I came across the following problem today and thought I should share my fix.
When a user logged into OWA 2007 Premium they receive an error "The item that you attempted to access appears to be corrupted and cannot be accessed". The problem didn't occur in OWA Light. Full details of the error are below;
RequestUrl: https://mail.mydomain.com:443/owa/forms/premium/StartPage.aspxUser host address: x.x.x.xUser: John SmithEX Address: /o=HostedExchange/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=user.0001SMTP Address: user@mycompany.comOWA version: 8.1.340.0Mailbox server: mailserver.mydomain.comExceptionException type: Microsoft.Exchange.Data.Storage.CorruptDataExceptionException message: Corrupt restriction filter data.
Call stackMicrosoft.Exchange.Data.Storage.FilterRestrictionConverter.GetPropertyDefinition(MapiProp mapiProp, PropTag propTag) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateNativeFilter(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction restriction, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateFilters(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction[] restrictions, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateNativeFilter(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction restriction, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateFilters(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction[] restrictions, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateNativeFilter(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction restriction, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateFilters(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction[] restrictions, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateNativeFilter(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction restriction, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateFilters(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction[] restrictions, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateNativeFilter(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction restriction, Int32 depth) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.InternalCreateFilter(ExchangeTimeZone timeZone, MapiProp mapiProp, Restriction restriction, Int32 depth) Microsoft.Exchange.Data.Storage.SearchFolder.GetSearchCriteria() Microsoft.Exchange.Data.Storage.DefaultFolderManager.GetRemindersSearchFolderState(SearchFolder reminders) Microsoft.Exchange.Data.Storage.DefaultFolderManager.VerifyAndFixRemindersSearchFolder(StoreId reminderSearchFolderId) Microsoft.Exchange.Data.Storage.DefaultFolderManager.GetDefaultFolderId(DefaultFolderType defaultFolderType) Microsoft.Exchange.Clients.Owa.Core.UserContext.GetDefaultFolderId(DefaultFolderType defaultFolderType, String folderName) Microsoft.Exchange.Clients.Owa.Core.UserContext.get_RemindersSearchFolderId() Microsoft.Exchange.Clients.Owa.Premium.StartPage.OnInit(EventArgs e) System.Web.UI.Control.InitRecursive(Control namingContainer) System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Inner ExceptionException type: Microsoft.Exchange.Data.Storage.InvalidPropertyTypeExceptionException message: Unable to create custom property with property key [{00062002-0000-0000-c000-000000000046}:0x8232] type [Boolean].
Call stackMicrosoft.Exchange.Data.Storage.NativeStorePropertyDefinition.TryFindEquivalentDefinition(Key key, Boolean isCustom, PropType type, TypeCheckingFlag typeCheckingFlag, Boolean& createNewDefinition) Microsoft.Exchange.Data.Storage.GuidIdPropertyDefinition.InternalCreate(String displayName, Type propertyType, PropType mapiPropType, Guid propertyGuid, Int32 dispId, PropertyFlags flags, TypeCheckingFlag typeCheckingFlag, Boolean isCustom, PropertyDefinitionConstraint[] constraints) Microsoft.Exchange.Data.Storage.InternalSchema.PropertyDefinitionsFromPropTags(TypeCheckingFlag propertyTypeCheckingFlag, MapiProp mapiProp, PropTag[] tags) Microsoft.Exchange.Data.Storage.FilterRestrictionConverter.GetPropertyDefinition(MapiProp mapiProp, PropTag propTag)
The problem as you can see by the bit highlighted in red is that it is a problem with the reminders in the mailbox. You will probably find it is some corrupted calendar items that has corrupted the Reminders.
When I logged into the mailbox using Outlook I found two reminders in a popup window. When I tried to dismiss them I received an error "Cannot turn off the reminder. You may be reminded again."
To fix the problem I had to do the following;
I hope this helps you if you have the same problem.
When trying to set the External addresses for the Group Expansion Server, The Address Book Files and the Meeting Content Download you would normally use WBEMTEST to set the WMI parameters.
In a normal scenario, you would open each of the relevant objects e.g. MSFT_SIPAddressBookSetting, and click the "Instances" button. It seems that with OCS 2007 R2 you can't do that. You get an error like the following;
Number: 0x80041024
Facility: WMI
Description: Provider is not capable of the attempted operation
Instead of doing that, you have to do a query for any instances and in particular, you have to specify "where backend=xxxx" as part of the query. So for example if you have an Enterprise pool with SQL installed as the default instance, the query would be as follows;
select * from MSFT_SIPAddressBookSetting where backend="mysqlserver"
Detailed information on this is provided in the following Microsoft Support Article (http://support.microsoft.com/kb/938288).
After installing update rollup 2 for HMC 4.5 I noted a few issues with adding mailboxes and retrieving domains owned by a customer.
Thanks to Kip Ng's blog post (https://blogs.technet.com/provtest/archive/2009/02/14/hmc-4-5-rollup-2-has-been-released.aspx) his suggestion of executing the following procedures in the MPS deployment tool after installing UR2;
Good advice Kip. Thanks.
Lately I have been getting right into Powershell scripting and I have been trying to build an auditing utility which HMC 4.5 Cross Data Store (CrossDS) was supposed to provide. In building this auditing tool, I have built some basic Powershell scripts on the way that may help others understand how to develop for MPS.
A basic script I have uploaded is called GetUserPlan.ps1. I have placed it in the downloads section (http://www.msexperts.org/files/folders/powershell/entry88.aspx ). Note : I have renamed it to .txt extension just in case your proxy server filters .ps1 extensions.
This script should give you an idea on how to make MPS calls from within Powershell.
I will upload a few more scripts in the next few weeks.
After preparing to write up a guide on how Resource Management works in HMC I found a detailed article written by Arthur Fang and Shanming Xuan on Claudio Vacalebre's blog (http://www.mshosting.org/Tech-Bulletins/HMC/4%20-%20Exchange%202007%20Resource%20Manager.pdf).
Quite a detailed read, but a good one.
HMC has several roles in its delegated administration model, including the following below;
I have highlighted the ones that are important in Red.
HMC has a procedure within the "Hosted Active Directory" namespace called "GetCallerUiRoles". The response from the procedure contains a value called "highestUiRole". This value tells you the highest role the user has. It is returned in a 4-digit numeric form. The numbers are as follows;
This procedure (GetCallerUiRoles) works is as follows;
It then gets the largest number in that list and returns it in the value called "highestUiRole".
So put simply, if you are a member of Admins@CustomerName you will have read permissions to the "0500" group, if you are a member of Admins@ResellerName you will have read permissions to the "1500" group, etc.
All of these groups are setup when initially deploying HMC for the first time.
While staying up to upgrade our customer's HMC to v4.5 I watched the Virtual Launch of OCS 2007 R2.
Some good information little tidbits I have got from it so far;
Link to the technical guides of OCS 2007 R2 (Deployment, Planning, etc.)
http://technet.microsoft.com/en-us/library/dd440729(office.13).aspx
Link to the end user manuals for OCS 2007 R2 (Reference card for Conferencing, etc)
http://technet.microsoft.com/en-us/library/dd440728(office.13).aspx
Bandwidth Considerations for the new RTAudio Codec
Including security and packet overheads etc. worst case – RTAudio 8kHz (Narrowband – equivalent to standard public switched telephony (G.711)) uses 32.6Kbps or RTAudio 16kHz (Wideband audio – much higher quality) uses 49.9Kbps.
Voice quality monitoring and reporting
In this new version it is storing performance metric data in a SQL DB so that you can report on the quality of calls made within your environment
Desktop Sharing and Voice Conferencing using just a web browser
Using any of the popular web browsers (IE, Firefox, Safari, etc.) you can do application sharing and control someone else's desktop. No additional software included. Just connect to the Communicator Web Access URL for your company, and you have access to be involved in just an instant messaging chat or a full application sharing scenario. You can also make a call using Communicator Web Access where OCS dials the third party and also dials the phone number you specify (e.g. your mobile phone or desk phone etc.)
x64 Only
The new version only support x64 Windows server.
Migration options
Side-by-side, or new install. No In-place upgrade.
Time to go to bed!
Another little furfy I found tonight on a client's installation of HMC4.0. They had moved the folder "MSIShare" from C:\MSIShare to E:\MSIShare and shared the folder from there. It all worked until the HMC 4.0 to HMC 4.5 upgrade.
As it seems when upgrading to HMC4.5, the installation of the new Deployment tool doesn't update all of the namespaces unless the MSIShare folder is in the location C:\MSIShare, and no, it doesn't tell you!
So moral of the story, as with everything else on HMC, make sure you keep the configuration exactly as per the original guide.
Just in case you are behind in what is happening in the upcoming release of OCS 2007 R2, Technet Edge released some videos on the new features in October last year.
So if you have a spare few hours, here they are;
Office Communications Server 2007 R2 and the new Attendant Console (21mins 48 sec)
Presenter: Jamie Stark (Technical Product Manager, Office Communications Server Group – Voice Infrastructure)
What's New in Conferencing with Office Communications Server 2007 R2 (17 mins 48 sec)
Presenter: Renee Lo (Product Manager, Unified Communications Group – Conferencing)
What's New in Office Communicator, Communicator Web Access, and Devices with Office Communications Server 2007 R2 (15 mins 34 sec)
Presenters: Huat Chye Lim (Product Manager, Unified Communications Group – UC Devices) and Ashima Singhal (Product Manager, Unified Communications Group – Client Experiences)
Group Chat and Office Communications Server 2007 R2 (17 mins 24 secs)
Presenters: Ashima Singhal and Bob Serr (Program Manager, Office Communications Server – Focussed on IM and Group Chat)
What's New in Mobility and Anywhere Access with Office Communications Server 2007 R2 (12 mins 18 sec)
Presenter : Avi Sagiv (Product Manager, Unified Communications Group – Mobilty)
What's New in Administration and Management with Office Communications Server 2007 R2 (11 mins 18 sec)
Presenter: Anand Lakshminarayanan (Senior Product Manager, Unified Communications Group – IT Pro Experience)
If you have installed your Exchange 2007 Mailbox Server on a Windows Server 2008 server you may find an issue where the redirection from /Exchange to /OWA doesn't work.
You will get an error when you login like "The user name or password that you entered is not valid. Try entering it again."
This is because by default the IIS7 install doesn't include the following Role Services by default;
You can either install them by Adding Role Services by going into Server Manager -> Web Server (IIS) -> Add Role Services or you can run the following at a DOS prompt;
Hi All,
Sorry for my lack of blog posts lately.
As I was doing my SPLA reports, I decided I would share with everyone the SQL query that I am starting to use to provide me a list of CRM users for both SPLA and billing.
It is a query you can run in SQL Management Studio connected to the database server storing all of your CRM databases. This would obviously be run against each of your CRM database servers.
It has three different reporting modes, all you do is change the "SELECT @ReportType = 0" line at the top accordingly. Descriptions of each of the reports are listed above that line.
I hope it helps.
Kind Regards,
Cameron.
SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER OFF GO DECLARE @ReportType INT --------------------------------------------------------------- -- Specify the Report type -- 0 = Full List of all CRM databases and usernames -- 1 = Full List of all CRM databases and count of usernames -- 2 = Total Count of all users on the server --------------------------------------------------------------- SELECT @ReportType = 0
-------------------------------------- -- Exclude Admin users from the list -------------------------------------- CREATE TABLE #ExcludedUsers (DomainName nvarchar(255) PRIMARY KEY) INSERT INTO #ExcludedUsers VALUES (N'FABRIKAM\CRMServiceAcct') -- This is the admin user that deployed all of the sites INSERT INTO #ExcludedUsers VALUES (N'%trial%') -- This will exclude all users with trial in their sAMAccountName DECLARE ExcludedUsersList CURSOR FOR select DomainName from #ExcludedUsers DECLARE @ExcludedUser varchar(255) DECLARE @ExcludedUserStr varchar(8000) Set @ExcludedUserStr = '' OPEN ExcludedUsersList WHILE (1 = 1) BEGIN FETCH NEXT FROM ExcludedUsersList INTO @ExcludedUser IF (@@FETCH_STATUS=-1) break --SELECT @ExcludedUser If (@ExcludedUser LIKE '%[%]%') BEGIN Set @ExcludedUserStr = @ExcludedUserStr + 'AND DomainName not like ''' + @ExcludedUser + ''' ' END Else BEGIN Set @ExcludedUserStr = @ExcludedUserStr + 'AND DomainName <> ''' + @ExcludedUser + ''' ' END END DEALLOCATE ExcludedUsersList DROP TABLE #ExcludedUsers ----------------------------------------------
------------------------------------------------- -- Create the temporary tables to store the data ------------------------------------------------- IF (@ReportType = 0) CREATE TABLE #ReportTempTable(DatabaseName varchar(255), DomainName varchar(255)) ELSE IF ((@ReportType = 1) OR (@ReportType = 2)) CREATE TABLE #ReportTempTable2(DatabaseName varchar(255), NumOfUsers INT) -------------------------------------------------
---------------------------------------------------- -- Used to make sure the database is accessible. ---------------------------------------------------- declare @inaccessible nvarchar(12), @invalidlogin nvarchar(12), @dbinaccessible nvarchar(12) select @inaccessible = ltrim(str(convert(int, 0x03e0), 11)) select @invalidlogin = ltrim(str(convert(int, 0x40000000), 11)) select @dbinaccessible = N'0x80000000' /* SQLDMODbUserProf_InaccessibleDb; the negative number doesn't work in convert() */ ----------------------------------------------------
---------------------------------------------------- -- Specify the query to be run on all the databases -- based on report type ---------------------------------------------------- declare @command1 nvarchar(2000) IF (@ReportType = 0) SELECT @command1 = 'USE ? INSERT INTO #ReportTempTable SELECT ''?'' AS DatabaseName,DomainName AS NumOfUsers FROM SystemUserBase WHERE DomainName is not null ' + @ExcludedUserStr + ' AND FullName <> ''SYSTEM'' AND FullName <> ''INTEGRATION'' AND IsDisabled = 0' ELSE IF ((@ReportType = 1) OR (@ReportType = 2)) SELECT @command1 = 'USE ? INSERT INTO #ReportTempTable2 SELECT ''?'' AS DatabaseName,Count(DomainName) AS NumOfUsers FROM SystemUserBase WHERE DomainName is not null ' + @ExcludedUserStr + ' AND FullName <> ''SYSTEM'' AND FullName <> ''INTEGRATION'' AND IsDisabled = 0' ----------------------------------------------------
---------------------------------------------------- -- Declare the cursor listing all the CRM content -- databases. This is used by sys.sp_MSforeach_worker ---------------------------------------------------- exec(N'declare hCForEachDatabase cursor global for select name from master.dbo.sysdatabases d ' + N' where (d.status & ' + @inaccessible + N' = 0)' + N' and (d.name like ''%_MSCRM'') and (DATABASEPROPERTY(d.name, ''issingleuser'') = 0 and (has_dbaccess(d.name) = 1))' ) ----------------------------------------------------
---------------------------------------------------- -- Run the query on each of the databases specified -- in the cursor above. ---------------------------------------------------- declare @retval int select @retval = @@error if (@retval = 0) exec @retval = sys.sp_MSforeach_worker @command1, N'?', null, null, 1 else select @retval ----------------------------------------------------
---------------------------------------------------- -- Display the results of the report (Different for -- each report type). ---------------------------------------------------- IF (@ReportType = 0) SELECT DatabaseName, DomainName FROM #ReportTempTable ORDER BY DatabaseName IF (@ReportType = 1) SELECT DatabaseName, NumOfUsers from #ReportTempTable2 ORDER BY DatabaseName IF (@ReportType = 2) SELECT Sum(NumOfUsers) AS TotalNumberOfUsers from #ReportTempTable2 ----------------------------------------------------
---------------------------------------------------- -- Clean up the temporary tables. ---------------------------------------------------- IF (@ReportType = 0) DROP TABLE #ReportTempTable ELSE IF ((@ReportType = 1) OR (@ReportType = 2)) DROP TABLE #ReportTempTable2 ----------------------------------------------------
While surfing the Internet for a Sharepoint project I am working on I randomly found an Excel spreadsheet showing all of the roles in sharepoint and what permissions that gives you access to.
Totally unrelated to what I am working on but I thought it might be handy to keep a copy of as I am sure it will come in handy one day. ;o)
You can find it at http://code.msdn.microsoft.com/ReferenceTopics/Release/ProjectReleases.aspx?ReleaseId=216 under the Sharepoint 2007 Permissions Matrix link.
Cam.
When trying to modify settings with a Exchange Distribution List that was added in HMC 3.5 and you have upgraded to HMC 4.0 you may get an error "The specified path is not a distribution list.".
The problem is that HMC 4.0 checks to see if the group scope is "universal" and the group type is "distribution". It checks this by looking at the groupType attribute on the AD object and making sure it has the value "8" (i.e. Universal Distribution Group).
This is an example of the error you might get.
<response>
<errorContext description="The specified path is not a distribution list."
code="0x80004005"
executeSeqNo="39">
<errorSource namespace="Error Provider"
procedure="SetError"/>
<errorSource namespace="Hosted Email 2007"
procedure="ModifyDistributionList"/>
</errorContext>
</response>
If you followed the Nebo Migration Whitepaper it says to run ImportExchangeObjects.cmd which calls ConvertGlobalToUniversalGroup.vbs. Unfortunately there is an error in the in-place version of ConvertGroup function in the code. Here is my version updating the code so that it doesn't say "Skipping built in MPS group. Moving on to next Group." for every group.
Function ConvertGroup(objUser)
Wscript.echo "Converting Group = " & objUser.Name
On Error Resume Next
Set re = new regexp
re.Pattern = "^Admins@"
'if this is a built in MPS group, skip it.
If re.Test(objUser.Name) Then
Err.Number = 42
ConvertGroup = Err.Number
Exit Function
End If
re.Pattern = "^CSRAdmins@"
' convert group
Set objGroup = GetObject ("LDAP://" & objUser.DistinguishedName)
objGroup.Put "groupType", ADS_GROUP_TYPE_UNIVERSAL_GROUP
objGroup.SetInfo
ConvertGroup = err.Number
End Function
Just something to watch out for, The Hosted Email 2007 Provider has issues when you install .NET Framework 2.0 Security Update (KB928365). It is also a problem with .NET Framework 2.0 SP1 and .NET Framework 3.0.
You get errors like the following when calling Hosted Email 2007 procedures;
Unable to generate a temporary class (result=1). error CS0266: Cannot implicitly convert type 'Microsoft.Provisioning.Providers.Exchange2007Provider.Data.GetMailbox_ResponseResultImapMessagesRetrievalMimeFormat?' to 'Microsoft.Provisioning.Providers.Exchange2007Provider.Data.GetMailbox_ResponseResultPopMessagesRetrievalMimeFormat?'. An explicit conversion exists (are you missing a cast?)
Here is the ASP.Net forum related to it - http://forums.asp.net/p/1132849/1800690.aspx#1800690
Cam
Theme design by Cameron McFie