Category Archives: Microsoft

SBS08 | Disk Space / Exchange / “Back Pressure” Thought Process & Resolution

1 Reply

It all started off with this problem, after being all scatty and trying to get my head around the issue I thought I’d need to document this, hopefully to give a better sequence of debugging the issue rather than the mad chicken running round with no head!…

Problem:

  • Internal Email all working
  • External Email outbound all working
  • No Inbound Email but no NDR from recipients.

Checks:

  1. MX Lookup mxtoolbox.com: Confirm where the mail goes to?
  2. SMTP check mxtoolbox.com: Confirm the status of the server?
  3. Telnet: CMD -> “telnet tothedomain.com 25” Also another method to provide some different information and confirm if this server is answering requests for the inbound email…
  4. Server check Disk Space: This is one of the most likely causes I have seen with server problems causing a raft of issues. But was thrown by 4GB free (Assuming this would be enough)
  5. Check Event Viewer: Ahh… the log of knowledge! well not quite if it doesn’t show anything obvious… At first glance this didn’t hi-light any problems but looking further I was given this to work with: “Exchange Server 2007 Transport: 452 4.3.1 Insufficient system resources”
  6. Google check: With something to go on I can do a little bit of Googling. To be fair I’m sure that’s what we all do for a new problem!
  7. Cause Identified: http://exchangepedia.com/2007/03/exchange-server-2007-transport-452-4-3-1-insufficient-system-resources.html

Cause:

  • The “Back Pressure” feature has kicked in and is not accepting requests.
  • The problem is the 4GB DISK SPACE!!

Solution:

  1. Free Disk Space: The link above shows the tweaks and how to turn off “Back Pressure” but this can be avoided by simple cleaning up the disk space on C:\ and restarting the “Exchange Transport” service.
  2. Where is Disk Spaced used? Download Jamsoft Treesize, to show what space on c:\ has been consumed.
  3. How can I free up disk space on Windows Small Business Server 2008? – Being new to SBS as I usually work with Server 2008 STD/ENT I needed to confirm what can be cleaned up. Cleanup: IIS log files seem to waste a lot of disk space. The following script taken from: sbsfaq.com will clean them up.

@echo off
rem Script to clean up disk space on SBS 2008 servers
rem Downloaded from SBSfaq.com
rem V1.0 – March 28th, 2010

rem Certificate Services Logs
net stop “Active Directory Certificate Services”

del c:\windows\system32\certlog\*.log
del c:\windows\system32\certlog\*.chk
del c:\windows\system32\certlof\*.jrs
net start “Active Directory Certificate Services”

rem IIS Log Files
Del C:\inetpub\logs\LogFiles\*.log /f /s

Fix:

Once the disk space issue was addressed we could then restart the “Exchange Transport” service. This then kicked Exchange back into life, although it didn’t comeback up instantly! And the service was restarted a few times for it to register (not sure the reason for this)

Although this has resolved the problem for now, we will need to move the Exchange DB off the C:\ (not sure why there in the first place) so this doesn’t become an issue again…

Move the Exchange Server Data

Links which helped (Thank you)

Create a CustomPowerSave using PowerCFG (*.BAT)

Leave a Reply

This set of commands will create a new powersaving mode in XP with the name “CustomPowerSave” and set it as default. This has not been tested in Windows 7. You can drop this code below into a “CustomPowerSave.bat” file and run. This will also need some tweaking and testing to get working correctly.


POWERCFG /CREATE CustomPowerSave
POWERCFG /CHANGE CustomPowerSave /monitor-timeout-ac 5
POWERCFG /CHANGE CustomPowerSave /disk-timeout-ac 10
POWERCFG /CHANGE CustomPowerSave /standby-timeout-ac 20
POWERCFG /CHANGE CustomPowerSave /hibernate-timeout-ac 0

POWERCFG /GLOBALPOWERFLAG off /OPTION RESUMEPASSWORD
POWERCFG /SETACTIVE CustomPowerSave

Get switch options using:
cmd -> powercfg /?

“The RPC server is unavailable” when joining to domain

Leave a Reply

Everytime you try to connect to the domain (from workgroup) it would say “The RPC server is unavailable”

First thoughts directly point to DNS… which was some of the problem. The Router was dishing out DHCP rather than Windows Server 2003 SBS.

