Posts Tagged ‘windows server 2012’

Let’s take this scenario. You’ve uploaded a new version of software to the Server. You didn’t push the “Unblock” putton in file Properties… . The application upgraded itself, and for now you’ve a thousands of files in hundreds of folders which are “Blocked”, but can be readable… how can you repair this? With PowerShell 3!

dir c:\mydir -Recurse | Unblock-File

Debug:

dir c:\mydir -Recurse | Unblock-File -WhatIf

Easy, huh?

Somehow you have an old Windows domain with a new one and you need to map network shares using Windows 2012 R2 preferences?
You will not be able to do this if there’s a need for multiple shares from the same server according to Microsoft Security Policy.
To bypass this you will need to do the following:

1. Create an alias of the server in the DNS server record.

p.some.domain.com CNAME fileserver.some.domain.com
q.some.domain.com CNAME fileserver.some.domain.com

2. But that’s not all, the Server recognizes it’s an alias (it is not listening to alias), and you still cannot connect shares.
3. You will need to change the registry value on the fileserver and reb0ot it:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters

Value: DisableStrictNameChecking
Type: REG_DWORD
Radix: Decimal
Value: 1

4. Optionally there could be a situation where you need to set up the SPN for the Alias:

setspn -a host/alias fileserver
setspn -a host/alias.some.domain.com fileserver

Pain in the ass Microsoft… really?

If you want to migrate, connect, transfer, whatever to do between two domains there’s an captain obvious that says “create a trust”.

OK. If you want to create a trust between forests of Active Directory, you would just go to Active Directory Domains and Trust and create a trust… yea, but not with Microsoft.

Ok, stop shitty talk, I’ll just write how to do this:

1. If it is not working the problem accuratelly lies within the DNS configs.
2. For creating a relation between 2003 and 2012 the DNS’s must have a Conditional Forwarders configured.
3. For 2003 go to DNS > $domain > Properties > Forwarders > Add 2012 domain name and IP.
4. For 2012 go to DNS > Conditional Forwarders > New Conditional Forwarder > Add the 2003 domain name and IP.
5. Diagnose with nslookup is everything correct by typing on both servers like:

nslookup $domain2003 -type=ALL
nslookup $domain2012 -type=ALL

6. If everything is correct you can now create a trust.
7. Active Directory Domains And Trust > $domain2012 > Properties > Trusts > Add new trust.
8. Place a $domain2003 DNS name > Next > Forest trust > Transistive > Two-way *or not.
9. If you selected two-way it will automatically shown on the 2003 Server if placed correct credentials in the Trust Wizard tab.
10. You will try to validate these credentials on both servers to save the routing information and it will fail… Microsoft.
11. Just rebo0t both servers.
12. Done.

Po załadowaniu *.iso systemu Windows Server 2012 R2 jest on w eSXi 4.1 non-stop restartowany krzycząc blue-screenem, że system nie jest wspierany i wystąpił “problem”. Przeczesując fora dochodzi się do jednego wniosku: Windows Server 2012 R2 jest wspierany od vmWare eSXi 5.1 – KUP LICENCJĘ JUŻ DZIŚ :).

Ok. Work-around.

#1. Budowa VM

Należy zbudować maszynę wirtualną, która nie pochodzi z szablonu (czyli nie wybiera się Windows Server 2008 R2 64-bit), której kontrolerem SCSI jest LSI Logic SAS (w innym przypadku nie będzie widziane medium instalacyjne). Dodatkowo warto wzmocnić Video card na parametry auto-detect lub co najmniej 256MB.

#2. Modyfikacja *.vnx

W celu obejścia blue-screena wystarczy zmodyfikować konfigurację maszyny wirtualnej, która jest dostępna w bazie storage w katalogu w którym przechowywana jest maszyna wirtualna. Należy też do datastore dodać bios.440.rom zmodyfikowany obraz dzięki vmWare community.

bios440.filename = "/vmfs/volumnes/$ŚCIEŻKA_DO_DATASTORE/bios.440.rom"
mce.enable = "true"
cpuid.hypervisor.v0 = "false"
vmGenCounter.enable = "false"

Wpis wynika z faktu, że Windows Server 2012 nie obsługuje PIIX 4 emulacji mostka południowego, z którego korzysta eSXi 4.*.

#3. “Nie działa”

Jak modyfikować BIOS można przeczytać tutaj.