IPSEC Service fails to start in Windows 2003 Server with Error 2: The system cannot find the file specified

Upon rebooting a Terminal Server that had resource issues, we could not log back into the server through RDP.  We could log in through iLO, and it was apparent that the logins were working but they were very slow.  Upon examining the services, we could see that the IPSEC service was not started. 

Trying to manually start the service gave the following popup: “Could not start the IPSEC Services service on Local Computer.  Error 2: The system cannot find the file specified.”  The event logs also showed that TCP/IP was in blocking mode. 

Disabling the service and rebooting restored all network communication, but trying to start the service would drop all connectivity again and slow down the server.  I found another article that said that IPSEC may need to be rebuilt.  When I looked for the registry keys for IPSEC, they were not there.  After I ran the following commands, the registry keys were populated, and IPSEC was able to run properly.

To rebuild IPSEC, follow these steps: [more]

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\IPsec\Policy\Local.  (In my case, the server’s registry ended before IPsec.  If this is the case, skip to step 6.)
  3. On the Edit menu, click Delete.
  4. Click Yes to confirm that you want to delete the subkey
  5. Quit Registry Editor
  6. Click Start, click Run, type regsvr32 polstore.dll, and then click OK.

Remote Desktop CredSSP encryption Oracle remediation Registry fix

This is a quick credssp registry fix for the following error when trying to connect to a machine using RDP (Remote Desktop):

Image showing RDP CredSSP Authentication Error when connecting to a host with RDP

This is because the server you are connecting to is not patched up to date, and the machine you are connecting from is. Modify the registry to allow your machine to connect to it:

  1. Open Regedit.
  2. Navigate to the following registry key, or create it if it does not exist:
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters
  3. Create a new DWORD value called “AllowEncryptionOracle
  4. Set the new registry entry to have a value of 2:

Image showing AllowEncryptionOracle registry entry being set to a value of 2

    5. Connect to the server that you were unable to connect to before.

Run this from an elevated command prompt to achieve the same result:

  • REG ADD “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /v AllowEncryptionOracle /t REG_DWORD /d 2

VSS writers and VSS writers Related Windows Services details

VSS writers and VSS writers Related Windows Services details are below:

VSS WriterService NameService Display Name
ADAM $instanceName WriterADAM_$instanceName$instanceName
ASR WriterVSSVolume Shadow Copy
BITS WriterBITSBackground Intelligent Transfer Service
Certificate AuthorityCertSvcActive Directory Certificate Services
COM+ REGDB WriterVSSVolume Shadow Copy
DFS Replication service writerDFSRDFS Replication
DHCP Jet WriterDHCPServerDHCP Server
FRS WriterNtFrsFile Replication
FSRM writersrmsvcFile Server Resource Manager
IIS Config WriterAppHostSvcApplication Host Helper Service
IIS Metabase WriterIISADMINIIS Admin Service
Microsoft Exchange Replica WriterMSExchangeReplMicrosoft Exchange Replication Service
Microsoft Exchange WriterMSExchangeISMicrosoft Exchange Information Store
Microsoft Hyper-V VSS WritervmmsHyper-V Virtual Machine Management
MSMQ Writer (MSMQ)MSMQMessage Queuing
MSSearch Service WriterWSearchWindows Search
NPS VSS WriterEventSystemCOM+ Event System
NTDSNTDSActive Directory Domain Services
OSearch VSS WriterOSearchOffice SharePoint Server Search
OSearch14 VSS WriterOSearch14SharePoint Server Search 14
OSearch15 VSS WriterOSearch15SharePoint Server Search 15
Registry WriterVSSVolume Shadow Copy
Shadow Copy Optimization WriterVSSVolume Shadow Copy
SharePoint Services WriterSPWriterWindows SharePoint Services VSS Writer
SMS WriterSMS_SITE_VSS_WRITERSMS_SITE_VSS_WRITER
SPSearch VSS WriterSPSearchWindows SharePoint Services Search
SPSearch4 VSS WriterSPSearch4SharePoint Foundation Search V4
SqlServerWriterSQLWriterSQL Server VSS Writer
System WriterCryptSvcCryptographic Services
TermServLicensingTermServLicensingRemote Desktop Licensing
WDS VSS WriterWDSServerWindows Deployment Services Server
WIDWriterWIDWriterWindows Internal Database VSS Writer
WINS Jet WriterWINSWindows Internet Name Service (WINS)
Windows Server Storage VSS WriterWseStorageSvcWindows Server Essentials Storage Service
WMI WriterWinmgmtWindows Management Instrumentation

Add members to O365 Security Groups using Azure AD Powershell Module

Step 1. Create a CSV file with a column “UserPrincipalName” and add all users under it who are to be added as a member of the group.


