How to: restore deleted Computers in Active Directory

When you want to restore some deleted computer objects, user object or even Organizational Units back to to your production Active Directory, there’s a nice tool called ADRESTORE. It’s a tool you can download from SysInternals and it’s easy to use!

For this example I’ve deleted the OU (Organizational Unit) where my computer objects are placed. The consequenses….Yes, the computers are not longer trusted to this domain, OOPS!! 😉

By default the Active Directory markes all the deleted objects as IsDeleted True. The objects are not vissible any more in your Active Directory, but they still there. This calls tombstoned objects. By default tombstoned objects will be available for 60 days in a Windows 2000/2003 Active Directory and 180 days in a Windows 2003 SP1 of 2008 Active Directory.

restore_05    restore_06    restore_07

As you can see, I’ve deleted the OU Omgeving with the sub OU’s Laptop and PC and all the computers objects in this OU’s. Now we’re going to restore everything back! Note: make sure you first restore the highest OU, than the sub OU’s and finally the computer objects.

1.) Start the command prompt (Start, Run, CMD)
2.) Locate ADRESTORE.EXE
3.) Type in ADRESTORE -R Omge* (this will find all deleted object starting with Omge)
4.) Restore the OU Omgeving by pressing Y
5.) Type in ADRESTORE -R Lap* (this will find all deleted object starting with Lap)
6.) Restore the OU Laptop by pressing Y
7.) Type in ADRESTORE -R PC
8.) Restore the OU PC by pressing Y
9.) Type in ADRESTORE -R PC* (this will find all deleted objects starting with PC)
10.) Restore the computer objects PC01 till PC10 by pressing Y
11.) 9.) Type in ADRESTORE -R LT* (this will find all deleted objects starting with LT)
10.) Restore the computer objects LT01 till LT10 by pressing Y

When you’ve restored all the objects, these are disabled by default, so you’ve to enabled them manually!

restore_08    restore_09

Enable Password Changing through OWA in Exchange 2003

By design it is not possible to let the user change there password through OWA in Exchange 2003.  But you can make it possible with the following steps.

1.) Open the Internet Information Services (IIS) Manager
2.) Navigate to the Web Sites, Default Web Sites
3.) Creat a new Virtual Directory with the alias Iisadmpwd
4.) Browse to the following path: C:\Windows\System32\Inetsrv\Iisadmpwd
5.) Allow the following permissions: Read, Run scripts, Execute
6.) Enable the change password button in OWA by opening regedit and create the following REG_DWORDDisablePassword with the value 0 (zero)
 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWEB\OWA
7.) Register the following DLL from the command prompt.
regsvr32 c:\windows\system32\inetsrv\iisadmpwd\iispwchg.dll
8.) Restart your IIS Server with the command iisreset /noforce

iis_01    iis_02    iis_03

iis_04    iis_05    iis_06

iis_07    iis_08    iis_09

iis_10    iis_11

Exchange 2007 SP1 Rollup 8 is available

Exchange 2007 SP1 Rollup 8 is available. You can download it here.

Update Rollup 8 for Exchange Server 2007 SP1 fixes the issues that are described in the following Microsoft Knowledge Base articles:

