sysvol and netlogon shared folders missing after a non-authoritative restore

This is an issue I face with a client side and had to spend hours time to sort it out. Thought of sharing my experience with other fellow minded techies.

First let’s have a look into the issue, Client has a non functional Domain controller due to a power failure. Basically Domain controller has lost it’s database and other critical data (Eg: DNS records, wins records..etc)

Even though additional domain controller has been existed FMSO roles has been assigned to the failed domain controller. Moving forward when we reach the site as a solution they have already restored the domain controller with a system state backup, and then move forward restoring the system state backup to the second domain controller as well. This has caused issues to bring both DC’s to a halt.

Looking into the event viewer found out both DC’s couldn’t find a proper DC’s to sync the sysvol contents though both are trying to find a health DC. To make things shorter I’ve tried to set one DC to set as authoritative and not look for another DC to get the sysvol contents by following the kb290762. After that brought the second DC online and set the “BurFlags” value to D2 in the registry path.

(HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup)

Found out after some time both DC’s got the sysvol folder shared without any contents in it. Netlogon folder also not appearing! Another frustration on the way!!

Next step restore the sysvol to alternative location and reterive the contents in the sysvol folder and then copy to one DC’s “C:\Windows\SYSVOL\sysvol\<Domain Name”\” One that complete following instruction been followed,

Stop File Replication Service in that particular DC, change the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

Key: BurFlags

Value: D4(hexadecimal)

Start File Replication Service, after we see the event ID 13516 in FRS event log.

Restart Netlogon service, then the NETLOGON is shared out.

Stop File Replication Service in the other DC, change the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

Key: BurFlags

Value: D2(hexadecimal)

Start File Replication Service, after we see the event ID 13516 in FRS event log.

Once that complete both DC’s has same contents in the sysvol folder and the netlogon has been restarted as well. Confirmed users can authenticate and rest of the applications are working fine Smile

Almost everything is running perfectly but as a precaution requested to take full backup of the DC’s. Time for a beer but again it’s midnight so no way to make that as well Smile

Summary: Above mention effected domain controllers are Windows 2003 R2. But as a thumb rule one thing to keep in mind is AD replication is multi-threaded, multi-master replication engine and it can take time and patient is a virtue.

Following links has been referred during the troubleshooting process,

Microsoft Rental Rights Licensing scheme

Beginning of the 01st January 2010 Microsoft has started the rental scheme of their Operating system and Office products. If you’re a partner who is renting or lending machine to customers for projects or for training this will be a good news for you. You don’t have to put a hefty price on your rental price tag for the OS you’re preinstall and delivering. As per Microsoft resellers advantages are as follows,

Rental Rights licensing offers Microsoft resellers a range of benefits, including:

  • Customer satisfaction. You now have a way to sell licenses that fit your customers’ business models, help ensure their compliance, and solidify your role as a trusted advisor.

  • Convenience. No special tools, processes, reporting, or paperwork are necessary; the transaction works like any other license transaction.

  • Revenue. Selling the new licenses means new revenue.

  • Flexibility. Just like with other Volume Licensing SKUs, you have the flexibility to determine the pricing for your customers and to run promotions.

In way this is a welcome method to reduce the piracy of software and give the freedom to comply with licensing as well. More information can be found over here.

Apart from that their are certain restrictions for this scheme as well, Those are as follows,

Rental Rights licenses are user rights licenses only (they do not include software), so no media fulfillment is involved. The following important limitations apply to the Rental Rights licenses:

  • Perpetual license. A Rental Rights license is permanently assigned to a specific device and may not be reassigned to another device. When the device reaches its operational end-of-life, so does the license.

  • Remote access. Rental Rights do not allow for remote access to software.

  • Separate devices. Use of additional copies of the qualifying software on a separate portable device or a network device is not allowed.

