Menu Close

Generate new SID in Windows Server 2012

Today I had to deploy a new Windows Server 2012 VM. Because In VMware you can Clone a VM I used this option. But when it comes to Server 2010, the cloned VM will have a duplicate copy of the SID of the machine from which it was cloned.

This duplicate SID can cause a lot of issues so each machine must have an unique SID. In this post I will show you the steps to generate a new SID in Windows Server 2012.

First log on to the Windows Server 2012 VM. Now open Windows Explorer, and browse to C:\Windows\System32\Sysprep

SD_Browse_Sysprep_Location

Right-click sysprep application and click Run as Administrator

SD_Sysprep_run-as

No the sysprep (System Preparation) tool will open as shown below. Choose Enter System Out-of-the-box Experience (OOBE) option, check Generalize option, choose Reboot as shutdown options and click OK.

SD_SysPrep
For more information about the different switches see (https://technet.microsoft.com/en-us/library/cc721973(WS.10).aspx)

When you click OK, the application will generate new SID and perform all the required actions and will reboot.

SD_Preparing_sysprep

After the reboot is complete, you will be asked to enter the product key, accept License terms, and enter a new Administrator password.

This is how you can generate a new SID on Windows Server 2012.

Configure Email Notification for Windows Server Backup

Windows 2008 (R2) and 2012 (R2) all include the Windows Server Backup feature, which is a reliable but basic backup utility. I only use Windows Server Backup when the server is a physical server. The Windows Server Backup allowing you to restore data or the entire server as necessary. The only downside in WSB is the lack of a reporting function.

Because it is very important to see the status of a back-up job,so that any failures are addressed immediately. WSB doesn’t natively allow you to configure notification emails that advise on the success or failure of each backup.

WBS_Eventviewer
Windows Eventviewer – Backup failure and success events

Windows Server Backup writes operational events to its own event log, located at Logs > Applications and Services Logs > Microsoft > Windows > Backup > Operational. Successful or unsuccessful completion of the backup is logged at this location, so we can use these events as a trigger to send ‘success’ or ‘failure’ email to a particular backup admin user.

WBS_Task_scheduler
Windows Task Scheduler – Backup tasks

Create success email task

The goal is to trigger the notification on backup completion. Because it is more practical to set up two notification (failure of success) we need two tasks.

Click on ‘Create Task’ and configure as follows:

  • Name: Backup Success Email Task
  • Description: Notifies backup admin of scheduled backup successful completion
  • Run whether user is logged on or not
  • Go to the trigger tab, press “New”, choose “On an event”, select “Custom” and then “New Event Filter”
  • Select “By log”, then navigate to “Applications and services logs”, then “Microsoft, then “Windows” then find “Backup” and tick it
  • Use the following Event ID’s

  • Save your changes and navigate to the actions tab of the task
  • Action: Send an email (configure email settings, subject, body etc as required)

Create failure email task

After you configured the correct settings you can save this task and create another one to be triggered on backup failure. This one has more event triggers, because there are multiple backup failure event codes. Configure the task as follows:

  • Name: Backup Failure Email Task
  • Description: Notifies backup admin of scheduled backup failure
  • Run whether user is logged in or not
  • Go to the trigger tab, press “New”, choose “On an event”, select “Custom” and then “New Event Filter”
  • Select “By log”, then navigate to “Applications and services logs”, then “Microsoft, then “Windows” then find “Backup” and tick it
  • Use the following Event ID’s

  • Save your changes and navigate to the actions tab of the task
  • Action: Send an email (configure email settings, subject, body etc as required

If you want to test your email notifications, be sure to check the “Allow task to be run on demand” option under the Settings tab.

Google Chromecast – Part 1

Today I finally bought a Google Chromecast. The Chromecast is a handy, inexpensive way to stream media from online to your TV over your home WIFI network, using your computer or mobile device as a bridge. It’s pretty simple to setup, but for those who need a little more help this guide can walk you through each step and make sure you get everything working properly on the first try.

Decomission a Windows 2003 or 2008 Domain Controller

To decomission an Active Directory Domain Controller (Windows Server 2003/2008) is a fairly straight forward task as long as you make sure nothing is relying on that server.

What to check before decomissioning your DC

The most important thing to check before you are decomissioning your DC are the following components that are either running or registrered against the system:

  • Global Catalog
  • FSMO Roles
  • Bridgehead server
  • General server health
  • Enterprise admin credentials

Restart services and e-mail succes (Powershell)

This script was originally created to run as a scheduled task. All variables will have to be updated to fit with your own environment i.e. $hostname, $smtpserver. Once run it will complete the following –

1. Send an e-mail to whichever address/s that you specify within the $recipients variable. In my case this was used to inform the alert monitoring team that they can ignore alerts for this service over the next 10 mins.

2. Stop the service specified within the $service variable. A do..Until loop was used to confirm the service had stopped before continuing with the script.

3. Start the service. Again, a do..Until loop was used to confirm the service had started.

4. Send an e-mail to the same recipients informing them that the service has restarted successfully.

Simple way to list FSMO Roles in Active Directory

This tip explains the simplest way to check FSMO Roles availability in an Active Directory Forest environment.

FSMO (Flexible Single Master Operations) Roles are very critical for Active Directory to run smoothly. As part of the daily Active Directory health tasks, you need to run several command lines tools or customized scripts to check the status of various Active Directory components which includes checking availability of the FSMO Roles.

To check the availability of FSMO Roles in an Active Directory environment, you can run following command line tools (available by default with Operating System installation):

Advantage using NetDom command is that it returns the list with FSMO name and the server holding that FSMO role as shown in the below output. The server name is returned in the FQDN format.

I hope this post will help you to find out the FSMO roles in a simple way.