Archive for February, 2009

Feb
26
2009

Exchange 2007 and Message Tracking

A nice feature in Exchange 2007 SP1 is the Message Tracking. Message tracking records the Simple Mail Transfer Protocol (SMTP) transport activity of all messages that are transferred to and from an Exchange 2007 computer that has the Hub Transport, Mailbox, or Edge Transport server role installed. You can use message tracking logs for message forensics, mail flow analysis, reporting, and troubleshooting. In this article I’ll give you some nice tips to configure and fine-tune the message tracking feature.

Remember, by default, message tracking is enabled on all Exchange 2007 computers that have the Hub Transport, Mailbox, or Edge Transport server roles installed.

You can enable or disable the message tracking performing the following steps:

1) Open the Exchange Management Console
2) Open Server Configuration, Hub Transport, Properties on your servername
3) Click on the tab Log Settings       

 mt_01    mt_02    mt_03

You can also configure the message tracking with the Exchange Management Shell. You can use the following command:

Set-TransportServer <Identity> -MessageTrackingLogEnabled <$true | $false>
(For example: Set-TransportServer SRVEXC01 -MessageTrackingLogEnabled $true)
——————————————————————

By default, the place of your message tracking logfiles is the following location:
DriveLetter:\Exchsvr\TransportRoles\Logs\MessageTracking
(For example: E:\Exchsvr\TransportRoles\Logs\MessageTracking)

You can change this path with the Exchange Management Console, just browse to the new folder, or you can change this path with the Exchange Management Shell with the following command:
Set-TransportServer <Identity> -MessageTrackingLogPath <LocalFilePath>
(For example: Set-TransportServer SRVEXC01 -MessageTrackingLogPath E:\MessageTracking\Logs)

Note! when you change the message tracking logpath, make sure this folder has the following permissions:
- Administrator: Full Control
- System: Full Control
- Network Service: Read, Write, and Delete Subfolders and Files
——————————————————————

By default, the maximum size for each message tracking log file is 10 MB. When a message tracking log file reaches its maximum size, Exchange 2007 opens a new message tracking log file. This process continues until either of the following conditions is true:
- The message tracking log directory reaches its specified maximum size.
- A message tracking log file reaches its specified maximum age.

After the maximum size or age limit is reached, circular logging deletes the oldest message tracking log files.
By default, the maximum size for the whole message tracking log directory is 250 MB. Circular logging deletes the oldest message tracking log files when either of the following conditions is true:
- A message tracking log file reaches its specified maximum age.
- The message tracking log directory reaches its specified maximum size.You can change this size with the following command:
Set-MailboxServer <Identity> -MessageTrackingLogMaxDirectorySize <DirectorySize>
(For example: Set-TransportServer SRVEXC01 -MessageTrackingLogMaxDirectorySize 600MB)
——————————————————————

By default, the maximum age for any message tracking log file is 30 days. Circular logging deletes the oldest message tracking log files if either of the following conditions is true:
- The message tracking log directory reaches its specified maximum size.
- A message tracking log file reaches its specified maximum age.You can change this age with the following command:
Set-TransportServer <Identity> -MessageTrackingLogMaxAge <Age>
(For example: Set-TransportServer SRVEXC01 -MessageTrackingLogMaxAge 90.00:00:00)

 To specify an age value, enter it as a time span, as follows: dd.hh:mm:ss where d = days, h = hours, m = minutes, and s = seconds. The valid input range for this parameter is 00:00:00 to 24855.03:14:07. Setting the value of the MessageTrackingLogMaxAge parameter to 00:00:00 prevents the automatic removal of message tracking log of files because of their age.
——————————————————————

To see all the settings of your TransportServer, you can use the following command:
get-transportserver | fl

In the next post I’ll let you see how to use the Exchange Message Tracking for easy tracing some e-mailtraffic.

Posted in Microsoft Exchange 2007 Server | No Comments »

Feb
21
2009

Adobe Reader 9 and EventID 1000..?

Today i’ve installed two Windows 2008 Terminal Servers in my testenvironment. After configuring the group policy and installing the applications, the first testuser was logging in.

Everything looks fine, but there was a problem with Adobe Reader 9.0. The application wasn’t able to start and I received a EventID 1000 in the event viewer of my Terminal Servers.

ar_00
—————————————————-
 ”Faulting application AcroRd32.exe, version 9.0.0.332, time stamp 0x4850f0a3, faulting module Annots.api, version 9.0.0.332, time stamp 0x4850e57f, exception code 0xc0000005, fault offset 0x001bd9e0, process id 0xb9c, application start time 0x01c99438e39a6ea2.”
—————————————————- 

So I started to trouble shoot and I found the following solution. This action must be configured on every Terminal Server.

Set the compatibility mode of AcroRd32.exe to Windows XP (Service Pack 2). After this modification, everything works fine!

ar_01    ar_02    ar_03

1) Browse the executable AcroRd32.exe on your Terminal Servers
2) Right-click on the executable and choose properties
3) Go to the Compatibility tab
4) Choose Show settings for all users
5) Enable the compatibility mode Windows XP (Service Pack 2)

Posted in Microsoft Windows 2008 Server | No Comments »

Feb
13
2009

Microsoft Office Customization Tool

One of the new features of Microsoft Outlook 2007 is the Office Customization Tool. With this tool you can create an automatic install package. Let’s have a look on that.

You can start the customization tool with the following command.
setup.exe /admin

office_01    office_02    office_04

After you’ve finished making your settings, you can save this file in the Updates folder of your installation source on the network. Microsoft Office will now be installed using your custom installation file.

These are some configurations that you can make in the wizard:

- Organization information
- Licensing and user interface
- Office security settings
- Setup properties
- User settings
- feature installation states
- Profile settings
- Exchange server settings

Posted in Microsoft Office 2007 | No Comments »

Feb
11
2009

Exchange 2007 SP1 Rollup 6 is available

Yesterday Microsoft has released Rollup 6 for Exchange 2007 SP1.

Update Rollup 6 for Exchange Server 2007 SP1 fixes the issues that are described in the following Microsoft Knowledge Base articles:

950675  Downloaded .xls file attachments are empty when you open the files by using Outlook Web Access on Exchange Server 2007 Service Pack 1

955443  Some free/busy messages are not replicated from Exchange 2007 to Exchange 2003 servers after some mailboxes are migrated from Exchange Server 2003 to Exchange Server 2007

956536  The Microsoft Exchange File Distribution service uses lots of memory and processor time when Exchange Server 2007 processes many OABs

956624  The Microsoft Exchange Transport service crashes continuously after you enable journal rule or deploy an antivirus application on an Exchange Server 2007 server

957748  The custom message class of contact object is overwritten by the normal IPM.Contact class when an Exchange 2007 server replicates the contact object to any other public store

959239  MS09-003: Vulnerabilities in Microsoft Exchange could allow remote code execution

More information you can find here. You can download Rollup 6 for Exchange 2007 SP1 here.

Posted in Microsoft Exchange 2007 Server | No Comments »

Feb
07
2009

How to: Restore deleted users in Active Directory

Do you remember a situation when you deleted a couple of Active Directory objects, and after this action you thought, “oops!!”. You’ve to restore these user objects, but how? By default the Active Directory markes all the deleted objects as IsDeleted True. The objects are not vissible any more in your Active Directory, but they still there. This calls tombstoned objects. By default tombstoned objects will be available for 60 days in a Windows 2000/2003 Active Directory and 180 days in a Windows 2003 SP1 of 2008 Active Directory.

In my testenvironment I’ve created 50 test user objects and deleted a couple of this user objects. Now we are going to restore the objects. First I’ve downloaded the following commandline tool adrestore. This tool I’ll using for the restore.

 

recover_ad01    recover_ad02    recover_ad03

recover_ad04    recover_ad05    recover_ad06

The following commands can be used:

adrestore 
This command will give you an overview of all the tombstoned objects in your Active DirectoryThis command asks for an conformation to restore all the individual tombstoned objects.

adrestore -r

adrestore -r “CN of the tombstoned object”, for example adrestore -r testuser11
This command perform a restore of tombstoned object testuser11

Note: after performing a restore of the tombstoned objects, the accounts are disabled and the user must change password at next logon. Before you can enable this account, make sure you reset the password that meets your password policies, configured in your Default Domain policy.

Posted in Microsoft Windows 2003 Server | No Comments »

Feb
05
2009

Passed the 70-647…

Last friday I passed the 70-647 exam. PRO: Windows Server 2008, Enterprise Administrator.

70-6471

• Network infrastructure
• Directory services, identity management, and authentication 
• Security policies
• Business continuity (disaster recovery, personnel, equipment, and data)
• Design of IT administrative structure (delegation models)
• Best practices, standards, and service level agreements (SLAs)

This was also the last certificate for Windows Server 2008. The next few months I’am going to start with SCOM, TS: Microsoft System Center Operations Manager 2007, Configuring :)

Posted in Microsoft Exams | No Comments »