July, 2013

  • DFS Replication in Windows Server 2012 R2 and other goodies, now available on the Filecab blog!

    Over at the Filecab blog, AskDS alum and all-around nice guy Ned Pyle has posted the first of several blogs about new features coming your way in Windows Server 2012 R2. If you're a DFS administrator or just curious, go take a look! Ned promises more ...read more
  • Roaming Profile Compatibility - The Windows 7 to Windows 8 Challenge

    [Editor's note: Everything Mark mentions for Windows 8 clients here is also true for Windows 8.1 clients. Windows 8 and Windows 8.1 clients use the same (v3) profile version, so the 8.1 upgrade will not prevent this from happening if you have roaming ...read more
  • Because TechNet didn't have enough Active Directory awesomeness already

    Time for a quick lesson in blog history. There'll be a quiz at the end! Ok not really, but some history all the same. Back a few years ago when we here at Microsoft were just starting to get savvy to this whole blog thing, one of our support escalation ...read more
  • Because TechNet didn't have enough Active Directory awesomeness already

    Time for a quick lesson in blog history. There'll be a quiz at the end! Ok not really, but some history all the same. Back a few years ago when we here at Microsoft were just starting to get savvy to this whole blog thing, one of our support escalation ...read more
  • Announcing public availability of MBAM Compliance Data Cleanup Tool 2.0

    We are happy to announce public availability of MBAM Compliance Data Cleanup Tool 2.0 (clean-mbam.exe), aka MBAMCDCT 2.0.

     

    MBAM Compliance Data Cleanup Tool 2.0 (clean-mbam.exe) is a command line tool which enables you to delete machine records from the ‘Compliance Status’ database of the MBAM 1.0 and MBAM 2.0 standalone.

     

    There have been situation where you as a MBAM Admin had to delete the entries of older/reimaged machine records from the MBAM compliance database. The only solution in this case was to run complex SQL queries to delete machines from the database. This tool helps you report the true state of encryption compliance in your environment by deleting the obsolete information from the MBAM Compliance Status database.

     

    What’s New!

     

    1. Since, this is a command line tool, you can schedule it as a task to automate deletion of obsolete machine records from the MBAM compliance database.
    2. This tool provides three different ways to delete machine records from the MBAM Compliance Status database:
      1. Delete machines which have not reported in last X days.
      2. Delete machines specified in a comma separated list via command line.
      3. Delete machines specified in a text file.

     

    Note:

    This tool doesn’t delete the recovery information or any other data from MBAM Recovery and Hardware Database. All delete operations are performed strictly on the MBAM Compliance Status Database.

    This tool is available for download from the TechNet website http://gallery.technet.microsoft.com/MBAM-Compliance-Data-f202e1bf as a self-extractable compressed file, which includes the executable and documentation.

    Hope this tool helps you report the true state of encryption compliance in your environment by deleting the obsolete information from the database.


    Disclaimer:

    This tool and documentation are provided "as-is". You bear the risk of using it. No express warranties, guarantees or conditions are provided. The tool supplied in this document is not supported under any Microsoft standard support program or service. However, you can report issues and bugs in the comments section on this page. Microsoft will, at its sole discretion, address issues and bugs reported.

     

     

    Himanshu Singh

    Windows Core Team

  • How to Setup a Live Debug Using Physical Machines

    For this example I am using a Windows Server 2012 Physical machine that will be used to debug a problem machine. I will setup a live Debug session with a Windows 7 sp1 physical machine.

    Win2012Debugger (Host) - This is the physical machine that will be used to do the debug

    Win7 client (Target) - This is the physical client machine being debugged

    The problem production machine is referred to as the Target Computer and the Debugging Tools for Windows are installed on the Host computer. The machines are attached with either a null-modem cable, 1394 cable, a special USB cable, or an Ethernet cable (network debugging was added in Windows 8). In this example the serial debugging is outlined because this is the most common technique

    Configuring the physical Windows Server 2012 (Host) machine:

    1. Install the debug tools

    http://msdn.microsoft.com/en-us/windows/hardware/hh852363

    Click Next until you see the Select the features you want to install screen.

    Select only the option named Debugging Tools for Windows and click the Install button. I typically install the tools to a directory named C:\debugger

    clip_image001[4]

    2. Open Windbg with administrative privileges.

    3. Configure the symbol path

    a. From within windbg, click on file, Symbol File Path

    clip_image002[4]

    b. In the Symbol Search Path insert the following:

    .sympath SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols

    (This will allow the debugger to use the public symbols that are available online)

    Configuring the physical Windows 7 client (Target) machine:

    1. Logon to the Windows 7 client that you are going to debug. If the machine is not booting you can run the commands from Winre or Winpe.

    2. Open an administrative command prompt and enable debugging by running the following command:

    Bcdedit /debug on

    If you are running the command from Winre or Winpe it would be

    Bcdedit /set {default} debug on

    3. Configure the debugger to use the COM port specified by running the following command:

    Bcdedit /dbgsettings Serial Debugport:1 baudrate:115200

    4. You can check these settings by running bcdedit /enum all

    You can see in the below diagrams that under Windows Boot Loader, debug is set to yes, and the debug settings reflect the last bcd command.

    clip_image003[4]

    clip_image004[4]

    5. Restart the Windows 7 client VM

    Serial Connection Setup:

    A null-modem cable is a serial cable used to send data between two serial ports and it can be cheaply purchased at most electronics stores. Be aware these are different from standard serial cables because the transmit and receive lines are cross linked.

