Categories
blog exchange howto server windows

Exchange missing public folder database after adsiedit changes

I had to use Adsiedit.msc to manually remove the Public folder database on an Exchange 2007 i was trying to uninstall. I already had a new public folder database with all replica’s present on my Exchange 2010 server, so i was confident in removing the older Exchange 2007 PF database through Adsiedit. In the meantime I also removed the “First Administrative group” since this was left from Exchange 2003.

I then proceeded to uninstall Exchange 2007 without further issues.
I was surprised and horrified to find the Exchange 2010 Public Folder database missing in the “Database management tab” on “Organization – Mailbox” in the Exchange 2010 Management console. I tried various things, such as:
1) Restart information store
2) Recreate PF DB with exact same name, but this error saying it already had a DB with that name.

I ran the Best Practices Analyzer and it told me “Site folder server deleted”. I clicked on the help and it showed me how to fix this.

Open an Active Directory editor, such as ADSI Edit.
Locate the public folder information store that you want to designate as the Site Folder Server. For Exchange Server 2000 through Exchange Server 2007, expand the following nodes in the Configuration container:
CN=Configuration,DC=,DC=com, CN=Services, CN=Microsoft Exchange, CN=, CN=Administrative Groups, CN= CN=Servers, CN=, CN=InformationStore, CN=
For Exchange Server 2010, expand the following nodes in the Configuration container:
CN=Configuration,DC=,DC=com, CN=Services, CN=Microsoft Exchange, CN=, CN=Administrative Groups, CN=Exchange Administrative Group (FYDIBOHF23SPDLT), CN=Databases
In the right pane, right-click CN=, and then click Properties.
In the Attributes field, scroll down and select the distinguishedName attribute.
Click Edit, and then copy the entire attribute to the Clipboard.
Expand the Configuration container, and then expand CN=Configuration,CN=,CN=com, CN=Services, CN=Microsoft Exchange, CN=, CN=Administrative Groups
Right-click the administrative group you want to modify, and then click Properties.
In the Attributes field, scroll down and select the siteFolderServer attribute.
Click Edit, and then paste the value for the distinguishedName attribute into the Value field.
Double-check the contents of the Value field to ensure the paste was performed correctly, and then click OK to save the change.
Click OK to close the Administrative Group properties.
Exit the Active Directory editor and restart the Microsoft Exchange Server Information Store service on all Exchange Server computers in the site for the change to take effect.

I reran the BPA and the error was gone, but my PF database was still missing.
After some research on the internet I came by the solution thanks to “BFTech Impressions”.
Specifically in my case the “msExchOwningPFTree” attribute was empty on my PF database container and needed to be filled with the value from the “distinguishedName” attribute from the Public Folder container uner “Folder Hierarchies”, the first 2 steps in my case were not needed, these were still present.

Here is the link to the article:
http://blog.bruteforcetech.com/archives/766
Please click on the links for detailed instructions and screenshots.

These are his instructions I quote here so that in the case the original disappears the information is not lost.

Here are the instructions to fix it:
Open ADSI Edit, connect to a Domain Controller, change the context to Configuration.

Create the Folder Hierarchies under the Exchange Administrative Group
Navigate to Configuration ⇒ Services ⇒ Microsoft Exchange ⇒ [your organization] ⇒Administrative Groups ⇒ [your administrative group]
Right click on your administrative group and select New Object
Select msExchContainer as class and click Next
Enter the following as value: Folder Hierarchies, click Next, Finish

Create the Public Folders Tree Object
Right click Folder Hierarchies and select New Object
Select msExchPFTree as class, click Next
Enter the following as value: Public Folders, click Next
Click on More Attributes button, drop down the “select a property to view” list, select msExchPFTreeType and set the attribute to 1 (it should populate into the value field).
Click OK, Finish

Populate the msExchOwningPFTreeBL attribute object of the PF Store
(Tell the Public Folder database where to find the new folder hierarchy you just created)
Double click the newly created “Public Folders” object
Double click distinguishedName, copy the value to the clipboard, click Cancel
Exchange 2007: open properties of Configuration ⇒ Services ⇒ Microsoft Exchange ⇒ [your organization] ⇒ Administrative Groups ⇒ [your administrative group]⇒ Servers ⇒ [your server] ⇒ Information Store
Exchange 2010: open properties of Configuration ⇒ Services ⇒ Microsoft Exchange ⇒ [your organization] ⇒ Administrative Groups ⇒ [your administrative group] ⇒ Databases ⇒ [your Public Folder database]
Double click the msExchOwningPFTree attribute, paste the value that was copied to the clipboard in step 2
Click OK twice

Categories
blog howto windows

Blackberry Enterprise Server router must start as besadmin

When you run the setup as a different user then “besadmin” or the equivalent you created, the router service is not correctly set to run as “besadmin” and communication with the mobile devices fails.

Categories
blog howto windows

Blackberry Enterprise Server Express MAPI client error

When running Exchange 2010 (my case SP3) make sure you install the “MAPI CDO 1.2.1 package”.
If you install this while setup was checking prerequisites, you might get an error later on while on the MAPI settings screen. Check Now resolves the besadmin account fine and changes the name to the SMTP address. But when clicking Next, you get an error.

The setup application could not initialize the Microsoft Exchange Server MAPI Client. Make sure that MAPI is installed and configured correctly and the Microsoft Exchange Server and mailbox that you specified are correct.

1) Make sure the User account is not hidden from the GAL, open the mailbox in exchange console and check on general tab.

2) Press cancel and rerun setup, it resumes from where you left off, and now it proceeds.

