14/11/2014

Falha Recurso Cluster Event ID 1207

Problema com recurso virtual de cluster Windows 2008 com falha em um dos node segue evento abaixo

Cluster com SQL Server

Event ID: 1207
Task Category: Network Name Resource
Level: Error
Cluster network name resource 'XXXXX' cannot be brought online. The computer object associated with the resource could not be updated in domain 'bs.br.bsch' for the following reason:
Unable to obtain the Primary Cluster Name Identity token.
The text for the associated error code is: An attempt has been made to operate on an impersonation token by a thread that is not currently impersonating a client.
The cluster identity 'XXXXX$' may lack permissions required to update the object. Please work with your domain administrator to ensure that the cluster identity can update computer objects in the domain.

SOLUÇÃO

Utilizando o Process Monitor identificamos problemas de permissão no diretório “C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys” ao movimentar os recursos entre os nodes, mesmo substituindo as entradas de permissão em todos os objetos filhos ainda assim alguns arquivos permaneceram com permissões órfãs. 

Foi necessário corrigir as permissões individualmente de cada arquivo dentro do diretório “C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys”, então a movimentação dos recursos com falha  entre os nodes funcionou corretamente.

Artigos relacionados

Failover Cluster Step-by-Step Guide: Configuring Accounts in Active Directory


14/10/2014

Script Lista Software Especifico


Script BAT que lista Aplicativo instalado no Windows

echo Software Instalado  > server_%computername%.txt
echo ================= >>server_%computername%.txt
reg export HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall temp1.txt
find "Office" temp1.txt| find "DisplayName" > temp2.txt
for /f "tokens=2,3 delims==" %%a in (temp2.txt) do (echo %%a >> server_%computername%.txt)

start notepad "server_%computername%.txt"

del temp1.txt temp2.txt

Obs.: Onde esta escrito Office, é onde você inseri o nome do Software que esta procurando instalado no Add Remove Programs ou escreve apenas um referencia  do nome Exemplo Off, se tiver o Office instalado ele vai gerar no log.

Comandos XenApp e XenDesktop


Segue

ALTADDR

Use altaddr to query and set the alternate (external) IP address for a server running Citrix XenApp. The alternate address is returned to clients that request it and is used to access a server that is behind a firewall.

Syntax

altaddr [/server:servername] [/set alternateaddress] [/v]
altaddr [/server:servername] [/set adapteraddress alternateaddress] [/v]
altaddr [/server:servername] [/delete] [/v]
altaddr [/server:servername] [/delete adapteraddress] [/v]
altaddr [/?]

Parameters

servername
The name of a server.
alternateaddress
The alternate IP address for a server.
adapteraddress
The local IP address to which an alternate address is assigned.

Options

/server:servername
Specifies the server on which to set an alternate address. Defaults to the current server.
/set
Sets alternate TCP/IP addresses. If an adapteraddress is specified, alternateaddress is assigned only to the network adapter with that IP address.
/delete
Deletes the default alternate address on the specified server. If an adapter address is specified, the alternate address for that adapter is deleted.
/v (verbose)
Displays information about the actions being performed.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

The server subsystem reads the altaddr settings for server external IP addresses at startup only. If you use altaddr to change the IP address setting, you must restart the Citrix Independent Management Architecture service for the new setting to take effect.
If altaddr is run without any parameters, it displays the information for alternate addresses configured on the current server.

Examples

Set the server’s alternate address to 1.1.1.1:
altaddr /set 1.1.1.1
Set the server’s alternate address to 2.2.2.2 on the network interface card whose adapter address is 1.1.1.1:
altaddr /set 2.2.2.2 1.1.1.1

Security Restrictions

None.
__________________

APP

App is a script interpreter for secure application execution. Use App to read execution scripts that copy standardized .ini type files to user directories before starting an application, or to perform application-related cleanup after an application terminates. The script commands are described below.

Syntax

app scriptfilename

Parameters

scriptfilename
The name of a script file containing app commands (see script commands below).

