Monday, 16 March 2015

Re-Arm Remote Desktop Session Host

Scenario:  You have enabled remote desktop session host (also known as remote desktop terminal services mode) in trial mode on a Windows 2012 or Windows 2012R2 server some time ago and now you are receiving the error:

"The remote session was disconnected because there are no Remote Desktop Licence Servers available to provide a licence. Please contact the server administrator"

You may also notice Event ID: 1128 Source: TerminalServices-RemoteConnectionManager being logged in your system event log.

Cause: You are outside of your 120 day remote desktop session host evaluation period and / or the service has not been configured to register with a license server to install licenses.  A remote desktop licensing server is required for continuous normal operation.

Resolution 1: Install a remote desktop licensing server with the appropriate number of remote desktop session host licences and register your session host server with this.

Resolution 2: re-arm your remote desktop session host evaluation to allow for another 120 days evaluation time. Here is how:
  1. Logon to your remote desktop session host server, open up regedit and navigate to

  2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod

  3. Right click GracePeriod key and select Permissions.  Grant Administrators full control as shown below: 

  4. Delete the L$RTMTIMEBOMB value leaving only the (default) value

  5. Reboot your remote desktop session host server

  6. Job done. You should have another 120 days evaluation time 
I understand that this resolution also works for Windows 2008, Windows 2008R2  As well as Windows 2012 and Windows 2012R2.

- Chris

Monday, 24 March 2014

Fix Boot/BCD 0xc000000f Error

File this one under a post for another day / ah yes, I've seen that before, cant remember how I fixed it however.....
File: \Boot\BCD
Status: 0xc000000f
Info: an error occurred while attempting to read the boot configuration data
Here is how to fix:

Step 0 - Getting to the Recovery Console

1. Insert Windows DVD* and after selecting language and keyboard, select "Repair your computer"
2. Wait for system recovery to run and fail
3. Click "No" to apply any changes
4. Cick "Next" to look for a recovery image
5. Click "Cancel" on the cannot find system image dialogue
6. Click "Cancel" to exit system image dialogue
7. Click Command Prompt

Step 1 - Ensure your system partition is marked as active

As a reminder - this is a typed command
And this is a comment.

1. Boot into the recovery console as per step 0
2. diskpart
3. select disk 0
4. list partition
5. Select the first primary partition. In the screenshot below, the partition to select is partition 2, so select partition 2:

6. detail partition
7. Ensure that the partition is marked as Active: Yes

8. If not, then active to set the partition active
9. exit to exit diskpart
10. exit to exit recovery console 
11. Restart to reboot. 
12. Boot and follow step 0 to enter the recovery console again

Step 2 - Repair Master Boot Record and Repair Boot Sector 

1. Boot back into the recovery console, as per step 0, run the following commands
2. bootrec /fixmbr
3. bootrec /fixboot

Step 3 - Rebuild Boot files

You need to know where your Windows folder is mounted within the recovery console. Sometimes it is at C:\Windows, sometimes D:\Windows, sometimes somewhere else. If you have no idea, use the following to get you a list of drive letters currently in use:

1. diskpart
2. select disk 0
3. list volume

Then it's just a matter of looking for Windows directories on each of those volumes.

So to rebuild the boot files:

bcdboot C:\Windows /s C:

Reboot and you should be done.

*If you can't find your Windows DVD, have a look

Here for Windows 7 DVDs (Release versions)
Here for Windows 2008R2 DVD (Evaluation version)
Here for Windows 8.x DVD (Evaluation version)
Here for Windows 2012 DVD (Evaluation version)

- Chris

Friday, 21 March 2014

LDWin v2.0 Released

Quick post to let you know that yes, I'm still alive and I've just released version 2.0 of my popular link discovery tool for Windows, LDWin.

What is LDWin?
LDWin is Network Link Discovery for Windows

What is Link Discovery?
Link discovery is the process of ascertaining information from directly connected networking devices, such as network switches. Consider this for a moment:

Picture: Adam Selwood via Flickr

Do you know where those network cables go?

This is where LDWin comes in!

Find out more on and download your copy of LDWin from LDWin's Github Page

- Chris

Sunday, 8 September 2013

Screaming Woods Pluckley

So what do you and 10 other people do in the woods at night??  No, not that... Ghost hunting of course!

