Tag Archives: Work

Symantec Enterprise Protection (SEP) firewall requirements for client checkin.

So I’ve spent ages troubleshooting and debugging Symantec’s Endpoint Protection (SEP) version 11, MR4 – the first version that actually has a hope of working  on a 64bit platform.  After spending far too long configuring the various policies and tweaking various settings I was finally able to get the software installed via group policy on a testlab machine but the client would not checkin with the management server. The virus definitions were 4 months old BUT the client console was saying everything was ok. Lots of troubleshooting later and I stumbled across the definitions for the Management server – a setting that I had originally wanted to change anyway.  In there I saw that the management server was listening on port 8014 and a quick telnet check from the client showed I was unable to connect.  Disabling windows firewall (temporarily – this is on a testlab so the infection risk is minimal) allowed the client to check in with the server, change some settings in the console and update the virus definition dates. Finally I re-enabled the firewall, added an exception for TCP port 8014 and it all looks good, but I’ll wait to see what happens overnight for definition updates on the client.  For future reference the list of communications ports for version 11 can be found at Symantecs website here or posted below in the extended entry.

Security warning pops up when using Outlook2007 and Exchange 2007

After a recent migration of mail to Exchange2007, we’ve just started getting users logging tickets where a security window pops up saying “The name of the security certificate is invalid or does not match the name of the site”. This can happen even when the client is not at their desk. It took a few seconds to work out what was causing it – the clue was that the window had an icon in the taskbar for outlook. Searching in Google found Microsoft’s KB article 940726 with the resolution to the fix which involves changing various internal url attributes.
The instructions are fairly straightforward but I wanted to see what the values were set to before making the change. As I’m not very familiar with powershell it took me a while to work out what I needed.
For the command

Set-ClientAccessServer -Identity Servername -AutodiscoverServiceInternalUri https://name.contoso.com/autodiscover/autodiscover.xml

you want to run the command

Get-ClientAccessServer -Identity Servername | fl
The pipe fl provides all the values in a list – if you don’t include this part of the code you will end up with one line containing the name of the server – a value that you hopefully know already!
I really need to get cracking on my powershell skills – I still prefer good old fashioned dos batch programming but now that we’ve started to roll out powershell across all machines, powershell skills will be in demand more and more.

Exchange 2003 NDR’s are sent a long time after email was sent.

The past two reboots (where the server has been offline for a while) has resulted in non delivery reports being sent back to some of the mailboxes for mail that was sent several weeks ago and that had not been reported as failed when the mail was initially sent.
The first time this happened I thought it was just one of those things, especially as I had not seen mail in the queue before rebooting the server. After the second occurrence I knew it was time to investigate.
SBSisyphus has a great posting including a link to the exchange2003 (sp2) patch that should fix the “kb950757 Email senders do not receive an indication that some messages have been held by Exchange Server 2003 until the SMTP service, The Microsoft Exchange Information Store service, or the Exchange server is restarted”. I applied it to my machine and I’ll have to see what happens.
For what it’s worth you do not need to reboot the server (unless wmiprvse.exe is running – but you get an option to kill this process if it is running before proceeding) but it will stop and start your mail and web services so don’t apply it during the day and it goes without saying that you should have a backup first.

Columbus Meetup on Vmware

I don’t know that much about vmware apart from loading up some virtual images in the vmware player some time ago. I’m more of a hyper-v fan currently, but thats mainly because it fits nicely onto my lab machine.
Anyway, tonight I’m off to the Techlife Columbus Meetup at the Buckeye hall of fame cafe to hear about VMWare courtesy of work. I’m looking forward to it as I should come away with some good tidbits of information and also get to go around the cafe as I’ve never been there before.
The Techlife Columbus group seems to be pretty active and has groups on LinkedIn and also allegedly on Facebook although the link to Facebook doesn’t work (there’s a surprise). Worth checking out to see if there are any social, training or networking events that would be of interest to you, your job or your career. Obviously if you don’t live in Columbus this particular group is unlikely to be of interest, but it would be worth looking to see if there are other groups in your area.

Incidentally my profile pages are here on linkedin and Facebook or you can check out my other networks from my retaggr page.

Unable to sync while offline.

Had a weird issue with a Palm device using Activesync. The device would not synchronise when the laptop pc was working offline. This functionality was fixed/improved in Activesync 4.5 but unfortunately the device was already at this version.
Eventually we found that going to the device and selecting Start > Settings > Connections > USB to PC and remove “Enable advanced network functionality” and then doing a sync worked fine.

Powershell script to retrieve list of emails from Exchange2007 in the past 24 hours.

As in my previous post I needed to obtain a list of emails that have gone through a mail server within the past 24 hours (so it can be run on a daily basis). I struggled with the code initially but ended up with the following.

$yesterday = (get-date).adddays(-1).tostring(“g”)
$rightnow = (Get-Date).ToString(“g”)
get-messagetrackinglog -Start $Yesterday -End $rightnow -EventID RECEIVE -Result size 5000| select-object EventID,Sender,@{name=’Recipients’;expression={[string]::join(“;”,($_.Recipients))}},MessageSubject,TimeStamp | export-csv receive.csv
get-messagetrackinglog -Start $Yesterday -End $rightnow -EventID SEND -Resultsize 5000| select-object EventID,Sender,@{name=’Recipients’;expression={[string]::join(“;”,($_.Recipients))}},MessageSubject,TimeStamp | export-csv send.csv

My next step is to automate this and send it via email

Backups may take some time to complete….

Day 86 - I may be some time. I needed to do a restore of some voicemails on a server and the calculations on how long it was going to take were slightly off as you can see from this screenshot – it actually got as far as 150 days before it reached the data on the file and started the restore off. Typically I have to do this when the voicemail server crashes (due to a power outage when it wasn’t on a reliable UPS). Everytime the server crashes I would have to restore 2 peoples voicemails (out of about 70 voicemail boxes). They are the only two who have their voicemail wiped and Avaya don’t care about the problem. What is weird is that this time the server had a controlled shutdown and not a sudden crash.
I sent the user this screenshot and told them it might take me a while but I’m working on it – they replied saying they didn’t think they had *that* many voicemails!