Exchange your Mind

"La connaissance ne vaut que si elle est partagée" / "An effective Knowledge is a shared one"

Exchange 2013 CU5 : Régression fonctionnelle

Posted by Teruin laurent le septembre 24, 2014


La venue de Microsoft Exchange 2013 si elle apporte des fonctionnalités nouvelles ne supporte plus certaines fonctionnalités historiques. C’est le cas de la possibilité de mettre en place deux sites Web OWA et ECP qui permettent dans la plupart des architectures, de publier de façon différentes les services Web Utilisateurs selon qu’ils soient accédés de l’extérieur ou de l’intérieur.

La plus regrettable est que l’absence de cette fonctionnalité sur la nouvelle version ne semble pas, selon l’éditeur être documentée. On est donc en droit de s’inquiéter de la façon dont Microsoft compte à l’avenir communiquer ou pas la suppression de certaines fonctions historiques. Le fait de ne pas reconduire certaines fonctionnalités est tout à fait justifiable mais le fait de ne pas le documenter constitue une première depuis plusieurs années. Ce comportement, au mieux cette omission, va par conséquent impliquer un accueil suspicieux des prochaines versions nous obligeant à revalider les fonctions de bases pour vérifier quelle sont toujours d’actualité.

Cordialement
Laurent Teruin

 


 

Posted in EXCHANGE 2013, Exchange 2013 Issues | 2 Comments »

Exchange 2013 Edge CU5 : Edge Issue with DNS Event Id 2000 and 205. No Dns could be retrieved

Posted by Teruin laurent le septembre 19, 2014


It is started with a warning related to edge poor performance. After looking on the fresh edge server I discovered that I have warning in the event viewer

Each day have an exchange 2013 issue. Our both edges have these warning

No DNS servers could be retrieved from network adapter 9f574acc-20d7-45c3-8a75-c967825b6ae4. Check if the computer is connected to a network and Get-NetworkConnectionInfo returns any results.


And

 

Log Name: Application
Source: MSExchangeTransport
Date: 9/19/2014 11:58:01 AM
Event ID: 2000
Task Category: SmtpSend
Level: Warning
Keywords: Classic
User: N/A
Computer: SrvExc04.xxxx.xxxx.loc
Description:
Send connector a826f0d0-76a0-4768-b347-57de55f00571: A DNS failure occurred with the following diagnostic information The DNS query for ‘SmartHostConnectorDelivery’:’srvexc01.xxx.loc,srvexc02.xxx.loc’:’a826f0d0-76a0-4768-b347-57de55f00571′ failed with error : ErrorRetry.

 

But the configuration with the DNS is correct and the mono Nic edge computer could resolve correctly all internal internet names

Name : Intel(R) 82574L Gigabit Network Connection
DnsServers : {10.100.0.1}
IPAddresses : {192.168.2.201}
AdapterGuid : 9f574acc-20d7-45c3-8a75-c967825b6ae4
MacAddress : 00:50:56:8E:25:3E
Identity : 9f574acc-20d7-45c3-8a75-c967825b6ae4
IsValid : True
ObjectState : Unchanged

If i perform a Get-transportserver iv got this

[PS] C:\Program Files\Microsoft\Exchange Server\V15\Scripts>Get-TransportServer | fl | more
WARNING: The Get-TransportServer cmdlet will be removed in a future version of Exchange. Use the Get-TransportService
cmdlet instead. If you have any scripts that use the Get-TransportServer cmdlet, update them to use the
Get-TransportService cmdlet. For more information, see http://go.microsoft.com/fwlink/p/?LinkId=254711.

