Monday, 15 February 2016

Robo Copy

Robocopy is a command-line file copy utility from Microsoft. Unlike normal copy commands, Robocopy is designed for reliable copy or mirroring while maintaining the permissions, attributes, owner information, timestamps and properties of the objects copied.

Robocopy Syntax

ROBOCOPY <source> <destination> [file…] [options]

<source> Source Directory (local or network path)

<destination> Destination Directory (local or network path) and

[file…] Specifies the file or files to be copied. You can use wildcard characters (* or ?), if you want. If theFile parameter is not specified, *.* is used as the default value.

/mon:<N>	Monitors the source, and runs again when more than N changes are detected.
/mot:<M>	Monitors source, and runs again in M minutes if changes are detected.
/rh:hhmm-hhmm	Specifies run times when new copies may be started.
/pf	Checks run times on a per-file (not per-pass) basis.
/ipg:n	Specifies the inter-packet gap to free bandwidth on slow lines.
/sl	Copies the symbolic link instead of the target.

Important

When using the /SECFIX copy option, specify the type of security information you want to copy by also using one of these additional copy options:· /COPYALL· /COPY:O

· /COPY:S

· /COPY:U

· /SEC

File selection options

Option	Description
/a	Copies only files for which the Archive attribute is set.
/m	Copies only files for which the Archive attribute is set, and resets the Archive attribute.
/ia:[RASHCNETO]	Includes only files for which any of the specified attributes are set.
/xa:[RASHCNETO]	Excludes files for which any of the specified attributes are set.
/xf <FileName>[ ...]	Excludes files that match the specified names or paths. Note that FileName can include wildcard characters (* and ?).
/xd <Directory>[ ...]	Excludes directories that match the specified names and paths.
/xct	Excludes changed files.
/xn	Excludes newer files.
/xo	Excludes older files.
/xx	Excludes extra files and directories.
/xl	Excludes “lonely” files and directories.
/is	Includes the same files.
/it	Includes “tweaked” files.
/max:<N>	Specifies the maximum file size (to exclude files bigger than N bytes).
/min:<N>	Specifies the minimum file size (to exclude files smaller than N bytes).
/maxage:<N>	Specifies the maximum file age (to exclude files older than N days or date).
/minage:<N>	Specifies the minimum file age (exclude files newer than N days or date).
/maxlad:<N>	Specifies the maximum last access date (excludes files unused since N).
/minlad:<N>	Specifies the minimum last access date (excludes files used since N) If N is less than 1900, Nspecifies the number of days. Otherwise, N specifies a date in the format YYYYMMDD.
/xj	Excludes junction points, which are normally included by default.
/fft	Assumes FAT file times (two-second precision).
/dst	Compensates for one-hour DST time differences.
/xjd	Excludes junction points for directories.
/xjf	Excludes junction points for files.

Retry options

Option	Description
/r:<N>	Specifies the number of retries on failed copies. The default value of N is 1,000,000 (one million retries).
/w:<N>	Specifies the wait time between retries, in seconds. The default value of N is 30 (wait time 30 seconds).
/reg	Saves the values specified in the /r and /w options as default settings in the registry.
/tbd	Specifies that the system will wait for share names to be defined (retry error 67).

Logging options

Option	Description
/l	Specifies that files are to be listed only (and not copied, deleted, or time stamped).
/x	Reports all extra files, not just those that are selected.
/v	Produces verbose output, and shows all skipped files.
/ts	Includes source file time stamps in the output.
/fp	Includes the full path names of the files in the output.
/bytes	Prints sizes, as bytes.
/ns	Specifies that file sizes are not to be logged.
/nc	Specifies that file classes are not to be logged.
/nfl	Specifies that file names are not to be logged.
/ndl	Specifies that directory names are not to be logged.
/np	Specifies that the progress of the copying operation (the number of files or directories copied so far) will not be displayed.
/eta	Shows the estimated time of arrival (ETA) of the copied files.
/log:<LogFile>	Writes the status output to the log file (overwrites the existing log file).
/log+:<LogFile>	Writes the status output to the log file (appends the output to the existing log file).
/unicode	Displays the status output as Unicode text.
/unilog:<LogFile>	Writes the status output to the log file as Unicode text (overwrites the existing log file).
/unilog+:<LogFile>	Writes the status output to the log file as Unicode text (appends the output to the existing log file).
/tee	Writes the status output to the console window, as well as to the log file.
/njh	Specifies that there is no job header.
/njs	Specifies that there is no job summary.

Job options

Option	Description
/job:<JobName>	Specifies that parameters are to be derived from the named job file.
/save:<JobName>	Specifies that parameters are to be saved to the named job file.
/quit	Quits after processing command line (to view parameters)./nosd:
/nodd	Indicates that no destination directory is specified.
/if	Includes the specified files.

Examples of Microsoft’s Robocopy syntax.

To copy contents of C:\UserFolder to C:\FolderBackup:

Robocopy C:\UserFolder C:\FolderBackup

To copy all contents including empty directories of SourceFolder to DestinationFolder:

Robocopy C:\SourceDir C:\DestDir /E

Copy files from one computer to another, skipping files already in the destination.

ROBOCOPY \\RX-PC-01\usr\Frames \\Rx-PC-02\Frames *.doc /S

Move files over 14 days old (note the MOVE option will fail if any files are open and locked).

ROBOCOPY C:\SourceFoldern D:\DestinationFolder /move /minage:14

/MIR is an option to ROBOCOPY where you mirror a directory tree with all the subfolders including the empty directories and you purge files and folders on the destination server that no longer exists in source.

ROBOCOPY \\sourceserver\share \\destinationserver\share /MIR

ROBOCOPY source-drive:\DIR destination-drive:\DIR /MIR

The following command will mirror the directories using Robocopy:

Robocopy \\RX-Server-01\Docs \\Rx-Server-02\Docs /MIR /FFT /Z /XA:H /W:5

/MIR specifies that Robocopy should mirror the source directory and the destination directory. Note that this will delete files at the destination if they were deleted at the source.
/FFT uses fat file timing instead of NTFS. This means the granularity is a bit less precise. For across-network share operations this seems to be much more reliable – just don’t rely on the file timings to be completely precise to the second.

/Z ensures Robocopy can resume the transfer of a large file in mid-file instead of restarting.
/XA:H makes Robocopy ignore hidden files, usually these will be system files that we’re not interested in.
/W:5 reduces the wait time between failures to 5 seconds instead of the 30 second default.

Use Robocopy to copy all changes to files in a directory called c:\data to a directory that contains the date, like data_20091124. Create a batch file as follows.

@echo off

set day=%date:~0,2%

set month=%date:~3,2%

set year=%date:~6,4%

Robocopy “c:\data” “c:\backup\data\%day%-%month%-%year%\” /MAXAGE:1

To mirror the directory “C:\”Folder Name” ” to \\RX-Server-02\Share ” excluding \\server2\Share\prog” from being deleted (since it isn’t present in C:\directory) use the following command:

Robocopy “C:\Files” “\\RX-PC-01\Files” /MIR /XD \\server2\ directory\prog”

Robocopy can be setup as a simply Scheduled Task that runs daily, hourly, weekly etc. Note that Robocopy also contains a switch that will make Robocopy monitor the source for changes and invoke synchronization each time a configurable number of changes has been made. This may work in your scenario, but be aware that Robocopy will not just copy the changes, it will scan the complete directory structure just like a normal mirroring procedure. If there are a lot of files & directories, this may hamper performance.

How to Copy Files Multi-Threaded with Robocopy in Windows 7

Robocopy, short for Robust File Copy, is a command-line directory replication and file copy command utility that first made available as feature in Windows Vista and Windows Server 2008, although it has been available as part of Windows Resources Kit. In Windows 7 and Windows Server 2008, Robocopy utility is further enhanced with ability to multi-threaded copy operation feature.

Multi-threaded support allows Robocopy to open multiple threads simultaneously, allowing many files to be copied in parallel. With multi-threaded copying, total time required to complete the operation will be drastically reduced and cut, when comparing with with typical copying one file at time in serial sequential order.

