cb-net.co.uk

...WinTel Admin Simplified

  • Increase font size
  • Default font size
  • Decrease font size

Windows 2003 : HP c-Class evbda.sys BSOD

Tuesday, 29 June 2010 15:34 Chris Bradford
E-mail Print PDF

Windows 2003 :  HP c-Class evbda.sys BSOD

When installing Windows Server 2003 x64 on a HP c-Class Blade you may experience a BSOD with the error code:  IRQ_NOT_LESS_OR_EQUAL / 0x0000000A / evbda.sys

This issue is caused by the HP NC532i Dual Port 10GbE Multifunction BL-c Adapter driver that has a known issue which causes a BSOD on servers with 16+ cores. The new driver is available here. We must integrate this driver into the Windows setup process as this BSOD occurs before the PSP is installed.

If you are using HP RDP then this process is simple; download the new 10Gbe driver from HP and extract its entire contents to the following folder on the Altiris server:
eXpress Directory\Deployment Server\lib\osoem\proliant.zzz\w52.64\$oem$\$1\drivers\net

The driver located in this folder are used during Windows setup, as a result this will resolve the BSOD error.

Alternatively, disable some of the cores to boot your server and install the updated driver. You'll then be able to boot to Windows with all cores enabled.

Last Updated on Tuesday, 29 June 2010 16:27
 

Exchange 2007 : Generating Mailbox Statistics Report

Tuesday, 29 June 2010 10:24 Chris Bradford
E-mail Print PDF

Exchange 2007 : Generating Mailbox Statistics Report

Use the following ommand from the Exchange shell to generate the report on a per-mailbox database basis:
get-mailboxstatistics -Database "[database name]" | select-object servername, storageGroupname, databasename, DisplayName, @{name="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB()}},StorageLimitStatus,LastLogonTime, LastLoggedOnUserAccount,ItemCount, DeletedItemCount | export-csv c:\DB_Stats.csv

You can also format the data on screen using the following command:
get-mailboxstatistics -Database "[database name]" | ft servername, storageGroupname, databasename, DisplayName, @{label="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB()}},StorageLimitStatus,LastLogonTime, LastLoggedOnUserAccount,ItemCount, DeletedItemCount

You can also report on an entire server using the command:

get-mailboxstatistics -Server "[server name]" | select-object servername, storageGroupname, databasename, DisplayName, @{name="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB()}},StorageLimitStatus,LastLogonTime, LastLoggedOnUserAccount,ItemCount, DeletedItemCount | export-csv c:\Server_Stats.csv


Format-table is designed to display data in a readable format on screen, select-object is designed for exporting data:

  • When using ft you should use @{label="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB()}}
  • When using select-object use @{name="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB()}}

If you try to use @{label="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB when using export-csv you will end up with an invalid csv file that contains multiple lines of: 27c87ef9bbda4f709f6b4002fa4af63c

 

Last Updated on Tuesday, 29 June 2010 16:20
 

WMI : ADODB Provider Could not Be Found

Monday, 17 May 2010 20:30 Chris Bradford
E-mail Print PDF

VBScript : ADODB Provider Could Not Be Found / Re-install MDAC

You may encounter ADODB errors when running a VBscript containing WMI calls on computers running  Windows XP Service Pack 2 or 3.

ADODB  is a part of the Microsoft Data Access Components (MDAC). You can download MDAC form here, but wait...!

If you are running Service Pack 2 or newer you will find that you are unable to re-install this version of MDAC,as the version included with the service pack is newer.So, in order to perform this task you will require a Windows XP CD with your current Service Pack slip-streamed into it, although files should be available under %systemroot%\windows\servicepackfiles\i386.

With the Windows XP CD inserted / files available perform the following tasks:

  • Browse to c:\Windows\Inf folderin Windows Explorer
  • Right-click the Mdac.inf file, and then click Install. 
  • When prompted point the installer to your Windows XP CD, if the files are unavailable form this location use the Service Pack source files under %systemroot%\windows\servicepackfiles\i386
A special consideration, if running McAfee VirusScan Enterprise, ensure you disable the Access Protection component for this process, it will cause the installation of MDAC to fail.
Last Updated on Wednesday, 19 May 2010 09:06
 

Checkpoint Secure Client : RPC Failures/Filter Rejected Issues

Monday, 17 May 2010 21:54 Chris Bradford
E-mail Print PDF

Checkpoint Secure Client : RPC Failures / Filter Rejected Issues

WMI/RPC calls from Windows Server 2003 SP1 / SP2 servers to client running Checkpoint Secure Client R60 (pre-HFA02) may experience unexpected shutdowns/restarts. When viewing theSecure Client firewall log you will see that RPC traffic is being dropped by rule 995, even though it may be explicitly allowed by another rule.

WMI query errors may report: Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))

This is a known issue caused by the 'Server2003NegotiateDisable' option that is enabled by default upon installation of Windows Server 2003 SP1 or newer - http://support.microsoft.com/kb/899148. There are two potential solutions - a quick fix, and a 'proper' fix. I'll cover the quick fix first.

The quick-fix

   Download and install the hotfix available from the above MS knowledgebase article - this should be installed on the server affected by this issue.

   Once installed, create a new DWORD registry key on the server, setting the value to 1: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Rpc\Server2003NegotiateDisable

   Reboot the server, the RPC calls will now fuction as expected to devices with non-RPC compliant VPN clients.

The 'proper' fix

   Initally, you can perform the above. This will get RPC working with the non-RPC compliant VPN clients.

   You should then proceed to update all of the SecureClient installs to at least version R60 HFA02, when this is complete set the registry key to 0 on the server and reboot once again.

   An updated version of the client is easily obtainable form the Checkpoint Website.

   For further information from Checkpoint see the following URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31818

Last Updated on Monday, 24 May 2010 18:34
 

Exchange 2007 : Mailbox Auditing

Monday, 17 May 2010 08:31 Chris Bradford
E-mail Print PDF
Enable Mailbox Auditing in Exchange 2007 SP1

From the Exchange Shell on the Mailbox Database Server(s) run the following command to enable auditing:
   Set-EventLogLevel "MSExchangeIS\9000 Private\Logons" -level low
This command will return no feedback to the end-user.

You can check that this setting has been applied using the command:
   Get-EventLogLevel

Now monitor the Application event log for Event IDs 1013 and 1016
 
Enable Auditing in Exchange 2007 SP2

SP2 introduces new features for Mailbox Access auditing; a new event log is created on the Exchange Server and it is possible to audit Folder Access, Message Access, Extended Send As and Extended Send On Behalf.

Enable Folder Access using the command:
   Set-EventLogLevel "MSExchangeIS\9000 Private\Folder Access" -level low

You can create exceptions to auditing for specific accounts such as service accounts using the command:
   Get-MailboxDatabase –identity ‘SERVER’ | Add-ADPermission –User ‘account’ –ExtendedRights ms-Exch-Store-Bypass-Access-Auditing –InheritanceType All

You can now view auditing events in the Exchange Auditing Event Log. 
Last Updated on Monday, 17 May 2010 08:35
 
More Articles...
  • «
  •  Start 
  •  Prev 
  •  1 
  •  2 
  •  3 
  •  4 
  •  5 
  •  6 
  •  Next 
  •  End 
  • »
Page 1 of 6

Recent Articles

Most Popular Tags