Content on log files via browser

I’ve a client that runs special program on about 100 servers. This program writes a log on central server every 3 minutes. So, when I checked main server, I found a directory Logs (C:\Logs). Log’s directory contains many log files (each log for each server).  On this server installed and runs a web server, Apache ;). So, I’d like to show a small AppsRuns.php file, which stored on web server. If we go to the http://server1/AppsRuns.php we will see a content of each log file on one web page. This web page refreshing every 10 sec. Here is a content of AppsRuns.php file:

<?php
    $refresh_time = 10; // seconds
    $path = “C:LOGS”;

    header(”Content-Type: text/plain”);
    header(”Refresh: $refresh_time”);

    if($handle = opendir($path)) {
    while (false !== ($file = readdir($handle))) {
        $pi = pathinfo($path . ‘/’ . $file);
        if($pi[’extension’] === ‘txt’) {
        include($path . ‘/’ . $file);
        }
    }
    }
?>

Updates: Free Deployment System Scripts

I have made a small change in my “Free Deployment System“, the set of script allows to deploy, install or run applications on any remote computer.
Equally, I just added a few new lines. In to Config.bat added a new line:

set DSRV= 192.168.211.1

By using a DSRV environment i can set IP or Computer Name of my Deployment Server.
Also, added two new lines to the INSPKG.bat script (Script in original article already changed, so you can simply take a changed script). One of new lines contains following:

%Tools%psexec.exe \%RCOMP% -u %USR% -p %PASS% -i cmd /c md C:Updates

This line creates a directory C:\Updates on remote computer. I use C:\Updates on remote computer to copy there necessary scripts and source of installation programs. The other new line in INSPKG.bat is:

@echo set DSRV=%DSRV%> \%RCOMP%C$updatesconfig.bat

As you can see, by this line I create a config.bat file on remote computer and put in to environment, that sets a name or IP of our deployment server. Additionally, we need to change a package script. So, after changes, our package script looks like follow:

@echo off
call c:updatesconfig.bat
\%DSRV%packages7ZIP7z442.exe /S

So, now, if we are changed our deployment server, we have not to change our packages script.

Free Deployment System

All Network Administrators at least once thought about how to install a program on remote computer without ever touching it. Hopefully, today we have a lot of ways to achieve this goal. The very interesting part of it all is, when ever I provide a consulting services to companies, I hear the same question, “Michael, do you know any FREE solutions to distribute programs, patches or run anything on remote computers?”

I’d like to show you the solution, I’ve created for myself. Let’s call it “Free Deployment System :)”…

“Free Deployment System” contains a set of scripts and free tools. The heart of this system is a PSExec by Sysinternals.

Before I start, let’s clarify few pre-requirements. We need one server or computer that will hold off packages and scripts. The Deployment System will run on this system. We need a user with administration privileges on all remote computers (We can create a user on Domain level and set the necessary permissions to this user).

Ok, now we are ready to start.

Let’s created a directory structure on deployment server.

C:Operation
 |_Scripts
 |_Tools
 |_Packages

In my situation, I don’t have any files in C:\Operation directory. In C:\Operation\Tools directory I have tools that I have been using in my scripts. The main scripts of “Free Deployment System” are located in C:\Operation\Scripts. C:\Operation\Packages contains packages for remote installation. Set a Share on the C:\Operation\Packages and give all users Read Permissions.Now we need to create a few files in C:\Operation\Scripts directory. The first file is #Servers.txt. This file contains an IP addresses or Computer Name of remote computers. Each IP or name should be on new line. In my case #Servers.txt looks as follow:

192.168.3.95
192.168.3.96
192.168.3.97
192.168.3.98
192.168.3.99
192.168.3.10

The next file in our system will be a Config.bat. By using Config.bat I set credentials for connection to remote computers. Config.bat looks as follow:

@echo off
set DM=AdminInfo
set USR=TSAADMIN
set PASS=TSAPassWord

OK, now we are going to create a main script of our system. I named it INSPKG.bat, meaning “Install Packages”. Before show the content of INSPKG.bat I’d like to say a few words about how it works.

