Category Archives: Windows Server 2008

Solutions for Windows Server 2008

azure active directory

Force local active directory to sync to Office 365 with Azure ADSync

Use the following from an Elevated Powershell Prompt to force an AD sync to your O365 admin portal. You will be performing this on the server where Azure AD Sync is installed. When running this command you will need to wait 5 minutes before checking your portal to verify it is working. In larger environments this can take a longer time.

Import-Module “C:\Program Files\Microsoft Azure AD Sync\Bin\ADSync\ADSync.psd1”
Start-ADSyncSyncCycle -PolicyType Delta

Let me know in the comments below if you have any issues or this solution doesn’t work for you.

cleanup space on server

Cleanup Server WinSxS Free Space on Server 2008 and Server 2012

Run the following commands if you are running low on C: drive space. Do this in your PowerShell prompt and you will free up a substantial amount of space.

Please Note: You have to run updates on Windows Server 2008 if you are far behind and these commands don’t exist!

MASTER CLEANUP: (Run this First)
Dism.exe /online /Cleanup-Image /SPSuperseded

FOLLOWUP:
Windows 2008 Use: Dism.exe /online /Cleanup-Image /StartComponentCleanup
Windows 2012 Use: Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase

dcreplication

“Target account name is incorrect” on Domain Controller Error

This article explains how to fix the “Target account name is incorrect” error you are getting on your domain controllers. This usually stems from a system administrator doing a snapshot revert on the Domain Controller which messes up the KDC service and domain replication. It also can happen if you had a DC offline for a long time 30+ days.

  • Stop and disable the Key Distribution Center (KDC) service on the troubled domain controller
    • net stop kdc
      sc config "kdc" start= disabled

      Note: space is REQUIRED after start=
      Alternatively: you can do this from the Services Panel
  • Purge the ticket cache on the local domain controller.
      • klist purge

    note: you can use ‘klist tickets’ to view tickets before purging them

  • REBOOT Troubled Domain Controller
  • Reset the troubled domain controller’s account password to the primary domain controller (PDC) emulator master using netdom /resetpwd. Find PDC using: netdom query fsmo
    • netdom /RESETPWD /s:pdcserver.domain.local /ud:domain\Administrator /pd:*
  • Synchronize the domain directory partition of the replication partner with the PDC emulator master
    • repadmin /kcc
  • Reboot one more time on Troubled DC and start and enable the KDC on the local domain controller:
    • sc config "kdc" start= auto
      net start KDC

Typically I wait about 5-10 minutes after this and start doing checks to see if it is now replicating properly. You can also force a replicate using repadmin /replicate but usually not necessary.

Exchange 2007 SP1 Installation Error HRESULT E_FAIL has been returned from a call to a COM component.

I was recently installing and configuring a new server with 32 processors and installing server 2008 Standard and Exchange 2007 SP1 Standard. During installation I received the following error:

HRESULT E_FAIL has been returned from a call to a COM component.

After finding a Knowledge-base article from Microsoft, I discovered Exchange 2007 SP1 doesn’t support installation on a server with more than 24 processors, but is perfectly fine updating and running on a server with more than 24 processors.

Here is the fix for installing Exchange 2007 SP1 on a server with more than 24 cores.

For Windows Server 2008 and for Windows Server 2008 R2

To reduce the number of active processor cores, follow these steps:

  1. Click Start start button, and then type cmd in the Search programs and files box.
  2. Right-click cmd.exe in the Programs list, and then click Run as administrator.
     UAC If you are prompted for an administrator password or for confirmation, type the password, or provide confirmation.
  3. At the command prompt, copy or type the following command, and then press ENTER:
    msconfig.exe
  4. Click the Boot tab.
  5. Select the operating system that is used with Exchange Server 2007. Typically, this is labeled Current OS.
  6. Click Advanced.
  7. Note the number of processors that are currently set, and then set the number of processors to 24 or fewer.
  8. Restart the server.
  9. Install Exchange 2007.
  10. Click Startstart button, and then type cmd in the Search programs and files box.
  11. Right-click cmd.exe in the Programs list, and then click Run as administrator.
     UAC If you are prompted for an administrator password or for confirmation, type the password, or provide confirmation.
  12. At the command prompt, copy or type the following command, and then press ENTER:
    msconfig.exe
  13. Click the Boot tab.
  14. Select the same operating system that you selected in step 5 and that is used with Exchange Server 2007.
  15. Click Advanced.
  16. Restore the number of processors to the value that you noted in step 7.
  17. Restart the computer.

Windows Server 2008 could not continue installation as a reboot is needed

Microsoft Server setup cannot continue because a restart from a previous installation or update is pending.

The following Registery keys control this error message. If you have rebooted and are still experiencing this issue, clear out these keys and relaunch your installer.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftUpdatesUpdateExeVolatile

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerPendingFileRenameOperations

The Setup MSI displays an error message if one of the following conditions is true:.

The value of the UpdateExeVolatile registry key is anything other than 0.

The PendingFileRenameOperations registry key has any value.

You can read this article about regedit.

http://technet.microsoft.com/en-us/library/cc164360(v=exchg.80).aspx

Assigning Client Access Licenses without EBS Administration Console

This is for any IT Admins out there where the Essential Business Administration Console is no longer launching or has errors on launch. Sadly, Microsoft put the Licensing in this Console only, and no other GUI exists for it. However, that is why Powershell exists, and here is the commands to manage all your CALs in your network.