Script Commands

copy sourcedirectory\filespec targetdirectory
Copies files from sourcedirectory to targetdirectoryFilespec specifies the files to copy and can include wild cards (*,?).
deletedirectory\filespec
Deletes files owned by a user in the directory specified. Filespec specifies the files to delete and can include wild cards (*,?). See the Examples section for more information.
deleteall directory\filespec
Deletes all files in the directory specified.
execute
Executes the program specified by the path command using the working directory specified by the workdir command.
path executablepath
Executablepath is the full path of the executable to be run.
workdir directory
Sets the default working directory to the path specified by directory

Script Parameters

directory
A directory or directory path.
executablepath
The full path of the executable to be run.
filespec
Specifies the files to copy and can include wildcards (*,?).
sourcedirectory
The directory and path from which files are to be copied.
targetdirectory
The directory and path to which files are to be copied.

Remarks

If no scriptfilename is specified, app displays an error message.
The Application Execution Shell reads commands from the script file and processes them in sequential order. The script file must reside in the %SystemRoot%\Scripts directory.

Examples

The following script runs the program Notepad.exe. When the program terminates, the script deletes files in the Myapps\Data directory created for the user who launched the application:
PATH C:\Myapps\notepad.exeWORKDIR C:\Myapps\DataEXECUTEDELETE C:\Myapps\Data\*.*
The following script copies all the .wri files from the directory C:\Write\Files, executes Write.exe in directory C:\Temp.wri, and then removes all files from that directory when the program terminates:
PATH C:\Wtsrv\System32\Write.exeWORKDIR C:\Temp.wriCOPY C:\Write\Files\*.wri 
C:\Temp.wriEXECUTEDELETEALL C:\Temp.wri\*.*
The following example demonstrates using the script file to implement a front-end registration utility before executing the application Coolapp.exe. You can use this method to run several applications in succession:
PATH C:\Regutil\Reg.exeWORKDIR C:\RegutilEXECUTEPATH C:\Coolstuff\Coolapp.exeWORKDIR
 C:\TempEXECUTEDELETEALL C:\Temp

Security Restrictions

None.
__________________

AUDITLOG

Auditlog generates reports of logon/logoff activity for a server based on the Windows Server security event log. To use auditlog, you must first enable logon/logoff accounting. You can direct the auditlog output to a file.

Syntax

auditlog [username | session] [/eventlog:filename] [/before:mm/dd/yy] [/after:mm/dd/yy] 
[[/write:filename] | [/detail | /time] [/all]]
auditlog [username | session] [/eventlog:filename] [/before:mm/dd/yy] [/after:mm/dd/yy] 
[[/write:filename] | [/detail] | [/fail ] | [ /all]]
auditlog [/clear:filename]
auditlog [/?]

Parameters

filename
The name of the eventlog output file.
session
Specifies the session ID for which to produce a logon/logoff report. Use this parameter to examine the logon/logoff record for a particular session.
mm/dd/yy
The month, day, and year (in two-digit format) to limit logging.
username
Specifies a user name for which to produce a logon/logoff report. Use this parameter to examine the logon/logoff record for a particular user.

Options

/eventlog:filename
Specifies the name of a backup event log to use as input to auditlog. You can back up the current log from the Event Log Viewer by using auditlog /clear: filename.
/before:mm/dd/yy
Reports on logon/logoff activity only before mm/dd/yy.
/after:mm/dd/yy
Reports on logon/logoff activity only after mm/dd/yy.
/write:filename
Specifies the name of an output file. Creates a comma-delimited file that can be imported into an application, such as a spreadsheet, to produce custom reports or statistics. It generates a report of logon/logoff activity for each user, displaying logon/logoff times and total time logged on. If filename exists, the data is appended to the file.
/time
Generates a report of logon/logoff activity for each user, displaying logon/logoff times and total time logged on. Useful for gathering usage statistics by user.
/fail
Generates a report of all failed logon attempts.
/all
Generates a report of all logon/logoff activity.
/detail
Generates a detailed report of logon/logoff activity.
/clear:filename
Saves the current event log in filename and clears the Event log. This command does not work if filename already exists.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

Auditlog provides logs you can use to verify system security and correct usage. The information can be extracted as reports or as comma-delimited files that can be used as input to other programs.
You must enable logon/logoff accounting on the local server to collect the information used by auditlog. To enable logon/logoff accounting, log on as a local administrator and enable logon/logoff accounting with the Audit Policy in Microsoft Windows.

Security Restrictions

To run auditlog, you must have Windows administrator privileges.
__________________

CTXKEYTOOL

Use ctxkeytool to enable and disable the IMA encryption feature and generate, load, replace, enable, disable, or back up farm key files.

Syntax

ctxkeytool [generate | load | newkey | backup] filepath
ctxkeytool [enable | disable | query]

Options

generate
Generates a new key and saves it to the filepath. This command alone is not sufficient to enable IMA encryption.
load
Can be used to load:
  • A new key onto a server with no preexisting key
  • The correct key onto a server that has an existing key
  • A new key onto a computer and the farm
newkey
Creates a new encryption key in the data store using the local farm key.
backup
Backs up the existing farm key to a file.
enable
Enables the IMA encryption feature for the farm.
disable
Disables the IMA encryption feature for the farm.
query
Can be used to check:
  • For a key on the local computer
  • To see if IMA encryption is enabled for the farm
  • If your key matches the farm key

Remarks

The first time you generate a key for the first server on the farm on which you are enabling IMA encryption, use the following sequence of options: generateload, and newkey. On each subsequent server in the farm, you just need to loadthe key. After you activate the IMA encryption feature on one server, the feature is enabled for the entire farm.
If you lose the key file for a server, you can get a duplicate key file by running the backup option on another server in the same farm that still has its key. This command recreates the key file. After recreating the key file, use load to load it to the server on which it was lost.
After using the disable option to disable the IMA encryption feature, you must reenter the configuration logging database password. If you want to activate the IMA encryption feature again, run enable on any server in the farm.

Security Restrictions

You must be a Citrix administrator with local administrator privileges to run ctxkeytool.
__________________

CTXXMLSS

Use ctxxmlss to change the Citrix XML Service port number.

Syntax

ctxxmlss [/rnnn] [/u] [/knnn] [/b:a] [/b:l] [/?]

Options

/rnnn
Changes the port number for the Citrix XML Service to nnn.
/u
Unloads Citrix XML Service from memory.
/knnn
Keeps the connection alive for nnn seconds. The default is nine seconds.
/b:a
Binds the service to all network interfaces. This is the default setting.
/b:l
Binds the service to localhost only.
/?
Displays the syntax for the utility and information about the utility’s options.

Security Restrictions

None.

Remarks

For more information, see System Requirements.
_______________________

DSCHECK

Use dscheck to validate the consistency of the database used to host the server farm’s data store. You can then repair any inconsistencies found. dscheck is often used after running dsmaint.

Syntax

dscheck [/clean] [/?]

Options

/clean
Attempts to fix any consistency error that is found.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

Dscheck performs a variety of tests to validate the integrity of a server farm’s data store. When run without parameters, only these tests are run. Run dscheck on a server in the farm that has a direct connection to the data store.
When you run dscheck with the /clean option, the utility runs tests and removes inconsistent data (typically servers and applications) from the data store. Because removing this data can affect the farm’s operation, be sure to back up the data store before using the /clean option.
When you run the utility with the /clean option, you may need to run the dsmaint command with the recreatelhc parameter on each server in the farm to update the local host caches. Running this command sets the PSRequired registry value to 1 in HKLM\SOFTWARE\Wow6432Node\Citrix\IMA\RUNTIME, or HKLM\SOFTWARE\Citrix\IMA\RUNTIME on XenApp, 32-bit Edition.
Dscheck reports the results of the tests in several ways. First, it sends any errors found as well as a summary to the Event log and to the command window. You can also write the output produced by dscheck to a file.
Second, several performance monitor values are updated under the performance object for Citrix XenApp. These values include a count of server errors, a count of application errors, a count of group errors, and an overall flag indicating that errors were detected.
Third, dscheck returns an error code of zero for a successful scan (no errors are found) and an error code of one if any problems are encountered.
Dscheck looks primarily at three data store objects: servers, applications, and groups. For each of these object types, dscheck performs a series of tests on each object instance.
For example, for each server object in the data store, dscheck verifies that there is a corresponding common server object and then further verifies that both objects have matching host IDs and host names.

Examples

To run consistency checks only:
dscheck
To check consistency and fix errors:
dscheck /clean
__________________

DSMAINT

Updated: 2013-02-28
Run dsmaint on farm servers to perform XenApp data store maintenance tasks, including backing up the data store, migrating the data store to a new server, and compacting the XenApp data store or the Streaming Offline database. Not all dsmaint commands apply to all database types.
When using this command, user names and passwords may be case-sensitive, depending on the database and the operating system you are using.

Syntax

dsmaint config [/rade] [/user:username] [/pwd:password] [/dsn:filename]
dsmaint backup destination_path 
dsmaint compactdb [/lhc]
dsmaint migrate [{/srcdsn:dsn1 /srcuser:user1 /srcpwd:pwd1}] [{/dstdsn:dsn2 /dstuser:user2
 /dstpwd:pwd2}]
dsmaint publishsqlds {/user:username /pwd:password}
dsmaint recover
dsmaint recreatelhc
dsmaint recreaterade
dsmaint verifylhc [/autorepair]
dsmaint [/?]

Parameters

destination_path
Local path for the backup data store. Do not use the same path as the original database or a share point.
dsn1
The name of the DSN file for the source data store.
dsn2
The name of the DSN file for the destination data store.
filename
The name of the data store.
password
The password to connect to the data store.
pwd1
The source data store password.
pwd2
The destination data store password.
user1
The source data store user logon.
user2
The destination data store user logon.
username
The name of the user to use when connecting to the data store.

Options

config
Changes configuration parameters used to connect to the data store. Enter the full path to the DSN file in quotation marks. For example,
dsmaint config /user:ABCnetwork\administrator /pwd:Passw0rd101
/dsn:"C:\Program Files (x86)\Citrix\Independent Management Architecture\mf20.dsn"
Stop the Citrix Independent Management Architecture service before using config with the /pwd option.
Caution: Specify a /dsn for dsmaint config or you will change the security context for access to the SQL Server or Oracle database.
/rade
Compacts the offline data store.
/user:username
The user name to connect to a data store.
/pwd:password
The password to connect to a data store.
/dsn:filename
The filename of an IMA data store.
backup
Creates a backup copy of the SQL Server Express deployment data store. Run this command on the XenApp server that hosts the data store. Requires a path to a local folder to which the backup database file is copied. Do not use this parameter to back up SQL Server or Oracle data stores.
Caution: When running dsmaint backup, specifying the same path as the existing data store can damage it irreparably.
compactdb
Compacts the local database file. During database compaction, the database is temporarily unavailable for both reading and writing. The compacting time can vary from a few seconds to a few minutes, depending on the size of the database and the usage.
/lhc
Compacts the local host cache on the server where this parameter is run. Run dsmaint /lhc after your farm has been running for a long period of time as a maintenance task.
migrate
Migrates data from one data store database to another. Run this command on any XenApp server that has a connection to the data store. Use this command to move a data store to another server, rename a data store in the event of a server name change, or migrate the data store to a different type of database (for example, migrate from SQL Server Express to SQL Server).
To migrate the data store to a new server:
  1. Prepare the new database server using the steps you did before running XenApp Setup for the first time.
  2. Create a DSN file for this new database server on the server where you will be running dsmaint migrate.
  3. Run dsmaint migrate on any server with a connection to the data store.
  4. Run dsmaint config on each server in the farm to point it to the new database.
/srcdsn:dsn1
The name of the data store from which to migrate data.
/srcuser:user1
The user name to use to connect to the data store from which the data is migrating.
/srcpwd:pwd1
The password to use to connect to the data store from which the data is migrating.
/dstdsn:dsn2
The name of the data store to which to migrate the data.
/dstuser:user2
The user name that allows you to connect to the data store to which you are migrating the source data store.
/dstpwd:pwd2
The password that allows you to connect to the data store to which you are migrating the source data store.
publishsqlds
Publishes a SQL Server data store for replication. Run publishsqlds only from the server that created the farm. The publication is named MFXPDS.
recover
Restores a SQL Server Express data store to its last known good state. Run this directly on the server while the Citrix Independent Management Architecture service is not running.
recreatelhc
Recreates the local host cache database. Run if prompted after running dsmaint verifylhc. After running dsmaint recreatelhc, restart the IMA Service. When the IMA Service starts, the local host cache is populated with fresh data from the data store.
recreaterade
Recreates the application streaming offline database. Run as a troubleshooting step if the Citrix Independent Management Architecture service stops running and the local host cache is not corrupted.
verifylhc
Verifies the integrity of the local host cache. If the local host cache is corrupt, you are prompted with the option to recreate it. With the verifylhc /autorepair option, the local host cache is automatically recreated if it is found to be corrupted. Alternatively, you can use dsmaint recreatelhc to recreate the local host cache.
/?
Displays the syntax and options for the utility.

