Gerod Serafin's WebLog

Helping to keep large organizations' e-mail running
Options
Search Blogs
Tags
Archive
Archives

September, 2005

TechNet Blogs » Gerod Serafin's WebLog » September, 2005
Sort by: Most Recent | Most Views | Most Comments
Excerpt View | Full Post View

  • New Version of MPSReports for Exchange

    Posted over 9 years ago
    by GerodS [MSFT]}

    It looks like Paul Flaherty has updated the Microsoft Platform Support Reporting Utility (MPSReports) for Exchange.  We have had this utility available for some time at this location, but the new version is not up there yet.  You can download the new version here.   The name of the file is MPSRPT_Exchange.zip.

    Some of the things it does:

    • Supports Exchange 5.5, 2000, and 2003
    • Gets Event Logs in multiple formats
    • Gets Cluster events
    • Runs EXBPA v2.1a locally
    • Dumps Registry information for Exchange
    • Dumps File Versions for Exchange
    • and lots more...

    An older version is still online at the downloads site, but if you have an issue and need support, the new version may be the tool that you will want to run to collect information.

  • EXBPA May Incorrectly Report Low Free PTEs

    Posted over 9 years ago
    by GerodS [MSFT]}

    When running Exchange Best Practices Analyzer (EXBPA) you may get a report saying The number of free page table entries is low, which can cause system instability.  This may be incorrect if you are running Windows 2003 but don’t have Windows 2003 SP1 installed.  The issue is that EXBPA uses the Perfmon counters for the Free System Page Table Entries (FreeSysPTEs) and that counter could be wrong.

    The Performance tool does not accurately show the available Free System Page Table entries in Windows Server 2003
    http://support.microsoft.com/default.aspx?scid=kb;en-us;894067

    This was resolved in Windows 2003 SP1.  If you don’t have the ability to install SP1 yet and want to know what the real value is, you could follow the directions in the KB article 894067.  That article recommends of getting the tool LiveKD from Sysinternals.  Now...  should you do this on a mailbox server that is in production?  How familiar are you with live kernal debugging?  Never done it before?  Then I would stick to seeing if I could get the Service Pack installed instead.

  • Read the Release Notes for Exchange 2003 SP2 CTP

    Posted over 9 years ago
    by GerodS [MSFT]}

    If you have downloaded the Microsoft Exchange server 2003 SP2 Customer Technology Preview (CTP), you may have noticed that the release notes are not updated.  The current release notes have been released to the web for you to read at http://go.microsoft.com/fwlink/?LinkId=51350.  

    Here are some things brought out in the document:

    • Custom Weighting feature for IMF -  If you want to tweak the rules for the IMF to better fit your organization, you can do it using MSExchange.UCEContent.Filter.xml.  For example, if you are a company that uses the word “Foo” a lot in your emails and you want to be sure that all emails with the word “Foo” in the subject be let through no matter if it might be spam or not you can add the line:
      <CustomWeightEntry Type=”SUBJECT” Change=”MIN” Text=”Foo”/> 
      This will lower the SCL rating to the lowest it can be (0) so that it should pass through.  You can choose words in the body, the subject, or both.  You can also choose to increase the SCL.  Increasing the SCL could be useful in instances where you need to make sure that all mail with “bad words” don’t get through.  Here is a tip:  Use notepad.exe to create the file and make sure you save the file in UNICODE format.
    • IMF v2 vs. IMF v1 – If you are running the original IMF (v1) on the server that you are installing you will need to uninstall it before you install SP2.  This is because IMF v2 is installed with SP2.  You will still need to enable the Intelligent Message Filtering on the SMTP Virtual Server.
    • Who deleted my Public Folder? - We now can tell you who it was, but you will need to turn up logging before it gets deleted.  Turn logging up to Medium on MSExchangeIS \ Public Folders \ General.
    • Disabling MAPI access for mailboxes – If you have a user that shouldn’t be using MAPI to access the server, you can prevent this on a per-user basis.  You can also prevent users from accessing their mailbox if they are not in cached mode.
    • Public Folder Storms – Now you can pause and resume all replication of public folders.

    This is really just a small part of the great information in the release notes.  I strongly encourage you to read it because it is a interesting read.

  • SP2 for Entourage 2004 released today

    Posted over 9 years ago
    by GerodS [MSFT]}

    Just read this in the news:  We are releasing SP2 for Office 2004 for Mac today.  This includes much needed fixes to Entourage, the Exchange client for Mac.

    http://www.microsoft.com/presspass/press/2005/sep05/09-20EnhancedEntourage2004PR.mspx

    It is available at http://www.microsoft.com/mac now.

    If you have Entourage clients, for your Exchange server 2003 you will want to make sure you have the fix at http://support.microsoft.com/kb/888619 installed.

    (Edit - SP2 is up there now...)

  • Event ID 8197 - MSExchangeFBPublish with error 0x80040111

    Posted over 9 years ago
    by GerodS [MSFT]}

    There is an article out there that addresses the issue that some of our customers are seeing:
    828764 "Event 8197" Error Message Is Logged Repeatedly in the Application Event
    http://support.microsoft.com/?id=828764

    It says that if you are getting this, there is a good chance that Exchange is trying to authenticate against a GC that doesn't have a trust with the domain that your Exchange 5.5 service account is in.  But...  How do you verify this?  Can you just look at the DSaccess tab on the Exchange server?  No.  As Jasper Kuria states in his post at http://blogs.technet.com/exchange/archive/2005/07/29/408394.aspx in this instance we don’t look at the output from DSAccess.  This is authentication, not an LDAP call.  In this case we look at the same GC that you would get if you were to run “nltest /dsgetdc: /gc”.  If you are getting 8197s on your Exchange servers, you can run this and see if you are getting a GC in another domain that doesn’t have an explicit trust with the domain that the Exchange 5.5 service account is in.  In fact if you have auditing on and look at the GC’s security logs you may see something similar to the following:

    Event Type:           Failure Audit
    Event Source:       Security
    Event Category:    Account Logon
    Event ID:                680
    Date:
    Time:
    User:                      NT AUTHORITY\SYSTEM
    Computer:             <GC Server Name>
    Description:
    Logon attempt by:                MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
    Logon account:    <Exchange 5.5 Service Account>
    Source Workstation:           <Exchange 2003 server>
    Error Code:           0xC0000064

    At this moment there are currently two workarounds:

    •  Create a two-way trust with the two domains. 
    •  Move the GC in the other domain to another site. 

    Hopefully this will help someone else who is seeing this...