Windows 2003

Virtual Server for home use.

Thanks to a tip off from Ed Bott, I have ordered a nice Dell Dimension 2.4 GHz quad-core CPU (Intel Q6600), 3GB of RAM, and a 500GB drive, for $499 although I paid an extra $20 to get Windows XP Pro. I wanted to get the 64 bit version but Dell won’t sell it to me so I’d have buy the media which is going to be expensive or put my Vista or Windows2008 server software on to host my vm’s. Hopefully this machine will have enough processor and memory to allow me to run at least a couple of vm’s at the same time so I can get more experience in W2k8. At this price it was very tempting to buy a few of these machines but I restrained myself to just one. This is going to be used purely for work and training purposes so I should be able to deduct it in my taxes next year too which is an added bonus.

Exchange 2007 Migration is almost done.

Day 50 - Too late!The migration from NT4 and Exchange 5.5 to Exchange2007 and Windows 2003 is almost done. This weekend was the installation of Exchange 2007 and the move of mailboxes. Unfortunately it did not go to plan. Upromote worked great on the first server that needed the software and after two or three reboots it was acting as a member server. The second server however did not go well. Instead the server bluescreened in the middle of the process and I was left with a server that was neither in a domain or in a workgroup.  The logon box did not include the domain option but the local SAM was corrupted and wouldn’t let me login. As the machine was out of the domain I couldn’t connect to it remotely apart from ping activity. After struggling for a long time with a multitude of recovery tools we ended up with a parallel installation of NT4 on the machine so that we could access the data on the drives. This was not without hassles – the RAID controller drivers would not recognise the disk in NT4 – you would have thought that downloading the drivers for the raid controller that appears in the BIOS boot would work but nope – we had to use different drivers!  I tried to access the machine using Microsoft’s Dart Tool – the rebranded ERD commander, but this tool doesn’t support NT – in the end I had to go back to ERD Commander 2002 to get a version that worked with NT4 (although it didn’t actually help). The parallel installation of NT also needed SQL 7 reinstalling but this needed ie4 installed (and where do you get *that* from?)  Fortunately it would also accept IE6 too.

Installing the Exchange2007 sp1 was not a fun experience either – the process stopped half way through with an error saying that a file was in use and that I needed to reboot the server to continue. When I did so, the installation would not continue as all of the Exchange services and several other essential windows services had been set to disabled by the previous installation and the upgrade needs the Information Store to be running. As the other services were stopped the machine acted like it was behind a firewall – you were not able to ping out or into it. Setting all the services to automatic and then starting them got through this problem – I had to boot up my Virtual Exchange 2007 server to see which disabled services should normally be running though. I actually had to try the upgrade about 3 times before I got through with no errors but the whole experience made SQL2005 look stable.

Now I am having major trouble getting the remote outlook clients to connect through to the exchange 2007 server using RPC over HTTPS – it worked great with the Exchange 2003 server but just will not work with Exchange 2007 – if you have any bright ideas then let me know – tomorrow I’ll be logging a call with Microsoft for some assistance.

At the end of the weekend I felt like I had installed every piece of Microsoft software just to get Exchange migrated onto new servers. I have got some great ideas for future migrations and I know that I don’t want to repeat the process sometime soon!

Then to top it all off, the advert shown in this blog post arrived stuck to the front cover of my Technet magazine today – talk about bad timing.  Having said that, I have received the white paper and I don’t think we’d use their services as it sounds expensive. The advice was pretty basic but did include the steps of removing old mailboxes and cleaning up the database. One REALLY annoying thing to see when you are moving mailboxes on a weekend without pay is a lot of “moving 1 of 3654 spam messages” and “moving 3 of 12876 deleted items”.  I had told the users to delete these items before the upgrade but this hadn’t been done.  I think next time I will include a step of telling the users to delete their spam, junk and deleted items BEFORE the upgrade as it will be done as part of the upgrade “automatically” (and if anyone has a tool that will walk through a message store deleting items in the spam, junk and deleted items then let me know)

70-290 passed.

My passing score was 928 (pass was 700) so I passed comfortably – which is a very nice feeling and something I’ve maintained in all the exams I’ve taken with Microsoft so far. I now have 1 more to go and then I get my MCSA exam. This exam was quite different to the ones I’ve done before – there were 45 questions and about 10 (or more) were simulation exams. Personally I like these questions as it’s a lot easier to recognise the process needed to go through as opposed to the previous “drag and drop to put in order” box questions where you have to remember the exact wording on the dialog boxes that in real life you pay little attention to as you use them every day.
After 20 questions the screen froze, for ever, and ever and ever. Eventually I went out to see the receptionist but when I came back the machine was waiting for the next question – it takes a long time to load some of the simulation questions. I was really nervous at this point as the first 20 questions were easy and I was confident I had about 19 of them correct. I really didn’t want to start again.
After this scare the questions seemed to get harder but a lot of them were similar to the questions in the official MS press books and there were some questions I had seen that were identical to various test prep software solutions although I didn’t use the MeasureUp software for this exam which I have used in the past. Now it’s onto 70-291….

