Exchange 2010 -- 17.11.2009

Prezentacija s predavanja o Exchange 2010 z dne 17.11.2009 je na voljo tule:

Exchange.ppt

Microsoft Exchange postavitev:
http://technet.microsoft.com/en-us/library/bb687782.aspx

Konfiguracija storage:
http://technet.microsoft.com/en-us/library/cc500980.aspx

Windows 2008 R2 Session -- 20.10.2009

Resources and scripts from presentation.

PowerPoint presentation.

Question from today:

Is it possible to have Windows XP boot from VHD.

The answer is no (well, at least it is not supportable). This is only supported on Windows 7 and Windows 2008 R2

More information on this can be found here.

My Bleeding edge presenation

Below you can download my presentation from this year's Bleeding edge conference.

Inside you can find link to e.g. Ste-by-Step guide to setting up NAP etc.

Bleeding Edge presentation

Creating DynamicDistributionGroup with -RecipientFilter

As any Exchange 2007 administrator knows, you get best features by using PowerShell.

In old version of Exchange (e.g. Exchange 2003), you could create dynamic distribution group where the members of the group would be users from specific Exchange server or Exchange Mailbox Store. This was very useful especially during migration since it was very easy to notify all the users in the store that their mailboxes will be moved over the night. One would only have to create a dynamic group with appropriate filter.

If you want to create dynamic group on Exchange 2007 you have very limited filters available in GUI.

To get the same results as we did on Exchange 2003 we need to use the PowerShell. The command we need to use is:

New-DynamicDistributionGroup –Name "All Users on Server Exchange" –Alias "AllonExchange" –RecipientFilter {(ServerName –eq "Exchange")}

This will actually create new dynamic distribution group named "All Users on Server Exchange" and users will be filtered by "ServerName".

If you open the dynamic group we just created in GUI you can notice it has an additional tab where you can check the filter that we created in PowerShell.


There are a lot of properties we can filter by. ServerName is just one of them. To get complete list of the properties check the Filterable Properties for the -RecipientFilter Parameter in Exchange 2007 SP1 and SP2.

Windows Server 2008 R2 -- 29.9.2009

www.krneki.net/blog/extras/PS.txt
www.krneki.net/blog/extras/Windows%20Server%202008%20R2.ppt

BitLocker Active Directory Recovery Password Viewer on Windows Server 2008 R2

When you try to install BitLocker Active Directory Recovery Password Viewer tool on Windows Server 2008 R2 you will receive an error saying »This update is not applicable to your computer«.

You can find BitLocker Password Recovery tool on Windows Server 2008 R2 under Features. You can install the tool by opening Server Manager and under »Add Features« look for »Remote Server Administration Tools« »Feature Administration Tools«. Here select »BitLocker Diver Encryption Administration Utilities« and follow the wizard.

Once install process completes you can open Active Directory Users and Computers and right click on domain level. You should now see »Find BitLocker Recovery Password…«

Note: If Active Directory Users and Computers MMC was running during the installation process, you will have to reopen the MMC console to see the new option.

Troubleshooting 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED error

When you run into 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED error on ISA it means that IP traffic is being forwarded to the network interface that is not expecting traffic from that IP address range. If you are using only physical network cards this should be easy to troubleshoot because ISA will log the interface name that is receiving network packets.

If you are using Enterprise networks on ISA Server Enterprise Edition and you run into spoofing problem on one of enterprise networks ISA will list name enterprise network which may not be directly linked to physical address.

In our case we have two possible paths (routes) that packet could take to reach the ISA server.

To figure out which router was forwarding the packets to the wrong interface I started Wireshark and made a network capture. For clarity I filtered the traffic by IP addresses of remote site that we wire connecting.


In network capture we can see MAC address of the router that is forwarding the network packets to the wrong network card (network card that is not expecting those IP packets). We can now use arp -a command on server to find out which IP address the MAC address belongs to and with this we tracked down the router.

Now that we knew which device was forwarding the packets we were able to fix the routes to ISA server and solve the problem.