WSUS: Panic Button

How to stop WSUS server downloading.

I went overboard with the automatic approvals one of my test servers, selecting every language and category. Not surprisingly huge amounts of disk space where being eaten up.

Naively thought that resetting the language selection to English only and resetting Approval Rules to Critical & Security Updates only that this massive download would stop. What was I thinking everything had been approved so of course the download would continue.

Often a fair bit of searching I found nothing apart from the fact that I was not the only one with the problem.

How do you stop the download:

Worked it out for myself

1. Start Windows Server Update Service
2. Expand Updates and select All Updates
3. Set Approval to Approved
4. Set Status to Any
5. Click on a update then Ctrl+A to select everything
6. Right click on any update and select stop download.
7. You can restart the download in the same way

Now short of reinstalling WSUS how am I going to reset the download to the minimum set I require?

There was some some instructions about clearing out the download folder and resetting WSUS … I’ll give it a go later and update the blog.

Further Information:

Managing WSUS 3.0 from the Command Line

Purge / Delete corrupted or Un-needed patches on WSUS Server

SharePoint: Change service accounts and passwords

I ran the Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and got the error: The SharePoint 3.0 Central Administration Web application account and the Windows SharePoint Services Timer Service account must be the same.

 

Further Information:

Microsoft Support: How to change service accounts and service account passwords in SharePoint Server 2007 and in Windows SharePoint Services 3.0

SharePoint: Best Practices Analyser for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System

Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System.

The Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System Best Practices Analyzer programmatically collects settings and values from data repositories such as MS SQL, registry, metabase and performance monitor. Once collected, a set of comprehensive ‘best practice’ rules are applied to the topology.

Supported Operating Systems:

Windows Server 2003

This download works with the following programs:

• Windows SharePoint Services 3.0
• Microsoft Office Project 2007
• Microsoft Office SharePoint Server 2007

Fan of BPA Series 

I am a fan of the Microsoft Best Practices Analyzer series. Whether you are looking to give your system a health check or want the next move after a fresh installed download and run the appropriate analyzer for your OS or application.

However this is a command line tool with some limitations:

1. download and install tool to a folder
2. run the command
   sharepointbpa.exe -cmd analyze -substitutions SERVER_NAME sharepointservername
3. The report sharepointbpa.report.htm will be created.

What goes wrong:

The report sharepointbpa.report.htm contains the following

WARNING: No messages in file. Analysis may not have been run.

The reason behind this is that the tool only works with the default instance on the SQL server.

You can probably hack the scripts and provide the correct SQL server instance and port but I do not have the time so here is a starting point. Understanding the Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System Rule File.

Possible Solution:

You are a “Total Muppet” like me and have not installed SharePoint Services 3.0 yet. I am running SBS 2003 R2 with SharePoint Services 2.0.

Fixed … though its was never broken:

After installing and configuring Windows SharePoint Services 3.0 as per my blog SBS 2003- Installing SharePoint Services 3.0 the Best Practices Analyzer worked.

Further Information:

Microsoft Download: Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System

Microsoft Download: Windows SharePoint Services 3.0 with Service Pack 2

Microsoft Download: Microsoft SharePoint Administration Toolkit v2.0 x86

Windows 7: Virtual Hard Disk command-line tool WIM2VHD

The Windows Image to Virtual Hard Disk  command-line tool WIM2VHD allows you to create sysprepped VHD images from any Windows 7 installation source.

Further Information:

Microsoft Download: Microsoft Virtual PC 2007 SP1

MSDN: Windows(R) Image to Virtual Hard Disk (WIM2VHD) Converter

SBS 2003: Symantec Backup Exec or Protection Center causing issues with updates.

Recently installed Symantec Backup Exec and Symantec Protection Center on my SBS 2003 R2 test server. Several problems that I have previously blogged about appeared to point to Backup Exec being an issue.

Could not install a SQL and ISA 2004 SP3 update after removing both Symantec products the ISA service pack installed. I also noted that during the installation of ISA server a previous problem was rectified, update for SQL 2000 successfully installed during the ISA 2004 installation.

I will try reinstalling the Symantec products and see if they coexist with ISA and WSUS.

SBS 2003: Product Technologies Compatibility Chart

At-a-glance answer for installing and running standalone versions of Windows SBS technology on a server running Microsoft Windows Small Business Server 2003.

Couple of interesting points you can install Exchange Enterprise on SBS 2003 but not ISA 2006.

Product Technologies Compatibility Chart for Windows Small Business Server 2003

Further Information:

Microsoft Support Lifecycle page

ISA 2004: ISA Server Best Practices Analyzer Tool

Microsoft ISA Server Best Practices Analyzer Tool

The ISA Server Best Practices Analyzer Tool is designed for administrators who want to determine the overall health of their ISA Server computers and to diagnose current problems. The tool scans the configuration settings of the local ISA Server computer and reports issues that do not conform to the recommended best practices.

Microsoft Visio diagram of your network topology as seen from an ISA Server computer can be generated.

Further Information:

Download details- ISA Server Best Practices Analyzer

ISA 2006: Cannot install on SBS 2003 but is supported on separate server.

While SBS 2003 R2 ships with ISA 2004 it will not support an upgrade to ISA 2006 on the SBS server. It can be installed on an additional server and is supported by Microsoft in this configuration.

Further Information:

Product Technologies Compatibility Chart for Windows Small Business Server 2003

WSUS: version numbers

WSUS 3.0 with SP1 has version 3.1.6001.65

WSUS 3.0 with SP2 has version 3.2.7600.226

Windows Server Update Services 3.0 SP2 Features and Fixes

Tip: Windows Update vs. Microsoft Update

Do not confuse Windows Update with Microsoft Update.

If you only run Windows Update you will only get updates for the basic operating system. With Microsoft Update you get updates for important applications such as SQL Server, Exchange and Office products such as Outlook.

When you run Windows Update you will notice to the right of the Welcome sign the News section. Under the News is the link to upgrade to Microsoft Updates, follow the link and install the upgrade.

Express vs. Custom

The express button only installs high priority updates remember to select Custom from time to time and get all the less urgent updates that may be required by you system.

Windows Server Update Service (WSUS)

I have recently run Microsoft Update on my SBS 2003 Server that runs WSUS and found a few updates that WSUS was not installing. Either WSUS does not installing everything or is broken … either way I have some investigating to do … proves that you should never be complacent about updates.

Further Information:

Microsoft Update: Upgrade to Microsoft Updates

SBS 2003: WSUS Webcasts & Articles

Operations guide for Microsoft Windows Server Update Services (Level 200)

Architecting and Deploying Windows Server Update Services (Level 300)

Tips and tricks for troubleshooting Windows Server Update Services

Introduction to Security Patching Using Windows Update Services (Level 200)

A Hands-On Guide to Hands-Off Updates with WSUS -- Jeremy Moskowitz [MVP]

Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Pol

SBS 2003: Security Update for SQL Server 2005 Service Pack 3 (KB970892) will not install.

Security Update for SQL Server 2005 Service Pack 3 (KB970892) will not install. After running the Microsoft Baseline Security Analyzer 2.1 i found that this update had not been installed on my SBS 2003 Server. Checked WSUS and it had failed to install.

I found it to be an issue with Backup Exec and after a bit of internet trawling found this solution:

• Open the Programs and Features (Add/Remove Programs) control panel.
• Select Microsoft SQL Server 2005, and click Change.
• Select the database engine component.
• Allow the system configuration check to complete.
• Then choose Complete the suspended installation.
• You may get the error message "The feature you are trying to use is on a network resource that is unavailable. Click OK to try again, or enter an alternate path to a folder containing the installation package "SqlRun_SQL.msi" in the box below." This means that the installer needs access to the original installation files.
  • In this case download SQL Express 2005 SP3 from http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=3181842a-4090-4431-acdd-9a1c832e65a6.
  • Execute SQLEXPR.EXE /x and extract the installation files to C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\Baseline Cache\Express\SP3. This is the location recommended by the article http://support.microsoft.com/kb/955250/, but the location may not really matter.
  • Provide the Setup subdirectory of this path in response to the error dialog above.
• Installation will continue, but you may encounter an additional error "[(Microsoft] [SQL Native Client [SQL Server] Password Validation failed. The password does not meet the Windows policy requirements because it is too short.. To continue, correct the problem, and then run SQL Server Setup again."
  • To correct this problem, open the Registry Editor.
  • Locate the key HKLM\SOFTWARE\Wow6432Node\Microsoft\Microsoft SQL Server\MSSQL.1\MSSQLServer\Parameters. Note that it may be MSSQL.2 or some other instance number instead of 1. For x86 operating systems, omit Wow6432Node from the registry path.
  • Create a string (REG_SZ) value named SQLArg3 and set the data to "-T4606" (no quotes).
  • In response to the error message, cancel the installation and allow it to roll back. Then try the installation again.
• Once the suspended installation of SQL Express 2005 SP3 runs to a successful completion, the KB970892 security patch should install successfully.
• You will need to start up the Backup Exec services after the patch installation.

A link to the Symantec Group is posted below as a number of other usefull solutions to this problem are posted.

Further Information:

Symantec Connect: Security Update for SQL Server 2005 Service Pack 3 (KB970892) fails to install

Exchange 2007: Security Documentation

Links to help you locate security-related documentation for Microsoft Exchange Server 2007.

Further Information:

Microsoft TechNet: Security and Protection

Windows 2003: Security Compliance Toolkit

This toolkit is part of a series that covers XP, Windows 7, Internet Explorer 8, Office 2007, Windows 2003 & Windows 2008. They are designed to help administrators plan, deploy, and monitor security baselines.

Further Information:

Microsoft TechNet: Windows Server 2003 Security Compliance Management Toolkit

Microsoft Download: Security Compliance Management Toolkit Series

Microsoft TechNet: TechNet Security Center

Microsoft TechNet: Microsoft Baseline Security Analyzer 2.1

Exchange 2003: Security Hardening Guide

This guide is a companion to the Windows Server 2003 Security Guide and it is recommended that you read that guide first.

The Exchange 2003 Security Hardening guide is designed to provide essential information about harden your Microsoft® Exchange Server 2003 environment. It aimed at administrators responsible for Exchange messaging, both at the mailbox and architect levels.

Further Information:

Microsoft TechNet: Exchange Server Security Hardening Guide

Microsoft TechNet: Exchange Server Message Security Guide

Microsoft TechNet: Working with Active Directory Permissions in Exchange Server

Microsoft TechNet: Slowing and Stopping E-Mail Transmitted Viruses in an Exchange Environment

Exchange 2003: Recover Mailbox Data Feature

Exchange Server 2003 SP1 Recover Mailbox Data Feature

The major benefit that a recovery storage group provides is greater flexibility in restoring mailboxes and mailbox stores, because you are no longer required to set up a separate Active Directory directory service and recovery server. You can now recover to the same server or to any server in the administrative group.

Further Information:

Microsoft TechNet: Exchange Server 2003 SP1 Recover Mailbox Data Feature

Exchange 2003: Real-Time Block Lists

This article explains what Real-Time Block Lists RBL is and why you might use it.

Further Information:

Microsoft TechNet: Exchange Server 2003 Real-Time Block Lists

Windows 7: Upgrade Professional to Enterprise

Just tried to upgrade Windows 7 Professional to Windows 7 Enterprise.

Booted from the DVD to upgrade and the installation program told me to run the upgrade from within the existing OS.

Ran the Enterprise upgrade from within Windows 7 Professional and “no go” the installation program told me that to upgrade from one version of Windows 7 to another I had to go to Windows Anytime.

I suspect that I have been caught out by Microsoft's licensing policy the Windows 7 DVD apparently comes with every version of Windows 7 but only the licence key for the version you have purchased. To upgrade you buy a new licence key from Microsoft via Windows Anytime.

I am running evaluation version so do not have licence keys.

Just found some possible workarounds, changing a setting in the .ISO image,  it’s getting late so will continue this at a later date. Check the links below as a starter.

