Archive for July, 2010
Security warning when you start Outlook 2007 and then connect to a mailbox that is hosted on a server that is running Exchange Server 2007 or Exchange Server 2010: “The name of the security certificate is invalid or does not match the name of the site”
I ran into an issue where I had imported a SAN certificate into my exchange organization. Once I had imported it I started to get outlook SSL warnings. The issue was that the internal URLs for many of the services outlook connects to were setup with my internal server domain IE host.internaldomain.com. Now I was faced with an issue where I could not get another SAN cert to encompass the host names of my internal domain, because the Domain admin previous to me named the internal domain of a legitimate domain and we did not own that domain. ie internal domain is contoso.com or yahoo.com these domains are owned by someone else thus no SAN cert will be issued. The way around this was I changed the internal URL entries for multiple virtual directories, and created a DNS look-up zone. I found A KB article that shows how to do this.
Mail contacts or mailboxes now showing up in GAL
I came a cross an issue where mail contacts and some mailboxes where not showing up in the Global Address List. The funny thing was they showed up in in Outlook Web Access (OWA). The reason this was happening was our outlook clients were running in cached mode and were using the Offline Address Book for GAL look ups (OAB). All I had to do was just update the OAB on the exchange server and hit send and receive from the client machine.
The command you use is below Use the Exhange Management Shell (EMS) to do these
To Update a particular OAB use the below command
Update-OfflineAddressBook “Name of Address Book”
To update all OABs use the belwo command
Get-OfflineAddressBook | Update-OfflineAddressBook
SCOM 2007 install error “Invalid Management Group name
delete
HKLM\Software\Microsoft\Microsoft Operations Manager
powershell script not digitally signed will not execute
Signing PowerShell Scripts
Execution Policies
PowerShell has four execution policies that are Restricted, AllSigned, RemoteSigned, and Unrestricted.
PowerShell is configured in “Restricted” execution policy by default. The Restricted policy will not allow any unsigned scripts to run. If you need to run a powershell script that is not signed then you need to change the policy powershell uses to “Unrestricted” . To do this run the below powershell command on the server that is having the issue.
Set-ExecutionPolicy Unrestricted
How to unseal a management packs in Operations Manager 2007 R2
This article will be about how to convert the MP format to XLS so we can work with it.
I found a script from a person named Boris Yanushpolskyhis blog post is here http://blogs.msdn.com/b/boris_yanushpolsky/archive/2007/08/16/unsealing-a-management-pack.aspx
Pretty much we need to run his script and import it into Operations manager.
Script is
param($mpFilePath,$outputDirectory)
$assembly = [System.Reflection.Assembly]::LoadWithPartialName(“Microsoft.EnterpriseManagement.OperationsManager”)
$mp = new-object Microsoft.EnterpriseManagement.Configuration.ManagementPack($mpFilePath)
$mpWriter = new-object Microsoft.EnterpriseManagement.Configuration.IO.ManagementPackXmlWriter($outputDirectory)
$mpWriter.WriteManagementPack($mp)
Name the script MptoXml.ps1
Run this command:
powershell d:\MpToXml.ps1 -mpFilePath:’d:\Microsoft.Exchange.Server.2003.Monitoring.mp’ -outputDirectory:’d:\’
Changing RDP port in Windows server
1. Start Registry Editor.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
3. On the Edit menu, click Modify, and then click Decimal.
4. Type the new port number, and then click OK.
5. Quit Registry Editor.
And that’s it. Just make sure if you have a windows firewall or another software firewall enabled to allow the new port to connect.