Windows server 2008 / 2008 R2 AD sync with external NTP server

18 Replies

As AD servers provide time to machines in a domain it is important to have AD servers synchronized with an realyable time source. If you know the project http://pool.ntp.org you can find NTP servers that are part of this “cluster” and are near to you. As I live in Slovenia we have a pool called si.pool.ntp.org in which you can find Slovenian NTP servers that are accurate enough to provide exact time (for those more familiar with NTP protocol in pool there you can find also most accurate stratum1 and stratum2 time servers…).

On AD server that is running Windows server 2008 / 2008 R2 you should run command prompt with administrative rights (right click / run as administrator).

First check difference between your server and external time source (in my example si.pool.ntp.org)

Command: w32tm /stripchart /computer:si.pool.ntp.org /samples:5 /dataonly

Example:
C:>w32tm /stripchart /computer:si.pool.ntp.org /samples:5 /dataonly
Tracking si.pool.ntp.org [194.249.198.37:123].
Collecting 5 samples.
The current time is 24.6.2011 13:29:08.
13:29:08, +08.8351541s
13:29:10, +08.7976694s
13:29:12, +08.8065559s
13:29:14, +08.7534768s
13:29:16, +08.7956427s

Confiure your server to use external NTP time source for sync:

Command: w32tm /config /manualpeerlist:si.pool.ntp.org,0x8, /syncfromflags:manual /update

Example:
C:>w32tm /config /manualpeerlist:si.pool.ntp.org,0x8, /syncfromflags:manual /update
The command completed successfully.

Force sync immediately:
Command: w32tm /resync

Example:
C:>w32tm /resync
Sending resync command to local computer
The command completed successfully.

I will now retry the first command to see the results:

C:>w32tm /stripchart /computer:si.pool.ntp.org /samples:5 /dataonly
Tracking si.pool.ntp.org [193.2.111.2:123].
Collecting 5 samples.
The current time is 24.6.2011 13:19:20.
13:19:20, +00.0485657s
13:19:22, +00.0415741s
13:19:24, +00.0380984s
13:19:26, +00.0342493s
13:19:28, +00.0310221s

My contribution to IPv6 day – Configuring IPv6 in Windows server 2008 R2 – video tutorial

16 Replies

My contribution to IPv6 day will be this small “lab” test where I will show you some basic IPv6 configuration that you can do with Windows server 2008 R2.
Here are the videos:

IPv6 day – configuring IPv6 in Windows server 2008 R2 part 1 – http://www.screencast.com/t/Ifj2lx4hTG
IPv6 day – configuring IPv6 in Windows server 2008 R2 part 2 – http://www.screencast.com/t/PSf3q5yr4BF

What do we have in our LAB?

1. Windows server 2008 R2 with two network cards:
External – with IPv6, gateway and DNS configured
Internal – with IPv6 address only

External IP has internal class static routed on our Cisco router in front of Windows server external card.

2. Windows 7 machine with single network card that is connected to the same switch as servers’ internal card.

What will we do:

In the fist video:

First we will start with some basic checking of network configuration on server.
Then we will run netsh (I run a command prompt with “Run as administrator”) and go to
netsh / interface / ipv6

with command

show route we can see ipv6 routes currently configured – we would like to enable publishing of route that I have highlighted in the video.

set route PREFIX INTERFACE_NUMBER publish=yes

then we will run an command to enable advertising, to disable address management (so Windows 7 will generate IPv6 without help od DHCPv6) (M flag) and we will disable other stateful configuration (O flag).

set interface INTERFACE_NUMBER adv=enabled managed=disabled other=disabled

Meanwhile we are checking IPv6 connectivity from our Windows 7 machine… Windows 7 is still unable to ping outside the network…

well we need to configure some other stuff on server now… we will enable forwarding on our two interfaces (External and Internal)

set interface INTERFACE_NUMBER forwarding=enabled

still no connectivity from win 7? 🙂

last step that we need to do on our server is to advertise default route to our clients

set interface INTERFACE_NUMBER advertisedefaultroute=enabled

So our Windows 7 sudenly start to recive ICMPv6 echo replyes from some IPv6 machine outside our network WUHU! 🙂

But Windows 7 machine is not able to resolve hostnames to IPV6 addresses – this is becouse we have now global IPv6 address configured and default gateway – so we have connectivity but we are not able to resolve hostnames as we do not have any DNS servers to do that.

On Windows server 2008 R2 I will start the installation of two roles – first DHCP role which I wil configure later and DNS role.

When the roles are installed I will configure so called forwarders on my DNS server so my clients will be able to use my server as a DNS server for their queries.

In the second video:

I will first flush IPv6 configuration on Windows 7 machine by using command
ipconfig /release6
ipconfig /renew6 (is the opposite command to regain IPv6 configuration)

Secondly I will configure DHCPv6 server by starting New Scope wizard under IPv6 settings…

I will configure prefix – this ipv6 prefix of Internal network card

Skip the exceptions and activate the scope…

You will see that Windows 7 still did not ask DHCPv6 servers for address this is becouse managed flag is set to disabled on server so…

in netsh / interface / ipv6 we need to activate managed flag by inserting this command:

set interface INTERFACE_NUMBER managed=enabled

Our Windows 7 machine can now be found in IPv6 leases on our DHCP server – but still it is unable to ping hostnames on the internet… This is becouse our DHCPv6 server is not giving DNS servers as scope options and Other stateful flag is disabled.

So we first need to add DNS Recursive Names Server IPv6 Address in our Scope options and then use netsh command:

set interface INTERFACE_NUMBER other=enabled

Yeeepppeee!!! Our Windows 7 is ready to ping hostnames on the internet – so it is able to surf the IPV6 internet…

When I am finishing this article is 8.6.2011 23:37 – this is my small contribution to IPv6 day so happy IPv6 day to all of you! 🙂

Samsung Omnia 7 // Windows phone 7 tethering… FINAL and WORKING!

4 Replies

How to enable tethering on Windows 7 x64 + Samsung Omnia 7  – Windows phone 7…

I do not know for Windows 7 32 bit but on 64 bit I got unknown device so you need to download drivers that can be found here (well exactly here). Download the package and install it.

Connect your phone using USB cable…

First dial: ##634#

Then dial: *#7284#

Choose: Modem, Tethered call

Device will reboot… 

Now you can create a connection to your ISP using dial up modem (chose Samsung mobile modem…)

dial string: (for my ISP – Mobitel Slovenia) *99#
username: mobitel
password: internet

When you click connect you may get error “no carier” (check the log in c:windowsmodemlogs)

If you get this error open device manager, go to your modem and get to properties… In advanced tab put this string in Extra initialization commands…:

AT+CGDCONT=1,”IP”,”internet”

*change the string “internet” into your Access point name (example: “accesspoint”)

It should go now!

This post is writen using my thetered connection. 🙂

Get IP address of virtual machines running on Hyper-V – FIXED!

1 Reply
Big thank you – goes to Max Trinidad my fellow MVP from Powershell group…
Here is errorless script – much better than mine! 🙂
Copa, paste and save as .ps1 – then run on your Hyper-V server and you will get IP’s of your virtual machines…

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

## – Use Line below to list all your Virtualization Class
#get-wmiobject -namespace “root/virtualization” -list

## – Load filter (or function first)
filter Import-CimXml{

    $CimXml = [Xml]$_
    $CimObj = New-Object -TypeName System.Object
   
    foreach ($CimProperty in $CimXml.SelectNodes(“/INSTANCE/PROPERTY”)){
        if ($CimProperty.Name -eq “Name” -or $CimProperty.Name -eq “Data”){
            $CimObj | Add-Member -MemberType NoteProperty -Name $CimProperty.NAME -Value $CimProperty.VALUE
        }
    }
   
    $CimObj
}

## – Collect WMI Virtual information
$getWmiVirtual = Get-WmiObject -Namespace “rootvirtualization” -Query “Select * From Msvm_ComputerSystem” | sort-object elementname

## – Build your results from your collected objects
ForEach($v in $getWmiVirtual){
    $vm = $v.ElementName;
    $VmObj = Get-WmiObject -Namespace “rootvirtualization” -Query “Select * From Msvm_ComputerSystem Where ElementName=’$vm'”;
    $KvpObj = Get-WmiObject -Namespace “rootvirtualization” -Query “Associators of {$VmObj} Where AssocClass=Msvm_SystemDevice ResultClass=Msvm_KvpExchangeComponent”;
    if($KvpObj.GuestIntrinsicExchangeItems -ne $null){
        write-host $vm;
        $KvpObj.GuestIntrinsicExchangeItems | Import-CimXml | where {$_.NAME -match “NetworkAddressIPv4”} | ft;
    }
}

## – End of Script

Get IP address of virtual machines running on Hyper-V

2 Replies

I have been searching for an easy solution to somehow “scan” virtual machines and get their IP addresses becouse sometimes you need to find your virtual machines and it is more practical to somehow get a whole list of machines + IPs in stead of loging in from machne to machine and check IP… Well it can be done using Powershell… I have encountered an article but the problem is that here you need to put machine name on which you want to get data… I modified this script a bit so it looks like:

Get-WmiObject -Namespace rootvirtualization -Query “Select * From Msvm_ComputerSystem”| sort-object elementname | ForEach-Object {$vm = $_.Elementname
write-host $vm
filter Import-CimXml
{
    $CimXml = [Xml]$_
    $CimObj = New-Object -TypeName System.Object
    foreach ($CimProperty in $CimXml.SelectNodes(“/INSTANCE/PROPERTY”))
    {
if ($CimProperty.Name -eq “Name” -or $CimProperty.Name -eq “Data”)
{

         $CimObj | Add-Member -MemberType NoteProperty -Name $CimProperty.NAME -Value $CimProperty.VALUE

}
    }
    $CimObj
}
$VmObj = Get-WmiObject -Namespace rootvirtualization -Query “Select * From Msvm_ComputerSystem Where ElementName=’$vm'”
$KvpObj = Get-WmiObject -Namespace rootvirtualization -Query “Associators of {$VmObj} Where AssocClass=Msvm_SystemDevice ResultClass=Msvm_KvpExchangeComponent”
$KvpObj.GuestIntrinsicExchangeItems | Import-CimXml
} | where {$_.NAME -match “NetworkAddressIPv4”} | ft
read-host

So… Copy paste this script to an text file and save it as getip.ps1 and run it using powershell – it does need any other modules you should only run it on Windows Server where you have Hyper-V role installed… (I do not remember but I think you should enable execution policy for ps1 scripts… If you have truble executing your ps1 check here…)

By the way… This script has an error first virtual machine name will not fit in table (I do not know why 🙂 ) and you will get an error when this script will try to analyze your Hyper-V host machine… I do not know how to solve this two errors if someone out there solves it please provide feedback. 🙂 Thank you!

SBS 2011 – Import PST in Exhange 2011

6 Replies

To enable import and export of mailboxes on SBS 2011 you need to:

Go to Windows SBS console and create a security group – that shuld be universal (by default) for example: Mailbox management

Add administrator / admin account to the group

Then you need to enable “import / export” feature on members of this group. To do that you need to open Exchange Management Shell (Powershell with Exchange 2010 modules) as administrator and write:

New-ManagementRoleAssignment -Name “Import Export Mailbox Admins” -SecurityGroup “Mailbox management” -Role “Mailbox Import Export”

After that you can folow my article to import or export mailboxes

Happy migration :) Exchange 2003 to Exchange 2010 SP1

Leave a reply

We have setup a completely new environment with Exchange 2010 SP1… Old Exchange 2003 had around 100 mailboxes with quota from 300 MB – 1GB. I used Exmerge to export all mailboxes from Exchange 2003 (using ExMerge to extract PSTs from Exchange 2003 database) and sucessfuly used new Powershell cmdlets to import them to users in Exchange 2010…

You first need to add permissions to a group in which you put administrator to be able to use import / export features. You can read about that in this article.

Useful comdlets are:

Importing pst to existing mailbox:

New-MailboxImportRequest -FilePath \oldservershareuser1.pst -Mailbox user1

To check status of your import type:

Get-MailboxImportRequest | Get-MailboxImportRequestStatistics

If import fails you can try with option:

New-MailboxImportRequest -FilePath \oldservershareuser1.pst -Mailbox user1 -BadItemLimit 10

What it does? Saso (tnx man!) explained to me, that it might happen when you have used some antivirus solution that has “corrupted” some e-mails… So try with BadItemLimit 10 probably we are talking about one or two e-mails with problems.

If you want to remove old importrequest you can use:

Remove-MailboxImportRequest -Identity usernameMailboxImport or MailboxImport1 or 2…If you want to look at just a signle mailbox import progress you can use modified cmdlet:

Get-MailboxImportRequest -Identity usernamemailboximport | Get-MailboxImportRequestStatistics

At the end you will have alot of Completed malilboximport’s… If you want to cleane up your exchange you can run:

Get-MailboxImportRequest -Status Completed | Remove-MailboxImportRequest

Happy importing! 🙂

IPv6 is comming… Get some knowledge and get certified…

Leave a reply

IPv4 address space is comming to an end… For all you there is an easy solution to get some knowledge and do some practice using IPv6 – the new generation of IP on http://ipv6.he.net/certification/

It is realy hard to move on in technology if you do not know what exercises to do and what to try… Hurrican Electric certification process will guide you through some basic and more advanced IPv6 tasks… Just go ahead and try… It’s free!

IPv6 Certification Badge for manojlovicl