Categories
blog howto windows

Windows 2012 Server Manager refresh failed, requires a restart

The request to add or remove features on the specified server failed. the operation cannot be completed because the server that you specified requires a restart.

Role and feature refresh failed with the following error: The Request to list features available on the specific server failed. The operation cannot be completed, because the server that you specified requires a restart.

Restarting the server does not help.

Check the eventlog for an error from Service Control Manager ID 7041 that reads:

The MSSQL$MICROSOFT##WID service was unable to log on as NT SERVICE\MSSQL$MICROSOFT##WID with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: MSSQL$MICROSOFT##WID
Domain and account: NT SERVICE\MSSQL$MICROSOFT##WID

This service account does not have the required user right “Log on as a service.”

Check the “Windows Internal Database” service is running, it probably is not and can’t start.

If this is a domain controller you can assign the logon as service right for the account using the “Default Domain Controllers Policy” GPO.

  1. Open gpmc.msc
  2. Select the “Default Domain Controllers Policy” under the “Domain Controllers” OU in the left tree.
  3. Right click on it and select edit.
  4. In the editor navigate to “Computer Configuration, Policies, Windows Settings, Security Settings, Local Policies, User Rights Assignments”.
  5. Open the properties of the “Log on as a service” item.
  6. Add the user “NT SERVICE\MSSQL$MICROSOFT##WID” (without quotes) using the Add User or Group button.
  7. Close the window with OK. Close the GPO editor.
  8. Run gpupdate and restart the computer.

If this is a normal member or standalone server you can assign the logon as service right for the account using the “Local Security Policy”.

  1. Open secpol.msc
  2. Navigate to” Local Policies, User Rights Assignments”.
  3. Open the properties of the “Log on as a service” item.
  4. Add the user “NT SERVICE\MSSQL$MICROSOFT##WID” (without quotes) using the Add User or Group button. If this is greyed out, than the item is set using Domain Group Policies (see above).
  5. Close the window with OK. Close the local security policy editor.
  6. Run gpupdate and restart the computer.
Categories
blog howto windows

Uninstall Sophos Antivirus tamper protection lost password

How to uninstall Sophos Antivirus when the Tamper Protection doesn’t let you, and you don’t know the Tamper password.

  1. Stop the Sophos Anti-Virus service if possible. Open services.msc and stop the service.
  2. Open notepad with UAC elevation, run as Administrator.
  3. In notepad open the file “C:\ProgramData\Sophos\Sophos Anti-Virus\Config\machine.xml”
  4. Find the configuration section for TamperProtectionManagement

    <TamperProtectionManagement>
    <settings>
    <password>123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ</password><enabled>true</enabled>
    </settings>
    </TamperProtectionManagement>

  5. Change the password string (123456789ABCD… above is just an example, yours will be different.) to the new value: E8F97FBA9104D1EA5047948E6DFB67FACD9F5B73
  6. Start Sophos Antivirus or restart the computer.
  7. Disable tamper protection using the new password: “password” (without the quotes).
  8. Uninstall Sophos Antivirus.
Categories
blog exchange howto server windows

Exchange database dirty shutdown recovery JET_errLogFileSizeMismatch error -541

Warning: This is a technical article describing steps that you should only execute if you’re familiar and confident with the matter.

Error information:
Below is some error information that you might have seen and that’s why your search leads you here.

eseutil /ML “L:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2\E02.log”
Extensible Storage Engine Utilities for Microsoft(R) Exchange Server Version 15.00
Copyright (C) Microsoft Corporation. All Rights Reserved.
Initiating FILE DUMP mode…
Base name: E02
Log file: L:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2\E02.log
ERROR: Cannot read log file header. Error -541.
Operation terminated with error -541 (JET_errLogFileSizeMismatch, actual log file size does not match JET_paramLogFileSize) after 0.16 seconds.

eseutil /r “L:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2\E02.log”
Extensible Storage Engine Utilities for Microsoft(R) Exchange Server Version 15.00
Copyright (C) Microsoft Corporation. All Rights Reserved.
Initiating RECOVERY mode…
Logfile base name: E02

Performing soft recovery…
Operation terminated with error -541 (JET_errLogFileSizeMismatch, actual log file size does not match JET_paramLogFileSize) after 0.31 seconds.

Solution:
If possible have a backup or a copy of the database before you manipulate it! Transaction log files are critical for the database, these are not just information files that you can delete!

If the DISK where the log files of your exchange database resides has run out of space you could find yourself with a corrupt log file. When you try to perform a soft recovery with eseutil /r and the path to your E0?.log (in my case E02.log) file you get an error about header information and size mismatch. The E0?.log file is the current transaction log file that Exchange was writing to when the disk ran out of space. This file is now corrupt and transactions in the file that were not applied to the database will be lost. All other older log files will have hexadecimal sequence to it such as E0?00E475A.log and so on. You can check which log files are required for the database to perform a soft recovery by reading the header information of the database in question as follows:

eseutil /mh “F:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2\DB-MBBX2.edb”
replace path and filenames with your database

In the wealth of information returned you will see a line stating the state of the database, which will be Dirty Shutdown. (If it is Clean Shutdown than you do not need to perform recovery). Below the state is the line Log Required which shows the files needed.

