Quick and dirty way to transfer or recover FSMO roles

Here are the basic steps you can use to transfer or recover FSMO roles during or after migration;

Without going into detail about how this process works, or what it does, If you have just migrated a new Server and are ready to make it the live master for the forrest and domain, simply open up a command prompt (CMD) and enter the following lines in one after the other;

transfer or recover FSMO roles

Ntdsutil
Roles
Connections
Connect to server *New Server Name*
Q
Seize infrastructure master
Seize naming master
(if success – continue to the below)
Seize PDC
(Server “*Server Name*” knows about 5 roles)
Seize RID master
Sieze schema master
Q

Finito. (<– dont type that!)

Why do we need to transfer FSMO Roles, or what are they anyway!?

Because an Active Directory role is not bound to a single DC, it is referred to as a Flexible Single Master Operation (FSMO) role. Currently in Windows there are five FSMO roles:

Schema master
Domain naming master
RID master
PDC emulator
Infrastructure master

And that is your FSMO roles all transferred over using simple command line. Please keep your eyes peeled for further posts looking deeper into each of the FSMO Roles,

Check if PC is joined to the domain

Here is a quick way to check the health of a PC joined to a domain controller. This is very useful if you need to do a quick check in the first instance of diagnosing a trust relationship issue.

pc is joined to the domain

Here are the steps to check if a pc is joined to the domain using Powershell:

1) Open up a powershell console

2) Type or copy/paste the following, replacing the *dc mane* with your networks domain controller

Test-ComputerSecureChannel –Server *dc name* -Verbose

3) check results, If it comes back with red text it is a pretty good indicator that there is some form of problem going on, however if it returns “The secure chanel between ‘*’, ‘*dc name*’ and ‘*domain*.local’ is alive and working correctly”  then you can continue investigating your problem knowing that the PC is nice and safely connected to the domain.

For troubleshooting Trust Relationship issues with a Microsoft Domain, please keep your eyes pealed for part 2

Set server to automatically update time

If you have ever been in the situation where a time server or an old server will just not keep in sync, perhaps due to a CMOS battery error, or simply old hardware, then this cmdlet is for you.

Here is how to set a server to automatically update time;

automatically update time

Open up a command prompt and copy/paste the below:

w32tm /config /manualpeerlist:”0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org”,0x8 /syncfromflags:MANUAL
w32tm /config /update
net stop w32time
net start w32time
w32tm /resync /nowait

All that this is now doing is setting the clock to update automatically from a web time server, the servers we are using are the public pool 1, 2 and 3 at ntp.org
We stop and start the time services, and then tell it to resync with the new settings.

Windows Update stuck 3 of 3 – Can’t use PC

It would seem that the last batch of updates from Microsoft around the 12th-14th May 2015 have been causing quite a few PC’s to hang stopping at Update 3 of 3.

This so far looks like it is only affecting Windows 7 Pro X64 based PC’s

As with most IT Professionals, we would never suggest performing a Hard shut-down to your PC, unless there really is no other option, however it does look like in this case this is the only way to fix this particular ‘Stuck Update‘ issue.

If your Windows Update  stuck: windows update stuck 3 of 3

Option 1)

Press CTRL + ALT +DEL
This seems to be working for 50% of users encountering this issue, if it does not work then proceed to option 2.

Option 2)

Step 1) Hold down the power button on your PC for 10+ seconds,
Step 2) Restart PC by repressing the power button
Step 3) If confronted with a windows error ‘Your PC did not shut down normally’ screen, select “Start Windows Normally”

Out of the 7 PC’s we have now done this to, all in different environments, we are yet to see any errors or corruptions caused by this. We are continuing to look into which update specifically caused this and why, and so check back later to keep yourself updated.

 

For further reading see this Reddit thread.

Use CMD or Powershell to find last boot time

Ever wanted to check the last boot time of a PC or server?

There are multiple reasons why you may want to find out the last boot time of a server or a PC, Perhaps your server has been restarted without you knowing, and you want to be able to have a starting time to aid in your search through event logs to see what happened prior to the restart. Maybe you are remotely logged onto a PC which is running slow, but the user hasn’t restarted it for a while.

Anyhow, below is how to check the last boot time using either Powershell or CMD:

Powershell:
Get-WmiObject -class Win32_OperatingSystem | Select-Object __SERVER,@{label=’LastBootUpTime’;expression={$_.ConvertToDateTime($_.LastBootUpTime)}}

last boot time using powershell

CMD Method:

The built in systeminfo command may however be easier to remember using CMD:

systeminfo | find /i "Boot Time"

Or with the help of WMIC:

wmic os get lastbootuptime

wmicLastBoot

 

As you can see, the easiest and probably most useful quick command is by using SystemInfo, easy to remember, quick and nicely formatted.

