Vista - Admin tools (adminpak.msi) lost but now found

So you've gone and upgraded your desktop to Vista and tried to install ye olde adminpak.msi only to find that it don't work. To add insult to injury, for the past year there was no hope in sight for fixing this sad state. Fear not, Microsoft has released the RSAT package. (Remote System Administration Tools) which will allow you to use Admin tools from a Vista box with SP1 and is compatible with 2k3, and 2k8 servers!

Download 32 bit version:
http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960&displaylang=en

Download 64 bit version:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D647A60B-63FD-4AC5-9243-BD3C497D2BC5&displaylang=en

*Note:
After installing, it'll add a help file to your local admin tools and you'll be wondering where the tools are. If you read the help file, it'll tell you to go into Programs and Features -> Turn Windows features on or off and check the box for "Remote Server Administration Tools"

Separate wallpapers for dual monitors in vista

You know, I really thought they'd have this feature built into Vista. It just seems like one of those nifty GUI things they need to keep up with Mac...

Here's where DisplayFusion comes in. The basic version is free and will allow you to choose a different wallpaper image for each monitor. The app is pretty small (currently consuming 796K in RAM) and is really easy to use. Once installed, just launch it and it'll show up as an icon in the taskbar tray.



Go into the settings and then choose a monitor, then a background color (if needed) and the image you want to display on that monitor. Repeat for second monitor.



Download it here: http://www.binaryfortress.com/displayfusion/

Head's up - Win2k3 SP2 may cause networking issues

There's a lot of buzz going around about problems being caused by SP2. By default it turns on a lot of features like TCP/IP Offloading (TOE), and Receive-side Scaling (RSS) which can play havok on older network cards and apparently some newer boxes as well. There's a really good write-up on the problem from the exchange team at http://msexchangeteam.com/archive/2007/07/18/446400.aspx
which goes into detail on what is happening. If you've got anything weird going on with your servers since applying SP2, there's a good chance it's because of this.

I personally haven't run into problems on my exch 2k7 box with win2k3 x64 sp2 but I'm going to update my drivers now anyway just in case.

FS116P Desktop POE switch review

Sometimes you've just got more devices in a room than ports and whether it's temporary or not, you just can't get approval for more LAN drops. And to make matters worse, they're IP phones that run on POE (Power Over Ethernet). Now in your big network closets you can install those new big howling POE switches for your backbone but for a small room, a quiet switch will keep mad users from coming to your office with torches. (I just installed a 24 port Dell POE switch on the backbone last week and it would make an aircraft carrier deck seem quiet.)

Enter the Netgear FS116P - 16 port 10/100 with 8 ports of POE.
http://www.netgear.com/Products/Switches/DesktopSwitches/FS116P.aspx
It's a fanless desktop switch and out of the 4 I got for our small rooms, only 1 had a discernable buzz but it was faint and after being stuffed behind the printer stand wasn't really noticable. As far as performance goes, it works just like any run of the mill 10/100 desktop switch - not noticeable either way for end users. Only the first 8 ports are POE enabled but for smaller rooms that's really all you need. This switched worked fine with my Nortel i2002 phones and the Cisco 1131AG.

Exchange 2007 Powershell Script - Emails owners of all email distribution groups

Last year I posted a generic script to enumerate all members of all email groups. My department was tasked with finding a way to keep all email groups updated for all departments. My solution has 2 parts:

Part 1 is configuring the "Managed By" field in Active directory or exchange for all distrubtion groups and checking the box for 'Manager can update member list'. This allows email distribution group owners to modify membership through their Outlook client directly. (via the Address book interface.)

Part 2 consists of the following Powershell script which finds all Email Distribution Groups in the forest and then sends an email for every email distribution group to that groups owner. The emails contain the primary SMTP address for reference and a list of all members of that group for quick viewing and confirmation.

# Enumerates all members of all Distribution Lists in Exchange 2007
# and all owners.
# Script will then proceed to email each owner a list of all
# members of each group.
# Uses cmdlets from exch2007
#
# 3/14/08
# By: Gnawgnu

#first get all distributionlists
$dl = get-distributiongroup

#then enumerate through them all and get all group members.
foreach ($group in $dl) {

#build group data
$groupName = "Group Name: " + $group.name
$groupAddr = "Email Address: " + $group.PrimarySMTPAddress
write-host $groupName -foregroundcolor Green
$dlgm = get-distributionGroupMember $group.name.ToString()
$gOwner = get-user $group.ManagedBy.Name

#setup email - make sure to add to your whitelist for
#antispam if applicable.
$sender = "PickASMTPSenderEmailAddress"
write-host $sender
#get Email Address of group owner
$recipient = $gOwner.WindowsEmailAddress
write-host $recipient
$server = "YourSMTPServerGoesHere"
write-host $server
$subject = "Monthly Review required - Email Group: " + $group.Name.ToString()
write-host $subject
#Note: `r`n is a carriage return
$bText1 = "`r`nOwner:" + $group.ManagedBy.Name.ToString() + "`r`n"
$bText2 = $groupAddr.ToString() + "`r`n"
$bText3 = "group members: `r`n"
$bText4 = $dlgm | fl Name | out-String
$bText5 = "Please use your Outlook Client to make changes if needed.`r`n"
$bText6 = "If you are no longer the manager of this group, please notify IT.`r`n"

$body = $bText1 + $bText2 + $bText3 +$bText4 +$bText5
write-host $body.ToString()
$msg = new-object System.Net.Mail.MailMessage $sender, $recipient, $subject, $body

#send email
$client = new-object System.Net.Mail.SmtpClient $server
$client.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
$client.Send($msg)

}

APC metered switches - remote power off

If you've got some old stubborn legacy hardware that sometimes stops working unless you fully unplug it and power it down then you can relate to the pain of having to physically go onsite or call someone else to unplug the device. This clunky but functional arrangement works fine during normal work hours but can be a pain at 10pm on a weekend. My solution was to get some APC metered switches. Give it an IP address and custom name each outlet port to match the device that's plugged into it through the built-in web interface. If you're offsite and you need a reboot, just vpn into work, open a web browser to the APC's IP, and give commands to the individual ports to power down, then 30 seconds later, tell them to power back on.
This also works well for servers if they bluescreen or run into a hardware failure and just won't restart.