Event ID 5050 in Source (IAS ) cannot be found

Finally found a solution/explanation to the Event ID 5050, Source IAS that reads “The description for Event ID ( 5050 ) in source ( IAS ) cannot be found. Apparently this is A LDAP connection with domain controller <domain controller name> for domain <domain name> is established. and therefore nothing to worry about. It’s taken ages to track this down – I wasn’t able to find it on eventid for quite a while, but this morning it was there.

msgina event 1010 errors

Finally managed to solve an issue that has been bugging me for months. A user was logging onto the Terminal server but two of their network drives would not connect as part of the login script. However doing a net use and providing username and password in the prompts would connect (which is how they’ve been connecting for a while). Logging into a local pc worked fine, but logging in via terminal services always had this problem – so it had to be something to do with the roaming terminal service profile.
Eventvwr was showing events Userenv 1030 – Windows cannot query for the list of Group Policy objects, Userenv 1006 – Windows cannot bind to domain (Invalid Credentials), MsGina 1010 Failed to set the user’s home directory,
I tried debugging using KB221833 which gave me 43 pages of logs to read through.
Eventually I logged into the Terminal server as the user, went into control panel, stored passwords and lo and behold – there was someone elses username (and password). Deleted this stored account, logged off and back on again and got all their network drives connected.
control keymgr.dll is a shortcut to this screen that users might be able to use to clear this themselves.

List RAS users in Windows 2003

I had the need to quickly list the users who had DialIn access to the domain. This can be achieved using the netsh command. More details can be found in the Help and Support Center for “netsh commands for remote access” but the command line you need is netsh ras show user mode=report >ras.txt (assuming you want the file exported to ras.txt

Combining a Windows 2003 server – the hidden pitfalls

I needed to migrate some data from an old server onto a new server and after moving the data (thanks robocopy) I needed to ensure that the clients would be able to find the new location. Creating the shares with the same name and then changing the login scripts should make everything work ok, but just in case something has the unc path encoded I did the following (see the extended entry). Read the extended entry for the surprise ending that I had to do!

Using CNAME for server alias’s may not work as expected

If you are decomissioning an old server and moving the data to a new server, an easy way to let all the hosts still connect to the old server is to create a cname alias in dns such that oldserver points to newserver.domain This way, any software coded to use unc names will still find the share but on the new server.
Unfortunately, by default the new server does not expect to get requests for the oldname so it ignores them and the client receives an error message. This is apparently fixed by following the instructions in KB281308.

Windows 2003 sp2 is now out

This is really weird – the news on this Windows 2003 service pack 2 has been really quiet – there has been very little coverage of the beta for this and then boom – it’s available on Windows Updates the day that Microsoft say they are not releasing any security patches! Hopefully your servers are not set to auto update and WSUS is not set to automatically approve (and download) service packs. However, if you have ie7 on the server then you won’t be able to install service pack 2 which is a really stupid requirement. I know there is the argument that you shouldn’t be surfing on a server, but you need a web browser for a lot of server based monitoring apps like Dell System monitor, Hp monitor, WSUS, Symantec antivirus etc so it would make sense to have the latest version on the server (especially as you can use tabs)
From the What’s new, it is interesting to see that there is a replacement tool for cacls, now icacls and also RIS has been replaced by Windows Deployment Services

OS Packaging

It was interesting to see that details about the packaging for Windows Vista was released today – JCXP links to MS Tech today which has a picture of the neat dvd box. Contrast this to the cd’s that I received from Dell for the SBS 2003r2 server I opened. Not only was the media on CD (which means a painful 4 cd install after Dell’s install creates a small 25gb boot partition) despite the server having a dvd drive, but the cd’s were in the paper sleeve envelopes that you normally get with an OS installation from Dell. What was worse that disks 1 and 2 were in the same envelope with a piece of paper slid between them, the same for disk 3 and 4. This is really cheap, likely to lead to scratches and not a good first start impression of a brand new server!
(Note that I don’t know if SBS was requested on cd instead of dvd or whether that is how it comes but even if it was ordered on cd, it could at least come in a reliable case.