90days2mcsa
0Microsoft has just launched 90days2mcsa, it set of resources which will help you gain the one the new MCSA certifications. The Microsoft Certified Solutions Associate (MCSA) certification validates your foundation of core technical skills and prepares you for a sustainable IT career. To help you get there, we present the 90 Days to MCSA program, a plan of action with a focus on Windows Server and SQL Server. The plan gives you a clear roadmap, tools and community support, all designed to help you achieve your MCSA goal at a pace that works
I’m very proud to be on of the wiki moderator and am responsible for creating an updating the wiki’s for MCSA: Windows Server 2012. Check it out,and get yourself certified!
PowerShell: Install IIS on Windows Server 2012 and all subfeatures of IIS
0Sometimes you just want to quickly install IIS on Windows Server 2012 and all sub-features of IIS, since IIS has grown over the years and has a lot of sub-features, I have a handy PowerShell 3.0 cmdlet to install IIS completely on Windows Server 2012:
Install-WindowsFeature Web-Server -IncludeManagementTools -IncludeAllSubFeature
And if you do Install-WindowsFeature Web-Server -IncludeManagementTools -IncludeAllSubFeature -WhatIf you can see everything that’s being installed (but not installed).
PowerShell : Get System Manufacturer and System Model
2I was playing around a bit with PowerShell on my Windows 8 computer and wanted to know what the system model of my computer is.
I came up with the following PowerShell cmdlet, and thought it might be worth sharing it. So here we go
Invoke-Expression -Command "cmd.exe /c systeminfo" | Select-String "System Manufacturer","System Model"
I was also searching for the WMI Class to leverage it using Get-WMIObject, but could find that so quick.
What do you think of this?
Office 2013 exams available so far and coming (Exchange 2013, Lync 2013 and SharePoint 2013)
0I did one of the Exchange 2013 beta exams, and the new exams for Exchange 2013 became available this week. I failed for this Exchange 2013 Exam, but I saw more people failing for this exam, so not a big issue. I thought to create an overview of all the exams available and coming for the Office 2013 wave. The result of that you see below:
Exchange 2013:
MCSE: Messaging |
|
| 070-341 : Core Solutions of Microsoft Exchange Server 2013 | |
| 070-342: Advanced Solutions of Microsoft Exchange 2013 |
The exams for Lync 2013 already became available last year:
MCSE: Communication |
|
| 070-336: Core Solutions of Microsoft Lync Server 2013 | |
| 070-337: Enterprise Voice & Online Services with Microsoft Lync Server 2013 |
And the SharePoint 2013 exams will come available 1 February 2013:
MCSE: SharePoint |
|
| 070-331: Core Solutions of Microsoft SharePoint Server 2013 | |
| 070-332: Advanced Solutions of Microsoft SharePoint Server 2013 |
That’s it for now. I think there will be more exams to come about SharePoint 2013. With these exams there’s lot to do next months! 
Windows Server 2012 Exam preparation resources
0As a follow up of my popular preparation resources for 70-417: Upgrading Skills to Windows Server 2012, I partnered with Microsoft Learning and created several exam prep resources for the new MCSA/MCSE exams there.Here you will find all the wiki’s:
Server Certification
And below the wiki’s with resources for exam preparation I created so far:
-
410: Installing and Configuring Windows Server 2012
-
411: Administering Windows Server 2012
-
412: Configuring Advanced Windows Server 2012 Services
-
413: Designing and Implementing a Server Infrastructure
-
414: Implementing an Advanced Server Infrastructure
If you have any resources that aren’t listed yet, feel free to get in touch with me and I will add them. Was a really fun experience creating these wiki’s!
The mystery of the WSUS Service not starting in Windows Server 2012
2Today I encountered an issued that when I rebooted my Windows Server 2012 machine with WSUS 4.0 installed on it. I got the following error when the Service Control Manager tried to start the service.
WsusService.exe is not a valid Win32 application.
