How To Connect Remotely From a WORKGROUP-Server Core (Server Manager)

ERROR:  The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting.

When the local computer is not in a domain, the following procedure is required for remoting.

    1. Configure the computer for HTTPS transport or add the names of the

       remote computers to the TrustedHosts list on the local computer.

       For instructions, see "How to Add a Computer to the TrustedHosts

       List" below.

    2. Verify that a password is set on the workgroup-based computer. If a

       password is not set or the password value is empty, you cannot run

       remote commands.

       To set password for your user account, use User Accounts in Control

       Panel.

    3. Use the Credential parameter in all remote commands.

 

       This is required even when you are submitting the credentials

       of the current user.

HOW TO ADD A COMPUTER TO THE TRUSTED HOSTS LIST

**Note: You need to add on both Server E.g. Full Windows 2008 R2 (Management Server) and Server Core 

 Caution: The value that you set for the TrustedHosts item affects all users of the computer.      

To view the list of trusted hosts, use the following command:          

get-item wsman:\localhost\Client\TrustedHosts      

You can also use the Set-Location cmdlet (alias = cd) to navigate though the WSMan: drive to the location. For example: "cd WSMan:\localhost\Client; dir".     

 To add all computers to the list of trusted hosts, use the following command, which places a value of * (all) in the ComputerName          

 set-item wsman:localhost\client\trustedhosts -value *      

You can also use a wildcard character (*) to add all computers in a particular domain to the list of trusted hosts. For example, the following command adds all of the computers in the Fabrikam domain to the list of  trusted hosts.          

set-item wsman:localhost\client\trustedhosts *.fabrikam.com  

To add the IP addresses of particular computers to the list of trusted hosts, use the following command format:         

 set-item wsman:\localhost\Client\TrustedHosts -value       

For example: set-item wsman:\localhost\Client\TrustedHosts -value 172.16.0.0

DNS - SRV records for Active Directory

SRV records are the important elements for Active Directory to function properly. In this session, just a quick share on What SRV records used for Active Directory:

_msdcs
This is a Microsoft-specific subdomain that stores SRV records for domain controllers with roles in AD. These roles include domain controllers, global catalog servers, and primary domain controller emulators.

_sitesThis contains records for domain controllers based on site. Microsoft Clients like Windows 2000/XP/Vista can use this record to locate domain controllers and global catalog servers that are in their site, so that they can avoid using services across the WAN.

_tcp
This contains domain controllers in the AD domain. If windows clients need to find a DC in a specific site, they will look here. The TCP protocol will be used to request the information.

_udp
Kerberos clients can use UDP port 88 to request tickets and port 464 for password changes.

DomainDnsZones
Zone information that should be replicated to all DCs in the domain that have the DNS service installed.

ForestDnsZones
Zone information that should be replicated to all DCs in the forest that have the DNS service installed.

Use nslookup to query for SRV service location records, you should:

NOTE: you will need to have reverse lookup zone setup

Type nslookup and then press Enter.
Type set type=all and then press Enter.
Type ldap.tcp.dc._msdcs.domainname and then press Enter.
Repeat this process for as many SRV records as you want to confirm.

Your current security settings do not allow this file to be downloaded

After upgrade to IE7/8, or when you install Windows 2008 by default, when you download files from the internet, you will see the following error:

"Your current security settings do not allow this file to be downloaded"
Microsoft do so is to fight unwanted program to be download to the PCs. However, if you would like to enable the mentioned settings:

On your IE, click Tools -> Internet Options.
Click on Security tab, on Internet, click Custom Level. On settings, find a section that shows download. On File download, put it Enable.

Adding picture into Exchange 2010 and Outlook 2010

One picture is max 10k, will not really add size to AD Database.

