MsExchange Blog Spot Telnet25

April 30, 2009

Meta Data Clean UP Step By Step

Filed under: Active Directory — telnet25 @ 4:14 am

Log into one of your Domain controllers and perform fallowing steps. Initially there process or overall understanding what is about to happen is explained in a simple way. You are logged into domain controller, by using NTDSUTIL you will go into .DIT database located on this domain controller and you will

  • modify the .dit database
  • remove all references in regards to failed DC
  • when you exit the changes will be replicated to all other DC’s assuming your replication is working and other domain controllers will get rid of from all references to failed DC.

From command line.

image

1. Ntdsutil

2. metadata cleanup

3. Connections

4. Connect to Server ServerName

5. Q

6. Select operations target

7. List domains

8. List sites

9. Select domain number

10. Select site number

11. List servers in site

12. Select server number

13. Q

14. Remove selected server

15. Q

Great now you have accomplish basic clean up in the active directory databaseCrying

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog

What is “Clean meta data” in active Directory

Filed under: Active Directory — telnet25 @ 3:50 am

Metadata cleanup is one of the most serious task for network administrators as well as moving and seizing FSMO roles.

Before we talk briefly about metadata process I want to make sure you do understand the ADDS database ( .DIT) and its partitions. The ADDS database consist of below partitions

  • Domain
  • Configuration
  • Schema
  • Application

Now think about multi master replication model and what that mean is to you. When first domain controller introduced into forest/Domain , you now have domain controller which is authentication server waiting to provide ADDS directory services to its configured clients. Perfect when second DC is introduced into existing forest/domain ( DCpromo) now , .dit database from DC1 is copied into DC2 and DC2 become domain controller, authentication server as well.

image

So far so good, the replication amount these two domain controller keep both .dit database consistent and in sync stage and this is why when information is changed on DC1 reflects information on DC2 if the KCC on both domain controllers are happily replication delta changes.

What happen to FSMO roles, they got stuck on the first DC in this example and we will leave them there. Imagine you decided to have more redundancy and installed third DC into your forest/domain called DC3. Same story goes by .dit database is now reside on DC3 and thus DC3 become healthy domain controller.

What other services domain controllers provide, DNS, DHCP, WINS, File, Print service etc you name it and all these familiar to you.

Now imagine one day DC2 dies, due to hardware crash. Bad things happens and when they happen you release you never had any backup for the DC2, did I make you smile (-:

Okay how much we have to worry about losing DC2, if we are speaking of multi-master replication, can we purchase a new server and run DCPromo on it and replicate the .DIT database and its contend from DC1 or DC2?

Answer is of course this is why you would never have to worry about too much, because Active directory is redundant so does .dit database and its important contend.

Now you ordered new server name it DC2 just like the old one and you will run DCpromo to copy the .dit database from either one of the alive domain controller. You got couple problems doing this and you need to make some clean up if you are going to use same name for the new DC as DC2.

Let’s see why?

The simple answer will be, remember we talked about .DIT database and its partitions. In those partitions there are may references to each DC. simply failed DC2 still exist in the ADDS database even when it’s no longer physically connected to the network.

Just because it is no longer turned on does mean the database thinks it exist. Therefore replication from alive domain controllers to failed DC will be in trying state and will fail all the times. In a way thinking about pollution in the database.

why we need to clean this information? I just mentioned replication is having hard time, they try to locate the fail DC and obvious they cannot contact to it since it is not physically on the network. Many other dependency take will fail and you will end up having polluted .dit database.

So how we are going to get the garbage out the database is right thinking and metadata cleanup will be the way to do it for failed DC scenario.

once you clean up every information for the failed DC2 from .dit database, you will be able to bring new server with same name if you wish back to business with simple DCpromo

Now you know what "Clean meta data" mean is.smile_regular

Clean up server metadata

image

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

April 16, 2009

!!! Exchange 2010 is the Best version of ALL !!!!

Filed under: Exchange 2010 — telnet25 @ 9:16 pm

I start blogging a lot about 2010 so much to talkclip_image001, all in once the best version of exchange in many aspects in my eyes. I am truly loving Exchange 2010 and can write one or more article per day , no jokeclip_image001, because Exchange 2010 has so much to talk about.

The changes in database tables, the new structure or DB, makes it more efficient ***Faster*** and goodbye SIS (- : ,goodbye SG (storage groups), another 70 percent reduction introduced in Exchange 2010,( maybe even more) on top of improvement have been introduced in exchange 2007, JBOD.

image

Finally off load the exchange off the SAN (huge savings to everyoneclip_image002) and first time in history fully redundant messaging experience with no third party or SAN solution right out the product itself.

The new power of Exchange start shining with DAG (data availability Group) will make your messaging environment fully redundant with two server, and fail over is handled by natively with the application. The user experience is blip most of the time.

Not to mention more is given with exchange, your compliant regulatory requirements, email archiving solution is also comes with the product. This is incredible value, better faster, and the most comprehensive version of messaging application with ***less*** complexity.

Well as I said so much to talk about 2010, I truly believe not upgrading to exchange 2010 will cause lost in revenue to the business and that is why exchange 2010 will be the best version and most powerful version ever in the MS messaging history.

I recommend download the public version and see the power with your own eyes, you will be amazed with all new futures and the power.

Download 2010 here

image

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

530 5.7.1 Client was not authenticated Exchange 2010

Filed under: Exchange 2010 — telnet25 @ 2:30 pm

Problem:

After new installation you are able to sent mail out but not able to receive emails.The sending host is receiving fallowing command on SMTP handshake from your mail server “530 5.7.1 Client was not authenticated”

Solution:

I had one of my previous post same issue with Exchange 2007, please do remember, the product exchange is being delivered to you totally secure, and even anonymous access has not been turned on, you as an Exchange administrator must do it.

to understand and see the your server response , you need to open telnet session to your server and use standard SMTP commands to see what is going on so on your exchange server lets start installing Telnet client first

Open DOS or PowerShell and type below

servermanagercmd -install telnet-client

image

Now on the same screen type

helo  ( hit enter)
220 mail2.smtp25.org Microsoft ESMTP MAIL Service
250 mail2.smtp25.org Hello [10.10.10.10]
mail from:Telnet25@Gmail.com ( Use yours) hit enter
530 5.7.1 Client was not authenticated

As you see the server response is “530 5.7.1 Client was not authenticated

image

Now lets take care of that, open EMC , go under your Server configuration, hub transport server default receive connector, properties, click on last tab “permission Groups” place check mark into “Anonymous users” click apply and ok.

image

Now go back to DOS window we opened earlier,

telnet to your mail server on port 25 one more time,

this time you will get

Telnet mail3 25
220 mail3.smtp25.org
Helo
250 mail3.smtp25.org Hello
mail from:telnet25@Gmail.com
250 2.1.0 Sender OK

image
Now your mail server is ready to accept mails from outsidesmile_wink

Previous article

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/ (Blog)

https://telnet25.spaces.live.com/ (Blog)

https://telnet25.worldpress.com/ (Blog)

WS Management could not connect to the specified destination Exchange 2010

Filed under: Exchange 2010 — telnet25 @ 1:03 pm

Problem:

Accessing Exchange 2010 OWA received fallowing error.”Connecting to remote server failed with the fallowing error message: WS Management could not connect to the specified destination (mail3.smtp25.org:443)

image

Solution:

Check to make sure WWP (Worldwide publishing service is started) you can open DOS or Power Shell

Type “Services.msc” to open GUI services management console to see the state of the service.

If you are doing this from Power Shell

Restart-Service W3SVC

You can also use

Net stop W3SVC

Net Start W3SVC

image

Reference PowerShell Usage

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/ (Blog)

https://telnet25.spaces.live.com/ (Blog)

https://telnet25.worldpress.com/ (Blog)

April 15, 2009

Exchange 2010 and Active Directory Data

Filed under: Exchange 2010 — telnet25 @ 3:39 pm

Where does exchange keeps its information in active directory? This is one of the frequent question I am asked and I decide to give little information

Exchange keeps , stores its own information with in the .DIT database.

.DIT database and its partitions

image image

Domain Partition ( resident directory object)

  • Stores information default containers
  • Organizational units
  • The containers hold domain specific data
  • Users,Computers etc
  • Exchange updated the objects in this partition to support the exchange functionality
  • Recipient information

Configuration partition

  • Forest-wide information
  • This partition includes information,AD Sites ( Exchange uses to route the mail) Site base routing topology
  • Exchange Global settings
  • Transport settings
  • mailbox policies
  • UM dial plans
  • Address lists
  • Address and display templates
  • Administrative groups
  • Client access settings
  • Connections
  • Messaging records management, UM policies
  • Global settings
  • E-mail address policies

Schema Partition

  • Stores classes and attributes
  • Exchange prep work and installation changes the schema
  • Schema classes define all the types of objects which can be created and stored in AD
  • Exchange installation adds many classes and attributes to AD schema, these classes be used for exchange specific object agents connectors  etc.

