How to setup Outlook Autodiscover and Outlook Anywhere from LAN and Internet (with two certificates) on Exchange 2010 in a single server scenario

 

Ever wondered how will you configure outlook autodiscover and outlook anywhere in the simplest scenario. I am assuming that you are running a single server hosting all roles and CAS is also published on the Internet for access to emails from Internet.

Setup:

You need two certificates, one each for autodiscover and the other for mail. You also need two external IP address pointing to two internal IP addresses. The external IP addresses should point to mail.mydomain.com and autodiscover.mydomain.com

Configuration

• Remove the auto discover Virtual Directory (VD) from the default site.
  

Remove-AutodiscoverVirtualDirectory -Identity "SERVERNAME\autodiscover (Default Web Site)"

• Create a new website in IIS. You can name the website as autodiscover
  
• Create the autodiscover VD in this new website
  

New-AutodiscoverVirtualDirectory -Websitename Autodiscover -BasicAuthentication:$true -WindowsAuthentication:$true

• Enable outlook anywhere on the server
  

Enable-OutlookAnywhere -Server SERVERNAME -ExternalHostname "mail.mydomain.com" -DefaultAuthenticationMethod "Basic" -SSLOffloading:$False

• Set the autodiscover location on the CAS server
  

Set-ClientAccessServer -Identity SERVERNAME -AutoDiscoverServiceInternalUri "https://autodiscover.mydomain.com/autodiscover/autodiscover.xml"

• Run the below commands to setup the other VDs properly
  

Set-OABVirtualDirectory –Identity SERVERNAME\OAB (default web site) -InternalURL https://mail.mydomain.com/OAB ExternalURL https://mail.mydomain.com/OAB -RequireSSL:$true

Set-WebServicesVirtualDirectory –Identity SERVERNAME\EWS (default web site) -ExternalURL     https://mail.emydomain.com/ews/exchange.asmx -InternalURL https://mail.mydomain.com/ews/exchange.asmx -BasicAuthentication:$True

Set-OWAVirtualDirectory –Identity SERVERNAME\OWA (default web site) -InternalURL https://mail.mydomain.com/OWA -ExternalURL https://mail.mydomain.com/OWA

Set-ECPVirtualDirectory –Identity SERVERNAME\ECP (default web site) -InternalURL https://mail.mydomain.com/ECP -ExternalURL https://mail.mydomain.com/ECP

Set-ActiveSyncVirtualDirectory –Identity SERVERNAME\Microsoft-Server-ActiveSync (default web site) -ExternalURL https://mail.mydomain.com/Microsoft-Server-ActiveSync -InternalURL https://mail.mydomain.com/Microsoft-Server-ActiveSync

 

You can then use https://www.testexchangeconnectivity.com to test Auto discover and Outlook Anywhere you just configured.

I was able to do this setup by referring to this link (although it is a Wxchange 2007 link) http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx

 

------------ End of Document ------------------------
Tags: Exchange Server, Autodiscover, Outlook Anywhere
Published Date: 20110326

Exchange - Multiple copies in forwarded mail

Q: If you forward all your mails (Exchange) to an external email account using ADUC you receive multiple copies only if you also keep a copy in your exchange mailbox. If you do not keep a copy then this issue does not occur.

A: After jostling with this issue for 3 day myself, logged a case with MS.

After 14 hrs of continuous troubleshooting on this SEV 1 case and 4 MS engineers putting all their exchange skills together, we were able to reach to a solution.
A pretty stupid indeed.

Go to virtual SMTP server properties in ESM -> Access -> Authentication.
Check all the authentication methods.

Bingo and the issue is resolved. It happens because of the way Exchange servers authecticate each other. The first incoming hop in my exchnage organisation receives a mail and should split the message and send two copies. One to forwarded address and one to my Exchange mailbox. This splitting does not work if only Anonymous authentication is selected on the SMTP virtual server of the HomeMDB server of the user.

 

Recovering Personal Folder Passwords (PST)

PSTs are pain in the back. And I hope every exchange Admin would agree to that.

Anything and every thing can go wrong with them corruption, stopping backups from running because some geek copied theirs to a network share and then left Outlook open, File servers crashing because of the amount of network connections being used by open PSTs, usage of space, users that think that the 2GB limit is a lie.