INSPKG.bat runs in loop and checks each line of #Servers.txt file and use this addresses as a destination where the installation package should be installed. When the package installed on last computer (last line in #Servers.txt file) INSPKG.bat will stop working. If you have too many computers in your network, the package deployment could take time, be patient. So, INSPKG.bat contains the following lines:

@echo off

Rem *****************************************************************************
Rem *       For 1 envirement use the Pakage file name                           *
Rem *       The general location of all Pakage is: C:OperationPackages        *
Rem *       On remote computer computer should be located  “C:Updates”         *
Rem *                                                                           *
Rem *       Websites:  http://thesystemadministrator.com                        *
Rem *                                                                           *
Rem *****************************************************************************

if {%1}=={} @Echo Please set the Pakagename.The format is INSPKG.bat 7Zip &goto :EOF

set Scripts=C:OperationScripts
set Tools=C:OperationTools
set Packages=C:OperationPackages

call %Scripts%Config.bat

SET IP-SRV=
SET LoopNum=
SET Line=
SET I=
SET RCOMP=
SET Line=0

TYPE %Scripts%#Servers.txt > %TEMP%SRVLIST.txt

FOR /F “TOKENS=*” %%a in (’%Tools%LINEX -c ^<%TEMP%SRVLIST.txt’) do set IP-SRV=%%a
SET /a LoopNum=%IP-SRV% + 1

:LOOP1
SET /a I=%I% + 1
SET /a Line=%Line% + 1
IF “%I%”==”%LoopNum%” goto END
FOR /F “TOKENS=*” %%a in (’%Tools%LINEX -l %Line% ^<%TEMP%SRVLIST.txt’) do set RCOMP=%%a

copy “%Packages%%1%1.bat”  “\%RCOMP%c$Updates\” /Y

@echo Please wait …

%Tools%psexec.exe \%RCOMP% -u %DM%%USR% -p %PASS% -i C:Updates%1.bat

SET Line=%Line%
goto LOOP1

:END
SET IP-SRV=
SET LoopNum=
SET Line=
SET I=
SET RCOMP=
SET Line=

INSPKG.bat should run from a console (cmd.exe) of our deployment server. The format is following:

C:OperationScriptsINSPKG.bat 7Zip

Where, 7Zip is a name of a package. As you can see, in this example, I’m going to deploy a 7-Zip to all computers, but before this I have to create a package. So, for this purpose I’m going to the C:\Operation\Packages directory and create a new directory, 7ZIP. Inside 7ZIP I create a file 7ZIP.bat and put the installation file of 7-Zip. I’m going to install a 7z442.exe on all computers. By using RTFM rule :), I know that to install a 7-Zip in silent mode I have to use switch /S. So, my 7Zip.bat contains the following lines:

@echo off
\192.168.3.39packages7ZIP7z442.exe /S

Note: Change 192.168.3.39 to the IP or name of your Deployment Server.

And, on the final, we need put necessary tools to the C:\Operation\Tools directory. Download last version of PSExec and put it to C:\Operation\Tools directory. In INSPKG.bat I’m using a very cool tool, LINEX.EXE. Linex.exe is a part of “Bill Stewart’s freeware Batch Script Tools”. When I wrote this article, I tried to find an official web site of “Bill Stewart’s freeware Batch Script Tools”, but failed. So, you can download a Linex.exe directly from my web site.As additional example, I’ve created packages for Acrobat Reader and Firefox.  Keep in mind to create a separate directory for each package. The Directory and name of package script should be the same, meaning if you are going to create a package for Firefox inside C:\Operation\Packages create directory Firefox and inside C:\Operation\Packages\Firefox create a script Firefox.bat and also inside C:\Operation\Packages\Firefox put the installation file of Firefox. Here is my Firefox.bat:

@echo off
\192.168.3.39packagesFirefoxFirefoxSetup2.0.0.9.exe -ms 

Note: Change 192.168.3.39 to the IP or name of your Deployment Server.

I hope I didn’t forgot anything .
Let me know what kind of package you are interesting in and I’ll try to create it. I’ll be very happy if you write comment for this article.

Sysinternals tools have been updated

Sysinternals Tools have been updated. PSExec v1.90 improves handling of arguments, BgInfo v4.12 offers improved reporting, Process Explorer v11.04 fixes a memory leak, ADExplorer v1.01, DebugView v4.72 and Process Monitor v1.26 fix some minor bugs.

Windows Server 2008 Technical Overviews

These technical overviews provide IT Professionals with information about how a Windows Server 2008 technology works. They may also cover design and planning considerations and basic setup and operating instructions.

The download contains the following documents:

• DNS Server Global Query  Block List
• Installing and Configuring and Troubleshooting the Microsoft Online Responder
• What’s New in Failover Clusters
• What’s New in Terminal Services for Windows Server 2008

Download: WS2008 Technical Overviews

SMB v2.0 in Windows Server 2008 & Windows Vista

Server Message Block (SMB), also known as CIFS (Common Internet File System) is the file sharing protocol used by default on Windows based computers.  Windows includes an SMB client component (Client for Microsoft Windows) and an SMB server component (File and Printer Sharing for Microsoft Windows).

SMB in Windows Server 2008 and Windows Vista support the new SMB version 2.0 that has been redesigned for today’s networking environments (wireless, possible high loss, timeouts, high latency, …) and for the needs of the next generation of file servers (EFS over the wire, Offline Files and Folders enhancements, …).

