Keith Smith - My Blog - Twitter @_KeithIT


Keith Smith - My Blog - Twitter @_KeithIT > Microsoft

Unitrends to Nakivo

Wednesday, December 12, 2018 - Posted by Keith A. Smith, in Network, VMware, Microsoft

Six years ago I was still using LTO tapes as a primary backup method with backup exec to backup several terabytes of data from various servers. Some of the backups would take days to complete; some would complete successfully while others would complete with errors and on the flip side the recovery of data would take even longer than the backups would conclude with the high chance that the one wouldn't be able to recover anything at all. It was well past time to move from tapes to a D2D for backups; I started performing bake off's between may products at the time. The unitrends solution beat all the other D2D solutions by a wide margin, one of the many things that I liked about unitrends was that they didn't charge per client and they had an appliance that they had built and would support. As time had progressed the unitrends solution started to show it's age and has become very costly at renewal time, this is something that I've experienced multiple times as I've implemented the solution at many organizations.  The renewal costs have pushed many customers to go back to the drawing board (as a lot of customers had built their entire DR/BC plans around the unitrends solution) and evaluate other solutions. The unitrends solution had been a go-to for me for a long time when it came to designing DR/BC architecture; I now find myself saying goodbye to the unitrends solution in favor of the Nakivo for a D2D solution. The Nakivo backup and recovery solution is entirely web-based and comes as a virtual appliance, a package on a NAS or can be installed on a server you provision running *nix or windows. I've found the transition to quite pleasant, the support has been very knowledgeable, and the administration has been straightforward to navigate.


View Comments 0 Comments
Share Post   

Powershell add A resource records to DNS

Tuesday, September 18, 2018 - Posted by Keith A. Smith, in Microsoft

I wanted to take sometime to write up a quick how to for adding A resource records into a windows DNS server via powershell. In my case this is something that must take place before you use a product like observium because it requires all the network devices to have A resource record in DNS. To create these records it's best to do it in via scripting, in this case powershell using the below 3 cmdlets:





For a single entry you can use the following in powershell

Add-DnsServerResourceRecordA -Name Device1 -IPv4Address -ZoneName ADServername

The command is broken down below:

Add-DnsserverResourceRecordA = This is the CMDLET used to add A resource record only

-Name = -Name of the A resource record

-IPv4Address = Is the ip address of the resource

-ZoneName = is the zonename you are adding your record to

-ComputerName = -ComputerName is the name for Dns Server

-CreatePtr = This is optional, if you want to create ptr (Reverse lookup record entry).


Note: To view the changes in DNS manager you will need to right click and refresh the zone, if you have already opened DNS manager.

For a multiple entry situation you would need to do the following in powershell

To add multiple resource record from csv file, Here is below step by step tutorial. I have saved excel file as csv. (and it is saved in c:\temp location)

Open up a spreadsheet program and name the first column Name (this is the name of the device) the next column should be named IPv4Address (here you would put the static ip of the device. You would need add all your devices in the aforementioned columns.

Once your csv file is completed fire up powershell and run the following (modified the below path as needed)
Import-Csv driveletter:\folder\DNSEntries.csv | ForEach-Object { Add-DnsServerResourceRecordA -Name $_.Name -IPv4Address $_.IPv4Address -ZoneName -ComputerName ADServername}


Note: To view the changes in DNS manager you will need to right click and refresh the zone, if you have already opened DNS manager.


View Comments 0 Comments
Share Post   

Outlook google calendar sync

Wednesday, July 18, 2018 - Posted by Keith A.Smith, in Microsoft

The Gmail web UI hasn’t changed much over the years regarding the way it looks and it still is lacking features. I found that most prefer to use a mail client instead to send/receive mail which is a pro but the con to this method is synchronizing calendar items, insert outlook google calendar sync for the win. This solution is open source and works great, it can sync calendar items from your outlook calendar to your Gmail calendar or from your Gmail calendar to your outlook calendar, or it can do bi-direction sync which is most useful for those who bounce between the Gmail web UI and the outlook client. If you have Gmail and you use the outlook client I recommend installing this, don’t forget to enable the auto sync on it.

