Friday, 23 May 2014

Server 2012: Auto updates reboot after 3 days and how to fix

WHY WHY WHY!  What were they thinking?

Sorry this post is a little ranty but wow this caught me unawares and I just cannot see the logic to the changes.   If you want to fast forward to just fixing it scroll down to the section "How to fix"

Official Resoning from MS about the changes can be found here: here

In the section: 'Automatic Maintenance and changes to restart behavior after updates are applied by Windows Update' - it states: "Because Windows Update is a part of Automatic Maintenance in Windows 8 and Windows Server 2012, its own internal schedule for setting a day and time to install updates is no longer effective" So the GPO which worked fine on Windows Server 2000, 2003 and 2008 suddenly does NOT control when your updates and subsequent reboots are installed in Windows 8 clients or Server 2012. So how do you get back control of when your server reboots for updates? You need to configure the ""automatic maintenance" feature - of course, because consistency is boring. To configure this via GPO instructions are available here: http://blogs.technet.com/b/wsus/archive/2013/10/08/enabling-a-more-predictable-windows-update-experience-for-windows-8-and-windows-server-2012-kb-2885694.aspx in a KB Article entitled Enabling a more predictable Windows Update experience for Windows 8 and Windows Server 2012 My question is whose grand idea was it to have a less predicatable Windows Update experience in the first place. *sigh* Microsoft went some way to fixing the issue with KB2885694 which now means 2012 will at least acknowledge your GPO auto update settings but will still insist on doing a restart 3 days after the updates have been installed, which means an update might get installed at 4pm on Sunday will result in a reboot of a production server at 4pm on Wednesday. To prevent that - enable the "Always automatically restart at the sceduled time policy" which is shown in the example configuration about halfway down the "more predicatble windows update experience" page linked to above but for my scenario and recommended config (note unless using Server 2012 domain you will need to install the Server 2012 ADMX templates which are available here: http://www.microsoft.com/en-gb/download/details.aspx?id=36991 yet when I tried that - even with the admx templates installed I just could not find the Always automatically restart at the scheduled time policy, even in all policies view... sigh Rant Over!

How to fix it

Basically we need to apply the usual GPO updates policy used for your 2003, 2008 servers but in addition create the following key in the GPO (and just target it at server 2012 servers):
  • Registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  • Value: AlwaysAutoRebootAtScheduledTime
  • Type: REG_DWORD
  • Value data: 0 (default value) or 1 (force a restart)
I did this using Group Policy by creating a GPP Registry key
Create a new GPO and drill down through Computer Config > Preferences > Windows Settings > Registy
Right-Click the Registry items and click New > Registry item

Add the above registry information into the key

Apply to your Windows Server 2012 servers and we are done! Normal update behaviour should be resumed. YAY!





at No comments:
Labels: , ,

Saturday, 10 May 2014

Lotus Notes Beginners Guide to: Giving someone else access to your emails calendar etc

Open the mailfile > Click preferences
More > Preferences menu
Click Access & Delegation Tab Under the Access to Your Mail and Calendar click the Add button
Access and Delegation Screen
Now just follow these 3 simple steps:
Add people and groups screen
  1. Select the user you want to have access to your mailfile from thelist
  2. Select Mail, Calendar,ToDo and Contacts
  3. Select the level of access that you want the user to have
Click OK and then the user specified will be able to access the mailfile.
at No comments:
Labels: ,

Wednesday, 22 May 2013

Windows 7 - Add Recent Documents to start menu


Issue
By default Recent Documents do not appear in the Windows 7 start menu - instead if recent documents have been saved in word and Word happens to be on the start menu you can expand the start menu to show recent documents opened in Word - however this is not always what users want

Resolution
Add "Recent Items" to the start menu
Right Click on Start
Click Properties
In the Start Menu Tab - Click the Customize button
Find Recent Items - just under the picture options

Ticking this will show the recent items menu on the start menu

at No comments:
Labels: , ,

Thursday, 28 February 2013

Office 2013 - GPO Group Policy Installation (and upgrade to x64 bit at the same time)

With Office 2010 (and possibly 2007 - I never installed that via GPO) Microsoft has made it more difficult to install Office via GPO.  With Office 2003 we could just add the MSI as an installation package in a Computer/User GPO.

The task is now accomplished with a computer startup script or user logon script (still configured via Group Policy).  I was forced to opt for a computer startup script since logon scripts run as the user and our users do not have rights to install applications on their machines.

Prerequisites:
  1. Office 2013 Installation media/ISO
  2. A convenient network location to store the setup files (preferably a DFS share if installing on multiple sites)
  3. An AD Group or OU to assign the 2013 Installation GPO to
RANT: Why can I not simply upgrade to Office 2013 x64 from a previous Office that is x86?  Attempting to do so brings up this error:
Really? Why not just remove them as part of the installer?
So the script will need to detect and remove any existing x86 versions of Office just so that we can install the x64 version.  Following Microsofts instructions at http://technet.microsoft.com/en-us/library/ff602181.aspx will work fine if you do not mix environments and are upgrading an x86 version of Office 2003 to x86 Office2013.  If you are moving from x86 to x64 (which you should be) then the silent installer will just hang at the point it finds x86 versions running on the machine.

