Search This Blog

Monday, May 9, 2011

Error -18596 / HTTP Error. The resource is not found

These are the steps to update existing Entourage 2008 clients to the Web Services Edition.

Step 1 : Make sure that the existing version of Entourage is version 12.2.9. You can install Office 2008 updates by clicking on the Help > Check for Updates menu, in Entourage. Then use the Microsoft AutoUpdate utility to download the latest updates, to bring the version to 12.2.9.

Step 2 : Download the Entourage 2008 Web Services Edition from http://www.microsoft.com/mac/downloads . This is found under the Office 2008 downloads section.

Step 3 : Quit Safari and Office applications and run the update installer. After installing the Web Services Edition, launch Entourage and in the Setup Assistance, choose ‘Import from a previous version of Entourage’. In the next screen select the version as ‘Entourage 2008’. Select all the mail items when importing information. This will import information stored in the local folders, under ‘On My Computer’.

Step 4 : If an Exchange account is imported, you will need to modify the Exchange Server settings, in the Account Settings of Entourage 2008.

In place of https://mail.domain.com/exchange/emailaddress use https://mail.domain.com/EWS/Exchange.asmx.

Sunday, January 16, 2011

After you apply Exchange 2007 Service Pack 3 - replace your self-signed server certificate

Even though your services will not be interrupted with an expired server certificate. It is recommended that you replace you invalid/expired cert to eliminate the error messages logged in your eventviewer and also your monitoring agents like SCOM.
If you're running Exchange SP1 or SP2 then your self-signed certificate will only be valid for one year. After you've applied Exchange SP3, then your self-signed cert will be valid for 5 ye
ars.

Using your Exchange Powershell type the following command:
get-exchangecertificate | fl


Copy the thumbprint of your current certificate and paste it into the following command:
get-exchangecertificate "01CFFAA6076D0379DCEE94AE1CB777FDF8012817" | new-exchangecertificate

Again - type: get-exchangecertificate | fl (this will show you both certs)

Your old cert will have IMAP, POP, IIS enabled for
its services, have a cert valid for only 1 year and is most likely invalid.

Your new cert will have IMAP, POP enabled for its services, have a cert valid for 5 years and will be valid.

Now....you have to enable the service IIS for your new cert or you will not be able to view the new cert in IIS (inetmgr.msc).

Type the following command to enable the IIS service for your new cert:
Enable-ExchangeCertificate -thumbprint "4E9D9897E4145A47620FF6C08EAA3B1B991EB64A" -service iis

To remove your old cert, type the following command:
remove-exchangecertificate -thumbprint "01CFFAA6076D0379DCEE94AE1CB777FDF8012817"

Type the following command to make sure you old cert has been removed and that IIS has been enabled on your new cert:
get-exchangecertificate | fl

This is what the final results should look like:













At this time you should do an iisreset to apply the settings. Type the following command:
iisreset

Here comes the important part. There is a bug when you enable the cert, in that when you enable the service IIS, the setting doesn't always apply. When you perform an iisreset you should also do another get-exchangecertificate | fl to make sure the IIS service is still enabled for your cert. In some cases you will have to close your powershell session, start a new powershell session and perform another iisreset.

If you perform ssl offloading on your load balancer, firewall or ISA server, then you need to into your IIS, go to the properties of your 'default web site', select the 'directory security' tab and go down to 'edit'. Deselect 'Require secure channel (SSL)' and click 'ok' to close the window, click 'ok' one more time to close IIS. If you get prompted to propogate the settings down to other virtual directories, simply click 'cancel'






















From the command prompt perform an iisreset. Check one more time to make sure the 'Require secure channel (SSL)' has not been enabled again (this does happen).


Wednesday, January 5, 2011

Simplified - How to deploy AD for Windows Server 2008 R2


With the Windows 2008 life has become somewhat simpler. Although I don't have that much love for Powershell (I'm getting there), it can be handy running some simple tasks when deploying a new server.
Here are the steps needed to deploy Active Directory on Windows 2008 R2:
1. Install a default installation of Windows 2008 R2 Enterprise x64

2. From the Server Manager, Turn off Windows Firewall, enable Remote Desktop – Allow connections to computers… (less secure). Note - this is optional

3. Rename your server to the appropriate name and restart the server.

4. From Powershell run the following command:
a. Import-Module ServerManager
b. Add-WindowsFeature Telnet-Client, NET-Framework, RSAT-ADDS –Restart


Install Active Directory Domain Services and run DCPROMO
1. After the server has restarted go to Start --> Run and type DCPROMO

2. Click Next twice, under Choose Deployment Configuration, select Create a new domain in a new forest and click Next.

3. Under Name the Forest Root Domain type the full domain name, example: bizcorp.local

4. Set the forest functional level to Windows Server 2008 R2 (only if you're running windows 2008 r2 exclusively)

5. Accept default (DNS) and click Next. If you get a warning message about …delegation for this DNS server…, click Yes.

6. Click Next for the Active Directory paths

7. Enter a secure password for the Directory Services Restore Mode Administrator Password and click Next twice.

8. After the server has finished installing Active Directory, click Finish and reboot the server.


Add Reverse Lookup Zone for Your Domain

1. Start the DNS Management Console (DNSMgmt.msc)

2. Right-click Reverse Lookup Zones and select New Zone

3. Accept all the defaults

4. On Reverse Lookup Zone Name enter the network ID for your network (e.g. 192.168.1.x), click Next

5. Allow Only secure dynamic updates… click Next and Finish


Some additional notes:
When deploying an AD server there are many different ways of setting up your server.
1 - If you have two disks - configure them for RAID 1 (mirror). This way, if one hard disk fails, you'll have a backup.
2 - Consider 64 bit multiprocessors over 32 bit multiprocessors. This is more applicable to larger environments where you need more than 4gb of memory.
3 - If you have four or more disks, you can have two RAID 1 configurations where your pagefile, sysvol and netlogon folders can be on the second partition.

Friday, December 24, 2010

My first blog...

Hi Guys,
This is my first blog in about 4 years, when I was traveling for my work. Back then, I was posting interesting thoughts about each country that I visited. Since I don't travel that much anymore, I have more time to focus on my craft itself; Microsoft based solutions.
Some would argue about the quality of product that Microsoft has to offer and I'm really no different. But, since this is really the only vendor I truly know and not everything from Microsoft is crap - this has become my profession.
This blog will focus on my experience with a variety of different Microsoft applications, which include, but not limited to: Exchange (hosted and enterprise), Servers (all flavors), Networking, Clustering, Powershell, VBS, DPM, SQL, Virtualization, SCOM and much more. I will also talk about architecteral designs, scaling, redundancy and building enterprise class systems.
I hope that you can find use in the information I provide and provide me with feedback as well.
If you have any questions - you can reach me at "pderover at network-earth.com"
Patrick deRover