McAfee and SMTP Traffic

I’ve been chasing after an issue with a new Exchange deployment not sending any outbound mail. When you telnet to port 25 on any SMTP server it just fails straight away as if there’s a firewall or something in between. I finally got a network trace and the very odd thing was that there was absolutely no network traffic at all. Usually you would see a bunch of TCP SYNs if there was a firewall in the mix. I noticed that McAfee’s little shield in the tray was bright red which it does when it as something to say. The … Continue reading McAfee and SMTP Traffic

Windows 2008 Schema Update – INSUFF_ACCESS_RIGHTS

If you’re trying to import an LDIF file with some schema changes on a Windows Server 2008 (or Vista) machine and it bails with an access denied error and an INSUFF_ACCESS_RIGHTS messag, first make sure your account is in the Schema Admins group. Second, make sure User Account Control isn’t adding to the mix. Right click the command prompt shortcut and Run as Administrator and then try the LDIF import.

Windows Firewall Rules for Data Protection Manager

I’ve had the pleasure of trying to reverse engineer the firewall requirements DPM has since they’ve declined to document any of this in a useful fashion. My experience so far is that this product does something very slick with Exchange and brings with it the baggage of awful documentation and a user interface which would earn an A for a high school computer science project. The manner in which DPM does its deployment and management of agents is through something called the Agent Coordinator service. The agent coordinator comes and goes on an as necessary basis (it’s temporary) and for … Continue reading Windows Firewall Rules for Data Protection Manager

Editing Group Policies without ADUC or GPMC

Under Windows Server 2003 (and 2000), Active Directory Users and Computers was always available by just launching dsa.msc. From there you could use the legacy Group Policy management interface if you didn’t have the GPMC loaded. Windows Server 2008 machines no longer have ADUC loaded by default unless you either are on a domain controller or install the management tools. This makes the scenario where you need to edit a Group Policy locally a bit more complicated. The good news is that the Group Policy Editor itself is there on Windows Server 2008 machines, you just can’t graphically browse to … Continue reading Editing Group Policies without ADUC or GPMC

Upgrading Anti-Virus Rules for Windows Server 2008 Domain Controllers

KB article 822158 does a good job covering all of the antivirus exclusions for Windows machines as well as for domain controllers in particular. If you’re upgrading domain controllers to Windows Server 2008 or better, be sure to update your anti-virus exclusion rules as a couple of the excluded files (res1.log and res2.log) have changed names to Edbres00001.jrs and Edbres00002.jrs, respectively.

McAfee EPO Setup SQL Failure

If you’re trying to install McAfee EPO (ePolicy Orchestrator) 4.0 and setup is failing when it tries to connect to your SQL Server with a variety of worthless errors, be sure that the server name you specify matches the result of this SQL query exactly: "SELECT ServerProperty(‘ServerName’)". After hours of messing around, a network trace revealed that this was query the last thing setup issued before it failed. In general the query seems to return the SQL server’s shortname, so, if you’ve done something smart like I did and provided the FQDN of your SQL Server to setup, setup will … Continue reading McAfee EPO Setup SQL Failure

Exchange Databases Fail to Mount with 0x97E

If you run into a scenario where your Exchange databases are failing to mount with either of these errors, first reference this Technet article. Assuming that doesn’t apply then manually start the System Attendant (MSExchangeSA) service on the machine which is failing. After doing that try mounting the databases (or bringing your clustered mailbox server online with Start-ClusteredMailboxServer). Bottom line I spent hours trying to figure out why Exchange wasn’t succeeding in creating the mailboxes it needs for each store before I decided to randomly try this. Log Name: Application Source: MSExchangeIS Date: 6/6/2009 7:48:43 PM Event ID: 9519 Task … Continue reading Exchange Databases Fail to Mount with 0x97E

Resuming a Failed Exchange 2007 Setup

If you’ve ever had Exchange 2007 setup fail partially, you’ve probably noticed that some of the components (maybe even the one it failed during) show up as installed, but, if you run the ExBPA (Best Practices Analyzer), it will probably complain that setup failed. Most applications you just go to Add/Remove Programs (or Programs and Features in WS2008) and there’s a repair option. Exchange of course has no such option. The trick with Exchange is to fix it with the exsetup utility. If for example you needed to fix up a Mailbox server role installation, you’d go to C:\Exchange\Bin (or … Continue reading Resuming a Failed Exchange 2007 Setup