Skip to main content


Showing posts from 2012

LOAD "*",8,1

trip down memory lane. while sipping coffee this morning, i suddenly became curious about how many of you all are old enough to remember this: load "*",8,1 (which is also in my blog header) ... well, if you were ever curious, it's a command from commodore dos, which instructs the computer to load the first thing on the disk. as long as the first thing was what you wanted to load up, it was a cool, quick way to do it. hope you are having a wonderful thanksgiving holiday.

sccm: top console users report

let me preface this post by saying, this is in a 2007 environment. in a 2012 environment, you have user/device affinity. :-) right? you’re thinking to yourself… self, this already exists natively in configmgr, why am i reading this blog post? let me try to answer that. in some environments, it is not uncommon for domain accounts to run as services on a workstation (e.g. blackberry, mcafee, etc). when this happens, the top console user for a system ends up being the service account. i figured the best thing to do would be to write my own and eventually elevate it to a view of some type that i could use for reporting. i started off by taking apart the v_gs_system_console_usage_maxgroup view and creating my own query. what I ended up with is a bit frankenstein with some of the field names that do not make sense. this is somewhat because the original query used a different method of calculation… and mostly because i am freakin’ lazy. here’s the final outcome: SELECT SYS.Name0,

winnate: keyboard shortcuts

picked these up in a trailing end post from wired . good stuff to keep on hand: Windows logo key + start typing: Search your PC Ctrl+plus (+) or Ctrl+minus (-): Zoom in or out of many items, like apps pinned to the Start screen or in the Store Ctrl+scroll wheel: Zoom in or out of many items, like apps pinned to the Start screen or in the Store Windows logo key + C: Open the charms Windows logo key + F: Open the Search charm Windows logo key +H: Open the Share charm Windows logo key +I: Open the Settings charm Windows logo key + K: Open the Devices charm Windows logo key + O: Lock the screen orientation (portrait or landscape) Windows logo key + Z: Open commands for the app Windows logo key + PgUp: Move the Start screen and apps to the monitor on the right (apps in the desktop won’t change monitors) Windows logo key + PgDn: Move the Start screen and apps to the monitor on the left (apps in the desktop won’t change monitors) Windows logo key + Shift+period (.): Snap an app

winnate - problems connecting to wireless networks

chances are, if you work in an office building with managed wireless access points, you have probably run into this problem outlined here: in particular this problem manifests in cisco equipment filed under CSCua29504 . cisco has released updates to correct this problem. i’m guessing you are in an environment where windows 8 isn’t exactly a supported platform yet so it’s highly unlikely the wireless controllers will be updated soon just to make you happy. there is a workaround – roll back to older drivers that are not windows 8 logo certified and hence have not implemented 802.11w. according to the kb article listed earlier, there is no means of turning off 802.11w support in windows 8. :-| it took a little digging to find this problem, but i found the best info in this blog post which has all the pertinent links you could ever want. anyway, until next problem… :)

problem encountered using ftp-ssl with opalis (and corrected)

for a few days, i have been intermittently pulling my hair out trying to figure out why ftp-ssl with the opalis “upload file” object wasn’t working. after trying many permutations, i finally figured it out. sigh. it required some opening ports and other stuff… but the last thing that got me was this particular setting which i’ll get to in a second. for now, let’s examine the error in the output: Error Summary: Connection to FTP site failed Details: OPR-FTP(9560) v3.6.17.8 SCRIPT LOG FILE   Thu Sep 13 08:46:52 -- Line 6: FTPLOGON "myftpsite" /user=xxxxxxxx /pw=************** /port=xxx /servertype=FTPSDATA /trust=ALL /timeout=30 Thu Sep 13 08:46:52 => *Logging on to <myftpsite> as SSL/FTP with secure control and data channels. Thu Sep 13 08:46:52 => *Logon in progress... Thu Sep 13 08:47:07 => *Change directory (CWD) failed during log on -- may need to use /allowerrors option. Thu Sep 13 08:47:08 => *Conn

