Recover DC with Only System State Backup

Have you ever had to restore an Active Directory Domain Controller from scratch with only System State backup?

If so, and you already looked over the Internet, probably no direct results mentioned that procedure, basically due to it’s simplicity.

Indeed simple procedure. Starts by building (format and install Windows OS) the server and install all the updates to match the same version and edition used on the original DC.

Enable all features and roles needed and were on the original DC, but do not configure any of it.

Isolate the server, you may use an isolated port or simply change the IP address to something not in that subnet, to avoid conflicts and service interruption.

Promote to domain controller as new domain in new forest. Better to use the original names of DC and domain.

Reboot to DSRM, and login.

Start the system state restore process.

Once done and rebooted, check the event log for any critical / serious messages. If not exist, then you can connect to the network and resync with other domain controllers.

I’ve successfully applied this on Windows 2012R2 and will soon test it again with 2016 and 2019 servers.

However, I still strongly recommend you have the bare metal backup, and perform restore testing every six months.


Tips for Me on Cisco Voice IOS


I wrote this basically for my own remembering:

1. show call leg active / sh call leg act sum

Helps find active calls running on the voice gateway live.

2. sh call leg act | in Port

Helps filter which ports are being used in case I need to follow it with “shut/no shut” to reset hang ports.

3. csim start <number_to_dial>

Initiate a call from the voice gateway to the number.
Very helpful in troubleshooting voice routes.

4. debug voice ccapi inout / debug cch323 all / debug ip tcp transaction

Along with “csim” and “terminal monitor” it can provide great tool.

5. Check TCP ports on CUCM

As simple as “telnet <ip_address> 1720 / 1719 / 2000 / 2001” can help pointing a communications issue.


Exchange Comulative Update Failure


During Exchange 2016 or Exchange 2013 server from one CU to another, you may run into strange set of errors.

Funny though, when you track those errors down you will probably end up removing OS patches and updates that actually needed and, even worse, that will not solve your issue.

I’m talkiing about tons of erros directly after the registry entries in the log file, something like:
Process execution failed with exit code 1072

Will, in my case, I had to do three things:

1. Re-confirm Schema, Forest, and Domain preparation is done using the “Setup” file from the CU I’m installing.
2. Un-install backup agent that is integrated with Exchange (in my case it was Veeam).
3. Run the setup time after time till it successfully completed. One server required (5) times, the other needed only (3).

Don’t forget to re-install the backup agent.

HTH some1

Exchange PowerShell Error

You start the Exchange Management Shell (EMS) after a regular Windows update, and boom, you’re end up with an error.
It says:
New-PSSession : Cannot find path ” because it does not exist
New-PSSession -ConnectionURI “$connectionUri” -ConfigurationName Micr …
And it tries all servers you’ve updated, and you end up with none functional EMS.

1st, you shouldn’t update all servers without fully test the update on single one first, you should already know that by now.
2nd, yes it is indeed one of Microsoft products updates caused the crash of another Microsoft product.
3rd, most likely you didn’t update the product itself to the latest version.
4th, yes there is a solution, but it will cost you restarts.

Check if you have the latest updates of Exchange, SharePoint, SQL, or any other application you have. And by checking I mean you check the version you have, and go to the website and find what is the latest version published and what is the latest update package (or cumulative update) is there.

If that is not an option, as I’m expecting from some Exchange and SharePoint admins, then you better start looking into each update installed on that day, and go read about it to find which one included modification and/or update of the PowerShell of the OS. You’ll need then to remove that update in order to test if the issue is gone, and if it’s not, then you’ll have to find the next update, and keep going till you find the one caused that issue.

Yes, I know it’s not much of a help.
However, you may want to check if the PowerShell 5.0 is installed on Exchange 2016 CU8 or earlier, or Exchange 2013 CU19 or earlier, then most likely you want to get back to PowerShell 4.x

Good luck,

Move WhatsApp Data to New Android Phone

Why this note?
Because I didn’t find one on the Internet addresses the gap issue.
See, the problem when you use the cloud backup you may not have enough cloud space. And more, between the moment you start the backup, until the backup is completed, you may receive several messages and medias. Which most likely will be lost once you switch to the next phone.

