System Center 2012 R2 Configuration Manager Toolkit – is now available for Download

Posted on December 8, 2013 by Idit Bnaya

This toolkit should help ConfigMgr Admins troubleshoot and manage their environments more effectively

Server Based Tools

  • DP Job Manager – A tool that helps troubleshoot and manage ongoing content distribution jobs to Configuration Manager distribution points.
  • Collection Evaluation Viewer – A tool that assists in troubleshooting collection evaluation related issues by viewing collection evaluation details.
  • Content Library Explorer – A tool that assists in troubleshooting issues with and viewing the contents of the content library.
  • Security Configuration Wizard Template for Microsoft System Center 2012 R2 Configuration Manager – The Security Configuration Wizard (SCW) is an attack-surface reduction tool for the Microsoft Windows Server 2008 R2 operating system. Security Configuration Wizard determines the minimum functionality required for a server’s role or roles, and disables functionality that is not required.
  • Content Library Transfer – A tool that transfers content from one disk drive to another.
  • Content Ownership Tool – A tool that changes ownership of orphaned packages (packages without an owner site server).
  • Role-based Administration Modeling and Auditing Tool – This tool helps administrators to model and audit RBA configurations.
  • Run Metering Summarization Tool – The purpose of this tool is to run the metering summarization task to analyze raw metering data

Client Based Tools

  • Client Spy – A tool that helps you troubleshoot issues related to software distribution, inventory, and software metering on System Center 2012 Configuration Manager clients.
  • Configuration Manager Trace Log Viewer – A tool used to view log files created by Configuration Manager components and agents.
  • Deployment Monitoring Tool – The Deployment Monitoring Tool is a graphical user interface designed help troubleshoot Applications, Updates, and Baseline deployments on System Center 2012 Configuration Manager clients.
  • Policy Spy – A policy viewer that helps you review and troubleshoot the policy system on System Center 2012 Configuration Manager clients.
  • Power Viewer Tool – A tool to view the status of power management feature on System Center 2012 Configuration Manager clients.
  • Send Schedule Tool – A tool used to trigger a schedule on a client or trigger the evaluation of a specified DCM Baseline. You can trigger a schedule either locally or remotely.
  • Wakeup Spy – A tool that provides a view of the power state of Configuration Manager client computers and which operate as managers or manages.

Download – http://www.microsoft.com/en-us/download/details.aspx?id=36213

Posted in SCCM 2012, SCCM 2012 R2, System Center | Tagged , | 1 Comment

Enable-MSOnlinePasswordSync failed. Error: The pipeline has been stopped, the service is not operational

Posted on December 1, 2013 by Idit Bnaya

I ran into this error While installing Dirsync on a DC server

The error shown “The Server is not operational”
Event log: “Enable-MSOnlinePasswordSync failed. Error: The pipeline has been stopped.”

image

The solution was simply to log off and log on to the DC server.

 

Good luck !

Posted in Office365, Office365 Proplus | 1 Comment

Netapp – Create new LUN for exchange DB Using Netapp 2020

Posted on November 27, 2013 by Idit Bnaya

 

This guide provide the steps to take in order to create new Database in Exchange using Netapp storage and snap drive

In this case , I’m using Netapp 2020

 

1. Check Space Availability

Available storage in NetApp filers is contained in aggregates.
– In NetApp onCommand System Manager select the aggregate section and check for available space:

image

2.Create Volume  

Now that you are sure that you have Enough disk space available you can create a new volume

-In NetApp onCommand System Manager select the Volume section and then click on "Create"

image

You’re now presented with the "Create Volume window"

Name: provide the name for the volume
Aggregate: choose the aggregate 

Storage Type: SAN

Total size: type the size of the DB

check the "Thin provisioned" check box if you want. 

image

Navigate to Storage Efficiency

Check the "Enable storage Efficiency" check box -  this will let you control data growth to increase storage utilization, regain capacity, and improve IT performance

image

*Do the same for the log DB

3. Create Qtree

In NetApp onCommand System Manager select the Qtrees section and then click on "Create"

image

You’re now presented with the "Create Qtree window"

Name: provide the name for the Qtree

Volume: Select the volume you created in step 2

oplocks: By default its enabled – I usually keep it that way –This options means that  A client can work with a file   (read or write it) without regularly reminding the server that it needs  access to that file, which improves performance by reducing network traffic.

Check Inherit Volume security style

Click Create.

image

*Do the same for the log DB

4. Create LUN with snap Drive

Connect to Exchange server and open Snap Drive

Navigate to "Disks" and click on Create disk

image

This will start the “Create disk Wizard”, and you can click ‘Next’ on the welcome page

image

Select the new Volume-Qtree you created
provide the name for the New Lun

Click Next

image

Select – Dedicated

image

Assign a Drive letter and the LUN size

image

Click next

image

Select the initiator , in my case its VMware ESXI

image

select Manual

image

Select the initiator group

image

Select Store with virtual machine

image

Finish the wizard

image

*Do the same for the Log DB

5. Format the new Drive

On the Exchange server Navigate to – "My computer"

Right click on the new Drive and click on Format

image

Under Allocation Unit size choose – 64 kilobytes

Check – Quick format

Start

image

*Do the same for the log DB

 

The next step is to create the DB in exchange.

 

Good luck !

Posted in Exchange 2010, Microsoft Exchange, Netapp | 1 Comment

Office 365 – Assigning Volume license to existing office365 tenant

Posted on November 12, 2013 by Idit Bnaya

In order to import an Microsoft volume license to Office365 tenant , take the following steps :

 

1. Go to – http://office.microsoft.com/setup365

2. under "Already an Office 365 customer?" click "Sign in"

image

Enter your Office 365 account

image

Enter your product key (from your account on Microsoft Volume Licensing Service Center)

image

Good Luck!

Posted in Office365, Office365 Proplus | Tagged | Leave a comment

Use PowerCLI to Backup and Restore ESXi Host Configuration

Posted on October 8, 2013 by Idit Bnaya

The following post will guide you through the steps necessary to backup Esxi host configuration with PowerCLI

Steps :

1. first you need to download the vSphere PowerCLI – installer

2. Open Powershell and Type: Add-PSSnapin VMware.VimAutomation.Core
Or, for all commands, run the script:
"C:Program Files (x86)VMwareInfrastructurevSphere PowerCLIScriptsInitialize-PowerCLIEnvironment.ps1"

3. Connect to the Server : Type "Connect-VIServer" and type server IP and credentials

image

4. Backup:

get-vmhost "Host.Domain.local"| get-vmhostfirmware -BackupConfiguration -DestinationPath “C:\BackupHost”

*BackupHost is a directory that I created, you can put any path where you want the backups to be stored.

5.Restore:

Get-vmhost “Host.Domain.local” | Set-VMHostFirmware -Restore -DestinationPath C:download

Or whereever you stored the backup config.

Posted in Vmware | Tagged , | Leave a comment

Exchange 2003 – SMTP error 550 5.7.1 Unable to relay for user@domain.com

Posted on September 30, 2013 by Idit Bnaya

One of my customer got this error after adding a new SMTP domain to mailboxes.
In his case he add the email address directly from the AD to some mailboxes and then got this error when trying to send them an email to the new address.

The solution for his problem was to create a new recipient policy and add to it the new external domain.

Create a new Recipient policy:

GO to Exchange system manager –> first organization –> recipients –> Recipients policies

you can add the domain to the default policy if you need to add it to all mailboxes or you can set a new policy for specific mailboxes.

In this case I created a policy for specific mailbox filtered by OU

1. right click on Recipient policy –> New recipient policy

image

2. Choose – Email address

image\

3. Modify –>find –> Organization units

image

4. Select the OU

image

5. New SMTP Address

image

6. Write @Yourdomain

image

image

Good luck!

Posted in Exchange 2003, Microsoft Exchange | Tagged , , , , | Leave a comment

Error when trying to add members to distribution group in Exchange 2010

Posted on September 30, 2013 by Idit Bnaya

“Changes to the distribution list membership cannot be saved. You do not have sufficient permission to perform this operation on this object.”

image

In Exchange 2010  you need to enable the ability to manage distribution groups

Logon to ECP –> under Roles & Auditing –>”Default Role Assignment Policy”

Under Distribution Group—> check “MyDistributionGroup”

image

This option will allow users to add/remove members to distribution groups they own.