retrieving wmi class mof information

this powershell powertip is SO cool i just had to repeat it. using the wmiclass type accelerator , you can use a method called gettext to pull down the mof. so using their example, the following command is issued: ([wmiclass] "win32_pingstatus" ).GetText( "MOF" )   from that, we receive the following information: [dynamic: ToInstance, provider( "WMIPingProvider" ): ToInstance] class Win32_PingStatus { [read: ToSubClass, key] String Address; [read: ToSubClass, key] uint32 TimeToLive = 80; [read: ToSubClass, key] uint32 Timeout = 4000; [read: ToSubClass, key] uint32 BufferSize = 32; [read: ToSubClass, key] boolean NoFragmentation = FALSE; [read: ToSubClass, key] uint32 TypeofService = 0; [read: ToSubClass, key] uint32 RecordRoute = 0; [read: ToSubClass, key] uint32 TimestampRoute = 0; [read: ToSubClass, key, ValueMap{ "0" , "1" , "2" }: ToSubClass] uint32 SourceRouteType = 0; [read

finding the right nic in server core

a recently deployed server, on windows 2008 server core , start kicking out some replication notifications which when checking the configuration did not seem to jive. i started poking around when i realized the horror: i don’t know where to find what i’m looking for! long story short, the server suffered from a biological procedural failure to set the nic properly to the right speed. while the nic was set for auto, it was not set for the critical 1gb full auto. the question now is how was this determined, even though netsh is not helpful for this scenario? the answer is … the registry. <sigh>   finding the right interface guid this is a fairly simple and probably routine thing for you if you’ve done any digging around. the idea is to find the nic with the right ip address associated to it. it’s difficult sometimes to do this when you have a server with four nics but only one enabled. this is a smart way to filter them out. navigate to hklm\system\currentcontrolset\services\

winnate – where’s the ctrl+alt+del?

do you prefer your lock screen to require the ctrl+alt+del key sequence to log on? well, i do. i admit it might be force of habit, but i really enjoy that little sense of security. by default, in windows 8, when you hit a key, the picture screen scrolls up, and let’s you log on. if you want your security blanket back, this is what you do: open control panel open up user accounts click on “manage user accounts” switch to the advanced tab under secure sign-in, enable “Require users to press Ctrl+Alt+Delete” and you’re off… :)

winnate – .net framework 3.5

hi again. the first thing i wanted to do when i experienced things i wanted to capture was to fire up live writer. well, i probably didn’t mention it, but i rebuilt my desktop because i was running layer upon layer of betas, previews, and release candidates with windows 7. anyway, a total exercise in frustration trying to blog on something only to run into a different problem that i have to blog on… and so here we are. :)   problem when i attempted to install live writer, i realized .net framework 3.5 was required and missing. generally, you can enable features like this in “programs and features.” i mean, it really should be that simple. however, if your system administrator (or you) has changed policies to redirect your computer to windows server update services (wsus) instead of windows update, you will run into an error message that looks like the following: Windows couldn't connect to the Internet to download necessary files. Make sure that you're connected to the

winnate – modifying hidden sizes

recently i made the jump to windows 8 (hence the name winnate – uh win8?). if you have been a long time user of windows, then you will appreciate the pun since some stuff in windows 8 is -not- winnate knowledge. i’m collecting all of the annoyances, changes, tips along the way and am going to blog about them because i know i’ll be looking for it later. :( secondarily, it might help you too. ;-) here’s the first one.   modifying the bordersize in windows 7, modifying border size was not an issue at all. however, in windows 8, it’s quite a ways buried. in fact, you are left with adjusting it in the registry. why? i dunno. if you want, you can modify the registry to change it. otherwise, this cool utility seems to do the trick. it doesn’t require installation either: tiny windows borders   modifying the desktop icon size again, another seemingly missing setting is the icon size for items on your desktop. this is pretty simple. minimize everything so you don’t disrupt anything or

atlanta systems management user group [atlsmug] meeting 9/7/2012!

if you haven't heard, it's time for another quarterly (?) meeting. :) to help ease your registration (because i know you're coming,) i have embedded the ticket form below. schedule details are still be ironed out and maintained at . look forward to seeing you there! Event management for Atlanta Systems Management User Group [ATLSMUG] Meeting - 9/7/2012 powered by Eventbrite

system center 2012 configuration manager ... UNLEASHED!

