exchange 2010 notes

I have just taken an exchange 2010 install (two nodes dag, two CAS/Hub transport servers) from 2010 RTM to 2010 SP1 Rollup 3v3 released on 27th of June 2011 I think.

The updates took way longer than anticipated. When SP1 is applied without any preparation will highlight a lot of pre-reqs. In practice I found the following were required:

– apply all Windows high priority updates
– install the filterpack64bit.exe

applying the service pack itself, happened without any problems on the non-mailbox server.

On the DAG it is important to:
– make sure that there are no mounted copies on the server on which the SP is applied.

the CAS servers may go into a frenzy, processing the queues accumulated in the process, no need to panick, things will go back to normal fairly quickly.


exporting mailboxes to pst’s. Exchange 2010 SP1 has a nice allows export of mailboxes to pst files, without the need for an outlook installation on the server, as it was the case on Exchange 2010 RTM.

the following steps will accomplish this:
– set the permissions:
New-ManagementRoleAssignment -Name “[name of the role assignment]” -SecurityGroup “[security group in AD]” -Role “Mailbox Import Export”
the AD security group needs to be universal; at least that was my case
– set a network path – make sure that “Exchange Trusted Subsystem” is given appropriate permission on the share
-the actual export of the mailbox to pst:
New-MailboxExportRequest -Mailbox [mailbox name] -FilePath “[the path to the desired pst file on the storage]”

get-MailboxExportRequest will display the status of the current exports

you can do this in bulk in two steps:

first identify the users (disabled users for example)

$mailboxname = get-mailbox -Server [Server Name] | where { &_.ExchangeUserAccountControl -match “AccountDisabled” }

then operate the export request on the variable:

$mailboxname | foreach-object {New-MailboxExportRequest -Mailbox $_ -filepath [the path to the pst storage]

waik – unattended install – united kingdom (great britain) localization

I’ve struggled to get rid of the first screen (asking for language, time zone and keyboard) when performing an install of Windows 2008 R2, using an answer file created with WAIK. It looks like I wasn’t the first to hit this problem. Windows will display forms where it hasn’t got the right answers. In my case I had to pay attention to the following:

  • UILanguage which needs to be en-US
  • InputLocale = 0809:00000809
  • TimeZone = GMT Standard Time

once the answer file is complete an image can be generated using the deployment tools command prompt so it can be mounted together with the windows iso:
oscdimg -n c:answer c:answer.iso

windows 2008 R2 random notes

I want to get some of the basic MCSE certs this year. I have been working in IT for a while now, but never got the time or the energy or maybe the talent to get certified. So this summer I want to change all that. I tend to make notes when I read, but this time I’ll do this online, on this page.


– promotion -> converts member servers to DC’s

– demotion -> converts DC’s to member servers

Terminal Services -> are now called Remote Desktop Services

winrs – windows remote shell; can be retrofited in xp and W2k3 – Microsoft kb: 936059

wevtutil.exe – command line version of eventviewer

SMB – “Server Message Block” – name of windows file server service

SYSVOL – builtin file share on every DC – keeps AD information (group policy and logon scripts among other things)

printer drivers attach themselves to the printer spooler service. So if a driver fails, it takes down the whole of the spooler service and all the other drivers with it. W2k8 R2 allow to isolate printer drivers within their own individual process.

64-bit builds of Windows require digitally signed kernel mode drivers – the operating system will allow you to install them with a warning, but those drivers will never actually load (however this can be disabled by: press F8->Advanced Boot Options->Disable Driver Signature Enforcement

DVD installation allows only a clean install not an upgrade

winver.exe shows version of windows installation.

RODC does not store passwords

Import-Module Servermanager – enables servermanager in powershell

-restart – automates restart in powershell (a restart will happen automatically if necessary)

there are various shortcuts:
ncpa.cpl – brings up network configuration
ctrl+shift+esc -> task manager

command line reference guide:

Permission Override:
deny overrides allow
– explicit allow overrides deny

set-up networking:

netsh interface set interface name="local area connection" newname="Internal"
netsh interface ipv4 set address name="Internal" source=static address= mask= gateway= 
netsh interface ipv4 add dnsserver name="Internal" address= index=1 

rename the computer:
netdom renamecomputer /newname: /userd:[] [/passwordd:[ | *]] /usero:[] [/passwordo:[ | *]] [/reboot[:]] [{/help | /?}]

netdom renamecomputer %computername% /newname:newdc1