Monday, February 28, 2005

Changing a Physical Address ... but who uses these?

So I saw in the newsgroup today, that folks actually still use a physical address for the building. :) Well, in this particular case, a business was merging and they wanted the same physical address for both places. How do you change this?

Simply open the server registry to:
HKLM\Software\Microsoft\SmallBusinessServer and change the values for:

  • Address1

  • Address2

  • City

  • State

  • ZIP

  • Country

Thursday, February 24, 2005

Using Mobility Tools outside of an SBS network

Surprisingly enough, I get asked many times about using mobility features outside of an SBS network. There have been instances when there is a Small Business VAP trying his hand at medium business, and wants to use the same tools, or perhaps there is a client that is remote to the network and cannot make a connection in. Whatever the reason, if you want the Same experience of configuring mobility on SBS outside of the network, this post is for you.

[Begin Warning]
I first wanted to give you a warning that the items described in this blog post are not tested, not supported, and you're on your own. While I'd be happy to answer any questions, if you choose to go down this road, you are on your own.
[End Warning]

There are two tools that work together to configure a mobile device. The first is Active Sync. It really doesn't matter which version is on the client for the configuration tool to work. It could be version 3.7, 3.7.1 or 3.8 . SBS 2003 deploys 3.7, and the SP1 will deploy 3.8.

The second tool is the sbsmobcfg.exe which actually stands for Small Business Server Mobile Device Configuration Utility.... but we just use the short name. :) This tool is pretty hardcoded as to where it looks for it's data. It performs the following tasks:

  1. Collect and push FQDN and NetBios domain name to the device

  2. Push the self-signed certificate to the device if it exists (note, this only works for 2003+ devices)

  3. Configure a default synch schedule for Inbox, Calendar and Contacts

Seems pretty simple doesn't it? It is.

So, how do you move this tool out of the network? Simply copy the C:\Program Files\Windows Small Business Server\Clients directory from a client computer setup by SBS with ActiveSync assigned to it, to another computer (perhaps the remote computer that cannot connect) in the same location. Then create a shortcut to sbsmobcfg.exe in the start menu. When the user is ready to configure their device, just have them click on the start menu icon, and the device will be configured!!

It's that easy.

There are some gotcha's though:

  • Changes made on the server do not automatically replicate down to clients configured by this methodology. So the directory will have to be re-copied

  • The mobile device is not automatically configured upon first connect, the user will have to click on the icon

  • The user will probably have to go through the getting connected wizard first, before they configure the device. They can put whatever they want in (as long as the username and password are correct) and the tool will change it to the correct items

So, that's all there is to it. Get Mobile!

Wednesday, February 23, 2005

Changing the OWA timeout

I use OWA quite a bit. I think that stems from having two Exchange accounts. One at work and one at home, and you can't have two Exchange accounts in one profile. (Boy would it be nice to have RPC/HTTP to my home server and to my work server at the same time!!)

Anyways, one of my biggest problems is I like to leave both mailboxes open all day long (No I'm not actually that popular, but I like to believe that I am). The problem is, when I choose "Private Computer" on the logon page to OWA, the extended timeout gets set, but that timeout is just not long enough.

A co-worker helped me find this article on Forms-Based Authentication in OWA 2003, which provides some insight.

Looking at the registry value of HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA\ there are two keys:

  • PublicClientTimeout - the time for when someone chooses a public client (default of 20 minutes)

  • TrustedClientTimeout - the time for when someone chooses a private client (default of 2 hours)

So changing this to 1440 (24 hours), I can stay logged in from work all day!

Tuesday, February 22, 2005

Changing the name of CompanyWeb

So this one came up in the SBS public newsgroup today. How do you change the name of the CompanyWeb, so internally it doesn't respond to http://CompanyWeb, but responds to something else?

Well, what I ended up doing (since I wanted mine to be called http://FamilyWeb), I simply went into the DNS snap-in and created a new Host(A) record (similar to companyweb) and pointed it to the same place as CompanyWeb. Then I went into the IIS snap-in and right clicked on the CompanyWeb virtual server and chose properties, then on the advanced button on the General tab, I make sure that the virtual server answers to http://FamilyWeb on port 80.

I was done! But why didn't I remove http://CompanyWeb from the list?

A lot of SBS features are hardcoded to look for http://companyWeb, such as the Import Files Wizard. So in an effort to reduce the errors in the features that the SBS Team provides, I let the site answer to http://companyweb, but told everyone to visit http://familyweb. Works like a charm.

However, Marina Ross (an MVP) today posted another tactic, which would also be used if if you wanted a second site in your network. Marina pointed to the FAQ on how to create a new SharePoint website. It includes pictures!

