Open Powershell as Administrator
Resume-VMReplication (servername) -Resynchronize
Force Hyper-V Resynchronization
Replicate Hyper-V between Workgroup servers
Enabling Hyper-V between two workgroup servers requires issuing self-signed certificates with makecert.exe and a registry key to bypass the revocation check.
The reason why makecert is required is because the certificate Enhanced Key Usage must support both Client and Server authentication, and the default IIS certificate CSR wizard does not include the client EKU.
First download makecert.exe from here: https://www.navuser.com/Data/makecert.exe
Machine #1
1. Generate a root cert:
makecert -pe -n CN=PrimaryTestRootCA -ss root -sr LocalMachine -sky signature -r PrimaryTestRootCA.cer
2. Generate a self-signed cert from the root cert:
makecert.exe -pe -n CN=HV2 -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in PrimaryTestRootCa -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 HV2.cer
3. Disable the revocation checking since that won’t work on self-signed certs:
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
Machine #2
1. Generate a root cert:
makecert -pe -n CN=RecoveryTestRootCA -ss root -sr LocalMachine -sky signature -r RecoveryTestRootCA.cer
2. Generate a self-signed cert from the root cert:
makecert.exe -pe -n CN=HV1 -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in RecoveryTestRootCa -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 HV1.cer
(Note: even though it outputs a .cer file, it automatically inserts into the LocalMachine certificate store, so there is no additional import step)
3. Copy the PrimaryTestRootCA.cer from Machine #1 and then run this command: certutil -addstore -f Root “PrimaryTestRootCA.cer”
4. Copy the RecoveryTestRootCA.cer from Machine 2 and then run certutil -addstore -f Root RecoveryTestRootCA.cer
5. Disable the revocation checking since that won’t work on self-signed certs:
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
6. Now you can select the self-signed certificate in replication on both servers.
Upgrade Server 2019 Evaluation Edition to Standard Edition
DISM /Online /Set-Edition:ServerStandard /ProductKey:xxxxx-xxxxx-xxxxx-xxxxx-xxxxx /AcceptEula
Load MS Exchange Powershell snapin
Open regular POwershell and run:
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
How To Know Which Process is Using a File or Folder in Windows
Resource Monitor
For Windows 7 and above, you can use the built-in Resource Monitor.
Open Resource Monitor, which can be found
- By searching for resmon.exe in the start menu, or
- As a button on the Performance tab in your Task Manager
From CPU tab, use the search field in the Associated Handles section
When you’ve found the handle, you can identify the process by looking at the Image and/or PID column. You can then close the application if you are able to do that, or just right-click the row and you’ll get the option of killing the process (End Process) right there.
Kill a process using PowerShell
Open PowerShell. If required, run it as Administrator.
Type the command Get-Process to see the list of running processes
To kill a process by its name, execute the following cmdlet: Stop-Process -Name “ProcessName” -Force
To kill a process by its PID, run the command: Stop-Process -ID PID -Force
Windows Server 2019 Activation from Evaluation
Activate and change the edition with the command on Power Shell:
DISM /online /Set-Edition:ServerStandard /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX /AcceptEula
Enable the Password Reset Option in Exchange Server 2016
The easiest way to change the password of a user’s Microsoft Exchange mailbox is to use the Active Directory User and Computer (ADUC) console. You can also reset the password from the Exchange Admin Center, but this option is disabled by default. This article describes how to enable the password reset option in the Exchange Admin Center in Microsoft Exchange Server 2016.
1. Log in to exchange server with your admin credentials.
2. Open PowerShell with administrative privileges and execute the following three commands.
Add-pssnapin microsoft*
Install-CannedRbacRoles
Install-CannedRbacRoleAssignments
3. Log in to the Exchange Admin Center and click on Permissions.
Right-click ‘Organization Management’ and then click Edit.
Click the ‘+’ sign on the roles section. Select ‘Reset Password’ and then click Add. Click OK and then click Save.
4. Log out from the Exchange Admin Center.
5. When you log in again to the Exchange Admin Center and open any existing user mailbox properties, you should see the reset password option.
How to stop a Windows Backup job
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.LOCAL>wbadmin stop job
wbadmin 1.0 – Backup command-line tool
(C) Copyright 2013 Microsoft Corporation. All rights reserved.
