter "((Options:1.2.840.113556.1.4.803:=1)(Options:1.2.840.113556.1.4.803:=16))" >> "Diag\Return_the_object_if_KCC_Intra-Inter_site_is_disabled_for_each_site_%server%.txt"

:: Find all connection objects
::dsquery * forestRoot -s %server% -filter (objectCategory=nTDSConnection) -attr distinguishedName fromServer whenCreated displayName >>"Diag\Find_all_connection_objects_%server%.txt
dsquery * "CN=Servers,CN=%SITECODE%,CN=Sites,CN=Configuration,%DomainDN%" -attr fromServer cn >>"Diag\Find_all_connection_objects_%server%.txt

:: Find all connection schedules
adfind -b "CN=Configuration,%DomainDN%" -f "objectcategory=ntdsConnection" cn Schedule -csv >>"Diag\Find_all_connection_schedules_%server%.txt

:: Software Information for each server
for /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do psinfo \\%%i > ServerInfo_%%i.txt & filever \\%%i\admin$\explorer.exe \\%%i\admin$\system32\vbscript.dll \\%%i\admin$\system32\kernel32.dll \\%%i\admin$\system32\wbem\winmgmt.exe \\%%i\admin$\system32\oleaut32.dll >>"Diag\Software_Information_for_each_server_%%i.txt

:: Check Terminal Services Delete Temp on Exit flag
For /f %%i in ('dsquery server -domain %userdnsdomain% -o rdn') do Reg query "\\%%i\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v DeleteTempDirsOnExit >>"Diag\Check_Terminal_Services_Delete_Temp_on_Exit_flag_%%i.txt

:: Information on existing GPO's
dsquery * "CN=Policies,CN=System,%DomainDN%" -s %server% -filter "(objectCategory=groupPolicyContainer)" -attr displayName cn whenCreated gPCFileSysPath >>"Diag\Information_on_existing_GPOs_%server%.txt

:: Domain Controller Netlogon entries
for /f %%i in ('dsquery server /o rdn') do echo %%i & reg query \\%%i\hklm\system\currentcontrolset\services\netlogon\parameters >>"Diag\Domain_Controller_Netlogon_entries_%%i.txt

:: Find empty groups
dsquery * -s %server% -filter "&(objectCategory=group)(!member=*)" -limit 0 -attr whenCreated whenChanged groupType sAMAccountName distinguishedName memberOf >>"Diag\Find_empty_groups.txt

:: Disk statistics, including the number of files on the filesystem
for %%i in (%server% %SecondDC% %ThirdDC%) do psexec \\%%i chkdsk C: /i /c >>"Diag\CheckDisk_%%i.txt
for %%i in (%server% %SecondDC% %ThirdDC%) do psexec \\%%i defrag C: -a -v >>"Diag\CheckDisk_%%i.txt

:: Query IIS web sites
for /f %%i in ('dsquery server /o rdn') do iisweb /s %%i /query "Default Web Site" >>"Diag\IIS_Default_Web_Sites_%%i.txt

:: Forest/Domain Functional Levels
ldifde -s %server% -d cn=partitions,cn=configuration,%DomainDN% -r "((systemFlags=3)(systemFlags=-2147483648))" -l msds-behavior-version,dnsroot,ntmixeddomain,NetBIOSName -p subtree -f "Diag\Query_IIS_web_sites_%server%.txt"

:: Forest/Domain Functional Levels
dsquery * cn=partitions,cn=configuration,%DomainDN% -s %server% -filter "((systemFlags=3)(systemFlags=-2147483648))" -attr msDS-Behavior-Version Name dnsroot ntmixeddomain NetBIOSName >>"Diag\Forest-Domain_Functional_Levels_%server%.txt

:: Lookup SRV records from DNS
nslookup -type=srv _ldap._tcp.dc._msdcs.%DomainFQDN% %server% >>"Diag\Lookup_SRV_records_from_DNS_%server%.txt

