Damp earth ~ after a summer shower.
Freshly cut timber ~ Sawdust.
smell of vanilla and peaches
Jasmine flowers
coffee
Sauteing ginger garlic paste
Fresh cut grass
Wednesday, January 28, 2009
Tuesday, January 27, 2009
Remove the first exchange server from the organisation
- Replicate all public folders to another server
- Rehome the Offline Address Book folder
- Change the server that is responsible for generating the Offline Address List
- Rehome the Schedule+ Free Busy folder
- Rehome the Organization Forms folder
- Rehome the Recipient Update Service
- Designate another server to be the routing group master
- Create another Site Replication Service (SRS) instance
- Rehome connectors to another server
- Move mailboxes to another server
- Remove the first Exchange Server 2003 computer[using CD]
Thursday, January 22, 2009
Exchange Server 2003 and antivirus software
File-level scanners
File-level scanners are frequently used, and they may be the most problematic for use with Exchange 2003. File-level scanners may be either memory-resident or on-demand:
Memory-resident refers to a part of file-level antivirus software that is loaded in memory at all times. It checks all the files that are used on the hard disk and in computer memory.
On-demand refers to a part of file-level antivirus software that you can configure to scan files on the hard disk either manually or on a schedule. There are versions of antivirus software that start the on-demand scan automatically after virus signatures are updated to make sure that all files are scanned with the latest signatures.The following issues may occur when you use file-level scanners with Exchange 2003:
File-level scanners scan a file when the file is used or at a scheduled interval, and these scanners may lock or quarantine an Exchange log or a database file while Exchange 2003 tries to use the file. This behavior may cause a severe failure in Exchange 2003 and may also generate -1018 errors.
File-level scanners do not provide protection against e-mail viruses such as the Melissa virus.Note The Melissa virus is a Microsoft Word macro virus that can propagate itself through e-mail messages. The virus sends inappropriate e-mail messages to addresses that it finds in personal address books on Microsoft Outlook mail clients. Similar viruses can cause data destruction.Exclude the following folders from both on-demand file-level scanners and memory resident file-level scanners:
Exchange databases and log files across all storage groups. By default, these are located in the Exchsrvr\Mdbdata folder.
Exchange MTA files in the Exchsrvr\Mtadata folder.
Additional log files such as the Exchsrvr\server_name.log directory.
The Exchsrvr\Mailroot virtual server folder.
The working folder that is used to store streaming .tmp files that are used for message conversion. By default, this folder is Exchsrvr\Mdbdata, but the location is configurable. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
822936 (http://support.microsoft.com/kb/822936/ )
File-level scanners are frequently used, and they may be the most problematic for use with Exchange 2003. File-level scanners may be either memory-resident or on-demand:
Memory-resident refers to a part of file-level antivirus software that is loaded in memory at all times. It checks all the files that are used on the hard disk and in computer memory.
On-demand refers to a part of file-level antivirus software that you can configure to scan files on the hard disk either manually or on a schedule. There are versions of antivirus software that start the on-demand scan automatically after virus signatures are updated to make sure that all files are scanned with the latest signatures.The following issues may occur when you use file-level scanners with Exchange 2003:
File-level scanners scan a file when the file is used or at a scheduled interval, and these scanners may lock or quarantine an Exchange log or a database file while Exchange 2003 tries to use the file. This behavior may cause a severe failure in Exchange 2003 and may also generate -1018 errors.
File-level scanners do not provide protection against e-mail viruses such as the Melissa virus.Note The Melissa virus is a Microsoft Word macro virus that can propagate itself through e-mail messages. The virus sends inappropriate e-mail messages to addresses that it finds in personal address books on Microsoft Outlook mail clients. Similar viruses can cause data destruction.Exclude the following folders from both on-demand file-level scanners and memory resident file-level scanners:
Exchange databases and log files across all storage groups. By default, these are located in the Exchsrvr\Mdbdata folder.
Exchange MTA files in the Exchsrvr\Mtadata folder.
Additional log files such as the Exchsrvr\server_name.log directory.
The Exchsrvr\Mailroot virtual server folder.
The working folder that is used to store streaming .tmp files that are used for message conversion. By default, this folder is Exchsrvr\Mdbdata, but the location is configurable. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
822936 (http://support.microsoft.com/kb/822936/ )
Message flow to the local delivery queue is very slow
The temporary folder that is used in conjunction with offline maintenance utilities such as Eseutil.exe. By default, this folder is the location where the .exe file is run from, but you can configure where you run the file from when you run the utility.
Site Replication Service (SRS) files in the Exchsrvr\Srsdata folder.
Microsoft Internet Information Services (IIS) system files in the %SystemRoot%\System32\Inetsrv folder.
The temporary folder that is used in conjunction with offline maintenance utilities such as Eseutil.exe. By default, this folder is the location where the .exe file is run from, but you can configure where you run the file from when you run the utility.
Site Replication Service (SRS) files in the Exchsrvr\Srsdata folder.
Microsoft Internet Information Services (IIS) system files in the %SystemRoot%\System32\Inetsrv folder.
Note :
You may want to exclude the whole Exchsrvr folder from both on-demand file-level scanners and memory-resident file-level scanners.
The Internet Information Services (IIS) 6.0 compression folder that is used with Outlook Web Access 2003. By default, the compression folder in IIS 6.0 is located at %systemroot%\IIS Temporary Compressed Files. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
817442 (http://support.microsoft.com/kb/817442/ ) Antivirus scanning of IIS Compression directory may result in 0-byte file
For clusters, the Quorum disk and the %Winnt%\Cluster folder.
Any messaging antivirus program folders.
The Exchsrvr\Conndata folder.Exclude the folder that contains the checkpoint (.chk) file from memory resident file-level scanners and on-demand file-level scanners.
The Internet Information Services (IIS) 6.0 compression folder that is used with Outlook Web Access 2003. By default, the compression folder in IIS 6.0 is located at %systemroot%\IIS Temporary Compressed Files. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
817442 (http://support.microsoft.com/kb/817442/ ) Antivirus scanning of IIS Compression directory may result in 0-byte file
For clusters, the Quorum disk and the %Winnt%\Cluster folder.
Any messaging antivirus program folders.
The Exchsrvr\Conndata folder.Exclude the folder that contains the checkpoint (.chk) file from memory resident file-level scanners and on-demand file-level scanners.
Many file-level scanners now support scanning processes. This can also adversely affect Exchange. Therefore, you should exclude the following processes from file-level scanners:
Cdb.exe
Cidaemon.exe
Store.exe
Emsmta.exe
Mad.exe
Mssearch.exe
Inetinfo.exe
W3wp.exe
Cdb.exe
Cidaemon.exe
Store.exe
Emsmta.exe
Mad.exe
Mssearch.exe
Inetinfo.exe
W3wp.exe
The information store is dismounted, and an event ID 1159 message is logged in Exchange Server 2003 or in Exchange 2000 Server
In Microsoft Exchange Server 2003 , the information store is dismounted. Additionally, an event that is similar to the following event is logged in the Application log on a server that is running Exchange Server 2003
------------------------
Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 1159
Description: Database error 0xfffffd9a occurred in function JTAB_BASE::EcUpdate while accessing the database "". Note The error code 0xfffffd9a translates to JET_errCheckpointDepthTooDeep
Event Type: Error
Event Source: MSExchangeIS Mailbox
Event Category: Logons
Event ID: 1022
Description: Logon Failure on database Path_of_Database.
Error: -519
------------------------------------
Problem:
This issue occurs if the storage group that is related to the information store contains more than 1008 uncommitted Extensible Storage Engine (ESE) transaction log files. Each ESE storage group has a hard-coded limit of 1024 uncommitted ESE transaction log files. When the number of uncommitted ESE transaction log files in an ESE storage group reaches 1008, Exchange Server 2003 or Exchange 2000 Server starts to dismount all the information stores in the storage group. Additionally, the event ID 1159 message is logged in the Application log.
Cause:
This problem occurs because the Exchange Server has used all the transaction logs that are available to a storage group causing to dismount all the databases that are in the affected storage group there by affecting mail flow.
Users who have mailboxes in this storage group experienced logon failures as we notice the events 1022 in the application log.
The maximum number of transaction log files that can be generated in a single sequence is 1,048,560 (0xFFFF0).
This generally happens when a backup has been started that does not complete for an excessive amount of time.
The backup will put the database into a state where it cannot commit the log files, then since the backup hangs it will eventually reach that limit and dismount the store. When you remount the store, the backup will have failed as a result of the database dismount and the log files will be committed. We need to ensure that no backups run for more than a day, and if one has been running that long cancel it.
Resolution:
To do this, you must move all existing transaction logs to another location. After you do this, a new sequence of log files that starts with 0x00001 is generated.Important Before you move the transaction logs, you must verify that all databases in the storage group are in a Clean Shutdown state. To do this and to reset the log file sequence, follow these steps:
Mark all the databases in the affected storage group to not mount on startup. To do this, follow these steps:
Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
Expand Organization, click Servers, click your server, click Information Store, and then click your storage group.
Right-click your database, and then click Properties.
Click the Database tab.
Click to select the Don't mount this store at start-up check box.
Kill the store to dismount the database that could not be dismounted.To download the latest version of the Debugging Tools for Windows package, visit the following Microsoft Web site:
http://www.microsoft.com/whdc/devtools/debugging/default.mspx (http://www.microsoft.com/whdc/devtools/debugging/default.mspx)
Restart the store so that other storage groups can be mounted.
Run eseutil /r on all the databases that are in the affected storage group.
Verify that the databases were in a Clean Shutdown state. To do this, follow these steps:
In Exchange System Manager, right-click the first store in the storage group that has run out of transaction log files, and then click Properties.
Click the Database tab, and then note the paths and the file names of the database files in the Exchange database box and in the Exchange streaming database box. Each Exchange database is composed of a paired set of files that have the .edb file name extension and the .stm file name extension. Repeat this step for each store in the storage group.
At a command prompt, move to the Exchange Server bin folder. For example, move to the C:\Program Files\Exchsrvr\bin.
Type Eseutil /mh Database_File_Name, and then press ENTER. Repeat this step for each database in the storage group. This command displays the database file header. The header contains one of the following lines:
State: Clean Shutdown
State: Dirty Shutdown
Move logs and checkpoint files to another location in case a recovery is required from an old database. The log files have the .log file name extension. The checkpoint files have the .chk file name extension.
Mount all the databases in the storage group.
Click to clear the Don't mount this store at start-up check box for all the databases in the affected storage group.
The storage group must be backed up when delivery settles down on this computer because you cannot recover log files past the new log file generation point
------------------------
Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 1159
Description: Database error 0xfffffd9a occurred in function JTAB_BASE::EcUpdate while accessing the database "
Event Type: Error
Event Source: MSExchangeIS Mailbox
Event Category: Logons
Event ID: 1022
Description: Logon Failure on database Path_of_Database.
Error: -519
------------------------------------
Problem:
This issue occurs if the storage group that is related to the information store contains more than 1008 uncommitted Extensible Storage Engine (ESE) transaction log files. Each ESE storage group has a hard-coded limit of 1024 uncommitted ESE transaction log files. When the number of uncommitted ESE transaction log files in an ESE storage group reaches 1008, Exchange Server 2003 or Exchange 2000 Server starts to dismount all the information stores in the storage group. Additionally, the event ID 1159 message is logged in the Application log.
Cause:
This problem occurs because the Exchange Server has used all the transaction logs that are available to a storage group causing to dismount all the databases that are in the affected storage group there by affecting mail flow.
Users who have mailboxes in this storage group experienced logon failures as we notice the events 1022 in the application log.
The maximum number of transaction log files that can be generated in a single sequence is 1,048,560 (0xFFFF0).
This generally happens when a backup has been started that does not complete for an excessive amount of time.
The backup will put the database into a state where it cannot commit the log files, then since the backup hangs it will eventually reach that limit and dismount the store. When you remount the store, the backup will have failed as a result of the database dismount and the log files will be committed. We need to ensure that no backups run for more than a day, and if one has been running that long cancel it.
Resolution:
To do this, you must move all existing transaction logs to another location. After you do this, a new sequence of log files that starts with 0x00001 is generated.Important Before you move the transaction logs, you must verify that all databases in the storage group are in a Clean Shutdown state. To do this and to reset the log file sequence, follow these steps:
Mark all the databases in the affected storage group to not mount on startup. To do this, follow these steps:
Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
Expand Organization, click Servers, click your server, click Information Store, and then click your storage group.
Right-click your database, and then click Properties.
Click the Database tab.
Click to select the Don't mount this store at start-up check box.
Kill the store to dismount the database that could not be dismounted.To download the latest version of the Debugging Tools for Windows package, visit the following Microsoft Web site:
http://www.microsoft.com/whdc/devtools/debugging/default.mspx (http://www.microsoft.com/whdc/devtools/debugging/default.mspx)
Restart the store so that other storage groups can be mounted.
Run eseutil /r on all the databases that are in the affected storage group.
Verify that the databases were in a Clean Shutdown state. To do this, follow these steps:
In Exchange System Manager, right-click the first store in the storage group that has run out of transaction log files, and then click Properties.
Click the Database tab, and then note the paths and the file names of the database files in the Exchange database box and in the Exchange streaming database box. Each Exchange database is composed of a paired set of files that have the .edb file name extension and the .stm file name extension. Repeat this step for each store in the storage group.
At a command prompt, move to the Exchange Server bin folder. For example, move to the C:\Program Files\Exchsrvr\bin.
Type Eseutil /mh Database_File_Name, and then press ENTER. Repeat this step for each database in the storage group. This command displays the database file header. The header contains one of the following lines:
State: Clean Shutdown
State: Dirty Shutdown
Move logs and checkpoint files to another location in case a recovery is required from an old database. The log files have the .log file name extension. The checkpoint files have the .chk file name extension.
Mount all the databases in the storage group.
Click to clear the Don't mount this store at start-up check box for all the databases in the affected storage group.
The storage group must be backed up when delivery settles down on this computer because you cannot recover log files past the new log file generation point
Your Exchange Server 2003 computer may stop responding after a MAPI client opens more than the default value of certain server objects
Symptom:
Your Microsoft Exchange Server 2003 computer may stop responding to one or more clients. Additionally, an error message that is similar to the following may be logged in the application event log:
Event ID: 9646
Type: Error
Source: MSExchangeIS
Description:Closing Mapi session "/o=Organization/ou=Administrative Group/cn=Recipients/cn=user" because it exceeded the maximum of 250 objects of type "objMessage".
Solution
In Exchange Server 2003, the number of server-side objects that are allowed by clients is limited to prevent a single client from the exhausting resources on the Exchange server. When the event log error that is mentioned in the "Symptoms" section occurs, it indicates possible poor behavior on behalf of a client opening too many objects or leaving too many objects open on the server. If the event log error occurs, investigate any third-party applications or add-ins that are running on the client. Additionally, investigate the user behavior that is associated with the indicated logon. This will help you better understand why the default number of objects is insufficient. In rare circumstances, the number of resources is insufficient and may be adjusted. However, use caution before you adjust the maximum number of objects that are allowed. When you increase the maximum number of objects of a particular type, you also increase the amount of memory that may be consumed by client requests. Incorrectly configuring this value could lead to out-of-memory warnings or virtual memory fragmentation warnings.You can add a registry key that adjusts the maximum number of resources that a MAPI client can use at the same time. This adjustment overrides the default limit of each server object that is mentioned in the "Cause" section.Note You should only adjust the value for the object type that is referred to in the event log error that is mentioned in the "Symptoms" section. You should adjust these values with caution, and only increase the value in small increments. For example, only adjust the value by 100.
Steps :
To add a registry key that limits the maximum number of resources that a MAPI client can use at the same time, follow these steps:
Click Start, click run, type regedit, and then click OK.
Expand the following registry subkey:
\\HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Right-click ParametersSystem, point to New, and then click Key.
Type MaxObjsPerMapiSession, and then press ENTER to name the new subkey.
Right-click MaxObjsPerMapiSession, click New, and then click DWORD Value.
Type Object_type, and then press ENTER to name the object.Note Object_type is the name of the object type in the error message that is mentioned in the "Symptoms" section. For example, type objtMessage, and then press ENTER.
Right-click Object_type, and then click Modify.
In the Value data box, type the number of objects that you want to limit this entry to, and then click OK. For example, type 350 to increase the value for the objtMessage object. The default value is 250.
Your Microsoft Exchange Server 2003 computer may stop responding to one or more clients. Additionally, an error message that is similar to the following may be logged in the application event log:
Event ID: 9646
Type: Error
Source: MSExchangeIS
Description:Closing Mapi session "/o=Organization/ou=Administrative Group/cn=Recipients/cn=user" because it exceeded the maximum of 250 objects of type "objMessage".
Solution
In Exchange Server 2003, the number of server-side objects that are allowed by clients is limited to prevent a single client from the exhausting resources on the Exchange server. When the event log error that is mentioned in the "Symptoms" section occurs, it indicates possible poor behavior on behalf of a client opening too many objects or leaving too many objects open on the server. If the event log error occurs, investigate any third-party applications or add-ins that are running on the client. Additionally, investigate the user behavior that is associated with the indicated logon. This will help you better understand why the default number of objects is insufficient. In rare circumstances, the number of resources is insufficient and may be adjusted. However, use caution before you adjust the maximum number of objects that are allowed. When you increase the maximum number of objects of a particular type, you also increase the amount of memory that may be consumed by client requests. Incorrectly configuring this value could lead to out-of-memory warnings or virtual memory fragmentation warnings.You can add a registry key that adjusts the maximum number of resources that a MAPI client can use at the same time. This adjustment overrides the default limit of each server object that is mentioned in the "Cause" section.Note You should only adjust the value for the object type that is referred to in the event log error that is mentioned in the "Symptoms" section. You should adjust these values with caution, and only increase the value in small increments. For example, only adjust the value by 100.
Steps :
To add a registry key that limits the maximum number of resources that a MAPI client can use at the same time, follow these steps:
Click Start, click run, type regedit, and then click OK.
Expand the following registry subkey:
\\HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Right-click ParametersSystem, point to New, and then click Key.
Type MaxObjsPerMapiSession, and then press ENTER to name the new subkey.
Right-click MaxObjsPerMapiSession, click New, and then click DWORD Value.
Type Object_type, and then press ENTER to name the object.Note Object_type is the name of the object type in the error message that is mentioned in the "Symptoms" section. For example, type objtMessage, and then press ENTER.
Right-click Object_type, and then click Modify.
In the Value data box, type the number of objects that you want to limit this entry to, and then click OK. For example, type 350 to increase the value for the objtMessage object. The default value is 250.
Troubleshoot virtual memory fragmentation in Exchange Server 2003
Overview
Virtual memory fragmentation is a condition where virtual memory is available for a process, but none of the virtual memory blocks that are available are of a significant size. Memory fragmentation occurs over time because of the varying size of memory allocations and the varying lifetimes of each allocation. When you scale a server to handle more users and larger loads, the server may run low on virtual memory in the Microsoft Exchange Information Store process (Store.exe). When this issue occurs, event ID 9582 events are logged to the application event log. In some cases, event ID 9582 events do not indicate a problem with the virtual memory on the server, and the events can be ignored. However, in other situations, the lack of virtual memory may result in message-processing errors (indicated by event ID 12800 events) and decreased performance. If left unchecked, virtual memory fragmentation can result in severe performance degradation and unexpected behaviors. There is virtually no correlation between the amount of physical random access memory (RAM) that is installed in the computer and the amount of virtual memory. Because of this, you cannot resolve low virtual memory issues by adding more physical RAM. Additionally, virtual memory errors and virtual memory fragmentation issues are not limited to Active/Active server clusters. These issues also occur on Active/Passive server clusters and on stand-alone servers that are running Exchange 2003 or Exchange 2000.Note Virtual memory issues are more prevalent in a clustered Exchange 2003 configuration or a clustered Exchange 2000 configuration because these environments are typically used to scale Exchange to host multiple thousands of users together with multiple storage groups and multiple messaging databases.
Virtual memory fragmentation is a condition where virtual memory is available for a process, but none of the virtual memory blocks that are available are of a significant size. Memory fragmentation occurs over time because of the varying size of memory allocations and the varying lifetimes of each allocation. When you scale a server to handle more users and larger loads, the server may run low on virtual memory in the Microsoft Exchange Information Store process (Store.exe). When this issue occurs, event ID 9582 events are logged to the application event log. In some cases, event ID 9582 events do not indicate a problem with the virtual memory on the server, and the events can be ignored. However, in other situations, the lack of virtual memory may result in message-processing errors (indicated by event ID 12800 events) and decreased performance. If left unchecked, virtual memory fragmentation can result in severe performance degradation and unexpected behaviors. There is virtually no correlation between the amount of physical random access memory (RAM) that is installed in the computer and the amount of virtual memory. Because of this, you cannot resolve low virtual memory issues by adding more physical RAM. Additionally, virtual memory errors and virtual memory fragmentation issues are not limited to Active/Active server clusters. These issues also occur on Active/Passive server clusters and on stand-alone servers that are running Exchange 2003 or Exchange 2000.Note Virtual memory issues are more prevalent in a clustered Exchange 2003 configuration or a clustered Exchange 2000 configuration because these environments are typically used to scale Exchange to host multiple thousands of users together with multiple storage groups and multiple messaging databases.
Events:
Source: MSExchangeISCategory:
PerformanceID: 9582
Type: Warning
Description: The virtual memory necessary to run your Exchange server is fragmented in such a way that performance may be affected. It is highly recommended that you restart all Exchange services to correct this issue.
Action:
Prepare and perform the steps to shut down and then restart the server in the next 36 to 72 hours.
To determine the rate of decay, use the Performance Logs and Alerts tool to monitor the following counter for the MSExchangeIS performance object:
VM Total Large Free Block BytesUse this data to help you plan an appropriate time (in the next 36 to 72 hours) to shut down and then restart the server.
Prepare and perform the steps to shut down and then restart the server in the next 36 to 72 hours.
To determine the rate of decay, use the Performance Logs and Alerts tool to monitor the following counter for the MSExchangeIS performance object:
VM Total Large Free Block BytesUse this data to help you plan an appropriate time (in the next 36 to 72 hours) to shut down and then restart the server.
When an Exchange server has less than 16 MB of free contiguous virtual address space, the following error message is logged to the application event log:
Source: MSExchangeIS
Category: PerformanceID: 9582
Type: Error
Description: The virtual memory necessary to run your Exchange server is fragmented in such a way that performance may be affected. It is highly recommended that you restart all Exchange services to correct this issue.
At this level of virtual memory fragmentation, the Store.exe process cannot create additional heaps and cannot correctly mount and dismount storage groups. If the VM Largest Block Size counter is below 10 MB, the storage groups do not mount. When an event ID 9582 error message is logged, prepare to shut down and restart the server at the next opportunity. For example, shut down and then restart the server that evening or the next morning. By doing so, you may help prevent performance issues that may occur during peak usage times. When you shut down and then restart the server to clear virtual memory fragmentation, there are additional considerations when Exchange 2000 Server is configured in a clustered environment. When you move cluster resources from one node to another node, this process does not ensure a "clean" virtual memory address space. If cluster resources are owned by the destination cluster node, and the cluster resources are moved to the passive node (without first restarting the destination node), you may experience virtual memory fragmentation on the passive node. To avoid this situation, and to clear memory fragmentation in an Exchange 2000 Server clustered environment, follow these steps:
Restart the passive node before you move cluster resources to it. This step helps to make sure that the cluster resources are moved to a server that has a "clean" virtual memory address space.
Move the cluster resources to the passive node.
Restart the node that previously owned the cluster resources.Note Exchange Server 2003 restarts the Store.exe service automatically after the resource records have been moved to a different node in the cluster to reset the Store.exe address space on that node. Therefore, the next time that the Exchange virtual server is moved back to the passive node, the Store.exe is operating with a "clean" address space.
Restart the passive node before you move cluster resources to it. This step helps to make sure that the cluster resources are moved to a server that has a "clean" virtual memory address space.
Move the cluster resources to the passive node.
Restart the node that previously owned the cluster resources.Note Exchange Server 2003 restarts the Store.exe service automatically after the resource records have been moved to a different node in the cluster to reset the Store.exe address space on that node. Therefore, the next time that the Exchange virtual server is moved back to the passive node, the Store.exe is operating with a "clean" address space.
Events are logged in the system event log, and you cannot bring a network resource online by using Cluster Administrator in Windows Server 2003, Enter
You cannot bring a network resource online on a computer that is running Microsoft Windows Server 2003, Enterprise Edition .
Event Type: Warning
Event Source: ClusSvc
Event Category: (19)
Event ID: 1119
Date: 5/13/2004
Time: 10:09:44 AM
Computer: Server Name
Description: The registration of DNS name ServerName.DomainName.com for resource NetworkName over adapter NetworkConnectionName failed for the following reason: DNS signature failed to verify. For more information, see Help and Support Center at http://support.microsoft.com. Data: 0000: 00002338
Event Type: Error
Event Source: ClusSvc
Event Category: (19)
Event ID: 1196
Date: 5/13/2004
Time: 10:09:44 AM
Computer: ServerName
Description: The required registration of the DNS name(s) associated with Cluster resource NetworkName failed for the following reason: DNS signature failed to verify. Please check with your network adminstrator for the best recovery action. For more information, see Help and Support Center at http://support.microsoft.com.
Event Type: Error
Event Source: ClusSvc
Event Category: (3)
Event ID: 1069
Date: 5/13/2004
Time: 10:09:44 AM
Computer: ServerName
Description: Cluster resource ResourceName in Resource Group GroupName failed. For more information, see Help and Support Center at http://support.microsoft.com.
Work around: (Ref KB 871111)
To work around this issue, use the Cluster command-line utility to set the "DNS Registration Must Succeed" private property to "Not Required." To do this, follow these steps:
Start Cluster Administrator.
To do this, click Start, point to Programs, point to Administrative Tools, and then click Cluster Administrator.
Right-click the corresponding Network Name resource, and then click Take offline.
Open a command prompt on one of the cluster nodes, and then type the following command:
cluster res "network name resource" /priv requiredns=0
In Cluster Administrator, right-click the cluster resource, and then click Bring Online.
Monitor for errors in the logs. This activity requires downtime.
Event Type: Warning
Event Source: ClusSvc
Event Category: (19)
Event ID: 1119
Date: 5/13/2004
Time: 10:09:44 AM
Computer: Server Name
Description: The registration of DNS name ServerName.DomainName.com for resource NetworkName over adapter NetworkConnectionName failed for the following reason: DNS signature failed to verify. For more information, see Help and Support Center at http://support.microsoft.com. Data: 0000: 00002338
Event Type: Error
Event Source: ClusSvc
Event Category: (19)
Event ID: 1196
Date: 5/13/2004
Time: 10:09:44 AM
Computer: ServerName
Description: The required registration of the DNS name(s) associated with Cluster resource NetworkName failed for the following reason: DNS signature failed to verify. Please check with your network adminstrator for the best recovery action. For more information, see Help and Support Center at http://support.microsoft.com.
Event Type: Error
Event Source: ClusSvc
Event Category: (3)
Event ID: 1069
Date: 5/13/2004
Time: 10:09:44 AM
Computer: ServerName
Description: Cluster resource ResourceName in Resource Group GroupName failed. For more information, see Help and Support Center at http://support.microsoft.com.
Work around: (Ref KB 871111)
To work around this issue, use the Cluster command-line utility to set the "DNS Registration Must Succeed" private property to "Not Required." To do this, follow these steps:
Start Cluster Administrator.
To do this, click Start, point to Programs, point to Administrative Tools, and then click Cluster Administrator.
Right-click the corresponding Network Name resource, and then click Take offline.
Open a command prompt on one of the cluster nodes, and then type the following command:
cluster res "network name resource" /priv requiredns=0
In Cluster Administrator, right-click the cluster resource, and then click Bring Online.
Monitor for errors in the logs. This activity requires downtime.
Wednesday, January 21, 2009
Reading
Active Directory 101 Do's and Don'ts
How to Ensure Simpler Microsoft Exchange High Availability
Exchange E-mail Addresses and the Outlook Address Cache
Exchange: Recovery Storage Groups
Missing Drafts folder in Outlook 2007: Found again with MFCMAPI
Ahead of the Curve: Feed Outlook with News You Want
Spammers To Target Job-Hunting, Networking Sites in 2009
Can CAN-SPAM can spam?
Exchange 2007 security
EMS TitBit: Search/Find Email Addresses
Summarize MailStore growth and whitespace by Storage Group and growth exception reporting
Making Sense of the Messaging and Collaboration Market
Getting started with Exchange 2007 Performance monitoring and Windows 2008
Exchange: Find Disabled Accounts with Mailboxes Via PowerShell
How to Reset Virtual Directories Exchange 2007
Managing exchange certificates (Part 2)
GroupWise to Exchange 2007 Migration - Common Q & A
The Case of the Missing E-Mail Addresses Tab
Exchange 14 and the Cloud
Entourage, Meet Exchange Web Services: Entourage For Exchange Web Services is Live!
Announcing the SP1 Release for System Center Data Protection Manager 2007
Should You Virtualize Your Exchange 2007 SP1 Environment?
Top 10 Spam Stories of 2008
Hate Microsoft Outlook? Top 10 annoyances and how to fix them
How to Move the SMTP Queue in Exchange 2007
Top 10 Microsoft Exchange Server tips of 2008
Top 5 Outlook Web Access (OWA) tips of 2008
Modifying AD accounts with Powershell after an Exchange 2003 dial-tone restore
Transport Rules: Adding a disclaimer
Bayesian spam filtering with Exchange Server 2007
Managing whitelists and blocklists for Exchange Server environments
Why you need Active Directory for Exchange Server 2007
Exchange 14 Announced
HOWTO: Sample Transport Agent – Add Headers, Categories, MAPI Props, Even Uses a Fork!
EdgeSync, have a look at the synchronized data
Managing Exchange Server 2007 Log Files (Part 1)
Exchange Server 2007 SPAM filtering features without using Exchange Server 2007 Edge Server
How to configure Helpdesk mailbox and delegate send behalf of rights to Distribution Group
How to Export User mailboxes and its size into Excel spreadsheet
Exchange 14 (Exchange Labs)
Windows Live Hotmail to get POP3 access this year?
Backing up Exchange 2007 on Windows 2008
Exchange 2007 Mailbox Growth
Volume Shadow Copy Services (VSS) and Exchange - The Basics
Living in Outlook: Making AutoCorrect Work for You
Disabling POP3 and IMAP Monitoring for Exchange 2007
70,000% Increase In Beta Testing For Upcoming Microsoft Exchange Release
Microsoft Taps Schools To Test Exchange 14
3.5 Million Already Testing Next Version Of Microsoft Exchange
Au contraire: Exchange's lead over Notes actually 'getting bigger and bigger,' says Gartner
What is Exchange 2007's Last Log Resilience?
Can I seed a cluster continuous replication passive copy from a backup?
Missing Drafts folder in Outlook 2007
Moving Exchange into the cloud with Exchange Online
Exchange 2007 and Windows 2008: Offline Exchange Backup
End of Life Extension for Sybari Antigen 8.0
Living in Outlook: Effectively Tracking Conversations with Flags
OWA authentication and its affect on OWA functionality
How to set the msExchQueryBaseDN attribute for users via powershell
Rollup Update Logging
A Practical Look at Migrating From Exchange 2003 to Exchange 2007 (Part 1)
Monitoring Exchange 2007 With System Center Operations Manager 2007 (Part 3)
Applying Exchange Rollup Update to a cluster
Unified Communications Tips and Tricks Flashcards for End-Users
Using Windows Mobile Emulator 6.1 to test your Exchange deployment
Testing Exchange Server Remote Connectivity the Easy Way
Exchange Server 2003 Intelligent Message Filter update
Why isn't virtualization supported for the Exchange Server 2007 Unified Messaging (UM) server role?
Disable Outlook's address-autocomplete feature
Exchange Web Services Push Notifications Simplified
Part 11 - I used to do it this way… Now how do I do it? Administering Exchange 2003 vs. Exchange 2007
Exchange Server Acronyms
Exchange Free / Busy
Exchange 2007 Toolbox Shortcuts
Troubleshooting Outlook Web Access Logon Failures in Exchange Server 2007
I am not in the office at the moment...
How to Ensure Simpler Microsoft Exchange High Availability
Exchange E-mail Addresses and the Outlook Address Cache
Exchange: Recovery Storage Groups
Missing Drafts folder in Outlook 2007: Found again with MFCMAPI
Ahead of the Curve: Feed Outlook with News You Want
Spammers To Target Job-Hunting, Networking Sites in 2009
Can CAN-SPAM can spam?
Exchange 2007 security
EMS TitBit: Search/Find Email Addresses
Summarize MailStore growth and whitespace by Storage Group and growth exception reporting
Making Sense of the Messaging and Collaboration Market
Getting started with Exchange 2007 Performance monitoring and Windows 2008
Exchange: Find Disabled Accounts with Mailboxes Via PowerShell
How to Reset Virtual Directories Exchange 2007
Managing exchange certificates (Part 2)
GroupWise to Exchange 2007 Migration - Common Q & A
The Case of the Missing E-Mail Addresses Tab
Exchange 14 and the Cloud
Entourage, Meet Exchange Web Services: Entourage For Exchange Web Services is Live!
Announcing the SP1 Release for System Center Data Protection Manager 2007
Should You Virtualize Your Exchange 2007 SP1 Environment?
Top 10 Spam Stories of 2008
Hate Microsoft Outlook? Top 10 annoyances and how to fix them
How to Move the SMTP Queue in Exchange 2007
Top 10 Microsoft Exchange Server tips of 2008
Top 5 Outlook Web Access (OWA) tips of 2008
Modifying AD accounts with Powershell after an Exchange 2003 dial-tone restore
Transport Rules: Adding a disclaimer
Bayesian spam filtering with Exchange Server 2007
Managing whitelists and blocklists for Exchange Server environments
Why you need Active Directory for Exchange Server 2007
Exchange 14 Announced
HOWTO: Sample Transport Agent – Add Headers, Categories, MAPI Props, Even Uses a Fork!
EdgeSync, have a look at the synchronized data
Managing Exchange Server 2007 Log Files (Part 1)
Exchange Server 2007 SPAM filtering features without using Exchange Server 2007 Edge Server
How to configure Helpdesk mailbox and delegate send behalf of rights to Distribution Group
How to Export User mailboxes and its size into Excel spreadsheet
Exchange 14 (Exchange Labs)
Windows Live Hotmail to get POP3 access this year?
Backing up Exchange 2007 on Windows 2008
Exchange 2007 Mailbox Growth
Volume Shadow Copy Services (VSS) and Exchange - The Basics
Living in Outlook: Making AutoCorrect Work for You
Disabling POP3 and IMAP Monitoring for Exchange 2007
70,000% Increase In Beta Testing For Upcoming Microsoft Exchange Release
Microsoft Taps Schools To Test Exchange 14
3.5 Million Already Testing Next Version Of Microsoft Exchange
Au contraire: Exchange's lead over Notes actually 'getting bigger and bigger,' says Gartner
What is Exchange 2007's Last Log Resilience?
Can I seed a cluster continuous replication passive copy from a backup?
Missing Drafts folder in Outlook 2007
Moving Exchange into the cloud with Exchange Online
Exchange 2007 and Windows 2008: Offline Exchange Backup
End of Life Extension for Sybari Antigen 8.0
Living in Outlook: Effectively Tracking Conversations with Flags
OWA authentication and its affect on OWA functionality
How to set the msExchQueryBaseDN attribute for users via powershell
Rollup Update Logging
A Practical Look at Migrating From Exchange 2003 to Exchange 2007 (Part 1)
Monitoring Exchange 2007 With System Center Operations Manager 2007 (Part 3)
Applying Exchange Rollup Update to a cluster
Unified Communications Tips and Tricks Flashcards for End-Users
Using Windows Mobile Emulator 6.1 to test your Exchange deployment
Testing Exchange Server Remote Connectivity the Easy Way
Exchange Server 2003 Intelligent Message Filter update
Why isn't virtualization supported for the Exchange Server 2007 Unified Messaging (UM) server role?
Disable Outlook's address-autocomplete feature
Exchange Web Services Push Notifications Simplified
Part 11 - I used to do it this way… Now how do I do it? Administering Exchange 2003 vs. Exchange 2007
Exchange Server Acronyms
Exchange Free / Busy
Exchange 2007 Toolbox Shortcuts
Troubleshooting Outlook Web Access Logon Failures in Exchange Server 2007
I am not in the office at the moment...
Reading
Active Directory 101 Do's and Don'ts
How to Ensure Simpler Microsoft Exchange High Availability
Exchange E-mail Addresses and the Outlook Address Cache
Exchange: Recovery Storage Groups
Missing Drafts folder in Outlook 2007: Found again with MFCMAPI
Ahead of the Curve: Feed Outlook with News You Want
Spammers To Target Job-Hunting, Networking Sites in 2009
Can CAN-SPAM can spam?
Exchange 2007 security
EMS TitBit: Search/Find Email Addresses
Summarize MailStore growth and whitespace by Storage Group and growth exception reporting
Making Sense of the Messaging and Collaboration Market
Getting started with Exchange 2007 Performance monitoring and Windows 2008
Exchange: Find Disabled Accounts with Mailboxes Via PowerShell
How to Reset Virtual Directories Exchange 2007
Managing exchange certificates (Part 2)
GroupWise to Exchange 2007 Migration - Common Q & A
The Case of the Missing E-Mail Addresses Tab
Exchange 14 and the Cloud
Entourage, Meet Exchange Web Services: Entourage For Exchange Web Services is Live!
Announcing the SP1 Release for System Center Data Protection Manager 2007
Should You Virtualize Your Exchange 2007 SP1 Environment?