hi all. a book that i (and many other authors) worked on has released on amazon as a kindle edition. the paperback will follow up a little later. based on the title of the book i have to ask a question. if i dramatized the release, would it be... SYSTEM CENTER 2012 CONFIGURATION MANAGER UNLEASHED! ... RELEASED! ...? hmmm. i dunno. :) anyway...   the book description: This is the comprehensive reference and technical guide to Microsoft System Center Configuration Manager 2012. A team of expert authors offers step-by-step coverage of related topics in every feature area, organized to help IT professionals rapidly optimize Configuration Manager 2012 for their requirements, and then deploy and use it successfully. The authors begin by introducing Configuration Manager 2012 and its goals, and explaining how it fits into the broader System Center product suite. Next, they fully address planning, design, and implementation. Finally, they systematically cover each of Configuration Manage

atlanta techstravaganza presentations

if you were fortunate enough to be in atlanta for the event, you might not need it. nice to have as a refresher though. for everyone else, here are the recordings from the event: not all of them were captured, it turns out. oh well. you can't have everything go right all the time. :)

powtoon for presentations

spent a few minutes this morning using a service called powtoon . it's basically a flash application that presents a way of creating presentations (or movies) in an animated fashion. after watching a couple of videos, it's actually quite easy to do. the premise is you have a canvas on which you can add objects of varying types. when you add an object, you're adding it against a timeline displayed in seconds. the idea is that most objects have some type of controllable egress/ingress. for example, you can make things fade in or move up or down. you can add effects like having a hand show up and pull the object away. it's a bit limited in what you can do... but it's a really cool start. sign up for a beta invite and try it out. here's the one I put together this morning for fun:

error when using add-type with

yesterday, I was goofing around w/ the ews dll trying to use it to retrieve some information from exchange. well, I got it working on my laptop but could not get it working on my other two systems which kept erring out with the following message: [3] {C:\temp} > Add-Type -Path "c:\temp\Microsoft.Exchange.WebServices.dll" Add-Type : Could not load file or assembly 'file:///c:\temp\Microsoft.Exchange.WebServices.dll' or one of its dependencies. Operation is not supported. (Exception from HRESULT: 0x80131515) At line:1 char:1 + Add-Type -Path "c:\temp\Microsoft.Exchange.WebServices.dll" + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Add-Type], FileLoadException + FullyQualifiedErrorId : System.IO.FileLoadException,Microsoft.PowerShell.Commands. AddTypeCommand after a few unsuccessful iterations of stupidity, I examined the configuration: working system windows 8

system center licensing

hi all. my friend marnix recently completed a 5-part series on licensing. licensing can be complicated enough to understand but really gets “complified” when things change between versions so i wanted to point out this series. if you recall at the atlanta techstravaganza, one of the topics was understanding system center licensing. anyway, here’s the post: part i: teaser part ii: meet contoso part iii: know what you have part iv: time to do some math part v: some q & a

a guest post? not quite...

i received this interesting request from "sarah" asking if i had an interest in a guest blog post. isn't that interesting? here's the email: Hi Marcus, I'm getting in touch with you because I'm interested in writing an article for your blog. I came across your blog post while writing for a website on music production. During my research, I've found an increasing focus in terms of design as the tools and technology available today improve our ability to customize how create music and collaborate as musicians Please let me know if you'd be interested in an article this topic. Thanks, and I look forward to hearing from you soon. Best, Sarah as you know, i write tons on music, music theory, musical collaboration, and such. NOT. if sarah's "research" on the purpose/scope/focus of my blog is any indication of her research in music, i wouldn't be interested even if i did have a topic that was germane to her resea

enumerating dns records with powershell

here's a way to list dns records with powershell going through wmi. keep in mind the dns class does not appear to support wildcards. :( get-wmiobject -ComputerName servername -Namespace root\microsoftDNS -Class MicrosoftDNS_ResourceRecord -Filter "domainname='mydomain'" | select textrepresentation   i haven't figured out how to loop through subdomains and dump them out yet. :/ it's a start. hopefully you guys have something better you can share.

