Connections From Machines That Don’t Map to Sites?

KB ID 0001635

Problem

I was troubleshooting some replication issues for a client, and carried out a dcdiag on one of their domain controllers, and saw this;

 Starting test: SystemLog
A warning event occurred. EventID: 0x000016AF
Time Generated: xx/xx/xxxx xx:xx:xx
Event String:
During the past 4.21 hours there have been {xxx} connections to this Domain Controller from client machines whose IP addresses don’t map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client’s site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites. The names and IP addresses of the clients in question have been logged on this computer in the following log file ‘%SystemRoot%\debug\netlogon.log’ and, potentially, in the log file ‘%SystemRoot%\debug\netlogon.bak’ created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text ‘NO_CLIENT_SITE:’. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize’; the default is 20000000 bytes. The current maximum size is 20000000 bytes. To set a different maximum size, create the above registry value and set the desired maximum size in bytes.

Solution

On the DC in question, Windows Key+R > %Systemroot%\debug\netlogon.log > OK > There’s you missing subnet!

Go to Active Directory Sites and Services, add the missing subnet, and allocate it to the correct site.

Related Articles, References, Credits, or External Links

NA

Event ID 1026

KB ID 0000134 

Problem

Event ID 1026

The DNS server was unable to create a name in memory for name “<host name>” in zone “<zone name>” in the Active Directory. This directory name is ignored. Use the DNS console to recreate the records associated with this name or check that the Active Directory is functioning properly and reload the zone. The event data contains the error. 

DNS cant be updated with the name of something thats trying to add itself to DNS.

Solution

  1. This is due to DNS nodes that have characters in them windows does not like (e.g. ! ‘ etc) you can delete them in the following way
  2. Start > run > dsa.msc
  3. View > Advanced Features
  4. Domain name > System > Microsoft DNS
  5. Note any records for reverse DNS zones that longer exist should be removed from here at this point
  6. Then locate then offending entries (they will have a type of ‘dnsnode’) and delete them.

However if you have machines on the network that are going to “re-register” themselves (e.g Apple Mac’s Firewalls and routers – then the problem will reoccur)

If the problem does reoccurs then you need to go to the DNS server and ALLOW names it does not allow by default (note this is not recommended by Microsoft) If you want to do this.

 

      • On the DNS server Start > Administrative tools > DNS
      • Right click the server name > properties > Advanced
      • Change the Name Checking section to “All Names”
      • Restart the DNS Server service (or right click the Server name > All tasks > Restart

 

Related Articles, References, Credits, or External Links

NA

Event ID 4004 and 4015

KB ID 0000133 

Problem

Event 4004 and 4015

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is “”. The event data contains the error.

and

The DNS server was unable to complete directory service enumeration of zone .. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is “”. The event data contains the error.

If the 4004 and 4015 events only appear at start up, you get these events because your zones are stored in AD and you only have one Domain Controller. AD cannot start with DNS, and when DNS starts, because AD has not started, DNS cannot load the zones in AD. The error goes away if you have two or more DCs with DNS installed, or if you use standard primary zones.

Solution

Add a second domain controller or Ignore the error.

Related Articles, References, Credits, or External Links

NA

Event ID 3085

KB ID 0000129

Problem

Error – 1601 occurred while generating an outgoing replication message.  Type 0x4″

Solution

There’s corruption in your public folder store, I see this during Exchange 2003 to 2007 Migrations, quite often some folders will replicate fine and other will not, and there is no rhyme or reason as to why. Then you see this error in the event log, essentially a couple of corrupt messages/items are stopping an entire folder from replicating.

There’s going to be some downtime to your public folders (sorry)

1. On the Exchange 2003 Server, launch the Exchange System Manager > Drill down to the public folder store > Right click > Dismount > Yes.
2. Now you need to run the isinteg tool, it in the exchsrvr directory in the sub folder called “bin” > Start > Run > cmd {Enter} > cd “c:program filesexchsrvrbin” {enter}.

Note: The path to your bin folder might be different.

3. Take note of your exchange server name in the example below its CTC-EX2, execute the following command,

isinteg -s CTC-EX2 -fix -test alltests

4. Select the offline database that your public folders are in, (in the example below that’s 2).

5. Press Y {enter} to confirm.

4. This will perform 11 different tests, each one will tell you,

x number of errors
x number of warnings
x number of fix(es)
x number of rows <—- ignore this figure its not important.

5. Continue to execute the SAME command until one of two things happens,

a. You get 0 errors, 0 warnings, and 0 fix(es) for everything.
OR
b. You get the same result on one or more tests THREE TIMES IN A ROW.

6. When done, go back to the Exchange System Manager and re-mount the store, apply the cup of coffee rule and check replication.

Related Articles, References, Credits, or External Links

Credit to Debasis at Microsoft for his help.

