Windows update CAB file build up

We’ve had a spate of PCs filling up their disks recently, and it seems to stem from a bug in Windows update.

The issue occurs because an accumulated update log file grows, and generates a series of CAB files “cab_xxx_x” in the temp folder (normally c:\windows\temp).

The issue isn’t new, I found references to it dating back to 2012. It seems to be a bug with Windows Update on Windows 7 and Windows Server 2008 R2.

If you just delete the CAB files they will come back. The solution seems to be to do the run the following commands:

net stop wuauserv 
net stop trustedinstaller

rmdir /s c:\windows\softwaredistribution
del c:\windows\temp\*.* /s /f /q

net start wuauserv
net start trustedinstaller

If you don’t stop the services first you may not be able to delete the files.

Next step is to run Windows update. Windows 7 and 2008 R2 have a huge number of updates to do from a fresh install, which is why this log file builds up. Deleting the files resets the log, but if there are still too many to do the issue may come back.

I set up a monitor on SolarWinds N-Central to check all our clients temp folder sizes and to run the above as a script if it was over 15GB. That should prevent any space issues on-going.

Alternatively just upgrade to Windows 10 and Server 2016 – they don’t have this problem.

Using Office 365 as your SMTP server on a 3CX PBX

If you want to use Office 365 as your SMTP email server for a 3CX PBX you are best setting up a Connector on the Exchange Online account. I am assuming that your PBX is on the end of a static IP address.

First configure your 3CX server. Under Email and settings set the mail server to match your MX record. This usual follows the format domain.mail.protection.outlook.com where domain is your email domain with hyphens instead of dots.

Set a reply to address on the same domain. I always use pbx @ sfax.co.uk, it doesn’t go anywhere, I don’t expect anyone to reply to it.

You don’t need a username or password or to enable SSL/TLS as we will set up a connector to receive the email.

Next log on to your Office 365 portal as an administrator, and open your Exchange Admin Center. From there pick connectors under mail flow.

Create a new Connector.

Pick from: Your organization’s email server

To: Office 365

Give it an appropriate name:

Next select By Verifying that the IP address of the sending server matches one of these addresses that belong to your organization

Click the plus to add an IP address and enter your PBX’s internet IP address

Save the connector and you are good to go.

http://3cx.co.uk

http://portal.office.com

Manually syncing Azure AD

When Azure Connect is setup the quickest way to fire off a manual sync is through powershell.

For a full sync (new accounts etc):

import-module adsync
Start-ADSyncSyncCycle -PolicyType Initial

For a incremental sync (faster but not as thorough):

import-module adsync
Start-ADSyncSyncCycle -PolicyType delta

I normally save these as .ps1 files on the desktop of the server to I can quickly run them.

Moving FSMO Roles with Powershell

Another article about a command that I can never remember the syntax when I need it.

The information here is from: https://social.technet.microsoft.com/wiki/contents/articles/6736.move-transfering-or-seizing-fsmo-roles-with-ad-powershell-command-to-another-domain-controller.aspx

To transfer all roles use:

Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole SchemaMaster,RIDMaster,InfrastructureMaster,DomainNamingMaster,PDCEmulator

To seize the roles append -Force.

You can also substitute the role names with numbers, making a more manageable:

Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole 0,1,2,3,4 -Force

Much easier to remember than trying to remember which bit of the gui does which role.

Older servers use ntdsutil.exe:

https://support.microsoft.com/en-gb/help/255504/using-ntdsutil.exe-to-transfer-or-seize-fsmo-roles-to-a-domain-controller