Spuddy

Forum Replies Created

Viewing 30 posts - 1 through 30 (of 45 total)
  • Author
    Posts
  • Avatar
    Spuddy
    Member

    Re: Win2012 Dedicated Server – One Nic – Multiple VMs – Multiple WAN IP’s?

    Ser Olmy;279385 wrote:
    You don’t assign any of those IP addresses to the hypervisor itself, but to the virtual NIC of the firewall VM connected to the external bridge (which provides bridged access to the physical network).

    I understand that. The local physical NIC becomes Hyper-V extensible switch (or similiar?), I have added all four IP’s to the external vEthernet nic.

    Should my Virtual Firewall now be able to see those and NAT them through to private addressed VMs?

    Avatar
    Spuddy
    Member

    Re: Win2012 Dedicated Server – One Nic – Multiple VMs – Multiple WAN IP’s?

    Thanks for your response. Much appreciated.

    To answer a few of your concerns.

    • Agree on the Windows Firewall front, I will install a third-party firewall in it’s place.
    • RDP will not be open to the HyperVisor. In fact I will probably close all ports to the hypervisor itself; I have IP KVM access to the box.
    • No one will be browsing the web from the hyper-visor itself.
    • It will be kept upto date with scheduled weekly updates or where neccesary more frequently.

    Another question for you. So the Hypervisor has one physical nic only, which has a static “internet facing” IP. I have added the 3 other IP addresses that the ISP have provided to the NIC as well (advanced->IP addresses), all have the same subnet mask and gateway.

    How would I present those IP addresses to the VM’s, or more likely to the Linux Virtual Firewall to NAT through to the VM’s private IP addresses?

    Any help would be beneficial.

    Avatar
    Spuddy
    Member
    in reply to: Dedicated Server Advice. #363879

    Re: Dedicated Server Advice.

    Thanks. So as I understand it; I could do something with virtual switches whereby

    Quote:
    Hypervisor (Basic windows firewall, no services running apart from Hyper-V)

    |

    Hyper-V Virtual Firewall (Two network cards, one external, one internal)

    |

    Exchange and DC. (Internal private addresses) NAT for external access.

    Would a debian based firewall work for the virtual firewall. Thinking like pfsense, untangle or similar?

    Avatar
    Spuddy
    Member
    in reply to: Second Exchange Server. #363878

    Re: Second Exchange Server.

    Ossian;266497 wrote:
    Note please that to create a DAG, you must be using Windows Server Enterprise edition, to make use of the clustering features

    Do both servers need to be Enterprise edition? First Exchange box is running Standard.

    Avatar
    Spuddy
    Member
    in reply to: DFS Issue. #363877

    Re: DFS Issue.

    Hi Joe,

    Sites and Services is configured and working.

    Thanks,

    Avatar
    Spuddy
    Member
    in reply to: Another couple SMTP domains. #363876

    Re: Another couple SMTP domains.

    tehcamel,

    Thanks for the prompt response.

    I gathered that much, but how does the end user manage their multiple accounts with different SMTP? Outlook 2010.

    [email protected] might now also have [email protected]

    How does he see both mailboxes, and send from various?

    Avatar
    Spuddy
    Member
    in reply to: Exchange 2010 SP1 32GB – 238MB free? #363875

    Re: Exchange 2010 SP1 32GB – 238MB free?

    Ossian;252140 wrote:
    Standard behaviour – the information store will grab almost all available RAM, but will give it up gracefully on demand from other processes

    Thanks for the quick and informative response.

    Avatar
    Spuddy
    Member
    in reply to: Exchange 2010 PS1 / Cmdlets BES 5 setup. #363874

    Re: Exchange 2010 PS1 / Cmdlets BES 5 setup.

    Issue resolved by applying SP1 Rollup 5.

    :roll:

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363873

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;246017 wrote:
    So is everything over on the new server now and removed from the old server?

    Not just yet, we have about 15 public folders and about 30,000 items. Will take a while to replicate over. Thanks for your direction guys, helped me to narrow it down.

    :beer:

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363872

    Re: New Exchange Server. ActiveSync errors.

    Resolved this. On the new exchange server (10), in the primary recieve connector i needed to changed the FQDN response to the internal DNS from the external domain. errors gone and PF’s replicating.

    Thanks for the assistance.

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363871

    Re: New Exchange Server. ActiveSync errors.

    [PS] C:Program FilesMicrosoftExchange ServerV14Scripts>Get-ReceiveConnector -Server newserver.domain.local | fl Name, AuthMechanis
    m, PermissionGroups, RemoteIPRanges

    Name : Default newserver
    AuthMechanism : Tls, Integrated, BasicAuth, ExchangeServer
    PermissionGroups : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers
    RemoteIPRanges : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}

    Name : Client newserver
    AuthMechanism : Tls, Integrated, BasicAuth
    PermissionGroups : AnonymousUsers, ExchangeServers, ExchangeLegacyServers
    RemoteIPRanges : {192.168.2.0-255.255.255.255, 192.168.1.0-192.168.1.0, 192.168.1.8, 192.168.1.2-192.168.1.255, ::-ff
    ff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}

    Name : newserver
    AuthMechanism : Tls, Integrated, ExchangeServer
    PermissionGroups : AnonymousUsers, ExchangeServers, ExchangeLegacyServers
    RemoteIPRanges : {192.168.1.7-255.255.255.255}

    Name : Photocopier
    AuthMechanism : Tls, BasicAuth, ExchangeServer
    PermissionGroups : AnonymousUsers
    RemoteIPRanges : {192.168.1.8-255.255.255.0}
    [/CODE][CODE][PS] C:Program FilesMicrosoftExchange ServerV14Scripts>Get-ReceiveConnector -Server newserver.domain.local | fl Name, AuthMechanis
    m, PermissionGroups, RemoteIPRanges

    Name : Default newserver
    AuthMechanism : Tls, Integrated, BasicAuth, ExchangeServer
    PermissionGroups : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers
    RemoteIPRanges : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}

    Name : Client newserver
    AuthMechanism : Tls, Integrated, BasicAuth
    PermissionGroups : AnonymousUsers, ExchangeServers, ExchangeLegacyServers
    RemoteIPRanges : {192.168.2.0-255.255.255.255, 192.168.1.0-192.168.1.0, 192.168.1.8, 192.168.1.2-192.168.1.255, ::-ff
    ff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}

    Name : newserver
    AuthMechanism : Tls, Integrated, ExchangeServer
    PermissionGroups : AnonymousUsers, ExchangeServers, ExchangeLegacyServers
    RemoteIPRanges : {192.168.1.7-255.255.255.255}

    Name : Photocopier
    AuthMechanism : Tls, BasicAuth, ExchangeServer
    PermissionGroups : AnonymousUsers
    RemoteIPRanges : {192.168.1.8-255.255.255.0}
    [/CODE]

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363870

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;245740 wrote:
    Do you have a receive connector setup for Exchange server authentication on the 2010 box?

    Hello,

    Yes have 4 receive connectors setup on the Ex10 box. Anonymous and Exchange Server Authentication are ticked.

    Thanks,

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363869

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;245733 wrote:
    Can you look at the tracking logs on the 2007 box? Trace one of the messages to see why it failed to deliver to the 2010 server.

    You can also look at Queues tab and note what the last result is as it may give us a clue as to what the issue is.

    Thanks for your help with this.

    Looking at the queues.

    hub version 14 tab has 395 queued and has a last error of

    451 4.4.0 Primary target IP address responded with “451 5.7.3 Cannot achieve Exchange Server authentication.” Attempted failover to alternative host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

    Unreachable Domain tab has 103 queued and has a last error of

    “There is no route to the mailbox database”

    All the 103 queued have this error.

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363868

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;245721 wrote:
    Are there any public folder related events in the application log?
    Are the Exchange servers patched to the latest level?

    Exchange Server 2010 is running SP1 and latest rollup.
    Exchange Server 2007 is running SP3, rollup 4.

    No entries of note on the new Exchange 10 server, but on the Exchange 2007 box lots of “Outgoing Replication Messages” with the database listed as “” (i.e empty).

    Outgoing message type 0x20
    Message ID: <[email protected]>
    Folder(s): (1-7EDBB8D712) IPM_SUBTREECrew Queries (M-Z)

    Database “”. [COLOR=red][FONT=&quot][/FONT][/COLOR][/CODE][CODE]Outgoing message type 0x20
    Message ID: <[email protected]>
    Folder(s): (1-7EDBB8D712) IPM_SUBTREECrew Queries (M-Z)

    Database “”. [FONT=&quot][/FONT][/CODE]

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363867

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;245646 wrote:
    Is the error accessing the new server or the old server?

    Have you changed the public folder database on the mailbox store yet?

    Run the get-publicfolderstatistics -server newserver and see if there’s anything listed.

    If not then there’s a problem with the replication that needs to be addressed. Look in the Application event log for related events. Check the queues on the servers to see if they’re being held up there.

    Also, if you ran the get-publicfolderstatistics -server newserver and nothing shows then you can run the
    AddReplicaToPFRecursive.ps1 –Server newserver –TopPublicFolder –ServerToAdd oldserver[/CODE]And then point the public folders on the mailbox database back to the old server while you troubleshoot replication.[/QUOTE]

    Thanks, now back using the PF db on the old Ex07 server.

    In relation to the replication, I have run the get-publicfolderstatistics -server newserver command and get nothing back on the new server.

    I checked the message queue on the old server and spotted this. Can anyone shed light on this?

