Some LDAP queries for common use

LDAP QUERIES

AD/GC FOR GROUPS THAT A USER IS MEMBER OF

1. Find the DN of the user e.g.
CN=Rajan Katwal,CN=Users,DC=katwal,DC=local

2.Use the DN into following query
(&(objectCategory=group)(member=CN=Rajan Katwal,CN=Users,DC=katwal,DC=local))

------------------------------------------------------------------------------------------------

USERS MEMBER OF A SPCIFIC GROUP

(&(objectcategory=user)(memberof=CN=Katwal_DL,CN=Users,DC=katwal,DC=local))

------------------------------------------------------------------------------------------------

USERS WITH SPECIFIC DISPLAY NAME

(&(objectclass=Person)(displayName= Rajan*))

------------------------------------------------------------------------------------------------

ALL ACTIVE (Non-Disabled) users from AD

(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))

------------------------------------------------------------------------------------------------

GET all user of a group but will exclude user with display name starting with "user"

(&((objectclass=user)(memberOf=cn=Group1,ou=ouOfGroup,dc=subdomain,dc=domain,dc=com))(!(|((displayname=user*)))))

Exchange 2013 prereq using command line

Following is the command to install most of the prerequisites before installing Microsoft Exchange 2013

WINDOWS SERVER 2012
=====================
(POWERSHELL)

Import-Module ServerManager

 

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http- Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

WINDOWS SERVER 2008 R2 (SP1)
==========================

Import-Module ServerManager

Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI

Microsoft Office Communication 2007 R2 (3.5.6907.268) crash especially when someone send IM using a message from MS Outlook

Problem Description: Microsoft Office Communication 2007 R2 (3.5.6907.268) crash especially when someone send IM using a message from MS Outlook. This happened to be few times after some windows updates couple of weeks back. Following will be reported in the Application Event log

Log Name:      Application

Source:        Application Error

Date:          19/06/2013 2:50:02 PM

Event ID:      1000

Task Category: (100)

Level:         Error

Keywords:      Classic

User:          N/A

Computer:      LabMachine

Description:

Faulting application name: communicator.exe, version: 3.5.6907.268, time stamp: 0x5165ca9a

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0a7cb6d8

Faulting process id: 0x238c

Faulting application start time: 0x01ce6bf22ea6ba94

Faulting application path: C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe

Faulting module path: unknown

Report Id: b374a2ee-d89b-11e2-af3a-005056c00008

This issue would mostly occur when you will be having a conversation with someone, close the window and that person later on decides to reply to you in the same window.
 

Cause: Unknown, even though it looked like the serialization issue that was fixed by MS long back.

Solution: Earlier I tried  Security Update for Microsoft Communicator 2007 R2 (KB2827753), I didn't notice this issue but it started to occur again.

Later on it got really worse and workaround was to leave all IM windows open.

 

Final fix so far is to :

 

Remove MS Communicator, install it back again and patch it with following:

 

http://support.microsoft.com/kb/976135/en-au

 

NOTE: Not being on latest security patch opens up security hole. You want to make sure you work with Microsoft on this issue if you continue to face this issue.

Files mfc100u.dll or msvcr100.dll are missing from your computer

PROBLEM DESCRIPTION: Some time while running some random programs users may see a pop-up with error message "The program cannot start because mfc100u.dll is missing from your computer."

CAUSE: Program throwing the pop-up with error message is dependent on "Microsoft Visual C++ 2010 SP1 Redistributable Package".

RESOLUTION: Depending upon the version of the OS used you may need one of the two versions of Microsoft Visual C++ 2010 SP1 Redistributable Package. Following are the locations for each package:


Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)
http://www.microsoft.com/en-au/download/details.aspx?id=8328

Microsoft Visual C++ 2010 SP1 Redistributable Package (x64)
http://www.microsoft.com/en-au/download/details.aspx?id=13523


The same packages may also fix the issue is errors similar to the following are thrown:

This application has failed to start because MSVCR100.dll was not found. Re-installing the application may fix this problem
 

Seeing a lot of duplication in journaling mailboxes while using standard MS Exchange Journaling?

Are you seeing duplicates in MS Exchange Journal mailboxes ?
Are you using standard journaling on Exchange 2007 or Exchange 2010 ?
Mostly seeing duplicate when emails are sent to large distribution lists ?

If answers to above mentioned questions is 'YES' then there are chances it is working as designed even though when reading some MS Articles about Journaling and transport journaling might confuse you a little. I am not trying to argue with MS articles (http://technet.microsoft.com/en-us/library/bb738122(v=EXCHG.80).aspx) , I am just trying to explain how that can be broken down for understanding:

There are two scenarios where you see duplication:

1. Sites with 1 Journal Mailbox: In this case you will see that when an email is sent to distribution list especially if that distribution list contained thousands of users then you will see approximately journaling mailbox having bifurcated copies that will be using formula of

Number of recipients/1000

This is because by default in Exchange 2010 and Exchange 2007 within EdgeTransport.exe.config file variable "ExpansionSizeLimit" is set to 1000. There is no garuntee through each bifurcated copy will have exact 1000 recipients information in its envalope. Sometimes you will see nine hundred something and sometimes it would few more than 1000.

Now when an email is sent to a distribution group and only one journal mailbox is configured in your environment you will see multiple copies of the message. What happens if that due to above setting in place, to make routing/delivery quicker message is broken into multiple copies by explanding the distribution list. The tests have I have apprears to suggest that breakdown is sorted alphabatically. MessageID for every single copy in journaling mailbox will be same, just the recipient information on the envalope will be different.

Above mentioned setting can be changed BUT with caution as it can impact your system if it is in production. Reffer to above mentioned article for more information.

2. Sites with more than 1 journal mailbox: This scenario gets a little more tricky. In this scenario you might even see that not only journaling mailbox that is responsible for journaling from DB where sender is location had journaled multiple copies but other journaling mailboxes also has multiple copies. If you have distribution groups with many thousand users and many journal mailboxes to spead the load of journaling you might see a lot more duplicates. Here is how I have put it in my tick skull:

(a) When a sender sends the email to the distibution list (DL) with large number of users. The journal mailbox responsible for journaling DB where sender's mailbox is located will bifurcate message to many messages in the journaling mailbox where it is journaling. Now to this point we are all good as mentioned above.

 

(b) Now if we go and check other journal mailboxes we may find similar if not exact number of messages sitting in it. The reason is that there are other mailbox DBs that are journaling to other journaling mailboxes. Usually they are only meant to have bifurcated copies of the messages that had users belonging to mailbox DBs in question within the envelop of the message. What happens is that many a times we do not divide users based on their names while assigning them mailbox DBs. Especially for a company with global presence exchange servers could be country specific or region specific. Now when first transport server would have created the bifurcated messages all other servers would have got all the copies due to one or more user being present in the envaople of the each bifurcated message. For testing in house I did the following which might explain what happened:

- CREATED USERS ON MULIPLE DBs

TEST_User1 - EXCHANGE\First Storage Group\Mailbox Database
TEST_User2 - EXCHANGE\First Storage Group\Mailbox Database
TEST_User3 - EXCHANGE\First Storage Group\Mailbox Database
TEST_User4 - EXCHANGE\Third Storage Group\Mailbox Database
TEST_User5 - EXCHANGE\Third Storage Group\Mailbox Database
TEST_User6 - EXCHANGE\Third Storage Group\Mailbox Database
TEST_User7 - EXCHANGE2\First Storage Group\Mailbox Database
TEST_User8 - EXCHANGE2\First Storage Group\Mailbox Database
TEST_User9 - EXCHANGE2\First Storage Group\Mailbox Database
TEST_User10 - EXCHANGE2\First Storage Group\Mailbox DB2
TEST_User11 - EXCHANGE2\First Storage Group\Mailbox DB2

EXCHANGE\First Storage Group\Mailbox Database   - Journal_01_2007
EXCHANGE\Third Storage Group\Mailbox Database   - Journal_02_2007
EXCHANGE2\First Storage Group\Mailbox Database  - Journal_03_2007
EXCHANGE2\First Storage Group\Mailbox DB2       - Journal_04_2007

TEST ALL - Distribution Group with all 11 users created above.

Set value of ExpansionSizeLimit to 2 and restarted Transport Service on both Exchange servers

Test CASE 1 - Sent an email from KATWAL_Service account to itself in To and "TEST ALL" in BCC

Following are the number of messages found in journal mailboxes
Journal_01_2007 = 7 messages
Journal_02_2007 = 2 messages
Journal_03_2007 = 2 messages
Journal_04_2007 = 2 messages

Breakdown of recipients on the envalipes per journal mailbox

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Journal_01_2007 = 7 messages

MSG1
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User11@katwal.local, Expanded: TESTALL@katwal.local

MSG2
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_user10@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User9@katwal.local, Expanded: TESTALL@katwal.local

MSG3
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User8@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User7@katwal.local, Expanded: TESTALL@katwal.local

MSG4
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User6@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_user5@katwal.local, Expanded: TESTALL@katwal.local

MSG5
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User4@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User3@katwal.local, Expanded: TESTALL@katwal.local

MSG6
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_user2@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User1@katwal.local, Expanded: TESTALL@katwal.local

