Time flies.  It’s now been 5 years since I completed the Exchange 2007 Microsoft Certified Master course in not so sunny Redmond.  That was MCM rotation 4, which was the last Exchange 2007 rotation.  If memory serves me correctly we started on the Monday the 2nd of November 2009 and finished on Saturday the 21st. 

During this Exchange love fest we had a total of 4 tests.  3 written tests and the qual lab.  After each week there would be a written test which covered the content from the preceding week.  For us it was on the following Monday.  Though in week 3 we had the week 2 content tested on the Monday, the week 3 exam on Friday and the qual lab the next day (Saturday).  Owch, that is still painful even thinking about it.  The below MCP exam transcript does not really do justice to the effort, cost and blood spent to earn each line….;.

One common comment is that this is a marathon of Exchange!  To get through it and stay healthy is a challenge. I elected to stay at the silver cloud hotel and walk to campus daily.  That 15 minute walk there and back at the end of the day was a blessing!  Before settling down to do more study at the end of a 12 hour day, I got into the habit of swimming in the highly chlorinated pool.  And to assist with memory retention whilst in building 40, paid many frequent visits to one of Starbucks coffee dispensing contraptions. 

Then there came the crazy little thing called the qual lab…

On the topic of other crazy little things, November the 24th is also the day that Freddie Mercury died.  *

Greg, as only Greg can/will do, blogged as we were doing the qual lab in his normal style: 17 Frowns and a Box of Donuts.  At the end of the day there were 10 happy souls, though only 9 knew about it.  One person thought that they had not completed the final task, but they had.  They just needed cached store data to expire and everything was perfect!

What has happened since that?  Lots of good stuff, and some bad…

Good Stuff

There was a great bunch of people in my rotation.  And to this day we still all help each other out and that is one of the best outcomes from the MCM.  The same is true for the wider MCM community.  These are the most passionate and capable people that you’d every dream of working with and it is a vibrant community.  Every day I learn some arcane aspect of Exchange. 

12 months after this we had a mini-reunion and a lot of MCM R4 came back to do the Exchange 2010 MCM upgrade course.  This was a beast.  Lots of content compressed into a single week, with a written exam at the end followed by yet another qual lab.  There were 25 people attending, all of which were existing MCMs and only half a dozen walked away fully upgraded.  Thankfully I was one of them, but it was rough.  I seem to remember not being able to sleep with my leg muscles going into spasm.  After completing the written test things  was a blur. Then the qual lab was done on vapours and RockStar (thanks for that Dan S!).  Did I say it was a tough week?

There used to be a nice page on the Microsoft learning (MSL) portion of Microsoft.com where you could see all the people who had passed MCM/MCA and agreed to their name being publically displayed.  Now there are a series of PDF files in lieu. 

Having my brain melted with all of the MCM content certainly helped the technical interviews when applying to Microsoft.  I’m still not really sure if Eric wanted to hire me for my technical acumen or since I was crazy enough to crack jokes with them whilst being interviewed.

Bad Stuff

I clearly remember being up late on a Friday evening in August, when an email popped up.  It was the Friday on a long weekend.  This was from MSL and it said that the MCM programme was being cut.  I read it.  Then re-read it and was wondering if the date was not the 1st of April.  Unfortunately the date was the 30th of August 2013 and the email was real. 

Neil has the content of letter posted, and there are some “interesting” comments. 

While I can understand that MSL has the right to change/cancel any one of its programmes, the way that all of the MCM programmes were cancelled was inexcusable.  IIRC there were non-exchange rotations currently in-progress when the news was released, and Exchange rotations starting in the near future.  When a standard MCP exam is scheduled to retire there is significant amount of notice given so people can plan accordingly.  One can only imagine why this was not also afforded to the MCM track.  An MCP exam costs $150 USD.  MCM was $18,500 or so….

The other not so good memory, relates to walking to the qual lab.  After drinking a can of RockStar I then walked to campus.  Half way up the hill I thought the scene in Alien featuring John Hurt was being re-enacted and my heart was about to detach itself.  That was the last time I drank that potion,  Well until the next qual lab!

Cheers,

Rhoderick

* – That was 1991.  Time certainly does fly. 

The venerable Remote Desktop Connection Manager (RDCMan) 2.2 was starting to show its age. 

After a slight hiatus, RDCMan 2.7 is now available.  Please say thank you to Julian Burger for the early Christmas present.  Remote Desktop Connection Manager (RDCMan) is a great tool to consolidate multiple RDP connections into a single window to prevent desktop clutter.

RDCMan 2.7 supports Windows 8, 8.1, Server 2012 and 2012 R2.

