Explain the magic “300” in DPM.

This is a chosen limit that derives from the Logical Disk Manager (LDM) number of volumes that can coexist on a Windows system. We’ll explore some details in a minute but first the following; note that DPM requires 2 volumes to protect a data source, 1 for the replica and 1 for the recovery point volume. This means if we max out a supportable DPM server on this aspect there will be at least 600 volumes on the system.

LDM has a fixed size data structure (the LDM database) with records (to define volumes) that occupy at least 1 ‘slot’ and sometimes 2. To cut short, there are 2960 slots available and each new volume requires 3 or 4 slots and 1 more for each time a volume is extended. Wait a minute, with 300 data sources requiring 600 volumes, which consumes 1800 out of 2960. In other words; you cannot extend all replicas and recovery point volumes twice on a maximum configuration. Not that this is likely to occur but chances increase with DPM2010 as we will see. Obviously if there are less data sources or less need be extended you can do that more often. At some point we need ‘consolidation’ to reduce consumption of slots. Okay, but how? Create a new volume large enough to hold all data of an extended volume, move data and delete the old volume releasing all extent slots.

Get all Monitors and Overrides for a Management Pack

For monitors, you use this command: get-monitor -managementPack name.mp | export-csv filename

For example, this command gets the monitors associated with one of the core Management Packs:
get-monitor -managementPack System.Health.Library.mp | export-csv "C:\monitors.csv"

For overrides: get-override -managementPack name.mp | export-csv filename

For example, this command:
get-override -managementPack Microsoft.SystemCenter.OperationsManager.Internal.mp | export-csv "c:\overrides.csv"

How to Manage Stored User Names and Passwords in Windows Credential Manager

Start the Credential Manager by opening the Control Panel and navigating to Control Panel > All Control Panel Items > Credential Manager.

Or use

rundll32.exe keymgr.dll, KRShowKeyMgr

Upgrade Certification Authority to SHA256

A common question in the field is about upgrading a certification authority running on Windows Server 2003 to use Crypto Next Generation (CNG) to support SHA256. CNG was introduced in Windows Server 2008 and higher operating systems, as a result,
an upgrade to the operating system is required. After upgrading the certification authority’s operating system, you will need to run
the following commands from an elevated command line window:

certutil -setreg ca\csp\CNGHashAlgorithm SHA256
net stop certsvc
net start certsvc

Make sure you are  using a Key Storage Provider that supports SHA256 – for example the Microsoft Key Storage Provider - and then renewing the certification authority’s certificate.

If this proves to be too complicated, then you can simply issue certificates to clients using SHA256 even if the entire certification authority’s chain is signed with SHA1 certificates. The applications consuming the SHA256 certificates have to support the SHA256 signature on any given certificate in the chain.