Top 10 Spam Stories of 2008
Hate Microsoft Outlook? Top 10 annoyances and how to fix them
How to Move the SMTP Queue in Exchange 2007
Top 10 Microsoft Exchange Server tips of 2008
Top 5 Outlook Web Access (OWA) tips of 2008
Modifying AD accounts with Powershell after an Exchange 2003 dial-tone restore
Transport Rules: Adding a disclaimer
Bayesian spam filtering with Exchange Server 2007
Managing whitelists and blocklists for Exchange Server environments
Why you need Active Directory for Exchange Server 2007
Exchange 14 Announced
HOWTO: Sample Transport Agent – Add Headers, Categories, MAPI Props, Even Uses a Fork!
EdgeSync, have a look at the synchronized data
Managing Exchange Server 2007 Log Files (Part 1)
Exchange Server 2007 SPAM filtering features without using Exchange Server 2007 Edge Server
How to configure Helpdesk mailbox and delegate send behalf of rights to Distribution Group
How to Export User mailboxes and its size into Excel spreadsheet
Exchange 14 (Exchange Labs)
Windows Live Hotmail to get POP3 access this year?
Backing up Exchange 2007 on Windows 2008
Exchange 2007 Mailbox Growth
Volume Shadow Copy Services (VSS) and Exchange - The Basics
Living in Outlook: Making AutoCorrect Work for You
Disabling POP3 and IMAP Monitoring for Exchange 2007
70,000% Increase In Beta Testing For Upcoming Microsoft Exchange Release
Microsoft Taps Schools To Test Exchange 14
3.5 Million Already Testing Next Version Of Microsoft Exchange
Au contraire: Exchange's lead over Notes actually 'getting bigger and bigger,' says Gartner
What is Exchange 2007's Last Log Resilience?
Can I seed a cluster continuous replication passive copy from a backup?
Missing Drafts folder in Outlook 2007
Moving Exchange into the cloud with Exchange Online
Exchange 2007 and Windows 2008: Offline Exchange Backup
End of Life Extension for Sybari Antigen 8.0
Living in Outlook: Effectively Tracking Conversations with Flags
OWA authentication and its affect on OWA functionality
How to set the msExchQueryBaseDN attribute for users via powershell
Rollup Update Logging
A Practical Look at Migrating From Exchange 2003 to Exchange 2007 (Part 1)
Monitoring Exchange 2007 With System Center Operations Manager 2007 (Part 3)
Applying Exchange Rollup Update to a cluster
Unified Communications Tips and Tricks Flashcards for End-Users
Using Windows Mobile Emulator 6.1 to test your Exchange deployment
Testing Exchange Server Remote Connectivity the Easy Way
Exchange Server 2003 Intelligent Message Filter update
Why isn't virtualization supported for the Exchange Server 2007 Unified Messaging (UM) server role?
Disable Outlook's address-autocomplete feature
Exchange Web Services Push Notifications Simplified
Part 11 - I used to do it this way… Now how do I do it? Administering Exchange 2003 vs. Exchange 2007
Exchange Server Acronyms
Exchange Free / Busy
Exchange 2007 Toolbox Shortcuts
Troubleshooting Outlook Web Access Logon Failures in Exchange Server 2007
I am not in the office at the moment...
How to Ensure Simpler Microsoft Exchange High Availability
Exchange E-mail Addresses and the Outlook Address Cache
Exchange: Recovery Storage Groups
Missing Drafts folder in Outlook 2007: Found again with MFCMAPI
Ahead of the Curve: Feed Outlook with News You Want
Spammers To Target Job-Hunting, Networking Sites in 2009
Can CAN-SPAM can spam?
Exchange 2007 security
EMS TitBit: Search/Find Email Addresses
Summarize MailStore growth and whitespace by Storage Group and growth exception reporting
Making Sense of the Messaging and Collaboration Market
Getting started with Exchange 2007 Performance monitoring and Windows 2008
Exchange: Find Disabled Accounts with Mailboxes Via PowerShell
How to Reset Virtual Directories Exchange 2007
Managing exchange certificates (Part 2)
GroupWise to Exchange 2007 Migration - Common Q & A
The Case of the Missing E-Mail Addresses Tab
Exchange 14 and the Cloud
Entourage, Meet Exchange Web Services: Entourage For Exchange Web Services is Live!
Announcing the SP1 Release for System Center Data Protection Manager 2007
Should You Virtualize Your Exchange 2007 SP1 Environment?
Top 10 Spam Stories of 2008
Hate Microsoft Outlook? Top 10 annoyances and how to fix them
How to Move the SMTP Queue in Exchange 2007
Top 10 Microsoft Exchange Server tips of 2008
Top 5 Outlook Web Access (OWA) tips of 2008
Modifying AD accounts with Powershell after an Exchange 2003 dial-tone restore
Transport Rules: Adding a disclaimer
Bayesian spam filtering with Exchange Server 2007
Managing whitelists and blocklists for Exchange Server environments
Why you need Active Directory for Exchange Server 2007
Exchange 14 Announced
HOWTO: Sample Transport Agent – Add Headers, Categories, MAPI Props, Even Uses a Fork!
EdgeSync, have a look at the synchronized data
Managing Exchange Server 2007 Log Files (Part 1)
Exchange Server 2007 SPAM filtering features without using Exchange Server 2007 Edge Server
How to configure Helpdesk mailbox and delegate send behalf of rights to Distribution Group
How to Export User mailboxes and its size into Excel spreadsheet
Exchange 14 (Exchange Labs)
Windows Live Hotmail to get POP3 access this year?
Backing up Exchange 2007 on Windows 2008
Exchange 2007 Mailbox Growth
Volume Shadow Copy Services (VSS) and Exchange - The Basics
Living in Outlook: Making AutoCorrect Work for You
Disabling POP3 and IMAP Monitoring for Exchange 2007
70,000% Increase In Beta Testing For Upcoming Microsoft Exchange Release
Microsoft Taps Schools To Test Exchange 14
3.5 Million Already Testing Next Version Of Microsoft Exchange
Au contraire: Exchange's lead over Notes actually 'getting bigger and bigger,' says Gartner
What is Exchange 2007's Last Log Resilience?
Can I seed a cluster continuous replication passive copy from a backup?
Missing Drafts folder in Outlook 2007
Moving Exchange into the cloud with Exchange Online
Exchange 2007 and Windows 2008: Offline Exchange Backup
End of Life Extension for Sybari Antigen 8.0
Living in Outlook: Effectively Tracking Conversations with Flags
OWA authentication and its affect on OWA functionality
How to set the msExchQueryBaseDN attribute for users via powershell
Rollup Update Logging
A Practical Look at Migrating From Exchange 2003 to Exchange 2007 (Part 1)
Monitoring Exchange 2007 With System Center Operations Manager 2007 (Part 3)
Applying Exchange Rollup Update to a cluster
Unified Communications Tips and Tricks Flashcards for End-Users
Using Windows Mobile Emulator 6.1 to test your Exchange deployment
Testing Exchange Server Remote Connectivity the Easy Way
Exchange Server 2003 Intelligent Message Filter update
Why isn't virtualization supported for the Exchange Server 2007 Unified Messaging (UM) server role?
Disable Outlook's address-autocomplete feature
Exchange Web Services Push Notifications Simplified
Part 11 - I used to do it this way… Now how do I do it? Administering Exchange 2003 vs. Exchange 2007
Exchange Server Acronyms
Exchange Free / Busy
Exchange 2007 Toolbox Shortcuts
Troubleshooting Outlook Web Access Logon Failures in Exchange Server 2007
I am not in the office at the moment...
Friday, January 16, 2009
How Exchange 2007 Uses Active Directory
Examine Your Topology
Take time to assess your current environment and to document the topology-not only Exchange but also your Active Directory® environment. You'll probably be pleased to know that Exchange 2007 has done away with link state routing and the topology based on routing groups and connectors. Instead, Exchange 2007 takes advantage of the investment your organization has already made in designing the Active Directory topology. As a result, all Exchange recipient and configuration data is stored in Active Directory, the routing topology is derived from the Active Directory site configuration, and all server roles will use site awareness to discover the services running on other server roles. Make sure that the current Active Directory site topology truly leverages the underlying physical network and that all Active Directory sites have associated subnets, then document the existing Active Directory sites and IP site links. Also document where all of your Exchange 2003 servers are physically located, and the routing group and routing group connector structure. This is the trickiest part of the transition process: moving from an Exchange routing infrastructure based on routing groups to a routing infrastructure based on Active Directory sites. For a small organization, it's generally a simple process. But a large organization with many routing groups will need to plan carefully for an interim phase when Exchange 2003 and Exchange 2007 are coexisting. The last thing you want is to end up having a message sent to your Exchange 2003 mailbox from the Exchange 2007 user across the hall routed through some remote routing group over a low bandwidth connection. Let's start by making some assumptions about your current topology: The Exchange 2003 organization is running in native mode. You have more than one routing group. You have more than one Active Directory site.
Figure:diagrams an Exchange and Active Directory topology.
Take time to assess your current environment and to document the topology-not only Exchange but also your Active Directory® environment. You'll probably be pleased to know that Exchange 2007 has done away with link state routing and the topology based on routing groups and connectors. Instead, Exchange 2007 takes advantage of the investment your organization has already made in designing the Active Directory topology. As a result, all Exchange recipient and configuration data is stored in Active Directory, the routing topology is derived from the Active Directory site configuration, and all server roles will use site awareness to discover the services running on other server roles. Make sure that the current Active Directory site topology truly leverages the underlying physical network and that all Active Directory sites have associated subnets, then document the existing Active Directory sites and IP site links. Also document where all of your Exchange 2003 servers are physically located, and the routing group and routing group connector structure. This is the trickiest part of the transition process: moving from an Exchange routing infrastructure based on routing groups to a routing infrastructure based on Active Directory sites. For a small organization, it's generally a simple process. But a large organization with many routing groups will need to plan carefully for an interim phase when Exchange 2003 and Exchange 2007 are coexisting. The last thing you want is to end up having a message sent to your Exchange 2003 mailbox from the Exchange 2007 user across the hall routed through some remote routing group over a low bandwidth connection. Let's start by making some assumptions about your current topology: The Exchange 2003 organization is running in native mode. You have more than one routing group. You have more than one Active Directory site.
Figure:diagrams an Exchange and Active Directory topology.
How Exchange 2007 Uses Active Directory
When an Exchange 2007 server starts, it is stamped with a site attribute that helps other Exchange 2007 servers locate the services provided by that server. Only the Hub Transport server can use SMTP to transport a message within the organization. Each Active Directory site that contains a Mailbox server must also contain a Hub Transport server and, if the mailbox users access their mailbox by using any non-MAPI method, each site must also contain a Client Access server. Any time that a message needs to be processed for delivery, it will pass through a Hub Transport server, which will make a decision about how the message should be routed. If the message is destined for a Mailbox server in the same Active Directory site as the Hub Transport server, the Hub Transport server will deliver the message to the mailbox. If the message is destined for a Mailbox server that's in a different site, the Hub Transport server will relay the message directly to a Hub Transport server in the remote site.
The Hub Transport server uses the Active Directory IP site link cost information to calculate the lowest-cost route to the Active Directory site where the recipient mailbox is located. The route selection algorithm is very similar to Exchange 2003, but it's based on IP site link costs instead of routing group connector costs. Moreover, the message does not stop at each Hub Transport server along the way. It goes directly from source to destination. So why does it bother to calculate the lowest-cost route if it's relying on the IP network to transport the message? There are a couple of reasons. One is to delay message bifurcation. A message that is being sent to more than one recipient may need to be delivered to Mailbox servers in more than one Active Directory site. Rather than bifurcate, or split, the message at the first Hub Transport server, Exchange 2007 will not split the message until it reaches a fork in the routing path. As a result, the message will be relayed directly to a Hub Transport server in the Active Directory site that represents the bifurcation point. This behavior is known as delayed fan-out.
The lowest cost route is also used to determine where to queue the message in case the destination can't be reached. If a Hub Transport server in the target Active Directory site can't be reached, the sending Hub Transport server will then attempt delivery to a Hub Transport server in the next closest Active Directory site according to the routing path. Message delivery will continue along the lowest cost route until it reaches an Active Directory site where a Hub Transport server is available. Finally, if no Hub Transport servers along the route to the recipient Active Directory site are available, the message is queued locally. This method queues the message as close to the delivery point as possible, helping to make diagnosis of network failures more deterministic. This behavior is known as queue-at-point-of-failure.
Exchange 2003 works in a completely different manner. It calculates the lowest-cost route from one routing group to another based on the costs assigned to the routing group connectors. A bridgehead server in each routing group along the routing path will receive and then relay the message. If the next connector in the path is not available, an attempt is made to calculate an alternative route. Link state update messages are also communicated throughout the Exchange organization to notify the other Exchange servers that the connection is down. The bridgehead servers will attempt to route around the down connector until a link state notification is received indicating that the connection is up.
