infraLib - infrastructure Library: February 2014

Friday 28 February 2014

Important Config Mgr Hotfix for OS Deployment (KB2910552)

Microsoft has just released an Important Config Mgr Hotfix for OS Deployment issue. The problem was a compatibility issue between Windows XP and the Windows Assessment and Deployment Kit (ADK) 8.1. which prevents deployments when you use WinPe 3.1 boot image with a task sequence in Windows XP update scenarios.

Error message in the Smsts.log file:

Installing boot image to hard drive TSManager datetime 3048 (0x0BE8)
Backing up existing boot system before trying to set up new boot system TSManager datetime 3048 (0x0BE8)
BootLoader::backup: C:\, C:\_SMSTaskSequence\backup TSManager datetime 3048 (0x0BE8)
BootLoader::restore: C:\_SMSTaskSequence\WinPE, C:\ TSManager datetime 3048 (0x0BE8)
Saving bcd store to C:\_SMSTaskSequence\WinPE\boot\BCD TSManager datetime 3048 (0x0BE8)
Executing command line: "C:\_SMSTaskSequence\WinPE\SMS\bin\i386\bootsect.exe" /NT60 SYS /MBR TSManager datetime 3048 (0x0BE8)
CreateProcess failed. Code(0x800700C1) TSManager datetime 3048 (0x0BE8)
Command line execution failed (800700C1) TSManager datetime 3048 (0x0BE8)
Failed to install boot image. 
is not a valid Win32 application. (Error: 800700C1; Source: Windows) TSManager datetime 3048 (0x0BE8)
Failed to install boot image CCR00004. 
is not a valid Win32 application. (Error: 800700C1; Source: Windows) TSManager datetime 3048 (0x0BE8)
Failed to reboot the system. Error 0x(800700c1) TSManager datetime 3048 (0x0BE8)
Failed to initialize a system reboot. 
is not a valid Win32 application. (Error: 800700C1; Source: Windows) TSManager datetime 3048 (0x0BE8)
Fatal error is returned in check for reboot request of the action (Restart in Windows PE). 
is not a valid Win32 application. (Error: 800700C1; Source: Windows) TSManager datetime 3048 (0x0BE8)

The hotfix applies to sites, admin consoles and clients.

Don't forget to update your boot images after the update is installed.

Task sequence component version becomes 5.00.7958.1104 after the hotfix installation.

The hotfix KB2910552 can be downloaded from http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=2910552&kbln=en-us

And you can read more detail at http://support.microsoft.com/kb/2910552

Windows Server 2012 R2 Products and Editions Comparison

Windows Server 2012 R2 Products and Editions Comparison by features, locks / limits and server roles.

	Windows Server 2012 R2 Datacenter	Windows Server 2012 R2 Standard	Windows Server 2012 R2 Essentials	Windows Server 2012 R2 Foundation
Locks and Limits
Maximum number of users	based on licenses	based on licenses	25	15
Maximum SMB Connections	16,777,216	16,777,216	16777216	30
Maximum RRAS Connections	unlimited	unlimited	50	50
Maximum IAS Connections	2,147,483,647	2,147,483,647	50	10
Maximum number of 64-bit sockets	64	64	2	1
Maximum RAM	4 TB	4 TB	64 GB	32 GB
Server can join a domain	Yes	Yes	For migration only	For migration only
DirectAccess	Yes	Yes	See documentation	Yes

Server Roles
Active Directory® Certificate Services	Yes	Yes	Yes	Yes
Active Directory Domain Services	Yes	Yes	Required	Yes (optional)
Active Directory Federation Services	Yes	Yes	Yes	Yes
AD Lightweight Directory Services	Yes	Yes	No	Yes
AD Rights Management Services	Yes	Yes	Yes	Yes
Application Server	Yes	Yes	Yes	Yes
DHCP Server	Yes	Yes	Yes	Yes
DNS Server	Yes	Yes	Yes	Yes
Fax Server	Yes	Yes	Yes	Yes
File Services	Yes	Yes	Yes	Yes
Hyper-V	Yes	Yes	No	No
Network Policy and Access Services	Yes	Yes	Yes	Yes
Print and Document Services	Yes	Yes	Yes	Yes
Remote Access	Yes	Yes	Yes	Yes
Terminal Services Application Sharing	Yes	Yes	No	Yes
Terminal Services Gateway	Yes	Yes	No	See documentation
Web Services (IIS)	Yes	Yes	Yes	Yes
Windows Deployment Services	Yes	Yes	Yes	Yes
Windows Essentials	Yes	Yes	Default	No
Windows Media Services support (Streaming Media Services)	See Installation Options documentation	See Installation Options documentation	Yes	See Installation Options documentation
WINS Server	Yes	Yes	Yes	Yes

Features
RODC – read only domain controller	Yes	Yes	No	No
Automatic Virtual Machine Activation	Both guest and host	As guest	As guest	No
Best Practices Analyzer	Yes	Yes	Yes	Yes
BranchCache Hosted Server	Yes	Yes	Yes	Yes
BranchCache P2P Cache	Yes	Yes	Yes	Yes
Windows Control Panel	Yes	Yes	Yes	Yes
Distributed File System Replication	Yes	Yes	Yes	Yes
Data Deduplication	Yes	Yes	No	No
ISCSI target support	Yes	Yes	Yes	Yes
DirectAccess	Yes	Yes	Yes	Yes
Dynamic Memory (in virtualization)	Yes	Yes	Yes	No
Failover Clustering	Yes	Yes	No	No
"Hot" add/replace RAM	Yes	Yes	Yes	No
IPAM (IP Address Management)	Yes	Yes	Yes	Yes
Microsoft Management Console	Yes	Yes	Yes	Yes
Minimal Server Interface	Yes	Yes	No	No
Network Load Balancing	Yes	Yes	Yes	Yes
Support for Non-volatile Memory Express	Yes	Yes	Yes	Yes
Windows PowerShell	Yes	Yes	Yes	Yes
Server Core mode	Yes	Yes	No	No
Server license logging	Yes	Yes	Yes	Yes
Server Manager	Yes	Yes	Yes	Yes
SMB Direct and SMB over RDMA	Yes	Yes	Yes	Yes
Storage Management Service	Yes	Yes	Yes	Yes
Storage Spaces	Yes	Yes	Yes	Yes
Volume Activation Services	Yes	Yes	No	No
VSS (Volume Shadow Copy Service) integration	Yes	Yes	Yes	Yes
Windows Server Update Services	Yes	Yes	Yes	No

The full PDF that includes Hyper-V and Storage Server editions can be downloaded from http://www.microsoft.com/en-us/download/confirmation.aspx?id=41703

Thursday 27 February 2014

Ports used by Configuration Manager Management Point

Ports used by Configuration Manager Management Point

Management Point <> Domain Controller

Description	UDP	TCP
Lightweight Directory Access Protocol (LDAP)	--	389
LDAP (Secure Sockets Layer [SSL] connection)	636	636
Global Catalog LDAP	--	3268
Global Catalog LDAP SSL	--	3269
RPC Endpoint Mapper	135	135
RPC	--	DYNAMIC

Management Point <> Site Server

Description	UDP	TCP
RPC Endpoint mapper	--	135
RPC	--	DYNAMIC
Server Message Block (SMB)	--	445

Management Point <> SQL Server

Description	UDP	TCP
SQL over TCP	--	1433

Enable Verbose Logging on the SCCM Client for Application Deployment Troubleshooting

You might need to enable verbose logging on the SCCM client for application deployment troubleshooting to be able to see what is happening in more detail.

The default logging level for the client logs information, error and warning level messages. And this is set by a registry value named LogLevel which can be found under

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CCM\Logging\@GLOBAL\LogLevel (For x86 SCCM Client)

or

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CCM\Logging\@GLOBAL\LogLevel

default value of LogLevel is 1, so you can change it 0 (Zero) and restart the SMS Agent service to enable verbose logging. (You'll need to change Administrators permissions to Full on @GLOBAL before changing this value)

Client-side debug logging

If you need more detail you can also enable debug level logging by creating a new key named DebugLogging and a value named Enabled REG_SZ (String) = True under the

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CCM\Logging\@GLOBAL\ (For x86 SCCM Client)

or

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CCM\Logging\@GLOBAL\

Creating new key named DebugLogging

Creating new REG_SZ (String) named Enabled

Wednesday 26 February 2014

Hybrid Configuration Troubleshooting

Hi,

In this article I will mention of some troubleshooting methods against common issues that cause the Hybrid Configuration to fail. At this stage I assume that you have completed the prerequisites and prepared your tenant for the integration. These steps include registering the UPNs (User Principal Names), domains that are planned to be used with the service, as well as the configuration of the ADFS (Active Directory Federation Services), Directory Synchronisation, Exchange Hybrid Server. I will mention about these configuration steps in another article. However if you have any questions with regards to these feel free to approach me.

