Brocade VDX : upgrading to new NOS, one of the partition does not get updated.

When upgrading to new NOS one of the partition does not get updated. Following is the only option to get the new NOS on both the partitions.

Requirement: you will have to contact Brocade Tech support to ship you a Brocade USB stick containing basic NOS.

1) Brocade USB stick containing basic unit operating system (in the safe)
2) Requires NFS mountable directory to access the new NOS.
3) Have console port access
After power cycle, hit ESC until you get here
Hit ESC to stop autoboot: 0
1) Start system.
2) Recover password.
3) Enter command shell.
Option? 3
Boot PROM password has not been set.
=> [This is the u-boot prompt]
These environment variables should be set at U-boot
printenv and check for these variables - ipaddr, netmask, gatewayip, serverip. If not set, then assign.
setenv ipaddr <IP address that you want to assign to this device>
setenv netmask <What is the subnet mask used in the lab where the switch is located?>
setenv gatewayip <xx.yy.zz.ww>
setenv serverip <tftp/ftp server ip used>
If these are changed
saveenv

Insert the USB, these are the steps are done at the U-boot prompt:
> usb reset 1
> ext2ls usb 0:1
> makesinrec 0x1000000; ext2load usb 0:1 2000000 tftpboot/castorXX/uImage;ext2load usb 0:1 3000000 tftpboot/castorXX/ramdisk.image;ext2load usb 0:1 4000000 tftpboot/castorXX/silkworm_bd131.dtb; bootm 2000000 3000000 4000000

When this finishes the unit should reboot and come up to a shell prompt. At that prompt enter the following information (management interface address, netmask and gateway).
ifconfig eth0 x.x.x.x netmask x.x.x.x up
route add default gw x.x.x.x

The NOS firmware is loaded using the following steps:

mount -o tcp,nolock <server>:<path>/nos5.0.1d /load
cd /load
./install release
sync
sync
reboot –f

After this finishes the switch should be fully functional with NOS 5.0.1d on both partitions.

Brocade VDX Fun ; SFP breakouts

Shortly I will be deploying bunch of Brocade VDX switches in Logical Chassis Mode to replace the existing Cisco 3750's.

I have a 40 GBPS QSFP+ breakout module.

To configure breakouts:

config t
hardware
connector 4/49
shut
exit
hardware
connector 4/49/1
sfp breakout

I later changed my mind and issued no sfp breakout command. The 40GB port went dead would not respond.

Here is what need to be done after issuing no spf breakout

Login to the LC primary switch
Go to the RBridge where you want to convert back the port
shutdown all the ISL ports that are connected to the LC
verify that all other switches show offline
run Copy default-config startup-config
reboot

Exchange Server 2013 /PrepareAd for Cumultive update installation fails.

Today I was trying to update my Exchange Server 2013 CU4 (SP1) to CU10.

Following pre-installation tasks were done:

1. Stop Symantec Client protection service
2.Uncheck Check for Publisher's Certificate revocation & Check for server certificate revocation on IE
3.Run c:\>%windir%\Microsoft.NET\Framework64\v4.0.30319\ngen.exe update
   c:\>echo %errorlevel%

(The above steps are suggested to speed up the installation)
4. Run setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms (requires Enterprise Admins and Schema Admins permissions, and must be performed in the same AD Site as the Schema Master on a server with the RSAT-ADDS-Tools feature installed – the Schema Master itself would meet these requirements)


5. Run setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms
As I went to do PrepareAD, it failed with the following error:

he following error was generated when “$error.Clear(); 
install-AdministrativeGroup -DomainController $RoleDomainController

” was run: “Active Directory operation failed on Servername.domain.com. The object

‘CN=Folder Hierarchies,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),

CN=Administrative Groups,CN=Exchange Organization,CN=Microsoft Exchange,

CN=Services,CN=Configuration,DC=Domain,DC=Com’ already exists.”

Scouring the websites, I found the solution posted at Exchange Weblog

CN=Configuration,CN=Services,CN=Microsoft Exchange,CN=Your Exchange Organization,

CN=Administrative Groups,CN=Administrative group,CN=Exchange Administrative Group

(FYDIBOHF23SPDLT),CN=Folder Hierarchies

 

There are multiple methods to fix this issue , Here is the recommended method

by Recreating Public Folders containers.

Use ADSI Edit or a similar tool to locate and expand Exchange Administrative Group (FYDIBOHF23SPDLT).

