Month: April 2016

Enable a user to Change their Password if it has Expired using OWA for Exchange 2010 and 2013

John Leave a comment

OWA Change PasswordIf you work in a place with a lot of remote users and a password policy with expiration set then you need to give your users a way to reset their passwords.  Microsoft ISA / TMG configured with forms based authentication were able to do this out of the box.  The good news is Exchange 2010 and 2013 also have the capability, it just needs to be enabled. Change the following registry entry at your own risk.

Go to the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeOWA and then create the following REG_DWORD value if it doesn’t already exist ChangeExpiredPasswordEnabled. Once created set the DWORD value to 1.

Once you have done that simply recycle the OWA Web Application under IIS or give IIS itself a restart and your users will now be prompted to change their passwords if they are expired instead of having to call the IT helpdesk.

Troubleshooting 4.3.1 Insufficient System Resources Error for External Mail Flow on Exchange 2013

John Leave a comment

EdgeTransport.exe.config QueueDatabasePathI’ve recently been contracting out to an educational organisation assisting with their BAU work as well as helping them modernising some of their processes and server environment. I was recently given a trouble ticket where I had to troubleshoot slow external mail flow. They have an ancient spam filtering appliance coupled with an Exchange 2013 deployment. My first look was onto the appliance, after checking out the inbound mail queue I could quickly see e-mails sitting there with the following response code;

452 4.3.1 Insufficient system resources

The above response code, which indicates a temporary failure generally means that Exchange is running out of resources and you’ll have the Exchange back-pressure issue where the Transport service will reject message submission because there is not enough free disk space (which is by default 10%). From the information I had their databases sat on another disk with at least 50% free space. Going through the even log I could find no trace of this. Their Mailbox Database servers were also Transport servers so they performed messaging queuing that meant I had another database that should be taken into consideration, which is the Message Queue database. By default it sits in the C:\Program Files\Microsoft\Exchange Server\ directory and is not easily configured to be moved like a standard mailbox database using PowerShell.

As I was unsure of their environment, I quickly navigated to EdgeTransport.exe.config file located under the Bin directory and found the value of QueueDatabasePath pointing to their C drive which had only around 5% free space. I then quickly cleared out some log files that are not required and wrote up a PowerShell script that will run nightly until more space is provisioned on those servers.

Moral of the story is always give your Exchange servers plenty of free space to prevent such issues.

Finding the location of a device using an IP or MAC Address in HP intelligent Management Centre IMC (like you could in ProCurve Manager)

John Leave a comment

Find a device using IMCI was out at a client recently helping to clean up their iMC implementation and make some recommendations regarding their network setup. I was asked if you could look up Switch and Port number location of an end user device like you could in ProCurve Manager (PCM). Sure you can, the feature has been around since HP Intelligent Management Centre 5.1 and to find it you simply need to go to;

Resources > Terminal Access > Real-Time Location.

You then just need to type in either an IP Address or MAC Address of the device and click OK. Results usually come back almost instantaneous (unlike PCM).  There isn’t any special configurations needed so long as iMC is talking to your switches.

PowerShell Script to Install Updates Offline in a WIM image using DISM

John Leave a comment

WSUS Offline Downloader in actionI’ve been helping out a customer build a new MDT deployment environment and move away from Ghost and the 90’s. As they are not going to be implementing Systems Center Configuration Manager and SUP to automatically maintain their images offline any time soon, we need a way to keep their image up to date with updates, without having to re-build it every time.

I knew you could already do offline servicing with DISM but wanted to make it nice and easy for them. I’m using WSUS Offline Update to download all of the updates in one shot, you could also use WUD but their lists haven’t been updated for a while.  I copied the zip and extracted it to their deployment server and downloaded all of the updates for Windows 7 x64 SP1 and saved them all to a single updates folder. I then built up the below PowerShell script to offline service their image and apply the updates downloaded.

$UpdatesPath = "E:\Updates\*"
$MountPath = "E:\MDTDeploymentShare\Operating Systems\W7X64SP1\Mount"
$WimFile = "E:\MDTDeploymentShare\Operating Systems\W7X64SP1\REFW7X64.wim"

DISM /Mount-Wim /WimFile:$WimFile /index:1 /Mountdir:$MountPath
$UpdateArray = Get-Item $UpdatesPath
ForEach ($Updates in $UpdateArray)
{
DISM /image:$MountPath /Add-Package /Packagepath:$Updates
Start-Sleep –s 5
}
Write-Host "Updates Applied to WIM"
DISM /Unmount-Wim /Mountdir:$MountPath /commit
DISM /Cleanup-Wim

If you have 100+ updates this process can take a while so sit back and drink a coffee while you run the script. Hope that helps.