Group Policy processing error

I have been fighting over last few hours with a curiouse error about GPO processing. Whenever I attempted to process the GPUPDATE /FORCE I was getting below error:

The processing of Group Policy failed. Windows attempted to read the file \\domain\SysVol\domain\Policies\{97F86394-F318-4E12-A015-21A355BF52D9}\gpt.ini
from a domain controller and was not successful. Group Policy settings may not
be applied until this event is resolved. This issue may be transient and could b
e caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller
has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.

I attempted all possible tricks, but none worked. What I finally was able to do is to find out what GPO is it relating to. In order to do that you need to run powershell and run following commands:

Import-module grouppolicy

That loads the group policy management modules into the powershell, after that I had to run the following:

Get-GPO -Guid 97F86394-F318-4E12-A015-21A355BF52D9

When running this command I was able to get following information that looked like below

after that I was able to locate the GPO and simply removing it had fixed the issue. However if are unable to locate the GPO recreating it with exact the same name will fix the issue as well.

Resizing VHDX in Windows 2012 using PowerShell

In order to be able to resize the VHD you need to follow few steps first. You can do that from the GUI, however in my experience your best rate of success is to use the PowerShell. Please note that this apply only to Hyper-V in Windows 2012 and above, there isn’t a process available yet for the previous versions of Hyper-V

Below are the steps of how to do that, just as an explanation in order to be able to resize the VHD we need to resize the partition inside the Virtual machine, as to let the vhd file know that this space is free and its safe to remove it.

The command below will provide all the steps required to resize the vhd, however it requires the server to be shut down. The steps are as follow:

1. Shut down the VM

2. Mount the VHD using mount-vhd command with command line as follow:

mount-vhd path\drive.vhdx -passthru | get-disk | get-partition | get-volume

This command will provide you with information of what drive letter the partitions inside vhdx files have been assigned as well as the size details (remember that from Windows 2008 and up the system create a 100-300MB partition on the main drive used in booting process, don’t resize it)

3. The next command is resize-partition, that is to resize the size of the partition inside the vhdx to the size you want it to be

resize-partition –driveletter E -size 35GB

-driveletter is the drive letter we get from the first command, and –size is the size to what we want to shrink the partition to.

4. Next we will dismount the vhd using dismount-vhd:

dismount-vhd path\drive.vhdx

5. The last command is actual resizing of the VHD, to do that we use: resize-vhd command:

resize-vhd path\drive.vhdx -ToMinimumSize

SQL Firewall ports using .bat script

In order for the SQL to work correctly there is a need to open specific ports to it, you probably don’t want to disable the firewall full stop, so the best way is to use following script that will automatically opens all required ports. It’s actually available as “Fix It” from Microsoft, but here is exact extract from it:

@echo =========  SQL Server Ports  ===================
@echo Enabling SQLServer default instance port 1433
netsh firewall set portopening TCP 1433 "SQLServer"
@echo Enabling Dedicated Admin Connection port 1434
netsh firewall set portopening TCP 1434 "SQL Admin Connection"
@echo Enabling conventional SQL Server Service Broker port 4022 
netsh firewall set portopening TCP 4022 "SQL Service Broker"
@echo Enabling Transact-SQL Debugger/RPC port 135
netsh firewall set portopening TCP 135 "SQL Debugger/RPC"
@echo =========  Analysis Services Ports  ==============
@echo Enabling SSAS Default Instance port 2383
netsh firewall set portopening TCP 2383 "Analysis Services"
@echo Enabling SQL Server Browser Service port 2382
netsh firewall set portopening TCP 2382 "SQL Browser"
@echo =========  Misc Applications  ==============
@echo Enabling HTTP port 80
netsh firewall set portopening TCP 80 "HTTP"
@echo Enabling SSL port 443
netsh firewall set portopening TCP 443 "SSL"
@echo Enabling port for SQL Server Browser Service’s ‘Browse’ Button
netsh firewall set portopening UDP 1434 "SQL Browser"
@echo Allowing multicast broadcast response on UDP (Browser Service Enumerations OK)
netsh firewall set multicastbroadcastresponse ENABLE

Executing this on Windows 7 and up will show several warnings since the netsh firewall command in deprecated and you should use netsh advfirewall firewall however the script still perform it’s task perfectly.

PowerShell Script to create AD account, Exchange mailbox and Lync account all in one go

Today my post will look at the creation of PowerShell script that will allow for simultaneous creation of Active Directory account, Exchange mailbox and Lync account. This script have helped to save loads of time to myself as well as my customers. The work on this script is based on number of online versions however I haven’t been able to find one that would allow to run it from any Domain joined machine. I’m going to break the script into sections and I’m going to explain what each one does and then will include the whole script as one. The script have been tested on Exchange 2010 and Lync 2010 however should work without any issues with the 2013 versions of both applications.

So the first step is to define certain static variables in order to reuse them further in the script:

# Static Entries
$ExchangeServer = "exchange.domain.com"
$LyncServer = "lync.domain.com"
$Registrar = "lyncregistar.domain.com"
$intdomain = "domain.local"
$dc = "dc.domain.local"
$ou = "OU=User Accounts,DC=domain,DC=local"

Here are the details for each:

$ExchangeServer – that is the name of your Exchange Web Control Panel, usually it’s the same as your OWA without the /OWA bit.  Read the rest of this entry.