 

Name : xxxx
AntispamAgentsEnabled : False
ConnectivityLogEnabled : Trueµ
ConnectivityLogMaxAge : 30.00:00:00
ConnectivityLogMaxDirectorySize : 1000 MB (1,048,576,000 bytes)
ConnectivityLogMaxFileSize : 10 MB (10,485,760 bytes)
ConnectivityLogPath : C:\Program Files\Microsoft\Exchange
Server\V15\TransportRoles\Logs\Edge\Connectivity
DelayNotificationTimeout : 04:00:00
ExternalDNSAdapterEnabled : True
ExternalDNSAdapterGuid : 9f574acc-20d7-45c3-8a75-c967825b6ae4
ExternalDNSProtocolOption : Any
ExternalDNSServers : {}
ExternalIPAddress :
InternalDNSAdapterEnabled : True
InternalDNSAdapterGuid : 9f574acc-20d7-45c3-8a75-c967825b6ae4
InternalDNSProtocolOption : Any

And frrm the Edge with cmdline DNS works perfectly!!!!!! So what is wrong with the transport? The Dns is correct and the machine can resolve correctly!

C:\Users\Administrator>nslookup
Default Server: ddi.XXX.loc
Address: 10.100.0.1
> srvexc01.XXXX.loc
Server: ddi.XXX.loc
Address: 10.100.0.1
Name: srvexc01.XXXX.loc
Address: 10.100.20.11
> srvexc02.XXXX.loc
Server: ddi.XXXX.loc
Address: 10.100.0.1
Name: srvexc02.XXX.loc
Address: 10.100.20.12

The Ip configuration is this one


And the Network card are listed here

For how to get this please refer ti this article http://blogs.technet.com/b/danstolts/archive/2010/09/25/how-to-find-a-lost-missing-hidden-or-removed-network-card-nic-or-other-device-and-even-remove-it.aspx


Useless links :

http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Exchange&ProdVer=8.0&EvtID=16025&EvtSrc=MSExchangeTransport&LCID=1033

http://technet.microsoft.com/en-us/library/bb218662(v=exchg.80).aspx

 

I set the DNS for this server with the following command

set-transportserver -server srvexc04 -ExternalDNSServers 10.100.0.1 -InternalDNSServers 10.100.0.1

Restart the transport service and No Way ! still have the event id 205 !

Do you want to laugh? Change the Ip configuration and ask to the edge to register his record to the DNS Server.


(Not very simple if you use a public one !) Restart your edge server and you will not have the eventid anymore. But on the system log you will have en warning message.
The system failed to register network adapter with settings:

At this time I could not find better!!

Exchange 2013 a so fresh version!

 

 

 

 

 

 

 


 

Posted in Exchange 2013 Issues | 1 Comment »

Exchange 2013 OWA Logging Issue is back ! : Owa the user or password you entered isn’t correct. Try entering it again.

Posted by Teruin laurent le septembre 18, 2014


HI All after executing the CU5 on one Exchange 2013; one multirole exchange 2013 Server refuse all OWA connections.


I decided to not lose too much time to search. We have encountered since 2 months some various instabilities with this service, so my script is ready let’s delete the main OWA Virtual directory and recreate it.

Remove-OwaVirtualDirectory -Identity « SRVEXXX\owa (Default Web Site) »
New-OwaVirtualDirectory -WebSiteName « Default Web Site »
set-owavirtualdirectory -identity « SRVEXXX\owa (Default Web Site) » -AdfsAuthentication $False -BasicAuthentication $true -WindowsAuthentication $false -DigestAuthentication $false -FormsAuthentication $true -LogonFormat PrincipalName

And to finalize : IISRESET /noforce

And works again !!

But if you decide to have a second Owa website for a basic authentication the SRVEXXX\owa (Default Web Site) will not works anymore.

I create a second website « ExchangeBasic » and tried to create a second OWA Directory to allow basic authentication

New-OwaVirtualDirectory -WebSiteName « ExchangeBasic »set-owavirtualdirectory -identity « SRVEXCXXX\owa (ExchangeBasic) » -ExternalAuthenticationMethods basic -BasicAuthentication $true -WindowsAuthentication $false -DigestAuthentication $false -FormsAuthentication $false
Issreset
And now you cannot log again on the SRVEXXX\owa (Default Web Site) the user name or password you entered isn’t correct.

The solution is to delete both and recreate the first one.

