Add Active Directory Domain Services (AD DS) Role on Server 2016 Fails with Error: 0x800f0831

You just spun up a fresh server and it won’t install the Domain Controller Role. and you are frustrated. I am here to help. When attempting to install AD DS or .Net 3.5 you get this error. You will get the same error from the GUI or Powershell:

Install-windowsfeature -name AD-Domain-Services

The Error Code 0x800f0831 means Windows is attempting to check updates for the needed software package. This causes the hang/fail because it is not there. This is the error:

The request to add or remove features on the specified server failed. Installation of one or more roles, role services, or features failed. Error: 0x800f0831

Restarting doesn’t help, nor will most other “fixes” on the internet.

The problem is that you have the Windows installation disk attached (in my case to a virtual machine in VMware or in the disk drive after installation) so that is where Windows is trying to find the files.

Verify the Remote Registry service is running. Open Services on your machine and Start the Remote Registry service if it is not already running.

You can presumably unattach the disk and restart but I selected Specify an alternate source path on the Confirmation page.

Luckily there are instructions. The path on my system was as follows because the ISO was attached to the D: drive.

WIM:D:\sources\install.wim:4

Enter the path information into the box and click ok.

Now it will install without hanging or failure. I just saved you a big headache, shared the love.

 

How to Migrate SYSVOL from Oldschool FRS to DFSR

If you have any battle-worn domain controllers that have been upgraded multiple times, your domain is probably still running the outdated replication engine, File Replication Service (FRS), which dates back to Server 2000 and 2003. I am not sure why Microsoft doesn’t publicize this as much as upgrading to the latest OS, because it is just as important.

If you have domain controllers that are 2008 or newer, you absolutely should migrate to DFSR today. As it was designed in a bygone era, domains will often have replication errors or poor performance when using FRS in today’s demanding environments. Follow these steps to migrate to DFSR.

Prerequisites 

  •  All DCs must be at least Server 2008
  •  Domain Functional Level must be at least Server 2008
  •  Active Directory services must be in good general health
  •  Active Directory replication must be fully functioning

I would also suggest performing this migration after hours to minimize potential impact to users on the network. Ensure you have valid backup of all DCs before starting.

Note: perform this operation on your Primary Domain Controller (PDC)

There are 4 main stable states during this migration and you must wait for each to finish before moving on or you could cause yourself some serious problems.

States

  •  State 0 – Start
  •  State 1 – Prepared
  •  State 2 – Redirected
  •  State 3 – Eliminated

Open an elevated Powershell session on your PDC, run this command to go from Start through Prepared State.

dfsrmig /setglobalstate 1

1-dfs2

After running the previous command, wait for about 10 minutes or so then run the following command to see where you are at. Wait until you get a message that all domain controllers have reached a consistent state.

dfsrmig /getmigrationstate

2-dfs2

Once you are in Prepared State run this command.

dfsrmig /setglobalstate 2

3-dfs2

Again, wait for about 10 minutes or so then run the following command to see the migration status. Wait until you get a message that all domain controller have reached a consistent Redirected state.

dfsrmig /getmigrationstate

Once the operation is complete, you should open all of you domain controllers and check that you can navigate to the SYSVOL and it is the Redirected State. It is usually found here: C:\Windows\SYSVOL\sysvol\yourdomain.com

You need to check this because the last phase, getting to Eliminated State, cannot be undone and could cause some undue sadness if you didn’t reach Redirected. When ready run this command.

dfsrmig /setglobalstate 3

4-dfs2

Check status again with this command.

dfsrmig /getmigrationstate

Final Eliminated State message.

5-dfs2

After your reach Eliminated State you may get this error popup, do not be alarmed. This is telling you that the old SYSVOL is gone because it has been “Eliminated.” The new folder is called SYSVOL_DFSR, located here:  C:\Windows\SYSVOL_DFSR\sysvol\yourdomain.com

7-dfs

You might also want to check that the FRS service is completed stopped and disabled on every DC. Open up services.msc and find File Replication Service, verify it has been disabled.

8-dfs2

If it hasn’t been disabled open the service object and manually disable it.

6-dfs

You should be good to go at this point.

How to Clone VM without vCenter

vmware logo

vCenter is really straightforward for tasks like cloning a server image. ESXi, however, is rather spartan when it comes to features. Many management tasks can still be performed with command line interface by using a tool like PuTTY.

You just got a new bare metal server and you want to setup VMware ESXi and vCenter but a prerequisite for installing vCenter is a configured domain. If you are working in an environment without a Domain Controller then you will have to configure a VM to be a DC on your VMware ESXi host and setup a domain before you can install vCenter. Once vCenter is installed most management tasks are quite easy to accomplish with vSphere.

My endpoint goals:

  • Virtualize a physical server
  • Install ESXi on bare metal host
  • Install vCenter to manage VMs

The author assumes you have installed VMware ESXi 5.x or 6.x hypervisor on your host server and configured the basic parameters like IP address, subnet, gateway and host name. Outline of steps to create a master VM image:

  1. Create a VM
  2. Install OS
  3. Install VMware tools
  4. Update OS with the latest updates
  5. Install any apps you want on the master image
  6. Configure any settings you prefer on all your servers
  7. Follow steps below to clone

Steps to clone VM using only the bare metal install of ESXi:

Take a snapshot of the server you would like to use as the master image

Take Snapshot

Enable SSH on the host. Select the host > go to Configuration tab > Security Profile > Properties

turn on SSH

Scroll down > select SSH > click Options

Start SSH - Options

Start the service, you can stop it later to minimize security risks.

Start SSH

Download PuTTY and open it to establish an SSH connection. Input the IP address of your host to connect. In my case the host IP is 192.168.1.3. Enter the root username and password in PuTTY to login to the host.

Navigate to your master VM to verify it is the location you expect by running these commands in PuTTY:

cd /vmfs/volumes
ls -la
cd datastore1
ls -la

Find Source

Create a Directory called Clone to store clone images.

mkdir Clone

If your snapshotted source VM is “DC1” located on “datastore1” the following is the command to clone the VM called DC1. The “-000001” suffix on the VM name is to capture a snapshot version. If there was no snapshot you could just have “DC1.vmdk” at the end of the source path. Paste this entire command as one piece:

vmkfstools -i /vmfs/volumes/datastore1/DC1/DC1-000001.vmdk /vmfs/volumes/datastore1/Clone/VC1.vmdk -d thin

cloneVM-SSH

“Clone” is the folder where it will be stored and “VC1” is the name of the cloned virtual disk. “-d” is for the disk format, in this case thin provisioned. We will now create a new VM in vSphere and use the existing virtual disk.

Create a new VM in vSphere

create new VM

Select Typical

create new VM 2

Name the VM

create new VM 3

Select the target datastore

create new VM 4

Select the guest OS, in my case Server 2012 R2

create new VM 5

The default is 1 NIC, which is fine but I prefer to add a second internal NIC for VM to VM traffic that I previously setup

create new VM 6

Put whatever you want here because you will be deleting it anyway so you can add the cloned VD you already saved

create new VM 7

Select Edit the virtual machine before you continue

create new VM 8

In the Edit window, select the “New Hard Disk” you just entered parameters for and select Remove

create new VM 9

Select Add

create new VM 10

Select Hard Disk

create new VM 11

Select Use an existing virtual disk

create new VM 12

Browse to your Clone folder in the appropriate datastore, for me it was datastore1

create new VM 13

Next > Next > Finish

create new VM 14

Hooray, you have just created a cloned VM using command line!

create new VM 15

Hope this helps!

Microsoft Azure Active Directory Sync Services Install Error – A Constraint Violation Occured

When attempting to install the Microsoft Azure Active Directory Sync Services tool (DirSync), you may receive this error:  A constraint violation occurred

Rather unhelpful error code. Luckily, there is a really easy fix for this. Log off and then log back on again. You might also want to verify that the system does not have a pending reboot, if so then reboot instead. Verify you have both Microsoft .NET Framework 3.5 and 4.5 installed and configured on the machine.

