How to copy AD Members from one group to another group

If you have an AD group full of members, and you want to copy that memberlist over to another group, then it can be done with this powershell scipt:

From: put in the AD group where you want to copy users from.

TO: put in the AD group name where you want the users to be copied to.

Get-ADGroupMember “FROM” | get-aduser | foreach-object {add-adgroupmember -identity “TO” -Members $_.SamAccountname}

Thats it.

VMware KB: The Hardware Status tab displays the error: Hardware monitoring service on this host is not responding or not available – Solved

One of the alerts that often pops up in OpsMgr 2012 is that it cannot retrieve health data from the VMware hosts and falls back to using Vcenter. To fix this enable SSH on your VMware hosts and login to run the following command from the article below:

/etc/init.d/sfcbd-watchdog restart

I have not seen any interruption so far running this command.

Source: VMware KB: The Hardware Status tab displays the error: Hardware monitoring service on this host is not responding or not available

Delayed Write Failed – Event ID 50 – Solved

Saw this issue though OpsMgr 2012 R2 console, telling me that all Windows Server 2012 and 2012 R2 servers where reporting this issue every evening when the backup kicked in.

There are a lot of blog posts on the web telling you to disabling the cache on the disks and so on, but this is a default setting i did not want to change. And in my opinion that is a workaround, not a fix.

So working with this issue led me to an known error from VMware: KB2006849

Telling me that this has been solved in a patch from the 27th of january 2015 and later versions.

Version: ESXi 5.5 Patch 4
Release: 2015-01-27
Build: 2403361

To verify which version you are running, then look in the vSphere Client under one of your hosts:

VMware version

Then compare that number with this website:Build number history

If you have a build version before 2403361 (like the above example) – then you need to update your ESX hosts and the VMware tools on the virtual machines.

This solves the issue.

Event id numbers which leads to this issue:

Event ID 50, 57, 137, 140, 157 and 12289

Best regards.


Known Issues with Disabling or Unbinding IPv6

Dirk & Brad's Windows Blog

A common issue we see in support is unbinding or disabling IPv6 on network interfaces.  Unbinding IPv6 is one of those things where you never know how it’s going to manifest, but the outcome is rarely the desired one.  Based on here is a running list of acknowledged issues identified by product support / Windows product teams when disabling IPv6 by unchecking IPv6 checkbox, broken down by technology:

Unchecking the IPv6 checkbox in the GUI exposes the following product issues


  • MSExchange ADAccess event 2114: Topology discovery failed, error 0x80040a02 DSC_E_NO_SUITABLE_CDC
  • MSExchange ADAccess event 1601: When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account <SID>
  • MSExchange ADAccess event 2012: Domain Controller Servers in use are not responding
  • MSExchange ADAccess event 2105: Exchange Active Directory Provider failed to obtain DNS records for domain <AD DNS doman name>

View original post 515 more words

How to monitor Unix, Linux, Debian, CentOS, RHEL, Ubuntu with OpsMgr 2012 R2

This is a quick guide collecting the information I needed to install an OpsMgr agent on RHEL 7 and CentOS 6 operating systems. There can be some variations from the different systems, but this should give you an indication on what is needed and save you some hours.

To install the agent the firewall needs to be opened, a local service account needs to be created and a security settings need to be set on the Linux server. After this it can be implemented in OpsMgr 2012 with the discovery wizard.

Prepare OpsMgr 2012 R2 for the Linux implementation

Kevin Holman preparation guide

Find the latest OpsMgr Management Pack: Google System Senter 2012 management pack for Unix ]

Import the Management PackHow to import and Operations Manager Management Pack

Version 2015/08 includes support for the following operating systems:

AIX 5.3, AIX 6.1, and AIX 7 operating systems.

HP-UX 11iv2 and HP-UX 11iv3 operating systems.

Red Hat Enterprise Linux Server 4, Red Hat Enterprise Linux Server 5, Red Hat Enterprise Linux Server 6, and Red Hat Enterprise Linux 7 operating systems.

Solaris 9, Solaris 10, and Solaris 11 operating systems.

SUSE Linux Enterprise Server 9, SUSE Linux Enterprise Server 10 SP1, SUSE Linux Enterprise Server 11, and SUSE Linux Enterprise Server 12 operating systems.

CentOS 5, CentOS 6, and CentOS 7 operating systems

Debian GNU/Linux 5, Debian GNU/Linux 6, Debian GNU/Linux 7, and Debian GNU/Linux 8 operating systems

Oracle Linux 5, Oracle Linux 6, and Oracle Linux 7 operating systems

Ubuntu Linux Server 10.04 and Ubuntu Linux Server 12.04, and Ubuntu Linux Server 14.04 operating systems

Information on ports and firewall requirements

Default discovery and management occurs over TCP 1270,

Troubleshooting, and diagnostics discovery occur over SSH, TCP 22.