 

 

 

 

 


 

Posted in Exchange 2013 Issues | Leave a Comment »

Exchange 2013 : CU 5 Error installation : Web Management Service ask for an unknow certificat [Solved]

Posted by Teruin laurent le septembre 11, 2014


 

Error:

The following error was generated when « $error.Clear();
$keyPath = « HKLM:\Software\Microsoft\WebManagement\Server »;
if (!(Get-Item $keyPath -ErrorAction SilentlyContinue)) {New-Item $keyPath -Force}
Set-ItemProperty -path $keyPath -name « EnableRemoteManagement » -value 0×1 -Type DWORD -Force;
if (Get-Service WMSVC* | ?{$_.Name -eq ‘WMSVC’}) {Set-Service WMSVC -StartupType AutomaticStop-SetupService -ServiceName WMSVC ;Start-SetupService -ServiceName WMSVC}
 » was run: « Microsoft.Exchange.Configuration.Tasks.ServiceDidNotReachStatusException: Service ‘WMSVC’ failed to reach status ‘Running’ on this server at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl) at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target) at Microsoft.Exchange.Management.Tasks.ManageSetupService.WaitForServiceStatus(ServiceController serviceController, ServiceControllerStatus status, Unlimited`1 maximumWaitTime, Boolean ignoreFailures, Boolean sendWatsonReportForHungService) at Microsoft.Exchange.Management.Tasks.ManageSetupService.StartService(ServiceController serviceController, Boolean ignoreServiceStartTimeout, Boolean failIfServiceNotInstalled, Unlimited`1 maximumWaitTime, String[] serviceParameters) at Microsoft.Exchange.Management.Tasks.ManageSetupService.StartService(String serviceName, Boolean ignoreServiceStartTimeout, Boolean failIfServiceNotInstalled, Unlimited`1 maximumWaitTime, String[] serviceParameters) at Microsoft.Exchange.Management.Tasks.StartSetupService.InternalProcessRecord() at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b() at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed) ».

After searching i disicover that the Web Management Service could not start

PS C:\Windows\system32> Get-Service WMSVC* | ?{$_.Name -eq ‘WMSVC’}
Status Name DisplayName
—— —- ———–
Stopped WMSVC Web Management Service

And the error is the following

Process:WMSvc

User=NT AUTHORITY\LOCAL SERVICE
Event Xml:
<Event xmlns= »http://schemas.microsoft.com/win/2004/08/events/event »&gt;
<System>
<Provider Name= »Microsoft-Windows-IIS-IISManager » />
<EventID Qualifiers= »0″>1007</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0×80000000000000</Keywords>
<Data>IISWMSVC_STARTUP_UNABLE_TO_READ_CERTIFICATE
Unable to read the certificate with thumbprint ’31477a6e41f9ae4f8324154a3c9ac82b8feac1a8′. Please make sure the SSL certificate exists and that is correctly configured in the Management Service page.
Process:WMSvc
User=NT AUTHORITY\LOCAL SERVICE</Data>

I ve checked all certificats in this server no service are binded to this expected certificate with the thumbprint : 1477a6e41f9ae4f8324154a3c9ac82b8feac1a8′

I add a certificat in the Management Service and the service start. The CU5 installer could continue. ;-)

 


Posted in EXCHANGE 2013 | Leave a Comment »

KEMP Load Balanced can not send email through Exchange 2013 [Solved]

Posted by Teruin laurent le septembre 5, 2014


HI all

Today i v to cope with a little issue with my favorite HLB solution. Kemp. I want to set email alerte with 2 Virtuals Load Balancer. To do This i set the Load Balancer to directly send mail to the Ip address of the Exchange server on 25 Port as the picture display.