Step 2.  Run The below command to import the csv file and get the object IDs for members to be added to group

Import-Csv C:\temp\Members.csv csv  | Foreach {Get-Msoluser -UserPrincipalName $_.Userprincipalname | select Objectid } | Export-csv C:\temp\MembersWithObjectID.csv

This will convert the user’s identity to their unique guid details, and export it to the same CSV file.


Step 3. Collect the guid ID of the security group as well to which you want to add the mebers

The below command will help with the object ID of the Group.

Get-MsolGroup  “SecurityGroupName” | FL

I have my object ID as below.

ObjectId                  : XXXXXX-XXXX-XXXX-XXXXXXXXX


Step 4. Run the below command to Add members in the CSV to the Group.

$sub2 = Import-Csv C:\RAhul\sspruser.com.csv

Import-Csv C:\temp\MembersWithObjectID.csv | Foreach {Add-MsolGroupMember -groupObjectid ‘XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX’ -GroupMemberObjectId $_.ObjectId -GroupMemberType User}


Step 5. Verify the users from the Group just added.

Get-MsolGroupMember -all -groupObjectid ‘XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX’ | Select DisplayName,EmailAddress,GroupMemberType | Export-csv C:\temp\security-group-members.csv

How to take Azure DNS backup using Azure CLI script

I am also trying to find some easy way rather than complex methods to do via scripts. For Azure we have variety of methods to operate including powershell and CLI. Here we can use the CLI method to export the Azure DNs zone files to txt and we can import them again using very less effort in CLI to restore. For restring refer to the article How to import/export DNS zone file to Azure DNS using CLI here.

You can download the readymade script from the link Azure DNS Zone Imports Script.

cd\

#Login to Azure using CLI with Username and Password
az login -u <Put Username Here> -p <Put Password Here>

#Select Subscription
az account set -s <Put Subscription Name here>

#Set date format to create folder automatically with the date to export zone files
$date = Get-Date
$dateFormat = $date.ToString(“yyyy-MM-dd”)
New-Item -ItemType directory -Path “D\AzureDNSBackup\$dateFormat”

#Use below command to export the each zone file one at a time
az network dns zone export -g “Put Resource Group Name Here” -n “Put zone name here” -f “D:\AzureDNSBackup\$dateFormat\ZoneFileName.txt”

#Export the list of zone files from folder to a file
Get-ChildItem -Path “D:\AzureDNSBackup\$dateFormat\*.txt” | out-file “D:\AzureDNSBackup\$dateFormat\Zone_List.txt”

#Send the zone file list in email for the backup confirmation
$filename = “D:\AzureDNSBackup\$dateFormat\Zone_List.txt”
$smtpServer = “relay Server Name/IP”

$msg = new-object Net.Mail.MailMessage
$att = new-object Net.Mail.Attachment($filename)
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = “Sender Email Address here”
$msg.To.Add(“Put Recipeint Email Address Here”)
$msg.Subject = “Daily Azure DNS Zone Backup – $((Get-Date).ToShortDateString())”
$msg.Body = “Daily Azure DNS Zone Backup done to D drive AzureDNSBackup folder on server “ServerName”, Backup Zone List Attached”
$msg.Attachments.Add($att)
$msg.IsBodyHTML = $true
$smtp.Send($msg)

How to export user photos in O365 / Exchange Online using Exchange Online Powershell

Below small script can be use to export photos from O365 / Exchange Online using powershell.

First you need to connect to exchange online.

#############################################

get-mailbox -ResultSize Unlimited | % {Get-UserPhoto $_.identity} | % {Set-Content -path “C:\Photos\$($_.identity).jpg” -value $_.picturedata -Encoding byte}

####################################################

How to export thumbnail/photos from Active Directory using powershell

Below is smal powershell script to export photos from the Active Directory using AD powershell.

