noob friends with routers ? no probs > link this

http://www.portforward.com/english/routers/port_forwarding/routerindex.htm

this site is whack ! it got a ultimate archive of a full how-to portforward for tons of software & routers.. they even wrote a program (non free) to configure a router automaticly.

anyways , next time you get a “dude my xyz program doesn’t connect” you can help those friends with this huge selection.

(just dont call me on this 🙂 )

Troubleshooting Windows Task Scheduler

Had a nice issue with this, a few tasks were set to run on a server, running .bat files.

okay so ? all simple till now 😉

here’s what i found:

1 – the task was set to run under a specific user.

2 – that user was given “Log on as a batch job” security assignment on that server.

3 – the bat was failing to start in task scheduler.

4 – there were other jobs , running VBS and running okay !

now .. i’ve scratched my head a bit a found this great article about how to toubleshoot:

http://www.shijaz.com/windows/taskscheduler.htm a great article , check it out ! the site also has some great stuff for ISA Server & Exchange if you into it..

in section 2.b it referenced my Part 1 solution, the bat file had a reference to a MAPPED drive ! running non-interactive = no mapped drives.

Part 2 solution

going back to point 4 , i’ve figured its a security issue , although the user had the “log on as batch job” right .. CMD.EXE was manually edited with security permissions, BUILTINBATCH group was missing the read/execute security permission on it.

There .. now it works 🙂

Remove “Zombi” reminders using MFCMAPI

I was requested to do this the other day.. so I use the amazing MFCMAPI tool which opens wide mailboxes and thier raw content..

Be aware that i am  really deleting an appointment ! the reminder will be gone with it. (Thanks for Steve for correcting me here.)

to do so we have a few steps:

1. Launch MFCMAPI tool on the user’s client.

2. Go to Session -> Logon and Display Store Table

3. Select the outlook profile of the user and double-click “Mailbox – your user name”

4. Expand “Root Container”

5. Expand “Top of Information Store”

6. Now its the tricky part , we need to find the specific reminder that does the troubles, there might be a few directory’s of reminders (maybe in more then one language…).

7. Double click the folder & start looking for the specific reminder (really the appointment)..

8. When you find the appointment or a few together even , right click and choose “Delete Message” , in the options select “permanent deletion (deletes to deleted item retention if supported)”.

9. close MFCMAPI & re-check in outlook.

you can use this method to delete problematic appointments, messages & all other MAPI data inside your exchange mailbox. BUT ! be careful , you can mess your mailbox up if you do something wrong …

Reference for steps and example …

Download MFCMAPI Latest version:

http://www.codeplex.com/MFCMAPI

http://exchangeshare.wordpress.com/2008/04/10/delete-corrupted-hidden-or-stale-rules-from-mailbox-with-mfcmapi/

http://support.microsoft.com/kb/924297

SSLChainSaver v2 – Save root certificate (and chain), the super easy way.

Well , not much to say here, read the awesome tool.

you need to distribute your SSL root chain , which some times more then one certificate ,and make sure your mobile likes this ..

you can use this tool to save the whole ssl chain , and verify if the chain is indeed presented by the web site correctly , this might some an issue too, because sometimes the server does not hold the whole chain but just the main ROOT CA public key..this helps very easy to troubleshoot it. and distribute your files easly.

http://blogs.msdn.com/windowsmobile/archive/2008/05/18/sslchainsaver-v2-released.aspx

  • The tool can detect a common name mismatch on the cert but it doesn’t parse the “SubjectAltNames” extension. If your certificates are using SubjectAltNames, the tool will report a name mismatch but the certs will really work fine.

i dont find that super problematic thu 🙂 i just wanna save it.

Memory & Exchange x64 bit Technology

Well, as far as deployments , it’s seems that “most” implementations are rather normally okay, there’s times when memory issues did rise and troubleshooting this might be a real pain..

Mostly, i’d deal with a mail server that has no less then 16gb and is an all-in-one configuration, running 64bit Server 2003 sp2 with extra special care for all drivers , updates , prerequisites & page file configurations.

