I have an old Buffalo NAS box I use on my test network, its shared between some Windows servers and is also used by my vSphere ESX deployment as a datastore. I replaced my main admin server which had a drive mapped to the device and ‘forget’ how I’d mapped the drive originally, so it took me a while to work it out again.
Windows Connect to NFS Share: Solution
The first task is to install NFS client which you can do with the following PowerShell command.
[box]
Install-WindowsFeature NFS-Client
[/box]
Then to map the drive (persistently as Drive Letter S:) use the following command.
[box]
New-PSDrive -Name 'S' -PSProvider FileSystem -Root '\\server-name\folder-name' -Persist -Scope Global
[/box]
Your drive should now be present like so.
Windows Connect to NFS: SMB1 Warning Message
In my case, my target is a very old NAS box that still used SMB1, in production this might be a concern but as this is my test network and there only ever me on it, I enable SMB1 on the Windows 2022 server (Note: Add it as a feature from Server Manager).
Error: You can’t connect to the file share because it’s not secure. This share requires the obsolete SMB1 protocol which could expose your system to attack.
I’ve put the link to my normal SMB1 article below.
Related Articles, References, Credits, or External Links
C0090016 Error usually seen after a motherboard has been changed. when attempting to open an office 365 application, or something that requires Entra ID authentication.
Something went wrong.
Your computers Trusted Platform Module has malfunctioned. If this error persists, contact your system administrator with the error code C0090016.
Error Code: C0090016
Server Message: Unknown Error Code 0xC0090016
The trust relationship between this workstation and the primary domain failed
What’s Happened?
Put simply, just like you have a password for your user account, the computer you log onto also has a password (you just never see it), it gets reset (by default) every thirty days, and all this runs in the background. For a lot of different reasons the computer password has got “Out of Sync” between the computer and the domain controller.
Solution
If you search for a solution you will be told to do this; Reset the computer password, on your domain controller, in administrative tools, launch “Active Directory Users and Computers” > Find the computer object that is having problems > Right click > Reset Account.
Then try to login again (BUT THIS NEVER WORKS). If it did then stop reading and have a nice day.
Fix Trust Relationship Error (Quickly with PowerShell)
Sometimes leaving the domain is NOT an option, if that’s the case, remove all network cables from the affected machine (remember disable wireless also). Then log on (you should be able to log on as either the local administrator, or a domain user that has ‘cached credentials’.)
‘netdom.exe’ is not recognised as a internal or external command
This is because after Windows 7 netdom was no longer included with a base build of Windows, (you need to install the RSAT tools to get it), but now you can use PowerSell why bother!
Fix Trust Relationship Error (Disjoin then Rejoin Domain)
Go back to the broken machine (remove any network cables, and turn off Wireless etc, so it has no network connections) > Try either to login with an administrative account, or log in as the local administrator (or an account that has local administrative privileges).
Note: From Windows 7 onwards the local administrator account is usually disabled, if you forgot the password or need it enabling you will need to do the following…
In the Search/Run box type sysdm.cpl {enter}. On the Computer Name tab > Change > In the workgroup section type in TEMP > OK.
Note: If leaving the domain is NOT an option, i.e. you have this error on a mission critical server, of you fear leaving the domain might break something, use the PowerShell solution.
Take note of this Warning! – If you just logged on as the local admin then you know the password, if you DONT then reset it FIRST (Don’t reboot this machine till you either know or have changed the password to a password you know). Note: To reset > Right click computer > Manage > Local Users and Groups > Users > Right click administrator > Reset Password. Warning over click OK. OK > OK > Close > Reboot.
Back at the domain controller > in administrative tools, launch “Active Directory Users and Computers” > Find the computer object that is having problems > Right click > Delete.
Note: if you don’t have access to the domain controller > you can rename the PC when it’s rebooted so it has a different computer name, if you do that then skip this step.