But the worst thing about them is customers who password protect them, then forget the password and then deny all knowledge of ever setting the password in the first place.

PstPassword is a small utility that recover lost password of Outlook .PST (Personal Folders) file.

http://www.nirsoft.net/utils/pst_password.html


It is an excellent tool for recovering the password or generating a new password for the file without corrupting it - give it a go, and the best thing about it is that its free (for non-commercial use).

Mukul

Script: Distribution List membership enumeration

net group "Name of Dist List" >c:\dist.txt would not give the Contacts who are members of that DL. Also it would be difficult to find the email addresses.

To retrieve the membership of a Distribution list to a file. (FullName,Sam Account,e-Mail ) use the below script.


On Error Resume Next

strPath = inputbox("Please enter in the path to your group in AD")

Set objGroup = GetObject ("LDAP://" & strPath)

objGroup.GetInfo

strArrMember = objGroup.GetEx("member")

dim fs,objWriteFile

set fs=CreateObject("Scripting.FileSystemObject")

set objWriteFile = fs.CreateTextFile("GrpMem.csv", True)

dim objDistinguishedName

objWriteFile.Write "FullName,Sam Account,e-Mail" & vbcrlf

For Each strMember in strArrMember

Set objUser = GetObject ("LDAP://" & strMember) objWriteFile.Write objUser.FullName & "," & objUser.sAMAccountName & "," & objuser.mail & vbcrlf

Mukul

Is a firewall blocking your Exchange Server's SMTP/POP3 communications!!!

It is interesting to note that if you have a cisco PIX firewall sitting in default security configuration somewhere between your exchange servers it is bound to cause hell lot of problems.

Exchange relies on three propreitary ESMTP verbs (X-EXPS, X-LINK2STATE and XEXCH50) for proper functioning and many others as well.
The stupid Mailgaurd feature, that is on by default, on Cisco PIX firewall allows ONLY RFC 821 SMTP commands to flow across (HELO, MAIL, RCPT, DATA, RSET, NOOP and Quit). All other commands are translated into X's.

When this happens, a number of symptoms can manifest:

• Link state table does not update correctly
• Mails keep pending to be submitted to sibling mail servers in a same Rotuing group
• Exchange servers can't authenticate each other.
• Seemingly commonplace commands are responded to with the 500 Unrecognized command error or one of its analogues.
• Normal commands produce completely unexpected responses

You would need get the Mailgaurd feature disabled in the PIX firewall that is sitting between any exchange servers within a same Exchange organization.
Symantec's Raptor Firewall has also been identified as another culprit in such cases.

http://support.microsoft.com/kb/295725/en-us

Unable to send email even though message size limits are set

With exchange 2007, you may have come across a situation when you have set message size restrictions correctly at all the four places as per Microsoft:

1. Global/Organizational Limit

2. Connector Limit

2.1 Send Connector

2.2 Receive Connector

2.3 Active Directory SiteLink Limit

2.4 Routing Group Connector Limit

3. Server Limits

4. User Level Limits

There may be times still that if you have set a 10 MB limit everywhere, users are not able to send/receive emails with attachments of 7 MB even. The problem happens because content conversion happens when Exchange converts an internet (MIME) message into Exchange (MAPI) format, and vice versa.

This conversion is done by Exchange while sending/receiving emails to/from Internet. Content conversion generally increases the message size - roughly by 30%.

------------ End of Document ------------------------
Tags: Exchange Server
Published Date: 20100817

Assign rights to helpdesk to give SendAs permissions

There are multiple ways to assign Recipient Administration permissions to the helpdesk users. Some of them are:

1. Add them to "Recipient Management" RoleGroup directly using Exchange Shell. This will assign them the two important Roles "Mail Recipients" and "Mail Recipient Creation"
2. Add them to "Recipient Management" Active Directory Group. This group is already added to the "Recipient Management" RoleGroup.
3. If you have a mixed environment (2007/2010) then the old "Exchange Recipient Administrators" group is already a member of "Recipient Management" group.

However the catch is that they still will not be able to give SendAs permissions to the users on shared mailboxes.

The cmdlet that is required to give SendAs permissions is Add-ADPermission. This cmdlet is available in "Active Directory Permissions" Role. Do not worry because this role has only the below cmdlets:

Remove-ADPermission
Get-User
Get-SecurityPrincipal
Get-RoleGroup
Get-Group
Get-DomainController
Get-ADPermission
Add-ADPermission

As you can see that all of them are Get cmdlets and only Remove-ADPermission and Add-ADPermissions cmdlets so it is safe to add Helpdesk to this Management Role. Further more the switches that can be used with the Add and Remove AD Permission cmdlet are also restricted.

Now you have identified the RoleGroup and the Role to be assigned to the helpdesk to enable them to give SendAs permissions also. One you have done this, you need to asign the Role to the RoleGroup. We will choose the built-in Role Group "Mail Recipients". I have chosen this RoleGroup because it already contains most of the Roles required by the heldpesk to perform Mail User management.

To assign a Role to a Role Group, we use New-ManagementRoleAssignement cmdlet. Here is the syntax in this case

New-ManagementRoleAssignment -Name "Active Directory Permissions-Recipient Management" -SecurityGroup "Recipient Managemen" -Role "Active Directory Permissions"

The standard naming convention for creating management Role Assignment is as above only.

Once you have done the above then the Recipient Managament Role Groups will have the following Roles assigned:

Distribution Groups
Mail Enabled Public Folders
Mail Recipient Creation
Mail Recipients
Message Tracking
Migration
Move Mailboxes
Recipient Policies
Active Directory Permissions

The last Role has been assigned by the New-ManagementRoleAssignment cmdlet above. This will enable the helpdesk to do the complete management of the recipients including granting SendAs permissions.

------------ End of Document ------------------------
Tags: Exchange Server, Power Shell
Published Date: 20100805

RBAC console will not open in Exchange 2010

If you have a mixed environment (Exchange 2003, 2007 and 2010) then only those people can open RBAC console who have their mailbox on a 2010 server.

If people from other exchange servers try to open the RBAC console then they will get the following error.



------------ End of Document ------------------------
Tags: Exchange Server
Published Date: 20100728

Soft recovery of Exchange 2003 database

A step by step walk-through of procedure to be followed when exchange database fail to mount in Exchange System Manager. Please note that I have personally tried these steps with MS premier support executive on call, however I take no guarantee that

1. Ensure that Exchange System Attendant and Exchange Information Store service are started.
2. Now try to mount the database and if database is not mounting and giving an error then check the shutdown state of the database.
3. To check whether database are in clean shutdown or dirty shutdown. Run the below command from the “Exchsrv\bin” directory:

Eseutil /mh “Path of the database” as indicated below and check the state of the database for e.g. :

Eseutil /mh “K:\EXCHANGE20-SG01-DB\EXCHANGE20-SG01-MBX01.edb”




4. Check if the database is in dirty shutdown state. If yes then also check for the “Log required” field as shown above and make sure you have those log files for soft recovery.

5. To check how many logs files have been committed to the database RUN Eseutil /mk “path of the checkpoint file”

Eseutil /mk “L:\EXCHANGE20-SG01-LOGS\E00.chk”

The result of the above command and the logs required as per /mh may not match of the chk file is corrupt. The more reliable output is from /mh

6. To make sure that all the log files are consistent, run
Eseutil /ml “Path of the log files\log prefix” as indicated below.
Eseutil /ml “L:\EXCHANGE20-SG01-LOGS\E00”

Below command will help you check the health of all the log files in the location. Be careful that this command will take VERY long time to complete if you have too many files in the log folder.

A better option is to move the committed log files to a backup folder and then run the above command on the remaining log files to check the consistency of uncommitted log files.





7. You may not see the last log file required in the log folder because that log file may be E00.log. You can find the actual log file name of e00.log “Eseutil /ml “Path of Log File\e00.log”

8. Make sure that you have all the logs files in sequence and are in consistent state which have not yet been committed and if any log file is missing or corrupted then soft recovery will not be successful.

9. To run the soft recovery run the command “Eseutil /r Enn /L “Path of the log files” /d “path of database file”.

E.g. Eseutil /r E00 /l “L:\EXCHANGE20-SG01-LOGS” /d “K:\EXCHANGE20-SG01-DB\EXCHANGE20-SG01-MBX01.edb”






If the above command fails, you can include the switch “/s” for giving the location of the “.chk” file.

Another switch /i can be appended to the above command to ignore the other databases that run off the same set of log files if they are mounted.

7. If the above command does not work then you can cut and paste all the committed log files and Enn.chk from the log drive in another location as backup and try mounting the database. Exchange will create a new chk file and will try to do a soft recovery itself.

If all the above steps do not succeed it is time to call Microsoft and log a SEV 1 case with them.

------------ End of Document ------------------------
Tags: Exchange Server
Published Date: 20100111

How to delete an email from a mailbox using Exchange Shell

There have been times when a user has sent an email to a big DL and wants it to be recalled. We all know that Exchange recall feature is not much effective. However in Exchange 2007 you can scan all mailboxes and delete the email from them. The best way is to narrow your search as much as possible.

However remember that you need an account which has full access to the mailbox from which you want to delete the email. The BES service account generally has that permissions. You will have to "Run As" the EMS with this account.

Below are two examples of such command.

Get-Mailbox -Server SERVER_NAME -resultsize unlimited | Where-Object {$_.OrganizationalUnit -like "Mydomain.corp/OU/OU/OU*"} | Export-Mailbox -SubjectKeywords "Some keywords from the subject line" -DeleteContent -StartDate 10/08/2009 -IncludeFolders "\Inbox"

The above command finds all mailboxes from a particular server and which are in a particular OU. It then users the Export-Mailbox command to delete the mails as per the specified criteria.

StartDate is use to delete the emails that are after the specified date. You can also use EndDate to specify the range.

Include Folders further narrows the search and reduces the scan time considerably.

Get-Mailbox -Server SERVER_NAME -resultsize unlimited | Export-Mailbox -SenderKeywords "Sender's SMTP address" -DeleteContent -StartDate 10/08/2009 -IncludeFolders "\Inbox"

You can also delete emails from a specific sender using the above command.

Please be careful to test this command before running in production environment as you may end up deleting emails from users mailbox that they need if any wrong criteria is chosen.

------------ End of Document ------------------------
Tags: PowerShell, Exchange Server
Published Date: 20100107

Remove all DL membership from a user

As part of account termination process, it is often required that the user should be removed from all DLs. This is generally a manual process because of the way AD stores Group Membership information. However you can use Quest Management Shell and achieve the task in one line.

Import-Csv c:\My_UserNames.csv | foreach {(Get-QADUser $_.DisplayName).memberof | Get-QADGroup | Remove-QADGroupMember -Member $_.DisplayName}

The above line will read all names from a CSV. It will then find the DLs that the user is a member-of and call Remove-QADGroupMember to remove the member from the specified DLs. This command will run on all the DLs that a user is a member-of. 'foreach' will cause the entire command to run for all the users listed in the csv file.

We need to pipe it to Get-QADGroup because .memberOf spits the DN of the DLs and Remove-QADGroupMember will not take the DN as the identity for the DL.

------------ End of Document ------------------------
Tags: Active Directory, PowerShell, Exchange Server
Published Date: 20091231

Change multiple user password using command line

Quest QAD shell provides a very useful interface to do this often required task. The beautiful part is that you do not need to provide the password as a Secure string.

Set-QADUser –Identity –UserPassword -UserMustChangePassword $True

The above command will set the password for User to the one specified in this command.

Import-Csv UserList.csv | foreach {Set-QADUser -Identity $_.UserName -Password $_.UserPassword -UserMustChangePassword $True}

The above command will read the UserName and UserPassword from and excel sheet UserList.csv and will set them accordingly. You need to keep the row headers as UserName and UserPassword in the CSV. The most important feature here is that you can have a different password for each individual user in the sheet.

------------ End of Document ------------------------
Tags: Active Directory, PowerShell,
Published Date: 20091118

Convert lastlogon or laslogontimestamp to date

It is always difficult to convert the large integer value on the account's property. The date is stored as a large integer. To convert it you can use the built in w32tm command:


w32tm /ntte 128787219065874052
[Output] 149059 06:45:06.5874052 - 2/10/2009 12:45:06 AM (local time)

w32tm /ntte 128805109570324972
[Output] 149079 23:42:37.0324972 - 3/2/2009 5:42:37 PM (local time)

------------ End of Document ------------------------
Tags: Active Directory, Windows Server 2003, Windows Server 2008
Published Date: 20090305

Edit Environment Variables without Admin Rights

As a System Admin in an organization one always comes across a situation when users want Admin Rights because they cannot modify System Environment Variables(generally required by developers to change JAVA_HOME and CLASSPATH). However there is no need to give users Admin Rights for such small task.

