Use OMS (Log Analytic) to monitor and send alert for BlueScreen of Death

At times there is a driver or two that’s misbehaving and causing bluescreens. As the server automatically reboots after dumping memory to the memory.dmp file you might not get a report from your users that there has been a problem. And depending on your monitoring tool you might not get an alter there either. Operations Manager can easily alert you for things like that, but far from all customers use OpsMgr due to it’s complexity. Luckily, it’s just a 1 minute job to get alert in OMS if you have got a bluescreen! And as OMS can be run in Free mode, you may be able to monitor your servers for free (all depending on the amount of data you collect) and else, it’s really cheap so no big deal if you need to use a standard subscription. Anyway, lets get to the technical stuff!

First of all, enable OMS to collect Eventlog System and all Error messages.

omserrordata

Then create an Alert like this,

oms_bsod

The Alert text to be used is:

That will only alert for Crashes. You can also enable an alert for Event ID 6008 which will alert you for an unexpected shutdown. The difference is that my alert will only send an alert if there was a BSOD while an unexpected alert could also alert if someone pulled the power. Or even combine both into one alert with an OR statement. In my case, I just want to get alerted about the BSOD’s so thats the only thing I look for right now.

Tell how often is should check. There is usually no need to check more than once or twice an hour. And finally define if it should send an email alert or use one of the other alert methods.

Easy as that! Next time you get a bluescreen on a server, you will get an alert by mail so you can debug the dump and find out what’s causing it.

It will look like this,

bsodmail

 

Disable ASUS Mini Bar (AsPowerBar.exe)

asusminibarNot 100% work related but computer related. I reinstalled my home PC last week and also installed the ASUS AI Suite 3 tools to make it easier with overclocking and handling the fans and pump for my custom liquid cooling system.

One annoying thing is the ASUS Mini Bar (also called ASPowerBar.exe if you check in Task Manager) that automatically starts. When you logon to Windows. Easy to remove I thought and just downloaded one of the best (and free!) tools ever, called Sysinternals Autoruns which makes it super easy to see and disable all programs that automatically starts for various reasons including the ones launched form Task Manager or as Shell Extensions.

But there was no reference at all to be found related to the Asus Mini Bar. Ehh?  Well turned out that it was a lot easier than that.

asus

Just right click on the Asus AI Suite icon in the systray and remove the checkbox for ASUS Mini Bar! It’s the AI Suite tool that launches the Mini Bar…

I hope it can help someone else who’s like me digging through the Registry and Autorun folders and what ever else.

 

MSI Error 25543 when installing SPF Update Rollup

When trying to install an Update Rollup for SPF through Windows Update you may run into a Failed installation. And running the update manually gives a MSI Error 25543 where you have to click the Ok button like 10 times before it abort.

I’ve solved that at three different occasions by just stopping the IIS “Internet Information Services” and then installing the update manually.

Remember to start IIS after the update is installed and verify the bindings for SPF is still correct (there has been occasions where there have been duplicate bindings).

 

Potential version mismatch between WAP and SPF, please verify both component’s versions and if they’re compatible

I had a customer today who were getting errors when trying to create Virtual Machines in Windows Azure Pack (WAP).

WAP Tenant Log file
WAP Tenant Log file

Looking in the logfile on the Tenant server (Tenant Admin Log) showed that there were quite a lot of Error Events when a user is trying to create a server.

Some operations worked, like creating a virtual network but not deploying a virtual machine.

The interesting part here is the reference to; “Potential version mismatch between WAP and SPF, please verify both component’s versions and if they’re compatible”

Full Eventlog details, might help with search indexes.

 

I had a look at the SPF Server, and immediately noticed that the version of SPF was System Center 2016 RTM with no updates installed.

Updating SPF to the same version as Virtual Machine Manager (VMM) 2016 and Windows Azure Pack solved the problem.

 

 

DVBLogic channel logos for Kodi

I’ve used Kodi (xbmc) as frontend for my DVBLogic (DVBLink) TV-Server backend. Which is working great, but I wanted to enhance the experience a bit and get channel logos for all my channels to show in the tv-listing and in EPG view.

There were unfortunately no packs of Swedish channel logos available, so I made a small powershell script that reads the channel logo URL’s from the EPG Guides and downloads them to a country specific folder. They can then be assigned in DVBLink to the right channels.

The part that took the longest to make was to find a way to download the latest Windows (Win32) version of XMLTV from Sourceforge.

The Script is Downloading Windows (Win32) version on XMLTV.exe from Sourceforge https://sourceforge.net/projects/xmltv/
It’s then unpacking the Zip file to a Directory in c:\temp\xmltv
It will run XMLTV.EXE with –configure where you will be prompted for a location of the cache and which Channels to download information for. Either manually select each channel you want logos for or select all.
XMLTV.EXE will in the next step download information to tvzon.xml. I’ve set the timespan to 0, to make the download size minimal. Meaning, if you want more EPG data, you may want to change “–days 0” to “–days 14”.
The Script is then rading tvzon.xml and downloads all Logos to a country specific folder, based on the filename.
You can now copy the folder structure into your DVBLink server installation under “Program Files (x86)\DVBLogic\DVBLink\share\channel_logos” and you can keep the folder structure.

Link if you just want to download my pack: https://www.dropbox.com/s/elmoomsiyahxc4q/SwedishChannelLogos.zip?dl=0

 

 

Error 500 in Azure Pack when using ADFS

I’ve had a couple of customers lately who’s had sudden issues with Azure Pack reporting a error 500 when used in combination with ADFS after logging on.

It’s because the ADFS Certificate has been updated and the thumbprint in WAP doesn’t match the one presented from ADFS anymore.

Mark has made a great post about it here (all credits to him for the solution): Error 500 Azure Pack tenant portal – Jwt10329 Error

I’ve modified Mark’s script a little bit so I can easily run it at various customers without modifying the URL’s. It will basically read the old value from the config and re-use that hostname for the ADFS dns entry.

This script assumes you are using ADFS for both the tenant and admin sites.

Just update the HOST, Username and Password and run the script on the AdminSite server. When done, logon to AzurePack as normal.

 

Enable driver verifier for all none-microsoft drivers with powershell

I’ve been doing some debugging for a customer, who has multiple industrial Client PC’s who are rebooting regularly. And to get more information in the memory dumps I had a need to configure the system to do a complete memory dump but also to enable extra verification of all drivers in the system to find the cause of the bluescreens.

Window has a built in tool called “Verifier” where you can enable extra checks on calls done by specific drivers. You generally don’t want to enable it on all drivers as that will slow down the system notable. And truthfully, the number of times it’s a Microsoft device driver who’s causing the issue is so small, because they check and stress test their drivers so much better than all the other vendors. Thus, it’s always better to enable the extra checks for all drivers, except the ones from Microsoft to start with.

As I didn’t want to run around to all the Client PC’s and configure verifier, I’ve made a small powershell script that reads the name of all none-microsoft drivers from the system and enabled verification for just those drivers. Which can then be execute in any number of ways.

It’s using both the Get-VMIObject and Get-WindowsDrivers to get a complete list of thirdparty drivers in the system. And it will also configure the system for a Complete Memory Dump.

Just to be safe, I’ve added /bootmode resetonbootfail so it will reset the verifier settings in case the system is bluescreening during boot due to verifier notificing a bad driver in the boot process.

Reboot the PC, get a big cold Coke and wait for the bluescreen to happen.

Swedish Windows Azure Stack User Group

For my Swedish community members who’s interested in Microsoft Azure Stack. There is now a Swedish Windows Azure Stack User Group on Facebook, where we share knowledge, information and discuss everything around Microsoft Azure Stack and Windows Azure Pack.

Welcome to join! https://www.facebook.com/groups/MASUGSWE/

 

Addition to new-wifimac address script

A reader asked if there was a way to reset the mac-address to the original value after using my script to set a random MAC address. But also if it’s possible to schedule the script to run every XX minutes as the local coffee shop restricts internet access to 15 minutes per custo…ehh sorry, per MAC Address!

Here is a small function to reset the mac-address, by changing it to 00-00-00-00-00-00 windows will use the default hardware MAC Address of your card.

Regarding the automatic scheduling of the script. There are a couple of different ways to do that with pros and cons. It’s for example possible to start the script with Windows Task Scheduler ever X minute or let it automatically run, sleep for XX minutes and then execute again, over and over again until you stop it.

It’s even possible to have Windows Task Scheduler monitor the Event log for new Wifi Connections and if there is a connection to the Coffee House WiFi network, then start the script.

But for now, I’ve just added a very basic Loop, which you can add to the script and execute. It will generate a new random MAC Address every 13 minute (13*60 = 780 seconds) and do that 4 times before you have to restart it or you can just adjust the numbers.

Change MAC Address with PowerShell of a Wireless Adapter

As I mentioned in my post a week ago, I’m commuting each day and there is a 200MB Quota on the Wireless Network. Luckily it’s based on the MAC Address of the WiFi Card, so it’s quite easy to get another 200MB Quota if you want  😉

wifi1

Here is my small powershell script that automatically Releases the IP Address, set’s a new random MAC Address and Re-Connects to the SSID, all done in a second or two.
Yay! Another 200MB Quota to burn.

 

I’m using a Window 10 client with Hyper-V, and I’ve created a Virtual NIC for the WiFi adapter, that’s why it’s called ‘vEthernet (External Wi-Fi)’.  But you should be able to use the script with a normal WiFi Adapter too.

I’m using a Virtual WiFi Adapter, to be able to give my Virtual Machines access to internet also when I’m without a LAN.

Here is the script for creating a Virtual WiFi NIC;