Windows Server: Folder Redirection – Migration

Windows Server: Folder Redirection – Migration

I recently had to migrate a load redirected folders from one server to NetApp CIFS vFiler. The redirected folders were being access via a DFS NameSpace, had Exclusive Rights for users and contained up to 20GB per user, with some files having specific ACL’s that prevented even the SYSTEM account from accessing them! Needless to say this wasn’t a simple process.

Firstly let me point out a simple way of doing this in a smaller environment. If you update your Group Policy Folder Redirection Options¬† (or apply a new policy with higher precedence), if the Redirection Policy is configured to “Move the contents of xxxx to the new location” then at logon the users files will be moved to the new location…. an automated migration that works well for small amounts of data.

With up to 20GB of data per user the above solution simply wasn’t going to cut it. This would have added hours of delays for users logging on. We opted to pre stage the data, which meant we had to disable the “Move the contents of xxxx to the new location” for each folder we were pre-staging – this is an important step! You should allow a week or two for all users to get this change before proceeding with your migration.

Next problem, how to pre-stage the data! Well RoboCopy failed miserably due to the ACL’s and exclusive rights, so we used a tool called SecureCopy which worked really well – to a point; open files, and files with specific ACL’s which users had set were not pre-staged. The number of these files totalled around 2,300!

We needed to pre-stage these files are many of them were current, business related documents… welcome back to the fight RoboCopy! We deployed a script (below) to run at user logon, as the user, that would copy the missing files (using /MIR to mirror the folder contents) from the Windows box to the NetApp CIFS. This ran for a few days to minimise the amount of missing data when we ‘flipped the switch.’

Finally, with the data pre-staged we change the GPO folder redirection options to point to the vFiler shares. The RoboCopy script was still running, so when users logged on they got the migrated, pre-staged redirected folders that were up-to-date ūüôā

All-in-all the process took a few days (weeks if you include the initial step to disable “Move folder contents…”) but the end result was minimal interruption to users – which in the world of infrastructure is a good thing.

In short, the process was:

  1. Disable “Move the contents of xxxx to the new location” for each redirected folder
  2. Wait a week or two!
  3. Use SecureCopy to pre-stage most of the data
  4. Deploy a RoboCopy user logon script to mirror the user data on the old Windows box to the CIFS vFiler folder containing the users’ data.
  5. Wait a few days to minimise the amount of un-synched data
  6. Change the folder redirection policy / deploy a new GPO with higher precedence

{code lang:php title:”Copy Script” lines:false hidden:false}Option Explicit
On Error Resume Next
‘———————–
‘——– Define Variables
‘———————–
Dim objNetwork, strUserName, fso, objFSO, objFolder, objFiles, fldName, checkFile, logFile, logPath
Dim srcSrv, myDocShare, myFaveShare, myDeskShare
Dim dstSrv, myDocDst, myFaveDst, myDeskDst

Set objNetwork = WScript.CreateObject(“WScript.Network”)
Set objFSO = CreateObject(“Scripting.FileSystemObject”)

‘———————–
‘——– Obtain User Logon Name
‘———————–
strUserName = objNetwork.UserName
‘Share path to create log files for each RoboCopy opperation
logPath = “\\SERVER\Share\Folder\”

‘———————–
‘——– Define redirected folders to check
‘———————–
‘Source
srcSrv = “\\Server or DFS NameSpace Root\”
‘Destination
dstSrv = “\\Server or DFS Name Space Root\”

‘Source Share Paths, add more if required, be sure to define variables at the top of the script
‘and destination paths below
myDocShare = “MyDocuments\” & strUserName
myFaveShare = “MyFavourites\” & strUserName
myDeskShare = “MyDesktop\” & strUserName
‘Destination Share Paths
myDocDst = “MyDocuments\” & strUserName
myFaveDst = “MyFavourites\” & strUserName
myDeskDst = “MyDesktop\” & strUserName

‘———————–
‘——– Check User Has Not Been Processed Already
‘———————–
If NOT(objFSO.FileExists(dstSrv & myDocShare & “\SharesMirrored”)) Then
¬†¬†¬†¬†¬†¬†¬†¬†‘———————–
¬†¬†¬†¬†¬†¬†¬†¬†‘——– Check Redirected Folders, add any additional shares created above
¬†¬†¬†¬†¬†¬†¬†¬†‘———————–
        CheckFolder(myDocShare)
        CheckFolder(myFaveShare)
        CheckFolder(myDeskShare)
        
¬†¬†¬†¬†¬†¬†¬†¬†‘———————–
¬†¬†¬†¬†¬†¬†¬†¬†‘——– Subs/Functions
¬†¬†¬†¬†¬†¬†¬†¬†‘———————–
        Sub CheckFolder(fldName)
            Dim objShell, logName
¬†¬†¬†¬†¬†¬†¬†¬† Set objShell = CreateObject(“WScript.Shell”)
¬†¬†¬†¬†¬†¬†¬†¬† ‘Hide and run all copies async.
            
