Upgrading Server 2016 to 2019

Just before the end of February, my workstation's RAID 10 decided that it would be fun if I lost 2 drives on the same mirror.  So thankfully I had my OS on an SSD which was running but I did end up losing all my data but none of it was essential and it is pretty hard to backup 8tb.

So now that I'm more/less starting from scratch I thought it would be a great time to try an in-place upgrade of server 2016 to 2019!  HOW EXCITING!  I do have some software I will running on my C: including SQL server so it will be interesting to see what still works after the upgrade.  Now that I have some new drives and I can now setup a backup solution for some of my dev work!

Following the guide from microsoft.  https://docs.microsoft.com/en-us/windows-server/upgrade/upgrade-2016-to-2019

I saved the info they requested to a network drive and a flash drive.

open the cmd prompt and cd to c:\Windows\system32, and then type systeminfo.exe.

Results from running systeminfo.exe.

Host Name:                 "MY WORKSTATION"
OS Name:                   Microsoft Windows Server 2016 Standard
OS Version:                10.0.14393 N/A Build 14393
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Server
OS Build Type:             Multiprocessor Free
Registered Owner:          Windows User
Registered Organization:
Product ID:                xxxxx-xxxxx-xxxxx-xxxxx
Original Install Date:     2018-06-18, 6:36:57 AM
System Boot Time:          2020-02-26, 9:58:13 AM
System Manufacturer:       COMPUTER INC.
System Model:              WORKSTATION
System Type:               x64-based PC
Processor(s):              2 Processor(s) Installed.
                           [01]:  ~1200 Mhz
                           [02]:  ~1200 Mhz
BIOS Version:              American Megatrends Inc.
Windows Directory:         C:\Windows
System Directory:          C:\Windows\system32
Boot Device:               \Device\HarddiskVolume4
System Locale:             en-ca;English (Canada)
Input Locale:              en-us;English (United States)
Time Zone:                 (UTC-07:00) Mountain Time (US & Canada)
Total Physical Memory:     130,958 MB
Available Physical Memory: 115,100 MB
Virtual Memory: Max Size:  150,414 MB
Virtual Memory: Available: 132,449 MB
Virtual Memory: In Use:    17,965 MB
Page File Location(s):     C:\pagefile.sys
Domain:                    "MY DOMAIN"
Logon Server:              \\LoginServer
Hotfix(s):                 14 Hotfix(s) Installed.
                           [01]: KB3192137
                           [02]: KB4091664
                           [03]: KB4093137
                           [04]: KB4132216
                           [05]: KB4465659
                           [06]: KB4485447
                           [07]: KB4498947
                           [08]: KB4503537
                           [09]: KB4509091
                           [10]: KB4512574
                           [11]: KB4520724
                           [12]: KB4521858
                           [13]: KB4524244
                           [14]: KB4537764

NETWORK INFORMATION Gets listed with all details about your networks connected, such as VLAN Tags, IPs, etc

Hyper-V Requirements:      A hypervisor has been detected. Features required for Hyper-V will not be displayed.

Run and save the information from ipconfig /all

RESULTS FROM IPCONFIG

Windows IP Configuration

   Host Name . . . . . . . . . . . . : "My Workstation"
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Domain1
                                       Domain2

All you networking information gets listed here starting with your default NETWORK and it lists all vlan tags, mac addresses, much as you would expect from the
"ipconfig /all" command.

Record 2 registry key entries.   BuildLabEx (version) and EditionID (edition)

I did a Registry Keys Export for a Backup and a screen shot for reference

I saved the upgrade info to a text file on the flash drive along with a screen shot of the registry and an export of the current version key.

I create upgrade media using rufus, then ran the installer as an administrator

NOTE:  You will need your server key when you upgrade

First it will check for updates, if there are none it will move on

then it will check and see if your ready to install, checking for enough disk space etc.  Here is where you will be asked for your product key

Then you will need to select your version of server in this case I'm picking (Desktop Experience)

Accept the notices and license terms

You will be asked what you want to keep, I'm going to just keep everything as is since I need to redo everything anyway.