Further Information:

Guide To Upgrade Windows 7 RC Ultimate to Windows 7 RTM Enterprise

How to Upgrade Windows 7 RC Ultimate to RTM Enterprise

How to Upgrade the Windows 7 RC to RTM (Final Release)

 

Windows 7: Get Ready For Windows 7

Get Ready For Windows 7

Like may IT professionals I am getting up to speed with Windows 7.

I have “Photoshopped” a logo that I will be putting on blog posts that I think will be of interest to anyone getting ready for Windows 7

Try TechNet Events & Webcasts I have found it to be invaluable.

More Information:

My Blog: Windows 7 Posts

Microsoft Blog: The Official Windows 7 Team Blog

Microsoft TechNet: Events & Webcasts

Windows 7: XP Mode

As some one that has worked with corporate PC since DOS 3.3 & Windows 3.1 I have been through a number of desktop operating system migration projects.

There are three major questions that need resolving:

1. Will the legacy applications work on the new operating system?
2. Do we have to by new machines?
3. Can you make it look like the old system to minimise impact on users?

Windows XP Mode

Windows XP Mode allows users of Windows 7 Professional, Enterprise & Ultimate to launch many older Windows XP applications directly from their Windows 7 desktop.

This ticked two boxes for me legacy applications and reusing old equipment.

What a Disappointment

While Windows XP Mode requires at least 2GB or RAM to work the showstopper comes in the form of Hardware Virtualisation.

Hardware Virtualisation requires support by both processor and motherboard. Even though Intel & AMD have been producing capable processors for a few years, motherboard manufacturer have been slow to implement hardware virtualisation in desktop computers and laptops. The result is that some comparatively new PCs and Laptops would have to be replaced if XP mode was required.

I have included a link to a couple of useful tools to determine if your system support hardware virtualisation.

Further Information:

SecurAble Download: Does my system support hardware virtualisation

Microsoft Download: Microsoft® Hardware-Assisted Virtualization Detection Tool

Microsoft Windows: Downloading XP Mode

Windows 7: Professional v Enterprise

What are the benefits of Windows 7 Enterprise over the Professional version?

Just extended the trial on my Windows 7 Professional for another 30 days … so 90 days left is it worth wiping the machine and installing Windows 7 Enterprise?

Windows 7 has a number of variations Starter, Home Basic, Home Premium, Professional, Enterprise and Ultimate.

The business user will only be interested in 3 versions Professional, Enterprise & Ultimate.

Windows 7 Professional Targeted at SMEs

Windows 7 Professional is targeted at small and medium size enterprises (SMEs).  Microsoft see it replacing XP Professional and Vista Business and should be the OS operating system choice for OEM manufacturers business PCs and laptops. A retail product will be available in both full and upgrade versions.

Professional will be available to Volume Licensing enterprise customers via Software Assurance agreements.

Windows 7 Enterprise Targeted at Large Enterprises

Unlike the Professional version Windows 7 Enterprise will not be available as a retail or preinstalled OEM product. Enterprise will only be available to Volume Licensing enterprise customers via Software Assurance agreements.

Ultimate … Enterprise for the SME

Ultimate and Enterprise have the same feature set but Ultimate will be available as a retail & OEM product with full and upgrade versions.

Conclusion:

Large organisations will go for Windows 7 Enterprise which is Ultimate anyway.

So what should SMEs go for Professional or Ultimate? Professional for everyone except for laptop and power users where Ultimate is the better choice.

More Information:

Wrong Version of Windows 7?

So your new computer came with the wrong version of Windows 7. Windows Anytime Upgrade means you can buy your upgrade online from Microsoft.

Windows Anytime will not permit you to upgrade Professional to Enterprise.

Windows Anytime Upgrade: Windows 7 Business to Ultimate Upgrade

Windows 7: Extend trial to 120 Days

Extend Windows 7 Trial to 120 Days

If you have an version of Windows 7 it is possible to trial it for up to 120 days.

Open the command window  … Run As Administrator

Enter the command slmgr –rearm

If it is nagging you for a licence key you will have to enter the command in safe mode.

I have just done this with the Action Packs’ Professional 32 Bit I had been trailing … nag screen gone … rather pointless as I am just downloading a legitimate Enterprise trial from Microsoft.

More Information:

Windows 7: Enterprise 90 Day Trial

Windows 7 Enterprise 90-day Trial.

Aim mainly at corporate evaluation teams and product developers this is a quick and FREE way to evaluate Windows 7 in your environment.

The download will be available through March 31, 2010, while supplies last.

Windows 7 Enterprise 90-day Trial. It is designed specifically for IT Professionals, so that you can test your software and hardware on a final version of the product. In addition, it provides the opportunity for you to become more familiar with the key improvements over previous versions of the Windows operating system, and experience firsthand how Windows 7 can make your PC environment more productive, secure, and manageable.

Microsoft TechNet: Windows 7 Enterprise 90 day Trial

Microsoft Spring Board Blog

Virtualisation: The Green Argument

Random thought: “Just as we saw an exodus of call centers to India are we about to see a similar exodus of data centers to Iceland”

I have always know that computers consume a lot of power but only recently found out that 50% of the running cost of a server in a data centre can be power consumption. We where installing a number of servers in a data-centre and they were more interested in the power draw than the space taken in the cabinet.

Published savings put power draw at around 50% less in a virtualised environment. This Microsoft study also noted that the quantity of processors and memory tended to be the same in a virtual Microsoft Exchange as a non-virtualised environment; less physical servers but more processors and memory per box.

Even the most basic of server hardware now supports Hardware Virtualisation and a low end 2.4GHz Quad Core processer can handle Small Business Server 2008 Premium virtualised on Hyper-V.

With a significant proportion of the Power Requirement taken up with cooling you can see why Iceland is cashing in on the Data-Centre market. A saving of 40%-60% on the amount of energy required to cool a server in Iceland over that or the UK. I was also told recently that London has just about reached its data centre capacity.