Discovery and deployment over SSH, default TCP 22

  • Secure Shell (SSH) – Used for installing, upgrading, and removing agents.
  • Web Services for Management (WS-Management) – Used for all monitoring operations and include the discovery of agents that were already installed.

Installing SCOM agent – requirements

Configure a Low-Privileged Account for sudo elevation:

To create a low-privileged user

1.Log on to the UNIX or Linux computer as root.

2.Add the user:

# useradd opsmgrsvc

3.Add a password and confirm the password:

# passwd opsmgrsvc

# (define password here)

You can now configure sudo elevation

To configure sudo elevation for the low-privileged user

1.Log on to the UNIX or Linux computer as root.

2.Use the visudo program to edit the sudo configuration in a vi text editor. Run the following command:

# visudo

3.Find the following line:

root ALL=(ALL) ALL

4.Insert the following line after it:


5.Insert the following line after “Defaults requiretty”

Defaults:opsmgrsvc !requiretty

6.Save the file and exit visudo:

Press ESC + : (colon) followed by wq!, and then press Enter.

7.Test the configuration by entering in the following two commands. The result should be a listing of the directory without being prompted for a password:

# su – opsmgrsvc

# sudo ls /etc

Configuring the firewall

RHEL 7 had a firewall enabled, and it was necessary to run the following command:

# iptables -I INPUT -p tcp -m tcp –dport 1270 -j ACCEPT

# firewall-cmd –runtime-to-permanent

Configuring sudo Elevation for UNIX and Linux Monitoring with System Center 2012 – Operations Manager

If you would like to have more granular control of the service account permissions, you can read the below post.

Installing the agent

When the firewall ports are opened, and the service account is put in place, then the OpsMgr agent can be installed with the Discovery Wizard.

Management Pack view in OpsMgr 2012 console:

OpsMgr Linux MP


Accessing UNIX and Linux Computers in Operations Manager

How to Configure sudo Elevation and SSH Keys

Configuring sudo Elevation for UNIX and Linux Monitoring with System Center 2012 – Operations Manager

Accessing UNIX and Linux Computers in Operations Manager

How to Configure sudo Elevation and SSH Keys

Credentials You Must Have to Access UNIX and Linux Computers

Agent and Agentless Monitoring

Understanding SCOM 2012 Alerts and Monitors and how to reactivate a closed Monitor

If you would like to know a bit more about the differences between a SCOM “Rule” and a “Monitor” and why Alerts can be closed and Monitors should not, then read this great article from Cameron Fuller. It describes nicely how to react on Alerts and Monitors in SCOM / OpsMgr 2012 R2 

An alert can typically be closed if the state has not changed for a longer period of time, otherwise there would be a repeat count on the alert if it were still an issue.

Monitors will typically close by them self, if not you would have to reset the health state to close it automaticly.

If you by accident close a Monitor, it will not reappear before the health state changes. Therefore, if you are running out of disk space, the monitor will only reappear when the issue have been resolved and then reappears.

This script can reset the closed monitors, which has been copied from this great article, with a small fix since the script was missing a terminator.

# Import Operations Manager Module and create Connection
Import-Module OperationsManager;
New-SCOMManagementGroupConnection EURSCOMACS01;
$alerts=get-scomalert -Criteria “Severity!=0 AND IsMonitorAlert=1 AND ResolutionState=255” | where {$_.LastModified -ge ((get-date).AddMinutes(-5)).ToUniversalTime()}
if ($alerts -is [object])
foreach ($alert in $alerts)
$monitoringobject = Get-SCOMClassinstance -id $alert.MonitoringObjectId
# Reset Monitor
If (($monitoringobject.HealthState -eq “Error”) -or ($monitoringobject.HealthState -eq “Warning”))

I have verified that it works, but use at your own risk.


How to reclaim storage on HP 3Par systems.

3Par does not seem to be that effective at reclaiming space and requires some manual tasks to free up space, due to the detection method which is “Zero detect” or “UNMAP”.

To Release space on VMware

On VMware ESX, if you copy or data migrate 1TB of data from one Datastore to another Datastore: HP 3Par does not see the move and now sees 1TB+1TB of data, since the old data locations are not zeroed out or that VMware does not give instructions to 3Par about the released storage – this feature is also called UNMAP.

This seems to be due to the fact that VMware no longer has the UNMAP feature enabled which reclaims space after data has been deleted or moved


So VMware knows the data has moved and shows correctly in Vsphere console – But since the old data blocs are not reclaimed/zeroed out HP cannot see it and release the space.

