Pages

Tuesday, 30 April 2013

Microsoft Office 2010 activation issue

 We had a strange issue with one of our Desktops not activating the serial key for office 2010. We used a VLS Ms office 2010 CD and a serial key for almost 150 users in the organization and it has worked fine except for one of the desktops.




Even after restarting any of the MSOffice applications the activation pops-up.



Solution:
For SCCM Imaging
To update the Windows Activation key in SCCM Task Sequence, kindly follow the below steps:
§ Open SCCM Console, then expand Computer Management
§ Expand Operating System Deployment and then click Task Sequences
§ Right click the target Task sequence and choose Edit
§ On the Apply Windows Settings step enter the new product key and save.

For Office 2010
To activate a copy of Microsoft Office 2010, you can choose either of the methods specified below.

Method 1: Using VAMT
Download Volume Activation Management Tool (VAMT) 2.0 (http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=11936) and install the tool either in the local machine or in a remote machine. After installation, launch VAMT and perform the following steps to do the activation.
Step 1: Add the newly obtained Key in the Product Key node of VAMT Navigation Pane.
Step 2: Add the Computer Name/IP Address of the machine which requires Activation and Right click to Update Status using Administrative credentials.
Step 3: Right click on the Microsoft product that needs to be activated, and select Install Product Key to install the product key.
Step 4: Right Click again on the Microsoft product that needs to be activated, and select Activate àOnline Activate àCurrent credentials.

Method 2: Using Ospp.Vbs Script
Please find the steps below to do activation using Ospp.vbs script:
Step 1: Make a note of the new Product Key needed for Office 2010 Activation.
Step 2:
Create a batch file with the name "Get Last 5 Characters of Installed Key.bat"
And paste the contents as follows:

Rem -------------------------------------------
@Echo off
If Exist "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.vbs" GOTO AA
If Exist "C:\Program Files\Microsoft Office\Office14\OSPP.vbs" GOTO BB
GOTO END

:AA
CSCRIPT "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.vbs" /dstatus
GOTO END

:BB
CSCRIPT "C:\Program Files\Microsoft Office\Office14\OSPP.vbs" /dstatus
GOTO END

:END
Pause
Rem -------------------------------------------

Step 3: Run the batch file "Get Last 5 Characters of Installed Key.bat" with elevated Command Prompt. In the result obtained in the command prompt, find the section with LICENSE NAME: Office 14, OfficeProPlus , Then copy the 5 characters listed in Last 5 characters of installed product key line of this section.

Step 4:
Create another batch file with name "Activate Office Professional 2010 Automatically.bat"
And paste the contents as follows:

Rem -------------------------------------------
@Echo off
If Exist "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.vbs" GOTO AA
If Exist "C:\Program Files\Microsoft Office\Office14\OSPP.vbs" GOTO BB
GOTO END
:AA
CSCRIPT "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.vbs" /unpkey:#####
CSCRIPT "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.vbs" /inpkey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
CSCRIPT "C:\Program Files (x86)\Microsoft Office\Office14\OSPP.vbs" /act
GOTO END
:BB
CSCRIPT "C:\Program Files\Microsoft Office\Office14\OSPP.vbs" /unpkey:#####
CSCRIPT "C:\Program Files\Microsoft Office\Office14\OSPP.vbs" /inpkey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
CSCRIPT "C:\Program Files\Microsoft Office\Office14\OSPP.vbs" /act
GOTO END
:END
Pause
Rem -------------------------------------------

Edit the batch file named "Activate Office Professional 2010 Automatically.bat" as mentioned below:

a) Replace (#####) in line number 6, and line number 11 with the 5-characters obtained in Step 3
b) Replace (*****-*****-*****-*****-*****) in line number 7, and line number 12 with the 25-characters obtained in Step 1.
c) Save the edited batch file.

Step 5: Run the newly saved batch file "Activate Office Professional 2010 Automatically.bat" with elevated Command Prompt to activate the product and then check the activation status.

For Windows XP/2003
To change the Volume License Key on Windows XP or Windows Server 2003, you can choose either of the methods specified below.

Method 1: Using Activation Wizard
1. Click Start, click Run, type regedit, and then click OK.
2. In the left pane, locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Current Version\WPAEvents
3. Right click on WPAEvents, select Export, and save the key to a safe location for backup.
4. In the right pane, right-click OOBETimer, and then click Modify.
5. Change at least one digit of the OOBETimer value to deactivate Windows.
6. Click Start, click Run, type the following command, and then click OK:

%systemroot%\system32\oobe\msoobe.exe /a
7. Click Yes, I want to telephone a customer service representative to activate Windows, and then click Next.
8. Click Change Product key, type the new product key in the New key boxes, and then click Update. Note If the previous Activation Wizard screen appears again, click Remind me later, and then restart the computer.
9. Repeat steps 6 and 7 to verify that Windows is started. Click OK when you receive the following message:

Windows is already activated. Click OK to exit.

Method 2: Using Script (Manual)
A- Script Preparation
1- Download and extract the zip file related to your clients OS Version (For Windows XP and 2003 With SP1 or Later.zip OR For Windows XP and 2003 Without Service Pack.zip ) from the following SkyDrive link: http://sdrv.ms/TyBqSZ
2- Copy the files to a shared folder that have everyone read permissions.
3- Right click on the ChangeVLKey.bat file and select Edit.
4- Replace ChangeVLKey.vbs with the exact share location of the file (Eg: \\FileServer\ChangeVLKey\ChangeVLKey.vbs )

5- Replace ABCDE-FGHIJ-KLMNO-PRSTU-WYQZX with the new valid product key and save the batch file.

B- Script Testing
1- Login as Administrator on a test Windows XP or 2003 machine with the related version.
2- Run the ChangeVLKey.bat file from the shared folder, and confirm that no error was returned.
3- Restart the computer and check if you still receive the validation error.

Method 3: Using a Startup Script
A- Script Preparation
6- Download and extract the zip file related to your clients OS Version (Startup Script For Windows XP and 2003 With SP1 or Later.zip OR Startup Script For Windows XP and 2003 Without Service Pack.zip ) from the following SkyDrive link: http://sdrv.ms/Wn2UKj
7- Copy the files to a shared folder that have everyone read permissions.
8- Right click on the ChangeVLKey.bat file and select Edit.
9- Replace ChangeVLKey.vbs with the exact share location of the file (Eg: \\FileServer\ChangeVLKey\ChangeVLKey.vbs )
10- Replace ABCDE-FGHIJ-KLMNO-PRSTU-WYQZX with the new valid product key and save the batch file.

B- Script Testing

1- Login to Domain Controller and start Group Policy Management Console à Create a New Group Policy Object linked to the container of Sample PCs with the corresponding OS as the Script prepared.
2- Navigate to Computer Configuration/Windows Settings/Scripts (Startup/Shutdown).
3- In the Startup Properties dialog box, Click on Add to browse for the file ChangeVLKey.bat (EG: \\FileServer\ChangeVLKey\ChangeVLKey.bat)
4- Click Apply àOk.
5- Make sure that the policy is applied to the sample Computers, and perform a restart operation to run the Startup Script.

Wednesday, 24 April 2013

Infrastructure Network Diagrams

Delineated are network diagrams which were designed to fit together precisely within our infrastructure. Most of the pictorial representations are self-explanatory. I tried to improve the quality of representations via e-Draw Max 6.1 and Visio 2013.  Being the Systems & Infrastructure Manager for the past years I have provisioned all possible redundancy solutions within our budgeted infrastructure right from production site to the disaster recovery site leveraging counterproductive threats and balancing risks.
Our Data Center is of Tier 4 world class methodology, designed to host mission critical servers and computer systems, with fully redundant subsystems (cooling, power, network links, storage etc) and compartmentalized security zones controlled by biometric access controls methods, CCTVs etc.  Components are fully fault-tolerant including uplinks, chillers, HVAC systems, everything is indeed dual-powered. DR Site is another integral part of our architecture.

Cluster of Business Applications
Cluster of Database Servers. Based on audit recommendations we had to move out few elements out of domain. Complete admin privilege was granted to non-IT selective staff. We are currently working with Microsoft for the Azure Cloud hosting for our website. Evaluation for which has been completed. appox. USD25k agreed for the services on Azure Cloud.
Under virtual infrastructure we have VMWare and Microsoft HyperV with almost 100 VMs hosted under it both production and development. Other Database servers and SAN dependency servers includes Citrix XenApps with OTP, MSExchange 2010, SharePoint 2010, Symantec Enterprise Vault, Microsoft GP, McAfee Anti-virus and Anti-spyware, Blackberry, In-house developed Apps and SharePoint 2010 Website.
Infrastructure Management Servers.
Most of the monitoring, alerting and auditing third party apps what we have are from ManageEngine viz. ManageEngine Service Desk, ManageEngine AD Audit Plus, ManageEngine AD Manager, ManageEngine Desktop Central, ManageEngine OpManager, NEXTThink Finder, McAfee Endpoint Encryption for laptops, RAIDar NAS Storage and Real-Time replication apps - DocAve from Avepoint.
Production Servers – BluePrint
Three-Tier SharePoint 2010 Architecture (workflow). SharePoint 2010 intranet services remains uninterrupted even if 4 servers listed above goes offline. SQL failover cluster takes care of switching over from passive mode to active mode. Application layer doesn't really matter even if that breaks down. We have indexing and crawling server and CA server at the middle tier. At web front end layer we have NLB enabled servers to distribute the load and redundancy.
SharePoint 2010 replication to the disaster recovery site is performed using a third-party tool from AvePoint titled DocAve. It works great.
Consolidated SQL Cluster Farm
- one of my objectives in the past was to consolidate the SQL environment so as to cut short the massive licensing cost (USD20k perpetual per SQL) of SQL Enterprise counts. I took this lead to achieve the target by migrating and upgrading the SQL mix environments from SQL 2005 32bit/64bit to SQL 2008R2 Ent. with Failover Cluster on Windows Server 2008 R2 Failover Cluster. 
Consolidated environment
Proposed architecture when we had MOSS 2007. We upgraded MOSS 2007 to SharePoint 2010. It was an in place upgrade.


Architecture Includes the following hardware and OS:

H/w used: 
Avaya VoIP Telephony Rack Switch

Citrix Access Gateway

HP BL460c G6

HP Blade System Enclosure C7000

HP DL360 G4p

HP DL360 G5

HP DL380 G4

HP DL380 G5

HP DL380 G7

HP DL380p Gen8

Quantum Scalari500 Tape Library

Tipping Point210E

HP 42U Rack
Avaya 42U Rack

OS: Microsoft Windows Server 2008 R2 Enterprise SP1 (32bit/ 64bit), Server 2003 Ent. R2

Symantec Backup eVault Error: Possible Causes

Ref. Backup exec verison: Symantec Backup Exec 2010 R3 v13.0Rev.520464bit.
1. Check the version of beremote.exe (C:\Program Files\Symantec\Backup Exec\beremote.exe) on both backup exec server and on enterprise vault server (C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe).  If differs, must be the SAME version.
2.
Check if there is enough storage space on backup exec server
3. Make sure that the backup exec remote agent services are running on both SQL nodes.
4. DB Permissions needs to be checked. The backup service account needs to have db ownership rights on all the enterprise vault related databases.
Try considering redeployment of BE remote from symantec console to the destination server.
if for any reason the above deployment fails, consider manual re-installation of Symantec Backup exec remote agents:
(agent location)
32bit: C:\Program Files\Symantec\Backup Exec\Agents\RAWS32
64bit: C:\Program Files\Symantec\Backup Exec\Agents\RAWSX64
5. Enable troubleshooting: Click SGMon.exe (C:\Program Files\Symantec\Backup Exec\SGMon.exe) from backup exec server. Capture the following check lists:- JobEngine,RAWS; Backup exec server;Device and Media;Third Party debug output and then click start capturing debug output.
6. Run the backup schedule again. try to expand the enterprise vault backup selections again until the error pops up. 
You might get a tip to find out the error cause from the SGMon capture screen.