If you have to configure DirSync again from a fresh install, uncheck the box “Start Configuration Wizard now” to avoid this issue. Log off and then log back in. This should take care of the error entirely.

Windows Server 2012 R2 Update Error 20000009 for SQL Server Update KB2958429

The dreaded Failed Update message. If you click “Get help with this error” for this one, you won’t get any help. Luckily, if you encounter Windows Update Error 20000009 notification, there is a quick solution.

When trying to install a massive SQL Server update KB2958429, this error appeared and the server update failed because the C: Drive was out of space.

Increase the size of your C Drive and the updates will work just fine.

 

Excel Opens File Very Slowly in RDS 2012 R2

Environment:
Microsoft Remote Desktop Services (RDS) on Server 2012 R2
Microsoft Dynamics GP 2013 with Management Reporter 2012 (hosted)
Office 2013 Professional (32 or 64 bit)
200+ users

We recently experienced an issue with certain Excel files opening very slowly. When attempting to open a moderately sized Excel document, less than 1 MB file, it was taking 10-20 minutes to load (if it loaded at all!). The documents in question were financial reports with about 215 worksheets. Each worksheet had some numbers and text but no complicated formulas, macros or visual basic. These are simple documents, usually around 750kb in size. So what was the problem?!?!?

The documents typically giving the issue were created from data in Dynamics GP using Management Reporter 2012 (MR). When we migrated from Dynamics GP 10 to version 2013 we were really excited to use all the new features offered in the newer version. One of the most attractive features is the integrated reporting tool Management Reporter 2012, which is Microsoft’s replacement for FRx. One big difference from FRx is that when you generate a report and export it to Excel, the default is to save every worksheet in “Page Layout” view. According our GP hosting partner WebSan, this setting cannot be changed in MR.

The result is excruciatingly slow performance when opening files with multiple worksheets in an environment that uses printer redirection. Aha! The file loads slowly because Excel is checking the printer to verify if each page layout will work. If the file is loaded on a local desktop it will open completely in less than 20 seconds. But the repeated requests to the printer through the redirection and network for every worksheet send your app into an endless loop of check and recheck. There are 2 potential quick and dirty solutions that will ease your pain.

The user experience:

  1. User attempts to open an Excel file (our has about 215 worksheets all containing simple numerical data – no formulas, macros or VB)
  2. Excel application becomes whited out and the title bar says “Not Responding”

  1. Application hangs but if left untouched the file usually opens in 10-20 minutes, during this time other operations are limited and Excel is locked in processing mode
  2. If the user is impatient, they may attempt to close the app altogether, but they will only be offered choices that will keep them in a continuous cycle of samsara

Microsoft Excel is not responding, AppHangB1 (could be a thousand causes)

a. If the user selects “Check for a solution and restart the program” – the application will attempt to restart and the user will be rewarded with the same thing over and over for eternity

b. “Restart the program” tries to recover the endless loop

c. “Wait for the program to respond” is not very attractive but it’s the only one that will actually work

  1. The user will have to wait a really long time for the file to open, 10-20 minutes or more. Go get a coffee, take a walk outside, chat with people by the water cooler, maybe even get lunch because it takes a while. Then the document finally opens! Usually.
  2. Opening the document in safe mode will not work, 32 bit or 64 bit Office don’t matter (I tested it). But opening the file on a local machine will work.

Solution 1:

  1. Open the Excel file on a local desktop (not in RDS) and select all worksheets by right clicking on the title of any worksheet tab and choosing “Select All Sheets”. It may take a few seconds to load.

  1. On the lower right hand of the screen select “Normal” view

  1. Once all sheets are changed to the Normal view, right click any sheet title and select “Ungroup Sheets”

  1. Save the document and attempt to reopen it in RDS and it should pop open in 1-2 seconds.

Solution 2:
Use this solution if the file must be opened in RDS for the first time and the local machine is not available.

  1. Set the default printer to “Microsoft XPS Document Writer”

  1. Open the Excel file and it should open quite quickly, in our environment it takes about 20 seconds. You may have to train users on setting their default printer if you have not locked this setting in RDS. This solution will obviously also speed things up if used on the local desktop.