Mailbox Move ‘StalledDueToMailboxLock’

KB ID 0001581

Problem

I was doing a migration from Exchange 2007 (on prem) to Exchange 2013 (on prem), this week. I had a number of mailboxes that were ‘StalledDueToMailboxLock‘.

Solution

Nice easy fix, on the Source and Destination Exchange severs, restart the ‘Microsoft Exchange Mailbox Replication Service‘.

Wont this break my Mailboxes! No, it will interrupt the migration process, (which is already stalled). But the actual ‘Live‘ mailbox, remains on the ‘Source Server‘, until the process is successfully completed anyway.

It can take a few minutes, (time for a coffee) but check and the process should now have resumed ‘CopyingMessages‘.

Related Articles, References, Credits, or External Links

NA

Setup RANCID and ViewVC (Part One)

KB ID 0001331

Problem

There are couple of good posts out there on setting up Rancid (Really Awesome New Cisco Config Differ). Some even show you how to set it up with ViewVC (Formally ViewVCS, basically a nice web based GUI front end, that does version control and highlights differences). It does this using a system called CVS (Concurrent Version System, hence the original name.)

Then I had to do some more searching to get it to back up my Cisco ASA firewalls and get the whole thing automated, which Ill cover in Part Two.

OS: CentOS 7 x64

Rancid: 3.4.1

ViewVC: 1.1.24

Solution

Once it’s built, let’s update our server;

[box]

yum upgrade
yum update
Answer any questions with 'y' for yes.

[/box]

Lets install all the components we need;

[box]

yum install nano wget ftp telnet mariadb-server mariadb perl tcl expect gcc cvs rcs httpd autoconf php-common php-gd php-pear php-pecl-memcache php-mysql php-xml mod_ssl MySQL-python

[/box]

We only need a simple web server, so set the firewall accordingly (I’m opening http (TCP 80) and https (TCP 443) but we will only configure http in this example);

[box]

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

[/box]

We have already installed Apache (web server), so we need to start it up, then set it to ‘auto-start’ with the server. Then create a group, and a user (rancid), and place that user in the group we created. Finally create a directory for us to ‘unzip’ rancid into.

[box]

systemctl enable httpd.service
systemctl start httpd.service
groupadd netadm
useradd -g netadm -c "Networking Backups" -d /home/rancid rancid
mkdir /home/rancid/tar

[/box]

Move into the directory, we just created then download RANCID, unzip it, then install it.

[box]

cd /home/rancid/tar/
wget ftp://ftp.shrubbery.net/pub/rancid/rancid-3.4.1.tar.gz
tar -zxvf rancid-3.4.1.tar.gz
cd rancid-3.4.1
./configure --prefix=/usr/local/rancid
make install

[/box]

Copy over the ‘clogin’ file, (more on this later). Then set the ownership and and permissions on the rancid files and directories.

[box]

cp cloginrc.sample /home/rancid/.cloginrc
chmod 0640 /home/rancid/.cloginrc
chown -R rancid:netadm /home/rancid/.cloginrc
chown -R rancid:netadm /usr/local/rancid/
chmod 775 /usr/local/rancid/

[/box]

Now to set the ‘top level’ groups. Above I’ve got Firewalls and Switches, you might want to create a group for each customer you are backing up, or each site. (the design is up to you), but these are the ‘folder names’ you will see when you first log into the ViewVC web front end. Next you need to edit the main Rancid configuration file;

[box]

nano /usr/local/rancid/etc/rancid.conf

[/box]

Uncomment and add your groups, i.e.
LIST_OF_GROUPS=”Firewalls Switches

Save and Exit the file, (in nano that’s CTRL+X, then Y to save, and finally {Enter}.) Now we need to change to the rancid user we created earlier, (remembering to swap back to ‘root’ afterwards). We do this to create the folder structure for the groups we just created. Most importantly this creates the router.db file(s) which lives in each group/folder. This file specifies what the devices are, and where they are, that you will be backing up.

[box]

su -rancid

Or 'su rancid' if you are logged in as root

/usr/local/rancid/bin/rancid-cvs
su

[/box]

Download and install ViewVC.

[box]

cd /home/rancid/tar/
wget http://viewvc.tigris.org/files/documents/3330/49471/viewvc-1.1.24.tar.gz
tar -zxvf viewvc-1.1.24.tar.gz
cd viewvc-1.1.24
./viewvc-install

[/box]

Open the ViewVC config file;

 

[box]

nano /usr/local/viewvc-1.1.24/viewvc.conf

[/box]

Uncomment and change the values, (as shown above).

root_parents = /usr/local/rancid/var/CVS : cvs
rcs_dir = /usr/local/bin
use_rcsparse = 1

Now to enable ViewVC to work with Apache, we need to copy over some CGI, and set some permissions.

[box]

cp /usr/local/viewvc-1.1.24/bin/cgi/*.cgi /var/www/cgi-bin
chmod +x /var/www/cgi-bin/*.cgi
chown apache:apache /var/www/cgi-bin/*.cgi

[/box]

Then in the Apache config file, scroll to the end and add the following text, (don’t forget to save and exit the file).

[box]

nano /etc/httpd/conf/httpd.conf

Paste the following (at the bottom)

# Custom Rancid Config

<VirtualHost>
        DocumentRoot /var/www
        ScriptAlias /cgi-bin/ "/var/www/cgi-bin"
        ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi
        ScriptAlias /query /var/www/cgi-bin/query.cgi
<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>
</VirtualHost>

[/box]

We already installed MariaDB, (similar to MySQL) earlier, we just need to start it up, then set it to auto start with the server. Out of the box, MariaDB is a little insecure, so there’s a process of hardening it called ‘mysql_secure_installation’.

Note: the first time you run the secure installation it will ask for a password, this is the root password for MariaDB NOT the Linux root password, this will be {blank} so just hit {Enter}, then Yes to set the password, and set the MySQL/MariaDB root password (NEVER LOSE OR FORGET THIS). You will need it in a minute anyway, for all the other questions simply press {Enter} to accept the defaults.

[box]

systemctl enable mariadb
systemctl start mariadb
sudo mysql_secure_installation

[/box]

Now that MariaDB is installed, we need to create a user in SQL that ViewVC will use, to do that we need to log into SQL using the root password you just setup.

[box]

mysql -u root -p
Enter your SQL root password
CREATE USER 'VIEWVC'@'localhost' IDENTIFIED BY ‘Password123’;
GRANT ALL PRIVILEGES ON *.* TO 'VIEWVC'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
quit

[/box]

Note: sometime it does not like you copying and pasting the first ‘CREATE USER…’ line, (I don’t know why.) If it complains, type it out manually!

Now that is set up we can get ViewVC to create its database.

[box]

cd /usr/local/viewvc-1.1.24/bin
./make-database

[/box]

Use the following settings when prompted;

MySQL Hostname (leave blank for default):{Enter}

MySQL Port (leave blank for default):{Enter}

MySQL User: VIEWVC

MySQL Password: Password123

ViewVC Database Name [default: ViewVC]:{Enter}

Then, (the same as you did earlier,) create another user in MariaDB, that will be a ‘read-only’ user.

[box]

mysql -u root -p
Enter your SQL root password
CREATE USER 'VIEWVCRO'@'localhost' IDENTIFIED BY ‘Password456’;
GRANT SELECT ON ViewVC.* TO 'VIEWVCRO'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
quit

[/box]

Edit the ViewVC configuration so that it uses all the parameters you have setup;

[box]

nano /usr/local/viewvc-1.1.24/viewvc.conf

[/box]

 

Un

Scroll down to the [csvdb] section, then uncomment and change the values shown (above,) so that look like.

enabled = 1
host = localhost
port = 3306
database_name = ViewVC
user = VIEWVC
passwd = Password123
readonly_user = VIEWVCRO
readonly_passwd = Password456

Then get ViewVC to ‘rebuild’ the database .

[box]

/usr/local/viewvc-1.1.24/bin/cvsdbadmin rebuild /usr/local/rancid/var/CVS/CVSROOT/

[/box]

Reboot the server, and if you browse to http://{ip-or-hostname}/viewvc you should see something like this;

 

In Part Two we will add some Cisco Devices (Switches and ASA Firewalls) and schedule the backups.

Related Articles, References, Credits, or External Links

NA

Public Folder Migration Error hr=0x80040111

KB ID 0001228

Problem

I usually follow my own documented process for migrating public folders to Exchange 2016. I did that this week, and this happened;

Error;

[box]

MapiExceptionLogonFailed: Unable to make connection to the server. (hr=0x80040111, ec=-2147221231)
Diagnostic context:
    Lid: 49064   dwParam: 0x1
    Lid: 37288   StoreEc: 0x6AB
    Lid: 49064   dwParam: 0x2
    Lid: 49191   EMSMDBMT.EcDoConnectEx called [length=178]
    Lid: 48679   EMSMDBMT.EcDoConnectEx returned [ec=0x80040111][length=56][latency=0]
    Lid: 45169   StoreEc: 0x80040111
    Lid: 50544   ClientVersion: 15.1.225.42
    Lid: 52080   StoreEc: 0x80040111
    Lid: 1494    ---- Remote Context Beg ----
    Lid: 22086
    Lid: 27206
    Lid: 39869
    Lid: 56893   StoreEc: 0x8004010F
    Lid: 44989
    Lid: 24684
    Lid: 20076   StoreEc: 0x80040111
    Lid: 29100
    Lid: 20396   StoreEc: 0x80040111
    Lid: 9486    StoreEc: 0x80040111
    Lid: 24492
    Lid: 18348   StoreEc: 0x80040111
    Lid: 26540   dwParam: 0xE0003
    Lid: 22444   dwParam: 0xC30001
    Lid: 1750    ---- Remote Context End ----
    Lid: 51152
    Lid: 52465   StoreEc: 0x80040111
    Lid: 60065
    Lid: 33777   StoreEc: 0x80040111
    Lid: 59805
    Lid: 52487   StoreEc: 0x80040111
    Lid: 19778
    Lid: 27970   StoreEc: 0x80040111
    Lid: 17730
    Lid: 25922   StoreEc: 0x80040111
    + CategoryInfo          : NotSpecified: (:) [New-PublicFolderMigrationRequest], RemoteTransientException
    + FullyQualifiedErrorId : [Server={New-Server},RequestId=6cbefa76-98ad-4a2e-bb33-237d7fd795fd,TimeStamp=03/08/2016 7:1
   7:17 PM] [FailureCategory=Cmdlet-MapiExceptionLogonFailed] 42728F13,Microsoft.Exchange.Management.Migraion.NewMgrationBatch
    + PSComputerName        : {new-server}

[/box]

Solution

Although it looks a pretty scary error, it’s quite straightforward to rectify. I was doing a migration and I’d moved all the mailboxes already, so I had dismounted and removed the mailbox database on the source Exchange server. (Exchange 2010). All I had to to was mount a mailbox database (I just created a new empty one, and mounted it.)

If I then tried to do the migration, it queued up properly!

Related Articles, References, Credits, or External Links

NA

Exchange 2016 Install Error ‘Skipping creating Discovery Arbitration Mailbox because of insufficient permission”

KB ID 0001221 

Problem

Note: Can also be seen on Exchange 2013.

While installing a new Exchange 2016 Server into a clients Exchange 2010 infrastructure last week, the setup failed with the following error.

A cutdown version of the error;

[box]

          Write-ExchangeSetupLog -Info ("Cannot find E-discovery arbitration mailbox with name=$name.");
          }
          }
          else
          {
          write-exchangesetuplog -info "Skipping creating Discovery Arbitration Mailbox because of insufficient permission."
          }
          }
        " was run: "Microsoft.Exchange.Data.DataValidationException: Database is mandatory on UserMailbox.
   at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow)
   at Microsoft.Exchange.Configuration.Tasks.DataAccessTask`1.Validate(TDataObject dataObject)
   at Microsoft.Exchange.Configuration.Tasks.SetTaskBase`1.InternalValidate()
   at Microsoft.Exchange.Configuration.Tasks.SetRecipientObjectTask`3.InternalValidate()
   at Microsoft.Exchange.Management.Common.SetMailEnabledRecipientObjectTask`3.InternalValidate()
   at Microsoft.Exchange.Management.RecipientTasks.SetUserBase`3.InternalValidate()
   at Microsoft.Exchange.Management.RecipientTasks.SetMailboxBase`3.InternalValidate()
   at Microsoft.Exchange.Management.RecipientTasks.SetMailbox.InternalValidate()
   at Microsoft.Exchange.Configuration.Tasks.Task.b__b()
   at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

[/box]

Click for the full Error.

Solution

This error is about arbitration mailboxes, so let’s have a look at those, (on my Exchange 2010 server, in the Exchange Shell).

