Released: Update Rollup 5 for Exchange 2010 SP1
Earlier today the Exchange CXP team released Update Rollup 5 for Exchange Server 2010 SP1 to the Download Center.
This update contains a number of customer-reported and internally found issues since the release of SP1. See 'KB 2582113: Description of Update Rollup 5 for Exchange Server 2010 Service Pack 1' for more details.
We want to let you know this rollup contains the Exchange 2010 SP1 version of the change described in this KB article:
· 2543879 - PDF attachment from a Mac Mail client is not displayed when you use Outlook 2010 to open the email message in an Exchange Server 2007 SP3 environmentWe would also like to specifically call out the following fixes which are included in this release:
· 2556352 - MoveItem returning empty ChangeKey
· 2555850 - Unable to delete a folder whose name has a particular character code
· 2490134 - OWA's zip-download does not work for some messages due to invalid chars in the subject
Some of the above KnowledgeBase articles are not replicated/live at the time of writing this post. Please check back later in the day if you can't reach them.
Availability of this update on Microsoft Update is planned for late September. Update Rollup 6 for Exchange Server 2010 Service Pack 1 is currently scheduled to release in October 2011.
General Notes
Note for Exchange 2010 Customers using the Arabic and Hebrew language version: We introduced two new languages with the release of Service Pack 1, Arabic and Hebrew. At present we are working through the process of modifying our installers to incorporate these two languages. Customers running either of the two language versions affected are advised to download and install the English language version of the rollup which contains all of the same fixes.
Note for Forefront users: For those of you running Forefront Security for Exchange, be sure you perform these important steps from the command line in the Forefront directory before and after this rollup's installation process. Without these steps, Exchange services for Information Store and Transport will not start after you apply this update. Before installing the update, disable ForeFront by using this command: fscutility /disable. After installing the update, re-enable ForeFront by running fscutility /enable.
Installing RODC on a remote Site - Part 1
This step by step guide will show you how to install a RODC on a remote location, also included is creating a Site for that location, separating it from the other DC's and by that making users log to that RODC and not the far-located DC.
· In order to use a RODC (feature does not exist in 2003) there must be at least ONE Domain Controller running Windows Server 2008
Before installing a RODC for the first time, we need to Prepare the forest and domains. There are three adprep commands to complete and have the changes replicate throughout the forest.
To prepare a forest for an RODC
1.Log on to any computer in the forest as a member of the Enterprise Admins group (Best to use one of the Domain Controllers).
2.Insert the Windows Server 2008 or Windows Server 2008 R2 DVD into the CD or DVD drive.
3.Click Start, right-click Command prompt, and then click Run as administrator.
4.If you are using the Windows Server 2008 DVD, Run the three commands as follows:
D:\sources\adprep\adprep /forestprep
D:\sources\adprep\adprep /domainprep /gpprep
D:\sources\adprep\adprep /rodcprep
· Windows Server 2008 R2 includes 32-bit and 64-bit versions of Adprep.exe. The 64-bit version runs by default. If you want to run one of the Adprep.exe commands on a 32-bit computer, use the 32-bit version of Adprep.exe (Adprep32.exe).
If you are using the Windows Server 2008 R2 DVD, Run the three commands as follows:
D:\support\adprep\adprep /forestprep
D:\support\adprep\adprep /domainprep /gpprep
D:\support\adprep\adprep /rodcprep
Where D: is the drive letter of your CD or DVD drive.
Now we need to create a site, that will unique the RODC and set users on the same subnet to log on to that DC.
Log to an existing Domain Controller
Click Start -> Administrative Tools -> Active Directory Sites and Services
Right click on "Sites" and choose New Site
Choose a site name (the bottom part is the Default site link, that links all the sites together – leave it as is.) and click OK.
The following notice will show up, click OK.
Now expand the Subnet folder, and Right click, and choose New Subnet
Choose the site you created, and set the IP of the site (i.e 192.168.100.0/24 or Class b 192.168.0.0/16 ) and click OK.
Now you can go to the site again, right click and choose Properties, on General tab you can see the IP subnet you added.
Next we need to add the RODC as a normal member of the domain, so join the server to your domain.
Now are ready to install the RODC role.
Click Start -> Run
Write DCPROMO and click OK
The system will start checking if Active Directory Domain Services ( AD DS) binaries are installed, then will start installing them. The binaries could be installed if you had run the dcpromo command previously and then canceled the operation after the binaries were installed.
The Active Directory Domain Services Installation Wizard will start, either enable the checkbox beside Use Advanced mode installation and Click Next, or keep it unselected and click on Next
The Operating System Compatibility page will be displayed, take a moment to read it and click Next.
Choose Existing forest, and Add a domain controller to an existing domain, Click Next
Now choose the Domain and the user that have permission (if logged with Administrator - choose "My current logged credentials" and click Next.
Now choose the site you created (should be chosen automatically according to the RODC subnet) and click Next.
Now the DNS examine can take up to 1-2 minutes
In the Additional Domain Controller Options page, choose all 3 boxes (As our goal is to have the RODC on a separate site, so it must be GC and have DNS for easier login for the users).
If you don’t have static IP assigned to your server you will see similar to the following screen. It is best that you choose No, and set a static IP
· if you already have a static IP and have more than one Ethernet adapter, this might be the cause of this message, if this is the case – click No and disable it (you can enable it later).
Now you will have to choose the group that will have access to make changes in the RODC, it is best to choose the Administrators domain group.
Now you will have the location where the domain controller database, log files and SYSVOL are stored on the server.
The database stores information about the users, computers and other objects on the network. the log files record activities that are related to AD DS, such information about an object being updated. SYSVOL stores Group Policy objects and scripts. By default, SYSVOL is part of the operating system files in the Windows directory either type or browse to the volume and folder where you want to store each, or accept the defaults and click on Next
In the Directory Services Restore Mode Administrator Password (DSRM) page, write a password and confirm it. This password is used when the domain controller is started in Directory Services Restore Mode, which might be because Active Directory Domain services is not running, or for tasks that must be performed offline. Make sure that you memorize this password when you need it.
· Note since you are adding this DC to an existing domain, the DSRM is set by the first DC in the forest ! the password you will enter now will be used only if this server will be demote, and this will be the Local Administrator's password.
Summary page will be displayed showing you all the setting that you have set . It gives you the option to export the setting you have setup into an answer file for use with other unattended operations, if you wish to have such file, click on the Export settings button and save the file.
Click next to start the actual RODC installation, once it is done - reboot.
Cannot Activate Database Copy: Content Index Catalog Files in Failed State
When activating a database copy in an Exchange Server 2010 Database Availability Group it may fail with an error message that catalog index files are in a failed state.
When you view the copy status of the mailbox database the content index is in a failed state
[PS] C:\>Get-MailboxDatabaseCopyStatus | fl name, contentindexstate
Name : Mailbox Database 0693514138\TheITblogMBX
ContentIndexState : Failed
To resolve the issue update the content index on the server on which it has failed.
· You must run Exchange Manangment Shell in Administrator mode
Use the following command:
Update-MailboxDatabaseCopy " MailboxName\TheITblogMBX " –CatalogOnly
If you get an error, check the Exchange Services (Attendant , Transport, RPC Client Access, Search indexer) – if all are up, restart them.
Then close the Exchange management shell, and open it again as an administrator, and run the command again.
How to export the DHCP database from Windows 2003 (moving to 2008)
I have tried 4 different methods to transfer the DHCP database from our old Windows Server 2003 to our new Windows Server 2008 R2, only one way actually worked (the others either did not load the scope, or did not update the registered users, or you had to delete the reservation ip's).
This is the only one that worked perfectly.
1. On the Windows 2003 DHCP server, navigate to a command prompt
2. Type the following Command: netsh
3. Type the following Command: DHCP
4. Type the following Command: server <\\Name or IP Address>
5. Type the following Command: export c:\w2k3DHCPdb all
Note You must have local administrator permissions to export the data.