    [IMG]http://img846.imageshack.us/img846/5764/replqueue.jpg[/IMG][CODE]AddReplicaToPFRecursive.ps1 –Server newserver –TopPublicFolder –ServerToAdd oldserver[/CODE]And then point the public folders on the mailbox database back to the old server while you troubleshoot replication.

    Thanks, now back using the PF db on the old Ex07 server.

    In relation to the replication, I have run the get-publicfolderstatistics -server newserver command and get nothing back on the new server.

    I checked the message queue on the old server and spotted this. Can anyone shed light on this?

    replqueue.jpg

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363866

    Re: New Exchange Server. ActiveSync errors.

    Ok, so a massive problem this morning. Users trying to access the public folders (myself included) cannot.

    pferror.jpg

    How can I resolve this?

    Thanks.

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363865

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;245579 wrote:
    You can use
    Get-PublicFolderStatistics -Server oldserver[/CODE]Once there’s nothing shown by this command then the replication is done. Be sure to check the event log for issues if it seems to be stalled.[/QUOTE]

    Hi Jeremy,

    Run that command in EMS on the new exchange 2010 box and it shows that all the PFs are still on the Exchange 2007 box. :(

    Where should I be looking in event viewer for errors, and shouldn’t the command i stated below have transfered them?

    Thanks,[CODE]Get-PublicFolderStatistics -Server oldserver[/CODE]Once there’s nothing shown by this command then the replication is done. Be sure to check the event log for issues if it seems to be stalled.

    Hi Jeremy,

    Run that command in EMS on the new exchange 2010 box and it shows that all the PFs are still on the Exchange 2007 box. :(

    Where should I be looking in event viewer for errors, and shouldn’t the command i stated below have transfered them?

    Thanks,

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363864

    Re: New Exchange Server. ActiveSync errors.

    JeremyW;245567 wrote:
    Create a public folder database on the 2010 server, run the moveallreplicas.ps1 script in EMS, make sure the mailbox database is pointed to the new public folder database (in the database properties in EMS).

    Thanks for this, so I created a new PF database on the new exchange 2010 box and ran this from the exchange 2010 EMS.

    .MoveAllReplicas.ps1 -Server oldserver.domain.local -NewServer newserver.domain.local [/CODE]

    I didn’t get any errors or messages. How can I track the movement and know when the move has completed?[CODE].MoveAllReplicas.ps1 -Server oldserver.domain.local -NewServer newserver.domain.local [/CODE]

    I didn’t get any errors or messages. How can I track the movement and know when the move has completed?

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363863

    Re: New Exchange Server. ActiveSync errors.

    One more thing, looking to move my public folders from a box running exchange 2007 to the new box running 2010.

    Any ideas?

    Avatar
    Spuddy
    Member
    in reply to: New Exchange Server. ActiveSync errors. #363862

    Re: New Exchange Server. ActiveSync errors.

    Thanks for the pointer. Requested certificate from GoDaddy.

    Avatar
    Spuddy
    Member
    in reply to: Two Sites, Data Centralization/Replication. #363861

    Re: Two Sites, Data Centralization/Replication.

    Hello,

    Site 1 (Head Office)

    • Windows SBS 2008 (FSMO)
    • Windows 2008 (TS)

    Site 2 (Branch Office)

    • Windows 2008 R2

    Site 1
    Soon I will be migrating the SBS to a seperate Exchange 2010 box and building up a new server to seize the domain master roles. We’re bursting at the seams in terms of SBS’s licensing.

    In terms of having the data seperate to the DCs, what would be the best option? Obviously the solution needs to be present at both sites and be intergratable/assesible by DFS. So 2x NAS or 2x SAN or a new file server at each site?

    Avatar
    Spuddy
    Member
    in reply to: SBS 2008 almost reached 75 users. #363860

    Re: SBS 2008 almost reached 75 users.

    No Responses :-(

    So I’ve come up with the following high level plan.

    • add 2008 r2 server
    • promo to dc
    • install exchange and migrate mailboxes from SBS2008
    • when sbs box is doing nothing more than being a dc, shut it down and seize the FSMO roles on the new 2008 r2 box.

    Do people concur with this or am I missing something?

    How will I point all my 75 desktop users to the new exchange server automatically?

    Avatar
    Spuddy
    Member
    in reply to: Two Subnets, VoIP, one physical LAN. Help! #363859

    Re: Two Subnets, VoIP, one physical LAN. Help!

    If I was to put a second NIC in a server on the VoIP Subnet, would I be able to add a static route to all the PC’s (GPO) to route all traffic to 10.0.2.1 /24 through the server on it’s 192.168.0.1 /24 address?

    Avatar
    Spuddy
    Member
    in reply to: DFS replication errors. #363858

    Re: DFS replication errors.

