Monday, May 14, 2012

Microsoft - Remove FUBAR Child Domain

I am in the process of setting up a new child domain in my forest, when "BAM!", I have no idea what happens but the process fails. So now my parent domain is thinking I have this new child domain that doesn't have any DC's in it. When I go to do a DCPROMO, it can't find the child domain, so I can't create a DC in a pre-existing child domain. I'm stuck because even when I try to create a new child domain, it says that the child domain already exists. Why not pick a different domain name you ask? Because that is just sloppy and I like the original name I picked.

First thing is first, lets find the "Operations Master". This bad boy is going to replicate out to everyone else that the child domain we want to remove no longer exists, and that everyone should remove it. To do this, open up your AD Domain and Trusts MMC, right click on the root node in the left panel, and click "Operations Master". For my example I am going to say my Operations Master is named "DEN-DC-01". So now that we have that, we just need to do a little CLI action with NTDSUTIL.

Open a command prompt and type "NTDSUTIL". You will then type the following commands that are highlighted in red:

  • C:\Windows\system32\ntdsutil.exe: metadata cleanup
  • metatdata cleanup: connections
  • server connections: connect to server DEN-DC-01
  • server connections: quit
  • metatdata cleanup: select operation target
  • select operation target: list domains 
("list domains" will populate a list of domains with numbers next to them)
  • select operation target: select domain 4
(domain number 4 was the child domain I am removing)
  • select operation target: quit
  • metatdata cleanup: remove selected domain
You will then be prompted by a pop window that will confirm that you really want to delete the child domain and will tell you exactly what you are removing.
  • metatdata cleanup: quit
Then just go take break and when you come back, your child domain should be completely removed from the forest. The time needed for these actions to occur does matter on how you setup replication in your environment. In my case, I have the minimum values of 15 minutes for replication to take place across my entire forest. By default I do believe the replication values are set to 180 minutes between servers (Don't hold me to that number). Wha-Lah! No more problem child domain!

Citrix - XenServer Storage Basics

Lets talk about XenServer and the different storage options and acronyms. Citrix XenServer has a variety of solutions from local disk to SAN solutions and everything inbetween. With the different technologies, there are benefits such as reliability, increased performance, and better flexibility, while lowering your TCO and increasing your per FTE ROI. I figure since I am talking about a lot of acronyms today, I should try using more for this article.

Below are the "Storage Objects" and "File Based Objects" that I will be going over:

Storage Objects
  • SR's
  • VDI's
  • PBD's
  • VBD's
File Based Objects
  • VHD
  • LVM
  • StorageLink

SR (Shared Repository)

Describes a particular storage target in which VDI's (Virtual Disk Images) are stored. Shared Storage is a Storage Repository, or SR, that is any form of storage that can be used by XenServer. There are 2 categories of SRs: shared and non-shared. A shared SR is used to allow multiple nodes to share a storage location from the same pool. A non-shared SR is used by only a single node.

VDI (Virtual Disk Images)
  • Virtual Disk Images are a storage abstraction that is presented to a VM.

File-based VHD
  • VM images are stored as thin-provisioned VHD format files on either a local non-shared file system (EXT type SR) or a shared NFS target (NFS type SR).
  • A Virtual Hard Disk (VHD) is a file formatted to be structurally identical to a physical Hard Disk Drive.
Logical Volume (LVM)-based VHDs

  • The default XenServer block device-based storage inserts a Logical Volume manager on a disk. VDIs are represented as volumes within the Volume manager.

PBD (Physical Block Devices)

  • Physical Block Devices represent the interface between a physical server and an attached SR

VBD (Virtual Block Devices)
  • Virtual Block Devices are connector objects that allow mappings between VDIs and VMs

StorageLink (LUN per VDI)

  • LUNs are directly mapped to VMs as VDIs by SR types that provide an array-specific plug-in (NetApp, Equallogic or StorageLink type SRs). The array storage abstraction therefore matches the VDI storage abstraction for environments that manage storage provisioning at an array level.
StorageLink Architecture

  • XenServer calls direct to Array API‘s to provision and adjust storage on demand. 
  • Fully leverages array hardware capabilities.
  • Virtual disk drives are individual LUNs. 
  • High performance storage model. 
  • Only the server running a VM connects to the individual LUN(s) for that VM. 
  • A special master server coordinates which servers connect to which LUNs 

StorageLink simplifies the storage solution. The VM virtual disk maps directly to the LUN on the array removing all of the storage abstractions and associated overhead from the XenServer host.

Thursday, May 10, 2012

Citrix - IMA Service HUNG!

One of my customers this morning was having some issues with performance accessing apps via a Citrix WI. "Everything is soooooo slow", they said. So i did a quick "qfarm /load" and deducted to build up two more XA boxes for them. My new boxes would not start or stop the Citrix IMA Service, but would just hang in a starting/stopping situation where you can't do anything. This is bad, because you can't even do a dsmaint because the service is hung and will never come back.

So how do you forcefully stop the Citrix IMA service? First you need to find the "PID" of the service. To do this issue the following command:
  • sc queryex IMAService
This will result in the following information:

C:\Users\administrator>sc queryex IMAService

        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 2  START_PENDING
                                (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x3
        WAIT_HINT          : 0x1d4c0
        PID                : 2708
        FLAGS              :

Now that we have the "PID" (2708) we can issue the "FORCE KILL" command as follows:
  • TASKKILL /PID 2708 /F
 C:\Users\administrator>taskkill /PID 2708 /F
SUCCESS: The process with PID 2708 has been terminated.

You can now go about doing your "dsmaint recreatelhc" or rebuilding your MF20.dsn to get you Citrix IMA service back up and running.

Now that my IMA service is back up and running i can load balance my apps between all three of my XA boxes instead of just one XA server.

Where’s my enabled Users?

Where’s my enabled Users? I’m going through and fine tuning our Proodpoint Spam solution and noticed one of the filters needs to be updated....