Then it will do a check to see if there is any kind of issue in the way of the upgrade.

 Then it will ask you to install windows

I started this process at 2:30 pm and to get to 75% took about an hour and a half so it really does take it's sweet time.  So I would plan for a minimum outage of about 3 hours.  The system seemed to have taken the upgrade just fine however I was unable to connect to the server using RDP and I lost access to some unauthenticated network shares. Though I really should setup some security on this network share it is something I am not able to arbitrarily do at the moment as others require access to this share. 

So to fix this problem; you need to edit a registry entry "AllowInsecureGuestAuth"

located here (you can copy and paste the path into regedit):

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters

The update change the REG_DWORD to 0

AllowInsecureGuestAuth Value after upgrade

You need to change the value to 1 if you want to be able to access unauthenticated shares.

Change the REG_DWORD to 1 to allow access to unauthenticated shares

you can read the reference link below with the details.

https://support.microsoft.com/en-ca/help/4046019/guest-access-in-smb2-disabled-by-default-in-windows-10-and-windows-ser

Microsoft is defaulting on the side of security which I completely applaud them for; however I do have to re-enable unauthenticated access.  

It was also shortly after fixing my network share issue I noticed some issues with most of my virtual networks with most of my networks showing an error.

Most networks no longer work after upgrade.

After trying serveral times to fix the issue with updating drivers, rebooting, system scans, etc I gave up and decided that my in-place upgrade wasn't an in-place upgrade.  So I formatted my OS drive and did a clean install.

After doing a clean install of Server 2019, setting up the dual port nic into a teamed interface I still lost network connectivity after installing the Hyper-V roll.  This happened after I reinstalled another 2 times.  What I didn't realize even looking though forums this issue was hard to find a resolution to.  The only solution that worked for me was to follow this process I found on Microsoft Technet

https://social.technet.microsoft.com/Forums/en-US/5906152c-1f22-449a-b223-15c4a3e5eb36/2019-hyperv-virtual-switch-error?forum=winserverhyperv

1. I had to remove Hyper-V role
2. Restart
3. Run  netcfg -d in a privileged powershell console
4. I made sure I setup all my teamed networks after this
5. Restart 
6. Install Hyper-v role

This was what fixed my network issue in server 2019.  After running the netcfg -d command, and re-installing the hyper-v roll my virtual switches came back without an issue.  This network issue after installing the Hyper-V roll also occurred when I had set up the server on a regular network interface (NOT TEAMED).  This would not be good if I had to keep the virtual machines running but at least I would be able to export them and re-import them.  This is compelling me to try and do a mockup in place upgrade; even though this one went sideways I think I can come up with a process to do it.

SNMP and Network Printing in Windows

SNMP can be pretty useful, it is used for collecting and organizing information about managed devices on IP networks.  It allows you to get information about a device such as a printer.  Why do I bring this up because if you not careful, it can cause your windows printers to appear offline depending on how your printer driver is configured.

Now when we setup printers we don't deviate to far from the defaults if at all.  However because we have a number of printers that are under contract and to automate the submission of the use count we were asked to install a piece of software called FMAUDIT.  Now the setup of the software was really easy but you don't get to control any of the settings until after you've installed the software.  By then it has scanned your network, I would prefer to have it ask me to scan the network while it is install or if I would prefer to add the network later (forewarning to anyone installing the software).  The software uses SNMP to scan the network and add all printers using the SNMP community name "scanme1".  It added all my printers with "scanme1" to it's database, So I decided to change the SNMP of our contract printers to something else lets call it "scanme2".  When I did that the software got the printers and did what it needs to do.  However the Windows printservers suddenly put the printers offline because the driver is using SNMP to talk to the printer.

To view this go to Printer Properties -> Ports -> Configure Ports

Printer Properties Dialog Box

and in the configure ports dialog box you have the option of enabling or disabling SNMP Status and if you have it on but the community name is not correct the printer shows as offline (Which makes total sense).

SNMP Location in the Configure Driver

As you can see below the image is showing that the printer JLL-Toshiba-Copier is offline.

SNMP Community name mismatch causes a printer to show up offline

So you have two options for fixing this issue.

1. Make sure that the SNMP community name in the driver is set to the same as the printer 
2. disable the SNMP status for the windows driver.  

It is pretty useful to have so I just changed the name from SCANME1 to SCANME2, and the printer came back with no problem.  Remember by default windows enables SNMP lookup so do keep that in mind.

Making sure the community name is the same or disabling SNMP in the driver will bring the printer back online.

Renaming an Windows Essentials Server

I have a few servers setup with server essentials because I have some software I wanted to run on Windows server but couldn't use full server and Windows 7 and 10 were not desirable.  I recently needed to change the name on one of these servers but it was a little tricky.  As shown below the server is currently named SIP

The server to be renamed

Unfortunately, when we get the item's properties, the name and domain change is not available. 

Name and Domain change is not available.

 Edit the registry and go to the entry HKLM\System\CurrentControlSet\Services\CertSvc

Edit the registry

 You can export the key if to back it up, I have found it is not necessary.

Export the CertSvc

 Delete the CertSvc registry

Delete the CertSvc registry entry.

Once you remove the key and reboot you will then be able to change the name of the system.

Now able to rename the server

When you change the computer name you will see this warning.  If you are using AD users be careful, It did not affect the server I was using but just be mindful.

Essentials warring on renaming

After you change the name and reboot your computer name will be changed.

Name Change

After changing the name and rebooting the system we can see that our system name is changed and we can still login to the system despite the warning.

System renaming is complete

You can see my full 8 minute video on how to do this on my YouTube page https://youtu.be/DP76WpqlUFo


References
https://winadminnotes.wordpress.com/2015/11/19/renaming-the-windows-server-essentials/

Replacing a failed Cisco Meraki Switch in a Stack

On Jan 6th, one of our the core Meraki switches in the switch stack failed; causing an outage on one of our production hyper-v cluster (because we did not have a redundant network LAGG setup for the storage. It was decided at the time to just have a backup port.) once the port was switched from the dead switch to one of the other working switches the problem was quickly remedied. However now the organization was down a switch and we did need to get it set back up So after trying to reset the switch, and trying anything and everything to bring it back I contacted Meraki support.

To contact meraki support you need your customer number which is located at the bottom of your sign in on the top right of the meraki administration site as shown below.

Meraki Administration Console 

After calling support and jumping through the hoops (turning on/off again, etc) they sent out a new switch. After receiving the switch I put it in placed and replaced it using documentation from https://documentation.meraki.com/MS/Stacking/Switch_Stacks

***NOTE THIS IS PRETTY MUCH VERBATIM

 FROM THE MERAKI SITE WITH SOME NOTES ADDED***

Replacing a Stack Member

The following steps will clone the original stack member and remove it from the stack:

• Power off the stack member to be replaced.



Claim the replacement Meraki device

• Claim the new/replacement switch in the inventory. Navigate to Organization > Inventory
• Enter the serial number of the new switch. If replacing multiple members, list all serials
• Click the Claim button

Connect the new switch to the network; the network should have access to the internet for the switch registration.

Once claimed our licence gave an error message, as we were Overprovisioned on our licencing, which is ok so long as you don't leave it to long. I connected the device via port 1 on one of the other switches which allowed the switch to connect to the Meraki Cloud.

I then cloned the switch using the stack clone and replace member

Cloning The Dead Switch

Now we have a fairly simple network setup and I don't recall needing to bind any profiles meraki has listed in the switch stacks documentation it was pretty much clone dead switch settings to new switch.  Once that was done I rebooted the switch and it came back online; I then connected the stack cables which caused a network outage. I then decided to wait as I was unsure why that had occurred, the switch still had access to the meraki cloud via port 1 and when setting up the stack originally, having the stack cables plugged in didn't cause an issue.  So I shut off the replacement switch to work on it later that night.

I came back at 11:30 pm that night plugged in the stack cables and turned the switch on and it went into the stack with no problem.   I removed the old dead switch from the meraki cloud which fixed the licensing notice we were getting.  I then added 2 new laggs to the x240 switches for the 10GIG link for the Hyper-V iscsi storage. So now they are LACP lagged into stacked switches for additional failover protection; just now on 10Gig instead of 1Gig.

Dealing with Meraki

Dealing with Meraki to get the switch replaced was actually a pretty good experience and would not hesitate recommending Meraki to any organization that can afford to use them.  They mailed the new switch out to us right away and worked with us and our timeline to get the switch put into place and the dead switch sent back.  Replacing the switch was fairly simple and they had pretty good instructions despite the minor issues I experienced.

References

https://documentation.meraki.com/MS/Stacking/Switch_Stacks

https://optionkey.blogspot.com/2018/07/configuring-high-availability-for.html

Setting up a point of sale (POS) system for a Horizon library

Back in September/October 2019 I was tasked with finding a solution for a point of sale system to replace and old cash register system.  The cash register system we were using couldn't be purchased any longer with the features we currently had in place and required.  It was a simple cash register it had generalized logins for staff via id number, it did not tie into any point of sale system (Chase, Moneris, etc).  So we decided to look at a number of Point Of Sale Systems, 

The current system had the following requirements.

• The cash drawer needed to work from 2 workstations
• It had to auto logout after each transaction
• It had to have individualized generalized logins (ie. id number) for transactions
• It had to not open the cash drawer printing out of the ILS (Horizon)
• It had to have remote reporting and administration
• It had to have an export for specific reporting that is required by our accounting system
• It had to be expandable to two locations (just one to start)
• It had to be easy to use and manage
• NOT BREAK THE BUDGET (approx $100/month for 2 locations and 20 staff)
• Make reconciling the payments easier

After setting up and trying of several point of sale systems some open source and several paid systems the one we settled on was VEND.  

VEND Point of Sales System

VEND is a small business Point of Sale system that we can use for what we require.

Vend's Features:

• Sell on any platform (a chromium based browser is really the only requirement)
• Customer Tracking (for repeat purchases and profiles)
• Built in Inventory
• Ecommerce and marketing
• web based staff / user management
• web based reporting
• programming api
• Quick Keys / Custom Buttons
• Product and Customer Search
• Line Item and Sale Notes
• Discounts
• Custom Receipts
• Customization payment layout such as (Visa, Mastercard or combined Credit button)
• Split Payments
• Excel exportable reports with all listed line items and notes.

I asked the customer services supervisor Jordan Moss to make sure it did all the features her department required.  After the initial setup, Jordan was able to setup the point of sale systems, verify the reporting and user management information was just what they required.  She setup all the different payment types for both locations allowing me to further investigate how to setup the systems with the payment system and receipt printer.    The feature we were only interested in was the sales and reporting.  Vend got all these check boxes for us and now I could focus on the technical process and work out the issues with the desired setup.

Payment Terminal

For the most part my research into this showed that you should setup a point of sale from a single unit (machine) that has a sales terminal and debit/credit machine tied to that individual device (called semi-integrated mode).  Typically you would setup a payment system in semi-integrated mode, which is a checkout method used by retailers which integrates payment processing and POS software in a secure & streamlined network configuration. Semi-Integration allows retailers to accept Chip/EMV credit card and debit card payments, as well account for inventory changes, returns, voided transactions and other payment functions.  Vend supports 2 chase point of sale terminals in Canada for semi-integrated mode, but they are not universally compatible.  So if you want to use iOS from Apple you need to go with the Chase iCT250.  If you want to go with a wired Windows system you need to go with the Moneris Desk 5000.  We had got the Chase iCT250 (wired) but it was assumed we were going to be using an iPad for a sales terminal; so it would not semi-integrate with VEND on windows.  

Chase Payment Terminal

This turned out to be a good thing as for the Semi-integrated mode to work you have to tie the debit machine to a single pay station therefore eliminating the ability of using the second machine with the one debit terminal.  So we are not working with the payment system in semi-integrated mode.  It was decided to keep the Chase system because if we did want to setup a stand alone payment terminal because of the space requirements a 9.7" ipad might be the best choice and since we could not utilize semi-integrated mode anyways because it can't be used with more then one point of sale system as shown above.

