Fixyourcpu’s technical blog and tips

I’ve found that the steps to restore a Sharepoint farm can be quite complex.  Since the company I currently work for has become quite reliant on MOSS 2007 I started looking into how I would restore the server in the event of a failure where a new machine would not to be built.  This scenario involves a one server farm running MOSS 2007  with a SQL 2005 database.  The farm is backed up using Symantec BackupExec 12.5 agent.  By no means is this a comprehensive list of exact steps but it is a quick read of the general process and should help you if you are looking for what you need to document about your configuration and what info you might be missing.

What you’ll need to make the Restore easier:

• A backup of your Sharepoint farm made with Symantec BackupExec
• A list of your web applications and associated databases
• The build version of the farm
• A list of domain service accounts
• MOSS 2007 install media and key.

1. Install Windows, updates, IIS basically everything needed for a base install.
2. Install the BackupExec agent.
3. Ass any domain service accounts to local admins group.
4. Install MOSS 2007.  You need to also install any updates as well.  In my case I needed to install the WSS Sp1 update an then MOSS SP1.  If you try the restore to a different build number it won’t work in most cases.
5. Install SQL.
6. Run the Sharepoint Products and Technologies wizard.  Create a new farm.
7. Configure Sharepoint – This is  a good general overview of installing and configuring Sharepoint – http://blogs.msdn.com/martinkearn/archive/2007/03/28/how-to-install-sharepoint-server-2007-on-a-single-machine.aspx
8. On the Symantec server, go to restore, view by resource, browse to your old server and farm, check off the portal database.
9. Go to the MS Sharepoint Redirection, choose redirect Microsoft Sharepoint sets, enter your Portal url and server name.

dmw Sharepoint moss 2007 dr, sharepoint disaster recovery, sharepoint restore, symanec sharepoint agent

If you encounter this message when attempting to install Windows XP/Vista/Windows 7 drivers on a Windows 2003 Server x64 print server:  ”The specified location does not contain a compatible software driver for your device. If the location contains a driver, make sure it is designed to work with the Windows x64 Edition operating system.”

Copy the x86 drivers to a machine running Windows XP x86 or whichever OS you are trying to upload to the print server.  Browse to the server by going to \\servername, open the printers and faxes folder, highlight the printer, go to file,  server properties, drivers tab, add and browse to the location of the x86 drivers.  This makes the drivers available on the server and any machines connecting will be able to automatically download the correct driver.

dmw System Administration

I ran into an issue today where the sound on a Lenovo Thinkpad laptop running Windows XP Professional kept randomly not working. Even restarting did not fix. I checked all the normal places to make sure it was setup properly.  In windows everything was fine. I reinstalled the sound card driver and it started working but then later in the day stopped. Turns out Real Player had been opened, the volume set all the way down and then closed.  Even though it was closed Real Player was still running in the background processes and hence was controlling the sound.  Ending task on the process or raising the volume in the application fixed the issue. Hopefully this will help someone trying to solve an inexplicable issue with the sound on their laptop or desktop not working.

dmw Uncategorized no sound, sound not working, windows sounds

I recently needed to determine which Exchange 2007 users had IMAP4 and POP3 enabled and also review the logs to see which users actually access the server via either protocol.  These steps walk through how to determine which users are enabled for either IMAP4 or POP3 in Exchange 2007 and also how to turn on and view protocol logs to determine which users are accessing the server using the protocols.

I used Quest’s Powergui with the Exchange 2007 powerpack to do this – http://www.powergui.org/index.jspa.  Its free and a great tool if you don’t have it yet you should look into getting it.  Open Powergui, expand Exchange 2007, Client Access, User Configuration.  A list of the users will display in the middle, right click on the column header and check off PopEnabled and ImapEnabled.  You can now see which users are enabled and disabled.  You can also sort by any column by clicking the header.

You can setup a filter that will automatically show you only users that are POP3 enabled or IMAP4 enabled.  Click User Configuration then click the Filters button in the middle pane.  Click the drop down arrows and set them to  Property = ImapEnabled, Operator = Equal, Value = True.  You can save the Filter by clicking Save As entering a name and clicking OK.  A new script will appear under the User Configuration node which will automatically display only users with IMAP4 enabled.  You can do the same for POP3. 

Once you determine what users are enabled for IMAP4 or POP3 you’ll want to find out which users are actually accessing the server using the protocols so you can disable any that are not.  To enabled IMAP4 or POP3 protocol follow these instructions by Microssoft:

http://technet.microsoft.com/en-us/library/aa997690.aspx

Restart the service after making the change.

Once enabled you can use a tool like Logparser or if you only have a handful of users that are using IMAP/POP like I did just go to the log files and search it for their username.  You might want to search the log everyday for a few days before disabling IMAP/POP on the user accounts just to make sure they aren’t using it.

Imap logs are normally located here:  C:\Program Files\Microsoft\Exchange Server\Logging\Imap4 

You can open with notepad and search for the username.

dmw Exchange 2007 Exchange 2007, IMAP, POP, Powergui

After deploying an image and trying to boot windows you receive an error “There has been a signature failure”

This message comes up as a result of the active partition being set to boot from the built-in recovery partition on the hard drive.  Most Lenovo laptops come with a hidden recovery partition used for the rescue and recovery software.  To fix the issue get a bootable floppy disk or usb drive with fdisk.  Boot from the device and use Fdisk to set the proper mark the proper partition as active then run fdisk /mbr and restart.  You could also use a Ghost 2003 cd and run gdisk which is their version of fdisk.  Run gdisk 1 /act /pri:1 assuming you want partition 1 to be the active, bootable partition.

Boot to ghost 2003 cd\support gdisk, gdisk 1 /act /pri:1 to set the first partition as the active one or use fdisk and set partition 1 to active and run fdisk /mbr

dmw Uncategorized signature failure, symantec ghost

You may encounter an error “Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item” or “Your current security settings do not allow this action” when trying to copy a file locally or run an executable file from a network share when using a Windows 2003 Server virtual machine.  At first I thought since I was running into this issue on a newly created virtual server guest on Vmware Esx it might be related to Vmware permissions.  It turns out it was a very simple solution.  All I needed to do was uninstall the Internet Explorer Enhanced Security Configuration component from Add/Remove Programs.    Go to Add\Remove Programs, Add\Remove Windows Components, Uncheck Internet Explorer Enhanced Security Configuration in the list, click next and then finish.  

I only saw this error with virtual machines and not physical Windows 2003 servers.  After uninstalling the component you may have to restart for the change to take effect or just restart the explorer process.

dmw Uncategorized esx, virtual machine, vmware, windows 2003

1.  Open Exchange Management Console

2.  Drill down to Organization Configuration, Hub Transport and click on the Transport Rules tab.

3.  Right click and select New Transport Rule…

4.  Enter a name for the rule and description if desired and click next.

5.   Place a checkmark next to “from people” and “sent to users inside or outside the organization”.  On the bottom half of the screen click the people hyperlink, click add, select a person or group from the list and click ok.  Next click the “Inside” hyperlink and change the scope to outside.  Click next.

6.  Select an action you like to take.  I selected to bounce the message and notify the sender.  Click next.

7.  Choose an exception if desired then click next.

8.  Click New to create the rule.

You now have a rule that will prevent the selected user or group from sending any email outside your organization.  The rule can be enabled or disabled by right clicking it.  If a user tries to send an email and this transport rules applies to them they will receive a non-delivery report back in their inbox.

Delivery has failed to these recipients or distribution lists:

‘outsidemail@somedomain.com’
Your message wasn’t delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.

_____

Sent by Microsoft Exchange Server 2007

dmw Exchange 2007 Exchange 2007

I recently ran into an issue with a laptop where I could not access it via remote desktop or ping even though I was on the same network as it. It drove me nuts before I figured it out.  Here is what I did before I realized what was blocking access:

• Verified windows firewall was not blocking access.
• Verified I could rdp from the machine to the machine, open remote desktop on the machine with the issue simply connect to itself by name, ip or loopback.
• Verified tcp was working, ping loopback…reset the tcp/ip stack, ran winsock fix, lsp fix but found no issues.
• I uninstalled any unneeded programs and also my antivirus just to test.  Still had the issue.
• I rolled back from XP SP3 but still had the issue.

And then it dawned on me to check the Cisco vpn client.  The built-in firewall was running.  To disable I opened the client, right clicked the gold lock icon in the lower right hand corner and  deselected Stateful Firewall (Always On).  It started working as sooon as I did that.  I am not sure if that is a default setting or something I enabled inadvertently.  Next time I will think to check for any vpn clients and related issues much earlier in the process.  Vpns have been known to cause a variety of network issues since they work so closely with windows networking.

dmw Uncategorized ciso vpn firewall, rdp, rdp connection failure, remote desktop

The Conficker worm has been in the news a lot lately and for good reason.  If you want to make sure a machine is not infected BitDefender has setup a great service that can detect and remove the worm.  If you can’t get to the site from a computer and you suspect it may be infected go to a known clean machine and download the tool.  Then transer the tool to the suspect machine and run.  After it has been removed make sure you run Windows Updates to get Microsoft patch 958644 to close the vulnerability.

The BitDefender site is www.bdtools.net

dmw Uncategorized

I got an email from a person with a hotmail address the other day.  At the bottom of the email was an advertisement for Windows Live Skydrive with 25GB of free online storage.  That struck me as a very good deal as most free online backup and sharing services limit you to 2-5 GB.  Everyone should back up their files regularly.  Ask yourself what you are willing to lose if your computer is lost, stolen, or the hard drive just craps out.  Do you have your pictures, financial files, resume stored on your computer?  If so you should have that backed up.   Having worked in desktop support and system administration roles I know failed hard drives are a daily occurence.  The good news is there are great and free ways to backup your important files like Skydrive and others.  Some are strictly for backup and others like Skydrive allow you to share files, link pictures and videos to blogs…Here is a list of solutions to check out with a great comparison chart.  

http://lifehacker.com/5064688/online-storage-feature+by+feature-comparison-chart

dmw Uncategorized backups, free backup, online backup