Reference Architecture - Windows Failover Cluster - Two Nodes Multi-Site

Introduction

A two node multi-site Windows failover cluster is typically used in non-production environments. The key benefits of such an approach include providing a “cut down” replica of a standard four-node failover cluster used in production and facilitating simplified failover of services to disaster recovery sites.

In this architecture we are deploying a single Windows server in both the primary and secondary sites. These are clustered using Windows failover clustering. A quorum file server is deployed (if one does not already exist) in the primary site to provide a third “tie-breaker” node when it comes to voting on the primary node in the cluster.

 

Using The Command Line To Upgrade Windows Edition

There may come a time when you need to upgrade the edition of Microsoft Windows you are using. Typically you need to do do this to access more memory, say greater than 32GB of Ram, or access advanced Enterprise features of the operating system. In the past you would need to do a full re-install of the operating system. Thankfully things have changed and it's now as easy as running an command to upgrade the edition of Windows.

Windows Server 2012 Deduplication - Powershell Reference

Some key background points on deduplication on Windows Server 2012:

• There is a scheduler which runs one deduplication job / operation at any point in time
• Powershell and windows commands add jobs to the scheduler queue - only one job may run at a given point in time
• Types of deduplication operations:
• Optimization - deduplicates files on the filesystem. 
• Scrubbing - performs an integrity check of the deduplication store
• GarbageCollection - files deleted from the filesystem do not automatically free up space on the disk. A garbage collection must be run to clean up the dedupe store
• You can configure the minimum age of files to deduplicate. Typically this should be set to a value greater than one day to ensure active files are not deduplicated.

Here are some handy powershell commands for managing deduplication on Windows Server 2012:

# Enqueue  Full integrity check of the dedup store

Start-DedupJob -Type Scrubbing -Full -Priority High -Volume D:

# Enqueue Garbage Collection of dedup store - deleted files won't reclaim space until GC is done

​Start-DedupJob -Type GarbageCollection -Full -Priority High -Volume D:

​# ​Get running / queued dedup jobs

get-dedupjob

# Get dedup summary status

get-dedupstatus

​# Enqueue the optimization job

​Start-DedupJob -Type Optimization -Full -Priority High -Volume D:

Renew A Windows Server Group Membership Without Rebooting

A Windows computer account will determine it's group membership when the computer is started. If the computer account is added to another group the group membership will not take affect automatically. This is painful in some situations such as modifying group policy based on group memberships. These settings will not take affect until the computer is restarted. To work around this you can perform the following steps:

Deploying A SQL 2012 AlwaysOn Cluster

This document will cover the design and deployment of a SQL Server 2012 AlwaysOn cluster. SQL Server 2012 AlwaysOn clusters are a high availability technology. They build mirrored database instances across a Windows cluster. This provides the benefits of both technologies with clustering providing a single point of access and the mirroring providing redundant copies of the databases.

Building A Windows Cluster Using Windows Server 2008 R2

Building a windows cluster is the first stage in deploying a high availability SQL Server 2012 Always On cluster. This document covers the design, installation, and configuration of a Windows Cluster on which a SQL Server 2012 HA Cluster can be deployed.

Upgrading Powershell on Windows Server 2008 R2

The latest version of Powershell, version 4, has been released by Microsoft in late October 2013. It brings a lot of additional functionality and performance improvements to the table. This document covers how to upgrade Powershell from your current version to Powershell 4.0.

Install HyperV And Your Networking Dies!!!

It sounds dramatic - when you install the Hyper-V role on Windows you may find that you cannot reach your HyperV host remotely any more. It worked before the Hyper-V role was added and now the server is unreachable. Fortunately it's a rather simple problem to fix.

The cause of the problem is that when you install Hyper-V it completely reconfigures your networking. Firstly, it will create a "Network Bridge" which is used for to provide virtual networking to your virtual machines. The "Network Bridge" completely takes over your network card. In it's place a virtual network card is installed on your Hyper-V host for host communications.

So the first step is to confirm your network settings on the virtual network card which is typically labelled vEthernet (Followed by the physical network card details).

In my case these settings were all fine. My problem resided in my virtual network card settings. First right click on the virtual network card and go into it's properties.

Next click on the configure button just below the network card.

In the advanced tab select the IPv4 Large Send Offload settings and set it as disabled.

Securely Wiping An Old Hard Disk

Throwing your hard disks away is a major, major security risk. There's a lot of sensitive data stored on your hard drive that builds up over the years. Even deleting the contents or formatting the old drive isn't enough - people can (and do) recover 'deleted' information all the time. Just search for "recover windows files" in google to find the millions of matches on how to do this (yep, there's legitimate reasons for doing this - like when you've deleted a file and need to get it back!)

The best way to make sure your private information stays safe is to wipe the hard disk before throwing it in the trash. There's a number of free tools out there to do this. If you're running Windows then a great utility is Disk Wipe.

It's a free download and very, very easy to use. After installing you just run the program and select the drive you want to wipe. Be very, very careful and make sure you select the right drive, there's no way to get this data back once it's wiped. Also make sure you've backed up everything you need before doing this - there ain't no turning back!

The next option to select is the level of wipe you want to do. The option at the top is both the fastest wipe and least secure, the option at the bottom is the slowest wipe and most secure. Typically I select one of the options in the middle - it's a good tradeoff between speed and security. If you're paranoid, select the bottom option and come back in a day - it takes a while!

Using NAGIOS to Check the Physical Memory Available on a Windows Host

By default the CheckNT command checks the virtual memory on a Windows server. So for example, if your server had 4GB of physical memory and a 4GB page file NAGIOS and CheckNT would see 8GB of physical memory. Getting warnings and critical alerts on this memory space is quite often not very helpful. What we really want to know is do we have enough physical memory available on the server so that the server performs as well as it should.

This is where the NRPE plugins are much better as you can get much more granular when monitoring the memory on a Windows host.

To start with we need to create a new command definition. Add this to your commands.cfg (or equivalent):

 # CheckWindowsPhysical Mem command definition  
 define command {  
         command_name             CheckWindowsPhysicalMem  
         command_line             $USER1$/check_nrpe -H $HOSTADDRESS$ -p 5666 -c CheckMEM -a MaxWarn=$ARG1$% MaxCrit=$ARG2$% ShowAll type=physical  
 }  

In the above command definition we're using the check_nrpe executable to perform a memory check of the physical memory. The type can be changed to grab just the page file or check the entire virtual memory address space.

Next we need add the physical memory checks by adding a service definition to either your host or service configs (again, depends on how you've structured your NAGIOS configuration).

 # Service definition  
 # Add the service to the service definition  
 define service {  
         service_description          Physical Memory  
         check_command             CheckWindowsPhysicalMem!80!90  
         host_name               << hostname >>  
         event_handler_enabled         0  
         active_checks_enabled         1  
         passive_checks_enabled        0  
         notifications_enabled         1  
         check_freshness            0  
         freshness_threshold          86400  
         use                  << service template >>  
 }  

You will need to update the above snippet with the host name you are monitoring and the service template you are using. The !80!90 is the standard warning at 80% usage, critical at 90% usage. These can be varied to suit your host and environment.

Troubleshooting A Failing MSI Install

So I was installing an application the other day when I got the following error message:

The installer was interrupted before Application could be installed. You need to restart the installer to try again.
Click "Close" to exit.

Not very helpful huh? Luckily there’s a way to get more information. It involves running the msiexec command explicitly so that it generates a logfile with more details on how the execution failed. The command looks like this:

msiexec /package <package.msi>" /l*vx "c:\setup.log"

The /l switch tells msiexec to log installation information to the logfile specified. A lot of information can get piped into this logfile but nonetheless its a handy way to find out what’s happening inside the installation process.

Clients Not Showing Up In WSUS

We’re using VMWare templates for deploying servers. Despite using sysprep to remove all unique machine identifiers we get an issue where there is a duplicate SUSClientID. In this case the cloned machines have the same SUSClientID and cannot be uniquely identified by WSUS. The solution to this is to create and run the following batch file:

Rem - Batch script to delete duplicate SusClientIDs 
Rem - Implement this script as a "Startup" or "Logon"  script 
Rem - Script creates an output file called %Systemdrive%\SUSClientID.log 
Rem - If the %Systemdrive%\SUSClientID.log is already present, then the script simply exits 

@Echo off 
if exist %systemdrive%\SUSClientID.log goto end 
net stop wuauserv 
net stop bits 
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f  > %systemdrive%\SUSClientID.log 2>&1 
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f  >> %systemdrive%\SUSClientID.log 2>&1 
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f  >> %systemdrive%\SUSClientID.log 2>&1 
net start wuauserv 
wuauclt.exe /resetauthorization /detectnow          
:end 
exit

Using Windows Command Line To Manage User Accounts

I’ve been doing some work on a Windows Core box and needed to modify some user accounts. As there’s no GUI the command line is the only way to go.