    Plug the null-modem cable into a serial port on each of the computers.  The serial port on the target computer must be built into the system, add on components such as PCI cards will not work for serial debugging on the target computer.

    Remote Debugging:

    1. Launch windbg with administrative privileges.

    2. On the File menu, choose Kernel Debug.

    3. In the Kernel Debugging dialog box, open the COM tab.

    4. In the Baud rate box, enter the same rate you selected for the Target Machine in the steps above. This is usually 115200.

    5. In the Port box, enter COMx where x is the COM port connected to the null modem cable on this computer. In my example I plugged my null modem cable to com port 1 so I typed com1 in the field.

    a. It is not necessary to use the same port number on both the target and the host.  For example, it is possible to use com1 on the target and com2 on the host.

    clip_image005[4]

    6. Click OK and you’ll receive a message indicating the Host computer is waiting to connect.

    clip_image006[4]

    7. From the Debug menu select Break will cause the debugger to break into the target machine and give you the opportunity to debug your ailing production server.

    8. You can test the debug connection by running the !process 0 0 command. This will show you the running processes on the target Operating System.

    Jim Collins
    Senior Support Escalation Engineer
    Microsoft Commercial Technical Support

  • What’s New in Task Scheduler for Windows 8 & Server 2012

    Hello AskPerf! This is going to be a quick blog post to alert you to some of the changes in Windows 8 and Server 2012 as it relates to Task Scheduler. Most of these changes are a welcome addition like using PowerShell to manage Task Scheduler. There were however, some features removed that could affect you in your environment. Those include the following:

    Features Deprecated

    • Action: sendEmail
    • Action: showMessage
    • AT.exe cmdline utility

    clip_image001

     

    clip_image002

    Workarounds

    For the “Send an e-mail” action, you can use the PowerShell “Send-MailMessage” cmdlet in its place.

    For the “Display a message” action, you can use the built-in msg.exe command line tool. Help file output below:

    clip_image003

    Since the “AT” command has been deprecated, you can use schtasks.exe instead. If you need a command prompt launched as the Local System account, you can use “PSEXEC.EXE -s“. Psexec.exe is part of the PsTools, and can be downloaded here.

    For more information on what else has been changed since Windows Vista, check out the following MSDN article:

    What’s New in Task Scheduler

    For more information on the schtasks.exe command, check out the following AskPerf Blog:

    Two Minute Drill: The Schtasks command

    -AskPerf Blog team

  • How to live debug a VM in Hyper-V

    For this example I am using a Windows Server 2012 Physical machine with Hyper-V installed. I will setup a live Debug session with a Windows 7 sp1 Virtual Machine residing on the same server.

    • Win2012Debugger (Host) - This is the physical machine that will be used to do the debug
    • Win7 client (Target) - This is the client VM being debugged

    Configuring the physical machine:

    1. Install the debug tools

    http://msdn.microsoft.com/en-us/windows/hardware/hh852363

    Click Next until you see the Select the features you want to install screen.

    Select only the option named Debugging Tools for Windows and click the Install button. I typically install the tools to a directory named C:\debugger

    clip_image001

    2. Open Windbg with administrative privileges.

    3. Configure the symbol path

    a. From within windbg, click on file, Symbol File Path

    clip_image002

    b. In the Symbol Search Path insert the following:

    .sympath SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols

    (This will allow the debugger to use the public symbols that are available online)

    4. From within Hyper-V manager, go to the settings of the Virtual Machine you are going to debug to configure the Namepipe for the debugger to connect. This is configured in the COM1 settings. For this example I'm naming my Namepipe DEBUGWIN7

    clip_image004

    Configuring the Virtual machine:

    1. Logon to the Windows 7 VM that you are going to debug. If the machine is not booting you can run the commands from Winre or Winpe.

    2. Open an administrative command prompt and enable debugging by running the following command:

    Bcdedit /debug on

    If you are running the command from Winre or Winpe it would be

    Bcdedit /set {default} debug on

    3. Configure the debugger to use the COM port specified by running the following command:

    Bcdedit /dbgsettings Serial Debugport:1 baudrate:115200

    4. You can check these settings by running bcdedit /enum all

    You can see in the below diagrams that under Windows Boot Loader, debug is set to yes, and the debug settings reflect the last bcd command.

    clip_image005

    clip_image006

    5. Restart the Windows 7 client VM

    Remote Debugging:

    Now that both machines are configured, we can start the remote debug session.

    1. Launch windbg with administrative privileges.

    2. From the file pull down menu select Kernel Debug:

    clip_image007

    Make sure the settings match the debug settings configured earlier.

    a. Baud Rate = 115200

    b. Port = \\.\pipe\DEBUGWIN7 this was configured during step 4 of Configuring the physical machine

    c. Make sure the Pipe and Reconnect checkboxes are checked.

    d. Click OK

    3. You should now see the following screen:

    clip_image009

    4. One you see this screen go to the Debug pull down menu and select Break or Ctrl + Break to break into the debugger.

    clip_image011

    5. You can test the debug connection by running the !process 0 0 command. This will show you the running processes on the target Operating System.

    Jim Collins
    Senior Support Escalation Engineer
    Commercial Technical Support

  • Interesting findings on SETSPN -x -f

    Hello folks, this is Herbert from the Directory Services support team in Europe! Kerberos is becoming increasingly mandatory for really cool features such as Protocol Transition . Moreover, as you might be painfully aware, managing Service Principal ...read more