Instead, they can create User Variables that override System Variables when they log on. The only exception to this rule is the PATH variable whose contents is composed of the system and user variables, separated by a semicolon.

------------------- End of Document -----------------------

Tags: Windows XP

Published Date: 20081002

Remaining Part

To check the previous par of this post click here.

 

i8042 is a system service that controls ps2 mouse and keyboard ports. Some of the features of this driver are:

• Hardware-dependent, simultaneous operation of a PS/2-style keyboard and mouse device
• Management of I/O Port and IRQ settings and routines
• Plug and Play and power management
• Operation of legacy devices
• Other interface and interaction components between the operating system and these types of devices

However if your server does not have a ps2 device attached or your BIOS disables ps2 ports to save IRQ, i8042 would still search for hardware and if it deos not find any ps2 device OR gets a weird data from BIOS, it would error out.

There are two ways to fix this:

A. Create a parameter in i8042 service properties to identify it as a headless node.

• Go to Start > Run and put "regedit.exe" and click "Ok"
• Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt\Parameters in Registry Editor
• Add a new REG_DWORD "Headless" and set the value to 1
• Reboot the server.

                       OR Infuse new life in your OLD PC

                            Repair Your Windows XP

B. Disable the i8042 service from registry.

(**Be careful you may not be able to use PS2 Mouse and keyboard if you do so**)

• Go to Start > Run and put "regedit.exe" and click "Ok"
• Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt in Registry Editor
• Change the REG_DWORD value "Start" from  "1" to "4". This sets the i8042 service from SERVICE_BOOT_START to SERVICE_DISABLED
• Reboot the server

The reason why it only happens in some cases only is because some BIOSes have a setting to enable/disable ps2 ports. You can set this to enable, disable or auto.

In auto mode, if it does not detect a ps2 device it might disable the ps2 port to save an irq. However, some BIOSes have no setting at all and behave as "auto" mode by default. If i8042 search for hardware and finds no ps2 or gets a weird data from BIOS pnp, might error out.

DONT LEAVE THIS PAGE NOW.

:::::CHECK THIS SITE before you move on::::::

Fly this holiday anywhere around the world & save on huge on cheapest airfare using an exclusive CheapOair coupon Code HOLIDAY10. Simply plug in this coupon code when buying your airline ticket at CheapOair.com and save $10 on all domestic & international flights. Coupon Code Valid till Dec 2008

-------------- End of Document -----------------

Tags: Windows Server 2003

Published Date: 20090101

How to rename an Exchange Server running on a Windows Cluster

Though I would agree that is not a good idea to rename your Exchange server that is running on a Windows Server Cluster, however you may need to it for various reasons. I did test this in my test environment.

I had two tasks at hand:

1. Rename the cluster name itself
2. Rename the Exchange Virtual Server name

How to rename the cluster:

• To Rename the Cluster right click on the cluster name and choose rename.

• Type the new name of the cluster and you are done.
• Check the properties of 'cluster name' resource to confirm the change of name.

• Take the 'cluster name' resource offline and bring it back online.
• DTC resource would also have gone offline. Bring it online as well.

How to rename the Exchange Virtual Server:

• Bring all the Exchange resources off line including the network name (Exchange Virtual Server network name).
• Rename the Exchange Virtual Server network name resource by choosing properties and editing the parameter of the resource.

• Bring the Exchange Virtual Servername and Exchange Virtual Server IP address resources online.

• Delete the Exchange Virtual Server System Attendant resource. It is necessary because a Windows Cluster server can only run a single instance of Exchange Virtual Server.

• All other dependant resources should also be deleted. choose Yes to do so.

• Move all the databases and log files to an alternate location. If you do not do so Windows will not let you create the System Attendant resource and will complain that the exchange data directory is not empty.

• Create a new System Attendant resource and all other dependant resources would be created automatically.
• Bring all the resources online once and check everything is fine in the cluster administrator.

• Now open Exchange System Manager and you should see both the new and the old Exchange Servers listed.

• If you try removing the old server, Exchange would complain that some users still exist on the server and you cannot remove the Exchange Server.

• Use the following article to find all the users whose AD attributes for current mailbox server has not yet been update to the new server and rip off the Exchange attributes from all these users.

• Put a check mark against the box "This database can be overwritten by a restore" found under Mailstore -> Properties -> Database tab. Do this for all the information stores in the new Exchange Virtual Server.

• Take the System Attendant resource offline from the cluster.
• Copy back all the exchange database and log files that you had copied earlier to an alternate location.
• Bring back the System Attendant and all other resources online.
• Check the Mailstore of the new Exchange Virtual Server and it should now list all the users who had their mailbox on this server.

• Run the MailBox cleanup Agent Exchange System Manager.

• Once you run the mailbox cleanup agent all the mailboxes would appear as disconnected.

• Right click on each mailbox and reconnect them to the correct username in the AD.

Tempuser01 connected to old mailbox:

Tempuser01 with exchange attributes ripped off:

Tempuser01 connected to new mailbox

• Purge all other mailboxes such as SMTP and System Attendant from the new Exchange Server.

• Now remove the old server from Exchange System Manager

-----------------End of Document-------------

Tags: Clustering, Exchange Server, Windows Server 2003

Published Date: 20080609

Extract troubleshooting info from Windows XP BSOD error messages

Microsoft Windows XP systems are notorious for crashing for any number of reasons and in a number of ways. Some of these crashes are mild and can easily be overcome simply by closing a non-responding application or by rebooting the system. However, others are more serious and can bring the entire system to its knees. Microsoft calls these types of crashes “Stop errors” because the operating system stops responding. When a Stop error occurs, the GUI is replaced by a DOS-like blue screen with a cryptic error message followed by a code number. This screen is affectionately referred to as the Blue Screen Of Death, or BSOD for short.

Common BSODs in Windows XP

Now that you have a good idea of how to dissect a BSOD and pull out the relevant pieces of information from all the gibberish on the screen, let’s look at some of the more common BSODs in Windows XP. I’ll only cover just a few of the BSOD conditions, but there are lots of possible Stop errors. For each BSOD I discuss, I’ll provide a link to an article on the Microsoft Knowledge Base that covers that particular Stop error. (Since more than one article might address a Stop error, you may want to search the Knowledge Base if you discover that you need more information.)

STOP:0×0000000A
IRQL_NOT_LESS_OR_EQUAL

This Stop error, which can be caused by either software or hardware, indicates that a kernel-mode process or driver attempted to access a memory location it did not have permission to access or a memory location that exists at a kernel interrupt request level (IRQL) that was too high. A kernel-mode process can access other only processes that have an IRQL that’s equal to or lower than its own.

Troubleshooting a Stop 0×0000000A error in Windows XP

STOP: 0×0000001E
KMODE_EXCEPTION_NOT_HANDLED

This Stop error indicates that indicates that the Windows XP kernel detected an illegal or unknown processor instruction. The problems that cause this Stop error can be either software or hardware related and result from invalid memory and access violations, which are intercepted by Windows’ default error handler if error-handling routines are not present in the code itself.

Possible Resolutions to STOP 0×0A, 0×01E, and 0×50 Errors

STOP: 0×00000050
PAGE_FAULT_IN_NONPAGED_AREA

This Stop error indicates that requested data was not in memory. The system generates an exception error when using a reference to an invalid system memory address. Defective memory (including main memory, L2 RAM cache, video RAM) or incompatible software (including remote control and antivirus software) might cause this Stop error.

Possible Resolutions to STOP 0×0A, 0×01E, and 0×50 Errors

STOP: 0×0000007B
INACCESSIBLE_BOOT_DEVICE

This Stop error indicates that Windows XP has lost access to the system partition or boot volume during the startup process. Installing incorrect device drivers when installing or upgrading storage adapter hardware typically causes this Stop error. This error could also indicate a possible virus infection.

Troubleshooting Stop 0×0000007B or “0×4,0,0,0″ Error

STOP: 0×0000007F
UNEXPECTED_KERNEL_MODE_TRAP

This Stop error indicates a hardware problem resulting from mismatched memory, defective memory, a malfunctioning CPU, or a fan failure that’s causing overheating.

