Tag: Microsoft

“DNS bad key” on Windows Failover Cluster

Cover photo.

I used to see two common errors on the new created Microsoft Failover Cluster. “DNS bad key” and CNO update error.

Cluster network name resource ‘Cluster Name’ failed registration of one or more associated DNS name(s):

DNS bad key

or

Cluster network name resource failed registration of one or more associated DNS names(s) because the access to update the secure DNS Zone was denied.

The error “DNS bad key” is more often rather than the other error. I did a lot of study on the internet. The issue was fixed after applying the following steps:

  1. Right click the Windows button – Click Run.
  2. Run following command to enter Network Connections.
    ncpa.cpl
  3. Go to Properties of the network adapter that you are using for Microsoft Failover Cluster.
  4. Go to Internet Protocol Version 4 (TCP/IPv4)AdvancedDNS tab.
  5. Deselect the Register this connection’s addresses in DNS.
Screenshot of the key option to fix the issue.

The cluster error events appears in event log in regular frequency. If you want to test it without waiting. You can initiate a core cluster resource failover to test it.

How to move core cluster resource?

Microsoft Cluster Failover – Right click the cluster – More actionsMove Core Cluster Resources.

Enable Windows Update on SCCM Managed Computer

Computer cannot contact Microsoft update service to upgrade latest patches if it’s managed by SCCM policy. Sometimes we may need to keep latest patch for testing, security or other purpose, such as when you create a golden image, you always want to keep the system up to date.

I found an article “How To: Remove WSUS Settings and Restore Windows Update Defaults” talks about how to delete registry keys to workaround the restriction.

I also found actually just need to change two keys in registry if you want to enable Windows Update service temporarily.

  1. Backup registry path below.
    HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate
  2. Go to the same path above.
  3. Change value of “DisableWindowsUpdateAccess” from “1” to “0”
  4. Go to following registry path.
    HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU
  5. Change value of “UseWUServer” from “1” to “0”

I also wrote another post about solution of install standalone patch on Windows Server 2016 for your reference: “The update is not applicable to your computer” When Install Standalone Patch on Windows Server 2016

Virtual Machine Cannot Mount ISO on System Center Virtual Machine Manager 2012 R2

A few days ago a user report to me that he cannot mounts ISO image to virtual machines on SCVMM 2012 R2. The error message is the following:

Error (2912)

An internal error has occurred trying to contact the dcahyv01.amat.com server: NO_PARAM: NO_PARAM.

 

WinRM: URL: [http://hyper01.contoso.com:5985], Verb: [INVOKE], Method: [GetError], Resource: [http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/bits/BitsClientJob?JobId={89EC51A2-633C-4E06-8B09-3A84146830B5}]

The reason is the communication between SCVMM and Hyper-V servers are blocked due to certification on SCVMM application is expired. The default expiry date of SCVMM certification is 1/1/2019. The issue got fixed after renewing certificates in System Center 2012 R2 Virtual Machine Manager.

Generic Trust Failure when install SCVMM 2012 SP1

Today I got a special problem I want to share with you. I tried to install SCVMM 2012 SP1 console on my Windows 7 VM to do some troubleshooting, but I get error message “Generic Trust Failure” when I click Install button in SCVMM 2012 SP1 installer, it mentioned something related to Microsoft Visual C++ 2010 x86 Redistributable.

I tried to run Microsoft Visual C++ 2010 x86 Redistributable installer from image folder directly, it show me exactly same error message. Nothing I found on google, but most posts pointed to signature.

After deep dive into the problem, I figured out a solution:

  1. Go to PrerequisitesVCRedisti386 folder of SCVMM 2012 SP1 image.
  2. Copy vcredist_x86.exe to local disk.
  3. Extract the executable file to a folder. (You have to install WinZip or something else to do that)
  4. Enter the extracted folder, right click Setup.exe.
  5. Select Properties.
  6. Go to Digital Signatures tab.
  7. Highlight the certification and click Details.
  8. Click View Certification button on pop-up window.
  9. Click Install Certificate button.
  10. Process the wizard by default option.

Troubleshooting of Microsoft product is much different with Linux, you have to dividing and conquering, deep dive into each elements of the product, read carefully of each logs, then you will find root cause.

Please let me know if you have better solution. 🙂

How to configure nested Hyper-V VM on VMware Workstation

First, I would like to recommend DELL M4800 for small home lab, I spent lot of time to looking for a solution for my lab, I need some hardware low noise, low weight, and it is better portable. I checked out HP mini server, Apple MAC mini, Mac book pro…etc. They are nice products to show best design of IT industry, but no one perfect. Finally I choose DELL M4800. The reason is RAM can be upgraded to 32GB. 3 SSD hard disks is supported, you can install one native SSD, one in CD-ROM slot, another msata SSD in WAP slot. SSD disk is must have for IT LAB, it can provide you more than 10K IOPS without significant performance degrade.

Okay, back to topic…if you want to testing Windows Server 2012 R2 Hyper-V on lab, you probably prefer install it on a VM of VMware Workstation. You have to follow up proper steps to make sure the Hyper-V functionally.

After you create Hyper-V VM:

  1. Keep VM power off status.
  2. Go to Settings of VM.
  3. Highlight Processors.
  4. Select Virtualize Intel VT-x/EPT or AMD-V/RVI option.
  5. Go to Options tab.
  6. Highlight General.
  7. Select Microsoft Windows.
  8. Select Hyper-V on drop-list.
  9. Power on.