As Robocopy is generally a command-line only utility (although a GUI add-on is available for Robocopy), the new multi-threaded operation capability has to be called via a new switch supported by Robocopy. The new multi-threaded copy feature can be enabled and turned on with the following parameter:

/MT[:n]

Where n will instruct Robocopy to do multi-threaded copies with n threads (default 8). The value of n must be at least 1 and not greater than 128 (between 1 to 128), with 1 as single thread. In fact, Robocopy will copy files and folders in multi-threaded operation by default, with 8 threads in one go. Note that /MT[:n] switch is not compatible with the /IPG and /EFSRAW operations.

For example,

Robocopy C:\Mydocs C:\Yourdocs /MT:32

Wednesday, 3 February 2016

Configuring NTP on Windows Using GPO

In short, here's how to configure NTP using GPO

In Active Directory, the PDC Emulator should get the time from an external time source and then all member computers of this domain will get the correct time. Since the PDC Emulator can move around, we make sure the GPO is applied only to the current PDC Emulator using a WMI filter.

1. Go to the WMI Filters section in GPMC and create a new filter like the following:

Here's the query for you to cut'n'paste: Select * from Win32_ComputerSystem where DomainRole = 5

2. Create a GPO and apply it to the Domain Controllers OU with the following settings: Computer Configuration/Policies/Administrative Templates/System/Windows Time Service/Time Providers

3. Assign the WMI Filter to the GPO.

That's done! Happy NTP syncing.

Configuring NTP on Windows Server 2012

This is all you need if you want to keep it simple. Run using PowerShell as admin:

w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:MANUAL
Stop-Service w32time
Start-Service w32time

W32tm is the command to use. Sure, there are articles out there mentioning "net time", but you should not use that. Some other also mentions editing the registry directly, but as Microsoft mentions in the article: It is recommended that you do not directly edit the registry unless there is no other alternative. But if you really want to check the registry, it's here: HKLM\System\CurrentControlSet\Services\W32Time.

Which NTP-server to use? Or several?

The pool.ntp.org is a round-robin of random selected NTP servers. As they say "This is usually good enough for end-users". But you might want to add several NTP-servers yourself for redundancy?

w32tm /config /manualpeerlist:"0.pool.ntp.org 1.pool.ntp.org" /syncfromflags:MANUAL

Just keep adding them with a space in between them. Yes, I know some sites say you should separate them using comma but that doesn't work. Also, I've experienced issues that it configures correctly, but still after restarting the service, it doesn't work. I just needed to do the configuration again, and try once more. Also, remember that cut'n'paste from the web can sometimes screw up the " character so write it manually instead of cut'n'paste to be sure.

Don't forget your firewall

If you got a firewall between your host and the Internet, it might drop udp/123 which is the NTP protocol.

Sunday, 31 January 2016

Office 365: Unable to Open Archive Mailbox

In the recent hybrid migration, I experienced this so sharing with you all here.

This mailbox was a big mailbox with archive mailbox on Exchange 2013 in a hybrid setup.

We migrated this mailbox to office 365.

It got migrated perfectly. Absolutely no issues in migrating.

Outlook | OWA | ActiveSync connected as expected.

When user expanded the archive user got the following message popup

Issue:

Cannot expand the folder. The set of folders cannot be opened. Microsoft Exchange is currently busy. If this message is still displayed in 30 minutes, contact your Exchange administrator.

Resolution:

We waited for 30 minutes and archive mailbox started opening as expected.

Conclusion:

There is nothing to be panic here. Keep you cool and wait for 30 minutes.

This is one of the reason why we need to migrate mailboxes in the night or after business hours.

This is not an issue but it is by design.

Exchange Hybrid : Batch Migration

Exchange moved to more simplicity by the new feature of Batch Migration.

Batch migration is grouping of any number of mailboxes you would like to move. Rather than checking the status of all mailboxes one by one, you can view and run one command for whole batch.

I am sharing few points which you might be interesting in understanding.

In my customer environment, we had a batch syncing for 12 mailboxes. This is showing the status of the batch which is still syncing 1 mailbox to 95%. I have selected “manually complete the mailbox migration” so I will get a link on the right side when it will be ready to complete migration once sync will complete.

