Friday, December 14, 2012

Windows Hung Service

Today I had an issue where a windows service was stuck in a "starting" state.  Since this was an email server and the service in question was IMAP, doing a reboot wasn't a good option.  So i searched around and found this useful piece of information:

You can force kill an service if you know the services PID.
To get the PID, you can run the following to query the service and output them to a text file to make it easier to search.

  • sc queryex > C:\Running_Services.txt
Once the command completes, use a text editor (Notepad++) to find the service you are looking for.  You will see the Service Name, Display Name, and the PID.  Now that you know the PID, you can issue the following to kill the process.  For our example, lets say the PID is 12345
  • taskkill /PID 12345 /F

Now the process should be terminated, and a restart can be attempted.

Friday, November 9, 2012

BGInfo Useful Custom Strings

Recently I have been using BGInfo a bit more to get a better handle on what servers I am currently working on. Most of the time the standard definitions work well enough, but there are the few occasions when I want to show additional details or to hide information.

One such case that has come up often is when a server has multiple NICs, but only one is in use. BGInfo by default show all, so you have to add custom WMI queries to show only the info you want. I found a site that listed several useful queries as follows:

  • Active DNS - WMI Query - SELECT DNSServerSearchOrder FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
  • Active IP - WMI Query - SELECT IPAddress FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
  • Active MAC Address - WMI Query - SELECT MACAddress FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
  • Active Subnet Mask - WMI Query - SELECT IPSubnet FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
  • Manufacturer - WMI Query - SELECT Manufacturer FROM Win32_ComputerSystem
  • Model - WMI Query - SELECT Model FROM Win32_ComputerSystem
  • OS and Edition - Registry Value - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName
  • OS Architecture - WMI Query - SELECT OSArchitecture FROM Win32_OperatingSystem
  • OS Architecture XP2K3 - Registry Value - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\PROCESSOR_ARCHITECTURE
  • Workgroup - WMI Query - SELECT Workgroup FROM Win32_ComputerSystem

I also added one of my own to show the IIS version on the desktop:
  • IIS Version - Registry Value - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InetStp\SetupString
Using these in combination with the predefined queries has allowed me to display all relevant information that I want.  

Tuesday, September 4, 2012

Enabling/Disabling NIC via Command line

I recently found that I need for my system to be on multiple VLANs at different times.  Now, my NIC supports this and it is fairly easy to do in Windows 7, but I wanted to make it easier.  To accomplish this I wrote a little batch file that simply enables or disables the network interface card via wmic.

The NIC is configured with the following commands:

  • To determine the index value (##)
    • wmic nic get name, index
  • To Enable
    • wmic path win32_networkadapter where index=## call enable
  • To Disable
    • wmic path win32_networkadapter where index=## call disable

I then have the batch file with a choice statement that allows me to select the option I want.

I found the original information on how to accomplish this task here.

Friday, August 3, 2012

Ghost Network Interface Cards

Recently, I imported a bunch of virtual machines.  After the import was complete, only one nic showed up under network adapters but when making any changes to the static IP's a warning was shown stating duplicate information.  After doing some digging, I found that there were actually 2 NICs in the system, but only one was being display.   I tried multiple ways to get the second card removed, but had no success until I came across a few posts mentioning devcon.

Using devcon you can perform the following command line options to remove the ghosted nic:

  • Run this command to list all the network hardware
    •  devcon findall =net  
  • This will output a bunch of information in the format PCI\VEN_xxxxx : Adapter Name
  • Copy the string before the colon.
  • Run the devcon command to remove the nic
    • devcon -r remove "@PCI\Ven_xxxxxx"

The biggest issue I ran into was getting devcon for the correct architecture.  The inital post I read linked to Microsoft for the x86 and ia64, but my systems were running x64.  So, I managed to find the tool on a Windows Server installation media for x64.  But I have also found it online as part of the Windows Driver Kit with instruction on how to extract it here How to Obtain the Current Version of Device Console Utility (DevCon.exe)

Thursday, March 8, 2012

DHCP Information

I came across a recent little command that helped me out a lot.  I was trying to determine all of the information of a DHCP server that had multiple reservations.  Now, I could use the management console and just export the IP and reservation name.  But this did not give me the MAC addresses or any additional information.  I also wanted to just have the basic info of the DHCP scope.  So, after some searching I found a fairly easy way to do it.  I ran the command:

netsh dhcp server dump >> C:\DHCP_Info.txt

This created a file DHCP_Info.txt in the root drive that contained all the information i needed.  I just had to parse the section that listed reservations and import it into a table.

Wednesday, February 15, 2012

Windows 7 Activation Issues

So, I have been working at my new job for a few weeks now and one of the things I have been doing a little is upgrading Windows Installations offline.  I have used Autopatcher and the WSUS Offiline.  Both have been great when we can not connect the system to the network.

However, I have been running into a problem. When Activating windows, the activation fails.  You get an error message in the typical cryptic Microsoft style of error code 0x8007007b

Basically, you can not activate windows and you only have your grace period to use the system. This is a result of us using volume licensing, the solution that works best for me is as follows.
  • Run the following commands 
    • slmgr.vbs /ipk <product key from MSDN (MAK)> (This installs the product key) 
    • slmgr.vbs /ato (This activates windows) 
    • Optional - slmgr.vbs /dlv (Shows current activation status)

Monday, February 6, 2012

Google Takeout

I have been looking for a while for a good way to export all my Google data, since my previous company was using Google Apps for email, and while this doesn't get everything, it is still pretty inclusive.

Check it out at Google Takeout