I recently came across a Hyper-V host which after a power outage and a dirty shut  down, due the absence of a UPS, could not connect to the Virtual Machine Management Service.  When opening the Hyper-v console the VMs were not listed, and selecting “Connect to Server” resulted in the following error message; “An error occurred while attempting to connect to server ‘ServerName’.  Check that the Virtual Machine Service is running and that you are authorized to connect to the server.”

image

The Hyper-V services displayed running in the Services management console, and permissions had not changed, however when checking for dependencies for the Hyper-V Virtual Management Service it show no dependencies.  Comparing this to another Hyper-V host reveals the service depends on the Remote Procedure Call (RPC) and Windows Management Instrumentation service. Both of these were running as well.

When services and system information is not present in various consoles, and the WMI service is running, it can often be a result of missing or corrupt WMI files.  You can confirm this by running msinfo32.exe (System Information).  If so, you will receive a message “Can’t collect Information.  Cannot access the Windows Management Instrumentation software.  Windows Management files may be moved or missing.”

image

If this is the case there is an easy fix:

  • Always have a full backup of your system before making any changes!
  • Note:  Microsoft recommends troubleshooting, and restoring the WMI files rather than deleting them as I describe here.  Deleting the files can affect 3rd party software which may require reinstalling.  For more information see the links at the end of this article.  In this case the WMI checks showed no inconsistencies and a reset failed, so rebuilding was the best option.
  • Stop the Windows Management Instrumentation service, which will warn you that it will also stop the Hyper-V Virtual Machine Management and other services, verifying the link between the two.
  • Rename the WMI information file folder to something such as .old  C:\Windows\System32\wbem\Repository.old
  • image
  • Restart the host.   Upon reboot it will recreate the Repository folder and its contents.  You may find the first logon hangs for a few minutes and also it may be slow for a while as it rebuilds the files.
  • image
Additional information regarding troubleshooting WMI:

http://blogs.technet.com/b/askperf/archive/2009/04/13/wmi-rebuilding-the-wmi-repository.aspx

http://technet.microsoft.com/en-us/library/ff404265.aspx

image

Not able to attend TechEd North America in Houston?

This year there is a great opportunity to follow online starting tomorrow May12th.  Registration and a schedule of the Live streams can be found at: https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032587141&Culture=en-US&community=0?WT.mc_id=CLC9CD0510

For more information and and a Video ‘teaser’ by Rick Claus and Joey Snow visit: http://blogs.technet.com/b/canitpro/archive/2014/05/10/teched-north-america-2014-won-t-you-join-us-online.aspx

 

image

I am pleased to announce my Windows Phone 8 Blog app has been published.  As of yet it is not compatible with Windows Phone 8.1 but should be by the time of “official” release.  The app, which is free,  can be downloaded from: http://www.windowsphone.com/en-us/store/app/lan-tech-blog/d0bd5f80-c223-48ae-a13e-a978913198b0   image

I have had a few questions regarding a message “Office 365 authentication did not succeed” suddenly appearing both in the daily reports and the Alert Viewer of Server Essentials.  The alert viewer suggests changing the admin account (or refresh it) in the Office 365 tab of the Essentials Dashboard, however doing so fails with a message stating you are using the wrong account or password.

image

In most cases if you log into the Office 365 site using the domain’s admin e-mail account you will find the password has expired and you are asked to update it.  Do so and return to the Dashboard entering the new password which should now allow it to validate and eliminate the error.

image

The past 8 or more years most of us have managed PC updates using WSUS (Windows Server Update Service) and Group policy.  However, the structure of the modern office has changed to a large percentage of mobile employees who never ‘touch down’ at headquarters.   If these devices do not connect to the domain they do not have updates applied.

A client who has not returned to the office in 18 months, and likely will not for the life of their laptop, recently asked how they could update their machine manually.  Currently they were not able to do so as Windows Update showed “settings are managed by your system administrator”, in other words, by WSUS

image

It is quite simple to disable WSUS management in the registry, however remember if the device is reconnected to the domain, the WSUS policies will be reapplied.  Therefore you may want to move the device to an OU not linked to the WSUS policy or remove the device in the policy under security filtering.