Categories
blog howto windows

Blackberry Enterprise Express 5.0.4 setup error after splash screen

After extracting you launch setup.exe from the bundle directory, you view the splash screen and immediately after the setup crashes. See screenshot below.
bb-error1

Change your language settings for “date, time and number formats” to english (US).
Rerun setup.Exe

Categories
blog howto network server windows

Exchange 2010: moved mailbox to new database Blackberry Enterprise won’t sync

When you create a new Database in Exchange 2010 you also need to add special rights to this database for the Blackberry Enterprise service account (standard: BESAdmin) to this database.

Source: http://btsc.webapps.blackberry.com/btsc/viewdocument.do?externalId=KB02276&sliceId=2&cmd=displayKC&docType=kc&noCount=true&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl

Click Start > Programs > Microsoft Exchange Server 2010 > Exchange Management Shell
Execute the following command:
Get-MailboxDatabase | Add-ADPermission -User "BESAdmin" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin, ms-Exch-Store-Visible

Categories
blog howto windows

6to4 isatp tunnel problem windows VISTA & 7

The PC or laptop may appear to be very slow and CPU is at 100% most of the time. When you check in taskmanager (after selecting show processes from all users) 1 or more svchost.exe processes are hogging CPU. When you right click the svchost.exe and choose “go to service” you find oud that it is 1 of the following services:
– wudfsvc
– DcomLaunch
– PlugPLay

Open up a Command prompt (type cmd in the start – search field) and type in ipconfig to see if there a lot of tunnel adapters present. Normally you see only 1 or maximum 4 and then a local area network and perhaps a wireless adapter. If you have dozens of tunnel adapters, then this bug is effecting you.

Too many tunnel adapters in IPCONFIG
Too many tunnel adapters in IPCONFIG

To solve this execute the following:
Open up a Command prompt (CMD) but right click to run as administrator.
Type (without the quotes): netsh int isa set state disabled
Leave the command prompt open.
Now open up device manager, go to view and select “show hidden devices”.
In the device list, go to network adapters and disable the “Toredo tunneling interface” and the “6to4 adapter”.
To remove the large amount of tunnel adapters you can use this batch file, thanks to: Ryan Victory.
Remove tunnel adapters Batch file download link
You extract the content and run as administrator (right click) the 6to4remover.bat file from the folder that corresponds to you OS architecture (32 or 64 bit).
If you get a popup asking to accept license terms for devcon.exe, accept it. Maybe you then have to run as administrator it again to start. When it’s started it will remove all excess adapters.

Removing tunnels
Removing tunnels

After these actions are complete reboot your system. It should be back to normal.

Categories
blog howto network virtualization windows

Delete or show hidden no longer active or present network adapters Device Manager

Open a command prompt. Start: RUN -> CMD (OK)
At the prompt type:
set devmgr_show_nonpresent_devices=1
At the prompt type:
start devmgmt.msc
In the menu view, click on “Show hidden devices”.
Now go to network adapters and uninstall the ones that you were looking to uninstall, it will be greyed out.

Categories
blog howto windows

Enable Remote Desktop Remotely with PSEXEC

Download PSTOOLS from microsoft. Unzip to an easy to access location.
Open a CMD command prompt, navigate to the PSTOOLS location.
Execute:

psexec \\machinename reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0

Machinename should be replaced with the computername, ideally you already have admin rights to this PC, for example you run this as the domain administrator. Otherwise the have to supply credentials using -u and -p options.
If you still can’t connect this is most likely the windows firewall.
Execute:
psexec \\machinename netsh firewall set service remotedesktop enable
psexec \\machinename netsh firewall set service remoteadmin enable

Categories
blog howto windows

Uninstall Trend Micro Officescan without password

Uninstall Trendmicro officescan without knowing the password

Open Ofcscan.ini inside C:\Program Files\Trend Micro\OfficeScan Client
Change the value of the Uninstall_Pwd to !CRYPT!5237C1A1888FAFC830342D0AB1AD8410C995F3E7C1FBB9FE857C7B1FEBE9F84A93A1B9CEF52810DBA9649332838
Change the value of the Unload_Pwd to !CRYPT!5237C1A1888FAFC830342D0AB1AD8410C995F3E7C1FBB9FE857C7B1FEBE9F84A93A1B9CEF52810DBA9649332838
To Unload or uninstall the OfficeScan use novrius as the password.

thanks to: bpursley

Categories
blog howto server windows

EXCHANGE 2010: SAN Certifcate with mutiple DNS names (private windows CA)


New-ExchangeCertificate -FriendlyName "Exchange 2010 multiple DNS" -IncludeServerFQDN -DomainName mail.*****.***,autodiscover.******.***,computername.*****.local,computername -GenerateRequest -PrivateKeyExportable $true

Copy the full code you receive including the —BEGIN… and —END… lines.
Open the sertificate services web interface.
http://serverdc/certsrv
-Request a certificate -> Advanced certificate request -> Submit a Certificate request by using …
Paste the code you received in the textbox, on the template dropdown select Web Server.
Click Submit.
On the next page click on Download Certificate.
Save the file on disk somewhere.
Go to Exchange console (GUI) – server Configuration – Hub transport – Exchange certificates.
Right click on the pending request and choose “Complete pending request”.
Select the file you saved to disk and finish the wizard.
When finished right click on the now completed certificate and choose “Assign services”.
Assign all services (except Unified messaing), choose YES to All for overwrite.
Delete all other certificates no longer needed.

Test your OWA and see what certificate is now being used.

Reference: http://exchangeserverpro.com/how-to-issue-a-san-certificate-to-exchange-server-2010-from-a-private-certificate-authority