windows phone 8 for business

i have spent most of this morning listening to the windows phone summit keynote in the background. i started paying a lot more attention when the windows phone 8 for business part came up. it's not too awful. this speaker is pretty good! if you missed the video, it's located here: the stuff for business (as in manageability, encryption, etc) starts ~28 minutes in. big news is the windows phone and windows 8 os share a common core, thus providing some really interesting benefits. here are the key items: complete security platform: encryption and secure boot covered by bitlocker flexible app distribution: signed applications deployed by internal application store instead of marketplace (think sideload-esque) supporting on-premise intranet or cloud device management: covered by the same technologies that manage windows os deep voip integration: skype or cell looks identical -- could mean reduced minutes plan company

xian network manager 2012

if you're an opsmgr admin, you either have used or have heard of jalasoft. they've been in the market for quite a while now -- nearly 10 years maybe. anyway, i just wanted to help them get the word out that their 2012 product has released. anyway, i don't have opsmgr 2012 deployed yet so understanding the functional limitations with network discovery is at a bit of a loss right now. the product screenshots look kind of compelling though. the use of a concept called " netflow " seems to stick out -- which appears to be a kind of way to view traffic patterns and determine  endpoints pushing around a lot of packets.   this seems to be a pretty good definition of netflow according to my friend glenn graham: Similarly, NetFlow-enabled routers and switches capture measurements of the network traffic at points in the network and transmit this captured data in the form of User Datagram Protocol (UDP) or Stream Control Transmission Protocol (SCTP) packets to a N

ad replication status tool

by now, if you haven't heard of it already, you probably will soon enough. microsoft released a new tool which outputs the replication status of your AD infrastructure. anyway, it's like viewing the same data ... a little more visually. i would love to see more dataviz ... but it's a great start. here's an overview from the download page: The Active Directory Replication Status Tool (ADREPLSTATUS) analyzes the replication status for domain controllers in an Active Directory domain or forest. ADREPLSTATUS displays data in a format that is similar to REPADMIN /SHOWREPL * /CSV imported into Excel but with significant enhancements. Specific capabilities for this tool include: Expose Active Directory replication errors occurring in a domain or forest. Prioritize errors that need to be resolved in order to avoid the creation of lingering objects in Active Directory forests. Help administrators and support professionals resolve replication errors by linking to Active D

winnate – using windows 8 with cisco vpn

are you having the same connection issue i was when trying to use the cisco vpn client? here’s what the message looks like: the message states: Reason 442: Failed to enable Virtual Adapter. this is the second time i’ve had to do this so i figured capture it. anyway, found the steps here: anyway, it looks like the vpn client tries to enable the virtual adapter by its display name. the installation does some funky crap with the display name: broke: @oem8.inf,%CVirtA_Desc%,Cisco Systems VPN Adapter for 64-bit Windows good: Cisco Systems VPN Adapter for 64-bit Windows once you remove the crud and try again, it works. here’s the actual steps that raman posted: Open Registry editor by typing regedit in Run prompt Browse to the Registry Key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\CVirtA Select the DisplayName to modify, and remove th

self-study guide for system center

here's some more good stuff scott wrote for use as study guides. excellent materials ... system center 2012 self-study guide (complete edition)   the individual parts... system center 2012 self-study guide (overview) system center 2012 self-study guide (advisor and app center) system center 2012 self-study guide (configmgr) system center 2012 self study guide (data protection manager and endpoint protection) system center 2012 self study guide (operations manager) system center 2012 self study guide (orchestrator and service manager) system center 2012 self study guide (unified installer and virtual machine manager)

checking dns forwarders of all domain controllers

connect to the ldap provider $dcs = [adsi] LDAP://ou=domain controllers,dc=mydomain,dc=com get a list of all dcs $dcs = $dcs.psbase.children | select -ExpandProperty name query the dns class $dcs | % { Write-Output $_ ; (gwmi -Namespace root\microsoftdns -ComputerName $_ -Query "select forwarders from microsoftdns_server" ).forwarders }

