Advertisements

Create VM from Powershell v3.0

Here $server is a variable where  number of VM’s defined, one can used .CSV file to import

$server= “VM1”, “VM2”, “VM3”
for ($i=0 ; $i -le ($server).Count ; $i++)
{
New-VM -Name $server[$i] -NewVHDPath “C:\Hyper-V\$($server[$i])\Virtual Hard Disks\$($server[$i]).vhdx” -NewVHDSizeBytes 32212254720 -BootDevice CD -MemoryStartupBytes 536870912 -Path C:\Hyper-V\ -SwitchName SurinHyper-v
}

Reinstalling Exchange 2010, got error for Offline address book

After uninstalling/Reinstall Exchange 2010, I got error “The nominated Exchange server for offline address book ‘Default Offline Address Book’ has been deleted. Nominate a valid server and restart setup.”

Resolution

I Deleted the OfflineAddress book from the ADSIEDIT

CN=Offline Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<Domain>DC=com

and restarted the Exchange setup and issue resolves.

Exchange 2010, Uninstalling Exchange server roles, receive following error

 

Issue

Setup encountered a problem while validating the state of Active Directory: Active Directory operation failed on Machinename.domain.com. The supplied credential for ‘domain\administrator’ is invalid.

Resolution

From command prompt,

Run control keymgr.dll and from Credential manager, delete Credentials matching with Exchange server name. There are three category, “Windows Credentials” “Certificate-based credentials” and “Generic Credentials”

In my case, I deleted all the parameters under all three category and restarted Uninstallation setup and uninstalled successfully

Receive Connector permission

From Technet

 

 

Receive connector permissions are assigned to security principals when you specify the permission groups for the connector. When a security principal establishes a session with a Receive connector, the Receive connector permissions determine whether the session is accepted and how the received messages are processed. The following table describes the permissions that can be assigned on a Receive connector to security principals. You can set Receive connector permissions by using the EMC or by using the PermissionGroups parameter with the Set-ReceiveConnector cmdlet in the Shell. To modify the default permissions for a Receive connector, you can also use the Add-ADPermission cmdlet.

Receive connector permissions

`Receive connector permission	Description
ms-Exch-SMTP-Submit	The session must be granted this permission or it will be unable to submit messages to this Receive connector. If a session doesn’t have this permission, the MAIL FROM and AUTH commands will fail.
ms-Exch-SMTP-Accept-Any-Recipient	This permission allows the session to relay messages through this connector. If this permission isn’t granted, only messages that are addressed to recipients in accepted domains are accepted by this connector.
ms-Exch-SMTP-Accept-Any-Sender	This permission allows the session to bypass the sender address spoofing check.
ms-Exch-SMTP-Accept-Authoritative-Domain-Sender	This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.
ms-Exch-SMTP-Accept-Authentication-Flag	This permission allows Exchange 2003 servers to submit messages from internal senders. Exchange 2010 will recognize the messages as being internal. The sender can declare the message as trusted. Messages that enter your Exchange system through anonymous submissions will be relayed through your Exchange organization with this flag in an untrusted state.
ms-Exch-Accept-Headers-Routing	This permission allows the session to submit a message that has all received headers intact. If this permission isn’t granted, the server will strip all received headers.
ms-Exch-Accept-Headers-Organization	This permission allows the session to submit a message that has all organization headers intact. Organization headers all start with X-MS-Exchange-Organization-. If this permission isn’t granted, the receiving server will strip all organization headers.
ms-Exch-Accept-Headers-Forest	This permission allows the session to submit a message that has all forest headers intact. Forest headers all start with X-MS-Exchange-Forest-. If this permission isn’t granted, the receiving server will strip all forest headers.
ms-Exch-Accept-Exch50	This permission allows the session to submit a message that contains the XEXCH50 command. This command is needed for interoperability with Exchange 2003. The XEXCH50 command provides data such as the spam confidence level (SCL) for the message.
ms-Exch-Bypass-Message-Size-Limit	This permission allows the session to submit a message that exceeds the message size restriction configured for the connector.
Ms-Exch-Bypass-Anti-Spam	This permission allows the session to bypass anti-spam filtering.

Mahabhart and Gokarna

Proceeding next to Gokarna celebrated over the three worlds, and which is situated, O best of kings, in the midst of the deep, and is reverenced by all the worlds, and where the gods headed by Brahma, and Rishis endued with wealth of asceticism, and spirits and Yakshas and Pisachas…worship the lord of Uma, one should worship Isana, fasting there for three nights. By this, one acquireth the merit of the horse-sacrifice, and the status of Ganapatya. By staying there for twelve nights, one’s soul is cleansed of all sins.

From The Mahabharata, written between 400 and 100 BCE

DON’T REJOIN TO FIX: The trust relationship between this workstation and the primary domain failed

 

DON’T REJOIN TO FIX: The trust relationship between this workstation and the primary domain failed :: Post by Dan Peterson

 

Resolution “:

Just change your computer password using netdom.exe!
netdom.exe resetpwd /s:<server> /ud:<user> /pd:*
<server> = a domain controller in the joined domain
<user> = DOMAIN\User format with rights to change the computer password

Here are the full steps:

1. You need to be able to get onto the machine. I normally just log in with the local Administrator account by typing, “.\Administrator” in the logon window. I hope you remember the password. If you’re creative and resourceful you can hack your way in without the password. Another option is to unplug the machine from the network and log in with domain user. You will be able to do disconnected authentication, but in the case of a reset machine, remember that you may have to use an old password. Your domain user’s cached credential has the same problem as the machine’s private secret.
2. You need to make sure you have netdom.exe. Where you get netdom.exe depends on what version of Windows you’re running. Windows Server 2008 and Windows Server 2008 R2 ship with netdom.exe you just have to enable the Active Directory Domain Services role. On Windows Vista and Windows 7 you can get it from the Remote Server Administration Tools (RSAT). Google can help you get them. For other platforms see this link: http://technet.microsoft.com/en-us/library/ee649281(WS.10).aspx”
3. Extra steps if the machine is a domain controller. If the broken machine is a domain controller it is a little bit more complicated, but still possible to fix the problem. I haven’t done this for a while, but I think this works:
   1. Turn off the Kerberos Key Distribution Center service. You can do this in the Services MMC snap-in. Set the startup type to Manual. Reboot.
   2. Remove the Kerberos ticket cache. A reboot will do this for you, or you can remove them using KerbTray.exe. You can get that tool here: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=17657
   3. Post change steps. Do these in conjunction with 5 below. Turn the Kerberos Key Distribution Center Service back on before rebooting. You should reboot the domain controller and then force replication in the Active Directory Sites and Services MMC snap-in.
4. Run netdom.exe to change the password.
   1. Open an administrative command prompt. On Windows platforms with UAC enabled, you will need to right-click on cmd.exe and select “run as Administrator”.
   2. Type the following command: netdom.exe resetpwd /s:<server> /ud:<user> /pd:*
5. Reboot the machine.

Here is more information on netdom.exe: http://support.microsoft.com/kb/325850