Month: April 2011

Recovering Disk Space on the C: Drive in Small Business Server 2008

sysop

SBS 2008 installs all of its features using a single volume (C:), there are tools available to move some of the data to other locations, but a number of folders that remain in the C: volume can continue to grow if left unchecked, this can potentially eat all the available disk space on the C: drive. Once the C: drive reaches certain low space thresholds, some services will stop functioning properly on the server, while others will change their behavior to prevent data loss. Usually, administrators realize they have a problem when e-mail flow is impacted, under low disk space conditions, due to the Exchange Back Pressure features, mail flow will stop. Users may experience some of the following errors or non-delivery-reports: Error 0x800CCC6C, SMTP_452_NO_SYSTEM_STORAGE, or 452 4.3.1 Insufficient system resources.

These are some of the steps that can be performed to help recover and prevent these issues.

IIS and SBS Logs

(This is expanding on the existing post “Reclaiming Disk Space Lost to IIS Logs on SBS 2003 and SBS 2008”)

By default, all IIS hosted web sites have logging enabled, this can lead to some large folders in C:inetpublogsLogFiles (Review this post in case you have moved your log files). You may also want to specifically stop logging all together for certain web sites, in particular, the “WSUS Administration” web site (Site Id 1372222313). For this, perform the following steps:

  1. Launch IIS Manager from Administrative Tools.
  2. Expand Server, Sites, and select the WSUS Administration web site.
  3. On the feature panel, click to open Logging.
  4. Click Disable in the Actions panel (rightmost panel)
  5. Repeat the steps for any other web site. Please note that logging may be needed for troubleshooting or auditing purposes on sites that are public facing, this is usually not the case on the WSUS Administration site.

Some of the SBS 2008 log files can grow to very large sizes, all SBS logs are stores in this folder (and subfolders): C:Program FilesWindows Small Business ServerLogs. Some of the logs that will grow the most and may need trimming are:

  • Console.log, this log will continue to grow while the SBS Console is running.
  • *.evtx files, these are the event logs before the setup of the server completed, they can be safely removed if the server has been in production and had no setup issues.
  • W3wp.log, in the C:Program FilesWindows Small Business ServerLogsWebWorkplace folder. This is the log for Remote Web Workplace.
  • The C:Program FilesWindows Small Business ServerLogsMonitoringServiceLogs folder. These are the logs for the Windows SBS Manager service.

POP3 Connector Badmail directory

If you are using the POP3 Connector, you may end up with emails that failed to be delivered (rejected by the local Exchange server) inC:Program FilesWindows Small Business ServerDatabadmail. This folder will be automatically trimmed to 400mb once it reaches 450mb once a week.

The licensing log can consume a significant amount of hard disk space

This is discussed on the Windows Small Business Server 2008 Release Documentation
You can delete the events in the Windows SBS 2008 licensing log to free up additional space on the hard disk drive.

To delete events in the Windows SBS 2008 licensing log

  1. From the server, open a Command Prompt window as an administrator. To do this, click Start, and then in the Search box, typecommand prompt.
  2. In the list of results, right-click Command Prompt, and then click Run as administrator.
  3. At the command prompt, type the following command: del “%systemroot%system32winevtlogsMicrosoft-Windows-Server Infrastructure Licensing*%4Debug.etl.*”

You can also use Registry Editor to disable the licensing log.

  1. Click Start, type regedit, and then press ENTER.
  2. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftServerInfrastructureLicensing
  3. In the details pane, right-click TraceMask, and then click Modify.
  4. In the Edit DWORD dialog box, change the value for Value data to 0 (zero), and then click OK.
  5. Restart the server.

Windows Server Update Services (WSUS) Server Cleanup Wizard

In WSUS, you can delete unused updates and update revisions, computers not contacting the server, unneeded update files, expired updates and superseded updates. In order to accomplish this, you have to manually go through the WSUS Server Cleanup Wizard.
To run the Server Cleanup Wizard :

  1. In the WSUS administration console (launch it from the Administrative Tools), select Options, and then Server Cleanup Wizard.
  2. By default this wizard will remove unneeded content and computers that have not contacted the server for 30 days or more. Select all possible options, and then click Next.
  3. The wizard will begin the cleanup process, and will present a summary of its work when it is finished, depending on the server performance, this may take a very long time. Click Finish to complete the process.

