After increasing the level of LDAP logging for Active Directory troubleshooting, a number of machine accounts were generating an Event 1535, ActiveDirectory_Domain Service error “00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0.” This event appeared about every hour for a variety of machine accounts (i.e, the user is DOMAIN\MACHINENAME$).
It turns out that this error is generated by that machine account not having full access to the AD object that corresponds to that machine’s DNS entry. These ACLs can be manipulated through the DNS MMC, or programmatically through the DC=DomainDNSZones,DC=[DOMAIN_NAME],DC=[TLD] AD LDAP tree.
On a Dell PowerEdge R710, the Platform Update mysteriously stopped working after one round of platform updates.
After configuring networking, the Platform Update feature in the Dell Unified Server Configurator (Release 1.1) worked fine with the default settings:
But after the update, the Platform Update feature seemed broken. We kept getting the error “A network error occured while trying to connect to the FTP server. Check your network connections, cables, settings, and configuration. Consult with your network administrator, as required.”
I discovered an easy fix after a bit of trial and error. There was an change in the Platform Update had changed, and now required that the location of the update catalog be specified. Entering “catalog” (without quotes) into the Catalog Location field fixes the problem. I suppose the previous version automatically knew where to look.
You can tell the major and minor version of the USC from it’s first screen. During the writing of this post, the before and after looked like this.
Off of the home screen, there is now an ‘About’ option that will tell you the current USC configuration. Much better.
Despite our TFS installation operating correctly, after running the Team Foundation Server 2008 Best Practices Analyzer – October 2008 Release (which I will just call the TFS BPA from this point forward) , we were getting a variety of strange errors. Particularly, a bunch of calls to web services were complaining that the “property ‘UseDefaultCredentials’ cannot be found on this object.” This error would appear over and over again in the TFS BPA logs and the detailed results view.
It turns out that installing PowerShell 2.0 breaks the TFS BPA in an ungraceful manner. The clue was this MSDN Forums post.
In our lab, I like to have each Hyper-V virtual machine entirely self-contained within a single folder. The following describes how the answers to the New Virtual Machine Wizard changes the location of the Hyper-V files themselves.
Let [VHDs] and [VMs] be respective placeholders for the default Virtual Hard Disks and Virtual Machines folders defined in the Hyper-V Settings panel.
If, on the Specify Name and Location page, the virtual machine is named [Name], and the Store the virtual machine in a different location checkbox is unchecked, then
- The Connect Virtual Hard Disk page defaults to creating a VHD with the (file)name [Name].vhd in the location [VHDs]. Data from multiple virtual machines created in this fashion will be comingled, but traceable to a particular machine.
- Upon completion, the wizard places all other VM data within the directory [VHDs]. Data from multiple virtual machines created in this fashion will be comingled, but not easily traceable to a particular machine since Hyper-V uses GUIDs (as opposed to machine names) for file and folder names.
If, however, the Store the virtual machine in a different location is checked, then
- The Location field of the Specify Name and Location page, defaults to [VMs], but can be overwritten. Let [Location] represent the contents of this field.
- The Connect Virtual Hard Disk page defaults to creating a VHD with the (file)name [Location].vhd in the location [Location]\[Name]\. (Naturally, if you did not override the default data in the location field, then the location would be [VMs]\[Name]\)
- Upon completion, all of the files for the virtual machine will be located in the folder [Location]\[Name]\. Even when though Hyper-V uses GUIDs for file and folder names, they will be directly traceable to a particular virtual machine, by virtue of their place in the file system hierarchy.
Microsoft Knowledge Base article KB312571 discusses how to enable automation rotation of event logs.