I finally got Office Communications Server 2007 R2 up and running after fiddling around with it for 3 days! I am super excited- the public IM connectivity is functioning just as it was before the upgrade / domain move-
I really dig the new management abilities Microsoft built into OCS 2007 R2. You have an easier to use, more granular ability to control users and the behavior of the pool.. Please take note, however, you DO need to install the management tools on a domain computer in order to provision users. The management tools are a seperate install all together from the core / base roles of operation.
I would have completed this in a day if it was not for a tiny oversight I made on the core installation. MAKE SURE you add the local computer name to the Subject Alternate Name on the certificate for the Pool Cert. My Edge and Front End were not connecting until I regenerated the certificate with the computer name in the SAN.. If it was not for that, the 2 days off and on of troubleshooting would have been non-existent..
Tuesday, July 13, 2010
Thursday, July 8, 2010
Exchange 2010, Administrator Accounts and ActiveSync
Apparently there is an issue with Exchange 2010 and Administrative accounts. When you are an admin in AD it will remove the inheritable permissions from your account. When you do not have inherited permissions, Exchange is unable to write meta-data to your account. This created a mind boggling issue for me when I updated to Exchange 2010 and tried to attach my phone for over the air activesync. I kept recieving error 0x85010014, regardless of what I tried to fix the issue - including a phone wipe!
Once I removed my account from the domain admins and allowed my user object to inherit parent permissions, my phone joined up and sync'd immediatly!
Once I removed my account from the domain admins and allowed my user object to inherit parent permissions, my phone joined up and sync'd immediatly!
Wednesday, June 30, 2010
Site to Site VPN with Cisco PIX and Pfsense
A quick note that when creating a pfsense to cisco pix site to site vpn tunnel, main mode should be used opposed to aggressive. After this small change, ping a host on the other side of the tunnel and it should come right up!
Sunday, November 29, 2009
SharePoint Authentication Problem & Fix
I was running into authentication problems with SharePoint on a fresh installation on a new farm.
I was receiving Status code: 0xC000006D in the security logs for my user account.
The fix is to check KB 896861 for more information. Method B resolved my issues.
I was receiving Status code: 0xC000006D in the security logs for my user account.
The fix is to check KB 896861 for more information. Method B resolved my issues.
Tuesday, September 29, 2009
When SBS Goes Bad - Exchange 2007 Recovery
Like many other small businesses, I use Microsoft Small Business Server. More specifically, SBS 2008 Standard Edition. Being an IT professional, I ALWAYS have a secondary AD server just in case something happens to the SBS server. This past week, my SBS 2008 server crashed! It was pretty nasty. The LDAP authentication was skewed, the kerberos key was skewed. Basically, the only thing that would have saved my tail would have been a system state backup from a month ago. I only kept 15 days.
Fortunate for me, I had the 2nd ad server. So I used some resource tools to remove the metadata for the SBS server, and set the burflags on my ntfrs service to make the sysvol share authoritative for the domain and restarted the ntfrs service. I brought up another 2008 x64 server and installed Exchange 2007 on it. I created a restore group and restored my SBS exchange database. I moved over the configuration data in AD to point to the new exchange server. Unfortunatly, the database I restored would not mount. I was receiving the error: MapiExceptionCall Failed 0x080004005 ec=-511 (I also received 502, 510 on previous tries). I was able to repair the database using eseutil.exe with the /p and /d options. After the passes completed successfully, I was able to mount the database and initiate the merge between the recovery group and the live database for what is referred to as a "dial tone" restore.
All is well now! I ousted the SBS server and went with another virtual AD server and standalone exchange. SBS is no more for me (FOR NOW).
Fortunate for me, I had the 2nd ad server. So I used some resource tools to remove the metadata for the SBS server, and set the burflags on my ntfrs service to make the sysvol share authoritative for the domain and restarted the ntfrs service. I brought up another 2008 x64 server and installed Exchange 2007 on it. I created a restore group and restored my SBS exchange database. I moved over the configuration data in AD to point to the new exchange server. Unfortunatly, the database I restored would not mount. I was receiving the error: MapiExceptionCall Failed 0x080004005 ec=-511 (I also received 502, 510 on previous tries). I was able to repair the database using eseutil.exe with the /p and /d options. After the passes completed successfully, I was able to mount the database and initiate the merge between the recovery group and the live database for what is referred to as a "dial tone" restore.
All is well now! I ousted the SBS server and went with another virtual AD server and standalone exchange. SBS is no more for me (FOR NOW).
Tuesday, June 2, 2009
Connecting to Cisco IPSEC VPN from x64 Windows Vista
A constant issue I have been hearing about lately is the ability or lack there of to connect a Windows Vista (usually x64) to Cisco IPSEC VPN devices. As you may already know, Cisco is moving away from IPSEC VPN on their newer devices and as of this writing have not released any plans to implement IPSEC on x64 or Vista platforms. They are moving toward SSL VPN connections, which in most cases, requires additional license purchase along with your multi thousand dollar initial investment in their ASA line of products.
In the search to fix this problem I have run across an open source implementation that has worked so far so good with Cisco VPN devices. This open source product uses the OpenVPN tapi interface as its backend and a user friendly front end that will import your Cisco VPN client .pcf with ease. IMPORTANT NOTE: When you are finished installing this package, you MUST reboot your computer!! Enough chatter go download already! http://sourceforge.net/projects/vpncfe/
Hope this helps!!
In the search to fix this problem I have run across an open source implementation that has worked so far so good with Cisco VPN devices. This open source product uses the OpenVPN tapi interface as its backend and a user friendly front end that will import your Cisco VPN client .pcf with ease. IMPORTANT NOTE: When you are finished installing this package, you MUST reboot your computer!! Enough chatter go download already! http://sourceforge.net/projects/vpncfe/
Hope this helps!!
Sunday, March 8, 2009
Microsoft CRM 4.0 IFD (Internet Facing Deployment) Tool
In order to access your Microsoft CRM 4.0 deployment from the internet correctly, you must run the CRM IFD TOOL to make the proper modifications to your system.
You can find the tool at the following location:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=69089514-6e5a-47e1-928b-4e4d4a8541c0
You can find the tool at the following location:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=69089514-6e5a-47e1-928b-4e4d4a8541c0
Subscribe to:
Posts (Atom)
