Wednesday, January 6, 2016

Windows Firewall, SQL Windows Authentication, Connection Timeout Expired. The timeout period elapsed while attempting to consume the pre-login handshake acknowledgement.

Connection Timeout Expired. The timeout period elapsed while attempting to consume the pre-login handshake acknowledgement.

1) Use FQDN on the DB Server Instead of IP. If server is not domain based, then add a host entry in ETC\Hosts file and then use the same instead of IP

If that doesn't work, additionally try below

1) Open Windows Firewall on SQL Server and add a rule to unblock inbound port 1433
2) Enable IPV6 in NIC properties of SQL Server.

Set Windows Server 2012 Network Location / Public or Private

Use below PowerShell commands

Get the list of network profile
Change the network interface to private or Public

Set-NetConnectionProfile -InterfaceIndex <IndexNumber> -NetworkCategory <Private/Public>
PS C:\> Get-NetConnectionProfile

Name             : Network
InterfaceAlias   : Ethernet
InterfaceIndex   : 12
NetworkCategory  : Public
IPv4Connectivity : LocalNetwork
IPv6Connectivity : NoTraffic

PS C:\> Get-NetConnectionProfile -InterfaceIndex 12 -NetworkCategory Private

Tuesday, January 5, 2016

.NET Framework 3.5 installation error: 0x800F0906, 0x800F081F, 0x800F0907

.NET Framework 3.5 installation error: 0x800F0906, 0x800F081F, 0x800F0907 on Windows Server 2012 and 2012 R2

Below method uses DISM with no Internet connectivity

1) Mount appropriate OS DVD. 

Assuming that the OS DVD is mounted on to D:\, run below command to install the component, picking up source files from DVD.

2) dism.exe /online /enable-feature /featurename:NetFX3 /Source:D:\sources\sxs /LimitAccess



Unlock AD user / Reset passwords from command line

Start -> Run -> type "CMD"  and Press Enter

Checking User Account Status
net user <UserName> /DOMAIN | FIND /I "Account Active"

Will return "No" or "Yes".

Unlock a Locked account
Net user <UserName> /DOMAIN /active:YES

Reset Password
Net user <UserName> <newpassword> /DOMAIN /active:Yes

RoboCopy job to copy share folder with share permissions

robocopy <source dir> <des dir> /E /ZB /DCOPY:T /COPYALL /R:1 /W:1 /V /TEE /LOG:CopyLog.log

    source :: Source Directory (drive:\path or \\server\share\path).
    destination :: Destination Dir  (drive:\path or \\server\share\path).
    /E :: copy subdirectories, including Empty ones.
    /ZB :: use restartable mode; if access denied use Backup mode.
    /DCOPY:T :: COPY Directory Timestamps.
    /COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).  Copies the Data, Attributes, Timestamps, Ownser, Permissions and Auditing info
    /R:n :: number of Retries on failed copies: default is 1 million but I set this to only retry once.
    /W:n :: Wait time between retries: default is 30 seconds but I set this to 1 second.
    /V :: produce Verbose output, showing skipped files.
    /TEE :: output to console window, as well as the log file.
    /LOG:file :: output status to LOG file (overwrite existing log).


Logoff remote desktop sessions remotly via command line

Below method works if you can establish the required rights on the remote server.
1) Check who is connected / look for a in-active session

 quser /server:<ServerName/IP>
*** This command is the same as the query user command.  
C:>quser /server:ServerABC
 Norm                                  12   Disc        none   03/02/2015 20:51
 Firman             ica-tcp#69          1   Active          .  03/03/2015 08:15

Or we can also use 

qwinsta /server:<ServerName/IP>
C:>qwinsta /server:ServerABC
 SESSIONNAME       USERNAME                 ID  STATE     TYPE        DEVICE
 ica-tcp                                   65536  Listen  wdica
 rdp-tcp                                   65537  Listen  rdpwd
 ica-tcp#69          Norm                   12    Disc    wdica
 console             Firman                 1     Active  wdcon

From the above results, I see that Norm has a disconnected session, which I can probably end. Or I can also kill Firman's active session.

2) Once I have session name or session ID, I can use "LogOff" command or "RWInsta"

C:>logoff /?
Terminates a session.

LOGOFF [sessionname | sessionid] [/SERVER:servername] [/V]
C:>RWinsta /?
Reset the session subsytem hardware and software to known initial values.

RESET SESSION {sessionname | sessionid} [/SERVER:servername] [/V] 

In the above case, I would like to kill Norm’s session, which is Disconnected. So I use below command.  12 is the session ID noted. 

logoff /server:ServerABC 12 /v
Logging off session ID 1

RWinsta /Server:ServerABC 12


Restore trustedinstaller as default owner of a file or folder in windows

We had a server with NTFS permission messed up on C:\Windows\System32 folder.
In order to revert to its original settings, I had to keep Trusted Installer as default owner for a few folders.

1) Go to File / Folder properties
2) Navigate to Security tab
3) Click Advanced button
4) Navigate to Owner tab (for Windows 8.1 and 2012 Server, click on Change, next to owner, once you at the "Advanced Security Settings" for the file/folder)
5) Under "From This location" Select local computer
6) Type "NT SERVICE\TrustedInstaller" under object name and clock OK

Should be all set once you apply.


Un-install TS CALs on 2008, after installation

## Un-Install Installed TS CALs Windows 2008
## Remove Installed TS CALs Windows 2008
Up on setting up a new server, I had a requirement of removing installed TS CALs on a second thought, after I installed them. There was no way i could remove them from License Manager.  So used below method

1) Stop the Terminal Services Licensing service.
     SC Stop TermServLicensing
2) Rename %systemroot%\System32\lserver\TLSLic.edb to TLSLic.old

3) Start the Terminal Services Licensing service.
    SC Start TermServLicensing

The above steps will of-course wipes out "ALL" the licenses installed. So if you want to keep any of them, this method wont help, until unless you are ready to re-install the correct once.

SQL Best Practices for SharePoint

Select Latin1_General_CI_AS_KS_WS Collation for Database Engine 

Remember to set Latin1_General_CI_AS_KS_WS collation,  when you install DB server for your Sharepoint 2010 and Sharepoint 2013 infra.

CI - Case-insensitive
AS - Accent-sensitive
KS - Kana-sensitive
WS - Width-sensitive

If SQL is already installed, or you are planning to make use of an existing SQL Cluster, please be sure to check collation by opening Properties of DB instance from SQL Management Studio.

MS KB here for reference -:

Change Default collection to Latin1_General_CI_AS_KS_WS , if SQL Server was installed.
1) Stop all SQL Services
2)  Open CMD
3) CD "Program Files\Microsoft SQL Server\<SQL Server Folder for the version installed>\MSSQL\Binn"
4) sqlservr -m -T4022 -T3659 -s"<SQLInstanceName>" -q"Latin1_General_CI_AS_KS_WS"    If only once instance is running, then -s is not required and command will be like the below one
    sqlservr -m -T4022 -T3659 -q"Latin1_General_CI_AS_KS_WS "

5) Once Done, Start SQL services and check Instance Properties to confirm the change.
Maximum Degree of Parallelism in SQL  

In SharePoint 2010, setting Maximum Degree of Parallelism option was recommended to be set as 1 , but is was optional.
But, in case of SharePoint 2013, it is required to set this to 1 otherwise the configuration wizard will fail.