  • 948856  Event ID 9667 occurs when you create a new named property on an Exchange Server 2007 server
  • 952935  A software update is available that provides the log tracing feature for the LogTruncator tag in Exchange Server 2007
  • 954639  Exchange Information Store service stops responding intermittently on an Exchange 2007 server
  • 955480  Meeting requests from external senders are displayed as Busy instead of Tentative in an Exchange 2007 environment
  • 956633  User calendar permissions are removed after you run the Set-MailboxCalendarSettings cmdlet in an Exchange Server 2007 environment
  • 957640  The “test-*” command fails when you run it on a site that contains only CAS roles in an Exchange 2007 environment
  • 958239  Exchange Server 2007 does not generate an event log message for public folder replication messages even though a property validation exception is thrown and the replications do not occur
  • 958881  All HTML content in attachment files of messages is run through an HTML filter when you open or save the attachment by using Outlook Web Access (OWA)
  • 958938  The importance attribute of a message is lost when an Exchange 2007 user accesses a high-importance message or a low-importance message from Exchange Server 2007 by using a non-Outlook POP3 client or IMAP4 client
  • 959510  A meeting request that is sent from OWA causes a “553 5.0.0 Message-Id header line format error” NDR message in an Exchange Server 2007 environment
  • 959748  An account with the “Exchange View-Only Administrator” permission can review user mailbox contents by using an administrative application in Exchange Server 2007
  • 959861  Some clients cannot connect to back-end Exchange Server 2003 IMAP servers after Exchange 2007 Service Pack 1 RU2 is applied
  • 959990  An error occurs when you try to update a recurring appointment by using an Outlook client that is connected to an Exchange 2007 server
  • 960178  You receive an NDR when you send an e-mail using OWA Premium and the ANR cache if the Exchange organization name has more than one space
  • 960354  Edge Attachment Filtering does not honor the ExceptionConnectors value in Exchange Server 2007
  • 960367  Error message when you run the Export-Mailbox command on a folder that has more than 5000 items in Exchange 2007: “-1056749164”
  • 960495  The Information Store service crashes continuously on an Exchange Server 2007 server
  • 960633  The Microsoft Exchange Information Store service crashes on an Exchange Server 2007 that has the mailbox server role installed
  • 960703  Extended characters are replaced by question marks when you send an e-mail message that contains extended ASCII characters by using an IMAP4 client in Exchange 2007
  • 960775  You receive a “Message too large for this recipient” NDR that has the original message attached after you restrict the Maximum Message Send Size value in Exchange Server 2007
  • 960869  A queue that has multiple connections cannot enter a Retry state in Exchange Server 2007
  • 961152  The Exchange information store service (Store.exe process) crashes intermittently when you migrate user data from Lotus Notes to Exchange Server 2007
  • 961347  Error message when you export an Exchange 2007 mailbox to a .pst file and a filter is defined: “Export-Mailbox : Error was found for <username> (<SMTP address>)”
  • 961443  Users cannot use Outlook Web Access for Exchange Server 2007 to open an address book
  • 961524  Some journal messages are stuck in the Submission queue in Exchange Server 2007
  • 961606  After you apply Rollup Update 5 for Exchange Server 2007 S961606, Outlook Web Access users find the font size of plain text messages is extremely small when they use some third-party Web browsers
  • 961693  Japanese (1 byte Kana) characters in the subject and display name are corrupted when you try to reply or forward task requests or calendar items in Outlook client
  • 962235  The date and time information for a “Follow Up” flag is missing if an Exchange 2007 user sends a message to an external recipient
  • 966535  Duplicate messages are sent to an external recipient if the recipient is included in multiple distribution lists in an Exchange Server 2007 environment
  • 967038  Many log entries are generated in Exchange Server 2007 if you turn on the Exchange log to audit the logons that do not use the primary account for shared resource mailboxes
  • 967097  Users may receive duplicate calendar items for the updated instance on mobile devices
  • 967109  A delegate cannot accept a meeting request for an online meeting in an Exchange Server 2007 environment
  • 967255  Only the tracing information of the last user is logged when you configure Exchange Server 2007 to trace multiple users at the same time
  • 968310  Many log entries are generated on an Exchange Server 2007 computer when you enable the Exchange log to audit user logons that do not use the primary account for their mailbox
  • 968352  The W3wp.exe process crashes when you use the Italian version of the spelling checker on a message in Outlook Web Access in Exchange 2007
  • 968589  The managed policy does not work if the ptagProvisionedFid attribute is missing in Exchange Server 2007
  • 968673  The EdgeTransport.exe file of Exchange 2007 servers crashes continuously and Event ID 10003 and Event ID 5000 occur
  • 968745  Incomplete tasks show in the Complete tasks view in OWA 2007 in an Exchange 2007 environment
  • 968966  Many log entries are generated in Exchange Server 2007 if you turn on the Exchange log to audit administrator logons that do not use the primary account for mailboxes
  • 969690  Unresolved sender for delivery status notifications after applying update rollup 7 for Exchange Server 2007 Service Pack 1
  • 970687  A search operation in Outlook does not return a correct result if there is a corrupted HTML message in the target folder in an Exchange Server 2007 environment

Add custom e-mail addresses with VBS script

A collegue of mine, Alexander Carlucci, also working as an Microsoft Consultant for Ictivity, has written a VBS script to add custom e-mailaddress to Active Directory users. Let’s have a look on this script.

There are two files, addmailadres.txt and addmailadres.vbs. In the file addmailadres.txt you fill in the users with the e-mail addresses. The first collum is the SAMaccountname, the second collum is the Mailaddress. Watch the example that we are going to run….