[box]Get-Mailbox –Arbitration | Select Name,Database[/box]

As you can see I’ve got a system mailbox that is not attached to any database, (the one with the yellow error under it). So I simply need to associate that with a mailbox database.

[box]Set-Mailbox ‘{mailbox}’ –Database {Exchange-2010-Database} –Arbitration[/box]

Answer ‘A’ for ‘All’ when prompted.

Working Example

[box]Set-Mailbox ‘SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}’ –Database ‘Mailbox Database’ –Arbitration
[/box]

Now check the arbitration mailboxes again, and there should be no errors.

Re-run setup.exe from the Exchange install media again, and the install should detect the failed one, and let you continue from the point of failure.

Related Articles, References, Credits, or External Links

NA

Event ID 2937

KB ID 0000448 

Problem

Event ID 2937

Process edgetransport.exe () (PID=6156). Object [CN={mailbox database name},CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN={domain},CN=Microsoft Exchange,CN=Services,CN=Configuration,DC={domain},DC=com]. Property [PublicFolderDatabase] is set to value [{domain}.org/Configuration/Deleted Objects/Public Folder Store (EXCH2K3) DEL:b60ef8b9-09dd-41c5-9aec-af2a4cc4f33e], it is pointing to the Deleted Objects container in Active Directory. This property should be fixed as soon as possible.

In my case I had a mailbox database that was looking at a public folder database, that no longer existed. (It was on the old/removed Exchange 2003 server).

Solution

Disclaimer: OK this error comes in a lot of forms, and references lots of different processes other than edgetransport.exe. I tried all the stuff I found online to try and fix the problem. But non of them worked, (this error gets logged when the Exchange services start).

In the end I fixed it myself, and it was annoyingly easy.

1. Look in your error message to see the “Mail Database” that’s complaining, (In this example it’s called “Mailbox Database 1507786053”).

2. Launch Exchange system Manager > Organization Configuration > Mailbox > Database Management > Select the offending database > Right click > Properties > Client Settings.

3. Under “Default Public Folder Database” > Browse > Locate and select a live public folder database.

4. Then restart Exchange services (Or reboot).

 

Related Articles, References, Credits, or External Links

NA

vSphere – Virtual Center Server Service Stops

KB ID 0000479

Problem

If your VC Database reaches 4GB, the VMware Virtual Centre Server service will stop. A restart of it will result in the service stopping again within a minute.

You will also see see this event logged.

Description:

Could not allocate space for object ‘dbo.VPX_HOST_VM_CONFIG_OPTION’.’PK_VPX_HOST_VM_CONFIG_OPTION’ in database ‘VIM_VCDB’ because the ‘PRIMARY’ filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the file group.

Solution

1. Download and install the Microsft SQL Server Management Studio Express.

2. Connect to ServernameSQLEXP_VIM and login with Windows Authentication.

3. Expand databases > Expand VIM_VCDB > Expand Tables > Open table dbo.VPX_PARAMETER:

4. Modify event.maxAge to a be 30 > Modify event.maxAgeEnabled to value of true.

5. Modify task.maxAge to be 30 > Modify task.maxAgeEnabled to a value of true.

5. Then run the built in stored procedure: from the VCDB > Programmability > Stored Procedures.

6. Right Click dbo.cleanup_events_tasks_proc and click “Execute Stored Procedure”.

7. This will purge the data from tables: vpx_event, vpx_event_arg and vpx_task based on the date specified for maxAge.

8. When this has sucessfully completed, close the SQL Management Studio down > Then start the VMware Virtual Centre Server service.

 

Related Articles, References, Credits, or External Links

NA

GFI MailArchiver

Deploying GFI MailArchiver with Exchange 2010, Using the Outlook Connector, Importing and Exporting Data.

KB ID 0000666

Problem

I’ve been involved with Exchange for a long time, either being directly responsible for it, or supporting others that do. And like all systems it would run a lot smoother if you kept users away from it! But unfortunately you can’t, so your system is probably full of users “Deleted Items” and “Sent Items” and a copy of every email that some users have ever received “Because I might need them”. And for years I’ve been saying “It’s a messaging system not a file storage system” and lecturing users about tidying up their inbox. Yes you can setup retention policies but most people don’t.

Even if you do have conscientious users, some of them click “Yes” when Outlook asks them “Would you like to Auto-Archive your old messages now?” Then you have PST files all over the place getting corrupted and not getting backed up.