Where better to find some ghosts? Why, Pluckley; often referred to (and listed in 1998 Guinness Book of World Records) as Britain's most haunted village. Why? because Pluckley boasts the following strange goings on and haunted places in and around the village:
  • Phantom Coach & Horses - various locations
  • The Colonel - Park Wood
  • The Highwayman - Pinnock Crossroads
  • The Miller - Site of Old Mill
  • The Monk - Greystones
  • The Red Lady - St Nicholas Church
  • The Schoolmaster - Dicky Buss Lane
  • The Screaming Man - Pluckley Brickworks
  • The Tudor Lady - Rose Court
  • The Watercress Woman - Pinnock Stream
  • The White Lady - St Nicholas Church and Surrenden Manor
  • The Black Horse - The Street
  • The Dering Arms - Station Road
  • The Blacksmith's Arms - Pluckley Thorne
  • The Screaming Woods - Dering Woods & Frith Wood
  • The Devil's Bush - Frith Corner
Don't just take my word for it, see:
Tonights excursion; Screaming (Dering) Woods, an area supposedly haunted by many who have become lost in deep in the woods. You can supposedly still hear their screams from inside the woods at night. An excursion run by

View Larger Map

So fortified with a top slap up meal at the Black Horse (highly recommended) and armed with camera off we went to see what we could see.  Here is what we captured:

As you can see, a nice selection of orbs and a nice bit of mist in IMG_0650 (second row, fourth picture from the left) the only mistly picture in the entire set!

Steve our guide from bought with him a an array of ghost meters, EMF meters and a spirit box (a backwards RF scanner) which kept us all entertained and enthralled with the evenings investigation.  We also completed a vigil where we were contacted by Michael, the spirit of a motorcyclist who died in an accident close to screaming woods.

Am I a believer? Well, no not quite yet, although I would like to hope and believe there is something to look forward to after you pop your clogs...

So all in all, a thoroughly enjoyable and highly recommended evening with
Looking forward to going on another event soon.  Some of these locations look fantastic!

In the meantime, keep watching and GhostHuntEvents Youtube Channel

- Chris

Thursday, 1 August 2013

VM Snapshot Discovery and Attribution

The Golden Snapshot Rule:

What are VMware VM Snapshots?

Normal VM operation involves the virtual machine (VM) reading and writing to it's virtual disk (VMDK) file:
Upon the creation of a snapshot, the VM's virtual disk (VMDK) file is marked as read only. All changes are written to a snapshot log file, also known as a 'delta' file:

So What is the Problem Here?

The problem is that these snapshot delta files left unchecked can grow and grow and grow, consuming more and more storage space.

Surely VMware Have Some Guidelines Around VM Snapshots?

They do, and they are here:‎

Lets pick up on some salient points here as it's worth repeating this as often as possible:
  • Snapshots are not backups (Sound familiar?) 
  • A snapshot file is only a change log of the original virtual disk
  • Snapshots are not complete copies of the original vmdk disk files
  • Use no single snapshot for more than 24-72 hours
  • Regularly monitor systems configured for backups to ensure that no snapshots remain active for extensive periods of time
  • An excessive number of delta files in a chain (caused by an excessive number of snapshots) or large delta files may cause decreased virtual machine and host performance
  • If hosts and/or vCenter Server are prior to vSphere 5.0 confirm that there are no snapshots present (via command line) before a Storage vMotion
  • Confirm that there are no snapshots present (via command line) before increasing the size of any virtual machine virtual disk or virtual RDM. If snapshots are present, delete them prior to increasing the size of the disk. Increasing the size of a disk with snapshots present can lead to corruption of snapshots and a potential data loss

Got it. So How do I quickly and Simply Test for VM Snapshots?

Simple. This is where Chris' VM Snapshot Discovery and Attribution Tool comes in.

Here is a screenshot of the tool in action:

So what do we have here?

Well, you can quite easily see that both the VM's SPONGEBOB and GARY have active snapshots. You can also see the details around these snapshots; their names, their descriptions and their sizes in GB.

What is super cool is we can also see who created them.  In the screenshot the snapshot creator is CHLABS\Chris (me!). OK, cool, but think about it for a moment.  If this was a production situation, it's more than possible that you will have multiple vSphere administrators.  Any one of these administrators can create snapshots.

Say for example I found that CHLABS\Fred.Bloggs was working on a some VMs, created several snapshots and had completed his changes.  Perhaps Fred did not know or understand The Golden Snapshot Rule.

With this newly discovered information now in hand, we can contact Fred, find out if he still needs those snapshots and perhaps educate him to the Golden Snapshot Rule.

Perhaps Fred forgot about the snapshots.......

Ah, the Forgotten Snapshot!

Don't joke.... it happens.

Where can I get a Copy of Chris' VM Snapshot Discovery and Attribution Tool?

Simple. Grab your copy here:

So I Have VMs With Snapshots. What To Do?

Here are your options:

Snapshot Operation

Take The current state of the virtual machine and its guest operating system is captured.
Revert The state of the virtual machine and its guest operating system reverts back to what it was when a snapshot was taken. If there are multiple snapshots, the snapshot taken immediately prior to the current state is used.

Warning: All current data is permanently lost.
Delete The state of the virtual machine is changed to the current state (that is, changes made after taking the snapshot are saved to the base disk). In earlier versions of some products the menu option is named Remove.
Delete (Snapshot Manager) The state of the virtual machine is changed to the current state (that is, changes made after taking the snapshot are saved to the base disk). The snapshot chosen to be deleted is available for selection in a graphical display that shows all existing snapshots. This is available only in products that support multiple snapshots.
Go To (Snapshot Manager) The state of the virtual machine and its current guest operating system switches to the state of that of an arbitrarily chosen snapshot. The snapshot chosen to switch to is available for selection in a graphical display that shows all existing snapshots. This is available only in products that support multiple snapshots.

May I recommend the Delete option?
Sure it doesn't feel right to click "Delete" to carry on as normal with the VM, but it is the correct option!

What Can I Do Longer Term to Prevent Forgotten Snapshots?

Have a look at
This VMware KB article shows you how to configure VMware vCenter Server to send alerts when virtual machines are running from snapshots.

Conclusion & Troubleshooting

You now know all about VM snapshots, how to test for them, how to find out who created them, and how to delete them.

If you need to troubleshoot any issues with VM snapshots, have a look at the bottom of‎. There are plenty of resources to look at.

- Chris

Wednesday, 3 July 2013

UCS Blade Discovery Failed

A simple job then; lift and shift some Cisco UCS blades from a legacy site to into the Datacentre to help with capacity for consolidation in the Datacentre.

Unfortunately a simple job turned into a bit of a nightmare with the destination UCS deciding not to play nicely with the recycled blades.

Don't get me wrong here folks, Cisco Unified Computing System is a cool piece of kit that is challenging the way we look at hardware nowadays.  It is however not without it's foibles of which this is just one.

Thanks go to @brettchannon and the guys from @VCE for helping with the solution to this issue.


When you install a Cisco UCS blade that is has 1.x firmware installed into a chassis that is running a 2.x firmware, the following error can be seen:
(Click image for larger view)
Code: F1000034
Cause: fsm-failed
Description: [FSM:FAILED] Blade Discovery (FSM:sam:dme:ComputeBladeDiscover)

A re-acknowledge, power cycle, reseat will not allow the blade to be properly discovered.  Any firmware upgrades (other than a CIMC firmware upgrade) will remain in a "Scheduled" status.


USB Legacy mode is set to disabled within the BIOS settings.


Complete the following resolution on each blade affected:

1.  Open the KVM console of the affected blade (Equipment Tab > Chassis > Chassis containing affected blade > Servers > Affected Server > KVM Console):

2. Hit Reset and OK the following warning:

3. Choose Power Cycle and OK the following dialogue:

4.  Hit F2 when prompted to enter the blade's BIOS setup:

5. Once in the BIOS setup hit right arrow key to get to Advanced and down arrow to USB Configuration.

6.  Hit return to open USB configuration and hit down arrow and return to open Legacy USB Support option:

7. Set Legacy USB Support to Enabled:

8. Hit Esc and right arrow to select Exit tab and hit return to Save Changes and Exit:

9.  Close the KVM console and allow UCS to rediscover server. If you cannot wait, select Recover Server > Re-acknowledge > OK to force the UCS to rediscover the blade.


I would love to know more about this error and how the USB mode setting within a blade can cause UCS to give up on a that blade altogether.  

Seems like a crazy simple fix to what - on the face of it - seems a pretty catastrophic error message. All in all we had this issue on 12+ blades and the USB legacy mode fix work on all of them.

Godda love UCS.....!

- Chris

Monday, 17 June 2013

VMware Component Integration & Interoperability

You may have noticed VMware have been busy growing their portfolio of products.

Previously it was simple to understand VMware's software components; you effectively had just the two products to understand:

ESX (replaced by ESXi in later versions) - VMware's Hypervisor - software that hosts and runs your virtual machines

VirtualCenter (renamed vCenter in later versions) - a management application that allows you to manage all of your ESX/ESXi host servers as a single entity, be that as a collection of stand alone host servers or a fault tolerant cluster of ESX/ESXi hosts.

Collectively ESXi and vCenter became known as vSphere.

Fast forward to 2013, and here you have it, VMware software components offerings today.  Also shown is how these components operate together:
VMware Component Integration and Interoperability Today (Click image for larger copy)
So what are all these products and what do they do?  Follows is simple one liner list detailing at a very high level what each VMware component brings to the table.  Click the application names to find out more.

.....oh and I promise to to use the fluffy word (cloud) as little as possible....

vSphere - As discussed, your ESXi and vCenter instances.

vCNS Manager - Used to manage your software defined networking and security solutions (including virtual firewall, VPN, load balancing and VXLAN implementations).

vCloud Director - Used to create multiple virtual datacenters using multiple separate vSphere instances.

vCenter Orchestrator - Used to automate workflows (including virtual infrastructure provisioning) either within or outside of your virtual environment.

vCenter Operations Manager - Used to proactively manage, monitor and drive efficiency into your vSphere and / or vCloud infrastructure.

vCenter Configuration Manager - Used to ensure configuration and compliance management of both your virtual and physical infrastructure.

vCenter Infrastructure Navigator - Used to discover application services, visualize relationships and map dependencies of applications on your virtual infrastructure

vCenter Chargeback Manager - Used to track and provide costings of virtual solutions hosted on shared physical infrastructure.

AMQP (Rabbit MQ) - Used to provide message queueing and handling allowing your virtual infrastructure to interface with a wide range of other software products.

vFabric Application Director - Used to deploy applications in a repeatable, supportable and standards compliant manner within your virtual infrastructure.

vCloud Automation Center - Used to rapidly deploy services (potentially consisting of several individual applications). Also provides client self service portal to allow clients to deploy services on their own.

vCloud Connector - Used to connect your vCloud Director managed virtual datacenters together for  datacenter extension, content sync, unified management and / or datacenter migration.

Site Recovery Manager - Used for automated disaster recovery of your virtual infrastructure.

ISV Backup Application - Independent Software Vendor backup application, typically leveraging vSphere Data Protection (VDP)

So there you have it, and now you know what each application is and what it can be used for in your virtual datacenter, private and/or public clouds.  Just think about it for a moment:

Your VMware admin just became your most valuable asset. 

Why?  Here's why. With the above, your VMware administrator can:

  1. Deploy configure and create fully resilient hardware using Cisco UCS 
  2. Create your new virtual infrastructure using vSphere
  3. Connect your virtual infrastructure using Cisco Nexus 1000v switching
  4. Create your new virtual datacenter using vCloud Director
  5. Firewall and gateway your virtual infrastructure and datacenter using VCNS Manager
  6. Create separate client use and management access VPNs using VCNS Manager
  7. Rapidly deploy industry supportable applications and virtual machines into your virtual infrastructure and datacenter using vFabric Application Director and verify the deployment using vCenter Configuration Manager
  8. Rapidly deploy industry supportable services (consisting of multiple applications based on multiple virtual machines) into your virtual infrastructure and datacenter using vCloud Automation Center and verify the deployment using vCenter Configuration Manager
  9. Orchestrate repeatable maintenance / deployment / day to day operations using vCenter Orchestrator
  10. Monitor, proactively manage and drive efficiency in your virtual infrastructure and datacenter using vCenter Operations Manager
  11. Map dependencies between and mitigate 'pinch points' in your virtual infrastructure and datacenter using vCenter Infrastructure Navigator
  12. Configure vCloud Automation Center to allow your trusted clients to create their own infrastructure
  13. Connect, deploy and migrate to other virtual infrastructure and datacenters using vCloud Connector
  14. Provide automated billing information to your clients using vCenter Chargeback Manager
  15. Ensure rapid Disaster Recovery planning and execution using Site Recovery Manager and vSphere Data Protection

Plus if there is enough time, it's just possible your VMware administrator could sweep the datacenter floor too... if there is enough time.... ....virtually of course....