  • Additive license only. Rental Rights licenses are not stand-alone product licenses and do not replace customers’ underlying Windows desktop operating system or Office system licenses; Rental Rights are additional licenses that modify the underlying license terms, allowing for rental, lease, and outsourcing of desktop PCs with licensed, qualifying Windows desktop operating systems and licensed, qualifying Office systems.

  • Virtual machines. Rental Rights do not account for software used within a virtual (or otherwise emulated) hardware system. In other words, the primary customer may not create and rent virtual machines.

Few IT Solutions for SMB/SME market

Despite of the number of people in a company business perspective SMB and Enterprise have similar requirements request from the Information Technology. They all expect the service continuity, anywhere access and low cost! During this time period every company dream is to get maximum out of the IT investment and still reduce the cost without loosing the functionality. Business continuity is a key factor for survival of any business. Service disruption for few minutes to few days impact can be devastating depend on the business nature. So how can SMB market segment overcome these limitations with fraction of the cost where Enterprise companies invest on?

To make things simple in this article I’ll focus on Microsoft products and the features offered by them. But as usual hints will be provided for the similar feature products as well 🙂

1. Which Operating Systems to invest on by SMB customers – My 2 cents advise goes for SBS 2008 or EBS 2008. There are significant advantages on these operating systems once properly configured and used. Less attention is been given due to the nature of the product names. Small business Server itself is not a product to be taken lightly, the solution is far more complex than the out of the box. If you’re company fallen under SME segment then consider the scale out product like Essential Business Server which can be spanned into 3 physical servers or virtual servers. Again these are Enterprise class ready product which has been limited only be the CALS and not by reducing any FEATURES. (Period)

2. Cost cutting on Hardware and software purchases – Consider HYPER-V for server virtualization. It will be ideal if you can consider few of your legacy applications to run in their own OS environment to make them less conflict with the latest operating system. Believe me Virtualization will be the ideal solution for this.

What ever your next purchase make sure it is 64bit and Virtualization capable. Always make sure you have enough hardware expansion room. (Eg: Buy 2 processor socket system with one physical processor, buy RAM with enough RAM slots.) Make sure your existing hardware can be utilized as Storage systems. There are easy ways to convert your existing servers into cost effective SAN storage and make maximum out of it. Microsoft offering of SAN software will be coming on OEM so you can consider a product like StarWind iSCSI storage. (more information about how-to articles in future)

3. Backup and Protect you data – This is part of your service continuity and availability plan. If you’re going to have HYPER-V as your virtualization option consider how to backup the virtualized environments as well. From Microsoft point of view DPM 2007 (Data Protection Manager) will be the ideal solution to protect your physical and virtual environments. DPM 2010 can be expected around Q2 in year 2010 with lots of new improvements along with desktop backup and offline laptop backup as well.
when it comes to DR solution and high availability options SMB market has been backed away by the pricy hardware devices and software. Thanks for various replication technologies and offline backup options this is becoming reality to SMB market as well. Microsoft is working closely with ISV partners to make sure software solutions exist for data replication with DR sites. As I mention StarWind is a very popular company coming up with these solutions. Best of all these solutions are costing a fraction of price of DAS or Hardware SAN with HBA adapters.

Let me know if anyone interested on these solutions and would be glad to provide more information.

windows 2008 Failover cluster setup (101 guide)

Before jumping into the High availability it would be a really good if all of readers can sit on the same level about the clustering technology as well. Recently enough I went through the history of the clustering to get an idea about it, interestingly enough there are lot more than meets the eye on clustering 🙂 Some history info about clustering can be found over here
What is clustering – In its most elementary definition, a server cluster is at least two independent computers that are logically and sometimes physically joined and presented to a network as a single host. That is to say, although each computer (called a node) in a cluster has its own resources, such as CPUs, RAM, hard drives, network cards, etc., the cluster as such is advertised to the network as a single host name with a single Internet Protocol (IP) address. As far as network users are concerned, the cluster is a single server, not a rack of two, four, eight or however many nodes comprise the cluster resource group.

