ESM Log size is full - How to clear

                                 ESM log Size is full ---- How to Clear

Generally when we open Dell open manage console, suddenly we see that Hardware log status is showing critical and event logs are filling saying ESM log is full...

 We need to clear the ESM logs regularly before it reaches 100%. However please follow the below command and procedure before clearing the logs.

  • Open Dell Manage console, go to logs tab.
  • Then select ESM logs, you will see an export option.
  • Export the logs and save it on local drive for future use.
  • Now open command prompt and Runas administrator.
  • Type omconfig system esmlog action=clear
  • Done, your logs are cleared. Come back to Dell open manage console.
  • Now hardware logs will show green which is normal.



    :-) :-)
             WINRM Issue - WinRM service could not receive WS-Management requests

Hello,

I come across a scenario, where WinRM service could not receive WS-Management requests and event viewer is filling up with Error Event 10150 and Source: WinRM.

Hmmmm, what do we do now ???

  • I manually created a listener for WinRM service on different server, by using following command.
winrm quickconfig

  • After which  i tried checking the listener on it, by using below command

winrm enum winrm/config/listener
===============================
Listener
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 127.0.0.1, 172.22.13.227, ::1, fe80::5efe:172.22.13.227%12, fe
80::8cf:d5f2:1fab:b2cd%11

==========================



  • I got the above output which is showing us that WINRM is listening successfully.


  • To figure what is the exact issue, i accessed the original server which is facing issue.


  • I initiated the below command to check the listener.



winrm enum winrm/config/listener

 ========================
 Listener [Source="GPO"]
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = null
============================


  • I got a strange output, which is telling that it is listening to null. Now i checked how this WinRM is configured, when i dig down the cause i came to know that it is configured using GPO.

  • Now i initiated RSOP on this server and observed that WinRM setting
"Allow automatic configuration of listeners" is enabled. Please look at the below event.



And then initiated gpresult /v /scope computer and when i checked the result and came to know that it getting filtered and IPv4 Value: 0,0 is something that not listens to it.


  • Now get back to Group policy and in place of IPv4 filter i have given Asterisk "*" symbol and force updated the group policy on the server.

This done the magic for me, now the WinRM service  was again listening on all IPs.

                                    Reboot Pending From a Previous installation

While you run you exchange setup some time it will fails with an error "A reboot from Previous installation is pending".


Hmmm... noooooo i have rebooted my server. Why this is repeating again and how to over come from this.

No worries there is a way, it just it might stuck at PendingFileRenameOperations key.

  • Go to the following  registry key "HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\PendingFileRenameOperations" and right click and click delete.



  • Once you delete the PendingFileRenameOperations Key go to the Exchange Setup and run it again.
You will come to know the the error disappeared  now. :-) Issue is fixed.
      VSS failures and Re-register of Volume Shadow Copy Service (VSS) Components
 

There are lots of VSS issues we see in our day to day server administration.

Some Scenarios we see regularly 


  • Volume snapshots may fail with errors.
  • VSS writer state might not be in stable.
  • When running the VSS writers command, you will see that some writers are missed.
  • Backup jobs will get failed with an error VSS failure etc etc.

Let us see how to rebuild the VSS writers

  • Copy and paste the following into Notepad, then click Save As and save it as FIXVSS.BAT.

