how to grow a Hyper-V cluster shared volume CSV

how to grow a Hyper-V cluster shared volume, this can be run live and online.

1. You need to grow the parent disk. Normally this will be on a SAN. I wont put detailed steps here since it varies depending on your hardware but normally this is a simple process. Please note if your volume has 4k sectors you wont be able to grow larger than 16TB.

2. Load failover cluster manager and find out which node owns the disk. The disk probably already shows the larger size but the volume itself will still be the smaller size. Connect to the CSV owner.

3. Start an admin CMD window and run diskpart.

4. type “List volume” to list all volumes and find the one you want to grow:

DISKPART> list volume

Volume ### Ltr Label Fs Type Size Status Info
———- — ———– —– ———- ——- ——— ——–
Volume 0 System Rese NTFS Partition 350 MB Healthy System
Volume 1 C NTFS Partition 110 GB Healthy Boot
Volume 2 CSVFS Partition 4095 GB Healthy
C:\ClusterStorage\Volume4\
Volume 3 CSVFS Partition 5119 GB Healthy
C:\ClusterStorage\Volume5\
Volume 4 CSVFS Partition 5119 GB Healthy
C:\ClusterStorage\Volume6\
Volume 5 CSVFS Partition 9 TB Healthy
C:\ClusterStorage\Volume1\
5. type “Select volume x” where x is the volume you want to grow. in our case this is volume 5.
DISKPART> select volume 5

Volume 5 is the selected volume.
6. Type “extend” and press enter to grow the volume. You can then list the volumes again to check the size or verify in failover cluster manager.
DISKPART> extend

DiskPart successfully extended the volume.

DISKPART> list volume

Volume ### Ltr Label Fs Type Size Status Info
———- — ———– —– ———- ——- ——— ——–
Volume 0 System Rese NTFS Partition 350 MB Healthy System
Volume 1 C NTFS Partition 110 GB Healthy Boot
Volume 2 CSVFS Partition 4095 GB Healthy
C:\ClusterStorage\Volume4\
Volume 3 CSVFS Partition 5119 GB Healthy
C:\ClusterStorage\Volume5\
Volume 4 CSVFS Partition 5119 GB Healthy
C:\ClusterStorage\Volume6\
* Volume 5 CSVFS Partition 14 TB Healthy
C:\ClusterStorage\Volume1\

DISKPART>
7. Enjoy all the extra space.

WSUSpool keeps stopping and console shows reset node

I recently found myself in a situation where WSUS would only work for a few minutes or even seconds at a time. A restart or IISReset could bring it back for a few minutes but it would soon stop again. The Configuration manager console didn’t show any errors but it also could not see any new updates.

The event log contained this message:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Eventually the fix was to increase the amount of memory avaliable to the app pool from the default 1843200 KB – you could set this to 0 so there is no limit or to a higher sensible limit. After doing this and running an IISRESET the app pool remained running and I was able to syncronize new updates as well as service updates to clients.

To do this open up IIS and click the plus by your servername, then on “Application pools”. Next right click on WsusPool and then left click on “Advanced Settings”, then scroll down and locate the “Private Memory limit (KB)” near the bottom and edit this value to 0 or something higher.

Meltdown – Patching centos

The patches are out for centos 5/6/7 and you can install them simply by the normal update command.

yum update

and then restarting.

To check the patches are installed run:

rpm -q –changelog kernel | egrep ‘CVE-2017-5715|CVE-2017-5753|CVE-2017-5754’

and make sure you have entries for all three CVE numers.

Broken libc error: Can’t exec “locale”: No such file or directory at /usr/share/perl5/Debconf/Encoding.pm line 16.

When trying to fix a system that someone (something?) had managed to shoe horn a broken/old version of libc-bin onto an Ubuntu 14 server I ran in to this error when trying to run “Apt-get install” or “Apt-get upgrade”

Can’t exec “locale”: No such file or directory at /usr/share/perl5/Debconf/Encoding.pm line 16.
Use of uninitialized value $Debconf::Encoding::charmap in scalar chomp at /usr/share/perl5/Debconf/Encoding.pm line 17.
Preconfiguring packages …
dpkg: warning: ‘ldconfig’ not found in PATH or not executable
dpkg: error: 1 expected program not found in PATH or not executable
Note: root’s PATH should usually contain /usr/local/sbin, /usr/sbin and /sbin
E: Sub-process /usr/bin/dpkg returned an error code (2)
So you cant re-install or repair the libc package because the package manager depends on it working in the first place.

