|
Chaka posted:Can anyone point us in the right direction: Your DNS server is broke. Nslookup on windows always tries to add the suffix (which is weird behavior, but the way it's always been): http://serverfault.com/questions/74067/windows-appending-domain-suffix-to-all-lookups
|
#
?
Jul 15, 2016 21:59
|
|
|
|
| # ? Apr 28, 2024 10:14 |
|
|
Maneki Neko posted:Your DNS server is broke. Nslookup on windows always tries to add the suffix (which is weird behavior, but the way it's always been): I looked at the link and what you typed, and I'm having trouble believing it. Going to check at work tomorrow.
|
|
#
?
Jul 18, 2016 20:25
|
|
|
Trying to unfuck a messy tangled AD setup. Every security group is mail enabled, and are used as distribution lists more or less. Many of these groups are legacy groups from an old 2004 setup. What I'd like to do is get rid of the email part of the security groups and then create new dynamic distribution lists based on OU membership. That way people dont have to manage a ton of new distro groups either. Problem is that management really likes the names of the email enabled security groups. Is it possible to give the groups a new name, then move the current email to the new dynamic distro groups, and then delete the temporary new name email for the security group? Or am I going about this completely wrong?
|
|
#
?
Jul 18, 2016 21:47
|
|
|
I've got two migrations coming up... 1) We're changing our company name, so I have to change out emails, etc. I assume there's a best practice for this? I'm mostly concerned about unforeseen issues such as we all have Windows 10 and log in to our workstations themselves with our O365 email and password, and I don't want to break things like that. I don't suppose there's a Microsoft team I can pay to help work this one through? 2) We want to migrate all our scanned legal docs off of FileBound.com and on to SharePoint... just thought I'd mention that on the off-chance that someone has worked with FileBound before and might know a good way to go about it. Apparently it's a ton of tiff files with a single CSV storing all the metadata for them.
|
|
#
?
Jul 18, 2016 22:29
|
|
|
I have nothing to bring to this discussion apart fromZero VGS posted:SharePoint Get drinking.
|
|
#
?
Jul 18, 2016 22:48
|
|
|
Thanks Ants posted:I have nothing to bring to this discussion apart from I don't drink :-/
|
|
#
?
Jul 18, 2016 23:42
|
|
|
Zero VGS posted:I don't drink :-/ You can always settle for some nice iced tea, I guess.
|
|
#
?
Jul 19, 2016 00:06
|
|
|
Methanar posted:You can always settle for some nice iced tea, I guess. He sticks with cocaine.
|
|
#
?
Jul 19, 2016 00:12
|
|
|
Better get some juice!
|
|
#
?
Jul 19, 2016 00:14
|
|
|
Zero VGS posted:I don't drink :-/ Great news, this will be fixed shortly!
|
|
#
?
Jul 19, 2016 02:19
|
|
|
What method do you guys use to set up a default browser other than IE on Windows 10? If I run firefox.exe with the -setdefaultbrowser switch it only opens the default programs windows, it doesn't set it as default...
|
|
#
?
Jul 19, 2016 13:54
|
|
|
BaseballPCHiker posted:Trying to unfuck a messy tangled AD setup. Do either of these powershell scripts help you? quote:convertdg.mailbox <groupName> Function which takes the Distribution Group specified and turns it into a Shared mailbox. It creates a temporary group called grpTemp, copies the users to it, destroys the group, creates the mailbox, creates a new distribution group in the 'grpGroupName' format, copies the users from grpTemp to the new group, then destroys grpTemp. code:Coredump fucked around with this message at 14:32 on Jul 19, 2016 |
|
#
?
Jul 19, 2016 14:28
|
|
|
Zero VGS posted:I don't drink :-/
|
|
#
?
Jul 19, 2016 14:37
|
|
|
Is there no sensible way to mount NFS shares in Windows 10 unless you shell out for Enterprise or a 3rd party product? Bluhhh.
|
|
#
?
