List Applications Installed on a Remote or Local Machine with Powershell

Joe Piggeé

This one-liner will list all application on your local computer, or remote computer. If you do not include the -Computername parameter, it will list all applications on your local machine.

Get-Wmi -Class Win32_Product -Computername TypeComputerNameHere | Select-Object -Property Name

 

*http://technet.microsoft.com/en-us/library/bb978526.aspx

PePELePuu

How to Remove a Domain Controller

 

By Joe Piggee Sr.

Removing a domain controller by using the Windows interface

You can use the Active Directory Domain Services Installation Wizard to remove a domain controller from an existing domain.

Administrative credentials

To perform this procedure, you must be a member of the Domain Admins group in the domain.

Click Start, click Run, type dcpromo, and then press ENTER.

1. On the Welcome to the Active Directory Domain Services Installation Wizard page, click Next.

2. If the domain controller is a global catalog server, a message appears to warn you about the effect of removing a global catalog server from the environment. Click OK to continue.

3. On the Delete the Domain page, make no selection, and then click Next.

4. If the domain controller has application directory partitions, on the Application Directory Partitions page, view the application directory partitions in the list, and then remove or retain application directory partitions, as follows:

   • If you do not want to retain any application directory partitions that are stored on the domain controller, click Next.
   • If you want to retain an application directory partition that an application has created on the domain controller, use the application that created the partition to remove it, and then click Refresh to update the list.

5. If the Confirm Deletion page appears, select the option to delete all application directory partitions on the domain controller, and then click Next.

6. On the Remove DNS Delegation page, verify that the Delete the DNS delegations pointing to this server check box is selected, and then click Next.

7. If necessary, enter administrative credentials for the server that hosts the DNS zones that contain the DNS delegation for this server, and then click OK.

8. On the Administrator Password page, type and confirm a secure password for the local Administrator account, and then click Next.

9. On the Summary page, to save the settings that you selected to an answer file that you can use to automate subsequent operations in Active Directory Domain Services (AD DS), click Export settings. Type a name for your answer file, and then click Save. Review your selections, and then click Next to remove AD DS.

10. On the Completing the Active Directory Domain Services Installation Wizard page, click Finish.

11. You can either select the Reboot on completion check box to have the server restart automatically or you can restart the server to complete the AD DS removal when you are prompted to do so.

12. Open Server Manager. Click Start, point to Administrative Tools, and then click Server Manager.

13. In Roles Summary, click Remove Roles.

14. If necessary, review the information on the Before You Begin page, and then click Next.

15. On the Remove Server Roles page, clear the Active Directory Domain Services check box, and then click Next.

16. On the Confirm Removal Selections page, click Remove.

17. On the Removal Results page, click Close, and then click Yes to restart the server.

*http://technet.microsoft.com/en-us/library/cc771844(v=ws.10).aspx

How to remove Windows Update install Files

By Joe Piggee

 

1.     Click on "Start" and then "Run."

2.      Type "services.msc" (without quotes) and press "Enter."

3.      Install Service Packs

4.      Install service packs on business networks with minimal effort.

5.      Right-click on "Automatic Updates Service," then select "Stop." Wait for the service to stop, then click on "Start" and open "Run" again.

6.      Type "%windir%\SoftwareDistribution" (without quotes), then press "Enter."

7.      Double-click on the "Download" folder. Press "CTRL+A" to select all the contents of the folder, then press "Delete."

8.      Open "Run" from the Start menu again, then type "services.msc" (without quotes) and press "Enter."

9.      Right-click on "Automatic Updates Service," then select "Start.

Active Directory: Creating a Cross Forest Transitive Trust

Active Directory: Creating a Cross Forest Transitive Trust

To create a forest trust

1. Open Active Directory Domains and Trusts.
2. In the console tree, right-click the domain node for the forest root domain, and then click Properties.
3. On the Trust tab, click New Trust, and then click Next.
4. On the Trust Name page, type the DNS name (or NetBIOS name) of another forest, and then click Next.
5. On the Trust Type page, click Forest trust, and then click Next.
6. On the Direction of Trust page, do one of the following:
   • To create a two-way, forest trust, click Two-way.
     Users in this forest and users in the specified forest can access resources in either forest.
   • To create a one-way, incoming forest trust, click One-way:incoming.
     Users in the specified forest will not be able to access any resources in this forest.
   • To create a one-way, outgoing forest trust, click One-way:outgoing.
     Users in this forest will not be able to access any resources in the specified forest.
7. Continue to follow the wizard.

