Note to self

Updated June 2019 So I have a little downtime which means I need a little project. On my 'havent setup in the test lab yet' is a polycom provisioning service. So, off to eBay i head for some devices (naturaly) and i'm pleasantly surprised to find some VVX handsets at a very reasonable £30. On a roll, i head off to find some Trio conference devices. A step up from the CX3000 they replaced, these are nice pieces of kit. I just missed out on a trio 8800 and visual+ bundle, so with VVX501 in hand i setup a provisioning service. FTP server - filezilla - check exceptions in the firewall - allow the filezilla app through - check DHCP options (160 AND 161 for newer firmware) - check Create a config file for the MAC address (i only have a single device, after all) Remembering to disable updates from the Lync/Skype/Office365 service - I dont want a reboot loop as it updated and downgrades repeatedly. <?xml version="1.0" standalone="yes"?> <

So its been a busy few weeks. Just to keep me on my toes we had an issue with a skype/lync client that couldnt sign in. The client just sat at 'attempting to contact server' with no error message. Test-CSClientAuthentication to the rescue. Although you do need to have the user close by for authentication. To cut a long story short - Active Directory attribute DisplayName had hidden line feed/carriage return characters. Once these were removed the client signed straight in.

Whenever I do criteria for searchquery with dates I always manage to get inconsistent result. (this is a throwback post to exchange 2010). Normally due to date formatting. So, note to self - the date format is yyyy-MM-dd when using -searchquery

I find myself in powershell more often that not these days, and sometimes using the GUI can be painfully slow or time-out. Firing up the homelab, I found this happening with WSUS. It had a lot of updates to chew through even though the VM had only been switched off for a couple of months. Step up powershell! Show all the commands available in the Update Services module Get-Command -Module UpdateServices Invoke-WsusServerCleanup -CleanupObsoleteUpdates -CleanupUnneededContentFiles -DeclineExpiredUpdates -DeclineSupersededUpdates -Verbose Thats should do a cleanup. Kick of a sync and show the progress (Get-WsusServer).GetSubscription().StartSynchronization() (Get-WsusServer).GetSubscription().GetSynchronizationProgress() Currently this is failing and I've still to check out why - the error claims "SoapException: Fault occurred InvalidCookie" More on that after some lunch! Update: After fixing lunch for jr and him deciding to have all the soup, it got

We're having some fun with sharepoint patching this week. I dusted down some old notes and re-acquainted myself with the patching process. Step 1 - find the service accounts! Step 2 - Use the 5 hour script by Russ Maxwell https://blogs.msdn.microsoft.com/russmax/2013/04/01/why-sharepoint-2013-cumulative-update-takes-5-hours-to-install/ Step 3 - if you use the script, remember to enable the disabled services (I'm looking at you, IIS Admin service) Step 4 - If psconfig fails (or claims that products arent installed), remember Get-SPProduct -Local and try again Step 5 - If PSConfig fails at the application file stage (merging xml) check the web.config files for comments <!-- blah blah --> Step 6 - Resume the search service application Happy patching!

Why would you bother! I hear myself cry. Surely 2012R2 or 2008 is more appropriate. Well, thats true, but when building a homelab to test patching, and you dont have 2012R2 or 2008 in your hyper-v templates, you have to play with the cards you're dealt. So, pre-requisites thanks to Roger : http://roger.dilsner.com/install-sharepoint-foundation-2013-windows-server-2016-solution/ Import-Module ServerManager Add-WindowsFeature NET-WCF-HTTP-Activation45,NET-WCF-TCP-Activation45,NET-WCF-Pipe-Activation45 Add-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Met

When playing with code to try and streamline the process I often add a stopwatch to the logging These are started: $stopwatch=[system.diagnostics.stopwatch]::startNew() Stopped: $stopwatch.Stop() (optional) Restarted: $stopwatch.Restart() Using these through the loggin process can highlight where loops can be improved on or commands take longer than usual (ie timeouts) Write-Output "Lab took $($stopwatch.elapsed.minutes)m:$($stopwatch.elapsed.seconds)s:$($stopwatch.elapsed.Milliseconds)ms to build" More on the stopwatch class https://msdn.microsoft.com/en-us/library/system.diagnostics.stopwatch(v=vs.110).aspx

This is a further update to my previous postings ( )on changes I've made to Aarons script for creating lab users. One of my requirement was enable users for Skype for Business. This is reasonably straightforward. In order to connect remotely to the SfB powershell, we need credentials. Once connected, we can enable the users with a default sip address of their email account (so some checks need to be in place) Eagled eye readers will notice i've also included a stopwatch to monitor the execution times. Very useful when tweaking the scripts to streamline the proces. Top to bottom, the switches required are: #Skype4Business parameters [switch]$Skypeenable, [string]$SfBFEServer, [string]$SfBPool, SfBFEServer is the remote machine we will connect to to execute the commands. SfBPool is the pool where the users will be homed on. If not specified, the script will try to be smart and do a DNS lookup for the _sipinternaltls._tcp record The functions required are: Function

Over the past couple of days I've been tweaking and adding to this useful script. (Previous update here: https://jc-nts.blogspot.com/2018/06/tweaks-to-create-labusers.html Aarons blog posts can be found here: https://blogs.technet.microsoft.com/undocumentedfeatures/tag/create-labusers/ Several iterations later (and few thousand mailboxes): Added functionality to enable Skype for Business Split the user and mailbox creation Tweaked mailbox creation to include users not previously enabled Fixed an issue where the password complexity would error on user creation (that was fun!) Fixed an issue where email addresses contain invalid characters Shaved off a few seconds here and there Included some extra logging and timings It should reach around 1.1 million accounts per day if creating AD only, however the extra logging does add to the run times. Performance will be dependent on the specification of the DC being targeted. This way I can fire up a DC, create 5000 users and

I mentioned in a previous blog post (setting up the homelab) that I used an excellent script from Aaron Guilmette to populate active directory ( https://blogs.technet.microsoft.com/undocumentedfeatures/tag/create-labusers/ ) There were a few tweaks that I made along the way, based on previous bulk user management trials and tribulations! A further update can be found here:   https://jc-nts.blogspot.com/2018/06/updating-create-labusers-take-two.html Skype for Business updates can be found here : http://jc-nts.blogspot.com/2018/06/update-to-create-labusers-enable-for-sfb.html Always connect to the same domain controller Creating a small number of accounts (with associated mailboxes, enabling for Lync/Skype for Business) in a large environment can produce unexpected problems, like not finding the account you have just created! In my experience, it turns out this was down to replication in AD. Two possible solutions are to build in delays to the script (not practical) or make sure

Homelab - the toys! After a few years working with different companies and their various testing/training/development environments, I've always wanted a bit more control over the kit and longed to have my own 'proper' setup at home. So over the past few months i've built a new homelab. I wanted to have some storage and a UPS so decided I'd make space for a rack. After a few weeks/months of trawling ebay and other sites for various parts I've ended up with: 2 x DL380 G7s with 128GB ram and local storage 1x P2000 storage array with drives (shared cluster storage) 1x D2600 storage array with drives (I ordered the wrong drives for the P2000 and rather than return them, I found another enclosure) 3 x Cisco 2811 routers 2 x Cisco 3560 POE switches 1 x Cisco 3750G switch 1x APC220R and all manner of drives, cables, power strips, expansion cards and server memory. Not to mention a 36U rack to fit it all into. The end result is a small private cloud, wher

Absolutely amazed.... I'm absolutely amazed, and astonished, that so much time has passed and I've done little to update this blog/list. I have literally hundred of snippets, notes and scribbles from the field that should have made it this far, but for some reason, they haven't. If only to remind myself in another few years of how bad my notes are, prepare to be updated! Some absence is expected (I love to throw myself at new work and challenges) but almost 4 years has passed. Time for some updates! First up - the homelab.

Some AD powershell commands used at some point. Some are used more often than others. Exporting to CSV Exporting can be interesting with PS. For consistency, I stick the following on the end of any powershell I want to export. Add the current date onto the filename for potential comparison. export-csv -NoTypeInformation -Encoding Unicode -Path c:\temp\Domaincontrollers-$(get-date -f yyy-MM-dd).csv The only issue I sometimes encounter is copying to/from RDP session. The first copy can be corrupt - the second copy/paste is usually fine - this is likely to down to the current settings at a client. Get the current domain controllers and some OS information and export to CSV Get-ADDomainController -Filter * | Select-Object Hostname, Site, OperatingSystem, OperatingSystemServicePack, OperatingSystemVersion, OperationMasterRoles, LdapPort, SslPort | export-csv -NoTypeInformation -Encoding Unicode -Path c:\temp\Domaincontrollers-$(get-date -f yyy-MM-dd).csv Get interesting AD