Windows Server Administration

I had this situation the other day where a client needed to have their email forwarded from their Exchagne 2007 Mailbox to their newly created GMAIL Account. They will be using the GMAIL account as their primary email account for easier collaboration because they work in 2 different enterprises. In the Exchange 2007 environment POP3 or IMAP are not enabled therefore he couldn’t set up GMAIL to fetch his mail that way.

So to make this work I created a New Mail Contact on the Exchange 2007 Mailstore:

Open up the Exchange Management Console > Click on the Recipient Configuration Node. Then from the Actions Pane on the Right click on “New Mail Contact”. Select New Contact and click next, Choose the Organizational Unit for the contact and fill out the appropriate fields. Then in the External Email Address box click Edit and enter in the SMTP Address of the external email address, click Next and then Finish.

Now you have a new mail contact set up we can then forward the mail from the Exchange 2007 Mailbox to that mail contact.

From the Exchange Management Console go to the Recipient Configuration > Malbox Node and find the mail box for which you would like the mail forwarded from, right click and select properties. Under the Mail Flow Settings Tab select Delivery Options and then Properties.

Place a tick in the “Forward To” Box and then click Browse. Find the Mail Contact that you just created and click OK. There is anopther option that you can enable and that is to Deliver message to both forwarding address and mailbox. Put a tick in there if you would like to enable that.

I have been reading quite a lot of posts lately on how effective the performance of Windows 2008 Server is when using it as a Desktop Operating System. Tim has also written and article over at his blog with some interesting points. Now apparently it performs better than Vista SP1 which is something I am going to have to try out on my notebook.

I have a Toshiba M400 Tablet Notebook that currently has Vista SP1 installed and like many other I am not that rapt with the performance so I am going to give Windows Server 2008 a crack and see what the performance difference is like.

Stay Tuned………

A couple of days ago I wrote about some issues I was having with one of my Hyper-V Virtual Machines and the snapshots that were associated with it causing my System Drive (C Drive) to run out of disk space. From what I was reading if you turn off the Virtual Machine in question a merging process will be conducted and the AVHD Files that are associated with the VHD File will merge together and form one file, a VHD one. This is what I was after.

I was reading and article by “The Virtual PC Guy’s” on Snapshotting under Hyper-V, and I determined that if I deleted the snapshots then the AVHD Files should be merged? But for some reason they did not merge?. Anyway the way to get these files merged to their parent VHD file (for me anyway) was to turn the VM off and just let the merge take place. Now I thought this process would take some time so I scheduled it for Friday night, my VM was a Microsoft Exchange Server, sureley no one would be checking their emails on a Friday Night !

I had 3 AVHD files that I wanted to get rid of, so I turned the VM Off and the “Merge in Progress” appeared in the Hyper-V Manager so I let it run it’s course. About 50 mins later the merge process was complete and 2 of the AVHD Files just VANISHED, great! but there was still one left? So I decided to turn the VM off again and what do you know another Merger was taking place, so again I left this happen and after it had completed the final AVHD File dissappeared and I was left with one VHD File, FANTASTIC!

Read the rest of this entry »

Here is a task that most Network Administrators will face at one time or another, moving User Home Directories from one Server to another. We are in the process of organising new Servers for 2009 and these will be Windows Server 2008 and the current Servers are running on Windows 2003 Server Standard Edition. Now currently our Home Folders are individually shared as hidden shares, and I want to move to a convention of a parent shared User Folder with individual folders for each user in there that are not shared.

Now I wanted to explore the PowerShell option to copy from the source server to the destinsation server and keep the NTFS Permissions intact after the copy, as I have previosuly used PowerShell to do a bulk import of users into Active Directory and that woked a treat. I was a bit dissapointed with the PowerShell options using GET-ACL and SET-ACL because I could do individual folders one at a time but that would take forever, and I couldn’t see an easy way to iterate through them….

Read the rest of this entry »

Virtualization, Virtualization, Virtualization, that is the buzz at the moment with the release of Microsoft’s Hyper-V in Windows 2008 Server. I have working with Hyper-V a bit over the past couple of weeks and my impression is both good and bad. Now I must admit that I have not really had a lot to do with Virtual Server 2005 and other virtualization technologies in the past, but I have decided to consolidate alot of my servers, considering I have had to run a lot on souped up desktops!