Import the DHCP database
1. Copy the exported DHCP database file to the local hard disk of the Windows Server 2008-based computer.
2. Install the DHCP Role on the server.
3. Stop the DHCP server service on the server. To do this, follow these steps:
a. Log on to the source DHCP server by using an account that is a member of the local Administrators group.
b. Click Start, click Run, type cmd in the Open box, and then click OK.
c. At the command prompt, type net stop DHCPserver , and then press ENTER. You receive a "The Microsoft DHCP Server service is stopping. The Microsoft DHCP Server service was stopped successfully" message.
d. Type exit, and then press ENTER.
4. Delete the DHCP.mdb file under c:\windows\system32\DHCP folder.
5. Start the DHCP server service.
6. Right-click on the Command Prompt (cmd) and select run as administrator, to open the cmd prompt using elevated privileges.
Note You must have local administrator permissions to import the data.
7. Type the following Command: netsh
8. Type the following Command: DHCP
9. Type the following Command: server <\\Name or IP Address>
10. Type the following Command: import c:\w2k3DHCPdb
11. Restart DHCP and verify the database has moved over properly.
Solution: Backup Exec not backing up Exchange database after DAG installed.
In order to backup exchange database after a DAG has been created, you need to install BE Agent on all mailbox servers.
Then in the selection list, you need to choose the DAG (not one of the members)
Also – theres a known "bug" that the database shows 0kb , but not to worry, It will still backup everything.
Backup Exec's automatic choosing would be the Active Copy (the server that is Mounted) for the backup.
Migrating a UserProfile from one domain to another in Windows XP and Windows 7
Due to a merge between two big companys, I had to move over 100 users to a new domain. But I wanted to keep all of their information (Outlook profile, Desktop background, Documents, Favorites, saved passwords etc.)
So I did found an article on how to do it in Windows XP, but that did not work with Windows 7. But eventually I found the solution.
Windows XP
Add the user to Local Administrators (using Local Users and Groups)
Log-in with the user once to create the new profile
Open Regedit.exe
Navigate to HKEY_LOCAL_MACHINE -> SOFTWARE -> MICROSOFT -> WINDOWS NT -> CurrentVersion -> ProfileList
Locate the old profile by looking the 'ProfileImagePath' key
Copy the listed folder, and locate the new created profile the same way
· You can also download a small script that would tell you your SID making it easier to find.
Edit the 'ProfileImagePath' key on the new profile, and input the old profile directory.
Reboot, and youre done !
· You can also use the same tool used in the Windows 7 part in Windows XP.
Windows 7
Add the user to Local Administrators (using Local Users and Groups)
Log-in with the user once to create the new profile
Download Forensi Profwiz - http://www.forensit.com/downloads.html
Run it, and click Next in the welcome screen.
Choose the new Domain and enter the username of the NEW user account (if changed)
Untick the two V's and click Next.
Choose the OLD username in the old domain, and click Next.
The ProfileWiz will run the script to transfer the settings, and once everything has moved successfully, click Finish, and reboot.
Using Exchange console, to export or import a mailbox to\from PST file.
Exchange 2010 SP1 (must have SP1 installed)
Start 'Exchange Mailbox Replication' Service
Grant 'Exchange Trusted Subsystem' Full Permission on the folder that holds the PST files
Run the following command to give 'Administrator' permissions to Import:
New-ManagementRoleAssignment -Role "Mailbox Import Export" -User Administrator
Export:
Run the following command replacing 'User1' with the username you wish to export and the path you wish to save the PST files.
New-MailboxExportRequest -mailbox User1 –FilePath \\FileServer\PST\User1.pst
Run the following command to check the export status.
Get-MailboxExportRequest
Import:
Run the following command replacing 'User1' with the username you wish to import and the path you store your PST files.
New-MailboxImportRequest -Mailbox User1 -FilePath \\FileServer\PST\User1.pst
Run the following command to check the import status.
Get-MailboxImportRequest | Format-List Name,Mailbox,Status
Run the following command remove the import request.
Remove-MailboxImportRequest User1\Mailbox1
Exchange Server 2010 (SP1) Database Availability Group – Step by Step
· Exchange DAG must include at least two servers holding the Mailbox role.
· Each mailbox database must have a unique name within the organization.
· You will need a Static IP Address that is not in use, to host the DAG.
Creating the Database Availability Group
Log in to one of the Mailbox servers and launch the Exchange Management Console.
Navigate to Organization Config/Mailbox and choose New Database Availability Group from the action pane.
When the New Database Availability Group wizard starts give the DAG a name, specify the Witness server, and also specify the file path for the Witness server to use.
· A Witness server is a server that will host the Witness files (a shared folder); at any stage two servers must be working (i.e. Exchange01 & Witness – or – Exchange02 & Witness – Or – Exchange 01 & Exchange 02)
Create a DNS A record with the DAG name, and set it to an unused Static IP Address.
Click on the new button to create the new Database Availability Group, and then click Finish to close the wizard.
Adding Database Availability Group Members
Right-click the newly created Database Availability Group, and choose Manage Database Availability Group Membership.
Click the Add button and select the Mailbox servers that you wish to make members of the DAG.
Click the Manage button to commence adding the Mailbox servers to the DAG. This involves installation and configuration of Windows Failover Clustering on the servers, so it can take a few minutes to finish.
After it has finished the next step is to configure the DAG networking.
Configure Database Availability Group Networking
Right-click the newly created Database Availability Group and choose Properties.
Select the IP Addresses tab, click the Add button and add the static IP address (the one added to the DNS A Record) for the Database Availability Group.
You will notice that the Database Availability Group has been automatically configured with DAG networks for the subnets that the DAG members have network interfaces connected to.
Open the Properties of each DAG network and configure them with meaningful names. If you have configured your network to have a dedicated replication network for the DAG then you should disable replication on the DAG network that is intended for MAPI communications (i.e. client connections).
Adding Mailbox Database Copies to DAG Members
With the Database Availability Group established and the networking configured you can now add mailbox database copies to other DAG members.
In the Exchange Management Console navigate to Organization Config/Mailbox and choose the Database Management tab. Right-click a mailbox database and select Add Mailbox Database Copy.
Click the Browse button and choose the Mailbox server to add the database copy to.
Click the Add button to add the mailbox database copy and then click Finish to close the wizard.
· If you run into errors after clicking Finish, please look at the bottom of the article for advice on solving these errors.
The Exchange servers will now commence seeding the replica servers with an up to date copy of the database and all of the current transaction log files. Depending on the amount of data to be replicated this may take some time.
Repeat the same process for any other mailbox databases you wish to add database copies for.
Known errors
DAG Witness server issues
When creating a DAG the Witness server does not work, that usually happens due to permission issue, in order to solve it – do the following:
Go to the Witness server you have chosen,
Create a directory in the FULL NAME of the server, i.e. - TheITBlogDAG.mydomain.com
Right click on the directory, and Share it
Allow user Everyone Full Control
On the Permission tab, Add the Computer object 'DAG' (replace DAG with the name of your chosen DAG name, i.e. TheITBlogDAG), and give it Full Control.
Navigate to Administrative Tools -> Failover Cluster Manager
Click the DAG name
Navigate to Action menu -> More Actions -> Configure Cluster Quorum Settings
Click Next.
On the next window choose Node and File Share Majority, and click next.
In the next window, write the full share name, and click next.
Next will be a confirmation – click next, and Finish.
Check that everything works as it should under Cluster Core Resources
Database seeding issue
When adding a copy of a database to another server, sometimes you might see the 'Copy Status' in "Suspended" or "Failed and Suspended" mode
First you must run a COMPLETE backup on the active copy server (the one that is mounted), this is being done to purge the old logs that the server holds – without this you will not be able to continue!
After purging the old logs, you need to run the following command in Exchange Management Shell
Suspend-MailboxDatabaseCopy -Identity "Mailbox Database 01\EX2
Where 'Mailbox Database01' is the Database name, and EX2 is your exchange server (the one in failed state)
Then click Y to suspend the action.
Then run the following command to reseed the database
Update-MailboxDatabaseCopy -Identity "Mailbox Database 01\EX2" –DeleteExistingFiles
· Thanks to Paul Cunningham for his contribution to this Step-By-Step.