Scenario 001 – You have a remote user who says they are not able to connect to the VPN. Claims that their password may have expired.

So you come in Monday morning and you get a phone call from your Director of Sales who says he is unable to log into the VPN. He is on the road all week in Canada and is not able to have you remote in to see what is going on. He has 30 minutes to prep for a very important meeting and he left his powerpoint deck on his H: Drive. He also tells you that he thinks he saw a message telling him that he needed to reset his password for the last two weeks but he just forgot to do it.

How can you find out what  is going on with his account?
Since we are working with a Microsoft AD environment there are hundreds (if not thousands) of ways to find your answer. One of my favorite ways to see what is going on with a AD account is by using NET USER “Username” /DOMAIN
This command will give you every piece of information about the user account that you could want including:
  •  AD Group Memberships
  • Last time the Password was reset
  • When is the next time it can be reset.
Next time you have a chance to play with your AD Domain try familiarizing yourself with this Command as it may help you in the future. 

Install Exchange 2013 SP1

I don’t know about you but I really like where Microsoft is going with their installers these days. Back when I first stated in the field and had to install Exchange 2007 there were so many prerequisites that needed to be installed before you could even start to do the installation. They have now made it to where the system will at least tell you which items you need to install rather than send you on a wild goose chase. 
I started this particular post as documentation notes for an Exchange Server that I stood up in my Lab at work. Originally it was not meant to be a functioning Exchange server but as time went on it evolved into one. 
I am going to skip all of the previous steps about how to setup and configure your Server installation. However if you need instructions on that you can find it here:
How to build a Server 2012 R2 Server
We start with having the installation files mounted to the CD/DVD Drive.
Double Click on the blue Exchange 2013 Icon to launch the Wizard.

Of course if you at User Account Control (UAC) enabled you are going to get this message. Click Yes to continue.

Checking for Updates is optional but I always like to make sure that I am working with the latest version of the software to avoid issues (unless there is a known issue).

Once the updates check is complete you can click Next to continue.

Now you just need to be patient until the files are copied to the proper working directory or install directory. Once that completes you then have to wait while the setup is initialized.

Once all of that is done you can begin the installation by clicking Next.

Accept the licensing agreement and click Next.

You will now be presented with the option to use or not use recommended settings. For this server I went with recommended. Click Next to continue.

You will now get to choose your Server Roll Selections. The most common roles for the kind of server that I am working with here would be Mailbox role, Client Access role (not sure why they are not checked off in this image.) Click Next to Continue. 

Here you can decide what directory you would like to install the Exchange application. This also includes the default mailbox stores. Click Next to continue.

Next you have the opportunity to name your organization. You are only able to do this once and you are only presented with this screen if you do not have exchange running in your environment at all. Click Next to continue. 

If you so choose you can enable Malware protection setting which allows Exchange to scan for Malware in your emails. For me I chose no as we have other products we use for that, and this server is not accessible from the internet for email. Click Next to Continue. 

Now with all of those configurations behind you, it is now time for the readiness check. Click Install to begin. 

Once the readiness check is complete you may be presented with items that need to be resolved before you can continue. Once you have them all taken care of you can

As you can see all of the issue have now been resolved and you can now click Install to continue. 

Once you click install the setup pretty much runs unattended until it completes. If you do what I did and go out to lunch instead of taking more screenshots you may just skip all the waiting and see my next screenshot.

As you can see the installation completed and you are now ready to launch the Exchange Admin Center by clicking the check box and clicking finish.

Once you click Finish on the previous Screen Internet Explorer (or your default web browser is opened) and you are now able to log in.

Please let me know if you found this helpful in the comments below. This was a rather large guide and I paired down a few things to keep it where it is.

Windows Update error 0x80243004…..

While performing routine server maintenance on one of my terminal servers at work I received one of the many vague error messages that Microsoft in their (In)finite wisdom give us to help troubleshoot the problem. Normally I would just ignore the error message and come back to it at a later time but as I am in the middle of a tight window I figured I would give it a shot an troubleshoot it (Crazy I know).

So first I start by Google-ing “Error Code 80243004” and I get several hits. The first one I get takes me to a Microsoft article about the issue:

It was very short and to the point (which I appreciated greatly at 11 PM), but the answer I got really made me think that it was pulling my leg. Since it was a Microsoft article I took it seriously and followed it’s sage advice and amazingly it worked!!! (or so it seems at the time of me writing this)

Apparently the little notification that you get when you log in that tells you that you have updates to install is more than just an annoying little pop up. Without it being present your updates will fail (Unless you have it disabled in Group Policy). So from what I can tell, one of my users must have gotten tired of seeing that pop up and told the system to make it go away, and because of that I was unable to update the system until I brought it back.

