WDS’s Service Control Point

Posted on by
Reply

Today I was alerted to an issue in Operations Manager on one of my WDS servers:

Log Name: System/Application
Source: BINLSVC
Date: Date
Time: Time
Event ID: 1803
Description: An error occurred while attempting to locate the Service Control Point object for this Windows Deployment Services server in Active Directory Domain Services. There was an error reading the ‘netbootSCPBL’ attribute from the Computer object.

Research ensued, and a quick Googling (sorry Google) revealed the following:

When the computer starts, BINLSVC queries for the information that is contained in the Service Control Point (SCP), this operation is performed before the creation of the SCP, and then BINLSVC logs an error message in the Application log or the System log. This error message states that the server’s SCP is missing. This is expected behavior on new WDS servers and in other instances where the SCP has not yet been created for the server. In this case, you can safely ignore the error that is logged in the Application log or the System log.

However, the problem here is that this is not a new WDS server.  So, I came across this from another Google result.  It doesn’t really apply to my situation (as I was not moving the Computer object to a different OU), but it fixed the error and restored the SCP.

For posterity:

To resolve this problem, reinitialize the WDS server after you move the WDS server to a different organizational unit. To do this, follow these steps:

  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type wdsutil /uninitialize-server, and then press ENTER.
  3. Move the WDS account to Active Directory in the new organizational unit.
  4. To reinitialize the WDS service, type wdsutil /initialize-server /reminst:{RemoteInstallFolder} at a command prompt, and then press ENTER.

Injecting NIC Drivers into a WDS Boot Image

Posted on by
Reply

We’re switching to a new laptop here at the office, and this new laptop uses a NIC driver that is not included in Server 2008 Standard’s boot.wim.  Naturally, instead of rebuilding the entire WIM (and reinventing the wheel), I decided it would be best to inject the new driver(s).

The link:  http://support.microsoft.com/kb/923834/en-us.

Now, the problem description isn’t exactly the issue we were experiencing, so the part that applied to us:

3. Update the WDS boot image to include the new third-party network driver. To do this, follow these steps.

Note The following procedure assumes that the Windows Automated Installation Kit (AIK) is installed on the WDS server. If the Windows AIK is not installed on the WDS server, you can perform the same procedure on another computer that does have the Windows AIK installed. Then, map a network drive to the WDS server.

a. On the WDS server, click Start, click Run, type wdsmgmt.msc, and then press OK.
b. Under your WDS server, double-click Boot images.
c. Right-click the boot image that you want, and then click Disable.
d. Right-click the same boot image, click Properties, and then click General.
e. Note the name and location of the boot image that is displayed in the File name box.
f. At a command prompt, type the following:

C:\Program Files\Windows\aiktools\petools\copype.cmd x86 c:\windowspe-x86
Note Keep this command prompt window open for the next step.
Imagex /info Drive:\remoteinstall\bootx86\images\boot.wim

Notes
• Drive:\remoteinstall represents the path at which the Remoteinstall folder is installed.
• Boot.wim is the name of the boot image.

g. Note the boot index number of the bootable image that is displayed. To identify the boot index number, locate the line that contains “boot index: X.”

Note X is the boot index number. The number indicates that image number X is marked as bootable and that the image is to be updated. The second image is the default image that you would typically modify. However, always verify which image is marked as bootable.

h. At a command prompt, type the following:

Imagex /mountrw Drive:\remoteinstall\bootx86\images\boot.wim 2 mount
peimg /inf=driver.inf mount\Windows
imagex /unmount /commit mount

Notes
• Drive:\remoteinstall represents the path at which the Remoteinstall folder is installed.
• Driver.inf is the name of the third-party driver.
• The Imagex /mountrw command mounts the specified image, with read/write permissions, to the specified directory.

4. Enable the boot image on the WDS server. To do this, follow these steps:
a. On the WDS server, click Start, click Run, type wdsmgmt.msc, and then click OK.
b. Under WDS server, double-click Boot images.
c. Right-click the boot image that you want, and then click Enable.

It would be useful the note at this point that we use Server 2008 Standard x64 (not x86) and these steps worked just fine.

Lock Your Computer

Posted on by
Reply

We are all professionals here – well, most of us.  We all know that one should lock his or her computer before leaving their desk.  Blah, blah.

The keyboard I use at work has programmable keys – I can make them do all sorts of things, like run a batch file.  So, I was looking for a way to lock my computer via one of the larger buttons on my keyboard (sometimes I forget, so I’ll come back and instead of walking around my desk, I’ll try to do it over the top of the monitors).  I know that you can press the Windows Logo+L, Ctrl+Alt+Del and Enter, and a number of other assorted keystrokes, but a large button seems to be the ticket.  So, without further babbling, I’ll share the command to put into your batch file:

rundll32.exe user32.dll, LockWorkStation

That’s it.  Pretty cool if you ask me.  Now I’ll I need is a huge, red USB PANIC button to slap when I get up from my desk.  That would be awesome.

A connection will not be made…

Posted on by
Reply

First of all, don’t tell me what you will and will not do, young lady.

I was receiving the error below when trying to connect to a VM through Hyper-V Manager:

The fix was easily found in the TechNet Forums (in case that link isn’t active in the future, I’ve documented the fix for posterity below).

The fix:

Copy and paste the following into a text file and save it as a *.reg file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentials]
“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain]
“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials]

“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain]

“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly]

“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain]

“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentials]

“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain]
“Hyper-V”=”Microsoft Virtual Console Service/*”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly]
“Hyper-V”=”Microsoft Virtual Console Service/*”

Now import it into your registry and enjoy your new Credssp configuration.

winsxs: The Bain of My Current Existance

Posted on by
Reply

Long time no see.

I was digging through one of our virtual terminal servers today to try and figure out why there was only 29.8MB of 20GB free on the system partition.  A large culprit turned out to be the C:\Windows\winsxs folder.  Unfortunately, there doesn’t seem to be a lot that can be done about this 6GB+ folder full of, well, crap.

From MSDN:

Administrators should not, for any reason, take it upon themselves to clean out the directory – doing so may prevent Windows Update and MSI from functioning properly afterwards.

But, alas, this is just another day in the life.  I’m bleeding from my eyeballs.  We’re still looking for a fix, workaround, way to move it, or a way to delete it, but I don’t have much confidence that that approach.

Really, Microsoft?  Really?

SysAdmin Day 2008

Posted on by
Reply

Happy System Administrator Day!  Whoo!

From Wikipedia:

System Administrator Appreciation Day, also known as Sysadmin Day, SysAdminDay or SAAD, was created by Ted Kekatos, a system administrator in Chicago. Kekatos was inspired to create the special day by a Hewlett-Packard magazine advertisement in which a system administrator is presented with flowers and fruit-baskets by grateful co-workers as thanks for installing new printers. The holiday exists to show appreciation for the work of sysadmins and other IT workers. It is celebrated on the last Friday in July. The first System Administrator Appreciation Day was celebrated on July 28, 2000.

And the official SysAdmin Day song: http://www.deadtroll.com/index2.html?/sysadmin/~content.

Reinitialize Offline File Cache in Vista

Posted on by
Reply

They made it easy to reinitialize your offline file cache in XP – not so much in Vista. Here’s how:

1. Click Start, type regedit in the Start Search box, and then click regedit in the Programs list. If you are prompted for an administrator password or confirmation, type your password or click Continue.
2. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Parameters

Note: If the Parameters subkey does not exist, create it. To do this, follow
these steps:

a. Click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc
b. On the Edit menu, point to New, and then click Key.
c. Type Parameters, and then press ENTER.

3. On the Edit menu, point to New, and then click DWORD Value.
4. Type FormatDatabase, and then press ENTER.
5. On the Edit menu, click Modify.
6. Type 1 in the Value data box, and then click OK.
7. Exit Registry Editor, and then restart the computer.

Firefox 3 and Java

Posted on by
Reply

I prefer Firefox over IE.  I don’t know why, but I can’t stand IE.  I don’t think it’s the speed (I don’t know that I’ve noticed a difference).  I’m not sure what it is.

Anyway, since I’ve upgraded to Firefox 3, Java has been crashing everytime I try to load a Java applet.  I found a bulletin board that suggested I install the Java 6 Update 10 Beta.  This seems to have worked.  A link to Update 10 is below:

https://jdk6.dev.java.net/6u10ea.html#Download

I’ve also posted my error that Windows provided for posterity (and in case someone is having the same issue and is Googling):

Problem signature
Problem Event Name:    APPCRASH
Application Name:    firefox.exe
Application Version:    1.9.0.3071
Application Timestamp:    483ebafb
Fault Module Name:    kernel32.dll
Fault Module Version:    6.0.6001.18000
Fault Module Timestamp:    4791a81d
Exception Code:    40010006
Exception Offset:    0002f35f
OS Version:    6.0.6001.2.1.0.274.10
Locale ID:    1033
Additional Information 1:    ce68
Additional Information 2:    d49ae2ad476857f1eb438569b24234ae
Additional Information 3:    7187
Additional Information 4:    70fa7155f8359f25ba31b30cbc19a21c