After some research I came across this KB article:
Event ID 7000 and “%1 Is Not a Valid Win32 Application” Error Message When You Start a Service
Then I when into registry (HKLM\SYSTEM\CurrentControlSet\Services\WsusService) and took a look at the ImagePath key. There was this value:
%ProgramFiles%\Update Services\Services\WsusService.exe
I changed this value to this (note the quotes at the beginning and at the end):
“%ProgramFiles%\Update Services\Services\WsusService.exe”
Then I was able to start the WSUS Service and after a reboot the service started without any problems.
I also saw more people having this problem
@guidovbrakel look here
david-obrien.net/2012/09/18/re-… error described here
— David O’Brien (@david_obrien) December 26, 2012
Windows 8 Tracks on Microsoft Virtual Academy
0Today I noticed a great thing, that the Windows 8 tracks are appearing in the Microsoft Virtual Academy(MVA). Which is very cool!
This are the tracks:
Operating and Managing a Secure Windows 8 Environment
Deploying Windows 8
Exploring Windows 8
Planning and Preparing for Windows 8
NIC Teaming in Windows Server 2012
0Another nice and cool feature in Windows Server 2012 is NIC Teaming. In the past when we want to team a NIC you had to use third-party software and drivers from the vendor of the server and/or NIC. Not all NIC’s supported the teaming and the software integrated not in all cases good with the operating system 
. Also in most cases the NIC had to be exactly the same, in NIC Teaming in Windows Server 2012 that’s not needed anymore. You can team two completely different NIC’s. Very cool in my opinion.
Now in Windows Server 2012, Microsoft has built NIC Teaming into the operating system. NIC Teaming is only supported on the Server SKU and thus not on Windows 8.
There are 3 different types of NIC Teaming in Windows Server 2012:
- Static Teaming Also called Generic Teaming, this mode is based on IEEE 802.3ad draft v1 and is supported by most server-class Ethernet switches. It requires manual configuration of the switch and the server to identify which links form the team.
- Switch Independent This mode allows each NIC in a team to connect to different switches.
- LACP/Dynamic This mode is based on IEEE 802.1ax and is supported by most enterprise-class switches. It allows teams to be automatically created through the Link Aggregation Control Protocol (LACP). LACP dynamically identifies links between the server and a specific switch. To use this mode, you generally need to enable LACP manually on the port of the switch.
NIC teaming can be enabled from Server Manager or by using Windows PowerShell. In Server Manager, you can begin by right-clicking the server you want to configure and selecting Configure NIC Teaming, as shown in the figure below
In the NIC Teaming dialog box that opens, select the network adapters you want to team and then right-click and select Add To New Team, as shown in the figure below.
In the New Team dialog box, shown in expanded mode in the figure below, you can configure the teaming mode and other settings.
Clicking OK completes the process and, if the process is successful, the new team will be displayed in both the Teams area and the Adapters And Interfaces area of the NIC Teaming dialog box, shown in the figure below.
To configure and manage NIC teaming in Windows PowerShell, use cmdlets such as New-NetLbfoTeam to add a new team or Get-NetLbfoTeam to display the properties of a team. The cmdlets for managing NIC teaming are defined in the Windows PowerShell module named NetLbfo.
For example we have two NIC’s called NIC1 and NIC2:
- Static
- New-NetLbfoTeam -Name “Team-Static” -TeamMembers NIC1,NIC2 -TeamingMode Static
- Switch Indepenent
- New-NetLbfoTeam -Name “Team-Independent” -TeamMembers NIC1,NIC2 –TeamingMode SwitchIndependent
- Dynamic
- New-NetLbfoTeam -Name “Team-Static” -TeamMembers NIC1,NIC2 -TeamingMode Lacp
If you want to know more about NIC Teaming, I really recommended reading this whitepaper:
Windows Server 2012 NIC Teaming (LBFO) Deployment and Management
Remote Group Policy Update
0Windows Server 2012 offers a lot of cool new features, and one of them is Remote Group Policy Update. Remote Group Policy Update offers the ability to perform a Group Policy update on many remote computers at once. You can accomplish this task by using either the Group Policy Management console or Windows PowerShell.
