Categories
Microsoft Tools Uncategorized

Need help resizing your Hard drive?! AOMEI Partition Assistant to the rescue.

I was asked to assist with a SSD replacement for a drive that was starting to degrade. I started off by using CloneZilla to backup the drive but de to the degradation of the 90 GB SSD I was not able to complete the backup to my drive. In order to get around this issue I was able to use the Windows backup utility to create a disk image (which for some reason worked) an then restore the image to a new 1 TB drive.

At that point I thought I was made in the shade. Until I realized that I was not able to expand the C:\ Partition as there was another partition at the end of the disk. Windows Disk Manager would not allow me to move partitions (thanks Microsoft!) so I had to look for a third party solution to help. I came across AOMEI Partition Assistant Standard which said it would do the trick.

For the purpose of this exercise I went with the freeware download as I was only going to need to do this once and the Freeware edition should have been able to do what I needed. Let me tell you, I was not disappointed.

I installed it on the computer and from there I was able to not only move the partition on the disk, but I was able to expand the C:\ from 90 GB to 990 GB all at the same time. After submitting the job, it asks for a reboot which took a while but once the computer came back up it was working great!.

If you are ever in this situation you should totally check these guys out as they are now going to be a staple in my tool kit for the foreseeable future.

Categories
Active Directory Microsoft Windows

Microsoft Active Directory Time Sync Settings

So I was recently asked by a client: “Why is the time on my PC 5 minutes off from my phone?”

Now this is a small environment, a very small environment (1 Server and 7 workstations). The first thing I thought about was what does the server clock look like? So I remoted into the server and sure enough it had the same time as the workstation.

I went and checked the registry and found that the server was pointed get its time from time.windows.com, but for some reason that was not working.

I then used the following command to point it to several of the pools hosted by NIST.gov

w32tm /config /manualpeerlist:time-a-g.nist.gov,time-b-g.nist.gov,time-c-g.nist.gov,time-d-g.nist.gov /syncfromflags:manual /reliable:yes /update

After that I restarted the W32Time (Windows Time) service to make the update work.

Once that is done it should force a resync of the time service which could take some time to update and to sync with all the workstations.

I hope you find this post helpful, and if so please share it with your friends.

The More You Know: Unlocking Windows God Mode

Today I wanted to talk about this is a little known feature that has existed on in Windows based workstations since at least Windows 7 when I first heard about it. Since then this “folder” for lack of a better work has been following me around to every PC I have had since then.

At first glance it looks like your Windows Control Panel on Steroids

As you can see from the screen shot, There are about 219 (on my machine, your mileage may vary) settings that you can edit.

To gain access to this you first need to start off by creating a new folder. When the folder is created and you are asked to give it a name you will need to insert this String into the field.

GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

Press Enter and the icon will change from this

To this

I hope you found this helpful and informative, and I look forward to you coming back soon.

PowerShell – Windows Update report to .CSV

A while back I was asked by my boss to come up with a way to get a report of all the Windows Updates installed on a remote server that is at a client’s site and that we do not have access to.

I thought to myself that he must be crazy to think that we could even find a utility that would enable us to do that.

Well….. Apparently with the right Power Shell Commands you can do it. Here is the Syntax for the Script that you will need to save as a .ps1

$Session = New-Object -ComObject “Microsoft.Update.Session”
$Searcher = $Session.CreateUpdateSearcher()
$historyCount = $Searcher.GetTotalHistoryCount()
$Searcher.QueryHistory(0, $historyCount) | Select-Object Date,
   @{name=”Operation”; expression={switch($_.operation){
       1 {“Installation”}; 2 {“Uninstallation”}; 3 {“Other”}}}},
   @{name=”Status”; expression={switch($_.resultcode){
       1 {“In Progress”}; 2 {“Succeeded”}; 3 {“Succeeded With Errors”};
       4 {“Failed”}; 5 {“Aborted”}
}}}, Title | Export-Csv -NoType “$Env:userprofileDesktopWindows Updates.csv”

The result looks something like this:

I hope you find this post helpful and are able to use this going forward.

Office 365 user names with ADSync have the OnMicrosoft.com Domain

So I have been working on a Exchange 2016/Office 365 Hybrid solution. Part of the setup is to install and configure ADSync which depending on the day of the week it could either be a Office 365 or Azure Utility. I have honestly installed this tool several times, and it is never in the same place every time I need to download it.

Once ADSync is installed, It will sync your Local AD Users to Office 365/Azure AD. Depending on how you configure the Sync, it could synchronize the whole AD Forrest, an OU (or Multiple OUs), or a Group. In my case I selected 1 of our OUs.

