Sunday, July 25, 2010

Administrative Shares inaccessible using Local Administrator Account

Good Link for a problem Wndows-7 -Unableto access Administrative Shares using Local Admin account

Exchange 2003 Queue Directory Corrupt

For one of our client, we have received an alert stating that “The Microsoft Exchange Information Store service terminated with service-specific error 0 (0×0)”.

The error seems to simple and everyone would just suggest to start the service back. But the root cause was different.

One of our colleague started working on the alert and here is the chronology of steps followed in resolving the issue. found that the Information Store service was in stopped state and started the service. Started verifying queues , encoutered error stating that “Default SMTP Virtual Server is unavailable”. Verified and found that SMTP Service was in started mode.

Escalated call to me and I’ve started working on the issue.

Upon further analysis, found that the SMTP Virtual Instance was stopped in ESM (Exchange System Manager). Tried to start the instance, encountered error stating that “Queue Directory is corrupted , hence the instance could not be started”.

Error logged in Eventlog & Error pop-up when accessed Queue Directory from explorer.

Executed following Steps to resolve issue:

1. Uninstalled existing Antivirus (AVG)

2. Executed chkdsk on volume in which the exchange database is stored. Found disk errors.

3. Executed chkdsk /f on the volume and restarted the server

4. Created new Queue Directory and pointed the path from ESM to the new folder.

5. Started SMTP Virtual Instance & Information Store Services.

Mails started flowing fine.

Happy Learning!!!

Thursday, July 8, 2010

Export DNS records to Excel to read time stamps and static records

How to get list of static DNS records...

Ask a DNS administrator and he’ll tell you there is no such thing as being “too careful” with DNS data! One of the dreaded things is to check the box for Auto Scavenging. A slight mis-configuration can lead to useful DNS entries getting deleted.

Some of the common questions that may come to an Administrator’s mind when thinking about scavenging is – How many static records do I have? Do I really have aged records lingering? Well, the answers to these questions are easy to find. Just open each record in the DNS console and look at the time stamp. This is easy if you have 20 records. That’s far from practical in the real world, though.

What one really needs is data in an organized form, say in Excel. Unfortunately the format of “dnscmd enumrecords” is not exactly ready to be imported as data. Let’s look at a sample output of “dnscmd /enumrecords @ /Type A /additional”:

We do get the name of the record, time stamp, TTL, type & IP address. This data cannot be directly imported into Excel, however; it needs to be formatted with delimiters so that Excel can import it. We have chosen to use a “,” (comma) in this case.

Some points to keep in mind are:

1.Observe the first few lines of the data in the example above. Each “Same as parent folder” is on a separate line with the Record name missing in subsequent lines.

2.For static records, the text “[Aging:xxxxxxxx]” is missing.

3.We have tried to accommodate more types of records like SRV, NS, SOA, MX, and CNAME, though typically one would be interested in the A records.

We will achieve the desired result in two steps using two VBScripts. The scripts perform the following functions:

1.Put in the delimiter “,” to separate the data on each line. In our example, the script is named “changetocsv.vbs”.

2.Perform a calculation to convert the “Aging” number to a readable date format and then open the file in Excel, provided Excel is installed on the machine being used. We will name this script “openexcel.vbs”.

Note that both scripts manipulate contents of the file. Each script should be run only once on a file. Here is a summary of how the overall process will work:

•Create a directory/folder to hold the exported DNS data and script files.

•Copy the contents of both scripts given below and place them in the folder created.

•Export the data from DNS using the dnscmd.exe utility included with Windows Server.

•At a Command Prompt in the folder created, run each script against the exported data to format it for and import it into Excel.

Detailed steps:

1. Create a folder, such as C:\dnsdata, in which to store each of the scripts below. Eg: changetocsv.vbs and openexcel.vbs.

2. At a Command Prompt, run the following command:

dnscmd /enumrecords @ /Type A /additional > c:\dnsdata\dns.csv

Note: For more information on dnscmd.exe, run ‘dnscmd /?’ at a Command Prompt.

3. Save the below script as “changetocsv.vbs” in the directory created. This script will read the raw output taken from dnscmd command, format it by inserting comma delimiters, and then save it as the same filename specified at the command prompt when it is run.

Const ForReading = 1

Const ForWriting = 2

strFileName = Wscript.Arguments(0)

Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objFile = objFSO.OpenTextFile(strFileName, ForReading)

strText = objFile.ReadAll


strNewText = Replace(strText, " [Aging:", ",")

strNewText1 = Replace(strNewText, "] ", ",")

Set objFile = objFSO.OpenTextFile(strFileName, ForWriting)

objFile.WriteLine strNewText1


'please modify Rtype array as per the record requirements

Rtype = Array("A", "SRV", "NS", "SOA","MX","CNAME")

For i = 0 To UBound(Rtype)

rrtype = " "+Rtype(i) +" "

Set objFile = objFSO.OpenTextFile(strFileName, ForReading)

strText = objFile.ReadAll


strNewText = Replace(strText, rrtype, ","+Rtype(i)+",")

Set objFile = objFSO.OpenTextFile(strFileName, ForWriting)

objFile.WriteLine strNewText



Set objFile = objFSO.OpenTextFile(strFileName, ForReading)

strText = objFile.ReadAll


strNewText = Replace(strText, " ", ",,")

Set objFile = objFSO.OpenTextFile(strFileName, ForWriting)

objFile.WriteLine strNewText

objFile.Close4. The script takes one argument. At the command prompt while in the directory created earlier, run the following command:

C:\dnsdata> changetocsv.vbs dns.csv

This command modifies the content of dns.csv and overwrites the same file.

5. (optional) View the modified dns.csv.

Thanks to the new formatting, the file could now be easily opened in Excel as a csv file. However, the “aging” number (second column) needs to be converted to a readable date. The Aging number in the DNS data gives hours since 1/1/1600 00:00, while Excel is configured with 1/1/1900 00:00 as starting point. So we need to remove a constant from the aging number to normalize it and then specify the format. In the following script, we remove constant 2620914.50 and divide the result by 24 since Excel understands “days” rather than “hours”.

6. Save the script file below to “openexcel.vbs”. This script will modify the comma delimited file, dns.csv in our example, to convert the number mentioned for Aging to a date format and opens the file in Excel automatically.

Const ForReading = 1

Const ForWriting = 2

strfile= wscript.Arguments(0)

Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objFile = objFSO.OpenTextFile(strfile, ForReading)

Do Until objFile.AtEndOfStream

strLine = objFile.ReadLine

If not strLine = "" Then

arrItems = Split(strLine, ",")

intDatevalue = 0

If not(arrItems(1))="" Then

intDateValue = (arrItems(1) - 2620914.50)/24

End if

intItems = Ubound(arrItems)

ReDim Preserve arrItems(intItems + 1)

If intDateValue > 0 Then

arrItems(intItems + 1) = intDateValue


arrItems(intItems + 1) = ""

End If

strNewLine = Join (arrItems, ",")

strNewText = strNewText & strNewLine & vbCrLf

End If



Set objFile = objFSO.OpenTextFile(strfile, ForWriting)

objFile.Write strNewText


Set objExcel = CreateObject("Excel.Application")

objExcel.Visible = True

Set objWorkbook = objExcel.Workbooks.Open(strfile)

Set objRange = objExcel.Cells(1, 6)

Set objRange = objRange.EntireColumn

objRange.NumberFormat = "m/d/yyyy hh:mm:ss AM/PM"7. The script takes one argument. At the command prompt, run the following command:

C:\dnsdata> openexcel.vbs c:\dnsdata\dns.csv

The script modifies the content of dns.csv and overwrites the same file with modified content. The above script opens the resultant file in Excel, provided Excel is available J.

IMPORTANT: Please give full path name of the file otherwise the Excel will give an error while attempting to open the file dns.csv.

The columns are Name, Aging, TTL, Type, IP address & Time Stamp. Blanks in Time Stamp indicate a static record. Below is the result after running both scripts on our example data:

8. Once the file is open, save the resultant as dns.xls and use that for all future reference.

DNS Zone Information CSV collector

This script takes command line arguments of a remote dns server, uses dnscmd to collect all the zones and some extended information about them and outputs to a csv file with the name of the remote server. You can input multiple remote servers. I have only tested this with windows 2003 server, if 2008 dnscmd output is the same format it should work as well. I wrote this to collect information on scavenging settings, so the output is more focused on that. You will need to know what the numeric values of the /zoneinfo results mean in order to interpret the csv file output.

Script Code (Perl)

#dns zone enumeration and detail gathering

#run the command with arguments of the dns servers hosting the zones. This script enumerates

#all zones, collects some of the extended details and outputs to CSV format. Requires dnscmd.exe and

#appropriate rights on the remote machine

foreach (@ARGV) {

my $filename = $_ . ".csv";

open OUTFILE, ">$filename"

die "Can't open output file\n";

print OUTFILE "Zone Name,Type,Storage,Updates,DS Integrated,Aging On,Refresh Aging,No Refresh Aging,Scavenge Available\n";

my $dnsserver = $_;

$output = `dnscmd $dnsserver /enumzones`;

@outputarr = split(/\n/,$output);

$beginning = 0;

foreach (@outputarr) {

if (!($beginning)) {

if ($_ =~ /Zone name/) {

$beginning = 1;


} else {


$_ =~ s/^\s//;

my @temparr = split(/\s+/,$_);

if ($temparr[0] =~ /\./) {

#proper zone found,

#Format: Name, Type, Storage, Properties(multiple)

# properties Secure Rev Aging

my $details = getdetail($dnsserver,$temparr[0]);

my $outline = "$temparr[0],$temparr[1],$temparr[2],$details";

print OUTFILE $outline;



} #end of all output from enumzones

close OUTFILE;

} #end foreach server's passed as args

sub getdetail {

my ($dnsserver,$zone) = @_;

my $zoneinfo = `dnscmd $dnsserver /zoneinfo $zone`;

my @zonedetails = split(/\n/,$zoneinfo);

my ($zoneupdate, $dsintegrated, $aging, $agerefresh, $age_no_refresh, $scavenge_avail) = "";

foreach (@zonedetails) {

my $line = $_;

if ($line =~ /update/) {

$zoneupdate = parsevalue($line);

} elsif ($line =~ /aging/) {

$aging = parsevalue($line);

} elsif ($line =~ /DS integrated/) {

$dsintegrated = parsevalue($line);

} elsif ($line =~ /refresh interval/) {

$agerefresh = parsevalue($line);

} elsif ($line =~ /no refresh/) {

$age_no_refresh = parsevalue($line);

} elsif ($line =~ /scavenge available/) {

$scavenge_avail = parsevalue($line);


} #end details

my $retval = "$zoneupdate,$dsintegrated,$aging,$agerefresh,$age_no_refresh,$scavenge_avail\n";

return $retval;


sub parsevalue {

my $val = @_[0];

my @temparr = split(/=/, $val);

$val = $temparr[1];

$val =~ s/ //g;

chomp $val;

return $val;


RPC Service Not Getting Started after recovering Server from OS Crash

Issue: RPC Service Not Getting Started after recovering Server from OS Crash

  • All Automatic services fail to start
  • RPC Service Not starting
  • Unable to view description of Services in extended mode in services console.
  • Unable to view properties of eventlogs
  • Repeated userenv errors in eventlogs
  • Open MMC (Start--Run--MMC)
  • Go to File--Add/Remove Snap-In
  • Add  'Security Configuration and Analysis'
  • Right click on 'Security Configuration and Analysis' & select 'Open Database'
  • Open C:\Windows\Security\Database
  • Type a name for database (Ex: test)
  • Now select  execute File--'Setup Security.inf' (C:\Windows\Security\Templates).
  • Right Click on 'Security Configuration and Analysis' and select 'Configure Now'
  • Reboot the server
All Automatic Services will be up and running and the server is restored to normal position.

Happy Learning!!!