Mohammed Wasay

Blog

  • Point a Window Client or Server to a particular Domain Controller

    Point a Window Client or Server to a particular Domain Controller

    When troubleshooting domain controller related issues from a client side there are many things that needs to be checked.

    Few items that need to checked:

    • Review if DCs are hardcoded in the application residing on the client (if application related)
    • Ports are opened from the client to the DC
    • Check if the DCs in the Sites & Services are the correct ones servicing the site/subnet, and if it communicating properly.
    • There are chances that there are new DCs in the environment and the client is not able to talk to them on the requested ports causing delays or timeouts. You may need to switch the domain controller from the client computer to point to an older DC (incase ports were open to it), or the configuration works sporadically.

    If you are in any of the above scenarios switching the domain controller has helped me a few times to find out the next steps:

    Find Current Domain Controller

    You can grab the domain controller that the computer is currently connected to with these steps:

    1. Select the “Start” button.
    2. Type “CMD“.
    3. Hold “Shift” and right-click “Command Prompt“.
    4. Select “Run as different user“.
    5. Type credentials for a Domain Admin user account.
    6. At the Command Prompt, type:
      • nltest /dsgetdc:domainname

    Switch Domain Controller Command

    Actually switch the domain controller computer is using with these steps.

    1. Select the “Start” button.
    2. Type “CMD“.
    3. Hold “Shift” and right-click “Command Prompt“.
    4. Select “Run as different user“.
    5. Type credentials for a Domain Admin user account.
    6. At the command prompt, type:
      • nltest /Server:ClientComputerName /SC_RESET:DomainName\DomainControllerName

    [su_note note_color=”#f9f4ca” text_color=”#000000″ radius=”2″]This option is not permanent, as a restart of the computer may grab a different DC.[/su_note]

    [su_note note_color=”#f9f4ca” text_color=”#000000″ radius=”2″]/SERVER: is the name of the machine you want to force a connection *from*. e.g client1 /SC_RESET is where you want to force the connection to which is the domain and domain controller in netbios format. e.g. DOMAIN\DC1 Note: this is using the NetBIOS names as opposed to DNS FQDN.[/su_note]

    Set Domain Controller Via Registry

    1. Hold the Windows Key and press “R” to bring up the Windows Run dialog.
    2. Type “Regedit“, then press “Enter“.
    3. Navigate to:
      • HKEY_LOCAL_MACHINE
      • SYSTEM
      • CurrentControlSet
      • Services
      • Netlogon
      • Parameters
    4. Create a String value called “SiteName“, and set it to the domain controller you wish the computer to connect to. (i.e. DC1.domain.com)
    • ClientComputerName = Name of the client computer you want to switch domain for.
    • DomainName = Name of Domain.
    • DomainControllerName = Computer name of domain controller.
  • Convert a Dynamic IP to Static

    Convert a Dynamic IP to Static

    Working on a project where on some servers the DHCP assigned addresses needs to be converted to static. Since there is always more than one…I needed to script it.

    Here is a quick way to do it via PowerShell.

    Hope this helps!

  • Force Replication of all Domain Controllers on all Sites

    Force Replication of all Domain Controllers on all Sites

    If you want to replicate all Domain Controllers, then you have to start replication on each of them separately. This may take a while. To save time there is an easier way to force replication on all Domain Controllers of all Active Directory Sites.

    Log on to one of your Domain Controllers. Start Windows PowerShell with administrative privileges. Using the Get-ADDomain cmdlet we can get the domain name and the domain partition.

    Now depending on the size of your environment the results may take some time to appear. The final output should be something like this:

  • All of Windows Cipher Suites

    All of Windows Cipher Suites

    Working on a security project and I needed a reference guide as to what cipher suites are supported on what OS.

    So I have documented a list of the default cipher suites and their preferred order for every Windows Server version. These were gathered from fully patched operating systems.

