Exchange 2010 DAG Always Replicates from Active Database

Today’s article is a tidbit of information, but important to call out for larger scale DAG deployments.

Exchange 2010 always uses the active database in the DAG as the source for log shipping during normal replication.  That means that if you have multiple passive copies in your DAG, Exchange ships transaction logs from the active copy to each passive copy, even if some of the copies are in the same site.  There is no peer-to-peer log shipping between passive copies in a DAG.

Simple four node DAG with three passive copies

In the example above we have a single DAG with the active database and one HA copy in DC1, and one DR copy and a lagged copy in DC2.  Log shipping occurs from the active database to the three passive copies, traversing the WAN twice for the copies in DC2.

This can have quite an affect on a complex enterprise deployment with multiple DAGs and many remote passive copies, so keep that in mind for your designs.

Note: Log shipping is different than seeding.  Seeding is a file copy of the database to another server.  Once seeding completes log shipping is used to keep that copy up to date. It is possible to seed a database from a specific server, perhaps one in the same site.  For more information see the “Selecting the Seeding Source” topic in

Install and Configure Windows PowerShell Web Access in Three Easy Steps

Windows PowerShell Web Access Gateway Architecture

Windows PowerShell Web Access is a new feature in Windows
Server 2012. It is an IIS application that provides a Windows PowerShell
console in a web browser. The IIS application acts as a gateway between the web
browser and the machines that you can connect to in your environment. These
machines should have Windows PowerShell remoting enabled.

There are a number of resources that explain how to
configure PowerShell Web Access, including this video.  I want to tell you how to do it in as few
steps as possible. 

The following is all done from an elevated PowerShell window
of the Windows 2012 server you want to install PWA on.

the Windows PowerShell Web Access feature

Install-WindowsFeature -Name
WindowsPowerShellWebAccess -IncludeAllManagementTools

the Web Application in IIS

Install-PswaWebApplication [-UseTestCertificate]


Add the -UseTestCertificate  parameter if you don’t already have an SSL
certificate installed on the server. 
This will install a self-signed SSL certificate that will expire in 90

To use an existing SSL certificate,
make sure it is configured in Bindings on the Website to use that certificate.

Authorization Rules

Add-PswaAuthorizationRule -UserName domain\username
-ComputerName * -ConfigurationName *


This Authorization Rule will allow
the specified account to connect to any computer with any configuration name.
If you are installing on a workgroup server substitute the computer name for domain.
That’s all there is to it! 
You can access Windows PowerShell Web Access from Internet Explore using the following URL: https://servername/pswa
Windows PowerShell Web Access Login

Enter your user name, password, and the computer name you want to connect to and then click Sign In

Windows PowerShell Web Access


A Windows PowerShell window will open in your IE browser, connected to the computer you targeted.
As mentioned above, the target computer must have Windows PowerShell remoting enabled.  You can do this by running the following command from an elevated PowerShell prompt:

 Enable-PSRemoting -Force

Exchange 2010 SP2 Roll Up 4 Does Not Install – Error Code 1603

Event 1024 MSiInstaller – Error code 1603

I had an interesting problem installing Exchange 2010 SP2 Update Rollup 4 (UR4) on servers that have never had issues installing updates before.  When I tried to install SP2 UR4 on the Edge Transport or typical installation servers it would rollback the installation and log the following error in the application log:

Product: Microsoft Exchange Server – Update ‘Update Rollup 4 for Exchange Server 2010 Service Pack 2 (KB2706690) 14.2.318.2’ could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages.

Normally this issue us fixed by installing the Update Rollup from an elevated CMD prompt (see, but this time it still wasn’t working.

I enabled MSI Installer logging as per and dived into the setup logs.  I found the following error being logged in the ServiceControl.log:

[19:51:28] [Error]
System.Management.Automation.ParseException: At C:\Program Files\Microsoft\Exchange
Server\V14\Scripts\ManageScheduledTask.ps1:462 char:5

return $success


cannot leave a finally block.


input, Hashtable errorResults, Boolean enumerate)

at System.Management.Automation.PipelineOps.InvokePipeline(Object input,
Boolean ignoreInput, CommandParameterInternal[][] pipeElements,
CommandBaseAst[] pipeElementAsts, CommandRedirection[][] commandRedirections,
FunctionContext funcContext)


at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame


I examined the ManagedScheduleTask.ps1 script which apparently disables the ‘Database One Copy Alert’ scheduled task, but could not determine what the error is.  I also ran the script from EMS, which returned the same error.  Nothing showed up on the Interwebs other than a few references to PowerShell 3.0, which is not installed on these servers.

I finally resolved it by renaming the ManageScheduledTask.ps1 script to ManageScheduledTask.old and creating a new empty ManageScheduledTask.ps1 script.  The script must exist and return a non-error code when executed for the UR4 installer to work.  I renamed the script back when the installer finished.

This may be an esoteric problem, but I wanted to document it in case anyone else has the same problem.  If this does happen in your environment, please leave a comment below.  Thanks.

Error 0x8007232B ‘DNS Name Does Not Exist’ when Activating Windows 8

I have been installing Windows 8 Enterprise RTM on my lab machines using the RTM ISO from MSDN.  I’ve found that each installation does not activate properly, giving the following error:

Error code:          0x8007232B

Error description:   DNS name does not exist.

I have a valid product key for Windows 8 Enterprise from MSDN, but setup doesn’t prompt for this key during installation.

Open System properties and click ‘View details in Windows Activation’

Click the ‘Activate’ button to begin activation

Attempting activation…

Error 0x8000232B – DNS name does not exist.

The same thing happens if you try to activate Windows 8 from the PC Settings | Activate Windows menu in the “modern user interface” (aka Metro):
‘Windows can’t activate right now. Try activating Windows later. If the issue persists, contact your system administrator or technical support department for assistance.’
This occurs because Windows 8 is using a temporary product key.  You need to install the correct product key to complete Activation using the SLMGR.VBS script installed with Windows.
Here are the steps to perform activation with the correct product key after installation:
  • Open an elevated CMD prompt and run the following command, as shown below:
slmgr.vbs /ipk <product key>

  • You will receive a pop-up window from Windows Script Host indicating the product key has been installed successfully.

Installed product key <product key> successfully.
  • Shortly after that, Windows 8 will automatically activate over the Internet.  Or, if you’re impatient like me, just click the Activate button to activate windows immediately.

Windows is Activated