General causes of “STOP 0×0000007F” errors

STOP: 0×0000009F
DRIVER_POWER_STATE_FAILURE

This Stop error indicates that a driver is in an inconsistent or invalid power state. This Stop error typically occurs during events that involve power state transitions, such as shutting down, or moving in or out of standby or hibernate mode.

Troubleshooting a Stop 0×9F Error in Windows XP

STOP: 0×000000D1
DRIVER_IRQL_NOT_LESS_OR_EQUAL

This Stop error indicates that the system attempted to access pageable memory using a kernel process IRQL that was too high. The most typical cause is a bad device driver (one that uses improper addresses). It can also be caused by faulty or mismatched RAM or a damaged pagefile.

Error Message with RAM Problems or Damaged Virtual Memory Manager

STOP: 0×000000EA
THREAD_STUCK_IN_DEVICE_DRIVER\

This Stop error indicates that a device driver problem is causing the system to pause indefinitely. Typically, this problem is caused by a display driver waiting for the video hardware to enter an idle state. This might indicate a hardware problem with the video adapter or a faulty video driver.

Error message: STOP 0×000000EA THREAD_STUCK_IN_DEVICE_DRIVER

STOP: 0×00000024
NTFS_FILE_SYSTEM

This Stop error indicates that a problem occurred within Ntfs.sys, the driver file that allows the system to read and write to drives formatted with the NTFS file system. (A similar Stop message, 0×00000023, exists for the file allocation table [FAT16 or FAT32)] file systems.)

Troubleshooting Stop 0×24 or NTFS_FILE_SYSTEM Error Messages

STOP: 0xC0000218
UNKNOWN_HARD_ERROR

This Stop error indicates that a necessary registry hive file could not be loaded. The file may be corrupt or missing. The registry file may have been corrupted due to hard disk corruption or some other hardware problem. A driver may have corrupted the registry data while loading into memory or the memory where the registry is loading may have a parity error.

How to Troubleshoot a Stop 0xC0000218 Error Message

STOP: 0xC0000221
STATUS_IMAGE_CHECKSUM_MISMATCH

This Stop message indicates driver, system file, or disk corruption problems (such as a damaged paging file). Faulty memory hardware can also cause this Stop message to appear.

“STOP: C0000221 unknown hard error” or “STOP: C0000221 STATUS_IMAGE_CHECKSUM_MISMATCH” error message occurs

Note: This post has been kept on this blog for personal reference and has been taken from TechRepublic website.

-------------- End of Document -----------------

Tags: Windows XP, Windows Server 2003

Published Date: 20080724

How to rebuild the SYSVOL tree when none exists in Active Directory

A Windows admin has trouble promoting the second DC in a domain. It seems that AD replication was working and DNS was healthy, but FRS was not. No SYSVOL or Netlogon share, no SYSVOL tree on the second domain controller. The FRS event log was logging Event ID 13508 events but no 13509 events

 

When tying to force SYSVOL replication, using KB 290762 -- setting BURFLAGS value on the PDC to D4 and on the other DC to D2 -- something went wrong and it wiped out the SYSVOL tree on the primary domain controller. It was as if it had replicated the empty SYSVOL to the PDC instead of the other way around. So there is no SYSVOL tree on either DC.

You can started from scratch, but that is not a good political decision. And you will not have root cause to justify it.

The solution is to create the SYSVOL tree, including junction points and proper ACLs. Of course, you will also need to create the default domain policy and the default domain controller policy.

There is a decent article on the Microsoft Help and Support site, KB 315457 How to rebuild the SYSVOL tree and its content in a domain, but like many articles of this nature, Microsoft tries to cover all the bases.

In addition, the Microsoft's KB assumes you have a SYSVOL tree in the domain -- which we do not have -- so we need to generate a new default domain policy and default domain controller policy. you might  run into an additional problem with other policies that had objects in AD but do not exist in SYSVOL.

I would recommend referring to the KB for details, but this is how you solve the problem of no SYSVOL on any DCs.

Step 1: Stop the FRS service on both DCs and create the SYSVOL tree on the PDC. This is pretty basic. Use Windows Explorer or a command prompt. I used a good DC I had in a lab as a guide. The tree looked like this:

SYSVOL
• Domain
  • DO_NOT_REMOVE_NtFrs_PreInstall_Directory
  • Policies
  • Scripts
• Staging
• Staging Area
• SYSVOL
  • Corp.net

Step 2: Set the ACLs. Just leave the default ACLs on all directories except the DO_NOT_REMOVE_NtFrs_PreInstall_Directory. Again, looking at my lab domain, we removed all users and groups except domain administrators and System I and defined both of them to have "Special Permissions" only. I also set the "DO_NOT_REMOVE" directory attributes to Hidden and Read.