rem FILENAME: FIXVSS08.BAT
rem
net stop "System Event Notification Service"
net stop "Background Intelligent Transfer Service"
net stop "COM+ Event System"
net stop "Microsoft Software Shadow Copy Provider"
net stop "Volume Shadow Copy"
cd /d %windir%\system32
net stop vss
net stop swprv
regsvr32 /s ATL.DLL
regsvr32 /s comsvcs.DLL
regsvr32 /s credui.DLL
regsvr32 /s CRYPTNET.DLL
regsvr32 /s CRYPTUI.DLL
regsvr32 /s dhcpqec.DLL
regsvr32 /s dssenh.DLL
regsvr32 /s eapqec.DLL
regsvr32 /s esscli.DLL
regsvr32 /s FastProx.DLL
regsvr32 /s FirewallAPI.DLL
regsvr32 /s kmsvc.DLL
regsvr32 /s lsmproxy.DLL
regsvr32 /s MSCTF.DLL
regsvr32 /s msi.DLL
regsvr32 /s msxml3.DLL
regsvr32 /s ncprov.DLL
regsvr32 /s ole32.DLL
regsvr32 /s OLEACC.DLL
regsvr32 /s OLEAUT32.DLL
regsvr32 /s PROPSYS.DLL
regsvr32 /s QAgent.DLL
regsvr32 /s qagentrt.DLL
regsvr32 /s QUtil.DLL
regsvr32 /s raschap.DLL
regsvr32 /s RASQEC.DLL
regsvr32 /s rastls.DLL
regsvr32 /s repdrvfs.DLL
regsvr32 /s RPCRT4.DLL
regsvr32 /s rsaenh.DLL
regsvr32 /s SHELL32.DLL
regsvr32 /s shsvcs.DLL
regsvr32 /s /i swprv.DLL
regsvr32 /s tschannel.DLL
regsvr32 /s USERENV.DLL
regsvr32 /s vss_ps.DLL
regsvr32 /s wbemcons.DLL
regsvr32 /s wbemcore.DLL
regsvr32 /s wbemess.DLL
regsvr32 /s wbemsvc.DLL
regsvr32 /s WINHTTP.DLL
regsvr32 /s WINTRUST.DLL
regsvr32 /s wmiprvsd.DLL
regsvr32 /s wmisvc.DLL
regsvr32 /s wmiutils.DLL
regsvr32 /s wuaueng.DLL
sfc /SCANFILE=%windir%\system32\catsrv.DLL
sfc /SCANFILE=%windir%\system32\catsrvut.DLL
sfc /SCANFILE=%windir%\system32\CLBCatQ.DLL

net start "COM+ Event System"

  • Run the batch file as Administrator.
  • After running the .bat file, reboot the server to bring all of the writers into a stable state.
Now let us test the VSS by performing a System State Backup

  • open a command prompt as an administrator
  • The command to start a System State Backup is: Wbadmin start systemstatebackup -backuptarget:D:

    D: is the target drive where you wish to store the system state backup.
Once the backup is completed, you can conclude that VSS issue is fixed.


Note: Registering of DLL files on 2008 is not a recommended step as there might OS issues occurs if you try to register the DLL's manually.
        Migration of  DHCP from Windows 2003 to Windows 2008 Server (Windows 2012 RTM ).

Guys,

 Let us discuss today what are steps we need to follow to migrate the DHCP server.

You can follow these step even for Windows 2012 RTM.

 The Migration of DHCP server can be done using Backup and Restore method but his is not a recommended way because the DHCP database format has changed between Windows Server 2003 and Windows Server 2008 & Windows 2012 RTM .

The recommended procedure for DHCP server migration is to use the export import commands through netsh.  

Export the DHCP database from source server:

  • Click Start, click Run, type cmd in the Open box, and then click OK. 
  • Type netsh dhcp server export C:\dhcpdatabase.dat all, and then press ENTER.
    Once this command is completed successfully you will have the DHCP Configuration information exported into data file(C:\dhcpdatabase.dat)
  • Now stop the DHCP service on the Source Server.
Preparing Destination Server for DHCP role:

Go to the Desination server and install the DHCP server service on the server that is running Windows Server 2008 or Windows 2012 RTM .

Importing DHCP database on Destination Server

  • Log on as a user who is a member of the local Administrators group or DHCP administrators group.
  • Copy the exported DHCP database file to the local hard disk of the Windows Server 2008 computer.
  • Verify that the DHCP service is started on the Windows Server 2008 computer.
  • Click Start, click Run, type cmd in the Open box, and then click OK.
  • At the command prompt, type netsh dhcp server import c:\dhcpdatabase.dat all, and then press ENTER,

    where c:\dhcpdatabase.dat is the full path and file name of the database file that you copied to the server.
  • Once the command is completed successfully, Authorize the DHCP server
Follow the following procedure to Authorize the DHCP:
  • Click Start, point to All Programs, point to Administrative Tools, and then click DHCP. You must be logged on to the server by using an account that is a member of the Administrators group. In an Active Directory domain, you must be logged on to the server by using an account that is a member of the Enterprise Administrators group.
  • In the console tree of the DHCP snap-in, expand the new DHCP server. If there is a red arrow in the lower-right corner of the server object, the server has not yet been authorized.
  • Right-click the server object, and then click Authorize.
  • After sometime, right-click the server again, and then click Refresh. A green arrow indicates that the DHCP server is authorized.

oooopssssssss....... doneeeeeeeeee...

Now your new DHCP server ready to serve the client.
              SBS 2008 Server - MonitoringServiceLogs file occupies huge space on C Drive

On Windows SBS 2008 server you will see that log files in the folder C:\Program Files\Windows Small Business Server\Logs\MonitoringServiceLogs will filled up and occupies the space on C drive.

Actually these logs will used for the troubleshooting purpose and what need to be done to clear these log files.

  • Stop the Windows SBS Manager service.
  • Go to the folder C:\Program Files\Windows Small Business Server\Logs\MonitoringServiceLogs and compress the logs ( If you compress and archive them you can use for troubleshooting in future). 
  • If you don't want to store those log files you can simply delete them, no problem will occur.
  • Now go a head and start the Windows SBS Manager service, and new log will be created again.
 Note: In-general DataServiceComponents.log is the log file which occupies the more space.
                                    Physical machine to Virtual using Disk2VHD tool

We want to move our Physical server into a Virtual machine what to do and what tool i can use.

After some research on this i came to know about the Sysinternals tool Disk2VHD. This is best tool and easy to to convert your physical machine into .VHD extensions.

The main difference between Disk2vhd and other physical-to-virtual tools is that you can run Disk2vhd on a system that’s online. It uses Windows' Volume Snapshot capability  to create consistent point-in-time snapshot.

Here you start with:

Download the  Disk2VHD tool from Microsoft website : Disk2VHD Download

  • The best recommended way firstly remove all the unwanted data from physical server to an external drive and uninstall the unnecessary programs and clear all the junk. After fine tuning  the data on the server.
  • Double click on Disk2VHD to open the Disk2VHD tool.
  • It will show you the list of drives on the server.



  • Now you can select all the drives because you have already fine tuned the server and Give the path to Export the server to a VHD file..
  • Once you clicked Create, The process start automatically..



  •  Once this is completed, the VHD file will be saved to the location we specified.
Your physical machine is saved in a VHD file now. You can use this VHD file in any VHD supported Virtual environment to mount the Hard disk and  bring your virtual server online.


:-)
                                   Sem5.log - Consuming the huge disk space

You will notice that Symantec folder in program files will EAT all of your disk space.

When you go and further investigate, you will be came to know that Sem5.log file in the path
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db\" will be the culprit.

What to do now ??? :-(
.
.
.
. no worries :-) 

you can manually recreate  sem5.log and delete the old one.

Procedure for force creation of  sem5.log

  • Stop the Symantec Endpoint Protection Manager and Symantec Embedded Database services
  • Rename the current sem5.log
  • Click Start > Run and type CMD then click OK
  • Open the command prompt and Type the following to go to the folder containing dbsrv11.exe.

    For 32 bit:  CD C:\Program Files\Symantec\Symantec Endpoint Protection Manager\ASA\win32\
    For 64 bit: CD C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\ASA\win32\   
  • Press Enter and now you are redirected to the folder  containing dbsrv11.exe
  • To force the recreation of sem5.log, type:
    For 32-bit: dbsrv11 -f "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.db"    
    For 64-bit: dbsrv11 -f "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db\sem5.db"   
  • Press Enter
  • Click Start > Run and type services.msc then click OK 
  • Start the Symantec Endpoint Protection Manager and Symantec Embedded Database services.

 Now verify that new SEM5.log file is created and once you confirmed delete the old log.

This will do the magic and free up the space.