Windows Server 2016/2012 R2 on Cisco UCS B200M4 with UEFI bios booting from SAN – SCCM deployment fails

I faced very strange issue while I was trying to build Windows Server 2016 release on Cisco UCS B200M4. Server is booting from NetApp storage and I’m using UEFI bios. Deployment was failing on SCCM OSD step : “Apply Operating System“.
So lets make some version introduction. I used ConfigMgr versions 1610,1702 and recently 1706. Windows ADK versions were 1511, then 1703 and currently 1709. With all versions I was facing same error.
I tried to run same deployment on the same hardware, booting from SAN with the legacy bios and it worked fine.
I also tried to make same deployment on the VM on the VMWARE with the UEFI bios, but with local disk and deployment worked fine.
And last scenario was to deploy Windows Server on Cisco UCS B200M4 with UEFI bios and booting from SAN, but deployment was with the ISO file – deployment worked fine. Continue reading

Powershell : A simple use of DSC

I’m a great PowerShell fan, I think it’s the second best (or maybe first one) thing Microsoft bring to IT world – for me still the one and best is MS Exchange.
Some time ago MS introduced a thing called Desired State Configuration, as I’m correct it was with PS 3.0, for sure with PS 4.0.
You can read a lot of DSC just to google it or go to MS site. I won’t explain how DSC works and what is the pull server, how to enforce configuration compliance, etc …

For my compliance I’m using SCCM, however I found Powershell DSC really useful for my initial server configuration, so I’d like to share how easy and handy is to build some initial server configurations – “Make it smart, make it simpe” – from this starting point one can go wherever … sky is the limit ūüôā Continue reading

Case Study : Windows 2012 R2 – ping internally returns wrong IP on multihomed server

As system engineer I’m providing a 3rd level support in IT areas I work on. So one day a strange case came to me.¬† An issue was reported that on multi-homed Windows 2012 R2 server – this case was : 2 network interfaces on Windows 2012 R2 (I can imagine it can happen on 2+ network interfaces Windows 2008 or newer). So on mutlihomed Windows Server 2012 R2, when try to ping internally FQDN wrong IP is returned. Continue reading

MSA (Managed Service Account) and its younger brother gMSA

On blog¬†I found really nice tutorial how to create application user in Active Directory. So I’d like to write few words about¬†alternative way to create application users, by using¬†MSA or with Windows Server 2012 gMSA.

What is MSA ?

With Windows Server 2008 R2 Microsoft introduced “Managed Service Accounts” – to simplify account management for accounts, that used by¬†applications¬†on a different servers. In the old times,¬†administrators were creating standard domain users, add this users to local administrators group on the remote computers, assign the “Logon as a service” right and for most of the time set the password to never expire. Moreover if one¬†wanted to be more secure, the “Deny log on locally” right should also be modified. With MSA this was simplified and MSA offers automatic password management (passwords are updated automatically every 30 days) and simplified SPN management which can be delegated to other administrators. Continue reading

httperr.log – just another IIS log ?

Recently a friend reminded me few cases, we¬†were¬†analyzing, while I was working as messaging engineer. We had problems with¬†an application, which was using EWS (Exchange Web Service), trying to get free/busy information from exchange. Then IIS was becoming unresponsive and the only thing we could do was IIS reset. So we used “httperr.log” for the analysis and issue detection. Probably not many of you heard about it, but this log is really useful with issues related to web server.

Continue reading