Microsoft is providing lots of books, white papers and articles on MOSS configuration and deployment for free. We as a MOSS consultant use these resources in most of the projects as a baseline for architecture. Below link contains a complete list of all downloadable contents available on MOSS, this list is continuously updating by Microsoft for covering new versions and service packs;
Saturday, May 30, 2009
Friday, May 29, 2009
Last week i faced an issue. whenever i mail enable any public folder and then double clicked it in exchange management console for setting email address, i am getting following error
“The mail proxy for this folder can not be found. This may be due to replication delays. The mail enabled pages will not be shown.”
After some time following event is logged in the event viewer;
Event Type: Warning
Event Source: MSExchangeIS
Event Category: General
Event ID: 9543
Unable to create Public Folder proxy object for folder "XXXX" in the Active Directory.
After some search i found one KB (http://support.microsoft.com/kb/327841) suggesting following fix;
“This issue may occur if the Microsoft Exchange System Attendant service is not set to start under the local system account.”
I checked System attended service and found that it is configured under local system account which is a correct configuration. After lots of search i found nothing and all searches are directing towards the same article.
Because all peoples are pointing towards the same system attended service so i thought why shouldn’t i restart the service and see. I restarted the service and then again checked one recently mail enabled folder but the issue is same then i mail disabled it and then re-enabled it and guess what the issue gone! i it seems that there was some issue and system attended service is not communicating properly with active directory which has been solved after restarting the service.
Recently i faced a very strange issues regarding Citrix sessions. Users are complaining that they are getting very slow response whenever they open Citrix website from web interface. After initial analysis it has been noted that there is almost 3 minutes delay in displaying web interface page after successful authentication. After further analysis and also getting help from Citrix support it has been found that there is no reverse DNS zone entry in DNS servers for Citrix severs subnet. Because the environment is new and the application which is facing problem is the first application, so the issue has not been identified before. After entering Citrix Servers Subnet in reverse lookup zone the performance is dramatically increased and the web interface page is now opening in seconds.
As per Citrix support “You have a DNS resolution issue on the WI server just when the client machine send the login information to WI, the WI box does a DNS query to 10.201.X.X which fails for X.X.201.10.in-addr.arpa. after several DNS queries exchanges with different DNS servers, a NetBios call succeed to return 10.201.X.X and then the Citrix XML communication starts.” (They have also told us to disable SNMP which was not enabled because we are not using it)
Following tests has been conducted in order to narrow down this issues;
1. Network trace on the workstation.
2. Network trace on the XML broker server.
3. Network trace on the web interface server.
4. CDF trace on below modules on XML broker server:
5. CDF trace on below modules on Zone Data collector server :
For CDF tracing CDF Control Application is required which can be downloaded from following link;
Wednesday, May 27, 2009
Yesterday i cleared my MCTS exchange 2007 Configuration exam. The Exam was properly designed and most answers required experience and hands-on. Preparation of any exam always give you an overview of the complete product and normally one gets to now the features which he normally ignored in day to day operations.
For this exam preparation i used following items;
1. MS self paced guide.
2. Virtualized Exchange 2007 Environment.
3. TechNet Exchange Articles.
4. Practice Tests.
MS self paced guide are very well written and normally it gives you 70% preparation rest is your practical experience and TechNet research.
Thursday, May 21, 2009
I have one of the requirements from my regional Admins to allow mail relay for their regions. Mostly they want mail relay for;
1.local exchange or SMTP servers.
2. Printers and scanners wants to send emails
3. Devices and Application servers wants to send alert notifications.
4. Some of the devices and servers only support Anonymous permissions settings.
In order to provide this functionality, i can create a site specific receive connector on HUB and allow only their specific server IPs to allow relay emails, but there is a problem, i don't have any control on their site and server security and allowing relay directly to HUB server means their communication is directly terminating to our Enterprise/Business zone which is a high security risk. I thought why shouldn’t i use my edge servers sitting in DMZ zone and allow relay from them? . I have checked connectivity of these sites from DMZ and found that i can reach them. I was researching on it and had also discussed it with one of my friends (Nicolas Blank, an expert in exchange configuration and migration) he also agreed on my idea and had guided me to following article
After reading this article i am now more confident about this configuration, I think that in a scenario where we don't have any control on remote site security and we have a demand to open anonymous security then its better to open relay on edge servers rather then on HUB servers.