Why?? I asked?? Was there any advantage of this? not really… If this is setup within a small company then people will be server based users anyway so probably unable to operate without it, even if the web/DHCP was available on the router.

The client tries to resolve the internal domain.local using the router on the external DNS. That’s not going to work! not unless you bodge it and manually add the SBS Servers DNS into the DHCP the router dishes out so the clients can resolve it. Not the best fix, but it works.

Better still add DHCP on the SBS2003!

Getting this one fixed I could now do the following:

  1. Ping the server
  2. Ping the FQDN of the server (fixed the issue in the first link)

But I was still experiencing the annoying “The RPC server is unavailable” why was this??

Finally finding the problem!! “NORTON INTERNET SECURITY” those three words made into a dirty acronym “NIS”

Disabling the firewall and BAMM! The client could be connected to the domain and fully working.

 

 

Microsoft Common Issues

Leave a Reply

This is basically links to common issues that I have come across, but forget the solution or don’t need to blog:

  • FSMO placement and optimization on Active Directory domain controllers (223346)
  • How to back up Hyper-V virtual machines from the parent partition on a Windows Server 2008-based computer by using Windows Server Backup (958662)
  • Reliability Monitor displays no information in Windows Server 2008 and in Windows Server 2008 R2 (983386)
  • Managing Active Directory FSMO Roles: here
  • Download Locations for SQL Express 2008 R2

NK2 Files & Import

Leave a Reply

NK2 File locations in Windows XP / Windows 7

  • Windows XP: Start -> Run -> “%userprofile%\Application Data\Microsoft\Outlook”
  • Windows 7: Start -> Run -> “%appdata%\Microsoft\Outlook”

Import Outlook nicknames from .NK2 file to Outlook 2010 Profile

  1. Copy *.NK2 to %appdata%\Microsoft\Outlook
  2. Change name of .NK2 file to match the Outlook profile name (This can be checked using “Mail” in control panel)
  3. Start -> Run -> “outlook.exe /importnk2” (This imports the NK2 file into the profile)
  4. Once imported the .nk2 file should get renamed automatically with . file extension
  5. Import of Contacts will merge with current cache (not overwrite)

Automatic tool to do this: http://support.microsoft.com/kb/980542

Enable Network Discovery Server 2008 R2

4 Replies

Need to enable network discovery in Windows Server 2008 R2?

The Problem is that after you have enabled this it simple turns off again so you need to enable the following services. I changed the startup type to automatic.

Start the following services:

net start "DNS Client"
net start "Function Discovery Resource Publication"
net start "SSDP Discovery"
net start "UPnP Discovery"

You still may not see the contents of “network places” populate with all the computers across the network so you will need to “enable NetBIOS over TCP/IP” from the network card adapter properties.

Control Panel > Network Connections -> Right click Properties on network card -> Select TCP/IP Settings -> Click Properties -> Advanced -> WINS tab -> enable NetBIOS over TCP/IP

enable_netbios_over_tcpip

This is usually configured within DHCP for clients, however in my situation I was enabling this feature on a server, therefore a fixed IP address not pulled from DHCP.

Source: http://social.technet.microsoft.com/Forums/en/windowsserver2008r2general/thread/e1cc2310-b4f7-4de5-818a-352d8f792de5

Exchange 2007 | Message Size Limits

Leave a Reply

Want to check the message size limits in Exchange 2007 (GUI)?

Exchange Management Console:

SENDING

  • Organization Configuration > Hub Transport > Send Connectors Tab, Go to the properties of that send connector. In the General Tab will see a box with a check mark: Maximum Message Size (KB) [update to desired size]
  • Organization Configuration > Hub Transport > Global Settings Tab, Go to the properties of the Transport Settings. In the General Tab will see a box with a check mark: Maximum Send Size (KB) [update to desired size]

RECEIVING:

  • Organization Configuration > Hub Transport > Global Settings Tab, Go to the properties of the Transport Settings. In the General Tab will see a box with a check mark: Maximum Receive Size (KB) [update to desired size]
  • Server Configuration > Hub Transport > Receive Connectors (Lower box). Update all of your receive connectors: Properties, General Tab: Maximum Receive Size (KB) [update to desired size]

Exchange Powershell:

  • ?

I received the following bounce from the local server due to email size limits.