1) Get ready your picture, ours in jpg format, less than 10k, remember.
2) In Exchange 2010, launch Exchange management shell and type this command:
import-RecipientDataProperty -Identity poo -Picture -FileData (Byte[]] $(Get-content -path "C:\Photos\poo.jpg" -Encoding Byte -ReadCount 0))
3) Launch your Outlook 2010 and mouse over the account in your e-mail

How To Create Bootable Windows 7, Vista, or XP USB Flash/Pen Drive Quickly

Let’s begin the guide without wasting time. Just make sure that you have a pen drive with 4GB + capacity if you are making a bootable USB flash drive.

Requirements to create bootable Windows USB:

# Windows 7 or Vista ISO

# Pen drive with 4GB+ (2 GB is sufficient for XP)

# 15 Minutes of free time

Procedure:

1. Insert your USB flash/pen drive to your system and backup all the data from the USB as your USB drive will be formatted during the process.

2. Now download WinToFlash tool (free) from here.

3. Run the tool, and browse to your Windows 7, Vista, or XP DVD files (make sure that your USB drive letter is correct).

4. Click Create button to begin the bootable USB process. Wait for few minutes to see the bootable USB.

5. That’s all!

Hyper-V VM in a Paused-Critical State

Snapshots serve as a mechanism that allows us to revert virtual machines back to a previous state in a timely manner. A common issue when dealing with virtual machines and taking multiple snapshots occurs when the virtual machine will no longer stay running. In these scenarios, the VM will typically pause itself and reported to be in a “Paused-Critical” state.

This issue is caused by a lack of system resources available to the host. More specifically, this occurs when there is not enough free hard disk space available on the host drive where the virtual machine snapshots are stored. So how does this happen? Well, an AVHD file is created every time you create a snapshot of the VM. The problem is that these files are often quite large and can add up on you before you know it. Also, deleting the snapshots from Hyper-V manager will remove the link to them but won’t delete the AVHD files off of the physical disk.

Your initial reaction when winding up in a Paused-Critical state might be to delete the AVHD files to free up space; however, this won’t fix the problem in itself. You will then have to turn off the VM and delete the snapshot files from within Hyper-V manager for the free space to be made available to the VM. Microsoft recommends doing this process first prior to deleting the AVHD files manually. Alternatively you can export the VM and the import it back into Hyper-V manager.

Scenario
I shut down the VM and the merging process began. However, I had created a few snapshots in the past that still hadn’t been merged. It looked like the merging process might take a while, so I let it run. However, the merging process could not complete because I didn’t have enough disk space! I found this quite ironic.


I am of disk space because I did not merge the snapshots into the vhd, but I cannot merge the snapshots because I am out of disk space. Does that seem odd to anyone else?


In order to fix this problem I had to dive into the config file. Luckily, I had another hard drive with around 30GB of freespace attached to the host. To fix the problem I shut down the VM and Hyper-V Services then went to the directory containing .avhd (snapshot) files. I moved one of the snapshot files to a temporary directory on the drive with the free space, then updated the snapshot entry in the config xml file for the VM to point to the new directory where I placed the snapshot file. After restarting the Hyper-V services and turning off the VM the merge was able to complete, albeit after 2 hours of waiting.


I realize that Hyper-V is a somewhat new contender in the Virtualization marketplace, but I think that something is completely out of whack with the way that snapshots work. When you have systems that are required to be up and running 24/7 it basically throws away any use that snapshots have. It seems somewhat ridiculous that you have to bring a system down to delete the snapshot when one of the reasons you created the snapshot was to help reduce downtime in case something goes wrong. It is even more ridiculous that if you don’t power down your system and wait for the vhd to merge, the snapshot will continue to grow until the system comes crashing down due to a lack of disk space!


I understand that Microsoft does not recommend snapshots for production environments… but I hope in the future they make some improvements so that snapshots are usable in production environments.

You need Microsoft Internet Explorer 4.01 or later to use this feature. You can download the latest version of Internet Explorer from http://www.microsoft.com

I just fixed this one. I had to create a registry entry in "\HKLM\SOFTWARE\Microsoft\Internet Explorer" with the version information. Make a new string value called "Version", and enter the version information, in my case I entered "7.0.5730.13". I don't think that it matters too much what version you enter as long as it is later that the 4.01 that is required.