So, here we goes:

  1. Disconnect your Google drive from WhatsApp

Follow this article for the details:

  1. Get backup of WhatsApp folder to SD or Flash disk, and copy it to the new phone
  2. Install WhatsApp on new phone, and pay attention to the step after activation. If no backup is detected, or if it is trying to restore a cloud backup, then you missed something

Good luck :)

XG Virtual Firewall on KVM and Openstack ERROR firstboot failed

Yep, no much result on the web about this subject.

I don’t know what the cause, nor why Sophos didn’t take it seriously.

Anyway, if you’ve downloaded version 16 of Sophos XG virtual appliance for KVM and you got the nice error message of

firstboot failed: swapon /dev/swap

But, if you know and sure you’ve done everything right and as per Sophos documents, then most likely you have the same issue we run through.

For some unclear reason we were able to solve this by having the Hyper-V version of the same appliance and run it on KVM platform :)

Our team members are testing it now on OpenStack with our service provider to make sure of the compliance.


HAproxy Errors and No Logging

Basically, you’re running HAproxy 1.7.x on Debian/Ubuntu and have no logging under /var/log or you’re getting log files full of errors like:

haproxy-systemd-wrapper [26417] sendmsg logger #2 failed: Connection refused

There are many reasons for this problem, but most of the solutions are related to standard setups, which means if you have version 1.7 by the time this post is published, you’re not getting the binaries through standard apt-get libraries. Thus, you don’t have standard setup ;)

Anyway, if you’ve installed version 1.7 directly, then simply remove it, and remove pointers in apt-get libraries to its source.

Install version 1.6 from the standard libraries, and test the functionality of HAproxy, then test the functionality of the logging.

Finally, you can upgrade to version 1.7 and logs will keep working for you.

Don’t ask me why, I don’t have time to find the root cause :)


Change Password on OWA Using UPN

Exchange 2013/2016 OWA allows users to change their passwords, and additionally, helps administrators to force users to change their passwords.
After first login, and when the user tries to use UPN on password change page, OWA will return an error saying username/password combination is not correct. Which is not true, but OWA tells the user to use the format domain\username not the UPN.
This is because the home directory (OWA Virtual Directory) is configured to use that format for authentication. Although it’s ok to use UPN to login, for some reason the DLL file responsible for the password change is not able to tolerate that format.
Changing OWA virtual directory authentication settings to use UPN format will solve this issue for your users.

Exchange 2016 Readiness Checks Error

I’m not an expert of Exchange, but I wasn’t able to find something clear in the documentation saying I must install new Exchange server (2016) on the same site as existing one (2013) and move it later!

Anyway, the list of errors I got in the Readiness Checks page wasn’t useful at all. However, looking at the ExchangeSetup log file was.

If you are receiving something like:

Global updates need to be made to Active Directory, and this user account isn’t a member of the ‘Enterprise Admins’ group


You must be a member of the ‘Organization Management’ role group or a member of the ‘Enterprise Admins’ group to continue

And you’re sure the account running the setup has these rights, then most likely you’re trying to install the first Exchange server of this version on AD site that has no Exchange servers at all.

My solution, actually it was a work around, was simply to move domain controllers to a site with Exchange servers, remove the subnet from AD Sites and Services, and reboot the new Exchange server.

After 15 minutes, just enough time for AD replication to take place, I logged in again to the server and started the Exchange setup, and it works just fine.


Domain Controller Status Unavailable

When running MMC with any AD management component inside it, and try to switch to another server you may notice sometimes the status shows “Unavailable”.

Most likely this is due to IPv6 not fully disabled, or not fully enabled (if you decide to run it), and you will need to update the registry value as per Microsoft article: