Posted by sveng on 3. Januar 2009 under Directory Creator | 
After several months without development, a new version of the AGDLP Directory Creator is going to be released soon. The new version will include, aside several minor bugfixes, the possibility to set the AGDLP permissions to directories which have already been created. The currently published version stops with an error message if a directory already exists. There are also ideas to give the user the choice between several AGDLP “profiles” which describe the way how the groups should be created and grouped. If you have any comments or feature requests, please feel free to send me an E-Mail.
Posted by sveng on 11. Juli 2008 under IT |
We encountered a big problem after applying the Rollup Package 3 for Exchange 2007 SP1. After installing the update on our frontend and backend servers the OWA website suddenly stopped working. (blank page at owalogon.asp)
After uninstalling the update everything worked again.
This problem is re-producible and I’ve already heard of some other companies who had the same problem. Therefore I don’t suggest to install the Rollup at least until the next package comes out.
Posted by sveng on 1. Juli 2008 under IT |
If everyone experiences the problem, that the SMTP service on a Windows Server 2008 is not logging, despite it is activated, then here is a solution which I found on Steve Schofields Weblog under this address:
http://weblogs.asp.net/steveschofield
The logging functionality is depended on the “ODBC Logging Module” Role Service and it doesn’t work without it.
1. Install the ODBC Logging Module (use the Server Manager to add it as a Role Service)
2. Stop / Start the SMTP Service
3. Verify your SMTP service is configured for logging. It’s not activated by default.
4. Simulate SMTP traffic by using the telnet console. See http://support.microsoft.com/kb/153119 for how to use telnet for simulating SMTP commands.
5. Check your logging folder
Posted by sveng on under IT |
This article describes the necessary steps for how to export “Windows Server 2003″-based DNS zones and import them to a “Windows Server 2008″-based DNS server.
Export procedure on Windows Server 2003
- Open the Registry Editor (regedit.exe) and browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones
- Export that key to a file by right clicking it and selecting “Export”
- Open the Windows Explorer and locate the following path: %windir%\system32\dns
- Copy all *.dns files to a temporary folder
Import procedure on Windows Server 2008
- If this is a fresh DNS server installation you need to create a temporary DNS zone which can be deleted later. I currently don’t know why this has to be done but otherwise it won’t display the imported DNS zone later
- Import the *.reg file with the exported Registry keys by simply double clicking it
- Copy the saved *.dns files to the directory %windir%\system32\dns. Please note, that this path is the same on the 64bit variant of Windows Server 2008.
- Restart the DNS server service
- All DNS zones should now be visible in the DNS Managent Consolein the “Server Manager”
Posted by sveng on 22. April 2008 under IT |
We had several problems setting up “Outlook Anywhere” on a Windows Server 2008 with Exchange 2007 SP1.
When configuring the Exchange 2007 server for the “Client Access” feature from within the Exchange Management Console, everything like OWA or Server Active Sync worked at once but when trying to access a users mailbox via Outlook 2007 using the “Outlook Anywhere” feature, the former RPC-over-HTTP, user’s always got the logon screen and weren’t able to authenticate.
When configuring the authentication manually in IIS it automatically switched back to the old setting after 30 minutes. This behavior is caused by the Authentication setting for Outlook Anywhere in the Exchange 2007 Management Console. When “Basic Authentication” is set it will delete the IIS setting for integrated Windows Authentication and vice versa. After setting it to “NTLM Authentication” the problem was solved because we set NTLM in our Outlook installations.
However I still don’t know why Microsoft doesn’t allow both authentication types and enforces only one. With our former Exchange 2003 frontend we allowed both authentication types.
Posted by sveng on 7. April 2008 under Directory Creator |
My project, the “A-G-DL-P Directory Creator”, is now available on Sourceforge.
I took this step because I wanted to create an easy and public way for users to discuss features or problems.
The corresponding website can be found here: http://sourceforge.net/projects/directorycreato
Posted by sveng on 20. März 2008 under Directory Creator |
I’ve written a small program which will assist you at creating directories on your fileserver and will automatically create and group all corresponding domain local and global groups in Active Directory.
After creating those groups it also links the domain local groups to the created directories.
If you are interested in that program (don’t worry, it’s freeware :)) please let me know and send me an E-Mail to blog@gold-nuggets.net
You can view a screenshot here: screenshot
Posted by sveng on 19. März 2008 under IT |
According to the Microsoft Partner Newsletter and Heise.de Microsoft has finally released Service Pack 1 for Windows Vista. However, it is currently not clear if the problems which arised after the first release in February have been fixed in the new release. Some customers experienced problems after the installation of SP1 (repeated installation after every reboot…). Due to Microsoft some drivers were responsible for that failure but they haven’t published a list of the faulty drivers yet.
Therefore it is currently not clear if these drivers have been fixed or not. Microsoft recommends every user to make a backup prior to installing the Service Pack.
I have decided to wait a few weeks longer until I update my system because I have been one of the lucky persons who had problems with the February release. 
Posted by sveng on 14. März 2008 under IT |
Currently it’s not possible to directly secure Exchange RPC-over-HTTP with RSA SecurID because Outlook has it’s own logon screen for that service and there is no RSA plugin available which could replace that window.
However here’s a possible workaround I’m currently testing. Maybe it’s giving some of you ideas for your own solution.
Since it is not possible to directly secure RPC-over-HTTP with RSA SecurID (or a similar product), it would be possible to secure a website with it.
Therefore you could set up a website with an RSA login which, after successfully logging in, enables the user to access the internal RPC-over-HTTP frontend server. Such a setup would be possible for example with Cisco WebVPN or Cisco SSL VPN (I’ve heard of companies who also use a Checkpoint firewall for such a setup). However if you published OWA and RPC-over-HTTP and both services reside on the same server, you need to make sure that the RPC-over-HTTP service will be blocked for direct access. Such a setup would be possible with Microsoft’s ISA Server where you can specify published resources by their URL.
I”’ keep you informed about any experiences I make in my test environment and whether this will be a practical solution.
Posted by sveng on 13. März 2008 under IT |
On 29th February 2008 Microsoft published a new knowledge base article which provides a fix for the problem that Certificate Enrollment Pages on a Windows Server 2003 can’t be properly used from a Windows Vista / Windows Server 2008 machine.
The full article is available here: http://support.microsoft.com/kb/922706