Machines running Windows Server 2008 and Windows Vista support both SMB v1.0 and SMB v2.0.  However SMB 2.0 can only be used if both client and server support it!!  So, the SMB protocol revision to be used for file operations is decided during the negotiation phase.

A Vista client advertises to the server that it can understand the new SMB 2.0 protocol.  If the server (Windows Server 2008 or otherwise) understands SMB 2.0, then SMB 2.0 is chosen for subsequent communication, otherwise they fall back to SMB 1.0.

This preserves “downwards” compatibility so that deploying Vista clients or Windows Server 2008 servers should be simple and straightforward.   The following list below describes what protocol will be used when communicating between different types of client and servers.

• Vista client <> Vista client or Windows Server 2008 – SMB 2.0
• Non-Vista client <> Vista client or Windows Server 2008 – SMB 1.0
• Vista client <> Non-Vista client or Non-Windows Server 2008 – SMB 1.0
• Non-Vista client <> Non-Vista client or Non-Windows Server 2008 – SMB 1.0

For an overview of the impact on network throughput, have to look at the white paper of a third-party benchmark study done by The Tolly Group which compares network throughput and time-to-completion of several tasks when using Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008 .

Source: http://trycatch.be/blogs/roggenk

What is Exchange Server Recipient Update Service (RUS)?

The Exchange Server Recipient Update Service (RUS) is responsible for maintaining address information about mail-enabled objects and for applying changes when you create or remove recipient policies (as described in the Microsoft article “XADM: How the Recipient Update Service Applies Recipient Policies“). If the RUS stops working, such changes won’t be applied correctly.

To know if the RUS is behaving badly, Check out the Microsoft article “How To Verify That the Recipient Update Service Is Working Correctly“.

Managing Windows 2008 Server Core through RDP

As described in previous articles, Windows Server 2008 has an interesting option to install it with a minimal graphical user interface (or GUI for short). This method of installation is called “Server Core“, and it allows an administrator to only install the minimum binaries required to run a specific server role (currently, there are 9 possible Server Core roles). You can read more about it on my “Understanding Windows Server 2008 Server Core” article.

To manage a server running a Server Core installation by using a terminal server client

1. On the server running a Server Core installation, type the following command at a command prompt:

   cscript C:\Windows\System32\ Scregedit.wsf /ar 0

   This enables the Remote Desktop for Administration mode to accept connections.

   In order to view your current settings you can type:

   cscript C:\Windows\System32\ Scregedit.wsf /ar /v

   

   If you see “1″ in the script output, that means that RDP connections are denied. If you see a “0″, they will be allowed.

   Note: If you are running the Terminal Services client on a previous version of Windows, you must turn off the higher security level that is set by default in Windows Server 2008. To do this, type the following command at the command prompt:

   cscript C:\Windows\System32\Scregedit.wsf /cs 0

To enable remote management from an RDP connection through the firewall

1. To enable remote management from any MMC snap-in, type the following:

   netsh advfirewall firewall set rule group=”Remote Desktop” new enable=yes

To open an RDP session with the Server Core machine

1. On the remote management computer, click Start > Run, type mstsc, and then click OK.
2. In Computer, enter the name of the server running a Server Core installation, and click Connect.

   

3. Log on using an administrator account.

   

4. When the command prompt appears, you can manage the computer using the Windows command-line tools.

   

   Note that while you’re logged on to the server, the original server console session is locked out.

   

5. When you have finished remotely managing the computer, type logoff in the command prompt to end your Terminal Server session.

Summary

Windows Server 2008 Server Core installations, like any other servers, require remote management. In order to allow for that, the server’s Firewall and registry settings need to be changed. This article showed you how to do that.

Managing Windows 2008 Server Core Local Settings

In Windows Server 2008, Server Core installation does not include the traditional full graphical user interface (GUI). Therefore, once you have configured the server, you can only manage it locally at a command prompt, or remotely using a Terminal Serverconnection. A third management option is to manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.

A Server Core installation provides these benefits in three ways:

• By reducing the software maintenance required (less updates, etc…)
• By reducing the management required
• By reducing the attack surface

To accomplish this, the Server Core installation option installs only the subset of the binary files that are required by the supported server roles. It takes about 1 GB of disk space and +/- 100 MB memory footprint (varies per server core role).

The following list is a compilation of some of the most useful commands allowing you to either locally or remotely manage a Server Core installation. You can use this as a quick reference guide, but as always, reading the full server help for a full guide.