Very large SharePoint SQL transaction log file

Please read the following KB article for an explanation and instructions on how to prevent this:
2000544 SBS 2008 BPA Reports that The Windows SharePoint Services configuration databases log file is getting large (currently over 1gb in size)

Active Directory Certificate Services transaction log files

When completing a critical or system state backup of the C: volume, a new transaction log will be generated under thec:windowssystem32certlog folder. Removing these logs is only safe as long as the CA database file is consistent. In order to remove these logs and reclaim disk space, follow these steps:

  1. Open the Services MMC and stop the Active Directory Certificate Services service.
  2. Make a backup copy of ALL the file contents present in the c:windowssystem32certlog folder.
  3. Delete EDB.CHK and all the files that have an extension of .LOG (*.LOG)
  4. Restart the Active Directory Certificate Services service.

Windows Component Clean Tool

The Windows Component Clean Tool (COMPCLN.exe) can be used to remove the files that are archived after Windows Vista SP2 or Windows Server 2008 SP2 is applied. It also removes the files that were archived after Windows Vista SP1 was applied, if they are found on the system. Running this tool is optional.

Installing Windows Server 2008 service packs increases the amount of disk space that is used by the operating system. This space is used to archive files so that the service pack can be uninstalled. Typically, you should run COMPCLN.exe if you want to reclaim this disk space after applying SP2 and if you will not need to uninstall SP2.

NOTE: You cannot uninstall Windows Vista SP2 or Windows Server 2008 SP2 after you run this tool on an image.

Move Data Wizards

We are not going to focus on these wizards on this post, but as a reference, SBS 2008 provides an automated way of moving the following:

  • Move Exchange Server Data: which moves both the exchange database file as well as your exchange transaction logs for all storage groups.
  • Move Windows SharePoint Services Data: Moves the SharePoint Content and Configuration databases.
  • Move Users’ Shared Data: Moves C:UsersShares directory and all sub directories
  • Move Users’ Redirected Documents Data: Moves C:UsersFolderRedirections directory and all sub directories
  • Move Windows Update Repository Data: Moves the repository data from C:WSUSWSUSContent and C:WSUSUpdateServicePackages. Please note it does NOT move the SUSDB Folder and the WSUS database which contains the metadata.
  • More Resources:
    Manage Server Storage by using Windows SBS Console
    Moving Data on Windows Small Business Server 2008
    Introducing Server Storage Management in SBS 2008

Update #1 3/3:
Added reference to WSUS Administration web site ID (Site Id 1372222313)
Added reference to Exchange 2007 BackPressure NDRs and errors due to low disk space

From Microsoft Technet

[Post comes to us courtesy of Damian Leibaschoff and Wayne Gordon McIntyre from Commercial Technical Support and Chris Puckett from Product Quality]

Uninstall Internet Explorer 9

sysop

To uninstall Internet Explorer 9

The following instructions apply to both Windows 7 and Windows Vista.

  1. Click the Start button Picture of the Start button, type Programs and Features in the search box, and then click View installed updates in the left pane.
  2. Under Uninstall an update, scroll down to the Microsoft Windowssection.
  3. Right-click Windows Internet Explorer 9, click Uninstall, and then, when prompted, click Yes.
  4. Click one of the following:
    • Restart now (to finish the process of uninstallingInternet Explorer 9, and restore the previous version ofInternet Explorer).
    • Restart later (to wait until you shut down or restart your computer).
Note

Note

After you uninstall Internet Explorer 9, the previously installed version of Internet Explorer will be available on your computer. It is not necessary to reinstall.

 

Restoring Mailbox Data from a Recovery Database in Exchange 2010

sysop

Getting the Database into a Clean Shutdown State

In order for Exchange to mount a database, it needs to be in a clean shutdown state. I’ll use the eseutil tool to play any outstanding transactions into the database to get it clean. Before I begin, I’ll open a command prompt, switch to the directory that contains the database and logs, and use the following command to view the status:

eseutil /mh DB01.edb

When reviewing the output, the database state will be reported as Dirty Shutdown:

What I will do next is perform a soft recovery to get the database consistent. I’ll run the following command to do this:

eseutil /r e01 /d

The /r specifies that I’m doing a soft recovery. The e01 is the log generation prefix for the database. I’m using the /d switch without any arguments to specify the database path, which is in the current directory. Since the logs are also located here, I don’t need to use the /l switch, as it defaults to the current path. Once the operation has completed successfully, I can runeseutil again with the /mh switch to verify the database is clean shutdown:

Now that my database has been restored and brought to a clean shutdown state I can create the Recovery Database.

