Monday, 3 February 2020

Attempted to increase Domain Functional level (through dsa.msc) - in our case this resulted in error as there was a lingering failed DC object.

Attempt to remove this in ntsutil (metadata cleanup) resulted in various errors but most common one being error 0x20e3 (The DSA object could not be found) .

Event logs such as "the directory service agent has detected an object with a null GUID" were also being recorded.

Trying to remove/delete the NTDS Settings of the server in ADSIEdit's Configuration Schema also resulted in a errors such as problem 5001 (busy) or

Unable to update schema - problem 5001 ( BUSY )

ince I was attempting to join a promote a machine to DC via a VPN, I was getting a "Could not find an active Direcory domain controller". I had to manually create DNS A records pointing to the new server newserv.mydomain and associated PTR records as per: https://serverfault.com/a/795801

After establishing connectivity, I still couldn't join. Reason being the domain I was trying to join was a single label domain: and this is the fix https://www.itprotoday.com/windows-78/single-label-domain-dns-resolution

After this I was able to Join the domain but had to upgrade File Replication System to DFSR.

Upgraded from FRS to DFSR following the "Quick Migration" paragraph at the below link and ran into no issues:

https://techcommunity.microsoft.com/t5/storage-at-microsoft/streamlined-migration-of-frs-to-dfsr-sysvol/ba-p/425405

Friday, 12 October 2018

Pointing Workstations to a WDS server in a different Subnet

If you want workstations in a certain subnet to access a WDS server in a different subnet, you need to add Options 66 and 67 to the Workstations' DHCP server's scope options, as below:

Option 66:
WDS server name (FQDN)

Option 67:
Path of the wdsnbp.com file with the RemInstall share as root: example, boot\x64\wdsnbp.com

One limitation I have read about is that you then can't choose between x64 boot image and x86 boot image. In the example above it would only work for 64-bit workstations.

Wednesday, 29 August 2018

Changing Default Keyboard to a different language through GPO (Windows 10)

After deploying Windows 10 (it only comes in en-US from VLSC) I was struggling to get the input language changed to en-UK as default. That is, at logon screen, and once user is logged on - with no option to change it to anything else. It seemed the Logon screen would always also show the en-US option (even when specifiying en-UK in MDT task sequence).

All online sources seemed to point to registry keys in 2 locations: HKEY_USERS\.DEFAULT\Keyboard Layout\Preload and HKCU\Keyboard Layout\Preload.

From what I understands, the first location (.\default) is loaded at the logon screen, and the second one relates to actual logged in users.

As suggested by online blogs, I created 2 registry changes in GPO, one in Computer configuration/Preferences/Windows Settings/Registry and the other in User Configuration/Preferences/Windows Settings/Registry.

I chose to update the first keyboard (value 1, order 1) to en-UK and all-out delete the second keyboard (value 2, order 2).

One relates to HK_U\.DEFAULT and the other to Current User:

However I also had to add the following GPO settings: Restrict the UI Language Windows uses for all logged in users -> Disabled (not sure why) and Disallow copying of user input methods to the system account for sign-in -> Enabled.

After doing all this and setting the GPO to "Enforced" (as I didn't want any subsequent GPO to change these settings), it seemed to copy the correct registry keys, although the Login screen change sometimes took a couple of reboots.

Not sure why M$ doesn't make it easier to just enforce a particular keyboard input!

Tuesday, 15 March 2016

One way audio after placing a Third Party SIP device on Hold on CUCM (or attempting a transfer)

If you experience an issue with 3rd Party SIP devices (in our case Ascom) losing audio when they are placed on hold (but the other party can still hear them), this is the setting you need to change:

Media Termination Point Required needs to be ticked.

Also ensure the correct SIP Profile is in use.

Thursday, 10 December 2015

Problem with DYMO CardScan executive and Outlook 2010

So the other day I ran into this issue with DYMO CardScan Executive: when attempting to "Synchronize", and choosing the Folder in question (user's Contacts), an error message would appear, and there was no way around it. It was Error creating Outlook object: “Outlook.Application”, followed by Error code 0x8002801d

Some solutions online pointed me in the direction of deleting some registry keys, but that did not solve my issue. Ultimately I turned to DYMO support who were very helpful and provided the below guide, which completely fixed the issue. This also relates to deleting registry keys, but different ones:

Error Message:

Cause:

Newer version of Microsoft Office had been installed on the computer and after removing it there are left over registry entries.

Solution 1:

Use the Windows System Restore Points and revert your system to a point when the add-ins worked.

Solution 2:

Step 1:

1. Access the Windows Registry Editor via Start, Run, Cmd, RegEdt32, enter.

2. Navigate to HKEY_CLASSES_ROOT\Interface\{00063001-0000-0000-C000-000000000046}\TypeLib

3. Find a '(Default)' entry with the value '{00062FFF-0000-0000-C000-000000000046}'

4. You should find a 'Version' entry. Check that this version matches the value in the following table based on the version of Outlook currently installed.

Outlook Version
Outlook 2003	9.2
Outlook 2007	9.3
Outlook 2010	9.4
Outlook 2013	9.5

Step 2: (Fix the TypeLib)

1. Navigate to HKEY_CLASSES_ROOT\TypeLib\{00062FFF-0000-0000-C000-000000000046}

2. Delete the version keys (e.g. 9.5) for any version of Outlook that is not installed on your system based on the version table provided below. For example, if you are not using Outlook 2013 then remove the "9.5" entry. If you are not using Outlook 2010 then remove the the "9.4" entry. DO NOT DELETE the entry for the version that was configured in Step #1

3. At the end there should be only 1 version of the Office Package in the registry.

4. Restart the computer and reinstall CardScan.

Outlook Version
Outlook 2003	9.2
Outlook 2007	9.3
Outlook 2010	9.4
Outlook 2013	9.5

Monday, 7 September 2015

How to properly Failover and Failback VM replicas in VEEAM

For example in the case of Crypto virus and variants, having a good replica can save your butt.

Steps:

From vCentre, shut down the messed up VM in your production environment
In Veeam, go to Replicas - Ready, and hopefully you will find the machine in question and the restore point will be recent (but before s*** hit the fan)
Right click and "Failover Now", choose the correct restore point. Your machine will now power on in your DR environment and you'll find it under Replicas - Active.
At this point the VM can be used by users while you restore the other one from backup, or...
At a more appropriate time, you can "Failback" to return your Replica to the Production Cluster/Host (this will incur a downtime, length depends on the number of changes made to the VM while running in this mode).
Failback will either "merge" the VM to the oriignal or you can choose to Merge it to a different VM if you restored it somewhere else.
Users can still work until the VM powers off, it will remain powered off until disks are merged.
Once this is done it will power on automatically in the Production environment, at which point you can...
"Commit Failback" to return to normal.