Upgrade Azure AD Connect

Upgrade Azure AD Connect KB ID 0001813

Problem

On 15th March 2023 support for the following Azure AD Connect sync versions will be removed;

  • 2.0.91.0
  • 2.0.89.
  • 2.0.88.0
  • 2.0.28.0
  • 2.0.25.1
  • 2.0.10.0
  • 2.0.9.0
  • 2.0.8.0
  • 2.0.3.0

So plan in some maintenence and upgrade yours, at time of writing the current version is 2.1.20.0, so you can still upgrade if you running an older version.

Upgrade Azure AD Connect: Solution

Before you start it’s worth taking a few minutes to see how your current connector is configured, by simply running the shortcut it will stop replication and give you the option to look at how its currently configured.

Find Azure AD Connect Version

To check what version you are actually running;

[box]

Import-Module ADSync
(Get-ADSyncGlobalSettings).Parameters | select Name,Value

[/box]

Note: Above you can see I’m running 2.1.16.0 so I would still be OK, but let’s upgrade it anyway.

Test Azure AD Connector Health

Open the Syncronisation Service Manager, and have a look in your 365 portal, to make sure everything is running healthily.

Upgrade Azure AD Connect

This could not be simpler, download the new software, run it and supply an administrative account for your subscription, the upgrade will take about 10 – 15  minutes, go grab a coffee.

Once complete, rerun the same command you used above, to ensure the version number is now updated.

Then force a sync with the following command, and watch the service manager while it runs though each stage (it may take a few minutes, and look like it’s doing nothing, be patient!)

[box]

Start-ADSyncSyncCycle -PolicyType Delta

[/box]

Note: You can use PolicyType Initial that will take a LOT longer, (and sync everything). Usually a delta sync will be absolutely fine.

Related Articles, References, Credits, or External Links

NA

Windows Update Fails

KB ID 0000359

Problem

There are a LOT of different reasons for Windows Updates to fail, I can’t cover every eventuality, but there a a few common steps to try.

Solution

1. As soon as the updates fail you should get an Error Message, that should point you in the right direction.


Update Error Code 80200011

2. If you error code matches one of these…

Code Error Description
0x80070002
ERROR_FILE_NOT_FOUND
The system cannot find the file specified.
0x8007000D
ERROR_INVALID_DATA
The data is invalid.
0x800F081F
CBS_E_SOURCE_MISSING
The source for the package or file not found.
0x80073712
ERROR_SXS_COMPONENT_STORE_CORRUPT
The component store is in an inconsistent state.
0x800736CC
ERROR_SXS_FILE_HASH_MISMATCH
A component’s file does not match the verification information present in the component manifest.
0x800705B9
ERROR_XML_PARSE_ERROR
Unable to parse the requested XML data.
0x80070246
ERROR_ILLEGAL_CHARACTER
An invalid character was encountered.
0x8007370D
ERROR_SXS_IDENTITY_PARSE_ERROR
An identity string is malformed.
0x8007370B
ERROR_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME
The name of an attribute in an identity is not within the valid range.
0x8007370A
ERROR_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE
The value of an attribute in an identity is not within the valid range.
0x80070057
ERROR_INVALID_PARAMETER
The parameter is incorrect.
0x800B0100
TRUST_E_NOSIGNATURE
No signature was present in the subject.
0x80092003
CRYPT_E_FILE_ERROR
An error occurred while Windows Update reads or writes to a file.
0x800B0101
CERT_E_EXPIRED
A required certificate is not within its validity period when verifying against the current system clock or the time stamp in the signed file.
0x8007371B
ERROR_SXS_TRANSACTION_CLOSURE_INCOMPLETE
One or more required members of the transaction are not present.
0x80070490
ERROR_NOT_FOUND
Windows could not search for new updates.

Then run the System Update Readiness Tool and then retry Windows Update.