:: Find when the AD was installed
dsquery * cn=configuration,%DomainDN% -s %server% -attr whencreated -scope base >>"Diag\Lookup_SRV_records_from_DNS_%server%.txt

:: Find a DC for each trusted domain
for /f "skip=1" %%i in ('"dsquery * CN=System,%DomainDN% -filter (objectClass=trustedDomain) -attr trustPartner"') do nltest /dsgetdc:%%i >> "Diag\Find_a_DC_for_each_trusted_domain_%server%.txt"

:: Verify SMB connectivity to the admin share on DCs
for /f %%i in ('dsquery server -o rdn') do @if not exist \\%%i\admin$ (echo Could not access %%i\admin$) Else (Echo %%i\admin$ exists) >> Verify_SMB_connectivity_to_DCs_%%i.txt


-------------------
Thanks,
http://sccm07.blogspot.com/

Troubleshooting SMS 2003 MP and SLP

Troubleshooting SMS 2003 MP and SLP

This article provides methods to verify the operation of Management Points and Server Locator Points in Microsoft SMS 2003

Test a management point is functioning correctly:

Test a Server Locator Point is functioning correctly:

Thanks,
http://sccm07.blogspot.com/

Active Directory Security vs Distribution Groups

AD Security vs Distribution Groups

 

This post contains information on security groups versus distribution groups in a Windows Active Directory, how to make use of mail enabled security groups and how to convert groups between different scopes.

Groups of type distribution do not have a SID, and without a security identifier, they cannot be part of an Access Control Entry or a security token, even though the members of the distribution group may be accounts that do have SIDs.

Security groups can be mail-enabled, allowing the group to be used for both access control and mail distribution, and depending on your level of service autonomy and delegation of administration this may be suitable. If you nest security and/or distribution groups, there may also be some confusion if using mail enabled security groups.

Implementing Mail-enabled Security Groups

In a simple Exchange 2003 environment, you may be able to:

  1. Convert the groups of type distribution to security, with a scope of global. Universal could be used instead of global, but this depends on whether you have a requirement for cross-domain intra-forest GC access to group membership.
  2. Ensure the security groups are mail enabled
  3. Set the 'Managed By' information on the group to an individual or local group to manage the DL and update the membership list. This will set ACLs on the AD group object to allow members to be updated in the group.
  4. Add the global group to existing local groups used to manage permissions on file shares.
Notes:
  • One reason to use distribution groups rather than mail-enabled security groups is because of service and data autonomy - to separate Exchange DL admins from security group admins, using the method above would make this difficult.
  • You can use the 'dsmod group' command to change the scope and type of a 200x Active Directory group. See the examples below.

Converting an Active Directory security group from Global to Local or vice versa:

This process was tested on an XP workstation against a Windows 2000 Active Directory domain in native mode.

Identify the DN of the group by running
- dsquery group -name %GroupName%

Find the current group scope of the group just identified, by running
- dsget group %GroupDN% -scope -secgrp

Change the group scope to universal, a stepping stone required as groups can't be converted directly between global and local, by running:
- dsmod group %GroupDN% -scope u

Change the group scope to global or local (depending on the requirements), by running:
- dsmod group %GroupDN% -scope g
- dsmod group %GroupDN% -scope l

This modifies an existing group, without changing the SID, useful when the group is already used to apply permissions.

References

Group Objects
http://msdn2.microsoft.com/en-us/library/ms676913.aspx

Group scope
http://technet2.microsoft.com/windowsserver/en/library/79d93e46-ecab-4165-8001-7adc3c9f804e1033.mspx?mfr=true

Troubleshooting mail transport and distribution groups in Exchange 2000 Server and in Exchange Server 2003
http://support.microsoft.com/kb/839949

Group Types
http://technet2.microsoft.com/windowsserver/en/library/95107162-47eb-4891-832f-0c0b15b7c8581033.mspx?mfr=true

Global Catalog Server Requirement for User and Computer Logon
http://support.microsoft.com/kb/216970


-------------------
Thanks,
http://sccm07.blogspot.com/