Windows

Syslog Server storage logs size calculation

Posted on Updated on

Syslog Server storage calculation:
I want to modify the settings so that my logs size is upped from 2mb to 10mb and we rotate after 40 logs not 20.Here we need to do some planning to see if we have enough free space.

Count hosts: 100
Current size log max: 2
Current rotation count: 20
Total possible MB used: 100x2x20 = 4,000MB  (4gb)

Count hosts: 100
Desired size log max: 10
Desired  rotation count: 40
Total possible MB used: 100x10x40=40,000MB (40GB)

So the drive where your logs are stored would need 40gbfree in the above example to be able to service future demands.
How to modify the VMware Syslog Collector configuration after it is installed:

  1. Make a backup of the file:vCenter Server 5.5 and lower%PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml
    vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  2. Open the copied file using a text editor.
  3. Under <defaultValues>, change any of the options to the required values.For example, to increase the log file size to 10 MB and to decrease the number of files retained to 20, modify the attributes:<defaultValues>
<port>514</port>
<protocol>TCP,UDP</protocol>
<maxSize>10</maxSize>
<rotate>20</rotate>
<sslPort>1514</sslPort>

</defaultValues>Note: This configuration in vCenter Server overrides the ESXi host configuration file.

  1. Save and close the file.
  2. Stop the VMware Syslog Collector service.
  3. Remove the file:

    vCenter Server 5.5 and lower    %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml
    vCenter Server 6.0%PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  4. Rename the copy of the modified file to:vCenter Server 5.5 and lower%PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml
    vCenter Server 6.0%PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  5. Start the VMware Syslog Collector service. It may be required to restart the syslog service on the ESXi host if logs are no longer updating on the Syslog Server. To restart the syslog service, see VMware ESXi 5.x host stops sending syslogs to remote server (2003127).

 

The maximum supported number of hosts for use with each vSphere Syslog Collector instance is 30, however depending on the load generated by your environment, you may encounter issues below this number.

To work around this issue, you can deploy multiple instances of vSphere Syslog Collector on separate Windows machine which allows you to distribute the load.

If the customer wishes to continue using vSphere Syslog Collector with more than 30 hosts (current maximum for syslog collector). There are no plans to increase the supported number of hosts. The windows event log error does not apply to the appliance, in some instances we receive no error message but the service simply stops responding or collecting logs.
Alternatively, investigate a more scalable solution such a VMware vRealize Log Insight.

This entry was posted in VMware, Windows and tagged .

Dell ExtPart: The “Magic” Utility for Legacy Partition Expansion | Lazy Admin Blog

Posted on Updated on

If you’ve ever tried to expand a boot partition on an older Windows box (like Server 2003 or 2008) and found the “Extend Volume” option greyed out, you know the frustration. Enter the Dell ExtPart Utility.

This tiny 36KB tool allows for online volume expansion—meaning you can grow your NTFS partition without a reboot.

⚠️ The “Cloud” Warning

Before we dive in, a massive disclaimer: Do NOT use this in a Cloud/Virtual infrastructure (Azure, AWS, or even modern ESXi/Hyper-V). Modern hypervisors and cloud platforms use virtual disk drivers that can become corrupted if a legacy tool like ExtPart tries to manipulate the partition table directly. Use the native Disk Management or PowerShell tools instead.

How to use ExtPart.exe

  1. Download and Extract: It’s a self-extracting archive. Run it and extract extpart.exe to a folder (e.g., C:\extpart).
  2. Open Command Prompt: Run CMD as an Administrator.
  3. Run the Command: Navigate to your folder and use the following syntax: extpart [drive_letter]: [size_to_add_in_mb]

Example: To add 10GB (10240MB) to your C: drive, you would type: extpart c: 10240

Key Specs:

  • File Name: ExtPart.exe
  • Size: 36KB
  • Requirement: NTFS formatted basic disks.
  • Reboot required? No.

Official Download Link:

Installation Quick-Steps:

  1. Click Download File on the Dell page.
  2. Run the ExtPart.exe you just downloaded. It is a self-extractor.
  3. By default, it extracts to C:\dell\ExtPart.
  4. Navigate to that folder to find the actual extpart.exe utility you’ll use in the Command Prompt.

This entry was posted in Windows and tagged , , , , , , , , , .

Installing Disk Cleanup In Windows 2008 Without Rebooting The Server

Posted on Updated on

The Disk Cleanup executable file cleanmgr.exe and the associated Disk Cleanup button are not present in Windows Server® 2008 or in Windows Server® 2008 R2 by default. This is by design, as the Disk Cleanup button is part of the Desktop Experience feature. In order to have Disk Cleanup button appear on a disk’s Properties dialog, you will need to install the Desktop Experience feature.

So in order to use cleanmgr.exe you’ll need to copy two files that are already present on the server, cleanmgr.exe and cleanmgr.exe.mui. Use the following table to locate the files for your operating system.

Windows Server 2008 R2 64 bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe

Windows Server 2008 R2 64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui

Windows Server 2008 64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.0.6001.18000_en-us_b9f50b71510436f2\cleanmgr.exe.mui

Windows Server 2008 64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.0.6001.18000_none_c962d1e515e94269\cleanmgr.exe.mui

Windows Server 2008 32-bit

C:\Windows\winsxs\x86_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.0.6001.18000_en-us_5dd66fed98a6c5bc\cleanmgr.exe.mui

Windows Server 2008 32-bit

C:\Windows\winsxs\x86_microsoft-windows-cleanmgr_31bf3856ad364e35_6.0.6001.18000_none_6d4436615d8bd133\cleanmgr.exe
Once you’ve located the files move them to the following locations:

1. Cleanmgr.exe should go in %systemroot%\System32

2. Cleanmgr.exe.mui should go in %systemroot%\System32\en-US

You can now launch the Disk cleanup tool by running Cleanmgr.exe from the command prompt or by clicking Start and typing Cleanmgr into the Search bar.

 

This entry was posted in Windows and tagged , , , .

Dcdiag Overview

Posted on Updated on

Dcdiag.exe: Domain Controller Diagnostic Tool

The Dcdiag command-line tool is included when you install Windows Server 2003 Support Tools from the product CD or from the Microsoft Download Center

This command-line tool analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, Dcdiag encapsulates detailed knowledge of how to identify abnormal behavior in the system. Dcdiag displays command output at the command line.

Dcdiag consists of a framework for executing tests and a series of tests to verify different functional areas of the system. This framework selects which domain controllers are tested according to scope directives from the user, such as enterprise, site, or single server.

All domain controllers in the same domain are peers of one another and any domain controller can make directory updates.

However, given the way in which directory updates are replicated from one domain controller to another, it is possible that difficulties can arise. For example, if the necessary domain controllers are not connected by a replication topology, the appropriate domain controllers do not receive directory updates when replication occurs.

Also, in order for the (Domain Controller) Locator to find a domain controller, it must have accurate information so that it can properly locate the resource. If a domain controller is incorrectly advertised, the Locator is unable to find it.

This entry was posted in Windows and tagged .

Restart the domain controller in Directory Services Restore Mode locally

Posted on Updated on

If you have physical access to a domain controller, you can restart the domain controller in Directory Services Restore Mode locally. Restarting in Directory Services Restore Mode takes the domain controller offline. In this mode, the server is not functioning as a domain controller.

When you start Windows Server 2003 in Directory Services Restore Mode, the local Administrator account is authenticated by the local Security Accounts Manager (SAM) database. Therefore, logging on requires that you use the local administrator password, not an Active Directory domain password. This password is set during Active Directory installation when you provide the password for Directory Services Restore Mode.

Administrative credentials

To perform this procedure, you must provide the Administrator password for Directory Services Restore Mode.

To restart the domain controller in Directory Services Restore Mode locally

  1. Restart the domain controller.
  2. When the screen for selecting an operating system appears, press F8.
  3. On the Windows Advanced Options menu, select Directory Services Restore Mode.
  4. When you are prompted, log on as the local administrator.

This entry was posted in Active Directory, Windows and tagged .

Change the static IP address of a domain controller

Posted on Updated on

Administrative Credentials

To perform this procedure, you must be a member of the Domain Admins group in the domain of the domain controller whose IP address you are changing.

To change the static IP address of a domain controller

  1. Log on locally (also known as interactively) to the system console of the domain controller whose IP address you want to change. If you are not able to log on to the domain controller by using the domain, you may have to start the domain controller in Directory Services Restore Mode (DSRM). For more information, see Restart the domain controller in Directory Services Restore Mode locally (https://lazyadminblog.com/2015/04/11/restart-the-domain-controller-in-directory-services-restore-mode-locally/).

On the desktop, right-click My Network Places, and then click Properties.

  1. In theNetwork Connections dialog box, right-click Local Area Connection, and then click Properties.
  2. In theLocal Area Connection Properties dialog box, double-click Internet Protocol (TCP/IP).
  3. In theInternet Protocol (TCP/IP) Properties dialog box, in the IP address box, type the new address.
  4. In theSubnet mask box, type the subnet mask.
  5. In theDefault gateway box, type the default gateway.
  6. In thePreferred DNS server box, type the address of the DNS server that this computer contacts.
  7. In theAlternate DNS server box, type the address of the DNS server that this computer contacts if the preferred server is unavailable.
  8. If this domain controller uses WINS servers, clickAdvanced and then, in the Advanced TCP/IP Settings dialog box, click the WINS
  9. If an address in the list is no longer appropriate, click the address, and then clickEdit.
  10. In theTCP/IP WINS Server dialog box, type the new address, and then click OK.
  11. Repeat steps 11 and 12 for all addresses that need to be changed, and then clickOK twice to close the TCP/IP WINS Server dialog box and the Advanced TCP/IP Settings dialog box.
  12. ClickOK to close the Internet Protocol (TCP/IP) Properties dialog box.

After you change the IP address of a domain controller, you should run the ipconfig /registerdns command to register the host record and dcdiag /fix command to ensure that service records are appropriately registered with DNS. For more information, see Dcdiag Overview and subordinate topics for additional information about the Dcdiag tool (https://lazyadminblog.com/2015/04/11/dcdiag-overview/).

Changing the IP settings of a server does not affect the share resources or shared permissions on that server, if the name resolution structure DNS and WINS settings are correctly configured. However, if network drives or passive connections (connections that are made manually from a command prompt or run line) are mapped using the IP address, an update is required. For example, if a client computer has G: drive mapped using the following command net use g: \\192.168.0.199\data and the IP address of the server that hosts the Data shared folder is changed from 192.168.0.199 to 192.168.1.200, the new G: drive mapping command should be changed to net use g: \\192.168.1.200\data. A better solution would be to ensure that DNS name resolution is working properly and to use the server name, as opposed to the IP address, in the command. For example, if the server name is DC1, the command to map a G: drive to the Data share on the server is net use g: \\dc1\data. It changes only if the server name changes; it is not affected if the IP address of the server changes.

This entry was posted in Active Directory, Windows and tagged .