Server has lost contact with failover partner server

If you see multiple events with ID 20255 “Server has lost contact with failover partner server“, this article may be able to help you.
I’ll concentrate on the actual network settings, specificially MTU settings.

Usually, when you see multiple events per minute stating that the Server has lost contact with failover partner server, followed by Server has established contact with failover partner server, the culprit is the MTU setting.

First of all, on both DHCP servers, make sure the network card’s MTU is set to 1500. You can do that by running the following command:

As you can see, the interface’s MTU in the screenshot is already set to 1500. In case yours isn’t, you can adjust it by running the following (where 12 is the Idx of your network card which you retrived earlier with netsh interface ipv4 show interfaces):

If the DHCP servers are virtualized, then make sure the virtual Switch’s MTU is also set to 1500. Here’s how it looks in the vSphere (HTML5)’s interface.

What if the DHCP servers are running on two separated hypervisors (as they should be..) and you’re still facing the same issue? It most likely is an issue related to the underlying network, so you may want your Network admin to check that, however you can still run a couple of tests.
First of all, try running a ping with 1500 bytes, in Windows you can do this with the option -l:

Try to ping from dhcp01 to dhcp02 and vice versa. Once I noticed that was that I was able to ping the DHCP servers with >1500bytes from a different network, but not within the same network and the DHCP servers weren’t able to ping each other with more than 1450ish bytes.

You can also test directly at the ESXi level with:

The other thing you can try, if these are virtualized servers, is to migrate them under the same hypervisor just to check it out and exclude an issue with the virtual network configuration.

Read More

Change a folder icon with Powershell

In this post we’ll see how to change a folder icon with Powershell, this method will work on shared folders too, as long as the filesystem of the shared network folder allows it.

The script is very simple, but first I want to go through it with an example, you can scroll down to the end of this article to checkout the script.

Let’s have a look at the difference between a local folder’s properties and a shared network folder’s properties.

A trick to allow us to change icon on a shared network folder, would be to move it on the desktop, change the icon and move it back. Totally ugly and useless if you have a large folder or multiple folders to customize.

If you change the icon of a local folder, you’ll notice that a Desktop.ini hidden file is created. When you copy that file to another folder though, nothing happens. The reason is because the folder attributes must be changed as well in order for Windows to read the Desktop.ini file.

Let’s work with an example and go through it. Say we have Folder1 and Folder2 in our local environment.

  • We change the icon for Folder1 manually.
  • This is how Folder1 and Folder2 will look like now.
  • Under \Folder1, there’ll be a desktop.ini file as well. Remember that it’s hidden. Let’s check its content out:
  • Let’s change the icon for Folder2, using the same desktop.ini file. You can just copy it from Folder1 and paste it in Folder2. Once done you’ll see that nothing happens as already explained above.
  • Let’s compare the attributes of both Folder1 and Folder2 and see what’s the difference.
    • (Get-Item “C:\Users\itdroplets\Desktop\tmp\Folder1“).attributes
    • (Get-Item “C:\Users\itdroplets\Desktop\tmp\Folder2“).attributes

By going through the above, we’ve identified the reason why the folder, even with a Desktop.ini file, isn’t changing its icon. We need to set its attributes to ReadOnly, Directory.

Right after running the above command, you’ll see Folder2 changing icon almost instantly.

The Script

I don’t like having files laying around in my script directories, unless I really have to. So, the script below is a quick way to get the icon changed, without needing to copy any Desktop.ini file. Instead, we’ll just create it based on a static content ($DesktopIni).

 

Read More

simpleSAMLphp on IIS from scratch (with AD FS)

With this article, I want to go through each step of the configuration to install simpleSAMLphp on IIS from scratch (with AD FS): this will work for multiple SPs!

This will allow you to set up single sign on on all your web applications, directing the users to login with your identity provider (AD FS for this guide).

The steps will be showing you how to deploy simpleSAMLphp in IIS and also how to link it to an existing AD FS environment, which will be used as the IdP.

Also, with this guide, you’ll be able to deploy multiple web applications on the same web server that will be able to leverage a single simpleSAMLphp installation.

(more…)

Read More

iDRAC 6: Drive Error Either Virtual Media is detached

I was working on one of these old iDRACs and once I added a new ISO, I was not able to mount it because of the error below.

iDRAC 6: Drive Error Either Virtual Media is detached or Virtual Media redirection for the selected virtual disk drive is already in use.

In order to fix this issue, connect to iDRAC with an admin account and go to System > Console/Media, then on Configuration.

idrac6-system-console_media-configuration

Under “Virtual Media” change it to Attach (or Auto Attach if you like).

idrac6-system-console_media-configuration_attach

Apply the changes and you’re good to go!

Read More

The user does not have RSoP data

This is an error you get back from running GPRESULT /R and it happens because the user you’re running this command with isn’t logged on the system.
For instance you want to check the policies applied to your computer but you’re not logged on with your administrator account. So you would run a command line prompt as a different user and then run gpresult /r or gpresult /r /scope computer getting stuck at The user does not have RSoP data.

gpresult-the-user-does-not-have-rsop-dataIn order to avoid this warning, you can run the following:

Where itdroplets\myuser is the user account that is logged on that workstation at the minute.

If you’re running this with PSEXEC (remotely) and you don’t know who’s logged on, run the following (with your admin account):

Where PC01 is the target computer. Note that this command might fail if ran it as above but it won’t if you run it with psexec like this:

 

Read More