Why would anyone make that little notification so important? I am really posing a serious question here, and if you have an answer it would be greatly appreciated down below in the comments.

Also if you are like me and enjoy looking at pictures to help you through issues, I would say check out this blog post as well:

I hope this post has been helpful to you and I will continue to post more of these (As I discovered more update issues from my casual perusing of my network).

how to build server 2012 r2

Continuing on from my previous post on how to build a VM using the VMWare vSphere C# Client and How to Edit a VM, I figured I would use that as a segway into our next subject and take that same VM that we build and install Windows Server 2012 R2.
Now taking that same VM right click on it’s name on the left hand panel and click open console (this is a matter of preference but there any many ways to do this). Once the virtual machine console is open click on the green play button to start the VM.
Now if you follow the aforementioned posts then you should already have the .ISO with Windows Server 2012 R2 already mounted and you should be presented with the screen below. 

Select your language of choice and click next, and click install now on the next screen.
On this next screen you can select what version of Windows Server 2012 R2 you would like to install. Your options are:
  • Windows Server 2012 R2 Standard (Server Core Installation) – This is command line only and not recommended unless you know what you are doing.
  • Windows Server 2012 R2 Standard (Server with a GUI) – Great for beginners and general purpose uses.
  • Windows Server 2012 R2 Datacenter (Server Core Installation) – Same as above for Standard, however this is designed to handle larger workloads and virtualization (Hyper-V)
  • Windows Server 2012 R2 Datacenter (Server with a GUI) – designed to handle larger workloads and virtualization (Hyper-V)
For our purposes we are going to use Server 2012 R2 Standard as the end result will require us to have a GUI. Click Next

Accept the License Terms and click Next. 

On the next screen you will be given the option to upgrade your current version of Windows Server or to do a custom install. Since this is a brand new virtual machine we will need to click Custom.

You are now asked which drive to install Windows, I have selected the 60 GB drive and then click “New”. This will allow you to format the drive as right now both drives are Unallocated.

You are now given the option to size your partition, I went with the Maximum for the drive and click apply.

In standard Microsoft fashion you will get a dialog box asking if you want to really do this as it will destroy everything currently on the disk. Click OK to continue.

You will now see that Drive 0 has 2 partitions, The System Reserve  and Partition 2. (We may go into this in greater detail later) To keep my drive lettering from getting out of control, I am now taking the time to format the 2nd Drive. This is just a simple housekeeping step, you can skip it if you would like but just remember you will need to format this drive sooner or later. 

After the formatting is completed, I select Drive 0 Partition 2 to install Windows and Click Next.

Now the installation process has begun.

Once this has completed you will need to go through the startup menu which will ask for Product License, and Administrator Password. Once all of that is completed you will then be able to log in and configure your machine. 
That is all for now, I will continue to update this post with more screenshots and continue the series. 

Active Directory Forrest Trust – Allow to Authenticate and why it is so important….

When setting up a Active Directory Forrest Trust for one of my customers I came across this issue. 
Now this was the first AD Trust that I have set up since being in school where Server 2000 was not the best tool to learn on. Needless to say I was a little rusty. 
So being tasked with this job by our Project Manager I decided to do what any good engineer would do… GOOGLE IT!!!!
So I came across many good articles on Technet at also from regular bloggers, and I am pretty sure I used this blog as my reference material
Feeling confident I go to the client site and I begin to work on getting the Forrest Trust setup. Now please be mindful that there was a whole list of prerequisites that were done for basic network connectivity before I even got to this point. Some day I may even do an article on them but not today. 
By the time I get done with following the directions above and I think everything is good to go I attempt to access a file from the remote AD Domain to a folder in the Local Domain. Immediately I am met with Access is Denied or one of those messages that cause my eye to twitch. Before you ask, Yes I already assigned Security Permissions and Share Permissions. 
After some research into the subject and rebuilding the trust several time (which was unnecessary). I find on a remote blog somewhere what although the Trust has been created there are no permissions for the remote uses to be able to authenticate using SMB to access the files on the network. 
So here is what I had to do: 
1.Open up ADUC (Active Directory Users and Computers)
2. Go to the Computer/Server in AD that is hosting the files that I wanted the remote users to be able to access. 
3.Open the Properties window and go to the Security tab.
4. Add the Security Group from the remote domain and make sure that they have the “Allow to authenticate” permission applied. 
After doing that I tried again and like magic it just worked. 

I hope you find this helpful down the road and good luck.


After a small hiatus…..