To manage a server running a Server Core installation locally at a command prompt

1. Start a server running a Server Core installation.

   

2. Log on using an administrator account.

   

3. At the command prompt, use the appropriate command-line tool for the task you want to complete.

   

To add hardware to Windows Server 2008

1. If the driver for the hardware is included in Windows Server 2008, Plug and Play will start automatically and install the driver.
2. At a command prompt, open the folder where the driver files are located, and then run the following command:

   pnputil -i -a <driverinf>
   
   Where:

   driverinf is the file name of the .inf file for the driver.
   

3. If prompted, restart the computer.

To add a user to the local Administrators group

1. At a command prompt, type:

   net localgroup Administrators /add <domain>\<username>
    

To remove a user from the local Administrators group

1. At a command prompt, type:

   net localgroup Administrators /delete <domain\username>

    

To disable a device driver

1. At a command prompt, type:

   sc delete <service_name>

   
   Where: service_name is the name of the service that you obtain by running

To obtain a list of drivers that are installed on the server

1. At a command prompt, type:

   sc query type= driver

   
   Note: You must include the space after the equal sign for the command to complete successfully.

To manage event logs

1. To list event logs type:

   wevtutil el

    

2. To query events in a specified log type:

   wevtutil qe /f:text <log name>

    

3. To export an event log type:

   wevtutil epl <log name>

    

4. To clear an event log type:

   wevtutil cl <log name>

To list the running services

1. At a command prompt, type one of the following:

   sc query

   
   or

   net start

To start a service

1. At a command prompt, type one of the following:

   sc start <service name>

   
   or

   net start <service name>
    

To stop a service

1. At a command prompt, type one of the following:

   sc stop <service name>

   
   or

   net stop <service name>

To forcibly stop a process

1. Use the tasklist command to retrieve the process ID (PID).

   

2. At a command prompt, type:

   taskkill /PID <process ID>

    

To configure the firewall

1. Use the netsh advfirewall command. For example, to enable remote management from any MMC snap-in, type the following:

   netsh advfirewall firewall set rule group=”Remote Administration” new enable=yes

   
   Note: You can also use the Windows Firewall snap-in from a Windows Vista or Windows Server 2008 computer to remotely manage the firewall on a server running a Server Core installation. To do this, you must first enable remote management of the firewall by running the following command on the computer running a Server Core installation:

   netsh advfirewall set currentprofile settings remotemanagement enable

Configure the paging file

1. At a command prompt type:

   wmic pagefileset where name=”<path/filename>” set InitialSize=<initialsize>,MaximumSize=<maxsize>

   
   Where:

   • path/filename - is the path to and name of the paging file
   • initialsize - is the starting size of the paging file in bytes.
   • maxsize - is the maximum size of the page file in bytes.

To install an optional feature

1. At a command prompt, type:

   start /w ocsetup <featurename>

   
   Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.

   Where featurename is the name of a feature from the following list:

   • Failover Clustering: FailoverCluster-Core
   • Network Load Balancing: NetworkLoadBalancingHeadlessServer
   • Subsystem for UNIX-based applications: SUACore
   • Multipath IO: MultipathIo
   • Removable Storage: Microsoft-Windows-RemovableStorageManagementCore
   • Bitlocker Drive Encryption: BitLocker

   
   Note: To install the remote administration tool for BitLocker, type the following at a command prompt:

   start /w ocsetup BitLocker-RemoteAdminTool
    

   • Backup: WindowsServerBackup
   • Simple Network Management Protocol (SNMP): SNMP-SC
   • Windows Internet Name Service (WINS): WINS-SC
   • Telnet client: TelnetClient

   
   Note: To remove an optional feature, use start /w ocsetup with the appropriate role name and the /uninstall switch.

To reboot the server

1. You can reboot the server by typing the following at a command prompt:

   shutdown /r /t 0

To change the name of the server

1. Determine the current name of the server with the hostname or ipconfig /all commands.
2. At a command prompt, type:

   netdom renamecomputer <ComputerName> /NewName:<NewComputerName>

   
   Note: You can obtain the name of the server by running the hostname or ipconfig /all commands.
   

3. Restart the computer.

To change the name of a domain-joined server

1. At a command prompt, type:

   netdom renamecomputer %computername% /NewName:<new computer name> /userd:<domain\username> /password:*

    

To set the administrative password

1. At a command prompt, type the following:

   net user administrator *

    

2. When prompted to enter the password, type the new password for the administrator user account and press ENTER.
3. When prompted, retype the password and press ENTER.

Hello world!

Hello Admins!

I’m glad to start a new blog here and I really hope that this will be a great way to share with colleagues worldwide.

Owner of The System Administrator website where I’ve already published hundreds of articles about System Administration, I’m willing to contribute actively to the Network Administrator Knowledgebase.

All the Best!