Reset Microsoft Surface tablet to factory settings

My manager recently purchased two Microsoft surface tablets in the states and of course deployed one of these units to the MD, no big deal I thought (for testing purposes). However connecting it to our exchange server required a password change and this is where the fun began.

Following a successful password change, the password was subsequently forgotten (it happens to us all) and access to the Surface unit was locked. After a quick search in Google I found a link to a TechNet article (http://technet.microsoft.com/en-us/library/ee692045(v=surface.10).aspx) that provides step by step instructions to reset a Surface unit back to Windows Vista factory settings - oh dear god no.

Now for the correct way to reset the tablet in this event:

1. Boot the Surface tablet to the Windows 8 logon screen
2. With the keyboard left shift button held down tap the power icon and choose the restart option
3. A menu will appear with several options, pick the Troubleshoot option
4. Now you will be presented with options to wipe the device back to factory settings

SCOM Dashboard / Windows Auto Logon

I was recently requested to setup a SCOM dashboard which needed to be displayed in a public area of my office so employees and management could see live states of applications and our WAN infrastructure. 

Setting up the Visio web drawings was the easy part, linking them back to SCOM and setting various shades of green, amber and red for alerts etc. One thing that struck me though was the absence of TweakUI for the Windows 7 PC that would drive the dashboard screens, remember with the Microsoft TweakUI PowerToy you could very easily setup an auto logon account (obviously you need to ensure that the account is very restricted).

SysInternals offer their autologin utility (http://technet.microsoft.com/en-us/sysinternals/bb963905.aspx) but I wanted to have control over a number of machines across our network and the user / password combination for them.

Having prepared a new GPO which effectively turned the user accounts setup for the dashboard PC's into kiosks I stripped the additional registry keys that the autologin utility creates and added them into the group policy preferences/registry:

Keys required:

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName

With the new GPO supplied registry entries I can now specify targets for the DefaultPassword and DefaultUserName registry entries allowing me to control which user logs into which dashboard machine.

Another minor task made easier..

Software VSS Provider - DPM 2010/2012 Brick Level Backup

Even entry level SAN's today from vendors such as HP, Dell etc are offering hardware VSS software as standard, which is great for brick level backups of your Hyper-V virtual environment. 

But... What happens if you find yourself using a SAN without H/W snapshots or your financial director has locked away the key to the stationary room. The dilemma is then whether or not to go ahead and submit the proposal for the H/W snapshot licenses or use the build in software VSS provider in Windows.

It is at this stage you need to undertake a comprehensive review of the perils of using software VSS, these being the increased demands on your Hyper-V hosts, long backup times and the dreaded redirected I/O in a clustered environment.

Redirected I/O

When backing up CSV's you will need to rethink your VM placement, this is due to the fact that low level operations on CSV's in Windows 2008 R2 Hyper-V result in redirected I/O. This process locks the CSV for exclusive access by the CSV owner in order to take a consistent backup, the bad news is every other host in the cluster will need to read and write data over cluster communications network rather than the storage network.

When using H/W VSS providers the amount of time for redirected I/O to occur during a backup is limited to the time required to create the hardware snapshot (typically a couple of seconds), but when using a S/W VSS provider redirection will occur for the entire length of the backup. Obviously backing up large numbers of virtual machines during business hours becomes a non runner, however S/W VSS can be used to backup VM's as long as you plan your environment to suit the solution.

VM Placement

When planning to use the S/W VSS provider you need to consider a couple of key area's. As mentioned earlier you want to limit the amount of time you incur redirected I/O so you should setup protection groups by CSV rather than by logical groupings such as SQL servers for instance. VM's with VHD's on multiple CSV's are also going to be an issue as when a backup is called, every CSV which is associated with the VM will also go into redirected I/O mode.

Using manual migration or Systems Center Virtual Machine Manager you want to get to a point where by manageable quantities of virtual machines are located for your soon to be built brick level protection groups.

Serialisation - Backup Jobs

Once you have sorted out your CSV / VM placement design the next stage is to serialise backups by using registry entries and the DSConfig powershell script. This process ensures that DPM is made aware of virtual machine placement at a storage level and limits DPM as to how many VM's it can backup at a particular time.

Conclusion...

Once you plan your environment and follow the guidelines outlined (http://technet.microsoft.com/en-us/library/hh757922.aspx), using DPM for brick level backups with the software VSS provider can help you get to a good place with your entire virtual environment ready to restore in a click of a button.

Microsoft PKI Update - October Patch Tuesday

Patch Tuesday in October will present a new challenge to IT admins across the globe as Microsoft increase the minimum RSA key length supported by all operating systems going back as far as Windows XP SP3.

The new 1024 bit requirement has the potential to cause large scale issues if certs are not updated to reflect the new security requirements of the O/S. Be warned and read the below advisory in order to keep systems compliant.

Microsoft Customer Advisory : http://support.microsoft.com/kb/2661254
CAPI2 Logging Utility : http://support.microsoft.com/kb/2661254

The User Profile Service failed the logon. User profile cannot be loaded

During a recent deployment of Windows 7 Enterprise with SCCM I ran into a strange issue after adding the install updates into the task sequence. When the O/S loaded only users with administrative rights who had logged on to the machine previously (i.e. local admin in this case) could log on.

