Find Domain Schema Version

Find Domain Schema Version KB ID 0000025 

Problem

You want to upgrade or find out your current Schema version, or check that an” adprep / forestprep” command has worked correctly.

Solution

Find Domain Schema Version: PowerShell

Use the following sytax
[box]

Get-ADObject (Get-ADRootDSE).schemaNamingContext -Property objectversion

[/box]

Post Server 2016 Find Domain Schema Version

The value is populated with Server 2016 again.

If you check the value above on a domain that has Windows 2012 domain controllers, you will see the value is ‘not set’.

If the entry is blank;

Instead navigate to this registry key;

[box][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNTDSParameters[/box]

Locate the ‘Schema Version’ Note: the figure in brackets is the decimal value!

Find Domain Scheman Version For Windows Servers Before 2012 RTM

1. For Windows Server 2003 you will need to Install the Support Tools on your server. (2008, 2008 R2, and 2012 have the tools built in).

2. Press (Windows Key+R) > adsiedit.msc > {enter}

3. Right Click > CN=Schema,CN=Configuration,DC=domain,DC=com > Properties

<pNote: If you cannot see this you need to select “Connect To” then pick “Schema”.

4. On the Attribute Editor tab > Locate objectVersion.

 

What Are The Windows Server Schema Versions?

20: Windows 2000

30: Windows 2003 RTM, Windows 2003 SP1, and Windows 2003 SP2

31: Windows 2003 R2

44: Windows Server 2008 RTM

47: Windows Server 2008 R2 (and SBS 2011)

56: Windows Server 2012 RTM

69: Windows Server 2012 R2

87: Windows Server 2016 RTM

88: Windows Server 2019 RTM

88: Windows Server 2022

91: Windows Server 2025

Related Articles, References, Credits, or External Links

NA

Windows Connect to NFS Share

Windows Connect to NFS Share KB ID 0001861

Problem

I have an old Buffalo NAS box I use on my test network, its shared between some Windows servers and is also used by my vSphere ESX deployment as a datastore. I replaced my main admin server which had a drive mapped to the device and ‘forget’ how I’d mapped the drive originally, so it took me a while to work it out again.

Windows Connect to NFS Share: Solution

The first task is to install NFS client which you can do with the following PowerShell command.

[box]

Install-WindowsFeature NFS-Client

[/box]

Then to map the drive (persistently as Drive Letter S:) use the following command.

[box]

New-PSDrive -Name 'S' -PSProvider FileSystem -Root '\\server-name\folder-name' -Persist -Scope Global

[/box]

Your drive should now be present like so.

Windows Connect to NFS: SMB1 Warning Message

In my case, my target is a very old NAS box that still used SMB1, in production this might be a concern but as this is my test network and there only ever me on it, I enable SMB1 on the Windows 2022 server (Note: Add it as a feature from Server Manager).

Error: You can’t connect to the file share because it’s not secure. This share requires the obsolete SMB1 protocol which could expose your system to attack.

I’ve put the link to my normal SMB1 article below.

Related Articles, References, Credits, or External Links

SMB1 Is Dead? (Unfortunately Not Yet)

Adding Windows Server NFS Shares to VMware ESX

VMware vSphere: Adding NFS Storage

VMware Cannot Remove / Unmount an NFS Store

C0090016 Error

C0090016 Error KB ID 0001848

Problem

C0090016 Error usually seen after a motherboard has been changed. when attempting to open an office 365 application, or something that requires Entra ID authentication.

Something went wrong.
Your computers Trusted Platform Module has malfunctioned. If this error persists, contact your system administrator with the error code C0090016.

Error Code: C0090016
Server Message: Unknown Error Code 0xC0090016

Solution: C0090016 Error

Settings > Privacy and Security > Device Security > Security Processor Details.

Security Processor Troubleshooting > Select  > “I am responding to this error 80090016.” > Follow the instructions.

Windows 10 Note: You can find these settings in Windows Defender Security App.

Related Articles, References, Credits, or External Links

NA

Windows Server – Sysprep

KB ID 0000729 

Problem

I don’t deploy large amounts of servers at once, so Windows Server sysprep is not as important as it is with the client operating systems I deploy. But I do need to create virtual machine templates, (mostly for testing), but some clients like to have server templates. I prefer to manually sysprep and shutdown a server then either convert or clone it to a template.

Thankfully sysprep is in the same place as it was with Server 2008 R2.

Solution

As before you can either run sysprep from command line by navigating to its location and running it with the correct switches. Or simply browse to it with Windows Explorer and double click it.

Related Articles, References, Credits, or External Links

Server 2008 R2 Where is Sysprep

Hard Drive Full?

KB ID 0000012

Problem

The fact that I’m going back to re-write article 0000012, should tell you this is an omnipresent problem! Either very suddenly, or slowly over time you have a drive or a volume that’s full to bursting point. These days with laptops which have smaller SSD drives it’s a common problem.

I’ve seen literally hundreds of post in forums, most of them are answered with ‘Use WinDirStat’, or ‘Use TreeSize’. Techies seem to be a fan of one or the other, and stick with the tool that’s served them best.

What If There’s No Room To Install Either Of these?

Good point, then you can use PowerShell, I’ll cover that below also. Well I said everyone has a favourite solution, here’s mine,

WinDirStat

My weapon of choice, install it and give it the drive you want to analyse;

When it’s finished, you will see something like this;

So you get a graphical representation of the drive, and you can see TWO things straight away, firstly you can spot large files, click on them and it will tell you what they are. Secondly it groups ‘Types’ of files together, if you just look at folder sizes it can be misleading e.g. The ‘red’ files above are my MP3 Collection, I know that folder is massive and I expect it to have a lot of stuff in it. But in some cases this is great! e.g. If your IIS server is churning out logs and theres a folder with millions of them in it, you will spot it straight away.

Why Do I Prefer This? I prefer the graphical front end, I can send a screen shot to client, and they understand what’s happening, and it’s always been free. (There is a free version of TreeSize in fairness). I just like this one.

TreeSize

Once you’ve installed simply select the drive in question,

You can then drill down folders which are sized based on usage. One thing I do like about TreeSize is, it knows the difference between file size and actual size, and you can swap views accordingly. But I’ve included it here so every-time I post this article link in a forum, you can see both and make your own mind up.

PowerShell

This is really a PowerShell version of using the same approach TreeSize uses. You need a PowerShell plugin called PSFolderSize, then simply navigate to the the drive in question and run Get-FolderSize.

[box]

Install-Module PSFoldersize
cd {Drive-Letter}:
Get-FolderSize

[/box]

You can then drill down {cd folder-name} one at a time repeating the same command.

 

Related Articles, References, Credits, or External Links

NA

How Do I Find/Change My IP Address?

KB ID 0000208

What’s an IP address?

An IP address is the address used on a network to find your PC, Server, Laptop, or Printer etc. It’s the networking equivalent of your house number and post code (or Zip Code for visitors from over the pond).

Do you want your PUBLIC or PRIVATE IP address? As we started to run out of addresses, there were a number of solutions that we came up with, one you will see below (DHCP) the other is NAT (Network Address Translation) that lets many IPs on a network share one (or more) public IP addresses on the internet. If you want to know your PUBLIC address (your address in on the internet) then simply see below;

Your Public IP Address Is: [user_ip]

Where does my IP address come from?

You get an IP address by two methods,

1. Statically Assigned: Your address never changes and is allocated to you manually.

2. Dynamically Assigned: Your machine gets its IP address automatically via a system called DHCP.

What does an IP address look like?

Most IP addresses in use today are IP version 4 and consist of 4 numbers separated by three full stops (or once again, periods, for overseas visitors).

An IP address 192.168.1.100

Is that all my computer needs?

NO! You need FOUR pieces of information to access the internet and work properly;

1. The IP address itself (i.e. 192.168.1.100) this is unique to every machine on the network.

2. The Subnet Mask (i.e. 255.255.255.0) this tells the machine how big the network it is on, is.

3. The Default Gateway, this is another IP address on the network that you need to go through to get off the local network, i.e. to access the internet.

4. The DNS IP address, this is another IP address of a machine that can translate IP addresses into names (e.g. translate www.bbc.co.uk to 212.58.246.159).

What’s my IP address?

1. Windows Key + R > type ‘cmd’ {Enter}

2. A Command Window will open, click within the box and you can type in commands, the command to show your IP address is ipconfig, but this WONT show us the DNS settings as well, to do that the command is “ipconfig /all“.

Note: If you have many network connections you will get results for them all, you may need to scroll up and down to find the right one.>

IP Problems

Problem 1: My machine has got an IP address that is 169.254.x.y (where x and y can be any number from 1 to 254).

Answer: This machine is set to get its IP address automatically via DHCP but it cant speak to the DHCP server, because either the DHCP server is down or there is no connection between the DHCP server and you.

