DFS Replication – Best way to migrate a file server

Hi everyone

Today I wanted to do a lightweight post, as I seen a lot of IT folks still use robocopy and manual’s way to migrate fileserver.

With DFS support from 2008R2 to up to today, never forget that DFS is a nice approach now. You don’t need to create a namespace, just the replication folder.

I seen so much horror from robocopy, bad param that forget the file security, or too long path that prevent a copy.. I just wanted to share the method.

Remote Desktop Latency (Win10 / RemoteFX)

Hi everyone

Today I wanted to share a problem I seen some time on Remote desktop server.

It’s a unexpected lag in the user session. I call unexpected as in my case the server is not at all missing resources and the internet link is good.

Some older Remote Desktop can be greatly impacted by the RemoteFX settings; which are located there;

Computer Configuration/Policies/Admin Templates/Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment

Use advanced RemoteFX graphics for RemoteApp – Disabled

If the setting does not work there is a unexpected issue that can rise. The mouse polling rate.. That case happen if one of your user use a gaming mouse. Usually the polling is around 125 hz by default. Most gaming mouse go around 1000 hz.

Such polling really make the server unresponsive for the user session.

You can see some example stated by other people;

Ref: https://social.technet.microsoft.com/Forums/en-US/f3e9852b-393c-4aa0-9d2f-961a82cfc603/remoteapp-after-windows-10-update-1803-are-slow-and-right-mouse-button-is-not-responding-it-reacts?forum=winserverTS

or;

Ref: https://serverfault.com/questions/1020864/remoteapp-on-windows-server-2019-lags-heavily

or;

Ref: https://docs.microsoft.com/en-us/answers/questions/112989/slowness-on-remoteapps-with-certain-mouses.html

As you can see it’s a common error. If you got a application to lower the polling it can be easy to deal, else you might have to get a older mouse, or a more standard’s one.

An example of where to change that setting for a logitech’s mouse;

Thanks everyone

Windows Server 2019, 2016 – WINS Cluster

Hi

This blog post is about a feature that is really less used today, but some of you might still need it, WINS.

In case you try to make a WINS cluster you must know that Microsoft by default, from 2016, now block NetBIOS on the cluster IP. It would make it look like the port 137 is blocked.

To find the correct IP, open up MMC, Cluster, Roles, WINS and find the IP.

After we have the IP, we enable the NetBIOS that way with PowerShell;

Get-ClusterResource “IP-address” | Set-ClusterParameter EnableNetBIOS 1

A small tip, but still handy if you happen to need it.

Windows Server 2019 or Windows 10 – Find hidden disk space utilization

Hi everyone

I rarely do a post that promote a tool, but I had to do it this time, as I will share a tip if you can’t find where you used space go inside a Windows Server 2019 VM.

Explorer and tool like windirstat don’t see to list hidden folder that start with $.. (metadata file and stream in example) as such it seem a common pattern to be unable to locate where the disk space go.

To illustrate the problem seen I will paste picture from SF that I seen that illustrate the same problem as I seen;

As seen in this example the data is 99% full, but on explorer or windirstat’s windows you can see the files take only 33G out of the 500G available.

I suggest the tool WizTree to find the space in such case for the time other way exist.

Thanks everyone

Windows 10 _ldap._tcp.dc._msdcs.domain DNS query error over VPN and file security disappear over share problem

Hi everyone

Today I wanted to discuss a bug I encountered that got some major impact. The setup is Windows Server 2019 and some Windows 10 client. The bug wasnt present when the server were on 2008R2. The problem seen was when I edit a file over VPN on the file share, the file lost it’s security acl to become orphan and it disappear from the user view at the same time.

It’s a strange bug as the user can see only the folder where he got access to, but when the bug appear the file lost it security at all. Only an admin can take back the file ownership back.

From my research the error seem related to the Palo Global Protect VPN’s software that badly redirect DNS query, and do error out on ldap/kerberos lookup for the domain name. Which seem to lead to authentification error, even if the share is already open.

The symptom I had was;

  • Only able to map the network drive by the IP.
  • Such error flood inside wireshark for the remote computer;
    • DNS QUERY for _ldap._tcp.dc._msdcs.domain fail. (not found)

Such DNS entry can be validated that way;

nslookup

set type=all

_ldap._tcp.dc._msdcs. Domain_Name

Validating the DNS entry confirm it work on the LAN, but not from the VPN’s endpoint.

What I discovered is for these clients the mapping was working correcty by using the FQDN directly, not the DFS nameshare or the hostname of the server, really the FQDN, like \\server.domain.com.

The bug seem really related to the globalprotect vpn software, but with this small tip atleast you can bypass that bug.

* Some reference for the nslookup comand line: How to verify that SRV DNS records have been created for a domain controller

Windows 10 IoT – Removing Windows Update history

Hi everyone

In my latest blog post I talked on how to patch a IoT terminal when the SSD is small.

A tip not talked inside the blog post is how to remove unnecessary files after the update.

I dont recommend that tip if you have plenty of disk space, as it will break for you some ability, like to remove Windows KB.

The command to use is;

Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase

I will quote the same warning than on the Windows website;

Warning

All existing service packs and updates cannot be uninstalled after this command is completed. This will not block the uninstallation of future service packs or updates.

By running the command I save a 1 or 2 gigs. It’s not a lot, but on low disk space disk it mean a lot.

Thanks for reading, today was a small tip 🙂

Windows 10 IoT – Windows Update on small hard disk

Hi everyone

On IoT terminal often the hard disk is small, and there is a activity that can be a pain in such device, it’s to install a cumulative update.

The last update I did I had in example 7gigs of free space, and the uncompressing of the patch did fill the space completely to make the update fail.

To show the problem you can see these printscreens, please remark the free space available;

In my example in my struggle to install the patch, which is by itself 1.6gig, I tried to run the patch from the network, but voila, it’s not possible. You would receive such 0x80070003 error.

The tip I give today is to make an ISO with the patch, so you can mount the .ISO from a network share to trick the system.

I my case as Windows can’t make the ISO natively, I got a free tool to make the job, wincdemu. A lot of other tool exist to make that work by the way.

After the tool is installed, you can just right click your update folder, and select the Build an ISO image option.

You can name the ISO like patch.ISO.


In the Windows after you can mount the ISO to run the setup from there.
After it’s mounted you can run the EXE.

At that point you can wait.

Thanks everyone, hope the tip help some

Windows 10 – Unified Write Filter – Quick tip for the monitor resolution

Hi everyone

Today I wanted to share a quick tip if you want to allow your users to set their own resolution.

By default the unified write filter allow some registry key, but when a user set a resolution, that setting currently impact all users sessions, so that specific setting is inside the HKLM.

As the seeting can change depending on the terminal you use, I would give you the tip to find the correct keys.

I used process monitor, and I log what SystemSettings do in the registry when you click to change the resolution, in example;

As you can see, the registry key might be long, you can select to easilly copy it;

Inside the terminal after, add the exception for that registry key hive;

That will allow you user to set the resolution they want, and it will not come back to the default’s one.

Thanks for the reading

In Remote Desktop how to send CTRL-ALT-DEL

Hi everyone, today I waned to share a small tip that not everyone know; how to send the famous key stroke CTRL-ALT-DELETE to the remote system in Remote Desktop.

It’s always useful, in case you want to bring the task manager, or to try to recover from a unresponsible session.

ctrl+alt+end is the prescribed way to do this.

A small tip it’s, but it’s handy to have 🙂

You can see other shortcut there; Remote Desktop Tips and Tricks