Archive

Archive for June, 2013

SMS_WSUS_SYNC_MANAGER -WSUS Synchronization is failed ( event id 6703 sms server ) & SMS_SITE_COMPONENT_MANAGER ( Event ID 1037 sms server )

June 24, 2013 3 comments

Symptoms

Following error are logged in SCCM 2012 server after upgrade SCCM 2012 RTM to SP1

Component Manager failed to reinstall this component on this site system. WSUS Synchronization failed.

Resolution

Apply KB2734608 on SCCM server . Here is the download link http://www.microsoft.com/en-us/download/details.aspx?id=30747

Step by step process of upgrading SCCM 2012 RTM (5.00.7711.1000) to SCCM 2012 SP1 ( 5.00.7804.1000 )

June 24, 2013 1 comment

Step by step process of upgrading SCCM 2012 RTM (( 5.00.7711.1000) to SCCM 2012 SP1 ( 5.00.7804.1000 )

As usual of Microsoft service packs release, config manager 2012 SP1 included many bug fixes in addition to new enhancements. SCCM RTM doesn’t support windows 8 & Windows 2012 .SP1 support windows 8 and windows 2012 .This is the good reason for upgrading to SP1

In this post contains how to upgrade SCCM 2012 RTM to SCCM 2012 SP1.

Step 1 : Take a healthy backup of your SCCM Server and the database (from the SCCM Server console )

Step 2 : Uninstall Windows Automated Installation Kit ( AIK )

Step 3 : Download and install Windows ADK for windows 8

When you run the Windows ADK setup, select the following features

-Deployment Tools

-Windows Preinstallation Environment (Windows PE)

-User State Migration Tool (USMT)

Windows Assessment and Deployment Kit (ADK) for Windows 8  downlaod  link : http://www.microsoft.com/en-us/download/details.aspx?id=30652

Step 4: Download and install Windows Management Framework 3.0

http://www.microsoft.com/en-us/download/details.aspx?id=34595

Step 5: Reboot the SCCM server

Step 6: Run the installer for SCCM 2012 SP1 (Setup file approximate size is 904 MB)

Please make sure your SQL is supported for config manager 2012 SP1 . Please refer this article http://technet.microsoft.com/en-us/library/gg682077.aspx#BKMK_SupConfigSQLDBconfig

Select upgrade the configuration manager site option

Enter your product key

Accept the license terms

test1

test2

Click Next

Note: Connect SCCM server to internet and download required perquisites to local drive during the setup.

test3

test4

Cick Nect to start the upgrade

Setup will check the perquisites and display details about how to resolve them if any. Below warring can be safely ignore

Click begin to install and upgrade  might take 2 to 3 hours.

test7

SCCM 2012 SP1 upgrade is successfully completed , More info please refers to the following articles:

http://technet.microsoft.com/en-us/library/jj628205.aspx

http://technet.microsoft.com/en-us/library/jj591552

Searching Outlook Global Address book by phone Number, employee position

June 12, 2013 4 comments

Searching Outlook Global Address book by phone Number, title …

By default outlook global address book search is enabled on few attributes like givenName, surname, displayName, EmailAddress,Alias etc . If you want to search outlook address book using different attribute field like telephone number ,position that may be beneficial in your environment, then the ‘ANR’ function has to be enabled on the attribute field.

What is ANR (Ambiguous Name Resolution )?

ANR is the ability of an Exchange/LDAP client to determine information based on partial data

When using an Outlook, a user might enter partial data in the From, To, CC or Bcc fields. The client, with the help of the Exchange directory will try to match the partial data and provide the address of the matching object.. If an exact match is found then the address representing the matching object will be auto completed.

How to enable Searching outlook Global Address book by phone number & Position…

Enable “Index this attribute in the active directory” and “Ambiguous Name Resolution” in Domain controller holding Schema Master

To activate the Schema MMC snap-in follows these steps:

1. Login to Domain controller with Schema admin permissions

2. Open Start>Run>MMC

3. Open the ‘Console’ menu and choose ‘Add/Remove Snap-in’.

4. Click ‘Add’ and choose the ‘Active Directory Schema’.

5. Click ‘Add’.

6. Click ‘Close’.

7. Expand the ‘Active Directory Schema’.

8. Open ‘Attributes”

Enable ANR to search in outlook using "Telephone-number"

9. Search for "Telephone-number" — properties.

10. Click to select the “Index this attribute in the active directory” and “Ambiguous Name Resolution” check box.

Enable ANR to search in outlook using "title"

1) Search for "title" — properties.

2) Click to select the “Index this attribute in the active directory” and “Ambiguous Name Resolution” check box.

Once AD Replication is complete, you can Search Global address book by telephone number , employee title..

Note : Please follow the same procedure if require to enable other attributes

How to view and export Active Directory Delegated Permissions?

June 11, 2013 3 comments

How to view and export AD delegate permissions assigned to an OU ?

Let’s check what’s the permission has been delegated to a OU.

View delegate permissions assigned to OU

1. Please open the ADUC and click View menu and check Advanced Features.

2. Please locate the specific OU and right click, then choose Properties.

3. Click the Security tab, click Advanced tab. All the permissions as well as the delegated permissions listed.

Export all permission assigned on specific OU to a text file

Moreover, we can use the dsacls tool to export all the security ACL on specific OU to a text file.

Please open a command prompt on the DC and run dsacls “<distinguish name of the ou>” > c:acl.txt

Syntax example:

For example, dsacls “ou=Marketing,dc=seneej,dc=com” > c:acl.txt

The dsacls tools is used for view and edit security ACL for AD objects.

windows 2012 based failover cluster console crash and hanging

June 10, 2013 1 comment

Recently, I added a node to existing windows 2012 based failover cluster. Everything went normal , but failover cluster console is getting crash and generating error as below .

Resolution

The issue is caused by applying the update 2750149. MS released hotfix to repair the issue . Please install hotfix 2803748 to repair the issue

How to Protect Active Directory Objects from Accident or intentional Deletion?

June 8, 2013 3 comments

Protect Active Directory Object from Accident or intentional Deletion.

Well, what precaution to be taken to protect active directory objects from accident deletion? Just administrators mistakes, domain user can be deleted from domain just couple of seconds.

The “Protect object from accidental deletion” option can be used to prevent deletion.

When “Protect object from accidental deletion” is enabled for a User or OU, Everyone group is denied Delete and Delete Subtree permissions on that object.

With “Protect object from accidental deletion”, permissions are set to deny deletion of AD object ,.If you select this, you won’t be able to delete the object on a quirk.( refer below image )

This setting is not enabled by default on all objects in Active Directory . When creating an object, it needs to be set manually.

How to enable “Protect object from accidental deletion” options for all objects in three steps?

Login in to Domain Controller

Start –All Programs-Administrative tools –Windows PowerShell module

Command 1 : Run below command to enable protection on all active directory users

Get-ADObject -filter {(ObjectClass -eq "user")} | Set-ADObject -ProtectedFromAccidentalDeletion:$true

Command 2 :Run below command to enable protection any Organizational Unit where the setting is not already enabled

Get-ADOrganizationalUnit -filter * | Set-ADObject -ProtectedFromAccidentalDeletion:$true

Command 3 :Run below command to enable protection for groups

Get-ADObject -filter {ObjectClass -eq "user" -or ObjectClass -eq "group"} | Set-ADObject -ProtectedFromAccidentalDeletion:$true

Example :

Screenshot of applying three coomands on DC

By applying above three commands your active directory protected from any accident deletion .

%d bloggers like this: