Recommended antivirus exclusions for Hyper-V hosts

Posted on

If antivirus software is installed and running on a Hyper-V host, there are several exclusions and options that you should configure for optimal operation of Hyper-V and the running virtual machines.

Configure the real-time scanning component within your antivirus software to exclude the following directories, files, and processes:

  • All directories that contain VHD, VHDX, AVHD, AVHDX, VSV, and ISO files
  • The following default virtual machine configuration directory, if it’s used, and any of its subdirectories:
  • The following default virtual machine virtual hard disk files directory, if it’s used, and any of its subdirectories:
    C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks
  • The following default snapshot files directory, if it’s used, and any of its subdirectories:
  • The following default Cluster Shared Volumes path, if you’re using Cluster Shared Volumes, and any of its subdirectories:
  • Any custom virtual machine configuration directories, if applicable
  • Any custom virtual hard disk drive directories, if applicable
  • Any custom replication data directories, if you’re using Hyper-V Replica
  • If antivirus software is running on your file servers, any Server Message Block protocol 3.0 (SMB 3.0) file shares on which you store virtual machine files
  • Vmms.exe

    Note This file may have to be configured as a process exclusion within the antivirus software.

  • Vmwp.exe

    Note This file may have to be configured as a process exclusion within the antivirus software.

Script to find UUID of RDM Luns in Hyper-V

Posted on Updated on

Run the below command in the Powershell to get the ouput in the text format.

get-cluster ‘custername’ | Get-VM | Get-HardDisk -DiskType “RawPhysical”,”RawVirtual” | Select Parent,Name,DiskType,ScsiCanonicalName,DeviceName | fl | Out-File –FilePath C:\temp\RDM-list.txt

How to rename the local administrator with Group Policy

Posted on

To improve security in your Active Directory domain, you should rename the administrator account because this lowers the risk of brute force attacks. Renaming the administrator account and resetting its password on all computers in your AD domain can be easily done via Group Policy.

Open the Active Directory Group Policy Management console, create a new GPO, and link it to your desired OU. Of course, you can also work with an existing GPO.

Linking a GPO to an OU

Right-click the new GPO or an existing GPO and select Edit. This will launch the Group Policy editor. Now, browse to the following Group Policy setting: Computer Configuration > Preferences > Control Panel Settings > Local Users and Groups.

Renaming the administrator account

As you can see in the screenshot above, right-click Local Users and Groups and then navigate toNew > Local User.

On the next screen, you select the user name you would like to use for the administrator account:

Selecting the user name

Select the following:

Action – Select Update.

User name – Select Administrator (built-in).

Rename to – Enter the new user name.

Full name – Enter your desired name.

Description – Add a description (optional).

Password – Set a new password (optional).

Check boxes – Verify that the check boxes comply with your company policies.

The GPO is now configured and can be deployed in your network. The refresh interval for computer settings is 90 minutes. If you want to apply the GPO immediately on a client computer, open a command prompt and type gpupdate /force at the command line.

Alternatively, you can reboot the computer. If you are finding that a computer isn’t applying the policy, simply run gpresult /r at a command line to see whether your new GPO is listed:

 Checking if the GPO has been applied

If it’s not listed or if you see a permission error message, go back to Active Directory Users and Computers and check the OU to which you have the policy applied. Also check whether the computer contains that OU. Perhaps the computer is in a different OU and therefore doesn’t pick up the policy.

Also check the GPO settings. In the Security Filtering section, ensure that the GPO is applied to Authenticated Users; in the Links section, verify that the correct OU is linked to the GPO :

GPO security filtering

If the policy is still not applied to some of your computers and you have checked all the above, then your domain controllers might not replicate the GPO properly.


Standard Windows Monitoring Threshold Parameters

Posted on Updated on

Confused with setting up Threshold Parameters on the Tools Server for Performance Monitoring?

Here are the typical parameters and the threshold limit with Warning, High, Alert levels with polling intervals. This will depend upon the SoW signed with the client.

Standard Windows Monitoring

RoD is nothing but Remedy on Demand.

How to configure a Dell iDRAC card without rebooting

Posted on Updated on

First of all download the Racadm tool from the this link. It is included in Dell OpenManage DRAC Tools. The Dell Remote Access Controller (DRAC) console is management station software designed to provide remote management capabilities for the Dell systems. You can remotely connect to the DRAC hardware and access the DRAC features either by using a web browser or the RACADM Command Line Interface (CLI). RACADM CLI is the command line user interface to the DRAC.

Syntax Usage

The following shows an example of a simple RACADM subcommand, getsysinfo, used with each RACADM utility. See the end of this article for links to documentation containing the full list of RACADM commands.


Remote RACADM commands must include the ip address or hostname of the idrac, and the idrac username and password.

racadm -r <ip address or hostname> -u <username> -p <password> <subcommand>

racadm -r -u root -p calvin getsysinfo

NOTE: Remote racadm uses the web server SSL certificate of the iDRAC to authenticate the session. You will receive a warning message if certificates have not been configured or if the certificate is invalid. However, the command will execute normally following the message. If you wish to halt the command on certificate errors, use the -S option in the command. For information on configuring certificates on the iDRAC, see the user’s guide for your iDRAC linked at the end of this article.


You do not have to specify the ip address, username, or password in Local RACADM commands.

racadm <subcommand> eg. racadm getsysinfo

racadm getniccfg

racadm setniccfg –s
racadm getconfig -g cfgLanNetworking
racadm config -g cfgLanNetworking -o cfgNicIpAddress
racadm config -g cfgLanNetworking -o cfgNicNetmask
racadm config -g cfgLanNetworking -o cfgNicGateway
racadm config -g cfgLanNetworking -o cfgDNSServer1
racadm config -g cfgLanNetworking -o cfgDNSServer2
racadm config -g cfgLanNetworking -o cfgDNSRacName ServerName-DRAC
racadm config -g cfgLanNetworking -o cfgDNSDomainName

SSH/Telnet/Serial (Firmware) RACADM

You do not have to specify the ip address, username, or password in Firmware RACADM commands.

racadm <subcommand>   eg. racadm getsysinfo


racadm <Enter> – takes you to a racadm>> prompt  eg. racadm>>getsysinfo

Raising a support case for ProLiant/Blades Series Servers, the step by step approach!

Posted on Updated on

Now a days HP has segregated the support types, the server support comes under Hewlett Packard Enterprise.

Select your product

HP ProLiant BL Server Blades

HP ProLiant CL Servers

HP ProLiant DL Multi Node Servers

HP ProLiant DL Servers

HP ProLiant MicroServer

HP ProLiant ML Servers

HP ProLiant Packaged Cluster Servers

HP ProLiant Scalable Systems

HP ProLiant WS Workstation Blades

HP Server tc Series


if you are not able to find your product, check the below link to manually search the server model/ number in the Hewlett Packard Enterprise Products: eg. ProLiant DL360 Gen9


HP warranty and support

You will get log of results like below:


HP Support
Select the appropriate one, for me it is in yellow as above. Clicking it will land you to the product page as below. You will find Top issues, Most viewed solutions, manuals, Trouble a problem links which are very useful from troubleshooting point of view as all the known issues will be captured there. Apart from these you will find the latest drivers links with respect to the OS on the server etc. Most importantly, You can check the product warranty information from this page.


hp support page


Finally if the above of these do not help then you can raise case by clicking the below link. You need to create a HP passport login in case you do not have an account. HP Passport is a single sign in service that lets you use one User ID and password for all HP Passport-enabled websites.

Submit or manage support cases

hp support manager

You may also check existing ticket updates by providing the case ID.

I hope techies find it useful 🙂


Unable to view Roles and Features and receive error code 0x800706BE in Server Manager

Posted on

In this scenario, roles and features are not displayed with a yellow bang against them in the Server Manager window. You receive the following error message at the bottom of the Server manager if you try to open it:

Server Manager
Unexpected error refreshing Server Manager: The remote procedure call failed. (Exception from HRESULT: 0x800706BE)
For more information, see the event log: Diagnostics, Event Viewer, Applications and Services Logs, Microsoft, Windows, Server Manager, Operational.)