Jul 19, 2016 16:19
|
|
|
Alright so I'm stuck currently in my adventures with WDS. I'm using WDS to image a VM with a 40 gig drive with no partitions. The image I'm pushing out is a standard version of Server 2012 r2 datacenter. In WDS I create a client unattend file where I specify setup lanuage, credentials, etc. The problem I'm running into is the partitioning. In wds I specify Disk ID 0 and Partition ID 1 to install the image to. VM boots up fine, I only have one boot image active, so it gets thru that fine. When imaging I get the following error message: "The partition selected for isntallation (1) does not exist on disk 0 Make sure the unattend answer file's ImageSelection\InstallImage setting references a valid partion on this computer, and then restart the installation." Reading this, I did some searching and found an article about setting up an unattended file for installing windows: http://www.derekseaman.com/2012/07/windows-server-2012-unattended.html. Using the info in this link I open the unattend file that WDS created and modify it following the instructions for create and modify partition parts. So basically I add a create disk component to pass1, two modify partitions and two create partitions. When I try to save the unattend file I get the following error message. "This application requires version 10.0.10240.16384 of the Windows ADK. Install this version to correct the problem" Thing is, that's the version of WADK I'm using. At this point I'm stuck. Any help? Edit: I tried another route to get past this. I opened two instances of WSIM, one that had the unattend.xml that wds would create, and another instance that was a blank unattend file. I then did the partition create according the article I linked earlier. I then manually recreated everything I saw in the WDS unattend file into the one I manually created. I was able to successfully save the unattend file, but now when I point WDS at it, WDS will ignore. I browse, select the .xml file, click ok, and the box remains blank. At this point I'm so lost. There seems to be some incompatibility between .wim's that are in WDS versus .wim's that are able to be touched by WSIM. Coredump fucked around with this message at 19:00 on Jul 19, 2016 |
|
#
?
Jul 19, 2016 16:26
|
|
|
Assuming you aren't using UEFI, Partition 1 is typically a hidden System Partition (~350 MB in size). Try Partition 2. As far as the ADK goes, do you have an older version installed as well as that one? I've seen instances where old/new are both installed and I've had to manually correct the ADK it points to. Not to beat a dead horse, but is there a reason you want to use only WDS and not a combined approach with MDT 2013 Update 2? Wrath of the Bitch King fucked around with this message at 19:29 on Jul 19, 2016 |
|
#
?
Jul 19, 2016 19:26
|
|
|
Wrath of the Bitch King posted:Assuming you aren't using UEFI, Partition 1 is typically a hidden System Partition (~350 MB in size). Try Partition 2. I'm not sure what the implications are/corner I'm painting myself into by going with just WDS. Edit: Just tried using partition 2, get the same error of "The partition selected for installation (2) does not exist on disk 0." I'm thinking that without the create partition/modify partition passes these partitions are not getting created on a blank disk. However, every time I use WSIM to add the passes to the unattend.xml it breaks in one way or another. What the hell did Microsoft intend for a person to do here? Coredump fucked around with this message at 20:03 on Jul 19, 2016 |
|
#
?
Jul 19, 2016 19:54
|
|
|
Coredump posted:I'm not sure what the implications are/corner I'm painting myself into by going with just WDS. To put it simply, MDT is much better equipped for actually installing the OS and handling custom actions/scripting than WDS. WDS is excellent as a delivery system for your boot image, but beyond that it's a huge pain to deal with and the industry is moving towards SCCM/MDT as the preferred mechanism for this sort of thing. If you have any questions feel free to PM me, but I strongly encourage you to download MDT 2013 Update 2 (you'll also need the most recent OS ADK), setup a Deployment share, and give it a whirl. It has a fairly deep learning curve but once you get to a put where you feel competent in using it you'll never look back. The Task Sequence based processing will also act as a bit of a primer on SCCM based OSD deployments if you have any interest in that. In all seriousness though, WDS is horrible for anything beyond the basics.
|
|
#
?
Jul 19, 2016 20:39
|
|
|
Coredump posted:Do either of these powershell scripts help you? Those look perfect! I should be able to take what I need to from them and get started. Thanks!
|
|
#
?
Jul 19, 2016 20:40
|
|
|
My boss finally set aside the five minutes necessary to raise the forest and domain levels from 2003 tonight. Tomorrow morning I'm going to enable the AD recycle bin and set up Azure AD Connect and do a bunch of other bullshit I've been waiting forever to do.
|
|
#
?
Jul 20, 2016 02:34
|
|
|
Throw WDS out the loving window. MDT will have you deploying in like 30 clicks. The stuff you want to do with WDS isn't done with WDS.
|
|
#
?
Jul 20, 2016 10:41
|
|
|
Swink posted:Throw WDS out the loving window. WDS can't do unattended installs?
|
|
#
?
Jul 20, 2016 13:09
|
|
|
Coredump posted:WDS can't do unattended installs? Sure it can, but all the things you're trying to do has already been wrapped up into MDT. No need to recreate the wheel when Microsoft has done all the legwork for you. There's a lot of people with MDT/SCCM OSD experience in this thread that can help if you run into trouble. I can't think of anyone who has any experience with OSD that would even think about doing it exclusively in WDS at this point.
|
|
#
?