Now into the cool stuff, and let’s see how it works:
Using the Group Policy Management Console
To remotely refresh Group Policy in the Group Policy Management console, just right-click an organizational unit (OU) container in the console tree and select Group Policy Update from the shortcut menu, as shown in Figure 9-1. This step schedules GPUpdate.exe to be run within 10 minutes on all clients running Windows Vista or later and on all servers running Windows Server 2008 or later in that OU.
Note that this feature has limitations. You can force a Group Policy refresh on all computers within a single OU and all subcontainers only. You cannot single out computers or update Group Policy on computers that are not located in an OU. (This restriction applies only to the Group Policy Management console, not to Windows PowerShell.) Also, you cannot use this feature to update computers running operating systems earlier than Windows Vista and Windows Server 2008, whether through Group Policy Management or through Windows PowerShell.
After you select the Group Policy Update option, a message box appears indicating the number of computers that will be affected and asking you to confirm the update, as shown in the figure you see here above.
When you give your consent, a window appears, indicating the success or failure of the scheduling of the update. The update itself is not immediate. As shown the message indicates that a Group Policy update will be forced on all computers in the OU and all subcontainers within 10 minutes. This slight delay is a good thing when there are many computers in the OU because the computers will not all update at the same time and strain the resources of domain controllers.
Updating Group Policy by using the PowerShell cmdlet using Invoke-GPUpdate
You can update Group Policy on computers in a much more flexible way if you use the Invoke-GpUpdate cmdlet in Windows PowerShell.
Used without any parameters, the cmdlet is similar to GPUpdate.exe; it updates Group Policy on the local computer only. It is different from GPUpdate.exe because, like the Group Policy Management console, the task is not performed immediately but is scheduled to be completed within 10 minutes by default.
Used with the -Computer option, however, the Invoke-GpUpdate cmdlet enables you to update a remote computer, as in the following example:
Invoke-GPUpdate –Computer computername
Other options you can use with Invoke-GpUpdate include -Force and -RandomDelayInMinutes. The -Force option resembles the /Force option with GPUpdate.exe: it reapplies all policy settings regardless of whether they have changed. The -RandomDelayInMinutes option enables you to specify a random interval in minutes, up to the number of minutes specified, before the Group Policy update will be run. The purpose of this option is typically to reduce the network load on domain controllers when many remote computers are updated with a scripted command, but it can also be used with a single computer to reduce or remove the default delay of 10 minutes. A value of 0 will cause the Group Policy refresh to run immediately. The following example therefore causes all Group Policy settings to be updated immediately on a computer:
Invoke-GPUpdate -Computer computername -RandomDelayInMinutes 0 –Force
As mentioned, you can also leverage Windows PowerShell to execute the Invoke-GpUpdate cmdlet on more than one computer. You can begin with the Get-ADComputer cmdlet to retrieve any group of computer objects and then pipeline the results to a ForEach construction that includes Invoke-GpUpdate.
For example, the following command displays all the computers in the container named Computers, in the Fabrikam.local domain:
Get-ADComputer -Filter * -SearchBase “CN=Computers,DC=Fabrikam,DC=local”
If you pipe the results of this command to a ForEach statement, you can execute the Invoke-GpUpdate cmdlet on each computer returned by the command. The net result of the following command, for example, is to schedule GPUpdate.exe to run on every computer in the Computers container within 10 minutes:
Get-ADComputer -Filter * -SearchBase “CN=Computers,DC=Fabrikam,DC=local” | ForEach {Invoke-GPUpdate –ComputerName $_.name}
You don’t need to target computers in any specific container or OU. The following example attempts to schedule GPUpdate.exe to run on every computer in the domain within 10 minutes:
Get-ADComputer -Filter * | ForEach {Invoke-GPUpdate –ComputerName $_.name}
This next example schedules GPUpdate.exe to run immediately on every computer in the domain with a description that includes the term “finance.”
