Nov 22

Philly PowerShell User Group – Nov. 1

Our second of the newly created Philly PowerShell User Group was on November 1st. Our turn out was better than expected due to Super Storm Sandy. Our topic for the month was showcasing new features in Server 2012 and PowerShell v3. I gave a presentation titled “From Nothing To Something”. The premise was simple: build a server with Windows Server 2012. I covered the types of Installs, and the new intermediate install Minimal GUI which is not an install option in the install wizard. I also highlighted what features are available in Minimal GUI as compared to Full GUI. I demoed the process of taking a Server 2012 Core machine to Minimal GUI to Full GUI and then back to Server Core without re-installing the OS. Here are the PowerShell commands I used.

Note: I used the -Source parameter to access the Server 2012 ISO on my Hard Drive for faster and easier access.

Going to Minimal GUI:

Install-WindowsFeature Server-Gui-Mgmt-Infra –Source wim:d:\sources\install.wim:4
Restart-Computer

It is not a requirement to be at Minimal GUI to go to Full GUI but for demo sake I used the machine I just took to Minimal GUI to Full GUI

Install-WindowsFeature Server-Gui-Mgmt-Infra, Server-Gui-Shell –Source wim:d:\sources\install.wim:4
Restart-Computer

After finishing the Full GUI install I then took the server back to Core.

UnInstall-WindowsFeature Server-Gui-Mgmt-Infra, Server-Gui-Shell –IncludeManagementTools
Restart-Computer

However when you execute the Get-WindowsFeature cmdlet you will see that many of the Minimal and Full GUI bits are still available instead of removed. To remove them I added the -Remove parameter.

UnInstall-WindowsFeature Server-Gui-Mgmt-Infra, Server-Gui-Shell –IncludeManagementTools -Remove

This will help keep the machine from wasting disk space with features that can’t be used under server Core.

My Slide Deck is Here and our meeting notes are Here

Oct 24

I’m Going

Should have posted this a few weeks ago.

Aug 23

Server 2012 Core Static IP Address issue

I am having a hard time figuring this one out. I am attempting to setup the iSCSI network for my Hyper-V host. I installed Server 2012 (RTM) Core and added the Hyper-V role. However setting the static IP for this adapter is not going so well. Here is what is being shown.

Get-NetIPAddress

IPAddress         : 169.254.99.36
InterfaceIndex    : 13
InterfaceAlias    : J_ETH2
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 16
PrefixOrigin      : WellKnown
SuffixOrigin      : Link
AddressState      : Preferred
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore

IPAddress         : 10.10.10.100
InterfaceIndex    : 13
InterfaceAlias    : J_ETH2
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 24
PrefixOrigin      : Manual
SuffixOrigin      : Manual
AddressState      : Duplicate
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore

I have tried many different things. I have run the following two command to see if that would fix it.

Get-NetIPAddress -InterfaceIndex 13 | Remove-NetIPAddress

New-NetIPAddress -InterfaceIndex 13 -IPAddress 10.10.10.100 -PrefixLength 24

IPAddress         : 10.10.10.100
InterfaceIndex    : 13
InterfaceAlias    : J_ETH2
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 24
PrefixOrigin      : Manual
SuffixOrigin      : Manual
AddressState      : Tentative
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore

IPAddress         : 10.10.10.100
InterfaceIndex    : 13
InterfaceAlias    : J_ETH2
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 24
PrefixOrigin      : Manual
SuffixOrigin      : Manual
AddressState      : Invalid
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : PersistentStore

and then run the Get-NetIPaddress cmdlet again and get the same output as above. One odd setting that I am seeing in the output is that the addressState on the 169 address comes up with perfered, while the 10 addressState says Duplicate. I haven’t found anyplace that I can change this. This is my iSCSI network that I am trying to set up. Any help on this would be greatly appreciated.

Jul 25

Server 2012: Creating a New AD Forest on Server Core

There is not a lot of documentation out there on how to setup Server 2012 Core with a new Active Directory Forest. So here is how I did it.

First, we need to get the server configured. Once you set the administrator password and login all you get is an elevated cmd prompt. from here to set up the baiscs of the server I type sconfig.cmd to get the server configuration wizard.

from here I set the computer name, Configure Remote Management to Enabled, Enable Remote Desktop, Set the Date and Time and finally change the network settings to an IP address and Primary DNS to 192.168.1.20. You can do some of these tasks in powershell with the added Network cmdlets.

I reboot to make sure all the settings are good. Then from PowerShell I turn off my Firewall with the following one liner.

Get-NetFirewallProfile | Set-NetfirewallProfile -Enabled False

And one final thing before we get to installing Active Directory I need to make sure my PowerShell Help is up to date. This is also a new CmdLet of PowerShell v3.

Update-Help

Now that I have the Server Core setup it’s time to install the Active Directory Bits and the PowerShell tools for AD. Previously you would have needed to import the ServerManager module to add these however now PowerShell v3 does it for us automatically. So now just type:

Add-WindowsFeature AD-Domain-Services,RSAT-AD-PowerShell

This will start the install of the ADDS bits. Once this is done we need to do a DcPromo. If you have ever done a DcPromo in the GUI this is not that bad and if you already have an Unattended answer file it might be a few changes and your off and running. But now we have PowerShell cmdlets that we can do it with and actulay makes this process super easy. I built a new domain and all that was needed was the following:

Install-ADDSForest -DomainName "domain.com" -InstallDns

That’s it. My server rebooted and I logged back in using the domain admin. Creating a new Domain wasn’t that hard. The CmdLet will let you set more things and if you would like to see them you can go to http://bit.ly/Pqywyj to see the TechNet help on the CmdLet.

Jun 21

TechEd 2012: Community

This past week I was privileged to attend TechEd 2012 in Orlando, Florida. For those who don’t know, TechEd is Microsoft’s big conference for IT and Development Professionals. This event is something I look forward to as it brings together almost every piece of technology I work with. The organization I work for provides SaaS (Software as a Service) applications for K-12 school districts. We are a 100% Microsoft shop, so going to TechEd allows us to know the direction and new technology Microsoft is developing. Three years ago I was able to attend my first TechEd in LA. It was fun and exciting, and I came home with an energy to implement all this new stuff in a month. Reality set in and all that energy had to be directed to other places. It was fun and a huge learning experience, and the plan was to build on that experience at this years TechEd if a few different ways.

Three years ago I didn’t do much other than go to sessions with content that I was interested in or going to implement. This year the plan was a little different. I was to still planning to attend sessions, but I also wanted to meet other IT Pros like me and get involved with the PowerShell community. Back in April I competed in the 2012 Scripting Games. I did better than I anticipated. During this event I had lots of questions and one of the best way to ask them was through Twitter. Doing this connected me to both @scriptingGuys and @scriptingWife, Ed Willson orchestrated the event, and his wife competed and gave helpful hints. They both were at TechEd, and I had a great opportunity to meet them and other PowerShell super stars. In talking with Ed, he ask if he could interview me about my experience in the scripting games, I obliged and the interview is now on YouTube.

Getting to interact with those at Microsoft is one of the major benefits of going to this conference. This community is the No. 1 reason I took so much away from this years TechEd. Being a part of a community initiates improvement and camaraderie, and also becomes a reliable information resource. The PowerShell  community, I believe, provides these in may different ways, and TechEd 2012 proved it.

 

 

May 31

Business Continuity

On the way to my carpool drop off this morning my phone began to buzz uncontrollably. I knew it couldn’t be good but since I was driving and PA law is now in effect about texting and driving I didn’t dare look. Once I arrived I pulled out my phone to find the internet at the office is down. I’m in for it today, I thought. Then the confirmation came–I was 3 minutes from getting to the office and I get a text from my boss asking how long till I got to the office. Yup, it’s going to be a “Fun” morning.

Once I got to the office we were already forty to forty five minutes into the outage and it was all hands on deck. The ISP was already engaged by our Network Engineer and they were working on the issue but didn’t know how long. No one in the office has internet or external e-mail communication. We do have a second internet connection but no action plan to use it if our primary internet would go out, problem number one.

Problem number two all critical services for communication to our clients run out of this building. I don’t have a script to work from so i start with getting a small group of our customer support team on our secondary internet so they can support our customers and maybe get lucky that the outage is small and don’t have to execute a plan on getting external e-mail up.

Getting them connected was easy however they need access to our production site. I enlisted a couple peers to go and install the VPN client and the appropriate profile and get them connected to our production site so they can fully support our customers. at this point we are an hour forty five in and the ISP still didn’t know whats wrong. At this point I need to start executing on a plan to get external e-mail up.

Problem number three, we don’t have a spam filter for our DR leg, and problem four, our firewall in the DR site is not configured to allow mail traffic to my DR mail servers. My morning just gets better. So I begin discussing with our Network Engineer the plan to take the new replacement spam unit to our DR site and getting the firewall configured to allow mail traffic through.

We then get the Director of IT to sign off on the plan and start executing. I changed the IP address of the Spam appliance and then gave it to my coworker who is responsible for the data center it was going to. It should only take about an hour to get to the site and since the unit was already configure and tested and ready to be transitioned to the active unit on Thursday evening. The plan at this point was to add a secondary MX record to our External DNS for the DR site and then configure the firewall with the settings. It was 11:20 and I now just had to wait for everyone else to get their pieces in place.

Then at 11:30 everything came back up. Mail started flowing again and everyone in the office had internet again. Total time of outage 3:13.

This “little” outage shined a bright light on many areas that were lacking cogency plans. It was a project that is on my Summer to-do list and had started giving it a lot of thought. I had even started doing more in-depth research. We are a SaaS organization so most of our efforts for DR are focused on our other data centers. We have DR plans for when something were to happen to them but not to our corporate office. It is unfortunate that I didn’t have a Business Continuity Plan to execute in this situation and come out of this incident looking like a superstar however it may help in executive buy-in to put more resources and focus on how important the corporate office is to the day-to-day operations of the business. Starting tomorrow the focus is on getting a working BCP in place by the end of June and monthly test to ensure my team is ready when an event like this or worse happens, because it will happen again.