Browsing Category: "Servers"

Taking a WinDump

Scripting, Servers April 4th, 2011

I’ve had to troubleshoot a number of network related issues recently.  I love WireShark, but I don’t want to install it on every server.  I’m still a bit hesitant on installing the WinPcap drivers on servers as well, but when you need to grab network traffic on the Windows platform, it is one of the easier ways.

(Yes.. I know I should have a monitoring box on a span port that I could do this off of, but it becomes a bit more complicated in a virtual environment.)

So, I’ve compromised a bit.  I’ve been using the WinPcap drivers and WinDump from the command line to create the network captures.  Then I can use WireShark on my desktop to analyze the traffic.

The command line I used for WinDump was something like:

C:\WinDump.exe -n -s 0 -vvv -w mynetworkcapture.pcap

The “–n” skips the DNS resolution (which makes it a bit more consistent to read through).The “–s 0” captures the full packet.  “-vvv” captures additional packet details.  And last, but not least, “-w mynetworkcapture.pcap” is the file name (and relative path) to where the capture could be saved.

There are many, many other options, but this got me a quick grab of traffic that let me isolate my problem in WireShark and get to the resolution I needed.

SCCM 2012–Moving Backwards In Time

Servers March 24th, 2011

System Center Configuration Manager 2012’s 2nd Beta is out for download.. but don’t bother if you are running a patched or current SQL Server…

It appears that the Configuration Manager team decided to step back in their support of current database servers.  Starting with Configuration Manager 2007 R2, the following were supported:

  • SQL Server 2005 with SP2 or SP3
  • SQL Server 2008, SP1, or SP2
  • SQL Server 2008 R2

According to the beta System Requirements documentation (remember this is beta, which in Microsoft parlance means bug fixes, not a lot of changes, etc..)

Configuration Manager requires 64-bit SQL Server 2008 Standard Edition or SQL Server 2008 Enterprise Edition, running Service Pack 1 with at least Cumulative Update 10 . Other versions of SQL Server, such as SQL Server 2008 with Service Pack 2 or SQL Server 2008 R2, are not supported.

If you are looking for something that is not so picky, but get’s you a good bit of the functionality, I’ve started to look at Admin Arsenal.  I’ve just downloaded one of their products and I’ll get a chance to look deeper later, but it seems to be a bit lower friction.

On a side note.. the guys at Admin Arsenal are supporting this year’s PICC event.

OCS 2007 R2 Certificates

Scripting, Servers March 16th, 2011


Some of our internal certificates for OCS were coming due for replacement.  I did a simple web search for “Find all certificates for Office Communication Server 2007 R2” and I got very little help..

And of course, OCS does not support wildcard certs Sad smile (but does take wildcards in Subject Alternative Names (SAN).. go figure..)

So for those who just want a reference of what certs are used where.. (Subject Name (SN) and Common Name (CN) are used somewhat interchangeably.. Common Name is the most import item to OCS)

Outcome (it’s not pretty folks…):

I give you (working from the outside in):

  1. Edge Server

    1. Description:
      1. The first cert needed is a Web Conferencing Edge Server. 
      2. SAN Required – No.
      3. These are public facing certs, so you’ll likely want to get these from a cert provider.
      4. Even if you are issuing them yoursefl, you’ll notice that these cert requests are generated offline, as the edge server is usually in a restricted portion of the DMZ without direct access to your internal CA.
    2. Example:
      1. SN:
    3. Command:
      1. To create the cert request: LcsCmd /cert /action:request /friendlyname:”Web Conference Edge” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /fileName:”C:\CertHold\webedge.req” /L
      2. To import the response: LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CAResponse.cer” /assign:true /Components:DP /L
    4. Description:
      1. The second cert required is for Audio/Video Authentication Edge Server.
      2. SAN Required – No.
      3. This is used for internal communication to the rest of the OCS infrastructure.
      4. If you are using an internal cert, you will have to install the certs on the cert chain as well to make them trusted on this server.
    5. Example:
      1. SN:
    6. Command:
      1. LcsCmd /cert /action:request /friendlyname:”AV Edge” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /fileName:”C:\CertHold\avedge.req” /L
      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CAResponse.cer” /assign:true /Components:MR /L
    7. Description:
      1. The third cert is required for the Internal Edge. 
      2. SAN Required – No.
      3. This is for encrypting and decrypting traffic between external clients and the “next hop” server (usually the director or pool).
      4. This can be an internally issued cert.
    8. Example:
      1. SN:
    9. Command:
      1. LcsCmd /cert /action:request /friendlyname:”Internal Edge” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /fileName:”C:\CertHold\internaledge.req” /L