Enjoy this new found knowledge.

Friday, February 18, 2005

Request for Help ... Answering machine service for SBS

So, I was thinking today. I've done a lot of posting to this website, and probably helped a few people out with their issues. Why not get a little greedy and ask for help in return ....

I'm running SBS 2003 at home (as most of you probably know), and it has a modem in it. I don't do much faxing... because, well, email is cooler :). But what I would like, is some way to have an the server answer the actual phone with a message, and deliver the message into the specified exchange inbox.

I know there has to be something out there: Work does it. I don't have that kind of coin though. So I was hoping for a simple application that after X rings (configurable) it will answer the phone with a predetermined message that I can record with my mic that says something like:

You've reached, please press 1 for Sean, 2 for Kendra, etc. Then when the user presses one it says:Leave a message for Sean after the beep

Then once the message is left, the .wav file is delivered to the specified users inbox within Exchange.

It doesn't have to be exactly like that, but that's what I had in mind. Does anyone know of such an application? Help is greatly appreciated.

Sending Backup via FTP

So I was reading the SBS 2003 public newsgroup a few days ago, and one of the customers wanted to send backup files to an FTP site (for offsite storage).

This reminded me of what I did for my parents a few years back. When they wanted to backup their My Documents (they all share the same one, since its been like that for years) they would click on the backup icon on the desktop and it would send files to my server in Seattle over the internet. In the even of a harddrive failure, I could easily mail them a CD (or 2) with all their documents.

Of course the SBS backup files are a little larger than one CD, but who am I to tell you what to do with your bandwidth? I thought I'd share my learnings with my folks, and you can adapt it to meet your or your customers needs as you feel fit.

The first step is to create a "backup" batch file. The file should be called backup.cmd or backup.bat. The contents of this file are:

    @echo off
    ftp -vin -s:info.txt

Next you have to create the info.txt in the same directory as the batch file. The contents of this file are as follows:

    user [account_on_ftp_site]
    cd /[location_on_ftp_site_to_store_files]
    put [local_location_of_file]

Essentially, this will log into the FTP site, change to the approprate folder and put the file you want. You can do multiple puts if you want. The peice that I didn't show you here, was I compressed all the files into a big zip file; but seeing as the NTBackup file is already a single file, that won't help you.

So the next question is how do you place this into the backup process? Well, I would recommend doing this for one back-up a week, which will require some fancy batch programming, or simple scheduler work.

But this will get you started. I suspect the hardest part will be to get the name of the file you want to send. Perhaps the easier method would be to take the command line that bkprunner.exe uses (visible in each log file) and modify it to run natively using ntbackup to a file that you send offsite. That way you can name it the same thing each time and won't have this problem.

One other thing you might consider, is on the remote machine, setting up a scheduled task to rename the file (this will allow you to keep multiple offsite backups, since if the building falls down in the middle of the transfer, you have no offsite backup (since you have 1/2 a file on the ftp site) and all the onsite backups lost.

Hopefully this will help some of you who actually want to send GB of data over the wire.

Thursday, February 17, 2005

Full vs Simple when it comes to SQL

So you have SBS Premium (or you spent too much on SQL) and you're having issues backing up.

Well, you can do one of two things. You can install the hotfix for NTBackup (It's a free support call). However, while this will make your backups successful, the copy of SQL in your back-up will be corrupted and not available for restore.

The second option is to change your SQL databases to simple, by using the SQL Manager. You simply find the databases (Microsoft SQL Servers --> SQL Server Group --> SERVERNAME --> Databases. Right click and choose the properties on each database. On the Options tab, change the Recovery Mode from "Full" to "Simple". This essentially turns off up-to-the-minute restore (ie no log files). NTBackup will successfully backup your SQL databases, and will be able to restore it up to the time of the backup (which is pretty consistent with the rest of the SBS server). Unfortunately though, you will not be able to recover up to the minute of the failure. This is by far the easiest to configure.

The third and final option is to move your SQL databases to a volume that is not included in the backup. It has to be a seperate volume all together (not just a removed folder) since NTBackup envolks VSS writers based on what applications are installed on that volume. You can then use the SQL backup tools in the SQL enterprise manager to backup the SQL databases to a volume that *is* included in the backup, and then backup the backup files from the SQL backup. This of course makes the recovery of SQL somewhat time consuming. :)

Wednesday, February 16, 2005

Fast User Switching

I know, I've been slacking this week. I appologize for that. Red-eye flights across the continent for a weekend trip to visit the folks will cut into your ability to think straight and actually remember to post.

Anyways, Rambling finished.