Fortunately we can download and install the package ourselves:

apt-get download libc-bin
dpkg -x libc-bin*.deb unpackdir/
sudo cp unpackdir/sbin/ldconfig /sbin/

This is enough to get apt-get install working again and we can reinstall the package properly, then upgrade.

sudo apt-get install –reinstall libc-bin
sudo apt-get install -f
sudo apt-get upgrade

Office 365 Lync / Skype for business users wont provision when you come from an on premises setup

Usually when adding a new 365 user to lync it is as simple as assigning the license and before long they automatically deploy.  In some situations when you are running an on premises install of lync and have setup dirsync users never provision.  This is true even when you have disabled them in the lync console.

It appears that the cloud based lync will not provision users if they are still setup on premises or have some lync related attributes set.  This makes sense as if you have setup users in the portal and licensed them you might not want them to all end up in lync 365 right away.

To get these users objects provisioning simply disable Lync for user on the in premises lync server control panel then clear/not set these attributes:

> msRTCSIP-DeploymentLocator
> msRTCSIP-FederationEnabled
> msRTCSIP-InternetAccessEnabled
> msRTCSIP-Line
> msRTCSIP-OptionFlags
> msRTCSIP-PrimaryHomeServer
> msRTCSIP-PrimaryUserAddress
> msRTCSIP-UserEnabled
> msRTCSIP-UserPolicies

Double check the user is licensed for Lync option 2.  Soon they should appear on the lync portal and be able to sign in.  (Assuming you have setup your DNS/Auto discover.

How to rebuild an SCCM PXE boot point

If your SCCM PXE boot point is failing and machines are showing errors such as:

PXE-04 access violation
RXE-04 error

or various other errors it may be necessary to remove and re-install the features to repair it.  The steps below should achieve this.

  1. Open the Configuration Manager console and navigate to Administration > Distribution points and right click on the server you run PXE on and select properties. Then navigate to the PXE tab and untick the enable PXE checkbox on the distribution point. Answer yes that you want to remove the Windows Deployment service.
  2. Next, navigate to Software library > boot images. Right click on each of your boot images and go to the “Content Locations” tab and remove them from this server.
  3. Check c:\Program Files\Microsoft Configuration Manager\Logs\distmgr.log and wait for it to say the WDS role has been removed. IF you are able to check the roles and features in server manager it should also say there is a restart pending.
  4. Delete the contents of your %windir%\temp directory and then restart.
  5. Check for a remoteinstall folder – this maybe on any drive – if it is still there delete it completely.
  6. Navigate back to Administration > Distribution points and right click on the server you run PXE on and select properties. Then navigate to the PXE tab and this time tick the enable PXE checkbox on the distribution point. Answer yes that you want to install the Windows Deployment service.
  7. Again monitor your distmgr.log and the server manager you should see entries similar to below: (And another pending restart)

WDS is NOT INSTALLED~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:06.938-60><thread=3992 (0xF98)>
Installing WDS.~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:06.938-60><thread=3992 (0xF98)>
Running: ServerManagerCmd.exe -i WDS -a~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:06.938-60><thread=3992 (0xF98)>
Failed (2) to run: ServerManagerCmd.exe -i WDS -a~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:06.938-60><thread=3992 (0xF98)>
Running: PowerShell.exe -Command Import-Module ServerManager; Get-WindowsFeature WDS; Add-WindowsFeature WDS~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:06.938-60><thread=3992 (0xF98)>
Waiting for the completion of: PowerShell.exe -Command Import-Module ServerManager; Get-WindowsFeature WDS; Add-WindowsFeature WDS~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:06.953-60><thread=3992 (0xF98)>
Sleep 30 minutes… $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:07.485-60><thread=1636 (0x664)>
Run completed for: PowerShell.exe -Command Import-Module ServerManager; Get-WindowsFeature WDS; Add-WindowsFeature WDS~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:10.000-60><thread=3992 (0xF98)>
Successfully installed WDS.~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:10.000-60><thread=3992 (0xF98)>
Failed to open WDS service.~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:10.000-60><thread=3992 (0xF98)>
WDS is NOT INSTALLED~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:10.000-60><thread=3992 (0xF98)>
WDS is not installed. Cannot configure PXE server to use WDS~ $$<SMS_DISTRIBUTION_MANAGER><04-10-2015 09:58:10.000-60><thread=3992 (0xF98)>