- Chris

Monday, 18 March 2013

LDWin: Link Discovery for Windows

 Brand New!!!

So you regularly use and enjoy using my WinCDP program.  You wish it could also discover link information for devices connected to devices that support Link Layer Discovery Protocol (LLDP) as well as Cisco Discovery Protocol (CDP)?

Well dear reader, you are in luck!

Hot off of the coding press is LDWin: Link Discovery for Windows:

LDWin supports the following methods of link discovery:
  • CDP - Cisco Discovery Protocol
  • LLDP- Link Layer Discovery Protocol
So what are you waiting for?

Check out LDWin's Github page for further information and full ReadMe.

- Chris

Friday, 22 February 2013

Cisco UCS: What The?

A quick non-too-technical post detailing the Cisco Unified Computing System (UCS) and how it works.  No, I'm not affiliated with Cisco, I just work on UCS a lot! 

What is a UCS?

Ok, well that's simple.  It's a blade server system comprising of the following components:

The power of the UCS is that it uses service profiles.

What is a Service Profile?

OK,well that's simple enough too.  A service profile tells the UCS that a particular blade has a particular configuration.  Here is an example service profile:

As you can see, in my service profile above I have a server with two fibre cards (vHBAs) and two network cards (vNICs).

The USP (Unique Selling Point) of the UCS is that these service profiles are MOBILE
Yes, the service profiles can be moved from blade to blade.

Think about it.  MYSERVER1 uses UCS chassis 1, blade 1.  UCS chassis 1, blade 1 suffers a hardware issue and dies a death.

No problem.  I can move and apply the service profile for MYSERVER1 to another physical blade (say UCS chassis 3, blade 2), boot it up and away we go, we are back in business - service resumed no screaming users.  I can then get the faulty blade's hardware fixed in slow time.

How is This Possible?

If you look again at my service profile screen shot above again, you will see that the NICs and HBA's are all prefixed with ' v '.

This means that they are virtual.

Virtual Hardware (have you lost it Chris)?

Not quite.  Bear with me.

Each UCS blade is fitted with a Virtual Interface card.  One of these:
The power of this card is that it can be configured through software to present physical hardware to the blade.  In my case, two fibre cards (vHBAs) and two network cards (vNICs). Clever a?

Mobile Ports

So looking deeper into the service profile for MYSERVER1, you will see that the Service Profile also includes the physical addressing of the vHBAs, their WWPNs (World Wide Port Names) and vNICs, their MAC Addresses (Media Access Control Addresses):


Also included in the Service Profile is MYSERVER1's UUID (Universally Unique Identifier):

Tying it All Together

So to recap, the WWPNs, MACs and UUID of MYSERVER1 are all held in a software (aka service) profile that is used to configure the hardware.

So assuming all my blades have the correct amounts of CPU and memory, I can then apply that service profile to any physical blade I like.


From the comfort of my armchair in Cassa-Del-Chris, I have fixed a hardware issue and I have saved the day.

Boot Note

What about the local disks installed in MYSERVER1? Looking at this picture of a Cisco UCS blade it has local disks installed:
Yes, it does.

If you move your service profile to another blade, don't you have to also physically move the local disks too?

Yes you do. And that means a trip to the datacentre just to move two disks, and an extended outage as far as the users are concerned. NOT GOOD!!!

Back to MYSERVER1 and the simple answer is that I'm not using the local disks. I have no local disks installed in any of my blades.

MYSERVER1 boots via it's vHBA cards direct from the SAN (Storage Area Network). Therefore to recover service to the users, I don't need to visit the data centre to swap any physical hardware.

No need to move from my armchair in Cassa-Del-Chris.  Another Beer anyone?

- Chris

Older Posts