Why cluster – Availability:  Avoids problems resulting from systems failures.
                    Scalability: Additional systems can be added as needs increase.
                    Lower Cost:  Supercomputer power at commodity prices.

What are the cluster types

  • Distributed Processing Clusters
    • Used to increase the speed of  large computational tasks
    • Tasks are broken down and worked on by many small systems rather than one large
    • system (parallel processing).
    • Often deployed for tasks previously handled only by supercomputers.
    • Used for scientific or financial analysis.
  • Failover Clusters
    • Used to increase the availability and serviceability of network services.
    • A given application runs on only one of the nodes, but each node can run one or more applications.
    • Each node or application has a unique identity visible to the “outside world.”
    • When an application or node fails, its services are migrated to another node.
    • The identity of the failed node is also migrated.
    • Works with most applications as long as they are scriptable.
    • Used for database servers, mail servers or file servers.
  • High Availability Load Balancing Clusters
    • Used to increase the availability, serviceability and scalability of network services.
    • A given application runs on all of the nodes and a given node can host multiple applications.
    • The “outside world” interacts with the cluster and individual nodes are “hidden.”
    • Large cluster pools are supported.
    • When a node or service fails, it is removed from the cluster.  No failover is necessary.
    • Applications do not need to be specialized, but HA clustering works best with stateless applications that can be run concurrently.
    • Systems do not need to be homogeneous.
    • Used for web servers, mail servers or FTP servers.

Now coming back into the Microsoft clustering clustering it goes back to good old NT 4.0 era with the code name “wolf pack” After that  Microsoft clustering technology came all the way step by step growing and improving. Windows 2000 period giving the confidence for customers on the stability of the Microsoft clustering technology. If there are filed engineers who have configured the Windows 2003 clustering will know the painful steps they have to follow configure the clustering. When it comes to Windows 2003 R2 Microsoft offered various tools and wizards to make the clustering process less painful process to engineers. If you’re planning to configure windows 2003 clustering one place you definitely look into is this site.

Now we’re in the windows 2008 era and clustering has been improved dramatically in the configuration side and as well as in the stability wise. Windows 2008 clustering has given the code name as “Windows failover clustering

As I always have been updating the audience in public sessions clustering is no longer going to be a technology focus by Enterprise market. Clustering can be utilized by SMB and SME market as well with a fraction of the cost.  As usual I will be focusing on the HYPER-V  and how combine with clustering can help the users to get the maximum benefits out for virtualization and high availability. HYPER-V  been Microsoft flagship technology for the virtualization. It’s a 100% bare metal hyper visor technology. There are lot of misguided conception on HYPE-V is not a true hypervisor, the main argument point highlighted is you need to have windows 2008 to run the HYPER-V. This is wrong!!! You can setup on the HYPER-V hyper visor software in bare metal server and setup the virtual pc’s. HYPER-V only free version can be download from here. Comparisons on HYPER-V can be found over here.

So now we have somewhat idea about the clustering technology so how can it applied to the HYPER-V environment and have a high available virtual environment? We’ll have a look at a recommended setup for this scenario,


According to the picture we’ll need 2 physical servers. We’ll call them Host1 and Host2. Each host must 64bit and have Virtualization supported processor. Apart from that Microsoft recommended to have the certified hardware. Base on my knowledge I would say minimum environment should be as follows,

1. Branded servers with Intel Xeon Quad core processor. (better 2 have 2 sockets M/B for future expansion.)
2. 8 GB memory and minimum 3 nics. always better to have additional nics.
3. 2*76 GB SAS or SATA HDD for the Host operating system.
4. SAN Storage. (Just hold there folks, there are easy way to solve this expensive matter….:)

Now the above system has the full capability to handle decent amount workload. Now the configuration part 🙂 I’ll try to summarize the steps along with additional tips when necessary. Following steps will help you to configure a Windows 2008 File server cluster. HYPER-V high availability will be followed the same steps. Due to hardware limitation I have decided to demonstrate Windows 2008 File server clustering.

1. Install windows 2008 Enterprise or Datacenter edition to each Host computer. Make sure both of them get the latest updates and both host will have same updates for all the software.

2. Go ahead and install the HYPER-v role.

3. Configure the NIC’s accordingly. taking one host as the example NIC configuration will be as follows,
    a) One NIC will be connected to your production environment. So you can add the IP, DG, SB and DNS
    b) Second NIC will be the heartbeat connection between the 2 host servers. So add IP address and the SB only. Make sure it will be totally     different IP class.
    c) Third NIC will be configured to communicate with the SAN storage. I’m assuming we’ll be using iSCSI over IP.

4. Now for the SAN storage you can go ahead and buy the expensive SAN storage for HP, DELL or EMC (no offence with me guys 🙂 ) but their are customers who can’t afford that price tag. For them the good new is you can convert your existing servers into a SAN storage. We’re talking about converting you’re existing x86 systems into Software based SAN storage which use iSCSI protocol. There are third party companies which provide software for this. Personally I prefer StarWind iSCSI software.
So all you have to do is add enough HDD space to your server and then using the third party iSCSI software convert your system to SAN storage. This will be the central storage for the two HYPER-V  enabled host computers.

4. Go ahead and create the necessary storage at the SAN server. How to create the cluster quorum disk and other disk storage will be available from the relevant storage vendor documentation. When it comes to quorum disk try to make it 512MB if possible but most SAN storage won’t allow you to create a LUN below 1024 MB so in that case act accordingly. (Anyway here goes few steps how to create relevant disks under StarWind)

Starwind-2 Starwind-3 Starwind-7

Starwind-8 Starwind-10

5. Go to one host computer and then add the Clustering feature.

Cluster feature

6. Go to the iSCSI initiator in the Host1 and then connect to the SAN storage.  As seen on the picture click add portal and enter the IP address of SAN storage.  One connected it’ll show the relevant disk mappings. (That easy in Windows 2008 R2 now)


iSCSI-4 iscsi-win7-init

7. Once that complete go to Disk management and unitize the disk and format them and assign drive letters accordingly. (Eg: Drive letter Q for Quorum disk…etc)

12-21-2009 5-01-46 PM 12-21-2009 5-02-03 PM 12-21-2009 5-02-40 PM

12-21-2009 5-05-07 PM

8. Go to Host2 open iSCSI imitator and add the SAN storage. Go to Disk management and add the same drive letters to the disks as configured on Host1.

9. Go to cluster configuration and start setting up the cluster. One cool thing about Windows 2008 cluster setup is cluster validation wizard. It will do a serious of configuration checkup to make sure if you have configured the cluster setup steps correctly. This wizard is a must and you need to keep this report safely in case if you need to get Microsoft support or a technical personas support. One the cluster validation completed we can go ahead add the cluster role. In this case we’ll be selecting File Server as our cluster role.

12-21-2009 5-11-18 PM 12-21-2009 5-11-40 PM 12-21-2009 5-11-46 PM

12-21-2009 5-12-08 PM 12-21-2009 5-17-54 PM 12-21-2009 5-20-38 PM

10.  Once the cluster validation is completed, go ahead and create a cluster service. In this demonstration I’ll use clustered file server feature.

