more2know.nl

The Exchange Server Deployment Assistant has been enhanced to include support for configuring
rich coexistence for organizations interested in maintaining some users
on-premises with Exchange 2007 and some users hosted by Microsoft Office 365
Beta for enterprises in the cloud. This scenario is in addition to the existing
support for configuring rich coexistence between on-premises Exchange 2003
organizations and Office 365 Beta. The coexistence information is only available
in English at this time and additional rich coexistence support for Exchange
2010 will be added the Deployment Assistant soon.

Rich coexistence (“hybrid deployment”) offers organizations the ability to
extend the feature-rich experience and administrative control they have with
their existing on-premises Microsoft Exchange organization to the cloud. It
provides the seamless look and feel of a single Exchange organization between an
on-premises organization and a cloud-based organization. In addition,
coexistence can serve as an intermediate step to moving completely to a
cloud-based Exchange organization. This approach is different than the simple
exchange migration (“cutover migration”) and staged Exchange migration options
currently offered by Office 365 Beta outlined in E-Mail
Migration Overview.

http://technet.microsoft.com/en-us/exdeploy2010

We get a warning in OpsMgr/SCOM 2007 R2 from the Active Directory 2008 Management Pack. Active Directory is running fine but OpsMgr find something what seems like corruption.

We get Warnings from all the Domain Controllers “Script Based Test Failed to Complete“. And event id 1000 are show in the “OperationManager” event log on the DC.

Detail of an Warning:

AD Replication Monitoring : encountered a runtime error.
Failed to obtain the InfrastructureMaster using a well known GUID.
The error returned was: ‘Failed to get the ‘fSMORoleOwner’ attribute from the object ‘LDAP://nlnbdcsrv01.more2know.local/<WKGUID=2fbac1870ade11d297c400c04fd8d5cd, DC=ForestDnsZones,DC=more2know,DC=local>’.
The error returned was: ‘There is no such object on the server.’ (0×80072030)’ (0×80072030)

If you read the warning, The real error is “There is no such object on the server”

The problem is that the AD Attribute “fSMORoleOwner” for the infrastructureMaster is set to an Old DC. The value was “CN=NTDS Settings\0ADEL:b6bc57e7-dbbf-41e5-82d2-7bc4b166af3f,CN=<OLDServername>\0ADEL:ae94f589-9bd8-4ec3-af7f-54afaf662beb,CN=Servers,CN=<SiteName>,CN=Sites,CN=Configuration,DC=domain,DC=local”.
It was referencing an old DC that was demote a long time ago. It was demoted a long time ago. These settings are in the partition ForestDnsZones and DomainDNSZones.

We must have so change the value to the DN of the current Infrastructure Master. Microsoft has the seam error when you want to Run adprep /rodcprep. See. http://support.microsoft.com/kb/949257

1. Find out what the correct DN of the Infrastructure Master

1. Run Adsiedit.msc
2. Connect to the server which hold the infrastructure Role
3. Connect to CN=Configuration,DC=<domain>,DC=<suffix>.
4. Expand CN=Sites -> CN=”Site of the IM” -> CN=Servers -> CN=”Infrasturcte Master”
5. Open the Properties of CN=NTDS Settings
6. Find DistinguishedName and copy the value

2. Change the ForestDnsZone fSMORoleOwner

1. Run Adsiedit.msc
2. Connect to the server which hold the infrastructure Role
3. Connect to DC=ForestDnsZones,DC=<domain>,DC=<suffix>.
4. Open the properties for the Infrastructure object.
5. Check the fSMORoleOwner attribute.
   
6. Specify an infrastructure role owner that is online for the partition. You can do this by manually modifying the fSMORoleOwner attribute on the object.

The value is formatted like:

CN=NTDS Settings,CN=<hostname>,CN=Servers,CN=<sitename>,CN=Sites, CN=Configuration,DC=domain,DC=local

Connect to de Infrastructure Master (IM) and select ForestDnsZones

Change the fSMORoleOwner

3. Change the DomainDnsZone fSMORoleOwner

1. Run Adsiedit.msc
2. Connect to the server which hold the infrastructure Role
3. Connect to DC=DomainDnsZones,DC=<domain>,DC=<suffix>.
4. Open the properties for the Infrastructure object.
5. Check the fSMORoleOwner attribute.
   
6. Specify an infrastructure role owner that is online for the partition. You can do this by manually modifying the fSMORoleOwner attribute on the object.

   The value is formatted like:
   CN=NTDS Settings,CN=<hostname>,CN=Servers,CN=<sitename>,CN=Sites, CN=Configuration,DC=domain,DC=local

!! Note. You need to connect to the DC that currently is the Infrastructure FSMO. If you connect to any other DC you will get a error message saying “000020Ae: svcErr:DSID-031524F1, problem 5003 (WILL_NOT_PERFORM), data 0”

When you use Opsmgr to Monitor Data Protection Manager, and you find out that Opsmgr don’t discovery all the data from de DPM server.

The first thing you should notice is that you don’t get any alerts or warnings from the DPM server.

Issue: The DPM Discovery Failed.

First always check if Opsmgr discover all the data from the DPM servers. You can see all dicoverd information if you go to monitoring and expand the Management Pack “Data Protection Manager”.
By selecting “DPM Server State” you must see all the data from you DPM servers. If Discovery Fails you don’t see de DPM Servion, Number of protection Groups, ect.
When you monitor the Operation Manager eventlog on the DPM Servers you will see Eventid 21406.

Eventid 21406

The Problem is that you use an “&” string in a name of one of the protection Groups.
Change the name of the protection Group where you have used an “&” symbol . Restart the “System Center Management” and you should see that the discovery success.

The Exchange Team have been aware of a problem that impacts Exchange management tools on servers running Exchange 2010 on Windows Server 2008 SP2.

Note: Windows 2008 R2 systems do not seem to be impacted.

The symptoms of the problem are:

• Exchange Management Shell does not start
  
• Exchange Management Console does not start
  
• There might be a crash in Exchange Mailbox Replication Service (it is not clear yet if this is related)
  
• Event Viewer might have trouble opening
  

The following events could be logged in the Application event log:

• Event ID: 1023
  Source: .NET Runtime
  Event ID: 1023
  Level: Error
  Description: .NET Runtime version 2.0.50727.5653 – Fatal Execution Engine Error (000007FEF9216D36) (80131506)
  
• Event ID: 1000
  Source: Application Error
  Level: Error
  Description: Faulting application PowerShell.exe, version 6.0.6002.18111, time stamp 0x4acfacc6, faulting module mscorwks.dll, version 2.0.50727.5653, time stamp 0x4d54a59c, exception code 0xc0000005, fault offset 0x00000000001d9e19, process id 0x%9, application start time 0x%10.
  

While Microsoft is still investigating this problem, the failures seem to start after the .NET security update KB 2449742 (MS11-028) is installed. The only workaround that we have identified up to now is a removal of this security update.

Warning: We Microsoft not recommend that you uninstall any security updates, but Microsoft are providing this information so that you can implement this procedure at your own discretion. Use this procedure at your own risk. Removing a security update could may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses.