WSUS patches will not install – Large CBS log file

There are several instances and variations but your automatic updates will indicate “files in use/locked” information or “corrupt patch” information. This is almost always accompanied by a very large CBS log file. (%windir%\logs\cbs\cbs.log) Windowsupdate.log file may indicate something similar to this: 2014-11-07 15:42:17:069 328 e9c Setup WARNING: CBS EvaluateApplicability returned error, error = 0x80070BC9 2014-11-07

Converting external drive from FAT32 to NTFS

The process is usually straight forward {convert driveletter:FS/NTFS} but not so when using an external USB attached drive. Usually during the conversion initialization you will receive the following error: Convert cannot run because the volume is in use by another process. Convert may run if this volume is dismounted first. ALL OPENED HANDLES TO THIS

Windows box fails to dynamically register its DNS with no errors recorded in Event Viewer

Sometimes it is the simplest things that get you.  I was asked to troubleshoot a system that would not register into DNS after a domain migration. The system could ping its new gateway and the new DNS servers–telnet showed access to the new DNS boxes on port 53 and name resolution was functioning correctly other

Set network configurations from the command line in Windows

One of the quickest and easiest ways to set network configuration on a network adapter is via command line. Lets use the following criteria: We will be setting up Local Are Connection IP: 192.168.200.2 MASK: 255.255.255.0 GW: 192.168.200.1 GW Metric: 1 Here is the syntax for IPv4: netsh interface ipv4 show config netsh interface ip set address name=”Local

nslookup returns Default Server as Unknown

I was asked to troubleshoot a recently built DNS server that was having some difficulties. One of the errors had me scratching my head for a few minutes. When doing an nslookup the following would be displayed C:\nslookup Default Server: UnKnown Address: 192.168.1.4 As it turns out it’s not really an error –what it is describing is

Check for duplicate Security Identifiers (SID) on your domain

Mark Russinovich makes a strong case for duplicate SID myths that most of us Windows admins have subscribed to–however it never hurts to know how many duplicates you may have. Here is how you check it on your domain. Open a command prompt and type ntdsutil  and press ENTER. Now type  security account management and

Limit dynamic RPC port range on Windows Server

RPC by default can grab any dynamic port above 1024.  Security sometimes may ask you to limit that to a much narrower range.  A the minimum you should have about 100-200 ports available for RPC communication. Here is the registry setting: HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc Ports: REG_MULTI_SZ: 5000-5100 PortsInternetAvailable: REG_SZ: Y UseInternetPorts: REG_SZ: Y   Full MS KB

Find out what ports your Windows box is listening on

One of the easiest ways to see what ports a windows system is listening on is to use netstat. To get a comprehensive list open a command prompt netstat -an Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1494 0.0.0.0:0 LISTENING TCP 0.0.0.0:2598 0.0.0.0:0 LISTENING TCP