Operating system Download
All supported x86-based versions of Windows Vista Download
All supported x64-based versions of Windows Vista Download
All supported x86-based versions of Windows Server 2008 Download
All supported x64-based versions of Windows Server 2008 Download
All supported IA-64-based versions of Windows Server 2008 Download
All supported x86-based versions of Windows 7 Download
All supported x64-based versions of Windows 7 Download
All supported x64-based versions of Windows Server 2008 R2 Download
All supported IA-64-based versions of Windows Server 2008 R2 Download

3. Otherwise Start > Run (or for Vista/Windows 7 or 2008 Type in the search box) > services msc {enter}.

4. First make sure the following three services are present and have started,

Windows Update
Background Intelligent Transfer Service
Cryptographic Services

If any are not running right click > Start. If they are all present and running then > Locate the “Windows Update” service> Right click it > Stop.

5. Open Windows Explorer and navigate to C:Windows > Locate the SoftwareDistribution folder> Rename it to UpdateOLD.

6. Go back to the service “Windows Update” service you stopped in step 4 and restart it > Then retry Windows Update.

7. If your still not working, then manually reset the Windows Update components using the BITS repair tool, or doing it manually, for instructions CLCK HERE.

8. You can also try using the Fix WU Utility (Written by Ramesh Kumar from TheWindowsClub ).

Note: If all else fails try using the Firegen Windows update Log Analyzer.

 

Related Articles, References, Credits, or External Links

NA

Cisco Error ‘%PHY-4-SFP_NOT_SUPPORTED’

KB ID 0001347 

Problem

This is another question I see getting asked a lot in forums!

You see something like the following;

[box]

000032: *Sep 28 09:35:32.507 UTC: %PHY-4-SFP_NOT_SUPPORTED: The SFP in Gi3/0/50 is not supported (PNL-3750-Stack)
000033: *Sep 28 09:35:32.507 UTC: %PM-4-ERR_DISABLE: gbic-invalid error detected  on Gi3/0/50, putting Gi3/0/50 in err-disable state (PNL-3750-Stack)

[/box]

The usual response is ‘Enable unsupported SFP’s’, and while that sometimes is the answer, it’s not always the answer!

 

Solution

1. Firstly Check the Modules and the Switches, Are you tying to plug a 10GB SFP+ into a slot that only supports SFP, (that includes plugging a twinax cable into an old switch!) In your ‘show run’ you should see TenGigabitEthernet (if your using SFP+ modules). Some switches with network modules list the same interface twice (once as 10GB interfaces and once at 1GB modules, I’ve blogged about that before see THIS ARTICLE, and to confuse things even further, the four interface versions, are grouped as two pairs with each pair consisting of one SFP slot and one SFP+ slot.)

2. Make sure your cable is NOT a CAB-SFP-50CM, (unless you are connecting a 3560 to ANOTHER 3560).

3. Are you using a 2960-S? If so you may need to update the IOS to use SFP+ (assuming your model supports SFP+ not all 2960-S models do).

4. Are you plugging into a Nexus switch with a 1GB connection? If so check the other end for the following error;

Description: Gi1/1/15: This port has been disabled because Non Compliant Gigabit Interface Converter (GBIC) connector detected.

If so, you may need to Manually set the speed on the 5K to 1000, (it wont auto-sense).

5. Is it a non-cisco branded SFP? If so it may still work, (but you will get no joy if you log a TAC call) with the following commands;

[box]

Petes-SW(config)#service internal
Petes-SW(config)#no errdisable detect cause gbic-invalid
Petes-SW(config)#service unsupported-transceiver

[/box]

If you are still in doubt check the Compatibility Matrix.

Related Articles, References, Credits, or External Links

NA

Cisco IOS – Setting Up DHCP Scopes

KB ID 0001112 

I usually only have to do this on very small sites, or occasionally on the test bench. Most of the time we will have a server sat doing DHCP. The procedure below was carried out on a router, but the procedure is the same for a catalyst switch.

By default DHCP is disabled, you have to turn it on, then create a ‘dhcp pool.’

[box]

Petes-Router(config)#service dhcp
Petes-Router(config)#ip dhcp pool DATA-VLAN-10

[/box]

Then set the range of addresses and scope options.

