Archive

Posts Tagged ‘Windows Server 2008’

Windows Server 2008 RDP v6.x improvements

February 2, 2010 Leave a comment

It has been ages since I’ve updated my blog. I’ve been so busy lately with sorting out my life and working, so I just haven’t had the time. Here are few notes on the new RDP which is in use in Windows Server 2008.

The improvements are quite nice. Video support is now up to 4,096×2,048. Basically users can now use very large monitors to view data off a Windows 2008 Terminal Services system.

There is now multi monitor support. Which means that users can now have multiple monitors supported off a single RDP connection. For example graphical arts or publishing applications, users can view graphical information on one screen and text or something else on another screen at the same time.

The new RDP client provides now highly encrypted remote connection to a Terminal Services system through the use of Windows 2008 security. So organisations who need their data secured can implement highly secured encrypted connections between Windows 2008 Terminal Services and remote client.

-Eric

Advertisements

How to move DHCP db from Windows Server 2003 to Windows Server 2008

September 1, 2009 Leave a comment

On your Windows 2003 Server go Start-> run and type cmd.

Here’s the command to export your db:

netsh dhcp server export C:\dhcpdb.txt all

and press ENTER

On your Windows 2008 server go Start and type cmd right click on it and select Run as Administrator.

Here’s the command to import your db:

netsh dhcp server import C:\dhcpdb.txt all

and press ENTER

Bare in mind that C:\dhcpdb.txt is full path and file name of the database file that you copied to the server.

More information could be find out from this blog.

 

-Eric

How to enable Subject Alternate Name (SAN) support on Windows Server 2008 (Active Directory Certificate Services)

September 1, 2009 1 comment
From the command line on the server which is running Active Directory Certificate Services (AD CS) run:
certutil –setreg policy\SubjectAltName enabled
certutil –setreg policy\SubjectAltName2 enabled
Restart the certificate service
-Eric

From the command line on the server which is running Active Directory Certificate Services (AD CS) run:

certutil –setreg policy\SubjectAltName enabled
certutil –setreg policy\SubjectAltName2 enabled

Now restart the certificate service

-Eric

Exchange 2007 SP1 (CAS, Hub, Mailbox roles and Tools) tips on Windows Server 2008

May 11, 2009 2 comments

Now then, I’m not going to describe here how to install or setup a Windows Server 2008 box with Exchange 2007 SP1. I presume that you already have Windows Server 2008 with Exchange 2007 SP1 running in your organization, maybe even multiple. I just want to go over few things you might need to double check, before saying that your Exchange 2007 SP1 box is ready for a public use. Specially if you are using multiple CAS, HUB, Mailbox servers in your organization and all of them are operating separately. Right, first thing you need to do is Disable IPv6 on your Windows Server 2008 box (as there is no fix for this yet). IPv6 loopback is not listening port 6004. Here’s how you can turn it off:

* Open the Network Connections window and select the network adapter that you are currently using and under properties unselect IPv6 protocol.
* Now open your hosts file which is located in %systemroot%\system32\drivers\etc\ folder:

Look for this line:

::1 localhost

and change it to this:

# ::1 localhost

Also add there your Exchange server HOSTNAME and FQDN. So the hosts file should look like this:

192.168.1.10 exch1.domain.local
192.168.1.10 EXCH1
127.0.0.1 localhost
# ::1 localhost

* The last thing you should do, is edit your registry and disable the IPv6 there. Go down to:

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters

and add a 32-bit D-WORD with the name DisabledComponents, and give it a value ff. It is possible you may need to reboot your server after this.

After this is done, confirm that you have Exchange 2007 SP1 installed with CAS, HUB, Mailbox roles plus the Tools. If you have not yet you might want to install RPC over HTTP. You can do this with the following command: ServerManagerCmd -i RPC-over-HTTP-proxy. If you got several Active Directory sites in your organization and you are not relying on Exchange 2007 to pick the closest Domain Controller, there is a way you can manually force them to use local site DC’s. Here What you need to do:

* Open your regedit on Exchange server and add under:

HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeSA\Parameters\

new multi string value (REG_MULTI_SZ) called NSPI Target Server. Inside it write down your local site Domain Controller(s). Next thing you need to do is go down to your Domain Controller(s) and open up the registry go down to:

HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\

and add the following new multi string value (REG_MULTI_SZ) called NSPI Interface protocol sequences. Inside it write this: ncacn_http:6004, after this is done reboot your Domain Controller(s) and Exchange server.

Now it is time to enable Outlook Anywhere: Enable-OutlookAnywhere -Server exch1.domain.local -DefaultAuthenticationMethod:Basic -SSLOffloading:$false

Next we are going to verify CAS services URLs. First lets verify which URLs we currently are using. Outlook 2007 has a built-in tool for that. It is called Test E-mail Autoconfiguration. We can access it by opening the Outlook 2007 client, holding down the Ctrl key and right-clicking on the Outlook icon located on the systray. In the tool uncheck Use Guessmart and Secure Guessmart Authentication and click on Test. Then we will receive all the current URLs set up for Outlook 2007 clients they are shown on 2 sections:

First is Exchange RPC (internal):

Availability Service: https://exch1.domain.local/EWS/Exchange.asmx
OOF URL: https://exch1.domain.local/EWS/Exchange.asmx
OAB URL: https://exch1.domain.local/OAB/2c00976e-35c9-4e1b-b5bf-5oc2d07de8es
UM URL: https://exch1.domain.local/UnifiedMessaging/Service.asmx

Second is Exchange HTTP (external). Now these URLs might be missing or wrong and these are the ones we will go over:

Availability Service: https://domain.com/EWS/Exchange.asmx
OOF URL: https://domain.com/EWS/Exchange.asmx
OAB URL: https://domain.com/OAB/2c00976e-35c9-4e1b-b5bf-5oc2d07de8es
UM URL: https://domain.com/UnifiedMessaging/Service.asmx

First lets check the autodiscover URL (internal). To see the current URL use the following command:

Get-ClientAccessServer EXCH1 | Select Name, *Internal* | fl

Now if the URL is not what you want it to be use this command to change it:

Set-ClientAccessServer –Identity EXCH1 –AutoDiscoverServiceInternalUri ”https://exch1.domain.local/Autodiscover/Autodiscover.xml”

Now the OAB internal URL:

Get-OABVirtualDirectory –server EXCH1 | Select Name, Identity, *Internal* | fl

Set the new OAB internal URL:

Set-OABVirtualDirectory -Identity “EXCH1\OAB (Default Web Site)” –InternalURL “https://exch1.domain.local/OAB”

And add the external URL as well:

Get-OABVirtualDirectory –server EXCH1 | Select Name, Identity, *External* | fl

Set-OABVirtualDirectory -Identity “EXCH1\OAB (Default Web Site)” –ExternalURL “https://domain.com/OAB”

Next lets go over the web services external URL (as Internal should be ok):

Get-WebServicesVirtualDirectory | Select Name, Identity, *url* | fl

And to add or change it:

Set-WebServicesVirtualDirectory –Identity EXCH1\EWS (Default Web Site)” –ExternalUrl: https://domain.com/EWS/Exchange.asmx

Just in case restart IIS7 (iisreset /noforce) and to confirm that the new URLs are working run the Test E-mail Autoconfiguration tool again.

Now publish your Exchange (if you haven’t already done this) by creating rules in your ISA 2006 SP1 server and you are good to go.

-Eric

Outlook Anywhere bug with Windows Server 2008

April 28, 2009 Leave a comment

There is a bug in Windows Server 2008 when you are using Exchange 2007 Outlook Anywhere (or trying to use). The server is not listening port 6004 over IPv6 loopback and the current suggestion (by community, not official) to fix this is to disable IPv6 all together. I’ve found a pretty good post that describes how to disable IPv6 and install RPC over HTTP, here’s the link.

PS! This should be fixed in Exchange Server 2007 Update Rollup 5

-Eric

Hyper-V Remote Management – Error 0x800704C8

April 28, 2009 Leave a comment

Yesterday I upgraded my MS Windows Server 2003 R2 with Virtual Server 2005 R2 (x64) machine to Windows Server 2008 Server Core /w Hyper-V (x64). Everything went smoothly, the installation, joining with domain and installing MS Firefront Client Security. The problems started when I was trying to create new machines to my Hyper-V server. I did not bother with migrating from old vmc files, so I just created a new machines and added the hard disks later. When I was trying to create my first machine, to my surprise I got an error. It should have been just follow the wizard and press finish thing. but instead I passed all the needed steps, name and location, the amount of memory, network settings, hard disk settings and finally the finish button but instead of getting a nice confirmation that virtual machine was created successfully I got this error:

The server encountered an error while configuring memory on the New Virtual Machine. Wizard Failed in rolling back the created virtual machine. Please delete it manually afterwards.
Failed to add device ‘Microsoft Synthetic Ethernet Port’

The Virtual Machines configuration GUID at ‘C:\Program Data\Microsoft\Windows\Hyper-V’ is no longer accessible: The requested operation cannot be performed on a file with a user-mapped section open. (0x800704C8)

I searched for this error on Google and it looks like this only happens when you have on your Windows Server 2008 Server Server Core /w Hyper-V installed Forefront Client Security. To fix it you need to download a patch. I suggest you to do it manually without using automatic windows update. You can get the patch from here. Just follow these instructions to download it:

1. Go to Microsoft Update Catalog Web site.
2. Type 952265 in the Search box, and then click Search.
3. Click Add to add the hotfix to the basket.
4. Near the search bar at the top, click the view basket link.
5. Click Download.
6. Click Browse, specify the folder to which you want to download the hotfix, and then click OK.
7. Click Continue, and then click I Accept to accept the Microsoft Software License Terms. The hotfix starts to download.
8. Wait until the hotfix is downloaded to the specified location, and then click Close.
9. Find the patch most suitable to your needs (from the catalogue you downloaded it), copy the patch to your Server Core and install it. After that everything should start working like a charm.

-Eric

Automatic Updates on Windows Server 2008 Server Core (and how to do it manually)

April 28, 2009 Leave a comment

Here are the commands which you can use to modify Automatic Updates settings on Server Core installation:

* To view the status of Automatic Updates:
cscript SCregEdit.wsf /AU /v
* Enable Automatic Updates:
cscript SCregEdit.wsf /AU 4
Net stop wuauserv
Net start wuauserv

* Disable Automatic Updates:
cscript SCregEdit.wsf /AU 1
Net stop wuauserv

* Forcing update check:
Wuauclt /detectnow
* Checking which updates are installed:
wmic qfe list

Now how to do it manually? Here are the steps:

1. Copy and pate the following script to NotePad on the Core installation:
Set updateSession = CreateObject(“Microsoft.Update.Session”)
Set updateSearcher = updateSession.CreateupdateSearcher()
WScript.Echo “Searching for updates…” & vbCRLF
Set searchResult = _
updateSearcher.Search(“IsInstalled=0 and Type=’Software'”)
WScript.Echo “List of applicable items on the machine:”
For I = 0 To searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
WScript.Echo I + 1 & “> ” & update.Title
Next
If searchResult.Updates.Count = 0 Then
WScript.Echo “There are no applicable updates.”
WScript.Quit
End If
WScript.Echo vbCRLF & “Creating collection of updates to download:”
Set updatesToDownload = CreateObject(“Microsoft.Update.UpdateColl”)
For I = 0 to searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
WScript.Echo I + 1 & “> adding: ” & update.Title
updatesToDownload.Add(update)
Next
WScript.Echo vbCRLF & “Downloading updates…”
Set downloader = updateSession.CreateUpdateDownloader()
downloader.Updates = updatesToDownload
downloader.Download()
WScript.Echo vbCRLF & “List of downloaded updates:”
For I = 0 To searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
If update.IsDownloaded Then
WScript.Echo I + 1 & “> ” & update.Title
End If
Next
Set updatesToInstall = CreateObject(“Microsoft.Update.UpdateColl”)
WScript.Echo vbCRLF & _
“Creating collection of downloaded updates to install:”
For I = 0 To searchResult.Updates.Count-1
set update = searchResult.Updates.Item(I)
If update.IsDownloaded = true Then
WScript.Echo I + 1 & “> adding: ” & update.Title
updatesToInstall.Add(update)
End If
Next
WScript.Echo vbCRLF & “Would you like to install updates now? (Y/N)”
strInput = WScript.StdIn.Readline
WScript.Echo
If (strInput = “N” or strInput = “n”) Then
WScript.Quit
ElseIf (strInput = “Y” or strInput = “y”) Then
WScript.Echo “Installing updates…”
Set installer = updateSession.CreateUpdateInstaller()
installer.Updates = updatesToInstall
Set installationResult = installer.Install()
‘Output results of install
WScript.Echo “Installation Result: ” & _
installationResult.ResultCode
WScript.Echo “Reboot Required: ” & _
installationResult.RebootRequired & vbCRLF
WScript.Echo “Listing of updates installed ” & _
“and individual installation results:”
For I = 0 to updatesToInstall.Count – 1
WScript.Echo I + 1 & “> ” & _
updatesToInstall.Item(i).Title & _
“: ” & installationResult.GetUpdateResult(i).ResultCode
Next
End If

2. Save the file as WUA_SearchDownloadInstall.vbs.
3. Go to the folder where your WUA script is saved and run:
cscript WUA_SearchDownloadInstall.vbs [Enter]
4. Answer Y to install the found updates, once finished Reboot Required: True flag is raised. If so use the command:
shutdown /r /t 20
Don’t forget to shutdown your running virtual machines first.

-Eric