Storage KB Articles for MSCluster

 

174617

Chkdsk runs while running Microsoft Cluster Server Setup

176970

Run the CHKDSK /F Command on a Shared Cluster Disk

250355

Antivirus Software May Cause Problems with Cluster Services

280353

How to Change Quorum Disk Designation

237853

Dynamic Disk Configuration Unavailable for Server Cluster Disks

259237

Troubleshooting Event ID 9, 11, and 15 on Cluster Servers

223023

Enhanced Disk Resource Private Properties Using Cluster Server

263590

How to Extend the Space of Existing Shared Disks with Windows Clustering

224508

How to Migrate Dfs Root Configuration to a Windows 2000 Cluster

224969

How to: Configure Event Log Replication in Windows 2000 Cluster Servers

226108

Cannot Place Swap File on a Windows NT Cluster Shared Disk

238137

Considerations when you create clustered file shares on a Windows 2000 or Windows Server 2003 server cluster

249194

MSCS/Cluster Does Not Form with Error Messages 170 and 5086

248998

How to Properly Restore Cluster Information

254219

Security Considerations When Implementing Clustered File Shares

256926

Implementing Home Folders on a Server Cluster

257897

MSCS printer shares may not come online if quorum log is too small

259243

How to set the startup value for a resource on a clustered server

262797

Reparse Point Support in Windows 2000-Based Clusters

269137

Some Cluster Server File Share Resources Are Not Available

280125

Cluster Administrator Switches for Connecting to a Cluster

278365

How to Configure Disk Quotas for a Shared Disk in a Cluster

280743

Windows Clustering and Geographically Separate Sites

278710

No Global Groups Are Available Creating File-Share Resource Permissions in Cluster Administrator

278951

The Cluster Internet Protocol Address May Not Come Online After the Quorum Disk Is Corrupted

284838

How to Create a Server Cluster File Share with Cluster.exe

293778

Multiple-Path Software May Cause Disk Signature to Change

245762

Recovering from a Lost or Corrupted Quorum Log

257389

Microsoft Cluster Server May Not Share Folders Automatically

223023

Enhanced Disk Resource Private Properties Using Cluster Server

259267

Microsoft Cluster Service Installation Resources

Windows Server 2003

283715

The Features of the Local Quorum Resource on Windows Server 2003 Cluster

284134

Server Clusters Do Not Support GPT Shared Disks

245762

Recovering from a Lost or Corrupted Quorum Log

175761

Dynamic vs. Basic Storage in Windows 2000

198513

Clustering Cannot Determine If a Shared Disk Is Working Properly

251186

Best Practices for NTFS Compression

290987

Error 3 When Creating a File Share on a Cluster with the Application Wizard

302539

How to Troubleshoot Printing Issues on a Windows Server 2003 Cluster

301647

Cluster Service improvements for Storage Area Networks (SANs)

304415

Support for Multiple Clusters Attached to the Same SAN Device

306640

A Removed Disk Can Have Its Corresponding Cluster Resource Started

312090

Cannot Use 32-Bit Resources on a 64-Bit Server Cluster

318534

Best Practices for Drive-Letter Assignments on a Server Cluster

280297

How to Configure Volume Mount Points on a Clustered Server

296799

How to Configure Windows Clustering Groups for Hot Spare Support

301588

How to Use DFS on Server Cluster to Maintain a Single Namespace

302829

Cluster Service Does Not Remove File Share Entries from LANMANSRVR

304736

How to Extend the Partition of a Cluster Shared Disk

310072

Adding support for more than eight LUNs in Windows Server 2003 and Windows 2000

305547

Support for Booting from a Storage Area Network (SAN)

¹LooksAlive is a cursory status check that runs every 5 seconds (default). This routine simply checks that the disk status is not marked failed. LooksAlive is a cursory status check that runs every 5 seconds (default). This routine simply checks that the disk status is not marked failed. IsAlive is a more thorough check and occurs every 60 seconds (default). This routine checks that the disk status is not marked failed. If status is not failed, then FindFirstFile runs on the root of the disk to make sure the file system is still mounted and the disk is accessible

 

Technorati tags: MSCLUSTER, CLUSTER, WINDOWS 2003, Windows 2000

AD Infrastructure from No Man's Land View

There are people who knows why it happens, there are people who explain how to make it happen and there are people who use the above two concept for their own customization.

Suppose one day your manager asks to get over to the role of Active directory team lead. First question that comes to mind, is there any AD Infra documentation about it, In most case it is not. But with powershell by your side, it is simple to get these details. Lets start with Forest

 

$forest=[system.directoryservices.activedirectory.forest]::getcurrentforest()
write-host ""
Write-Host "Forest Mode :" $forest.Get_forestmode()
write-host ""
Write-Host SCHEMA ROLE OWNER
$forest.SchemaRoleOwner | select Name,Domain,IPAddress,sitename,OSVersion
if($forest.SchemaRoleOwner.IsGlobalCatalog()) {write-host $forest.SchemaRoleOwner.name is GC}
write-host ""
Write-Host NAMING ROLE OWNER
$forest.namingRoleOwner | select Name,Domain,IPAddress,sitename,OSVersion
if($forest.namingRoleOwner.IsGlobalCatalog()) {write-host $forest.namingroleowner.name is GC}
write-host ""
Write-host "SITES AND ITS LOCATION"
$forest.Sites | %{$_.name,$_.location}
Write-host "Number of sites "$forest.Sites.Count
#Global Catalogs
Write-host Number of GC : $forest.FindAllGlobalCatalogs().count
write-host ""
Write-Host "ALL GC'S NAME"
$forest.FindAllGlobalCatalogs() | %{$_.name}

OUTPUT:

Forest Mode : Windows2000Forest

SCHEMA ROLE OWNER

Name : snguatser.Zarays.com
Domain : Zarays.com
IPAddress : 192.168.100.110
SiteName : Default-First-Site-Name
OSVersion : Windows Server 2003

snguatser.Zarays.com is GC

NAMING ROLE OWNER
Name : snguatser.Zarays.com
Domain : Zarays.com
IPAddress : 192.168.100.110
SiteName : Default-First-Site-Name
OSVersion : Windows Server 2003

snguatser.Zarays.com is GC

SITES AND ITS LOCATION
Default-First-Site-Name
Number of sites 1
Number of GC : 1

ALL GC'S NAME
snguatser.Zarays.com

-----------------------------------------------------------------------------------

 

$domain=[system.directoryservices.activedirectory.domain]::getcurrentdomain()
Write-host Domain_Name: $domain.name
write-host Forest_Name : $domain.Forest.name
write-host Domain_Mode: $domain.DomainMode

Write-Host (""*25 + "Domain Controllers" + ""*25)
Write-Host Number of DC : $domain.DomainControllers.Count
Write-Host Domain controllers details:->
$domain.DomainControllers | %{$_.name,$_.IPAddress,$_.sitename,$_.osversion}
write-host ("-"*60)
Write-Host "Infrastructure Master Role :"
$domain.InfrastructureRoleOwner | fl Name,OSVersion,IPAddress,Sitename
if($domain.InfrastructureRoleOwner.IsGlobalCatalog()) {write-host $domain.InfrastructureRoleOwner.name is Global Catalog}
write-host (""*60)
Write-Host "PDC Master Role :"
$domain.pdcRoleOwner | fl Name,OSVersion,IPAddress,Sitename
if($domain.PDCRoleOwner.IsGlobalCatalog()) {write-host $domain.PDCRoleOwner.name is Global Catalog}
write-host (""*60)
Write-Host "RID Master Role :"
$domain.ridRoleOwner | fl Name,OSVersion,IPAddress,Sitename
if($domain.ridRoleOwner.IsGlobalCatalog()) {write-host $domain.ridRoleOwner.name is Global Catalog}
write-host""

OUTPUT:

Domain_Name: Zarays.com
Forest_Name : Zarays.com
Domain_Mode: Windows2000NativeDomain
Domain Controllers
Number of DC : 1
Domain controllers details:->
snguatser.Zarays.com
192.168.100.110
Default-First-Site-Name
Windows Server 2003
------------------------------------------------------------
Infrastructure Master Role :