Problem 2: My IP address shows as 0.0.0.0

Answer: You have been given a static IP address and someone on the same network is using the same address, this causes an IP conflict, change one of the IP addresses.

Find out if your IP address is statically assigned of dynamically assigned

The more eagled eyed of you will see on the ipconfig /all results above that this machine is disabled for DHCP so its dynamically assigned however, on your Windows machine do the following.

1. Windows Key + R > Tyoe ‘ncpa.cpl’ {Enter}

2. Your network connections window should open and locate the connection you are connecting with (you might have many, be sure to select the right one, i.e. you might have one for dial up, one for wireless, one for a VPN to the office etc). Right click the connection and select properties.

3. On the window that appears you may have to scroll down the list, we are looking for its TCP/IP (on newer machines it will be called “Internet Protocol Version 4 (TCP/IPv4)”, Select it and click properties.

4. Now you can see if your addresses are set statically or dynamically.

How to change your IP address

To change your IP address you first need to know if you have a static IP address or a Dynamically assigned one. (That’s why this section is below the one above).

1. If you have a static IP address, simply change it on the screen shown (diagram above).

2. If you have a Dynamic IP address, you can either reboot the machine in question or Click Start > run > cmd {enter}

3. A Command Window will open, click within the box and you can type in commands, the command to release your IP address is ipconfig /release

Then to get a new address type in ipconfig /renew

Related Articles, References, Credits, or External Links

NA

Control Panel ‘Mail Icon Missing’

KB ID 0000237

Problem

Problem usually seen on x64 Office versions, to set up some mail profiles;

Solution

Firstly what happens if you try running;

[box]

outlook.exe /manageprofiles

[/box]

The file you are looking for is called mlcfg32.cpl Find it and double click it. here’s where I found it

C:\Program Files (x86)\Microsoft Office\root\Office{Version}

or

C:\Program Files (x86)\Common Files\System\MSMAPI\1033

If you get stuck, or are using x64 bit version of Office, go old school *remember to run it form the root of the drive!)

Related Articles, References, Credits, or External Links

NA

Windows Client(s) not ‘appearing’ in WSUS

KB ID 0000591 

Problem

Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.

Here are the steps I usually follow to get the machines listed in the WSUS management console.

Solution

Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;

[box]

$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates

wuauclt /reportnow

[/box]

 

 

1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:

Or by running gpresult /R from command line

Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).

2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]

3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.

4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.

5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.

6. If all the above is OK, you can try forcing a registration with the following command;

[box]wuauclt /detectnow[/box]

7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.

8. Scroll all the way to the end, then work upwards looking for errors.

9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.

10. Open the registry Editor and navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]

Locate and delete the SusClientId entry.

11. Restart the Windows Update service and run the following two commands:

[box]wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow [/box]

Update 16/06/15

Received via Email from Patrick Mauger:

You can add an incorrect binding in IIS to the site WSUS Administration.

You need to add a binding for port 80, because the only ports configured are 8530 and 8531.

Related Articles, References, Credits, or External Links

Windows Server Update Services – Install and Configure (2008 R2)

WSUS Install Error – ‘The update could not be found. There may be a network connection issue.

Message ID 6600: sms wsus configuration manager failed to configure upstream server

WSUS Install Error on Windows Server 2008 R2

Gpupdate: Windows Could Not Locate the Directory Object

KB ID 0001625

Problem

Saw this on a Windows client on my test network;

User Policy update has completed successfully.
Computer policy could not be updated successfully. The following errors were encountered:

The processing of Group Policy failed. Windows could not locate the directory object OU=Top-Level,OU=computers,DC=PeteNetLive,DC=com. Group Policy settings will not be enforced until this event is resolved. View the event details for more information on this error.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.

Note: You may also see Event ID 1101

Event ID 1101

Log Name: System
Source: Microsoft-Windows-GroupPolicy
Event ID: 1101
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: PNL-PROD-WIN10.pnl.com
Description:
The processing of Group Policy failed. Windows could not locate the directory object OU=PNL,DC=pnl,DC=com. Group Policy settings will not be enforced until this event is resolved. View the event details for more information on this error.

Solution

Strangely the OU that this computer was in, needed to have the ‘Read‘ right, granting to ‘Authenticated Users’ group, not sure how that got removed! Note: Remember start at the OU that’s directly on the root of the domain, of you have nested OUs.

After that everything was peachy!

Related Articles, References, Credits, or External Links

NA