Page 2 of 5

Your password must be…..

Dear CompanyXYZ,

As an IT systems engineer, I understand the importance of secure passwords, it’s part of what keeps or data secure, however please don’t be offended if I want to come and hunt down the person who thought this was a good password complexity rule….

10661765_10153126956166549_52248453229750933_o

Yours,
Martin

Query RDS Grace Period using Powershell

To get number of days left for the RDS grace period, run following Powershell command:

(Invoke-WmiMethod -PATH (gwmi -namespace root\cimv2\terminalservices -class win32_terminalservicesetting).__PATH -name GetGracePeriodDays).daysleft

Julien R.I.P

Julien

It was with sadness on Thursday 7th that I heard of the loss of a fellow geek and Hackday attendee Julien Fourgeaud following a Base Jumping accident in Magland, France on Wednesday 6th.

I only met Julien a few times, but he was always great company to be around, especially the week Geeks of London held a trip over to Delft in the Netherlands, along with Paypal’s Charity Hack and LinkedGov UK Hackday held at LBI London.

The world over has lost an all round good guy who was always prepared to help and inspire where he could.

34 years is far too young for anyone to go, and there is no doubt that he will be missed in the geek community and all others he was involved in.

A memorial to Julien can be found over on this Facebook Page.

Exchange server is unavailable

I’m currently in the process of doing a test run of Microsoft Exchange 2007 to Exchange 2010 migration at work. Everything was going well. The following issue has had me stumped for most of the day, but I’ve just managed to resolve it so though would do a quick write-up if any other admins out there come accross the same thing.

Test Setup

Exchange 2007 (Mailbox Database, Hub Transport, CAS)
Exchange 2010 (Mailbox Database)
Exchange 2010 (CAS)
Windows 7 client with Outlook 2010 installed.

Desired outcome

Move all users and settings to Exchange 2010 and decommision the old Exchange 2007 server

Issue

I moved a couple of test users over to the Exchange 2010 mailbox, everything moved without a hitch, the user could log in Exchange 2010 webmail fine, however when opening outlook and going through the initial autodiscover steps the following error was shown:

“The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.”

After much Google searching, head scratching, F’ing and cursing, I finally found where the problem lay….

Resolution

I checked on the 2010 CAS server to see if any logs where present in C:\Program Files\Microsoft\Exchange Server\V14\Logging\RPC Client Access, however nothing found. I checked the same location on the 2010 Mailbox server and sure enough the logs were there?

After looking through the RCA log with the most recent timestamp, the following errors were logged which basically said “The mailbox database is pointing to this server which doesn’t have the Client Access Server role installed on it”, meaning it was dropping logon connections as it didn’t know what to do with them.

I then carried out the following command in Exchange Management Shell

Get-MailboxDatabase | fl

The output of this showed that the RPCClientAccessServer property was indeed pointing at the Exchange 2010 database server. This issue was resolved by running the command of Set-MailboxDatabase -Identity "MailboxDatabaseID" -RPCClientAccessServer "CAS Server FQDN"

Logged back into the test client using Outlook 2010, this connected fine without problems and was now connecting to Exchange 2010 servers.

WSUS won’t uninstall or re-install on Windows Server 2008

Today I had to move a WSUS installation from the C drive to the D drive of a server due to space issues on the C drive. It should have been easy; remove WSUS and re-install on the other partition. It instead turned into a little bit of a ball ache as WSUS would not uninstall.

The Issues

  • The SQL instance required for WSUS is either missing or corrupt
  • When you open WSUS, you receive a SQL related error

You are unable to uninstall WSUS and the uninstaller fails with the following error:

“Windows Installer removed the product. Product Name: Windows Server Update Services 3.0 SP2. Product Version: 3.2.7600.226. Product Language: 0. Removal success or error status: 1603.”

The Solution

– Open Regedit and locate HKLM\Software\Microsoft\Update Services\Server\Setup
– Change the value of wYukonInstalled to 0 and SqlInstanceIsRemote to 0
– Download and run the WSUS 3.0 SP2 installer to remove WSUS (don’t select any other features to remove)
– Delete C:\WSUS
– Download SQL2008 R2 Express with Management Tools
– Install a new SQL instance called WSUS
– Run the WSUS 3.0 SP2 installer again to install WSUS and select the partition you want to install it on
– When it asks for a database instance, select the SQL instance you have just installed

Issues when re-installing WSUS

When re-installing WSUS, you may encounter the following error:

“The update could not be found. Either the update is not applicable to this computer or the update no longer exists…”

To resolve this, carry out the following:

– Open regedit and locate HKLM\Software\Policies\Microsoft\Windows
– Delete the key called WindowsUpdate
– Restart the Windows Update service and run the installer again.

You should now have WSUS installed on a different partition and loads more space available on your system partition.

Hackcamp Manchester 2012

I’m currently hanging out at HackManchester; a 24 hour coding competition in the heart of the city. The event is being held at the Museum of Science and Industry as part of the Manchester Science Festival. Over 150 people from tech and digital sectors around the country have turned up either to work on one of the challenges set by the sponsers or to work on their own personal projects.

Sponsers include Laterooms, Webappsuk, 7Digital, Thoughtworks, Esendex, Pusher and Intechnica

The London 2012 Olympics in images

So there seems to be a small sporting event taking place in London, currently into it’s 9th day called the Olympics… who knew??