How to install Office 2013 via GPO Guide:

  • Copy your install files to a share e.g. \\MyFileServer\Office2013
  • You can create an installation answer file (.msp) and save it into the "Updates" folder to fully customise the installation of Office 2013
    • Type \\MyFileServer\Office2013\setup.exe /admin
    • This will bring up the Office 2013 installation config tool.  There are loads of settings to pre-configure in here
  • Edit the config.xml file in the Standard.WW/ProPlus.WW/whatever.WW folder (items marked in RED are things to change/ensure they match your setup):
<Configuration Product="Standard">
<!-- <Display Level="none" CompletionNotice="no" SuppressModal="yes" AcceptEula="yes" /> -->
<!-- <Logging Type="standard" Path="%temp%" Template="Microsoft Office Standard Setup(*).txt" /> -->
<!-- <USERNAME Value="Your Name" /> -->
<!-- <COMPANYNAME Value="Your Company" /> -->
<!-- <INSTALLLOCATION Value="%programfiles%\Microsoft Office" /> -->
<!-- <LIS CACHEACTION="CacheOnly" /> -->
<!-- <LIS SOURCELIST="\\MyFileServer\Office2013" /> -->
<!-- <DistributionPoint Location="\\MyFileServer\Office2013" /> -->
<!-- <OptionState Id="OptionID" State="absent" Children="force" /> -->
<!-- <Setting Id="SETUP_REBOOT" Value="IfNeeded" /> -->
<!-- <Command Path="%windir%\system32\msiexec.exe" Args="/i \\server\share\my.msi" QuietArg="/q" ChainPosition="after" Execute="install" /> -->
</Configuration>

GPO Installation script


Download: Office 2013 Install Script (InstallOffice2013.zip)
Open the script and replace the \\MyFileServer\Office2013 UNC paths with your own server name and share name.
What the script does

  • Detects if the is a x86 or x64bit system, if its an x86 system then exits (though this could be configured to run an x86 Office 2013 installer here if needed).
  • Removes the Office 2007 compatibility pack
  • Removes Office 2010 x86 version
  • Removes Office 2003 x86 version
  • Reboots the PC if required
  • Installs Office 2013

Install via startup or logon script

You can either run the cmd file above in your normal logon script (assuming users have admin rights to their machines) or you can deploy via a computer startup script in Group Policy
Instructions for the latter can be found here: http://technet.microsoft.com/en-us/library/cc779329(v=ws.10).aspx

at 3 comments:
Labels: , , ,

Wednesday, 23 January 2013

XenApp qfarm commands

List server loads

Command qfarm /load

Server Name           Server Load
--------------------  ------------
XASRV1               0                   
XASRV2               1900                
XASRV3               2317                
XASRV4               0                   
XASRV5               2140                
XASRVA1              0                   
XASRVA2              1100                
XASRVT               100                 

Load ranges from 0 (no load) to 10000 (full load).  The load is configured by default to take into account the number of users on each server and assign a set "load" to each user.  This will evenly distribute users across the farm but does not take into account that perhaps users on one server are undertaking much more CPU intensive tasks than users on another server.  The load balancing settings can be found in the Citrix Delivery Services Console/App Ceneter (XA 6.0/6.5 respectively) XenApp>XenApp Farm > load Evaluators.

At my company I have setup the load to be evaluated by instead taking into account the CPU Utilisation and RAM usage and actually ignore the number of users on the server as a factor to calculating which server a user should be pointed to when logging onto the farm.  I have also set the "Impact of logons on load" to high, meaning that when a user logs on I want that to make a significant impact on the load value assigned to that server.  This will help prevent several users all logging onto the same server at the same time and thus causing it to slow down while it processes all of those logons.

Server Load Error Codes

In some cases the server load when queried using the qfarm /load command will be an error code (any value above 10000 is an error)

  • qfarm /load = 10000 100% Full load on the server
  • qfarm /load = 20000 XenApp is configured to an incorrect server edition or the license server is unavailable
  • qfarm /load = 99990 You do not have rights to run qfarm commands!
  • qfarm /load = 99999 There is no load evaluator is configured.

View status of servers

Command qfarm /online

Server Name          Zone Name               LBOff
-------------------- ---------------------- -------
XASRV1              192.168.102.0        D   
XASRV2              192.168.102.0            
XASRV3              192.168.102.0            
XASRV4              192.168.102.0            
XASRV5              192.168102.0            
XASRVA1             192.168.102.0            
XASRVA2             192.168.102.0            
XASRVT              192.168.102.0                     

The qfarm /online command gives you a list of all servers that the farm believes are online.

You can see that there is a "D" next to XASRV1 - This is to indicate that it is the zone data collector for the 192.141.168.0.   If we have muliple zones e.g. servers in different geographic loacations they would be listed as well as long as they are part of the same farm and we would see more servers marked as Zone Data Collectors (each zone must have its own data collector).

Command qfarm /offline

Same as above but will list the servers that are known to be offline

at No comments:
Labels: ,
Subscribe to: Posts (Atom)