    [su_note note_color=”#efacad”]These are the server defaults for reference only. I do not recommend using the default cipher suites or the order listed.[/su_note]

    [su_accordion]

    [su_spoiler title=”Windows Server 2003″]TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_SHA TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA TLS_RSA_EXPORT_WITH_RC4_40_MD5 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_WITH_NULL_MD5 TLS_RSA_WITH_NULL_SHA[/su_spoiler]

    [su_spoiler title=”Windows Server 2008″]TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521 TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_MD5 SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 TLS_RSA_WITH_NULL_MD5 TLS_RSA_WITH_NULL_SHA[/su_spoiler]

    [su_spoiler title=”Windows Server 2008 R2″]TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5[/su_spoiler]

    [su_spoiler title=”Windows Server 2012″]TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_MD5 SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA[/su_spoiler]

    [su_spoiler title=”Windows Server 2012 R2″]TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5[/su_spoiler]

    [su_spoiler title=”Windows Server 2016″]TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA SSL_CK_DES_192_EDE3_CBC_WITH_MD5 SSL_CK_RC4_128_WITH_MD5[/su_spoiler]

    [/su_accordion]

     

  • NSLookup still showing IP of demoted Domain Controller

    NSLookup still showing IP of demoted Domain Controller

    So had an interesting issue today where a Domain Controller (DC) was demoted yet the IP of the demoted DC was still showing up when running nslookup internaldomain.local

    Demoted DC: MWDC04 / IP: 10.14.111.111

    I had done the metadata cleanup and tried many suggestions when googling the subject. To my surprise none of the solutions I found worked.

    I had removed the IP address from the Primary DNS Server and saw entries for:

    (same as parent folder) Host(A)  10.14.111.111
    (same as parent folder) NameServer (NS)  10.14.111.111

    I also looked under internaldomain.local > _msdcs and deleted entries from there.

    After clearing the cache and waiting for replication, did a nslookup again and the IP was still there.

    Well, there are some good and bad things about Microsoft DNS.

    The BAD:

    You cannot search DNS values in DNS Management. You are limited to searching just the names.

    THE GOOD:

    All DNS entries are stored in a flat file on the DNS Server “C:\WINDOWS\system32\dns\internaldomain.local.dns” (The default location). JACKPOT!

    I opened it up in Notepad++, did a search for IP and DNS name of the demoted server(MWDC04-10.14.111.111) and started deleting matched entries. I was so surprised to find entries that were deeply buried under “domaindnszones” & “forestdnszones” and a few other subzones.

    Cleared the cache again and waited for replication. Once replication completed I tried nslookup internaldomain.local and this time it didn’t list the demoted DC anymore.

    I hope this saves others time, because finding a record in DNS might be like searching for a needle in a haystack!

  • ConfigMgr 2012 R2 – WSUS sync fails with HTTP 503 errors

    ConfigMgr 2012 R2 – WSUS sync fails with HTTP 503 errors

    Ran into this issue with ConfigMgr 2012 R2 where it was unable to synchronize Software Update Point with the WSUS server. A review of the component status messages for the SMS_WSUS_SYNC_MANAGER component on the primary site server reveals errors related to WSUS synchronization which are similar to the following:
    [su_note note_color=”#efacad”]Message ID: 6703 WSUS Synchronization failed. Message: The request failed with HTTP status 503: Service Unavailable. Source: Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer. [/su_note]
    Got the following error when trying to open Update Services on the WSUS server

    [su_note note_color=”#efacad”]Error: Connection Error An error occurred trying to connect to the WSUS server. This error can happen for a number of reasons. Please contact your network administrator if the problem persists. Click the Reset Server Node to connect to the server again. [/su_note]

    In addition to the above, attempts to access the URL for the WSUS Administration website (i.e., http://CMCASSERVER:8530) fails with the error:

    [su_note note_color=”#efacad”]HTTP Error 503. The service is unavailable[/su_note]

    In this situation, the most likely cause is that the WsusPool Application Pool in IIS is in a stopped state, as shown below.

    Also, the Private Memory Limit (KB) for the Application Pool is probably set to the default value of 1843200 KB.

    If you encounter this problem, increase the Private Memory Limit to 4GB (4000000 KB) and restart the Application Pool. To increase the Private Memory Limit, select the WsusPool Application Pool and click Advanced Settings under Edit Application Pool. Then set the Private Memory Limit to 4GB (4000000 KB).

    After the Application Pool has been restarted, monitor the SMS_WSUS_SYNC_MANAGER component status, wcm.log and wsyncmgr.log for failures. Please note that it may be necessary to increase the Private Memory Limit to 8GB (8000000 KB) or higher depending on the environment.

    Now WSUS is back online!

  • Active Directory Ports required between client and domain controllers

    Active Directory Ports required between client and domain controllers

    Active Directory uses several ports for communication between domain controllers and clients. These ports are required both by client computers and Domain Controllers. As an example, when a client computer tries to find a domain controller it always sends a DNS Query over Port 53 to find the name of the domain controller in the domain.

    • 53- DNS
    • 88- Kerberos
    • 123- Time Service
    • 135- for domain controllers-to-domain controller and client to domain controller operations.
    • 138- For File Replication Service between domain controllers.r
    • 139- For File Replication Service between domain controllers.
    • 389- For LDAP to handle normal queries from client computers to the domain controllers.
    • 445- File replication/SMB
    • 464- For change the password of user account
    • 636- secure LDAP
    • 3268- Global Catalog server
    • 3269 – Global Catalog server [Secure]
    • 5722-File replication, DFSR
    • 9389- ADDS web service
    • 53248- FRS RPC

    Above mentioned ports should be opened in Firewall between client computers and domain controllers, or between domain controllers, will enable Active Directory to function properly.

  • Going back to the basics….moving out of Amazon Drive!

    Going back to the basics….moving out of Amazon Drive!

    As of June 8, 2017, it was announced that when when users try to sign up for Amazon Drive they will not be able to select an unlimited cloud storage option. Instead they can choose either 100 GB for $11.99 per year, or 1 TB for $59.99, with up to 30 TB available for an additional $59.99 per TB. (The prior pricing was unlimited everything for $59.99.) My data came up to about 5TB, which according to their new pricing structure would cost me $300+ (Data is always growing!!).

    That is quite costly for just 5TB of storage when I can buy two 8TB drives and have it locally in a RAID configuration or a mirrored set. I shopped around with other popular cloud providers but each and every one of them have some sort of limitations. I decided to purchase two 8TB drives and maintain it locally. 

    I found very little help on Google when searching for ways to move out of Amazon Drive with ease. I found a lot of cool little utilities but none were able to do a clean and consistent sync copy/move. It most cases the application would either hang, or incomplete the job.

    I tried a lot of tools to get a synced local copy but the process seemed harder and harder. I tried a lot of freeware and shareware utilities as well as those offered by Amazon. I am just listing my personal experiences here so that I can save time for those whole have a similar situation.

    Tools I tried:

    Amazon Drive Desktop Sync

    •  Horrible transfer speeds +
    • Buggy Software
    • Startup & Resuming files would delay download significantly.

    SymLink (MacOS/ Linux)

    • Somewhat works but metadata is lost.

    NetDrive

    • Mounts the Amazon Cloud Drive and a Network Drive
    • Constant disconnects + too many app updates
    • Application hangs with large files
    • Service needed to be restarted multiple times to connect with Amazon

    Cloudberry Explorer

    • Quirks around Admin Mode.
    • Ghostfiles (0kb) leftover.
    • Acts like an FTP Client but missing a lot features

    rClone (Banned)

    AllwaySync

    • The Oneway transfer feature is nice but it was taking a long time between files
    • This might have worked if my filebase was a whole lot smaller but failed for larger jobs.

    Expandrive

    • Similar to NetDrive but a whole lot stable, but would fail on larger files.

    Odrive

    • Horrible interface. Didn’t work most of time.

    & a few more applications…. that didn’t work out!

    Syncovery

    Syncovery was the  winner in my case. This tools was the best in speed and got me an exact copy out from Amazon Cloud drive. It supports resuming! It is available on all platforms. It has a nice layout and can run as a scheduled job!

    It took Syncovery literally 2 days to get all of my data downloaded. I was simply amazed at how efficient this tool was working. It maintained a consistent speed. Didn’t lose any metadeta. I ran a file check and all of them checked out 100%.

    The trial version worked in my case and I am considering getting the Pro version. It excelled where all other failed. It wasn’t a resource hog and did the job in the first go! Thank you Syncovery!

     

    Couple of lessons learned in getting success with all my data downloaded.

    1. Metadata is important especially when dealing with older files. Try not of lose it, as once it is lost there is no going back.
    2. Don’t copy to the same path as the original. Use an external drive and copy it there.
    3. If dealing with a lot of smaller files break them into chunks or batches to avoid application hang
    4. Apart from Syncovery, there were some utilities that might delete the files from Amazon and put them in Trash. Make sure you look there if you notice files missing file. It is most certainly there. I personally didn’t have this issue but some people have reported this with other utilities.
    5. Share your experiences to help out others.

    Conclusion

    I am in no way promoting a product from Syncovery, but based on my personal experience I found it to be the easiest to move the amount of data I had from Amazon down to my local server.  I am going to sway away from the public cloud space for a while at-least for my personal stuff. Based on the pricing, limitation of file size and types, and amount of data I have, I am still searching for good cloud store. I am evaluating ownCloud for now. If I ever goto a public cloud storage solution again, I am going to try my exit exercise/ strategy prior to bulk upload.