configuration manager 2012 service pack 1

the announcement of enhancements for configmgr 2012 with sp1 was delivered yesterday at teched. here's a rundown from the slides (since i am not there): Platform Support: Windows 8 Windows 8 tablet (Intel SoC) support Mac OS X Linux and Unix Hardware Inventory: 16 core classes viewable through Resource Explorer Extensible model – supports custom classes and pluggable providers ARP shows all native installed software (e.g. rpm’s or pkg’s) Create collections of Linux/UNIX computers Software Deployment Using the Package and Program model Deploy/patch software, deploy OS patches and run maintenance scripts that target a collection Secure and Authenticated communications Consolidated reports Operating System Deployment: Windows To Go support BitLocker changes: TPM and PIN Used Space BitLocker Prestage media now supports additional content types: Before: WIM Now: WIM, Applications, Drivers, Package/Programs Application Delivery: Metro style applications

opsmgr is running around crashing servers

okay, calm down. i'm totally sensationalizing the actual issue. had a domain controller go sour this morning, basically no longer advertising sysvol. here's a sample of the event: Event Type: Error Event Source: Application Error Event Category: (100) Event ID: 1000 Date: 1/1/2012 Time: 12:00:00 PM User: N/A Computer: <Computer Name> Description: Faulting application svchost.exe, version 5.2.3790.3959, faulting module netman.dll, version 5.2.3790.3959, fault address 0x0000000000008d4f. it isn't immediately obvious, but this problem is actually caused by opsmgr (as in the blog title implies). to be absolutely fair, opsmgr isn't actually at fault . however, it pounds the crap out of netman.dll which exposes a bug, causing the failure of the server service. when you lose the server service, you lose any process running spawned from svchost. that's a lot of stuff. here's the full article: http://suppor

windows 7 and wmi repair

a friend sent me an im today asking if i had experienced a situation with windows 7 that generally acted "funky", seemingly hanging applying settings, and such. what he determined from trace evidence is that wmi initiated a repair, but it wasn't initiated by an admin. i told him i could have sworn i had seen where windows 7 behavior changed and initiated a self-repair when it found certain conditions to be true. (i, of course, cannot find this anywhere now so if you know where it is, please leave a link in the comments!) long story short, windows 7 does initiate a self-repair. it isn't immediately evident in this article, but this article talks about a hotfix which suppresses unnecessary full diagnostics -- which can be cpu intensive, causing the problems my friend experienced. from the article: When you perform one of the following operations on a computer that is running Windows Server 2008 R2 or Windows 7, the operation may take a long time to complete: Start

self-study guide for powershell

here's another great study guide from the same friend . sharing is caring!   Top Level Site for PowerShell:   Windows PowerShell Training Windows PowerShell Getting Started Guide Scripting with Windows PowerShell PowerShell Essentials for the Busy Admin (5 part video series) Why You Should Learn PowerShell How to Compound Windows PowerShell Commands for Fun and Profit A Look at Windows PowerShell Providers Windows PowerShell Does Event Logs Using Windows PowerShell to Manage the Remote Desktop Windows PowerShell – Learn it Now Before It’s an Emergency (5 part video series) Part 1 Part 2 Part 3 Part 4 Part 5 Windows PowerShell Owner’s Manual Getting Started with Windows PowerShell Customizing the Windows PowerShell Console Windows PowerShell Shortcut Keys Piping and the Pipeline Running Windows PowerShell Scripts The Windows PowerShell Profile Windows PowerShell Aliases Windows PowerShell User’s Guide W

self-study guide for system center endpoint protection

whether you call it forefront endpoint protection (fep) or system center endpoint protection (scep), you might find these resources valuable as a means of getting up to speed. a good friend of mine created this awesome guide. anyway, sharing is caring. here you go...     Top Level Site for SCEP:   Forefront Training Featured Videos Forefront Endpoint Protection 2010 Top 5 Reasons to Move to Forefront Endpoint Protection 2010 Forefront Endpoint Protection: New Protection Feature Demos Understanding the Convergence of Security and Management Forefront Endpoint Protection 2010 Demos and Interview Protecting your Infrastructure with Microsoft Forefront Endpoint Protection 2010 How to Create a Policy with Microsoft Forefront Endpoint Protection 2010 Forefront Endpoint Protection 2010: Simplified Policy Management Demo How to Deploy the Microsoft Forefront Endpoint Protection Client to a Computer How to Run a Quick Scan with Microsof