At the same time, the event below is added into the Microsoft-Windows-ServerManager/Operational log:

Log Name:      Microsoft-Windows-ServerManager/Operational
Source:        Microsoft-Windows-ServerManager
Date:          <date & time>
Event ID:      1601
Task Category: None
Level:         Error
User:          <user name>
Computer:      <computer name>
Could not discover the state of the system. An unexpected exception was found:
System.Runtime.InteropServices.COMException (0x800706BE): The remote procedure call failed. (Exception from HRESULT: 0x800706BE)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at Microsoft.Windows.ServerManager.ComponentInstaller.CreateSessionAndPackage(IntPtr& session, IntPtr& package)
at Microsoft.Windows.ServerManager.ComponentInstaller.InitializeUpdateInfo()
at Microsoft.Windows.ServerManager.ComponentInstaller.Initialize()
at Microsoft.Windows.ServerManager.Common.Provider.RefreshDiscovery()
at Microsoft.Windows.ServerManager.LocalResult.PerformDiscovery()
at Microsoft.Windows.ServerManager.ServerManagerModel.CreateLocalResult(RefreshType refreshType)
at Microsoft.Windows.ServerManager.ServerManagerModel.InternalRefreshModelResult(Object state)

Here are the steps to fix the issue:

  1. Get the Microsoft Update Readiness Tool from the location:
  2. Run the Microsoft Update Readiness Tool on the problematic computer.
  3. You open the %Systemroot%\Windows\logs\CBS\Checksur.log file after the scan was completed.
  4. You check corrupt information in the files. Here are some samples:

(f) CBS MUM Corrupt 0x00000000 servicing\Packages\Package_for_KB978601~31bf3856ad364e35~amd64~~  Expected file name Package_for_KB978601_server~31bf3856ad364e35~amd64~~ does not match the actual file name

(f) CBS MUM Corrupt 0x00000000 servicing\Packages\Package_for_KB979309~31bf3856ad364e35~amd64~~  Expected file name Package_for_KB979309_server~31bf3856ad364e35~amd64~~ does not match the actual file name


(f) CBS MUM Corrupt 0x800B0100 servicing\Packages\Package_for_KB978601~31bf3856ad364e35~amd64~~ servicing\Packages\ Package manifest cannot be validated by the corresponding catalog
(f) CBS MUM Corrupt 0x800B0100 servicing\Packages\Package_for_KB979309~31bf3856ad364e35~amd64~~ servicing\Packages\ Package manifest cannot be validated by the corresponding catalog


(f) CBS MUM Missing 0x00000002 servicing\packages\Package_114_for_KB955839~31bf3856ad364e35~amd64~~
(f) CBS MUM Missing 0x00000002 servicing\packages\Package_83_for_KB955839~31bf3856ad364e35~amd64~~

Further down you will see:

Unavailable repair files:

These files need to be copied into: %systemroot\Windows\Servicing\Packages

  1. You first need to gain control over that folder. In order to do this use the following commands:

    takeown /F c:\Windows\Servicing\Packages /D y /R

  2. Now assign full control using following command. This will grant you full control over the directory:

    cacls c:\Windows\Servicing\Packages /E /T /C /G “UserName”:F

  3. Now you need to gather the missing or corrupted files from the checksur log:
    Download the KB files for the missing files.

    servicing\packages\Package_for_ KB978601 ~31bf3856ad364e35~amd64~~

  4. Unpack them using the following command:

    Expand -F:* UpdateKBXXXX.msu x:\DestinationDirectory

  5. After you expand you will see a File. Expand it as well:

    Expand -F:* UpdateKBXXXX.CAB x:\DestinationDirectoryCAB
    Inside of this cab you will need to grab 2 files: update.mum and

  6. Rename the gathered update.mum and files exactly as they are in the checksur.log:

    Ex.: update.mum for KB978601 will be Package_for_ KB978601 ~31bf3856ad364e35~amd64~~
    Do the same for for all the other missing/corrupt files and place them into the directory specified in checksur.log (/servicing/packages)

After these steps the problem should be fixed. No reboot required.

Robocopy command to copy huge files and monitor their status

Posted on

robocopy “source_folder” “destination_folder” /s /e /tee /log+:”C:\temp folder\rcpylog.txt

FYI :- log+ option will create a log file which can be monitored by anyone who have access to the server.

How to generate a HP Survey log Offline?