Within 30 minutes all of my users in that OU were sync’d with Office 365/Azure AD. However all of my users had a @company.OnMicrosoft.com user name. Normally this would not be a problem, however I am sure this would be confusing to some users. I also noticed that the usernames were also not consistent either.  Some of them looked like this:

[email protected]

or

[email protected]

After scouring the internet I found nothing on how to fix this for my users. I was just about to open a ticket with Office 365 Support when I found a Technet Article that talked about how the usernames are generated when using ADSync.

To Paraphrase the article, the username in Office 365 is set by the user’s Alias set in Exchange. Which led me to believe that we really have some inconsistent naming going on at my office but that is for another day.

The Article also covered how to change the user names. This let me to believe that I could use this same method for changing the domain name as well, and it worked!

Here is what you will need to do

Connect to Office 365:

Connect-MsolService

Then use this command:

Set-MsolUserPrincipalName -UserPrincipalName [email protected] -NewUserPrincipalName [email protected]

If you don’t get an error message then you should be able to click the refresh button in Office 365 for the user account and you will see the new name.

How to tell if your users AD account password has expired

Like I said in a previous post we are dealing with the after math of a disaster so most of our Administrative tools are still offline until we get around to bringing back online. One of those tools was a real life saver and would email not only the admin team but the end users that their AD password was about to expire. So without that we are flying blind, which is not a big deal for the day to day management of our network.

Moving along I got a call the other day from one of my users who was working remote who said that he could not connect to email. So I asked him when was the last time he reset his password, which he said he did not know.

So I opened up my command line and ran the following command

net user %USERNAME% /domain

Replace %Username% with the username you want to query and it will return a ton of information about the user account including the date the password will expire. 

Exchange 2016 – Issue with changing URL for MAPI connections

As you know when you installed Exchange all of the Virtual Directories use the FQDN of the server as the URLs for the Exchange Virtual Directories. If your Exchange server is being used for OWA or CAS you will most likely have a SSL Cerfiticate to prevent you from getting those pesky SSL errors.

During an install that I recently did I ran into an issue where all the outlook clients were getting SSL pop up messages that looked like this:

From the message you are able to see that the name of the certificate does not match the server name. So I logged into the Exchange Admin Center and looked under Servers > Virtual Directories and checked each of the Virtual Directories listed. As this was my first 2016 installation I discovered that there was a virtual directory for mapi. So from the web interface I changed the internal url to match the name of the certificate “https://Mail.Domain.com/mapi” and restarted IIS. After that I go and try and configure an outlook client and good news I no longer get the SSL Error, but now I am unable to authenticate to the mailbox!!!

After playing around with it for a while I discovered that changing the name back did not fix the issue so I was forced to do a rebuild on the virtual directory and that took me back to square 1.

After hours of searching online for an answer I found this powershell command that worked

Set-mapivirtualdirectory -identity “[SERVERNAME]mapi (default Web Site)” -internalurl  https://Mail.DOMAIN.com/mapi

After doing this command I restarted IIS again and the clients are now able to connect without issue.

UPDATE on this issue:

I would appear that do to a misconfiguration in the client’s internal DNS their Autodiscover.domain.local was a A record and not a CNAME which it appears that outlook autodiscover does not like. So I changed the record to a CNAME by deleting the A record and recreating it. Then I went to a local machine and did a IPCONFIG /FLUSHDNS and then restarted outlook and that seems to have fixed the issue.

Windows Update error 0x80243004…..

While performing routine server maintenance on one of my terminal servers at work I received one of the many vague error messages that Microsoft in their (In)finite wisdom give us to help troubleshoot the problem. Normally I would just ignore the error message and come back to it at a later time but as I am in the middle of a tight window I figured I would give it a shot an troubleshoot it (Crazy I know).

So first I start by Google-ing “Error Code 80243004” and I get several hits. The first one I get takes me to a Microsoft article about the issue:

http://windows.microsoft.com/en-us/windows7/windows-update-error-0x80243004

It was very short and to the point (which I appreciated greatly at 11 PM), but the answer I got really made me think that it was pulling my leg. Since it was a Microsoft article I took it seriously and followed it’s sage advice and amazingly it worked!!! (or so it seems at the time of me writing this)

Apparently the little notification that you get when you log in that tells you that you have updates to install is more than just an annoying little pop up. Without it being present your updates will fail (Unless you have it disabled in Group Policy). So from what I can tell, one of my users must have gotten tired of seeing that pop up and told the system to make it go away, and because of that I was unable to update the system until I brought it back.

Why would anyone make that little notification so important? I am really posing a serious question here, and if you have an answer it would be greatly appreciated down below in the comments.

Also if you are like me and enjoy looking at pictures to help you through issues, I would say check out this blog post as well:

http://jackstromberg.com/2013/09/code-80243004-windows-update-encountered-an-unknown-error/

I hope this post has been helpful to you and I will continue to post more of these (As I discovered more update issues from my casual perusing of my network).