MSG7
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
To: Katwal_service@katwal.local
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Journal_02_2007 = 2 messages

MSG1
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User6@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_user5@katwal.local, Expanded: TESTALL@katwal.local

MSG2
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User4@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User3@katwal.local, Expanded: TESTALL@katwal.local
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Journal_03_2007 = 2 messages

MSG1
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_user10@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User9@katwal.local, Expanded: TESTALL@katwal.local

MSG2
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User8@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User7@katwal.local, Expanded: TESTALL@katwal.local
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Journal_04_2007 = 2 messages

MSG1
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_User11@katwal.local, Expanded: TESTALL@katwal.local

MSG2
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434D@EXCHANGE.katwal.local>
Bcc: TEST_user10@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User9@katwal.local, Expanded: TESTALL@katwal.local
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


=====================================================================================
TEST CASE 2 - We configure all DBs on each exchange server to journal to only one journal mailbox. That way we have One journal mailbox per server.

Configured Journaling in the following manner

EXCHANGE\First Storage Group\Mailbox Database   - Journal_02_2007
EXCHANGE\Third Storage Group\Mailbox Database   - Journal_02_2007
EXCHANGE2\First Storage Group\Mailbox Database  - Journal_04_2007
EXCHANGE2\First Storage Group\Mailbox DB2       - Journal_04_2007

- Tested that changes made took place in exchange
- ExpansionSizeLimit is still set to 2
- Sent email to TEST ALL in BCC and Katwal_Service in TO list

Journal_02_2007 = 7 messages
Journal_04_2007 = 3 messages

- 7 messages breakdown is similar to what we found earlier.
- Breakdown of 3 messages in Journal_04_2007 are as follows.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Journal_04_2007 = 3 messages (from bottom to top)
MSG1
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434F@EXCHANGE.katwal.local>
Bcc: TEST_User8@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User7@katwal.local, Expanded: TESTALL@katwal.local

MSG2
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434F@EXCHANGE.katwal.local>
Bcc: TEST_user10@katwal.local, Expanded: TESTALL@katwal.local
Bcc: TEST_User9@katwal.local, Expanded: TESTALL@katwal.local

MSG3
Message-Id: <D91E43950FB2744E94C5A4E6C78E815606857157434F@EXCHANGE.katwal.local>
Bcc: TEST_User11@katwal.local, Expanded: TESTALL@katwal.local
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

=====================================================================================

TEST CASE 3 - To confirm what we found in the testing above is true; we configured all DBs to journal into Journal_04_2007

EXCHANGE\First Storage Group\Mailbox Database   - Journal_04_2007
EXCHANGE\Third Storage Group\Mailbox Database   - Journal_04_2007
EXCHANGE2\First Storage Group\Mailbox Database  - Journal_04_2007
EXCHANGE2\First Storage Group\Mailbox DB2       - Journal_04_2007

- There were only 7 messages in the Journal_04_2007 which were created the same way in above test cases.


In my testing number of mailboxes were very small leading to small number of bifurcated messages. Number of bifurcated messages will depend on configuration usesed at your site.

(NOTE: I hope others will find it useful. All above mentioned content is based on my understaning and testing performed. If you see any issues in your environment you may want to consult software vendor of yours.)


 

MS SQL - Cannot Connect to DataBase; Cannot open user database. Login Failed. Login failed for user 'userName'. (Microsoft SQL server, Error 4064)

Problem Description: After droping a database (DB) without checking if that DB was the default DB of the account used, once will find they cannot log back into the SQL Studio to connect to SQL server. Pop-up with information similar to the following will appear:

Cannot Connect to DataBase; Cannot open user database. Login Failed. Login failed for user 'userName'.  (Microsoft SQL server, Error 4064)

Cause: Accidently DB that was droped was used as default DB for the account used.

Solution: SQLCMD can be used to connect to master or tempDb and then ALTER Default_Login DB for the user. Following is an example:

C:\> SQLCMD -E -D master
1> alter login [Domain\ServiceAccount] with default_database=master
2> GO
3> exit
C:\>

This should allow the connection back to the SQL Server.

Note: Same action can me performed by SQL Studio configuration. I will update that later on with screenshots.

UPDATED: Exchange 2007 Prereq checklist for Windows 2008

(Recording for my personal refference to save time)

Following is needed to be installed while installing Exchange 2007 (upto SP3 - tested) on Windows 2008 R2 SP2. These could be added to a simple batch file for saving time especially if more than one exchange servers needed to be built at the same time.

ServerManagerCmd -i PowerShell

ServerManagerCmd -i Web-Server
ServerManagerCmd -i Web-ISAPI-Ext
ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console
ServerManagerCmd -i Web-Basic-Auth
ServerManagerCmd -i Web-Digest-Auth
ServerManagerCmd -i Web-Windows-Auth
ServerManagerCmd -i Web-Dyn-Compression

ServerManagerCmd -i RSAT-ADDS

Note: Last entry is new addition.

Exchange 2007 SP3 on Windows 2008 R2 SP2- [ERROR] An error occurred. The error code was 3221684226. The message was The system cannot find the file specified..

PROBLEM DESCRIPTION:
While trying to prepare AD for addition of a new exchange server following error is seen after running “Setup.com /PrepareAD” command:

[ERROR] An error occurred. The error code was 3221684226. The message was The system cannot find the file specified..

ExchangeSetup.log file will have entries similar to the following near to its end:

[18/02/2013 10:36:23 AM] [2] Leaving ScHavePermissionToCreateDSObject
[18/02/2013 10:36:23 AM] [2] Configuring administrative rights
[18/02/2013 10:36:23 AM] [2] Entering ScInstallLDIFScript
[18/02/2013 10:36:23 AM] [2]  ScRunLDIFScript (f:\08.03.0083\sources\dev\admin\src\libs\exsetup\exmisc.cxx:888)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2]  ScInstallLDIFScript (f:\08.03.0083\sources\dev\admin\src\libs\exsetup\server.cxx:149)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2] Leaving ScInstallLDIFScript
[18/02/2013 10:36:23 AM] [2]  CAtomOrgLevelCt::ScAddDSObjects (f:\08.03.0083\sources\dev\admin\src\udog\exsetdata\components\server\a_orglevelct.cxx:379)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2] Leaving CAtomOrgLevelCt::ScAddDSObjects
[18/02/2013 10:36:23 AM] [2]  CBaseAtom::ScRefreshDSObjects (f:\08.03.0083\sources\dev\admin\src\udog\setupbase\basecomp\baseatom.cxx:1476)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2]  CAtomOrgLevelCt::ScReinstall (f:\08.03.0083\sources\dev\admin\src\udog\exsetdata\components\server\a_orglevelct.cxx:169)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2] Leaving CAtomOrgLevelCt::ScReinstall
[18/02/2013 10:36:23 AM] [2] mode = 'Reinstall' (61955) CBaseAtom::ScSetup (f:\08.03.0083\sources\dev\admin\src\udog\setupbase\basecomp\baseatom.cxx:535)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2]  ScSetupAtom (f:\08.03.0083\sources\dev\admin\src\udog\exsetdata\exsetds.cxx:897)
           Error code 0XC0070002 (2): The system cannot find the file specified.
[18/02/2013 10:36:23 AM] [2] Leaving ScSetupAtom
[18/02/2013 10:36:23 AM] [2] [ERROR] An error occurred. The error code was 3221684226. The message was The system cannot find the file specified..
[18/02/2013 10:36:23 AM] [1] The following 1 error(s) occurred during task execution:
[18/02/2013 10:36:23 AM] [1] 0.  ErrorRecord: An error occurred. The error code was 3221684226. The message was The system cannot find the file specified..
[18/02/2013 10:36:23 AM] [1] 0.  ErrorRecord: Microsoft.Exchange.Management.Deployment.ExsetdataException: An error occurred. The error code was 3221684226. The message was The system cannot find the file specified..
[18/02/2013 10:36:23 AM] [1] [ERROR] An error occurred. The error code was 3221684226. The message was The system cannot find the file specified..
[18/02/2013 10:36:23 AM] [1] Setup is halting task execution because of one or more errors in a critical task.
[18/02/2013 10:36:23 AM] [1] Finished executing component tasks.
[18/02/2013 10:36:23 AM] [1] Ending processing.
[18/02/2013 10:36:23 AM] [0] The Exchange Server Setup operation did not complete. For more information, visit http://support.microsoft.com and enter the Error ID.
[18/02/2013 10:36:23 AM] [0] End of Setup
[18/02/2013 10:36:23 AM] [0] **********************************************

(If someone starts looking at F:\08.30.0083 folder structure that will kill a lot of your time especially if that f: disk exists on the server, I didn’t even have that so I weren’t misled)

CAUSE:  While installing Exchange 2007 with SP3 on Windows 2008 R2 (x64) one needs to have Remote Server Administration Tools (RSAT) and Active Directory Domain Services Tools installed as features.

RESOLUTION: Following command line can be used to install the features missing:

ServerManagerCmd -i RSAT-ADDS

(PS: I don’t remember using it in past for Exchange 2007 but now I have added it to my prereq batch file for Exchange 2007 on Windows 2008)