Tuesday, September 29, 2015

Outlook: Reasons Why Recall Message May Fail

When will Recall actually work

Recall Success or Failure? buttonThere are several conditions which must be met for the Recall feature to work:

  • The first condition for Recall to work is that you must be using an Exchange account and the recipient must be within that same Exchange organization as well. In other words; When you are using a POP3, IMAP or Outlook.com account or when the recipient is located on the Internet, you are out of luck already.
  • The recipient must also be using Outlook to read his/her emails. When a message is being read via Outlook Web App (OWA) or via EAS on a smartphone or tablet, the recall will not work.
  • The recipient must have an active connection with Exchange. When Cached Exchange Mode is enabled and the recipient is working off-line, the recall process will fail.
  • The original message must arrive in the Inbox folder of the recipient. When it got moved via a rule, recalling the message is not possible.
  • The original message must still be unread and the recipient must open the Recall message before the original message.
Remedy:

Delay all message for few minutes

If you want all your messages to hang in your Outbox for a certain amount of time because something else always comes to mind when pressing the send button (how you can rephrase something, adding another attachment, etc…) you can create a rule that can defer sending of all your messages from 1 minute to 5 minutes..

Outlook 2010/2013 NK2 import not saving

I copied the .nk2 file from my old computer. However, the nickname auto complete features did not work after I reopen the Outlook.

I just got this to work, by typing this command from the Start button >> search bar.

outlook.exe /CleanAutoCompleteCache

Then, I renamed the .NK2.old file back to .NK2, and reimported it by opening Outlook with this command:

outlook.exe /importnk2

This time the nickname cache stayed put.

Hope this helps...

Unable to start service MSSQLSERVER on server (mscorlib)

screenshot



  • Run services.msc
  • Find the MSSQLSERVER Service.
  • Right click and open properties
  • Check what service account it is running under (usually NT AUTHORITY\SYSTEM, NT AUTHORITY\LOCAL SERVICE or NT AUTHORITY\NETWORK SERVICE 
  • For me, it was sorted out by switching from Network Service to Local Service.

Friday, September 25, 2015

How to use IP helper-address to connect remote DHCP server

"IP helper-address" command for broadcast applications suchIP-helper address to remote DHCP server as DHCP client(BOOTP), NetBIOS and so on. As you know IP helper-address is required a network is connected certain application at remote. For example, communicating between old computers that is using NetBIOS protocols, connecting remote DHCP server. In this article, we will mainly discuss about how to use IP helper-address to connect a remote DHCP server. The below example might not be realistic, b/c I just made up a case to better understand this technology.


[Configuration layout]

- As you can see below diagram, there are a DHCP server and two DHCP clients that one is in local and other is in remote. Where do you think the "IP helper-address" command needs to be inplace for DHCP client in remote? Answer is Ethernet interface of New York router. By default, router drop all the broadcast packtes sent thru the router. Because DHCP clients use bootp packets that are broadcasted to all hosts(255.255.255.255) and it will be all dropped by the router. The "ip helper-address" command makes the router to forward BOOTP broadcast packets to the specific remote DHCP server.

[New York Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname New_York
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.20.1.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
load-interval 30
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 100.100.100.129 255.255.255.128
ip helper-address 100.100.100.2 <--- font=""> Pointing to Remote DHCP Server
duplex auto
speed auto
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.128 mask 255.255.255.128
redistribute connected
neighbor 10.20.1.2 remote-as 20
neighbor 10.20.1.2 timers 3 20
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

[LA Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname LA
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.20.1.2 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 100.100.100.1 255.255.255.0
duplex auto
speed auto
!
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.20.1.1 remote-as 10
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

[DHCP Server / mimic Cisco 3660]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DHCP_Server
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
no ip dhcp use vrf connected
ip dhcp excluded-address 100.100.100.0 100.100.100.129
!
ip dhcp pool dhcp_pool <--------- dhcp="" font="" name="" of="" pool="">
network 100.100.100.0 255.255.255.0 <---- client="" dhcp="" font="" for="" ip="" pool="">
default-router 100.100.100.129 <------------ br="" client="" default="" dhcp="" for="" route="">dns-server 4.2.2.1 <------------- be="" dns="" font="" info="" sent="" server="" will="">
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface FastEthernet0/0
ip address 100.100.100.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 100.100.100.1
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

Monday, September 21, 2015

Deploying Java Runtime Enviroments with Local Update Publisher

  1. First downloaded the lattest offline installer from:
    http://java.com/en/download/manual.jsp details
  2. start the installer exe (don't click on any buttons once the installer has started though).
  3. go to c:\users\%username%\AppData\LocalLow\Sun\Java\[jre version]
  4. copy the *.cab and *.msi files to another folder that you can easilly access
  5. go into local update publisher, tools, create update
  6. for the update file choose the msi file that you previously coppied out
  7. Then click on add files, and add the .cab file you previously coppied out
  8. Click on add files again and add the following .mst file if you don't want java downloading updates from Oracle jre1.7.0_xx.mst details
To create your own mst file using InstEd, follow the instructions at: http://sourceforge.net/apps/mediawiki/localupdatepubl/index.php?title=Creating_Configuration_files_during_installation to import the vbscript at http://sourceforge.net/apps/mediawiki/localupdatepubl/index.php?title=Creating_WSUS_updates_for_Java into a mst file for the java msi file   

Publishing Third-Party Updates to WSUS

                               WSUS vs. GPSI

Active Directory (AD) includes Group Policy Software Installation (GPSI), which gives administrators a rudimentary means of updating or deploying software to clients by using Windows Installer (.msi) files. But GPSI wasn’t designed to scale for large networks, nor has Microsoft invested in the technology since the introduction of AD 10 years ago.
 Starting with version 3.0, WSUS includes local publishing APIs that, for the first time, let developers write code to publish custom updates to WSUS. But there’s no free tool from Microsoft for leveraging these new APIs, although local publishing methods can be accessed from Visual Basic scripts or from other programming languages. Despite this, using WSUS to deploy third-party software and updates has many advantages over GPSI, including the following:
  • In addition to .msi packages, command-line executables and drivers can be deployed natively without requiring users to have administrative privileges.
  • The Background Intelligent Transfer Service (BITS) is used to throttle the transfer of installation files to clients by using idle bandwidth. This is ideal for slow network links.
  • WSUS is designed to be part of an enterprise-wide distributed architecture.
  • WSUS includes basic reporting features.

WSUS Local Publishing

The following procedures demonstrate how easy it is to publish third-party updates to WSUS. All the operations in these examples, including WSUS client updates, are performed on a Windows Server 2008 R2-based computer that’s a domain member in a test environment. Before you follow these procedures, use the Server Manager wizard to install and configure WSUS to the default settings.
      Configure WSUS for client-side targeting. To be able to separate which computers will receive your custom updates in the test environment, you need to create a computer group.
1.     Log on to Server 2008 R2 as a domain administrator.
2.     Open the Microsoft Management Console (MMC) Windows Server Update Services snap-in from Administrative Tools on the Start menu.
3.     In the console’s navigation pane, expand your WSUS server and click Options.
4.     In the Options pane, scroll down the list of configuration options and click Computers.
5.     In the Computers dialog box, select Use Group Policy or registry settings on computers and click OK.
6.     In the navigation pane, expand Computer, right-click All Computers, and click Add Computer Group.
7.     In the Add Computer Group dialog box, name the new group Local Updates, then click OK.
      Configure local machine policy for Windows Update. In a production environment, the following settings would be configured in a Group Policy Object (GPO) and linked to an organizational unit (OU) that contains computers that we want to update by using WSUS. To simplify this demo, we’ll set the local machine policy to configure Windows Update on the local computer only.
8.     Click Start, type MMC in the Start Search box, and press Enter.
9.     In the new console window, press Ctrl+M to add a new snap-in.
10.  In the Add or Remove Snap-ins window, select Group Policy Object Editor under Available snap-ins and click Add.
11.  In the Select Group Policy Object dialog box, leave the default selection of Local Computer and click Finish.
12.  In the Add or Remove Snap-ins window, click OK.
13.  In the MMC navigation pane, expand Local Computer Policy, Computer Configuration, Administrative Templates, Windows Components. Double-click Windows Update.
14.  In the center pane, double-click Configure Automatic Updates.
15.  In the Configure Automatic Updates window, select Enabled, then click OK.
16.  In the center pane, double-click Specify intranet Microsoft update service location, then click Enabled.
17.  Under Options, type http:// followed by the name of the WSUS local server in both boxes. Then click OK. (Note: In this example, the WSUS server is named WINMEM1 and all services are located on one server. Therefore, I entered http://winmem1 both for Set the intranet update service for detecting updates and for Set the intranet statistics server.)
18.  In the center pane, double-click Enable client-side targeting.
19.  In the Enable client-side targeting window, click Enable. In the Target group name for this computer box, type Local Updates. Click OK.
20.  Double-click Allow signed updates from an intranet Microsoft update service location, click Enable, and click OK.
21.  Close the MMC snap-in.
22.  Open a command-prompt window, and run the gpupdate /force command to make sure that the new settings are applied to the server immediately.
      Install Local Update Publisher. Local Update Publisher is an open-source tool that you can download for free from SourceForge. The only prerequisite for the Local Update Publisher program is the .NET Framework 3.5, which you can install by using Server Manager on Server 2008 R2. You can do this quickly by opening a PowerShell window and running the following commands:
       
>> import-module servermanager                                
>> add-windowsfeature net-framework 
                             
 After the .NET Framework is set up, install the Local Update Publisher tool on the WSUS server. Then follow these steps:
1.     Start the Local Update Publisher tool from the Start menu under All Programs. (Note: You’ll be prompted to connect to a WSUS server. Because you’re working on the local WSUS server, you can leave the Name field blank, then click Connect.)
2.     In the Local Update Publisher program window, click LOCALHOST under Update Services.
3.     In the No WSUS Certificate found window that displays, click Yes.
4.     In the Certificate Information dialog box, click Create Certificate. (Note: A second window opens to indicate that a self-signed certificate has been successfully created and that it must be installed on all clients that will receive local updates.)
5.     In the installation confirmation window, click OK.
6.     In the Certificate Information dialog box, click Export Cert, then save a copy of the certificate to your desktop.
7.     Click OK.
In a production environment, you should consider using a certificate issued by a Certification Authority (CA) that’s part of your organization’s public key infrastructure (PKI).
Prepare WSUS for local updates. Before you continue, you must install the self-signed certificate on the WSUS server. In a production environment, you need to install the certificate on WSUS and on all clients that will receive local updates from WSUS.
1.     Click Start, type MMC in the Start Search box, and press Enter.
2.     In the new console window, press CTRL+M to add a new snap-in.
3.     In the Add or Remove Snap-ins dialog box, select Certificates under Available snap-ins and click Add.
4.     In the Certificates snap-in dialog box, select Computer account and click Next.
5.     Leave the default selection of Local Computer and click Finish.
6.     In the Add or Remove Snap-ins dialog box, click OK.
7.     In the MMC navigation pane, expand Certificates (Local Computer), then expand Trusted Root Certification Authorities.
8.     Right-click Certificates, point to All Tasks, and click Import.
9.     In the Certificate Import wizard, click Next.
10.  On the File to Import page, click Browse.
11.  Select the certificate file that you saved to your desktop and click Next.
12.  On the Certificate Store page, leave the default selection and click Next.
13.  Click Finish.
After the import finishes, click OK in the notification box. The WSUS Publishers Self-signed certificate will display in the MMC window’s center pane. Repeat steps 7 through 13 to import the same certificate in the Trusted Publishers container. You can then close the MMC Certificates snap-in.
Create a local update. To create a local update, you should work with a Windows Installer file whenever necessary because the Local Update Publisher tool automatically creates rules for applying updates through WSUS. If you must use an .exe file, and if you can’t extract a Windows Installer package from it, you’ll have to familiarize yourself with System Center Update Publisher Basic Rules. You can find more information about these rules here.
To install the latest version of Flash Player via WSUS, first download the Flash Player Windows Installer file. Then follow these steps to create a local update:
1.     On the Tools menu, click Create Update.
2.     In the Import Update from File window, which shows figure 1 below, click Browse. Then select the Flash Player .msi file that you previously downloaded. (Note: All the installation files are packaged inside the Flash Player MSI installer.)
http://windowsitpro.com/site-files/windowsitpro.com/files/archive/windowsitpro.com/content/content/129241/smith%20win2307%20fig1.jpg
3.     Click Next. (Note: The next page, which shows Figure 2 below, already includes all the required information except Vendor and Product.)
http://windowsitpro.com/site-files/windowsitpro.com/files/archive/windowsitpro.com/content/content/129241/smith%20win2307%20fig2.jpg
4.     In the Vendor box, type Adobe. In the Product box, type Flash Player 10.1.85.3 or the appropriate program version.
5.     Click Next. (Note: Because we provided the Local Update Publisher tool with a .msi file to create the update, rules are automatically populated over the next few pages of the installation wizard. You can modify or add to these rules later.)
6.     On the Package Level – Installed Rules page, which Figure 3 shows, click Next to accept the default rules.
http://windowsitpro.com/site-files/windowsitpro.com/files/archive/windowsitpro.com/content/content/129241/smith%20win2307%20fig3.jpg
7.     Repeat step 6 on the following pages: Package Level – Installable Rules, Installation Item Level – Superseded Rules, and Installation Item Level – Rule Metadata.
8.     Review the XML information for the update, then click Finish.
After a few seconds, you should be notified that the update has been successfully published to WSUS.
      Approve the local update. One disadvantage of using local updates is that they don’t display in the WSUS admin console; you must manage them by some other means. Fortunately, the Local Update Publisher tool lets you manage and approve local updates.
1.     In Local Update Publisher, expand LOCALHOST, Updates, Adobe, Flash Player 10.1.85.3.
2.     In the details pane, right-click the update and click Approve.
3.     In the Approve Update dialog box, which Figure 4 shows, click No Approval to the right of the Local Updates group, then click Approve for Install on the menu.
http://windowsitpro.com/site-files/windowsitpro.com/files/archive/windowsitpro.com/content/content/129241/smith%20win2307%20fig4.jpg
4.     At the bottom of the Approve Update dialog box, click Approve.
5.     When you’re prompted to update the approvals, click OK.
6.     Click Close.
      Verify installation. The final step is to verify that the Windows Update client installed the local update.
1.     On the WSUS server, click Start, type Windows Update in the Start Search box, and press Enter.
2.     In the search results, click Check for updates.
3.     In the Control Panel Windows Update applet, click Check for updates again on the left.
4.     After about one minute, you should see the option to install an important update.
5.     Click 1 important update is available, and check the update name to verify that it’s the local update that was just published, as Figure 5 shows.
http://windowsitpro.com/site-files/windowsitpro.com/files/archive/windowsitpro.com/content/content/129241/smith%20win2307%20fig5.jpg
6.     After you verify the update, click Install updates to install Flash Player.
Local Update Publisher also has basic reporting so that you can see which computers in a group have successfully received updates, as Figure 6 shows. In a production environment, there should be no reason to install Flash Player directly on a WSUS server.
http://windowsitpro.com/site-files/windowsitpro.com/files/archive/windowsitpro.com/content/content/129241/smith%20win2307%20fig6.jpg
   
Disabling Flash Player auto update. By default, the standard installation of Flash Player checks every 30 days to see whether a new version is available. In a corporate environment, you’ll probably want to disable this feature and manage updates centrally by using WSUS. You could modify the MSI database by using a free tool such as Microsoft Orca to include the necessary configuration file. However, that’s a rather complicated undertaking if you’re not experienced in authoring Windows Installer packages. A simpler solution is to create a configuration file (mms.cfg) to disable the auto update feature. This process is explained in the Adobe article “IT Administration: Configure Flash Player auto-update notification.” You’d then use Group Policy preferences to copy the file to the appropriate location on the client computers.

Don’t Leave Updates to Chance

The October 2010 update for Adobe Acrobat Reader alone patched 23 security vulnerabilities that, in some cases, could have allowed a remote attacker to launch malicious software. In light of such vulnerability, timely updates of ubiquitous software shouldn’t be left to chance. Systems administrators often hope that users will initiate updates themselves—but such local updates typically require that users have administrative privileges, which would further increase the likelihood of malware infection.
Using WSUS to publish third-party updates or even your own custom updates can significantly reduce the chance of computer infection. Thanks to its bandwidth throttling for slow networks and its ability (if the right architecture is in place) to reach notebooks that might not always be connected to the corporate network, WSUS is a better solution for making sure that all the computers in an organization are able to receive updates.

If you’re not comfortable using free, open-source software to publish updates to WSUS, you still have the option to rely on scripting or to create your own application. In addition, EminentWare offers two commercial solutions: the WSUS Extension Pack, for publishing local WSUS updates, and the 3rd Party Updates Pack, which contains continually updated and tested catalogs for third-party applications.

Windows 7: Do you trust this printer?

On my Windows 7 devices my users have been receiving the below message when tring to attach to a new printer
do_you_trust_printer_error.png

Cause:

A security feature that was added in Vista and Windows 7 called “Point and Print Restrictions”

Solution:

  1. Create or edit a GPO that targets the effected computers.
  2. Edit the policy Administrative Templates => Printers => Point and Print Restrictions Enable the policy and change the options to match the below
  • User can only point and print to these servers => Un-ticked
  • User can only point and print to machines in their forest => Ticked
  • When installing drivers for a new connection => Do not show warning or elevation prompt
  • When installing drivers for an existing connection => Do not show warning or elevation prompt

do_you_trust_printer_gpo.png

How to import .nk2 files into Outlook 2013

When you start Microsoft Outlook 2013 for the first time, your nickname cache (stored in the profilename.nk2 file) is imported into a hidden message in your default message store.

Note profilename is the name of your Outlook profile.

For example, if you are using a Microsoft Exchange account, the nickname cache is imported into a hidden message in the Exchange mailbox.

Note Outlook 2007 and earlier versions store the nickname cache .nk2 file in the following folder.
  • Windows XP
    Drive:\Documents and Settings\Username\Application Data\Microsoft\Outlook
  • Windows Vista and later versions
    Drive:\Users\Username\AppData\Roaming\Microsoft\Outlook
After the nickname cache is imported, the profilename.nk2 file is renamed to profilename.nk2.old. On the next start of Outlook, your nickname cache is not imported. Outlook 2013 does not use the .nk2 file for maintaining your nickname cache. All updates to your nickname cache in Outlook 2013 are made to the hidden message in your default message store.

Note If you have multiple Outlook profiles, the nickname cache from each profile is merged into your new Outlook 2013 nickname cache on the first start of Outlook 2013 by using that profile. Therefore, you may find more than one .nk2 file renamed to .nk2.old.

However, there may be situations where you have to import a nickname cache file after this first-run nickname cache import process has finished. For example, a colleague wants to share their nickname cache with you and you want to update your existing nickname cache with your colleague’s data.

This article discusses how to import .nk2 files into Outlook 2013.
More information
To import .nk2 files into Outlook 2013, follow these steps:
  1. Make sure that the .nk2 file is in the following folder:
    %appdata%\Microsoft\Outlook
    Note The .nk2 file must have the same name as your current Outlook 2013 profile. By default, the profile name is "Outlook." To check the profile name, follow these steps:
    1. Click Start, and then click Control Panel.
    2. Double-click Mail.
    3. In the Mail Setup dialog box, click Show Profiles.
  2. Click Start, and then click Run.
  3. In the Open box, type outlook.exe /importnk2, and then click OK. This should import the .nk2 file into the Outlook 2013 profile.

    Note After you import the .nk2 file, the contents of the file are merged into the existing nickname cache that is currently stored in your mailbox.
Note The .nk2 file is renamed with a .old file name extension on the first start of Outlook 2013. Therefore, if you try to re-import the .nk2 file, remove the .old file name extension.

Saturday, September 5, 2015

Cannot Embed PDF into Excel 2013 (Standard Fix Not Working)

Try this;

Step 1 : Open the Excel worksheet that you want to use.
Step 2 : Select the "Insert" box near the top of the Excel ribbon.
Step 3 : Select "Object" from the Text section.
Step 4 : Click the "Create New" tab if necessary and then select "Adobe Acrobat Document" from the Object Type box.
Step 5 : Select the PDF from the files and folders on your computer. Click "Open." This should cause the document to appear within your worksheet.

Upgrading Windows Server 2008 R2 without media

Windows Server 2008 R2 introduces a new command-line utility, DISM, the Deployment Image Servicing and Management tool.    One of DISM’s many useful features is the ability to use its edition-servicing commands to upgrade an R2 installation without requiring install media.  This is functionally equivalent to Windows Anytime Upgrade in a Windows 7 client install, and can be performed on both an online or offline image, and on both full Server and Server Core installations.

Upgrades using the edition servicing method are quick, and don’t require a full reinstall of the operating system.  Deployed roles and features, and other characteristics (machine name, user and admin accounts, etc) are persisted forward.     Because the target editions are staged within the image, only the updates necessary to move from edition to the next are applied.

The upgrade options are limited to edition families, and are irreversible – you can’t downgrade once you’ve gone up an edition.  Additionally, you can’t move from full Server to Server Core (or vice versa).

The supported upgrade paths are:

·         Windows Server 2008 R2 Standard -> Windows Server 2008 R2 Enterprise -> Windows Server 2008 R2 Datacenter
·         Windows Server 2008 R2 Standard Server Core -> Windows Server 2008 R2 Enterprise Server Core -> Windows Server 2008 R2 Datacenter Server Core
·         Windows Server 2008 R2 Foundation -> Windows Server 2008 R2 Standard

The tool essential for this process, DISM.exe, is included in every installation of Windows Server 2008 R2, and the general usage for online and offline use is documented on TechNet here:  http://technet.microsoft.com/en-us/library/dd744380(WS.10).aspx

One scenario that we sometimes use internally is the online upgrading of Hyper-V hosts.  If you decide that you want to move from Enterprise’s 4 VM limit to Datacenter’s support for an unlimited number of VMs, you can migrate the VMs to another host, upgrade the old host in less than thirty minutes, and then immediately migrate the VMs back once the process is complete.  There’s no need to take the whole server offline or rebuild from scratch.

The syntax for DISM is fairly straightforward.  From an elevated command prompt, you can query for the current edition, for possible target editions, and initiate the upgrade.  To upgrade, you need to provide a valid 25-character product key for the edition to which you’re upgrading.

To determine the installed edition, run:

DISM /online /Get-CurrentEdition

To check the possible target editions, run:

DISM /online /Get-TargetEditions

Finally, to initiate an upgrade, run:

DISM /online /Set-Edition: /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX

So, for example, to upgrade to Windows Server 2008 R2 Datacenter from a downlevel edition, you would run:

DISM /online /Set-Edition:ServerDatacenter /productkey:ABCDE-ABCDE-ABCDE-ABCDE-ABCDE


After running the /Set-Edition command, DISM will prepare the operating system for the edition servicing operation, then reboot twice while it applies the changes to the operating system.  After the final reboot, you’ll be running the new edition!