But when i check the log of the kemp vm i found this : Error Processing MAIL CMD on smtp server. Status Code = 501


BY inspecting the log of the receive connector i found this :

2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,3,10.100.20.11:25,10.100.20.15:32836,<,EHLO SrvHlb01,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,4,10.100.20.11:25,10.100.20.15:32836,>,250-serverexc01.xxxxxxxx.loc Hello [10.100.20.15],
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,5,10.100.20.11:25,10.100.20.15:32836,>,250-SIZE 37748736,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,6,10.100.20.11:25,10.100.20.15:32836,>,250-PIPELINING,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,7,10.100.20.11:25,10.100.20.15:32836,>,250-DSN,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,8,10.100.20.11:25,10.100.20.15:32836,>,250-ENHANCEDSTATUSCODES,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,9,10.100.20.11:25,10.100.20.15:32836,>,250-STARTTLS,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,10,10.100.20.11:25,10.100.20.15:32836,>,250-X-ANONYMOUSTLS,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,11,10.100.20.11:25,10.100.20.15:32836,>,250-AUTH NTLM,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,12,10.100.20.11:25,10.100.20.15:32836,>,250-X-EXPS GSSAPI NTLM,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,13,10.100.20.11:25,10.100.20.15:32836,>,250-8BITMIME,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,14,10.100.20.11:25,10.100.20.15:32836,>,250-BINARYMIME,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,15,10.100.20.11:25,10.100.20.15:32836,>,250-CHUNKING,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,16,10.100.20.11:25,10.100.20.15:32836,>,250 XRDST,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,17,10.100.20.11:25,10.100.20.15:32836,<,MAIL FROM:<INFO-Logger.SrvHlb01@[Unknown Domain]>,
2014-09-05T09:14:04.394Z,serverexc01\Default Frontend serverexc01,08D196FF590038B1,18,10.100.20.11:25,10.100.20.15:32836,*,Tarpit for ’0.00:00:05′
,

The kemp do not use a domain sufix which by default is not allowed in Exchange 2013

I try to add the local domain in the smtp configuration on the kemp interface and it works correctly !

Regards Laurent


 

Posted in KEMP HLB | Leave a Comment »

Lync 2013 Edge : The Buffer supplied to a function was too small [solved]

Posted by Teruin laurent le septembre 4, 2014


HI all

Today i cope with a strange behavior on edge server by assigning a public certificat from comodo


By inspecting the log a found this


The cetificat is well imported in the computer certificat container have a private key and the certification path is correct.


By using the following Certutil.exe command i v got this result

 

C:\Users\Adm-teruin>Certutil.exe -v -store my « 4bf5f126f5011c9dad6b737439f4e0b4″
my « Personal »
================ Certificate 2 ================
X509 Certificate:
Version: 3
Serial Number: 4bf5f126f5011c9dad6b737439f4e0b4
Signature Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.11 sha256RSA
Algorithm Parameters:
05 00
Issuer:
CN=COMODO High-Assurance Secure Server CA
O=COMODO CA Limited
L=Salford
S=Greater Manchester
C=GB
Name Hash(sha1): fde74a84a2cc6dd61ec4743bfbbf8abe4a38a458
Name Hash(md5): 193edeb04bee0820e2bde6b731cfe1be

NotBefore: 6/11/2014 2:00 AM
NotAfter: 6/12/2015 1:59 AM
Subject:
CN=access01.XXX.BBB
OU=0002 790043954
O=XXXX
Name Hash(sha1): 0b9997d9949687Fe9440f77789a8f1d87a494365eaa
Name Hash(md5): c9052776583d9038fb42d079e1999777d9e846857
Public Key Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
Algorithm Parameters:
05 00

 

To solve this issue

  1. Export the certificate with PFX format from the Edge server
  2. import it on Firefox (my machine was Windows 8.1)
  3. export it from Firefox with the format P12
  4. Remove on the edge the assignement on the concerned certificat
  5. Remove the certificat on the edge server from the certificat store
  6. import the new formated certificat with the P12 format.
  7. Assign it to the edge

It should works

 

Posted in 2- LYNC-2013, Lync 2013 -Edge | Leave a Comment »

Lync 2013 Citrix VDI HDX Engine crash after May 2014 Lync Update

Posted by Teruin laurent le septembre 1, 2014


HI all for your information this post describe a update of our attempt to delivered a stable Lync 2013 Citrix Vdi environment to our users on Xendesktop 7.5

A complete history could be found here: http://unifiedit.wordpress.com/category/2-lync-2013/lync-2013-vdi/

Since a while, we try to stabilize the Citrix VDI environment with Lync 2013 on Xendesktop 7.5. The last issue before delivering this solution to our User pilot was to fix the Ctrl Alt Tab issue (for more information see this article). http://unifiedit.wordpress.com/2014/03/07/lync-2013-vdi-citrix-alt-tab-issue-is-back/. For this a Microsoft Case has been opened and the last action was to update the Lync 2013 client with a May 2014 patch (http://support.microsoft.com/kb/2880980). As the following picture display

Figure 1 : Component on the Physical Box


After applying the update we can observe that the Ctrl Tab Issue is no more present
but when the user close the session the Ucvdi.dll of HDx Engine crash.

Figure 2 : Hdx crash when user exit from the session

Regards

Laurent Teruin


 

Posted in 2- LYNC-2013, Lync 2013 - Vdi Citrix | Leave a Comment »

Exchange 2013 UM : An error occurred while accessing the user’s mailbox. Details: Client found response content type of ‘text/html; charset=utf-8′, but expected ‘text/xml’.

Posted by David ANDRE le août 8, 2014


Hello,  

I’m currently experiencing an issue with Exchange 2013 UM. I can’t access to UM user information or activate a new exchange user for UM.

Here’s the Exchange topology:
We’re currently migrating Exchange 2010 to 2013.

Exchange 2013 Details:

-              2 Exchange 2013 FRONT-END

-              2 Exchange 2013 BACK-END

-              All are Virtual Machines under Hyper-V 3

-              OS Windows Server 2012 (no R2)

-              Exchange 2013 SP1 (CU4)

My problem is mainly with the UM part. As a reminder, under Exchange 2013, UM is present on both the FRONTEND (for the routing part UM: UMCallRouter) but also on the BACKEND (UM services).

UMCallRouter services and UMServices are active, respectively on the active FE and BE. Services are running as I have assigned the Exchange 2010 UM DialPlans to the 2013 services: so the service is fully functional on that end.

The problem is when I want to access information from a UM user via the ECP (Exchange Control Panel) I get the following error: 

Unified Messaging cannot validate or generate a PIN for UM mailbox ‘Exakis@domain.com’: An error occurred while Accessing the user’s mailbox.
Details: Client found response content type of ‘text / html; charset = utf-8 ‘goal expected’ text / xml ‘.

Here is the Error returned by the ECP:


From what I understand, Exchange 2013 relies on the WebServices (EWS) of the back-end for managing security PINs.

We also have several events that I think are related to this problem in the event viewer of the active back-ends:

-              ASP.NET 4.0.30319.0                 ID : 1309

-              MSExchange Common                ID : 4999

-              MSExchange Web Services          ID : 29



 

So, i’m still searching a solution… L

 

David ANDRE

Posted in Exchange 2013 Issues | Leave a Comment »

Exchange 2013 : WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network

Posted by Teruin laurent le août 7, 2014


HI all this morning i cope with an error message on exchange 2013 powershell

VERBOSE: Connecting to AAABBBCCCS01.xx.bb.loc.
New-PSSession : [AAABBBCCCS01.xx.bb.loc] Connecting to remote server AAABBBCCCS01.xx.bb.loc failed with the
following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that
the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows
access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote
computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI « $connectionUri » -ConfigurationName Microsoft.Excha …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin gTransportException
+ FullyQualifiedErrorId : WinRMOperationTimeout,PSSessionOpenFailed

The weird thing is that I’ve got 4 new other exchange servers installed with the same sources running on the same OS (Windows 2012 R2, exchange SP1) on vm made with the same template, on the same subnet without any issue.