Posted in Exchange 2010, Microsoft Exchange | Tagged , , , | Leave a comment

Failed to Add a Subdomain to Office 365

Posted on July 18, 2013 by Idit Bnaya

When you try to add a sub domain to office365 via the Office365 portal  , you get this error:

Can’t add domain
“Sub.Mydomain.com is a subdomain of a domain which was added by using the Microsoft Online Services Module for Windows PowerShell.
You must also use this tool to add Sub.Mydomain.com to Microsoft Online Services.”

image

Two thing you need to do in order to add a subdomain

1. add the domain using the Windows Azure Active Directory PowerShell

2. Do it on your ADFS server or you will get this message :

“Failed to connect to Active Directory Federation Services 2.0 on the local machine”

Add a sub domain using Azure Active Directory PowerShell:

  • Connect to Windows Azure Active Directory (Windows Azure AD) by using Windows PowerShell on your ADFS server
  • Type: Connect-MsolService
  • Enter your Office365 administrator credentials

image

  • Type: New-MsolFederatedDomain –DomainName “Your sub domain”

Once the command  will issued you receive this message “Successfully added ” Your sub domain”

 

Good luck Smile

Posted in ADFS, ADFS, Office365, Office365 Proplus | Leave a comment

Install dirsync with password Sync

Posted on July 7, 2013 by Idit Bnaya

Prerequisites

  1. Your Azure Active Directory tenant must be enabled for Directory Synchronization before the tenant can be enabled for Password Synchronization.
  2. The Server OS must be windows server 2008 R2 or higher
  3. Install Microsoft .NET 3.5 + Microsoft .NET Framework 4 on the Dirsync server
  4. Download Dirsync from the portal :Under – Users and groups –> Set up

image

image

Install Dirsync :

1. Run the Dirsync.exe application you downloaded

Click Next

image

2. Accept the License Terms

image

3. choose your installation path

image

4. It takes 10 minute or longer to complete

image

5. Click Next

image

6. choose to run the configuration wizard

image

 

Configure Dirsync to work with you Office365 Tenant

1. Click Next

image

2. Type your Office365 tenant  administrator

image

3. Type an enterprise admins user from your local AD

image

4. if your deployment is in an hybrid environment click – Enable Hybrid Deployment

image

5. Enable Password Sync

image

image

You can check the synchronization status with the miisclient.exe tool :

C:\Program Files\Windows Azure Active Directory Sync\SYNCBUS\Synchronization Service\UIShell\Miisclient.exe

  • Your account needs to be in the MIISAdmins local group in order to access this tool.

image

You can monitor the progress of Password Sync through the event log of the machine that is running the Directory Sync tool.

Determining the Password Sync status

You can determine which users have successfully had their passwords synchronized by reviewing the events that match the following criteria:

Source : Directory Synchronization

Event ID :656 , 657

The events with the Event ID 656 provide a report of processed password change requests:

clip_image001

The corresponding events with the ID 657 provide the result for these requests:

clip_image001[4]

In the events, the affected objects are identified by their anchor and the DN value. The anchor value corresponds to the ImmutableId value that is returned for a user by the Get-MsoUser cmdlet.

In addition to the object identifiers, Event ID 656 provides the date the user’s password was changed in the on-premises Active Directory::

clip_image002

Event ID 657 has a Result field in addition to the source object identifiers to indicate the status of synchronization for that user object.

A successfully synchronized password is in an event with the Event ID 657 indicated by a value of Success for the Result attribute. When a password synchronization attempt failed, the value of the Result attribute is Failure:

clip_image003

Disabling Password Sync

You disable Password Sync by re-running the Directory Sync tool Configuration Wizard.

When prompted by the Wizard, de-select the “Enable Password Synchronization” checkbox.

Note

This process will trigger a full synchronization. Full synchronization cycles generally take longer than other sync cycles to complete.

After running the Configuration Wizard, your tenant will no longer be synchronizing passwords.

New password changes will not synchronize to the cloud.
Users that previously had their passwords synchronized will be able to continue logging in with those passwords until they manually change their passwords in the cloud.

 

 

Good luck Smile

Posted in Office365, Office365 Proplus | Leave a comment