Dan B. Lee

Just for reference, here’s a list of popular prefixes for LANs based on the bits in their subnet. This can basically server as a guide to which subnet you’d like to configure your network with when determining how many IP’s you’d like available internally. Beyond this chart, LANs can become unmanageable and even subnets with higher available IPs are less likely to be needed.

A list of prefix sizes, network masks, and available hosts\IPs:

A Quick Example:

Let’s say you have an office space with 200 users and 10 servers and you’re trying to determine which subnet to use. The gut instinct would be to choose the /24 as it offers more IP’s than needed with room for growth. But realistically, there are many more devices and tools that need IP addresses than one may originally think. Your DHCP Pool alone will need to be more than 200 and wireless devices or visitors to the office must be considered. At that point, you’ll probably want to go with a netmask that gives you more IP Addresses.

Best Practices:

The golden rule when working with IP Addresses, be it load balancing a DHCP Server or determining capacity, is 80\20. Find a netmask that’s going to offer IPs that are 80% of what you’ll have available, leaving 20% for growth or unexpected needs. Resubnetting after everything is in place can be a nightmare, so plan carefully.

Cheers!

OS: Windows 7

I recently purchased a new monitor and noticed when I open photos using the Microsoft Photo Viewer I got a nasty yellow tint on the photos. There’s a fix for this out there. Here’s the fastest steps to fix the issue:

Read the rest of this entry

Here’s a quick and easy way to reboot a server or computer remotely. No extra steps needed.

1. Log into a computer as an admin. By default, the command will use your credentials on the remote side.
2. Open up an elevated (Run As Administrator) command prompt.
3. Run the following command. Note that you can use the computer name or the IP Address if you know it: shutdown /m \\computer-name /r /f
4. Done!

The /m switch means you’re trying to connect to a server that’s somewhere else. The /r switch is for reboot (leave this switch out if you just want to shut the machine down). Finally, the /f is to force shutdown any programs that may be prompting you for something that you can’t see.

Cheers!

To brand our XenApp product a little bit at work, I created a favicon.ico file for web browsers. Nothing big, but it’s the little things, right? Unlike throwing the favicon.ico file in the root of your site, Citrix has a special place for the .ico files.

Read the rest of this entry

Overview

I came across this issue not too long ago and wanted to share my findings. First, this issue is not just an OpenVPN issue. If a service is dependent on certain sockets and ports being open but they are in use or closed, the service is going to fail. The good news is that the issue is fairly easy to fix on a running server with a little detective work and a few easy commands.

Read the rest of this entry

I was recently looking over an environment running VMware vCenter 4.1 and saw in the tasks that a task called “check new notifications” was queued about a dozen time or so. The schedule for the tasks varied. Some of the tasks were before the current time and others were afterwards. Either way, there were about a dozen or so of them and they needed to be dealt with.

Read the rest of this entry

I wanted to post a quick blurb in regards to a demo we just had from the Avaya Team. We were invited to demo the AvayaLive Engage interactive environment and we were really impressed with what we saw.

For those who are unfamiliar, AvayaLive Engage is a web based interactive environment. Their marketing team would probably scoff at my use of the word “game” because its intentions are strictly work and collaboration, but the whole realm is designed using the Unreal Engine.

Once inside the AvayaLive Engage realm, you have the ability to walk your character around to the many collaboration areas. Much like real world conference rooms, these areas are full of tools that users can “engage” with to share and brainstorm.

Some of the features include:

• Spacial Audio that understands the virtual distance between you and other avatars.
• Left to right association, so you can hear people out of the appropriate speakers, depending on where they are located.
• The ability to use “Conference Rooms” where leaders can take a podium, address the entire conference room, offer up all kinds of media and display them on the walls.
• Administrative tasks and controls that allow moderators complete control over the actions of avatars inside the environment.

Here’s a quick screenshot:

From AvayaLive’s website:

Accessible from any Internet connection and web browser, AvayaLive™ Engage supports one-on-one conversations or group brainstorming sessions—any collaborative-style meeting. Enterprises can connect remote-working and on-the-go teams in a “real-world” experience.

Feel free to look into their free demo. You can actually walk around their demo the environment and all of its features. All you’ll need is an up to date browser: https://webalive.avayagov.com/1/html/index.html

Cheers!