Now you will be wondering just for one mailbox whole batch will be waiting. Answer is yes if we wish to run a command for the batch but if we decide to run a command for other mailboxes which are in the auto-suspend status after 95% sync then we have to use PowerShell. Use this blog to connect to the office 365 powershell

Then to complete the migration of auto-suspend status mailbox we need to run the below mentioned commands

Set-MoveRequest “Display Name” – PreventCompletion $False

Resume-MoveRequest “Display Name”

2. In another case, if you have started a batch mailbox migration and one of the mailbox has some issues which is why this mailbox sync has failed so out of hundred 2 have failed.

-Review the report which will show in the view details.

-Fix the issues with the failed mailboxes.

-Stop the sync

-Resume the sync. This will try the failed mailboxes again.

Tuesday, 27 October 2015

How to add and license users in bulk on Office 365

PowerShell becomes a tool of choice for a growing number of Office 365 administrators. The main reason is that they can leverage all benefits of the scripting environment in repetitive, everyday tasks.

Even mass creation of users and licenses assignment is not a problem – below you’ll find a step by step guide describing the process.

Connect to Office 365 with PowerShell

Follow this short tutorial to learn how to remotely connect to your Office 365 with PowerShell.

Create a CSV file

Next step is to create a list of all users you want to create in CSV format. It will contain all necessary details, such as email addresses, first and last names, passwords etc. Below you can find an example CSV file syntax.

UserPrincipalName,DisplayName,FirstName,LastName,password
clark.kent@remoteps.onmicrosoft.com,Clark Kent,Clark,Kent,Asik12
bruce.wayne@remoteps.onmicrosoft.com,Bruce Wayne,Bruce,Wayne,Poiy32
peter.parker@remoteps.onmicrosoft.com,Peter Parker,Peter,Parker,Rujk99

Make sure to replace the “remoteps.onmicrosoft.com” domain with your own.

Environment variables

In this example two variables are set:

$path = c:\new_users.csv 
$server = remoteps:enterprisepack

$path contains the path to your CSV file. Replace “c:\new_users.csv” with your own path.

$server contains your license package name. Use the following command to check what license you have (it is listed in the AccountSkuId column):

Get-MsolAccountSku | out-gridview

Create users

The command below loops trough each line of your CSV file and creates an account based on details provided.

import-csv $path | foreach {

New-Msoluser -userPrincipalName $_.UserPrincipalName -displayname 
$_.displayname -firstname $_.firstname -lastname $_.lastname -password 
$_.Password -usagelocation "us"

}

The -usagelocation parameter is required for license assignment. You can change it to the standard country code of your choice.

Licenses assignment

Without the assigned license the Office 365 account cannot send/receive emails. The command below works similarly to the previous one – it works through each line of your CSV file and enables the license for each newly created user.

import-csv $path | foreach { 
set-msoluserlicense -addlicenses "$server" 
}

To make sure that licenses were assigned correctly run the code below.

import-csv $path | Get-MSOLUser | out-gridview

The process is complete. All users from the CSV file list are now present in your Office 365 environment, with licenses assigned and ready to send and receive messages.

All described steps are also attached below as a single script. You can save it as a PS1 file. Additionally it includes a small code that pops up a file picking window which helps to set the $path variable.

#CSV file picker module start
Function Get-FileName($initialDirectory)
{  
 [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") |
 Out-Null

 $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
 $OpenFileDialog.initialDirectory = $initialDirectory
 $OpenFileDialog.filter = "All files (*.*)| *.*"
 $OpenFileDialog.ShowDialog() | Out-Null
 $OpenFileDialog.filename
} 

#CSV file picker module end

#Variable that holds CSV file location from file picker
$path = Get-FileName -initialDirectory "c:\" 

#Window with list of available 365 licenses and their names
Get-MsolAccountSku | out-gridview 

#Input window where you provide the license package's name 
$server = read-host 'Provide licensename (AccountSkuId)' 

#CSV import command and mailbox creation loop
import-csv $path | foreach {
New-Msoluser -userPrincipalName $_.UserPrincipalName -displayname $_.displayname -firstname $_.firstname -lastname $_.lastname -password $_.Password -usagelocation "us" | set-msoluserlicense -addlicenses "$server"
}

#Result report on licenses assigned to imported users
import-csv $path | Get-MSOLUser | out-gridview