AD Powershell cmdlets!
With the release of Windows Server 2008 R2, there will finally be native support for Active Directory management in Powershell. For those of us (myself included) who don’t/won’t use the third-party add-ins for AD, this is great news!
Check out the AD Powershell team’s blog: Active Directory Powershell Blog (easy enough name to remember) for more information and a downloadable cmdlet reference chart.
Thanks AD Powershell Team!
Exchange Server 2007 SP1 Update Rollup 7!
Wow, that was quick! (I just got SP1 UR6 installed on all my servers a week ago).
Update Rollup 7 for Exchange Server 2007 SP1 has been released. The full list of fixes and updates is documented in MS KB 960384, but I think a lot of people will be happy to see this one specific item corrected:
- 961281- An error is returned when you enable SCR from any source in a child domain after you install Exchange Server 2007 Service Pack 1 Rollup 5
You can get the update here and get to updating! 
Data Protection Manager 2007 error ID 998
I’m currently doing some testing with Exchange Server 2007 and Data Protection Manager 2007 on Hyper-V. As I needed several VMs for the testing, I just installed one and then used NewSID to change the VM SID and name before joining each one to my test domain. Later, upon attempting to configure a new protection group on DPM for one of the Exchange servers I got this error:
The operation failed because of a protection agent failure.
Retry the operation.
ID: 998
Details: Unknown error (0×80042318) (0×80042318)
After checking the usual suspects, including the required VSS patch on the Exchange server to be protected and examining the Event Logs on the Exchange Server I found lots of VSS errors with Event ID 12302 on the Exchange server.
Tt turns out the problem is actually with using NewSID…it doesn’t play well with VSS. The solution’s pretty simple once you find it–here’s one place it resides. The steps are as follows:
- Stop the Microsoft Shadow Copy Provider & Volume Shadow Copy Service.
- Export the contents of the HKLM\Software\Microsoft\EventSystem key to a .reg file (as a backup).
- Delete the HKLM\Software\Microsoft\EventSystem\{26c409cc-ae86-11d1-b616-00805fc79216}\Subscriptions key. (Just delete the Subscriptions subkey; leave the EventClasses key.)
- Restart the server.
- Run the “VSSADMIN LIST WRITERS” command, which should procude output similar to that shown below.
This causes the VSS entries in the HKLM\Software\Microsoft\EventSystem\{26c409cc-ae86-11d1-b616-00805fc79216}\Subscriptions key to be rebuilt when the writers initialize.
If that does not resolve the problem, check the Sysinternals forum link mentioned above for more steps.
Activate SCR Target via EMS script
If you’ve got SCR installed and are using the Database Portability model described in “Standby Continuous Replication: Database Portability“, here’s a useful Exchange Management Shell that scripts the entire activation process. Just change all of the noted fields to match your source and target servers and even add additional storage groups/databases to the script if you like.
Be sure to triple check your entries and TEST IN A LAB ENVIRONMENT before unleashing this production!
Activate-SCRTarget.zip (1.6 KiB, 664 hits)
Exchange Server 2007 SP1 UR6 = No problems
I finally had the chance to update the rest of our Exchange Server 2007 SP1 servers to UR6 tonight and there were no problems at all. Even the .NET native image portion went fairly quickly. WIN!
Adding Exchange Administrators fails with error 00000525
Just as a quick reminder (because, oh…I forgot myself), if you have Exchange Server 2007 installed in a child domain in a parent/child domain forest then your Exchange security groups are going to be located in the parent (root) domain. So, if you want to add new Exchange Administrators using the Add Exchange Administrators wizard from the EMC or the Add-ExchangeAdministrator cmdlet in the EMS, you need to be an Enterprise Administrator if you’re trying to perform the add from the child domain. If not, you’ll get this error:
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00Add-ExchangeAdministrator
FailedError:
Active Directory operation failed on dc21.root.local. This error is not retriable. Additional information: The specified user does not exist.
Active directory response: 00000525: NameErr: DSID-031A0F80, problem 2001 (NO_OBJECT), data 0, best match of:
”The object does not exist.
Exchange Management Shell command attempted:
Add-ExchangeAdministrator -Identity ‘company.local/SystemUsers/Service Accounts/ServiceAccount42′ -Role ‘ServerAdmin’ -Scope ‘XHT10A’Elapsed Time: 00:00:00
Here’s one newsgroup post with this error, I’m sure there are others as well.
-
Translator