In addition, just as techs like me are shouting at users to delete things, businesses are now finding that they need to keep ALL their digital messaging for things like Sarbanes-Oxley and Freedom of Information enquiries. Yes I’m sure you back up your Exchange server but what if you needed to produce a message thread about a particular project that was two years ago in the middle of a month?

Archiving

Is the process of taking a copy of mail messages as they pass through Exchange and copying them off to an external location, in this case a database. The advantage of doing this is that database can be on cheaper midline storage and (potentially) keeps the Exchange database sizes down. With Exchange this is done by setting up Journaling (that’s the process of sending a copy of all [or specified] mail to a journal users mailbox). MailArchiver then takes this mail and put it into its database.

Advantages

1. Performance: Getting all the ‘Old’ Data out of the exchange databases makes them smaller, and more efficient.

2. Elimination of PST files: There’s a big list of reasons why I don’t like PST files. If you’ve ever had a user lose email because of them, then as far as they’re concerned its YOUR fault. There are tools to import PST file into the database, (and to export as well).

3. Disaster Recovery: How nice would it be, the next time users email message ‘disappears’ (Users never delete emails they just disappear), they could restore it themselves, from within Outlook. the Outlook Mail Connector software will do this. Also your backup window for Exchange will be a lot smaller.

4. Compliance: Saving a copy of all messages in a database has the advantage, that it’s searchable, and you can export the data you find in a format that you can import straight back into Exchange or send to someone.

5. Investigation: MailArchiver provides some powerful search and reporting tools. If your HR department needed to see who said what to who about projectXYZ then using conventional methods would be a nightmare.

Solution

GFI MailArchiver 2012 Installation and Configuration

Enabling Journaling in Exchange 2010

Note: GFI Mail Archive setup can do this for you but I prefer to do things manually.

1. Launch the Exchange System Management Console > Recipient Configuration > Mailbox > New Mailbox.

2. User Mailbox > Give it a name and set the password > Don’t create an archive > New > Finish.

3. Option 1: Standard Journaling can be enabled on a mailbox store > Organisational Configuration > Mailbox > Locate the store> Properties.

4. Maintenance tab > Tick Journal recipient then browse for the user you created > Apply OK.

5. Option 2: (Note: Requires an Exchange Enterprise CAL) This is set up using a Journaling rule > Organizational Configuration > Hub Transport > Journal Rules > New Journal Rule.

6. Give the rule a name > Browse for the user you created earlier > Set the scope (in most cases you will want global) > New > Finish.

7. To test it’s working send and email then log on as your ‘Journal’ user and make sure you have a copy in the inbox.

Installing GFI MailArchiver 2012

8. Before installing the GFI MailArchiver server needs the Exchange MAPI Client and Collaboration Data Objects 1.2.1 (Unless you are installing it on the Exchanges server).

9. Also (though not essential) I prefer to disable IE Enhanced Security Configuration, so IE wont get upset with the management console.

10. You can add the URL to trusted sites if you want, but I’m not a fan of IE ESC anyway so I simply disable it.

11. Now run the GFI MailArchiver installer.

12. Now this I DO LIKE, why can’t Exchange do this! These are the server pre-requisites, rather than just falling over and giving you an error (I’m looking at you Windows Exchange Developers!) It offers to do the hard work for you. It takes a while though, best go for a coffee at this point > Next > Select whether you want to check for a newer version > Accept the EULA > Set the destination folder > Next.

13. Here the default setting, WARNING if you already have web services on this server (or even UPS software using port 80), have a common sense check.

Note: If you are not sure, the following command will tell you if port 80 (http) is in use;

[box]netstat -aon | find “:80″[/box]

14. Select Install > Finish.

Configuring MailArchiver 2012

15. The GFI MailArchiver management console will launch > Configure.

16. Next.

17. Enter your licence key and select verify licence key > Next.

18. Next.

19. In this example I’m using the Firebird database, in a production environment you should be using SQL server > Next.

20. Change the paths if required > Enter some domain credentials> Next.

21. Next

22. Next

23. Next

24. I’m selecting Auto > Next

25. As I set the user up myself I’m choosing Manual > Next.

26. Exchange Web Services seems to be less problematic > Enter your Journal user account > Next.

27. Next.

28. Finish.

29. We are now up and configured.

GFI MailArchiver – Outlook Connector, Import and Export

GFI MailArchiver – Using the Outlook Connector

30. Firstly you need to enable ‘Mailbox Folder Structure Retrieval’ on the GFI server > Launch the MailArchiver Management console.

31. Mailbox Folder Structure Retrieval.

32. Change Settings.

33. Enter a user account to connect to Exchange Web Services with, here I’m using my domain admin, whichever account you use needs to have administrative access on the Exchange and the GFI server. It also (domain admin included) needs the following Powershell commands running on the Exchange server before it will work, (change the user name to match your own);

[box]New-ManagementScope -name “MAUMPolling” -recipientrestrictionfilter {recipienttype -eq “UserMailbox”}</p> <p>New-ManagementRoleAssignment -name “MAUMPollingRA” -role:applicationimpersonation -user “administrator@petenetlive.net” -customrecipientwritescope “MAUMpolling”[/box]

34. Next.

35. Finish.

Installing the Outlook Connector on a Client

36. I’ve already got a client PC setup with Outlook 2010.

37. I’m just connecting to the GFI servers management URL from the client and downloading the Outlook Connector.

Note: The versions are for Outlook 32 bit and Outlook 64 bit, even if your Windows client is 64 bit you may still be running 32 bit Outlook/Office. If you get it wrong it will tell you your version of Office is not supported.

38. Install the client software, accept the defaults, all you need to specify is the URL of the GFI MailArchiver server.

39. Now when your user opens Outlook, they get an additional mailbox called “GFI MailArchiver Mailbox” that carries a copy of ALL the users mail (Note: Not the mail from before the product was installed, to import that see the import section below, and choose ‘Import for Exchange mailbox’. In addition each user now has a MailArchiver tool bar from which they can search for their mails.

Note: If a user ‘loses’ a mail they can simply drag a copy from their GFI mailbox to their live inbox.

GFI MailArchiver – Importing Data from PST Files

Note: To do this the machine needs to have Outlook installed on it (and NOT Outlook 64 bit!)

40. Launch the GFI MailArchiver Import and Export Tool.

41. Import from .pst files.

42. Add PST file > Browse to your PST file > Open.

43. Select the folder(s) required > Next

44. Select a date range > Select the user that will own the imported data > Next.

Note: I’d rather have an “Import Everything” option!

45. When complete > Finish.

46. Now that user will have the imported mail as well (Note: The default view is “Emails in last 30 days” so don’t panic if you don’t see it all).

GFI MailArchiver – Exporting Data to PST File

47. Launch the GFI MailArchiver Import and Export Tool.

48. Enter the URL of the GFI server > Verify > Ensure it says OK > Next.

49. Select what you want to export (I’m going to search for email containing particular words) > Next.

50. Type in your search text > Find > Next.

51. Here you can restore the mail to a mailbox, export it to .msg or .eml format, or my old nemesis .pst files, I’ll choose the latter > Next.

52. And there’s my .pst file, ready to be sent out to satisfy my freedom of Information enquiry.

 

Related Articles, References, Credits, or External Links

NA

Malwarebytes – Manually Update Database/Definitions

KB ID 0000629

Problem

I was called to a 2003 Server yesterday, that was riddled with malware, whatever was on there was generating a lot of network traffic, so the first thing I did was disconnect it from the network.

That’s fine, but if I wanted to use my usual ‘weapon of choice’ Malwarebytes, how was I going to get the latest database installed?

Solution

WARNING: There is a note on the Malwarebytes website that discourages this procedure, as it breaks the incremental update mechanism of Malwarebytes. They recommend that you use this utility to do the job, and that it should be updated every week (though the page currently has December 2011 as the update date!) . In my case once the machine is clean, I’ll remove Malwarebytes and install Trend Worry Free on it anyway. Either way, I prefer to know for a fact I’m using the latest database.

1. Install and update Malwarebytes on a nice clean machine (In this case, my Windows 7 laptop).

2. Find out what version of Malwarebytes you are running (on the about tab).

3. Navigate to the following location, and take a copy of the rules.ref file, i.e. put a copy on a USB thumb drive.

Windows 7 / Vista / 2008 / 2008 R2

[box]C:ProgramDataMalwarebytesMalwarebytes’ Anti-Malware[/box]

Windows XP / 2000 / 2003 / 2003 R2

[box]C:Documents and SettingsAll UsersApplication DataMalwarebytesMalwarebytes’ Anti-Malware[/box]

4. If your version is 1.60 or newer you also need to take a copy of the database.conf file that’s in the same folder, but in the configuration folder.

