Tag Archives: windows

Resist the urge to flush

Example DNS Client cache on Windows 8
Example DNS Client cache on Windows 8

Every IT guy eventually learns how to flush the local cache for a system’s DNS client. The following command has probably wore many a helpdesk or admin keyboard:

ipconfig /flushdns

There are certainly times where that is the best or only course of action in diagnostics or recovery. For instance, a replacement service may be running with a different IP address such as when a VM or service is moved from one Data Center to the other.

Sometimes the better course is to observe (passively) before any action is taken. Windows PowerShell offers a simple commandlet, Get-DnsClientCache that can be very helpful showing each entry of a host and other useful information such as record type, TTL and the IP addresses. Combine the basic command with some simple processing for more power (below):

PS C:\Users\User> Get-DnsClientCache | where entry -Contains youtu.be

Entry                     RecordName                Record Status    Section TimeTo Data   Data                                      
                                                    Type                     Live   Length                                           
-----                     ----------                ------ ------    ------- ------ ------ ----                                      
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4                             
youtu.be                  youtu.be                  A      Success   Answer      58      4                             
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4                             
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4                            
youtu.be                  youtu.be                  A      Success   Answer      58      4


Go ahead and try it out on your Windows system the next time you feel the urge to flush.



Poor Man’s IE Session Management

Perhaps I should call this post, “Lazy Man’s IE Session Management”.

On IE9 and IE10 I’ve always wanted a session manager. Well, until I find or make one, I’ll make do with the following PowerShell script:

Get-Process| where name -eq iexplore | foreach kill

or, the PowerShell-less .bat

taskkill /f /im iexplore.exe


When I relaunch IE, I can choose to immediately recovery the session or postpone and later start the recovery via the About:Tabs or Tools link.

For sessions that I regularly start,  a simple About:Tabs with my stock choices bring me to particular tasks/projects or workflows.

Now what I’d like to do for IE intensive loads is to create a script that will load X instances of IE, each window housing related tab but only loading under lower process priority and with a even watch to wait for prior tabs and window load completions…

Stuck Windows Public Networks

Windows 7 offers three types of networks as managed within the Network and Sharing Center: Home, Work, Public. Each type allows for customization of security policies such as what services are allowed through the Windows Firewall.

While the Home and Work types are relatively straight forward, what is Public is not always so. Sure, I have a string of thirty Starbucks and other Wifi hotspots that are obviously Public (as I set them to be upon connection), but you may encounter Public networks defined within your system that you were never given the choice to select in which category it fell. This special case of Public in fact is a network to which you connect that does not have a defined default gateway attribute. Microsoft further decided that these “unknown” Public networks cannot be made “known” with a reassignment to another class such as Work. So what’s the best way to handle this situation should you encounter it?

There is no single answer to the best means of addressing this Windows quirk, but there are common sense approaches that will allow consistent and predictable results. I outline the here one such avenue.

One of my typical use cases is creating special networks for my clientele. For example, in the graphic above I needed to demonstrate accessing a public static NAT through a next-generation firewall from a system within the same zone and interface upon which the “public” server resided. As the demonstration system is running virtual servers which are multi-homed, firewalled with true Internet access via another interface, adding a generic default gateway is never an option. So how can you have your cake and eat it too?

The answer is simple, add a weighted gateway to the interface then assign the connection to the zone in which you want it. :-)

Windows Active Directory as Virtual Machines

There are several major considerations for running virtual domain controllers. While I support and recommend VDC use, some common sense precautions need be taken.

  • Ensure the basic virtual networking configuration for the VDC is within Windows Sites definitions and their appropriate subnets.
  • Confirm connectivity for full Microsoft DS IP-suite ports to the Virtual Hosts Farms. This means routing and firewalls should be in place and tested. Note that bridgeheads are applicable in more constrained environments but any type of autotopology support is usually preferable – especially with Windows 2003 and 2008.
  • If using DCs with Virtualization HA features such as VI3′s, make sure the above is true and safely test.
  • Don’t treat VDCs like regular Windows servers – they aren’t. You can risk serious issues if you think you can just fall back on a snapshot or a prior image file. MSDS like DNS uses a serial number of sorts (the USN). You don’t want to cause issues in one of the most important systems in your environment.
  • Exercise care when restoring with backup software whether Microsoft certified or not. Use the principle of doing the least required. Restoring a DC from even a trusted backup application still should be treated with gravity.

Microsoft themselves further recommends the following to prevent the domain’s Update Sequence Numbers (USN) being rolled back from causing issues (from Technet).

  • Do not take or use a snapshot of a domain controller virtual machine.
  • Do not copy the domain controller VHD file.
  • Do not export the virtual machine that is running a domain controller.
  • Do not restore a domain controller or attempt to roll back the contents of an Active Directory database by any other means than a supported backup solution, such as Windows Server Backup.

Now, really, all the above applies to _physical_ DCs as well (or for that matter, P2Ving, V2Ping, P2Ping, or V2Ving), but the point is that with the proliferation of Virtualization that it is much too easy to shoot yourself in the foot.

For more information, please see my Microsoft Systems Resource page.

Microsoft’s Next Generation “Mojave” OS

You may have already read about the “Mojave Experiment” but if you haven’t let me briefly explain. Microsoft decided to remove bias from a series of tests with users by changing Vista superficially. Market researchers then presented the “new” OS and interviewed the participants for their experience. I laud the method – because what geek hasn’t done it themselves! ;-)


It’s almost a regular game to make my machines, OSs and Window Managers to look or function like something other than what it is. Whether it be fvwm95, LiteStep, DeskView/X, WindowMaker, (yes, I like NeXT) and the myriad of combinations and offerings, geeks abound that love or need such customization and personalization.


Throw a little bit of virtualization in the mix and multibooting, combined with visual element modification and (a bit more deep) changing of response strings and stack attributes and anyone (including the owner/admin) can be astoundingly confused!
Vista certainly looks neat – but compiz and such (albeit with limited systems/drivers support) can be WICKED too. I have nothing against Vista in certain situations and have been testing/playing with it since early releases. In fact, I run it daily in the lab, on a few test systems, and in virtual machines on my Macs, Linux and ESX boxes. My worst experiences truly occurred prior to SP1 and on physical hardware. My most evil experiences were on 64-bit machines with 64-bit Vista…  There is a time and a place for all.


So, check out the link to Microsoft Mojave above if you wish. It’s marketing but it won’t kill you.




Mac VMware Fusion and Linux Machines Blip

Oddly, after updating to the newest VMware Fusion on my MacBook Pro, EVIL gremlins decided to attack my VMs. Little pests they can be.

For the record, I updated from Fusion 1.1.2 to 1.1.3 prior to completing 10.5.2 to 10.5.3 Leopard update which fixes a notorious , wicked bug (system lockups under intense disk usage). Of course running as many windows/tabs as for I am famous in my circles on my host and guests combined, frequently pegs my disk I/O. Afterall, isn’t that for what preemptive multitasking exists – to maximize your productivity and that of your system by combining workloads with safe, proportionate resource assumption.

For the uninitiated into VMware, it’s guests, the hosted Virtual Machines, best perform and function with a package called VMware Tools. The VMware Tools package handles some pretty core items such as connected state of the hardware (e.g., audio and network controller), time synchronization, and virtual disk management (e.g., shrinking). VMware makes excellent tools for their Windows hosts and satisfactory versions for non-Windows systems such as Linux and BSD. I’ll cease my foray into VMware here and get back to the point.

When one upgrades a VMware host, there is a period which the guests will be running the old VMware Tools on the new version of the host. Additionally, on non-Windows systems, you must compile the Tools packages yourself. I don’t like to rush to conclusions, but it would seem that this combination alone may not have played well together. As a result of a short run the following occured across my VM guests.

  • My CentOS virtual machine became non-responsive.
  • My Ubuntu virtual machine’s network PCI interrupt became permanently disabled.
  • My KNOPPIX virtual machine became non-responsive until reboot.

I rebooted the CentOS guest and needed to run massive filesystem repairs (ultimately, I chose to restore to a backup).

The Ubuntu machine is a long story but the way I resolved the issue was to add/hook into another set of network cards, leaving the original momentarily. The new controllers came up on alternate PCI addresses and work fine under the old and recompiled binaries.

KNOPPIX is just nice – it will always be one of my favs… I just rebooted it of course.

I hadn’t had my other VMs in use and need to rebuild their tools (BSD-based)… I build them on a different system like a good boy so I can install them straight off the bat.

All is well… this only reinforces the need to have regular (and tested) backups for more than just your data. Your time is worth it let alone the mitigation of risk.