    Another strategy people are recommending is hosting all the files in a VM on AWS/ Google/ Azure. My issue there is access cost. If my access is within the VM I am good, but any data I am pulling or accessing out of the VM – I am paying for it!

  • Get .Net Framework Version for the .DLL & .EXE files

    Get .Net Framework Version for the .DLL & .EXE files

    Working with many app/dev teams it is hard to find which version of Dot Net  an application was designed or made in.

    Now if your application server has multiple drives and depending on which drive the application resides it may be hard to find this information.

    Let’s assume there are two drives C: and D:.

    We will start with D: drive as it is easy.

    #Check DotNet Framework for .EXE & .DLL 
#====================================#
#====================================#

#Files residing on any other drive except C: (OS Drive)
#=====================================================#

#Uncomment the line below to surpress any errors
#$ErrorActionPreference = "SilentlyContinue"

#Specifiy the filepath (I am using the root)
$filepath=’D:\’

#Get All files and filter .exe and .dll files
$files=Get-ChildItem -Path $filepath -Recurse -include *.dll,*.exe

#Loop through each file
foreach($file in $files)
{
    #Check the version of .NET for the file
    $version = [System.Reflection.Assembly]::ReflectionOnlyLoadFrom($file.FullName).ImageRuntimeVersion;

    #Write the Output on Screen + Capture to a file
    Write-Output "$file,$version" | Out-File D:\DotNetFiles_D.txt -Append

}

    Now the C: drive is a little more work. The above method wont work because C:  drive has system files and depending on your rights you may not have access to them.

    You may get the following error:

    But there is a way we can get this accomplished. Good old dos commands to the rescue! We are basically going to get a list of .exe and .dll files from the C: drive and then run the above code against it.

    Lets capture the files:

    #For files residing on C: (OS Drive)
#====================================#
#Get a list of .exe files on the C: Drive and store to a file
dir C:\*.exe /s /b | findstr /e .exe > C_Executable_Paths.txt

#Get a list of .dll files on the C: Drive and store to a file
dir C:\*.dll /s /b | findstr /e .dll > C_DLL_Paths.txt

    Now we have the .EXE files stored in C_EXE_Paths.txt and we query it for .NET versions and save the output to DotNetFiles_C_EXE.txt

    #Query each .EXE file capture in C_Executable_Paths.txt
$files=Get-Content D:\C_Executable_Paths.txt

#Looping through each file entry
foreach($file in $files)

{

    #Getting .NET version number for each file
    $version = [System.Reflection.Assembly]::ReflectionOnlyLoadFrom($file).ImageRuntimeVersion;

    #Writing output to an external file
    Write-Output "$file,$version" | Out-File D:\DotNetFiles_C_EXE.txt -Append

}

    Similarly we have the .DLLfiles stored in C_DLL_Paths.txt and we query it for .NET versions and save the output to DotNetFiles_C_DLL.txt

    #Query each .DLL file capture in C_DLL_Paths.txt
$files=Get-Content D:\C_DLL_Paths.txt

#Looping through each file entry
foreach($file in $files)

{

    #Getting .NET version number for each file
    $version = [System.Reflection.Assembly]::ReflectionOnlyLoadFrom($file).ImageRuntimeVersion;

    #Writing output to an external file
    Write-Output "$file,$version" | Out-File D:\DotNetFiles_C_DLL.txt -Append

}

    You might get errors for files that do not meet criteria or fails to list .Net version.

    This can be surpressed by using:

    $ErrorActionPreference = "SilentlyContinue"

    The output would be similar to:

    C:\Program Files\IBM\SQLLIB\BIN\db2dascmn.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2dascmn64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2daskrb.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2daskrb64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2daswrap.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2daswrap64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2g11n.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2g11n64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2genreg.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2genreg64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2hrec.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2ica.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2ica64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2install.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2install64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2isys.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2jcct2.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2jdbc.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2jdbc64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2kbc.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2kbc64.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2ldap.dll,v4.0.30319
C:\Program Files\IBM\SQLLIB\BIN\db2ldap64.dll,v4.0.30319

    Now you can import this in Excel and go crazy!  😉

    Additionally, if you want to detect what version of .NETis installed on your server here is a cool utility (ASoft .NET Version Detector) to get you the info, as well as download links to the installer in case you need to download and install.