Windows

Fix: No remote desktop license server is specified

After installing the licenses on your Windows 2008 R2 and upper for Terminal services and activated both the license and server you might have a popup message saying No Remote Desktop license server is specified. Also when you open the Remote Desktop Session Host Configuration you might see a similar message under the licensing diagnosis.

To fix this issue you must specify the Remote Desktop Services License Server. This can be done by the following:

Open the Remote Desktop Session Host Configuration from the Administrative Tools
Left click on the RD Session Host Configuration node
Double click on the Remote Desktop license servers
Add the server where the licenses have been installed

This should solve the issue and stop the message from showing (796)

Exchange

How to: Delete and re-create the Exchange ECP Virtual Directory

To delete the ECP virtual directory of your Exchange server and re-create it from scratch, you can use the below to get the identity of the virtual directory.

get-EcpVirtualDirectory |fl

Use this to remove the virtual directory in question

Remove-EcpVirtualDirectory -identity "MYSERVER\ecp (Exchange Back End)"

Create the new virtual directory use the below

New-EcpVirtualDirectory -externalurl "https://outlook.mydomain.com/ecp" -internalurl "https://myserver/ecp" -Server "myserver.mydomain.local"
(2105)

Exchange

Fix: Error 500 when loading Shell or ECP on Exchange 2013 SP1

After installing Exchange 2013 with SP1 you might notice that when you open the Management Shell, you will get a bunch of errors with mainly the error 500: Internal Server Error. This can also be seen when you try to access the ECP or OWA on the server in question. This issue is only on Exchange 2013 with SP1 and with Client Access role installed.

The culprit can be the following three:

#1 Time synchronization

On the Primary Domain Controller (PDC) do the below

net stop w32time
w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org
w32tm /config /reliable:yes
net start w32time

On the other DCs and servers do the following

net stop w32time
w32tm /config /syncfromflags:domhier /reliable:no /update
net start w32time


#2 Kerberos issues

Do the following on the effected servers to re-create the Powershell virtual directory.

Get-PowerShellVirtualDirectory -Server | Remove-PowerShellVirtualDirectory
New-PowerShellVirtualDirectory -Server -Name PowerShell
Get-PowerShellVirtualDirectory -Server | Set-PowerShellVirtualDirectory -BasicAuthentication:$false
IISReset

After virtual directory re-creation I have checked its modules in IIS and made sure, that Kerberos module is native and the path to its DLL is correct.

#3 WinRM Extensions

The feature might be missing, do the below to add the feature

Get-WindowsFeature *IIS* #to check if it is installed
Add-WindowsFeature Winrm-IIS-Ext # to install
(1966)

Exchange

How to: Remove Arbitration mailboxes from Exchange Mailbox servers

Sometimes you would like to uninstall a mailbox server or un-install a mailbox server but when you make the Get-Mailbox -Arbitration -Database DataBase1 you see some mailboxes there. These are there to prevent you from deleting the mailbox database or server. These are used by the Exchange server. You can either move or delete these mailboxes. If this is not the last mailbox server in your setup I would suggest you move them, otherwise delete them or you will not be able to uninstall the server.

Moving the mailboxes
Get-Mailbox -Arbitration -Database EXCHDB1| New-MoveRequest -TargetDatabase EXCHDB2

Disabling the mailboxes
Get-Mailbox -Arbitration -Database EXCHDB1| Disable-Mailbox -Arbitration

Deleting the mailboxes
Get-Mailbox -Arbitration -Database EXCHDB1| Remove-Mailbox -Arbitration -RemoveLastArbitrationMailboxAllowed

If you would like to re-create them, I would suggest the below

Setup.com /PrepareAD /IAcceptExchangeServerLicenseTerms
or
.\Setup /PrepareAD /IAcceptExchangeServerLicenseTerms (1412)

Windows

How to: Uninstall an application with Powershell using GPO

Sometimes you would need to automate an uninstall of an application through Group Policies (GPO). This can be done by running a PowerShell script. Firstly create a PowerShell script as below:

$appplication = Get-WmiObject -Class Win32_Product | Where-Object
{$_.Name -match "My Application Name"}
$application.Uninstall()

Save the file and create a new GPO and set the script to load by setting up the Computer Configuration/ Policies/ Windows Settings/ Scripts/ Startup.
(659)

Windows

How to: Set PowerShell execution policy to unrestricted using GPO

Most often when you have to execute some PowerShell scripts through the GPO and you end up with an error on execution saying that the Execution Policy does not allow you to run un-signed script.