Jul 20, 2016 14:16
|
|
|
Is anyone well versed with SPNs? I think I've almost wrapped my head around this... We have the following example environment and without any SPNs Set. 1. Client.Contoso.com 2. Web.Contoso.com 3. DomainController.Contoso.com 4. Web.Contoso.com is an IIS Website and runs under the WEBSVC@Contoso.com Account. 1. The Domain-Joined Workstation of Client.Contoso.com attempts to access Web.Contoso.com. 2. Web.Contoso.com tells Client.Contoso.com you'll need a ticket to access the site. 3. Client.Contoso.com asks DomainController.Contoso.com what object has the SPN of "HTTP/Web.Contoso.com" to get a ticket. 4. The domain controller queries the directory however no results are found. 5. The domain controller queries the directory for an object that has the SPN of "HOST/Web.Contoso.com" and finds one for the Computer Account of Web.Contoso.com. 6. Client.Contoso.com receives the ticket from the Domain Controller and presents this to WEBSVC@Contoso.com. 7. WEBSVC@Contoso.com attempts to read the ticket but can't because this ticket is only readable by the Computer Account. Authentication fails or tries NTLM. Is this accurate? If so, I have some follow up questions... 1. Why doesn't this process fail on step 4 when it didn't find the exact SPN originally? If this is the default behavior, why is it the default behavior? 2. If NTLM isn't used what's the user experience? Do they receive a bad/username prompt? 3. If there are duplicate SPNs what occurs when to domain controller queries the directory and two identical SPNs are found that reference two different objects?
|
|
#
?
Jul 20, 2016 17:15
|
|
|
Sacred Cow posted:Sure it can, but all the things you're trying to do has already been wrapped up into MDT. No need to recreate the wheel when Microsoft has done all the legwork for you. There's a lot of people with MDT/SCCM OSD experience in this thread that can help if you run into trouble. I can't think of anyone who has any experience with OSD that would even think about doing it exclusively in WDS at this point. Is it worth having an OS Deployment thread or would it be too niche?
|
|
#
?
Jul 20, 2016 18:28
|
|
|
Wrath of the Bitch King posted:Is it worth having an OS Deployment thread or would it be too niche? It could be useful, but I think it might die pretty quickly. There's already so many good resources out there online. I'd post in it though, I love getting into OS deployment. We have a project next year to upgrade everyone to Windows 10, almost 10,000 users will need to be upgraded.
|
|
#
?
Jul 20, 2016 18:55
|
|
|
Wrath of the Bitch King posted:Is it worth having an OS Deployment thread or would it be too niche? This thread started out for SCCM and OSD and eventually turned into the Enterprise Windows megathread once general management questions started showing up. skipdogg posted:It could be useful, but I think it might die pretty quickly. There's already so many good resources out there online. I'd post in it though, I love getting into OS deployment. We have a project next year to upgrade everyone to Windows 10, almost 10,000 users will need to be upgraded. My thoughts exactly. Between Windows-noob, Deployment Bunny and Deployment Research, there are a ton of great resources I personally go to first. I'm also doing the same project right now, though only 600 computers  . The built in Upgrade TS in v1511/v1602 has worked pretty great for me in testing. Just follow this article for managing drivers and test the hell out of it. I have the added fun of upgrading our license from Pro to Enterprise as part of the process.
|
|
#
?
Jul 20, 2016 19:06
|
|
|
We're in the middle of a PoC for 1E's software that bolts on to SCCM. It's not cheap but looks promising. Supposedly just their software management portion will save us more than the licensing costs annually, so the imaging part is gravy.
|
|
#
?
Jul 20, 2016 19:13
|
|
|
skipdogg posted:We're in the middle of a PoC for 1E's software that bolts on to SCCM. It's not cheap but looks promising. Supposedly just their software management portion will save us more than the licensing costs annually, so the imaging part is gravy. Let us know how it looks. I was a little interested in the Nomad piece, but I'm more interested in the Windows 10 migration stuff. What exactly is the Nomad/application piece doing that makes things so much easier to manage?
|
|
#
?