Since I've been trying to get my media center set up at home on my domain so I can manage it from the server, I've been looking into Fast User Switching (FUS). FUS is the feature required to be running in order to support having media center extenders to function (the xbox, or just the regular one, although I'm not sure anyone would buy just the regular one when you can get the xbox for cheaper... unless of course the power off button is that important to you).

Well, I stumbled upon a posting at The Old New Thing, which I believe is one of most senior developers here at Microsoft. In his blog post, he mentions why FUS wasn't enabled on Windows XP clients. And moreover, he talks about LongHorn and states that it will! Very exciting news.

Enjoy reading his post.

Thursday, February 10, 2005

All Systems GO! for SBS Service Pack 1 Beta

As you know, the Microsoft Windows Small Business Server 2003 team here in Redmond has been working on delivering Service Pack 1 for Small Business Customers. This service pack is a roll-up of all the major SBS component service packs including:

  • Windows Server Service Pack 1

  • Exchange Server 2003 Service Pack 1

  • Windows SharePoint Service Service Pack 1

  • An update for Client Setup to deploy Windows XP Service Pack 2

  • Small Business Server Service Pack 1 Update
*SBS Premium includes more updates

This morning we sat in our standard team meeting to review status. Management across all diciplines gave the OK to ship the beta to our beta customers.

The SBS team looks forward to all the feedback on the Service Pack our beta testers throw at us. I believe our goal to maintain the high quality bar of SBS 2003 with the Service Pack is well underway.

Moreover, this morning we were fortunate enough to have some of our MVPs (via conference call) to witness this event. While the conference call was too early for one of our Auzzi MVPs, Wayne has already Blogged about the release.

Wednesday, February 09, 2005

Note to self ... Renew Domain *Before* it Expires

This is quite funny actually. Yesterday I was casually email folks only to get NDRs from some of them. The NDRs were stating:
There was an SMTP communication problem with the recipient's email server. Please contact your system administrator.
Now I was getting these from emailing my father. His ISP has *the* most agressive spam filtering I've ever seen. Naturally, like every other time, I was quick to jump on the bandwagon of blaming my father's ISP. Heck, he'd already lost 3-4 known real emails to this overly agressive spam filter. So I email them to complain.

At work that day, I decided it was time to check my home email (OWA comes in handy there) and I couldn't resolve my domain to save my life! Fortunately I have two domains pointed at my SBS box, so I used that one as a backup and was able to get to OWA. I started seeing the same message when emailing some of my friends.

Something was in fact wrong on my side.

Logging into my dynamic DNS server, I saw nothing astray, so I decided that I should email their support to ask for help. Then I had a thought. When the heck does this domain expire? Don't ask me why I thought of that. But sure enough *yesterday* was the day my domain expired. I quickly paid for 5 more years, and 9 hours later, my domain is up and running again.

So here is the bottom line. Computer's remember things. Right up to the minute if you ask them. Human's don't. Put this kind of stuff in your calendar so you get a reminder and your site isn't down for 15 hours while DNS replicates across the Internet.

Tuesday, February 08, 2005

Checking the Hidden Connection Menu on Outlook

So over the past few days, RPC over HTTP (or Outlook via the Internet) has been somewhat flaky. We found the root cause today, which of course I'll blog about eventually, that's not the point of today's post.

I was trying to figure out why Outlook via the Internet was so flaky. For some people it was connected, and for others it wasn't. The whole thing just seemed very odd.

Anyways, I wanted to share a new Outlook connection troubleshooting tactic with my avid readers in hopes that it saves you a little bit of time.

Outlook 2003 places an icon in the system tray. At first this annoyed me about the new version, but it's definitely growing on me. Especially with this little gem. Personally, I like the fact that you hide outlook when minimized. Clears up some task bar space when you're not doing mail at the present. There are plenty of other features you can enable/disable simply by right-clicking on it.

But what the Outlook folks don't tell you, is about the super-secret hidden menu option. Simply hold CTRL down when you right click and you'll get a new menu option!

Connection Status. Opening this dialog shows all the different connections that Outlook has to your server and what the status of that particular connection. It didn't help me in my particular issue, but I'm sure it will come in handy as a trick in a toolbox for you folks.

May your e-mail never be down.

Monday, February 07, 2005

Adding new Icons to SharePoint

So I know this has been posted about a billion times to other blogs. But I figured I might as well make my blog complete by telling you how to add your own icons (or change icons) that appear inside SharePoint for specific files.

The icon that I wanted to add was the movie icon for .mpg and .mpeg files. I simply opened up a folder in Windows Explorer and took a screen shot. Then I used my favourite simple picture editor (mspaint.exe) to strip out just the icon in question

Finally, I saved it up on the server under:%program files%\Common Files\Microsoft Shared\web server extensions\60\template\images as icmpeg.gif, which seems to be the convention for SharePoint.