So you would need to create a new GPO to set the Execution Policy. Create a new  GPO and edit it.

Goto Computer Configuration/ Policies/ Administrative Templates/ Windows Components/ Windows PowerShell

Double-click on Turn on Script Execution
Click on Enabled
Select Allow All Scripts

Move the GPO onto the respective OU, wait until the refresh or simple run gpupdate /force on the computers. (1035)

Exchange

Fix: Missing Server Configuration in Exchange 2010 management console

When opening the Management Console in your Exchange 2010 you might noticed the Server Configuration node missing. Also you might notice that when you open a mailbox you will not see the size and other information and you will get the yellow lock and no data is shown.

In most cases it would be because you have Outlook installed and you logged in with another user in Outlook. The credentials will be saved in the vault and it will try to log into the Management Console with that user. In fact when you launch the Management Console and click on the Microsoft Exchange On-Premises node, while loading you will notice it uses the user.

You would need to do the following:

– Open a command prompt using “Run as Administrator”
– Run the command “control keymgr.dll”
– Click “Back up vault” and follow the prompts to back everything up
– Remove any credentials related to the other user

After this, try to open the Management Console, if the problem persists a quick restart of the server will do the job. (544)

Exchange

How to: Remove duplicate items from Exchange Mailboxes using Powershell

During an Exchange migration you sometimes have the issues where users complain that there are duplicate entries of their calendar items. This is normal to happen and can be done directly from the server using Powershell . You will need to download the script here and then install Managed API 1.2 or later which can be downloaded here.

Remove-DuplicateItems.ps1 [-Mailbox] <String> [[-Type] <String>] [-Server <String>] [-Impersonation] [-DeleteMode <String>] [-Mode <String>][-WhatIf] [-Confirm] [<CommonParameters>]

The syntax is below:

-Mailbox is the name of the mailbox to process;
-Type determines what folders are checked for duplicates. Valid options are Mail, Calendar, Contacts, Tasks, Notes or All (Default);
-Server is the name of the Client Access Server to access for Exchange Web Services. When omitted, the script will attempt to use Autodiscover;
-When the Impersonation switch is specified, impersonation will be used for mailbox access, otherwise the current user context will be used;
-DeleteMode specifies how to remove messages. Possible values are HardDelete (permanently deleted), SoftDelete (use dumpster, default) or MoveToDeletedItems (move to Deleted Items folder).
-Mode determines how items are matched. Options are Quick, which uses PidTagSearchKey and is the default mode, or Full which uses a predefined set of attributes to match items, depending on the item class.

For this to work you need to setup the impersonation of the user which you will be running the script. This can be done as below for Exchange 2010

New-ManagementRoleAssignment -Name ImpersonationRole -Role ApplicationImpersonation -User administrator

-Name : Can be anything you put in, it’s just a name
-User: Is the user you will be impersonating as

On Exchange 2007 you can use the below command:

Get-ExchangeServer | where {$_.IsClientAccessServer -eq $TRUE} | ForEach-Object {Add-ADPermission -Identity $_.distinguishedname -User (Get-User -Identity User1 | select-object).identity -extendedRight ms-Exch-EPI-Impersonation}

More info on the script here (2266)

lync

Fix: Lync fails to connect with Exchange for calendar

On Exchange servers with Lync, when using Lync from outside the site using Lync Edge, you might have the problem that it works in case of instant messaging, but it will not connect to your Exchange setup to get the calendar or in some cases it will keep re-asking your credentials with no success.

This might be an issue of authentication which can easily be solved by changing the authentication method on the AutoDiscover folder on IIS.

Log into the Exchange server
Open IIS Manager
Expand the [Server Name]/Sites/Default Website
Click on AutoDiscover application
Click on Authentication
Right-Click on Digest Authentication and select Enable (1003)

LOGO1

Fix: ESXi health status showing unknown and cannot reset sensors

When ESXI 5.1 in vSphere is launched,  you click on the configuration tab and click the system health, you will get all gray question marks on the items and when you click the reset sensors you get the below error.

Call “HostHealthStatusSystem.ResetSystemHealthInfo” for object “healthStatusSystem” on ESXi “esxi_srv01″ failed.

To solve this issue you must go on the Configuration, click on the Security profile, click on the Firewall and click on Properties.

Find the CIM-SERVER entry, click on the Options and Restart the service.

Close the vSphere and re-open it. Try to reset the Sensors. (1225)