We considered housing these servers in Amsterdam but we needed regular access. If you do not need to touch your servers then housing them abroad is fast becoming a feasible solution even for SMEs.

Exchange 2007: Exchange Anti-Spam Myths

The Official Exchange Team blog presents us with the top 6 SMTP anti-spam myths

Further Information:

Exchange team blog: Exchange anti-spam myths revealed

GPO: New Group Policy Client-Side Extension

Group Policy Client-Side Extension

The updated Group Policy Client-Side Extension enable down-level computers (XP, Vista & Windows 2003) to process new items in Windows Server 2008 (GPO). Group Policy preferences are made up of more than 20 new Group Policy client-side extensions (CSEs) that expand the range of configurable settings in a Group Policy object (GPO). These new preference extensions are included in the Group Policy Management Editor window of the Group Policy Management Console (GPMC).

Examples of the new Group Policy preference extensions:

• Folder Options
• Drive Maps
• Printers
• Scheduled Tasks
• Services
• Start Menu

This update is available via automatic updates, WSUS or can be downloaded from Microsoft.

Further Information:

The following link includes downloads for XP, Vista & Windows 2003.

Microsoft Support: Information about new Group Policy preferences in Windows Server 2008

Exchange 2003: Remote Connectivity Analyzer

Exchange Remote Connectivity Analyzer

Need to test the connectivity of your exchange server guess you need the Exchange Remote Connectivity Analyzer then.

More Information:

Exchange Remote Connectivity Analyser

Exchange 2003: BlackBerry® Enterprise Server

BlackBerry® Enterprise Server for Microsoft® Exchange, gives you push-based access to the following applications:

Microsoft Exchange email
Microsoft Exchange calendar, contacts and scheduling

Instant messaging applications such as Microsoft® Office Live Communications Server 2005 and Microsoft® Office Communications Server 2007

Web-based, Java® ME and Web Services applications

Other enterprise applications and systems such as Customer Relationship Management (CRM) and Enterprise Resource Planning (ERP) are also accessible.

Further Information:

BlackBerry Enterprise Server v5.0 Evaluation

BlackBerry Enterprise Server Webcasts

Exchange 2003: iPhone & Active Sync

Exchange ActiveSync & iPhone

If your office uses Microsoft Exchange Server 2003 or 2007, you can wirelessly push email, calendar events, and contacts to iPhone.

Enhanced features like searching your inbox and server, creating calendar invitations directly from iPhone, and dialing out from calendar events.

Microsoft Exchange ActiveSync

Exchange 2003: Windows Mobile Emulator

This information was found at Microsoft Exchange Best Practices Analyser and other Resources I intend to clarify and expand this work.

Windows Mobile Emulator

Testing Exchange ActiveSync with the Windows Mobile Emulator.

Step 1: The Emulator Application.

Microsoft Device Emulator 3.0 -- Standalone Release

Step 2: Virtual PC or Virtual Server

Microsoft Virtual PC 2007
Microsoft Virtual Server 2005 R2 SP1

Step 3: The images

Windows Mobile 5:
Standalone Device Emulator 1.0 with Windows Mobile OS Images 
(efp.zip file)

Windows Mobile 6.0: Windows Mobile 6 Emulator Images

Windows Mobile 6.1: Windows Mobile 6.1 Emulator Images

Windows Mobile 6.5: Windows Mobile 6.5 Developer Tool Kit

Further Information:

MSEchange.org: Exchange Server 2003 and the Device Emulator 1.0 with MSFP

Microsoft TechNet: Exchange ActiveSync: Frequently Asked Questions

Exchange 2003: Tools for Exchange Server 2003

A useful list of the Microsoft tools available for Exchange 2003

ActiveSync Certificate-Based Authentication

Provides several tools to help an Exchange administrator configure and validate client certificate authentication for Exchange Server ActiveSync.

ActiveSync Mobile Web Administration

Manage the process of remotely erasing lost, stolen, or otherwise compromised mobile devices.

Add Root Certificate

Add a custom root certificate to your Windows Mobile-based Pocket PC.

Address Rewrite

Rewrite return e-mail addresses on outgoing messages sent from a non-Microsoft mail system to Exchange Server and destined to external or Internet addresses.

ArchiveSink

May 24, 2004. Archive message and log recipient details and other information about messages sent to or received by your server that is running Exchange Server.

ASP.NET Mobile Controls Device Updates

Update the supported devices you can use with Microsoft Outlook Mobile Access on your Exchange server.

Authoritative Restore

Force a restored directory database to replicate to your other servers after restoring from a backup by using this tool.

Auto Accept Agent

Automatically process meeting requests for resource mailboxes.

Badmail Deletion and Archiving

Delete or archive files automatically in the Badmail directory of specified Simple Mail Transfer Protocol (SMTP) virtual servers.

Best Practices Analyzer v2.8

The Exchange Best Practices Analyzer is designed for administrators who want to determine the overall health of their Exchange servers and topology.

Calendar Connector for Lotus Notes/Domino

The Exchange Server 2003 Calendar Connector for Lotus Notes/Domino is used for coexistence and migration of free/busy calendar data between Exchange Server 2003 and Lotus Domino.

Collaboration Data Objects, Version 1.2.1

Provides access to data in any MAPI store through a set of strongly typed interfaces that correspond to the common Office Outlook items types, including Message, Appointment, and Person.

Connector for Lotus Notes/Domino

The updated Microsoft Exchange Server 2003 Connector for Lotus Notes/Domino is used for coexistence and migration of message flow, calendar requests, and directory synchronization between Exchange Server 2003 and Lotus Domino.

Deployment Tools

Find out the steps you should take, the diagnostic tools you should use, and the Setup links to help you successfully install Exchange Server 2003.

Disable Certificate Verification

Disable the Secure Sockets Layer (SSL) certificate check that is performed on a server running Exchange ActiveSync.

Domain Rename Fixup

Repair Exchange Server attributes in Active Directory directory service after using the Windows Server 2003 domain rename tool.

E-Mail Journaling Advanced Configuration

Augment the current Exchange Server archiving features and capture recipients on expanded distribution lists, Bcc recipients, and other message details.

