Tag: featured

New Spiceworks profile

I use the Spiceworks app as an IT systems management and inventory tool in my company but until recently have only participated in the community very rarely.

Things have changed since they launched their new style of profile page which allows community members to create a ‘portfolio’ of IT projects that they’ve worked on or led.

Spiceworks profile

Eli Etherton believes that they are better than a résumé for IT professionals and I’d be inclined to agree to some extent. For more senior technical roles it is crucial to be able to demonstrate experience with the relevant technologies and it is difficult to condense some IT projects into a bullet point. I can easily sum up one project e.g. Migrated 85 mailboxes into Office 365 Exchange Online.

But setting up a branch office and all that actually entailed is more difficult and the Spiceworks profile allows me to flesh out and illustrate the project.

There is a downside and that is will the recruitment process actually allow me to show off my skills and experience through this new means. Recruitment Agencies and Human Resources departments will favour CVs and LinkedIn profiles because they are the tools that they use and they act as gatekeepers between the IT professional that is seeking a new employee and the IT professional that is seeking a new role.



Updating WSUS to work with Windows 8 and Server 2012

I have to confess that I haven’t been paying as much attention to WSUS as I should have and even though I had been going in and approving updates as they have become available I failed to notice that my Windows 8 clients and the Windows Server 2012 were being misidentified and hadn’t yet reported to WSUS.

wsus_reporting_error

Windows 8 was being identified as Windows XP Professional x64 Edition and Windows Server 2012 as Windows Server 2003 Standard x64 Edition.

With a little help from http://chapsnet.wordpress.com/ I was able to resolve the issues through the following steps.

First I visited Microsoft to download the Update for WSUS 3.0 SP2 (KB2734608) that allows it to be able to recognise Windows 8 and Windows Server 2012 Operating Systems and download the appropriate updates.

Once installed on the WSUS Server there are a couple of services that need to be reset in order for it to then synchronize correctly and recognise the newer operating systems.

open Command Prompt and run the following commands
IISReset
net stop WSUSService
net start WSUSService

Open the Console, Update the Product List and begin a Synchronisation

Even though my clients had already been connected to the WSUS server prior to the update I only needed to do the following on the Windows Server 2012 machine in order for it to update in the WSUS console. The Windows 8 clients re-identified themselves correctly without anything further needing to be done.

Open an elevated Command Prompt (Win + X menu)
enter the following commands
net stop wuauserv
rd /s %windir%\softwaredistribution\
y
net start wuauserv
wuauclt /update

Running wuauclt /ResetAuthorization /DetectNow at the command prompt on the Windows 2012 server resolved the reporting issue and S300-Win2012 now shows up as both being identiifed as Windows Server 2012 and as having reported in. It looks like there are 3 updates that it requires.

wsus_reporting_resolved



Promoting a Windows Server 2012 RODC to become a writeable domain controller

Having now moved the rest of the business into the new office it is no longer functioning as a branch office and so the RODC (Read-Only Domain Controller) I set up sometime ago is no longer required.

The plan was it would be demoted and we would return to having just the two domain controllers. However I changed my mind as the other domain controllers are VMs on ESXi which I don’t think is an ideal situation and I’d prefer to have at least one physical domain controller.

Unfortunately the process of converting a RODC to a writeable DC isn’t quick as you can’t go from one to the other you need to demote it and then promote it again.

Starting in Server Manager click on Manage > Remove Roles and Features
demotepromote01

Select the server from the list. In my case there is just the one server to choose from.
demotepromote02

Then counter-intuitively you need to select to remove Active Directory Domain Services even though you do want to continue using it as a Domain Controller. But it all becomes clear in the next step.
demotepromote03

demotepromote04

The AD DS role cannot be removed until the domain controller has been demoted. This is what we wanted to do all along so click on Demote this domain controller.
demotepromote05

I don’t want to force the removal as it is able to communicate with the other domain controllers and so can be removed normally (See http://technet.microsoft.com/en-us/library/cc816826%28v=ws.10%29.aspx about forcing removal of domain controllers)
demotepromote06

Warning that removal of AD DS role could break Active Directory, only a concern if clients can’t communicate with the other domain controllers. Tick the box to Proceed with removal and click Next.
demotepromote07

The next bit is a crucial step as you are asked if you wish to Retain domain controller metadata. The only reason to do so would be if you planned to reinstate the server as a RODC in the future. If you wanted to remove it entirely as a domain controller or if you wish to promote it to being a writeable domain controller as I do then you need to ensure you leave the box unticked. Click Next.
I’ll show you later the error you would get if you ticked the box and then tried to promote it as a full domain controller.
demotepromote08

Need to recreate a local administrator password for the server as domain controllers do not have local admin accounts they only accept domain accounts.
demotepromote09

Review your selection. You can view the Powershell script at this stage that is actually run under the hood when you click the Demote button. As this is a one time only affair there isn’t a reason to do so.

The process runs and the server reboots.
demotepromote10

Then we’re back looking at Server Manager and there is a flag indicating that you need to promote the server for it to become a domain controller. If you were removing the server as a domain controller you would in fact return to Manage > Remove Roles and Features and then complete the removal of the AD DS role.
demotepromote11

But I do want to Promote it so I click on Promote this server to a domain controller.
demotepromote12

Then the process is the same as shown in a previous post when I set the server up originally as a Domain controller.
Select Add a domain controller to an existing domain and select the desired Domain from the list and enter a domain administrators credentials.
demotepromote13

Specify domain controller capabilities and site information. Click through the DNS delegation error.
demotepromote14

Specify install/replication options. Install from media or replicate from another domain controller.

Choose the file paths for the AD DS Database, log files and SYSVOL. Defaults are fine with me.

Then the prerequisites will be validated before AD DS is installed on the server. In the case of installing AD DS on a former RODC where the metadata had been retained you would get the following error.
demotepromote15

Otherwise the prerequisites check will pass and you can click Install to finalise the process.

Microsoft’s official instruction on Demoting a Server 2012 Domain controller is to be found here http://technet.microsoft.com/en-us/library/jj574104.aspx