The next step is to crack open the \template\xml\docicon.xml file in my favourite simple text editor (notepad.exe). I made a copy of this file first incase I screwed anything up. Then I searched for . I simply copied and pasted a new line from one of the existing icons and changed it three times (.mpg, .mpeg, and .avi).

Finally, I opened a run window and reset IIS using the command iisreset. Refreshing SharePoint caused the icon to show up immediately.

I can't take all the credit on this one, LauraJ had some good advice (and quite possibly some more information, if you get lost).

Icons are cool!

Friday, February 04, 2005

Exchange does things in the last second...

I spent some time trying to figure this out, so I figured I might as well post it here.

Exchange likes to do things in the last possible second when it comes to creating mailboxes or free/busy data.

That's right, when you're finished creating a user and their mailbox, the mailbox isn't actually created, Exchange just knows that it has to create a mailbox for this user. When the user logs in via Outlook Web Access (OWA) or Outlook, the mailbox is created the first time they log in. On the other hand, if a user tries to log into Outlook Mobile Access (OMA) browse or synch, as the first operation on their mailbox, the command will fail. This is because OMA does not create your mailbox. Simply log in to OWA or Outlook and create your mailbox, then synch or browse via your mobile device.

Additionally, the same is true for free/busy data. If you've never used your calendar, others cannot view your free/busy data because the store for you has not been created yet. Once you create your first calendar request or appointment, it takes up to 15 minutes for Outlook to tell the server that you now have free/busy data, and for others to view it.

Of course if your double booked every day from 8am - 6pm, you won't have that problem. Speaking of which... See you next week!

Thursday, February 03, 2005

Getting the Resultant Set of Policy from XP SP2 clients

Before the insecure days of Windows XP SP2, administrators who were using Group Policy were able to query the Resultant Set of Policy directly from the Group Policy Management Console. This is included by default in Small Business Server 2003.

With the installation of Windows XP SP2 on client computers, the windows firewall closes off the ports required to query the client. At least it does if you've got all your windows updates. :) If your Windows Firewalls are not turned on, you should really consider running the Update for Windows Small Business Server 2003: KB 872769 which configures Group Policy on your network to enable the firewalls on each client.

We did some research to make sure this is the most secure set of firewall configurations, without blocking too much functionality.

Now back to the question at hand. How can I get the RSOP of the client from the server? Well, I recently came across two methodologies for doing this.

  1. The first method is to modify your Group Policy settings on your network to open the ports and programs on each Windows Firewall enabled PC so you can have this functionality. To learn how to do this, simply follow the instructions at KB 883611. Once these steps are completed, you can query the RSOP whenever you like.

  2. The second method is more of a push methodology. Using the Group Policy Monitor, the client will send the RSOP to a location on the server each time policy is applied to it. This enables you to keep the ports closed for a more secure environment and still have the RSOP functionality available.

Those are the two main ways I've found to enable the query functionality, each have their pros and cons. Alternatively, you could use Remote Web WorkPlace, or Remote Assistance and load the desktop of the client up and run RSOP.msc from the client computer, and this does the exact same thing, no ports need to be opened in addition to the remote assistance ports.

Wednesday, February 02, 2005

Watch out! Exchange Recovery Groups!

So this is good times. Today I'm having trouble creating a user. I use the Add User Wizard and it reports success. Sure enough, the user appears in the Users' snap-in with no problems. But for some reason, this user can't use OWA (503 Item not found error) and they can't log onto Outlook either.

What's up?

The Add User Wizard creates the user in the first storage group it finds. If you've done an Exchange specific restore using the Exchange Recovery Group, the Add User Wizard places the users mailbox in this store. When the user tries to logon, they have no mailbox in the First Storage Group, and they fail to logon to their mailbox.

How do you fix this?

Well, simply remove the Exchange Recovery Group. Simply right click on the Recovery Storage Group and choose Delete. Once the only storage group left is the First Storage Group, you're good to add users using the Add User Wizard again!

Happy User Creating!

Tuesday, February 01, 2005

& CMD operator

ipconfig /release

Whoops, this was just a TS session, now the server has no connectivity, I have to get out of my office and go over to the server.

How many times have you done this? Well, I've done it a few times and it drives me nuts every time. Now I'm using a new command. I've found the "&" operator!

I simply type in "ipconfig /release & ipconfig /renew" at the command prompt, the system runs one after the other. to the TS session, it looks like a little bit of a lag, and you're reconnected! (if you get the same IP address of course).

I wonder what else I can use the & operator for where it actually makes sense. :)