Santhosh Sivarajan's Blog

Compare Source and Target Mailbox Size–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Tue, 28 May 2013 15:55:00 +0000

This PowerShell script can be used to compare source (Exchange 2003) and target (exchange 2007/2010) mailbox size. This script is useful when performing a mailbox migration

Script:

#
# This script can be used to compare Source and Target mailbox data
# Author - Santhosh Sivarajan
# Verion 1.1
#
Clear
$SExServer = "houex01.sivarajan1.com"
$TExserver = "etmrex01.sivarajan2.com"
$Output = New-item -type file -force "D:\Scripts\MailStats.txt"
"DisplayName`tAlias`tSourceTotalItem`tTargetTotalItem`tSourceSize(KB)`tTargetSize(MB)" | Out-File $Output -append -encoding ASCII
$scred = Get-Credential
clear
Write-host "Alias`t`tSourceTotalItem`tTargetTotalItem`tSourceSize(KB)`tTargetSize(MB)"
Import-CSV D:\Scripts\Mailboxinput.csv | % {
#Mailboxinput.csv file header -> MailAlias
    $Alias = $_.MailAlias
    $tAlias = ""
    $Ssize = ""
    $Stotalitem = ""
    $TtempResult = ""
    $Ttotalitem = ""
    $Tsize = ""
#Searching AD to get Dispaly Name
    $ObjFilter = "(&(objectCategory=person)(objectCategory=User)(mailnickname=$Alias))"
    $objSearch = New-Object System.DirectoryServices.DirectorySearcher
    $objSearch.PageSize = 5000
    $objSearch.Filter = $ObjFilter
    $objSearch.SearchRoot = "LDAP://DC=sivarajan2,DC=com"
    $AllObj = $objSearch.findone()
    $user = [ADSI] $AllObj.path
    $objItemT = $user.Properties
    $tAlias = $objItemT.DisplayName
    #Write-host "Searching..." $tAlias
#Searching source EX
    $Stempresult = get-wmiobject -namespace root\MicrosoftExchangev2 -class Exchange_mailbox -computer $SExServer -Filter "MailboxDisplayName = '$tAlias'" -

Credential $scred
    $Ssize = $Stempresult.size
    $Stotalitem = $Stempresult.TotalItems
#searching target EX
    $TtempResult = Get-MailboxStatistics -Identity "$Alias"
    $Ttotalitem = $TtempResult.ItemCount
    $Tsize = $TtempResult.TotalItemSize.value
    Write-host $Alias`t`t$Stotalitem`t$Ttotalitem`t$Ssize`t$Tsize
    $tAlias+"`t"+$Alias+"`t"+ $Stotalitem+"`t"+ $Ttotalitem+"`t"+$Ssize+"`t"+$Tsize | Out-File $output -append -encoding ASCII
    }

Download:

___________________________________________________________________________________________

Migrating from Windows Server 2008 or Windows Server 2008 R2 to Windows Sever 2012?

Paperback - http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

eBook - http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

___________________________________________________________________________________________

Compare Primary SMTP Address–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Tue, 21 May 2013 15:54:00 +0000

This PowerShell script will generate a report based on source and target primary SMTP address.

Script

#
# Author - Santhosh Sivarajan
# Version - 1.0
Clear
$NAOUT = New-Item -type file -force "E:\Scripts\NA_PSTMP.txt"
"Samaccountname`tSPSMTP`tTPSMTP" | Out-File $NAOUT -encoding ASCII
Write-host "Samaccountname`tSPSMTP`tTPSMTP"

#############################################################################

#Source Domain
$ObjFilter = "(&(objectClass=person)(objectClass=User)(mail=*)(!(ObjectClass=contact)))"
$objSearch = New-Object System.DirectoryServices.DirectorySearcher
$objSearch.PageSize = 15000
$objSearch.Filter = $ObjFilter
$objSearch.SearchRoot = "LDAP://DC=sivarajan,DC=com"
$AllObj = $objSearch.FindAll()
    foreach ($Obj in $AllObj)
    {
        $userNA = [ADSI] $Obj.path
        $objItemTNA = $userNA.Properties
        $TmailNA = $objItemTNA.mail
        $TsamNA = $objItemTNA.samaccountname
###################################################################################

#Target domain
$ObjFilterCWS = "(&(objectCategory=person)(objectCategory=User)(samaccountname=$TsamNA))"
$objSearchCWS = New-Object System.DirectoryServices.DirectorySearcher
$objSearchCWS.PageSize = 15000
$objSearchCWS.Filter = $ObjFilterCWS
$objSearchCWS.SearchRoot = "LDAP://DC=sivarajan2,DC=COM"
$AllObjCWS = $objSearchCWS.FindOne()
    foreach ($ObjCWS in $AllObjCWS)
    {
        $userCWS = [ADSI] $ObjCWS.path
        $objItemTCWS = $userCWS.Properties
        $TmailCWS = $objItemTCWS.mail

}

#######################################################################################
        "$TsamNA`t$TmailNA`t$TmailCWS"| Out-File $NAOUT -encoding ASCII -append
        Write-host "$TsamNA`t$TmailNA`t$TmailCWS"

    }

Stamp a value in an Attribute–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Mon, 20 May 2013 15:48:00 +0000

You can use this PowerShell Script to stamp a value in an attribute. Int he below example, I am stamping DoNotSync value in altSecurityIdentities attribute.

Script

#
# Author - Santhosh Sivarajan
# Version 1.0

Clear
$N = 0
$migValue = "DoNotSync"
Import-CSV C:\Scripts\input.csv | % {
#input.csv contains sAMAccountName. Header must be UserName
    $UserN = $_.UserName
    $ObjFilter = "(&(objectCategory=person)(objectCategory=User)(samaccountname=$UserN))"
    $objSearch = New-Object System.DirectoryServices.DirectorySearcher
    $objSearch.PageSize = 15000
    $objSearch.Filter = $ObjFilter
    $objSearch.SearchRoot = "LDAP://dc=sivarajan,dc=com"
    $AllObj = $objSearch.findOne()
    $user = [ADSI] $AllObj.path
    Write-host -NoNewLine "Updating.... $UserN"
    $user
    $user.psbase.invokeSet("altSecurityIdentities",$migValue)
    $user.setinfo()
    Write-host "Done!"
    $N ++
    }

Write-host "Udpated $N User Account(s)"

Copy Attribute Values–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Thu, 16 May 2013 15:53:00 +0000

This can be used to copy a value from one attribute to another. In the below example, I am coping Exchange Alias (mailnickname) value to extensionattribute14.

Script:

#
# Author - Santhosh Sivarajan
# Version 1.0
Clear
$N = 0
$UserInfoFile = New-Item -type file -force "D:\Scripts\UserInfo.txt"
"distinguishedName`tAlias" | Out-File $UserInfoFile -encoding ASCII
$ObjFilter = "(&(objectCategory=person)(objectCategory=User)(mail=*)(!extensionAttribute14=*))"
$objSearch = New-Object System.DirectoryServices.DirectorySearcher
$objSearch.PageSize = 15000
$objSearch.Filter = $ObjFilter
$objSearch.SearchRoot = "LDAP://DC=sivarajan,DC=com"
$AllObj = $objSearch.FindAll()
    foreach ($Obj in $AllObj)
    {
        $user = [ADSI] $Obj.path
        $objItemT = $Obj.Properties
        $tAlias = $objItemT.mailnickname
        $tUDN = $objItemT.distinguishedname
        Write-host -NoNewLine "Updating.... $tUDN"
        $user.psbase.invokeSet("extensionattribute14","$tAlias")
        $user.setinfo()
        "$tUDN`t$tAlias" | Out-File $UserInfoFile -encoding ASCII -append
        Write-host "Done!"
        $N ++
    }

Write-host "Successfully updated $N user obejcts. Please reveiw $UserInfoFile for more information"

Change / Update mxExchMasterAccountSID–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Tue, 14 May 2013 15:53:00 +0000

The following script can be used to update Linked Mailbox (mxExchMasterAccountSID) value.

Script

$SCDCred=get-credential
Import-CSV "D:\Scripts\inputCM.csv" | foreach {
$TsAMAccountName = "SIVADOM\" + $_.sAMAccountName
write-host Updating $_.sAMAccountName
    Set-mailbox $_.PEmail -EmailAddressPolicyEnabled $false
    set-mailbox $_.PEmail -LinkedMasterAccount $TsAMAccountName -LinkedDomainController houdc01.sivarajan.com -LinkedCredential $SCDCred
    }

QMM Directory Sync–Mail Enabled and Mailbox Enabled Objects

noreply@blogger.com (Santhosh Sivarajan) — Wed, 10 Apr 2013 03:14:00 +0000

With latest hotfix/update for Quest Migration Manager (QMM) - https://support.quest.com/SolutionDetail.aspx?id=SOL77417, you should be able to create mail enabled objects in the target or source domain. This was one of most requested and awaited feature for QMM.

You will see the following three new options in the Directory Synchronization tab after installing this update:

Users without mail options
Mail enabled users
Mailbox enabled users

Of course this a global configuration and these options will affect Source and Target directory synchronizations. If you are thinking about a Global Address List (GAL) synchronization solution, you may need to configure a separate QMM project with appropriate options.

___________________________________________________________________________________________

Migrating from Windows Server 2008 or Windows Server 2008 R2 to Windows Sever 2012?

Paperback - http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

eBook - http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

___________________________________________________________________________________________

Migrating to Windows Server 2012 – Intro (Part 5)

noreply@blogger.com (Santhosh Sivarajan) — Tue, 05 Mar 2013 04:29:00 +0000

Introduction

Part 1 - Migrating to Windows Server 2012 – Intro (Part 1)

Part 2 - Migrating to Windows Server 2012 – Intro (Part 2)

Part 3 - Migrating to Windows Server 2012 – Intro (Part 3)

Part 4 - Migrating to Windows Server 2012 – Intro (Part 4)

Part 5 -

This was the Introduction, New Features and Enhancements section in my Migration from Windows Server 2008 and 2008 R2 to 2012 book. Because of some changes in the format and content of this book, we have decided not to include any introduction or new features section in this book. The focus of the book is to provide more hands-on and step-by-step instructions on migration. So I decided to add Introduction, New Features and Enhancements section in my blog in 5 different parts. You can read the rest of the sections in the book.

Active Directory

The following section provides an overview of the improvements and enhancements introduced in Active Directory as part of Windows Server 2012 release.

Domain Controller Promotion (DCPROMO)

A new and improved version of DCPROMO process is included as part of the Windows Server 2012. Active Directory Preparation (ADPREP) is part of the Domain Controller promotion process. However, a standalone version of ADPREP is available to manually upgrade schema. PowerShell cmdlet and scripts are integrated as part of the DCPROMO process. You should be able to save these scripts from the DCPRMO wizard screen for a future use.

Domain Controller Virtualization

Virtualization has a key role in technology these days. However, in the previous versions of Active Directory, snapshot backup or restore of a Domain Controller was not supported due to Update Sequence Number (USN) Rollback and USN Bubble issues. In Windows Server 2012, Microsoft has introduced a new mechanism to eliminate USN rollback issues. A new attribute called VM Generation ID (msDS-GenerationID) is introduced to detect the Active Directory database (DIT) changes between DCs. The VM Generation ID is a unique number for life of a Virtual Machine.

Domain Controller Cloning

Microsoft has introduced this new feature in Windows Server 2012 for rapid deployment of Domain Controllers in a virtualized environment. With this new technology you can make a copy of the existing virtual Domain Controller’s VHD and deploy it on to a virtualized environment. It also allows you exclude some of the installed application from the cloned image by modifying the configuration file. The Import option in Hyper-V can be used to deploy these cloned images in the new environment.

Recycle Bin

Microsoft has introduced Recycle Bin in Windows Server 2008 R2. However, the GUI option was not available. In Windows Server 2012, you will have a GUI based Active Directory Recycle Bin. It can be accessed from the Active Directory Administrative Center (ADAC) console. You will have an option to locate the parent object from the console itself.

Active Directory Based Activation Service

In Windows Server 2012 Active Directory, the domain joined clients can activate the Operating System through Active Directory Based Activation Service. Currently, it can support only Windows 8 and Windows Server 2012 servers.

Note: In Windows Server 2008 and 2008 R2, the offline defragmentation was part of the Install From Media (IFM) process. However, in Windows Server 2012, you will have an option to skip this process.

Performance

There is a significant performance improvement in Windows Server 2012. The Receive Segment Coalescing (RSC), Receive Side Scaling (RSS), Dynamic Virtual Machine Queue (dVMQ), Data Center Bridging (DCB), Remote Direct Memory Access (RDMA), Single Root I/O Virtualization (SR-IOV), IPSec Offload (IPsecTO) and Server Message Block (SMB) 3.0 are some of the new technologies that enhances the performance in Windows Server 2012. The details of these techologies are beyond the scope of this book. However, as an administrator you need to have a high level understanding of these technolgies and how it can benefit your business when using Windows Server 2012.

Internet Information Server (IIS) 8.0

An updated version of Internet Information Server (IIS), version 8.0 is introduced in Windows Server 2012 with many improvements and new features around security, scalability and administration. The new version is designed to support multi-tenant requirement and environment. With new CPU throttling option, the CPU consumption can be managed per application pool. The Dynamic IP address restriction and Server Name Indication (SNI) are some of the new security features you will see in Internet Information Server (IIS) 8.0

Cloud, Cloud, Cloud

I cannot conclude the introduction and new features section without talking about the native cloud technology support and its capabilities in Windows Server 2012. Microsoft has engineered Windows Server 2012 with a goal to support Private, Public or Hybrid cloud solutions. It provides a solid foundation for multi-tenant support, high availability, network traffic isolation, security and easy manageability. These features make Windows Server 2012 different from the other Operating Systems (OS) Microsoft has built. In Microsoft terms “Windows Server 2008 or Windows Server 2008 R2 is a great Operating System (OS) for a single server but Windows Server 2012 is great Operating System (OS) for lots of servers”.

When designing Cloud solution, you need to make sure the foundation can be dynamically extended on demand basics to meet your customer requirements and Server Level Agreements (SLAs). Windows Server 2012 provides on-demand extensible options for workload, network, storage and resiliency. These building blocks provide support for a cloud infrastructure. The features likes hyper-V networking, virtualization, NIC teaming, shared-nothing live migration, RDMA, SMB 3.0, Port ACLs, Cluster enhancements, massive stability, flexible administration options using System Center products etc. makes Windows Server 2012 a great foundation for could computing. In other words Windows Server 2012 is built from ground-up to support all building blocks of cloud computing.

Note: When talking about Cloud technology, you will hear “North–South” and “East-West” network traffic terminology slangs. The “North – South” traffic refers to the traffic coming in and going out from the data center. I call this as a “Vertical traffic”. The “East–West” traffic refers to the communication traffic between servers inside the data center. I call this as a “Horizontal traffic”. So if you are designing a clouding solution, you should consider how you can isolate the “Vertical” and “Horizontal” traffics to get better performance and security. Usually, you will see more “horizontal” traffic than “vertical” traffic.

What is Next?

The following topics and step-by-step instructions are included in the book:

· Windows Server 2012 Core and GUI installation and configuration

· Windows Server 2012 local and remote administration

· Windows Server 2012 Roles and Feature deployment

· Active Directory and domain controller migration

· Network Services (DNS and DHCP) migration

· Data and file server migration

· Printer and print server migration

· Hyper-V and virtual server migration

· Decommissioning old servers and domain controllers

This book currently available in all major stores.

PactPub – http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

Amazon – http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

Barnes & Nobile’s – http://www.barnesandnoble.com/s/?keyword=Instant+Migration+from+Windows+Server+2008+and+2008+R2+to+2012+How-to+%5BInstant%5D

Safari Books Online – http://my.safaribooksonline.com/9781849687447?cid=packt-cat-readnow-9781849687447

Migrating to Windows Server 2012 – Intro (Part 4)

noreply@blogger.com (Santhosh Sivarajan) — Thu, 28 Feb 2013 04:30:00 +0000

Introduction

Part 1 - Migrating to Windows Server 2012 – Intro (Part 1)

Part 2 - Migrating to Windows Server 2012 – Intro (Part 2)

Part 3 - Migrating to Windows Server 2012 – Intro (Part 3)

Part 4 - Migrating to Windows Server 2012 – Intro (Part 4)

Part 5 -

Infrastructure and Security

The infrastructure services such as DNS, DHCP, WINS etc. are the backbone of any Microsoft network. The native support for high availability, centralised management or regulatory compliance can provide a great value to any organization. In this version, you will see many enchantments in this arena to accommodate these customer requirements. The following section will provide an overview:

DHCP High Availability

Microsoft has introduced a true failover and loadbalacing solution for DHCP in Windows Server 2012. It sycnhronizes IP addresses and lease information between DHCP servers. There are two options available in Windows Server 2012 – Hot Standby and Load Sharing mode. In Hot Standby mode, the secondary server in the failover relationship will act as a standby server and will respond to the client queries only if the primary server is not available. In Load Sharing mode, both DHCP servers will be active and will respondto the client DHCP request is based on the load ratio configued on these severs.

In the above screenshot the default mode is Load Balance mode. In this mode, you can modify the Load Balance percentage parameter on the local and partner servers. In hot standby mode, you can select the reserved addresses for the standby server.

IP Address Management (IPAM)

IP Address Management (IPAM) provides a framework for a centralized managment and administration of IP address. During the configuration process, you can select either of the two provisioning options – Manual or Group Policy Object (GPO) based. In Manul option, you have to manually configure Security groups, Networkshare, Firewall shares etc on each managed servers. If you are using GPO based provisioning, you can deploy these settings through a GPO.

NIC Teaming

NIC Teaming is natively supported on Windows Server 2012. It doesn’t require any additional or third party software to enable NIC teaming in Windows Server 2012. It can support multiple vendor NICs and can support upto 32 NICs in a team.

Windows Software Update Service (WSUS)

Microsoft Windows Software Update Service (WSUS) is a new Role in Windows Server 2012. Unlike Windows Server 2008 or Windows Server 2008 R2, the software does not have to be installed separately.

Cluster Aware Updating (CAU)

This is one of the most awaited features. As an administrator, installing updates on cluster nodes can be a challenge. In Windows Server 2012, Microsoft has introduced a new feature called Cluster Aware Updating (CAU). It is a cluster aware service. During the update process, Cluster Aware Updating (CAU) process will move all services to an available cluster node, install the patches and restart the cluster nodes automatically as required.

Dynamic Access Control

It is a powerful security and compliance feature in Windows Server 2012. With this feature, you can define a centralized file access policy and apply this policy on to servers in an Active Directory domain. The file can be classified based on an attribute value or a tag. It can be fully automated (dynamically) based on these values. The Kerberos user and device claims are supported.

Active Directory Federation Services (ADFS)

The 2.1 version of Active Directory Federation Services (ADFS) is part of Windows Server 2012. You can add this Role using Server Manager. ADFS 2.1 supports Kerboros based claims and it can integrate with Windows Server 2012 Dynamic Access Control.

Group Managed Service Accounts (gMSA)

Microsoft has introduced a new concept called Group Managed Service Accounts (gMSA) in Windows Server 2012. The Managed Service Account (MSA) in Windows Server 2008 R2 is considered as a “standalone” account since it is tied to a single server. In other words, if you have multiple servers, you will have to create multiple Managed Service Accounts (MSA) in the Active Directory. This limitation has been removed by introducing the Group Managed Service Accounts (gMSA) concept in Windows Server 2012. The gMSA can support multiple servers.

File System and Storage

Like other technologies in Windows Server 2012, you will see some major changes in the file system technology also. The Storage Spaces and Resilient File System (ReFS) are the two key new features on Windows Server 2012. The following section gives you a high level overview of these features:

Storage Spaces and Pools

In Windows Server 2012, you can virtualize the physical disks into different containers. These containers are called Storage Pools. The virtual disks can be carved out from these storage pools without the need to administer each physical disk separately. More physical disks can be added to these storage pools at a later stage to support additional storage space.

Resilient File System (ReFS)

A new file system called Resilient File System (ReFS) is introduced in Windows Server 2012. This is not a replacement of the NTFS or any other file system. This new file system improves the performance and scalability by automatically fixing the data corruption errors. You will not be able to convert existing file system into ReFS.

Data Deduplication

The new Data Reduplication feature provides a native option to identify and reduce the duplicate data on a disk volume. You will see the Reduplication Rate details from Server Manager itself (File and Storage Service -> Volume).

What is Next?

The following topics and step-by-step instructions are included in the book:

· Windows Server 2012 Core and GUI installation and configuration

· Windows Server 2012 local and remote administration

· Windows Server 2012 Roles and Feature deployment

· Active Directory and domain controller migration

· Network Services (DNS and DHCP) migration

· Data and file server migration

· Printer and print server migration

· Hyper-V and virtual server migration

· Decommissioning old servers and domain controllers

This book currently available in all major stores.

PactPub – http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

Amazon – http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

Barnes & Nobile’s – http://www.barnesandnoble.com/s/?keyword=Instant+Migration+from+Windows+Server+2008+and+2008+R2+to+2012+How-to+%5BInstant%5D

Safari Books Online – http://my.safaribooksonline.com/9781849687447?cid=packt-cat-readnow-9781849687447

Migrating to Windows Server 2012 – Intro (Part 3)

noreply@blogger.com (Santhosh Sivarajan) — Tue, 19 Feb 2013 06:09:00 +0000

Introduction

Part 1 - Migrating to Windows Server 2012 – Intro (Part 1)

Part 2 - Migrating to Windows Server 2012 – Intro (Part 2)

Part 3 - Migrating to Windows Server 2012 – Intro (Part 3)

Part 4 - Migrating to Windows Server 2012 – Intro (Part 4)

Part 5 -

Virtualization and Hyper –V

As you know, virtualization and Hyper-V is not a new concept. However, in Windows Server 2012, Microsoft took these technologies to a new level to accommodate the modern IT needs. Here are some of the key new features in Windows Server 2012:

Security

Windows Server 2012 Hyper-V has a Layer-2 extensible network switch which handles the network between VMs, host and other networks. This provides a mechanism to isolate traffic, traffic prioritization, usage metering etc. As the name “extensible” means, you can write an API or plug-in to programmatically manage this. Keep in mind that it is a virtual Ethernet switch which runs in the hyper-v partition of the host server. The Private Virtual LAN (PVLAN), Port Access Control List (ACL) and MAC Spoofing support in Hyper-V can also be used to build a more secure and stable virtualized environment.

Live Migration

In Windows Server 2012, Microsoft has introduced a few new features - Share Nothing Live Migration, SMB Share Based Live Migration, Live Storage Migration etc to support live migration scenarios. By using the Share Nothing Live Migration, you can migrate virtual machines between two Hyper-V servers that do not share the same storage. This functionality will also allow you to migrate virtual machines between two standalone servers. The SMB Share Based Live Migration allows you to migrate virtual machines between servers while maintaining the data on a centralized shared SMB location. Also, the Live Storage Migration can be used to move or migrate storage between servers.

Hyper-V Replica

This is a new feature that provides a business continuity solution for hyper-v servers. With this feature, Hyper-V servers can asynchronously replicate the data over an IP network. These Hyper-v replicas support local and geographically dispersed hyper-v servers.

Guest Non-Uniform Memory Access

The Non-Uniform Memory Access (NUMA) is not a new concept. However, in Windows Server 2012, Microsoft has introduced a new concept called Guest Non-Uniform Memory Access (gNUMA) for virtual servers. The Guest NUMA topology is inside the Virtual Machines instead of the physical layer. So this can provide high performance by mapping the virtual CPUs from Hyper-V to the physical host machines. If required, you can manually change the NUMA nodes and topology.

Hyper-V Scalability - At a glance

The scalability has dramatically increased in Windows Server 2012. The following table provides you the support matrix:

No. Of Virtual Processors	64
No. of Logical Processors	320
Max Memory (Host)	4 TB
Max Memory (VM)	1 TB
No. of Cluster Per Server	64
No of VMs	4000

Note:

The new virtual hardware format-VHDX supports 64 TB per virtual disk.

A separate edition of Windows Server 2012 is available to support Hyper-V servers. It is called Microsoft Hyper-V Server 2012. It is a free download from Microsoft site. However, it does not include any guest licenses.

The Virtual Machine Converter can be used to convert VMware servers into Hyper-V format. It is a stand alone application and can convert the entire VM which includes disk, network, configuration, memory and processor details

What is Next?

The following topics and step-by-step instructions are included in the book:

· Windows Server 2012 Core and GUI installation and configuration

· Windows Server 2012 local and remote administration

· Windows Server 2012 Roles and Feature deployment

· Active Directory and domain controller migration

· Network Services (DNS and DHCP) migration

· Data and file server migration

· Printer and print server migration

· Hyper-V and virtual server migration

· Decommissioning old servers and domain controllers

This book currently available in all major stores.

PactPub – http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

Amazon – http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

Barnes & Nobile’s – http://www.barnesandnoble.com/s/?keyword=Instant+Migration+from+Windows+Server+2008+and+2008+R2+to+2012+How-to+%5BInstant%5D

Safari Books Online – http://my.safaribooksonline.com/9781849687447?cid=packt-cat-readnow-9781849687447

Migrating to Windows Server 2012 – Intro (Part 2)

noreply@blogger.com (Santhosh Sivarajan) — Mon, 11 Feb 2013 00:34:00 +0000

Introduction

Part 1 - Migrating to Windows Server 2012 – Intro (Part 1)

Part 2 - Migrating to Windows Server 2012 – Intro (Part 2)

Part 3 - Migrating to Windows Server 2012 – Intro (Part 3)

Part 4 - Migrating to Windows Server 2012 – Intro (Part 4)

Part 5 -

This was the Introduction, New Features and Enhancements section in my Migration from Windows Server 2008 and 2008 R2 to 2012 book. Because of some changes in the format and content of this book, we have decided not to include any introduction or new features section in this book. The focus of the book is to provide more hands-on and step-by-step instructions on migration. So I decided to add Introduction, New Features and Enhancements section in my blog in 5 different parts. You can read the rest of the sections in the book.

Administration

As an administrator, the key to efficiently and proactively manage servers is to use the right administration tool. With the new features and enhancements in Microsoft Windows Server 2012, now an administrator can achieve this by using the native administrative tools. The details of these new features are explained in the following sections:

Multi-Sever Administration

Unlike other Microsoft server Operating Systems (OS), the Server Manager included in the Windows Server 2012 provides remote and multi-server administration and management capabilities. The previous versions of the Server Manager, has the ability to manage only a single server from a management console at a given time. In Windows Server 2012, Microsoft has redesigned the entire Server Manager application to support more “standard-based” management capabilities. With this new Server Manager, you can manage, monitor and administer multiple servers concurrently from a single dashboard.

In the background, the new Server Manager uses standard Windows Management Instrumentation (WMI) and PowerShell cmlets to query and collect data from local and remote servers. By default, the new Server Manager collects data every 10 minutes. However, this threshold value can be customized from the Server Manger. You can also manually refresh the data from dashboard using the Refresh button which will trigger a polling operation. The new Server Manager has the potential to manage a very large number of servers simultaneously. However the drawback of this is that it would be challenging for an administrator to monitor the events and alerts coming for these server into a single console.

Roles and Features

You will see two new options when adding Roles or Features in Windows Server 2012 – Roles based or Feature based Installation and Remote Desktop Service Installation.

The new Server Manager is fully customizable based on your requirements and the roles or features installed on these servers. For example, you can create a group called Houston and add all servers from the Houston data center to display the events and alerts from that particular location or you can add types of servers based on Roles to see only alerts from these types of servers. You will see more details of this in the Administration of Windows Server 2012 section (Chapter #3) of this book.

Server Manager - At a glance

Here are some of the key highlights of the new Server Manager:

1. Can manage multiple severs by Groups, Names, Roles and Features.

2. Deploy Roles and Features from a single hyperlink. In Windows 2008 and Windows 2008 R2, while installing we had to identify whether it is a role or feature, but in Windows Server 2012, you will be able to select both Roles and Features from a single console and hyperlink.

3. Can manage Windows Server 2008 and Windows Server 2008 R2 but with limited functionalities. You won’t be able to add roles or features, collect performance data etc. In-order to access and manage remote servers that are running Windows Server 2008 or Windows Server 2008 R2, you need to install the Windows Management Framework Targeted Release (WTR) on these servers.

4. Ability to deploy Roles and Features to remote servers and offline virtual disks.

Note: A 64 and 32 bit version of Remote Server Administration Tool (RSAT) is available for Windows 8.

There is no Remote Server Administration Tool (RSAT) tool for Windows 7. You have to use Windows 8 or Windows Server 2012.

You cannot install Server Manager on Server 2012 Core. However, you can manage Sever 2012 Core from Server Manager

ISO Support

The International Organization for Standardization (ISO) file formats are natively supported in Windows Server 2012. As you can see in the following screenshot, you can right click an ISO image and mount it as an image file without any additional tools. It is part of the Operating System.

PowerShell

In Windows Server 2012, Microsoft has introduced the next version of PowerShell – PowerShell 3.0. PowerShell 3.0 includes a total of 2300 cmdlets, 260 core cmdlets and 239 modules. These additional and improved PowerShell cmdlets provides more efficiency and automation to manage servers locally and remotely in an enterprise.

In a nutshell, Windows Server 2012 and PowerShell 3.0 offers the following out-of-the box capabilities:

1. Easy and automated administration

2. Scheduled job creation

3. Workflow capabilities

4. Disconnect and reconnect remote sessions

5. New PowerShell Integrated Scripting Environment (ISE)

6. IntelliSense support

7. Snippets support

8. PowerShell history viewer

9. Help file on-demand

10. Windows PowerShell Web Access

11. Show Command Window

PowerShell Integrated Scripting Environment (ISE)

By default, PowerShell and PowerShell Integrated Scripting Environment (ISE) are installed on any version of Windows Server 2012. The new PowerShell Integrated Scripting Environment (ISE) is equipped with IntelliSense and Snippets support to provide full development platform and experience for administrators.

IntelliSense

IntelliSense is an auto completion feature by Microsoft. Most of the programmers are familiar with this feature in the development platform. However, this is the first time Microsoft is integrating this feature into PowerShell Integrated Scripting Environment (ISE). Now you don’t feel like PowerShell is just about commands and command line options.

In the following screenshot, you can see an example of IntelliSense support:

Snippets

This term is popular in the development world. However, this is also new in PowerShell Integrated Scripting Environment (ISE) on Windows Server 2012. Snippet provides sample codes and syntax details inside a development environment. The following screenshot depicts an example of a Snippet code:

You will also see a new Command Window on the right pane. By default, this displays all available modules. From this window, you can search a cmdlet or module to get more information.

PowerShell Web Access

The PowerShell Web Access is a new feature in Windows Server 2012. This provides a PowerShell gateway service to remote servers. As the name sounds, this is a web based Windows console and it doesn’t require PowerShell or any plug-ins on the local computer. The remote machines can be managed from a web browser.

As you can see in the above screenshot (in the Optional Connection Settings), delegation of administration (or alternate credentials) is supported in PowerShell web access. You can use one account for the Gateway access and another account for the actual destination server access.

Note: Even though Server 2012 is shipped with PowerShell 3.0, you can add Windows PowerShell 2.0 as an additional feature for backward compatibility.

You can install PowerShell Add-Ons to enhance the administration and automation process with PowerShell ISE. These Add-Ons can be downloaded from the Microsoft site.

What is Next?

The following topics and step-by-step instructions are included in the book:

· Windows Server 2012 Core and GUI installation and configuration

· Windows Server 2012 local and remote administration

· Windows Server 2012 Roles and Feature deployment

· Active Directory and domain controller migration

· Network Services (DNS and DHCP) migration

· Data and file server migration

· Printer and print server migration

· Hyper-V and virtual server migration

· Decommissioning old servers and domain controllers

This book currently available in all major stores.

PactPub – http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

Amazon – http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

Barnes & Nobile’s – http://www.barnesandnoble.com/s/?keyword=Instant+Migration+from+Windows+Server+2008+and+2008+R2+to+2012+How-to+%5BInstant%5D

Safari Books Online – http://my.safaribooksonline.com/9781849687447?cid=packt-cat-readnow-9781849687447

Migrating to Windows Server 2012 – Intro (Part 1)

noreply@blogger.com (Santhosh Sivarajan) — Thu, 07 Feb 2013 04:14:00 +0000

Introduction

Part 1 - Migrating to Windows Server 2012 – Intro (Part 1)

Part 2 - Migrating to Windows Server 2012 – Intro (Part 2)

Part 3 - Migrating to Windows Server 2012 – Intro (Part 3)

Part 4 - Migrating to Windows Server 2012 – Intro (Part 4)

Part 5 -

“The” User Interface (UI)

When talking about new features, we have to start with one of the most debated feature – the new User Interface (UI). This will be the “new start menu” in Windows Server 2012. This new interface is called Metro style interface. Metro is a Microsoft code name for content and typography based language. It is developed by Microsoft and was first widely used in Windows 7 phones. As you might know, Typography is not a new concept. We have seen these types of directions and instructions everywhere especially at the airports.

Start Screen

After the initial installation of Windows Server 2012 with GUI option (these installation option details are explained in the later chapters of this book) , you will see eight tiles on the Start Screen– Server Manager, Windows PowerShell, Administrative Tools, Computer, Task Manger, Control Panel, Internet Explorer and Desktop. More tiles will be automatically added based on roles, features and tools installed on the local server. In other words each tile represents each role, features or application on the local computer. The “tile” approach is a great way to visually identify (typographically) the required programs from a server instead of navigating through the menu buttons and program files. However, keep in mind that, if the desktop gets too crowded with these tiles, it will become difficult to identify the required administrative “tiles”. When more tiles are added, you can scroll the screen to left or right based on your requirement. Of course you will have the option to Pin or Unpin these tasks into the desktop as required. You will also see “Run as different User” option from the start window itself.

Note: You won’t be able to enable (even through registry changes) old Start menu option in Server 2012. Metro Style UI is the standard and default interface for Windows Server 2012. So get familiarized with this interface!

Operating System

Windows Server 2012 is only available in 64 bit version. The installation options are limited to the following two levels:

Server Core – Server Core is considered as the default installation for Windows Server 2012. You can use RSAT for remote server administration and management. Managing these servers using PowerShell is also supported.
Server with a GUI - The “Server with a GUI” option can be compared to the full installation option available in Windows Server 2008 R2. However, you will notice that some of the features like Directory Service (DS) commands are not available as part of the Operating System in Windows Server 2012.

Note: Server Core can reduce up to 50% patches compared to a server with a GUI.

Configuration Levels

A major change in Windows Server 2012 is that you can choose different “configuration levels” when installing OS or you can modify these levels after the installation. Unlike Windows 2008 and Windows 2008 R2, now you have an option to convert Full Server to Server Core and vice versa. As you might know, in Windows Server 2008 or Windows Server 2008 R2, your only option is to re-install the entire Operating system. However, in Windows server 2012 the Operating System consists of three layers – Core, Core+Full Server and Core+Full Server +GUI. You can add or remove these layers to customize your installation into your desired state. In other words, you can achieve all these without reinstalling the entire Operating System.

In Windows server 2012, Microsoft has introduced three new features – Graphical Management tools and infrastructure, Server Graphical Shell and Desktop Experience. When you add or remove these features to a server core installation, you will get the desired result as shown the following diagram:

For example, if you remove the Server Graphical Shell, you will get Minimal Server Interface version of Windows Server 2012. This is similar to a Server with a GUI installation, but Internet Explorer 10, Windows Explorer, the desktop, and the Start screen will not be available. Then Microsoft Management Console (MMC), Server Manager, and a subset of Control Panel will be available. The Desktop Experience feature includes Desktop Themes, Windows Media Player, Photo Management etc. Windows PowerShell is part of all versions of Windows Server 2012. You can read more about Converting from Core version to GUI and vice versa in the installation and configuration section of this book.

Features on demand

In Windows Server 2012, you can customize the installation by removing the installation binaries from the hard drive (Disabled with payload removed) or by installing the required features or roles on the server (“features on demand”). When installing these features you have an option to select the local or remote media, Windows image file (WIM) or Windows Update service as the source file.

Note: Unlike Windows Server 2008 or Windows Server 2008, Directory Service (DS) commands are not part of Windows Server 2012 Operating System.

What is Next?

The following topics and step-by-step instructions are included in the book:

· Windows Server 2012 Core and GUI installation and configuration

· Windows Server 2012 local and remote administration

· Windows Server 2012 Roles and Feature deployment

· Active Directory and domain controller migration

· Network Services (DNS and DHCP) migration

· Data and file server migration

· Printer and print server migration

· Hyper-V and virtual server migration

· Decommissioning old servers and domain controllers

This book currently available in all major stores.

PactPub – http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

Amazon – http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

Barnes & Nobile’s – http://www.barnesandnoble.com/s/?keyword=Instant+Migration+from+Windows+Server+2008+and+2008+R2+to+2012+How-to+%5BInstant%5D

Safari Books Online – http://my.safaribooksonline.com/9781849687447?cid=packt-cat-readnow-9781849687447

Mailbox Migration - MAPI_E_FAILONEPROVIDER / Invalid Data

noreply@blogger.com (Santhosh Sivarajan) — Tue, 29 Jan 2013 17:03:00 +0000

Mailbox migrations can be challenging and interesting I ran into an issue this morning with one mailbox using Quest Migration Manager. Quest Mail Target Agent (MTA) was failing with our “favorite” MAPI_E_FAILONEPROVIDER error.

1/29/2013 5:16:19 PM CSession::Logon Error -2147221219 You do not have permission to log on. - MAPI_E_FAILONEPROVIDER (Microsoft Exchange Server Information Store) Low level error: 0x0 File: 'aeWrapHelpers.h' Line: '279'

1/29/2013 5:16:19 PM MailKernel::Connect Informational 2079 Synchronization status: Object XXXXXXXXXXXXXXXXXXXXXX synchronization was not started due to connection errors.

When I open the properties of this mailbox in Exchange 2010 side, I was getting the following error message:

I found some detailed error message by going through the properties of this mailbox. In my case it was due the value of Delivery Restriction property in Exchange 2010.

The 30 GB Sending message size!!! (don’t ask me why ) was configured in the source mailbox.

QMM tries to populate this value during the Quest directory sync. It was failing due to the size limitation in the target Exchange 2010 environment.

Exchange Server 2010 Rollup - Could not be installed. Error code 1603

noreply@blogger.com (Santhosh Sivarajan) — Fri, 04 Jan 2013 22:13:00 +0000

Product: Microsoft Exchange Server - Update 'Update Rollup 3 for Exchange Server 2010 Service Pack 2 (KB2685289) 14.2.309.2' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

A typical error message . I couldn’t find any information in the log file. However, the solution was an easy one! Run the install package as an Administrator or open a Command Prompt using Admin credentials and run the MSP package. I was getting the same error message on all Rollup packages.

Search Active Directory and Generate Distribution List Membership Details–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Thu, 03 Jan 2013 04:43:00 +0000

Update 3/10/2013: Updated with Distribution List sAMAccoutType values 268435457 and 536870913.

Group

sAMAccountType

Universal (DL)

268435457

Universal (Security)

268435456

Global (DL)

268435457

Global (Security)

268435456

Domain Local (DL)

536870913

Domain Local (Security)

536870912

This PowerShell V 1.0 script can be used to generate Distribution List membership details using distinguishedName of the user as an input. It searches Active Directory for user group membership (memberof) first, then verifies the Group type using sAMAccoutType value. The sAMAccoutType value for Distribution List are 268435457 and 536870913 . You can change this value to 268435456 for Security Groups.

I have used the same logic in one of my previous scripts - List Group Members in Active Directory–PowerShell Script. However, in this script, the challenge was to use User information as the input.

Script

Output – As shown in the screenshot, you will see the output in the console itself in the following format:

Input file – Ulist.csv - Contains user distinguishedName. This file must have a header called UserDN.

Output file – DLs.csv – The output file contains user sAMAccoutType and DL’s distinguishedName in the following format:

Download – You can download this script from the following locations:

Code:

# www.sivarajan.com
# Author - Santhosh Sivarajan
#
Clear
$DLValue1 = "268435457"
$DLValue2 = "536870913"
$DL_Output = New-Item -type file -force "C:\Scripts\DL_WAX_Output_0311.csv"
Import-CSV "C:\Scripts\DN_Input.csv" | ForEach-Object {
$UDN = $_.UserDN
$FName = [ADSI] "LDAP://$UDN"
$Usam = $FName.samaccountname
Write-host "Searching AD User Account -> $Usam"
$FName.samaccountname | Out-File $DL_Output -encoding ASCII -append
    foreach ($member in $FName.memberof)
        {
            $Gname = new-object directoryservices.directoryentry("LDAP://$member")
            $Gtype = $Gname.sAMAccountType
                If($Gtype -eq $DLValue1)
                    {
                    $GDN = $Gname.distinguishedName
                    Write-host "`tMember of $GDN Distribution Group" -foregroundcolor Green
                    $Gname.distinguishedName | Out-File $DL_Output -encoding ASCII -append
                    }
        elseif ($Gtype -eq $DLValue2)
            {
            $GDN = $Gname.distinguishedName
                        Write-host "`tMember of $GDN Distribution Group" -foregroundcolor Green
                        $Gname.distinguishedName | Out-File $DL_Output -encoding ASCII -append
                        }
        }
        Write-host ""
}

___________________________________________________________________________________________

Migrating from Windows Server 2008 or Windows Server 2008 R2 to Windows Sever 2012?

Paperback - http://www.amazon.com/dp/1849687447/?tag=packtpubli-20

eBook - http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

___________________________________________________________________________________________

Microsoft Most Valuable Professional (MVP) Award For The 3rd Year!!!

noreply@blogger.com (Santhosh Sivarajan) — Tue, 01 Jan 2013 19:25:00 +0000

3^rd time in a row – received the award notification this morning from Microsoft. Perfect start to my 2013.

My Book on Windows Server 2012

noreply@blogger.com (Santhosh Sivarajan) — Tue, 04 Dec 2012 21:01:00 +0000

My book on Windows Server 2012 is available for pre-order now!

http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

What you will learn from this book

Install and configure the Windows Server 2012
Install and configure Windows Server 2012 and upgrade Active Directory
Learn the administration of Windows Server 2012
Master Active Directory Migration, DNS Migration, and DHCP Migration
Walks you through different migration scenarios based on the author’s own experience, providing a step-by-step guide to solving real-world business problems
Follow step-by-step instructions on data and file server migration
Learn about printer and print server migration
Discover how to implement Hyper-V migration
Explore Infrastructure services (DNS, DHPC, and so on) and File and Printer server migration scenarios
Decommission old servers and convert your environment into the Windows Server 2012 native environment

http://www.packtpub.com/migrating-from-2008-and-2008-r2-to-windows-server-2012/book

Update an Attribute Value in Active Directory–PowerShell Script

noreply@blogger.com (Santhosh Sivarajan) — Mon, 29 Oct 2012 18:45:00 +0000

Here is a PowerShell (Version 1) script which you can use to update an attribute value in Active Directory. In this example, I am updating altSecurityIdentities attribute with Exclude value.

Clear
$N = 0
$migValue = "Exclude"
Import-CSV C:\Scripts\input.csv | % {
#input.csv contains sAMAccountName. Header must be UserName
    $UserN = $_.UserName
    $ObjFilter = "(&(objectCategory=person)(objectCategory=User)(samaccountname=$UserN))"
    $objSearch = New-Object System.DirectoryServices.DirectorySearcher
    $objSearch.PageSize = 15000
    $objSearch.Filter = $ObjFilter
    $objSearch.SearchRoot = LDAP://dc=sivarajan,dc=com
    $AllObj = $objSearch.findOne()
    $user = [ADSI] $AllObj.path
    Write-host -NoNewLine "Updating...."
    $user
    $user.psbase.invokeSet("altSecurityIdentities",$migValue)
    $user.setinfo()
    Write-host "Done!"
    $N ++
    }

Write-host "Udpated $N User Account(s)"

Input.csv – contains all sAMAccountName as shown in the following screenshot:

FYI – You can also use AD PowerShell module to achieve the same result.

Quest Migration Manager EMWProf – MAPI_E_USER_CANCEL 0X80040113

noreply@blogger.com (Santhosh Sivarajan) — Thu, 19 Jul 2012 17:25:00 +0000

This error message was little misleading!

[Error] Cannot open default message store.

MAPI error.

Error code: 0x80040113

Description: MAPI_E_USER_CANCEL

Stack:

Function Address: 004e7801

Function Address: 00456a5e

Function Address: 0046bcb3

Function Address: 0046a6dc

Function Address: 0042b42c

Function Address: 0042b7e6

Function Address: 0047981b

Function Address: 005e5fdf

Function Address: 7c817077

Resolution

According to all Quest documents, this error is due name resolution issues. In my case, it was “technically” true. However, the actual issues wasn’t related to a “pure” NetBIOS or FQND name resolution. I had the same computer object (same name) in the target domain. So the workstation or EMWProf wasn't getting the correct source Exchange information. It was resolving to an object in the target domain instead of the source Exchange server. I deleted the duplicate computer name in target domain and everything started working!