And as a unrelated side bonus, the APC switch has an amperage meter which is useful for measuring how many amps those ancient devices are pulling.

Link the APC 7900 Switched PDU series:
http://www.apc.com/products/family/index.cfm?id=70

Upgrading to Exchange 2007 SP1 with Symantec Mail Security

*UPDATED - Read all updates before trying this - See Below*

I'd been holding off on applying SP1 for Exch 2007 for a while now until I had upgraded my backup exec to version 12 and to see if there were any issues with Symantec Mail Security which I have running on the exchange server. So after I got BE 12 up and running I figured it was time.

The download of SP1 was much larger than I was expecting as it was around 870MB. In fact after running this upgrade I'm under the impression that it pretty much just reinstalled the whole server while retaining all my settings and data. Make sure you perform the usual precautions like backing up your data and have a recovery plan in place before starting. And of course, stop all antivirus, backup exec, automatic update services, etc prior to starting. (leave the exchange and IIS services running)

The first machine you should upgrade is the server(s) with the Client Access Role installed. During my upgrade, the pre-requisite check failed with a "you must be a member of the exchange organization administrators group" which occured because the user I was installing it as was not a member of the Exchange Organization Group. To remedy this, go into the Exchange Mgmt Console and under Organization, click on Add Exchange Administrator and add in the account you are installing as. Then restart all exchange services for changes to take effect. After the pre-req tests pass, click Next and the upgrade will start. You'll see a lot of disturbing messages like 'uninstalling files', 'pre-compiling binaries', etc and wonder if you're running the right installer or not. Fear not, this is normal behavior for the service pack. My Front-End server took about 17 minutes. (Server specs: Win2k3 x64 SP2, dual 2.0Ghz, 4GB ram)



At this time, I went ahead and re-installed the backup exec agents on the server just as a precaution.

Now with that roaring success beneath our belts, we move onto the back end server. Now if you got that exchange organization admin error earlier, make sure you rebooted the back end server too for changes to take effect. Repeat the same precautions of backup up, stopping unnecessary services, etc.



After that's done, you may want to change a registry key for a feature that's disabled by default as part of Microsoft's new security initiatives. The downside is that by turning off "Remote Streaming Backup" is that programs like Backup Exec will have problems. To Enable this key, go into Regedit and navigate to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem

Create a DWORD key - "Enable Remote Streaming Backup" with a value of 1. At this time, I went ahead and re-installed the backup exec agents on the server just as a precaution. Reboot.

My Symantec Mail Security 6 appears to still be working properly and I tested my smtp server and it's still accepting messages so we're looking stable.

SP1 has some nice improvements such as being able to export a .pst file (very useful for archiving ex-employees for evidence), the rewritten OWA interface with lots of new features like server side rules, personal distribution lists, office 2007 support, etc.

And now you can change Send-As and Full Access rights from the GUI for those days when you just don't fell PowerShell-ish.



For details on the new changes, go to:
http://technet.microsoft.com/en-us/library/bb676323.aspx

Update 2/25/08: After applying SP1, the event logs are now starting to flood with Event ID:
8206 - EXCDO - "Calendaring agent failed with error code 0x8000ffff while saving appointmen". I went ahead and rebooted the server and that error went away. An odd issue occured with some recurring calendar entries. As users opened up invites and/or meeting entries in their calendar on monday, some of them ran into an error. This error triggered Exchange to do a repair/integrity check on their mailboxes and effectively locked them out of their calendar for a while. The corresponding error in the Application log looked like:

Event Type: Warning
Event Source: EXCDO
Event Category: General
Event ID: 8230
Date: 2/25/2008
Time: 4:49:12 PM
User: N/A
Computer: EXCHANGE_server_name_here
Description:
An inconsistency was detected in user@maildomain.com: /Calendar/Pinpoint Testing for blah blah.EML. The calendar is being repaired. If a problem persists, please recreate the calendar or the containing mailbox.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Everything appears to go back to normal after the ExchangeIS process finishes checking the mailbox out.

If this persists for a few days, I may have to take the Information Store down and run a manual Eseutil /G integrity check.
http://technet.microsoft.com/en-us/library/aa998361(EXCHG.80).aspx

Updated 2/27/08 - Calendar issues seem to have sorted themselves out during the first 2 days. Now I'm getting:

Unexpected error 0x50a occurred in "EcProcessVirusScanQueueItem"

After researching the web I see that it's not limited to Symantec as users of Trend, Forefront are also reporting the same error post SP1.

Dell Remote Console Switch 2161DS-2 and Vista SP1

Prior to SP1, I'd been having a heck of a time getting the Dell Remote console software for the kvm to work on Vista. Of course, this was to be expected as Vista wasn't even listed as a platform option for the downloads. Now after upgrading to SP1, the XP version of the software went right on and actually works properly. (version 3.1.0.320)