November 3, 2009 by james.

I ran into an interesting issue a couple of weeks ago with Outlook Web Access authentication.  A good friend of mine (who shall remain nameless) called me to get some help getting OWA working properly on Exchange 2007.

 After some testing and questioning, I discovered that they attempted to rename the OWA virtual directory to Exchange without deleting the existing Exchange virtual directory.  Step 1 was to convince them it was easier to get their users to type the new URL than re-purpose the Exchange virtual directory.

 Once we resolved that issue, we started working on getting the OWA virtual directory up and running.  We kept getting a 401 error, which really didn’t make sense since the OWA virtual directory was set in Exchange to employ Forms-Based Authentication.  So in the interest of time, we decided to delete and recreate the OWA virtual directory.  Same error message.

I started digging into IIS Manager, and discovered that the OWA virtual directory was set to Forms-Based Authentication.  So, tried changing it through the GUI to Windows.  It just reset itself back to Forms-Based. 

So I started digging into the web.config file.  Turns out the web.config file had the authentication type set to Forms-Based, and for some reason, the GUI change was not being written to the web.config file.  We edited the web.config file manually to use Windows Authentication, and it started working.

 Right about now, you are probably saying “Huh?”  That’s pretty much what I said too.  Here’s a quick summation of the lessons learned:

1.  With IIS 7 and IIS 7.5, it pretty much doesn’t matter if have a GUI, to do real work, you are going to have to edit text (XML) files. I thought we gave that up when we left DOS, Novell, and Linux/Unix behind, but I was apparently wrong.

2.  For forms-based OWA authentication to work, the virtual directory has to be set to use Windows Authentication.  (That one left me scratching my head for a while….)

3.  It is much easier to accept defaults and retrain users than it is to decide you don’t like Microsoft’s changes and set things up so the users don’t notice as many changes.

 Hope this helps;

James

Posted in Exchange Server, Windows Server, Technology | No Comments »

July 9, 2009 by james.

 It’s not often I give a book rave reviews, but I only have one small nitpicky complaint about the Windows Powershell Scripting Guide.  That is that the title doesn’t truely convey the usefulness of this book for Windows administrators.

A better title, in my humble opinion, would be:  Powershell Scripts That Do Everything In Windows.

 The first two chapters give a nice basic overview of the Powershell environment, its configuration, and basic language elements (flow control, conditionals, etc.).

 After that, all the rest of the book is about scripts to accomplish many of the day to day Windows administration tasks in Powershell.  Need to read event logs, manage your failover cluster, or configure Server Core?  Scripts to accomplish those tasks and many more are in this book.

 If you want or need to script in Windows, you should have this book for the amazing number of scripts the author includes, if nothing else.

 Thanks;

James

Posted in Book Review, Windows 7, Windows Vista, Windows XP, Windows Server, Technology | No Comments »

April 21, 2009 by james.

I was faced with a client that had a server rendered unresponsive but somewhat functional by malfunctioning anti-virus software.  The services would either hang upon being stopped, or automatically restart themselves.

 I could not get remote desktop to respond, and was not in a position to go to the client location to investigate.  Thankfully some remote administration utilities were working, and RegEdit was one of them.

 Remember that each service in Windows lives in the Registry under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\<shortservicename>

 The shortservicename is that same name that you would use with the NET START or NET STOP commands, and can be found by opening the Services Administrative Tool and going to the properties of the service and reading the Service Name Property off the General tab.

 To disable a service from starting, navigate to its key as described above and change the Start value to 4.  4 is the numerical value for the Disabled status.  Then you can reboot the computer and the problematic services will not start.

Hope this helps someone;

James

Posted in Windows Vista, Windows XP, Windows Server, Technology | No Comments »

April 1, 2009 by james.

After installing Symantec BackupExec 12.5 on an HP DL380 running Windows Server 2008, the backups at one client were failing partway through the backup with this error message: 
Backup started on 3/22/2009 at 3:18:16 PM.
Backup Set Detail Information
Storage device “HP 1″ reported an error on a request to write data to media.

Error reported:
A device attached to the system is not functioning.

V-79-57344-34036 - An unknown error has occurred.

Normally I would suspect hardware, but the same tape drive and SCSI controller worked the night before running BackupExec 11.0 and Windows Server 2003 prior to the upgrade.

The client called Symantec, and he was escalated to Level 3 support without a resolution before I had a chance to look at it.  Thankfully, my “Google-Fu” was strong that day, because I found this:  http://seer.entsupport.symantec.com/docs/305233.htm

Turns out there is a known conflict between the HP Server Management Agent and BackupExec.  Funny thing is, it does not appear to be consistent.  Some combinations of BackupExec and HP Agent versions work, some don’t, and I haven’t been able to figure out any rhyme or reason to which ones may or may not work, or why.

 Hope this helps;

James

Posted in Windows Server, Technology | No Comments »

April 1, 2009 by james.

Here’s an “interesting” feature I ran into after upgrading one of a client’s domain controllers to Windows Server 2008.  (All DCs were on Windows Server 2003, and all except this one remain on Windows Server 2003 for the time being.)

I got a call the next day stating that three things were broken:  Backup Exec would error out in the middle of a backup job, you could not use RDP to log in to the Windows Server 2008 DC, and the client’s Websense Admin Console would not let the domain administrator login.  (We’ll save the BackupExec issue for another time.)

When investigating the login issues, I noticed that when you tried to use the domain administrator account to log into the server from the server console, it worked fine.  When you attempted to use RDP to log in, it failed.  When looking at the security event log, it reported that the domain administrator account was disabled.

Even though I knew the domain admin account was NOT disabled, I took a look at its properties anyway, and discovered that the Pre-Windows 2000 Login Name (SAMAccountName for those of your who script or program) was populated, but for some reason, the Login Name field and UPN Suffix was not.  Simply filling out those two fields made the login work, and fixed the Websense Admin Console login problem as well.

 Hope this helps someone else;

James

Posted in Windows Server, Technology | No Comments »

March 23, 2009 by james.

In today’s economy, companies are looking for any way possible to save money.  One way to save money is with server consolidation. 

Many companies have deployed server hardware to support individual applications.  This can be an expensive way to allow applications to have their own server for vendor and user segregation.

Using virtualization technologies such as Microsoft’s Hyper-V and VMware’s various virtualization products can allow you to consolidate multiple physical servers onto one physical server running all the applications as virtual machines.

If you don’t need all the features that VMWare provides, you should take a close look at Hyper-V and how it can save your company money.  If you purchase Windows Server 2008 Enterprise Edition, it includes the right not only to load Windows Server 2008 on the physical hardware with Hyper-V, but also the right to load Windows Server 2008 Enterprise Edition on four virtual machines running on the same host.

You can also take advantage of downgrade rights to downgrade those virtual machines to older server operating systems, as long as you still have install media and license keys to allow you to install them.

Buy one high-end 64-bit Intel or AMD-based server, one copy of Windows Server 2008 Enterprise Edition, and get one physical computer running Windows Server 2008, and four virtual computers running Windows Server 2008 or an earlier version of Windows Server. 

Sound too good to be true?  Check out Microsoft’s Licensing FAQ at http://www.microsoft.com/windowsserver2008/en/us/licensing-faq.aspx#virt

 James

Posted in Windows Server, Technology | No Comments »

March 23, 2009 by james.

One area most businesses struggle with is support of remote users.  While commerical products exist that help solve this problem, they are not inexpensive, especially if you have a large number of remote users.

Free products such as VNC can be used as well, but if your users are protected by firewalls, configuring the network appropriately to allow access can be a hassle, and increase your security exposure.

We have found a free tool that takes VNC, an industry-accepted remote control tool, and adds a web-based proxy as a conduit for remote control of hosts from anywhere, with the permission of the end user.  It is available at http://www.zolved.com/remote_control.

I have personally tested the application while supporting our clients running operating systems ranging from Windows 98 to Windows Server 2008 with no issues.  If you need a way to reduce your travel expenses to remote computers or want to ditch expensive subscriptions to other tools, take a look at Zolved.  It may meet all your needs, and you certainly cannot argue with the cost.

Posted in Windows Vista, Windows XP, Windows Server, Technology | No Comments »

February 9, 2009 by james.

It never seems to fail that I always run into at least one PC a month that has problems with Windows or Microsoft Update, and like most people, I do a very poor job of translating psuedo-random hexadecimal error codes into useful information.

Thanks to this website http://inetexplorer.mvps.org/, I found a very comprehensive listing of the Windows Update Error Codes that makes for a great starting point for researching those pesky WU/MU issues.  You can go directly to the error code listing here:  http://inetexplorer.mvps.org/archive/wuc.htm

 Hope this helps;

James

Posted in Windows Vista, Windows XP, Windows Server, Technology, Blogroll | No Comments »

December 8, 2008 by james.

Ran into a weird one this morning, and figured I would share it in case it saves someone else my headache.

 Windows Server 2003 SP2 running Virtual Server 2005 R2 SP1 was awaiting me when I started this morning.  As I think the Virtual Server Administration Webpage is something that only its designer could love, I downloaded the VMRCPlus client from Microsoft and installed it.  When I attempted to connect to localhost to manage the local Virtual Server, it kept giving me an “Access Denied” error message.

 For some reason, it would not work correctly unless I installed the .NET Framework Version 3.5.  I could not find this documented anywhere, so I figured I would share it.  I’m not sure if the tool actually requires V3.5 of the framework (Versions 2 and 3.0 were already installed on this server), or if installing 3.5 fixed some other strange problem in the process.

 Good luck;

 James

Posted in Windows Server, Technology | No Comments »