   

addmailadres.txt:
markswinkels, admin@e2k3.nl
markswinkels, info@e2k3.nl
markswinkels, helpdesk@exchange2003.nl

addmailadres.vbs:
**Don’t forget to change the NETBIOS name in the script from e2k3 to your own domain name.
———————————————————-
‘De input van de tekstfile is comma separated
ON ERROR RESUME NEXT

Const ForReading = 1
Const ADS_PROPERTY_APPEND = 3
Set objFSO = CreateObject(“Scripting.FileSystemObject”)
Set objTextFile = objFSO.OpenTextFile (“.\addmailadres.txt”, ForReading)
Do Until objTextFile.AtEndOfStream
 ‘lees een regel uit de tekstfile
 strNextLine = objTextFile.Readline
   ‘zet de variabale weer op nul
 sADSPath=””
     ‘de separator is een comma
 arr = Split(strNextLine , “,”)
 arr(0)=TRIM(arr(0))
 arr(1)=TRIM(arr(1))
 ‘msgbox arr(0) & ” en ” & arr(1)
        call Writelogfile (“.\log.txt”, “TOEVOEGEN : gebruiker: ” & arr(0) & ” email: ” & arr(1) )
 ‘Zet de samaccountname om naar de Distinguishedname, dit is nodig om het mailadres te zetten
 Set WshNetwork = WScript.CreateObject(“WScript.Network”)
 sName = arr(0)
 Set oTrans = CreateObject(“NameTranslate”)
 oTrans.Init 1, “e2k3”
 oTrans.Set 3, “e2k3” & “\” & sName

 sAdsPath = oTrans.Get(1)
        ‘Voeg het mail adres toe in de AD
 msgbox “LDAP://” & sAdsPath
 Set objUser = GetObject (“LDAP://” & sAdsPath)
 objUser.PutEx ADS_PROPERTY_APPEND, “proxyAddresses”, Array(“smtp:”&Arr(1))
 ‘commit de wijziging in de AD
 objUser.SetInfo
 set objuser=nothing
        call Writelogfile (“.\log.txt”, “TOEVOEGEN : gebruiker: ” & arr(0) & ” gereed met errorcode ” & err.number & ” ” & err.description)
Loop
msgbox “klaar”

Function WriteLogFile (strLogName, strText)
‘ Deze functie probeert een entry in een logfile te schrijven. Deze logfile is door
‘ meerdere scripts te schrijven. Daartoe wordt de logfile steeds geopend en
‘ gesloten. De functie controleert of de file te openen is, zo nee dan wacht het
‘ script 500 miliseconden, waarna opnieuw geprobeert wordt het logbestand te openen.
‘ Enable error handling
On Error Resume Next
‘ Locale variabelen
 CONST ForAppending=8
  Dim objFSLog, objLogFile, strLogText, intDelayed
‘ Initialiseer het filesystemobject en de variabelen
 Set objFSLog = CreateObject(“Scripting.FileSystemObject”)
        intDelayed = -1
‘ Open de log file
    Do
        Err.Clear
        intDelayed = intDelayed + 1
            Set objLogFile = objFSLog.OpenTextFile(strLogName, ForAppending, True)
            If Err.Number <> 0 Then ‘ fout bij openen log file
                ‘ MsgBox Err.Number & ” ” & Err.Description, , “Test log B”
                WScript.Sleep (500) ‘ wacht 500 miliseconden en probeer opnieuw
            Set objLogFile = Nothing
            End If
        Loop Until Err.number = 0
‘ Heeft het script moeten wachten op de log file?
    If intDelayed <> 0 Then
        strText = strText & “, (Write to log delayed for ” & intDelayed * 500 _
                & ” milliseconds)”
    End If

‘ Maak en schrijf het log record.
        strLogText = FormatDateTime(Now(), vbShortDate) & “, ” _
                        & FormatDateTime(Now(), vbLongTime) & “, ” _
                        & WScript.ScriptName  & “, ” & strText
        objLogFile.WriteLine strLogText
‘ Sluit het logbestand
        objLogFile.Close
        Set objLogFile = Nothing
End Function
———————————————————-

Installing Exchange 2003 on Windows 2003 server

In this article we are going to install an new Exchange 2003 server. Take the following steps to perform the installation.

First off all the following pre-requisites must be installed.

       

Next step is to prepair the Forest with the commando: D:\setup /forestprep

Next step is to prepair the Domain with the commando: D:\setup /domainprep

       

   

Now we can start out installation of Exchange 2003 with the commando: D:\setup

       

       

We finshed the installation as you can see. Now we can install Service Pack 2 for Exchange 2003.