Remarks

After using dsmaint, Citrix recommends running dscheck to check the integrity of the data on the XenApp data store.

Security Restrictions

The dsmaint config and dsmaint migrate commands can be run only by a user with the correct user name and password for the database
__________________

ICAPORT

Use icaport to query or change the TCP/IP port number used by the ICA protocol on the server.

Syntax

icaport {/query | /port:nnn | /reset} [/?]

Options

/query
Queries the current setting.
/port:nnn
Changes the TCP/IP port number to nnn.
/reset
Resets the TCP/IP port number to 1494, which is the default.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

The default port number is 1494. The port number must be in the range of 0–65535 and must not conflict with other well-known port numbers.
If you change the port number, restart the server for the new value to take effect. If you change the port number on the server, you must also change it on every Receiver or plug-in that will connect to that server. For instructions for changing the port number on receivers or plug-ins, see the Receiver or plug-in documentation.

Examples

To set the TCP/IP port number to 5000
icaport /port:5000
To reset the port number to 1494
icaport /reset

Security Restrictions

Only Citrix administrators with Windows administrator privileges can run icaport.
__________________

IMAPORT

Use imaport to query or change the IMA port.

Syntax

imaport {/query | /set {IMA:nnn | ds:nnn}* | /reset {IMA | DS | ALL} } [/?]

Options

/query
Queries the current setting.
/set
Sets the designated TCP/IP port to a specified port number.
ima:nnn
Sets the IMA communication port to a specified port number.
ds:nnn
Sets the data store server port to a specified port number.
/reset
Resets the specified TCP/IP port to the default.
ima
Resets the IMA communication port to 2512.
ds
Resets the data store server port to 2512.
all
Resets all of the applicable ports to the defaults.
/?
Displays the syntax for the utility and information about the utility’s options.
__________________

QUERY FARM

Use query to display information about server farms within the network.

Syntax

query farm [server [/addr | /app | /app appname | /load | /ltload]]
query farm [ /tcp ] [ /continue ]
query farm [ /app | /app appname | /disc | /load | /ltload | /lboff | /process]
query farm [/online | /online zonename]
query farm [/offline | /offline zonename]
query farm [/zone | /zone zonename]
query farm [/?]

Parameters

appname
The name of a published application.
server
The name of a server within the farm.
zonename
The name of a zone within the farm.

