PowerShell – Active Directory – View FSMO Role Holders

Ever need to view what servers have FSMO roles in your forest or domain? Instead of opening multiple separate GUI tools, use PowerShell!

To view Domain FSMO role holders:
Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

To view Forest FSMO role holders:
Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster

Excel O365 Slow Startup When Opening Files–A weird Dell Driver issue (OptiPlex 3050)

I ran across an issue today where a user was having weird issues when launching Excel, and only Excel, from the jump list when pinned to the start menu or the taskbar.

A few sources online point to this being possibly Cortana (pretty weird) to things like the jump list being corrupt to even having SuperFetch turned on and running even if the machine is running on a solid state drive.

I did finally find a post similar to above, but in the bottom of the comments people noted when they closed a dell driver service called WAVE MaxxAudio that the issue resolved itself. I didn’t notice this resolving the problem, but I did attempt to strip the Realtek HD Drivers off and install the vanilla ones from their website.

For reference: 0009-64bit_Win7_Win8_Win81_Win10_R282 (R2.82)

I also updated the Intel chipset drivers using Intel’s installer, the Dell Intel HD Video Driver, Dell BIOS and Dell provided Intel NIC Driver.

Upon reboot the user still had audio and the slowness launching Excel to open network files ceased.

  • Dell OptiPlex 7050
  • Windows 10 Pro Build 1703
  • Office 365 (Excel) Build 1708 (Updated to 1709 during troubleshooting)
  • BIOS OptiPlex_7050_1.6.5
  • Intel HD Graphics Driver – Intel-HD-Graphics-510-530-630-Driver_CMGP0_WIN_22.20.16.4771_A04
  • Network Driver – 12.15.25.6

When Bad Rabbit made antivirus jump the gun

The Setup – You’re running Windows 7 Professional and want to have disk encryption. The open source options don’t look super good and to get bitlocker you need Windows 7 Enterprise or upgrade to Windows 8 (or 8.1) which may not be an option due to the user base’s learning curve. Someone decides that DiskCryptor being open source and branched from legitimate software is the best choice. No issues up until one morning when machines start bricking on reboot and blue-screening with Stop 7B errors. Not sure if its an update or not you dig in.

 
 

Here is what is happening. Bad Rabbit hit a good part of Europe, so Malware Bytes was quick to jump on a way to defend against this. If you didn’t know, Bad Rabbit uses DiskCryptor drivers to encrypt your drive and hold it as ransom. Another fun thing that can happen is that since Windows 7 comes with basically Defender – and Microsoft was also doing its bit to defend against Bad Rabbit – it can also spring and attack legitimate DiskCryptor.

Of course, these days, the best approach is to move to Windows 10 Professional and enable bitlocker. Read below to get yourself out of the pickle if you haven’t gotten this far yet.

Update 2017-11-1 – Looks like both products below no longer flag this software with a false positive. I couldn’t reproduce this in my lab VM.

Windows Defender – Strips the Boot Loader that is the key to booting your machine and getting the decryption password and passing it to Windows. You’ll have to re-install the boot loader, which is easy.

Malwarebytes – This one is tougher. If the machine hasn’t rebooted, you can allow the (up to) three files it quarantines – two dcrypt drivers and a registry key. If you’re not so lucky you’ll have to follow along with the guide below to get you out of this pickle.


Fixing the Boot Loader Issue (Windows Defender)

  1. Download the recovery CD someone has made. It’s a legal grey zone – you can get all the files yourself to build the same disk, but this is premade, so it makes it easier:
    1. https://diskcryptor.net/forum/index.php?topic=5284.0
    2. Note – I used the PLUS version and burnt it to a CD. You can also successfully use RUFUS and burn it to a USB drive.
    3. You may need to change your HDD/SSD to AHCI mode from RAID if you can’t get this to boot – worked for us on systems that have M.2 PCIe SSDs
  2. Open DiskCryptor on the desktop once boot is complete
  3. Open the menu Tools > Bootloader Config
  4. Choose your primary hard drive (USB will also show up here I believe, so be careful)
  5. Click on Install Bootloader
  6. Reboot – you should be good to go

Fixing the Malwarebytes issue when the machine wont boot (Stop 7B)

