Unable to use Active Sync / direct push on Exchange 2010

by Mats Hellman on 24.May, 2010 under Active Directory, Exchange Server

We had some trouble with users not being able to sync their mail, contacts and calendar to their mobile phone. The configuration works but when the synchronization starts we get a entry in the local log “Error in Exchange Server”.

Checking the logs on the Client Access server pointed me to look at permissions and it seems like some accounts have disabled the inherited security rights. This is the problem since Exchange can’t access the account information.

To check this you use Active Directory Users and Computers and open the user in question. Open the Security tab and press Advanced. On the open window you should se the “Include inheritable permissions from this object’s parent”. If it’s not selected your Active sync will fail.

image

Hope this shortens someone’s troubleshooting session.

Leave a comment

Affordable SAN(UCC) certificates for Exchange Server

by Mats Hellman on 17.May, 2010 under Exchange Server, Windows

We are currently in the process of setting up our new Exchange 2010 environment and I was looking for a certificate supplier that doesn’t require you to pay an arm and an leg for a certificate.

When you set up your Exchange server to use auto discovery and other services you probably won’t run everything on autodiscovery.domain.com. So you need a certificate with Subject Alternative Names or SAN. Also called Unified Communications Certificates or UCC.

You could buy them from Verisign or Thawte or any of the ones Microsoft currently supports, which is three suppliers you can find them here http://support.microsoft.com/kb/929395

Anyway, I wanted a simple certificate to encrypt the traffic between the server and the client and to be able to use auto discovery without any error messages for the users about untrusted certificates. Using AD-CS will remove the problem from the normal Active Directory computers but not mobile devices not belonging to the domain. So googling around I found this supplier and decided to post it here for future reference and so you can save a few bucks on the certificates. The supplier is http://certificatesforexchange.com/

Checking their prices today a multiple domain certificate costs 59,99$/year. And believe me that’s cheap.

Leave a comment

Prepare a Virtual Environment for testing

by Mats Hellman on 14.May, 2010 under Windows, Windows Deployment

One of the more important tools I use in my day to day work is Virtual PC. To be honest I’ve been looking at VMware Workstation for a while because Virtual PC 2007 doesn’t support 64-bit guest operating systems. But that’s another story. Right now I manage with what I’ve got.

Why a virtual environment?

This might be the first question. Well it saves time and money. I can test different products and deployments without using a full expensive test lab. The virtual systems can’t replicate every possible scenario but I’ve managed fine so far.

You can’t test disk encryption and that’s to bad but almost anything else is possible without making changes to your production environment.

How to setup the environment

First of all you should create a few master images so you will be able to copy in servers and clients when you need new ones. This is simply done by installing a copy of Windows Server 2008, Windows 7 or any other system you might need in the future. I personally keep master images of

So if you need all of them you need to start installing. Just install the basic OS, install all/any tools you like to use. Maybe you even want install the Office suite. Another tool collection I suggest you install is the Sysinternals Suite. After you have installed all the basic Operating systems we need to Sysprep them so they can be used again and again without any collisions on SID:s etc.

Using Sysprep

After you have everything installed you need to sysprep your installation and let the guest operating system shut down so you can copy the virtual hard disk (.vhd) file. Sysprep has been integrated in Windows Vista and newer, XP and 2003 has the files on the installation media in the folder <DRIVE>:\Support\Tools\Deploy.cab . In Vista and newer you can find sysprep in the folder C:\Windows\System32\sysprep.

For Windows Server 2008 and Vista you need to install the Virtual Machine Addons to get it running smoothly and you really want them to be left alone by sysprep. After all we are running sysprep to get our master images for Virtual PC.

So to keep your Virtual Machine Additions in the image you need to create a sysprep.xml file in the sysprep folder. If you want to you can place anything in the Sysprep file but this is needed to keep the Virtual Machine additions for the next boot.

<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
   <settings pass="generalize">
      <component name="Microsoft-Windows-PnpSysprep" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="x86">
         <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
      </component>
   </settings>
</unattend>

Once you have the file saved in the C:\Windows\System32\Sysprep directory just run from the command prompt.

sysprep /generalize /unattend:sysprep.xml

After the computer shuts down you can move the .vhd file to a storage directory and name it something like Ws2008-master.vhd.

Windows 7 has a greatly improved support to run as a virtual machine so I’ve never had to install any of the additions on a Windows 7 image.

The result

The next time you need to “install” a new virtual Server or client just copy the .vhd file to another location and rename it. Create a new virtual machine and point it to the newly copied .vhd file. Boot the server or client and you’re done. Easy, fast and great for testing.

Virtual PC wants to store everything in your home folder but I like to keep my virtual machines in the root of a drive. So I know where to find them.

D:\VMS to keep the vmc files
D:\VMS\VHD to keep the .vhd files in use, not the master images
D:\VMS\Master to keep the master .vhd files
D:\VMS\ISOS to store any ISO files I might need.

You should set it up the way you like it but for me that keeps it in order and I know where to look for my files.

If you have any questions feel free to comment and I’ll answer anything I can.

Leave a comment

Systems Center Configuration Manager 2007, Secondary site Pending

by Mats Hellman on 13.Apr, 2010 under Windows

I’ve been setting up SCCM 2007 at work and the Primary site is working fine so I decided to deploy the first of many secondary sites. I pushed the install from our Primary Site server and added it to the Local Administrators group on the secondary site server to be. The installation went fine, or at least it looked like it did. I noticed I had forgot to set the Secondary Site server in the SMS_SiteSystemToSiteServerConnection_XXX group on the primary site server so the Secondary site wasn’t able to write to the inbox of the Primary site server. This resulted in the secondary site hanging at PENDING. And fixing it took some searching, after about 4 hours of searching I decided that when I find a solution I’m going to post it so no one  else has to go trough the same trouble.

Fixing the Pending issue

The solution is really simple. Since the secondary site wasn’t able to report it was done and the settings applied I had to find a way to get them to the primary site server. Apparently this is done at install and it won’t try it again. So just log in on your Secondary Site server, copy the file <ConfigMgrInstallPath>\inboxes\sitectrl.box\SiteCtrl.ct0 file to a temporary location (C:\Temp!?) and rename it to 00000000.ct2. When that’s done copy the renamed file to your Primary Site Server <ConfigMgrInstallPath>\inboxes\hman.box\ wait a second and your secondary site will be online. The solution was really easy but it was really hard to find so I’m hoping this will make someone’s day a little better.

5 comments

Shrink VHD in Windows 7

by Mats Hellman on 07.Dec, 2009 under Windows, Windows 7, XP Professional

I got a new HP Z400 Workstation to my office today and decided to recycle the old DC5800 to someone who needs a trusty workhorse and doesn’t work with memory intensive tasks like Virtual Systems like I do. Even if my old desktop was getting a new life I still wanted to keep it because I’ve installed many tools on it I still use and I like to do some Group policy testing on it.

I found the great tool Disk2VHD by Sysinternals. It converts your physical disk to a VHD file so you can use it in Virtual PC or some other virtualization software that supports Microsoft’s VHD format. Disk2VHD homepage http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

Before you start this you may want to make a backup of your VHD file in case something goes wrong.

Shrinking the VHD for Virtual PC

So I captured my old hard drive and moved it to my new workstation. The file was only 80Gb as Disk2VHD makes it a dynamically expanding disk. Everything looks fine so far. The problem is that Virtual PC only supports 127Gb drives or smaller and my physical drive was 250Gb so booting the drive in Virtual PC didn’t work. I had to get it resized to under 127Gb to get it booting. Googling around I found a few tools but none of them worked the way I needed them to. I had to get my drive size under 127Gb. Some researching later I found that the computer management console, disk management, in Windows 7 was able to mount and shrink my VHD. So fingers crossed I started compmgmt.msc and mounted the drive.

cmpmgmt1

Right clicking on Disk Management and selecting attach Virtual Hard disk worked like a charm. So now let’s shrink the drive. Select your drive from the list and right click selecting Shrink.

image

After the query is done it will tell you how much it will be able to shrink the volume. If it’s still over 127Gb you can activate the drive in Computer Management and go delete some files. I had a lot of downloaded files I had to delete before I could get it to shrink under 127Gb. When the shrink operation is done we still have to shrink the vhd file. This just made our Windows partition smaller and now we want to get rid of the unused partition from the VHD file to get it under the magic 127Gb line.

VHDResizer to the rescue

All you need to do now is get the software vhdresizer and have it resize your vhd. You can get VHDResizer from http://vmtoolkit.com/files/folders/converters/entry87.aspx

image 

Still no roses

I was hoping this would be the end of the journey and I would be able to boot the system. You could try it at this point but for some reason my system wont boot. I booted into the XP setup and ran FIXBOOT and FIXMBR and the system still won’t boot. So next I tried an Repair install. Victory!

The repair install fixed any issues but I’m tempted to go trough the same again to check where this really fails. I’m sure you can do this without the repair install.

But the result is the same, I have my old desktop OS back and can use the tools when I need to and I didn’t have to reinstall from scratch. If anyone else has had the same problems and solved them without repair install I would be curious to know what you did.

2 comments

Next Page »