Buchatech.com

Archive for the ‘Microsoft Products’ Category

Setting up anonymous SMTP in DPM has been an issue for some time. Anonymous SMTP notifications don’t work even if you have your Exchange server setup correctly to receive anonymous email from DPM. Let’s step through configuring this. Here are the steps to setup SMTP in DPM that does not require authentication:

1. In DPM Administrator Console, on the Action menu, click Options.

2. In the Options dialog box, on the SMTP Server tab, type the SMTP server name, the SMTP server port, and the e-mail address you want to display in the From box of the e-mail messages that DPM sends.

The e-mail address in the From box must be a valid e-mail address on the SMTP server.

3. To test the SMTP server settings, click Send Test E-mail, type the e-mail address to where you want DPM to send the test message, and then click OK.

If you leave the Username and Password name fields blank under “Authenticated SMTP Server” you will experience one of the following errors:

ID: 518

 

Details: An Authentication error occurred when trying to connect to the SMTP server.

You typed an incorrect user name, password, or SMTP server name. Type the correct user name and password to enable e-mail delivery of reports and alerts notifications.

 

After entering the information in all fields, sending a test message should succeed and you should then be able to receive e-mail reports and notifications if configured.

or

ID: 2013

 

Details: Logon failure: unknown user name or bad password

 

DPM 2010 requires ALL the fields under the SMTP Server options to be filled in regardless if your SMTP server accepts anonymous connections or not.

The first thing to ensure is that “Allow Anonymous Relay on a Receive Connector” for your DPM server is setup on Exchange. Here is a link on how to configure this: http://technet.microsoft.com/en-us/library/bb232021.aspx

Ok now that we know the email server is set we need to configure some settings on the DPM server to get around these errors. The errors are a known issue and hopefully a fix will be released for this in the future. There are currently two work-arounds for the issue. These are:

1. In the registry on your DPM server, browse to HKLM\SOFTWARE\Microsoft\Microsoft Data Protection Manager\Notification\. Delete the SMTPPassword and SMTPUserName keys.

2. Create a local user account on the DPM server and give this user local administrative privileges. Enter the Username and Password of the user that you just setup under SMTP options in DPM.

That’s it now anonymous SMTP for DPM should work.

I have seen some questions regarding SIS that is installed with DPM. After doing some investigating and talking with Microsoft and some of the DPM MVP’s I can offer some clarification.

The SIS-Limited that is installed on a DPM server is actually a SIS Filter driver. The SIS Filter driver is what runs on DPM. You will not be able to manage the scaled down SIS like you can with full blown SIS. For example with the full blown SIS you can administer SIS using a command line tool named Sisadmin.exe. Well with SIS-Limited this tool does not exist.

DPM enables the filter driver so it can properly handle SIS files on a protected server. For example you may have SIS running on an Exchange server and DPM will know how to handle the SIS data properly when protecting it by using the SIS filter driver. DPM does not use SIS to conserve space in the storage pool when running SIS-Limited, so there is no de-dup by SIS on your DPM storage pool in this setup.

However there is a way to run a full SIS deployment on DPM, this is by installing DPM on top of Windows Storage Server. If you install DPM on a Windows Storage Server you’ll be able to use SIS for all data you store in your storage pool.

Here is the only article/documentation on installing DPM on Windows Storage Server:

http://www.itexpertmag.com/server/turn-dpm-and-windows-storage-server-into-an-appliance

Links regarding DPM supported on Windows Storage Server:

http://social.technet.microsoft.com/Forums/en-US/dpmsetup/thread/c2cf58c9-970a-45b2-bbe7-b096669f94e5/

http://technet.microsoft.com/en-us/library/ff399021.aspx (Below in Community Content)

Here is a nice step by step guide by Sean O Farrell on How to use Hardware VSS Writers with DPM 2010.

https://skydrive.live.com/view.aspx?cid=525D35B4254479E8&resid=525D35B4254479E8!161

Sean’s blog: http://seanofarrelll.blogspot.com

Thanks for this guide Sean.

I needed to add a new server for protection to DPM. I went to install the agent on the server and it failed. I then went and attached the agent and then went to do a manual install of the agent on the server itself. When I got to the point of running SetDpmServer I got an error. This is the error I got:

“C:\Program Files\Microsoft Data Protection Manager\DPM\bin>SetDpmServer.exe -dpm
ServerName DPM.DOMAIN.com
Configuring dpm server settings and firewall settings for dpm server =[DPM.DOMAIN.com]
Configuring dpm server settings and firewall settings for dpm server =[DPM.DOMAIN.com]
SetDpmServer failed with errorcode =0×80004005, error says: Unspecified error
To further troubleshoot failures with SetDpmServer, go to  http://go.microsoft.c
om/fwlink/?LinkId=169142″

This error is not very helpful. This is what I did to fix it.

From an elevated command prompt stop the Windows firewall service by running:

• Net stop mpssvc

go ahead and run again

• SetDpmServer.exe -dpmServerName DPM.DOMAIN.com

start the Windows firewall again by running

• Net start mpssvc

You should be able to go back to the DPM admin console and see that your protected servers agent is “OK” now. This should work on DPM 07,10, and 2012.