- End

View Comments 0 Comments
Share Post   

Active Directory Topology Diagrammer

Thursday, May 17, 2018 - Posted by Keith A. Smith, in Automation, Microsoft


Have you ever wondered…what does our Active Directory structure really look like? Do you want to automate the process of creating a diagram of Active Directory OU? As described on Microsoft’s download page for Active Directory Topology Diagrammer:
The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using LDAP, and then automatically generates a Visio diagram of your Active Directory and /or your Exchange Server topology. The diagrams may include domains, sites, servers, organizational units, DFS-R, administrative groups, routing groups and connectors and can be changed manually in Visio if needed.

If you need to create Active Directory drawings for Visio, then this is the utility that is going to do it for you in really detailed fashion.

You Don’t Create the Drawings From Inside Visio
Previous versions of Visio made connections into different data sources. For instance, you could ping networks and connect up to Active Directory.
Visio 2016 does not connect up to Active Directory directly, and the Active Directory Topology Diagrammer does not operate from inside Visio.

After downloading the AD Diagrammer, you run it independently. You actually don’t even need Visio on your machine unless you want to edit the diagrams. If you just want to view them, you can just use the Visio Viewer, or upload them to a SharePoint site with Visio Services enabled.

Running the Active Directory Topology Diagrammer

To create your Active Directory diagrams, start the AD Topology Diagrammer and provide it with the domain name in the Global Catalog Server / DNS Domain Name section of the main window. The tabs let you specify which parts of the directory information you want to diagram. You can also choose to update the drawings that are already there or to create new drawings. You can also choose whether or not to diagram the trusted domains, or just provide the details for the trusts. Choose whether you want your diagram to include user counts for each domain diagrammed.

For OU options, you can limit the number of levels to search in an OU and you can also include the names of any GPOs that are applied to an OU.

Options that you can set in the Sites tab let you decide if you want site connections listed, including empty sites, and whether or not to include subnet information in the AD diagrams being created. You can also specify whether or not to include all possible site connections for cases where the sites have more than 2 connections.

The Exchange tab allows the utility to connect into your Exchange Server to diagram the message connectors, as well as options like counting the number of mailboxes per server and overwriting the Routing Group information with AD Sites instead.

There’s only one options for diagramming the application partition, and that’s whether or not to diagram it! Make your choice and you’re done with this tab.

Likewise, you only need to set whether or not to include the DFS Replication settings for the DFS-R tab. There are no other options available for this section.
Finally, you can choose to diagram the servers in the AD Structure:

Options for the Server diagramming include whether to include the OS version that the server is running and whether to include the fully qualified domain name. If you’re mapping multiple domains, it may be helpful to color code them based on what domain they’re in.

Set the File Output Options and You’re Ready To Diagram

In the Options menu, you can modify the location of the diagrams. You can specify different locations for each file that’s going to be created for you.

There are also log files that are created for the AD Export data and any debug info for the Application.

This is a really awesome tool and I hope you find it useful. Happy AD Topo Diagramming Big smile


View Comments 0 Comments
Share Post   

event id 5807

Tuesday, March 27, 2018 - Posted by Keith A. Smith, in Microsoft

I recently encountered a rare event log entry event id 5807

During the past 4.22 hours there have been 24 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites.  The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\debug\netlogon.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize'; the default is 20000000 bytes.  The current maximum size is 20000000 bytes.  To set a different maximum size, create the above registry value and set the desired maximum size in bytes.

After doing a search for netlogon.log and taking a closer look at the netlogon.log file, I noticed that it doesn’t record the year of each entry, just the day and month.  I scrolling down to the bottom and all the most recent entries, I noticed that the ip address range had not been defined in AD Sites and Services.  The IP’s were from laptops connecting through the VPN which was assigning a completely different subnet,  so I just added the VPN subnet and everything was fine after that.

View Comments 0 Comments
Share Post   

Page  <1234...5>