Recommendations is to run UNMAP manually by the following command on a datastore trough Putty SSH on a ESX 5.5 host

”Esxcli storage vmfs unmap –l DATASTORENAME”

It will have a small performance impact when run.

ESX less than 5.5 have to use the “vmkfstools –y 80” command on a datastore to create a balloon file with empty data taking up 80% of the free space in this example.

To release space on Windows Servers

When files are deleted in Windows 2003 and 2008, they are not zeroed out which 3Par can detect and release.

UNMAP is supported from Windows Server 2012 + R2 – so this should help 3Par release storage.

Windows Server 2003/2008  server requires Sdelete.exe tool to Zero out data.

Example to Zero out unused disk space on volume Z: “Sdelete.exe –Z J:\ “

Requires volumes to have letters, and from Sdelete version 1.6 you have to use the Z switch (previous –c option)

After data have been zeroed out, it will take some time for 3Par to release the space. HP tells me that the 3Par system will not prioritize this task under heavy load and that there are no way of activate this task manually or see the status of it. Nothing left then to wait and see, HP told me that I should look again after a weekend to see if the data have been released.

The virtual volumes also needs to have “Zero Detect” enabled.


So this is the theory, but I do still struggle with the 3Par to release the space.

In this example, HP 3Par detects that the volume is only 50% filled – but 3Par holds 5.5TB in custod


HP 3PAR Thin Technologies Whitepaper

A easy to understand blog about thin provisioning including Video demonstration


I have used all these commands without issues, but do it at your own risk.

How to remove vmkdump files from VMware ESX 5.x

So how can a datastore be deleted if there is an active file in a vmkdump folder that resides in the datastore running Vsphere Client and ESX 5.x?

When browsing the datastore, a vmkdump folder shows up with a file in it, this file is in use and prevents the datastore to be deleted, it is a log dump file and in my case could be remove and re-added safely to another store.

The files cannot be migrated by the Vsphere Client and trying to do so or delete dem gives an error: “Device or resource busy”

One .dumpfile is created by each host in a random datastore, and to delete and recreate them, you have to find the owner of the file, to do so, take the ID of the file and log in to your hosts by this adress to find their ID which have to match the filename:


then logon to the ESX host with putty, and run this command: “esxcli system coredump file remove –F”

Then recreate the file at a new destination with: “esxcli system coredump file add -f SERVERNAME -d DATASTORENAME”

Make the file active: “esxcli system coredump file set -p /vmfs/volumes/DATASTORE_UUID/vmkdump/FILENAME”

Run this command to see if the file is active: “esxcli system coredump file list”

So to solve this puzzle, these to blogs did the math.

How to use Robocopy and RichCopy to Migrate TB of data

When i tried using RoboCopy for my data migration tasks, I found out that it would take way to long since the data transfer speed on RoboCopy was quite poor.

Looking for other alternatives i found Microsoft RichCopy that did the trick.

But RichCopy comes up with some errors like “file not found” “directory not found” and i have a hard time trusting this output.

So instead i used Robocopy afterwards to verify the data, RoboCopy will only copy changes or files not copied by RichCopy and even if RoboCopy says “modified” in the output does not meen that it copies all the data Again, it only copies changes. I uses these commands which catched the missings links from RichCopy.

robocopy <source> <destination> /XO /ZB /E /FFT /DCOPY:T /COPYALL /R:1 /W:1 /V /NDL /MT:20 /LOG:<location&name>.log /TEE
/XO – Excludes files from <source> that are older then the <destination> files.
/ZB – Uses Restart mode. If access is denied, this option uses Backup mode.
/E – Copies subdirectories. Note that this option includes empty directories. For additional information
/DCOPY:T – Copies directory time stamps.
/COPYALL – All security information on files and folders are copied.
/R: – Specifies the number of retries on failed copies. The default value is 1,000,000 (one million retries).
/W: – Specifies the wait time between retries, in seconds. The default value of N is 30 (wait time 30 seconds).
/V – Verbose output showing skipped files
/NDL – Specifies that directory names are not to be logged.
/MT – Creates multi-threaded copies with N threads. N must be an integer between 1 and 128. The default value for N is 8.
/LOG:<LogFile> – Writes the status output to the log file (overwrites the existing log file).
/TEE – Writes the status output to the console window, as well as to the log file.
/FFT – if the two server have the different file systems, files are still re-copied, even though nothing has changed. You can use /fft switch, which makes the modify time comparison more tolerant (2 seconds granularity).

This way i increased the copy speed and i’m positive that the data is intact after the migration.

Use this info at your own risk.