First I found just the article I needed about how to get DHCP information at the command line from the Technet Article "To use DHCP commands interactively at the command prompt" 

My first task was identifying all of the DHCP servers in the organization. Now that could have been easily accomplished from the MMC snap-in, but this is about the Command line. So I used netsh DHCP to accomplish that as well. 

1. Open Command Prompt.
2. Type netsh.
3. At the netsh> command prompt, type dhcp.
4. At the netsh dhcp> command prompt, type show server. This will give you a list of servers within the current Active Directory domain. 

Now depending on what information you need to retrieve you can dive down into each server and then further into each scope to retrieve information. I needed to identify the scopes on each server, where their databases were located, and some general idea of the usage of each scope. And I needed to record this to a text file. So I decided to go into each server and get targeted information from each one.

And I discovered that I could run several commands one after the other in a batch file, or in my case by modifying a text file and pasting into the command line.

Netsh

dhcp

Unfortunately, piping the command out to a text file (>c:\output.txt) didn't work and I didn't have Powershell on the network (Start-Transcript…..). So I ended up listing two or three servers at a time, while using the select all, cut, and paste commands in the CMD.exe window to paste the text into a notepad file.

All in all, a way quicker and cooler way of collecting DHCP information across the organization, than using the GUI.

To install 32-bit drivers on a 64-bit Windows Server 2008 print server is a bit complicated (as I found out). To install the 32 bit drivers, you must do so from a 32-bit client.

1.       From the 32-bit client you will add the printer. You will get a message about the driver not being available on the server and you will be given the chance to install one.

2.       Install the appropriate 32-bit driver.        Note: the 32-bit driver must match the name of the 64-bit (i.e. if the driver installed for the HP LJ 3220 printer on the Printer Server is an HP LJ3200 driver, then the 32-bit driver must also be the HP LJ3200 driver, even if there is a specific 32-bit HP LJ3220 driver. The server and client drivers must be the same!)

3.       Open the printer properties on the client system.

4.       Navigate to the sharing tab.

5.       Add additional Drivers.

6.       Select the appropriate environments and versions (XP, 2000, Windows 98).

7.       Select OK and provide a location for the driver (if necessary).

8.       Viola! The printer drivers will be installed on the server.

When I was setting up a Windows Mobile phone for a client. I encountered the following error when trying to connect to an Exchange 2007 server (Should be the same for Ex2003): Synchronization failed. The security certificate on the server has expired. Check that the date and time on the device is correct and try again. Error Code: 80072f05

Which was really perplexing. The certificates were working for OWA, Outlook Anywhere, and the Autodiscover services, so I dug a little deeper. This particular environment had an ISA server protecting a CAS/Hub server and a MBX server. So the first point of contact was ISA, where all of the certificates are, and where authentication for Active Sync begins.

First, I looked on Google for this specific error message and while I found a lot of stuff that was close, nothing was exactly the solution I needed. But they did help me find the problem. Most of these said that I needed to import the certificate into Windows Mobile and part of the process was opening up the certificate, saving it in a binary format, converting that into a .cab file, and importing it to the phone.

So I opened up an MMC on the ISA server and loaded the Certificates Snap-in for the computer account, local computer. The most obvious culprit was the outward facing cert by Verisign (one of the most trusted issuers on the Net).  One of the articles that I was following said to make note of the certification trail, although I never figured out why, but I am glad it did. That caused me to notice that the Intermediate Cert for the Verisign Cert WAS expired (1 Jan 04). Apparently the other services were perfectly OK with this, but not Active Sync.

 So I went looking for a replacement for the Intermediate cert and sure enough Verisign had an article about just this topic (Why didn't Google find this?? Or why isn't Verisign publishing to Google?? However that circle of events plays out!).

But enough background rambling:

To solve the problem you must find the correct intermediate cert from Verisign (VeriSign Intermediate CA Certificates). Most probably you'll need the Premium SSL Certificate.

Highlight the cert text from Verisign, cut, and paste into a notepad txt file. On the ISA server (or directly on the CAS server if your not using ISA), save the file as, "VerisignIntermediateCert.cer" (enclose it in quotes to prevent notepad from saving it with a .txt extension).

Then from the MMC loaded with the Certificates Snap-in for the computer account, local computer, Open Intermediate Certification Authorities and right click on the Certificates directory.

Choose All Tasks -> import

Browse to the location of the saved .cer file and import it.

Then Delete the Expired Intermediate cert. (Or export a copy and then delete).

For ISA you will have to restart the Microsoft Firewall service (for a CAS you'll restart IIS).

And then your Windows Mobile devices should be able to Sync.

I was presented with a unique challenge here recently to copy one DNS zone to another, Corp.Data.Net to Data.net. Essentially creating a new zone with a different name, but exactly the same entries. No changes necessary just a straight copy.

It was easier than you might think.

First, let me introduce you to my little friend DNSCMD.exe, a command line tool. I used to scoff at command line tools, but there are just some things that are better done with the command line, especially bulk changes.

Ok, so task #1 was to export the old zone Corp.Data.Net. Easy enough using the GUI or dnscmd. 

If you use the GUI save the file to %systemRoot%\System32\DNS with an extension of .dns (I have not tried this so it may not even work, but in theory!!)

If you use dnscmd, then the file is automatically place there. Here is the command:

Usage: DnsCmd <ServerName> /ZoneExport <ZoneName> <ZoneExportFile>

dnscmd                               /zoneexport     corp.data.net     corp.data.dns

Alternately, you can save the file to a sub-directory of %systemRoot%\System32\DNS by adding the directory name and a "\". i.e. For the import  directory:

dnscmd    /zoneexport     corp.data.net     import/corp.alldata.dns

Task #2 was to import that file. Handily the dnscmd handled that as well:

Usage: DnsCmd <ServerName> /ZoneAdd <ZoneName> <ZoneType> [<Options>]......

There was an AD integrated Primary zone type, but it would not let me import a file using that zone type, so I imported the file as a Primary Zone and then used the GUI to change it to AD integrated.

dnscmd    /zoneadd    data.net     /primary      /file data.dns    /load

So Task #3 was to AD integrate the Zone. (if you get it to import directly, let me know!!)

Using the GUI -- Right Click on the zone, go to properties, and on the General Tab, near the top is a Change button beside Type. Click that and check AD Integrated near the bottom.

Using dnscmd --

Usage: DnsCmd <ServerName> /ZoneResetType <ZoneName> <Property> [<Options>]

dnscmd    /zoneresettyp      data.net      /DSPrimary