MsExchange Blog Spot Telnet25

January 25, 2010

The format of the specified network name is invalid IIS 6

Filed under: General — telnet25 @ 4:48 pm

if you are un-able to start Websites in the IIS and receiving fallowing errors “The format of the specified network name is invalid” couple quick things you can look into remedy to problem.

image

First on the server drilldown to this Reg key.

  • HKEY_LOCAL_MACHINE
  • SYSTEM
  • CurrentControlSet
  • Services
  • HTTP
  • Parameters
  • ListenOnlyList

Make sure, the IP Address listed there is the IP correct IP address configured on the NIC card of the service ( correct interface) if not make the proper changes.

image

After this you need to open CMD type

Net stop http /y

image

net start w3svc

 

image

now you should be able to start the websites under IIS…

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

January 23, 2010

Simple Way to Customize OWA Exchange 2010….

Filed under: General — telnet25 @ 3:50 am

I will show you how to make simple changes to modify OWA pages. Changes are shown here very simple and effective. No worries about breaking anything if you pay attention to fallowing simple steps.

Here is first page of OWA ……

image

The file we will modify called “Lgntopl.gif”

Here is second file after you put your name and  password and log into OWA…..

image

Second one called “Logoowa.png”

So where these files are located at? both files will be at the fallowing directory on your CAS server.

  • Program files
  • Exchange
  • V14
  • ClientAccess
  • Owa
  • 14.0.639.21
  • themes
  • base
E:\Program files\Exchange\V14\ClientAccess\Owa\14.0.639.21\themes\base

Now lets make a backup of these files, copy these filed from their current location into newly created folder called backup-Base

image

 

image

Now we are safe (-:

Lets modify these file with our company name and replace the original files in the fallowing directory. Remember both files are in the Base directory.

E:\Program files\Exchange\V14\ClientAccess\Owa\14.0.639.21\themes\base

Download PSD files from SkyDrive, click on the icon below

  • lgntopl.psd
  • Logoowa.psd

image

All you need to do is to use  little skill in Photo Shop to change the company name to desired name, I user Telnet25.org in this example.

The result will be like this when you replace these files, in the BASE folder directory if you like you can re-name the old files to something like this

  • Lgntoplop-OLD.gif
  • Logoowa-OLD.png

Renaming these wont hurt anything you don’t have to re-start IIS at all , all you need to do is to refresh your page.

image

here is the end result of this simple work.

image

image

You can be more creative I guess , I like simple look

Hope you enjoy above simple steps, if you don’t like the end results for any reason, delete the files you made and re-name the old ones back to what it was.

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

January 14, 2010

Windows 2008 and time Sync W32time

Filed under: General — telnet25 @ 12:41 am

After migrating domain controllers on ESX environment (-:, ps: I have tried to convince for hyperV but did not worked out in this one.) we saw time on the domain controllers were off and made some adjustment to make PDC happy. I wanted to share here what we have done to fix the issue.

if you are not familiar with time service on the PDC emulator I recommend start reading it from Ace Fekay’s  blog  ( AD MVP ) excellent & well written article.

My issue started as “outlook is sending e-mails , 6hr behind the current time”

I think in the process of thinking locally, Outlook is a software installed on a workstation OS ( winXP, Vista, Win7 etc) and it reads time from OS itself

Workstation OS ( client PC’s)  is talking to domain controller they authenticated against. The domain controllers gets their time (Sync) from PDC emulator ( domain controller holds the PDC emulator role) and finally PDC gets ( should configured to external time source) its time from external time source.

  • Outlook—-sync——> Work Station OS—-sync—–>DC
  • DC—-sync——–> PDC
  • PDC——-sync——>External Time source.

Ok now back to the issue, how to configure PDC to sync its time from external time server? here is everything you need to know or do to make it work, KB816042

After you make this changes the PDC register will like this

W32Time configures the list of time sources through the following key

  • HKEY_LOCAL_MACHINE
  • SYSTEM\CurrentControlSet
  • Services
  • W32Time
  • Parameters
  • NtpServer

 

time.windows.com,0×01 time.nist.gov,0×01

image

Click here to download reg file which will do this for you automatically

image

Flag means

windows time service blog

0×01 SpecialInterval
0×02 UseAsFallbackOnly
0×03 SymmatricActive
0×04 Client

For troubleshooting only

Debug log file timelog.txt to be written locally as the Windows Time service interacts with the system

 

w32tm /debug /enable /file:C:logstimelog.txt /size:100000 /entries:0-300

Stop the debug

w32tm /debug /disable

To see what time server your PDC is talking too (vmdc01 is the name of the PDC in this example change it accordingly

net time \\PDCname /QuerySNMP

image

After making changes to stop and re-start the W32Time

net stop w32time && net start w32time

http://support.microsoft.com/kb/816042

if you are getting fallowing your DC’s are not replicating

image

There is a time difference between the Client and Server , The DC time might be off more than 5 min which will make the replication wont work properly.

NET TIME /DOMAIN:DOMAIN /SET /Y

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)

MCSE 2003, M+, S+, MCDST

Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

January 7, 2010

Assigning SSL Certificate for OWA Exchange 2010 Part 2

Filed under: General — telnet25 @ 7:08 pm

If you have not completed part ne you will need to go back and fallow the steps.

I am going to show you guys how to complete some of the work from Go Daddy the cets there are very affordable somewhere $12 bucks per year, the process will be similar to other vendors as well..

We will Complete Certificate Signing Request ( CSR) as shown below

  • Now we go to go daddy log in click on SSL certificate

image

Click on manage certificate

image

Click Request certificate

image

 

image

image

 

image

 

image

 

image

 

image

  • At this point you need to wait e-mail will be sent from Go Daddy to domain registrar e-mail address, as soon as you get the e-mail you will see URL link to click on to download the certificate, if your certificate is denied for some reason you need to go back and make the corrections

 

  • After downloading the certificate place it on somewhere ( hard drive) on the server

 

image

 

  • I chose the same location and placed them on my CAS server as shown here now go back to server and complete the ending certificate request

image

I am going to browse to same directory

image

image

 

image

image

 

image

image

 

image

 

image

 

image

image

Happy ending , We no longer get the SSL warning as it is shown below.

 

image

Thanks to Exchange Team for making the Certificate process literally piece of cake , Exchange 2010 is incredibly surrounded with all these smart easy use tools not to mention fastest messaging application “EVER”

 

install an SSL Certificate on a Client Access Server

http://technet.microsoft.com/en-us/library/bb310769.aspx

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

Assigning SSL Certificate for OWA Exchange 2010 Part 1

Filed under: General — telnet25 @ 6:32 pm

Goal: Assign SSL certificate for company OWA Exchange 2010 server

Environment:

image

  • Log on to Exchange 2010 via web browser bring up warning as shown below…..

image

Log on to Exchange 2010 Management Console

Server Configuration

  • Right Click on the CAS server
  • New Exchange Certificate

image

 

  • Enter Friendly name for the certificate ( anything you want this is for you to see and remember what this cert is for)

image

  • In this example we have one domain so wildcard certificate wont apply to here

image

  • Click next

Now Click the arrows to fill out the required information, this part is real nice easy to fallow we will click on Client Access server

image

Let me explain this a little bit so there is no confusion

The internal Domain Name space I use is SMTP25.local and server name is HTS01.SMTP25.Local

image

image

So my users internally can open their browser and type Http://mail.smtp25.local they will get to my exchange server and here how DNS A record internally look like

  • On the local Domain Controller / DNS
  • Open DNS Console
  • New Host A record

 

image

  • And type the IP address of the CAS server.

 

image

image

  • Pretty simple internal DNS query will be perform by client Browser will go to Internal DNS server and since we do have A record pointing to CAS server, Client browser will be directed to CAS server.

image

 

  • go back to Certificate  wizard

image

  • I will Click next

 

image

 

  • Here is important, I have to pay attention to Common name, The common name is what clients will put into their browser when they are on outside of your network ( Internet) and this record must exist on the Public DNS server.

image

 

image

image

 

image

image

  • I created folder on C and give name to Certificate to make me remember what it is in the future

image

image

image

  • Now let’s get the certificate from C drive make right click open, open with notepad

image

 

image

  • This is end of part one , please read part two to complete the cert process

best,

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

January 5, 2010

Enable AntispamAgents in Exchange 2010

Filed under: General — telnet25 @ 2:58 pm

After installing Exchange 2010, if you want to enable build in Antispam Agents, simply fallow the steps below. These steps are identical as Exchange 2007

Navigate fallowing directory on your Exchange HTS server

  • E:\Program files\Exchange\V14\Scripts

Use fallowing CMD-let

install-AntispamAgents.ps1

[PS] E:\Program files\Exchange\V14\Scripts>.\install-AntispamAgents.ps1

image

 

image

  • Restart-Service MSExchangeTransport

image

 

  • Use PS to see the service

image 

  • use asterisks to see all Change related services, this is pretty cool actually
get-service MSExchange*

[PS] E:\Program files\Exchange\V14\Scripts>get-service MSExchange*

image

get-service MSExchange* |FL

[PS] E:\Program files\Exchange\V14\Scripts>get-service MSExchange* |FL

 

image

Open EMC and drill down to Org config, Hub transport and locate the “Anti-Spam” tab

image

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

Mailbox move error exchange 2010

Filed under: General — telnet25 @ 5:38 am

Problem:

Some of the mailboxes are failing with fallowing errors

  • Active Directory operation failed on VMDC02.YAW.local. This error is not retriable. Additional information: Insufficient access rights to perform the operation.Active directory response: 00002098: SecErr: DSID-03150E8A, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0.
  • The user has insufficient access rights.

Cause:

On the user object security settings, “include inheritable permissions from this object’s parent is not checked in

image

Place a check mark there , and also

The account you logged into Exchange server , make sure it is a member of domain administrators and domain administrators does have full rights on the problem user object properties as shown here , if you have special security requirements you can move domain administrators full right after move complete successfully.

One last thing you need to do is to cancel , move request for this user if not you receive fallowing error

 

img003

copy and paste this into word or note pad

to see the status copy and paste the CMD-Let as shows into Shell

Get-MoveRequestStatistics -MoveRequestQueue ‘DB3 (Teachers)’ -MailboxGuid 8eed186b-90c4-41eb-9f78-c42f7315d210 -IncludeReport | fl

 

img004

Same goes for removing it

Remove-MoveRequestStatistics -MoveRequestQueue ‘DB3 (Teachers)’ -MailboxGuid 8eed186b-90c4-41eb-9f78-c42f7315d210 -IncludeReport

 

img005

After move request has been cancelled move on and try again to move the problem mailbox

Permissions required for mailbox moves

http://msexchangeteam.com/archive/2006/08/29/428781.aspx

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

January 4, 2010

Customizing OWA IIS page for Exchange 2010 and 2007

Filed under: General — telnet25 @ 5:10 pm

Okay I will show you little nice trick to customize your OWA page with Exchange 2010 and 2007.

here is the URL I use to get to OWA in Exchange 2010 and as you see since I did not include /owa at the end I am not getting to Exchange forma base authentication splash page.

image

This is IIS 7 welcome page and this is the page we will modify (-:

On the CAS server drill down to C:\inetpub\wwwroot

in here you will see two files

  • iisstart ( html)
  • welcome (Png image file)

 

image

We are going to replace this welcome PNG image with something we will come up with. Here is the link some pictures I made it already all you need to do it to convert them to PNG format or use one of the PNG format in below link.

Click here go download these pictures.

Exc_001

When you have your splash page is ready , all you need to do is to rename this to welcome ( format must be png) and place it to same directory as shown below.

image

I placed one of the picture I selected and renamed it to welcome, to C:\inetpub\wwwroot directory on CAS server.

now lets modify the HTML document, make a right click and select edit with notepad

image

here is the URL the entire image is link to , upon click

 

image

we will simple replace this with our OWA URL (-:, in my example this will be

https://mail.telnet25.org/owa

image

So I will place this URL link inside the HTML code

image

I also modified background color to white #FFFFFF

image

and Save the file, now if a user types

Https://mail.telnet25.org they will see below page, upon click on this page OWA page will load up.

 

image

 

If you have Photoshop you can easily place company logo here and this is vey easy way to customize the IIS welcome splash page , you really don’t need and skill to do this, it is extremely simple and work pretty nice…..
Check out mine

Https://mail.telnet25.org

 

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

Exchange 2010 Mailbox Move Improvements and Move request reporting futures

Filed under: General — telnet25 @ 1:00 pm

Exchange 2010 is shining in many areas, performance is one of the first noticeable changes and mailbox move has some improvements in Exchange 2010.

I believe most common scenario will be moving mailboxes from Exchange 2003 to Exchange 2010. If you heart about online mailboxes and excited about it this wont work for those who are migration from 03 to 2010 simply the future does not apply to Exchange previous versions except Exchange 2007 SP2 or higher

In an online mailbox move, the mailbox is moved while the end-users can still access their e-mail accounts and the account only locks out the user for a very brief time during the end of the process when the final synchronization occurs. Online mailbox moves are only supported between Exchange 2010 databases, and between Exchange 2007 SP2 and Exchange 2010 databases. You can perform an online mailbox move across forests or in the same forest.  Read more

  • You can’t use the Exchange System Manager or Active Directory Users and Computers to move mailboxes from Exchange 2003 to Exchange 2010.
  • You can’t use the Move-Mailbox cmdlets in Exchange 2007 to move mailboxes from Exchange 2007 to Exchange 2010.
  • When you move mailboxes, the user will lose the ability to view their message tracking information

The move process is performed offline, and end-users won’t be able to access their mailboxes during the move

Perform the move from a server running Exchange 2010 by using the move request cmdlets in the Exchange Management Shell. You can’t use Exchange System Manager on an Exchange 2003 server to move the mailboxes.

Understanding Move Requests

If you need to upgrade from Exchange 2003 to Exchange 2010 try ESDA * deployment assistant here

  • Exchange still moves mailbox in patch of four ( four move treats at one time).
  • New Move request in Exchange 2010 makes perfect sense to keep track who is being moved and ability to get quick report is making the move process even more efficient.

image

 

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 33 other followers