showing all posts
by lunarg on September 4th 2015, at 12:04
If your management servers have their System Center Data Access Service (SDK/DAS service) running as a domain service account, you may get the following error each time the management server(s) or SDK/DAS service is restarted, even though all SPNs are correctly registered:

Alert Description
Source: Data Access Service -
Full Path Name: SCOM01.contoso.comData Access Service -
Alert Rule: Data Access Service SPN Registration
Created: 26/08/2015 15:43:06

The System Center Data Access service failed to register an SPN. A domain admin needs to add MSOMSdkSvc/SCOM01 and MSOMSdkSvc/ to the servicePrincipalName of CN=SCOM01,OU=Users,DC=co  ...
by lunarg on September 4th 2015, at 11:23
You may encounter the following alert if SCOM's System Center Data Access Service is (re)started:

Alert Description
Source: Data Access Service -
Full Path Name:\Data Access Service -
Alert Rule: Data Access Service SPN Registration
Created: 26/08/2015 15:43:06

The System Center Data Access service failed to register an SPN. A domain admin needs to add MSOMSdkSvc/SCOM01 and MSOMSdkSvc/ to the servicePrincipalName of CN=S_scom_das,OU=Users,DC=contoso,DC=com

This alert is logged if the required SPNs for the SDK/DAS service (OMSDK service) are not present, and the account running the service is unable to create th  ...
by lunarg on September 4th 2015, at 09:25
Often overlooked during the installation of a Microsoft SQL Server is the creating of the required Service Principal Name(s) (SPN) to enable authentication through Kerberos. SCOM highlights this oversight nicely with this warning:

Alert Description
SQL Server cannot authenticate using Kerberos because the Service Principal Name (SPN) is missing, misplaced, or duplicated.
Service Account: CONTOSO\s_clsql_sqlsrv_de
Missing SPNs: MSSQLSvc/, MSSQLSvc/
Misplaced SPNs:
Duplicate SPNs:

The solution is simple: create the SPNs. All the info you need is actually in the alert's description. Use the information to create the SPNs.

Log on to a domain   ...
by lunarg on September 3rd 2015, at 14:08
The internal health monitoring system may report Unhealthy, and an error similar to the following is reported by SCOM:

Alert: {2} Resolution state: New
Alert: {2}
Source: EXCH02 - Compliance
Last modified by: System
Last modified time: 9/3/2015 11:43:37 AM Alert description: EMSMDB.DoRpc(Logon) step of ComplianceOutlookLogonToArchiveRpcCtpProbe/EXCHDB03 has failed against proxying to Unknown for
Latency: 00:00:00.9250000
Error: Error returned in LogonCallResult. Error code = WrongServer (0x00000478)
Log: RpcProxy connectivity verification  ...
by lunarg on September 3rd 2015, at 11:05
Run the following T-SQL statements.

Show a list of longest running SPIDs on a SQL Server:

select P.spid, right(convert(varchar, dateadd(ms, datediff(ms, P.last_batch, getdate()), '1900-01-01'), 121), 12) as 'batch_duration', P.program_name, P.hostname, P.loginamefrom master.dbo.sysprocesses Pwhere P.spid > 50and P.status not in ('background', 'sleeping')and P.cmd not in ('AWAITING COMMAND' ,'MIRROR HANDLER' ,'LAZY WRITER' ,'CHECKPOINT SLEEP' ,'RA MANAGER')order by batch_duration desc

To retrieve the SQL for a specific SPID:

declare @spid int, @stmt_start int, @s  ...
by lunarg on September 3rd 2015, at 10:58
If you have configured Blackberry Enterprise Server to use EWS for calendar access and free/busy information lookup, you may encounter the following errors in the logs of the BES server:

[20751] (03/26 00:03:31.030):{0x1CE4} {} WSUser::SetUser - Failed to create EWS::Service: HRESULT 80040154, EWS.DLL possibly not registered or mismatched in version

[30000] (08/31 17:19:04.565):{0x24C} {Agent Startup}-CalHelperController::InitializeEws- COM Exception: Code = 80004003, WCode = 0000, Code meaning = Invalid pointer, Source = <none>
[30000] (08/31 17:19:04.565):{0x24C} {Agent Startup}-CalHelperController::I  ...
by lunarg on September 3rd 2015, at 10:48
When running Blackberry Enterprise Server (BES) 5.0.4 in an environment with users whose mailboxes are located on Exchange 2013 servers, you may encounter the following problem: certain, but not all users lose their connectivity on their mobile devices. They can no longer send or receive e-mail, calendar, contacts.

When looking at the event viewer, an application crash is logged:

Event 1000 Application Error
Faulting application name: BlackBerryAgent.exe, version:, time stamp: 0x502e604b
Faulting module name: exmapi32.dll, version: 6.5.8320.0, time stamp: 0x517e1c40
Exception code: 0xc0000005
Fault offset: 0x00010188
Faulting process id: 0x1fbc
Faulting application start time: 0x0  ...
by lunarg on September 2nd 2015, at 17:02
Exchange 2013 uses Managed Availability to monitor its own health. One part of this monitoring is achieved through the use of synthetic transactions, mimicking regular user activity, such as accessing mailboxes, send/receive e-mail, etc. For this to work properly, the monitoring system uses so-called Health Mailboxes. These are just regular mailboxes (with a regular AD account), but are created automatically and used for the sole purpose of health monitoring. Depending on the CU-version of Exchange 2013, these are created for every database on every CAS (or just one per CAS and one per database, starting from CU6).

Sometimes, these mailboxes may become corrupt or unusable, in which case the  ...
by lunarg on September 2nd 2015, at 16:29
If you notice that SCOM is not properly discovering services on a particular server (e.g. it does not detect the presence of Exchange), you can resolve this by clearing the cache of the agent on the server. This will trigger a new full discovery, and the agent should now be able to detect the new services:

Log on the server of which services are not discovered properly.

Stop the agent (System Center Management service): net stop HealthService

Delete the contents of the Health Service State folder, located in the installation folder of the agent.
(default location: %PROGRAMFILES%\System Center Operations Manager\Agent).

Start the agent again (System Center Management service): net start  ...
by lunarg on September 2nd 2015, at 10:02
Older versions of the Cisco AnyConnect VPN client seems to remove the Connections tab from Internet Options, whenever a VPN connection is made. The tab is restored upon a graceful disconnect of the connection. But sometimes, if the user abruptly closes the connection (e.g. the computer shuts down incorrectly), in which case, the Connections tab is not restored and stays hidden forever. Users are then no longer to go to Internet Options to adjust e.g. proxy settings.

AnyConnect creates a registry key to hide the Connections tab on a connect, and removes it on a disconnect:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel] "ConnectionsTab"=dword:00000  ...
by lunarg on September 1st 2015, at 16:24
If a mailbox gets migrated or disabled (= disconnected), the mailbox is not removed from the mailbox database right away. Instead, Exchange uses the retention configuration of the mailbox database in which the mailbox was stored. This is useful if a restore of the mailbox is needed (e.g. in case of accidental deletion).

However, sometimes it may not be necessary to have the mailbox available for undelete. E.g. when you have migrated a large number of mailboxes, you may not wish to keep the old mailbox copies to free up disk space. In that case, you can manually "purge" the mailbox from the mailbox database.

Note that this only works with a disconnected mailbox. These are mailboxe  ...
by lunarg on August 31st 2015, at 15:50
You can reclaim previously allocated but unused disk space from your virtual disks by returning unused SAUs to the disk pool.

In order to reclaim space, files must be permanently deleted from disk. Space can only be reclaimed on a per-SAU base, meaning that the entire SAU must be empty and zeroed before it can be returned. If a single byte is in use on a SAU, the entire SAU cannot be returned.

Space reclamation can be done on any type of virtual disk, but depending on the type, there are some factors to account for. In case of a mirrored or dual virtual disk, the disk cannot be in recovery mode and its sync should be "up to date".

Running reclamation simultaneously is possible i  ...
by lunarg on August 31st 2015, at 12:10
To reclaim space in virtual environments and thin provisioned storage facilities, SDelete from SysInternals is probably the most used tool on Windows to clear out unused space of a volume, allowing the SAN to release these data blocks back to the storage pool.

But while SDelete is robust, it has a few (minor) limitations:

It cannot handle mount points, only logical drives (i.e. volumes mounted on a logical drive letter).

It is rather slow on very large file systems.

I found an alternative online in the form of a Powershell script at this thread, written by David Tan, who in turn based it on a script found here.

The script creates an empty ("zeroed") 1 GB file and copies that f  ...
by lunarg on August 31st 2015, at 11:45
Powershell can also handle queries through WMI, allowing you retrieve all kinds of system information from local and remote systems running Windows. This also includes information about volumes, logical drives and shares.

