Author: Chris Bradford

Categories
Windows 2008

Sophos AV : The user is not assigned to any sub-estates

Sophos AV : The user is not assigned to any sub-estates

I came across this today on a fresh install of Sophos 4.7 on Windows Server 2008 R2. I confirmed:

User was a member (indirectly) of the SophosAdministrator group in AD DS, and a member (indirectly) of the the local security group “Sophos Full Administrators.” Note indirect. The issue here was caused by nested group membership; the user was a member of a role-based group which was in turn member of a service type group which was used to delegate permissions in Sophos.

There is a known issue where launching the Sophos Enterprise Console as a user who inherits membership of the Sophos Full Administrators group via nested groups fails.  Ensure the launching user is a direct member of the group.

More information available here: http://www.sophos.com/support/knowledgebase/article/67106.html

Categories
Windows 2008

Windows Server 2008 : Storage Migration No Impact!

Windows Server 2008 : Storage Migration No Impact!

The following process is useful when migrating from one storage platform to another.In summary it uses Windows Software RAID to mirror data to the other storage device, once completed the mirror is broken in a way that leaves only the new storage with the correct drive letter / mount points and data.

Present the new LUN, on the new storage to your host. The drive should contain no partitions.

 Right-click the volume you want to mirror and select ‘Add Mirror…’

 Select the disk you wish to mirror the volume on to and click ‘Add Mirror…’:

Click Yes to acknowledge that both drives will be converted to dynamic disks.

 

Wait for the mirror to sync:

 

You can either break or remove the mirror:

  • To break the mirror, keeping the same drive letter on the NEW storage and assigning a free drive letter on the old storage right click the old drive and select break mirror.

   This can be performed in diskpart using the following commands:

diskpart
list volume
select volume <volume number>
detail volume
break disk n
  
   Change ‘n‘ to be the disk number you wish to remove the mirror from i.e. the old storage device,
   leaving the new disk with the data on it.
  • To remove the mirror, keeping the data on only one drive (the new drive) right-click one drive and select remove mirror. You will be prompted to select a drive to remove. Make sure you select the old drive!

 

Categories
Windows 7

Taskkill : Kill Mutiple Processes at Once

Taskkill : Kill Mutiple Processes at Once

The following command is really useful if you have multiple copies of an exe that are not responding, Internet Explorer is a good example here. This command will forcefull terminate all processes with the name iexplore.exe:

taskkill /im iexplore.exe /f

Categories
Windows 2008

XCOPY : Copy Folders and Files with Permissions

XCOPY : Copy Folders and Files with Permissions

Use the following command to copy a folder/subfiles to a new destination maintaining all of the attributes, owevership and ACL’s:

xcopy c:\olddocs c:\newdocs /O /X /E /H /K

Categories
Windows Server 2003

RDP : Black Logon Screen

RDP : Black Logon Screen

Came across an odd one the other day where when trying to logon via RDP I was greeted with an RDP logon Window that was pretty much all black; Text Input boxes (username/password/domain) were all black, the logon window was all black, blackground was black. Everything was black other than the Windows 2003 logo.

Once logged in everything was fine however.

When it’s broken down like that you may see where I’m going with this…

Check out the Colour values under: HKEY_USERS\.DEFAULT\Control Panel\Colors

On the affected server these were all “0 0 0” – i.e. black. You can simply export this key from another (working) Windows 2003 server and iomport it to the affected box.

Categories
Exchange Server 2010

Exchange 2010: Troubleshooting Public Folder Referrals

Exchange 2010: Troubleshooting Public Folder Referrals

I had an issue today where a user from another Mailbox server/domain (same forest/Exchange Org) was unable to access public folders on a different Exchange server.

It turned out that the users home Public Folder Database had been configured to allow refferals to only a single server. To identify this I used the following Exchange Shell Command:

{code lang:css title:”Exchange Shell Command” lines:false hidden:false}

$pfdb = Get-PublicFolderDatabase -IncludePreExchange2010

$pfdb | select-object servername,name,UseCustomReferralServerList,CustomReferralServerList | ft

{/code}

 

To resolve the issue the Exchage Admin needed to add the destination Public Folder Database Servers to the CustomReferralServerList.

