How to: Disable Windows Firewall on client computer in SBS 2008 onwards domains

When having an SBS or Windows Server environment, where on SBS it’s by default to enable Domain Firewall settings, you might need to disable them. So, to do this you would need to look at 3 GPO’s from the Group Policy Management.

These can be found under the Forest/Domains/Your Domain/Group Policy Objects.

The policies you should check are:
Windows SBS Client – Windows 7 and Vista Policy
Windows SBS Client – Windows XP Policy
Windows SBS Client Policy

These are the items to edit:

Computer Configuration | Policies | Administrative Templates | Network | Network Connections | Windows Firewall | Domain Profile | Protect All Network connections

This is enabled by default to restrict users from changing firewall rules and settings. If you want to disable this for users who are not in the domain use:

Computer Configuration | Policies | Administrative Templates | Network | Network Connections | Windows Firewall | Standard Profile | Protect All Network connections

Computer Configuration | Policies | Administrative Templates | Network | Network Connections | Prohibit use of Internet Connection Firewall on your DNS domain network

There are some other options the policies mentioned above, it’s to your descretion to what you want to disable or enable.

Note to run the command GPUPDATE /FORCE on the server and then on the PC’s to make the changes immediate. Ideal for testing, or else wait for 90 minutes for the changes to make effect.

How To: Flush DNS on Mac OS

To flush the DNS on a Mac Device, you have to go through the following steps:

Open Finder
Open Applications under Favorites
Open Utilities
Open Terminal

Enter the following commands:

sudo dscacheutil -flushcache
sudo killall -HUP -mDNSResponder

This should clear the DNS cache.

Fix: eDOCS cannot run macro DEEOpen when opening an Excel file

When using OpenText eDocs and opening an Excel file, when Excel opens it will pop up a message saying “Cannot run Macro DDEOpen”. I had this issue and after further investigation I found this small fix that will solve this problem.

Go to File > Excel Options > Add-ins
On the bottom there is the Manage
From the list box, select Disabled Items and click Go
You should see some items in that list, make sure you select those that are related to DM and click on enable.

After this just restart DM and excel and it should work.

How to: Setup the initial IP address for Cisco NSS322

When plugging in the Cisco Smart Storage for the first time, setting up the IP Address can be a bit tricky and the setup CD isn’t quite plain and simple. So to setup the IP address manually plug in a monitor and a keyboard to the device and once the login process comes up, use the default username and password i.e. admin/admin.

Once you log in, type the following to set the IP Address:

ifconfig eth0 192.168.1.5 netmask 255.255.255.0 up
ifconfig eth0

You should see the IP address configured and all there is now to do is enter the address https://192.168.1.5 in your browser and access the web interface of the device.

Fix: Exhcange 2010 Error 451 4.4.0 Error DNS Query Failed

There seem to be an issue with Windows SBS Small Business Server 2011 or Windows Server 2008/ R2 running both Exchange 2010 SP1 Rollup 3 or 4. This has happened many times and gone through the Exchange and router configuration many times with no success. Here is the simple workaround to this teething issue. The issue seems to be a bug from Microsoft where if you have IPV4 along with IPV6 enabled. The IPV6 will be used to resolve the DNS when sending an email. This will fail and the user will either get a delivery report or a delay report.

To solve the issue, simple do the following:

– Open the ‘Exchange Management Console’
– Expand the ‘Server Configuration’ node
– Right Click and select ‘Properties’ on teh server in the content window (This will popup the server’s property window)
– Click on the ‘External DNS Lookups’
– Select ‘Use These DNS Servers’ radio button and add the external DNS IP addresses of your ISP
– Click on the ‘OK’ button to save the configuration
– Expand the ‘Organization Configuration’ node and click on the ‘Send Connectors’ tab
– Right click on your send connector and select ‘Properties’
– Click on the ‘Network’ tab
– Tick the option to ‘Use domain name system (DNS) MX records to route mail automatically’ and make sure to tick the ‘Use the External DNS Lookup settings on the transport server

This should solve the problem and it will process all the mail in the queue of Exchange. Of course depending if you have the right configuration and ports open from the router.

How to: Disable WSUS on Windows 2003 SBS

Sometimes when you don’t need a service on your server, especially on SBS it’s a bit tricky since everything is embedded in the installation. One may notice that you might have a repository of more than 10Gb without knowing and here’s how to stop it. For Windows 2003 server, you might do the following to have a clean stop of the WSUS (Windows Server Update Services) service.

Stop the Update Service from the services.msc or from Administrative Tools/Services
Also set the service as disabled.