One thing that I am getting my head around is “Snap Shots”. I was reading a post about another Nightmare Hyper-V Story, and it was pretty close to the mark in terms of what I experienced when I arrived at work on Monday morning this week. I have been working on moving our Exchange Server over to Hyper-V and upgrading to Exchange 2007, we seemed to have things sorted and then over the weekend (Saturday morning to be exact) our mailstore server ground to a halt and was paused due to a lack of disk space on C Drive! In the midst o trying to free up some space and sort things out another network admin cut and pasted a file with an AVHD extension from an obscure location ProgramData\Microsoft\Windows\Hyper-V\GUID Number. Freed up some space, but when trying to start the Virtual Machine it spat out some errors and would not start. Note to Self: Make sure you have plenty of disk space !

Luckily enough I had just taken a copy of the VHD File a couple of day earlier and was able to just point to that VHD File and start the machine up and it seemed to work OK. Now according to HyperVoria these AVHD Files are to do with these “Snap Shots”, now there were snap shots created a while ago but they were deleted? I am not sure why these AVHD Files are still there? Anyway from what I can gather the merging of these AVHD Files to the Parent VHD File need to happen while the VM is powered off. So on Friday Night I am going to test this theory and power off this VM and let the merge take place and see if the AVHD Filed disappear and leave me with one VHD File.

Make sure you subscribe to my RSS Feed and keep updated with this process and the other articles that will be coming your way.

A while ago I wrote about how to easily export Exchange 2007 MailBoxes to PST Files for archiving and backup purposes. Now that is OK if you want to run the process manually but what about scheduling the export for out of hours?

If you have followed the previous post and have successfully completed and export to PST File you will notice that you have to confirm that you want to proceed with the operation. Very annoying if you want to schedule this script and in fact the task will fail. This is how I managed to get around the need to confirm before proceeding prompt in the Exchange 2007 Management Shell.

If you remember from the previous post this command will export Mailboxes from a specific Database to individual PST Files.

get-mailbox -database “SERVER_NAME\DATABSE_NAME” | export-mailbox -PSTFolderPath C:\PSTFiles

With this command you will get a prompt asking you to Press A for All Y for Yes N for No etc etc. Not good if you want to schedule this.

Here is the KEY to avoid the prompts. Add -Confirm:$false to the end of the Export-Mailbox String. Therefore the new String would be:

get-mailbox -database “SERVER_NAME\DATABSE_NAME” | export-mailbox -PSTFolderPath C:\PSTFiles -Confirm:$false


All Done, Now you can Schedule away…….

If anyone is using the Automatic Discovery for Web Proxy Clients, then you will know that you can deploy these settings either via DNS and or DHCP. For those who haven’t used this then here is a bit of an insight into how it works.

ISA 2004 and 2006 provides the ability for Web Proxy Clients to automatically locate the ISA Server to use for it’s clients requests. ISA Server uses the WPAD Protocol so that clients can locate the server that is hosting the Wpad.dat and Wspad.dat files. The Wpad.dat file is used by Web Proxy clients for automatic discovery information.

To make your proxy clients aware of it’s existance you can either use a DNS Ailias Entry or you can push the settings out via DHCP. First things first you need to configure Internet Explorer to use Automaic Discovery. Go to Tools > Internet Options > Connections > LAN Settings and tick Automatically Detect Settings.

On the ISA Server, I’m using ISA 2006, you need to goto Configuration > Networks > Network Tab. Right Click your “Internal Network” and then go to the Auto Discovery Tab. Place a tick in the Publish automatic discovery information for this network. You can test to see if you can get to the wpad.dat file by typing this URL into IE – http://servername:portnumber/wpad.dat and you should get the file.

Next you can either Configure a DNS Alias called WPAD and point that to the ISA box or you can configure the options on your DHCP Server. Now in my environment for some reason, which I am yet to work out, the DNS option seems to be a bit dodgy. So today I though I would configure the DHCP options, keeping in mind that remote access client will not be able to access the DHCP Server so this will not work for them, but for a Local Lan this will be fine, and an upside is that is provides faster access.

On your DHCP Server you need to Right Click the Server in the DHCP Manager Snap In and select Set Pre Defined Options, then click the Add Button. Name the Entry WPAD, Select String as the Data Type, and the code needs to be 252. The String Value needs to be this:

http://Computer_Name:Port/wpad.dat

Obviously substituting the computer name and port number to the ones relevant to your environment. Next you need to Right Click Server Options > Configure Options and then scroll right down to the bottom of the list until you find the 252 – WPAD Entry and place a tick in the box.

To make this work for my clients that already had DHCP Leases what I did was to go to the Address Leases and manually delete the current Leases and for the clients to options a new Lease and therefore the new Server Options. So far so good and it is all working extremely well.

Well it is coming to that time of year again where we will be given a list of new students that will be enrolled for the 2009 School Year, and of course it is up to the IT Department to created the hundreds of accounts. This year I thought I would have a crack at using PowerShell to do a bulk import into Active Directory.

The first thing that I found was that PowerShell doesn’t have any specific Active Directory CMDLets, so I found these PowerShell CMDLets from Quest. A must have if you are working with Active Directory and PowerShell. There are a few pre requesests before installing so grab the PDF document associated and have a read. Let’s build the script!

I want to be able to import users from a CSV file so the the cmdlet that I amm interested in is Import-CSV which takes a parameter for the file name like so:

Import-CSV C:\New.csv

Next Step is to iterate through the file. This is done by piping the contents of the csv file to the For-EachObject cmdlet which inturn uses the New-QADUser cmdlet.

ForEach-Object {New-QADUser -ou domain.local/Students/2009 -name $_.Name -Description $_.Description -City $_.City -UserPassword $_.Password -SamAccountName $_.sAMAccountName -FirstName $_.FirstName -LastName $_.LastName -DisplayName $_.Name -UserPrincipalName $_.UPN}

If you type in get-help New-QADUser you will see the syntax and all the parameters you can include. In the above script you will see $_.Name etc etc. These correlate to the CSV File. My CSV File had Name, Description, UserPassword, sAMAccountName, FirstName, LastName, DispplayName and UPN. You can see the connection above. It doesn’t even matter what order they are in in the CSV File!

Did you Like This Post? Stay Updated with more How To’s and Tips by Subscribing to My RSS Feed

For the past couple of days I have been struggling with our Exchange 2007 implementation. But I am glad to say that all things are looking good and we can now send and receive mail! Whoo Hoo…..

What I have been playing with is the Edge Server and the new improved Anti Spam features that it brings to the table. Which for us is a reason in itself to implement an Exchange 2007 Mail system. But what has been frustrating is the fact that it did not seem to be working! But Yesterday we had a massive breakthrough.

The setup that I had was the Edge Server is sitting behind our ISA 2006 firewall which is forwarding all SMTP Traffic to the Edge Server. But it wouldn’t work unless we had “Request Appear to come from the ISA Server computer” selected and the ISA Server Computer’s Ip Address in the “Allowed IP List” on the Edge Server. Now that was no good because then all the mail appeared to be coing from the ISA box and not the origional client.

So….What I did was I changed the gateway of the Edge Server to the ISA 2006 box and then changed the “Request Appear to come from the ISA Server computer” to “Request Appear to come from the origional client” in the SMTP Publishing Rule and BINGO the Edge Server is doing it’s Anti Spamming Job!

The downside to that was that we now could not send any mail. Because the ISA box is in our DMZ we could get out. So after subscribing the Edge Server to Active Directory and the Organization it automatically creates Send and Receive Connectors. So what I did was change the “Source Server” from the Edge Server (which had a gateway of the ISA box) to our CAS (Client Access Server) which was also running the Hub Transprt Role. Our CAS Server had a different gateway and could send mail out. We now have a working model. And what is more important the new SPAM agent on the Edge Server is working a treat!!!!

Daniel
Creating a Working Exchange 2007 Infrastructure.

Oliver over at the Windows Server Division Weblog has just written a post on the Announcement of Windows Server R2, among the enchancements that caught my eye were the ones to do with virtualization, a new Hyper-V is built in offering some great new features.

Considering I will be consolidating alot of my servers over the coming months this will add some great benefits. I currently have 2 Exchange 2007 servers riunning on a Hyper-V box and seem to be going OK. One is running the CAS and Hub Transport Roles and the other is running the MailStore Role.

Make sure you check out the other inclutions in R2 on the Windows 2008 Server Website.