Options

farm
Displays information about servers within an IMA-based server farm. You can use qfarm as a shortened form of query farm.
server /addr
Displays address data for the specified server.
/app
Displays application names and server load information for all servers within the farm or for a specific server.
/app appname
Displays information for the specified application and server load information for all servers within the farm or for a specific server.
/continue
Do not pause after each page of output.
/disc
Displays disconnected session data for the farm.
/load
Displays server load information for all servers within the farm or for a specific server.
/ltload
Displays server load throttling information for all servers within the farm or for a specific server.
/lboff
Displays the names of the servers removed from load balancing by Health Monitoring & Recovery.
/process
Displays active processes for the farm.
/tcp
Displays TCP/IP data for the farm.
/online
Displays servers online within the farm and all zones. The data collectors are represented by the notation “D.”
/online zonename
Displays servers online within a specified zone. The data collectors are represented by the notation “D.”
/offline
Displays servers offline within the farm and all zones. The data collectors are represented by the notation “D.”
/offline zonename
Displays servers offline within a specified zone. The data collectors are represented by the notation “D.”
/zone
Displays all data collectors in all zones.
/zone zonename
Displays the data collector within a specified zone.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

Query farm returns information for IMA-based servers within a server farm.

Security Restrictions

You must be a Citrix administrator to run query farm .
__________________

QUERY PROCESS

Use query to display information about processes within the network.

Syntax

query process [ * | processid | username | sessionname | /id:nn | programname ]
 [ /server:servername ] [ /system ]
query process [/?]

Parameters

*
Displays all visible processes.
processid
The three- or four-digit ID number of a process running within the farm.
programname
The name of a program within a farm.
servername
The name of a server within the farm.
sessionname
The name of a session, such as ica-tcp#7.
username
The name of a user connected to the farm.

Options

process
Displays information about processes running on the current server.
process *
Displays all visible processes on the current server.
process processid
Displays processes for the specified processid.
process username
Displays processes belonging to the specified user.
process sessionname
Displays processes running under the specified session name.
process /id:nn
Displays information about processes running on the current server by the specified ID number.
process programname
Displays process information associated with the specified program name.
process /server:servername
Displays information about processes running on the specified server. If no server is specified, the information returned is for the current server.
process /system
Displays information about system processes running on the current server.
/?
Displays the syntax for the utility and information about the utility’s options.

Security Restrictions

None.
__________________

QUERY SESSION

Use query to display information about sessions within the network.

Syntax

query session [sessionname | username | sessionid]
query session [/server:servername] [/mode] [/flow] [/connect] [/counter]
query session [/?]

Parameters

servername
The name of a server within the farm.
sessionname
The name of a session, such as “ica-tcp#7”.
sessionid
The two-digit ID number of a session.
username
The name of a user connected to the farm.

Options

session sessionname
Identifies the specified session.
session username
Identifies the session associated with the user name.
session sessionid
Identifies the session associated with the session ID number.
session /server: servername
Identifies the sessions on the specified server.
session /mode
Displays the current line settings.
session /flow
Displays the current flow control settings.
session /connect
Displays the current connection settings.
session /counter
Displays the current Remote Desktop Services counter information.
/?
Displays the syntax for the utility and information about the utility’s options.

Security Restrictions

None.

__________________

QUERY TERMSERVER

Use query to display information about terminal servers within the network.

Syntax

query termserver [servername] [/domain:domain] [/address] [/continue]
query termserver [/?]

Parameters

servername
The name of a server within the farm.
domain
The name of a domain to query.

Options

termserver servername
Identifies a Terminal Server.
/address
Displays network and node addresses.
/continue
Do not pause after each page of output.
/domain: domain
Displays information for the specified domain. Defaults to the current domain if no domain is specified.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

If no parameters are specified, query termserver lists all Terminal Servers within the current domain.

Security Restrictions

None.
__________________

QUERY USER

Use query to display information about users within the network.

Syntax

query user [ username | sessionname | sessionid ] [ /server:servername ]
query user [/?]

Parameters

servername
The name of a server within the farm.
sessionname
The name of a session, such as “ica-tcp#7”.
sessionid
The ID number of a session.
username
The name of a user connected to the farm.

Options

user username
Displays connection information for the specified user name.
user sessionname
Displays connection information for the specified session name.
user sessionid
Displays connection information for the specified session ID.
user /server: servername
Defines the server to be queried. The current server is queried by default.
/?
Displays the syntax for the utility and information about the utility’s options.

Remarks

If no parameters are specified, query user displays all user sessions on the current server. You can use quser as a shortened form of the query user command.

Security Restrictions

None.

Fonte Citrix
 
Pesquisa personalizada