A life saver... Recreate disk descriptors

Restart Management agents, or Web Management Service on an ESXi 5.x Host

By Joe Piggee Sr.

You may run into a scenario when you can’t connect to a host via vCenter, vSphere client etc.

Quick and easy:

To restart the management agents on ESXi:
 
DCUI:
1. Connect to the console of your ESXi host.
2. Press F2 to customize the system.
3. Log in as root.
4 . Use the Up/Down arrows to navigate to Restart Management Agents.

5. Press Enter.
6. Press F11 to restart the services.
7. When the service has been restarted, press Enter.
8. Press Esc to log out of the system.

From Local Console or SSH:
1. Log in to SSH or Local console as root.
2. Run this command:

./sbin/services.sh restart

Active Directory: Creating a Cross Forest Transitive Trust

Active Directory: Creating a Cross Forest Transitive Trust

To create a forest trust

1. Open Active Directory Domains and Trusts.
2. In the console tree, right-click the domain node for the forest root domain, and then click Properties.
3. On the Trust tab, click New Trust, and then click Next.
4. On the Trust Name page, type the DNS name (or NetBIOS name) of another forest, and then click Next.
5. On the Trust Type page, click Forest trust, and then click Next.
6. On the Direction of Trust page, do one of the following:
   • To create a two-way, forest trust, click Two-way.
     Users in this forest and users in the specified forest can access resources in either forest.
   • To create a one-way, incoming forest trust, click One-way:incoming.
     Users in the specified forest will not be able to access any resources in this forest.
   • To create a one-way, outgoing forest trust, click One-way:outgoing.
     Users in this forest will not be able to access any resources in the specified forest.
7. Continue to follow the wizard.

* Reference: http://technet.microsoft.com/en-us/library/cc780479(WS.10).aspx

Useful Troubleshooting Commands

When cross-forest trusts fail, the secure channel should be verified to determine that a foreign DC can be identified and contacted. This post provides information on troubleshooting techniques in this scenario, and is really only the first step in troubleshooting - establishing that there are no DC locator issues determining what should be a valid DC across the trust.
The following commands are useful for troubleshooting secure channel issues, specifically name resolution, DC locator and connectivity:

· nltest /domain_trusts /v

· nltest /sc_query:%trusted_domain%

· nltest /sc_reset:%trusted_domain%[\%DCname%]

· nslookup -debug -type=srv _ldap._tcp.dc._msdcs.%domainFQDN%

Ports for Commonly Used Windows Services

Service Name	UDP	TCP
Browsing datagram responses of NetBIOS over TCP/IP	138
Browsing requests of NetBIOS over TCP/IP	137
Client/Server Communication		135
Common Internet File System (CIFS)	445	139, 445
Content Replication Service		560
Cybercash Administration		8001
Cybercash Coin Gateway		8002
Cybercash Credit Gateway		8000
DCOM (SCM uses udp/tcp to dynamically assign ports for DCOM)	135	135
DHCP client		67
DHCP server		68
DHCP Manager		135
DNS Administration		139
DNS client to server lookup (varies)	53	53
Exchange Server 5.0
Client Server Communication		135
Exchange Administrator		135
IMAP		143
IMAP (SSL)		993
LDAP		389
LDAP (SSL)		636
MTA - X.400 over TCP/IP		102
POP3		110
POP3 (SSL)		995
RPC		135
SMTP		25
NNTP		119
NNTP (SSL)		563
File shares name lookup	137
File shares session		139
FTP		21
FTP-data		20
HTTP		80
HTTP-Secure Sockets Layer (SSL)		443
Internet Information Services (IIS)		80
IMAP		143
IMAP (SSL)		993
IKE (For more information, see Table C.4)	500
IPSec Authentication Header (AH) (For more information, see Table C.4)
IPSec Encapsulation Security Payload (ESP) (For more information, see Table C.4)
IRC		531
ISPMOD (SBS 2nd tier DNS registration wizard)		1234
Kerberos de-multiplexer		2053
Kerberos klogin		543
Kerberos kpasswd (v5)	464	464
Kerberos krb5	88	88
Kerberos kshell		544
L2TP	1701
LDAP		389
LDAP (SSL)		636
Login Sequence	137, 138	139
Macintosh, File Services (AFP/IP)		548
Membership DPA		568
Membership MSN		569
Microsoft Chat client to server		6667
Microsoft Chat server to server		6665
Microsoft Message Queue Server	1801	1801
Microsoft Message Queue Server	3527	135, 2101
Microsoft Message Queue Server		2103, 2105
MTA - X.400 over TCP/IP		102
NetBT datagrams	138
NetBT name lookups	137
NetBT service sessions		139
NetLogon	138
NetMeeting Audio Call Control		1731
NetMeeting H.323 call setup		1720
NetMeeting H.323 streaming RTP over UDP	Dynamic
NetMeeting Internet Locator Server ILS		389
NetMeeting RTP audio stream	Dynamic
NetMeeting T.120		1503
NetMeeting User Location Service		522
NetMeeting user location service ULS		522
Network Load Balancing	2504
NNTP		119
NNTP (SSL)		563
Outlook (see for ports)
Pass Through Verification	137, 138	139
POP3		110
POP3 (SSL)		995
PPTP control		1723
PPTP data (see Table C.4)
Printer sharing name lookup	137
Printer sharing session		139
Radius accounting (Routing and Remote Access)	1646 or 1813
Radius authentication (Routing and Remote Access)	1645 or 1812
Remote Install TFTP		69
RPC client fixed port session queries		1500
RPC client using a fixed port session replication		2500
RPC session ports		Dynamic
RPC user manager, service manager, port mapper		135
SCM used by DCOM	135	135
SMTP		25
SNMP	161
SNMP Trap	162
SQL Named Pipes encryption over other protocols name lookup	137
SQL RPC encryption over other protocols name lookup	137
SQL session		139
SQL session		1433
SQL session		1024 - 5000
SQL session mapper		135
SQL TCP client name lookup	53	53
Telnet		23
Terminal Server		3389
UNIX Printing		515
WINS Manager		135
WINS NetBios over TCP/IP name service	137
WINS Proxy	137
WINS Registration		137
WINS Replication		42
X400		102

Error x80072EE2 & 0x8007EFE

By Joe Piggee

Error x80072EE2 & 0x8007EFE
This error normally indicates a connection issue. Very vague, but true. To fix this try the following:
    • Turn off the firewall, and retry activation
    • Check Date & time settings. If you needed to change anything on the date or time, restart the server before retrying the activation
    • Finally, make sure you aren't using a KMS key without a KMS server.
    • And verify the key code is correct.

Restore Exchange to a New Server or Move Exchange to a New Server

 

By Joe Piggee 

In Active Directory Users and Computers, reset the computer account of the failed Exchange Server. Just right-click the computer and choose "Reset Account". We do this so as to later join a new machine to the domain, with the same name as the failed server. The failed server will never be in use anymore, but the new computer will have its name and will take over from Active Directory all Exchange settings and configuration of the failed server.

1. Next, install an operating system with appropriate service pack and hot fixes on the new server.
2. The new server should have the same computer name as the previous one.
3. Configure with same drive configurations
4. The new server should then be added to the domain.
5. We should install the Exchange Server software on the new machine in recovery mode using the command: Setup.com /m:recoverserver.
6. Restore Databases. Be sure to place them in same place
7. Mount Databasesetup

Email will not send after P2V

By Joe Piggee

Monday, February 04, 2013
5:15 AM

1. Use one of the following methods to go to a command prompt:
    ○ In Windows 8 or in Windows Server 2012, use the Search charm to search for cmd, and then tap or clickCommand Prompt.
    ○ In earlier versions of Windows, click Start, click Run, type cmd.exe, and then press Enter.
2. Type set devmgr_show_nonpresent_devices=1, and then press Enter.
3. Type Start DEVMGMT.MSC, and then press Enter.
4. Click View, and then click Show Hidden Devices.
5. Expand the Network Adapters tree.
6. Right-click the dimmed network adapter, and then click Uninstall.

Pasted from <http://support.microsoft.com/kb/269155>