After verification, i can ping all servers and the connection to Local domain controller is ok and on all exchange server the firewall is off for all connection public domain and private.

g Name: Application
Source: MSExchange ADAccess
Date: 8/7/2014 9:03:30 AM
Event ID: 2080
Task Category: Topology
Level: Information
Keywords: Classic
User: N/A
Computer: AAABBBCCCS01.xx.bb.loc
Description:
Process Microsoft.Exchange.Directory.TopologyService.exe (PID=2472). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
AAABBB001.bb.loc        CDG 1 7 7 1 0 1 1 7 1
AAABBBPDC005.bb.loc        CDG 1 7 7 1 0 1 1 7 1
AAABBB002.ad.local        CDG 1 7 7 1 0 1 1 7 1
AAABBBPDC006.bb.loc        CDG 1 7 7 1 0 1 1 7 1
AAABBBPDC007.xx.bb.loc        CDG 1 7 7 1 0 1 1 7 1
AAABBBPDC008.xx.bb.loc        CDG 1 7 7 1 0 1 1 7 1
AAABBB003.xx.bb.loc        CDG 1 7 7 1 0 0 1 7 1
AAABBBPDC009.xx.bb.loc        CDG 1 7 7 1 0 1 1 7 1
AAABBB004.xx.bb.loc        CDG 1 7 7 1 0 0 1 7 1
Out-of-site:
XXXrtd001-dc.xx.bb.loc        CDG 1 7 7 1 0 0 1 7 1
XXXMOS002.xx.bb.loc        CDG 1 7 7 1 0 1 1 7 1
XXXmos001.xx.bb.loc        CDG 1 7 7 1 0 1 1 7 1

 

On another Exchange Server where I don’t have the issue the value of this event is correct. So the problem should not be linked to a GC Access.

 

After verifications Winrm seams to works well:

C:\Users\TERUIL-EXT>WinRM QuickConfig
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer
.

After looking on the system log I found multiple events like this

log Name: System

Source: Microsoft-Windows-Security-Kerberos

Date: 8/6/2014 8:31:46 PM

Event ID: 7

Task Category: None

Level: Error

Keywords: Classic

User: N/A

Computer: AAABBBCCCS01.xx.bb.loc

Description:

The digitally signed Privilege Attribute Certificate (PAC) that contains the authorization information for client AAABBBCCCS01$ in realm XX.BB.LOC could not be validated.

 

The documentation to this event is here : http://technet.microsoft.com/en-us/library/dd348751(v=ws.10).aspx

 

I restart the computer this event is not present but still have the issue But I discover this event

Log Name: System

Source: Microsoft-Windows-WinRM

Date: 8/7/2014 10:01:58 AM

Event ID: 10149

Task Category: None

Level: Warning

Keywords: Classic

User: N/A

Computer: AAABBBCCCS01.xx.bb.loc

Description:

The WinRM service is not listening for WS-Management requests.

  User Action

If you did not intentionally stop the service, use the following command to see the WinRM configuration:

 
 

After verification the Windows Remote Management (WinRM) service was running. Try to stop a start in case of…

I check the winrm enumerate and the result was successfull

C:\Windows\system32>winrm enumerate winrm/config/listener

Listener

Address = *

Transport = HTTP

Port = 5985

Hostname

Enabled = true

URLPrefix = wsman

CertificateThumbprint

ListeningOn = 10.101.30.5, 127.0.0.1, ::1

 
 

 C:\Windows\system32>ipconfig

 Windows IP Configuration
Ethernet adapter PreProduction:

Connection-specific DNS Suffix . :

IPv4 Address. . . . . . . . . . . : 10.101.30.5

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.101.30.254

Tunnel adapter isatap.{B10CE70A-20F2-4904-9576-15EE459CB728}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

On the server where I don’t have this issue the result is this one

 

C:\Windows\system32>winrm enumerate winrm/config/listener
Listener
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 10.101.30.6, 127.0.0.1, ::1

From the server who have the issue I will try to telnet this port just in case of Firewall issue and it works!

telnet AAABBBCCCS02.xx.bb.loc 5985

I tried the inverse. From the server without any issue I will try to telnet the server who have this issue

telnet AAABBBCCCS01.xx.bb.loc 5985

and it works too. So the problem should not be linked to any firewall issue

IP config of the bad server

[PS] C:\Windows\system32>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : AAABBBCCCS01
Primary Dns Suffix . . . . . . . : xx.bb.loc
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xx.bb.loc
bb.loc
ll
Ethernet adapter PreProduction:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-89-62-C7
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.101.30.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.101.30.254
DNS Servers . . . . . . . . . . . : 10.101.0.186
10.101.0.187
10.101.0.129
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B10CE70A-20F2-4904-9576-15EE459CB728}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