I was working on one project and wants to get some details regarding AD schema, luckily i found following link contains plethora of information about AD schema and also discussing how Microsoft itself is managing their schema, check it out;
Monday, May 18, 2009
I was researching on some public folder stuff and luckily found a very good Microsoft TechNet article on same. check out the link;
Sunday, May 17, 2009
If you want to enable external emails (hotmail, yahoo etc) to public folders then you have to make sure that anonymous permissions on PF is set to contributor. vice versa if you want to disable external emails to any PF then you have to set anonymous permissions on any PF to none.
Tuesday, May 5, 2009
Yesterday i reviewed Gartner report on UC and found it very informative and interesting. following is the link;
Monday, May 4, 2009
Most of the time we face lot of complains that users are not able to access their emails on outlook or exchange is not responding, in most of the cases client's outlook has some problem and users don't realize it. Following are some of the steps which will be handy in troubleshooting these types of issues and also narrow downing the problem scope;
Test 1 : Testing OWA:
1. Get the troubled user user id and password and test from OWA or ask him to open his mailbox via OWA.
2 . or create a test Mail account and Access OWA from it to verify that Exchange is working fine and user is able to access their emails.
If OWA is working fine then we have to concentrate on Client side troubleshooting else we have to look at the server side and check CAS servers and ISA severs (If reverse proxy is in use) (i will discuss server side troubleshooting in my next blog).
Test 2: Deleting Addins Registry Keys:
1. Logon to a troubled user machine.
2. Navigate to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\Client\Extensions (If it exists)
HKEY_CURRENT_USER\Software\Microsoft\Exchange\Client\Extensions (If it exists)
3. Export the keys (for backup purpose), right click each subkey and click Delete.
Test 3: Configure Selected Startup:
1. Go to Run and type msconfig.
2. Select Selective Startup in General Tab.
3. Click to clear Process SYSTEM.INI file, Process WIN.INI File and Load Startup Items.
4. Click tab Services and select option Hide All Microsoft Services, and click button Disable All and click OK
5. Restart computer.
Test 4: Check if issue is occurring in Cached Mode:
Create a Outlook profile with Exchange cached mode and then test.
Test 5 : Check if issue is occurring in Online Mode:
Change Outlook profile in online mode, and open Outlook again and then test.
Test 6: Configure outlook profile for using RPC over HTTP:
1. Open outlook profile configuration and select Connections Tab
2. In the outlook Anywhere selection check connect to Ms exchange using HTTP.
3. Enter OWA address in exchange URL text box.
4. Assuming that user is sitting in a LAN environment, select “On Slow networks, Connect using HTTP first, then connect using TCP/IP.
5. Select Proxy server authentication settings based on your exchange server configuration.
6. Click OK.
7. Close Outlook completely. verify that there is no outlook.exe process visible in task manager.
8. Launch outlook again.
9. Hold control and press right click on outlook icon in system tray.
10. Click on connection status and verify that all connections are established by using HTTPS protocol not TCP/IP protocol.
Test outlook by sending and receiving emails. If this works then it means there might be some TCP/IP (RPC) communication problem between your client and server. You have to involve your network team and verify that if there is any network device causing issue or playing with the TCP/IP settings or TCP/IP packets.
Today i faced a very complex problem. My Clients were complaining that they are are getting Citrix Protocol Driver Error. After initial troubleshooting i found that there were some http errors on my web interface servers. I restarted IIS on WIS but no luck. I restarted IMA service on Presentations servers but issue still remained same. It was strange that i am getting this error for all Applications published on different servers this means that this error is not server dependent. i have tried Citrix article http://support.citrix.com/article/CTX106531 published on same issue and also tried disabling Session reliability http://support.citrix.com/article/CTX108439 but no luck. My Citrix environment consists of 2 Access gateway servers, 2 Web interface servers, 4 presentation servers and 1 license servers and we are using Netscaler device for load balancing. For narrowing issue i have disabled one web interface server from Load balancer and configured application to use only one presentation server but it didn’t solved the problem. I also restarted whole farm but no luck. Then i focused on Access gateway appliance and removed 1 appliance from Load balancing but issue remained same after that i enabled 1st device in Load balancing and removed second device from load balancing then after test i found that the issue is not occurring again and it is solved. I then logged on to the the troubled access gateway and found that this sever is not able to connect to the license server also this server is not configured to accept connections on port 80 only https. i am not sure why the sessions are not going to the other Access gateway which have correct configuration. I have to still fixed the licensing server connection issue but till now i haven't got any complain from the user.