Squiggle dot org

During the testing of Hyper-V live migration on a freshly built failover cluster (2008 R2), all seemed to work well apart from one Linux (CentOS) VM. It had been running fine on a single Hyper-V server with the integration components installed, however when I tried to do a live migration it failed, not giving much clue why.

Moving the VM to the other node and starting it using the Hyper-V manager, generated the following error…

‘SV04′ failed to start.
Microsoft Emulated IDE controller (Instance GUID): Failed to power on with error ‘a device attached to the system is not functioning’

Failed to open attachment: C:\ClusterStorage\Volume1\Hyper-V\Virtual Hard Disks\SV04.vhd. Error – A device attached to the system is not functioning. (0x8007001F)

After some investigation, I found that the VM would only start on whichever cluster node was the owner of the CSV (Custer Shared Volume). I later discovered that disabling the AV (Sophos in this case) on the node that wasn’t the CSV owner resolved the issue – Odd, as I had added an exclusion for scanning on c:\ClusterStorage\*, seems that the exclusion didn’t quite work with it being CSV due to the way it links into the filesystem… Adding an exclusion for *.vhd, then renabling the AV fixed the issue.

A large percentage of my users access their corporate email and calendars via their iPhones, ActiveSync and Exchange 2007/2010. I started looking into the possibility of a solution where I could remotely wipe the devices when they get lost/stolen/eaten – turns out I already had the functionality but never knew it!! If you’re users have access to Outlook web access they can even do it themselves!

EMC: Fire up the Exchange management console, navigate to recipient config, then mailbox, and find the user that left their phone on the train. Select manage mobile phone from the actions pane. You can then select to remote wipe the device.

OWA: As I mentioned, users can do this themselves… Log into OWA, navigate to options, then phones – you’ll see all your mobile devices, and also a wipe device option. Fantastic!

After migrating to Exchange 2010, a small number of users couldn’t get thier iPhones to sync with Exchange, depite managing to verify the account in the iPhone setup. The thing ther users had in common, was that there were created as Administrators by an old SBS2003 system.

When trying to view the inbox from the iPhone, the following appeared in the application log on the exchnage mailbox server…

Exchange ActiveSync doesn’t have sufficient permissions to create the “CN=Freg Smith,OU=Users,OU=XXXXGroup,DC=XXXX,DC=local” container under Active Directory user “Active Directory operation failed on XXXXXXXXXX. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS)

This problem is Exchange not having access rights to the user object in active directory, as the SBS account creation tool disabled this for Admin users. To fix the issue, goto the propeties of the user in question in Active Directory Users & Computers, navigate to the security tab, then advanced button, and tick the inherit permissions box. This will allow the required permissions to apply to the user, and mail should start syncing!

There used to be an auto logoff screensaver (winExit.scr) in the Windows 2000/2003 resource kit, although it doesn’t appear to play too well with Windows 7/Vista. I needed the functionality that this provided for the systems in our meeting rooms, as people have a habit of leaving the systems logged on in there then leaving the room!

As I couldn’t find anything (for free!) that did this, I thought it was time for a bit of D.I.Y! So here we have my AutoLogoff Screensaver for Windows 7/Vista. Dead simple, drop in your C:\Windows\System32 folder, then probably use group policy to force it onto certain machines, or the local policy with gpedit.msc! Dims the screen like a UAC prompt in order to try and get the users attention a bit more, there’s no configurable options at the moment, just 60 seconds warning until logoff. If I get alot of requests I might add some additional funtionality, but it’s serving my requirements now, so I’m happy ;)

Download – AutoLogoff_v1.2.zip (144KB)

Need to accuracy find out when the OS was installed on a Windows system? Try the following command:

> WMIC OS GET InstallDate

Should return you a date in the following format: 20100202101833.000000+000

The default forms based login for OWA (Outlook Web Access) on Exchange 2010 requires users to login with the username in ‘DOMAIN\Username’ format. Show stopper for most of our users – they just type thier username on its own every morning, and won’t read the instructions. If you’re running in a single domain, you can set the default domain using the Exchange Management Console.

Navigate to ‘Server Configuration’ > ‘Client Access’, select your client access server, then the OWA tab below, right click on your OWA entry then view the properties. In the authentication tab of this window, you can select the logon format… Select username only, specify your domain, click ok – you’ll need to restart IIS for the change to come into operation.

Or you can do it even more quickly with the Exchange PowerShell:
Set-owavirtualdirectory -identity “owa (default web site)” -Sign-inFormat UserName -DefaultDomain “Home.local”

Super quick way to move DHCP onto a new server…

On the old server:
netsh dhcp server export \\server\share\dhcpConfig.dat all
net stop “dhcp server”
sc config dhcpserver start=disabled

On the new server:
Install DHCP role
netsh dhcp server import \\server\share\dhcpConfig.dat all
net stop “dhcp server”
net start “dhcp server”

Goto DHCP management tool on the new server and double check the new server is authorised, right click and authorise if it isn’t! Also, don’t forget to properly uninstall the old DHCP server service using add remove windows components, so that it cleans up active directory and it doesn’t remain as an authorised server when the box is fully decomissioned!

Prerequisites for this upgrade/migration are that the SBS 2003 server must be at SP2, with Exchange 2003 also at SP2. In addition to this both your domain functional level AND forest functional level must be running at 2003 native (This is the highest available on SBS 2003 SP2). Finally, your Exchange organisation must be running in 2003 native mode. Read the rest of this entry »

While trying to deploy the WPKG client onto newly built systems, I kept encountering the following error:

“There is a problem with
this Windows Installer Package. A program run as part of the setup did
not finish as expected. Contagt your support personnel or package
vendor.”

I was trying to install using the MSI with a specified settings.xml file using the following command:

msiexec /qb! /i wpkgclient1-3-6.msi SETTINGSFILE=\\server\wpkg\settings.xml

Looking at the windows installer logs, it appeared that the problem was with the settings file, after checking it was valid XML, I found out that if full paths with drive letters were specified (Z:\settings.xml) it installed fine!

Odd.

When using Windows SIM (System Image Manager), which is part of the Windows AIK (Automated Installation Kit) you might run inthe the the following error when you try and load a .WIM image…

“Windows sim was unable to generate a catalog”

Chances are that you are trying to open a .WIM image from the $RemoteInstall share. In this folder structure the WIM’s are slightly different as they incorporate metadata and a .RWM that contains the image data. The easy way around this is to fire up the Windows Deployment Services MMC, then find the image, right click and export to somewhere else. You should then be able to create a catalog using the newly exported .WIM.