Archive for the ‘Windows Server’ Category

Hi Folks,

today you’re often faced with IE compatibility issues – and of course with the technical solution of these problems.

Via GPO you’ve an easy way to roll-out compatiblity-view Settings in your Domain. You can set these values for machine and user context. Take a look at the users and computers settings.

Browse to:
User Configuration -> Policies -> Administrative Templates -> Windows Components -> Internet Explorer -> Compatibility View

Policy: “Use Policy List of Internet Explorer 7 sites / Richtlinienliste von Internet Explorer 7 Sites verwenden”

policyie
When using the policy take care of following points:

  • For IE8 there must be specified domain name and not server or subdomain name, ie “dargel.at” instead of “blog.dargel.at”
  • For IE9 there must be specified domain name or subdomain name, ie “dargel.at” or “blog.dargel.at”
  • There must be no final slash “/” , ie “dargel.at” instead of “dargel.at/”
  • These settings are used, but are not visible in the user GUI

    FYI: The list ends up in the following registry key configured:
    HKCU\Software\Policies\Microsoft\Internet Explorer\Browser Emulation\Policy List
    and contains for each configured domain a REG_SZ value.

Cheers,

Chris

Hey Folks,
here is an example to easy set ACLs on a Windows fileserver by importing path an permissions from a CSV file:

$Permissions = Import-Csv e:\permissions.csv -delimiter '|'
ForEach ($line in $Permissions)
{
 $acl = Get-Acl $line.Path
 $acl.SetAccessRuleProtection($True, $False)
 $rule = New-Object System.Security.AccessControl.
FileSystemAccessRule($line.Group,"Modify","ContainerInherit, ObjectInherit",
 "None", "Allow")
#-------------------------------------------------------------
# The above line can be edited like the reference at the end.
#-------------------------------------------------------------
 $acl.AddAccessRule($rule)
 Set-Acl $line.Path $acl
 }

The CSV has to look like this:

Path|Group
e:\folder1\subfolder1|domain\group1
e:\folder1|subfolder2|domain\group2
e:\folder2|subfolder1|domain\group3
e:\folder2|subfolder2|domain\group4

Reference Table:

Subfolders and Files only InheritanceFlags.ContainerInherit, InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly
This Folder, Subfolders and Files    InheritanceFlags.ContainerInherit, InheritanceFlags.ObjectInherit, PropagationFlags.None
This Folder, Subfolders and Files InheritanceFlags.ContainerInherit, InheritanceFlags.ObjectInherit, PropagationFlags.NoPropagateInherit
This folder and subfolders InheritanceFlags.ContainerInherit, PropagationFlags.None
Subfolders only InheritanceFlags.ContainerInherit, PropagationFlags.InheritOnly
This folder and files InheritanceFlags.ObjectInherit, PropagationFlags.None
This folder and files InheritanceFlags.ObjectInherit, PropagationFlags.NoPropagateInherit

Source: http://powershell.nicoh.me/powershell-1/files-and-folders/set-folders-acl-owner-and-ntfs-rights

Cheers, Chris

Hi folks,

I wrote less in the past month because I focused on work and Microsoft certification.The certification path was very straight – upgrading skills from MCITP to MCAS Server 2012 followed by the two Server Infrastructure exams 70-413 and 70-414.

MCSA    MCSE

In the next monts I’ll go forward to MCSE Messaging and Communications with Exchange 2013 and Lync 2013 and I’ll keep blogging about infrastructure and messaging topics.

Next week I’ll post some experiences I made with my new Nokia Lumia 920 with Windows Phone 8.

Cheers,

Chris

Hi folks,

for several reasons you have to do an export of users with some attributes. To do this easily you can use CSVDE (Comma Separated Value Data Exchange) to export users from specified OUs to an CSV file:

csvde.exe -m -n -u -f c:\temp\userexport_ou01.csv -d “ou=01,dc=yourdomain,dc=com” -l “samaccountname,sn,mail,msexchhomeservername”

Thanks to Yusuf for his great export article -> Yusufs Directory Blog

Cheers,

Chris

Yesterday I got a problem while migrating a fileserver cluster from Windows 2003 to Windows 2008 R2.

We wanted to migrate a big fileserver cluster with several volumes by mirroring the SAN LUNs, break the mirrors and mount them to the new Windows 2008 R2 fileserver.

After mounting the partitions to the new cluster we set up a new virtual fileserver and created some shares. With one partition/share we run in the following error:

The shared ressource is not available.

After some investigation we figured out that the SYSTEM group doesn’t had permissions on the partition at root level so the cluster service running with local system account can’t initialize the share.

After adding SYSTEM at root level with full access sharing of this partition was possible:

Cheers,

Chris

A couple of days ago I had a problem with an Exchange Server running out of space. I controlled database and logfile partitions and could not detect anything suspicious.

After some researches I figured out Volume Shadow Copies require much space because a backup job didn’t finish succesful and leave the VSS data on disk.

In my case vssadmin deleteshadows didn’t work, too. After some investigation I found a way to delete the Shadow Copies with the command line for WMI – WMIC

http://technet.microsoft.com/en-us/library/cc787035%28v=ws.10%29.aspx

In summary you have to do the following

  • Start an elevated commandline window
  • Type in wmic and press enter
  • wmic:root\cli is shown
  • Type in shadowcopy which will list the current shadow copies
  • Type in shadowcopy delete and confirm to delete the copies one after the other
  • To leave the WMI commandline type exit

Cheers,

Chris