      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CAResponse.cer” /assign:true /Components:INTERNAL /L

    10. Description:
      1. The fourth cert required covers the Access Edge.
      2. SAN Required: Possible, if there are additional domains covered for external access.
      3. This is for the default address.
    11. Example:
      1. SN:
      2. SAN:
    12. Command:
      1. LcsCmd /cert /action:request /friendlyname:”Access Edge” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /, /fileName:”C:\CertHold\accessedge.req” /L
      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\accessedge.cer” /assign /Components:AP /L

  2. Reverse Proxy

    1. Description:
      1. The Reverse Proxy provides a way for external users to access content, expand address lists, and otherwise do things require more access.
      2. SAN Required – Maybe.
    2. Example:
      1. SN:
    3. Command:
      1. LcsCmd /cert /action:request /friendlyname:”Web Proxy External” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /fileName:”C:\CertHold\webproxyext.req” /L
      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CAResponse.cer” /L
  3. CWA Server

    1. Description:
      1. The CWA certificate supports IM, PSTN call in, desktop sharing, etc..
      2. SAN Required – Yes.
      3. Note – The DNS name might be behind a reverse proxy.. in that case, you might need two certs (an internal and a public cert).
    2. Example:
      1. SN:
      2. SAN:,,
    3. Command:
      1. LcsCmd /cert /action:request /online:false /friendlyname:”CWA” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /san:,, /fileName:”C:\CertHold\CWAext.req” /L
      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CWAResponse.cer” /assign:true /L
  4. Director

    1. Description:
      1. SN set to the FQDN of the director.
      2. SAN Required – Yes, set to the SIP DNS for each domain. 
    2. Example:
      1. SN:
      2. SAN:
    3. Command:
      1. LcsCmd /Cert /Action:request /online:true /assign:true /\MOR-CA /caAccount:MOR\Admin /caPassword:P@ssword1 /friendlyname:”MOR-Director SIP”/ /OU: IT /org:MOR /city:SomeWhere /state:Else /country:US /san:* /L
  5. Mediation Server

    1. Description:
      1. The Mediation Server coordinates enterprise voice traffic
      2. SAN Required – No.
    2. Example:
      1. SN:
    3. Command:
      1. LcsCmd /cert /action:request /online:true /friendlyname:Mediation Server / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /fileName:”C:\CertHold\mediation.req” /L
      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CAResponse.cer” /assign:true /L
  6. Front End Server

    1. Description:
      1. SN set to the FQDN of the enterprise pool name or server. 

      2. SAN Required – Yes, set to any alternative DNS names for the pool and server. 
    2. Example:
      1. SN:
      2. SAN:,,
    3. Command:
      1. LcsCmd /Cert /Action:request /online:true /assign:true /\MOR-CA /caAccount:MOR\Admin /caPassword:P@ssword1 /friendlyname:“MOR-FE Front End SIP” / /OU: IT /org:MOR /city:SomeWhere /state:Else /country:US /san:*, /L
  7. Group Chat

    1. Description:

      1. The Group Chat cert should reference the DNS for the Group Chat server.
      2. SAN required – Maybe, if you have multiple DNS entries for group chat.
    2. Example:
      1. SN:
      2. SAN:
    3. Command:
      1. LcsCmd /cert /action:request /online:true /friendlyname:”Group Chat Server” / /ou: IT /org:MOR /city:SomeWhere /state:Else /country:US /, /enableClientEKU:TRUE /fileName:”C:\CertHold\groupchat.req” /L
      2. LcsCmd /cert /action:ImportResponse /fileName:”C:\CertHold\CAResponse.cer” /assign:true /L

Licensing in Any World

Servers, Vendors March 14th, 2011

Brian Lewis (IT Pro Evangelist for Microsoft) recently blogged about licensing in a virtual world.  He made some interesting points about Datacenter edition licensing as VM density grows.

All that talk of licensing reminded me of a tool I’ve used to manage and license machines in my network – the Volume Activation Management Tool (VAMT) version 2.0.  Version 2.0 has some updated features, including managing Office 2010 licensing in addition to Server 2008 R2 and Windows 7.  There is a version 1.1 of the tool that will manage licensing for Vista, Server 2008, Win 7, and Server 2008 R2.