Jul 20, 2016 22:11
|
|
|
Tab8715 posted:Is anyone well versed with SPNs? I think I've almost wrapped my head around this... 1 - Windows includes a bunch of services under the HOST alias, you can see them in ADSI Edit under CN=Directory Service, CN=Windows NT, CN=Services, CN=Configuration, DC=domain, DC=com in the sPNMappings attribute. I assume they did that so things are a little simpler / cleaner and DC's don't have 1000 different SPN's registered. 2 - If you don't have some kind of fallback enabled and SPN's are wrong you'll get a series of username/password prompts and eventually 401 unauthorized. 3 - Duplicate SPN's will cause the authentication process to fail before step 6 and you should see an event log about a non-unique SPN on the KDC
|
|
#
?
Jul 20, 2016 23:48
|
|
|
What's the best tutorial you guys know regarding using the UDI Wizard in SCCM? We have SCCM 2012 R2 SP1 integrated with MDT 2013 Update 2, we're deploying Windows 10 and we'd like a simple screen to choose from a list of OUs and stuff like that. What do you guys use?
|
|
#
?
Jul 21, 2016 10:25
|
|
|
orange sky posted:What's the best tutorial you guys know regarding using the UDI Wizard in SCCM? We have SCCM 2012 R2 SP1 integrated with MDT 2013 Update 2, we're deploying Windows 10 and we'd like a simple screen to choose from a list of OUs and stuff like that. What do you guys use? I used this TechNet article to get me started. Here's a few things I ran into when creating the one my help desk uses. - If you use a password generator for your Domain Join service account, make sure its not a crazy long password. I had to drop it down to 12 characters to get it to work consistently. - If you're using Applications instead of Packages, you need to have any Application you want to use deployed to a dummy collection otherwise it wont show up when adding apps to the checklist. - Automate as much as you can in the settings.ini file. The more you have auto populated in the UDI fields, the less chance you have of computers with wrong names, put in the wrong locations, wrong languages or time zones. - Personal preference, but I grouped all the required apps by departments so they only need to click the parent hive to select everything they need. - When you make any changes to the UDI after you've already deployed it, don't forget to update the Distribution Points. I've made that mistake more then once. Sacred Cow fucked around with this message at 12:24 on Jul 21, 2016 |
|
#
?
Jul 21, 2016 12:09
|
|
|
Sacred Cow posted:I used this TechNet article to get me started. Yeah that's the article I was thinking of using as a reference. Our task sequence right now is Zero Touch. If I enable UDI and only create like 1 window in the xml will the rest of the settings remain as they are and only those changed in the window change? I'm asking because I'm afraid of deleting all the windows in the UDI Wizard, leaving only one, and only the variables set in that window are initialized.
|
|
#
?
Jul 21, 2016 12:23
|
|
|
orange sky posted:Yeah that's the article I was thinking of using as a reference. Our task sequence right now is Zero Touch. If I enable UDI and only create like 1 window in the xml will the rest of the settings remain as they are and only those changed in the window change? I'm asking because I'm afraid of deleting all the windows in the UDI Wizard, leaving only one, and only the variables set in that window are initialized. I deleted all but 3 windows in my current UDI and have had no issues. Everything else is set through the settings.ini file or in the Task Sequence itself.
|
|
#
?
Jul 21, 2016 12:47
|
|
|
orange sky posted:What's the best tutorial you guys know regarding using the UDI Wizard in SCCM? We have SCCM 2012 R2 SP1 integrated with MDT 2013 Update 2, we're deploying Windows 10 and we'd like a simple screen to choose from a list of OUs and stuff like that. What do you guys use? That TechNet article already linked is what i have used in the past as well. For me the UDI wizard was a godsend to our helpdesk team. I could create one or two base images and then customize based off of whatever applications were required. You can also use the UDI wizard to place the computer in the right OU for group policies which helped streamline our process a bit as well.
|
|
#
?
Jul 21, 2016 16:18
|
|
|
Yeah I'm going to use that link as a general reference. The main objective is making the helpdesk's job a little easier, yes..
|
|
#
?
Jul 21, 2016 16:20
|
|
|
Anyone use data deduplication in Server 2012 R2? Worth it?
|
|
#
?
Jul 21, 2016 20:55
|
|
|
Worth. Bigtime.
|
|
#
?
Jul 22, 2016 03:41
|
|
|
Awesome. We're budgeted to migrate our file server from 2008 r2 to either 2012 r2 or 2016 in Q1 2017 so I'm curious on some of these features.
|
|
#
?
Jul 22, 2016 03:46
|
|
|
|
| # ? Apr 28, 2024 10:14 |
|
|
2016 has some really nice features roadmapped in terms of storage and file serving, definitely worth labbing the tech preview to see if any of them are something you'd want to wait for.
|
|
#
?
Jul 22, 2016 07:55
|
|