Get-ADComputer –Filter ‘Description -like “*finance*”‘| ForEach {Invoke-GPUpdate –ComputerName $_.name -RandomDelayInMinutes 0 –Force}
One final example: the following schedules GPUpdate.exe to run immediately on all computers in the domain with an operating system name that includes the string “Vista”:
Get-ADComputer –Filter ‘OperatingSystem -like “*Vista*”‘| ForEach {Invoke-GPUpdate –ComputerName $_.name -RandomDelayInMinutes 0 –Force}
Remote Group Policy Update and the Task Scheduler
Remote Group Policy update works by remotely creating scheduled tasks for GPUpdate.exe. You can see these scheduled tasks for GPUpdate if you open Task Scheduler on the target computer and navigate in the console tree to Task Scheduler (Local)\Task Scheduler Library\Microsoft\Windows\Group Policy, as shown in the figure below:
The connection between remote Group Policy update and Task Scheduler has implications for troubleshooting. If you are unable to successfully schedule a remote Group Policy update on a remote computer, you should verify that the Task Scheduler service is running on that remote machine. More important, for some computers, a remote Group Policy update requires you to enable firewall rules related to remote scheduled tasks.
Firewall rules for remote Group Policy update
Remote Group Policy update relies on remote management, which is enabled by default in Windows Server 2012 in a domain environment. Although remote Group Policy update works by default on domain-joined computers that are started and running Windows Server 2012, you might have to enable firewall rules for scheduled tasks on other operating system types, such as Windows clients or earlier versions of Windows Server that do not have Windows Management Framework 3.0 installed.
Fortunately, there’s a new starter group policy object (GPO) for remote Group Policy updates that makes the process of enabling the required firewall rules easy. The starter GPO, called Group Policy Remote Update Firewall Ports, is shown in the figure below.
After you create a GPO from the starter GPO and link the new GPO to the domain, you can view the three firewall rules enabled by this GPO, as shown in the figure below:
-
Both rules in the Remote Scheduled Tasks Management rule group:
- Remote Scheduled Tasks Management (RPC)
- Remote Scheduled Tasks Management (RPC-EPMAP)
- Windows Management Instrumentation (WMI-In)
Data deduplication in Windows Server 2012
0With Windows Server 2012, there is a new cool feature, called Data Deduplication. Data deduplication involves finding and removing duplication within data without compromising its fidelity or integrity. The goal is to store more data in less space by segmenting files into small variable-sized chunks (32–128 KB), identifying duplicate chunks, and maintaining a single copy of each chunk. Redundant copies of the chunk are replaced by a reference to the single copy. The chunks are compressed and then organized into special container files in the System Volume Information folder. In addition, chunks are also compressed for further space optimization.
The result is an on-disk transformation of each file as shown in the picture below. After deduplication, files are no longer stored as independent streams of data, and they are replaced with stubs that point to data blocks that are stored within a common chunk store. Because these files share blocks, those blocks are only stored once, which reduces the disk space needed to store all files. During file access, the correct blocks are transparently assembled to serve the data without calling the application or the user having any knowledge of the on-disk transformation to the file. This enables administrators to apply deduplication to files without having to worry about any change in behavior to the applications or impact to users who are accessing those files.
Data Deduplication in Windows Server 2012 is designed to be installed on primary data volumes without adding additional dedicated hardware. This means that you can install and use the feature without impacting the primary workload on the server. Ideal workloads include software deployment shares, virtual machine template folders and archived data folders, where data is not changed much and is quite static. Data deduplication requires an NTFS file system and is not supported for the new ReFS file system which is introduced in Windows Server 2012.
How Do I Install Data Deduplication?
Step 1:Add the role service using the Server Manager:
- From the Add Roles and Features Wizard, under Server Roles, select File and Storage Services (if it has not already been installed).
- Select the File Services check box, and then select the Data Deduplication check box.
- Click Next until the Install button is active, and then click Install.
This can also be done using Powershell:
PS C:\> Import-Module ServerManager
PS C:\> Add-WindowsFeature -name FS-Data-Deduplication
PS C:\> Import-Module Deduplication
Step 2: Enable data deduplication for a certain volume
- From the Server Manager dashboard, right-click a data volume and choose Configure Data Deduplication. The Deduplication Settings page appears.