Log Required: 190299-190336 (0x2e75b-0x2e780)

In my case the databases needs the files E020002E75B.log and newer on to E020002E780.log (this is HEX sequence). Older log files can be moved to a different hard disk if you need to free some space. Be careful, don’t delete, sorting these files in Explorer is not easy, you can’t do it by name because of the hex sequence and by date/time is not foolproof. So double-check or just expand the disk and leave all log files as-is.

Now to perform the recovery we have to move the corrupt E02.log file to a folder or other disk. Now that the corrupt file is removed and you are 100% sure that all the other required log files (see section above) are present we can perform soft recovery with the /a option to skip missing log files and bring the database back to a clean state.

eseutil /r /a E02 /l “l:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2” /s “l:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2” /d “F:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2”
change the names and paths to your situation.

/r is soft recovery
/a is skip missing logfile
E02 is the base name of the logfiles, this is dependant of the database, could be E01, E02, E03 …
/l is for the log files location (where E02.log and other E02xxxx.log files reside)
/s is for the system files location (where E02.chk resides)
/d is for the database files location (where DB-MBX2.edb resides)

Output will be like this:

eseutil /R /a E02 /l “l:\Program Files\Microsoft\Exchange Server\V15\Mailbox
\DB-MBX2” /s “l:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2” /d
“F:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2”

Extensible Storage Engine Utilities for Microsoft(R) Exchange Server Version 15.00
Copyright (C) Microsoft Corporation. All Rights Reserved.
Initiating RECOVERY mode…
Logfile base name: E02
Log files: l:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2
System files: l:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2
Database Directory: F:\Program Files\Microsoft\Exchange Server\V15\Mailbox\DB-MBX2
Performing soft recovery…
Restore Status (% complete)
0 10 20 30 40 50 60 70 80 90 100
|—-|—-|—-|—-|—-|—-|—-|—-|—-|—-|
……………………………………………

Operation completed successfully in 3.635 seconds.

The database is now clean, you can check again with eseutil /mh as we did before and see the state listed as Clean Shutdown.

If you want to quickly clean-up logfiles no longer needed you should perform an Exchange aware backup. If you don’t have one and you understand the consequences you can enable circular logging on the database.

Good Luck!

Categories
blog howto windows

Microsoft Print to PDF empty 0KB file

If you create a PDF file using “Microsoft Print to PDF” and the file is corrupt and appears empty 0KB. Try to make the file again but don’t use “,” (comma) in the name.

Categories
blog exchange howto server windows

Outlook 2013 sync problems and message that Administrator has made a change

This post describes a problem I recently experienced when migrating from Exchange 2007 to Exchange 2013. Outlook 2013 clients would pop-up a message about the administrator making changes that require a restart of Outlook continuously. Also the folder synchronization fails and you see new messages arrive in your Inbox only to dissapear again after 1 second and then come back again and so forth.

The Microsoft Exchange administrator has made a change that requires you quit and restart Outlook

outlook error synchronizing folder [0-0]

These problems started occurring right after the old public folder database was deleted on the Exchange 2007 server. I only noticed it after I had already uninstalled the Exchange 2007 server completely. Why only Outlook 2013 has this problem I don’t know, but here is what’s wrong.

On the Mailbox database on your new Exchange server there is still a value pointing to the OLD public folder database that is now deleted.
You need to fix this using Adsiedit.msc:
Go to:

Configuration >CN=Services > CN=Microsoft Exchange > CN=Your Organisation > CN=Administrative Groups > CN=Exchange Administrative Group > CN=Databases

For each mailbox database, right click and check the attributes for “MSEXCHHomePublicMDB”. You will see that the value for this attribute points to “CN=Public Folder Database*,CN=Deleted Objects,CN=Configuration,DC=YourDomain,DC=com” the old object for the public folder database that has been deleted. You must clear this value using the clear button, so it changes to “not set”, just emptying the value won’t work. Restart the Information store service or reboot the Exchange server and the problem should be solved.

Categories
blog howto windows

Citrix client receiver error AllowHotkey

This problem can be solved by either disabling lockdown on the client or adding a registry key on the client for allowhotkey.

—————————
Error number 2320
—————————
Citrix online plug-in Configuration Manager: No value could be found for (AllowHotkey) that satisfies all lockdown requirements. The lockdown requirements in force may be conflicting.
—————————
OK
—————————

option 1 (disable lockdown)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions
Enablelockdown change to 0

option 2 add reg key for AllowHotkey with empty value
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Client Engine\Hot Keys
“AllowHotkey”=””

Categories
blog

Windows 10 Download ISO Live

Today it’s launch day for Windows 10. Below are the options to download the Windows 10 OS from Microsoft.
– Using the Windows 10 upgrade notification program.
You have no clear control over this, as it’s scheduled to download in the background and spread these downloads in waves.