Anyway, let's go back to our topic Hybrid Configuration Troubleshooting. As highlighted above there are some common issues which cause your Hybrid Configuration to fail.

1- The first common and important known problem is the Autodiscover service misconfiguration. Testing the configuration of the autodiscover service is very easy. Microsoft has provided a great web-based troubleshooting tool (Remote Connectivity Analyzer) which helps to identify the external client based connectivity issues. The tool can be accessed here: Microsoft Remote Connectivity Analyzer

Select the Exchange ActiveSync Autodiscover option to ensure that the Autodiscover service is properly configured and your certificates are valid.

The most important points of this step are the following:

Autodisover test to be completed as successful.

The certification validation to PASS.

2- The second common issue I would like to mention which may cause the Hybrid Configuration to fail is the Virtual Directory settings. You might encounter this error during updating the hybrid configuration. You may get an error message something like below:

When you get the error above, follow the following steps to see whether the virtual directory settings are creating the issue or not.

Start the Exchange Management Shell (EMS) and run the command:
```
Get-FederationInformation <domain_name> -Verbose
```

The proper configuration should look like below:

If Get-FederationInformation is unable to retrieve information about the configuration, Update-HybridConfiguration would most likely encounter issues as well. Get-FederationInformation may not be able to retrieve the information due to errors 401 and 403. See below:

To resolve the 401 & 403 errors, you need to make sure that the security settings for the Autodiscover virtual directory has been configured properly. Run the following command:
- ```
Set-AutodiscoverVirtualDirectory -Identity 'autodiscover (Default Web Site)' -WSSecurityAuthentication $true
```

Run the Get-FederationInformation command again and now 401 & 403 errors should be resolved and you should see a result as shown above.

You can now go back and finalise your configuration. (Update-HybridConfigration)

3- Sometimes the error could be due to a corruption on the Autodiscover virtual directory or could be due to an incorrect configuration. In this case you would need to reset the Autodiscover virtual directory. Resetting will delete the existing directory and create a new one with the default settings. To reset the directory follow the following steps:

Start EMC and connect to the CAS.
- Expand Microsoft Exchange On-Premises, select the Server Configuration node and then select the Client Access Server.

Click Reset Virtual Directory in the Actions pane.

Accept the default log file location.

After the directory is reset, you need to reset the IIS server as well. Open an elevated command prompt window and run:
- iisreset

Also do not forget to set the -WSSecurityAuthentication $true value.

After completing the above you can start testing moving mailboxes between on-premise Exchange and Exchange Online. Keep an eye on this webpage if you want to find out more about the mailbox moves.

Hope above helps.

ecsword

/PrepareAD fails with error message: 'A hybrid deployment with Office365 has been detected.'

Hi,

As you all know before Exchange Server 2013 or its Cumulative Update is installed, you need to prepare the Active Directory forest and domain(s). However you may have an on-premise Exchange Server environment co-existing with an Office 365 tenant. When this is the case and you run the /PrepareAD switch, the Prerequisite Analysis will FAIL. See below:

Setup /PrepareAD /IAcceptExchangeServerLicenseTerms

To be able to prepare your Active Directory in a coexistence scenario with Exchange Online you would need to export your organisation configuration to an XML file. To do this:

1- Logon to your O365 tenant

2- Run

Get-OrganizationConfig | Export-clixml -Path X:\Path\filename.xml

3- Now re-run the PrepareAD switch with the exported XML as shown below. You should be able to run it successfully.

Setup /PrepareAD /TenantOrganizationconfig:C:\ecswordONLINEOrganizationConfig.xml /IAcceptExchangeServerLicenseTerms

You would need to follow this approach during the installation of the Cumulative Updates which would require Organisation Preparation.

ecsword

The attempt to connect to http://... using "Kerberos" authentication failed.

Hi,

When you launch Exchange Management Console and get a Kerberos authentication failed error message I suggest you to check the proxy settings of the Client Access Servers.

Run the following commands to check the proxy settings and either clear or update the existing settings with the correct proxy settings.

netsh winhttp show proxy

netsh winhttp reset proxy

You should now be able to access and connect both using EMC and EMS.

ecsword

Server in Database Availability Group is not started

Hi,

You may get an error message like "Server 'ServerName' in database availability group 'DAG_Name' is not started" error message during a move mailbox database process.

