Skip to main content
Sign In |
  Help (new window)

The Postmaster- By Michael Folin

Go Search
Home
Documents
About
Live!
  

 Categories

 Links
  Photos
  Archive
  Archive (Calendar)

2010-11-03

Apple Mac clients cannot send attachments larger than 5 MB when using Exchange
1. Back up the web.config file in:
 
%ExchangeInstallFolder%\ClientAccess\exchweb\ews\
 
and
 
%ExchangeInstallFolder%\ClientAccess\exchweb\owa\
 
2. On all you Client Access Servers, edit the web.config files in:
 
%ExchangeInstallFolder%\ClientAccess\exchweb\ews\
 
%ExchangeInstallFolder%\ClientAccess\exchweb\owa\
 
3. Open the files in e.g. Notepad.
4. Search for the maxRequestLength attribute.
5. Edit the value to reflect your Exchange attachment policy times three to accommodate the fact that Mac email clients usesMIME and sometimes expand the attachments times three. The value must be in KB. If your global attachment policy is 25 MB the value should be 25600*3=76800
 
<httpRuntime maxRequestLength="76800"
 
If you have multiple Client Access Servers you may not find the line with the maxRequestLength attribute on all Client Access Servers. In that case you can add it manually.
 
6. When you have edited all the web.config files you have to open a command prompt on the Client Access Servers and change the directory to:
 
\Windows\System32\inetsrv
 
Please note that the maxAllowedContentLength value should be in BYTES. The 76800 KB from the example above gives 78643200 bytes so the commands should be:
 
appcmd set config "Default Web Site/ews" -section:requestFiltering -requestLimits.maxAllowedContentLength:78643200

appcmd set config "Default Web Site/owa" -section:requestFiltering -requestLimits.maxAllowedContentLength:78643200
And the final command you should run is:
 
IISRESET
 
Now you Apple Mac Clients should be able to send attachments larger than 5 MB.
Posted at 09:53 by Michael Folin | Category: Exchange 2007 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin

2010-02-22

Event ID 12 — Domain Hierarchy Time Source Acquisition
MessageTime Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the PDC emulator for the domain at the root of the forest. There is no machine above this machine in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure this PDC emulator in the root domain to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.

Resolve
Configure an external time source

This computer is configured to hold the primary domain controller (PDC) emulator operations master role (also known as flexible single master operations or FSMO) in the forest root domain. This computer should not use itself as a time source. Configure an external time source as the authoritative time source for the forest, or configure a member domain controller as the time source peer. The configuration must be done manually. Perform the following procedure on the computer that is logging the event to be resolved.
To perform this procedure, you must have membership in Domain Admins, or you must have been delegated the appropriate authority.
To configure a manual time source peer:

1. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

2. At the command prompt, type w32tm /config /manualpeerlist:server,0x8, /syncfromflags:manual /update, where server is the name of the time source that you want to configure, and then press ENTER.

3. Restart the Windows Time service. At the command prompt, type net stop w32time & net start w32time, and then press ENTER.

4. Resynchronize the Windows Time service client with the time source peer. At the command prompt, type w32tm /resync, and then press ENTER.

Example
w32tm /config /manualpeerlist:timehost.lysator.liu.se,0x8, /syncfromflags:manual /update

Verify
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To verify that the Windows Time service is synchronizing correctly:

1. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

2. At the command prompt, type W32TM /resync, and then press ENTER.

3. At the command prompt, type W32TM /query /status, and then press ENTER.
This command displays the status of the Windows Time service synchronization. The Last Successful Sync Time line of the output displays the date and time that you ran the W32TM /resync command in the previous step. Also, check the computer name that is shown as the Source. This should be the name of a domain controller (or an administrator-configured time server) in the same Active Directory domain as the local computer.

