Without further ado, this is the command:

dsquery * -scope subtree -attr “cn” “operatingSystem” “operatingSystemServicePack”  -filter “(&(objectclass=computer)(objectcategory=computer)(operatingSystem=Windows XP*))” -limit 100000

The output of this command would be as follows:

cn                 operatingSystem                      operatingSystemServicePack
WRK001    Windows XP Professional     Service Pack 1
WRK002    Windows XP Professional     Service Pack 2
WRK003    Windows XP Professional     Service Pack 3

Where, cn is the workstation name and the others are self explanatory.

Share your handy little tips and tricks!

Related posts:

1. Get list of machines by OS type from Active Directory
2. Diskpart.exe Warning when expanding drive
3. Active Directory Password Expiry Reminder Email

Out of ideas and with no help from Symantec, we upgraded to version 2010 hoping that this would fix the error. No go. The backups still failed. We were back to square one.

I knew that it was something that had gone wonky with VSS that was throwing things in disarray. I ended up going back to the good old trial and error method to fix this issue. I first tried killing the vsssvc.exe process before the backup started – didn’t really fix the issue. I tried one thing after the other with VSS but it all failed.

Then one day, I tried stopping the SQL VSS Writer – I dont know why I did it but I guess it was a hatred deep down I now had for VSS that made me stop that service but Halleluijah! it fixed the issue. I know this wont make any sense – it still hasn’t made sense to me – I don’t know why an SQL VSS Writer would mess up a file system backup, but lo and behold the problem was history.

If you have lost hair and time working on this issue, go ahead and add ‘net stop SQLWriter’ to the pre-command and ‘net start SQLWriter’ to the post command and you will not have these issues anymore. 

Drop me a line if you think this post helped you.

Related posts:

1. How to Backup and Restore Active Directory
2. OCS 2007 Protocol Stack Error Event ID 14517 When Starting Services
3. Script to Hot Backup VMWare ESX Virtual Machines
4. Error: RewriteEngine not allowed here
5. Exchange 2007 Recreate OWA folders

This event ID will contain the following message:

ERRORS:
Two server roles at FQDN [server.domain.com] have different ‘Treat As Authenticated’ options. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (option is set). Second server has GUID {BD77F03B-4451-4171-A035-FC7FB264383D} and role ‘A/V Authentication Service’ (option is not set). Two server roles at FQDN [server.domain.com] have different server version numbers. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (version 3). Second server has GUID {BD77F03B-4451-4171-A035-FC7FB264383D} and role ‘A/V Authentication Service’ (version 0). Two server roles at FQDN [server.domain.com] have different ‘Treat As Authenticated’ options. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (option is set). Second server has GUID {1719A023-DDB4-5170-836D-3299D4F067C6} and role ‘Edge Server’ (option is not set). Two server roles at FQDN [server.domain.com] have different server version numbers. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (version 3). Second server has GUID {1719A023-DDB4-5170-836D-3299D4F067C6} and role ‘Edge Server’ (version 0).

WARNINGS:
No warnings

Cause: The configuration is invalid and the server might not behave as expected.
Resolution:
Review and correct the errors listed above, then restart the service. You also wish to review any warnings present.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

This error can be misleading. The primary reason you see this error is simple – You have had a previous installation of OCS in the domain and there are still a few entries in Active Directory that haven’t been cleaned up even though you did a clean uninstall of OCS.

This is what you need to do to fix the error:

Please Remember – You are following the instructions below at your own risk.

Open up adsiedit.msc and browse to the system configuration partition under Domain –> DC=domain,DC=com –> System –> Microsoft –> RTC Service.

NOTE: This is safe to perform only if you do not have a current working installation of OCS in your domain or forest.

Select and delete everything under this key.

Now go ahead and run the setup again (you will have to run the forest prep again) and you will be all set!

Related posts:

1. Symantec Backup Exec Error 0xe00084af (All Versions)
2. KB974571 and OCS 2007
3. A Certificate could not be found that can be used with this Extensible Authentication Protocol
4. How to Backup and Restore Active Directory
5. Setting up Split Brain DNS in Windows Server 2003

Here is the Microsoft KB article about this error.

Let me know if you have installed this patch and are able to run your OCS 2007 server without issues.

Related posts:

1. OCS 2007 Protocol Stack Error Event ID 14517 When Starting Services
2. The WinRoute tool
3. A Certificate could not be found that can be used with this Extensible Authentication Protocol
4. Exchange 2007 Recreate OWA folders
5. Symantec Backup Exec Error 0xe00084af (All Versions)

Here is my mini how to – I have tried to keep it as simple as possible:

Backing Up Active Directory

Active Directory depends on the system state and the NTDS database among other things. So it is important to back these up on your domain controller. It is critically important to ensure that the system state data on a domain controller is backed up regularly since this contains all the core system files that are required to run a domain controller. Manually selecting what needs to be backed up will be extremely complicated and could be error prone – stay away from that path – just backup the entire system state.

What needs to be backed up? – System State

What kind of Backup needs to be run? – Full backup of the system state.

How often is good enough? – Daily – You will thank me for this

Restoring Active Directory (for experts who just need the short version)

There are two types of restores:

1. Normal Restore – This was also called the Non-Authoritative restore. This is generally performed when you need to restore a domain controller that has failed and there are other domain controllers on the domain. Another option would be to just reinstall the domain controller, clean up the AD metadata of all references to the failed DC and then promote the new server to a DC and replicate. If you are in a situation where you cannot do that, to perform a normal (or Non-Authoritative restore) you would:

a. Boot the domain controller into the Domain Services Restore Mode .

b. Restore system state

c. Reboot into the normal mode.

d. Replicate from other domain controllers.

2. Authoritative Restore – This would be performed in cases where you make a mistake like, say, delete an OU. In this case, a normal restore would not help since the OU that you just restored would get deleted again when you replicate changes with other domain controllers. An authoritative restore would help you undo a big mistake by ensuring that you are taken back to a working copy of AD. However, changes that you made since the last full backup would be lost. (So run your full backups daily!). To perform an authoritative restore:

a. Perform a normal restore.

b. Don’t reboot after the restore.

c. Use ntdsutil to get into the authoritative restore mode.

d. Specify if you want to mark the entire database or just a subtree as authoritative.

e. Quit the utility and reboot the server

3. Primary Restore – This restore is only used when you have a major disaster (read complete meltdown) and you have no working domain controllers. In such a case, you will have restore the entire domain from backups. The working process is very similar to the Normal Restore procedure mentioned above. This is how you would do it:

a. Boot the domain controller into the Domain Services Restore Mode .

b. Restore system state – ensure that the advanced option ‘Mark the restored data as the primary data for all replicas’ is checked.

c. Reboot into the normal mode.

Restoring Active Directory (for the rest of us)

1. Normal Restore – Here’s the step by step.

a. Reboot Server

b. During startup press F8 and choose, ‘Directory Services Restore Mode (Windows DCs only)

c. Choose the OS to be started, hit enter.

d. Hit OK at the Safe Mode login.

e. Open up the NTBackup utility.

f. Click next on the welcome page.

g. Select ‘Restore Files and Settings’ from the backup or restore page. Click Next.

h. Choose the backup you want to restore from the ‘What to restore’ page. Click Next.

i. Click Finish to start the restore. (Advanced options are best left untouched for a normal restore unless you want to save the backup elsewhere.)

j. Reboot server.

2. Authoritative Restore –

a. Perform a normal restore as mentioned before.

b. Do not reboot server after the restore.

c. Click on start -> run -> type ntdsutil.

d. Now type ‘authoritative restore’

e. Now specify the components you want to make authoritative. Enter either ‘restore database’ or ‘restore subtree’ along with the DN of the AD object you want to make authoritative.

f. Confirm your actions when prompted.

g. Type quit until the utility exits.

h. Reboot server.

3. Primary Restore –

a. Reboot Server

b. During startup press F8 and choose, ‘Directory Services Restore Mode (Windows DCs only)

c. Choose the OS to be started, hit enter.

d. Hit OK at the Safe Mode login.

e. Open up the NTBackup utility.

f. Click next on the welcome page.

g. Select ‘Restore Files and Settings’ from the backup or restore page. Click Next.

h. Choose the backup you want to restore from the ‘What to restore’ page. Click Next.

i. Click Advanced.

j. Ensure that on the ‘Where to Restore’ page, the default setting ‘Original Location’ is selected. Click Next.

k. On the How to Restore page, ensure that ‘Replace existing files’ is selected. Click Next.

l. On the Advanced Restore Options page – enable the ‘When restoring replicated data sets, mark the restored data as the primary data for all replicas’ option. Click Next.

m. Click Finish to start the primary restore.

n. Reboot server.

o. Go to sleep

PS: As always, please exercise due diligence when using the instructions in a live environment. Kindly do not blame me if something doesn’t work if Microsoft decides to change their code.

Related posts:

1. Setting up Split Brain DNS in Windows Server 2003
2. Symantec Backup Exec Error 0xe00084af (All Versions)
3. Active Directory Audit Script
4. Get list of machines by OS type from Active Directory
5. Active Directory Password Expiry Reminder Email