To start a specific mailbox server in the DAG run the following command:

Start-DatabaseAvailabilityGroup DAG_Name -MailboxServer ServerName

ecsword

The action can't be completed because the file is open in noderunner.exe

Hi,

You may get 'The action can't be completed because the file is open in noderunner.exe' error in Exchange Server 2013 when you try to delete a mailbox database.

This error is due to the noderunner.exe - a process of the Host Controller Service putting a lock on the index files. To remove the lock you need to restart the HostControllerService.

Restart-Service HostControllerService

Try deleting the folder and the contents after service restart. It should now work.

ecsword

Monday 24 February 2014

Windows Server 2012 R2 Versiyonları Özellik Karşılaştırması

	Windows Server 2012 R2 Datacenter	Windows Server 2012 R2 Standard	Windows Server 2012 R2 Essentials	Windows Server 2012 R2 Foundation
Limitler
Maksimum kullanıcı	lisansa bağlı	lisansa bağlı	25	15
Maksimum SMB Bağlantı	16,777,216	16,777,216	16777216	30
Maksimum RRAS Bağlantı	unlimited	unlimited	50	50
Maksimum IAS Bağlantı	2,147,483,647	2,147,483,647	50	10
Maksimum 64-bit soket	64	64	2	1
Maksimum RAM	4 TB	4 TB	64 GB	32 GB
Server can join a domain	Evet	Evet	Sadece migrasyon için	Sadece migrasyon için
DirectAccess	Evet	Evet	Dokümantasyona bkz.	Evet

Sunucu Rolleri
Active Directory® Certificate Servisleri	Evet	Evet	Evet	Evet
Active Directory Domain Servisleri	Evet	Evet	Gerekli	Evet (isteğe bağlı)
Active Directory Federation Servisleri	Evet	Evet	Evet	Evet
AD Lightweight Directory Servisleri	Evet	Evet	Hayır	Evet
AD Rights Management Servisleri	Evet	Evet	Evet	Evet
Application Server	Evet	Evet	Evet	Evet
DHCP Sunucusu	Evet	Evet	Evet	Evet
DNS Sunucusu	Evet	Evet	Evet	Evet
Fax Sunucusu	Evet	Evet	Evet	Evet
File Servisleri	Evet	Evet	Evet	Evet
Hyper-V	Evet	Evet	Hayır	Hayır
Network Policy and Access Servisleri	Evet	Evet	Evet	Evet
Print and Document Servisleri	Evet	Evet	Evet	Evet
Remote Access	Evet	Evet	Evet	Evet
Terminal Servisleri Application Sharing	Evet	Evet	Hayır	Evet
Terminal Servisleri Gateway	Evet	Evet	Hayır	Dokümantasyona bkz.
Web Servisleri (IIS)	Evet	Evet	Evet	Evet
Windows Deployment Servisleri	Evet	Evet	Evet	Evet
Windows Essentials	Evet	Evet	Default	Hayır
Windows Media Servisleri support (Streaming Media Servisleri)	Kurulum seçenekleri dokümantasyonuna bkz.	Kurulum seçenekleri dokümantasyonuna bkz.	Evet	Kurulum seçenekleri dokümantasyonuna bkz.
WINS Sunucusu	Evet	Evet	Evet	Evet

Özellikler
RODC – read only domain controller	Evet	Evet	Hayır	Hayır
Automatic Virtual Machine Activation	Both guest and host	As guest	As guest	Hayır
Best Practices Analyzer	Evet	Evet	Evet	Evet
BranchCache Hosted Sunucusu	Evet	Evet	Evet	Evet
BranchCache P2P Cache	Evet	Evet	Evet	Evet
Windows Control Panel	Evet	Evet	Evet	Evet
Distributed File System Replication	Evet	Evet	Evet	Evet
Data Deduplication	Evet	Evet	Hayır	Hayır
ISCSI target support	Evet	Evet	Evet	Evet
DirectAccess	Evet	Evet	Evet	Evet
Dynamic Memory (in virtualization)	Evet	Evet	Evet	Hayır
Failover Clustering	Evet	Evet	Hayır	Hayır
"Hot" add/replace RAM	Evet	Evet	Evet	Hayır
IPAM (IP Address Management)	Evet	Evet	Evet	Evet
Microsoft Management Console	Evet	Evet	Evet	Evet
Minimal Server Interface	Evet	Evet	Hayır	Hayır
Network Load Balancing	Evet	Evet	Evet	Evet
Non-volatile Memory Express desteği	Evet	Evet	Evet	Evet
Windows PowerShell	Evet	Evet	Evet	Evet
Server Core mode	Evet	Evet	Hayır	Hayır
Sunucu lisans loglaması	Evet	Evet	Evet	Evet
Sunucu Yöneticisi	Evet	Evet	Evet	Evet
SMB Direct and SMB over RDMA	Evet	Evet	Evet	Evet
Storage Management Service	Evet	Evet	Evet	Evet
Storage Spaces	Evet	Evet	Evet	Evet
Volume Aktivasyon Servisleri	Evet	Evet	Hayır	Hayır
VSS (Volume Shadow Copy Service) integration	Evet	Evet	Evet	Evet
Windows Sunucu Update Servisleri	Evet	Evet	Evet	Hayır

