Archive for the ‘server’ Category

Can’t join a Windows 2012 server to a 2003 forest

January 21, 2017

Simple solution but here’s the scenario;

I had to replace a 2003 server with a 2012 server. So the original forest and domain is 2003 (I had to upgrade that from 2000!) but when I tried to promote the 2012 server to a DC it balked with this error;

“A domain controller running 2008 or later could not be located in this domain.”

I did some digging and found that it’s really not stopping you but prompting you to put in a recovery password. Thanks for the intuitive message MS.

So simply type in a recovery password and it will allow you to continue the promotion.



Symantec, the space hog

December 9, 2015

If you’ve found this page then you know how much of a pain Symantec Endpoint Protection can be when it comes to eating up space. Server today ran out of space – down to 500mb on the main drive. After clean up it’s back to 71GB… yes you read that right.

So how to clean up Symantec Endpoint Protection’s mess? Simple;

Stop the Symantec Services.
Go to C:\Program Files\Symantec\Symantec Protection Center\db and delete (or if you have space then copy this off somewhere or zip it) the sem5.log.
Start the Symantec Services.

That bad boy just continues to eat up space without regard for the environment. Now I’m assuming that there is some sort of limit you can impose on the log file but honestly I haven’t had time (who does) and so I periodically remote in and run the above steps.

Fixed problem.

DNS changes in DHCP

December 3, 2015

This is something that might help for future reference. Something I very rarely have to do but would helpful for other people and a good reference.

Specifically changing where your DHCP client points DNS requests to.

  1. Open DHCP Manager
  2. Drill down to the scope
  3. Open Scope Options
  4. double tap DNS Servers
  5. Add your new shiny server and move it to the top of the list
  6. Click OK and you’re done

Symantec Endpoint DB /Log file out of control?

January 29, 2015

So I had a log file that was 98GB.
I found a forum post from Symantec giving a download for a file that would compress the db/log but in order to run that app you had to have lots of space on your drive!
So what happens if I ‘m running out of space and I need more? Tough, you can’t set a different cache folder that the compression tool works with. Wonderful.

Instead, just run through the process of backing up the DB. There is a DB backup app under tools in the Symantec programs location. What does that do? Well for starters is just clears the log file… Oh yeah.

Or you can do this;

  • Stop the Symantec Services.
  • Go to C:\Program Files\Symantec\Symantec Protection Center\db and delete (or if you have space then copy this off somewhere or zip it) the sem5.log.
  • Start the Symantec Services.

Simple fix I thought.

Microsoft LLDP woes

December 22, 2014

One of the stranger problems I have come across.
When I boot up the PC neither Wifi nor Ethernet work. they connect ok but have no IP address.
I ruled out Hardware issues as well as router/DHCP issues so it comes down to Windows and more narrowly to Microsoft LLDP protocol driver.
When I enabled this and disabled it the NIC came back to life. Weird huh? If I reboot the problem comes back…
Anyway as a short term fix I created a script to fix this issue;

Echo off
cd \it\nvspbind
nvspbind “Ethernet” /e ms_lldp
Echo Recalibrating…
ping -n 5 -w 1000 > nul
nvspbind “Ethernet” /d ms_lldp

Now you will need to download NVSPBIND from Microsoft to do this but it’s worth it and I can confirm it does work.

Download it here;

When you download it, it will give you all the arguments you can add.

My example above is on a network device called Ethernet and I put a little “wait” command in there (which is the ping!) then disabled it again. Also I downloaded NVSPBIND to a folder called c:\IT\NVSPBIND.
This worked like a charm for me.

Windows Error Reporting (aka Space hog)

June 24, 2014

I had a server with critically low space on the OS partition. During my investigation into what was taking it all I can across Windows Error Reporting, or WER for short.
Located here;
I found I had gigabytes of data there, and this is in essence for Microsoft’s benefit. They sign you up by default.
So not only can you delete anything under that folder but you can also turn it off;
Open Server Manager and scroll right to the bottom under Resources and Support. Right there, is an entry “Report issues to Microsoft and get solutions… blah blah”. Well turn that puppy off and it will no longer build up tons of data on your OS partition.

PERC 6 – New Virtual Disk initilization

March 22, 2014

Created a new RAID Volume and part of that process had me jump into the BIOS app for the PERC controller.
It was as simple setup – RAID5 with a hotspare but each disk was 1TB and so the volume ended up being, well, rather large (approx 2TB).
That was fine. However I had to initialize the volume and that was taking 1.5minutes for each 1% tick. So again, approximately 2.5 hours!
Well being the fairly impatient person I can be when it comes to computers, I decided to not believe that I was being told and researched the issue.
I found that you can indeed reboot eh machine, mid-initialize! In fact Dell apparently “recommend” that you wait perhaps 2-30 minutes before you write data to it!

In other words, go right ahead and reboot that server even if the initialization is only a few percentage point complete because the PERC controller will simply pick up where it left off after it is loaded up again.

Just remember to give it a little bit of time before you dump vast quantities of data at it.

Happy days.

I can never remember the RDC port number

February 10, 2014

So here it is… 3389.

Roaming profiles work on some PC’s and not others…

December 10, 2013

Yeah that’s what I thought. I went through all sorts of hell trying as many things as I could think of and when I hit the answer, I just figured I’d throw it in here before I delve too deep into why on some and not on others.

The fix;

  • It’s basically a DNS problem.
  • I pointed the problem computers (and eventually all the computers) to the Domain Controller that held the roaming profile data and boom, it worked.

More rambling stuff;
So I tried adding the server address with the roaming profile data to the host file of those machine and even the domain to the hosts file but neither of those made any difference.
I cleared the cache, I renamed the old profile and recreated it, I compared all the settings on one machine to the other as well as the Active Directory Account details and all seemed fine…

Seize Active Directory Roles

November 1, 2013

Sometimes, things go wrong faster than you expected or planned for.
To that end, on with the seizing roles from other Active Directory roles!

On the server you want to move the roles to do this;
Run the command prompt as admin
type the following;

  1. ntdsutil
  2. roles
  3. connections
  4. connect to server <your new server name>
  5. q
  6. ? (this will give you the commands you can run and let you know which roles you can seize) example; seize schema master

It will try to do all this in a nicey-nice way but if the current DC is offline it will fail and the seize the role.
I have probably now done this, I would guess, about 3 times in my current 20 years of IT experience.
It’s not likely you will need this very often… hence the blog post!