The challenge when transitioning a large organization is to maintain mail flow during the coexistence period. To achieve this continuity when Exchange 2007 is introduced into the environment, all Exchange 2007 servers become members of a single routing group. This means that regardless of which Active Directory site the Exchange 2007 server is in, Exchange 2003 will see it as belonging to that single routing group. This allows you to establish a routing group connector between that routing group and the Exchange 2003 routing groups so that Exchange 2003 can figure out how to route messages to Exchange 2007. Exchange 2007 will also use the routing group connector to determine how to get messages to Exchange 2003. However, Exchange 2007 will always prefer to route a message through another Exchange 2007 server, and will never backbone across an Exchange 2003 routing group to reach another Exchange 2007 server.
When an Exchange 2007 server starts, it is stamped with a site attribute that helps other Exchange 2007 servers locate the services provided by that server. Only the Hub Transport server can use SMTP to transport a message within the organization. Each Active Directory site that contains a Mailbox server must also contain a Hub Transport server and, if the mailbox users access their mailbox by using any non-MAPI method, each site must also contain a Client Access server. Any time that a message needs to be processed for delivery, it will pass through a Hub Transport server, which will make a decision about how the message should be routed. If the message is destined for a Mailbox server in the same Active Directory site as the Hub Transport server, the Hub Transport server will deliver the message to the mailbox. If the message is destined for a Mailbox server that's in a different site, the Hub Transport server will relay the message directly to a Hub Transport server in the remote site.
The Hub Transport server uses the Active Directory IP site link cost information to calculate the lowest-cost route to the Active Directory site where the recipient mailbox is located. The route selection algorithm is very similar to Exchange 2003, but it's based on IP site link costs instead of routing group connector costs. Moreover, the message does not stop at each Hub Transport server along the way. It goes directly from source to destination. So why does it bother to calculate the lowest-cost route if it's relying on the IP network to transport the message? There are a couple of reasons. One is to delay message bifurcation. A message that is being sent to more than one recipient may need to be delivered to Mailbox servers in more than one Active Directory site. Rather than bifurcate, or split, the message at the first Hub Transport server, Exchange 2007 will not split the message until it reaches a fork in the routing path. As a result, the message will be relayed directly to a Hub Transport server in the Active Directory site that represents the bifurcation point. This behavior is known as delayed fan-out.
The lowest cost route is also used to determine where to queue the message in case the destination can't be reached. If a Hub Transport server in the target Active Directory site can't be reached, the sending Hub Transport server will then attempt delivery to a Hub Transport server in the next closest Active Directory site according to the routing path. Message delivery will continue along the lowest cost route until it reaches an Active Directory site where a Hub Transport server is available. Finally, if no Hub Transport servers along the route to the recipient Active Directory site are available, the message is queued locally. This method queues the message as close to the delivery point as possible, helping to make diagnosis of network failures more deterministic. This behavior is known as queue-at-point-of-failure.
Exchange 2003 works in a completely different manner. It calculates the lowest-cost route from one routing group to another based on the costs assigned to the routing group connectors. A bridgehead server in each routing group along the routing path will receive and then relay the message. If the next connector in the path is not available, an attempt is made to calculate an alternative route. Link state update messages are also communicated throughout the Exchange organization to notify the other Exchange servers that the connection is down. The bridgehead servers will attempt to route around the down connector until a link state notification is received indicating that the connection is up.
The challenge when transitioning a large organization is to maintain mail flow during the coexistence period. To achieve this continuity when Exchange 2007 is introduced into the environment, all Exchange 2007 servers become members of a single routing group. This means that regardless of which Active Directory site the Exchange 2007 server is in, Exchange 2003 will see it as belonging to that single routing group. This allows you to establish a routing group connector between that routing group and the Exchange 2003 routing groups so that Exchange 2003 can figure out how to route messages to Exchange 2007. Exchange 2007 will also use the routing group connector to determine how to get messages to Exchange 2003. However, Exchange 2007 will always prefer to route a message through another Exchange 2007 server, and will never backbone across an Exchange 2003 routing group to reach another Exchange 2007 server.
Thursday, January 15, 2009
Exchange 2007 Roles
Considerations
The first requirement to note is that Exchange Server 2007 must be deployed on 64-bit hardware and does not support an in-place upgrade from any previous version of Exchange. You must use the swing upgrade method to move your existing messaging services to Exchange 2007. Further, the Exchange organization must be operating in native mode to support the addition of Exchange 2007 servers, so if your organization is currently using Exchange 5.5, you will be required to perform an interim upgrade to Exchange Server 2003 before moving to Exchange 2007.
There are some important changes in Exchange 2007 you must consider when planning your transition.
The first requirement to note is that Exchange Server 2007 must be deployed on 64-bit hardware and does not support an in-place upgrade from any previous version of Exchange. You must use the swing upgrade method to move your existing messaging services to Exchange 2007. Further, the Exchange organization must be operating in native mode to support the addition of Exchange 2007 servers, so if your organization is currently using Exchange 5.5, you will be required to perform an interim upgrade to Exchange Server 2003 before moving to Exchange 2007.
There are some important changes in Exchange 2007 you must consider when planning your transition.
For example, Exchange 2007 introduces role-based deployment, which lets you choose the messaging services you want to provide and deploy server roles specific to those services.
You can deploy the server roles individually on dedicated hardware, or install multiple roles on the same physical server, administered as separate entities
Exchange Server 2007 Server Roles
Mailbox Server
Mailbox Server
The Mailbox server role provides message storage for an organization. Exchange 2007 can support up to 50 stores per server. These stores can be deployed as 50 individual storage groups, or you can create up to 50 stores in a single storage group. The Mailbox server role is the only role that can be deployed as a cluster, so if you will be using clustering, you will need to install the Mailbox server on dedicated hardware.
Client Access Server
Client Access Server
The Client Access server role replaces the functionality provided by a front-end server. It provides mailbox access to clients accessing Exchange using POP3, IMAP4, Outlook® Web Access (OWA), RPC over HTTPS (now known as Outlook Anywhere), and Exchange ActiveSync®.
Hub Transport Server
Hub Transport Server
This role provides SMTP and MAPI message transport services for the Exchange organization. Every message that is sent or received by the users in your organization is processed by a Hub Transport server. This is great, because it ensures that no message can bypass the server-based rules or journaling policies that are provided by agents that fire at various points in the transport pipeline.
Unified Messaging Server
Unified Messaging Server
This role provides voice access to your mailbox. It integrates with your IP/VoIP gateway or IP-PBX to provide telephone access to messages and calendar items and lets you transcribe a reply. This role is new to Exchange, and is not able to interoperate with any previous versions of Exchange.
Edge Transport Server
Edge Transport Server
The Edge Transport server is typically deployed in your perimeter network. It provides SMTP message transport between the Exchange organization and the Internet, and provides anti-spam and antivirus processing using transport agents. You can now standardize on a single technology for both your organizational and perimeter network servers. This seamless interaction model simplifies administration and allows for easy integration of perimeter servers.
System performance
What and When to MeasureBottlenecks occur when a resource reaches its capacity, causing the performance of the entire system to slow down. Bottlenecks are typically caused by insufficient or misconfigured resources, malfunctioning components, and incorrect requests for resources by a program.
There are five major resource areas that can cause bottlenecks and affect server performance: physical disk, memory, process, CPU, and network. If any of these resources are overutilized, your server or application can become noticeably slow or can even crash. I will go through each of these five areas, giving guidance on the counters you should be using and offering suggested thresholds to measure the pulse of your servers.
Since the sampling interval has a significant impact on the size of the log file and the server load, you should set the sample interval based on the average elapsed time for the issue to occur so you can establish a baseline before the issue occurs again. This will allow you to spot any trend leading to the issue.
Fifteen minutes will provide a good window for establishing a baseline during normal operations. Set the sample interval to 15 seconds if the average elapsed time for the issue to occur is about four hours. If the time for the issue to occur is eight hours or more, set the sampling interval to no less than five minutes; otherwise, you will end up with a very large log file, making it more difficult to analyze the data.
Hard Disk Bottleneck
Since the disk system stores and handles programs and data on the server, a bottleneck affecting disk usage and speed will have a big impact on the server's overall performance.
Please note that if the disk objects have not been enabled on your server, you need to use the command-line tool Diskperf to enable them. Also, note that % Disk Time can exceed 100 percent and, therefore, I prefer to use % Idle Time, Avg. Disk sec/Read, and Avg. Disk sec/write to give me a more accurate picture of how busy the hard disk is. You can find more on % Disk Time in the Knowledge Base article available at support.microsoft.com/kb/310067.
Following are the counters the Microsoft Service Support engineers rely on for disk monitoring.
LogicalDisk\% Free Space This measures the percentage of free space on the selected logical disk drive. Take note if this falls below 15 percent, as you risk running out of free space for the OS to store critical files. One obvious solution here is to add more disk space.
PhysicalDisk\% Idle Time This measures the percentage of time the disk was idle during the sample interval. If this counter falls below 20 percent, the disk system is saturated. You may consider replacing the current disk system with a faster disk system.
PhysicalDisk\Avg. Disk Sec/Read This measures the average time, in seconds, to read data from the disk. If the number is larger than 25 milliseconds (ms), that means the disk system is experiencing latency when reading from the disk. For mission-critical servers hosting SQL Server® and Exchange Server, the acceptable threshold is much lower, approximately 10 ms. The most logical solution here is to replace the current disk system with a faster disk system.
PhysicalDisk\Avg. Disk Sec/Write This measures the average time, in seconds, it takes to write data to the disk. If the number is larger than 25 ms, the disk system experiences latency when writing to the disk. For mission-critical servers hosting SQL Server and Exchange Server, the acceptable threshold is much lower, approximately 10 ms. The likely solution here is to replace the disk system with a faster disk system.
PhysicalDisk\Avg. Disk Queue Length This indicates how many I/O operations are waiting for the hard drive to become available. If the value here is larger than the number of spindles plus two, that means the disk itself may be the bottleneck.
Memory\Cache Bytes This indicates the amount of memory being used for the file system cache. There may be a disk bottleneck if this value is greater than 200MB.
Memory Bottleneck
A memory shortage is typically due to insufficient RAM, a memory leak, or a memory switch placed inside the boot.ini. Before I get into memory counters, I should discuss the /3GB switch.
More memory reduces disk I/O activity and, in turn, improves application performance. The /3GB switch was introduced in Windows NT® as a way to provide more memory for the user-mode programs.
Windows uses a virtual address space of 4GB (independent of how much physical RAM the system has). By default, the lower 2GB are reserved for user-mode programs and the upper 2GB are reserved for kernel-mode programs. With the /3GB switch, 3GB are given to user-mode processes. This, of course, comes at the expense of the kernel memory, which will have only 1GB of virtual address space. This can cause problems because Pool Non-Paged Bytes, Pool Paged Bytes, Free System Page Tables Entries, and desktop heap are all squeezed together within this 1GB space. Therefore, the /3GB switch should only be used after thorough testing has been done in your environment.
This is a consideration if you suspect you are experiencing a memory-related bottleneck. If the /3GB switch is not the cause of the problems, you can use these counters for diagnosing a potential memory bottleneck.
Memory\% Committed Bytes in Use This measures the ratio of Committed Bytes to the Commit Limit—in other words, the amount of virtual memory in use. This indicates insufficient memory if the number is greater than 80 percent. The obvious solution for this is to add more memory.
Memory\% Available Mbytes This measures the amount of physical memory, in megabytes, available for running processes. If this value is less than 5 percent of the total physical RAM, that means there is insufficient memory, and that can increase paging activity. To resolve this problem, you should simply add more memory.
Memory\Free System Page Table Entries This indicates the number of page table entries not currently in use by the system. If the number is less than 5,000, there may well be a memory leak.
Memory\Pool Non-Paged Bytes This measures the size, in bytes, of the non-paged pool. This is an area of system memory for objects that cannot be written to disk but instead must remain in physical memory as long as they are allocated. There is a possible memory leak if the value is greater than 175MB (or 100MB with the /3GB switch). A typical Event ID 2019 is recorded in the system event log.
Memory\Pool Paged Bytes This measures the size, in bytes, of the paged pool. This is an area of system memory used for objects that can be written to disk when they are not being used. There may be a memory leak if this value is greater than 250MB (or 170MB with the /3GB switch). A typical Event ID 2020 is recorded in the system event log.
Memory\Pages per Second This measures the rate at which pages are read from or written to disk to resolve hard page faults. If the value is greater than 1,000, as a result of excessive paging, there may be a memory leak.
Processor Bottleneck
An overwhelmed processor can be due to the processor itself not offering enough power or it can be due to an inefficient application. You must double-check whether the processor spends a lot of time in paging as a result of insufficient physical memory. When investigating a potential processor bottleneck, the Microsoft Service Support engineers use the following counters.