Disclaimer:  Be aware making incorrect registry changes can have disastrous effects to the health of the device.  Be sure to backup the registry before editing.  To do so see the following Microsoft article; “How to back up and restore the registry in Windows”  http://support.microsoft.com/kb/322756 

  • Open the registry editor, by entering Regedit in the Start / Run box, and browse to:  HKLM\Software\Policies\Microsoft\Windows\
  • Locate the WindowsUpdate  Key and delete it
  • Reboot the PC (may take 2 reboots)
  • Now you can manually update and configure Windows updates to automatically check for and install updates directly from the Microsoft Update site

image

You may want to consider using a newer service such as Windows Intune to manage your computers, especially mobile devices.  http://www.microsoft.com/en-us/server-cloud/products/windows-intune/

There are many web sites outlining how to reconfigure windows XP, Vista, and Windows 7 to allow multiple concurrent Remote Desktop Sessions, basically making a desktop PC a terminal server. On many occasions I have pointed out doing so is a licensing violation, however I confess I have never seen this specifically stated in any ELUA.  I have been privy to discussions with Microsoft where this has been discussed, and Microsoft employees and support site personnel have often posted it is not permitted on various  sites.

Having been asked to verify this I reviewed various EULAs (End User Licensing Agreements) and it seems Microsoft more often explains in detail what is allowed than what us not.  Much like your insurance company doesn’t state in your home owners policy you are not permitted to have bonfires in your basement.  Some ELUAs such the one for Windows 7 mentions; “The single primary user of the licensed computer may access a session from any other device using Remote Desktop”, but does not state you can have multiple sessions.  It does however state you can have multiple users sharing a single session using NetMeeting or Remote Assistance, which means both users are sharing the same desktop and application, not separate sessions.  The intent with this is to assist an end user.

The modification is promoted as a patch, but a patch would be provided by Microsoft. This ‘patch’ was created by someone named DeepXW who on their own web page refers to it as “Crack termsrv.dll, remove the Concurrent Remote Desktop sessions limit”.

Most of the reputable sites explaining the hack also include a disclaimer explaining it is a violation.  I have posted some examples at the end of my ramblings . Sites such as Experts-Exchange have even banned posting the hack as they have confirmed it is a licensing violation.

We also need to consider if this hack were legal, you would also require buying RDP/RDS CALs (Client Access Licenses), and if Office were installed you would only be legit if you purchased volume licensing with one license for each user. The latter two are requirements on any multi-session Microsoft O/S.  The Office 2013 ELUA does clearly state that you cannot have multiple sessions: “Remote access. The user that primarily uses the licensed computer is the “primary user.” The primary user may access and use the software installed on the licensed device remotely from any other device, as long as the software installed on the licensed device is not being used non-remotely by another user simultaneously.”  This same issue applies to third party software which in many cases has the same limitations.

Granted the hack does work, with some occasional Winsock issues, and though the chances of being caught are minimal, if discovered in a Microsoft audit, which does happen, the penalties are stiff.  I strongly encourage folk to approach this in a more secure, manageable, and legitimate way by using a Microsoft Remote Desktop Services Server (formerly called Terminal server).

Sample comments from various sites outlining the hack:

However, be warned. Before you begin, I need to warn you that patching the file and allowing more than one concurrent Remote Desktop session will violate a few lines in the Windows XP EULA. Proceed with caution and at your own risk. I shall not be liable for any damage caused to you, your computer, your data or your dog/cat because of this.  From <http://www.petri.co.il/multiple-remote-desktop-sessions-on-windows-xp-sp3.htm>

Desktop, which basically only allows the single primary user of the licensed computer to access a session of the computer. And that essentially tells us that the trick we revealed to enable multiple concurrent user in remote desktop in Windows 7 isn’t a legally licensed, despite that it’s really a good useful hack.  From <http://www.nextofwindows.com/how-many-concurrent-connections-allowed-to-access-a-windows-7-computer/

I think you find it is a license violation, as win 7 is single user at time OS.
As with all version of windows you need a license for all current users.
If you “hack it” you have violated the TOS and have voided the windows license.  From <http://social.technet.microsoft.com/Forums/windows/en-US/41e9e500-714a-443b-bff2-55f0d500d3d1/concurrent-sessions-remote-desktop-in-windows-7>

A quick note: enabling multiple concurrent RDP users may be against the Windows 7 End User Licensing Agreement (EULA). Please be sure to check the EULA beforehand and know that we do not recommend making these changes in cases where they may violate the EULAFrom <http://www.optimusbi.com/2012/12/05/enable-concurrent-rdp-connections-windows/>

Regardless of what solution you come up with, concurrent desktop access (if you are not sharing a single session) is in violation of the desktop Windows EULA.   From <http://arstechnica.com/civis/viewtopic.php?f=15&t=1190558

It seems the Java download site has been down for 24 hours.  Many internet posts by folk receiving “This page can’t be displayed” after clicking the download button.  The “See all Java downloads” page results in the same message.