The Public Folders object can be found at:

CN=Configuration,CN=Services,CN=Microsoft Exchange,CN=Organization,CN=Administrative Groups,

CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Folder Hierarchies

1. Right-click the Folder Hierarchies object, click New, and then click Object.
2. In the Select a class list, select msExchPFTree, and then click Next.
3. In the Value box, type Public Folders, and then click Next.
4. Click More Attributes.
5. In the Select a class list, select msExchPFTreeType, and then click Next.
6. In the Edit Attribute box, type 1, click Set, click OK, and then click Finish

https://blogs.technet.microsoft.com/manjubn/2013/09/02/1-exchange-server-2013-preparead-or-cumultive-update-installation-fails/

https://blogs.technet.microsoft.com/manjubn/2013/09/02/1-exchange-server-2013-preparead-or-cumultive-update-installation-fails/

After creating the new object, /PrepareAD completed successfully.

SlipStream Adobe Reader with Powershell to be deployed using SCCM or psexec

Deploying Adobe quarterly patch and the security update is pain specially when you have environment with no internet connection.

Note: You need to remove the older version of Adobe Reader in order be able to installed the slipstream version of Abode Reader.

Here is how I slipstream quarterly update with security patches

You can download the script from the TechNet Gallery.

To slipstream you need to download the following files from Adobe.
1. Base Installer ( eg. AdbeRdr11000_en_US.exe)
2. Quarterly Update
3. Security Patch

Ftp download link
ftp.adobe.com/pub/adobe/reader/win/11.x/11.0.06/en_US/AdbeRdr11006_en_US.exe

Apply the installer and patches in the following order:
Base Installer -> Quarterly Patch -> Security Patch
11.0.0->11.0.14 -> 10.1.15

Follow the steps to use the Power Shell Script:
1. Downloaded the necessary file(s) to a folder somewhere (should be a local drive or mapped network drive). I’ve downloaded AdbeRdr11006_en_US.exe to C:\Downloads. I’ll refer to this location as the Download folder in this post.
2. Create a folder called AIP. I’ve created it at C:\AIP and will refer to it as the TargetFolder.
3. Download the script from TechNet Gallery and extract it C:\Scripts.
4. Open an elevated PowerShell console, browse to C:\Scripts and run the following command:

.\New-AdobeReaderAIP.ps1 -FileName "AdbeRdr11006_en_US.exe" -DownloadFolder "C:\Download" -TargetFolder "C:\AIP"




5. The script will now start to slipstream Adobe Reader.







Copy the entire AIP folder to the destination computer and run the AcroReader.msi to install.

You can deploy remotely using psexec:

devices.txt contains the host names where you want to deploy it.

psexec @C:\adobe\devices.txt -h -u domain\username -p "password" -c xcopy /y /s "c:\AIP" c:\temp\update

psexec @C:\adobe\devices.txt -h -u domain\username  -p "password" msiexec.exe /i c:\temp\update\AcroRead.msi  /quiet /qn /norestart /l+ c:\temp\update-logs\log.txt




How to Move the Public Folder Hierarchy from Exchange 2003 Admin Group to the New Exchange 2010 Admin Group

This week as I was preparing to migrate Exchange 2010 to Exchange 2013 I found out that my previous predecessor did not decommission legacy Exchange 2003 properly.

When I ran get-exchangeserver, the older 2003 server was still showing. The public folder was still located in the Exchange 2003 Admin group.  When i ran get-routinggroupconnecter, it show the old connector.

Here is how to move the public Folder Hierarchy from Exchange 2003 Admin group to the New Exchange 2010 Admin Group:

Information

User is migrating from Exchange 2003 to Exchange 2007 or 2010 and wants to move the public folder hierarchy from the Exchange 2003 "First Administrative Group" to the new Exchange 2007/2010 "Exchange Administrative Group (FYDIBOHF23SPDLT)" to continue decommission the old Exchange 2003 Admin Groups.

Details

Use one of the following procedures to move the public folder hierarchy to a new Admin Group:

Using exchange system manager:

1. Logon to the Exchange Server 2003 server and open the Exchange System Manager snap-in.
2. Expand the Administrative Groups and right-click the Exchange Administrative Group (FYDIBOHF23SPDLT) , select New and select Public Folders Container .
3. Then expand the old First Administrative Group , expand Folders and move the Public Folders tree to the Public Folders container you created in the previous step by dragging the Public Folders tree object and dropping it to Folders under Exchange Administrative Group (FYDIBOHF23SPDLT) .

Using ADSIEdit tool:

If already uninstalled all Exchange 2003 servers and do not have any Exchange System Manager elsewhere to use, same can be done with ADSIEdit.