I had originally posted a while back in regards to getting the “Windows can’t activate right now…” error in windows 8. The easy fix for this is to run a command prompt as an administrator and execute the following command:

slmgr.vbs -ipk "YOUR_PRODUCT_KEY"

This will apparently work if you are trying to change the product key to something else. However, if you’d simply like to clear out all of the product keys, you can run this command with this switch:

slmgr.vbs –upk

As Windows States here (For Windows 7, but the same applies to 8), “…the slmgr.vbs –upk command clears all product keys that are present on the computer. For example, these may include the Multiple Activation Key (MAK) and the Key Management Service (KMS) key.”

And for you cmd junkies, you can activate it right after you enter your new product key using this:

slmgr.vbs /ato

Or you could just click activate in the explorer window. Keep in mind, you must be running Command Prompt as an administrator in order for this to work!

Cheers!

Sometimes there just isn’t enough time or patience to wait for Group Policy to push updates. Luckily we have small commands that nudge things along. Here are a few things that get WSUS (Windows Server Update Services) moving in the right direction so you aren’t sitting around waiting for Group Policy to update. I’ll give you some examples and how to check to make sure forcing worked.

Forcing Group Policy

We should all be familiar with forcing group policy. Run this command in an elevated command line:

gpupdate /force

Testing with RSoP

How can you check to make sure your group policy has updated after the force? Odds are you are changing group policy for something specific and you’ll notice a difference, but the best tool for the job is Resultant Set of Policies. RSoP is an executable that will run and show you exactly what policies are being used by your server.

Go to Start > Run and type “rsop.msc”

A small script with a UI will run, which will compile a display of all of the current policies in place on the server. A screenshot below shows the RSoP running. Notice the “Windows Vista…” remarks in the paragraph at the top. This was run from a Windows 2008 R2 Server!

When the snap-in runs and completes you’ll be able to see what policies are applied.

WUAUCLT

WSUS works closely with the Windows Update Agent on your server or client. For instance, reporting to your WSUS server is done via the update agent. Sometimes the client reaching out to the WSUS Server takes time. It first needs to detect the server, then connect to the WSUS Server, and finally report to it. Rather than waiting, you can force all of this using WUAUCLT Commands.

Here’s an example of how to connect, detect, and report to the WSUS from a client:

Head to your client and confirm the server policy is correct. Go to gpedit.msc > Computer Configuration > Windows Components > Windows Update > Specify intranet Microsoft update service location. This should be enabled and your address should point to your WSUS Server (example: http://wsus01).

From an elevated command prompt and run the following:

wuauclt /detectnow

This will let the client find the server. If you head back to your WSUS Server you’ll see that the client will be listed under Update Services > [Server Name] > Computers > All Computers. If you catch it fast enough you’ll notice the server may have a status of “Not yet reported” (example picture below).

We can fix that by running the following comand:

wuauclt /reportnow

The above command will force the client to report to the WSUS Server appropriately. Refresh your list in WSUS and you’ll be all set. The client will be ready to accept updates at whatever time you scheduled them.

Let me know if I left anything out, and let me know how things go.

Cheers!

A Brief History

WSUS (Windows Server Update Services) has come a long way. Before WSUS there was SUS, which was a barebones version of WSUS today. Rather than downloading updates from the internet, a SUS Server was put in place within the network. SUS downloaded updates from Microsoft and servers downloaded from the SUS Server. This eliminated the need for servers to reach out to the Microsoft independently and allowed administrators the chance to regulate what was and wasn’t deployed to the servers from a broader perspective. Updates were no longer a full time job and busy administrators were no longer spending their weekends logging into each and every server pushing updates and rebooting.

Now, WSUS has the same initiative as SUS: Download updates and push internally. But instead of only being able to do updates, WSUS can do other updates such as features packs and device drivers. Many of the scripts that our more savvy peers wrote over the years for SUS were turned into tools, wizards, and features in WSUS. WSUS gives us plenty of management options while reducing interference with the production of our servers.

Removing Unneeded Updates

With proper rules in place, WSUS can be configured to download only what your servers need. WSUS is intelligent enough to understand when older updates become obsolete. These updates are unneeded, but will remain on the server until you specifically remove them. You’ll want to remove these updates from the WSUS Server if you’re trying to save disk space. Here’s how:

1. Open the WSUS Manager
2. Open the “Options” Menu using the tree of the left of the WSUS Manager Console
3. Choose Server Cleanup Wizard
4. Select what you want to clean up. This could be anything from computers that aren’t communicating to the updates that are not needed
5. Run the wizard and finish when complete

WSUS Hangs While “Deleting unused updates…”

When you first use the Cleanup Wizard, you may run into an issue where the cleanup hangs. Odds are this is because you selected to clean up both the unused updates and the unneeded updates. Try and do one at a time instead of both during the same job. This seemed to work.

Let me know how it goes.

Cheers!