Processor\% Processor Time This measures the percentage of elapsed time the processor spends executing a non-idle thread. If the percentage is greater than 85 percent, the processor is overwhelmed and the server may require a faster processor.
Processor\% User Time This measures the percentage of elapsed time the processor spends in user mode. If this value is high, the server is busy with the application. One possible solution here is to optimize the application that is using up the processor resources.
Processor\% Interrupt Time This measures the time the processor spends receiving and servicing hardware interruptions during specific sample intervals. This counter indicates a possible hardware issue if the value is greater than 15 percent.
System\Processor Queue Length This indicates the number of threads in the processor queue. The server doesn't have enough processor power if the value is more than two times the number of CPUs for an extended period of time.
Network Bottleneck
A network bottleneck, of course, affects the server's ability to send and receive data across the network. It can be an issue with the network card on the server, or perhaps the network is saturated and needs to be segmented. You can use the following counters to diagnosis potential network bottlenecks.
Network Interface\Bytes Total/Sec This measures the rate at which bytes are sent and received over each network adapter, including framing characters. The network is saturated if you discover that more than 70 percent of the interface is consumed. For a 100-Mbps NIC, the interface consumed is 8.7MB/sec (100Mbps = 100000kbps = 12.5MB/sec* 70 percent). In a situation like this, you may want to add a faster network card or segment the network.
Network Interface\Output Queue Length This measures the length of the output packet queue, in packets. There is network saturation if the value is more than 2. You can address this problem by adding a faster network card or segmenting the network.
Process Bottleneck
Server performance will be significantly affected if you have a misbehaving process or non-optimized processes. Thread and handle leaks will eventually bring down a server, and excessive processor usage will bring a server to a crawl. The following counters are indispensable when diagnosing process-related bottlenecks.
Process\Handle Count This measures the total number of handles that are currently open by a process. This counter indicates a possible handle leak if the number is greater than 10,000.
Process\Thread Count This measures the number of threads currently active in a process. There may be a thread leak if this number is more than 500 between the minimum and maximum number of threads.
Process\Private Bytes This indicates the amount of memory that this process has allocated that cannot be shared with other processes. If the value is greater than 250 between the minimum and maximum number of threads, there may be a memory leak.
Tuesday, January 13, 2009
Event ID 1151 and 1154 Are Logged When You Move a Mailbox
When you move a mailbox from one Exchange 2000 Server-based computer to another, the following events may be displayed in the Application log of the Event Viewer:
Event ID: 1151
Event Source: MSExchangeIS
MailboxEvent Type: Warning
Event Category: RulesEvent Description: A rule synchronization error (1144) has occurred on Mailbox Store "storename"The mailbox folder is Top of Information Store\InboxThe distinguished name of the owning mailbox is ---.
Cause:
When you move a mailbox, the mailbox rules are packed in a single package on the source server, and are then moved to the destination server. On the destination server, an asynchronous task is immediately started to unpack the rules. This asynchronous task may be scheduled to run before the mailbox-move procedure completes, causing an Event ID 1151 to be logged in the Application log of the Event Viewer. This does not indicate a problem with the mailbox move operation. When the task to unpack the rules completes successfully, Event ID 1154 is logged in the Application log
Event ID: 1151
Event Source: MSExchangeIS
MailboxEvent Type: Warning
Event Category: RulesEvent Description: A rule synchronization error (1144) has occurred on Mailbox Store "storename"The mailbox folder is Top of Information Store\InboxThe distinguished name of the owning mailbox is ---.
Cause:
When you move a mailbox, the mailbox rules are packed in a single package on the source server, and are then moved to the destination server. On the destination server, an asynchronous task is immediately started to unpack the rules. This asynchronous task may be scheduled to run before the mailbox-move procedure completes, causing an Event ID 1151 to be logged in the Application log of the Event Viewer. This does not indicate a problem with the mailbox move operation. When the task to unpack the rules completes successfully, Event ID 1154 is logged in the Application log
Monday, January 12, 2009
vReplicator
Features
vReplicator is the leading replication solution for VMware Infrastructure, allowing for selective replication of individual virtual machines. With vReplicator, the entire virtual machine is replicated, including configuration settings, patches to the OS, the applications themselves as well as the data and all other OS-level changes
Replication Synchronization
vReplicator is the leading replication solution for VMware Infrastructure, allowing for selective replication of individual virtual machines. With vReplicator, the entire virtual machine is replicated, including configuration settings, patches to the OS, the applications themselves as well as the data and all other OS-level changes
Replication Synchronization
The initial synchronization for vReplicator leverages proven technology for the initial copy of the source virtual machine. Additionally, a differential engine sends changes to the destination host and applies them to the closed target virtual machine.
Differential or Hybrid Replication
Differential or Hybrid Replication
vReplicator now offers two types of replication differential and hybrid.
Differential replication, the initial synchronization for vReplicator, leverages proven technology for the initial copy of the source virtual machine. The differential engine sends changes to the destination host and applies them to the closed target virtual machine. Hybrid replication takes the difference, or changes form the source virtual machine to the target, and submits only those changes, instead of resending the whole image.
VSSvReplicator includes an agent that works in conjunction with the Microsoft® Volume Shadow Copy Service (VSS) to pause application writes. This feature enables quiescing of supported databases to provide a “transactionally consistent” replica for high availability or disaster recovery sites.
Status Information and Report EnhancementsvReplicator now offers enhanced status information, which is available in the GUI, to determine the duration of replication passes, successful connection to both target and source VM, and verification of successful passes. Performance statistics are available to determine the load of a host and the impact of replication on the virtualized environment. These statistics are helpful in determining the limitations of the host and the performance requirements for replication. vReplicator now also offers the ability to export activity reports that provide status and meaningful context. The ability to export job information to such formats as Adobe® Portable Document Format (PDF), Extensible Markup Language (XML), and Microsoft® Excel (.xls), allows the user to import this data into third-party reporting software to create custom reports.
Failover TestingvReplicator offers a simple method to assist with DR testing. A single button will power on the DR virtual machine in an isolated state for analysis. When testing is complete, all changes will be reverted at the next replication pass.
VSSvReplicator includes an agent that works in conjunction with the Microsoft® Volume Shadow Copy Service (VSS) to pause application writes. This feature enables quiescing of supported databases to provide a “transactionally consistent” replica for high availability or disaster recovery sites.
Status Information and Report EnhancementsvReplicator now offers enhanced status information, which is available in the GUI, to determine the duration of replication passes, successful connection to both target and source VM, and verification of successful passes. Performance statistics are available to determine the load of a host and the impact of replication on the virtualized environment. These statistics are helpful in determining the limitations of the host and the performance requirements for replication. vReplicator now also offers the ability to export activity reports that provide status and meaningful context. The ability to export job information to such formats as Adobe® Portable Document Format (PDF), Extensible Markup Language (XML), and Microsoft® Excel (.xls), allows the user to import this data into third-party reporting software to create custom reports.
Failover TestingvReplicator offers a simple method to assist with DR testing. A single button will power on the DR virtual machine in an isolated state for analysis. When testing is complete, all changes will be reverted at the next replication pass.
Complete RRD tool based graphic solution
Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.
EdgeTransport.exe consuming more memory in Exchange server 2007
Log details
--------------------------------------------
Event Type: Warning
Event Source: MSExchangeTransport
Event Category: ResourceManager
Event ID: 15001
Date: 12/2/2008
Time: 1:31:28 AM
User: N/A
Computer:
Description:The resource pressure changed from High to Normal.
Statistics:
Queue database and disk space ("D:\exchsrvr\TransportRoles\data\Queue\mail.que") = 56% [Normal] [Normal=72% MediumHigh=74% High=76%]
Queue database logging disk space ("D:\exchsrvr\TransportRoles\data\Queue\") = 64% [Normal] [Normal=93% MediumHigh=95% High=97%]Version buckets = 27 [Normal] [Normal=40 MediumHigh=60 High=100]Private bytes = 15% [Normal] [Normal=71% MediumHigh=73% High=75%]
Physical memory load = 91% [limit is 94% to start dehydrating messages.]
--------------------------------------------------------------------------
Event Type: Information
Event Source: MSExchange TransportService
Event Category: ProcessManager
Event ID: 1020
Date: 08/12/2008
Time: 11:18:55
User: N/A
Computer:
Description:Worker process with process ID 280 has exited.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------
Steps worked :
1. Took a backup of EdgeTransport.exe config file and changed the default value of :
PercentageDatabaseDiskSpaceUsedHighThreshold from "0" to "80
and restarted the Microsoft Exchange Transport Service.
2. monitored the memory consumption.
3.Installed the Exchange Rollup update 6[http://support.microsoft.com/kb/942846 ] for exchange server 2007 on the affected servers.
Results : after the installation of rollup update the memory cosumption has reduced drastically
--------------------------------------------
Event Type: Warning
Event Source: MSExchangeTransport
Event Category: ResourceManager
Event ID: 15001
Date: 12/2/2008
Time: 1:31:28 AM
User: N/A
Computer:
Description:The resource pressure changed from High to Normal.
Statistics:
Queue database and disk space ("D:\exchsrvr\TransportRoles\data\Queue\mail.que") = 56% [Normal] [Normal=72% MediumHigh=74% High=76%]
Queue database logging disk space ("D:\exchsrvr\TransportRoles\data\Queue\") = 64% [Normal] [Normal=93% MediumHigh=95% High=97%]Version buckets = 27 [Normal] [Normal=40 MediumHigh=60 High=100]Private bytes = 15% [Normal] [Normal=71% MediumHigh=73% High=75%]
Physical memory load = 91% [limit is 94% to start dehydrating messages.]
--------------------------------------------------------------------------
Event Type: Information
Event Source: MSExchange TransportService
Event Category: ProcessManager
Event ID: 1020
Date: 08/12/2008
Time: 11:18:55
User: N/A
Computer:
Description:Worker process with process ID 280 has exited.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------
Steps worked :
1. Took a backup of EdgeTransport.exe config file and changed the default value of :
PercentageDatabaseDiskSpaceUsedHighThreshold from "0" to "80
and restarted the Microsoft Exchange Transport Service.
2. monitored the memory consumption.
3.Installed the Exchange Rollup update 6[http://support.microsoft.com/kb/942846 ] for exchange server 2007 on the affected servers.
Results : after the installation of rollup update the memory cosumption has reduced drastically
Understanding Back Pressure in Exchange server 2007
Back pressure is a system resource monitoring feature of the Microsoft Exchange Transport service that exists on computers that are running Microsoft Exchange Server 2007 that have the Hub Transport server role or Edge Transport server role installed. Important system resources, such as available hard disk drive space and available memory, are monitored. If utilization of a system resource exceeds the specified limit, the Exchange server stops accepting new connections and messages. This prevents the system resources from being completely overwhelmed and enables the Exchange server to deliver the existing messages. When utilization of the system resource returns to a normal level, the Exchange server accepts new connections and messages.
The following system resources are monitored as part of the back pressure feature:
Free space on the hard disk drive that stores the message queue database.
Free space on the hard disk drive that stores the message queue database transaction logs.
The number of uncommitted message queue database transactions that exist in memory.
The memory that is used by the EdgeTransport.exe process.
The memory that is used by all processes.
For each monitored system resource on a Hub Transport server or Edge Transport server, the following three levels of resource utilization are applied:
Normal
The resource is not overused. The server accepts new connections and messages.
Medium
The resource is slightly overused. Back pressure is applied to the server in a limited manner. Mail from senders in the authoritative domain can flow. However, the server rejects new connections and messages from other sources.
High
The resource is severely overused. Full back pressure is applied. All message flow stops, and the server rejects all new connections and messages.
The following system resources are monitored as part of the back pressure feature:
Free space on the hard disk drive that stores the message queue database.
Free space on the hard disk drive that stores the message queue database transaction logs.
The number of uncommitted message queue database transactions that exist in memory.
The memory that is used by the EdgeTransport.exe process.
The memory that is used by all processes.
For each monitored system resource on a Hub Transport server or Edge Transport server, the following three levels of resource utilization are applied:
Normal
The resource is not overused. The server accepts new connections and messages.
Medium
The resource is slightly overused. Back pressure is applied to the server in a limited manner. Mail from senders in the authoritative domain can flow. However, the server rejects new connections and messages from other sources.
High
The resource is severely overused. Full back pressure is applied. All message flow stops, and the server rejects all new connections and messages.
WEBSENSE FAQ
How is the Websense Master Database developed and maintained?
Sites are first mined through proprietary software techniques and then classified into categories. Sites not categorized by this method are evaluated by qualified Internet analysts for proper categorization and continually checked for accuracy. Websense Enterprise automatically downloads updates to the Master Database daily, including additions, changes and deletions so you can be sure you're using the freshest database at all times.
How easy is it to set up and maintain Websense Enterprise?
It is very simple to install and maintain. In fact, most of our users report that Websense is very intuitive and that they are easily up and running within an hour. No day to day administration is required: Log files are rotated automatically, and the system automatically downloads new Master Databases.
Can I add my own sites to the database?
Yes. You can instantly add sites to the database by using the Add Custom URL's feature. You can also suggest sites to be added to the Master Database with our Suggest a URL form.
Can I view the list of URLs that Web sense Enterprise blocks?
The Web sense Master Database of URLs is proprietary information belonging to Web sense Inc. and cannot be released in whole or in part. The README file that comes with Web sense Enterprise lists the sample URLs in the demonstration database and their category assignments. If you need to determine the category for a particular site, visit THE Websense Site Lookup page. If you believe a specific URL is not categorized correctly, please use the Suggest form to recommend changes
What is the Web sense IP Screening technology?
This technology preconverts all domain names in the database into IP addresses. This technology maximizes the performance of your network by allowing the core Websense Enterprise Engine to perform very fast initial look ups. It also eliminates the possibility of someone accessing a site directly via the IP address and bypassing the Websense database.
What Web browsers can I use with Websense Enterprise?
All versions of Websense support Netscape browsers v2.0 and later, and Microsoft Internet Explorer v1.5 & later. Most other browsers should also be compatible.
Do frames on Web sites affect Websense Enterprise's behavior?
No. Frames are passed through transparently.
How does Websense Enterprise automatically update its database?
When you install Websense, you select a time range when you want Websense to update its database (by default, between 1:00 a.m. - 5:00 a.m.). Websense Enterprise will automatically fetch the database during that time by using a standard HTTP GET transfer from our site over the Internet.
During an evaluation period, do I get daily database updates?
Yes. The evaluation version of Websense is the same as the full product, including Premium Groups I and II. The only difference is how long your license key is valid.
Can I restrict access to only certain sites?
It is possible to set Websense Enterprise to block access to all sites except for those that you explicitly specify. This is sometimes called a "Yes List" or a "White List" feature.
Does Websense work with Macintosh or Novell-based networks?
Yes. Websense Enterprise itself must run on a Windows NT, Windows 2000, Solaris, or Red Hat Linux server. However your users can be using Macintosh computers or Novell server attached computers.
What is a Virtual Host? Does Websense deal with these?
Some Web servers can be configured to host more than one Web site or unique domains. These Web sites are called virtual hosts and share a single IP address. That means that each of these virtual hosts resolves via DNS to the same IP address. For example, www.shopping.com, and www.church.com could all be tied into one IP address. Virtual hosts require special categorization in order to be properly identified and screened. Otherwise, the system would lump sites that had no commonality into one over broad category.
The latest version of Websense recognizes and handles these virtual hosted sites.
What do the different license levels really mean?
Websense Enterprise keeps track of all the IP addresses it sees using the Websense Enterprise proxy services. It limits the number of different machines that can use Websense by the license level. Thus only 100 machines with different IP addresses can use the 100 user version of Websense Enterprise. The 101st user will either be blocked or unfiltered, depending on the preferences set in the Websense Manager. The license levels are thus not a simultaneous use license, but a total number of machines license. The Websense Enterprise IP address table is cleared when Websense Enterprise is restarted.
Can I customize access by workstation?
Yes. You can customize access by workstation and network, and with Websense Enterprise v4.x, by users and groups. You may also filter by time of day and set time-based quotas.
Do I need to re-configure my Web browser to use Websense for FireWall-1?
If you are running the version of Websense Enterprise for FireWall-1, you do not need to perform any browser re-configuration to be able to use the filtering capabilities of Websense Enterprise. When configured correctly on the firewall, FireWall-1 will redirect appropriate packets to the Websense Enterprise UFP server completely transparently to the end user.
Can I customize access through my firewall?
Yes. Through the FireWall-1 rules you can define users or even groups of users who will be allowed full access, or to be blocked to specific catagories or to all catagories, all depending on how you define your FireWall-1 rule base.
For a technical consultant to call you click here and they will do so at the time you specify. If you are looking for a quotation or need help designing your solution then click here. If you require access to our SECURE online catalogue then click here
How can I Bypass Web sense
The concept behind Web sense is simple, whenever an employee attempts to visit a specific webpage; a request is generated and then passes through a firewall. Websense looks at this request and answers yes or no depending on if the requested URL is in the Websense database. In transparent mode, Websense counts on the fact that the firewall will forward the whole request in a single time. If the whole request is not transferred at one time, Websense will allow the packet to pass, as the packet doesn't look like a HTTP request. If you want to bypass Websense and browse any page, you can use several techniques to bypass Websense's filtering and authentication process.
Bypassing Websense using a Web Proxy
One method used to bypass Websense is to use a web-based proxy site. With a proxy, Websense sees you browse to the web proxy -- not to the web site you are actually browsing to. You browse to the web proxy, and then the web proxy browses to the web site you want to visit. The reason that these web proxies are able to bypass Websense is the the 'S' in the HTTP address (https://) stands for secure connection and Websense does not block such secured connections. This is probably the simplest way to get around the Websense program as it takes little time and no one will wonder what you are up to.
Sites are first mined through proprietary software techniques and then classified into categories. Sites not categorized by this method are evaluated by qualified Internet analysts for proper categorization and continually checked for accuracy. Websense Enterprise automatically downloads updates to the Master Database daily, including additions, changes and deletions so you can be sure you're using the freshest database at all times.
How easy is it to set up and maintain Websense Enterprise?
It is very simple to install and maintain. In fact, most of our users report that Websense is very intuitive and that they are easily up and running within an hour. No day to day administration is required: Log files are rotated automatically, and the system automatically downloads new Master Databases.
Can I add my own sites to the database?
Yes. You can instantly add sites to the database by using the Add Custom URL's feature. You can also suggest sites to be added to the Master Database with our Suggest a URL form.
Can I view the list of URLs that Web sense Enterprise blocks?
The Web sense Master Database of URLs is proprietary information belonging to Web sense Inc. and cannot be released in whole or in part. The README file that comes with Web sense Enterprise lists the sample URLs in the demonstration database and their category assignments. If you need to determine the category for a particular site, visit THE Websense Site Lookup page. If you believe a specific URL is not categorized correctly, please use the Suggest form to recommend changes
What is the Web sense IP Screening technology?
This technology preconverts all domain names in the database into IP addresses. This technology maximizes the performance of your network by allowing the core Websense Enterprise Engine to perform very fast initial look ups. It also eliminates the possibility of someone accessing a site directly via the IP address and bypassing the Websense database.
What Web browsers can I use with Websense Enterprise?
All versions of Websense support Netscape browsers v2.0 and later, and Microsoft Internet Explorer v1.5 & later. Most other browsers should also be compatible.
Do frames on Web sites affect Websense Enterprise's behavior?
No. Frames are passed through transparently.
How does Websense Enterprise automatically update its database?
When you install Websense, you select a time range when you want Websense to update its database (by default, between 1:00 a.m. - 5:00 a.m.). Websense Enterprise will automatically fetch the database during that time by using a standard HTTP GET transfer from our site over the Internet.
During an evaluation period, do I get daily database updates?
Yes. The evaluation version of Websense is the same as the full product, including Premium Groups I and II. The only difference is how long your license key is valid.
Can I restrict access to only certain sites?
It is possible to set Websense Enterprise to block access to all sites except for those that you explicitly specify. This is sometimes called a "Yes List" or a "White List" feature.
Does Websense work with Macintosh or Novell-based networks?
Yes. Websense Enterprise itself must run on a Windows NT, Windows 2000, Solaris, or Red Hat Linux server. However your users can be using Macintosh computers or Novell server attached computers.
What is a Virtual Host? Does Websense deal with these?
Some Web servers can be configured to host more than one Web site or unique domains. These Web sites are called virtual hosts and share a single IP address. That means that each of these virtual hosts resolves via DNS to the same IP address. For example, www.shopping.com, and www.church.com could all be tied into one IP address. Virtual hosts require special categorization in order to be properly identified and screened. Otherwise, the system would lump sites that had no commonality into one over broad category.
The latest version of Websense recognizes and handles these virtual hosted sites.
What do the different license levels really mean?
Websense Enterprise keeps track of all the IP addresses it sees using the Websense Enterprise proxy services. It limits the number of different machines that can use Websense by the license level. Thus only 100 machines with different IP addresses can use the 100 user version of Websense Enterprise. The 101st user will either be blocked or unfiltered, depending on the preferences set in the Websense Manager. The license levels are thus not a simultaneous use license, but a total number of machines license. The Websense Enterprise IP address table is cleared when Websense Enterprise is restarted.
Can I customize access by workstation?
Yes. You can customize access by workstation and network, and with Websense Enterprise v4.x, by users and groups. You may also filter by time of day and set time-based quotas.
Do I need to re-configure my Web browser to use Websense for FireWall-1?
If you are running the version of Websense Enterprise for FireWall-1, you do not need to perform any browser re-configuration to be able to use the filtering capabilities of Websense Enterprise. When configured correctly on the firewall, FireWall-1 will redirect appropriate packets to the Websense Enterprise UFP server completely transparently to the end user.
Can I customize access through my firewall?
Yes. Through the FireWall-1 rules you can define users or even groups of users who will be allowed full access, or to be blocked to specific catagories or to all catagories, all depending on how you define your FireWall-1 rule base.
For a technical consultant to call you click here and they will do so at the time you specify. If you are looking for a quotation or need help designing your solution then click here. If you require access to our SECURE online catalogue then click here
How can I Bypass Web sense
The concept behind Web sense is simple, whenever an employee attempts to visit a specific webpage; a request is generated and then passes through a firewall. Websense looks at this request and answers yes or no depending on if the requested URL is in the Websense database. In transparent mode, Websense counts on the fact that the firewall will forward the whole request in a single time. If the whole request is not transferred at one time, Websense will allow the packet to pass, as the packet doesn't look like a HTTP request. If you want to bypass Websense and browse any page, you can use several techniques to bypass Websense's filtering and authentication process.
Bypassing Websense using a Web Proxy
One method used to bypass Websense is to use a web-based proxy site. With a proxy, Websense sees you browse to the web proxy -- not to the web site you are actually browsing to. You browse to the web proxy, and then the web proxy browses to the web site you want to visit. The reason that these web proxies are able to bypass Websense is the the 'S' in the HTTP address (https://) stands for secure connection and Websense does not block such secured connections. This is probably the simplest way to get around the Websense program as it takes little time and no one will wonder what you are up to.
After you install SMS 2003 SP3, the Wmiprvse.exe process may generate high CPU usage on client computers during hardware-inventory operations
SYMPTOMS
Consider the following scenario:
Consider the following scenario:
•You install Microsoft Systems Management Server 2003 Service Pack 3 (SP3).
•The SMS 2003 SP3 Asset Advisor performs hardware-inventory operations.
In this scenario, the Wmiprvse.exe process on client computers in the organization may generate high CPU usage. Sometimes, the CPU usage may spike to 100 percent.
CAUSE
This is a bug in the SMS_AutoStartSoftware class in the SMS_def.mof. This new class added in SP3 collects auto run software information from the clients. When we have some files in:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (or some other auto run locacations), the file language is a mixed language, and also the current user locale is different than the file language, SMS_AutoStartSoftware class cannot handle that correctly resulting in a high CPU utilization.
RESOLUTION
No resolution is currently available for this problem. We are working on an SMS 2003 SP3 hotfix to resolve this problem.
WORKAROUND
To work around this problem, modify the Sms_def.mof file to disable the following classes:
•SMS_AutoStartSoftware
•SMS_BrowserHelperObject
•SMS_InstalledSoftware
•SMS_SoftwareShortcut
•The SMS 2003 SP3 Asset Advisor performs hardware-inventory operations.
In this scenario, the Wmiprvse.exe process on client computers in the organization may generate high CPU usage. Sometimes, the CPU usage may spike to 100 percent.
CAUSE
This is a bug in the SMS_AutoStartSoftware class in the SMS_def.mof. This new class added in SP3 collects auto run software information from the clients. When we have some files in:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (or some other auto run locacations), the file language is a mixed language, and also the current user locale is different than the file language, SMS_AutoStartSoftware class cannot handle that correctly resulting in a high CPU utilization.
RESOLUTION
No resolution is currently available for this problem. We are working on an SMS 2003 SP3 hotfix to resolve this problem.
WORKAROUND
To work around this problem, modify the Sms_def.mof file to disable the following classes:
•SMS_AutoStartSoftware
•SMS_BrowserHelperObject
•SMS_InstalledSoftware
•SMS_SoftwareShortcut
Implemented:
Took a back of the MOF file and modified the sms_def.mof file to disable the SMS_AutoStartSoftware class in the SMS site server Monitored the inventory status during the next hardware inventory cycle
Saturday, January 10, 2009
Thursday, January 8, 2009
Qualities of a Manager
1. Creativity
Creativity is what separates competence from excellence. Creativity is the spark that propels projects forward and that captures peoples' attention. Creativity is the ingredient that pulls the different pieces together into a cohesive whole, adding zest and appeal in the process.