Run sysdm.cpl again and re-join your domain again. Supply domain credentials Note: I’ve used the domain admin account here but a domain user can join up to 10 machines to a domain. All being well (providing the password was correct and your DNS works) you should join the domain and need to reboot again. Post reboot the computer password will be reset.
Related Articles, References, Credits, or External Links
I don’t deploy large amounts of servers at once, so Windows Server sysprep is not as important as it is with the client operating systems I deploy. But I do need to create virtual machine templates, (mostly for testing), but some clients like to have server templates. I prefer to manually sysprep and shutdown a server then either convert or clone it to a template.
Thankfully sysprep is in the same place as it was with Server 2008 R2.
Solution
As before you can either run sysprep from command line by navigating to its location and running it with the correct switches. Or simply browse to it with Windows Explorer and double click it.
Related Articles, References, Credits, or External Links
The fact that I’m going back to re-write article 0000012, should tell you this is an omnipresent problem! Either very suddenly, or slowly over time you have a drive or a volume that’s full to bursting point. These days with laptops which have smaller SSD drives it’s a common problem.
I’ve seen literally hundreds of post in forums, most of them are answered with ‘Use WinDirStat’, or ‘Use TreeSize’. Techies seem to be a fan of one or the other, and stick with the tool that’s served them best.
What If There’s No Room To Install Either Of these?
Good point, then you can use PowerShell, I’ll cover that below also. Well I said everyone has a favourite solution, here’s mine,
WinDirStat
My weapon of choice, install it and give it the drive you want to analyse;
When it’s finished, you will see something like this;
So you get a graphical representation of the drive, and you can see TWO things straight away, firstly you can spot large files, click on them and it will tell you what they are. Secondly it groups ‘Types’ of files together, if you just look at folder sizes it can be misleading e.g. The ‘red’ files above are my MP3 Collection, I know that folder is massive and I expect it to have a lot of stuff in it. But in some cases this is great! e.g. If your IIS server is churning out logs and theres a folder with millions of them in it, you will spot it straight away.
Why Do I Prefer This? I prefer the graphical front end, I can send a screen shot to client, and they understand what’s happening, and it’s always been free. (There is a free version of TreeSize in fairness). I just like this one.
TreeSize
Once you’ve installed simply select the drive in question,
You can then drill down folders which are sized based on usage. One thing I do like about TreeSize is, it knows the difference between file size and actual size, and you can swap views accordingly. But I’ve included it here so every-time I post this article link in a forum, you can see both and make your own mind up.
PowerShell
This is really a PowerShell version of using the same approach TreeSize uses. You need a PowerShell plugin called PSFolderSize, then simply navigate to the the drive in question and run Get-FolderSize.
[box]
Install-Module PSFoldersize
cd {Drive-Letter}:
Get-FolderSize
[/box]
You can then drill down {cd folder-name} one at a time repeating the same command.
Related Articles, References, Credits, or External Links
An IP address is the address used on a network to find your PC, Server, Laptop, or Printer etc. It’s the networking equivalent of your house number and post code (or Zip Code for visitors from over the pond).
Do you want your PUBLIC or PRIVATE IP address? As we started to run out of addresses, there were a number of solutions that we came up with, one you will see below (DHCP) the other is NAT (Network Address Translation) that lets many IPs on a network share one (or more) public IP addresses on the internet. If you want to know your PUBLIC address (your address in on the internet) then simply see below;
Your Public IP Address Is: [user_ip]
Where does my IP address come from?
You get an IP address by two methods,
1. Statically Assigned: Your address never changes and is allocated to you manually.
2. Dynamically Assigned: Your machine gets its IP address automatically via a system called DHCP.
What does an IP address look like?
Most IP addresses in use today are IP version 4 and consist of 4 numbers separated by three full stops (or once again, periods, for overseas visitors).
An IP address 192.168.1.100
Is that all my computer needs?