Monday, 1 April 2013

Windows Auditing to track user activity

Windows Auditing to track user activity
It is perhaps important to answer "who did it" without using a third party apps to point it. Windows has this feature where we need to proactively ensure that the setting are activated to produce the results.
Occasionally, someone deletes a particular important document or folder with a bunch of documents, resulting in a mission-critical data loss. Considering the described incident, few questions immediatelly arise:
§  At what date and time the incident took place?
§  Which backup should be used to restore the data?
§  Was that an accident or an intentional user action?
§  Or maybe that was some system failure that could happen again?
In Windows OSs, there is an Auditing subsystem built-in, that is capable of logging data about file and folder deletion, as well as user name and executable name that was used to perform an action. The Auditing is not enabled by default because any monitoring you use consumes some part of system resources.
Steps to enhance Auditing Objects
order to enable Auditing, log on to a computer that keeps shared folder structure with administrative permissions, click Start Run and launch gpedit.msc MMC console. In a Computer Configuration node, open Windows Settings → Security Settings → Local Policies → Audit Policies folder:
Double-click Audit object access policy and select Success checkbox. Select Failure based on the org requirements. This policy enables file, folder and Windows Registry access attempts that were ended in a success.
Simply enabling policy option is not enough. It is also required to designate what folders exactly are to be watched. Usually, we require auditing shared documents and business application data folders (accounting, warehouse databases and so on) – i.e., resources accessible for editing by multiple users.
Since it's not possible to guess who has tampered with a data, we configure auditing for Everyone system group. Thus, information about any user having deleted a watched object is to be captured and stored to the event log. Open the required shared folder properties and switch to the Security tab. Click Advanced → Auditing and add Everyone to the list, then mark both Delete checkboxes:
It is highly possible that there will be too much events listed, so it is a good idea to configure the Security event log settings. To do this, click Start → Run and launch eventvwr.msc MMC console. Right-click the Security event log, select Properties and set the following options:
§  Maximum Log Size = 65536 KB (for workstations) or 262144 KB (for servers)
§  Overwrite events as needed.
Frankly, the log sizes recommended above are not calculated by any formula but are to be choosed depending on particular computer usage experience.
Finally, how do we find out the person (Windows 2003)?
When the situation comes to the question, log on to the required computer, click Start → Run and launch eventvwr.msc MMC console. Open Security event log for viewing. It is highly possible that not only the required events are logged. Right-click event log and select the View → Filter command. Consider the following events to be filtered:

§  Event Source:Security;
§  Category:         Object Access;
§  Event Types:      Success Audit;
§  Event ID:         560;

 

how do we find out the person (Windows 2008)?
When the situation comes to the question, log on to the required computer, click Start → Run and launch eventvwr.msc MMC console. Open Security event log for viewing. It is highly possible that not only the required events are logged. Right-click event log and select the Filter Current Log command. Consider the following events to be filtered:

§  Event Source:     Security;
§  Category:         Object Access;
§  Event Types:      Success Audit;
§  Event ID:         4663;
So user activities are very likely to be noticed in event logs because it generates tens and even hundreds successful Object Access records in a second. In fact, it's easy to recover the deleted stuff from previous day backup. We were always able to answer questions "Who did it?" and "When did it happen?" either using the above activity logs or via paid apps services ManageEngine –ADAudit Plus –(give a try if you have a budget for $1.3k annually).