Windows

Slow performance issues with Java based agents/apps

If you encountered slow performance after installing some Java based agents or applications, one of the likelihoods is due to the AV scanning which may affect the performance or sometimes even lock up the files and caused the application to hang.

If you are using McAfee AV, you may need to uncheck the “Scan inside archives (e.g. .ZIP)

McAfeeAV-1

Links:

Advertisements
Windows

DFS replication stops after unexpected server shutdown

Recently we encountered an Event ID 2213 error under the event log:  Event Viewer –> Applications and Services Logs –> DFS Replication.

Head over the following link: https://support.microsoft.com/en-us/help/2846759/dfsr-event-id-2213-in-windows-server-2008-r2-or-windows-server-2012


Event ID 2213
The DFS Replication service stopped replication on volume C:. This occurs when a DFSR JET database is not shut down cleanly and Auto Recovery is disabled. To resolve this issue, back up the files in the affected replicated folders, and then use the ResumeReplication WMI method to resume replication.
Recovery Steps
1. Back up the files in all replicated folders on the volume. Failure to do so may result in data loss due to unexpected conflict resolution during the recovery of the replicated folders.
2. To resume the replication for this volume, use the WMI method ResumeReplication of the DfsrVolumeConfig class. For example, from an elevated command prompt, type the following command:
wmic /namespace:\\root\microsoftdfs path dfsrVolumeConfig where volumeGuid=”32A74A78-0B49-11E2-93EE-806E6F6E6963″ call ResumeReplication

After you run it, wait for Event ID 2212 & 2214 in the log.

Note:

  • Default StopReplicationOnAutoRecovery value on Windows Server 2008 R2 and Server 2012 is “1“. On Windows Server 2012 R2 it’s “0“.
Scripting · Windows

Microsoft Security Response Center

Starting Nov 2016, Microsoft has switched from using their KB1234567 to Common Vulnerabilities and Exposures (CVE).

The MS website is at: https://portal.msrc.microsoft.com/en-us/security-guidance

Using the new portal you can:

  • Sort and filter security vulnerability and update content, for example, by CVE, KB number, product, or release date.
  • Filter out products that don’t apply to you, and drill down to more detailed security update information for products that do.
  • Leverage a new RESTful API to obtain Microsoft security update information. This eliminates the need for you to employ outdated methods like screen-scraping of security bulletin web pages to assemble working databases of necessary and actionable information

MS has also released some new PowerShell modules too.

1. To find out the latest version available, run the following command:


Find-Module "*MSRC*"

The output is:

MSRC-1

The current version is 1.7.2

 

2.  To install the modules


Install-Module -Name MsrcSecurityUpdates -Verbose -Force

 

3. List the modules installed in your system


Get-Command -Module MsrcSecurityUpdates

You should now have access to the module.

MSRC-2

 

4. The location where this module is installed is located at:

C:\Program Files\WindowsPowerShell\Modules\MsrcSecurityUpdates

 

5. Now, to get an API key from the portal.

https://portal.msrc.microsoft.com/en-us/developer

 

 

 

Scripting

Get Computer Information

You can use this Powershell script to extract out your computer’s information such as:

  • Hostname
  • Manufacturer
  • Model
  • OS
  • Serial Number

Function Get-ComputerInformation
{
PARAM ($ComputerName)
# Computer System
$ComputerSystem = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $ComputerName
# Operating System
$OperatingSystem = Get-WmiObject -class win32_OperatingSystem -ComputerName $ComputerName
# BIOS
$Bios = Get-WmiObject -class win32_BIOS -ComputerName $ComputerName

# Prepare Output
$Properties = @{
ComputerName = $ComputerName
Manufacturer = $ComputerSystem.Manufacturer
Model = $ComputerSystem.Model
OperatingSystem = $OperatingSystem.Caption
OperatingSystemVersion = $OperatingSystem.Version
SerialNumber = $Bios.SerialNumber
}

# Output Information
New-Object -TypeName PSobject -Property $Properties

}

Get-ComputerInformation localhost