[box]

Petes-Router(dhcp-config)#network 172.16.1.0 255.255.255.0
Petes-Router(dhcp-config)#default-router 172.16.1.1
Petes-Router(dhcp-config)#dns-server 8.8.8.8 8.8.4.4
Petes-Router(dhcp-config)#domain-name petenetlive.com
Petes-Router(dhcp-config)#exit

[/box]

Don’t forget to EXCLUDE the ip address of the router/switch from the DHCP scope, and any other static IP’s you have.

[box]

Petes-Router(config)#ip dhcp excluded-address 172.16.1.1

[/box]

There’s nothing to stop you running multiple scopes either, below I add another scope for my voice VLAN, and exclude the router IP on that VLAN, and my PBX.

[box]

Petes-Router(config)#ip dhcp pool VOICE-VLAN-11
Petes-Router(dhcp-config)#network 172.16.2.0 255.255.255.0
Petes-Router(dhcp-config)#default-router 172.16.2.1
Petes-Router(dhcp-config)#dns-server 8.8.8.8 8.8.4.4
Petes-Router(dhcp-config)#exit
Petes-Router(config)#ip dhcp excluded-address 172.16.2.1
Petes-Router(config)#ip dhcp excluded-address 172.16.2.250

[/box]

Related Articles, References, Credits, or External Links

NA

Event ID 7026

KB ID 0000143 

Problem

Event ID 7026

Following boot-start system-start driver(s) failed to load: i8042prt

PS2 Mouse Driver – Booting a machine without a keyboard, or with a USB keyboard can cause this problem.

Solution

Stop this Service from starting – Note this SHOULDN’T affect your keyboard but if it does have a USB keyboard handy and DON’T disable the PS2 Ports in the machines BIOS

Start > Run > Regedit {enter} Navigate to, HKEY LOCAL MACHINESYSTEMCURRENTCONTROLSETSERVICESi8042prt On the right hand pane change Start from 1 to 4 (disabled).

 

Related Articles, References, Credits, or External Links

NA

Event ID 7000

KB ID 0000136 

Problem

Event ID 7000

The Network Load Balancing service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Even when Network Lo aad Balancing (NLB) is not currently installed, some NLB registry keys may be present in the registry. Microsoft has identified this as a problem in Windows 2000 Advanced server. The recommended solution also resolves the issue in Windows 2003.

Solution

Start > Run > Regedit {enter}

Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWLBS

Select the Group key it will be set to PNP_TDI delete this entry so there is no value

If the above doesn’t work on its own then delete the following keys

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesEventlogSystemWLBS

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWLBS

Related Articles, References, Credits, or External Links

http://seer.support.veritas.com/docs/263037 http://support.microsoft.com/?kbid=268437

Veeam – “Task Failed Error: No connections could be made because the target machine actively refused it”

KB ID 0000758

Problem

Seen when running Veeam Backup and Replication.

Error
Task Failed Error: No connections could be made because the target machine actively refused it

Also when trying to connect to VMware VCenter from the Backup and Replication management console;

Error
Failed to connect to “Host-name” by SOAP, port 443, user “User-Name”, proxy srv: port:0
Unable to connect to the remote server
No connections could be made because the target machine actively refused it {IP-Address}:443

Solution

There are a few things that might cause this, make sure the Veeam Server can “Ping” the VCenter and the hosts. Also make sure if you use a proxy server there is an exception for traffic going to this IP address.

In my case the problem was simply that the VMware Server service was not running on the Virtual Center.

Related Articles, References, Credits, or External Links

Veeam Backup and Recovery Download

Veeam Availability Suite Download

Veeam Backup For Office 365 Download

Veeam Backup For Azure Download

Veeam Backup for AWS Download

Using UtraVNC SC (Single Click)

KB ID 0000059

Problem

If you need to remote a distant PC, either for work purposes or you have a friend or relative who is technically challenged. Or you simply would like to be able to get back to watching TV, or having a life quicker, you would rather  “Fix” it yourself than talking a frightened technophobe though the registry etc. Then UltraVNC SC is the tool you need.