Creating the Recovery Database

The next step in the process is to create the Recovery database using the database files restored from the backup. To do this, I’ll use the New-MailboxDatabase cmdlet with the following syntax:

New-MailboxDatabase -Name RecoveryDB -EdbFilePath E:\RecoveryDB\E_\DB01\DB01.edb -LogFolderPath E:\RecoveryDB\E_\DB01 -Recovery -Server mbx1

Notice that I’ve specified the path to the database and log files using the location where the database was restored. Also, the key to creating the Recovery database is to make sure you use the -Recovery switch parameter, as shown above. You can see I got a warning message after running the command stating the Recovery database was created using an existing file, and that I need to ensure that the database is in a clean shut down state before I try to mount it. I already did this in the previous step, so I can safely ignore this message and mount the database using the following command:

Mount-Database RecoveryDB

The Recovery database is now mounted, and I’m ready to restore mailbox data.

Finding Mailboxes and Performing a Simple Mailbox Restore

Now that my Recovery database is online, I need to be able to see what mailboxes are available for restores. I can use the Get-MailboxStatistics cmdlet to do this:

Get-MailboxStatistics -Database RecoveryDB

If you’re looking for a specific mailbox, you can filter the results using the following syntax:

Get-MailboxStatistics -Database RecoveryDB | ?{$_.DisplayName -like 'Mike*'}

You can see in this command I’ve used the ? alias for the Where-Object cmdlet. I’m using the -like operator to filter the results and only show me the mailboxes that start with Mike.

When restoring mailbox data from a Recovery database in Exchange 2010 SP1, we use the New-MailboxRestoreRequestcmdlet. When running this cmdlet, the source mailbox in the recovery database needs to be identified using one of three possible values; the DisplayNameMailboxGUID, or LegacyExchangeDN values. Keep in mind that you cannot reference the source mailbox using the Exchange Alias when performing a restore.

So, let’s take a look at the restore process. Based on the previous commands I can see that there is a copy of my mailbox in the Recovery database. To do a complete restore of the mailbox data to the original mailbox that is currently active in the production database I’ll use the following command:

New-MailboxRestoreRequest -SourceDatabase RecoveryDB -SourceStoreMailbox 'Mike Pfeiffer' -TargetMailbox mpfeiffer

Depending on the size of the mailbox, it may take quite some time to perform the restore. I can keep tabs on the progress using the following one-liner:

Get-MailboxRestoreRequest | Get-MailboxRestoreRequestStatistics

Dealing with Multiple Mailboxes with the same DisplayName

It’s possible that a Recovery database will have multiple mailboxes with the same display name. This can happen if there were one or more disconnected versions of a mailbox, in addition to an active mailbox, in the same database during the time of the back up. In this case, you can use the MailboxGuid value to identify the source mailbox when doing a restore. Consider the following:

Get-MailboxStatistics -Database RecoveryDB | ?{$_.DisplayName -like 'Isabel*'} | fl DisplayName,MailboxGuid,DisconnectDate

Here you can see that there are two mailboxes with the same display name in the Recovery database. One has aDisconnectDate defined, meaning it is a disconnected mailbox, and the other one does not which means it was the active mailbox in the database at the time of the backup. If you run into a scenario where there are multiple mailboxes in a database with the same display name, use the above command to determine the MailboxGuid of each mailbox. You can then use this value to identify the correct mailbox when performing a restore.

New-MailboxRestoreRequest -SourceDatabase RecoveryDB -SourceStoreMailbox 4a1d2118-b8cc-456c-9fd9-cd9af1f549d0 -TargetMailbox ihill

Restoring Individual Mailbox Folders

Here you can see that I am using the -IncludeFolders parameter to specify that only data from the Inbox should be restored from the mailbox in the recovery database:

New-MailboxRestoreRequest -SourceDatabase RecoveryDB -SourceStoreMailbox administrator -TargetMailbox administrator -IncludeFolders '#Inbox#'

The -IncludeFolders will accept a list of one or more mailbox folders. You can specify well-known folder names as well as personal folders using this parameter. Notice that the value needs to be enclosed in hash marks (#). For example, if you wanted to restore only the contacts folder, use #Contacts#, or #Tasks# for the Tasks folder, and so on. For more details, check out the help for this parameter in the TechNet documentation for the New-MailboxRestoreRequest cmdlet. If you simply want to restore a single root folder, check out the -SourceRootFolder parameter.

Restoring to an Archive Mailbox

Restoring a mailbox to a users archive is as simple as tacking on the -TargetIsArchive switch parameter to our original restore command. Here’s the command and output:

New-MailboxRestoreRequest -SourceDatabase RecoveryDB -SourceStoreMailbox 'Mike Pfeiffer' -TargetMailbox mpfeiffer -TargetIsArchive

Obviously, you’ll need to ensure that the target mailbox has been archive enabled for this to work.

