Contact & Subscribe RSS

LinkedIn
RSS

Archive by category "Windows Server 2012"

The WinRM client cannot process the request. If the authentication scheme is different from Kerberos

When a computer is not a domain member and there are no SSL Certificates available for HTTPS. You must change the trusted hosts on the client side.

Run: gpedit.msc
Then: Computer Configuration -> Administrative Templates -> Windows Components ->  Windows Remote Management (WinRM) -> WinRM Client
Last: Enable “Trust the remote machine” and add the server to the trustedhost field.

Or with PowerShell:

 

Get PowerShell version

Sometimes you need to check the PowerShell version of your Windows System, to get the PowerShell version you need to open a PowerShell prompt (taskbar type PowerShell).

This information is contained in the following variable:

Will give you the exact version.
Other commands which can be used are:

 

Get external IP Address using PowerShell

In some cases it can be useful to check your external IP Address within a PowerShell script.
So I created this little script:

Compact Dynamic VHDx file

There are many ways to compact a VHDx file. It can be done using SCVMM, Hyper-V manager or even diskpart.
In my situation the compact option doesn’t reduce the size, it was even bigger than before the compact.

I’ve tried to defragment the disk, migrate it or even clean it up inside / without any result.
The only way to get this job done is writing zero’s on the empty space.

This can be done with the tool SDelete, created by Mark Russinovich. The tool zeroes the empty space within the VHDx file.
Before running the tool delete al the un-needed and temporary files.

Sam Boutros created a nice little PowerShell function to get this job done. The package with SDelete and the script can be downloaded HERE.
Example script function parameters:

After running the tool the compact action will reduce the space.
Since Windows 2012 Microsoft has the new TRIM/UNMAP command founded, this works only when the Underlying storage supports this.

 

Enable disk performance counters Windows server 2012 / R2 taskmgr

In Windows server 2012 / R2 you doesn’t see the disk performance counters in Task Manager as you see in Windows 8.1.

Disk performance counters Windows 8

The simple solution for this is:

Open Powershell:
diskperf -y

Close the current taskmgr, and open a new one.
Voila. Really simple isn’t it?

Cannot access ADMIN$ share using a local administrator account

When the computer is not in a Domain and you must reach the admin$ share with a local administrator you have to edit the registry.

Test if you can access ADMIN$ share with a user who is member of the local administrators group.
If not, test it with the standard builtin administrator account. If this works try the following registry setting:

You need to add a new DWORD value in the registry.

Run -> Regedit
Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Add a new DWORD Value called: LocalAccountTokenFilterPolicy and give it the value of 1.

Local_administrator

Reboot the system.

Event: KDC_ERR_S_PRINCIPAL_UNKNOWN

Every 15 minutes this event logged on my SQL servers:

A Kerberos error message was received:
on logon session
Client Time:
Server Time:
Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN
Extended Error: 0xc0000035 KLIN(0)
Client Realm:
Client Name:
Server Realm:
Server Name:
Target Name:
Error Text:
File:
Line:
Error Data is in record data.

Error 0x0000035 means that we have an issue with duplicate SPNs.

Find duplicate SPNs on the server where the event occure

Run cmd as administrator:

setspn -X

Found 1 group of duplicate SPNs.

Look for duplicate SPNs in the domain

Run cmd as administrator on the domaincontroller.
ldifde -f C:\SPNs.txt -t 3268 -d dc="DOMAIN",dc="COM" -l serviceprincipalname -r (serviceprincipalname=*) -p subtree

Delete duplicate SPN

setspn -D MSSQLSvc/sql1.example.com:1433 sql1