Thursday, February 4, 2016

How to seize FSMO roles

  1. Log on to a working DC
  2. Open Powershell with Admin privileges
  3. Enter the following command to seize all roles
    Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole 0,1,2,3,4
  4. Run the following command to confirm all roles have been seized. You should see the "Target-DC" as now holding all roles.
    netdom query fsmo

Wednesday, February 3, 2016

HowTo: Remove a dead DC from the domain

**Warning** ntdsutil is a powerful and unforgiving tool. Be sure you know exactly what operations it will be performing before you proceed. You will also want to confirm that the DC you're removing no longer holds any FSMO roles before proceeding.


This guide will show you how to manually remove a Domain Controller (DC) that is no longer online, or is unable to demote itself as a DC.

Forcibly remove from AD DS using NTDSutil

  • Open cmd.exe and run the following commands
  • Be sure to choose the correct server, or your Active Directory environment could become unstable
  • You will need to replace things like "serverName" with the actual name of the server you're working with
metadata cleanup
connect to server serverName
select operation target
list domains
select domain domainNumber
list sites
select site siteNumber
list servers in site
select server serverNumber
remove selected server
Click "yes"

Remove the DC from Sites and Services

  • Open "Active Directory Sites and Services" from the programs menu (or run dssite.msc)
  • Navigate to Sites default-first-site-name servers serverName
  • Right-click the serverName and choose "delete"

Manually remove DNS records

  • Browse through DNS and manually remove any associated A, NS, or CNAME records
  • Ensure SRV records no longer exist by opening cmd.exe and running the following commands. If any records for your dead DC, you will need to manually remove them.
  • nslookup
    set type=all

Tuesday, February 2, 2016

Commands: Sudo!!

If you're like me, you often forget to type sudo before a command that requires admin privileges and you probably see a lot of messages like this:

Simply type

to add the sudo command to the beginning of your last command

Monday, February 1, 2016

HowTo: Set up an Ubuntu workstation on an ESXi server


This guide will show you how to install a Ubuntu workstation on ESXi, and connect to it via RDP.

Initial Setup

  • Download ISO
  • Build VM w/16GB & 100GB drives, 2 vCPUs and 4GBs of RAM
  • Attach ISO, boot, install Ubuntu (installation guide)

VMware tools installation

  • Initiate the VMware tools installation through vsphere client
  • Extract the installer to the Desktop
    tar xzvf /media/<username>/VMware Tools/VMwareTools-9.4.0-1280544.tar.gz -C
  • Run the installer
    cd ~/Desktop/vmware-tools-distrib
    sudo ./ -d

Configure Static IP

  • Open network configuration file
  • sudo nano /etc/network/interfaces
  • Enter static IP information
  • auto <interface>
    iface <interface> inet static
  • Hold ctrl+o to write file

Update & Install necessary packages for RDP access

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install xrdp
sudo apt-get install xfce4
sudo apt-get install xfce4-terminal
sudo apt-get install gnome-icon-theme-full tango-icon-theme
echo xfce4-session >~/.xsesson

Configure xfce for RDP access

Open file for editing

nano /etc/xrdp/

Update configuration to start xfce


if [ -r /etc/default/locale ]; then
  . /etc/default/locale


Restart xrdp service

sudo service xrdp restart

Connect to your VM from a Windows machine

Wednesday, May 7, 2014

HowTo: Log On To Office 365 Using PowerShell


Run this PowerShell script to log on to Office 365 Exchange Management Shell and MSOL. When run, the script will prompt you to enter your Office 365 credentials, then connect to both services.


Download and install Microsoft Online Services Sign-In Assistant for IT Professionals BETA

Download and install Windows Azure Active Directory Module for Windows PowerShell (64-bit version)
Set-ExecutionPolicy RemoteSigned


Download and save script 365Logon.ps1

Run script

Wednesday, November 14, 2012

HowTo: License a single VMware ESXi host


ESXi registration is free, although the steps to getting a license key are not necessarily straight-forward. You will need to register a free account with VMware in order to get a license key.

Get a license key

1. Log on to and register and account. The current link is:
2. Log in using your account
3. Go to vSphere download page. The current link for version 5.1 is:
4. Scroll down to "License Information" section

Now that you have your key, you will need to assign it to your ESXi host

Assign the key to the host

1. Log on to host using vSphere
2. Go to "Inventory"
3. Highlight the host's IP address
4. Go to "Configuration" tab
5. Click on "Licensed Features" under "Software" section
6. Click "Edit..." on the right hand side

7. Select "Assign a new license key to this host"
8. Click "Enter Key..."
9. Copy/paste your key here
10. Click "OK"
11. You should now see the word "Never" in the "Expires" section

Tuesday, November 13, 2012

QuickStart: System File Checker tool for Windows


The System File Checker tool (SFC) calculates a hash for each Windows system file, and compares it with the hash from the original system file. An un-modified version of all system files are kept in the Winsxs folder in Windows Vista and later. In Windows XP and earlier, you must use an OS CD to provide the SFC tool with an un-modified version of the system files. If desired, you can load a copy of the Windows XP CD onto the hard drive and point SFC to it using a registry key, but that is beyond the scope of this post.


I find this tool to be most useful after a malware infection. I always run it in this case just to make sure important Windows system files are intact. Of course, the only way to be completely sure you have a clean system after an infection is to re-install the OS. The SFC tool is also useful for cleaning up broken system files that have resulted from some kind of disk corruption.

These commands will work on all OSs, XP and newer.

Run a full verification & replacement scan

1. Open a command prompt
2. Enter:
sfc /scannow

Run a full verification scan

1. Open a command prompt
2. Enter:
sfc /verifyonly

Scan and replace a single file

1. Open a command prompt
2. Enter:
sfc /scanfile=c:\windows\system32\file.dll

Verify a single file without replacing it

1. Open a command prompt
2. Enter:
sfc /verifyfile=c:\windows\system32\file.dll

More information

See the following sites for more information on this tool and how to use it: