Microsoft

Tech Short: PowerShell to list users in AD security group

You want to get a list of users who exist as members of a AD (Active Directory) security group. Here are some quick steps on accomplishing this task.

Lets begin:

  1. Open PowerShell or PowerShell ISE
  2. Type Import-Module ActiveDirectory
  3. Followed by Get-ADGroupMember -identity “Group Name” | select name | Out-GridView

And there you go, fast and simple to do.

 

Tech Short: Stop and Start Lync Services On A Server

How can I take on this task, let me count the ways…

After installing a new certificate on our Lync server I needed to restart the services to complete the change.  I was able to do this with two powershell commands.

Stop Services

Start Services

 

Windows 10 Windows Updates using P2P Technology

Hey Folks,

It seems that Windows 10 has the capability of downloading Windows updates using a peer-to-peer (P2P) protocol. Seems like a smart move to deliver their software to end users. After all we are all connected these days.

The new option that allows Windows 10 users to enable this feature that will speed up downloads due to its ability to download apps and OS updates from multiple sources to obtain them more quickly. Updates with a Bit-torrent twist.

These setting to be made to allow only updates from local networked peers or anyone available on the internet.

Tech Short: Install Applications on a Remote Desktop Server 2012

When using a Terminal Server a special method is required when installing applications. The server needs to be placed into installation mode for successful install of applications that are used in this muti-user environment

Change your user mode to installation mode by using the following command:

When you have completed all application installations

Change the server back to execution mode by using the following command:

Please note:  These commands should be run as administrator

 

Get Windows 10 Technical Preview – March Update

Yes its close, very close so why not get to testing out the latest version of Windows 10 build 10041.

Keep in mind that this is an early build of Windows 10 so issues may exist; however I’ve not run into many worth mentioning

 

The download links can be found here

Product key: NKJFK-GPHP7-G8C3J-P6JXR-HQRJR

 

Office 365: Errors during cutover migration

This is an error I’ve received when running a cut-over migration batch in Office 365.

  1. Error: ProvisioningFailedException: The parameters passed to the cmdlet represent a managed account, which doesn‎’t match the namespace state, which is federated.

I’ve reached out to support, to help me troubleshoot this.  So far there hasn’t been much I’ve been able to find online regarding my situation.

More to be shared as soon as I have additional information.

Update – 02/04/2015

With the idea that this may have something do with our domain being federated as we had already setup a ADFS server when we were configured for Hybrid.

So let’s recap on the Error: ProvisioningFailedException: The parameters passed to the cmdlet represent a managed account, which doesn’t match the namespace state, which is federated.

Focusing on the message above I was able to find do some research to research based on some blog searches that indicated the issue was with our federation status.
I ran the following command from our ADFS Server: Get-MsolDomain

Results:

I had also reviewed the setting using Get-MsolDomainFederationSettings followd by the federation properties with Get-MsolFederationProperty

Using the Get-MsolDomain I was able to identify that the domain for jermsmit.com was verified and also had a federated authentication status.

I change this back to Managed by running the following command:

This was verified by running the Get-MsolDomain to check my results.  And that worked.

I then moved forward by deleting the current failed batch; which took some time.  Once deleted, created a new batch.  At this time the cut-over migration sync is working

 

– Jermal

Notes:  To run the commands in this post you need connect the active directory power shell to your office 365 account – http://jermsmit.com/azure-active-directory-module-for-windows-powershell-how-to-connect/

 

Disable Windows Firewall On Windows Server 2012 R2 Server Core

After my install of Windows Server 2012 R2 Server Core, I wanted to manage the system via RSAT and Remote Desktop. However the firewall was preventing me from completing such tasks. That said, this is how we can disable the firewall

From the command prompt type the following command:

 

Microsoft Security Bulletin: Windows, IE, Exchange and Office

Microsoft has released their Advance Notification for the December 2014 security bulletins. There will be a total of seven bulletins, three of which will update critical vulnerabilities. 

Critical update affects Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008

The critical update also affect Exchange Email Product Line as well as Office 2010. Office 2013 and even Office Web Apps.

So it looks like there is a need to patch as soon as these are released.

Don’t forget to patch, and update your  MSRT (Malicious Software Removal Tool)

Source:  zdnet

For more info and details:  Microsoft Security Bulletin Advance Notification for December 2014

https://technet.microsoft.com/library/security/ms14-dec

Windows Identity Foundation Install Issue

Setting up a new installation of Lync Server 2013 I encountered an issue  after being notified b the Lync Server 2013 install prerequisite check that Windows Identity Foundation was required.

I found my way to the download site and grabbed what I though was the correct install where I got the following error: Installer encountered an error: 0x80096002

Eventually I discovered that Windows Identity Foundation is a feature and I just needed to activate it via the Server Manager.

So if you have this problem just jump into Add Roles and Features and look for  Windows Identity Foundation 3.5.

What I was looking for was right in front of me and I didn’t even see it.  Such is many thinks in life.

 

Fixed POP3 Service after Exchange 2013 CU6

In a previous post I wrote about my Exchange 2013 CU6 Adventure and how it caused my Exchange Replication Services to crash.

That wasn’t the only issues faced after updating to CU6.  It seems that the CU6 upgrade had crippled my ability to use the POP3 service.

I have been waiting for a week now for Microsoft to get back to me regarding a solution.  But I was able to find one else ware thanks to Jason (Izzy) Sherry’s Blog Post: Exchange 2013 POP3 service drops connections fix

Symptoms:

  • Exchange 2013 POP3 request fail from remote hosts
  • Exchange 2013 POP3 request respond from localhost

Troubleshooting Steps:

  • Restart POP3 and POP3 Back-end Services
  • Reconfigure Exchange POP3 Local IP Address
  • Check server for firewall
  • Check if 3rd party antivirus may be intercepting POP3 requests
  • Inspect traffic using Wireshark

Solution Steps Followed:

In Exchange Powershell type:
Get-ServerComponentstate -Identity SERVERNAME

This will list the Server Component States

Server Component State
SERVERNAME ServerWideOffline Active
SERVERNAME HubTransport Active
SERVERNAME FrontendTransport Active
SERVERNAME Monitoring Active
SERVERNAME RecoveryActionsEnabled Active
SERVERNAME AutoDiscoverProxy Active
SERVERNAME ActiveSyncProxy Active
SERVERNAME EcpProxy Active
SERVERNAME EwsProxy Active
SERVERNAME ImapProxy Active
SERVERNAME OabProxy Active
SERVERNAME OwaProxy Active
SERVERNAME PopProxy Inactive
SERVERNAME PushNotificationsProxy Active
SERVERNAME RpsProxy Active
SERVERNAME RwsProxy Active
SERVERNAME RpcProxy Active
SERVERNAME UMCallRouter Active
SERVERNAME XropProxy Active
SERVERNAME HttpProxyAvailabilityGroup Active
SERVERNAME ForwardSyncDaemon Active
SERVERNAME ProvisioningRps Active
SERVERNAME MapiProxy Active
SERVERNAME EdgeTransport Active
SERVERNAME HighAvailability Active
SERVERNAME SharedCache Active

 

Now that you have identified the issue; as you can see POPProxy is set to Inactive we need to now set it back to Active

So we issue the following command:

Set-ServerComponentState -Identity SERVERNAME -Component PopProxy -Requester HealthAPI -State Active

As soon as you do this the POP3 Service start to respond again.

Problem now fixed, cause is still unknown. The only thing known in my case is that this occurred after installing Exchange 2013 CU6