Here is another great tool from Microsoft. This is the Exchange Server Deployment Assistant. It is for Exchange 2010 deployments. It can assist you in creating a step by step plan for your Exchange deployment. It can help with On-premise, Cloud, or Exchange Hybrid deployments. This tool will also help you with upgrade scenarios.

Basically the tool will ask you a series of questions about your environment and how you want to setup Exchange. It will then populate a checklist that you can follow for your deployment. You can click through the checklist in the browser, download it or print it.

Here is a link to the tool:

http://technet.microsoft.com/en-gb/exdeploy2010/default.aspx#Index

One of the best features of Active Directory in Windows server 2008 is a security tool called Active Directory Rights Management Services (AD RMS). AD RMS allows organizations to secure content such as word documents, excel spread sheets, email’s and even can be integrated in SharePoint. A user would need to be authenticated before they could access the data from any of those content sources. I know this topic has been covered before but I wanted to post the steps from my deployment of AD RMS.

A Windows Server 2008 domain is required before you begin.

On the server you will deploy AD RMS on:

• Open Server manager
• Expand Roles
• Right click and select Add New Roles
• Click Next
• Select AD Rights management Services and click next

The following roles will need to be added as well.

• Click Add Required Role Services.

• Click Next

You can explore more about AD RMS on the next window by clicking any of the links. When done click next.

Read the rest of this entry »

Yes the title of this post is misleading. That was intentional. I have seen many fellow IT Pros in the community asking if backing up system state of Windows clients is possible with DPM 2010. Well it is not and it will not be possible with DPM 2012 either. DPM was designed to protect client data but not the machine entirely. DPM does a great job of protecting client data but there is a real need in some environments to protect client PC’s as a whole.

There is not an officially supported solution for this but there is a work around to protect the entire client.

For XP clients you could backup system state of your XP machines to a network share or folder and then have DPM pick it up from there.

Windows Vista/7 does not have a system state backup option. That was replaced with “Complete PC Back up”. Complete PC Back up in Windows Vista/7 is an image of the computer so it achieves a similar goal to system state. You can schedule to run the Complete PC Back up out to a folder or network share and then let DPM pick it up from there.

Again this is not ideal but it is a good alternative when you need complete protection of your client.

Here is the process to set this up on Windows 7.

• Go to Start>>>Control Panel>>>Backup and Restore

Note that Windows backup has not been setup yet.

• Click on Set up backup.

The Windows Backup wizard will start. This can take a while to open so be patient here.

Read the rest of this entry »

Have you ever needed to give a user access to their desktop on a Remote Desktop Services Server?  In my situation I had a user that was accessing an application via Remote Desktop Web Services. This user would also use Excel and pull reports from the applications database. These Excel reports would save locally on the server not the end users desktop.

I needed a quick and easy way for the user to access these reports in the event he needed to pull them back up. I also needed a way to accomplish this without confusing the user about being on his local desktop or the servers desktop. One of the requirements was also that the user was not allowed to log onto the server directly so having him access the desktop that way was not possible.

What I did was created a simple batch file that puts the user right into his desktop and then I published this batch file to the user via the RD Web Access interface. The end result is that he would get a Windows Explore window with all of his Excel files listed when he clicked on the app.

Here are the steps I took to set this up:

I created a batch file called USERNAMEDESKTOP.bat The file contained this syntax:

explorer.exe C:\Users\USERNAME\Desktop

I placed this in a central location in this case I created a folder called: example C:\RemoteAPP Scripts. I made this folder in case we need to create more scripts like this in the future.

I then went into RemoteAPP Manager and published the app to the user.

I then went into the properties of this app and changed the icon from the standard command prompt icon to the desktop icon.

Here is the path to the Windows icons: C:\Windows\system32\imageres.dll

Read the rest of this entry »

There may be a time when an AD RMS install goes bad or you have to remove it for whatever reason. In my case this was deployed by someone else and it needed to be removed because it was not deployed correctly. RMS was not working properly to the point where you could not get into the console.

Because it was not working I could not use the traditional way to de-commission it. I had to force a removal of RMS which should always be a last resort. Here are the steps to do this:

Go and download the AD RMS toolkit from here:

http://www.microsoft.com/download/en/confirmation.aspx?id=1479

Install the AD RMS toolkit

• Open an elevated command prompt
• CD out to %systemdrive%:\Program Files (x86)\RMS SP2 Administration Toolkit\ADScpRegister\
• ADScpRegister.exe unregisterscp https://rms.domain.com

Read the rest of this entry »

In OCS 2007 there was a tool you could use to automatically push out contacts to your OCS users. This was helpful so the end user would not have to go enter everyone they wanted to their contacts  manually in the Communicator client.

This tool was called  LCSAddContacts and it was a script you ran on the server. Well in Lync 2010 Microsoft did not add this ability into Lync 2010 and the LCSAddContacts no longer exists. Fortunately MVP Jeff Guillet has created a tool called LyncAddContacts that can do this for Lync 2010. Here is the link to that tool:

http://www.expta.com/2011/01/introducing-lyncaddcontacts.html