Change Terminal Services Profile Path PowerShell

2014-10-28 / Random / No Comment

Problem: I needed to change all domain users to the new terminal services profile server

I was able to create a powershell script that loops through the domain and finds instances of where the terminal services profile path is set to the old server. It then replaces the old server with the new server name and logs the output to console.

You can modify the below to limit the scope of the items found (findall() only does 1000 objects by default) by changing adding in an OU filter or creating a function that adds in the user. In any case my problem was solved with the below script.

$root = "LDAP://DC=GALAXY,DC=local"
$searcher = ([ADSISearcher]"(&(samAccountType=805306368)(!userAccountControl:1.2.840.113556.1.4.803:=2))") #user account type will be person and the account not disabled.
$users = $searcher.findall()
 foreach ($user in $users) {
    try {
    $userSearch = ""
    $tsprofilepath = ""
    $username = ""
    $userSearch = [adsi]"$($user.path)"
    $tsprofilepath = $userSearch.psbase.InvokeGet("TerminalServicesProfilePath")
    $username = $userSearch.psbase.InvokeGet("sAMAccountName")
       if ($tsprofilepath) { #check for not null
            if ($tsprofilepath.contains("OLDSERVERNAME")) { #check for containing string
                $newtsprofilepath = $tsprofilepath.Replace("OLDSERVERNAME", "NEWSERVERNAME") ##set ts profile path location
                Write-Output "$username has profile path of $tsprofilepath"#log existing
                $userSearch.psbase.Invokeset(“terminalservicesprofilepath”, $newtsprofilepath) #set new path
                $userSearch.setinfo() #save user info
                Write-Output "$username changed profile path to $newtsprofilepath" #log new path
            else {
                Write-Output "$username has a profile path of $tsprofilepath" #log already has new path
            else {
                Write-Output "$username has a no profile path set" #log already has no path
            #start-sleep 1 #loop sleep Timer
        catch { 
        #error handle
        $ErrorMessage = $_.Exception.Message
        $FailedItem = $_.Exception.ItemName
        Write-Output "$username had an error of: $ErrorMessage"
        Write-Output "$FailedItem"
Read More

SCCM 2012 R2 OSD Deployment Run Task Sequence From Distribution Point

Unable to switch the deployment option to run from local distribution point


All the software included in the task sequence need to have the option enabled “copy the content in this package to a package share on distribution points”
an easy way to find which packages do not have this enabled is the SQL query below:

1. Find your PackageID number for the task squence

2. Login to sql and run the query against the sccm db

Declare @TaskSequenceID char(8); set @TaskSequenceID = '000CB'

select P.PkgID, P.Manufacturer, P.Name, P.Version, P.Language, P.PkgFlags, (128 & P.PkgFlags)

from v_TaskSequenceReferencesInfo as TSR inner join vPackage as P on P.PkgID = TSR.ReferencePackageID

WHERE TSR.PackageID=@TaskSequenceID

and (128 & P.PkgFlags) <> 128 --the bitmask for the "Copy the content... option in the Package Data Access properties"

3. Enable the option: Copy the content in this package to a package share on distribution points

Read More

Extend encrypted LVM By adding new physical disk

2014-01-23 / Linux, SAN, VMWare / No Comment

1. Verify the volume group and the logical volume name:


2. Add a new hard disk device to add to the volume group (in this example /dev/sdd):

pvcreate /dev/sdd
vgextend existing_volume_group /dev/sdd

3. After extending the volume group, extend the underlying Logical Volume (500GB):

sudo lvextend -L+500G /dev/existing_volume_group/logicalvolume_data

4. Resize the Crypt:

sudo cryptsetup resize /dev/mapper/

5. Resize filesystem:

sudo resize2fs /dev/mapper/

Tags: , ,
Read More

SharePoint 2013 missing Manage services on server for farm admins

2013-07-16 / SharePoint / 1 Comment

Sharepoint is missing options for Manage services and Backup and Restores

The issue is even though the admin or group is configured as a Farm administrator inside of SharePoint 2013 the admin/group is not configured on the server as an Administrator. The group must be added as a server Admin to be able to manage these functions.

Read More

SCCM 2007 – Server 2012 and Windows 8 Support

SCCM 2007 SP2 is not showing any Windows 8 or Windows Server 2012 updates in Software Updates.


There are two fixes that need to be installed on the server:

Read More

IIS Reverse Proxy Module 500 error when going to PHP backend

2013-05-13 / IIS, Server / 1 Comment

When setting up IIS reverse Proxy to connect back to a linux PHP application the site would not load and IIS would throw a 500 error. When browsing to the PHP site from the IIS server manually no errors and connectivity was working fine.

