Webbo's World another IT geek's corner of the internet…

5Jul/100

Disabling SBCore service – SBS Shutdown every hour

With a few SBS 2003 to 2008 migrations going over the 21 day limit (unfortunately due to third party support on line-of-business applications) we found it necessary to use the below to stop the SBS 2003 server shutting down every hour. I do not recommend this or support this as it is in breach of Microsofts EULA - however in some scenario's it may be critical to ensure a smooth decommissioning of the old SBS 2003 server.

The below is the error log you should see:

Event ID: 1001
Type: Error
Source: SBCore
Description:
The server was shut down because it did not comply with the EULA. For more information, contact Microsoft.

To disable we followed the below:

  1. Download the Process Explorer tool from SysInternals - Here
  2. Load Process Explorer and look for the SBS Licensing Service - C:\Windows\system32\sbscrexe.exe
  3. Select this service and Suspend it - you should find the service greys out
  4. Open Regedit and expand the following key - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBCore
  5. Right click this Key and add the Administrators group giving them Full Permission to the key (refresh this and you should see all the key entries now)
  6. Select the Start DWORD and change it from 2 to 4 (this sets the Disabled state)
  7. Open a File Explorer window and browse to the C:\Windows\system32\sbscrexe.exe file
  8. Right click this and load Properties / Security
  9. Add the Everyone group and set the Deny permission for Full Access (should then tick the sub permissions)
  10. Go back to Process Explorer and now kill the sbscrexe.exe service - this should now be disabled
  11. Check the SBCore service via services.msc - it should have a disabled state and now longer be running
  12. Job Done.
Filed under: Small Business Server 2003 No Comments
16Jun/100

Install Exchange 2007 SP2 on SBS 2008

Currently running through an Exchange Service Pack 2 install for Microsoft's Small Business Server 2008. For ease of reference I thought I'd briefly list the main three steps below:

  1. Download the Exchange 2007 Service Pack 2 - Exchange 2007 Downloads
  2. Run through the following KB Article referencing "You cannot install Exchange Server 2007 Service Pack 2 on a Windows Small Business Server 2008-based computer" - KB973862
  3. Download the Service Pack Installation tool for Small Business Server 2008 - KB974271

*Update*

Service Pack 3 is now available for Exchange 2007 which no longer needs the above steps to install. I believe it is support for SBS 2008 and as per a few we've done already goes on straight away.

Filed under: Exchange 2007, Small Business Server 2008 No Comments
22Mar/101

IE Start Menu shortcut broken

Recently had a Vista machine infected with the fake Windows Security Center rubbish, this was cleared relatively easy by running SuperAntiSpyware. We tend to favour MalwareBytes however this was being blocked by the infection (even after renaming mbam.exe to something else). Once SuperAntiSpyware had finished and the system was rebooted we ran MalwareBytes along with some online scanners (TrendMicro Housecall and ESET Online Scanner) to confirm the all clear.

After running the cleanup the system appeared back to normal with no further infections found. Once we loaded IE again (after resetting to default and disabling addons etc) it re-infected the client PC. This was a little frustrating as nothing seemed to pick up any malicious files, we cleared again and re-ran ccleaner to emtpy temp files which must have done the trick as the Internet Explorer Start Menu shortcut failed to load reporting the below:

explorer.exe
The application could not be found

The infection had tagged this shortcut to run the malicious installer upon launching IE. To resolve load regedit and navigate to the below registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet
\IEXPLORE.EXE\shell\open\command

You should only see the default path of IE in here (usually C:\Program Files\Internet Explorer\iexplore.exe), if not amend to resolve.

You can also download the following reg file to run that will make the above changes automatically.

iefix.reg (right click + save as) - Note: Only use this if you are sure of what you are doing, playing with the registry can screw things up! This file is mainly for my ease of use.

Filed under: Windows Vista 1 Comment
26Feb/100

Exchange 2007 orphaned Delegate User causing Bouncebacks

Having recently deleted an Exchange 2007 User from AD we found a number of bounce back emails beginning to occur. The bounce backs would occur primarily on editing Calender items for other users as the now deleted user was still listed as a Delegate for them. We wanted to query Exchange as to which mailboxes the now deleted user was listed on. The bounce back email is below:

Delivery has failed to these recipients or distribution lists:

Username
The recipient's e-mail address was not found in the recipient's e-mail system. Microsoft Exchange will not try to redeliver this message for you. Please check the e-mail address and try resending this message, or provide the following diagnostic text to your system administrator.

FIX:

1. Open Exchange 2007 PowerShell
2. Run the below query replacing $User with the name of the deleted user (e.g John Smith). This will output the details into a text file (C:\delegates.txt).

image

  1. get-mailboxcalendarsettings | where-object{$_.ResourceDelegates -match"$user"} | out-file c:\delegates.txt -enc ASCII
Filed under: Exchange 2007 No Comments
17Dec/090

Exchange 2007 4.3.1 Insufficient System Resources

We recently had a server that was receiving mail correctly, although the emails themselves were then never reaching the internal recipients. Checking over the Event Logs we saw the below error:

Level: Error
Source: MSExchangeTransport
Event ID: 15006

image

Reading on this further it looks to be due to a feature of the Exchange Transport service that monitors system resources called Back Pressure. We were running a little low on disk space so the easiest fix for us was to move the Queue to a different drive, the below sites explain this in full detail so are worth a read if you experience similar.

Microsoft Technet - Understanding Back Pressure
MSExchange.org - Understanding Back Pressure Feature in Exchange 2007
Petri.co.il - Back Pressure: Moving the queue Database in Exchange 2007

Filed under: Exchange 2007 No Comments
6Dec/091

Server 2008 R2 Network Shares with WD TV Live

Having been so impressed with the WD TV I picked up the WD TV Live to stream my various media over my home network.
image
At current my media is shared from a Windows 2008 R2 Domain Controller, which from various forum posts seems to be causing problems for the WD TV in browsing shares. Playing with a few settings it now seems to be working perfectly so thought I'd share my findings.

Setup:
Windows Server 2008 R2 as a Domain Controller
Firewall Disabled
Shared Media drives/folders with Everyone given Read Access
User Account created specifically for shares, set with default Domain User membership
WD TV Live device on DHCP

With the above configured the device would see the server and using domain\user credentials it would attempt to connect. This appeared successful however it would then show that it could not see any shares / no media detected on the server. Playing with this further it looks like the below has resolved the issue (at least in my case).

Firstly I needed to amend the servers local Group Policy to allow Link-Layer Topology Discovery (a work colleague had mentioned this step being posted on some of the AV/WD forums).

To do this click Start - Run - type in gpedit.msc and click OK.
Browse to Computer Configuration - Administrative Templates - Network - Link-Layer Topology Discovery.
In here set both items to Enabled as per the screenshot.
image

Once set open at Command Prompt window to run gpupdate /force

Next I checked the services running and noticed the SSDP and UPnP services were set to disabled. I set these to Automatic and then started them both.
image

I tried to connect again although got the same error. Checking wire shark it didn't seem to be sending the domain\user credential correctly as it removed the \ and combined the domain with the username. Connecting again with just the Active Directory user account with no domain set it has connected and I can successfully browse shares. I've also set the device with a DHCP reservation as I've read a few places that mention the device disconnecting every so often when streaming media.

So far all seems fine, have watched a few films, turned the device off / on etc and it works a treat!

**NB Since using this more I've noticed when turning on my Win7 laptops that it kills the WD causing it to drop the network shares. It looks to be due to the Streaming options that Win7 has introduced, so the quick fix is to disable sharing on these devices and you should find the WD TV Live plays again uninterrupted. I'm looking to confirm the exact sharing options that cause this shortly.

Filed under: Server 2008 1 Comment
20Sep/091

Blank resource list in Symantec Backup Exec 12.5

After installing Symantec Backup Exec 12.5 and setting the services to run under a newly created Active Directory account, we found that when trying to create a backup selection list the resources box was blank. The following error was seen:

Connection with server Failed. Hit <F5> to refresh.

image

This was due to the service account missing appropriate permissions. After running through this Symantec article to ensure all the requirements were on the account, we also needed to amend a Group Policy allowing the service account "Log on as Batch Job" rights.