Usually, even if they run All roles + an Anti Virus product , while carefully setting backup & maintenance times, things go smooth.

Yet, there are times when the server is having issues, while troubleshooting is necessary of course, i’d rather go with the future spirit & just think my way up to Server 2008 .
Check out the Blog from mike in the Exchange Team blog it has some great links and more deep explanations..

server 2008 manages this issues out of box and the applications are far more compatible, easier life for all of us. really.

uh and yea i’m running vista sp1.

Troubleshooting messages stuck in ‘Messages awaiting directory lookup’ queue

Hi,

So i’ve got to troubleshoot this issue in a very complex multi-domain & multiple exchange organizations & servers..

Internal Messages from Server A in ExchangeORG A , were failing in the categorizer while being processed to be sent to Server B in ExchangeORG B.

Following kb884996 , resolution 2 was valid in my situation, Allow inheritable permissions from parent to propagate to this object check box on Server A object, was missing a Tick..

I set this via ADSIEDIT , noticed of course that the “Exchange Domain Servers” ACE entries , from the other domain were added,  and allowed for replication.

After verifying that the ACE’s were propegated & fully replicated, I did a quick restart to MTA, Routing & SMTP services on both servers , and operation was succesfully restored.

Just for extra , this could be also issues with Event Sink that might have been registered and inproperly removed / integrated.. using the smtpreg.vbs , “cscript smtpreg.vbs /enum > Output.txt” i was able to verify that no 3rd party Event Sink were installed or any of Exchange Event Sinks were disabled…

More Links on the Subject:

Troubleshooting messages stuck in ‘Messages awaiting directory lookup’ queue
http://msexchangeteam.com/archive/2006/06/23/428114.aspx

How to troubleshoot messages that remain in the “Messages awaiting directory lookup” queue in Exchange Server 2003 and in Exchange 2000 Server
http://support.microsoft.com/kb/251746

Directory service server detection and DSAccess usage
http://support.microsoft.com/kb/250570

SeSecurityPrivilege issues while running setup for Exchange 2007

So, yet another implamentation of exchange, this time i’ve encounted the following error while installing the CAS role on the server.

Setup exited with the following error:

The process does not possess the ‘SeSecurityPrivilege‘ privilege which is required for this operation.

Searching the privilege showed that “Exchange Servers” & more accurate in our situation , the “Domain Administrators were not configured in the “Manage auditing and security log” , because the Default Domain Policy & Default Domain Controllers Policy GPO’s was re-created and the default ones were left with the link set to off.

Easy to monitor those privileges with whoami.exe from the support tools, i love it that the server 2008 installs them all as dependencies !

Once we’ve added the DomainAdministrators , DomainExchange Servers to the policy , setup ran okay 🙂

Export-mailbox fails with error

while testing yet another ex2k7 implantation , i’ve encountered an error while trying to export mailboxs to pst with the Export-mailbox cmdlet.

I’ve verified full mailbox access permissions and 2007 32bit tools on xp sp2 with outlook 2007.

yet, still failed with the following error:

Export-Mailbox : Error was found for user01 (user01@mydomain.com)

because: Error occurred in the step: Approving object. An unknown error has occurred., error code: -2147221241

With some filtering of search results i’ve find a suggestion to run the cmd fixmapi in cmd.. if your not femiliar with this utility (like i was) , this util exists in your %systemroot%system32 , along with the mapi32.dll files .. besides that 3 notes for you:

  1. FixMAPI does not replace the current mapi32.dll file if the file is marked as read-only.
  2. FixMAPI does not replace the current mapi32.dll if Microsoft Exchange Server is installed on the computer.
  3. When FixMAPI makes a backup copy of the current copy of mapi32.dll on the computer, it assigns the backup copy a name different from “mapi32.dll”. It then directs subsequent calls intended for that assembly to the backup copy.

oh yea, closeing all applications and running fixmapi in cmd , just like that fixed the issue.

Ilan.