First up, I wanted to find which users exist in the domain. The dsquery command is used to query the Active Directory objects. Putting user at the end of it filters the object type so only user objects are returned:

dsquery user

To filter it down by username we can add the –name directive to filter the results

dsquery user -name Bob*

And finally I wanted to change the password on a user account. The dsmod command is used to modify Active Directory objects. After using the second command above to find the full user DN I was looking for I ran the following command:

dsmod user "CN=username,OU=Users,OU=Company,DC=Domain,DC=local" -pwd <new Password>

How To Delete hiberfil.sys On Windows Server 2008

Hiberfil.sys is a Windows system file used by the hibernation feature. Whenever you hibernate your computer it’s memory contents are written to this file allowing you to quickly resume your computer.

Typically on a server this feature isn’t useful. Although it’s not enabled by default the hiberfil.sys file exists by default and uses several GB of disk space (depending on how much RAM you have installed). As it’s a system file it’s protected and you can’t just delete it. Instead you have to use the following command to remove it:

 

powercfg -h off

Enable Ping Response In Windows Firewall

Note: This post applies to Windows 7.

By default the Windows Firewall will block any ping requests made to the host. To enable a ping response we need to add a rule to the firewall. First go to Control Panel –> Windows Firewall. On the left hand side select Advanced Settings.

Select the Inbound Rules. Sort the rules by name and find File and Printer Sharing (Echo Request – ICMPv4-In). There’s typically 3 versions of this rule, one for each “network” defined in Windows. Enable this rule for the required networks.

Just some background – ping requests work using a special network protocol called ICMP. ICMP is a network management protocol and an Echo Request is a type of packet set via ICMP used to determine if a host is up or down (and indicate the response time). Often these ping requests are discarded in order to tighten security. One of the first thing potential hackers may do is ping an IP address to determine if the machine is “on” before trying anything further.

Error 2738 Occurs When Installing An MSI Package

This occurs when there’s a problem running vbscript with elevated permissions. To confirm that its the problem run the MSI installer from the command line (with administrator permissions – right click on the command prompt link in the start menu and select run as administrator) like this:

MSIEXEC /i <msi package> /lv log.txt

Once the error occurs open the log file and look for the following output:

DEBUG: Error 2738:  Could not access VBScript runtime for custom action 

We need to re-register the vbscript dll for this error to be resolved. First step is to remove the old registration by deleting the registry key:

# 32 bit windows
HKCU\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11CF-A4B0-00AA004A55E8}

# 64 bit windows
HKCU\SOFTWARE\Classes\Wow6432Node\CLSID\{B54F3741-5B07-11CF-A4B0-00AA004A55E8}

Once this is done you need to re-register the DLL using the following command:

# 32 bit windows
cd %windir%\system32 
regsvr32.exe vbscript.dll

# 64 bit windows
cd %windir%\ syswow64
regsvr32.exe vbscript.dll

Removing GRUB and Restoring the Windows Boot Loader

Note: This has been tested with Windows Vista

In this post we’ll be using the Windows Vista boot disk to restore the boot loader.

1. Insert the Windows Vista installation disk into your CD \ DVD Rom drive
2. Boot your computer, when prompted press any key to enter the installation
3. Confirm your language and input settings and click Next
4. Click Repair Your Computer
5. Select the operating system you want to keep and click on Next
6. In the System Recovery Options click on Command Prompt
7. In the command prompt type Bootrec.exe /fixmbr and press enter. The message “Operating completed successfully” will be displayed once the command has finished running.
8. Now reboot your computer

And voila – the GRUB boot loader has now been replaced with the Windows boot loader. If you haven’t done so already you will want to remove your old Linux partitions and recover your disk space.