For all other users they received the following message:

 

"The User Profile Service service failed the logon"

Microsoft do have a KB on this issue (http://support.microsoft.com/kb/947215), however in my scenario the user profile didn't exist so the fixes did not apply.

Having looked at the logs it became apparent that files within the C:\Users\Default directories had altered security permissions following the Windows updates.

As a work around I added the following command line task to reset permissions to default on the C:\Users\Default directory.

 

Command : icacls C:\Users\Default\* /reset

Installing Windows 8 Remote Server Administation Tools (RSAT) onWindows 8 RTM

Windows RSAT tools are obviously a must have set of tools for any systems administrator, allowing you to control all aspects of your core server environment from the comfort of your Windows client.

During the Beta process of Windows 8, Microsoft released a version for the O/S (http://www.microsoft.com/en-ie/download/details.aspx?id=28972). The new RSAT tool provided support for Server 2012 whilst sacrificing support for earlier Hyper-V servers and clusters, something I am sure will be corrected in the full release of the Win 8 RSAT expected later this month.

If you really feel the need to get the BETA RSAT tools installed on the RTM build of Windows 8, you will need to force the installation by running the MSU from the command line / explorer will generate an error.

To force the install of Windows 8 RSAT beta simply follow the below procedure.

1. Download the Windows 8 RSAT MSU in either of its 32bit or 64bit flavours available on the Microsoft Download site (see link above).
2. Expand the MSU using the following example:
   (64 bit)
   expand –f:* C:\RSAT\MSU\Windows6.2-KB2693643-x64.msu C:\RSAT\EXPANDED
   
   
   
   (32 bit)
   expand –f:* C:\RSAT\MSU\Windows6.2-KB2693643-x86.msu C:\RSAT\EXPANDED
3. Once the files are expanded you can use the Windows package manager (PKGMGR.exe) to install the update silently.
   
   pkgmgr /ip /m:C:\RSAT\Expanded\Windows6.2-KB2693643-x64.cab
   
   
4. The package will install silently and will take up to 10 minutes depending on your hardware, you can monitor the PKGMGR.exe process to determine when the update is installed.
5. Once the update is installed go into Control Panel, Programs and Features and Turn Windows Features on or off. You should notice that the remote administration tool are installed:
   
   

UPDATE : RSAT RTM released : http://www.microsoft.com/en-us/download/details.aspx?id=28972

 

Remove Missing VM's - SCVMM 2010 / 2012

Should you find yourself in a situation whereby you have removed a VM without removing it from virtual machine manager, you will have a "missing" entry that you are unable to remove via the management console.

To remove the VM simply undertake the following actions:

1. Stop the virtual machine manager service on your SCVMM server
2. Log onto the SQL instance that houses the SCVMM database
3. Locate the following table : dbo.tbl_WLC_VObject then edit the top 200 rows
4. Confirm that the VM's listed with an Object state "220" are the missing or retired VM's
5. Now run the following SQL script:
   
   BEGIN TRANSACTION T1
   
   DECLARE custom_cursor CURSOR FOR
   SELECT ObjectId from
   dbo.tbl_WLC_VObject WHERE [ObjectState] = 220
   DECLARE @ObjectId uniqueidentifier
   OPEN custom_cursor
   FETCH NEXT FROM custom_cursor INTO @ObjectId
   WHILE(@@fetch_status = 0)
    BEGIN
    DECLARE vdrive_cursor CURSOR FOR
    SELECT VDriveId, VHDId, ISOId from
    dbo.tbl_WLC_VDrive WHERE ParentId = @ObjectId
    DECLARE @VDriveId uniqueidentifier
    DECLARE @VHDId uniqueidentifier
    DECLARE @ISOId uniqueidentifier
   
    OPEN vdrive_cursor
    FETCH NEXT FROM vdrive_cursor INTO @VDriveId, @VHDId, @ISOId
    WHILE(@@fetch_status = 0)
    BEGIN
     DELETE FROM dbo.tbl_WLC_VDrive
            WHERE VDriveId = @VDriveId
     if(@VHDId is NOT NULL)
     BEGIN
          
      DELETE FROM dbo.tbl_WLC_VHD
      WHERE VHDId = @VHDId
      DELETE FROM dbo.tbl_WLC_PhysicalObject
      WHERE PhysicalObjectId = @VHDId
     END
     if(@ISOId is NOT NULL)
     BEGIN
   
      DELETE FROM dbo.tbl_WLC_ISO
             WHERE ISOId = @ISOId
      DELETE FROM dbo.tbl_WLC_PhysicalObject
      WHERE PhysicalObjectId = @ISOId
     END
   