  1. Download the recovery CD someone has made. It’s a legal grey zone – you can get all the files yourself to build the same disk, but this is premade, so it makes it easier:
    1. https://diskcryptor.net/forum/index.php?topic=5284.0
    2. Note – I used the PLUS version and burnt it to a CD. You can also successfully use RUFUS and burn it to a USB drive.
    3. You may need to change your HDD/SSD to AHCI mode from RAID if you cant get this to boot – worked for us on systems that have M.2 PCIe SSDs
  2. Open DiskCryptor on the desktop once boot is complete
  3. Select your C: drive and perform a mount (May not be C: on the boot disk – in my case its E:)
  4. Enter your password and Click OK
  5. You should get an option now to decrypt the drive
  6. Enter your password again
  7. Wait for the disk to finish decryption (or work on the following, but DO NOT reboot until this is complete)
  8. In the meantime, you can remove the boot loader from the disk as well (continue)
  9. Open the menu Tools > Bootloader Config
  10. Choose your primary hard drive (USB will also show up here I believe, so be careful)
  11. Click on Remove Bootloader
  12. Now the fun part – clean up all the registry entries, so Windows 7 doesn’t try loading missing filter driver files and crash on boot
  13. Open Regedit (Win+R) and type regedit <enter>
  14. Navigate to Computer > HKEY_LOCAL_MACHINE (HKLM here on out)
  15. File > Load Hive…
  16. Navigate to the (C:) \Windows\System32\config\
  17. Open the SYSTEM file (it has no extension)
  18. Enter anything for the Key Name: (Temp)
  19. Select the new key that represents the hive on the HDD
  20. Go to Edit > Find…
  21. Search for dcrypt
  22. Remove the following:
    1. In any Upper or Lower Filters, remove the line ‘dcrypt’ in the multi-line key entry – leave everything else!
    2. Remove the dcrypt.sys in DumpFilters
      1. Before
      2. After


    3. Keep F3’ing (Find Next) to make sure we get everything
    4. Delete the entire dcrypt tree
    5. If you run across a PendingRename key, you can just blow this away too
  23. Wait for the disk to fully decrypt
  24. Reboot into Windows

Ending notes

I ran across a few fun bugs with this software

  1. When you have a Windows boot CD in the machine it writes text to the console, which then gets postpended by the prompt to enter a password – the software doesn’t clear the screen first (doh!)
  2. The password status doesn’t work, and honestly is a bad feature to even consider having since it lets someone write a script to hammer at the decryption password. My password is 8 characters.

  

Exchange 2007 – Test Service Health Post Update

Process

  1. Update
  2. Rollups
  3. Reboot
  4. Verify Functionality

Verify Functionality

  1. After rebooting, run the following within the Exchange PowerShell Console:
    1. Test-ServiceHealth
  2. Validate that all services show True for started within the list
  3. If a service is not running, type the following command to start it:
    1. Net start <service name>
  4. Test-Mailflow
    1. Note that this will show if mailflow is working. (ISRemoteTest will not wok)
  5. Test-MAPIConnectivity
    1. This validates that Outlook can connect to exchange
  6. Open OWA in a web browser and confirm the following:
    1. Login
    2. Mail display
    3. Open the To… Field and verify that the address book shows the global catalog
  7. Test Email Relay Manually –
    1. Sent Outbound Email
    2. Respond back and confirm receipt
    3. Send Scan or Device Alert email manually – this tests SMTP mail flow

Windows Setup–2TB Partition Limit in Windows – How to Overcome

Here are the steps:

  • Critical – BIOS Menu – Make sure the server is setup to boot from UEFI vs BIOS or this will not work
  • Critical – Boot – Make sure you boot with a GPT/EFI boot menu item (F11 for dell servers) – some media is not compatible with this
    • Windows CDs burned to disk are typically OK
    • Windows ISO images pressed to USB using rufus (see below)
      • MBR for BIOS or UEFI
      • MBR for UEFI
      • GPT for UEFI
      • ISO files loaded into Hyper-V
      • ISO files loaded into an iDRAC as remote media
  • In windows setup during the disk process, Hit SHIFT+F10 to bring you to the command prompt
    • C:\> diskpart <enter>
    • DISKPART> list disk
    • DISKPART> select disk 0
    • DISKPART> clean
    • DISKPART> convert gpt
  • From here, refresh the GUI Disk guide to see if it shows up. Attempt to create your partitions for your server
    • Typical is 80GB OS, 100% of free space for D:

I have an older version of this guide on SpiceWorks

Windows Setup – 2TB Partition Limit in Windows – How to Overcome

Here are the steps:

  • Critical – BIOS Menu – Make sure the server is setup to boot from UEFI vs BIOS or this will not work
  • Critical – Boot – Make sure you boot with a GPT/EFI boot menu item (F11 for dell servers) – some media is not compatible with this
    • Windows CDs burned to disk are typically OK
    • Windows ISO images pressed to USB using rufus (see below)
      • MBR for BIOS or UEFI
      • MBR for UEFI
      • GPT for UEFI
      • ISO files loaded into Hyper-V
      • ISO files loaded into an iDRAC as remote media
  • In windows setup during the disk process, Hit SHIFT+F10 to bring you to the command prompt
    • C:\> diskpart <enter>
    • DISKPART> list disk
    • DISKPART> select disk 0
    • DISKPART> clean
    • DISKPART> convert gpt
  • From here, refresh the GUI Disk guide to see if it shows up. Attempt to create your partitions for your server
    • Typical is 80GB OS, 100% of free space for D:

I have an older version of this guide on SpiceWorks

Joining a Workstation (Windows 7) to a Zentyl Domain

  1. You may have to manually set the DNS of the workstation to the Domain Server if DHCP does not set this
  2. Ping the domain name (eg mydomain.local) and verify that it pings successfully. Note that it should be one of your domain servers.
    clip_image002
  3. Make sure your clock is set properly
  4. Click on Start > (Right Click) Computer > Properties
    clip_image004
  5. Click ‘Change Settings near the computer name
    clip_image006
  6. Click on the ratio next to Domain and type the FQDN in:
    clip_image008
  7. Click OK
  8. Enter your domain user and password in (This is set in the webmin for Zentyal under Domain / Users and computers / Administrator)
  9. You’re prompted to restart
  10. Reboot
  11. At login, you may have to do “Switch User” to get to the domain

Install Zentyal as an Active Directory Domain Controller

  1. Build the VM
  2. Boot the VM
  3. Language – English (Default) <Enter>
    clip_image002
  4. Install Zentyal 4.2-development (delete all disk) <Enter>
    clip_image004
  5. Select a language – English / English (Default) <Enter>
  6. Select your location – United States (Default) <Enter>
  7. Select No for the auto detect keyboard. Selecting defaults in the next screens will be quicker <Enter>
  8. Select English (US) for the keyboard – Default <Enter>
  9. Select the default of US for region <Enter>
  10. The system will attempt to grab a DHCP address. If it fails, it will alert you that the DHCP configuration failed and you’ll have to configure the network manually.
  11. Set the Hostname
  12. Configure the network (blank is fine for now)
  13. Setup user and password
  14. Setup the time zone
  15. Install will complete. Reboot
  16. The system will complete setup and bring you to a browser. Login
    clip_image006
  17. For this setup, one you login and continue, choose the following:
    • Domain Controller
    • DNS
    • DHCP
      clip_image008
  18. Setup Completes. Configure the Interface (Defaults for Internal are OK)
  19. Setup networking for the interface – Static is suggested
  20. Choose ‘Standalone Server’ and set your domain name
  21. Setup will finish configuration
  22. Your web browser will say there is a security exception. Add this to your exception list under “I understand the risk” and you’ll be done with setup
Post setup notes:
  • Installing noted packages does not enable DHCP nor configure it. Configure it and then enable it.
  • I had issues with being able to save or use the product until I forced updates for all packages. It may do this during setup if it has internet access (I didn’t give this as I configured a virtual router while doing this tutorial, but it did appear to reach out to repositories online to get updates)
  • DHCP by default wants to set the Zentyal server as the Gateway

VMware ESXi – Resetting the Trial License (V2V Scenario)

When I had to move a bunch of ESXi hosts to Hyper-V I ran into limitations of the free version of ESXi being unable to attach to MVMC 3.0 and erroring out.

The solution was to reset the ESXi license key files and then re-run the V2V operation which successfully completed. This is how to do the steps for ESXi 4.1. This can be done without restarting the host or any VMs.

  1. Enable the VMware SSH Shell if it isnt already
    1. Under configuration\security, enable the SSH service
  2. Use Putty to SSH into the VSphere host.
  3. login as root
  4. Remove the license file and restart VMware services:
    1. rm -f /etc/vmware/vmware.lic /etc/vmware/license.cfg
    2. services.sh restart
  5. Connect and verify that it pops up with a License Expiration in 60 days warning.
  6. You can now use VMware fully