Also you might look into the Group Policies for your OU (Organizational Unit) so that the PC’s are not pointing to the server for Windows Updates. Open the Group Policy Management from the Administrative tools or just run gpedit.msc and check if the update service location is set. Remove if specified.

Computer Config -> Administrative Templates -> Windows Components -> Windows Updates -> Specify intranet microsoft update service location

This should stop the WSUS service from running. Also you might either remove or archive the files in the WSUS repository to free up some space.

How to: Execute SQL Stored procedure from command line

When coming accross SQL Express editions, you will not be able to set a job in the Agent to execute a stored procedure. I usually do custom stored procedures to run them on Express editions.

There is a way to execute them by using the SQLCMD command

sqlcmd -Q "exec myprocedure" -S mysqlserver -d fromthisdatabase -E -o C:\log.txt

This will execute your stored procedure and you can put it in a batch file and schedule it in the Task Scheduler

How To: Configure Windows Server Backup for Hyper-V VSS Writer

To setup the Windows Server Backup in Windows 2008 upwards, to support the Hyper-V VSS writer, one must follow the following steps.

After installing the Windows Server Backup and it’s Command-line tools under the Features section in the Server Manager, follow the follwing steps:

Open Command Line or type CMD.EXE
Type VSSADMIN List Writer >C:\vss.txt

Note: This will save a text file with all the VSS information.

Open the VSS.TXT and find the Writer GUID from the section Microsoft Hyper-V VSS Writer
Copy the GUID to the clipboard
Open Registry Manager by running REGEDIT.EXE
Find the following key:

HKEY_LOCAL_MACHINE\Microsoft\Windows NT\CurrentVersion

If there isn’t a key WindowsServerBackup, create it. Then under it, create another key Application Support. Under that, creat a new key with the GUID of the VSS Writer we copied from the text file.

An example of the GUID is 11234CD5-6AEF-5A6C-8A25-FD15C8AD43D4

After you have created this key with the GUID, Create a new value under it calling it Hyper-V VSS Writer. Make sure it’s of type REGSV using a String Value.

Some notes when it comes to restore:

When affecting restores make sure you select application based restore.
You will not be able to restore a file from a Virtual Machine, you will have to restore all the machine.

Fix: The requested HTTP URL was not available when Exchange 2010 Management Console is opened

Whe opening the Exhange 2010 management console i.e. EMC once may see the below error:

Connecting to remote server failed with the following error message : The WinRM client sent a request to an HTTP server and got a response saying the requested HTTP URL was not available.

This seems to be an issue with the IIS port 80 bindings. On my server I managed to fix it by removing any bindings of port 80 and do them again.

Open IIS, and then right-click on tye Default Web Site.
Click Edit Bindings.
Remove the bindings with port 80 and set the value of All Unassigned for the IP address.
Restart IIS

In my case this solved the problem. Also I found the below just in case you have multiple sites.

You are running multiple websites.
You try to set up a redirect, for example, to https://mail.contoso.com/owa by requiring Secure Sockets Layer (SSL) on the Default Web Site.
You create another website to do the redirect back to the SSL-enabled website.

Windows Remote PowerShell requires port 80 to be available on the Default Web Site. If you want to set up an automatic redirect to /owa and redirect http requests to https, follow the instructions in the section, “For a Configuration in Which SSL is Required on the Default Web Site or on the OWA Virtual Directory in IIS 7.0” on the following Microsoft website:
Source: http://technet.microsoft.com/en-us/library/aa998359(EXCHG.80).aspx

Fix: NTBackup fails with 0x8004231f on Windows 2003 Server

When attempting to make a full server backup with Shadow Copy and everything, you may notice the error 0x8004231f whenever you try to affect a backup on your server. This is 99% due to space on one of your hard drives. There is not enough space for the Volume Shadow Copy to create a shadow copy of the files in the drive.

The full error looks like this:

Volume shadow copy creation: Attempt 1.
Error returned while creating the volume shadow copy:0x8004231f.
Error returned while creating the volume shadow copy:8004231f Aborting Backup

To fix this, you may want to either delete or move unecessary folders or files from the drive in question… or look at the Volume Shadow Copies configuration.

Right-Click on the drive and select Properties
Click on the Shadow Copies Tab
Click on the drive you are having problems
Click on Setting button

At this stage you may review the Shadow Copy storage use by increasing or decreasing the limit in MB. Once you have enough disk space for the Shadow Copy on the drive in question, run the NTBackup again and it will not cause any issues.