Hyper-V ve Storage Server için karşılaştırmanın bulunduğu PDF dokümanını http://www.microsoft.com/en-us/download/confirmation.aspx?id=41703 adresini ziyaret edebilirsiniz.

Sunday 23 February 2014

Client Behaviour During *over in Exchange Server 2010 - Part 2

Hi,

Welcome back. In the first part of the Client Behaviour During *over in Exchange Server 2010 article ( Client behaviour During *over in Exchange Server 2010 - Part 1 ), I mentioned about the new client connection type in Exchange Server 2010. Also mentioned about the client behavior in some *over scenarios. In this article I will continue to discuss the *over scenarios.

*over Scenario 3

In this scenario the active mailbox database is mounted on the DR site mailbox server. The primary site CAS servers are also down. The user fires up Outlook however Outlook cannot connect to the Exchange servers and throws the following error message:

The client is still trying to connect to the primary site Client Access Server array. Primary site mailbox database server mailbox has the lowest Activation Preference number hence the client is trying to connect to it. In this case a datacentre switchover is required. I am not going to discuss how to bring the DR site Exchange services online in another article. In a datacentre switchover scenario the primary site RPC Client Access Array service is required to be re-pointed to the standby Client Access Array in the secondary datacentre. This can be achieved by a simple DNS A Host record change. Autodiscover will still point the primary site servers hence existing Outlook clients do not need any configuration.

The TTL time of the CAS Array record in DNS and also DNS cache update time on the client is important. Set a recommend TTL value of 5 mins. In this test I run ipconfig /flushdns on the client which clears the DNS table cache, as you all know.

After the DNS cache gets updated; client fires up Outlook again and this time successfully gets connected. See below:

The RPCClientAccessServer setting has not been changed either.

* over Scenario 4

One very important thing to remember!! When the mailbox database gets activated in the DR site, the users will continue try connecting to the RPC Client Access Server array from the site where the lowest activation preference value resides.

I can hear you asking the question whether the RPCClientAccessServer value be changed or not? Yes it can be changed. To change the RPCClientAccessServer value of a mailbox database you either need to change the ActivationPreference number (the system will automatically update the value) or need to change it manually via EMS. See below:

And the RPCClientAccessServer value changes automatically:

However existing users will continue to use the old RPC endpoint server rather than the new enpoint server. Once again this is because the old RPC endpoint does not return the ecWrongServer response. If the old RPC endpoint becomes inaccessible the client will not be able to logon to Outlook.

*over Scenario 5

Microsoft has made significant change to this behaviour with Update Rollup 3 for Exchange Server 2010 SP2. For this scenario all Exchange Server in the infrastructure have been updated with Update Rollup 5-v2 for Exchange Server 2010 SP2.

The client is connected to the primary site RPC Client Access Server array.

When the mailbox database gets activated in the DR site the following box pops up.

The user restarts Outlook and as you can see the RPC endpoint service on the client automatically gets updated. See below:

So what has changed? With Update Rollup 3 for Exchange Server 2010 SP2 the RPC endpoint generates ecWrongServer message and the client receives it.

RPC Client Access log

2013-01-13T14:22:37.908Z,5,1,/o=CKTESTLAB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=username,,OUTLOOK.EXE,14.0.6025.1000,Classic,,,ncacn_ip_tcp,,OwnerLogon,1144 (rop::WrongServer),00:00:00,”Logon: Owner, /o=CKTESTLAB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=username in database HQMbx1 last mounted on VTLEXCH01.cktestlab.com at 13/01/2013 14:14:24, currently InTransitSameSite; Redirected: this server is not in a preferred site for the database, suggested new server: /o=CKTESTLAB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=outlookHQ.cktestlab.com”,RopHandler: Logon:

Very Important point here. The above is the default behaviour when the DAG’s AllowCrossSiteRpcClientAccess value is set to false. Bear in mind this is the default value.

Get-DatabaseAvailabilityGroup

Hope this article helps you to have a better understanding of the client behaviour during the *over process.

Thank you.

ecsword

Client Behaviour During *over in Exchange Server 2010 - Part 1

Hi,

In this article I will mention the client behavior during *over process in Exchange Server 2010 world.

With Exchange Server 2010 all mailbox related MAPI connectivity started going through the RPC Client Access service on the Client Access Server role. A new property (RPCClientAccessServer) been added to the Mailbox Database. If high availability is implemented this value should be the FQDN of the CAS the Array where Microsoft refers this as the RPC Client Access Server array.

In a *over scenario within the same site, under the assumption that CAS Array has been configured, the Outlook profile’s RPC endpoint will be the FQDN of the RPC Client Access Server array. When a mailbox database failure happens onto another mailbox server in the same site the Outlook profile continues pointing to the same RPC endpoint. So in this case there is NO change to the RPC endpoint service which is the expected scenario.

The second scenario is if the failure requires a switchover to another Datacentre meaning the primary datacentre is down, in this case you would need to Restore the services in the secondary datacentre also re-point the primary RPC Client Access Server array to the secondary site’s RPC Client Access Server array in DNS. With this configuration existing Outlook clients don’t need any reconfiguration for their RPC endpoint services.

The third scenario is if the failure happens onto a mailbox server in the DR site whilst the primary datacentre servers are online. RPC Client Access Server connectivity behaviour varies depending on the Exchange Server Service Pack and the Rollup package installed. The behaviour is different pre and after Update Rollup 3 for Exchange Server 2010 SP2.

The test infrastructure is depicted in the following picture.

*over Scenario 1

All Exchange servers have been installed with Service Pack 2 only. No Rollup updates have been installed. In this scenario a *over happens onto another mailbox server within the same site. As stated previously; in this case no action is required (under the assumption that CAS Array has been configured) as the Outlook profile will continue to use the same RPC endpoint service which is the RPC Client Access Server array.

*over Scenario 2

In this scenario *over happens onto the mailbox server that is located in the DR site. All Exchange Servers have been patched with Service Pack 2.

As seen in the above figure the database HQMbx1 has been mounted on the DR site mailbox server (VTLExDRMBX01). When a user; who has the mailbox on this mailbox database, logs on to Outlook the connection is still established to the RPC Endpoint service of the primary site. See below figure:

I can hear the question WHY? The answer is simple. Even though the Autodiscover service detected the change the client still connects to the RPC endpoint service of the primary site because the RPC endpoint servers does not return ‘ecWrongServer’ message to the client. Bear in mind that in this scenario the primary site RPC Client Access Array servers are still accessible.

RPC Client Access Log file

2013-01-13T00:04:46.900Z,8,1,/o=CKTESTLAB/ou=Exchange Administrative Group FYDIBOHF23SPDLT)/cn=Recipients/cn=username,,OUTLOOK.EXE,14.0.6025.1000,Classic,,,ncacn_ip_tcp,,OwnerLogon,0,00:00:00.5468715,”Logon: Owner, /o=CKTESTLAB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=username in database HQMbx1 last mounted on VTLEXDRMBX01.cktestlab.com at 13/01/2013 00:02:04, currently Mounted; LogonId: 0″

In the next part of this article ( Client behaviour During *over in Exchange Server 2010 - Part 2 ) I will continue to discuss other possible *over scenarios.

ecsword

Sunday 16 February 2014

Exchange Server 2013 CU3 Finalizing Setup FAILED

Hi,

If your Exchange Server 2013 Cumulative Update fails with the following error:

The following error was generated when "$error.Clear();
$windir = $env:windir;
# Note: Turning off DynComp for AppPools like MSFFOGLSAppPool as well
$backEndAppPrefix = "Exchange Back End";
$apps = &"$windir\system32\inetsrv\appcmd.exe" "list" "app";
foreach($app in $apps)
{
$startIndex = $app.IndexOf('"') + 1;
$numChars = $app.SubString($startIndex).IndexOf('"');
$appName = $app.SubString($startIndex, $numChars);

