Fixing things

WMI reset failed

by on Jun.30, 2014, under Hyper-V, SCCM, Windows 2012 R2

Recently I have found myself in a position where I have needed to reset WMI to resolve various problems such as SCCM client failing to install/detect and disappearing cluster namespaces.  Generally resetting the WMI is a last resort and should only be tried when you have tried all other options. e.g. restart WMI service, restart server.

The command to reset the WMI repository must be run in an admin / elevated command prompt:

winmgmt /resetrepository

However sometimes this fails with this error:

C:\Users\adminuser>Winmgmt /resetrepository
WMI repository reset failed

Error code:     0x8007041B
Facility:       Win32
Description:    A stop control has been sent to a service that other running services are dependent on.

While it is possible to work around this by stopping the dependent services manually or even editing the registry so that nothing is dependent on this (as I have seen suggested else where) there is a much easier solution.

1. Launch an elevated (admin) powershell window.

2. Enter the following command.

Stop-Service winmgmt -Force; winmgmt /resetrepository

3. Restart the computer you just reset the WMI repository on.

Leave a Comment more...

User Profile Service service failed the logon. User profile cannot be loaded

by on Apr.07, 2014, under windows 2008 R2

Most people who work in a windows environment for some time will have seen profile corruption before where a single user cannot log in or looses settings with the fix often being to log on as someone else and remove the profile completely allowing a new working profile to be created or restoring from a backup.  But what about when no one can log in including new users?  I recently came across this problem where a server gave everyone who attempted to log in, including new users a “User Profile Service service failed the log in. User profile cannot be loaded” message.

Profile error message

Everything else was working correctly, I could remotely stop and start services, browse administrative shares and even open the registry.  The culprit turned out to be bad permissions on the default user profile.
To fix, make sure you have turned on show hidden files and folders and also unticked “Hide protected operating system files” on the computer you are connecting from.

unhide files and folders

Next, browse to the administrative C: drive share on the computer which fails all log ons:  \\computername\c$\users\ and right click on “default” and then on “properties”

Next click on the “Security” tab at the top and then on the “advanced” button at the bottom. (You should see the window below)

Advanced Permissions

Next, click on “Change permissions” and then tick the box next to “Replace all child object permissions with inheritable permissions from this object” and then on OK.  This should re-apply the permissions on this folder and permit profiles to be re-created again.

replace child permissions with inheritable

Leave a Comment more...

Convert a .pfx certificate to a .pem

by on Mar.03, 2014, under Uncategorized

As is often the case different bits of software require things in different formats and you might find yourself with a pfx file when you really need a pem file.

It is pretty simply to convert a pfx into a pem with open SSL. Assuming you are on windows download and install the win32 OpenSSL package from

Then you can simply open a command window and change directory to the location of your OpenSSL install. (by default C:\OpenSSL-Win32\bin)

Then execute the following command: (where C:\cert\certfile.pfx is your source pfx file and C:\cert\certfile.pem is the desired name and location of the exported pem file.)

C:\OpenSSL-Win32\bin>openssl pkcs12 -in C:\cert\certfile.pfx -out C:\cert\certfile.pem -nodes

Note: you will be prompted to enter an import password if the pfx file is password protected.

If all is well you should see “MAC verified OK” and the .pem file will be written.

pfx to pem with openssl screenshot

Leave a Comment more...

Drive Error when mounting an ISO in idraq: Either Virtual Media is detached or redirection for the selected virtual disk drive is already in use

by on Feb.24, 2014, under Uncategorized

When you try to mount an ISO file in iDRAQ you get the following message: Either Virtual Media is detached or redirection for the selected virtual disk drive is already in use
The screen looks like this:

drive error

To fix this:

  1. On the iDRAC screen, click on “System”.
  2. Then, click on the “Console/Media” tab and then on “Configuration”.
  3. Select “Attach” on the drop down under “Virtual Media”.
  4. Lastly scroll down and click on “apply”
  5. Mount the ISO as you did before, you should now be able to mount it as expected.
Leave a Comment more...

Enabling Agent Proxy for all System Center Operations Manager Agents

by on Jan.23, 2014, under SCOM

SCOM is likley to require the proxy to be enabled on a large number of agents, certainly it is the case with a lot of the management packs and it can often be easier to enable it on all agents and then turn it off on the agents which don’t require it.

In any case, enabling the SCOM agent proxy on all agents is a simple power-shell one liner:

Get-SCOMAgent | where {$_.ProxyingEnabled.Value -eq $False} | Enable-SCOMAgentProxy

You can always modify the filter as required to match your own needs.  For example, to only enable the proxy on Agents installed within the last 3 months:

Get-SCOMAgent | where {$_.InstallTime -gt ((Get-Date).AddMonths(-3))} | Enable-SCOMAgentProxy

Leave a Comment :, more...

pfsense ERROR: exchange Identity Protection not allowed in any applicable rmconf. on VPN tunnel

by on Dec.20, 2013, under Uncategorized

This error doesn’t give many clues as to whats wrong but it turns out it is usually a simple fix and is caused by a mismatch between the main / aggressive setting on the negotiation of phase one.  Simply make sure both ends match, or if the setting is not available at one end change it on the pfsense.


Leave a Comment :, , more...

Installing .NET 3.5 on Server 2012 and 2012 R2

by on Dec.19, 2013, under Windows 2012, Windows 2012 R2

.net 3.5 is still often requires but the resources to install it are by default absent from the windows installation.  If you have interenet connectivity this isnt such an issue as the files are simply pulled down from microsoft but if you are performing an offline build or are in a dev/secure environment with no connectivity it can be problematic.

Personally I find the fastest method is to mount/insert the 2012 installation media and install the feature with DISM.  Open an elevetates (run as admin) command window.

dism /online /enable-feature /featurename:NetFX3 /all /Source:d:\sources\sxs /LimitAccess

Simply change “d” to match the drive letter your install media is available at.

Dism install


If the GUI is more your sort of thing simply run the “Add roles and features” wizard and select the .NET 3.5

Click next and locate the “Specify and alternate source path” link at the bottom of the window.  Click this.


alternate source


In the window that loads type in the path to your side-by-side folder on the installation media.

alternate source window


Click on OK and on Install to start .NET 3.5 installing.

1 Comment :, , , , more...

SharePoint Correlation error: system.invalidoperationexception: namespace prefix ‘xsd’ is not defined. When using the person picker.

by on Nov.12, 2013, under SharePoint

This is an interesting problem which only occurs when the people picker is being run in IE9 mode.  You may find older versions of IE work without issue and other browsers too.  A quick server side fix can be implemented by opening the pickerdialog master file and editing the header.  The file should be located here: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\pickerdialog.master

Simply add the following to the top of the file using your favorite text editor.

                <meta name=”GENERATOR” content=”Microsoft SharePoint” />
                <meta http-equiv=”X-UA-Compatible” content=”IE=EmulateIE8″ />

You should then perform an iisrest.  Either use the IIS graphical tools to do this or in an eleveted command window run IISRESET /noforce

As always take a copy of the master file before editing and if possible test this change in your dev/test environment first.  (You do have one right?)

Leave a Comment :, , more...

Upgrading System Center Configuration Manager to 2012 R2

by on Nov.07, 2013, under SCCM

First I would suggest you have a good read of as this details the compatibility between different versions of configuration manager.  Things are a lot simpler if you are only running a single server but even so it is worth a read.  It is only possible to upgrade your configuration manager hierarchy to 2012 R2 from 2012 so if you are running an earlier version you will need to upgrade to 2012 first.

There are also a number of pre-upgrade checks and tasks to complete which are detailed here: I would also strongly suggest you don’t attempt an upgrade unless all site servers are showing as healthy.

Hopefully you will already have an offline copy of the 8.1 ADK to install, but if not you can download it here: I would suggest getting the offline download going ahead of the upgrade as it is a large file and could delay your upgrade if you have a slower internet connection.

Any default collections which have been customized will be overwritten with the default collection configuration.  Either document their current custom configuration so you can re-apply it later or (my preferred method) is to create new custom collections and leave the default ones alone.

If you have a large Configuration Manager setup with a CAS you will need to do this server first and then work your way down the hierarchy and onto the primary sites.

It would also suggest that you check the connectivity between all of your system center servers,  I’m sure you would notice quite quickly if you did have connectivity problems but it does surprise me how often this can be an issue.  You can use Powershell to accomplish this e.g. Test-Connection -Source siteserver1, siteserver2, siteserver3 -Computername siteserver1, siteserver2, siteserver3

As documented on TechNet do backup your site SQL databases and do disable all maintenance tasks which may run while the upgrade is in progress.  These steps will help you avoid a failed upgrade and assist you in recovering from one if it does fail.  The list of maintenance tasks can be found in “Administration” > “Site Configuration” > “Sites” > Highlight your site > and click on “Site Maintenance” on the ribbon.  You can click on edit to check the schedule of a task and determine if it is likely to run during your upgrade.  I would suggest you document any changes made so that you can revert them after the upgrade.