The tool can be obtained from the Microsoft download centre. 

Installation Pointers

There are a couple of things worth noting about the tool:

It will install into the x86 Program Files folder on a x64 machine: 

C:\Program Files (x86)\Microsoft\Remote Desktop Connection Manager

Do not save your custom RDG files in the installation folder, just in case your local workstation dies and the file is gone. I always keep my .RDG files in a  subfolder of My Documents, which is a redirected folder to a file server. 

The RDG files are portable, and you can share them within your organisation.  For example, when you get a new admin give them a copy of the RDG files and they are able to review your list of servers and get connected easily – assuming they have the permissions….

The help file is located in a sub directory called Resources,  - unsurprisingly this is called help.htm

2.7 Fixes & Features

From the above help file.  Please review the help file for details. 

New features

• Virtual machine connect-to-console support
• Client size options come from the application config file (RDCMan.exe.config) rather than being hard-coded.
• View.Client size.Custom menu item shows the current size
• View.Client size => From remote desktop size
• Option to hide the main menu until Alt is pressed. Hover over the window title also shows the menu.
• Added Smart groups
• Support for credential encryption with certificates
• Better handling of read-only files
• Added recently used servers virtual group
• New implementation of thumbnail view for more predictable navigation
• Thumbnail view remembers scroll position when changing groups, etc.
• Performance improvements when loading large files
• Allow scale-to-fit for docked servers (Display Settings.Scale docked remote desktop to fit window)
• Allow scale-to-fit for undocked servers (Display Settings.Scale undocked remote desktop to fit window)
• "Source" for inheritance in properties dialog is now a button to open the properties for the source node.
• Focus release pop up => changed to buttons, added minimize option.
• Added command-line "/noconnect" option to disable startup “reconnect servers” dialog
• Session menu items to send keys to the remote session, e.g. Ctrl+Alt+Del
• Session menu items to send actions to the remote session, e.g. display charms
• Domain="[display]" means use the display name for the domain name.

Bugs fixed

• Application is now DPI aware
• Undocking a server not visible in the client panel resulted in the client not being shown in undocked form.
• Ctrl+S shortcut didn’t work at all. It now works and always saves, even if there are no detected changes to the file.
• Shortcut keys didn’t work when focus was on a thumbnail.
• Add/delete profile in management tab. In same dialog instance, profiles are not updated. Similarly adding a new profile from combo doesn’t update the tab.
• Window title was not updated when selected node is removed and no new node selected (open a file, close the file.)
• Connect via keyboard didn’t always give focus when it should.
• Connected Group would always show itself upon connecting to a machine, regardless of setting.
• Selecting a built-in group then hiding via menu option didn’t work properly.
• Editing server/group properties did not always mark a file as changed.
• Non-changes could result in save prompts at exit. This should no longer happen.
• Activating the context menu via the keyboard button was not always operating on the correct node.
• Changing a server/group name doesn’t change window title if the server/group is currently selected.
• ALT+PAGEUP and ALT+PAGEDOWN hotkeys were switched. This is fixed for new installs—for existing files you’ll want to change on the [Tools.Options.Hot Keys] tab.
• /reset command line option wasn’t resetting all preferences
• “Server Tree” option from “Select server” focus release dialog didn’t show the server tree if it was hidden.
• New file directory now defaults to “Documents”.
• ListSessions dialog sometimes popped up in a weird location. Now placed within the main window
  

Finally and most importantly, please say a big thank you to Julian Burger the developer who wrote this and David Zazzo for working to get the tool released initially!!

Cheers,

Rhoderick

In some of the recent posts you will have noted that there have been some issues with VMware, and also network cards dropping packets in packets received discarded.  One symptom of this is that nodes will be removed from the cluster and EventID 1135 is logged into the System log.  EventID 1135  states that the Cluster node was removed from the active failover cluster membership.  In Exchange 2010/2013 this impacts the Database Availability Group (DAG) as the databases will be moved off that server. 

This is not good, and is something that warrants investigation.  

To facilitate this I wrote a quick script to review the number of EventID 1135 on Exchange servers in a DAG. 

The script is available in the TechNet gallery. 

It will loop through all Exchange 2010 servers that have the mailbox role, and for each of these servers then determine how may 1135 errors are present in the system event log.  The default value is to search back for the past 90 days.

As noted in this post for filtering PowerShell, you can edit the query to select different Exchange servers.