Error Code Lookup

Determine error values from decimal and hexadecimal error codes in Windows operating systems.

ExchDump

Gather Exchange Server configuration information from various sources used in troubleshooting support issues with this command-line tool.

Information Store Viewer (MDBVU32)

The Information Store Viewer tool has been replaced by the MAPI Editor. The new tool, while still providing the functionality of the older tool for tasks such as browsing storage, is easier to use and is more stable. MAPI Editor is downloadable from this Exchange Server 2003 Tools page.

Intelligent Message Filter

Find out how you can improve productivity and trim costs while lessening spam by exploring the resources listed on this page.

Inter-Organization Replication

Replicate public folder and free and busy information between Exchange Server organizations.

Jetstress

Simulate disk I/O load on a test server running Exchange to verify the performance and stability of your disk subsystem before putting your server into a production environment.

LegacyDN

Change Exchange Server 2003 organization names and administrative group names on critical system objects. You can also use this tool to view or change legacyExchangeDN values.

Load Generator

Exchange Load Generator is a simulation tool to measure the impact of MAPI, OWA, IMAP, POP and SMTP clients on Exchange servers.

Mailbox Merge Wizard (ExMerge)

Extract data from mailboxes on one Exchange server and then merge that data into mailboxes on another Exchange server.

Management Pack Configuration Wizard

Configure test mailboxes, message tracking, and monitoring services in the Exchange 2000 Server and Exchange Server 2003 Management Packs with this graphical user interface.

Management Pack for Microsoft Operations Manager 2005

The Exchange Server Management Pack includes rules and scripts to track performance, availability, and reliability of Exchange components, such as Internet-related services, Extensible Storage Engine, System Attendant, Microsoft Exchange Information Store service, and SMTP.

Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed to help small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance.

Migration Wizard for Lotus Notes

The Exchange Server 2003 Migration Wizard for Lotus Notes/Domino is used for migrating Lotus Domino Accounts and mailboxes to Exchange Server 2003 and Active Directory.

MSSearch Administration Tool

Use this command-line tool to perform administrative tasks against a full-text index such as enabling and disabling a full-text index for searching, obtaining the current status of a full-text index, and stopping the current population on a full-text index.

MTA Check

Look for message transfer agent (MTA) database consistency and perform repairs.

Outlook Web Access Web Administration

Administer Microsoft Outlook Web Access with this Web-based tool.

Profile Analyzer (32 bit)

Collect estimated statistical information from a single mailbox store or across an Exchange Server organization.

Profile Redirector or Exchange Profile Update

Exchange Redirector (ExProfRe.exe), also known as the Exchange Profile Update tool, updates Microsoft Office Outlook profiles after moving mailboxes across Exchange Server organizations or administrative groups.

Public Folder DAV-based Administration Tool

Use the Exchange Server Public Folder Distributed Authoring and Versioning (DAV)-based Administration tool (PFDAVAdmin) to perform various management tasks related to public folders and mailboxes.

Quota Message Service

Generate custom quota messages that inform users that they have exceeded their message quotas. This tool is a mailbox agent, and it uses template messages to format the body of the quota messages.

SMTP Internet Protocol Restriction and Accept/Deny List Configuration

Programmatically set Internet Protocol (IP) restrictions on an SMTP virtual server.

SMTPDiag Tool

Determine whether SMTP and DNS are configured to reliably deliver mail to an external e-mail address.

Software Development Kit (SDK) Development Tools

Get tools and components for creating and debugging collaborative applications on Exchange Server.

Stress and Performance Tool (English only)

This tool simulates large numbers of client sessions running on Exchange Server

Troubleshooting Assistant v1.1

The Microsoft Exchange Troubleshooting Assistant can help to determine the cause of performance, mail flow and database mounting issues on computers running Microsoft Exchange Server.

Up-to-Date Notifications Binding Cleanup

View and remove existing up-to-date notifications event registration items (bindings) on an individual as well as on a bulk level.

Up-to-Date Notifications Troubleshooting

Solve common notification issues and test e-mail message delivery to specified mobile devices with this troubleshooting tool.

User Monitor

Enables system administrators to view and evaluate individual user's usage and experience with Exchange Server.

WinRoute

Get a visual representation of the Exchange Server routing topology and the status of the different routing components.

Further Information

Microsoft TechNet: Tools for Exchange Server 2003

Exchange 2003: Troubleshooting Assistant

Microsoft Exchange Troubleshooting Assistant

The Microsoft Exchange Troubleshooting tool can help locate issues within Exchange server. Download, install and learn before you have to.

Further Information:

Microsoft Download: Microsoft Exchange Troubleshooting Assistant

Exchange 2003: Best Practices Analyzer

Microsoft Exchange Best Practices Analyzer

The Microsoft Exchange Best Practice Analyzer presents a list of issues that are sorted by severity. For each issue, the tool provides descriptions of what the problem is and of how you can fix this issue.

You would be well advised to run this on any Exchange 2003 Server.

Further Information:

Microsoft Download: Microsoft Exchange Best Practices Analyzer

Microsoft Exchange Best Practices Analyser and other Resources

Microsoft Download: Microsoft Exchange Troubleshooting Assistant

SBS 2003: Best Practice Analyzer

The Windows Small Business Server 2003 Best Practice Analyzer

The Windows Small Business Server 2003 Best Practice Analyzer presents a list of issues that are sorted by severity. For each issue, the tool provides descriptions of what the problem is and of how you can fix this issue.

You would be well advised to run this on any installation of SBS 2003.

Further Information:

Microsoft Support: How to obtain the Windows Small Business Server 2003 Best Practices Analyzer tool

Terminal Services: Imposing Session Limits

On of the most annoying problem I have as an administrator is trying to remote on to a server and finding someone has walked away from their desk with a remote session open or disconnected their session.

The best way to avoid this is to automatically close sessions by imposing time limits for Disconnected, Active and Idle sessions. This way you stand a fighting chance of getting remote access session.

Caution: Before imposing connection limits remember that some applications may require an open session. Automatically killing session may terminate an important process.

Imposing Terminal Services Session Limits

1. Start, All Programs, Administrative Tools and open Terminal Services Configuration
2. Right click RDP-Tcp and select properties
3. On the Sessions tag set time limits for
4. End disconnected sessions 30 minutes
5. Active session limit 2 – 3 hours
6. Idle session limit 2 –3 hours

Further Information:

Try attaching to the console session

My Blog: SBS 2003 Can’t Remote Control Session (ID 0)

Use Task Manager to kill of the offending session hogs under the users tab.

SBS 2003: Renaming Your Windows Domain

This is one of those SBS 2003 subjects that causes a lot of confusion. Yes Windows 2003 domains can be renamed but can you rename a Windows Small Business Server 2003 domain?

A quick examination of the documentation and it should be possible get nearer doing it and you find NO it can’t.

The problem being that you cannot rename a domain if Exchange 2003 is installed on a Domain Controller. SBS 2003 is a DC with exchange 2003 installed so the rendom tool will not work.

If you are installing SBS and have not yet installed Exchange you can use the rendom tool.

Like many you installed SBS without fully understanding your requirements. It was installed using sbsdomain.local and your external domain is abcaccountants.co.uk and you want to unify the domain names.

You have found that a single domain third party certificate is much cheaper than a multi domain cert and you want to rename the SBS domain to abcaccountants.co.uk

Step1: Ensure Domain Level is Windows 2003

Raise the default domain functional level to windows 2003 in order to rename it.  (See my post)

SBS 2003- Windows 2003 Change Domain & Forest Functional Levels

Step 2: Ensure Exchange 2003 at least SP1

Exchange 2003 must be at least service pack 1 and domain renaming is not possible if an Exchange 2000 server is in the domain

Step 3: Rename Your Windows 2003 Domain

Microsoft TechNet: What Is Domain Rename?

Microsoft TechNet: How Domain Rename Works

Exchange 2003: Display Administration & Routing Groups

Exchange System Manager does not automatically display administrative groups and routing groups.

1. Exchange System Manager (ESM), right-click the Exchange organization and select Properties.

2. On the General tab select Display routing groups & Display administrative groups.

3. Restart the Exchange System Manager (ESM) to see the changes

SBS 2003: Windows 2003 Change Domain & Forest Functional Levels

With Small Business Server 2003 there are only  two Domain Functional Levels Windows 2000 Native (default) or Windows Server 2003 and two Forest Functional Level Windows 2000 (default) or Windows Server 2003

The tool used to change the both the Domain and Forest Functional level is Active Directory Domain and Trusts

Raise the domain functional level

CAUTION: Cannot changed back to Windows 2000 native domain.

1. Log on to the SBS server with domain administrator credentials. The default Administrators account will do.
2. Click Start, All Programs, Administrative Tools and Active Directory Domains and Trusts.
3. In the console tree, right-click the domain, and then click Raise Domain Functional Level.
4. Under Select an available domain functional level, click Windows Server 2003, and then click Raise.

Note: You can also raise the domain functional level  in the Active Directory Users and Computers.

 

Raise the forest functional level

CAUTION: Cannot be change back to Windows 2000 forest functional level.

1. Log on to the SBS server with a user account that is a member of the Enterprise Administrators group. The default Administrators account is a member of this group.
2. Click Start, All Programs, Administrative Tools and Active Directory Domains and Trusts.
3. In the console tree, right-click Active Directory Domains and Trusts, and then click Raise Forest Functional Level.
4. Under Select an available forest functional level, click Windows Server 2003, and then click Raise.

Further information:

Microsoft Support: How to raise domain and forest functional levels in Windows Server 2003

Microsoft TechNet: Functional Levels Background Information

SBS 2003: Exchange 2003 Change Mode

This Blog: SBS 2003- Exchange 2003 Change Mode 

Microsoft Support: How To Convert from Mixed Mode to Native Mode in Exchange

SBS 2003: Exchange 2003 Change Mode

Change from Mixed Mode to Native Mode

The switch to native mode cannot be reversed.

1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
2. Right-click the organization, and then click Properties.
3. Click the General tab, and then click Change Mode under Change Operations Mode.

Further information:

Microsoft Support: How To Convert from Mixed Mode to Native Mode in Exchange

SBS 2003 – Windows 2003 Change Domain & Forest Functional Levels

This Blog: SBS 2003- Windows 2003 Change Domain & Forest Functional Levels

Microsoft Support: How to raise domain and forest functional levels in Windows Server 2003

Microsoft TechNet: Functional Levels Background Information

Windows 7: Lucky Windows Sleven Poster

I’ve spent too much time with Photoshop

Windows 7: Remote Server Administration Tools

The Remote Server Administration Tools (RSAT) are now available for Windows 7. For download and installation instruction see the link below.

Check that they are not already installed and just need enabling before downloading.

Vista & Windows 7- Enabling Remote Server Administrator Tools

Additional Information:

Download: Remote Server Administration Tools for Windows 7

Vista & Windows 7: Enabling Remote Server Administrator Tools (RSAT)

Vista SP1 onward has these tools installed they are well hidden but here’s  how to enable them.

(The same applies to Windows 7)

• Right Click the start menu button
• Select Properties and then Customize button

• Under System Administrative Tools
• Select Display on the All Programs menu

• The Administrative Tools should now appear on the start menu.

Additional Information:

If you need to download RSAT for Vista or Windows 7

Vista 32bit: Microsoft Remote Server Administration Tools

Vista 64bit: Microsoft Remote Server Administration Tools

Windows 7: Remote Server Administration Tools Windows 7

SBS 2003 Can’t Remote Control Session (ID 0)

If you are using remote desktop to manage your servers you will find you cannot take control of the console in Terminal Services Manager.

Can’t remote control Session (ID 0) because Remote Control is disabled on that Session
(Error 0 – The operation completed successfully)

Very annoying as some software can only be installed at the console.

 

Solution: Run one of the following command.