 

Can’t use browser – Jump to URL (hh h)

Ever been stuck with a web browser so full of toolbars or extensions that its almost impossible to do anything? Is your browser unresponsive or you are unable to use the internet?
Then you need to deploy the Windows hidden Cutdown browser:

Here is how to access the web when you can’t use browser.

Simply use the following hotkeys Win+R  to open the Run box, then type “hh h” and hit enter
Cutdown web browser HH H useful can't use browser

This will bring up the ‘HTML Help’ documentation window,can't use browser

Right Click and select ‘Jump to URL’
Cutdown web browser HH H

Enter URL of site you need, in this case a copy of RKILL to help get pc back into shape,
Cutdown web browser HH H

See our List of top free products to recover your PC from a virus for more info.

 

Resolve Logmein Error 4320 (Method 2)

 

 

 

Another way to resolve Logmein Error 4320 

As discussed in my previous article on this logmein issue, this error code is most commonly found in a domain environment, or where there may be some form of user lockdown, and may even occur on a multi user non domain PC.

Basically, it is meant to protect the users PC from being accessed by someone other than the logged in user who installed logmein in the first place.

  1. First off, lets open up the logmein Control Panel (Right-Click on the logmein icon in the taskbar, or open from the start menu)
    Add users logmin
  2. Next we are going to select ‘Options’
    Add users logmin
  3. Then ‘Preferences’
    logmein properties
  4. Select the ‘Security tab’
    logmein properties
  5. Click on ‘Show Details’
    Error 4320
  6. Click on  Browse and select the correct user you want to add to allow access to the PC. You can choose from a list either by selecting the local PC name, or if you are on a domain, then the domain name that the PC is registered with.
    Logmein Error 4320
  7. Click OK to close all windows, Turn off Logmein then turn it back on,
  8. You are good to go!

 

Preventative measures could be taken however, When installing logmein, if you do so whilst logged in as a local admin for the PC, this seems to resolve the issue. Please note, this is only for the LOCAL admin for the PC, a domain admin account will most likely not work, and provide the same Logmein error 4320 as discussed above.

Resize VHD / Shrink Virtual xp Disk

So you still have something running on that Virtual XP machine silently consuming space on your HDD?
Finally decided that you need to resize VHD disks to free up wasted storage? Here is how;
Run out of space HDD

1) Turn off your VHD or close any programs that may be running  (status should be Powered down)
resize vhd for windows xp mode

2) In the Virtual Machines manager, right-click and select settings

4) Select the HDD you want to shrink and click ‘Modify’
modifying to resize vhd for windows xp mode

5) Then select ‘Compact disk’ and wait.
compacting windows xpo mode vhd disk

This process will assess how much space is currently being used, and the, remove the rest leaving 10-20% headroom for growth of the disk. It can take up to 30+ mins to complete this process, so be patient! By using this simple tool, you can shave a good 60+GB of wasted space into freely usable storage.

Resolve Logmein Error 4320 (Method 1)

How to resolve Logmein Error 4320 

Whilst setting up logmein for remote access in a pretty locked down domain environment, I have noticed that quite frequently we would get an ‘admin error 4320’ on the remote users PC.

Now the official logmein site would suggest adding users within the logmein interface, which we will cover in ‘Method 2’ however I have found a quicker workaround that works 9 out of 10 times is by simply always running the program as administrator.

  1. Place the Logmein icon either on your desktop or navigate to the program folder path usually “C:\Program Files (x86)\LogMeIn Ignition”
  2. Right click on the icon and select ‘Properties
  3. Once in Properties select the ‘Compatibility’ tab at the top
  4. At the bottom under ‘Privilege level’ tick the ‘Run this program as Administrator’ box*.
    How do I resolve Error 4320
  5. If you have more than 1 user on the PC, select ‘Change settings for all users’
  6. Again tick the ‘Run this program as Administrator’ box
    Logmein Error 4320
  7. OK out of both windows, If logmein is running. Close it again and re-open it, now using an Administrative logon.

Your Logmein error 4320 should now be resolved. if not see the link below

Logmein Error 4320 Method 2

*If the ‘Privilege level’ box is greyed out, be sure that you are logged on as an administrative user, or log off and back on as one in order to continue.

Connect to O365 using Powershell (Windows Azure Active Directory Module )

So you need a quick way to connect to o365 to manage email for either yourself or your clients?

Connect to O365 using Powershell (Windows Azure Active Directory Module )Load up the Azure Directory module, link below:
http://go.microsoft.com/fwlink/p/?linkid=236297

Type (or copy/paste):
$msolcred = get-credential
connect-msolservice -credential $msolcred

 

It will then prompt for your Office 365 administrators user/pass.
Hit enter,

You are now connected to your admin console and can now use a whole host of available cmdlets in order to quickly and effectively manage your exchange and Office365 back-end.

See <link to post> for my Top Five Office 365 Powershell commands