Change Operations Masters in Active Directory

Each FSMO Role has a different procedure to change the owner:

RID, PDC, and Infrastructure Roles:

From the computer that you want to make the new FSMO Role holder:

  • Open Active Directory Users and Computers MMC
  • Right-Click on the Domain Name
  • Select ‘Operations Masters…’
  • Select the tab that you would like to change
  • Click the ‘Change’ button
  • Verify that you want to change the FSMO Holder by clicking ‘Yes’Domain Naming Role:From the computer that you want to make the new FSMO Role holder:
    • Open Active Directory Domains and Trusts MMC
    • Right-Click on the Domain Name
    • Select ‘Operations Master…’
    • Click the ‘Change’ button
    • Verify that you want to change the FSMO Holder by clicking ‘Yes’Schema Master Role:From the computer that you want to make the new FSMO Role holder:
      • Open the start menu and click ‘Run’
      • Type ‘mmc’ and click ‘OK’
      • Click File -> Add/Remove Snap-in
      • Click ‘Add’, select ‘Active Directory Schema’*, and click ‘Add’
      • Click ‘Close’, then ‘OK’
      • Left-Click, then Right-Click on ‘Active Directory Schema’
      • Select ‘Operations Master…’
      • Click the ‘Change’ button
      • Verify that you want to change the FSMO Holder by clicking ‘Yes’

      * if you do not see ‘Active Directory Schema’ in the list, you need to register schmmgmt.dll. To do this, run regsvr32 schmmgmt.dll at a command line, then re-open the ‘Add/Remove Snap-in’ menu.

      To view what Domain Controller holds which FSMO Roles, see this post.

Posted in Active Directory, troubleshooting, windows | 1 Comment

Use Apache, PHP, and MSSQL on Windows

This is how I made the php_mssql extension work on my Windows/Apache/MSSQL/PHP (WAMP) Server.

Download Apache. (I used the Win32 Binary including OpenSSL 0.9.8m (MSI Installer))

Download PHP. (I used the PHP 5.2.13 zip package)

Download ntwdblib.dll.

 

Run the apache installer, select custom install and change the install path t0 ‘C:/Apache2.2’

Extract the php zip file to ‘C:/PHP’

Open C:/PHP and copy php.ini-recomended to php.ini

Open php.ini and edit the following lines:
Set extension_dir = “C:/PHPext”
Un-comment php_mssql.dll
Set error_log = “C:/Apache2.2/logs/phperr.log”

Open C:/Apache2.2/conf/httpd.conf and edit the following lines:
DirectoryIndex index.php
LoadModule php5_module C:/PHP/php5apache2_2.dll
AddType application/x-httpd-php .php
PHPIniDir “C:/PHP”

Add “C:/PHP” to the PATH Environment variable

Replace the file C:/PHP/ntwdblib.dll with the copy you just downloaded (v2000.80.194.0)

Restart the Apache service

 

You can now use all the mssql functions in your php code without errors

Posted in apache, php, sql, windows | Comments Off on Use Apache, PHP, and MSSQL on Windows

Dell PowerConnect CLI – Change Management IP

I locked myself out of the UI on one of my Dell switches today. I spent 20 minutes looking through Dell manuals until I found the answer.

To change the management IP of a Dell switch:

Console# configure
Console (config)# interface vlan 1
Console (config)# no ip address (Removes the existing IP)
Console (config)# ip address [IP] [subnet mask]
Console (config)# end
Console# copy run start

Posted in cli, dell, PowerConnect | Comments Off on Dell PowerConnect CLI – Change Management IP

Userenv Events 1030 and 1058

I keep getting Userenv errors 1030 and 1058 on one of my domain controllers.

The description of Event ID 1058 says “Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9}, CN=Policies, CN=System, DC=MyDomain, DC=com. The file must be present at the location <\MyDomain.com sysvol MyDomain.com Policies {31B2F340-016D-11D2-945F-00C04FB984F9} gpt.ini>. (Access is denied. ). Group Policy Processing aborted.”

This problem has plagued me for quite a while. I have checked permissions on the file, the folder and the root drive. Everything looked normal. I couldn’t figure out what to do, so… I decided to do nothing. Everything appeared to be working fine.

A couple months later I decided to cleanup active directory a little bit. I opened the Group Policy manager and deleted all of my unused GPOs. The next day, I noticed that the Userenv errors quit showing up. I was quite happy with myself. My patience (procrastination) paid off.

The next week however I noticed that I was getting the errors in a different environment. I was a little put out. I didn’t want to randomly delete GPOs until the problem went away, so I googled again. I came across a solution. It was so simple, I was angry that I lived with the error for so long. All I had to do was open the security page of all the GPOs and reset the ACL. After 5 minutes I fixed the error and have not seen it since.

 

In conclusion, to fix Userenv Events 1030 and 1058 that are caused by Access Restrictions:

  • Download and install the Group Policy Management Console.
  • Open the Group Policy Management MMC and browse to Forest: -> Domains -> MyDomain.com -> Group Policy Objects.
  • Click on the first object. Open the Delegation Tab.
  • Click on a user and then the Advanced… button in the bottom corner.
  • Uncheck and recheck any check box.
  • Click OK and repeat on every GPO. (This causes the ACL to be rewritten and permission granted the the broken GPO.)
Posted in windows | Comments Off on Userenv Events 1030 and 1058

Recover SQL Server from ‘Suspect’ Status

Last night, I had a power outage and a SQL Server went down. When I rebooted it, the database was in ‘Suspect’ mode. After some quick googling I found a solution.

[code lang=”sql”]
EXEC sp_resetstatus ‘yourDBname’;
ALTER DATABASE yourDBname SET EMERGENCY;
DBCC checkdb(‘yourDBname’);
ALTER DATABASE yourDBname SET SINGLE_USER WITH ROLLBACK IMMEDIATE;
DBCC CheckDB (‘yourDBname’, REPAIR_ALLOW_DATA_LOSS);
ALTER DATABASE yourDBname SET MULTI_USER;
[/code]

Posted in sql | Comments Off on Recover SQL Server from ‘Suspect’ Status

Date Diff in PHP

Thanks to Ryan Means, I have an easy way to find the difference between 2 dates/times in PHP.

[code lang=”php”]
<?PHP
define(‘SecInDay’,86400);
define(‘SecInHour’,3600);
define(‘SecInMin’,60);
$totalsec=XXXXXXX; //Replace the X’s with a int value of seconds
$daysarray = explode(".", ($totalsec/SecInDay));
$days = $daysarray[0];
$partdays = fmod($totalsec, SecInDay);
$hoursarray = explode(".", ($partdays/SecInHour));
$hours = $hoursarray[0];
$parthours = fmod($partdays, SecInHour);
$minarray = explode(".", ($parthours/SecInMin));
$min = $minarray[0];
$sec = fmod($parthours, SecInMin);
echo "days " . $days . " ";
echo "hours " . $hours . " ";
echo "minutes " . $min . " ";
echo "seconds " . $sec . " ";
?>
[/code]

Posted in php | Comments Off on Date Diff in PHP

MSDTC event 53258

I work with windows virtual machines a LOT.

One thing that I have noticed is that if a windows VM that has been copied, NewSided (had NewSid run on it), and has been added to a domain, it can generate a “MSDTC Event 53258” frequently.

EventID: 53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC
will continue to function and will use the existing security settings. Error
Specifics: d:srvrtmcomcomplusdtcdtcadmeuiname.cpp:9280, Pid: 1148
No Callstack,
CmdLine: C:WINDOWSsystem32msdtc.exe

EventID: 53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC
will continue to function and will use the existing security settings. Error
Specifics: %1

After a bunch of time googling, I found a solution that will make this problem go away:

1. Run the Component Services MMC snap-in: Start -> Administrative Tools ->
Component Services.
2. Open Console Root -> Component Services -> Computers.
3. Right-Click on My Computer (in the Component Services window) and click Properties.
4. Open the MSDTC tab and click OK.
5. Close the Component Services window.
6. From a Command Prompt type net stop msdtc && net start msdtc.

Now you won’t get the MSDTC errors in the event log.

I believe that this process resets the computer name that MSDTC tries to connect to. In my case it was trying to connect to the computer named “base-vm”, but that computer no longer exists.

Posted in windows | Comments Off on MSDTC event 53258

Telnet to test SMTP

Since I wrote up testing pop3 with telnet, I thought I would also write about how you can test SMTP with telnet.

From a command line in windows:

telnet

open IPofSmtpServer 25

220 mail.server.domain Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at . . . .

ehlo test.com

(test.com is the FROM domain)

250 OK

mail from:me@myDomain.com

250 2.1.0 me@myDomain.com. . . .Sender OK

rcpt to:you@yourDomain.com

250 OK – you@yourDomain.com

DATA

354 Start mail input; end with <CRLF>.<CRLF>

Subject: The Subject of the message.

Press enter TWICE.

The body of the message goes here.

Press enter.

Enter a single period (.) and press enter once more.

250 2.6.0 <………………….> Queued mail for delivery

Quit

221 2.0.0 mail.yourDomain.com Service closing transmission channel

 

Lots more SMTP info.

Posted in troubleshooting | Comments Off on Telnet to test SMTP

Telnet to test pop3

I found an easy way to test a pop3 connection today. It is a little known tool called telnet (It’s not really little known, but I never thought of using it for pop3, so in my mind it is little known for that purpose 😉 ).

From a command line in windows:

telnet NameOfPop3Server 110

user username

pass password

list

You will see a list of email in your mailbox

retr msgNumber

You will see the email you requested

quit

 

More POP3 commands:

stat – Returns the number of messages in mailbox and size of mailbox

dele msgNumber – Marks message msgNumber for deletion.

noop – Doesn’t do anything, just returns a positive response.

rset – Unmarks any messages that are marked for deletion.

top msgNumber numLines – Returns the header info and numLines of the body of message msgNumber.

uidl msgNumber – Returns the message number and the messages Unique ID Listing.

 

Note: If the telnet session ends for any reason other than using the quit command, messages marked for deletion will not be deleted.

Posted in troubleshooting | Comments Off on Telnet to test pop3

Unblock “unsafe” attachments in Outlook

So I went to open the .exe file that I sent myself yesterday and I found out that Outlook 2007 will not let you download “unsafe” attachments (unsafe meaning “Any file with an executable extension”). This bothered me, so I googled how to disable the feature.

Sadly you cannot completely disable it, you can only add file types that you want to download anyway.

Open the registry editor (Click Start->Run and type regedit)

• Browse to:

Outlook 2007

HKEY_CURRENT_USERSoftwareMicrosoftOffice12.0OutlookSecurity

Outlook 2003

HKEY_CURRENT_USERSoftwareMicrosoftOffice11.0OutlookSecurity

Outlook 2002

HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookSecurity

Outlook 2000

HKEY_CURRENT_USERSoftwareMicrosoftOffice9.0OutlookSecurity

 

• Add a new String value named: Level1Remove

• Edit the value and add the extension(s) that you would like to allow (use a ‘;’ as a delimeter)

Ex: .exe or .bat;.exe;.mst

 

• Restart Outlook (You don’t need to restart the computer)

Posted in outlook, windows | Comments Off on Unblock “unsafe” attachments in Outlook