Normally using VNC you would need to talk the person at the other end through downloading a version of VNC installing it, finding out their IP address etc before you could even start to help, if like me you have no patience at all, then removing all these steps is much quicker.

If you are unfamiliar with VNC products, you install the software on the “Controlled” end in server mode which “Listens” for connections and you install the software on the “Controlling” end in viewer mode and point it to the target. This is all well and good but what if you want the other end to request a remote control session without needing to install or configure anything so you can get on quickly and get back doing something more interesting like watching 24 or drinking Vodka.

Technical Hurdles (READ THIS FIRST)

1. If you don’t have a static IP then you need to get something that will resolve to your IP address – If your IP address changes then get an account with no-ip http://www.no-ip.com  (this is who I use for www.petenetlive.com ) or DynDNS http://www.dyndns.com

2. You need to have TCP port 5500 open to your PC/Server – so you will need to do some port forwarding and if you have a firewall allow traffic in on this port.

Solution

Step 1 Create the .exe file to send to the “Target”

1. Go to http://www.uvnc.com/addons/singleclick

2. Download http://sc.uvnc.com/custom.zip

3. Open this Zip File and you will see the following:

Icon1.ico Icon2.ico Logo.bmp Background.bmp (note the actial file is 1×283 pixels)

Icon1.ico
Icon2.ico
Logo.bmp
Background.bmp (note the actial file is 1×283 pixels)

4. You will also see helpdesk.txt this is the configuration file used to create the .exe file.

5. Edit the files as appropirate the icons are 32×32 and keep the bitmaps below 256 colour .

6. Here Is what Im going to use.

Icon1.ico Icon2.ico Logo.bmp Background.bmp

 

7. Here is the helpdesk.txt file I’m going to use.

———————-Start—————————

[TITLE] PeteNetLive Remote Support

[HOST] PeteNetLive Remote Connection -connect www.petenetlive.com:5500 -noregistry

[TEXTTOP] Double Click to make a connection

[TEXTMIDDLE] Before making a connection

[TEXTBOTTOM] Please Call Pete To Activate Connection

[TEXTRBOTTOM]

[TEXTRMIDDLE] {{{PeteLong}}} 06/03/07

[TEXTRTOP] PeteNetLive Remote Support

[TEXTBUTTON] More Info

[WEBPAGE] http://www.petenetlive.com

[TEXTCLOSEBUTTON] STOP test

[BALLOON1TITLE] Establishing connection …

[BALLOON1A] 5 min try period

[BALLOON1B] If it fails, the software will remove himself

[BALLOON1C] from your system.

[BALLOON2TITLE] Connection active.

[BALLOON2A] Warning, your desktop is remote visable

[BALLOON2B] You can break the connection any time

[BALLOON2C] by using the close button

[WEBPAGE] http://www.petenetlive.com

———————-Finish————————–

8. All these will eventially give you an application that looks like this,

9. To actially build this application you need to go to http://sc.uvnc.com

10.Log in username:foo Password:foobar Upload file: Navigate to the zip file with all your icons and bitmaps in (change the name of custom.zip whatever you call the zip file the executable will be called).

11. Click Upload

12. Download the Executable it creates for you.

Step 2 Configure “You’re End”

1.On your PC/Server Install UltraVNC http://www.uvnc.com/download/index

2.Launch the Installer > English > OK > Next > I Accept > Next > Next > Next > Next > Next > Next > Install > Continue Anyway > Next > Finish.

3.On the Server Click > Start > All Programs > UraVNC Viewer> ULTRAVNC Viewer (Listen mode.)

4.Send the executable you created earlier to the person at the other end and get them to run it.

5.When they open the connection your PC will ask you if you want to allow the connection > Click Yes.

6. Job done

Icon1.ico Icon2.ico Logo.bmp Background.bmp

7. Here is the helpdesk.txt file I’m going to use.

----------------------Start---------------------------[TITLE]
PeteNetLive Remote Support[HOST]
PeteNetLive Remote Connection
-connect www.petenetlive.com:5500 -noregistry[TEXTTOP]
Double Click to make a connection[TEXTMIDDLE]
Before making a connection[TEXTBOTTOM]
Please Call Pete To Activate Connection[TEXTRBOTTOM][TEXTRMIDDLE]
{{{PeteLong}}} 06/03/07[TEXTRTOP]
PeteNetLive Remote Support[TEXTBUTTON]
More Info[WEBPAGE]
http://www.petenetlive.com[TEXTCLOSEBUTTON]
STOP test[BALLOON1TITLE]
Establishing connection ...[BALLOON1A]
5 min try period[BALLOON1B]
If it fails, the software will remove himself[BALLOON1C]
from your system.[BALLOON2TITLE]
Connection active.[BALLOON2A]
Warning, your desktop is remote visable[BALLOON2B]
You can break the connection any time[BALLOON2C]
by using the close button[WEBPAGE]
http://www.petenetlive.com
----------------------Finish--------------------------

8. All these will eventially give you an application that looks like this,

9. To actially build this application you need to go to http://sc.uvnc.com

10.Log in username:foo Password:foobar Upload file: Navigate to the zip file with all your icons and bitmaps in (change the name of custom.zip whatever you call the zip file the executable will be called).

11. Click Upload 12. Download the Executable it creates for you.

Step 2 Configure “You’re End”

1.On your PC/Server Install UltraVNC http://www.uvnc.com/download/index

2.Launch the Installer > English > OK > Next > I Accept > Next > Next > Next > Next > Next > Next > Install > Continue Anyway > Next > Finish.

3.On the Server Click > Start > All Programs > UraVNC Viewer> ULTRAVNC Viewer (Listen mode.)

4.Send the executable you created earlier to the person at the other end and get them to run it.

5.When they open the connection your PC will ask you if you want to allow the connection > Click Yes.

6. Job done

Related Articles, References, Credits, or External Links

NA

Windows Server – DHCP Service Starts then Stops again

KB ID 0000617 

Problem

Saw this last week on an SBS 2011 Server. When attempting to get the DHCP service running it span up then stopped straight away.

Solution

A quick look in Event Viewer showed me what the problem was,

Event ID 1054

The DHCP/BINL service on this computer is shutting down. See the previous event log messages for reasons

Fair enough lets see the previous error on the same server;

Event ID 1053

The DHCP/BINL service has encountered another server on this network with IP Address, (IPv4 or IPv6 address), belonging to the domain

In this example the offending IP (192.168.87.254) Was a Cisco PIX 501 firewall that was running a DHCP server. Thankfully My main job that day was to replace the firewall so when I put in a new ASA I didn’t have the DHCPD service running.

If you see this elsewhere you will need to locate the offending IP and disable DHCP on it.

 

Related Articles, References, Credits, or External Links

NA

Error While Attempting to Access a Windows Share

KB ID 0000439

Problem

While attempting to connect to a Windows share you receive the error.

Windows cannot access {target machine name} Check the spelling of the name. Otherwise there might be a problem with your network. to try to identify and resolve network problems, click diagnose.

if you click “Diagnose” you will see the following,

Error code: 0x80070035 The network path was not found.

Note: You may also find that if you attempt to connect a share or map a drive via the target machines IP address it works fine.

Solution

1. Firstly I’m assuming you have used the correct target machine name (can you ping the target server by its name?)

2. Make sure the Computer Browser Service is both enabled and running.

3. On both the source and target machine, make sure NETBIOS over TCP/IP is enabled.

4. Finally of none of the above have worked, drop to command line and issue the following two commands. (Note: before proceeding take note of the machines IP address, subnet mask, default gateway and DNS settings (from command line run “ipconfig /all”).

[box] netsh winsock reset netsh int ip reset c:tempresetlog.txt [/box]

5. Reboot the server.

WARNING: When the server has rebooted, it will come back up with a DHCP address, if this is a server or machine that has a static IP address, you will need to re-enter the correct details post reboot.

Related Articles, References, Credits, or External Links

NA