Name : snguatser.Zarays.com
OSVersion : Windows Server 2003
IPAddress : 192.168.100.110
SiteName : Default-First-Site-Name

snguatser.Zarays.com is Global Catalog

PDC Master Role :

Name : snguatser.Zarays.com
OSVersion : Windows Server 2003
IPAddress : 192.168.100.110
SiteName : Default-First-Site-Name

snguatser.Zarays.com is Global Catalog

RID Master Role :

Name : snguatser.Zarays.com
OSVersion : Windows Server 2003
IPAddress : 192.168.100.110
SiteName : Default-First-Site-Name

snguatser.Zarays.com is Global Catalog

That's all for this post. It is simple idea what you can idea from CMDlets without even going through all places collecting and documenting this information. SInce my test machine doesn't include multiple domains, I can really get hold of better formatting.

Daily logs of DiskSize

I truly believe in learning new things and try out new things. Even there could be more than one way of doing it, it makes me crazy to put old things in new way, because you never new that it could be done in this way.

$Cusdate=(get-date).tostring("ddMMyyyy")
$file=new-item -type file "$Cusdate-freedisk.txt"
get-content "E:\PowerShell\Outputfiles&Folders\servers.txt" | % {

if((get-wmiobject win32_pingstatus -Filter "address='$_'").protocoladdress) {
$wmiObj=gwmi win32_logicaldisk -filter "deviceid='c:'" -computer $_
$freesp="{0:N02}" -f ($wmiObj.freespace/1MB)
$Totalsp="{0:N02}" -f ($wmiObj.size/1MB)
add-content $file "Total Size on C Drive of $_ : $Totalsp (MB)"
add-content $file "Free Size on C Drive of $_ : $Freesp (MB)"
}

else {
write-host $_ is not reachable -foreground "RED"
$Doubleline = ("="* 60)
add-content $file $Doubleline
add-content $file "$_ is not reachable"
}
}

http://thepowershellguy.com/blogs/posh/archive/2007/02/08/sesame-powershell-scripting-text-files.aspx

Above link is where the original code and Idea resides. I've modified it little but to look more like PowerShell.

Output is:

 

 

 

 

 

 

New things learnt:

$Cusdate=(get-date).tostring("ddMMyyyy") you can customize the date format.

Below is single line which will check if server is online, cause it makes sense before you do anything on the server, to make sure it is live.

if((get-wmiobject win32_pingstatus -Filter "address='$_'").protocoladdress) this will return true if server is live.

 

IceRocket tags: Powershell, DiskSize, File

del.icio.us tags: Powershell, DiskSize, File

Technorati tags: Powershell, DiskSize, File

Managing groups in Active Directory with Powershell

Let's do something with groups in Active directory, I have couple of users and one group under OU named Singapore. My intention here is to modify only user accounts and not group so I have condition them with SamAccountType.

$SNGOU=new-object directoryservices.directoryentry("LDAP://ou=singapore,DC=zarays,dc=com") # Let's connect to OU name Singapore
$UserObject=$sngou.psbase.Children # Lets get the object under OU

foreach($user in $userobject) {
if ($user.sAMAccountType -eq 805306368) { # we want to just update user object and not group object
$user.put("Description","Storage Admins") # We change the description to Storage Admins
$user.setinfo() # Commit changes
}
}

Let's create a group in Singapore OU :

$SNGOU=new-object directoryservices.directoryentry("ldap://ou=singapore,DC=zarays,dc=com/") # Let's connect to OU name Singapore
$Grp=$SNGOU.psbase.Children.Add("CN=Storageadmins","group")

$grp.psbase.commitchanges()

Group is created. Now lets add member to this group. Assuming there are several users in OU, we will only add user whose department is Provisioning. But before I go to the code, I would like to share something with you. You won't see member property if you do

$Grp | gm

or $grp.member

cause there is nothing to display but moment you add user, the next moment you do

$grp | gm

you will see member property.

If you are as beginner like me & would like to know the property, simplest way is to use google. After searching 4 hours I got to know Oh what is happening. And similiarly there is attribute called managedby, it is also having same story. There might be many.

$grp.managedBy.Value

$grp.managedBy.Add("CN=Preetam,OU=Singapore,DC=Zarays,DC=com")

$grp.psbase.CommitChanges()

Let's get to adding members to the group. Remember one thing if your CN name has space you will have to use quotes [$grp.member.add("$DN")].

Also you need a distinguished name in order to add it to any particular group, which is quite logical cause it confirms user object is present and where is it.

$Grp=new-object directoryservices.directoryentry("LDAP://cn=storageadmins,ou=singapore,dc=zarays,dc=com") # GRP -Connection
$SNGOU=new-object directoryservices.directoryentry("LDAP://ou=singapore,DC=zarays,dc=com") #OU -Connection
$UserObject=$sngou.psbase.Children # Populate childs in OU

foreach($user in $userobject) {
$DN=$user.distinguishedName # Get there distinguished name
if ($user.department -eq "Provisioning") {
$grp.member.add("$DN") #Add them to group

$grp.setinfo() # Commit changes

}
}

There is very good post available on http://janssenjones.typepad.com/, I liked it very much for adding members to the group.

Again there is very very stuff on internet but this cooked by me and I always like to eat that way. And my experience hopefully will help you all.

CoolOne with Powershell

Yesterday there was question in KBC , English version[Original] Who wants to be Millionaire, how many 9's are there from 1 to 100. Before they could answer I answered it quickly with Powershell. This is how

(1..100 where{$_ -like "*9*}).count

Bulk User Creation using PowerShell

When we think of making any changes in AD, we must start at creating objects. And as always first thing that comes to Mind is to create multiple users. And again here reference are same as previous one's MOW and Arulk. MOW's concept is used but methods I have to use from Arulk, cause things work.

Usually you get a excel sheet from the HR etc dept, I would always convert it into CSV since PowerShell will do the magic for me.

Contents of CSV file [Busers.csv]

Below are the headers of the CSV file and you can fill in the data.

CN,SN,GivenName,Name,Title,Description,PostalCode,TelephoneNumber,Department,Company,StreetAddress,Countrycode,SamAccountName,userPrincipalName,Mail,HomePhone,mobile.

I've shared the CSV file using google docs. Click Here

I'm going to create bulk users in India OU, which is under Zarays' OU

$IndiaOU=[ADSI]LDAP://localhost:389/ou=India,dc=zarays,dc=com
# Connecting to India OU

$UserDetails=Import-Csv "Buser.csv" #-----importing bulkusers data

foreach($UD in $UserDetails) { #--------looping into csv file and

# Passing all data into variables
$CN=$UD.CN
$SN=$UD.SN
$title=$UD.title
$description=$UD.description
$department=$UD.department
$streetAddress=$UD.streetAddress
$postalcode=$UD.postalcode
$telephoneNumber=$UD.telephoneNumber
$givenName=$UD.givenName
$company=$UD.company
$mail=$UD.mail
$homePhone=$UD.homePhone
$mobile=$UD.mobile
$userPrincipalName=$UD.userPrincipalName
$Samaccountname=$UD.Samaccountname

$Indiauser=$IndiaOU.create("user","cn=$cn") #I created actual user here and later I'm

#filling all properties for user
$Indiauser.Put("sAMAccountName",$Samaccountname)
$Indiauser.put("SN",$SN)
$Indiauser.put("Title",$Title)
$Indiauser.put("Description",$description)
$Indiauser.put("department",$department)
$Indiauser.put("streetAddress",$streetAddress)
$Indiauser.put('Postalcode',$postalcode)
$Indiauser.put('telephoneNumber',$telephoneNumber)
$Indiauser.put('givenName',$givenName)
$Indiauser.put('company',$company)
$Indiauser.put('mail',$mail)
$Indiauser.put('homePhone',$homePhone)
$Indiauser.put('mobile',$mobile)
$Indiauser.put('userPrincipalName',$userPrincipalName)

$Indiauser.setinfo() #All data committed. There are lots of other properties you can

#add
}

Below here I'm doing two things, First is enable the user and second set password. Because for some reason I'm not able to get these two things done in above loop. It throws exception. But I'm sure it can be included.

$IndiaOU=new-object directoryservices.directoryentry("LDAP://ou=India,dc=zarays,dc=com")
$UserDetails=Import-Csv "Buser.csv"

$userdetails=$IndiaOU.psbase.Children

foreach($UD in $UserDetails) {
$CN=$UD.CN
$accts=$IndiaOU.psbase.Children.Find("cn=$CN")
$accts.psbase.Invoke("SetPassword","P@ssW0Rd")
$accts.psbase.InvokeSet('Accountdisabled',$false)
$accts.psbase.CommitChanges()
}

Last and least, I'm sure there much better CMDlets to do this job, but what makes me proud it that I've created this script and I understand it very well. As compare to those VBScript scripts available on the net, I can use it but can't customize it. Thanks GOD there is PowerShell Team of Blogs.

Technorati tags: Powershell, Active Directory

IceRocket tags: Powershell, Active Directory

del.icio.us tags: Powershell, Active Directory

UPDATED :Please check comment where you will see the reason Why code has been updated.

Marc !! Bingo here it goes..the way it should work.

$IndiaOU=[ADSI]"LDAP://localhost:389/ou=Singapore,dc=zarays,dc=com"$UserDetails=Import-Csv "latestusers.csv"
foreach($UD in $UserDetails) {

$CN=$UD.CN

$SN=$UD.SN

$title=$UD.title

$description=$UD.description

$department=$UD.department

$streetAddress=$UD.streetAddress

$postalcode=$UD.postalcode

$telephoneNumber=$UD.telephoneNumber

$givenName=$UD.givenName

$company=$UD.company

$mail=$UD.mail

$homePhone=$UD.homePhone

$mobile=$UD.mobile

$userPrincipalName=$UD.userPrincipalName

$Samaccountname=$UD.Samaccountname

$Indiauser=$IndiaOU.create("user","cn=$cn")

$Indiauser.Put("sAMAccountName",$Samaccountname)

$Indiauser.put("SN",$SN)

$Indiauser.put("Title",$title)

$Indiauser.put("Description",$description)

$Indiauser.put("department",$department)

$Indiauser.put("streetAddress",$streetAddress)

$Indiauser.put('telephoneNumber',$telephoneNumber)

$Indiauser.put('givenName',$givenName)

$Indiauser.put('company',$company)

$Indiauser.put('mail',$mail)

$Indiauser.put('homePhone',$homePhone)

$Indiauser.put('mobile',$mobile)

$Indiauser.put('userPrincipalName',$userPrincipalName)

$Indiauser.setinfo()

$Indiauser.psbase.Invoke("SetPassword","P@ssW0Rd")

$Indiauser.psbase.InvokeSet('Accountdisabled',$false)

$Indiauser.psbase.CommitChanges()

}

[DSQuery]-With PowerShell

[DSQuery]-With PowerShell

Below post talks about querying AD. However before you go through this post I strongly recommend you go through below link from

MOW : - http://mow001.blogspot.com/2006/09/powershell-rc2-and-active-directory.html

Let me admit it that below post are original ideas and concept by MOM, here at the most I using better formatting and pulling out corollary out of it.