A site test reveals it is down as well:  http://downforeveryoneorjustme.com/javadl.sun.com

I did find the Oracle site worked without any problems: http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html

There are many articles regarding how to locate and regain space consumed by many SBS services and log files, including one of my own; “Missing SBS 2008/2011 Drive Space“.   One of the most common issues is the WSUS admin logs located in C:\inetpub\logs\LogFiles\W3SVC_____  which can consume huge amounts of drive space.  With SBS 2011 and SBS 2008 (2008 if updates are applied) this particular folder should be looked after by a scheduled task which clears out log files older than 100 days.  In a few cases you may want to edit this and reduce it to a shorter period of time, as very nicely explained by Ronny Pot.

I was asked to look at an SBS server today which had ‘lost’ most of its system partition available space.  It was not really lost as it was found in a C:\inetpub\logs\LogFiles\W3SVC_____  folder.  However, this should have been looked after by the aforementioned scheduled task.  Upon review of the task history it seems the task’s script has been failing for several months resulting in “Action start failed” and “Action failed to start” messages with an Error Value of  2147942402.

Note: the task is located under Administrative Tools |  Task Scheduler | Task Scheduler Library | Microsoft | Windows |  Windows Small Business Server 20xx Standard |  WSUSLog Cleaner

image

In this case the  time frame had been reduced to 30 days, but noticed when saving the changes, if not paying attention, the “arguments” for the script can get modified by Windows.  The changes can be made under the Actions tab as per the image below:

image

However, in some but not all cases, when clicking OK to save  you may get a popup as below:

image

Note the text.  If you select yes it changes the Program/Script field to C:\Program, and the Argument field to Files\Windows Small Business Server\Bin\WSUSLogCleaner.vbs 30.  The entire path needs to be in the Program/Scripts field and only 30 in the argument.   It seems someone in a hurry clicked yes, as one would assume when approving changes, and did not double check after the fact.  It seems the popup only occurs if there are no existing quotes around  “C:\Program,Files\Windows Small Business Server\Bin\WSUSLogCleaner.vbs” in the Program/Scripts field.

In the past I wrote a couple of articles explaining how to connect to a business network using a Windows VPN prior to logon, so that domain authentication takes place and group policies and logon scripts are applied.  See:  Win 7 and earlier and Win 8

As pointed out in the articles, this only works for domain joined computers.  It has been brought to my attention that some folks would like to automate the VPN connection process on non domain joined machines.   .

Automate VPN connection – AFTER logon:

Basically you need a one line batch file and add it to the startup folder, but in detail:

  • Open a text editor such as Notepad and enter the lines below, substituting the name of your VPN connection for Acme, and inserting your user name and password

rem   Batch file to establish a VPN connection
rasdial  acme  username  password
exit

    • Substituting  *  (an asterisk)  for the password, will prompt for the password during the connection.  This is more secure as the password is stored in clear text in the batch file.
    • Save the file to a location such as the desktop, but when doing so save using a .bat extension and enclose the name in quotes such as;  “VPN_Connect.bat”.  Notepad will add a txt extension if you do not use the quotes.
    • Saving to the desktop allows the user to double click on the file to establish the VPN connection.
    • If you want to automate the connection add the batch file to the startup folder and it will run after logon to the PC has completed.  The startup folder can be found in the following locations:

XP: Documents and Settings\All Users\Start Menu\ Programs\Startup
Win7:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp

For those following my blog in Atlantic Canada, you may be interested in an upcoming local event:

An Introduction to Microsoft Virtualization and the Private Cloud with System Center 2012 and Hyper-V

Event Details

Spend an evening with Mitch Garvis, Virtual Technology Evangelist with Microsoft Canada, getting to know the Microsoft server virtualization story.  Learn not only about Hyper-V, but also the management and Private Cloud scenarios that System Center 2012 SP1 brings to the table,  Learn how to build your cloud, and also how Microsoft sets itself apart from (and ahead of) the competition in the Virtualization world!

This informal event will consist almost entirely of discussions and demos, with only a smattering of PowerPoint and fluff.  The demos will be entirely unscripted, so you will get to ask what you want to see… and Mitch will do it!

The event is to be held Tuesday, June 11, 2013 from 5:30 PM to 9:00 PM, at the Nova Scotia Community College Institute of IT Campus, 5685 Leeds St., Halifax, NS

To register:  http://www.eventbrite.com/event/6998359281

Tag Cloud

Follow

Get every new post delivered to your Inbox.

Join 97 other followers