  1. If you see a pending restart – reboot the server.
  2. Again – navigate to one of your boot images and make a small change which will require the wim to be opened and edited. For example add a new small optional component or set a background image and follow the wizard to update the WIM.
  3. Distribute the wim to your PXE boot server.
  4. Repeat this for all your boot images – there should be at least one x86 and one x64 image.
  5. The distmgr.log should be full of encouraging entries if all is well the windows distribution service will have started and be working.
  6. Attempt a PXE boot.

The above is all that should be required to rebuild the PXE/WDS components. Depending on what has broken and why you are doing this you may also need to remove and re-add the management point. Check your logs for more information. Also don’t forget options 66 and 67 in DHCP and/or IP Helpers as required. Checking Wireshark or netmon on your SCCM PXE boot server should let you know if the traffic is getting to the right place.

Configure sendmail to relay via smarthost

Sendmail appears to be falling out of favour to other MTAs such as postfix but I often find myself using it because it tends to be available on every distribution and is still widely used.  Problems or security issues are usually quickly patched.  Sendmail is definately one of the harder MTAs to configure so if you are looking to do more than basic relaying you might be better of learning how to configure postfix instead.

Assuming you have sendmail pre-installed or installed via:

apt-get install sendmail

or

yum install sendmail  (you might also need to install m4 to build the configurations)

Make sure your sendmail host can resolve and reach your smarthost relay, if required add an entry to your hosts file or setup your resolv file.

vi /etc/hosts

Now edit the sendmail.mc file in your favorite text editor:

vi /etc/mail/sendmail.mc

As here we are only setting up a single smart host just add the line:

define(`SMART_HOST’, `server.fqdn’)

Where server.fqdn matches the entry in DNS or your host file.  Make sure you use the exact format above, it might help to copy and paste this into your config file via putty.

Once this is done we need to compile the sendmail configuration.  The easiest way is with the following command:

sendmailconfig

Respond yes to the various prompts and now your sendmail install should forward all emails out via the newly defined smarthost.

Failing this you could try using m4 with the following command: (Make sure you are in the right directory)

m4 sendmail.mc > sendmail.cf

While the default configuration is reasonable with sendmail it would be wise to make sure you aren’t creating an open relay here.  Consider checking and if required setting up an iptables /firewalld rule to block unwanted hosts from connecting to port 25.

Also review the contents of /etc/mail/relay-domains and make sure you are only relaying mail for domains you intend to.  Any changes here will require a sendmail service restart.

service sendmail restart

Convert a .pfx certificate to a .pem

As is often the case different bits of software require things in different formats and you might find yourself with a pfx file when you really need a pem file.

It is pretty simply to convert a pfx into a pem with open SSL. Assuming you are on windows download and install the win32 OpenSSL package from http://www.slproweb.com/products/Win32OpenSSL.html

Then you can simply open a command window and change directory to the location of your OpenSSL install. (by default C:\OpenSSL-Win32\bin)

Then execute the following command: (where C:\cert\certfile.pfx is your source pfx file and C:\cert\certfile.pem is the desired name and location of the exported pem file.)

C:\OpenSSL-Win32\bin>openssl pkcs12 -in C:\cert\certfile.pfx -out C:\cert\certfile.pem -nodes

Note: you will be prompted to enter an import password if the pfx file is password protected.

If all is well you should see “MAC verified OK” and the .pem file will be written.

pfx to pem with openssl screenshot

Drive Error when mounting an ISO in idraq: Either Virtual Media is detached or redirection for the selected virtual disk drive is already in use

When you try to mount an ISO file in iDRAQ you get the following message: Either Virtual Media is detached or redirection for the selected virtual disk drive is already in use
The screen looks like this:

drive error

To fix this:

  1. On the iDRAC screen, click on “System”.
  2. Then, click on the “Console/Media” tab and then on “Configuration”.
  3. Select “Attach” on the drop down under “Virtual Media”.
  4. Lastly scroll down and click on “apply”
  5. Mount the ISO as you did before, you should now be able to mount it as expected.