Posted on

1) Boot the server using Smart Start CD

2) Select language as English (US), keyboard layout as US English and click Next

3) Accept HP EULA by clicking Agree button

4) Now you are the home page of SmartStart CD

5) Click on Maintenance from SmartStart CD Homepage

6) Now you are at the Maintenance Options window
7) Select HP Insight Diagnostics

8) The Survey tab is displayed by default

9) Change CATEGORY from ‘Overview’ to ‘All’ (The page would refresh after this)

10) Change VIEW LEVEL from ‘Summary’ to ‘Advance’ (The page would refresh after this)

11) Click ‘Save’ (internal or USB floppy drive would be required to save the log file)

How to generate a Survey log Online

Install HP Insight Diagnostics from the HP Service Pack for ProLiant

  1. Obtain the HP Service Pack for ProLiant (SPP) ISO image from


  1. As the super-user (root), mount the ISO image using the GUI, or from the command line using

the mount command.

NOTE: You may also burn the ISO image to a writable DVD using appropriate software, then insert the DVD into the server’s optical disk drive and open its contents.

  1. As the super-user (root), navigate to the directory hp/swpackages and run hpsum.exe.
  2. In HP Smart Update Manager (SUM), configure the Default source and localhost target. See HP SUM documentation for more information.
  3. Choose Select Components and ensure that the HP Insight Diagnostics Online Edition for Linux

component is selected. Select or unselect other components as desired, then click OK when done.

  1. Click Install to install Insight Diagnostics and any other selected components.
  2. Click Exit to exit HP SUM.

Starting HP Insight Diagnostics for Windows Online Edition

Starting from the Windows Start menu

  1. Go to Start > All Programs > HP System Tools.
  2. Select HP Insight Diagnostics Online Edition for Windows.

Starting from the HP Systems Insight Manager

  1. In HP Systems Insight Manager, go to the Device page.
  2. Select HP Insight Diagnostics from the Device Links box.

Starting from the HP System Management Homepage

  1. Click HP System Management Homepage on the Windows desktop.
  2. Click Webapps.
  3. Click HP Insight Diagnostics in Other Agents.

Starting HP Insight Diagnostics for Linux Online Edition from the HP System Management Homepage

  1. Open the browser.
  2. In the address field, enter the following:


  1. Press Enter. The System Management Homepage appears.
  2. Click Webapps.
  3. Click HP Insight Diagnostics in Other Agents

The Survey tab is displayed by default

Change CATEGORY from ‘Overview’ to ‘All’ (The page would refresh after this)

Change VIEW LEVEL from ‘Summary’ to ‘Advance’ (The page would refresh after this)

Click ‘Save’ (internal or USB floppy drive would be required to save the log file)

How to backup and restore share/NTFS permissions

Posted on

This can come handy in critical situations. By following some steps, backup and restore of the Share/NTFS permissions can be done. Here it is how:

Share permissions Backup/Restore

To backup share permissions, export the Shares registry key.

1.Open Regedit to the following location:


2.Right-click the Shares registry key and select Export. Give it a file name such as shareperms.reg.

When you want to restore the permissions, double-click shareperms.reg to import it back into the registry.

Use the Reg tool to backup the registry key from the command line:

reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares shareperms.reg

If you need to restore it at some point, just run:

reg import shareperms.reg

NTFS permissions Backup/Restore

Use this command to backup NTFS permissions:

icacls d:\data /save ntfsperms.txt /t /c

The /T switch allows it to get subfolder permissions too. The /C switch allows it to continue even if errors are encountered (although errors will still be displayed).

Use this command to restore them:

icacls d:\ /restore ntfsperms.txt

Note that in the command to save the permissions, I specified the target folder D:\Data, but when I restored them, I specified just D:\ as the target. Icacls is a little funky like that, and here’s why.

If you open the text file with the exported permissions (ntfsperms.txt in the above example), you’ll see that Icacls uses relative paths (in bold below). Underneath the relative paths are the permissions for the folders in Security Descriptor Definition Language (SDDL) format.







Had I specified D:\Data in the command to restore the permissions, it would have failed looking for a D:\Data\Data folder:

D:\>icacls d:\data /restore perms.txt

d:\data\data: The system cannot find the file specified.

Successfully processed 0 files; Failed processing 1 files

You might think specifying D:\ as the target in the restore command may somehow mess up the permissions on other folders at that level, but as you can see from the ntfsperms.txt output file, it only has information about the Data folder and sub folders, so that is all it will change.