* Reference: http://technet.microsoft.com/en-us/library/cc780479(WS.10).aspx

Useful Troubleshooting Commands

When cross-forest trusts fail, the secure channel should be verified to determine that a foreign DC can be identified and contacted. This post provides information on troubleshooting techniques in this scenario, and is really only the first step in troubleshooting - establishing that there are no DC locator issues determining what should be a valid DC across the trust.
The following commands are useful for troubleshooting secure channel issues, specifically name resolution, DC locator and connectivity:

· nltest /domain_trusts /v

· nltest /sc_query:%trusted_domain%

· nltest /sc_reset:%trusted_domain%[\%DCname%]

· nslookup -debug -type=srv _ldap._tcp.dc._msdcs.%domainFQDN%

Restore Exchange to a New Server or Move Exchange to a New Server

 

By Joe Piggee 

In Active Directory Users and Computers, reset the computer account of the failed Exchange Server. Just right-click the computer and choose "Reset Account". We do this so as to later join a new machine to the domain, with the same name as the failed server. The failed server will never be in use anymore, but the new computer will have its name and will take over from Active Directory all Exchange settings and configuration of the failed server.

1. Next, install an operating system with appropriate service pack and hot fixes on the new server.
2. The new server should have the same computer name as the previous one.
3. Configure with same drive configurations
4. The new server should then be added to the domain.
5. We should install the Exchange Server software on the new machine in recovery mode using the command: Setup.com /m:recoverserver.
6. Restore Databases. Be sure to place them in same place
7. Mount Databasesetup

Email will not send after P2V

By Joe Piggee

Monday, February 04, 2013
5:15 AM

1. Use one of the following methods to go to a command prompt:
    ○ In Windows 8 or in Windows Server 2012, use the Search charm to search for cmd, and then tap or clickCommand Prompt.
    ○ In earlier versions of Windows, click Start, click Run, type cmd.exe, and then press Enter.
2. Type set devmgr_show_nonpresent_devices=1, and then press Enter.
3. Type Start DEVMGMT.MSC, and then press Enter.
4. Click View, and then click Show Hidden Devices.
5. Expand the Network Adapters tree.
6. Right-click the dimmed network adapter, and then click Uninstall.

Pasted from <http://support.microsoft.com/kb/269155>

Rename Domain–Windows Server 2008 R2

By Joe Piggee Sr.

First, the major prerequisites for a domain rename in a simple single domain forest:

• Enterprise Administrator credentials are required.
• The domain should be well formed and healthy.
• The forest functional level must be Windows Server 2003 or 2008, and all DC's running at least Server 2003.
• A DNS zone for the new domain must be in place.
• The Rendom and Gpfixup tools must be copied to a domain member workstation to perform the rename operations. The operations should not be initiated from a domain controller.
• See the TechNet link below for details on requirements if you're using DFS redirection, roaming profiles, running a CA, or Exchange Server.