Command for XP SP2 and Vista no SP

mstsc /v:servername /console

Command for XP SP3, Vista SP1

mstsc /v:servername /admin

Further Information:

This effect systems with updated Remote Desktop Protocol RDP

Changes to Remote Administration in Windows Server 2008

Remote Desktop Services (Terminal Services) Team Blog

Remote Desktop Connection 7.0 client update for Remote Desktop Services (RDS) for Windows XP SP3, Windows Vista SP1, and Windows Vista SP2

The Remote Desktop Connection 7.0 client update enables you to use the new Remote Desktop Services features. These features are introduced in Windows 7 and in Windows Server 2008 R2 and are available for computers that are running Windows Vista Service Pack 1 or Windows Vista Service Pack 2.

SBS 2003 Windows 2003 Service Pack 2

There is no SBS 2003 sp2 specific version of Windows 2003 sp2.

Windows 2003 service pack 2 known issues on Small Business Server 2003

In some scenarios, you must remove Windows Server 2003 SP2 before you upgrade to the full retail version of Windows Small Business Server 2003 or before you migrate to Windows Server 2003

Windows Evaluation Period expires early

Installation 1:

Wanted to blog about Windows Small Business Server 2003 and my old Dell PowerEdge 2600 server did not have a DVD drive so R2 in the action pack was not an option.

Not a problem only wanted it running for a few days so grabbed an old CD based evaluation copy and installed it, staying up until 4am prepping the system.

The following afternoon tried to logon only to find the evaluation period had expired. The BIOS battery failed and the year had gone back to some time in the stone age setting of the evaluation time bomb.

Microsoft Support: Evaluation version of Windows Server 2003 may expire before the date that the Winver.exe file reports

Installation 2:

Okay I have an HP ML350 G4 and I know its got a DVD drive but the action pack is on the other side of the room … it’s only temporary … I’ll just persist with this original SBS 2003 evaluation version. 

In with the HP SmartStart on with the SBS 2003 … what do you mean SP2 can not be installed … 4GB drive!!  … but it’s a 67.83GB partition in Disc Manager and only 4GB on the drives properties!!

 

Installation 3:

Change out the hot swap drive and installed SBS 2003 evaluation remembering to use SmartStart to blow away any configuration on this 2nd drive.

Plugged in the original drive and it was still showing 4GB in properties but over 60GB on Disc Manager. Recreated the partition and formatted it now I have the full 67.83GB accessible.

Okay … it's going to be another 4am session so just do the basic installs and configure later.

• Updated with Windows Server SP2 and Exchange 2003 SP2
• Installed PowerShell 1.0
• Installed WSUS 3.0
• Installed SharePoint Services 3.0
• Installed Windows Deployment Services
• Did some basic configuration of the Group Policies and some other tweaks.
• Copied a XP virtual machine and installed to domain.

Okay … I’m ready to start configuring WSUS, SharePoint 3.0 and WDS … do I really want to leave the configuration until later … what do you mean I need to replace SBS 2003 CD3.

Something about SharePoint Services not working on early versions of SBS 2003 because of a faulty CD3 … now why did I stop using this evaluation version in the past … faulty CD3. A great reason to always “Blog It”.

I found some information about the date on the SBS folder on the replacement CD3 being December 2003 mine was August 2003.

Microsoft Support: Windows SharePoint Services and Windows Small Business Server 2003 Installation Update

Installation 4:

So a few hours sleep later will I admit defeat and go for the Action Pack … I have this HP OEM SBS 2003 R2 version somewhere … would that be admitting defeat … it is snowing … very heavily … and I’ve just downloaded SmartStart 8.30.

• Installed HP OEM SBS 2003 R2
• Left the R2 component off just now
• Installed WSUS 3.0 and configured the downloads
• Installed HP Version Control Repository Manager
• Configured HP Version Control Agent
• Broke the NIC

I would not recommend learning about HP Version Control on a live system.

• The NIC would not work big red cross in device manager.
• De-installed the driver and let machine reinstall it.
• Rebooted driver ok in device manager
• NIC would not ping anything including its self.

At this point I would like to tell you how I fixed this, but, after many years in IT support your fingers take over from you brain and just fix it.

• Okay I just shut down some services and when that did not work I rebooted it again.
• Network connectivity back to normal.

more to come …

Exchange 2003 Server Service Pack Level

How do you quickly determine the build level of your exchange server

I have included links to a couple of Microsoft Support Documents

For Exchange 2003 Open the  Exchange System Manager - Help - About Exchange System

Look for the Version Number

Example: Exchange 2003 no service packs

Microsoft Exchange Server 2003	6.5.6944
Microsoft Exchange Server 2003 SP1	6.5.7226
Microsoft Exchange Server 2003 SP2	6.5.7638
Microsoft Exchange Server 2003 post-SP2	6.5.7653.33
Microsoft Exchange Server 2003 post-SP2	6.5.7654.4

Microsoft Support: How to determine the version number, the build number, and the service pack level of Exchange Server

Microsoft Support: Build numbers and release dates for Exchange Server

Microsoft Security: Check your version of Windows

.net framework versions installed

How to determine what version of .net framework are installed

Browse to %systemroot%\Microsoft.NET\Framework there should be a sub folder for each version installed

• v3.5

• v3.0

• v2.0.50727

• v1.1.4322

• v1.0.3705

tip: cut and past %systemroot%\Microsoft.NET\Framework into explorer address bar

MSDN: How to determine which versions of the .NET Framework are installed and whether service packs have been applied

SBS 2003 Do Not Display Last Logon

Using Group Policy (GPO) to Clear Last Logged on Users Name

Do Not Display Last Logon

Start Menu – All Programs - Administrative Tools - Group Policy Management

 

Select an appropriate policy or create a new one - I use Default Domain Policy

Right click the policy and select edit

Expand Computer Configuration - Windows Settings - Security Settings - Local Policies - Security Options

Double Click Interactive Logon: Do not display last user name and select enable

 

Clearing Last Logged on User on Terminal Services and Virtual Machines

Terminal Services and Group Policy does not apply the Do Not Display Last Logo. This has to be set in the Terminal Services Manager

SBS 2003: Do Not Display Last User Logon on Remote Desktop

SBS 2008: Do not display last user logon on TS, Remote Desktop and VMs

SBS 2003: Do Not Display Last User Logon on Remote Desktop

Do Not Display Last User Logon can be applied to your computers and servers with a Group Policy.

You will have notices that when you remote into a server the last logon user is displayed … so what happened to the group policy.

This policy is not applied in TS, Remote Desktop but is applied using the Terminal Services Configuration admin tool.

• Open the start menu
• Administrative tools
• Terminal Services Configuration

• Right click the RDP-Tcp Connection and select properties
• Select the Logon Setting tab

• Select Always use the following logon information
• Leave the User name blank
• Enter the Domain name
• Select Always prompt for password

When you logon remotely the last User Name will now be clear.

WSUS 3.0 on SBS 2003 SP1 or R2

How to install WSUS on Small Business Server SP1 or R2

Step-by-Step Guide to Getting Started with Microsoft Windows Server Update Services 2.0 on Windows Small Business Server 2003

Installing WSUS 3.0 on SBS 2003 SP1 or SBS R2

WSUS Wiki

SBS 2003: Installing SharePoint Services 3.0

Installing SharePoint Services on Small Business Server 2003

If you are running Small Business Server 2003 chances are you already have SharePoint Services 2.0 installed. Best practice (Microsoft) dictates that you cannot upgrade 2.0 to version 3.0 but instead do a parallel installation. This leaves your existing http://companyweb Web site intact, and creates a new Web site for SharePoint Services 3.0.

When you install Windows SharePoint Services 3.0 on your server, do not choose Gradual upgrade or In-place upgrade. If you do, several Windows SBS administration tools will fail, and you might lose data on your Windows SharePoint Services sites. You must choose No, do not upgrade at this time, which results in a side-by-side installation.

Caution: Backup your server before installing Windows SharePoint Services 3.0

Installing Windows SharePoint Services 3.0 side-by-side with Windows SharePoint Services 2.0 on SBS 2003 server:

1. Install .NET 3.0.
2. Install SharePoint Services 3.0.
1. Download SharePoint Services 3.0 with SP2
2. Windows SharePoint Services 3.0 Properties page
   Upgrade tab: select No, do not upgrade at this time.

  Server Type tab: select Stand-alone.



Click Install Now

When installation completes ensure Run the SharePoint Products and Technologies Configuration Wizard now is selected.



3. Windows SharePoint Services Products and Technologies
1. If the wizard does not start automatically after previous step under Administrative Tools select SharePoint Products and Technologies Configuration Wizard.
2. click Next.
3. click Yes in the dialog box for restarting Internet Information Services (IIS), SharePoint Administration Service, and SharePoint Timer Service if required.
4. Click Finish on the final page of the wizard. The default Web site (http://ServerName) that is automatically generated during Windows SharePoint Services 3.0 Setup opens in your Internet browser.
5. Close the browser
   
   http://ServerName and http://companyweb cannot be used at this point.
   
4. Create new site for SharePoint Services 3.0.
1. Under Administrative Tools select SharePoint 3.0 Central Administration.
2. Application Management tab, in SharePoint Web Application Management, click Create or extend web application.
3. On the Create or Extend Web Application page, click Create a new Web application.
4. On the Create New Web Application page, complete the following:
1. In IIS Web Site, type a description for the new Web site and a port number (do not use Port 80, Port 8080, or other used ports).
2. In Application Pool, ensure that Create a new application pool is selected, and then select Predefined for Network Service as the security account for the application pool.
3. In Database Name and Authentication, ensure that Windows authentication is selected.
4. In Search Server, select the server that is running Windows SBS as your search server.
5. Click OK. You need to wait while your changes are processed.
5. On the Application Created page, click Create Site Collection.
6. Create Site Collection page
1. Title and Description, type the title and description.
2. Web Site Address, in URL, choose http://ServerName:PortName/sites/SiteName.
3. Template selection, click Team site.
4. Primary Site Collection Administrator, the user name to administer this site.
5. Click OK.
7. On the Top Level Site Successfully Created page, click the link to the new Web site.
5. Delete the Windows SharePoint Services 3.0 default Web site.
1. Under Administrative Tools select SharePoint 3.0 Central Administration.
2. Application Management tab, in SharePoint Web Application Management, click Delete Web Application.
3. Delete Web Application page
1. In Web Application, from the drop-down menu, click Change Web Application. On the Select Web Application page, select the Windows SharePoint Services 3.0 default Web site (http://ServerName). Make sure that you delete the default Web site (http://ServerName) and not the site that you just created in the preceding step.
2. In Delete options, delete the content databases and the IIS Web sites.
3. Click Delete.
4. In the warning message box, click Yes
5. When Application Management tab appears close the Central Administration site.
6. Start the default Web site and the Windows SharePoint Services 2.0 http://companyweb Web site.
1. Under Administrative Tools, select Internet Information Services (IIS) Manager.
2. Expand Web sites, right-click Default web site, and then click Start.
3. If companyweb is stopped, right-click companyweb and then click Start.
4. Close IIS Manager.

At this point, you can open both the http://companyweb Web site, which is based on Windows SharePoint Services 2.0, and the new site that you created in Step 4 above, which is based on Windows SharePoint Services 3.0.

After installation the SBS 2003 administrative tools will not work with SharePoint Services 3.0, but, will continue to work with SharePoint Services 2.0

It should still be possible to reinstalling SharePoint Services 2.0 without effecting the SharePoint Services 3.0 installation.

Further Information:

Microsoft Download: Microsoft .NET Framework 3.0 Redistributable Package

Microsoft Download: Windows SharePoint Services 3.0 with Service Pack 2

Microsoft Download: Installing Windows SharePoint Services 3.0 on a Server Running Windows Small Business Server 2003

The Official SBS Blog: WSS v3.0 Installation on SBS 2003

SBS Diva Blog: How to Install Windows SharePoint Services 3.0 on SBS 2003