#########################################################

$list=GET-ADuser –filter * -properties thumbnailphoto

Foreach ($User in $list)

{

$Directory=’C:\Photos\’

If ($User.thumbnailphoto)

  {

  $Filename=$Directory+$User.samaccountname+’.jpg’

  [System.Io.File]::WriteAllBytes($Filename, $User.Thumbnailphoto)

  }

}

#########################################################

Changing your Domain Account password on a RDP session on Windows Server 2012 R2 and 2016 Servers

This procedure is the only one which worked for me on a Windows 2012 R2 and 2016 RDP session:

1. Click Start

2. Type osk (to bring up the on screen keyboard)

3. Hit enter

image

image

4. Once the on screen keyboard is open, hold ctrl+Alt on your physical keyboard, then click on the del key in the on screen keyboard.

image

5. Minimize the on screen Keyboard

6. Click Change a password.

Command execution failed: The process does not possess the ‘SeSecurityPrivilege’ privilege which is required for this operation

Error:- You try to Request and Install Lync server Certificate using deployment wizard and get the below error while assigning the certificate to Web Services Internal, External and Default and get below error

Command execution failed: The process does not possess the ‘SeSecurityPrivilege’ privilege which is required for this operation

Cause:- The reason is you do not have appropriate access to assign the certificate to given lync services.

Other Information:- Open GPEDIT.MSC in the lync server and go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment

Check the setting “Manage Auditing and Security Logs”, you will see Local Administrators Group missing here.

Solution:- Add local Administrators group here locally or using Group Policy, run gpupdate /force, logoff user and relogin and try again.

Deployment Checker Script for Azure Stack Development Kit

<#
.SYNOPSIS
Short description
This prechecker script validates the hardware and software requirements of your host to prepare for the deployment of the Azure Stack Development Kit
.DESCRIPTION
The script provides a way to confirm the host meets the hardware and software requirements, before downloading the larger package for the Azure Stack Development Kit.
.EXAMPLE
.\asdk-prechecker.ps1
.NOTES
To use this script on the host where Azure Stack Development Kit will be installed, you need to run it as an administrator (the script will check if it is running in this context).
You may also need to update the PowerShell script execution policy with Set-ExecutionPolicy, since the script is not signed : https://technet.microsoft.com/en-us/library/hh849812.aspx
The Azure Stack Development Kit Pre-Checker script is a PowerShell script published in this public repository so you can make improvements to it by submitting a pull request.
https://github.com/Azure/AzureStack-Tools
#>
#requires –runasadministrator
function CheckNestedVirtualization {
    write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking for physical/virtual machine status…”
    $BaseBoard = (Get-WmiObject Win32_BaseBoard)
If ($BaseBoard)
{
If (($BaseBoard.Manufacturer.Tolower() -match ‘microsoft’ -and $BaseBoard.Product.Tolower() -match ‘virtual’) -or ($BaseBoard.Manufacturer.Tolower() -match ‘vmware’))
{
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — WARNING : This server seems to be a virtual machine running on Hyper-V or VMware. Running ASDK on a nested hypervisor is not a tested or supported scenario. Setup will not block this, but this but this may lead to performance or reliability issues.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — This is a physical machine.”
$Global:ChecksSuccess++
}
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — This is a physical machine.”
$Global:ChecksSuccess++
}
}
function CheckInternetAccess {
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking Internet access…”
    # Test AAD http connection.
try {
$resp = Invoke-WebRequest -Uri “https://login.windows.net” -UseBasicParsing
if ($resp.StatusCode -ne 200) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Failed to connect to AAD endpoint https://login.windows.net”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — This machine has internet access (we tried to contact https://login.windows.net).”
$Global:ChecksSuccess++
}
}
catch {
write-host -ForegroundColor white “[“(date -format “HH:mm:ss”)”]” $_.Exception.Message
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Failed to connect to AAD endpoint ‘https://login.windows.net’.”
$Global:ChecksFailure++
}
}
function CheckSystemDisk {
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking system disk capacity…”
    $systemDisk = Get-Disk | ? {$_.IsSystem -eq $true}
If ($systemDisk.Size -lt 180 * 1024 * 1024 * 1024)
{
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Check system disk failed – Size should be 180 GB minimum.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — Check system disk passed successfully.”
$Global:ChecksSuccess++
}
}
function CheckDisks {
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking physical disks…”