Starting Performance Monitoring

Automation, Scripting, Servers December 30th, 2009

Previously, I’ve been in control of the environment that I have been monitoring, so I was able to integrate that performance monitoring into PolyMon.  Now that I have a slightly different scenario, I’ve had to modify my performance monitoring strategy.

I’ve mainly been concerned about general server performance, as well as IIS and SQL performance (Basic, IIS, SQL 2005, IIS and SQL 2005), so I’ve been using counter sets that mirror that.

Then I wrapped a couple of calls to logman.exe, which is the command line interface to PerfMon counters.

To create the counter, I used

logman create counter BlackBox -v mmddhhmm -cf Counters.txt -si 00:10 -f bincirc -o “c:\Perflogs\Blackbox_%computername%” -max 250

which creates a counter named “BlackBox” (like a flight recorder).

The command also:

  • reads in the counters from a text file (see my examples above). 
  • sets the sample interval to be every 10 minutes (“-si”).
  • sets the log file is a binary circular file (set by the ‘”-f”), which would be a maximum of 250 MB (set by “–max”)
  • sets the log file location and name (using the computer name environmental variable to append the computer name to the log file) and the “-v” option also adds the month, day, hour, and minute of the start of the log to the file name.

After creating the counter, I used

to start the capture of the counter information.

Finally, I have another command to stop the capture, so when there is an issue or after a specified period of monitoring, I can grab the log file and feed it to PAL or load it in PerfMon (on Server 2008 or greater – as PerfMon got some nice feature bumps with the more recent releases) and analyze it there or export it to a CSV file to slice into it with Excel.

Have Fun!


Runas Radio Shows –

Technet Article – Taking Your Server’s Pulse

PAL – Performance Analysis Of Logs

Sharing a Wireless Network Card in Hyper-V

Networking, Servers October 19th, 2009

I’m currently running Server 2008 R2 (from a VHD) as one of the OSes on my work laptop.  Thanks to the site, I was able to get my wireless card working.  

Problem – When I went to create a virtual network in Hyper-V, the wireless network interface was not an option.

Solution – I created a loopback adapter and bridged it to my wireless network card.  I was able to create a virtual network that included the bridged connection and my VMs were able to access my wireless network.

Coming up on the Live Stream (Episode #77)…

Automation, Career, Podcast, Scripting, Servers November 24th, 2008

We will be streaming episode #77 live on on Wednesday, November 26th at 8:30 PM CST.  We will have Brent Ozar, SQL Server Expert for Quest Software, joining us to talk about becoming a DBA (Database Administrator), a sysadmin’s guide to working with DBA’s, and tips for sysadmins who have become “Accidental DBA’s”.  We’ll also have a discussion about DBA’s and scripting, and some news from the PASS (The Professional Assoication for SQL Server) Summit.

 See you there!!

Hyper-V Server Now Available!!!

Servers October 1st, 2008

Microsoft has released for download the Hyper-V Server, which is just the hypervisor.  From the website –

Since Hyper-V Server is a dedicated stand-alone product, which contains only the Windows Hypervisor, Windows Server driver model and virtualization components, it provides a small footprint and minimal overhead.

This version is recommended for Server Consolidation, Test & Development, and Mixed OS Virtualization (Linux and Windows).  It does not includes some of the more advanced features for Clustering or Quick Migration.

You will need an instance of Server 2008, Vista with the Hyper-V Manager MMC, or using System Center Virtual Machine Manager.

Hyper-V Server is a free download and available today.

You can get it here.

Windows Server Staging Procedure

Geek Stuff, Networking, Security, Servers June 26th, 2008

My apologies for the long delay in getting this out. This is a sanitized version of my Server Staging Checklist for Windows 2000/2003 servers. I use this as a guide when staging new servers to prevent missing those little detail tweaks. The original document was developed as part of a comprehensive set of policies and procedures at my former company to promote standard server builds throughout my line of business. I used our corporate server groups document as a basis and modified and added to it to suit our environment. You may have different requirements in your organization, but hopefully it will serve as a foundation for you.

Let us know your thoughts and suggestions about the document through feedback here on the blog or email the show at Feedback [at]

Windows Server Staging Procedure

Hyper-V Releases Today

Servers June 26th, 2008

Via Greg Shields at the Concentrated Technology blog

Hyper-V is being released today.  I really excited about Hyper-V and am going to be deploying it in my environment soon, to replace some Virtual Server 2005 installs.

I’ve used it a bit in a test environment and it works great.  More information here.