In order to try and improve performance a FilterHashTable was used rather than Where-object:

$Events = Get-WinEvent -ComputerName $ExchangeServer.Name -ErrorAction silentlycontinue -FilterHashtable @{logname='system'; ID=$EventIDToSearch; StartTime=$SearchDate}

The output data is saved into an array called $Output.  You can edit the script to choose where the data is displayed.  Either directly under each server as it is queried, at the end of processing or to a CSV file.  By default the other are REMMED out, and the contents of $Output are written to a CSV in the directory where the script is executed from. 

Comments and feedback are always welcome!

Cheers,

Rhoderick

In the November 2014 security bulletin there were 14 updates released.  The updates resolved security issues in IE, OLE and Schannel.  It is the latter that is worth calling out for attention since this is the basis of the Microsoft implementation of SSL. Exchange makes heavy use of SSL, and is typically connected to the Internet.

You can read about the other security details in the security bulletin summary.  CVE also has an entry for the issue.

MS14-066 / MS014-066 is pernicious for several reasons:

• It applies to all supported versions of Windows from Vista to  2012 R2
• Server core is affected (though Exchange is not supported on server core)
• There are no Microsoft workarounds
• There are no Microsoft mitigating factors
• To mitigate the risk you must patch
• The vulnerability allows remote code execution.

Update 16-11-2014:  KB 2992611 has information on known issues.

Update 18-11-2014: V2 of the bulletin was released.  Details from the update:

Reason for Revision: V2.0 (November 18, 2014): Bulletin revised to announce the reoffering of the 2992611 update to systems running Windows Server 2008 R2 and Windows Server 2012. The reoffering addresses known issues that a small number of customers experienced with the new TLS cipher suites that were included in the original release. Customers running Windows Server 2008 R2 or Windows Server 2012 who installed the 2992611
update prior to the November 18 reoffering should reapply the update. See Microsoft Knowledge Base Article 2992611 for more information

As of writing, the MSRC and other security assets do not report that there attacks in the wild since the issue was responsibly disclosed to Microsoft. However it is only a matter of time….

Call To Action

Test, Validate And Install this update ASAP

There are other security issues also resolved by this month’s security releases.  For example in TCP/IP which is MS14-070 / MS014-070.  The TCP/IP vulnerability is an elevation of privilege, whereas the Schannel vulnerability allows remote code execution.

Both are not good, so please let’s get our servers patched and protected!

Cheers,

Rhoderick

Since there will be a good few folks running Windows 10 who subscribe to the RSS feed, I though it would worthwhile sharing a recent issue I had with my Windows 10 laptop.  This is a Lenovo W530 with ample CPU, SSD and video card performance.  It should run like a beast, but the recently the graphics performance was terrible.  Clicking around between windows took seconds, and searching for applications on the start screen took 5 – 10 seconds.  It felt that glaciers were moving faster than this…

There have a couple of recent Windows Update driver releases for both the Nvidia and Intel cards.  Both were installed.  Prior to installing these driver updates, the video performance was OK.  

After upgrading to Windows 10 I had to go into the BIOS and tweak the display settings to stop the laptop from changing settings on the fly.  All was good and done at that point, well apparently not.

Turns out that there is a setting to allow the driver to revert the BIOS change that I’d just made, and since I had not locked the setting down it got changed and my performance suffered. 

This is not a brand new issue with Nvidia Optimus solutions.  For example take a peek here for some of the reasons behind why the two cards are used and why this also affects older models such as the W520.

Changing UEFI Settings

Since the laptop is UEFI based, I initiated the boot to hardware settings from Windows.  The full steps with screenshots are below for reference purposes.

Windows key + C brings up the charm from the start screen.  Click settings then change PC Settings in the lower right hand corner.  Then from Update and Recovery chose the Recovery  menu option, and then Advanced start-up on the right hand pane.   The machine will restart. 

Depending upon what hardware you have the BIOS setup options will vary.  This is from a Lenovo W530.  On the Config tab, select display:

The graphics device setting provides three options: 

1. Integrated Graphics
2. Discrete Graphics
3. NVIDIA Optimus

This is the setting that I had previously changed, and told the laptop to use the discrete option.  Job done!  Well, actually no because of the very next option.  Which I totally ignored the first time around…..

What is this option?  You can see it highlighted here, with a blurb on the right hand side.  From what I see this is Enabled by default.  This is what allowed the setting to be reverted.

This time around let’s disable it and lock in the option that we want.

Hopefully this provides some relief for those with slow displays.

Do leave a comment to say if it helped or not!

Steps to Restart UEFI Machine To Setup Options

You will then get something similar to the below.  This is Taken from a Windows 10 Preview installation.  Click the Advanced options

Then troubleshoot:

Then the UEFI Firmware Settings.  Then select restart. 

You will now be in the setup screen, and can follow the steps above.

Cheers,

Rhoderick