upgrading to windows 8 release preview

i saw some tweets a couple of days ago referencing a release preview blog that was posted and pulled because it posted early. well, i looked off and on for an announcement about it yesterday but ended up missing it because i was out. long story short, if you missed it too, it's available now . :) now, consider your options before you move forward. there is no going back to what you had before so be prepared. the only going back is reinstalling. speaking of reinstalling, if you're upgrading from xp, vista, or 7 the good news is there are some things that you can keep. windows 7 is the friendliest in that respect. if you are running one of the earlier windows 8 previews, put on your sad panda face because you will not be keeping anything relative to programs, windows settings, or account info. that detail is available in the faq . this morning i'm taking the plunge and installing the release preview. that means i'll be spending the weekend reinstalling apps. :) joy.

two upcoming events i wanted to mention

hi and good morning. i wanted to mention a couple of upcoming events that may interest you.   JUNE 1ST: the first is the atlanta techstravaganza event which has turned into an annual thing. not sure if you know this or not but atlanta systems management user group is a part of it and has been since the inception. the event has a great line-up of folks -- both mvp and other talent. it's a full day event with food, prizes, etc so plan accordingly. the schedule, registration, and everything else can be found at . hope you can make it!   MULTIPLE EVENTS: the second event is windows server 2012 community roadshow which is brought to you by fellow mvps. it's a four hour event at various locations both stateside and internationally. you can get all the information at the following location: sorry atlanta peepz -- it doesn't appear there's going to be an atlanta event. the closest you'll

"get computer/ip status" activity throws raw socket error

recently ran across this quirk trying to test a runbook in orchestrator... PROBLEM SUMMARY while in the runbook designer, whenever the "get computer/ip status" activity is called, it fails with the following error:     the error summary text in its entirety: Raw socket error. Error: 10013 An attempt was made to access a socket in a way forbidden by its access permissions.   according to this microsoft article (thanks richard catley), the error translates to this: WSAEACCES (10013) Translation: Permission denied. Description: An attempt was made to access a socket in a way that is forbidden by its access permissions. For example, this error occurs when a broadcast address is used for sendto but the broadcast permission is not set by using setsockopt(SO_BROADCAST). Another possible reason for the WSAEACCES error is that when the bind (Wsapiref_6vzm.asp) function is called ( in Microsoft Windows NT 4 .0 Service Pack 4 [SP4] or later), another program, service, or

managing client remediation in configmgr 2012

picked up this article from steve rachui. been extremely negligent on writing blogs and reading blogs this last year because of some other commitments. anyway, kent agerlund lays out a process for using settings management (aka dcm) to turn off client remediation for scenarios where a targeted selection of machines (e.g. servers, domain controllers, etc) may exist under stricter change control processes that do not allow the client to reinstall itself. anyway, check out the article here:

ntlm authentication is not dead nor are its problems

hanging out at tec this week, a recurring theme came up more than once. it's this thing called maxconcurrentapi. here's some relevant links:;EN-US;928576

remote desktop keyboard shortcuts

because you're going to need them... and when you get around to using windows 8, you'll see what I mean. I picked this up from . dropping it here for reference.

how to manage emails and tasks

warning: this is not really a technology related post. this is a system I use to manage my team, my tasks, follow-ups, etc. it's all based in the paradox of choice that is outlook and the way you can do practically the same thing in about 37 different ways. I demonstrated this to my team the other week, and they really enjoyed it and found it immensely practical. (I might be embellishing a little with my use of the word "immensely". :) ) the concept is that 95% of the email you receive, you will probably never do anything with. we hang on to it though for fear we'll forget about it the second it moves out of our inbox. I use my system to correctly identify emails, looking at them once, categorizing them and moving on. why spend energy rereading the same email over and over?   creating a framework first of all, define some folders for categories. for instance, I use the following: @action - things I need to follow up with @archive - stuff I need to hold on to