1. Remove the Windows 8 ADK.

1.uninstall windows pe

2. Install the Windows 8.1 ADK (See above for download link.) you will only need the Deployment tools, Windows Preinstallation Enviroment (Windows PE) and User State Migration Toolkit (USMT).

2.install windows pe

3. It is not required but I would suggest you restart the server after the ADK install to clear any pending actions as I have in the past seen upgrades fail due to this.

4. Now you are ready to run setup from the System Center Configuration Manager 2012 R2 Disk.  The steps within the wizard are reasonably straight forward.  Simply select “Upgrade this Configuration Manager Site” and accept the various terms and conditions.


3. upgrade site

5. Next I would suggest downloading the required files to a UNC share so you can use them again for future upgrades.


4. download pre-reqs

6. Once the files complete downloading, select the required languages and then click next and review any warnings or errors from the pre-requisite checker.  If you are performing this upgrade on lower specification machines in a lab you will likely get warnings about available memory.  These can be ignored if it is not a production environment.

7. Once the pre-requisite checker is happy you can start the install.  I would go and make yourself a cup of tea, go to lunch or carry on with other work as it will likely take some time to complete.


5. upgrade in progress

8. If the upgrade is successful you can move on to the post update configuration tasks or upgrading your other primary sites but if you encountered any errors or a failure click the View log button and take appropriate remedial action.  I would suggest saving the setup log file even if you had a successful upgrade as it can prove useful later on in troubleshooting or to compare between successful and failed upgrade logs.


8. complete

Post Upgrade Tasks

1. Upgrade any stand-alone consoles you have installed, for example on management servers or workstations.  Don’t worry about the Configuration Manager server itself, this will already be updated.

2. Either let the Automatic Client upgrade process do its stuff and keep a watchful eye on it over the next few days or manually push out the updated client from System Center.

3. Test that some of the core functionality is still working, try deploying some content and check that you are still able to PXE boot and deploy operating systems.  Sometimes it is necessary to re-create task sequences.

4. Check the boot images are 6.3.9600.16384 (or later if using a later version of the ADK) as this is required to support 2012 R2 and 8.1 deployments.  If not just create and import new boot images.

5. All your remote sites should have been upgraded as well, check that they are still working correctly and if not check your sitecomp.log file.

Leave a Comment :, , , , more...

Upgrading System Center Virtual Machine Manager 2012 SP1 to R2

by on Nov.06, 2013, under VMM

The upgrade process is reasonably smooth but requires you to uninstall the SCVMM 2012 SP1 and any Hotfixes or update rollups that are in place.  You will also need to uninstall the 8.0 Microsoft ADK and install the latest 8.1 version before running setup from the Virtual Machine Manager 2012 R2 disk.  The 8.1 ADK can be found here:

Before starting gather and record the details of the existing implementation if not already documented.  For example the database server, instance name, database name and the details of the virtual machine manager service account.  You can view the current database configuration from within the VMM console.  While in the “Administration/Settings” view, click on “General” and then double click “Database Connection” While it is possible to use the local system service I would recommend creating a domain user for the service to run as with a local system service account baremetal hyper-v host deployments are not possible and you may have trouble logging in from other machines.

I would also make sure at least 10GB of free space is available on the VMM server as the 8.1 ADK is quite large.

  1. Uninstall both the VMM 2012 condole and management features. Make sure you select the option to retain the database.
  2. Take a backup of your SCVMM database.
  3. Uninstall the 8.0 ADK
  4. Install the 8.1 ADK – If you are using the online installer a large amount of data will need to be downloaded.  If this is not possible consider running the installer ahead of the upgrade and download the full install for later offline installation.
  5. Run setup from the VMM 2012 R2 disk
  6. Simply follow the wizard entering the database and service account details you recorded earlier
  7. Once setup is complete there are a few tasks left to complete: Any driver packs will need to be removed and re-added or they may not be discovered correctly.  Virtual Machine templates may need to be re-pointed to the correct operating system containing VHD.  You will also of course need to update the agents on all of your VMM managed hosts.
Leave a Comment :, , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!