I missed an option in the web.config file for the PHP pattern “pattern=”^text/php”” :

<?xml version="1.0" encoding="UTF-8"?>
          <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
            <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^http(s)?://*)" />
            <action type="Rewrite" value="http{R:1}://{R:2}" />
            <preCondition name="ResponseIsHtml1">
              <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
	      <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/php" />
                <clear />
                <rule name="index" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                        <add input="{REQUEST_FILENAME}" matchType="IsDirectory" />
                    <action type="Redirect" url="" />
                <rule name="ReverseProxyInboundRule1" patternSyntax="ECMAScript" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions logicalGrouping="MatchAny" trackAllCaptures="false">
                    <action type="Rewrite" url="{R:0}" />
Read More

The password stored in Credential Manager is invalid.

2013-04-24 / Desktop, Random / No Comment


When a user was printing documents it would show up under a help desk person’s account.

Also was seeing a bunch of EventID 552 like these in the security logs

Logon attempt using explicit credentials:
Logged on user:
User Name: USER1
Domain: DOMAIN
Logon ID: (xxx,0x7D052)
Logon GUID: {xxxxxxx-07b5-8f5f-d5dd-d78268681b37}
User whose credentials were used:

Logon GUID: –
For more information, see Help and Support Center at


After enabling NetLogon debug logging information.

This would appear in the System Log under Kerberos Warning:

The password stored in Credential Manager is invalid. This might be caused by the user changing the password from this computer or a different computer. To resolve this error, open Credential Manager in Control Panel, and reenter the password for the credential XXX.

I was able to launch the Credential Manager using “rundll32.exe keymgr.dll,KRShowKeyMgr” and delete the cached credentials for the server that was running under the help desk person’s account.

Rebooted the PC and the user’s print jobs now show up under the correct account.

Tags: , ,
Read More

Remove .ashx extension from sitecore media file links

2013-01-30 / IIS, Random / 3 Comments


When clicking on a linked PDF document or any media file sitecore added .ashx extension to the linked file. This caused issues with some browsers and OS versions not knowing what to do the file.



Let the uploaded file present its original extension.

Modify the web.config file and look for

<setting name=”Media.RequestExtension” value=”ashx” />

change the setting to

<setting name=”Media.RequestExtension” value=”” />

Read More

Issues with SSRS 2012 SharePoint Integrated mode and SharePoint 2010

2012-10-26 / SharePoint, SQL / No Comment


I continued to run into issues with Kerberos and error message like Login failed for user ‘NT AUTHORITY\ANONYMOUS LOGON’ when using SharePoint Reporting Services and a SQL DB that I was reporting on a different server.


When configuring Kerberos with previous SQL versions and SharePoint it was easy to set the delegation to “Trust this user for delegation to any service”. after setting SPNs you would be good to go.

However, with SSRS 2012 things have changed and SharePoint now uses the Claims To Windows Service to get authenticated correctly. I had it half way right and the fix was to add “trust this user for delegation to specified services only” on both the Claims To Windows Account and the SharePoint SSRS 2012 account. I found a sweet video on what needs to be done here:

Tags: , ,
Read More

Ubuntu 12 LIO iSCSI Target with SCSI-3

2012-08-14 / Linux, SAN, Server / No Comment

Needed a quick solution to add storage to a failover cluster in a lab environment. LIO iSCSI supports scsi-3 persistent reservation iscsi. I decided to go with this solution.


1. Install Ubuntu
install ubuntu
apt-get update
apt-get upgrade
apt-get install lio-utils

2. configure lio

attach additional storage to your ubuntu server. The following configuration can be used via command line first to test. Once everything is working you can make it static by modifying the files listed.

a. setup your devices to be used.

nano /etc/target/

tcm_node --block iblock_0/iscsiarray1 /dev/sdb
tcm_node --block iblock_0/iscsiarray2 /dev/sdc
tcm_node --block iblock_0/iscsiarray3 /dev/sdd
tcm_node --block iblock_0/iscsiarray4 /dev/sde

b. setup your iscsi target

nano /etc/target/

lio_node --addlun 1 1 iscsi01 iblock_0/iscsiarray1
lio_node --addnp 1
lio_node --disableauth 1
lio_node --addlunacl 1 1 1
lio_node --addlunacl 1 1 1
lio_node --enabletpg 1

lio_node --addlun 2 2 iscsi02 iblock_0/iscsiarray2
lio_node --addnp 2
lio_node --disableauth 2
lio_node --addlunacl 2 2 2
lio_node --addlunacl 2 2 2
lio_node --enabletpg 2

lio_node --addlun 3 3 iscsi03 iblock_0/iscsiarray3
lio_node --addnp 3
lio_node --disableauth 3
lio_node --addlunacl 3 3 3
lio_node --addlunacl 3 3 3
lio_node --enabletpg 3

lio_node --addlun 4 4 iscsi04 iblock_0/iscsiarray4
lio_node --addnp 4
lio_node --disableauth 4
lio_node --addlunacl 4 4 4
lio_node --addlunacl 4 4 4
lio_node --enabletpg 4
Tags: ,
Read More