Since we wanted to use 2 workstations that would double as point of sale stations using one receipt printer and one payment terminal; I started using my imagination and was looking at some documentation for networked Epson receipt printers and I came across this.  It gave me an idea for how to handle this point of sale setup.

Epson TM88-IV Lan Diagram

This diagram came from an Epson TM-T88IV manual and I drew inspiration to try setup the point of sale between two workstations.  The system is simple, setup the default Windows printer to be the default printer to be used with VEND.  This will allow the cash drawer to open when VEND is logged in and in use.  There is no changing the printer when you go to print, everything on the system is setup to work as a point of sale system.  This identically done on both systems that will be using the POS software.  Since the same slip printer would be required to print off sips from the ILS (See my post about setting up slip printing in horizon).  

Setting up the cash drawer was pretty easy with the networked receipt printer.  The
cash drawer we selected was the CBM 2000 Universal 24V cash drawer.  The cash drawer connected with the RJ12 to the TM88-V DK port and worked flawlessly though the driver.




After you install the printer driver it is located in Printer Preferences as shown below.

Epson TM88-V cash drawer settings

Even after getting the printer setup and installed; the setup with the Horizon ILS created a couple of issues that had to be resolved to get the system setup with the requirements we started with.

Issues to resolve

• Stop cash drawer opening when horizon prints a slip (receipt)
• Setting up the receipt printer to stop wasting paper on the receipts

The first issue was easy to resolve, since this was a network based 80mm printer, I created 2 printers on the client, one opens the cash drawer at the end of the document as shown above the other does not.  Both printers must be installed on both clients, with the Horizon Slip Printer being setup for use specifically for the ILS slip/receipt printing and the other Epson TM88-V is setup as the default printer for VEND and takes care of opening the cash drawer for the VEND point of sale system as shown below.

Horizon ILS Slip Printer Settings

Windows IP Printers for receipt printing

By default both the Epson TM88-V and the Horizon Slip Printer would print the full 297mm length by default regardless of how big the receipt was being printed.  To stop that from happening I setup a new paper size of 80mm wide by 58mm high.  I set this paper size to be the default for both printers as they were printing the full 297mm.  To make this change you use the Epson TM88-V utilities that are installed with the driver.  Once you make these changes, you can add other printers etc, but I've experienced issues where if you go to print to another printer, the printer prints to the size of the 80mm receipt on a letter size piece of paper unless you select printer properties and re-select letter.  

A caveat with this setup according to VEND is that we could encounter out of order or duplicate numbering with our payment processing; though this has not come about in testing, the main thing I had noticed was the browser not recognizing that the system had been closed and needed to be re-opened.  Deleting the browsers cookies or re-syncing VEND's local data with the browser seems to resolve this issue.

Overall the staff and managers quite like the setup; and think it is easy for them to use and manage.  It hasn't quite been a month that they have been using it but I have my fingers crossed!

Setting up and configuring an Epson T88V with an Ethernet adapter

Setting up and configuring an Epson T88V with an Ethernet adapter

Installing an Epson UB-E04 Print server on a TM V is relatively easy.  It is about a 15 minute process but you have to change the DSW2 Switch on port 8 from off to on.  The reason for the upgrade had to do with setting up a remote office that had to have a non-dedicated POS system.  Typically you would have a dedicated POS system whether it is an iPad, PC or other sort of system.  You can read my follow up post on the reasons and rationale for this system setup.  The TMV that I was working with had a built in RS-232 card and I replaced it with a UB-E04 print server I kept from a dead restick TMIV.  This post applies for the Epson TM-III, TM-IV, and TM-V

Step 1 - Remove the RS-232 port and install the UB-E04 Print Server

Step 2 - Open up and Flip the Dip Switch in DSW2 from off to on.

Once you do that you should be able to see the printer on the network, if you don't then you have a mi-configuration on your DSW switches.

Below are two excellent and more detailed posts for installing Epson print servers, if you require more detailed information.

https://www.beaglehardware.com/howtoethernet.html
https://smstiming.zendesk.com/hc/en-us/articles/115001038548-How-to-install-and-configure-Epson-Printer-for-Ethernet-communication