Restoring to an Alternate Mailbox

By default, the New-MailboxRestoreRequest cmdlet looks for a matching LegacyExchangeDN on the source and destination mailbox, or checks to see that an X500 proxy address on the target mailbox corresponds to the LegacyExchangeDN on the source mailbox. This ensures that you do not accidentially restore mailbox data to the wrong location. If you need to restore data to an alternate mailbox, you can use the -AllowLegacyDNMismatch switch parameter:

New-MailboxRestoreRequest -SourceDatabase RecoveryDB -SourceStoreMailbox 'Mike Pfeiffer' -TargetMailbox administrator -TargetRootFolder Restore -AllowLegacyDNMismatch

In this example, I am restoring the data from my mailbox in the recovery database to a sub-folder of the administrator mailbox called Restore. Here’s a screen shot of the administrator mailbox after running the above restore command:

Be careful when restoring to alternate mailboxes. If you omit the -TargetRootFolder parameter, the data will be restored and merged into the existing folders in the target mailbox. On the other hand, that might be exactly what you want — if so, just remove the -TargetRootFolder parameter.

Bulk Restores

You might find yourself in a situation where you need to restore data from all mailboxes in a recovery database. For example, let’s say you need to restore the Contacts folder for all of your mailboxes. In this case, you could use a foreach loop to iterate through each mailbox in the recovery database and restore that particular folder to the active mailboxes:

foreach($mailbox in Get-MailboxStatistics -Database RecoveryDB) {
  New-MailboxRestoreRequest -SourceDatabase RecoveryDB -SourceStoreMailbox $mailbox.DisplayName -TargetMailbox $mailbox.DisplayName -SourceRootFolder Contacts
}

This might take a while; you can monitor the progress using the Get-MailboxRestoreRequest with the -Status parameter:

Get-MailboxRestoreRequest -Status Queued

As you’ve seen, there are a lot of steps and multiple options when it comes to restoring data from a recovery database. Obviously, this is not something you want to learn on the fly when a disaster strikes. I’d highly recommend documenting and testing your restore procedure on a regular basis.

Prevent a user from sending and receiving internet mail in Exchange

sysop

1. Create a Distribution Group – let’s call it “DG-NoInternetMail”. Add the recipients you want to prevent from sending internet email as members of the group.

2 . Create a Transport Rule

  1. Fire up Exchange console | Organization Configuration | Hub Transport| Transport Rules tab | click New Transport Rule
  2. Enter a name for the rule – e.g. Rule-NoInternetMail
  3. On the Conditions page, select “From a member of a distribution list”
  4. In the rule description, click the link for distribution list (underlined)
  5. Click Add | Select the distribution list “DG-NoInternetMail”
  6. Under Conditions, select a second condition “Sent to users inside or outside the organization”
  7. In the rule description, click Inside (underlined) | change scope to Outside
  8. Click Next
  9. On the Actions page, select “send bounce message to sender with enhanced status code”
  10. If you want to modify the text of the bounced message (optional): In the description, click “Delivery not authorized, message refused” | enter new message text
  11. Click Next | verify the rule conditions and action in the summary
  12. Click New | click Finish

Inbound internet mail: In Exchange Server 2003/2000, you can prevent a recipient from receiving internet mail by requiring authentication to be able to send to the recipient. Internet senders are not authenticated. There are other ways to prevent inbound mail for certain users – like using Recipient Filtering, or generating an invalid email address from a non-existent domain, e.g. foo@nonexistentdomain.corp.

3. Exchange Server 2007 recipients can be set up to require sender authentication to receive email.

Using the Exchange console:
– Recipient Configuration -> select recipient -> recipient properties | Mail Flow Settings tab | Message Delivery Restrictions | Properties
– check “require that senders are authenticated”

Using the shell:

Set-Mailbox “Foo User” -RequireSenderAuthenticationEnabled $true

Additionally, either of the other 2 alternatives mentioned above for Exchange Server 2003/2000 can be used to prevent users from receiving internet email.

Setting delivery restriction based on group membership: Rather than setting up each recipient to receive inbound mail from authenticated senders only, you can get membership of the above distribution group and pipe it into the Set-Mailbox command:

Get-DistributionGroupMember “DG-NoInternetMail” | Set-Mailbox -RequireSenderAuthenticationEnabled $true

4. Use OWA/Outlook to test sending internet mail from a user who is a member of the distribution group.