Connect to AD

[adsi]''
$root=[adsi]'' or $root=new-object directoryservices.directoryentry

List properties of AD Objects

$root fl *

List methods of AD Objects

$root.psbase gm -membertype method # Get all methods

Walk to the Domain structure to wanted OU

$root.psbase.Children

distinguishedName
-----------------
{CN=Builtin,DC=Zarays,DC=com}
{CN=Computers,DC=Zarays,DC=com}
{OU=Domain Controllers,DC=Zarays,DC=com}
{CN=ForeignSecurityPrincipals,DC=Zarays,DC=com}
{OU=France,DC=Zarays,DC=com}
{OU=India,DC=Zarays,DC=com}
{CN=Infrastructure,DC=Zarays,DC=com}
{CN=LostAndFound,DC=Zarays,DC=com}
{CN=NTDS Quotas,DC=Zarays,DC=com}
{CN=Program Data,DC=Zarays,DC=com}
{OU=Singapore,DC=Zarays,DC=com}
{CN=System,DC=Zarays,DC=com}
{OU=UK,DC=Zarays,DC=com}
{CN=Users,DC=Zarays,DC=com}

$users=$root.psbase.children.find('CN=Users') or $users=new-object directoryservices.directoryentry("LDAP://CN=Users,DC=Zarays,DC=com")

-To get properties of user containers

$users fl *

-To find user in a container

$users.psbase.Children.Find('cn=Preetam')

$users.psbase.Children.Find('cn=Preetam') fl *

Corollary 01

Lets use this feature.

$preetam=$users.psbase.Children.Find('cn=Preetam')

$shilpa=$users.psbase.Children.Find('cn=shilpa')

Compare-Object $preetam.memberOf $shilpa.memberOf

Output is

InputObject SideIndicator
----------- -------------
CN=Domain Admins,CN=Users,DC=Zarays,DC=com <=
CN=Enterprise Admins,CN=Users,DC=Zarays,DC=com <=
CN=Schema Admins,CN=Users,DC=Zarays,DC=com <=

Which means Shilpa is not member of above group

Corollary 02

$OU=new-object directoryservices.directoryentry("LDAP://ou=Singapore,dc=zarays,dc=com")

$b=$ou.psbase.children
foreach($c in $b) {
$c.mail
}

output is Email address of all users inside OU singapore. And these address are generally required when you need to communicate back with your colleagues when you leave you current job

ACTIVE DIRECTORY AND POWERSHELL

I want to devote this and may be next month on Active directory and powershell.Just a simple search on google will lead you to very good posts by MOW.

I checked the datestamps and they where way back mid 2006.It is the best thing to start. Also Arul writes a lot on Ad mgmt. But lots of things changed with RC2. I'm looking forward to put same stuff in better format. And these are not only reference but there are lots articles on AD. However I'm looking forward to use powershell's power get proper format, in short MOre with less.

Broadly speaking there are always two things you do with Active directoy, Querying AD and committing changes to AD.

Both of these are very very interesting and I'm loving it with powershell by your side.

Within System.DirectoryServices there are two main classess

• DirectoryEntry for creating objects [Committing changes]
• DirectorySearcher for searching objects [Querying]

Let first create OU's

Out of it I got little things done by myself. I have created multiple OU's in one go.

$objUser = [ADSI]"LDAP://localhost:389/Ou=India,dc=zarays,dc=com" # Connection established with LDAP port
$readfile=get-content "E:PowerShellActiveDirectoryOUList.txt" # Reading file

foreach($readf in $readfile) {
$ou=$objUser.create("organizationalunit", "ou=$readf") #Creating OU
$ou.setinfo() # Committing changes
}

Following OU's are created assuming India ou is already there

• Bangalore
• Chennai
• NewDelhi
• Mumbai

---

Let's edit properties of OU here

$readfile=get-content "E:PowerShellActiveDirectoryOUList.txt"
foreach($ou in $readfile) {
$u=$ou + " Operations"
$OUC=new-object directoryservices.directoryentry("LDAP://OU=$ou,OU=India,Dc=zarays,dc=com") #connect to OU
$ouc
$oUc.Put("description", $u) #Description but there is one more way to do this.
$oUc.SetInfo() # very important line, this where you says please commit what has been said above.
}

Descriptions changes to

• Bangalore Operations
• Chennai Operations
• NewDelhi Operations
• Mumbai Operations

---

Contents of oulist.txt

• Bangalore
• Chennai
• NewDelhi
• Mumbai

REF:

MOW

http://mow001.blogspot.com/2006/06/powershel-and-active-directory-part-1.html

ARULK

http://blogs.msdn.com/arulk/