2. Structure
The context and structure we work within always have a set of parameters, limitations and guidelines. A stellar manager knows how to work within the structure and not let the structure impinge upon the process or the project. Know the structure intimately, so as to guide others to effectively work within the given parameters. Do this to expand beyond the boundaries.
3. Intuition
Intuition is the capacity of knowing without the use of rational processes; it's the cornerstone of emotional intelligence. People with keen insight are often able to sense what others are feeling and thinking; consequently, they're able to respond perfectly to another through their deeper understanding. The stronger one's intuition, the stronger manager one will be.
4. Knowledge
A thorough knowledge base is essential. The knowledge base must be so ingrained and integrated into their being that they become transparent, focusing on the employee and what s/he needs to learn, versus focusing on the knowledge base. The excellent manager lives from a knowledge base, without having to draw attention to it.
5. Commitment
A manager is committed to the success of the project and of all team members. S/he holds the vision for the collective team and moves the team closer to the end result. It's the manager's commitment that pulls the team forward during trying times.
6. Being Human
Employees value leaders who are human and who don't hide behind their authority. The best leaders are those who aren't afraid to be themselves. Managers who respect and connect with others on a human level inspire great loyalty.
7. Versatility
Flexibility and versatility are valuable qualities in a manager. Beneath the flexibility and versatility is an ability to be both non-reactive and not attached to how things have to be. Versatility implies an openness - this openness allows the leader to quickly change on a dime when necessary. Flexibility and versatility are the pathways to speedy responsiveness.
8. Lightness
A stellar manager doesn't just produce outstanding results; s/he has fun in the process! Lightness doesn't impede results but rather, helps to move the team forward. Lightness complements the seriousness of the task at hand as well as the resolve of the team, therefore contributing to strong team results and retention.
9. Discipline/Focus
Discipline is the ability to choose and live from what one pays attention to. Discipline as self-mastery can be exhilarating! Role model the ability to live from your intention consistently and you'll role model an important leadership quality.
10. Big Picture, Small Actions
Excellent managers see the big picture concurrent with managing the details. Small actions lead to the big picture; the excellent manager is skillful at doing both: think big while also paying attention to the details.
Creativity is what separates competence from excellence. Creativity is the spark that propels projects forward and that captures peoples' attention. Creativity is the ingredient that pulls the different pieces together into a cohesive whole, adding zest and appeal in the process.
2. Structure
The context and structure we work within always have a set of parameters, limitations and guidelines. A stellar manager knows how to work within the structure and not let the structure impinge upon the process or the project. Know the structure intimately, so as to guide others to effectively work within the given parameters. Do this to expand beyond the boundaries.
3. Intuition
Intuition is the capacity of knowing without the use of rational processes; it's the cornerstone of emotional intelligence. People with keen insight are often able to sense what others are feeling and thinking; consequently, they're able to respond perfectly to another through their deeper understanding. The stronger one's intuition, the stronger manager one will be.
4. Knowledge
A thorough knowledge base is essential. The knowledge base must be so ingrained and integrated into their being that they become transparent, focusing on the employee and what s/he needs to learn, versus focusing on the knowledge base. The excellent manager lives from a knowledge base, without having to draw attention to it.
5. Commitment
A manager is committed to the success of the project and of all team members. S/he holds the vision for the collective team and moves the team closer to the end result. It's the manager's commitment that pulls the team forward during trying times.
6. Being Human
Employees value leaders who are human and who don't hide behind their authority. The best leaders are those who aren't afraid to be themselves. Managers who respect and connect with others on a human level inspire great loyalty.
7. Versatility
Flexibility and versatility are valuable qualities in a manager. Beneath the flexibility and versatility is an ability to be both non-reactive and not attached to how things have to be. Versatility implies an openness - this openness allows the leader to quickly change on a dime when necessary. Flexibility and versatility are the pathways to speedy responsiveness.
8. Lightness
A stellar manager doesn't just produce outstanding results; s/he has fun in the process! Lightness doesn't impede results but rather, helps to move the team forward. Lightness complements the seriousness of the task at hand as well as the resolve of the team, therefore contributing to strong team results and retention.
9. Discipline/Focus
Discipline is the ability to choose and live from what one pays attention to. Discipline as self-mastery can be exhilarating! Role model the ability to live from your intention consistently and you'll role model an important leadership quality.
10. Big Picture, Small Actions
Excellent managers see the big picture concurrent with managing the details. Small actions lead to the big picture; the excellent manager is skillful at doing both: think big while also paying attention to the details.
Public folder tools
pfadmin 1.3
This is the original pfadmin from the days of Exchange Server 5.5 and is used for imports. It works with Exchange Server 5.5, Exchange Server 2000, and Exchange Server 2003. It's typically used for running permissions imports that were generated with pfinfo 3.x, which are made up of SETACL command lines. You can also use it interactively to run SETACL and SETREPLICA commands. Pfadmin lets you view the current permissions and replicas using LISTACL and LISTREPLICAS, respectively. However, these dumps cannot be imported since they don't use the SETACL or SETREPLICAS command format. You can find pfadmin 1.3 at /PFAdmin.
pfinfo 3.x
This is the original pfinfo from the time of Exchange Server 5.5 and can be used with Exchange Server 5.5 only. It's used for exporting permissions in pfadmin 1.3 command syntax and also reports certain properties. Pfinfo is typically used for running permissions exports—actually just a list of SETACL commands. These can be imported using pfadmin 1.3. It also generates a report that includes various other properties of the folder, such as item count and folder size. The property export cannot be imported. You can try running this against Exchange Server 2000 and Exchange Server 2003, but in some cases subfolders will appear as root folders in the export because pfinfo gets the folder path from the directory object, which is not always populated in Exchange Server 2000 and Exchange Server 2003. See /PFInfo/55.
pfadminE2K
This is an updated pfadmin for Exchange Server 2000 and is used for imports. However, pfadminE2K isn't widely used due to several shortcomings. First, its command and permissions syntax is completely different from pfadmin 1.3, meaning you can't import your old pfinfo exports with the new pfadminE2K. Second, with Exchange Server 2000 SP1 and later, most operations fail. It only works reliably with the RTM version of Exchange Server 2000. You can find it at /PFAdmin.
pfinfoE2K
This is the updated pfinfo for Exchange Server 2000, which was also not widely used for similar reasons. It's used for exporting permissions in pfadminE2K command syntax and reports certain properties. The new permissions export format made it incompatible with any tool except pfadminE2K, and it works reliably with Exchange Server 2000 RTM only. See /PFInfo/2000.
OutlookFolders
This utility accesses Exchange Server via a MAPI profile, and thus it works with any version of Exchange Server. It generates permissions exports in pfadmin 1.3 SETACL command syntax and can be found at /Outlook_Folders.
PFDavAdmin
PFDavAdmin accesses the information store through WebDAV and can be used with Exchange Server 2000 and Exchange Server 2003. Originally written to correct non-canonical discretionary access control lists on public folders, it eventually expanded to include imports and exports of permissions and replicas in pfadmin 1.3 command syntax. Version 2.3 and later can also export properties such as item count (PR_CONTENT_COUNT) and folder size (PR_MESSAGE_SIZE) into a tab-delimited file similar to the old pfinfo output which also cannot be imported, just like the old pfinfo output. It can be used to propagate single permissions and replicas down a tree of subfolders, instead of overwriting as Exchange System Manager does. Get it at /PFDavAdmin.
pfmigrate
Pfmigrate can be used with Exchange Server 2000 and is especially useful for Exchange Server 2003 SP1 site consolidation, since it supports changing the legacy domain name of a public folder. No other utility discussed here can do this. Pfmigrate can also be used to simply add replicas of all folders on one server to another server, and remove replicas of all folders from the original server. You can find it at Downloads for Exchange Server 2003.
exdeploy
The exdeploy /pubfoldcheck switch is of interest in regard to public folders since it runs a part of the DS/IS Consistency Adjuster, which removes the unknown accounts from public folder access control lists (ACLs). Those unknown accounts, if unhandled, could then get replicated to Exchange Server 2000 and Exchange Server 2003 as zombie users (accounts that appear in ACLs but not in Active Directory®). Exdeploy /pubfoldcheck can be scripted and run against multiple servers. Earlier versions of exdeploy help stated that /pubfoldcheck also synchronized the public folder store and the Exchange Server directory (which could cause public folders to be rehomed). This is incorrect and has been fixed in the new help file available with the tool. It's available at Downloads for Exchange Server 2003, as part of the Exchange Server 2003 deployment tools.
This is the original pfadmin from the days of Exchange Server 5.5 and is used for imports. It works with Exchange Server 5.5, Exchange Server 2000, and Exchange Server 2003. It's typically used for running permissions imports that were generated with pfinfo 3.x, which are made up of SETACL command lines. You can also use it interactively to run SETACL and SETREPLICA commands. Pfadmin lets you view the current permissions and replicas using LISTACL and LISTREPLICAS, respectively. However, these dumps cannot be imported since they don't use the SETACL or SETREPLICAS command format. You can find pfadmin 1.3 at /PFAdmin.
pfinfo 3.x
This is the original pfinfo from the time of Exchange Server 5.5 and can be used with Exchange Server 5.5 only. It's used for exporting permissions in pfadmin 1.3 command syntax and also reports certain properties. Pfinfo is typically used for running permissions exports—actually just a list of SETACL commands. These can be imported using pfadmin 1.3. It also generates a report that includes various other properties of the folder, such as item count and folder size. The property export cannot be imported. You can try running this against Exchange Server 2000 and Exchange Server 2003, but in some cases subfolders will appear as root folders in the export because pfinfo gets the folder path from the directory object, which is not always populated in Exchange Server 2000 and Exchange Server 2003. See /PFInfo/55.
pfadminE2K
This is an updated pfadmin for Exchange Server 2000 and is used for imports. However, pfadminE2K isn't widely used due to several shortcomings. First, its command and permissions syntax is completely different from pfadmin 1.3, meaning you can't import your old pfinfo exports with the new pfadminE2K. Second, with Exchange Server 2000 SP1 and later, most operations fail. It only works reliably with the RTM version of Exchange Server 2000. You can find it at /PFAdmin.
pfinfoE2K
This is the updated pfinfo for Exchange Server 2000, which was also not widely used for similar reasons. It's used for exporting permissions in pfadminE2K command syntax and reports certain properties. The new permissions export format made it incompatible with any tool except pfadminE2K, and it works reliably with Exchange Server 2000 RTM only. See /PFInfo/2000.
OutlookFolders
This utility accesses Exchange Server via a MAPI profile, and thus it works with any version of Exchange Server. It generates permissions exports in pfadmin 1.3 SETACL command syntax and can be found at /Outlook_Folders.
PFDavAdmin
PFDavAdmin accesses the information store through WebDAV and can be used with Exchange Server 2000 and Exchange Server 2003. Originally written to correct non-canonical discretionary access control lists on public folders, it eventually expanded to include imports and exports of permissions and replicas in pfadmin 1.3 command syntax. Version 2.3 and later can also export properties such as item count (PR_CONTENT_COUNT) and folder size (PR_MESSAGE_SIZE) into a tab-delimited file similar to the old pfinfo output which also cannot be imported, just like the old pfinfo output. It can be used to propagate single permissions and replicas down a tree of subfolders, instead of overwriting as Exchange System Manager does. Get it at /PFDavAdmin.
pfmigrate
Pfmigrate can be used with Exchange Server 2000 and is especially useful for Exchange Server 2003 SP1 site consolidation, since it supports changing the legacy domain name of a public folder. No other utility discussed here can do this. Pfmigrate can also be used to simply add replicas of all folders on one server to another server, and remove replicas of all folders from the original server. You can find it at Downloads for Exchange Server 2003.
exdeploy
The exdeploy /pubfoldcheck switch is of interest in regard to public folders since it runs a part of the DS/IS Consistency Adjuster, which removes the unknown accounts from public folder access control lists (ACLs). Those unknown accounts, if unhandled, could then get replicated to Exchange Server 2000 and Exchange Server 2003 as zombie users (accounts that appear in ACLs but not in Active Directory®). Exdeploy /pubfoldcheck can be scripted and run against multiple servers. Earlier versions of exdeploy help stated that /pubfoldcheck also synchronized the public folder store and the Exchange Server directory (which could cause public folders to be rehomed). This is incorrect and has been fixed in the new help file available with the tool. It's available at Downloads for Exchange Server 2003, as part of the Exchange Server 2003 deployment tools.
Subscribe to:
Posts (Atom)
