Get Windows user/group SID

Download the Remote Server Administration Tools for Windows 7. Note: Windows 7 Professional or better. Install the software then run the follow commands to enable the AD Users & Computer snapin. dism /online /enable-feature /featurename:RemoteServerAdministrationTools dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD-DS dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD-DS-SnapIns I received an error when trying to install the snapin directly. c:\>dism /online /enable-feature /featurename:RemoteServerAdministrationTools-Roles-AD-DS-SnapIns Deployment Image Servicing and Management tool Version: 6.

System Writer is missing from the output of vssadmin list writers. The Application Event log is showing Event ID 513 source CAPI2. Had a hell of a time resolving this issue. Most of the sources point to a permissions issue. However the security log remains error free. The script below is combines a couple suggested fixes. One of the fixed is from the Microsoft KB article 2009272. Other items were found in various forums.

Identification and resolution of Volume Shadow Copy Service errors Identify the problem writers using vssadmin vssadmin syntax: vssadmin list {shadows [/set= [shadow copy set GUID]] | writers | providers} vssadmin delete shadows /for=<ForVolumeSpec> [/oldest | /all | /shadow=<ShadowID>] [/quiet]`</pre> Let’s start off by checking the state of the VSS Writers C:\vssadmin list writers vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool (C) Copyright 2001 Microsoft Corp. Writer name: 'System Writer' Writer Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Instance Id: {449e12cf-6b8f-4d75-a821-bc869d6612c4} State: [1] Failed Last error: No error Writer name: 'SqlServerWriter' Writer Id: {a65faa63-5ea8-4ebc-9dbd-a0c4db26912a} Writer Instance Id: {de3b2861-77f6-43f8-8619-64dc9ea2fbcf} State: [1] Stable Last error: No error Writer name: 'MSDEWriter' Writer Id: {f8544ac1-0611-4fa5-b04b-f7ee00b03277} Writer Instance Id: {9036fdfa-05ef-4f7d-9c2f-84fa2f06560a} State: [1] Stable Last error: No error Writer name: 'WMI Writer' Writer Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Writer Instance Id: {f9f92826-a3d4-486c-ade3-a4201deb8ad2} State: [7] Failed Last error: No error The output above is showing the System and WMI writers in a Failed state.

Communicate clearly using the Nato phonetic alphabet background. It is difficult to accurately convey an asset tag, serial number, model number, etc to a peer or offsite support. Aside from phone clarity there is often accent or language barriers. If you are using a Microsoft Windows OS you can quickly add the Nato phonetic alphabet to your desktop background. Grab a copy of the Sysinternals tool Bginfo. Then download the nato.

Found a great script for removing ghosted (hidden) NICS on Frank Peter’s blog. Using the Microsoft devcon.exe tool the script compares the output of find and findall. If the matching device count is not equal the additional device is removed. find - Find devices that match the specific hardware or instance ID. findall - Find devices including those that are not present. The Device Console Utilitu (DevCon) is available from support.

Restart Terminal Services Without Rebooting Microsoft Windows 2003 and lower does not allow you start or stop the Terminal Services service. However if you can’t schedule a server reboot there is an alternative. Download the Sysinternals tool Process Explorer Using Process Explorer locate the svchost.exe -k termsvcs process. There will be a number of running svchost.exe processes. Hover your mouse over them to identify the correct one. Once you find it, right click and kill it.

Reduce the size of your System Volume Information folder by shrinking the shadow storage. Use vssadmin list shadowstorage to list the current Shadow Copy Storage size. C:\>vssadmin list shadowstorage vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool (C) Copyright 2001-2005 Microsoft Corp. Shadow Copy Storage association For volume: (C:)\\?\Volume{278ce142-19d8-11e1-9176-806e6f6e6963}\ Shadow Copy Storage volume: (C:)\\?\Volume{278ce142-19d8-11e1-9176-806e6f6e69 63}\ Used Shadow Copy Storage space: 15.681 GB (39%) Allocated Shadow Copy Storage space: 16.

For those note aware of the GNU Tail utility, it will print the last n lines of text from a file. It is an invaluable tool for monitoring log files. Since Windows does not have an equivalent command this is quite useful. Using the Powershell Get-Content cmdlet will print the contents of a file. The -wait parameter will print additional lines as they are added. Get-Content filename -wait Be aware that this is slow on large files.

A Windows Administrator USB toolkit. The following is a collection of free and/or open source tools I like to keep on hand. Portable Apps collection PortableApps.com Suite™ is a complete collection of portable apps including a web browser, email client, office suite, calendar/scheduler, instant messaging client, antivirus, audio player, sudoku game, password manager, PDF reader, minesweeper clone, backup utility and integrated menu, all preconfigured to work portably. Just drop it on your portable device and you’re ready to go.

The Windows Assessment Tool (WinSAT) is included Microsoft Vista and Windows 7. This tool can perform performance tests including CPU, memory, disk and video. winsat disk -drive c Windows System Assessment Tool > Running: Feature Enumeration '' > Run Time 00:00:00.00 > Running: Storage Assessment '-drive c -seq -read' > Run Time 00:00:05.48 > Running: Storage Assessment '-drive c -ran -read' > Run Time 00:00:06.99 > Running: Storage Assessment '-drive c -scen 2009' > Run Time 00:01:13.

Every so often I will run into the error where a Windows 2003 server will get stuck logging off a user. The console screen will display the message “Saving your settings”. I ran into this issue while needing to remotely reboot a server. The server in question did not have any kind of remote access card. However, the server was running RAdmin software and I was able to get a console screen open.

There are multiple times where I have been unable to kill a process on Windows 2008 server. Generally the process is running as a domain account. Killing the process failed using an administrative prompt and/or the account the process was started with. The process is owned by the System account. You can use the Sysinternals tool psexec with the -s switch to run as the System account. The -i switch allows the process to interact with the desktop.

Ran into an issue with Microsoft Windows Update Service on two Windows 2003 servers. I use a 3rd party patch management tool that calls the Windows Update API. This issue was preventing the correct list of vulnerabilities and causing Windows Update to error out. One of the servers would report Error number: 0x8DDD0004 the other reported an ActiveX issue. While exploring solutions I ran into the following error message when opening Add/Remove Windows Components via appwiz.