- Select the Enable data deduplication check box, enter the number of days that should elapse from the date of file creation until files are deduplicated, enter the extensions of any file types that should not be deduplicated, and then click Add to browse to any folders with files that should not be deduplicated.
- Click Apply to apply these settings and return to the Server Manager dashboard, or click the Set Deduplication Schedule button to continue to set up a schedule for deduplication.
Again this can also be done using Powershell:
Here we enable it for the on volume E:
PS C:\> Enable-DedupVolume E:
We can also set the minimum number of days that must pass before a file is deduplicated by using the following command
PS C:\> Set-Dedupvolume E: -MinimumFileAgeDays 20
If you set MinimumFileAgeDays to 0, deduplication will process all files, regardless of their age. This is suitable for a test environment, where you want to exercise maximum deduplication. In a production environment, however, it is preferable to wait for a number of days (the default is 5 days), because files tend to change a lot for a brief period of time before the change rate slows. This allows for the most efficient use of your server resources.
3.Configure Data Deduplication
In Windows Server 2012, data deduplication jobs can be run on demand (manually) or scheduled. There are three types of jobs that you can perform on a volume: Optimization, Data Scrubbing, and Garbage Collection. The Data Deduplication feature comes with built-in jobs that will automatically launch and optimize the specified volume(s) on a regular basis. Optimization jobs deduplicate data and compress file chunks on a volume per the policy settings. After the initial optimization is complete, optimization jobs run on the files that are included in the policies, according to the job schedules that you have configured or the default job schedules that ship with the product. You can trigger an optimization job on demand in Windows PowerShell by using the Start-DedupJob cmdlet. For example:
PS C:\> Start-DedupJob –Volume E: –Type Optimization
You can query the progress of the job on the volume by using the Get-DedupJob cmdlet:
Get-DedupJob
The Get-DedupJob command show current jobs that are running or are queued to run.
How Do I Check the Integrity of a Volume?
Data Deduplication has built-in data integrity features such as checksum validation and metadata consistency checking. It also has built-in redundancy for critical metadata and the most popular data chunks. As data is accessed or jobs process data, these features may encounter corruption, and they will record the corruption in a log file. Scrubbing jobs use these features to analyze the chunk store corruption logs, and when possible, to make repairs.
Possible repair operations include using three sources of redundant data:
- Deduplication keeps backup copies of popular chunks when they are referenced over 100 times in an area called the hotspot. If the working copy is corrupted, deduplication will use the backup.
- When using Storage Spaces in a mirrored configuration, deduplication can use the mirror image of the redundant chunk to serve the I/O and fix the corruption.
- If a file is processed with a chunk that is corrupted, the corrupted chunk is eliminated, and the new incoming chunk is used to fix the corruption.
Scrubbing jobs output a summary report in the Windows event log located here:
Event Viewer\Applications and Services Logs\Microsoft\Windows\Deduplication\Scrubbing
Data Deduplication defaults create a data integrity scrubbing job on a weekly basis, but you can also trigger one on demand by using the following command:
PS C:\> Start-DedupJob E: –Type Scrubbing
This initiates a job that attempts to repair all corruptions that were logged in to the deduplication internal corruption log, during the I/O to deduplication files. To check the data integrity of all the deduplicated data on the volume, use the -full parameter:
PS C:\> Start-DedupJob E: –Type Scrubbing -full
Also known as Deep Scrubbing, the -full parameter will scrub the entire set of deduplicated data and look for all corruptions that are causing data access failures.
How Much Disk Space Can I Expect to Reclaim?
When you install the Data Deduplication role service on a server running Windows Server 2012, DDPEVAL.EXE is also installed in the C:\Windows\System32 folder as an additional command-line tool. DDPEVAL.EXE can be run against any local NTFS volumes or NTFS network shares to estimate the amount of disk space that can potentially be reclaimed by moving that data to a Windows Server 2012 NTFS volume with Data Deduplication enabled.
C:\> DDPEVAL \\server\folder /V /O:logfile.txt