The domain rename is performed using the Rendom tool, which is installed with Active Directory when running dcpromo. Once this process is started, you must ensure that no changes are made to the forest configuration until complete. The steps are as follows.
1. Run "rendom /list" to generate a state file named Domainlist.xml. This file contains the current forest configuration.
2. Edit the state file, changing the <DNSname> and <NetBiosName> fields to the desired values for the new domain name.
3. Run "rendom /showforest" to show the potential changes; this step does not actually make any changes.
4. Run "rendom /upload" to upload the rename instructions to the configuration directory partition on the domain controller holding the domain naming operations master role. The instructions are then replicated to all other DC's in the forest. Once replicated to all DC's, the rename instructions are ready to be carried out. You can force replication by running the "repadmin /syncall" command.
5. Run "rendom /prepare" to verify the readiness of each domain controller in the forest to carry out the rename instructions. This should contact all DC's successfully and return no errors before proceeding.
6. Run "rendom /execute", this verifies readiness of all DC's, then preforms the rename action on each one. There will be a service interruption during this period. Upon completion domain controllers will be rebooted. If an error occurs on a DC during this phase, the entire transaction is rolled back. Any DC's that don't complete successfully after this phase must be demoted and removed from service.
7. Run "gpfixup" to refresh all intradomain references and links to group policy objects.
8. Reboot client computers and member servers twice to obtain new domain name. Because the GUID's of the domain remain the same during the rename process, domain membership is not affected. The DNS suffix of the client machines will also be updated assuming the default option of "Change primary DNS suffix when domain membership changes" is enabled.
9. Run "rendom /clean" to remove references of the old domain name from Active Directory.
10. Run "rendom /end" to unfreeze the forest configuration and allow further changes. This was frozen during the rendom /upload step.
Should you have any problems with clients recognizing the new domain name, you can remove them by running "netdom remove <machine-name> /Domain:<old-domain> /Force", rebooting, then rejoining the new domain. Once the rename is complete, there is one final change required on domain controllers. The DNS suffix of a DC is not changed as part of this process. This must be changed manually or the DC's will have a DNS suffix that differs from the AD domain name.

Server 2008: Backup Active Directory

By Joe Piggee

1. Open NTBACKUP by either going to Run, then NTBACKUP and pressing Enter or by going to  Start / Accessories / System Tools. Or my personal method, Click Start/ Run/ Type NTBACKUP.
2. If you are prompted by the Backup or Restore Wizard, I suggest you un-check the "Always Start in Wizard Mode" checkbox, and click on the Advanced Mode link.
3. Inside NTBACKUP's main window, click on the Backup tab.
4. Click to select the System State checkbox. Note you cannot manually select components of the System State backup. It's all or nothing.
5. Enter a backup path for the BKF file. If you're using a tape device, make sure NTBACKUP is aware and properly configured to use it.
6. Press Start Backup.
7. The Backup Job Information pops out, allowing you to configure a scheduled backup job and other settings. For the System State backup, do not change any of the other settings except the schedule, if so desired. When done, press Start Backup.
8. After a few moments of configuration tasks, NTBACKUP will begin the backup job.
9. When the backup is complete, review the output and close NTBACKUP.

Disable IPv6

 

By Joseph Piggee Sr.

http://support.microsoft.com/kb/929852

IPv6 can be disabled either through the DisabledComponents registry value or through the check box for the Internet Protocol Version 6 (TCP/IPv6) component in the list of items on the Networking tab for the properties of connections in the Network Connections folder. The following figure shows an example.

The DisabledComponents registry key affects all interfaces on the host. However, the check box on the Networking tab affects only the specific interface. The DisabledComponents registry value does not affect the state of the check box. Therefore, even if the DisabledComponents registry key is set to disable IPv6, the check box in the Networking tab for each interface can still be checked. This is expected behavior.

Note Unchecking the checkbox on a network adapter will not disable IPv6 on the host. It will unbind IPv6 from this adapter. To disable IPv6 on the host, follow the steps below.

To use the DisabledComponents registry value to check whether IPv6 was disabled, run the following command at a Windows command prompt:
reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters /v DisabledComponents

You may receive the following error message:
ERROR: The system was unable to find the specified registry key or value.
If you receive this error message, the DisabledComponents registry value is not set. If the DisabledComponents value is set, it overrides the settings in the connection properties.

To enable or to disable IPv6 or to selectively enable or disable components of IPv6 automatically, click the Fix this problem link. Then, click Run in the File Download dialog box, and follow the steps in this wizard.

Windows Activation Error - 0x80072EE2 & 0x8007EFE

By Joe Piggee

Error x80072EE2 & 0x8007EFE

This error normally indicates a connection issue. Very vague, but true. To fix this try the following:

• Turn off the firewall, and retry activation
• Check Date & time settings. If you needed to change anything on the date or time, restart the server before retrying the activation
• Finally, make sure you aren't using a KMS key without a KMS server.
• And verify the key code is correct.