For this to work on remote systems, you need to have Remote Management enabled. Starting from Server 2012, this is already enabled by default.

The commands use the Get-WmiObject cmdlet to retrieve the information. If no computer name is specified, the information will be retrieved from the system running the cmdlet. In order to connect to a remote system, run the cmdlet while specifying the computer name of the remote host with the -ComputerName parameter.

For example, t  ...
by lunarg on August 28th 2015, at 10:05
Exchange mailbox database files (EDB-files) grow in size as the data within them grows. But when data is removed, their file sizes will not shrink back. Instead, the file will contain "white space", which will be re-used if additional space is needed again.

Older versions of Exchange (2007 and earlier) did (limited) automatic space reclamation as part of their online database maintenance routines. Starting from Exchange 2010, these maintenance routines have changed and space reclamation no longer occurs. It is up to the Exchange administrator to perform space reclamation if the need arises.

There are two viable methods for reclaiming disk space, each having their pros and cons:

by lunarg on August 27th 2015, at 11:51

You can reboot a DAG witness server but only if your DAG cluster is operating with all of its members online.

An FSW (file share witness) will only come into play during a failover scenario. This means that it will become a problem if a DAG member fails at the exact same moment your FSW is rebooting, because the remaining DAG member will then not achieve majority, causing the cluster to fail completely.

Note that if you reboot the FWS often in a short period, the cluster will mark the FWS as unreliable and fail the cluster. In that case, you should manually bring it back online by running the following PS cmdlet on a DAG member:

Get-ClusterResource | Start-ClusterResource
by lunarg on August 26th 2015, at 16:51

Your SCOM environment may produce the following alert on the RMS server:

Alert: Data Warehouse failed to request a list of management packs from SQL RS server
Source: 24c6a0cc-5f00-4a8c-9a40-fa4d4218c2e3
Path: Not Present
Last modified by: System
Last modified time: 8/26/2015 3:55:52 PM Alert description: Data Warehouse failed to request a list of management packs which contain reports deployed to SQL Reporting Services Server.
WebException: The operation has timed out

Check whether the data warehouse write user has a proxy server active. If this is the case, log in with that user on the RMS, and disable the proxy, or reconfigure it so it bypasses local addresses.

by lunarg on August 26th 2015, at 14:33
Due to decisions made by European Union, EU-versions of Office 2013 require the selection of the default file format when starting Office (usually Word or Excel) for the first time:

You can disable this dialog by creating the following registry key (can be used with group policy or logon script too):

In the registry, locate the key:HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\General

Create the following value:Name: ShownFileFmtPrompt

Type: DWORD (32-bit)

Value: 1

Users starting an Office program for the first time will now not be prompted to choose the default file format. The default file format will default to Open XML (DOCX, XLSX, etc).

I've noticed that when upgrad  ...
by lunarg on August 26th 2015, at 10:38
Exchange 2013 has several performance counters running by default. While this is useful for diagnostic purposes, it also can take up a lot of disk space (can go over 1 GB a day). You can use Powershell to clear out older performance logs.

gci 'S:ExchangeLoggingDiagnosticsDailyPerformanceLogs','S:ExchangeLoggingDiagnosticsPerformanceLogsToBeProcessed' | gci -Include '*.log','*.blg' -Recurse | ? LastWriteTime -lt (Get-Date).AddDays(-7) | Remove-Item

Replace the paths to the daily performance logs and performance logs to be processed. You can also adjust the number of days it needs to keep (in the example, it's 1 week). In the example, we remove the files, but you could just as easily move th  ...
by lunarg on August 24th 2015, at 16:20
Occasionally (usually once a year), you may have to renew your SSL certificate of your Active Directory Federation Services server, used for your Office 365 Single Sign-On setup. In past versions, this was done quite easily through IIS. However, since 2012 R2 (a.k.a. ADFS 3.0), ADFS no longer uses IIS and it gets a little bit more complicated.

Outlined in this short article are the steps you need to do in order to renew or replace your SSL certificate on a Windows 2012 R2 server, running ADFS 3.0.

First, renew or request a new SSL certificate through your Certificate Authority (such as GoDaddy, Enom, etc.). How to do this depends greatly on the CA. As ADFS on 2012 R2 no longer uses IIS, yo  ...
showing all posts
« March 2021»
« I needed a password with eight characters so I picked Snow White and the Seven Dwarves. »