Delivery has failed to these recipients or distribution lists:

This message exceeds the maximum message size allowed. Microsoft Exchange will not try to redeliver this message for you. Please make the message smaller — by removing attachments, for example — and try sending it again, or provide the following diagnostic text to your system administrator.
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:

Generating server: exchange.domain.com
email@domain.com
#550 5.3.4 ROUTING.SizeLimit; message size exceeds fixed maximum size for route ##

Original message headers:

Received: from exchange.domain.com ([127.0.0.1]) by exchange
([127.0.0.1]) with mapi; 31 Dec 2011 00:00:00 +0100
Content-Type: application/ms-tnef; name=”winmail.dat”
Content-Transfer-Encoding: binary
From: Sender
To: “Recipient”
Date: 31 Dec 2011 00:00:00 +0100

Reference: http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/exchange-2007-message-size-limits.html

Groups in AD | Domain Local, Global, Universal

Leave a Reply

Domain Local: groups can contain users, global groups and universal groups from anywhere in the AD forest, but can only be used to secure resources within the same domain.

Global: groups can contain only users and groups from within the same domain, but can be used to secure resources anywhere in the forest.

Universal: groups can contain objects from anywhere in the forest, and can be used to secure resources anywhere in the forest.

Group Scope Can Contain Usage
Domain Local
  • User account from any domain in the forest
  • Global or universal from any domain in the forest
  • User accounts, global or universal groups from a trusted forest domain
  • Other domain local groups from the same domain
  • Resources in local domain
Global
  • User accounts in the same domain
  • Other global groups from the same domain
  • Any domain in the forest or trusted forests
Universal
  • Users. Global groups or universal groups from any domain in the forest
  • Any domain in the forest or trusted forests

You can only convert from the following and this will only take place if the correct “member of” groups are related:

  • Domain Local to Universal
  • Global to Universal
  • Universal to Domain Local & Global

BACKUP!

Leave a Reply

DO A STANDALONE BACKUP NOW!

This is something we all overlook and it makes life so much easier if you have a copy just dumped to a network share!

GPO Backup:

GPO Restore:

DHCP Backup:

 

Forward mail to a Public Folder | EMC PowerShell

Leave a Reply

This will forward mail to the public folder

Set-Mailbox "NAME.SURNAME" -ForwardingAddress "email@domain.com"
Set-Mailbox "NAME.SURNAME" -ForwardingAddress "email@domain.com" -DeliverToMailboxAndForward $true

Source: Exchangepedia how to forward mail to a public folder.

Bridgehead Servers, Intersite Links and RepAdmin

Leave a Reply

Bridgehead Servers

A bridgehead server is a domain controller in each site, which is used as a contact point to receive and replicate data between sites. For inter-site replication, KCC designates one of the domain controllers as a bridgehead server. In case the server is down, KCC designates another one from the domain controller. When a bridgehead server receives replication updates from another site, it replicates the data to the other domain controllers within its site.

Repadmin Sync: (Synchronizes DC with replication partners)

repadmin /syncall

Bridgehead Servers: (Displays bridgehead servers)

repadmin /bridgeheads

Troubleshooting:

Seeing a number of KCC replication errors in the event log, no doubt there is something not configured correctly in “Site-&-Services”  This Microsoft document should give you a few tips. Troubleshoot with Repadmin

Continue reading

Adobe Reader X (Rollout)

Leave a Reply

With the release of Adobe Reader X I needed to roll this out to a number of systems. There seems to be a mass of complex information regarding something as simple as a silent install at login on the client PCs.

Below is a list of reference material to help make this process easier! There are a number of methods, so no right and wrong way of doing it! I’m in the process of deployment so building up a list of information to get it right (will update here later)

Silent Install switch (could be added to login script) then via GP:

\\server\Software-Distribution\AdbeRdr1000_en_US.exe /msi EULA_ACCEPT=YES /qn

Installation via software deployment in GP (old guide but the same principle)

http://www.adobe.com/content/dam/Adobe/en/devnet/acrobat/pdfs/gpo_ad_8.pdf

Exchange 2007 | Sendas email account using alternate domain

Leave a Reply

I’ve was asked to set up an additional domain name under Exchange 2007. The only issue is that Exchange doesn’t quite handle multiple domain names very well, yes you can add aliases and easily create them within the exchange console, however the problem comes to “sending as” a different domain on the client machine (outlook) I managed to get this method working, although it may not be the best method, I’m couldn’t find any other solutions.

Method 1:

  • Create a new user and mailbox.
  • Set the default email address as email@domain.co.uk
  • Add full send as permissions to the mailbox.
  • Setup redirect so all email to email@domain.co.uk is forwarded to email@domain2.com

This is good, but is messy as multiple user accounts are required…

Method 2 (Preferred Method):

  • Setup a new distribution list email@domain.co.uk (remove the alias from users current profile to do this)
  • Add User as the manager of this list and the only member
  • Set the permissions for full send as via the powershell…

You can change mailbox permissions using two methods but only the powershell method seems to work properly (so probably best to stick to this)

  • 1) Via Powershell: Add-AdPermission “DL” -user “name.surname” -AccessRights extendedright -ExtendedRights “send as”
  • 2) From the “users and computers” selected the distribution group changed to “Advanced” settings and edited the security on the DL to add “user” to Full access”

TS/RDS Disconnect Sessions GP

Leave a Reply
  • Start -> Run -> gpedit.msc
  • Open Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services – > Session.

Set time limit for disconnected sessions

  • You can use this setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session.

Sets a time limit for active Terminal Services session

  • You can use this setting to specify the maximum amount of time a Terminal Services session can be active before it is automatically disconnected.

Sets a time limit for active but idle Terminal Services session

  • You can use this setting to specify the maximum amount of time that an active session can be idle (that is, no user input) before it is automatically disconnected.

Allow reconnection from original client only

  • Specifies whether to allow users to reconnect to a disconnected Terminal Services session using a computer other than the original client computer.

Terminate session when time limits are reached

  • Specifies whether to terminate a timed-out Terminal Services session instead of disconnecting it.

SCANPST.EXE Tool Location (PST recovery)

Leave a Reply

Looking for ScanPST tool bundled with Microsoft Office?

Try on the following locations:

SCANPST.EXE

  • disk drive:\Program Files\Microsoft Office\OFFICE12
  • disk drive:\Program Files\Common Files\System\Mapi\1033\
  • disk drive:\Program Files\Common Files\System\Mapi\1033\NT
  • disk drive:\Program Files\Common Files\System\MSMAPI\1033
  • disk drive:\Program Files(x86)\Microsoft Office\Office12
  • disk drive:\Program Files(x86)\Common Files\System\Mapi\1033\
  • disk drive:\Program Files(x86)\Common Files\System\MSMAPI\1033

Exchange Delivery Error 5.2.0

Leave a Reply

User gets an error message when sending email from an external email address to a public folder email using exchange 2007

Delivery has failed to these recipients or distribution lists

#< #5.2.0 smtp;550 5.2.0 STOREDRV.Deliver: The Microsoft Exchange Information Store service reported an error. The following information should help identify the cause of this error: "MapiExceptionNotAuthorized:16.18969:D0130000.....

Fix:

  1. Logon to the public folder (in Outlook client is easiest)
  2. Right click -> Permissions -> Change -> “Anonymous” User to Create Items (Contributor)
  3. Should do the trick work 🙂

WSUS (wuauclt.exe) | Updates CLI

Leave a Reply

Detectnow Option

Because waiting for detection to start can be a time-consuming process, an option has been added to allow you to initiate detection right away. On one of the computers with the new Automatic Update client installed, run this at command prompt:

wuauclt.exe /detectnow

Resetauthorization Option

WSUS uses a cookie on client computers to store various types of information, including computer group membership when client-side targeting is used. By default this cookie expires an hour after WSUS creates it. If you are using client-side targeting and change
group membership, use this option in combination with detectnow to expire the cookie, initiate detection, and have WSUS update computer group membership.

Note that when combining parameters, you can use them only in the order specified as follows:

wuauclt.exe /resetauthorization /detectnow

Windows Server Update Services (WSUS) Support Tools:

CLI for WUAUCLT:

Source: http://technet.microsoft.com/en-us/library/cc708617(WS.10).aspx

Check Action Sessions & disconnect on TS via CMD

Leave a Reply

Run the following on any Server in the domain from CMD.

  • query session /server:servername

You can then close the sessions by running the following:

  • reset session [ID] /server:servername

This e-mail and any attachments are intended for the addressee only and may=
be confidential. If you are not the intended recipient, please advise the =
sender as soon as practicable and delete the e-mail from the system. The Un=
iversity of Chichester is a company
limited by guarantee, registered in England and Wales. Registration number=
4740553. The registered office is College Lane, Chichester, West Sussex, P=
O19 6PE.