– Using the Microsoft Partner Portal
The ISO of roughly 3.5GB is available for download for Microsoft Partners, on the Microsoft Partner portal.

– On the download site of Microsoft
Luckily, the download site seems to be live.
https://www.microsoft.com/en-us/software-download/windows10

Update: 11:20 CEST
You can track the download of the Windows 10 upgrade notification and reservation program in your task manager on the network adapter (wifi or LAN)
When you’re confident it has finished and there is no activity for a significant amount of time you can trigger the setup of Windows 10 manually using:
C:\$Windows.~WS\sources\Windows\setup.exe

Categories
blog

VCENTER database SQL express too large 10GB+ and service crashes

VCENTER 5.1 with SQL Express 2008 R2 (default installation) with 4 hosts and no more than 12 VM’s, should be fine on Express but the database was too big anyway and crashed.

Check the size of your tables in the database by executing this query in the SQL Management Studio:
Create Table #Temp(Name sysname, rows int, reserved varchar(100), data varchar(100), index_size varchar(100), unused varchar(100))
exec sp_msforeachtable 'Insert Into #Temp Exec sp_spaceused ''?'', ''true'''
Select * From #Temp Order by rows DESC
Drop Table #Temp

Some maybe helpfull information from VMWARE about database cleaning:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1025914

Changing the parameter from 120 days to less and running the Stored Procedures did not succeed for me, the procedure was running for hours but no size change.

I decided to drop the entire log tables (all events), I did not care about losing this, I wanted the vcenter up & running again. I read about this on this forum post: https://communities.vmware.com/message/2376663
Execute the following SQL query if you’re sure you want to do this:
alter table VPX_EVENT_ARG drop constraint FK_VPX_EVENT_ARG_REF_EVENT, FK_VPX_EVENT_ARG_REF_ENTITY alter table VPX_ENTITY_LAST_EVENT drop constraint FK_VPX_LAST_EVENT_EVENT
truncate table VPX_TASK
truncate table VPX_ENTITY_LAST_EVENT
truncate table VPX_EVENT
truncate table VPX_EVENT_ARG
alter table VPX_EVENT_ARG add constraint FK_VPX_EVENT_ARG_REF_EVENT foreign key(EVENT_ID) references VPX_EVENT (EVENT_ID) on delete cascade, constraint FK_VPX_EVENT_ARG_REF_ENTITY foreign key (OBJ_TYPE) references VPX_OBJECT_TYPE (ID)

alter table VPX_ENTITY_LAST_EVENT add constraint FK_VPX_LAST_EVENT_EVENT foreign key(LAST_EVENT_ID) references VPX_EVENT (EVENT_ID) on delete cascade

source:

Categories
blog howto windows

Windows 10 upgrade reservation notification icon not showing

Can’t See the Windows 10 Upgrade Notification?

How to display the Windows 10 upgrade icon if it is not visible:

I have seen the windows 10 upgrade notification appear on Windows 7 SP1 & 8.1 computer just fine.

Let me start out by saying this: “When the computer is joined to an active directory domain the icon will not show”. Not matter how hard you try to manually get it started by triggering the tasks or runing the GWX.EXE or GWXUX.EXE applications. It won’t work (for now?) on domain joined computers. Not even if you logoff and logon using a local administrator account.

When you remove your active Directory domain membership and put the computer in a workgroup you will see the icon after the reboot. You can then make your reservation, but I don’t think it will actually download the upgrade on July 29th if the computer is joined to the domain again, not sure about that.

If you’re a home user not connected to an active directory domain there are some things to check:
– You need to be on Windows 7 SP1 or Windows 8.1 Update1
– You need to have the KB3035583 update installed

If you still have trouble getting the icon you can try the BAT file created by a Microsoft Answers forum moderator.
https://www.dropbox.com/s/0u0au9xgy6ss18p/win10fix_full.zip?dl=0 (no need to register at dropbox just skip,
download and unzip the BAT file in the C:\TEMP directory (create dir if needed).
Open a CMD with administrative rights.. (right click on CMD icon in start menu and choose Run as Administrator)
CD c:\TEMP
win10fix_full.bat
Follow the instructions …

Categories
blog exchange server windows

Outlook Web Access OWA error 500 when logging in

When you fill in your credentials on the login screen of Outlook Web Access or OWA (2010) and click submit you receive an Internal Server Error 500 and the URL shows /owa/auth.owa

There are no events logged in Application or System log that explain this problem.

IISreset does not help.

The problem and solution could be very simple.
Check the the service “Microsoft Exchange Forms-Based Authentication service” is started. If not, start the service and try to login to OWA again. Problem should be solved.

If the service doesn’t start or fails frequently you’ll have to investigate that further.