Tuesday, February 22, 2011

CertLog Consuming Large Amounts of Disk Space


Yesterday we had an issue where our certificate server stopped responding. The OS was responsive, however the CA stopped servicing requests and there were a fair amount of errors in the Application log that were similar to this one:
When we looked in the directory we found files that looked like this:
People that are familiar with Exchange recognize that ESENT is a Jet database. The log files and the edb.log and edb.chk files also look really familiar. The problem was that we had 7Gb of log files filling up this drive and the certificate services couldn’t write  the log files due to a lack of free space. Doing a simple search showed a fair amount of results explaining how to stop the services and delete the log files, however this didn’t seem like the correct course of action since this is a database. There is no way I would just delete the log files for my Exchange server so why would I do it for my certificate server? I would backup my Exchange server and that would truncate all my log files.


Another search on “Backup certutil” sent me to TechNet and the article explaining how to backup my certificate authority. The command “certutil –p P@ssw0rd –backup D:\CertBackup” performs a full backup of the database and truncates the log files, thus returning all the used drive space. This creates the directory “CertBackup” on the D drive if it doesn’t exist and populates it with a certificate file “ServerName.p12” and another directory called DataBase with the actual edb file and a dat file.
After the backup completes all the log files will be truncated and the services, if stopped, can be restarted. We will be running this periodically to make sure we don’t have this problem again. One issue with the scripted approach is that it will not overwrite the previous backup so you must delete or rename the previous one or create a new path for each backup which isn’t hard if you are a Scripting Guy.

Wednesday, February 16, 2011

Get MAC Addresses through PowerShell

$Servers = Import-Csv c:\Temp\servers.csv

foreach ($Server in $Servers) {
    $NetAdapter = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -ComputerName $Server.Name -Filter "IpEnabled = TRUE" 
    foreach ($Adapter in $NetAdapter) {
        $Name = $Server.Name
        $MAC = $Adapter.MacAddress
        Write-Host "$Name - $MAC"

We needed to get the MAC addresses for the network team and I didn’t have a script for it in my library. We already had the list of servers we need, so I used that to query WMI and return the MAC on the adapters that would be connected to the network.

Thursday, February 3, 2011

Protect Organizational Units from Deletion

While this is a real simple script it could save you from a lot of problems later. Have you (or any of your users) accidently right-clicked on a folder and moved it somewhere and you just can’t find it afterwards? Image that happing to your AD because an administrator made a mistake moving the mouse. Even worse when you did it yourself and you notice half a second too late.

In Windows 2008 R2 it defaults to being protected, however if the OU needed to be moved or was upgraded the flag may not be set.

This simply searches all your OU in Active Directory and if the ‘ProtectedFromAccidentalDeletion’ flag is not set to TRUE it sets it, it doesn’t matter how deeply buried.

Import-Module ActiveDirectory

$OU = Get-ADOrganizationalUnit -Filter {Name -like "*"} -property ProtectedFromAccidentalDeletion | Where-Object {$_.ProtectedFromAccidentalDeletion -eq $False} 

foreach ($UNIT in $OU) {

Set-ADOrganizationalUnit $UNIT -ProtectedFromAccidentalDeletion $true 


Hope this saves at least one person a late evening of stress and heartache!