        FETCH NEXT FROM vdrive_cursor INTO @VDriveId, @VHDId, @ISOId
      END
    CLOSE vdrive_cursor
    DEALLOCATE vdrive_cursor
   -----------------
    DECLARE floppy_cursor CURSOR FOR
    SELECT VFDId, vFloppyId from
    dbo.tbl_WLC_VFloppy WHERE HWProfileId = @ObjectId
    DECLARE @vFloppyId uniqueidentifier
    DECLARE @vfdId uniqueidentifier
    OPEN floppy_cursor
    FETCH NEXT FROM floppy_cursor INTO @vfdId, @vFloppyId
    WHILE(@@fetch_status = 0)
    BEGIN
         DELETE FROM dbo.tbl_WLC_VFloppy
     WHERE VFloppyId = @vFloppyId
   
     if(@vfdid is NOT NULL)
     BEGIN
      DELETE FROM dbo.tbl_WLC_VFD
      WHERE VFDId = @vfdId
      DELETE FROM dbo.tbl_WLC_PhysicalObject
      WHERE PhysicalObjectId = @vfdId
   
     END
   
        FETCH NEXT FROM floppy_cursor INTO @vfdId, @vFloppyId
      END
    CLOSE floppy_cursor
    DEALLOCATE floppy_cursor
   ----------------
    DECLARE checkpoint_cursor CURSOR FOR
    SELECT VMCheckpointId from
    dbo.tbl_WLC_VMCheckpoint WHERE VMId = @ObjectId
    DECLARE @vmCheckpointId uniqueidentifier
    OPEN checkpoint_cursor
    FETCH NEXT FROM checkpoint_cursor INTO @vmCheckpointId
    WHILE(@@fetch_status = 0)
    BEGIN
         DELETE FROM dbo.tbl_WLC_VMCheckpointRelation
     WHERE VMCheckpointId = @vmCheckpointId
   
   
        FETCH NEXT FROM checkpoint_cursor INTO @vmCheckpointId
      END
    CLOSE checkpoint_cursor
    DEALLOCATE checkpoint_cursor
   -------------------------
   ---------Clean checkpoint
    DELETE FROM dbo.tbl_WLC_VMCheckpoint
    WHERE VMId = @ObjectID
   
           exec [dbo].[prc_VMMigration_Delete_VMInfoAndLUNMappings] @ObjectId
           DECLARE @RefreshId uniqueidentifier
           exec [dbo].[prc_RR_Refresher_Delete] @ObjectId, @RefreshId
   
           DELETE FROM dbo.tbl_WLC_VAdapter
    WHERE HWProfileId = @ObjectId
   
           DELETE FROM dbo.tbl_WLC_VNetworkAdapter
    WHERE HWProfileId = @ObjectId
                  
           DELETE FROM dbo.tbl_WLC_VCOMPort
    WHERE HWProfileId = @ObjectId
           DELETE FROM dbo.tbl_WLC_HWProfile
           WHERE HWProfileId = @ObjectId
           DELETE FROM dbo.tbl_WLC_VMInstance
           WHERE VMInstanceId = @ObjectId
    DELETE FROM dbo.tbl_WLC_VObject
    WHERE ObjectId = @ObjectId
       FETCH NEXT FROM custom_cursor INTO @ObjectId
     END
   CLOSE custom_cursor
   DEALLOCATE custom_cursor
   COMMIT TRANSACTION T1
   
   Original  - http://technet.microsoft.com/en-us/library/ff641854.aspx
6. Once the script has run start up the SCVMM services and open the console.
7. Your missing VM's will now be absent from the console

Warning : Editing any SQL databases should be carried out with extreme caution and a valid backup should be present to roll back to in the event of accidental deletion of critical data or unexpected results.

Removing Failed Servers in DPM 2012

If you find yourself in a position whereby you have a failed or deleted virtual/physical server, your DPM server will report the agent as being "Unavailable". Once in this state you will be unable to uninstall the agent as DPM will attempt to talk to the server in question to remove it gracefully from its database.

In order to get around this open the DPM Management Shell and run the following command:

Remove-ProductionServer.ps1

Once prompted enter the name of your DPM sever, e.g. DPMServer.contoso.com
On the next prompt enter the FQDN of the failed server, e.g. FileServer1.contoso.com

You should now receive the following confirmation that your server has been removed from DPM database

Removed ProductionServer successfully

Open the management tab from within the DPM Administrator Console and you should see that the failed server has been removed from your agents list.

Windows 8 Enterprise

It's hard to believe its been a full week since I rushed into the office early to download and rebuild my HP Elitebook with Windows 8 Enterprise.

Now a week down and I find the transition to the new Metro modern UI to be a smooth one and I find myself adapting to the latest way of getting around Microsoft's latest OS. Yes, The UI is ultimately intended for touch devices however if you set aside any misconceptions and get past the first few hours you find things are just as accessible on your non touch enabled device.

I like many other of my fellow IT colleagues find that a mixture of pinning apps to the task bar and relearning the often under used Windows hotkeys can provide a totally new way of doing things, in my opinion in many ways this if for the better. As an administrator I find myself missing the RSAT tools that I had in the beta, however I will make do with RDP connections until the updated release is released to the masses in September.

The experience has not been without its faults however as vendor driver support is still thin on the ground, this also extends to a/v providers such as McAfee leaving you to rely on the inbuilt Defender and BitLocker tools. The one issue that has perplexed me is the built in Hyper-V network settings as to date my laptop does not want to play ball sharing the connections between the host and VM.