To verify that the Windows Time service synchronized successfully with its time source, confirm that Event IDs 35 and 37 appear in Event Viewer. If there was a recovery from a previous failure to synchronize with the time source, you also see Event ID 138, which indicates that the Windows Time service is synchronized correctly.
Posted at 20:06 by Michael Folin | Category: Windows Server 2008 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin

2009-11-20

An IIS directory entry couldn't be created. The error message is Access is denied. HResult = -2147024891 It was running the command 'Get-OwaVirtualDirectory'
Background: You have installed Exchange 2010 that coexist with Exchange 2007. The Exchange 2007 server is also a domain controller. When browsing within the Exchange 2010 GUI or when you issue command in the shell like 'Get-OwaVirtualDirectory' you get an error message.
 
Error: An IIS directory entry couldn't be created. The error message is Access is denied. HResult = -2147024891 It was running the command 'Get-OwaVirtualDirectory'
 
Solution: On an Exchange Server 2007 that also is a domain controller, add "Exchange Trusted Subsystem" as member of the bultin group "Administrators". Else add the group as member of the local "Administrators" group on the Exchange 2007 server.
Posted at 15:21 by Michael Folin | Category: Exchange 2010 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin

2009-11-19

Exchange 2010 setup-Organization Prerequisites
Error:
The forest functional level of the current Active Directory forest is not Windows Server 2003 native or later. To install Exchange Server 2010, the forest functional level must be at least Windows Server 2003 native.
 
Solution:
Rais the Domain Function level & Forest Functional Level to Windows Server 2003:
 
Log into to the windows server 2003 domain controller => Administrative Tools => Active Directory Domain and Trusts => Right click the domain name and select “Raise Domain Functional Level” and raise it to “Windows Server 2003”
Posted at 17:34 by Michael Folin | Category: Exchange 2010 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin
Installing Exchange 2010 on Windows Server 2008 x64
Exchange 2010 Prerequisites for Windows Server 2008 x64
 
1. Install Microsoft .NET Framework 3.5 Service Pack 1 (SP1)
 
2. Install Microsoft .NET Framework 3.5 Family Update for Windows Vista x64, and Windows Server 2008 x64.
 
3. Install the Microsoft .NET Framework 3.5 Family Update for Windows Vista x64, and Windows Server 2008 x64 updates.
 
4. Install Update for .NET Framework 3.5 SP1 (KB967190)
 
5. Install Windows Remote Management (WinRM) 2.0 and Windows PowerShell V2.
 
6. On servers that will host the Hub Transport or Mailbox server role, install the Microsoft Filter Pack.
 
7. On the server, visit Windows Update and apply all critical updates.
 
 
8. Open an elevated command prompt, navigate to the Scripts folder on the Exchange 2010 installation media and use the following commands to install the necessary operating system components for a server that will have the typical installation of Client Access, Hub Transport, and the Mailbox role:
 
sc config NetTcpPortSharing start= auto
ServerManagerCmd -ip Exchange-Typical.xml -Restart
Posted at 16:50 by Michael Folin | Category: Exchange 2010 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin

2009-10-06

How To-Disable the server statistics on the login page-MDaemon Security Gateway 2.0.1

Altn's MDaemon Security Gateway is a SMTP gateway for Exchange. Extremely powerful and versatile. Current version 2.0.1. comes with a nice dashboard after logging in. You are presented the server statistics in a nice graphical way. But, the load time is very slow and there is currently no possibility to disable the server statistics within the GUI. This is how you disable it manually.

To do that, follow these steps:

  1. On the SecurityGateway machine, open Windows Explorer
  2. Go to the SecurityGateway directory (by default, Program Files\Alt-N Technologies\SecurityGateway\)
  3. Go to the Templates folder
  4. Make a backup of dashboard.xml by making a copy of the file and placing it elsewhere
  5. Open the dashboard.xls file in a text editor
  6. Comment out or remove this section:
        <div style="display:inline" id="chartDiv1"/>
        <div style="display:inline" id="chartDiv2"/>
        <div style="display:inline" id="chartDiv3"/>
        <div style="display:inline" id="chartDiv4"/>
        <div style="display:inline" id="chartDiv5"/>
        <div style="display:inline" id="chartDiv6"/>
  7. Save the file
  8. Log out of the SecurityGateway website and back in
  9. You will still see the section header "Server Statistics" and the note that starts with "Statistics for this server are displayed below..." but the charts will no longer show below that.