12-21-2009 5-25-35 PM 12-21-2009 5-25-51 PM

Go ahead and give a cluster administration name for the cluster, and after that select a disk for the shared storage. for this we’ll use a disk created in the SAN storage,

12-21-2009 5-26-21 PM 12-21-2009 5-27-07 PM 12-21-2009 5-29-49 PM

11. Once that step is completed you’ll be back in the cluster management console. Now you’ll be able to see the cluster server name you’re created. So we have created cluster but still we didn’t share any storage. Now we’ll go ahead and create shared folder an assign few files so users can see them,

12-21-2009 5-35-20 PM 12-21-2009 5-35-57 PM 12-21-2009 5-37-16 PM

12-21-2009 5-39-01 PM 12-21-2009 5-40-23 PM

Now once we login from a client PC we can type the UNC path and access the shared data in the clustered file server 🙂

12-21-2009 5-54-10 PM 12-21-2009 5-55-24 PM

Phew…!! that was a long article I’ have every written 🙂 Ok I guess by now you’ll have the idea Windows 2008 clustering is not very complicated if you have the right tools and the resources. Now that is the out layer internally to secure the environment we’ll need to consider about either CHAP authentications, IPSec…etc. Since this is 101 article i kept everything is simple manner.

Let me know your comments (good or bad)about the article so I’ll be able to provide better information which will be helpful for you all.

How to extend trial period of Windows 2008, Windows Vista and Windows 7 products

WindowsServer2008 windows-7-logo windows-vista-logo-1

Most of the time I use Windows 2008 products for video recordings and customer site demonstrations. During this period I use TechNet subscription materials for this purpose. Once issue I have been facing is when I want to do another demo after few weeks time the VPC cannot be used do the trial period of the product has been expired! Registering the demonstration purpose operating systems frequently is not an easy option either (Even though I create a set of VPC like that once)

With Windows 2008 you’re getting trial period of 30 days. But if you’re smart enough now there is  way to extend that period for 180 or more. This is really valuable because that means we can keep the VM’s running properly under trail period for nearly 6 months! (For me that is more than enough!) Good news is this trial extend work around is working for Vista and Windows 7 as well. ok so let’s get start how to extend the trial period.

What we have to do is run a script in the windows\system32 folder called slmgr.vbs

  1. Bring up a Command Prompt.
  2. Type slmgr.vbs –rearm, and press ENTER.
  3. Restart the computer.

You computer has now extended the evaluation period 60 days!  You can run the same command in the same system for 3 times up giving you an activation-free trial period of a total of 240 days!

To find out how many days remain in the trial period you can use the following command.

  1. Type slmgr.vbs -dli, and the current status of the evaluation period is displayed.

Be curious and check out additional commands available in the slmgr.vbs

Something interesting in Windows 7 and windows 2008 R2

Start setting up HYPER-V role in my desktop PC after installing Windows 2008 R2 (It’s a new rig 🙂 )
Tried to install windows 2008 R2 Ent and Windows 7 as guest OS in my HYPER-V environment. After installing went on usual method of installing the IC’s (integration services), but no need to do that anymore.

According to the given message ICS (Integration Component Services)has been installed already.

Wondering if this installed automatically during the setup I went to the control panel and found no evidence for that. So looks like Microsoft has integrated the ic’s into the OS itself!
Looks like MS expecting big change in future on virtualization and they have been ready for it with the launch of Windows 2008 R2 and Windows 7.

[Edit Tags]

Windows 2008 Components Posters

Ever wonder it would be easy if you can know all the Windows 2008 features in one sheet so at a glance you can look at it and get the big picture. Well that wait is over for me since I found out Microsoft has a solution for this, giant poster!

Previously published in the TechNet Magazine, these are two PDFs of Windows 2008: Operating System components and Active Directory components. The posters explain how they work and detail capabilities.  They are great resources to have up on your office wall.

The Feature Components poster highlights the following components of the Windows Server 2008 operating system:

Terminal Services
Network Access Protection
IIS 7.0
Server Manager
Server Backup
Server Core
Bit Locker
Windows Server Virtualization

The Active Directory Poster highlights the following components of Active Directory in Win2008

AD Lightweight Directory Services
AD Federation Services
AD Rights Management Services
Group Policy
AD Management
AD Read-Only Domain Controllers

Many thanks go to MS team who has been taking considerable time to prepare these posters. You can get them by visiting over here.