Get GeoLocation with PowerShell and set NTP Server in a GPO

Using Powershell to locate your Geographical Location with the help of GeoLocation (IP-Address) is quite easy, cool and useful!

When we build Private and Hybrid Clouds across the globe in various countries and continents I want to make sure the Active Directory PDC Emulator is using a valid time source based on that location.

GeoLocation with Powershell

So with this small script (it’s using multiple WebServices to cycle through until it gets an answer) we can get a rough location for where we are and in my case it’s usually enough to know what country the datacenter is in.

That can then be used as you see fit. Though for me, I’m using it to update the Group Policy being applied to the PDC Emulator to point to the country specific NTP Pool with the generic pool as backup value.

That’s how easy it’s to modify a Group Policy object.

Please share any solutions using GeoLocation in the comments. It might give me some nice new ideas too!

 

Azure Stack packaging and pricing

Microsoft has finally released the pricing for Microsoft Azure Stack.
It’s long been known that MAS (Microsoft Azure Stack) would be prices on a Pay-as-you-go model just like Azure but we’ve not known the exact price so far. HPE revealed the price for the hardware a few weeks ago and it’s been said to be between 300-400.000 USD minus all the normal discounts.

Microsoft Azure Stack pricing

It looks like the price is roughly 30% of running the same Virtual Machine in Azure. Which makes MAS a very very attractive solution for running workloads on-prem.

Details available here: http://buff.ly/2usAdoI
Or download directly from my blog here: Microsoft_Azure_Stack_Packaging_and_Pricing_EN_US-1

 

How to delete files in a userprofile with Group Policy Preferences

As a follow up to my post about How to automatically Hide “Configure this local server” in Server Manager. I mentioned it’s possible to remove the individual user.config files in various ways to reset the behavior and hide the Welcome Tile. You can easily do that with a GPO like this;

Paths:

It’s a Group Policy being applied to all Server Admins utilizing Group Policy Preferences to delete two files (one for Windows Server 2012R2 and one for Windows Server 2016). But it’s only doing it once to make sure that if a admin does any changes to the file it won’t be deleted again. The idea is that it will be deleted once to reset settings to the one in ServerManager.exe.config but not repeatedly after that if the administrator saves any other changes.

 

How to automatically Hide “Configure this local server” in Server Manager

After you have installed a couple of hundred servers, you may start to feel that you have seen this text a couple of times too many and start to wonder how to get rid of it…

Hide Welcome Tile

You can obviously click the “Hide” button to hide the “Configure this local server” box, which is also called “Welcome Tile”.

Show Welcome Tile

And if you would ever want to get it back, you can find it in the “View Menu”. BUT… How do you disable the Welcome Tile by default for all users?

There is unfortunately no GPO (Group Policy) to control that. Just to set if Server Manager should auto-start or not. Which does not help in this case.

The settings in Server Manager is stored in a version folder in this location:

The configuration for Server Manager is stored in a file called user.config with the interesting bits highlighted here;

WelcomeTileVisibility

So you want to Modify the “WelcomeTileVisibility” setting in that file which can be done in numerous ways. But a easier solution is to just name and copy a file with this content to that folder.

user.config

That file only contains new default WelcomeTileVisibility setting, hiding the Welcome tile for you when you launch Server Manager. And if you do any changes in Server Manager, the new settings will be saved to that file too.

But that’s a per user setting and it has to be copied to the profile after it’s been created etc etc. Making it all a bit more complicated.
Luckily there is a better and easier way to do it, where you also help your co-workers at the same time!

In your reference image, or in your Server deployment script or with PowerShell or with Group Policies or any other way you find worthy. Just use the same information as above, but save it in this path to be machine wide;

Hide Welcome Tile for everyone

Notice that it’s still the exact same content of the file;

But it’s now stored together with the ServerManager.exe file in the system32 folder making it server wide. It’s a lot easier to copy it there just once so it’s applied to everyone rather than try to get the config file into each persons profile.

Notice: If you already have a user.config file in your Profile, it may override the settings from serverManager.exe.config so delete your user.config file to verify your new setup is working as expected.

In our environment, we are deploying the file in our Server Deployment solution, and also copying it to all server with a Group Policy Preference just in case someone installed a server manually for some unknown reason.

 

Use OMS (Log Analytic) to monitor and send alert for BlueScreen of Death

At times there is a driver or two that’s misbehaving and causing bluescreens. As the server automatically reboots after dumping memory to the memory.dmp file you might not get a report from your users that there has been a problem. And depending on your monitoring tool you might not get an alter there either. Operations Manager can easily alert you for things like that, but far from all customers use OpsMgr due to it’s complexity. Luckily, it’s just a 1 minute job to get alert in OMS if you have got a bluescreen! And as OMS can be run in Free mode, you may be able to monitor your servers for free (all depending on the amount of data you collect) and else, it’s really cheap so no big deal if you need to use a standard subscription. Anyway, lets get to the technical stuff!

First of all, enable OMS to collect Eventlog System and all Error messages.

omserrordata

Then create an Alert like this,

oms_bsod

The Alert text to be used is:

That will only alert for Crashes. You can also enable an alert for Event ID 6008 which will alert you for an unexpected shutdown. The difference is that my alert will only send an alert if there was a BSOD while an unexpected alert could also alert if someone pulled the power. Or even combine both into one alert with an OR statement. In my case, I just want to get alerted about the BSOD’s so thats the only thing I look for right now.

Tell how often is should check. There is usually no need to check more than once or twice an hour. And finally define if it should send an email alert or use one of the other alert methods.

Easy as that! Next time you get a bluescreen on a server, you will get an alert by mail so you can debug the dump and find out what’s causing it.

It will look like this,

bsodmail

 

Disable ASUS Mini Bar (AsPowerBar.exe)

asusminibarNot 100% work related but computer related. I reinstalled my home PC last week and also installed the ASUS AI Suite 3 tools to make it easier with overclocking and handling the fans and pump for my custom liquid cooling system.

One annoying thing is the ASUS Mini Bar (also called ASPowerBar.exe if you check in Task Manager) that automatically starts. When you logon to Windows. Easy to remove I thought and just downloaded one of the best (and free!) tools ever, called Sysinternals Autoruns which makes it super easy to see and disable all programs that automatically starts for various reasons including the ones launched form Task Manager or as Shell Extensions.

But there was no reference at all to be found related to the Asus Mini Bar. Ehh?  Well turned out that it was a lot easier than that.

asus

Just right click on the Asus AI Suite icon in the systray and remove the checkbox for ASUS Mini Bar! It’s the AI Suite tool that launches the Mini Bar…

I hope it can help someone else who’s like me digging through the Registry and Autorun folders and what ever else.

 

MSI Error 25543 when installing SPF Update Rollup

When trying to install an Update Rollup for SPF through Windows Update you may run into a Failed installation. And running the update manually gives a MSI Error 25543 where you have to click the Ok button like 10 times before it abort.

I’ve solved that at three different occasions by just stopping the IIS “Internet Information Services” and then installing the update manually.

Remember to start IIS after the update is installed and verify the bindings for SPF is still correct (there has been occasions where there have been duplicate bindings).

 

Potential version mismatch between WAP and SPF, please verify both component’s versions and if they’re compatible

I had a customer today who were getting errors when trying to create Virtual Machines in Windows Azure Pack (WAP).

WAP Tenant Log file
WAP Tenant Log file

Looking in the logfile on the Tenant server (Tenant Admin Log) showed that there were quite a lot of Error Events when a user is trying to create a server.

Some operations worked, like creating a virtual network but not deploying a virtual machine.

The interesting part here is the reference to; “Potential version mismatch between WAP and SPF, please verify both component’s versions and if they’re compatible”

Full Eventlog details, might help with search indexes.

 

I had a look at the SPF Server, and immediately noticed that the version of SPF was System Center 2016 RTM with no updates installed.

Updating SPF to the same version as Virtual Machine Manager (VMM) 2016 and Windows Azure Pack solved the problem.

 

 

DVBLogic channel logos for Kodi

I’ve used Kodi (xbmc) as frontend for my DVBLogic (DVBLink) TV-Server backend. Which is working great, but I wanted to enhance the experience a bit and get channel logos for all my channels to show in the tv-listing and in EPG view.

There were unfortunately no packs of Swedish channel logos available, so I made a small powershell script that reads the channel logo URL’s from the EPG Guides and downloads them to a country specific folder. They can then be assigned in DVBLink to the right channels.

The part that took the longest to make was to find a way to download the latest Windows (Win32) version of XMLTV from Sourceforge.

The Script is Downloading Windows (Win32) version on XMLTV.exe from Sourceforge https://sourceforge.net/projects/xmltv/
It’s then unpacking the Zip file to a Directory in c:\temp\xmltv
It will run XMLTV.EXE with –configure where you will be prompted for a location of the cache and which Channels to download information for. Either manually select each channel you want logos for or select all.
XMLTV.EXE will in the next step download information to tvzon.xml. I’ve set the timespan to 0, to make the download size minimal. Meaning, if you want more EPG data, you may want to change “–days 0” to “–days 14”.
The Script is then rading tvzon.xml and downloads all Logos to a country specific folder, based on the filename.
You can now copy the folder structure into your DVBLink server installation under “Program Files (x86)\DVBLogic\DVBLink\share\channel_logos” and you can keep the folder structure.

Link if you just want to download my pack: https://www.dropbox.com/s/elmoomsiyahxc4q/SwedishChannelLogos.zip?dl=0

 

 

Error 500 in Azure Pack when using ADFS

I’ve had a couple of customers lately who’s had sudden issues with Azure Pack reporting a error 500 when used in combination with ADFS after logging on.

It’s because the ADFS Certificate has been updated and the thumbprint in WAP doesn’t match the one presented from ADFS anymore.

Mark has made a great post about it here (all credits to him for the solution): Error 500 Azure Pack tenant portal – Jwt10329 Error

I’ve modified Mark’s script a little bit so I can easily run it at various customers without modifying the URL’s. It will basically read the old value from the config and re-use that hostname for the ADFS dns entry.

This script assumes you are using ADFS for both the tenant and admin sites.

Just update the HOST, Username and Password and run the script on the AdminSite server. When done, logon to AzurePack as normal.