To comment the lines out, enclose the section with comment code like this:

<!--

    <div style="display:inline" id="chartDiv1"/>
    <div style="display:inline" id="chartDiv2"/>
    <div style="display:inline" id="chartDiv3"/>
    <div style="display:inline" id="chartDiv4"/>
    <div style="display:inline" id="chartDiv5"/>
    <div style="display:inline" id="chartDiv6"/>

-->

That will allow you to disable it without removing the lines, and you can experiment with disabling only certain ones if you wish, by commenting out just the individual lines.

Keep in mind that if for some reason the ability to switch them on and off isn't implemented in the next version, that file may get overwritten and your changes lost, so you may want to make sure you keep this information so you can re-comment out or re-remove the lines again.

Michael Folin
michael@postmaster.se

Posted at 19:11 by Michael Folin | Category: MDaemon | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin

2009-10-01

There was a problem with '', which is an alternate name for ''. The list of aliases is now '', and the alias 'was' removed from the list. The specific problem is 'CreateFile(\\\\.log) = 2'.

Event ID: 2147
The problem is caused by the cluster.replay service on the passive node performing its copy from the active node too aggressively. The passive node tries to obtain a file handle on the transaction log file(s) on the active node before the active node actually releases the file handle (lock) on the transaction log file.

Error code "2" - correlates to a file locking issue. This seems to mainly affect Windows 2008 platforms. Microsoft says that this is safe to ignore.

Michael Folin
Systems Engineer
michael@postmaster.se

Posted at 17:42 by Michael Folin | Category: Exchange 2007 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin
Error 0x8004010f occurred while cleaning up background folder <folder name> on database "<Storage Group Name>\Mailbox Database Name".

This event will occur when the database contains items that were not successfully deleted. Please wait until after the next database maintenance.

Michael Folin
Systems Engineer
michael@postmaster.se

Posted at 17:29 by Michael Folin | Category: Exchange 2007 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin

2009-09-10

Deploying Team Foundation Server 2008 on Windows Server 2008 Dual Server Deployment / Installing Team Foundation Server 2008 on Windows Server 2008 Dual Server Deployment

Team Foundation Server 2008-Dual Server deployment in my virtual lab. 

App layer: Windows Server 2008 Standard Edition [TFS 2008 with SP1 only runs on x86] with SP1. (Patched up-to-date) (Vmware virtual machine)
Server name: lab-tfs-app1
Software: SSRS 2008 (A component of Microsoft SQL 2008 Standard Edition with SP1) with SP1, WSS3 with SP2 (The steps below will guide you through those installations)

Data layer: Windows Server 2008 Standard Edition [x86 or x64] with SP1. (Patched up-to-date) (Vmware virtual machine)
Server name: lab-tfs-db1
Software: Microsoft SQL 2008 Standard Edition with SP1

Both servers are new and has been only altered a little bit:
Firewall: OFF
UAC: OFF (msconfig.exe)
DEP: OFF

This wizard guides you through the steps when deploying TFS 2008 with SP1 on two servers, a TFS 2008 Dual Server Deployment.

The app later will contain the SSRS and WSS components.
The app and data layer servers are fresh installs. The data layer software (MSSQL 2008) installation is brand new.

User account creation and user right configuration.

Create service accounts in Active Directory

TFSSETUP
Used to install Team Foundation Server.
This account must be an administrator on Team Foundation app layer and data layer servers.

TFSSERVICE
Used as the service account by Windows services for Team Foundation Server and SSRS.
Used as the identity of the Microsoft Team Foundation Server Application Pool and SSRS.
-Logon as a service on app layer
-Logon locally on app layer
-In ADUC, check "Account is sensitive and cannot be delegated" on the user object.

Add TFSSETUP as local Administrator on app layer and data layer servers.

On app layer open a command prompt and type secpol.msc and press ENTER for starting "Local Security Policy" MMC.

Local policies/User right assignment:
Allow log on locally for TFSSERVICE
Log on as a service for TFSSERVICE

Log out from both app layer and data layer.
From now on. Log only in with TFSSETUP.

Installing prerequisites for application layer:

Install IIS7 with a script.

Create a .BAT file. Fill it with:

ServerManagerCmd -install Web-Server
ServerManagerCmd -install Web-Http-Redirect
ServerManagerCmd -install Web-Asp-Net
ServerManagerCmd -install Web-Windows-Auth
ServerManagerCmd -install Web-Mgmt-Compat
Pause

Execute it on the app layer server.

Installation of IIS7 is complete.

Slipstream TFS 2008 SP1 into TFS 2008 install media

Integrate the Installation of Team Foundation Server and Service Pack 1

On the app layer create the following folders:

C:\temp\TFS\SP1Download
C:\temp\TFS\InstallMedia
C:\temp\TFS\SP1Extract
C:\temp\TFS\MergeFolder

Download TFS 2008 Sp1 from:

http://www.microsoft.com/downloads/details.aspx?familyid=9E40A5B6-DA41-43A2-A06D-3CEE196BFE3D&displaylang=en

Move it to C:\Temp\TFS\SP1Download

Create a .BAT file. Fill it with: (Please alter the x:\ below to reflect your location of the TFS 2008 installmedia))

C:\temp\TFS\SP1Download\TFS90SP1-KB949786-ENU /extract:C:\temp\TFS\SP1Extract
xcopy x:\at\*.* C:\temp\TFS\InstallMedia /D/E/F/Y/H
msiexec /a C:\temp\TFS\InstallMedia\vs_setup.msi /p C:\temp\TFS\SP1Extract\TFS90sp1-KB949786.msp TARGETDIR=C:\temp\TFS\MergeFolder
Rename C:\temp\TFS\MergeFolder TFS2008_With_SP1
attrib c:\temp\TFS\TFS2008_With_SP1 -R -S -H /S /D
pause

Preconfig the Hcpackage.xml
The TFS 2008 with SP1 installation fails if you install it against a data layer running SQL Server 2008 SP1. The TFS installation does not recognize that new version of SQL...
To solve that you have to follow these steps:

Backup c:\temp\TFS\TFS2008_With_SP1\Hcpackage.xml
Open c:\temp\TFS\TFS2008_With_SP1\Hcpackage.xml by using Notepad.

Find the following entry: (Search for 10.00.% )
<WQL namespace="\\.\root\Microsoft\SqlServer\ComputerManagement10" query="SELECT * FROM sqlserviceadvancedproperty WHERE ServiceName='[%VSTF_SERVICENAME_MSSQL%]'AND PropertyName='VERSION' AND PropertyStrValue&gt;='10.00.1433' AND PropertyStrValue LIKE '10.00.%'" action="=" count="0" />

Replace with:

<WQL namespace="\\.\root\Microsoft\SqlServer\ComputerManagement10" query="SELECT * FROM sqlserviceadvancedproperty WHERE ServiceName='[%VSTF_SERVICENAME_MSSQL%]'AND PropertyName='VERSION' AND PropertyStrValue&gt;='10.00.1433' AND PropertyStrValue LIKE '10.%'" action="=" count="0" />

Find the following entry: (Search for 10.0.% )
<WQL namespace="\\.\root\Microsoft\SqlServer\ComputerManagement10" query="SELECT * FROM sqlserviceadvancedproperty WHERE ServiceName='[%VSTF_SERVICENAME_MSSQL%]' AND PropertyName='VERSION' AND PropertyStrValue&gt;='10.0.1433' AND PropertyStrValue LIKE '10.0.%'" action="=" count="0" />

Replace with:

<WQL namespace="\\.\root\Microsoft\SqlServer\ComputerManagement10" query="SELECT * FROM sqlserviceadvancedproperty WHERE ServiceName='[%VSTF_SERVICENAME_MSSQL%]' AND PropertyName='VERSION' AND PropertyStrValue&gt;='10.0.1433' AND PropertyStrValue LIKE '10.%'" action="=" count="0" />

Find the following entry: (Search for %SQLServer2008% )

<MsiProductVersionCheck prodid="[%SQLServer2008%]" action="&lt;" version="10.1" />

Replace with:

<MsiProductVersionCheck prodid="[%SQLServer2008%]" action="&lt;" version="10.2" />

Save the Hcpackage.xml file.

Installing SQL Server 2008 on data layer

Log on to data layer using TFSSETUP

Note:
The installation program for SQL Server offers to install the appropriate versions of the Microsoft .NET Framework and Windows Installer if they are not already installed.
You MUST install these components to proceed with the installation of SQL Server, and you must restart your server when prompted after these components are installed.

On the SQL Server Installation Center page, click Installation, and then click New SQL Server stand-alone installation or add features to an existing installation.

On the Setup Support Rules page, click OK.
On the Product Key page, type your product key.
On the License Terms page, review the license agreement. If you accept the terms and conditions, select the I accept the licensing terms check box, and then click Next.
On the Setup Support Files page, click Install.
On the Setup Support Rules page, click Next.
On the Feature Selection page, select the check boxes for the following components, and then click Next:

Database Engine Services

Full-Text search

Analysis Services

Management Tools - Basic

On the Server Configuration page, click Use the same account for all SQL Server services, or type the name of a domain account or
NT AUTHORITY\NETWORK SERVICE in Account Name for every service.

In the Startup Type column, verify that Automatic appears for all accounts that you can edit, and then click Next.

!!Make sure to use the Latin1_General_CI_AS collation, which is "hidden" in an optional tab in the new installation dialog wizard. (Latin1_General_CI_AS collation är standard på engelska OS, men inte om du valt svenska inställningar under OS-installationen.)

On the Database Engine Configuration page, click Windows authentication mode, click Add Current User, and then click Next.

On the Analysis Services Configuration page, click Add Current User, and then click Next.

After the installation is complete, apply SQL 2008 SP1.
Open SQL Server Management Studio and verify that all services are running.
Open a command prompt and type "cliconfg"
Activate TCP/IP.

Installing SQL Server 2008 Reporting Services on the application layer

The installation program for SQL Server offers to install the appropriate versions of the Microsoft .NET Framework and Windows Installer
if they are not already installed. You MUST install these components to proceed with the installation of SQL Server, and you must restart
your server when prompted after these components are installed.
Install the components above and reboot.
After reboot start the SQL 2008 x86 install program.

On the SQL Server Installation Center page, click Installation, and then click New SQL Server stand-alone installation or add features
to an existing installation.

On the Setup Support Rules page, click OK.
On the Product Key page, type your product key.
On the License Terms page, review the license agreement. If you accept the terms and conditions, select the I accept the licensing terms check box, and then click Next.
On the Setup Support Files page, click Install.
On the Setup Support Rules page, click Next.
On the Feature Selection page, select the check boxes for the following components, and then click Next:

Database Engine Services

Reporting Services

Management Tools - Basic

Use NT AUTHORITY\NETWORK SERVICE in Account Name for every service.
Set all services to Automatic start up.
Make sure to use the Latin1_General_CI_AS collation, which is "hidden" in an optional tab in the new installation dialog wizard

!!Choose "Install, but do not configure the report server"
Apply SQL 2008 SP1.

Configuring SQL Server 2008 Reporting Services on the application layer

Run Reporting Services Configuration Manager. (Command prompt (RSConfigTool.exe))
Service account: TFSSERVICE
Web Service URL: Click Apply
Database: Change database. Create a new Report Server database
Database server:  the data layer server.
Report Server Mode: Native Mode
Report Manager URL: Click Apply
Verify that all SSRS URL's are accessible and exit the RSConfigTool

Installing Windows Sharepoint Services 3.5 SP1 on the application layer

Download Windows SharePoint Services 3.0 with Service Pack 2 from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ef93e453-75f1-45df-8c6f-4565e8549c2a&displaylang=en

Run Sharepoint.exe
Choose the installation you want: Advanced
Next form choose "Web Front End..." and click "Install now"
After installation is complete run "SharePoint Products and Technologies Configuration" Wizard (under Windows Administrative Tools)

First form: No, I want to create a new server farm.
Database server: Enter the name of the data layer server.
Specify database access account: ad_domain_netbios_name\TFSSERVICE where ad_domain_netbios_name is your AD domain.
Specify port number: 17012
Choose an authentication provider: NTLM
Fill a .BAT file with:

cd "c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\bin\"
pause
stsadm.exe -o extendvs -exclusivelyusentlm -url http://%COMPUTERNAME%:80 -ownerlogin %USERDOMAIN%\TFSSERVICE -owneremail "admin@localhost" -sitetemplate sts -description "Default Web Site"
stsadm.exe -o siteowner -url http://%COMPUTERNAME%:80 -secondarylogin %USERDOMAIN%\%USERNAME%
pause
iisreset /noforce

Check the quotation mark format and replace if necessary.
Please alter that file to reflect your installation environment
Path of "c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\bin\" that path should be the one that leads to stsadm.exe
%USERDOMAIN% = Your Active Directory NetBIOS name.
%COMPUTERNAME% = The app layer server
TFSSERVICE = The TFS service account. Normally TFSSERVICE
%USERNAME% = TFSSETUP
Execute it.

Verify that you can access SharePoint 3.0 Central Administration (This guide http://lab-tfs-app1:17012) and the extended Default Web Site above. (This guide http://lab-tfs-app1:80 )

Installing Team Foundation Server 2008 with SP1 integrated on the application layer

!Database server that hosts the TFS database should be the data layer server.
TFS setup verifies the installation environment. Please fix all varnings and errors. If VM there is a warning regaring hardware requirements. If firewall off, also warning.

Administrative URL: http://%COMPUTERNAME%:17012 (http://lab-tfs-app1:17012)
WSS URL: http://%COMPUTERNAME%:80/Sites (http://lab-tfs-app1:80/Sites)

When installation is complete (without errors) download TFS 2008 Power Tools (http://www.microsoft.com/downloads/details.aspx?FamilyId=FBD14EEA-781F-45A1-8C46-9F6BA2F68BF0&displaylang=en)
Run the TFS 2008 Best Practices Analyzer. Do a health check. If Vm, the only warning should be regarding the hardware requrements, else if clean.

Michael Folin
Systems Engineer
michael@postmaster.se

Posted at 22:46 by Michael Folin | Category: Team Foundation Server 2008 | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin
Microsoft Dynamics CRM 4 - CRM Outlook client hangs during "Propagating language setting"

Cause: It turns out the CAL access mode must be set to "Full" not "Administrator" in the user's information.

CRM web client with administrative account, navigate to: Settings/Users Open the problem user and navigate to the bottom of the Generel tab. Choose "Full". Restart Outlook.

Posted at 22:45 by Michael Folin | Category: Dynamics CRM | Permalink | Email this Post | Comments (0) | Attachments: | Created By: Michael Folin
1 - 10 Next

 Other Blogs
  You Had Me At EHLO...
  Henrik Walther Blog...

 ‭(Hidden)‬ Admin Links