Categories
Microsoft

SCCM : Client Site Code Change

SCCM : Client Site Code Change

I had a need recently to change the site code of some SCCM cliwents that had already been deployed. I used the following vbScript to change the site code of a client (remotely or locally!), the script can be integrated into a logon script to automate the process if desired:

{code lang:ini title:”vbScript” lines:true hidden:false}’Replace NEW_SITE with your Site Code
sSiteCode = “NEW_SITE”
sMachine = “.”
set oCCMNamespace = GetObject(“winmgmts://” & sMachine & “/root/ccm”)
Set oInstance = oCCMNamespace.Get(“SMS_Client”)
set oParams = oInstance.Methods_(“SetAssignedSite”).inParameters.SpawnInstance_()
oParams.sSiteCode = sSiteCode
oCCMNamespace.ExecMethod “SMS_Client”, “SetAssignedSite”, oParams {/code}

Categories
Exchange Server 2010

Exchange 2010 : OABGen Issues – PublicFolderDatabase

Exchange 2010 : OABGen Issues – PublicFolderDatabase

I came across an issue recently with an Exchange 2010 migration (same Organisation/Forest) where the OAB was not updating. On further investigation I identified that the following events were being logged on the mailbox database servers which were the home mailbox database servers for the affected users:

Log Name:      Application

Source:        MSExchangeSA

Description:

OABGen encountered error 80040111 while cleaning the offline address list public folders under /o=ORGNAME/cn=addrlists/cn=oabs/cn=OABNAME.  Please make sure the public folder database is mounted and replicas exist of the offline address list folders.  No offline address lists have been generated.  Please check the event log for more information.

– \OABNAME   

Using the command Get-OfflineAddressBook | select-object name,PublicFolderDatabase it was possible to identify that the PublicFolderDatabase that the OAB was set to publish to was incorrect.

Unforunately there is not an Esxchange Shell command to change this, you must use ADSIedit. Using ADSIedit browse to the following location, changing the items in bold to match your environment:

“CN=OABName,CN=Offline Address Lists,CN=Address Lists Container,CN=ORGNAME,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=LOCAL

Right-click this object and select properties. We’re interested in the siteFolderServer attribute – you’ll probably find this is incorrectly set if you’re getting the error above.

Next use the Exchange Shell to get the DN of a Public Folder Database in the same site; get-publicfolderdatabase | select-object DistinguishedName | fl

Copy the DN of the Public Folder Database into the siteServerName attribute of the failed OAB.

Update: 29/09/2011 – You should also confirm the replication scope of the OAB Public Folder mentioned in the error.  

You then have to restart the Exchange information Store service on the affected servers – of course this will interrupt mailbox database connectivity so if you have a DAG then I would suggest you perform failovers to minimise impact – if not then this may be an out of hours change!

Once completed run the Exchange Shell command from above to confirm that the PublicFolderDatabase setting is correct; Get-OfflineAddressBook | select-object name,PublicFolderDatabase

You can also perform an update of the OAB (update-offlineaddressbookname“) and then download it in a cached mode client to confirm functionality.

Categories
Exchange Server 2010

Exchange 2010 : View Transport Server Queue

Exchange 2010 : View Transport Server Queue

Use the following Exchange Shell command to view the current queue o all transport servers:

get-transportserver | get-queue

This can be limited to a subset of servers using the query below. This method of changing the scope of the command relies on you servers having a similar name, in this case all servers start “UK” :

get-transportserver “UK*” | get-queue

Categories
Exchange Server 2010

Exchange 2010 : View Mailbox Database Size

Exchange 2010 : View Mailbox Database Size

Use the following Exchnage Shell command to view the size of ALL Mailbox Databases within your Exchange Organisation.

Get-MailboxDatabase -Status | select ServerName,Name,DatabaseSize

You can limit this to particular Databases using the command below, this will return sizing information on Mailbox Databases which have a name starting with “UK” – this could be modified to FR for example if all of your Mailbox Databases in France started with “FR” :

Get-MailboxDatabase “UK*”  -Status | select ServerName,Name,DatabaseSize