# Don't want to disable Dynamic Compression on 1 box topologies for BE Apps, so adding check
if($appName.StartsWith($backEndAppPrefix))
{
Write-ExchangeSetupLog -Info "Skipping $appName since Dynamic Compression should remain turned on for
it";
}
else
{
# We'll set this whether or not the app pool exists. Failures are ignored.
$a= &"$windir\system32\inetsrv\appcmd.exe" "set" "config" "$appName" -section:urlCompression /doDynami
cCompression:false /commit:apphost
Write-ExchangeSetupLog -Info ($a)
}
}
" was run: "Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Message'. Specified method is not supported.".
The Exchange Server setup operation didn't complete. More details can be found in ExchangeSetup.log located in the
<SystemDrive>:\ExchangeSetupLogs folder.

Check the execution policy of Windows PowerShell and ensure it is set to 'Unrestricted'.

To check the execution policy run:

Get-ExecutionPolicy

To set it to unrestricted run:

Set-ExecutionPolicy Unrestricted

ecsword

Wednesday 12 February 2014

Powerhell ile AD sorgulamaları için basit bir script

Bu basit ve küçük PowerShell scriptini el altında bulundurarak Active Directory (AD) nizi hızlıca anahtar kelime kullanarak sorgulayabilirsiniz. Cevap olarak size obje tipi kısıtlaması olmadan bulduklarını döndürecektir. Bu basit halini isterseniz değiştirip daha farklı işler de yaptırabilirsiniz. Derinlemesine aramalardan önce kolayca obje bulma konusunda yardımcı olacağını düşünüyorum.

param(
[Parameter(Mandatory=$true,Position=1)][string]$Query
)
$filter = "anr=$Query"
$dc = "DCSunucunuz:3268"
Get-ADObject -LDAPFilter $filter -Server $dc

Kullanımı

.\Get-Something01.ps1 osxx

Çıktısı

DistinguishedName	Name	ObjectClass	ObjectGUID
CN=Osman SHENER,…	Osman SHENER	user	2c973a30-4e…
CN=osxxNOT01,OU=…	osxxNOT01	computer	840e9c35-4d…
CN=osxxOSDW7TEST…	osxxOSDW7TEST20	computer	afe1c1fe-41…
CN=osxxPC01,OU=W…	osxxDSK01	computer	3db219e1-44…
CN=osxxVM,OU=San…	osxxVM	computer	ecefbb2f-44…

Handy Powershell script to query AD for any object

I believe keeping this handy and simple PowerShell script within reach is a good idea to query your Active Directory (AD) quickly with a hint of name. It will return you objects that have your wildcard in it. Quick way find things before digging more.

param(
[Parameter(Mandatory=$true,Position=1)][string]$Query
)
$filter = "anr=$Query"
$dc = "YourDC:3268"
Get-ADObject -LDAPFilter $filter -Server $dc

Usage

.\Get-Something01.ps1 osxx

Output

DistinguishedName	Name	ObjectClass	ObjectGUID
CN=Osman SHENER,…	Osman SHENER	user	2c973a30-4e…
CN=osxxNOT01,OU=…	osxxNOT01	computer	840e9c35-4d…
CN=osxxOSDW7TEST…	osxxOSDW7TEST20	computer	afe1c1fe-41…
CN=osxxPC01,OU=W…	osxxDSK01	computer	3db219e1-44…
CN=osxxVM,OU=San…	osxxVM	computer	ecefbb2f-44…

Monday 10 February 2014

Enabling disk performance counters in Windows Server 2012 R2's Task Manager Performance Tab

Enabling disk performance counters / graph in Windows Server 2012 R2's Task Manager Performance Tab

It is very easy to enable disks in Task Manager's Performance tab in Window Server 2012 R2,

All you need is to run diskperf -y command in a elevated command prompt, it enables counters as it says in the output.

Windows Server 2012 R2 'da Görev Yürütücüsünde gözükmeyen disk performans verileri

Windows Server 2012 R2 'da Görev Yürütücüsünde gözükmeyen disk performans verileri
Windows Server 2012 R2 işletim sisteminde görev yürütücüsünü açtığınızda Performans sekmesinde disk verilerini göremiyorsanız.

Aşagıdaki şekilde diskperf -y komutunu Admistrator yetkileri ile açtığınız komut istemi penceresinde çalıştırarak aktive edebilirsiniz.