To do this check the below:

  1. Load up Group Policy Management (Start - Run - gpmc.msc)
  2. Edit the Default Domain Controllers Policy
  3. Browse to Computer Configuration - Policies - Windows Settings - Security Settings - Local Policies - Users Rights Assignments
  4. Edit the "Log on as a Batch Job" policy
  5. Add the appropriate Service Account
Filed under: Applications, Server 2003, Server 2008 1 Comment
20Sep/090

IIS7 HTTP Error 500.19 – Internal Server Error

Having upgraded a Server 2008 box with Service Pack 2 we noticed an issue when creating/using custom error pages in IIS. Unless it was down to my poor search terms I couldn't initially find much on the error as I'm no IIS expert, but it appears to be down to some changes made to IIS as part of the SP2 upgrade.

As the server was hosting Microsoft Exchange 2007 it was used for Outlook Web Access. We tend to make use of the redirect page to load from mail.domain.com straight to https://mail.domain.com/owa as per this MS article

When setting this up we found we received the below error (as well as Outlooks Out of Office not working):

ERROR:

HTTP Error 500.19 - Internal Server Error
Absolute physical path "C:\inetput\wwwroot\redir.htm" is not allowed in system.webserver/httpErrors section in web.config file. Use relative path instead.

image

FIX:

To resolve this as the error states we just needed to amend the path to the custom error page. This can be done either in the IIS console or by editing the web.config file usually in the \inetpub\wwwroot folder. Open the file in a text editor and edit the file path.

Absolute path:

  1. <httperrors>
  2. <remove statusCode="403" subStatusCode="-1" />
  3. <error statusCode="403" prefixLanguageFilePath="" path="C:\inetpub\wwwroot\redir.htm" responseMode="File" />
  4. </httperrors>

Relative path:

  1. <httperrors>
  2. <remove statusCode="403" subStatusCode="-1" />
  3. <error statusCode="403" prefixLanguageFilePath="" path="redir.htm" responseMode="File" />
  4. </httperrors>
Filed under: Exchange 2007, Server 2008 No Comments
5Sep/094

Exchange 2007 Update Rollup 9 breaks OWA

Having installed Update Rollup 9 for Exchange 2007 on a number of different sites we finally had one that broke Outlook Web Access. OWA would load yet several images were just placeholders and after logging in no actual inbox could be read as all the Fonts and styling were screwed up.

Checking this site may help - Click Here

In our case running the UpdateOWA.ps1 resolved the issue.

FIX:
Step 1) Load the Exchange Management Shell
image

Step 2) Navigate to your Exchange Bin directory via the management shell - usually C:\Program Files\Microsoft\Exchange Server\Bin

Step 3) Run the UpdateOWA.ps1 script (done by entering .\UpdateOWA.ps1)

Filed under: Exchange 2007 4 Comments
24Aug/090

Outlook Web Access IIS Redirecting HTTP to HTTPS

One thing I still find with users is that they love to mistype URLs! One common mistake is to enter in the Outlook Web Access URL without specifying the https:// prefix, so here's how we can have http:// automatically redirect to https:// for the OWA directory

Note: this is based on a Small Business Server 2008 install although can apply to any standard Exchange 2007 setup

Step 1) Open up the IIS Console and expand the appropriate Site containing the OWA folder. Select the OWA folder.
image
Step 2) Open up the Error Pages icon.
image

You should now see a list of the default error pages
image

Step 3) On the right side of the window under Actions click Add
image

Step 4) Create the following custom error page and click Ok

Status Code: 403.4
Select Respond with a 302 redirect
Enter the full HTTPS URL to your OWA location e.g. https://mail.mydomain.com/owa

image

Step 5) Test the redirect is now working from a client machine

Filed under: Exchange 2007, Small Business Server 2008 No Comments
   Older Entries »

Archives

Categories

Meta