    Ossian;214429 wrote:
    This may be due to Server 2008 firewall blocking high ports
    RPC mapper uses ports above 1024 (http://support.microsoft.com/kb/839880)

    Thanks, I’m giving this a try to see whether it resolves the issue.

    http://social.technet.microsoft.com/Forums/en-US/winserverfiles/thread/dc24d365-59f2-4738-8e6f-db1180000f99

    Avatar
    Spuddy
    Member
    in reply to: AD install. SAN hosts SUSE? #363857

    Re: AD install. SAN hosts SUSE?

    tehcamel;210178 wrote:
    You’d also need to find a way to move all your existingobjects from the directory into the new directory. Not sure how this is done…. I can migrate or transition between AD and AD, but not sure about Novell.

    I am not so bothered about the current directory contents, it is scarcly used mainly for share permissions (the shares are going to be trashed and recreated under NTFS and Win2008/AD), login scripts and printer mapping.

    I guess I’m going to have to backup all the data, trash the SANs/Suse iSCSI hosts and rebuild on a Windows 2008/NTFS platform. Reinstate data.

    Avatar
    Spuddy
    Member
    in reply to: AD install. SAN hosts SUSE? #363856

    Re: AD install. SAN hosts SUSE?

    tehcamel;210154 wrote:
    actually. you should also find out why they are so desperate to move to AD.

    Does the current directory work ?

    Hi There,

    The current directory works but doesn’t offer the seemless integration with windows that they require. They wish to do away with the novell client. They are also looking at installing exchange, which would require AD.

    In terms of research, I haven’t done a massive amount (this is part of it). I do have to install on existing hardware. I know I can migrate the firebird and apache services to a windows server relatively easily. It’s mainly the SAN and file storage side of things which is worrying me.

    2x Dell EMC AX150i with 2 san hosts (iscsi connectors), both san hosts run Suse 10 and at this stage without delving deeper, I think it’s safe to assume the file systems are ext3.

    Avatar
    Spuddy
    Member
    in reply to: can you have a look at my batch file? #363855

    Re: can you have a look at my batch file?

    maorosh;185027 wrote:
    @echo off & set folder=c:documents and settingsall usersdesktop
    if exist “%folder%Defragment Your Hard Disk.exe” (echo defrag file exists) else (copy /y “\domain.comnetlogondefragscriptDefragment Your Hard Disk.exe” “%folder%”)
    if exist “%folder%Cleanup Your Hard Disk.lnk” (echo cleanup file exists) else (copy “\domain.comnetlogondefragscriptCleanup Your Hard Disk.lnk” “%folder%”)[/CODE]try this one :P[/QUOTE]

    works flawlessly. Thanks!
    :beer:[CODE]@echo off & set folder=c:documents and settingsall usersdesktop
    if exist “%folder%Defragment Your Hard Disk.exe” (echo defrag file exists) else (copy /y “\domain.comnetlogondefragscriptDefragment Your Hard Disk.exe” “%folder%”)
    if exist “%folder%Cleanup Your Hard Disk.lnk” (echo cleanup file exists) else (copy “\domain.comnetlogondefragscriptCleanup Your Hard Disk.lnk” “%folder%”)[/CODE]try this one :P

    works flawlessly. Thanks!
    :beer:

    Avatar
    Spuddy
    Member

    Re: Installing software via GPO and machine security group.

    gforceindustries;176428 wrote:
    Presumably you’ve rebooted the computers? Guessing you must have done to have tried the software installation…

    gpupdate /force might be worth a try but I’m not sure if that’ll help if the computers don’t appear to be in the right security group.

    Machines have been rebooted countless times and GPUPDATE /Force countless times.

    I agree that they don’t appear to be in the security group. However…..

    Machine Security Group For Software Installation
    2itr0k1.jpg

    RSOP
    hskqw0.jpg

    Avatar
    Spuddy
    Member
    in reply to: Report on switched on PCs. #363853

    Re: Report on switched on PCs.

    gforceindustries;175771 wrote:
    I did point out that it is scriptable… did you not look at the command line usage instructions? It shows you exactly how have a report exported. Scheduled Tasks automates the process.

    I missed that, sorry. That’s good. Anyway you know of that I can define the date in the filename? A script with filename.txt is only going to over-right itself daily.

    Thanks.

    Avatar
    Spuddy
    Member
    in reply to: Report on switched on PCs. #363852

    Re: Report on switched on PCs.

    gforceindustries;175498 wrote:
    Something like Angry IP Scanner can mass-ping an IP range and report the hostname of switched on computers as well as the username of logged-in users. It’s scriptable too.

    Or you could use some form of monitoring solution which offers ‘at a glance’ reports on who is logged on where.

    This solution is half way there. We would want the solution to require no intevention. We would like the report to be automatically made/published so we can have a look at a glace. Angry IPScan requires someone to login, export etc every day.

Viewing 30 posts - 1 through 30 (of 45 total)