Active Directory: Active Directory Upgrade – French Version

noreply@blogger.com (Santhosh Sivarajan) — Mon, 23 Apr 2012 15:15:00 +0000

Yagmoth555, has translated my “Active Directory Upgrade – High Level Steps” Microsoft WiKi article into French. Thanks Philippe. Now you can read this article in different languages !!!

English Version - Active Directory: Active Directory Upgrade - High Level Steps

French Version - Mise a jour d'Active Directory - Étapes sommaire (fr-FR)

Italian Version - Panoramica di alto livello per l'upgrade di Active Directory (it-IT)

Active Directory: Active Directory Upgrade – Italian Version

noreply@blogger.com (Santhosh Sivarajan) — Wed, 28 Mar 2012 19:20:00 +0000

Fabrizio Volpe, a fellow MVP, has translated my “Active Directory Upgrade – High Level Steps” Microsoft WiKi article into Italian. Thanks Fabrizo. Now you can read this article in both languages

English Version - Active Directory: Active Directory Upgrade - High Level Steps

Italian Version - Panoramica di alto livello per l'upgrade di Active Directory (it-IT)

Active Directory Mixed Mode and Built-in Groups

noreply@blogger.com (Santhosh Sivarajan) — Wed, 14 Mar 2012 19:07:00 +0000

Issue

If you are running your Active Directory in Mixed mode and FSMO roles are on the Windows 2000 or Windows 2003 DC, you won’t be able to see the following built-in groups:

Event Log Readers
Cryptographic Operators
IIS_IUSERS
Certificate Service DCOM Access

Some of these groups have introduced with Windows 2008 and some these groups have changed name. For example, Certificate Service DCOM Access serves the same purpose as CERTSVC_DCOM_ACCESS in Windows 2003.

However, if you are running Active Directory in Windows 2000/2003 and Windows 2008 mixed mode and your PDC Emulator FSMO roles is not on the Windows 2008 DC, you won’t be able to see these groups. You need to transfer the PDC Emulator FSMO role to windows 2008/Windows 2008 R2 DC (or newest OS) to resolve this issue.

Update - Wednesday, July 25, 2012 9:50 PM

I received the following email from Chris regarding this topic. I thought I would share it with you.

From: Christoffer Andersson
Sent: Wednesday, July 25, 2012 9:50 PM
To: Santhosh Sivarajan
Subject: Active Directory - Built-In Groups

Just came across your article: http://portal.sivarajan.com/2012/03/active-directory-mixed-mode-and-built.html

Just wanted to share that: This can be accomplished without moving/transferring the PDC to a DSA running the latest bits: (This is how MS deal with the presence of the required RODC* groups even if the PDC isn’t running Win2k8 or above)
http://msdn.microsoft.com/en-us/library/dd240061(v=prot.13).aspx

The state that “runSamUpgradeTasks” are stored in sam-domain-updates, haven’t really got time to decode the values yet, but lower it allows re-creation of built in groups.

Modifying the “wellKnownOtherObjects” attribute on the SamServer object at the PDC (1. WIN2K DC) to contain “B:32: 6ACDD74F3F314AE396F62BBE6B2DB961:<X>” where <X> is the NTDS Settings object of (3. WIN2K3 DC), calling “runSamUpgradeTasks” will cause new groups defined in the Windows Server 2003 release to be created in the domain without moving off the PDC role from the (1. WIN2K DC)

Enfo Zipper

Christoffer Andersson – Principal Advisor

ADMT – “ ERR3:7194 Could not open input file C:\Program Files\OnePointDomainAgent ” Issue

noreply@blogger.com (Santhosh Sivarajan) — Thu, 08 Mar 2012 20:02:00 +0000

Issue

Active Directory Migration Tool (ADMT) Security Translation Process failed with the following error message in the ADMT log file:

ERR3:7194 Could not open input file C:\Program Files\OnePointDomainAgent\AccountsXXXXX.txt

Cause

This is most likely due to a corrupted ADMT agent (OnePointdomainAgent) installation.

Resolution

Uninstall and reinstall the ADMT agent (OnePointdomainAgent). If you can’t uninstall from the console or control panel, you need to perform a manual removal process.

You can use SC command to delete the agent if needed – SC Delete "OnePointdomainAgent"

Also, make sure the HKLM\Software\Microsoft\ADMT registry key and c:\windows\ADMT Directory are not present after the agent removal.

Top 10 Scripts in Microsoft Script Repository

noreply@blogger.com (Santhosh Sivarajan) — Wed, 11 Jan 2012 17:23:00 +0000

Microsoft Scripting Guy has announced the top 10 scripts in the Microsoft Script Gallery. My script - List Group Members in Active Directory has ranked #8 on the list..Woo hoo

At number eight, we have the List Group Members in Active Directory script written by Microsoft Directory Services MVP, Santhosh Sivarajan. This excellent script had a great following in 2011.
Santhosh's blog: Santhosh Sivarajan's Blog

You can read the complete reports on the following website:

http://blogs.technet.com/b/heyscriptingguy/archive/2012/01/02/find-the-top-ten-scripts-submitted-to-the-script-repository.aspx?utm_source=twitterfeed&utm_medium=twitter

Microsoft Most Valuable Professional (MVP) Award

noreply@blogger.com (Santhosh Sivarajan) — Sun, 01 Jan 2012 17:24:00 +0000

Microsoft Most Valuable Professional (MVP) Award – Directory Services

Perfect start to my 2012. Received the Microsoft Most Valuable Professional (MVP) award for the 2^nd time.

Received the email this morning.

Dear Santhosh Sivarajan,

Congratulations! We are pleased to present you with the 2012 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Directory Services technical communities during the past year.
Also in this email:

About your MVP Award Gift

How to claim your award benefits

Your MVP Identification Number

MVP Award Program Code of Conduct

The Microsoft MVP Award provides us the unique opportunity to celebrate and honor your significant contributions and say "Thank you for your technical leadership."

Nestor Portillo
Director
Community & Online Support

MVP Award News

Business Journal - http://www.bizjournals.com/houston/potmsearch/detail/submission/479181

Indo American News - http://www.indoamerican-news.com/?p=5487

Voice Of Asia - http://voiceofasiaonline.com/ShowArticle.aspx?ID=1337

Indus Business Journal - http://www.indusbusinessjournal.com/ME2/dirmod.asp?sid=&nm=&type=Publishing&mod=Publications%3A%3AArticle&mid=8F3A7027421841978F18BE895F87F791&tier=4&id=75AF58F24C4640F491DE5B3AEA3A4775

India West - http://www.indiawest.com/news/3435-santhosh-sivarajan-receives-microsoft-mvp-award.html

Sugarland Magazine - http://www.sugarlandmagazine.com/blog/sugar-land-resident-receives-microsoft-mvp-award

2011 Microsoft MVP Award News - http://portal.sivarajan.com/2011/01/microsoft-most-valuable-professional.html

Microsoft Component Architecture Posters (Updated)

noreply@blogger.com (Santhosh Sivarajan) — Tue, 06 Dec 2011 18:22:00 +0000

Update 3/13/2012 – Updated with Windows 8 Posters

Windows ~~Server 8~~ Server 2012

Windows Server “8” Beta Hyper-V Component Architecture Poster - http://www.microsoft.com/download/en/details.aspx?id=29189

Update 12/6/2011 12:21 PM – I have added a few more Component Architecture Posters to one of my old blogs - http://portal.sivarajan.com/2010/07/microsoft-component-architecture-poster.html

The Component Architecture Poster provides a visual reference for understanding the key services and technologies. The following are the collection of these Microsoft Component Architecture posters:

Windows Server

Windows Server 2008 Active Directory - http://www.microsoft.com/download/en/details.aspx?id=17881

Windows Server 2008 Feature Components - http://www.microsoft.com/download/en/details.aspx?id=17881

Windows Server 2008 R2 Feature - http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=7002

Windows Server 2008 R2 - Remote Desktop Services - http://www.microsoft.com/download/en/details.aspx?id=3262

Windows Server 2008 R2 - Hyper-V - http://www.microsoft.com/download/en/details.aspx?id=3501

Exchange

Exchange Server 2010 Architecture - http://www.microsoft.com/download/en/details.aspx?id=5764

Exchange Server 2010 Transport Server Role - http://www.microsoft.com/download/en/details.aspx?id=21987

Exchange Server 2007 Architecture- http://www.microsoft.com/download/en/details.aspx?id=4006

Exchange Server 2007 Transport Server Role - http://www.microsoft.com/download/en/details.aspx?id=13117

Lync Server

Lync Server 2010 Protocol Workloads - http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=6797

SharePoint

Design Sample: Corporate Portal with Classic Authentication

Visio (http://go.microsoft.com/fwlink/?LinkId=196969)

PDF (http://go.microsoft.com/fwlink/?LinkId=196970)

XPS (http://go.microsoft.com/fwlink/?LinkId=196971)

Design Sample: Corporate Portal with Claims-based Authentication

Visio (http://go.microsoft.com/fwlink/?LinkId=196972)

PDF (http://go.microsoft.com/fwlink/?LinkId=196973)

XPS (http://go.microsoft.com/fwlink/?LinkId=196974)

SharePoint 2010 Products Deployment

Visio (http://go.microsoft.com/fwlink/?LinkId=183024)

PDF (http://go.microsoft.com/fwlink/?LinkId=183025)

XPS (http://go.microsoft.com/fwlink/?LinkId=183026)

Services in SharePoint 2010 Products

Visio (http://go.microsoft.com/fwlink/?LinkID=167090)

PDF (http://go.microsoft.com/fwlink/?LinkID=167092)

XPS (http://go.microsoft.com/fwlink/?LinkID=167091)

Cross-farm Services in SharePoint 2010 Products

Visio (http://go.microsoft.com/fwlink/?LinkID=167093)

PDF (http://go.microsoft.com/fwlink/?LinkID=167095)

XPS (http://go.microsoft.com/fwlink/?LinkID=167094)

Topologies for SharePoint Server 2010

Visio (http://go.microsoft.com/fwlink/?LinkID=167087)

PDF (http://go.microsoft.com/fwlink/?LinkID=167089)

XPS (http://go.microsoft.com/fwlink/?LinkID=167088)

Extranet Topologies for SharePoint 2010 Products

Visio (http://go.microsoft.com/fwlink/?LinkId=187987)

PDF (http://go.microsoft.com/fwlink/?LinkId=187988)

XPS (http://go.microsoft.com/fwlink/?LinkId=187986)

Hosting Environments in SharePoint 2010 Products

Visio (http://go.microsoft.com/fwlink/?LinkID=167084)

PDF (http://go.microsoft.com/fwlink/?LinkID=167086)

XPS (http://go.microsoft.com/fwlink/?LinkID=167085)

Search Technologies for SharePoint 2010 Products

Visio (http://go.microsoft.com/fwlink/?LinkID=167731)

PDF (http://go.microsoft.com/fwlink/?LinkID=167733)

XPS (http://go.microsoft.com/fwlink/?LinkID=167732)

Search Environment Planning for Microsoft SharePoint Server 2010

Visio (http://go.microsoft.com/fwlink/?LinkID=167734)

PDF (http://go.microsoft.com/fwlink/?LinkID=167736)

XPS (http://go.microsoft.com/fwlink/?LinkID=167735)

Search Architectures for Microsoft SharePoint Server 2010

Visio (http://go.microsoft.com/fwlink/?LinkID=167737)

PDF (http://go.microsoft.com/fwlink/?LinkID=167739)

XPS (http://go.microsoft.com/fwlink/?LinkID=167738)

Design Search Architectures for Microsoft SharePoint Server 2010

Visio (http://go.microsoft.com/fwlink/?LinkID=167740)

PDF (http://go.microsoft.com/fwlink/?LinkID=167742)

XPS (http://go.microsoft.com/fwlink/?LinkID=167741)

Business Connectivity Services Model

Visio (http://go.microsoft.com/fwlink/?LinkId=165565)

PDF (http://go.microsoft.com/fwlink/?LinkID=165566)

XPS (http://go.microsoft.com/fwlink/?LinkId=165571)

Content Deployment in SharePoint Server 2010

Visio (http://go.microsoft.com/fwlink/?LinkID=179391&clcid=0x409)

PDF (http://go.microsoft.com/fwlink/?LinkID=179523&clcid=0x409)

XPS (http://go.microsoft.com/fwlink/?LinkID=179524&clcid=0x409)

Microsoft SharePoint Server 2010 Upgrade Planning

Visio (http://go.microsoft.com/fwlink/?LinkId=167098)

PDF (http://go.microsoft.com/fwlink/?LinkId=167099)

XPS (http://go.microsoft.com/fwlink/?LinkId=167100)

Microsoft SharePoint Server 2010 Upgrade Approaches

Visio (http://go.microsoft.com/fwlink/?LinkId=167101)

PDF (http://go.microsoft.com/fwlink/?LinkId=167102)

XPS (http://go.microsoft.com/fwlink/?LinkId=167103)

Microsoft SharePoint Server 2010 — Test Your Upgrade Process

Visio (http://go.microsoft.com/fwlink/?LinkId=167104)

PDF (http://go.microsoft.com/fwlink/?LinkId=167105)

XPS (http://go.microsoft.com/fwlink/?LinkId=167106)

Microsoft SharePoint Server 2010 — Services Upgrade

Visio (http://go.microsoft.com/fwlink/?LinkId=167107)

PDF (http://go.microsoft.com/fwlink/?LinkId=167108)

XPS (http://go.microsoft.com/fwlink/?LinkId=167109)

Microsoft SharePoint Server 2010 — Upgrading Parent and Child Farms

Visio (http://go.microsoft.com/fwlink/?LinkId=190984)

PDF (http://go.microsoft.com/fwlink/?LinkId=190985)

XPS (http://go.microsoft.com/fwlink/?LinkId=190986)

Getting started with business intelligence in SharePoint Server 2010

Visio (http://go.microsoft.com/fwlink/?LinkId=167082)

PDF (http://go.microsoft.com/fwlink/?LinkId=167170)

XPS (http://go.microsoft.com/fwlink/?LinkId=167171)

Databases That Support SharePoint 2010 Products

Visio (http://go.microsoft.com/fwlink/?LinkId=187970)

PDF (http://go.microsoft.com/fwlink/?LinkId=187969)

XPS (http://go.microsoft.com/fwlink/?LinkId=187971)

SharePoint 2010 Products: Virtualization Process

Visio (http://go.microsoft.com/fwlink/?LinkId=195021)

PDF (http://go.microsoft.com/fwlink/?LinkId=195022)

XPS (http://go.microsoft.com/fwlink/?LinkId=195023)

Group	sAMAccountType
Universal (DL)	268435457
Universal (Security)	268435456
Global (DL)	268435457
Global (Security)	268435456
Domain Local (DL)	536870913
Domain Local (Security)	536870912