Are you sure you want to stop the current operation?
[Y] Yes [N] No y
The backup operation ended before completing.
C:\Users\Administrator.LOCAL>
You’ll need an app to run Microsoft Edge
Go here and download and install Edge.
https://www.microsoft.com/en-us/edge/business/download
Exchange 2010/2013/2016: Starting Exchange Services with a simple command
As an Exchange Admin, you might be looking after 1 server or several hundred.
Sometime after a reboot you might notice that some of the services don’t start. It is a daunting task to go manually start them all 1 at a time.
A simple way is to run the following command from an elevated PowerShell Window:
- Get-Service *Exchange* | Start-Service
Some services like the Transport and Unified Messaging Services take a bit longer to start but the window will echo the starting of all services.
Seize Active Directory Roles
Select Start > Run, type ntdsutil in the Open box, and then select OK.
C:\Users\administrator>ntdsutil
ntdsutil: roles
fsmo maintenance: connections
server connections: connect to server adserver2
Binding to adserver2 …
Connected to adserver2 using credentials of locally logged on user.
server connections: quit
fsmo maintenance: Transfer schema master
Server “adserver2” knows about 5 roles
Schema – CN=NTDS Settings,CN=ADSERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=temp,DC=local
Naming Master – CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=temp,DC=local
PDC – CN=NTDS Settings,CN=BDSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=temp,DC=local
RID – CN=NTDS Settings,CN=BDSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=temp,DC=local
Infrastructure – CN=NTDS Settings,CN=BDSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=temp,DC=local
fsmo maintenance: quit
ntdsutil: quit
Remote Desktop (RDP) shortcut keys
Shortcut key | Description |
CTRL+ALT+HOME | Activates the connection bar. |
CTRL+ALT+BREAK or one of these shortcuts:
|
Switches the client between full-screen mode and window mode. If these shortcuts don’t work, or the keys aren’t available, you can try the following alternative:
|
CTRL+ALT+END | Brings up the Windows Security dialog box for the Remote Desktop Session Host (RD Session Host) (provides the same functionality as pressing CTRL+ALT+DEL on the local computer). |
The following table describes the standard Windows shortcut keys and their equivalent Remote Desktop shortcuts that are different. (For example, Ctrl+Z is generally the ‘Undo’ shortcut on both standard Windows and Remote Desktop.)
Table 2 | ||
Windows shortcut | Remote Desktop shortcut | Description |
ALT+TAB | ALT+PAGE UP | Switches between programs from left to right. |
ALT+SHIFT+TAB | ALT+PAGE DOWN | Switches between programs from right to left. |
ALT+INSERT | Cycles through the programs in the order they were started. | |
Windows key or CTRL+ESC |
ALT+HOME | Displays the Start menu. |
ALT+SPACE BAR | ALT+DELETE | Displays the system menu. |
ALT+PRINT SCREEN | CTRL+ALT+MINUS SIGN (-) | Places a snapshot of the active window, within the client, on the clipboard. |
PRINT SCREEN | CTRL+ALT+PLUS SIGN (+) | Places a snapshot of the entire client windows area on the clipboard . |
Set time on Windows AD Server to NTP
Configure the NTP Server on Windows Server 2008, 2012, 2016 or 2019
On your Windows Server hit the Windows Button and type:
PowerShell and right-click it and select Run as Administrator
Type the following commands
w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:MANUAL
Stop-Service w32time
Start-Service w32time
Of course, you can take any NTP Server that you want. Now verify if the time-server was set correctly on your Server by typing: w32tm /query /status
Windows backup drive is full
Windows does not manage backup space well. To manage the retained backups and not fill up the disk, run the following command from an elevated command prompt:
WBADMIN DELETE BACKUP -backuptarget:F: -keepVersions:30
**************************************
To get the versions:
WBADMIN get versions
**************************************
To delete the oldest backup version:
WBADMIN DELETE BACKUP -deleteoldest
Robocopy makes folders disappear
Robocopy may set the new directory to hidden, as that it copies the system attribute of the root folder of the drive over to the new folder. You can prevent the new directory from becoming hidden by adding the /A-:SH option/flag/switch to your robocopy command.