Step 3: Create the junction points. Remember the junction points connect a "real" directory to a "mirrored" directory. The \SYSVOL\domain is the real (Source) directory connected to \SYSVOL\SYSVOL\corp.net, a junction point. \SYSVOL\Staging\Domain is the real (Source) directory connected to \SYSVOL\Staging Areas\Corp.net.

KB 315457 shows how to determine the actual source directory if you need that information, but here is what we did:

Using the linkd command,

linkd "%systemroot%\SYSVOL\SYSVOL\Corp.net" %SYSTEMROOT%\SYSVOL\DOMAIN

linkd "%systemroot%\Sysvol\staging Areas\Corp.net" %systemroot%\sysvol\Staging\Domain

Step 4: Rebuild default domain policies. Using the DCGPOFix tool, available from Microsoft's download site, this was pretty easy. Just run the tool and it asks if you want to create a new default domain policy (answer yes) and if you want to create a new default domain controllers policy (answer yes). At this point, we double-checked to make sure the SYSVOL tree and the policies were all correct.

Step 5: Replicate SYSVOL. We had already found that using KB 290762 wiped out SYSVOL on the PDC, so we didn't want to do that again. Because we only had two DCs and because the file replication service had been stopped, it seemed logical that starting the FRS -- first on the PDC and then the other DC -- would jump-start FRS. SYSVOL was replicated, and we had the SYSVOL share.

This next part isn't really a step. It's something we ran into that you should be aware of. After Step 5, SYSVOL was shared but not NETLOGON. When SYSVOL was deleted from the PDC, it also deleted two custom Group Policies. When SYSVOL was replicated after the rebuild, errors were logged in the event log complaining about these two policies. Using ADSIEdit, we went to Corp.net\system\Policies and deleted the objects for the two deleted policies. Soon, the Netlogon share appeared, and the 1704 event in the application log validated replication of policy.

After doing an operation like this, it's a good idea to check the event logs for related errors and create a sample GPO and see if it replicates.

------------------- End of Document -----------------

Tags: Windows Server 2003

Published Date: 20080709

Send Mails using Telnet with authentication

Sending mails using telnet comes handy when you are troubleshooting mail issues. You will find lots of such small set of instructions for the same however this guide also explains how to authenticate to the server before sending a mail.

1. Open a telnet session on port 25

2. type 'ehlo YourDomain.com', and hit enter.

3. Type 'auth login', and hit enter. You will see output something like this.

4. Now enter your full email address and then your password encoded in BASE64. To convert your full email address and your password to BASE64, you can use this handy BASE64 encoding tool.

5. If your username (the full email address) and password were entered correctly, the mail server would respond with “Authentication successful”.

6. You have just authenticated yourself with the mail server and now can start entering the email details.

7. Type 'mail from: YourUserName@YourDomain.com', and hit enter.

8. Type 'rcpt to: Destinationemail@DestinationDomain.com' and hit enter.

9. Type 'DATA', hit enter

10. Type 'Subject: Your Subject Here', hit enter.

11. Hit enter once again to send a blank line to seperate header from the message body.

12. Type your mail.

13. Type '.' (A single dot in a line to indicate end of your mail and submit it for delivery).

------------------- End of Document -----------------------

Tags: Exchange Server

Published Date: 20080617

You may receive Error ID: 5079 (000013d7) after uninstalling Double Take software

When you uninstall/remove Double Take software from your Windows Cluster you may receive the following error message when starting Cluster Administrator.

An error occurred attempting to read properties for the 'Double-Take Source Connection' resource type.

Error ID: 5079 (000013d7)

You can alway safely ignore this error message. However to get rid of it completely just remove the Double Take Resource type from the registry.

Open registry editor and take the backup of current registry.

Delete the following key:

HKEY_LOCAL_MACHINE\Cluster\ResourceTypes\Double-Take Source Connection

------------End Of Document -----------------

Tags: Clustering, Windows Server 2003

Published Date: 20080609