I have been out of the game for a little while trying to sharpen my skills and keep up with things going on in my life.
We have a several very large projects as work that am proud to say I am working on. Although the information is confidential it should hopefully give me some more material for this blog.
I recently took the Riverbed WAN 200 class and became certified as  RCSA – WAN Optimization. I will be working on getting my second certification in the next month or so and then I will be dedicating all my time to getting my VCAP-DCV.

How to edit a VM hardware after it has been created

So after you go and make your Virtual Machine you realize you forgot to mount the .ISO for Windows Server 2012 and you left the Floppy Drive in the config which is not really hurting anyone but it makes things more aesthetically pleasing to not see it there.  So what do you do….
Here are the detailed steps to change the hardware configuration of a virtual machine from the VMware vSphere Client.
With the virtual machine selected in the navigation pane you should see the “Getting Started” tab in the center panel. On that tab towards the bottom you will see the “Basic Tasks” section as seen in the screenshot below. 

Click on “Edit Virtual Machine Settings” and the Virtual Machine Properties Window will open up for you.

From here you can see all of the virtual hardware that is assigned to the virtual machine in question. You can also make changes to the virtual hardware as you see fit.

Please note: you will not be able to modify all of the settings if the VM is powered on. Some things like Memory and CPU will require the VM to be off before VMware will let you modify it.

To remove the Floppy drive select the device by clicking on it and click the remove button.

You will now see that the device has a line though it, meaning that this is a pending change for removal and will not take effect until you click okay at the bottom. 
To add the boot ISO you will need to click on the CD/DVD Drive to highlight it.

To add an ISO stored on a Datastore like a LUN or the Local Datastore on the virtual host click Datastore ISO file radio button.

Once you click on the radio button the browse button then becomes available to you. Click on the Browse button to open the Browse Data store window. 

Navigate to where you ISO is stored and click Open.

The file path for the ISO is now populated for you. I suggest that you click connect at power on up at the top of the window. This will make sure that the CD drive presents the ISO to the VM at boot up and allows you to boot into the VM. 
Click okay to close the window and to commit the changes. Once the tasks have been committed you will then be able to power the VM back on. 

VM not Powering on due to vmx.lck

To start, let me apologize for not taking screen shots to share this issue. If this issue occurs in the future I will be sure to take them then and fill in the blanks.

Today after coming into the office from a long weekend because of Memorial Day we discovered that our Lab had an issue on Friday at 7 PM. While I was working on getting everything backup and online I found that my precision Exchange 2013 Server that I built in a previous post was showing up as being grayed out.

Play ominous music

My knee jerk reaction here was to remove the VM from inventory and try to re-add the VM back into inventory by right clicking on the .vmx file and click add to inventory. Something I have done hundreds of times before without issue. However this time was different, the .VMX file would not allow me to add the VM to Inventory. I also noticed there were more than 1. VMX file.

Fortunetly I was already logged into the host as root and saw the the VM was still in inventory. Then I looked at the other host while logged in as root and saw the same thing. I then processed to look at the vCenter and I did not see the VM anywhere.  I thought to myself now how can this be? I am not 100 % of what exactly happened for sure but I have a theory that I intend to try and duplicate at a later date.

So here is goes:

The entire environment went offline during a network issue that caused the iSCSI to drop out. We have had this issue before and after checking the NAS we discovered that the NAS is okay we initiated a reboot of the virtual hosts. Once they came back online we found that the storage adapters could not see the NAS. So from here we rebooted the NAS and we were then able to do a rescan and the LUNs all came back without issue.

Now because we have HA and DRS enabled on our cluster the VMs all started on their own, causing a whole new headache that I do not want to go into at this point. However during this process the one host evacuated all it’s VMs and sent it to the other host.

I am thinking that this is the point where the VM mix up occurred. the 2 virtual hosts were fighting for the VM and that contention caused it to become orphaned. To resolve this issue I removed the VM from the inventory on both machines and then the vmx.lck file disappeared and I was able to re-add the VM back into inventory though vCenter.

I hope this helps someone with their issue, sorry for the lack of pictures but if/when it happens again I will be sure to add it back in.

How to create a new VM using VMware vSphere 5.x

Greetings all, this will be my very first technical blog post. I am pretty new to the game but I figured that starting with a how to guide may be beneficial to others as well as a great way to track all of the things I have worked on.

In this post I will go over the process of creating a new Virtual Machine (VM) in with VMware vSphere 5.5 in my lab environment. I will be doing this in a series with the end goal of having Microsoft Exchange 2013 SP1 installed and running in my Lab environment.

Things to consider before proceeding is that this is a preexisting lab environment that has a lot of things going on. Now what we are working on here should not be disruptive to the rest of the ecosystem but you never know. the moral of the story here is to make sure that you are mindful of what you are working on and do not touch what is not yours.

Now with that out of the way, lets get started:

Build 1 VM with the following specs:
CPU: 1 Socket 2Cores
HDD: OS 60 GB and Data 80GB

Note – I know that these spec’s are not recommended by Microsoft to run a production Exchange server. Remember that this is a Lab, If you are using this as a guide for Production then I recommend that you check the system requirements from Microsoft

Step 1 – Log into vCenter using the vSphere client

Fill in the IP/Name of your vCenter Server/ESXi host,username (in my case DomainUsername), and password

Once logged in click on the Virtual Host that you want to create the VM on and click create VM on the Getting Started Tab under the Basic Tasks section.

This will launch the create a New Virtual Machine Wizard.

Click Next to continue to the Configuration Screen
From here you have the option to select Typical or Custom configuration. For the purpose of this guide we are going to click Custom to give us the options that we need that are not available under typical.
Once you click Custom you will see the menu tree on the left hand side expand out. Click next to continue.
On the Name and Location is where you can name your VM. You can name it whatever you would like, it does not have to be the name of the computer but believe me when I say that is does help. 
Click Next to proceed

After the Computer is named you may be asked to specify the resource pool you would like to have the VM in. We will talk about resource pools at a later date. Unless you know what you are doing, just leave the defaults and click Next.

You will now be able to select what Storage you would like to use for your VM. My suggestion is to pick some kind of shared storage solution (NAS/SAN) but if that is not available then Local storage will work. Just make sure that you have sufficient space for your VM.

Click Next to Continue.

 On the Virtual Machine Version Window you will be able to select what hardware version you would like the VM to be. This will be important if you are running different version of ESXi in your environment and you plan to use vMotion to migrate machines. For the purpose of this exercise and because all of my ESXi hosts are at least version 5.5 I will select Virtual Machine Version 8.

Click Next to continue.

Guest Operating System allows you to select what OS you are going to install on your VM. This comes in handy as VMware has pre-configured options based on the OS you are installing on the VM.

Since we are installing Exchange 2013 I thought it would be nice to install Server 2012 as the base OS.

Click Next to continue.

On the CPUs section allows you to select the number of Sockets and Cores that you would like to use and because we are installing Exchange we would need to allow more cores to be available to this VM. The default is 1 Socket and 1 Core but for my purposes I set the cores value to 2 for this case.

Click Next to continue.

Memory Configuration is exactly what it sounds like. You are able to specify the amount of memory for this VM, the Default is 4 GB and I have changed it to 8 GB for now.

Network not only allows you to define the number of network adapters your VM will have but what network you are putting it on and what adapter you would like to use.

The default is to have 1 NIC and I am going to leave it the same for this, and the default adapter is the Intel E1000. I have changed it to VMXNET3, however if you use this NIC you will need to install VMware tools for it to work. For more information for your network choices you can read the KB Article here

Click Next to continue onto SCSI Controller.

The next option that you get to set is the SCSI Controller, By default LSI Logic SAS is selected. Depending on the OS and other factors you may wish to change this however I will leave the default.

Click Next

 You are given a few option for creating a new disk for your VM. 99% of the time I would say that “Create a new virtual disk” will be the only option you will use. However there are a few time where you may want to map your new VM to a preexisting disk (VMDK) or a Raw Device Mapping (RDM).

Click Next to continue.

Now that you have selected a disk it is now time to create it (Format) how you would like it.
For our purposed I have made the disk Size 60 GB and I plan on using this for the OS only. I have also chosen to “Thin Provision” this VM, this will allow for faster creation time, however there may be a performance impact during disk operation as the disk will be provisioned as the data is being written. This is perfect for my lab environment. You will need to figure out what will work best for you and you needs.

Click Next to to continue.

Since we are using a SCSI controller we have the option of changing the address of the disk and even specifying what mode we would prefer.

Virtual Device Node can be left a default as vCenter does a decent job of handling this for us.

Mode – if you are intending on using vCenter to Snapshot your vm you can just click Next as I have to move past this.

Click Next

Right before you VM is created you have the Option to Review all of your choices before you click Finish.

 As you will notice there is a check box that will allow you to edit the virtual machine before it is created. This is great to use if you need to add an additional Disk or you would like to mount an ISO of your preferred OS before making you VM.

Click Finish and your task will be submitted.

Once the Task is completed the VM should be created and be ready to start.

Well that is all for now, I hope to see you all on my next post for Installing Windows 2012 R2.