Here is the step by step:

  1. Open Powershell on Management Server. (Start ->All Programs -> Windows Powershell 1.0)
  2. Type this at command prompt: Add-PsSnapin Microsoft.BusinessServer.Licensing.PowerShell
  3. View current current CAL assigned by typing: Get-CalAssignment
  4. To assign the user bob jenkins (login name: bjenkins) type: Set-Cal -name bjenkins
  5. To remove a cal from bob jenkins type: Clear-Cal -name bjenkins
  6. To Install a Cal Pack type: Install-CalPack insertkeyhere
  7. Get a list of all Cal Packs installed: Get-InstalledCalPack

With these commands you should be able to manage your CALs without having to deal with the GUI problems and general slowness of EBS Admin Console. For a list of all commands go to microsoft’s website at http://technet.microsoft.com/en-us/library/cc940950(v=ws.10).aspx.

Exchange Server on Primary Domain Controller (P-DC) Slow Reboot and Startup

If you had the misfortune of installing Exchange on a Primary Domain Controller you will experience some pain when doing a reboot. Typically it will take 10-15 minutes before it restarts and up to 30 minutes to start the Microsoft Exchange Information Store. What is really happening in the background is the IS service is being terminated incorrectly on shutdown and the store is left in a “DIRTY” shutdown state. This is very bad on several levels and can cause the Store to corrupt and not start at all.

Its a simple fix to make your life much easier and give you peace of mind. All you have to do is shutdown the services before restarting. Below is a script that does it automatically, just plug it into a .cmd or .bat file and run.

@ECHO OFF
ECHO ARE YOU SURE YOU WANT TO RESTART SERVER??
pause

net stop msexchangeadtopology /y
net stop msftesql-exchange /y
net stop msexchangeis /y
net stop msexchangesa /y
net stop iisadmin /y

ECHO DONE STOPING SERVICES REBOOT NOW!
pause

Disable Outlook Anywhere in Group Policy Object (GPO)

By default the standard outlk12.adm templates do not come with a configuration of Outlook Anywhere. You can configure the “Configure Outlook Anywhere user interface options” options to disable or grey out the settings. However, this DOES NOT disable Outlook anywhere, just user interaction with it.

You will need to download a new administrative template that Microsoft released in this hotfix. If you don’t like reading Microsoft’s wonderful support site instructions or Microsoft changes their support site after this blog post, here is the file and instructions paraphrased.

1. Download Add-On Outlook Anywhere Administrative Template here…article-961112 (unzip to reveal article-961112.adm file).
2. In the Group Policy Object Editor add the Article-961112.adm file:
Right-click Administrative Templates and click Add/Remove Templates.
In the Add/Remove Templates dialog box click Add.
In the Policy Templates dialog box locate and select the Article-961112.adm file. Click Open.
Click Close in the Add/Remove Templates dialog box.
3. Under User Configuration in Administrative Templates expand the policy node labeled Article 961112 Policy Settings. (Note: You may see this under Classic Administrative Templates in a sub-menu)
4. Select the Outlook Anywhere (RPC/HTTP) node to list the following policies under the Setting column in the right-pane:

RPC/HTTP Connection Flags -> Set to Enabled -> No Flags
Proxy Server Name -> Do not change
Only Connect if Proxy Server certificate has this principle name -> Do not change
Proxy authentication Setting -> Do not change

5. Double-click each policy to configure the appropriate RPC/HTTP setting for your Outlook clients.

Target Specific People or Computers with Item-Level Targeting in GPOs

Using Group Policy Objects can be a huge time saver, but if used improperly can be a big headache. Once you’ve messed around with GPO settings enough, you quickly figure out that you need to create new GPOs for specific programs, events, etc… that are not all in one GPO. This gives you a lot more flexibility and makes it very easy to track down troublesome GPO related issues when done properly. Now lets say you create a Power Savings GPO that you want to apply only to computers that meet certain conditions. WMI, Security, and Site Filtering are all too broad for this task, and you want to use Item-Level Targeting. After you create your Group Policy Object you will need to add this setting to the GPO.

In Group Policy Management Settings
-User Configuration -> Preferences -> Control Panel -> Regional Options
-Right-Click and Select New
-Navigate to Common Tab
-Check Item-Level Targeting and Press Targeting…

From here you will be able to select tons of critaria that you want to meet for your GPO. This can be system requirements to install a program, or only select certain Operating Systems. You can also add is not tags that will rule out any computer that meet that criteria. The options are limitless and its very easy to incorporate in your GPO. Personally, I never use the often complicated and time consuming WMI Filters anymore.

Disable RSS Feed in Outlook 2007 using GPO (Group Policy Object)

First install the 2007 Office system Administrative Template files (ADM, ADMX, ADML) and Office Customization Tool version 2.0 if you haven’t already done so.

In Group Policy Editor navigate to User Configuration -> Polices -> Administrative Templates -> Microsoft Office Outlook 2007 -> Tools | Account Settings -> RSS Feeds

-Default RSS Feeds -> Set to Disabled
-Synchronize Outlook RSS Feeds with Common Feed List -> Set to Disabled
-Turn off RSS Feature -> Enabled

After all these are set you can reboot the workstations or force a GPO update by using gpupdate /force

By disabling RSS feeds you are cleaning up space on your Exchange store and speeding up your users outlook. I recommend doing this in any business.