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

Exchange 2010 Prerequisites

Filed under: Exchange 2010 — telnet25 @ 2:03 pm

Below are the prep work need to be done before installation of exchange 2010.

image

CAS server

  • install .NET 3.25
  • install Windows remote management
  • PowerShell V2
  • KB951725

ServerManagerCmd -i RSAT-ADDS

ServerManagerCmd -i Web-Server

ServerManagerCmd -i Web-ISAPI-Ext

ServerManagerCmd -i Web-Metabase

ServerManagerCmd -i Web-Lgcy-Mgmt-Console

ServerManagerCmd -i Web-Basic-Auth

ServerManagerCmd -i Web-Windows-Auth

ServerManagerCmd -i Web-Dyn-Compression

ServerManagerCmd -i NET-HTTP-Activation

ServerManagerCmd -I RPC-over-HTTP-proxy

ServerManagerCmd -i Web-Digest-Auth

Mailbox server

ServerManagerCmd -i Web-Server

ServerManagerCmd -i Web-Metabase

ServerManagerCmd -i Web-Lgcy-Mgmt-Console

ServerManagerCmd -i Web-Basic-Auth

ServerManagerCmd -i Web-Windows-Auth

  • IF the mailbox server be clustered
ServerManagerCmd -i Failover-Clustering

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

Exchange 2010 Improvements good by Storage Groups (-:, we wont miss you at all !!!!

Filed under: E14,Exchange 2010 — telnet25 @ 1:39 pm

well I am not sure how may posts I will need to do to talk about exchange 2010 and changes in regards (-:, it is so exciting to see the best version of exchange **Ever** in my opinion

  • Storage groups have been removed in exchange 2010
  • Mailbox databases no longer connected to the server object they become *Peers*
  • Database management has also been moved form Server configuration node in exchange console EMC
  • Storage groups functionality has been moved to the database, meaning database will have the logs
  • You can smell where this is going (-:, first time every if you install two exchange 2010 server you are 50 percent redundant, yes finally (-:
  • ESE has several improvements for HA ( high availability) performance and database mobility
  • No more RAID 0 + 1 or RAID 5
  • Exchange 2010 does not require expensive SAN to be redundant smile_regular, finally this version is getting exchange **OFF** the SAN JBOD ( Just bunch of disks). This is one of the most significant improvement in my opinion, just imagine how much you will save by running the fastest, fully redundant version of exchange without needing SAN

image 

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

Full redundancy with two Exchange 2010 for your organization

Filed under: General (1) — telnet25 @ 1:27 pm

image

Remember exchange 2007 had brought 70 percent I/O reduction , now you need to listed this, exchange 2010 has brought another 70 percent or even some more I/O reduction on table which to me the historical change for the product line.

I wanted to congratulate the people behind this hand up great job and ***incredible*** value to the product.

so how the messaging will be redundant with two servers? the key point or the value to see is “automatic, database-level failover capabilities” build into exchange 2010.

new engineering around exchange 2010 brought on a table continuous availability, remember fail over cluster , they in a way build into the product and it is seamless to the administrator.

The new architecture the fail over designed around the mailbox database level instead of Server level.This is known as **Database mobility** think about your mailbox is residing in the database and this database is located in a way amount two servers, if one server goes down, outlook clients will only see a blip and they get redirected to the available exchange server and therefore no mail interruption to the end user.

In a way remember AD and the story multi master replication model and how .DIT database is redundant and therefore if you loose one DC what you can do, get another server up and running run DC promo, hurray, you got .DIT database, your DNS information without suffering.

Think exchange 2010 in a same way. For those of you looking for business justification as I listed in the previous article

  • Cost
  • Cost
  • Cost

In a way if you don’t upgrade beside so many build in futures you will be loosing $$$$ smile_regular

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

Exchange 2010 and Business Reason to upgrade

Filed under: E14,Exchange 2007 — telnet25 @ 1:21 pm

It has been long time waiting being able to talk about Exchange 2010. I am going to list tree business reason why everyone will go for upgrading to Exchange 2010smile_regular, the business justification always been to driving factor behind the upgrades in my opinion and if you wont upgrade to exchange 2010 you will lose $$$$ (-:

Business Reasons

  1. COST
  2. COST
  3. COST

Yes, if you keep reading other posts coming soon you will understand how much you will save and how much benefits and improvements exchange 2010 is going to bring on the air (-:

I am so excited to talk about the **BEST** version of exchange  ever, when you learn about the futures and the changes in exchange 2010, you will be very happy and upgrade your exchange to 2010 without loosing time (-:, just because it makes so much sense for upgrade!!!!!!

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Https://telnet25.spaces.live.com (Blog)

Https://telnet25.worldpress.com (Blog)

Next Page »

Blog at WordPress.com.