write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Listing of all physical disks on this server:”
write-host -ForegroundColor gray (Get-PhysicalDisk | Format-Table -Property @(“FriendlyName”, “SerialNumber”, “CanPool”, “BusType”, “OperationalStatus”, “HealthStatus”, “Usage”, “Size”) | Out-String)
$physicalDisks = Get-PhysicalDisk | Where-Object { ($_.BusType -eq ‘RAID’ -or $_.BusType -eq ‘SAS’ -or $_.BusType -eq ‘SATA’) -and $_.Size -gt 135 * 1024 * 1024 * 1024 }
$selectedDisks = $physicalDisks | Group-Object -Property BusType | Sort-Object -Property Count -Descending | Select-Object -First 1

    if ($selectedDisks.Count -ge 3) {
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Listing of all physical disks meeting ASDK requirements:”
write-host -ForegroundColor gray ($physicalDisks | Format-Table -Property @(“FriendlyName”, “SerialNumber”, “BusType”, “OperationalStatus”, “HealthStatus”, “Usage”, “Size”) | Out-String)
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — Check physical disks passed successfully. Note that ASDK handles situations where there is a pre-existing storage pool, and will delete/recreate it.”
$Global:ChecksSuccess++
}
    if ($selectedDisks.Count -lt 3) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Check physical disks failed – At least 4 disks or more of the same bus type (RAID/SAS/SATA), and of capacity 135 GB or higher are strongly recommended. 3-disk configurations may work but are not tested by Microsoft.”
$Global:ChecksFailure++
}
}
function CheckFreeSpaceForExtraction {
    write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” Checking free space for extracting the ASDK files…”
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Listing disks and their free space”
write-host -ForegroundColor gray (Get-Disk | Get-Partition | Get-Volume | Sort-Object -Property SizeRemaining -Descending | Out-String)
$volumes = (Get-disk | ? {$_.BusType -ne ‘File Backed Virtual’ -or $_.IsBoot} | Get-Partition | Get-Volume |`
? {-not [String]::IsNullOrEmpty($_.DriveLetter)} | sort -Property SizeRemaining -Descending)
if (!$volumes -or ($volumes | Measure-Object).count -le 0) {
Write-Host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Free space check failed. No volumes are available.”
$Global:ChecksFailure++
}
if ($volumes[0].SizeRemaining -lt 120 * 1024 * 1024 * 1024) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Free space check failed. ASDK requires 130 GB for the expanded Cloudbuilder.vhdx file. An additional 40 GB may be needed if you want to keep the ZIP and self extractor files.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — Free space check passed successfully.”
$Global:ChecksSuccess++
}
}
function CheckRam {
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking Memory…”

$mem = Get-WmiObject -Class Win32_ComputerSystem
$totalMemoryInGB = [Math]::Round($mem.TotalPhysicalMemory / (1024 * 1024 * 1024))
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Memory on this server = $totalMemoryInGB”
if ($totalMemoryInGB -lt 96) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Check system memory requirement failed. At least 96GB physical memory is required.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — System memory check passed successfully. ASDK requires a minimum of 96 GB of RAM, with 128 GB recommended.”
$Global:ChecksSuccess++
}
}

function CheckHyperVSupport {
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking Hyper-V support on the host…”
    $feature = Get-WindowsFeature -Name “Hyper-V”
if ($feature.InstallState -ne “Installed”) {
$cpu = Get-WmiObject -Class WIN32_PROCESSOR
$os = Get-WmiObject -Class Win32_OperatingSystem
if (($cpu.VirtualizationFirmwareEnabled -contains $false) -or ($cpu.SecondLevelAddressTranslationExtensions -contains $false) -or ($cpu.VMMonitorModeExtensions -contains $false) -or ($os.DataExecutionPrevention_Available -eq $false)) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Hyper-V is not supported on this host. Hardware virtualization is required for Hyper-V.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — This server supports the hardware virtualization required to enable Hyper-V.”
$Global:ChecksSuccess++
}
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — Hyper-V is already installed. Note that the installer would enable it otherwise.”
$Global:ChecksSuccess++
}
}
function CheckOSVersion {