¬†¬†¬†¬†¬†¬†¬†¬† If inStr(fldName,”Documents”) > 1 Then
¬†¬†¬†¬†¬†¬†¬†¬† ¬†¬†¬†¬†LogName = “Docs”
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†ElseIf inStr(fldName,”Desktop”) > 1 Then
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†LogName = “Desktop”
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†ElseIf inStr(fldName,”Favourites”) > 1 Then
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†LogName = “Faves”
            End If
            
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†‘Perform Validation
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†If strUserName = “” or srcSrv = “” or fldName = “” or dstSrv = “” Then
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†‘Do Nothing
         Else
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† objShell.Run “robocopy.exe ” & Chr(34) & srcSrv & fldName & chr(34) & ” ” _
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† ¬†¬†¬†¬†& Chr(34) & dstSrv & fldName & Chr(34) & ” /COPY:DAT /E /XX /XO¬†/R:1 /W:5 /LOG:” & chr(34) _
¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† ¬†¬†¬†¬†& logPath & strUserName & “-” & logName & “.txt”,0,false
            End If
        End Sub
                
¬†¬†¬†¬†¬†¬†¬†¬†‘———————-
¬†¬†¬†¬†¬†¬†¬†¬†‘——– Create Log File
¬†¬†¬†¬†¬†¬†¬†¬†‘———————-
¬†¬†¬†¬†¬†¬†¬†¬†‘Set checkFile = objFSO.CreateTextFile(dstSrv & myDocShare & “\SharesMirrored”, True)
Else
        Wscript.Quit
End If{/code}

 

Windows Server : A simple DFS Migration Plan

Windows Server : A simple DFS Migration Plan

I recently used the steps below to move DFS Name Spaces from one server to another without interruption to client connectivity.

  1. Install OS and configure the server that you will move the DFS namespaces to
  2. Create SMB shares on the server that you will host the DFS Namespaces from
  3. Replicate the data, either using DFS, RoboCopy or SecureCopy. For fairly static data the last two are fine, for data that changes more frequently I would choose DFS. Before proceeding make sure that all data is replicated.
  4. Add new server to DFS Namespace(s) that you have replicated the data for using the DFS Management Console
  5. Wait for AD DS replication to ensure that the additional server is listed on DFS clients (use dfsutil /pktinfo to verify)
  6. Set referral order override; configure the new server as “First amongst all targets” and the old server as “Last amongst all targets” using the DFS Management Console
  7. Again, wait for AD DS replication to ensure that the additional server is listed on DFS clients (use dfsutil /pktinfo to verify)
  8. If both DFS servers are Windows 2008 R2 then you can now disable the old server in the DFS Name Server list using the DFS Management Console, if one of the servers is running a previous version of windows not proceed to step 10.
  9. Wait for Ad DS replication, again checking with dfsutil /pktinfo
  10. Delete the old server from the Name Space(s) using the DFS Management Console

Windows : Troubleshooting Automatic Updates

Windows : Troubleshooting Automatic Updates

Troubleshooting Automatic Updates, especially in version of Windows prior to Windows Server 2008, can be a bit of a pain.

Your first point of call should always be C:\Wndows\WindowsUpdate.log this log is invaluable in troubleshooting update issues.

You can trigger detection of updates using the command: wuauclt.exe /detectnow

You can trigger installation of updates using the command: wuauclt.exe /updatenow

Another useful command in a managed (WSUS) environment is: wuauclt.exe /resetauthorization /detectnow

If using WSUS you should also check the group you should also confirm the “target group” is correct. Search the log file mentioned above for “target group” to confirm this.

Windows 2008 : DFS Client Referral Cache Management

Windows 2008 : DFS Client Referral Cache Management

The following commands can be used to manage the DFS Client Referral Cache. This is useful when migrating DFS namespace servers or troubleshooting client referral issues.

  • To view the current referral cache: dfsutil /pktinfo
  • To clear the referral cache: dfsutil /pktflush

vSphere : Building a Windows Cluster

vSphere : Building a Windows Cluster

Clustering Windows Server 2003, or 2008 under vSphere is a simple process:

  1. Create your two VM cluster nodes in the vSphere Console
  2. Install Windows Server Enterprise Edition on both nodes
  3. Add additional ‘cluster’ storage, attached to an additional shared¬†SCSI¬†controller (for Single Copy Clusters, SQL clusters or File/Print Clusters then do not use Paravirtual, use LSI Logic. Paravirtual is fine for an Exchange 2010 DAG.). You’ll get a new controller if you assign a SCSI ID to each new disk starting ‘1:’
  4. Ensure all disks that are shared are set to Independent Persistent
  5. Ensure all Disks are “eagerZeroedThick”
  6. Ensure the controller is set to Virtual Sharing in the VM configuration
  7. Build the cluster
The step that is¬†often¬†missed out is the¬†modification¬†of the vmx file for each cluster VM node; without these changes you’ll find that NTFS filesystems can become corrupted or SQL databases end up with torn pages / in a suspect state. You may even see chkdsk running after a failover from one node to another.
 
Add the following lines to the bottom of your vmx file to help alleviate these symptoms:
 
{code lang:ini showtitle:false lines:false hidden:false}disk.locking = “FALSE”

diskLib.dataCacheMaxSize = “0”{/code}

 

Exchange 2010 : Transport Server Pressure Script

Exchange 2010 : Transport Server Pressure Script

The below script will output the ResourceManager status of all transport servers, this can be useful when troubleshooting functions performed by Exchange 2010 transport servers.

{code lang:php lines:false hidden:false title:false}foreach ($srv in get-transportserver -identity "*") {
¬† [xml]$diag = Get-ExchangeDiagnosticInfo ‚ÄďServer $srv.identity ‚ÄďProcess EdgeTransport ‚ÄďComponent ResourceManager ‚ÄďArgument verbose
  $srv.name
  $diag.Diagnostics.Components.ResourceManager.CurrentComponentStates
¬† $diag.Diagnostics.Components.ResourceManager.ResourceMonitors.ResourceMonitor | ft ‚Äďa Type, Resourc*,*Pressure* | out-string
¬† Get-counter -ComputerName $srv.name -Counter "\MSExchange RpcClientAccess\RPC Averaged Latency" ‚ÄďSampleInterval 5 -MaxSamples 2
}{/code}

To understand what pressure states mean, and the impact of each state take a look at the following TechNet article: http://technet.microsoft.com/en-us/library/bb201658.aspx

Exchange 2010 : High Item Count in Critical Path Folder

Exchange 2010 : High Item Count in Critical Path Folder

There is a significant performance impact of high item count in critical path folder on any version of Exchange. The script below can be used to help identify users in your environment with 20,000 or more items in any folder you specify. Change the folder in red to modify the scope of the script.

{code lang:php showtitle:false lines:false hidden:false}$data = @()
foreach($mbx in get-mailboxdatabase | get-mailbox) {
$data += get-mailboxfolderstatistics -Identity $mbx.identity -FolderScope ‘Inbox’| Where {($_.ItemsInFolder -ge 20000)} | select @{n=”Username”;e={$mbx.displayName}},FolderPath,ItemsInFolder }
# $data | ft
$data | Sort ItemsInfolder -Descending | export-csv InboxOver20k.csv {/code}

Exchange 2010 : Find Users with iOS 4.0 Devices (User Agent 801.29)

Exchange 2010 : Find Users with iOS 4.0 Devices (User Agent 801.29)

The following Exchange Shell Script will identify all users that have an iOS 4.0 device – these should be upgraded to 4.01+ ASAP. Save the code below into a .ps1 file and execute.

Continue reading “Exchange 2010 : Find Users with iOS 4.0 Devices (User Agent 801.29)”

Windows 2008 : Command Line Configure Network Adapters

Windows 2008 : Command Line Configure Network Adapters

Use the following commands to configure IPv4 settings for a NIC. 

First identify the NIC you wish to configure – obtain the Idx number of the NIC: netsh int ipv4 show int

Now set the IP address, subnet and gateway address: netsh int ipv4 set address 11 static 192.168.1.100 255.255.255.0 gateway=192.168.1.254

Now configure the primary DNS for the NIC: netsh int ipv4 set dnsserver 11 static 192.168.1.1

Finally, the secondary DNS for the NIC: netsh int ipv4 add dnsserver 11 192.168.1.2