 

Ip config of a good server

[PS] C:\Windows\system32>ipconfig /all

Windows IP Configuration
Host Name . . . . . . . . . . . . : AAABBBCCCS04
Primary Dns Suffix . . . . . . . : xx.bb.loc
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xx.bb.loc
bb.loc
ecoval.local

Ethernet adapter Production:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-89-03-B2
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.101.30.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.101.30.250
DNS Servers . . . . . . . . . . . : 10.101.0.42
10.101.0.43
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{AC13A358-1780-4CCB-AB59-B19AE7C3CEF4}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

 

After checking the GPO on both server. All have the same GPO group membership L

 

From the server without issue I’ve got this
[PS] C:\Windows\system32>Test-WSMan -ComputerName AAABBBCCCS02

wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0

[PS] C:\Windows\system32>Test-WSMan -ComputerName AAABBBCCCS01
wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft CorporationProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0

From the server with the connection issue I ve got this

PS C:\Windows\system32> Test-WSMan -ComputerName AAABBBCCCS02
Test-WSMan : <f:WSManFault xmlns:f= »http://schemas.microsoft.com/wbem/wsman/1/wsmanfault &raquo; Code= »2150859046″
Machine= »AAABBBCCCS01.xx.bb.loc »><f:Message>WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits ccess to remote computers within the same local subnet. </f:Message></f:WSManFault>

PS C:\Windows\system32> Test-WSMan -ComputerName AAABBBCCCS01
Test-WSMan : <f:WSManFault xmlns:f= »http://schemas.microsoft.com/wbem/wsman/1/wsmanfault &raquo; Code= »2150859046″ Machine= »AAABBBCCCS01.xx.bb.loc »><f:Message>WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. </f:Message></f:WSManFault>

I try this on the failed computer

S C:\Windows\system32> Enable-PSRemoting
winRM Quick Configuration running command « Set-WSManQuickConfig » to enable remote management of this computer by using the Windows Remote management (WinRM) service.

This includes:
1. Starting or restarting (if already started) the WinRM service
2. Setting the WinRM service startup type to Automatic
3. Creating a listener to accept requests on any IP address
4. Enabling Windows Firewall inbound rule exceptions for WS-Management traffic (for http only).

Do you want to continue?
Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is « Y »): A
winRM is already set up to receive requests on this computer.
winRM is already set up for remote management on this computer.

Uninstalling Exchange server….. Reboot and reinstall exchange server reboot…… and …. Same issue!

By examining the IIS I have remarked this configuration different The wrong server have a SITE_2 stopped.


When I want to delete it


Binding for the default website are the same on left the wrong server on the right a functional server


Binding for the Backend website are the same……


Finally I find a way to delete this second site but I’ve got still the issue on server 01

As I said the Firewall is off but the service is running. Try to stop the service and try to connect with Exchange Managemnt Shell


Downloading wireshark pfouuuuuu…..

In the dialog I can see a kerberos error


Let see in the event viewer on the server if we can find some relevant information.

Changing the Kerberos Log Level on the Server and reboot (http://support.microsoft.com/kb/262177)


And .. just after a simple reboot . Whaou !!


Let see what is inside

Log Name: System
Source: Microsoft-Windows-Security-Kerberos
Date: 8/8/2014 9:18:38 AM
Event ID: 3
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: AAABBBCCCS01.xx.yyy.loc
Description:
A Kerberos error message was received:
on logon session xx.yyy.loc\AAABBBCCCS01$
Client Time:
Server Time: 7:18:39.0000 8/8/2014 Z
Error Code: 0×19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: xx.yyy.loc
Server Name: krbtgt/xx.yyy.loc
Target Name: krbtgt/xx.yyy.loc@xx.yyy.loc
Error Text:

Let see if I have the same behavior with other functional server. And I can observe that I ve the same even but the EMS works


I found a very interesting article about Kerberos error and especially KDC_ERR_PREAUTH_REQUIRED Issue last Night. http://blogs.technet.com/b/makeiteasy/archive/2013/01/14/kdc-err-preauth-required-vs-kdc-err-preauth-failed.aspx

I will forget the Kerberos Track because I can see any KDC_ERR_PREAUTH_FAILED in the Wireshark dialog or in the event log.. The issue should be more linked to Winrm EMS.