# Check Host OS version first, otherwist DISM will failed to get VHD OS version
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking Host OS version…”
$hostOS = Get-WmiObject win32_operatingsystem
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” (” — Host OS version: {0}, SKU: {1}” -f $hostOS.Version, $hostOS.OperatingSystemSKU)
$hostOSVersion = [Version]::Parse($hostOS.Version)

$server2016OSVersionRequired = “10.0.14393”
$server2016OSVersion = [Version]::Parse($server2016OSVersionRequired)
$serverDataCenterSku = 8 # Server Datacenter
$serverDataCenterEvalSku = 80 # Server Datacenter EVal

if ($hostOSVersion -lt $server2016OSVersion -or ($hostOS.OperatingSystemSKU -ne $serverDataCenterSku -and $hostOS.OperatingSystemSKU -ne $serverDataCenterEvalSku)) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — The host OS should be Windows Server 2016 Datacenter, version $server2016OSVersionRequired.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — The host OS version matches the requirements for ASDK ($server2016OSVersionRequired).”
$Global:ChecksSuccess++
}
}

function CheckDomainJoinStatus {
write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking domain join status…”
    $sysInfo = Get-WmiObject -Class Win32_ComputerSystem
if ($sysInfo.PartOfDomain) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — The host must not be domain joined. Please leave the domain and try again.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — The host is not domain joined.”
$Global:ChecksSuccess++
}
}
function CheckVMSwitch {
    write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking NIC status…”
    if (([array](Get-NetAdapter | ? {$_.Status -eq ‘Up’})).Count -ne 1) {
write-host -ForegroundColor darkyellow “[“(date -format “HH:mm:ss”)”]” ” — Multiple NICs, virtual switches or NIC teaming are not allowed. Please only keep one physical NIC enabled and remove virtual switches or NIC teaming. This message can be ignored if you are planning to leverage the ASDK Installer from GitHub, as it provides a way to configure the NICs.”
$Global:ChecksSuccess++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — NIC configuration passed successfully.”
$Global:ChecksSuccess++
}
}
function CheckServerName {
    write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking server name…”
    write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Server name is” $Env:COMPUTERNAME
  if ($Env:COMPUTERNAME -eq ‘AzureStack’) {
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — Server name cannot be “”AzureStack”” since it conflicts with the domain name.”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — Server name does not conflict with future domain name AzureStack.local.”
$Global:ChecksSuccess++
}
}
function CheckCPU {
    write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking processor information…”
    $CPUCount = (Get-WmiObject -class win32_processor –computername localhost).count
$CoreCount =  ((Get-WmiObject -class win32_processor –computername localhost -Property “numberOfCores”)[0].numberOfCores)*$CPUCount
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Number of CPU sockets = $CPUCount”
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” ” — Number of physical cores =  $CoreCount”
    If (($CPUCount -lt 2) -or ($CoreCount -lt 12)){
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — CPU count must be 2 or higher, Core count must be 12 or higher (16 cores recommended).”
$Global:ChecksFailure++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — CPU socket count (2) and core count (12) meet the minimum requirements for ASDK.”
$Global:ChecksSuccess++
}
}
function CheckNICSupport {
    write-host -ForegroundColor yellow “[“(date -format “HH:mm:ss”)”]” “Checking NIC requirements…”
    $FoundNIC = $false
Get-NetAdapter -IncludeHidden | ForEach-Object {
$PnPDevice = Get-PnpDevice -InstanceId $_.PnPDeviceID
If ((Get-PnpDeviceProperty -InputObject $PnPDevice -KeyName DEVPKEY_Device_DriverInfPath).Data -eq “netbxnda.inf”){
$FoundNIC = $true
}
}
   If ($FoundNIC)
{
write-host -ForegroundColor darkyellow “[“(date -format “HH:mm:ss”)”]” ” — Please make sure to leverage the ASDK Installer for deployment, per the documentation. This installer will apply an update to this host prior to deployment.”
$Global:ChecksSuccess++
}
else
{
write-host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” ” — Network cards requirements are met.”
$Global:ChecksSuccess++
}
}
$ErrorActionPreference = ‘Stop’