5. Copy the file(s) to the corresponding folder(s) on the affected machine, and paste them over the copies that exist there.

6. Then launch Malwarebytes on the affected machine, and scan with the updated database.

 

Related Articles, References, Credits, or External Links

Spyware / Malware Rogue AV and Rogue Antispyware “Scareware”

Cannot Install Malwarebytes (Already Infected) – Deploy Chameleon

Windows – Getting Drivers for ‘Unknown Device’ or ‘Base System Device’

KB ID 0000699 

Problem

There’s nothing more annoying, you have just rebuilt your PC and you are missing some drivers. Everything appears to be working but there’s one (or more) devices in Device Manager with a yellow exclamation mark over them called ‘Unknown Device’ or ‘Base System Device”.

Solution

This solution is not a ‘Fix All’ for all situations, but it will point you in the right direction. Even if you can find out that the device is an “Intel chip called EL-XYZ” for example, some Google searching will get you the correct driver when you know what you are looking for.

1. So in device manager (Windows Key+R > devmgmt.msc{enter}). Here are two devices I don’t have drivers for, open the properties for the first one and select ‘Details’ > Change the property to ‘Hardware ID’.

2. Locate the Vendor ID (looks like VEN_{this number}) > Locate the Device ID (looks like DEV_{this number}) > Write them down.

3. Go to PCIDatabase, and search for either, (though the Device ID is your best bet).

4. Progress! Now we know it’s a JMicron Card Reader that needs a driver > There is a link to click as well.

5. Here we are lucky, it’s giving us the direct download form the vendors FTP site, you may not be as lucky, but a Google Search for “{device name} + {version of Windows} + {x64 or x32 bit} + {Driver}” should get you there.

How to Tell if Windows is 32 or 64 bit

6. I went to that FTP site, and after a bit of clicking about I downloaded the newest driver, (I scientifically picked the one with the biggest number!) And installed it.

. Device Working.

6. The second device didn’t have a handy link, but it told me it was a device made by “Validity” so I guessed it was the finger print reader on my laptop, and got the driver straight from Hewlett Packards site.

Drivers I’ve Had to Look For

I will add any odd ones that have been difficult to find below, (Note: There are literally millions of drivers, these are just the ones I’ve ever had to search for.)

PCIVEN_197B&DEV_2391&SUBSYS_1619103C&REV_3

USBVID_138A&PID_003C&REV_0086 

If you want me to add any you’ve add a nightmare locating, click the contact link below and send me the details.

Related Articles, References, Credits, or External Links

NA

Windows SBS – Moving the Windows Software Update Services Database (SUSDB.mdf)

KB ID 0000609

Problem

Last week a client rang in to say their servers system drive was running out of room. A quick scan showed me the biggest thing on there was a 12 GB database called SUSDB.mdf.

A few searches told me what I’d already guessed from the name, WSUS was the offender, so I set about moving it to their data drive that had lots of free space.

Solution

1. Launch the Windows SBS Console > Backup and Server Storage > Server Storage > Move Windows Update Repository Data.

2. If you are using third party backup software you may see this warning > OK.

3. Locate the Drive you want to Migrate TO and select it > Next.

4. This will move a few GB of data across to the new location. However it does NOT move the database itself.

5. To actually move the Database > Start > All Programs > Microsoft SQL Server 2005 > SQL server Management Studio Express, (Note: You may need to run as administrator).

6. Change the server name to the following and log in.

[box].pipeMSSQL$MICROSOFT##SSEEsqlquery[/box]

7. Expand Databases > Locate the SUSDB Database > Right Click > Detach.

8. Tick the “Drop Connections” box > OK.

9. I suggest you COPY the database from the system drive to the new drive.

10. Once its moved across, back in the SQL management studio > Right click Databases > attach.

11. Add.

12. Browse to the NEW location of the SUSDB.mdf file > OK.

13. OK.

14. Once the database is successfully added back in you can go back to the system drive and delete the original WSUS database.

15. When finished, it’s good practice to tidy up the database > From within the Window Server Update Services Console > Options > Server Cleanup Wizard.

16. Select All > Next > Prepare to wait A LONG TIME (this will probably take a few hours!)

17. When its finished you should see something like this.

Related Articles, References, Credits, or External Links

NA