 

I get back to Windows remote Management and I observe this


 

 

 

 

 

Posted in Exchange 2013 Issues | 3 Comments »

LYNC 2013 – Le Cumulative Update 5 est disponible !

Posted by David ANDRE le août 6, 2014


Bonjour,

Microsoft vient de mettre à disposition le Cumulative Update 5 (Aout 2014) pour Lync Server 2013. Pour rappel, le dernier CU était celui de Janvier 2014 (CU4).

Plus d’informations ici : http://support.microsoft.com/kb/2809243

Disponible au téléchargement à l’adresse suivante : http://www.microsoft.com/en-us/download/details.aspx?id=36820

Pour rappel, l’application d’un CU doit être effectuée avec précaution. Il faut privilégier son installation dans un environnement de test/pré-production. Nous ne sommes jamais à l’abri d’une version 2 de ce CU.

Voici un aperçu des corrections et amélioration apportées par ce CU :

Update for Windows Fabric August 2014

  • 2967486 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013

Update for Standard or Enterprise Edition server (Front End Servers and Edge Servers) August 2014

  • 2937310 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013 (Front End Server and Edge Server)
    • 2976568 Address book delta files are not generated in a Lync Server 2013 Enterprise Edition environment
    • 2967626 Error « creating procedure RtcResetAbAttributes » when you run « Install-CsDatabase » for rtcab database in Lync Server 2013
    • 2967629 Significant bandwidth usage increase by SIP traffic in a Lync Server 2013 environment
    • 2967630 Callee receives a missed call notification after answering a call on an IP telephone in a Lync Server 2013 environment
    • 2979931 Error « I can’t find the meeting with that number » when PSTN user dials in to conference in Lync Server 2013 environment

Update for Unified Communications Managed API 4.0, Core Runtime 64-bit August 2014

  • 2937311 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013, Unified Communications Managed API 4.0 Runtime
    • Improves the reliability, stability, and performance of Microsoft Lync Server 2013, Unified Communications Managed API 4.0 Runtime

Update for Web Components server August 2014

  • 2937297 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013, web components servers
    • 2978444 Update for Lync Server 2013 to disable Lync Web App users’ ability to upload and show PPT in online meetings
    • 2976906 Incorrect time zone is displayed when you create a meeting by using Web Scheduler in a Lync Server 2013 environment
    • 2967623 Error « This content cannot be displayed » or blank webpage when you click a dial-in URL in a Lync Server 2013 environment
    • 2967624 HD video stutters in a Lync Server 2013 based video conference in Lync 2013
    • 2967628 Telephone numbers are missing in a contact card in a Lync Server 2013-based Lync mobile client 

Update for Core Components August 2014

  • 2937305 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013, core components
    • 2967621 Error 404 when Lync phones sign in to Lync Server 2013 front-end servers during SBS failure recovery
    • 2967631 Error «  »DistributionGroupAddress » and « AgentsByUri » must be set. » when you migrate the RG service to Lync Server 2013

Update for Administrative Tools August 2014

  • 2967486 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013, Administrative Tools
    • 2983199 « Limited functionality is available due to outage » in Lync client when Lync Server 2013 replication queue is full 

Update for Web Conferencing server August 2014

  • 2937314 August 2014 Cumulative Update 5.0.8308.733 for Lync Server 2013, Web Conferencing Server
    • Improves the reliability, stability, and performance of Microsoft Lync Server 2013, Web Conferencing Server

Have Fun !

David ANDRE

Posted in Lync 2013 Mise à Jour | Leave a Comment »

 
Suivre

Recevez les nouvelles publications par mail.

Rejoignez 225 autres abonnés