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “Starting Deployment Checker for Microsoft Azure Stack Development Kit (ASDK)…”
Write-Host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “There are several prerequisites checks to verify that your machine meets all the minimum requirements for deploying ASDK.”
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “For more details, please refer to the online requirements : https://azure.microsoft.com/en-us/documentation/articles/azure-stack-deploy/”
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “Checking for Administrator priviledge…”
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
[Security.Principal.WindowsBuiltInRole] “Administrator”))
{
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” ” — You do not have Administrator rights to run this script!`nPlease re-run this script as an Administrator!”
break
}
$checksHW = {CheckNestedVirtualization}, `
{CheckSystemDisk},
{CheckDisks},
{CheckRam}, `
{CheckCPU},
{CheckHyperVSupport}`
$CheckHWOnly = {CheckFreeSpaceForExtraction}
$checksSW = {CheckDomainJoinStatus}, `
{CheckInternetAccess}, `
{CheckOSVersion}, `
{CheckVMSwitch}, `
{CheckNICSupport},
{CheckServerName}
$Global:ChecksSuccess = 0
$Global:ChecksFailure = 0
#Checking if ASDK is already installed
$POCInstalledOrFailedPreviousInstall = $false
If ((get-module -Name Hyper-V -ListAvailable).count -gt 0)
{
$VMList = @(“MAS-ACS01″,”MAS-ADFS01″,”MAS-ASql01″,”MAS-BGPNAT01″,”MAS-CA01″,”MAS-Con01″,”MAS-DC01″,”MAS-Gwy01″,”MAS-NC01”, “MAS-SLB01”, “MAS-SUS01”, “MAS-WAS01”, “MAS-Xrp01”, “AzS-ACS01″,”AzS-ADFS01″,”AzS-ASql01″,”AzS-BGPNAT01″,”AzS-CA01″,”AzS-Con01″,”AzS-DC01″,”AzS-Gwy01″,”AzS-NC01”, “AzS-SLB01”, “AzS-SUS01”, “AzS-WAS01”, “AzS-Xrp01”)
If ((Get-VM $VMList -ErrorAction SilentlyContinue).Count -gt 0)
{$POCInstalledOrFailedPreviousInstall = $true}
}
If ($POCInstalledOrFailedPreviousInstall)
{
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”] This machine seems to host an existing successful or failed installation of Azure Stack Development Kit. The prerequisite checker is meant to be run prior to installation, and will return errors post-install, as some of the configuration may already have been applied (joining the domain, setting up storage pools,…)”
If ((Read-Host “Do you want to continue anyway (Y/N)?”) -eq “N”)
{
break
}
}
write-host -ForegroundColor white “[“(date -format “HH:mm:ss”)”] This script can be run on the host where you will be configuring boot from VHD, for example prior to downloading the ASDK files. Or it can be run after booting from the provided Cloudbuilder.vhdx file where the ASDK will be installed. In the first case, it will only check for hardware specifications like memory, cores, hard disk configuration, as well as free space for extracting the ASDK files. In the second case, it will run both hardware and software tests, and other items like domain membership, OS version, NIC configuration will be checked.”
Switch (Read-Host “Are you running this script on the host before booting in the provider VHDX file [1] or after booting into it [2] (any other input will exit the script)?”)
{
“1”
{
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “User chose to run pre-boot from VHD checks (hardware checks only)”
$checks = $checksHW + $CheckHWOnly
}
“2”
{
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “User chose to run post-boot from VHD checks (all checks except free space)”
$checks = $checksHW + $checksSW
}
Default
{
write-host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” “User did not pick one of the two options, exiting script…”
exit
}
}
$PreCheckProgressMessage = “Running Prerequisites Check”
for($i=0; $i -lt $checks.Length; $i++)
{
Write-Progress -Activity $PreCheckProgressMessage -PercentComplete ($i * 100 / $checks.Length)
Invoke-Command -ScriptBlock $checks[$i] -NoNewScope
}
Write-Progress -Activity $PreCheckProgressMessage -Completed
If ($Global:ChecksSuccess -eq $Checks.Length)
{
Write-Host -ForegroundColor green “[“(date -format “HH:mm:ss”)”]” “SUCCESS : All of the prerequisite checks passed.”
}
else
{
Write-Host -ForegroundColor red “[“(date -format “HH:mm:ss”)”]” “FAILURE:”$ChecksFailure “prerequisite check(s) failed out of” $Checks.Length “. Please review previous entries to understand where the requirements are not met.”
}
write-host -ForegroundColor gray “[“(date -format “HH:mm:ss”)”]” “Deployment Checker has finished checking Azure Stack Development Kit requirements”