9 days in and what a spectacle it has been so far with Team GB taking 6 gold medals in one day alone. As with anything on this scale I’m always on the lookout for some of the better images, taken by the news and wire service photographers on the ground. Here is a quick round up of some that I’ve seen so far:

Olympics 2012: Opening ceremonies – Boston Big Picture
“Once again in grand style the Olympics were opened with flash and flair. The show was designed by Oscar winner Danny Boyle with 15,000 volunteers helping take the audience through British history. The event culminated with the parade of athletes and the lighting of the Olympic cauldron for the London Games that run through Aug. 12.”

London Olympics 2012 – Boston Big Picture
“The 2012 Summer Olympic Games, officially the Games of the XXX Olympiad (and known informally as London 2012) are in full swing in London, United Kingdom. Around 10,500 athletes from 204 National Olympic Committees (the group responsible for organizing their people’s participation in the games) will compete. Thousands and thousands of images will be made in London of the athletes and the spectators; the venues and the celebrations; the pomp and the circumstance. A search of current images in a wire database reveals images coming into the system at a rate of over 1,000 an hour during the hours of competition, resulting in a major picture editing challenge.”

London 2012 Olympics one week in – Boston Big Picture
“The London 2012 Summer Olympics enter their second week. Eight thousand two hundred and fifty seven images flowed into our system today from Reuters, AFP, Getty and The Associated Press (and it’s only mid-afternoon), yet they represent only a fraction of the visual coverage available of the summer games.”

Live from London – Getty Images
Your one stop shop for all Olympics image coverage.

“The name of the certificate is invalid” – Exchange 2007/2010

After you have purchased a commercial certificate eg. webmail.companyname.com and install it in IIS, you may get the following error when a user opens Outlook:

“The name on the certificate is invalid or does not match the name of the site”

This is due to the FQDN the Autodiscovery service is using which is part of Exchange 2007/2010. To resolve the issue we have to tell Exchange to use the external FQDN (the common name of the certificate), instead of the local FQDN so the names match.

Firstly create a Forward Lookup DNS zone of webmail.companyname.com pointing to the IP address of the Client Access Server.

Then run the following commands in Exchange Management Shell:
Set-ClientAccessServer -Identity CAS1 -AutodiscoverServiceInternalUri https://webmail.comapanyname.com/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “CAS1\EWS (Default Web Site)” -InternalUrl https://webmail.companyname.com/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “CAS1\oab (Default Web Site)” -InternalUrl https://webmail.companyname.com/oab

Set-UMVirtualDirectory -Identity “CAS1\unifiedmessaging (Default Web Site)” -InternalUrl https://webmail.companyname.com/unifiedmessaging/service.asmx

The details that you need to change are highlighted in bold with CAS1 being the name of your Client Access Server.

Once you have ran the above commands. Recycle MSExchangeAutodiscoverAppPool in IIS. Close and reopen Outlook on the client. The error message should no longer appear.

Unable to manage Cisco 800 series ISR Router from Cisco CCP

Today I had a case of not being able to manage a factory default (straight out of the box) Cisco 800 series ISR router. I could manage it through console, but not through CCP, also I was unable to ping it using the default 10.10.10.1 address from Cisco.

You will also find that you are unable to configure any of the FE switch ports with an IP address as you get the following error message:

“% IP addresses may not be configured on L2 links”

After a bit of research into the issue (nothing found on the Cisco website), you have to configure the IP address on VLAN 1.

So how do configure the router, so you can manage it through Cisco CCP?

Firstly, connect to the router via the console cable and carry out the following commands:
router>en
router# conf t
router#(config)interface vlan 1
router#(config-if) ip address 10.10.10.1 255.255.255.0
router#(config-if) no shutdown

Then, carry out the following commands:
Router(config)# ip http server
Router(config)# ip http secure-server
Router(config)# ip http authentication local
Router(config)# username <username> privilege 15 password 0 <password>
Router(config)# line vty 0 4
Router(config-line)# privilege level 15
Router(config-line)# login local
Router(config-line)# transport input telnet
Router(config-line)# transport input telnet ssh
Router(config-line)# exit
Router(config)# exit
Router>write memory

Following this, you should now be able to manage the router through Cisco CCP on 10.10.10.1 (255.255.255.0)

Exchange 2007 – 4.3.1 Insufficient System Resources Error

A call was logged today on the helpdesk system at work saying that external emails for a particular company wern’t being recieved, however when users were emailing each other internally, it was working fine.

I checked the usual things on the server such as Microsoft Exchange services, they were all up and running. Checked firewall, nothing had changed previously so that couldn’t have been the cause. When sending a test email from my works account to the customer, no NDR’s were being created, so in theory the email wasn’t even trying to be delivered. This is when I used trusty http://www.testexchangeconnectivity.com

Once I carried out a test on this, the following error was shown:

4.3.1 Insufficient system resources

I checked the storage on the C drive of the server and nothing seemed out of the ordinary. It just so happens that the Microsoft Edge Transport service will stop delivering inbound internet email if the disk space where the queue resides drops below a certain point.

To fix this issue, carry out the following steps:

– Stop the Microsoft Exhchange Transport service

– Move the folder C:\Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue to a location to another drive with more space

– Edit the EdgeTransport.exe.config which lives in C:\Program Files\Microsoft\Exchange Server\bin

– Edit the following lines to point to the new location of the queue folder.

<add key=”QueueDatabasePath” value = “…” />
<add key=”QueueDatabaseLoggingPath” value = “…” />

Following this, start the Microsoft Exhchange Transport again, and check mail delivery.

Please note that the new queue location must have the following permissions set:

  • Administrators – Full Control
  • System – Full Control
  • Network Service – Full Control

© 2017 Martin Cunningham

Theme by Anders NorenUp ↑