1. Create the new Public Folders container:
   1. Use ADSI Edit tool to locate and expand Exchange Administrative Group (FYDIBOHF23SPDLT) object, which can be found at:
      CN=Configuration,CN=Services,CN=Microsoft Exchange,CN=Organization,CN=Administrative Groups.
   2. Right-click the Exchange Administrative Group (FYDIBOHF23SPDLT) object, click New , and then click Object .
   3. In the Select a class list, select msExchPublicFolderTreeContainer , and then click Next .
   4. In the Value box, type Folder Hierarchies , click Next , and then Finish .
2. Move the public folder hierarchy:
   1. Use ADSI Edit tool to locate the Public Folders object in Active Directory.
   2. CN=Configuration,CN=Services,CN=Microsoft Exchange,CN=Organization,CN=Administrative Groups,CN=Administrative group,CN=Folder Hierarchies,CN=Public Folders.
   3. In the right pane select CN=Public Folders , righ

Removing Exchange 2003 from the server object using ADSI edit.

• CN=Administrative Groups
  CN=<Exchange 2003 admin group name>
  CN=Servers
  CN=<Exchange 2003 server name>
  You need to delete the Exchange 2003 server at this level to have it fully removed from your Get-ExchangeServer command results. 

After deleting the server, when I ran get-exchangeserver, it only showed 2010.

 To remove the routing group connector:

get-routinggroupconnector | remove-routinggroupconnector

No Certificate Templates could be found. You do not have permission to request a certificate from this CA

This morning I logged into my lab and I got an error while trying to access the Cert request enrollment.

 i received this error “No Certificate Templates could be found. You do not have permission to request a certificate from this CA, or an error occurred while accessing the Active Directory” .. That was so strange although i am sure i can access the certificate templates from the CA console and also the fact that i was using a Domain Admin account to issue the certificate.

I followed the link below to resolve the issue

http://theadminsguide.net/2012/08/29/no-certificate-templates-could-be-found-you-do-not-have-permission-to-request-a-certificate-from-this-ca/

I was trying to install Exchange Server 2013 CU11 on my lab exchange server. I encountered two errors.

1.  A Restart from a Previous Installing is pending

Resolution:

To remove an orphaned UpdateExeVolatile registry key value

1. Open a registry editor, such as Regedit.exe or Regedt32.exe.
2. Navigate to HKLM\SOFTWARE\Microsoft\Updates\
3. In the right navigation pane, double-click the UpdateExeVolatile key.
4. Configure the key with a value of 0
5. Close Registry Editor.

https://technet.microsoft.com/en-us/library/cc164360(v=exchg.80).aspx

2. Organization Preparation FAILED

Error: 8224

Error:  The following error was generated when "$error.Clear();   install-ExchangeSchema -LdapFileName ($roleInstallPath + "SetupData"+$RoleSchemaPrefix + "schema0.ldf")
" was run: "There was an error while running 'ldifde.exe' to import the schema file 'C:WindowsTempExchangeSetupSetupDataPostWindows2003_schema0.ldf'. The error code is: 8224. More details can be found in the error file: 'C:Usersadministrator.{your-domain}AppDataLocalTemp2ldif.err'".
There was an error while running 'ldifde.exe' to import the schema file 'C:WindowsTempExchangeSetupSetupDataPostWindows2003_schema0.ldf'. The error code is: 8224. More details can be found in the error file: 'C:Usersadministrator.{your-domain}AppDataLocalTemp2ldif.err'

Solution

https://social.technet.microsoft.com/Forums/exchange/en-US/d8713608-1a4d-4d08-b66c-9a38c6bf4625/error-code-8224-ldifde-exchange-2013-installation-failure

Fore Replicate between DCs

https://technet.microsoft.com/en-us/library/cc816926(v=ws.10).aspx

To force replication over a connection

---

1. Open Active Directory Sites and Services: On the Start menu, point to Administrative Tools, and then click Active Directory Sites and Services.
2. In the console tree, expand Sites, and then expand the site to which you want to force replication from the updated server.
3. Expand the Servers container to display the list of servers that are currently configured for that site.
4. Expand the server objects and click their NTDS Settings objects to display their connection objects in the details pane. Find a server that has a connection object from the server on which you made the updates.
5. Click NTDS Settings below the server object. In the details pane, right-click the connection object whose From Server is the domain controller that has the updates that you want to replicate, and then click Replicate Now.
6. When the Replicate Now message box appears, review the information, and then click OK.