NO! You need FOUR pieces of information to access the internet and work properly;
1. The IP address itself (i.e. 192.168.1.100) this is unique to every machine on the network.
2. The Subnet Mask (i.e. 255.255.255.0) this tells the machine how big the network it is on, is.
3. The Default Gateway, this is another IP address on the network that you need to go through to get off the local network, i.e. to access the internet.
4. The DNS IP address, this is another IP address of a machine that can translate IP addresses into names (e.g. translate www.bbc.co.uk to 212.58.246.159).
What’s my IP address?
1. Windows Key + R > type ‘cmd’ {Enter}
2. A Command Window will open, click within the box and you can type in commands, the command to show your IP address is ipconfig, but this WONT show us the DNS settings as well, to do that the command is “ipconfig /all“.
Note: If you have many network connections you will get results for them all, you may need to scroll up and down to find the right one.>
IP Problems
Problem 1: My machine has got an IP address that is 169.254.x.y (where x and y can be any number from 1 to 254).
Answer: This machine is set to get its IP address automatically via DHCP but it cant speak to the DHCP server, because either the DHCP server is down or there is no connection between the DHCP server and you.
Problem 2: My IP address shows as 0.0.0.0
Answer: You have been given a static IP address and someone on the same network is using the same address, this causes an IP conflict, change one of the IP addresses.
Find out if your IP address is statically assigned of dynamically assigned
The more eagled eyed of you will see on the ipconfig /all results above that this machine is disabled for DHCP so its dynamically assigned however, on your Windows machine do the following.
1. Windows Key + R > Tyoe ‘ncpa.cpl’ {Enter}
2. Your network connections window should open and locate the connection you are connecting with (you might have many, be sure to select the right one, i.e. you might have one for dial up, one for wireless, one for a VPN to the office etc). Right click the connection and select properties.
3. On the window that appears you may have to scroll down the list, we are looking for its TCP/IP (on newer machines it will be called “Internet Protocol Version 4 (TCP/IPv4)”, Select it and click properties.
4. Now you can see if your addresses are set statically or dynamically.
How to change your IP address
To change your IP address you first need to know if you have a static IP address or a Dynamically assigned one. (That’s why this section is below the one above).
1. If you have a static IP address, simply change it on the screen shown (diagram above).
2. If you have a Dynamic IP address, you can either reboot the machine in question or Click Start > run > cmd {enter}
3. A Command Window will open, click within the box and you can type in commands, the command to release your IP address is ipconfig/release
Then to get a new address type in ipconfig /renew
Related Articles, References, Credits, or External Links
Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.
Here are the steps I usually follow to get the machines listed in the WSUS management console.
Solution
Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;
1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:
Or by running gpresult /R from command line
Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).
2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:
[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]
3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.
4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.
5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.
6. If all the above is OK, you can try forcing a registration with the following command;
[box]wuauclt /detectnow[/box]
7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.
8. Scroll all the way to the end, then work upwards looking for errors.
9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.
10. Open the registry Editor and navigate to:
[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]
Locate and delete the SusClientId entry.
11. Restart the Windows Update service and run the following two commands:
User Policy update has completed successfully.
Computer policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows could not locate the directory object OU=Top-Level,OU=computers,DC=PeteNetLive,DC=com. Group Policy settings will not be enforced until this event is resolved. View the event details for more information on this error.
To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
Note: You may also see Event ID 1101
Event ID 1101
Log Name: System Source: Microsoft-Windows-GroupPolicy Event ID: 1101 Task Category: None Level: Error Keywords: User: SYSTEM Computer: PNL-PROD-WIN10.pnl.com Description:
The processing of Group Policy failed. Windows could not locate the directory object OU=PNL,DC=pnl,DC=com. Group Policy settings will not be enforced until this event is resolved. View the event details for more information on this error.
Solution
Strangely the OU that this computer was in, needed to have the ‘Read‘ right, granting to ‘Authenticated Users’ group, not sure how that got removed! Note: Remember start at the OU that’s directly on the root of the domain, of you have nested OUs.
After that everything was peachy!
Related Articles, References, Credits, or External Links