Veeam – “Task Failed Error: No connections could be made because the target machine actively refused it”

KB ID 0000758

Problem

Seen when running Veeam Backup and Replication.

Error
Task Failed Error: No connections could be made because the target machine actively refused it

Also when trying to connect to VMware VCenter from the Backup and Replication management console;

Error
Failed to connect to “Host-name” by SOAP, port 443, user “User-Name”, proxy srv: port:0
Unable to connect to the remote server
No connections could be made because the target machine actively refused it {IP-Address}:443

Solution

There are a few things that might cause this, make sure the Veeam Server can “Ping” the VCenter and the hosts. Also make sure if you use a proxy server there is an exception for traffic going to this IP address.

In my case the problem was simply that the VMware Server service was not running on the Virtual Center.

Related Articles, References, Credits, or External Links

Veeam Backup and Recovery Download

Veeam Availability Suite Download

Veeam Backup For Office 365 Download

Veeam Backup For Azure Download

Veeam Backup for AWS Download

SBS 2011 Missing Netlogon Share (Post Migration)

KB ID 0000809 

Problem

Whilst performing an upgrade from SBS 2003 to SBS 2011, I went on-site this morning to be told, “The new server does not have a NETLOGON share!”. As a result the clients who had authenticated to the old server had successfully ran their logon scripts. But the clients who had authenticated to the new server had not.

Solution

1. On the original (SBS 2003) server > Start > Run > cmd {Enter} > Run the following command;

[box]
net stop ntfrs
[/box]

2. On the original (SBS 2003) server > Start > Run > Regedit > Navigate to;

[box]
HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > NtFrs > Parameters > Backup > Restore > Process at Startup
[/box]

Change the Burflags DWORD value to D4 (Hexadecimal).

3. Then start the ntfrs service again.

[box]
net start ntfrs
[/box]

4. Now go to the NEW (SBS 2011) server > Start > Run > cmd {Enter} > Run the following command;

[box] net stop ntfrs [/box]

5. On the NEW (SBS 2011) server > Start > Run > Regedit > Navigate to;

[box]
HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > NtFrs > Parameters > Backup > Restore > Process at Startup
[/box]

Change the Burflags DWORD value to D2 (Hexadecimal).

6. Then start the ntfrs service again.

[box] net start ntfrs [/box]

7. Now wait approximately one cup of coffee.

Related Articles, References, Credits, or External Links

NA

Event ID 9335 and 9331 Offline Address Book Update Errors

KB ID 0000849

Problem

Seen on an Exchange 2010 server, this server had previously been upgraded from Exchange 2007, and that was upgraded from Exchange 2003.

Event ID 9335

Log Name: Application
Source: MSExchangeSA
Event ID: 9335
Task Category: (13)
Level: Error
Keywords: Classic
User: N/A
Computer: ServerName
Description:
OABGen encountered error 80004005 while cleaning the offline address list public folders under
 /o=org/cn=addrlists/cn=oabs/cn=Default Offline Address Book. Please make sure the public folder
 database is mounted and replicas exist of the offline address list folders. No offline address 
lists have been generated. Please check the event log for more information.
- Default Offline Address Book 

Event ID 9331

Log Name: Application
Source: MSExchangeSA
Date: 29/08/2013 06:10:50
Event ID: 9331
Task Category: (13)
Level: Error
Keywords: Classic
User: N/A
Computer: ServerName
Description:
OABGen encountered error 80004005 (internal ID 50101f1) accessing the public folder database 
while generating the offline address list for address list '/'.
- Default Offline Address Book 

Solution

Note: If you don’t have any Outlook 2003 clients left in the organisation, this is a moot point. Simply disable distribution of the offline address book via public folder. (Newer Outlook clients use web based distribution.)

1. Before we do anything make sure that the offline address book has been specified, is shown on the correct server, and is set as default.

2. From the Exchange Management Console > Toolbox > Public Folder Management > system Public Folders > OFFLINE ADDRESS BOOK > Then in the center window, right click each one > Properties > Replication > The server that hosts the public folder should be in here > (In my case it was not.) > Add it in.

3. Now you can force the OAB to update with the following command;

[box]Get-OfflineAddressBook | Update-OfflineAddressBook[/box]

4. Now recheck the event logs, and you should no longer get Events 9335 and 9331.

Related Articles, References, Credits, or External Links

Update Global Address List Error “WARNING: The recipient “xxxxxMicrosoft Exchange System Objects/xxxxx” is invalid and couldn’t be updated

Public Folder Migration Exchange 2003 to 2010

KB ID 0000426 

Problem

I’ve already written at length about migrating from Exchange 2003 to 2010, I was doing a migration this week and migrating the public folders was proving to be a pain.

If you have multiple public folders within public folders then setting up replication can be a nightmare, as the replication settings don’t get passed down to the child object.

Normally you could use PFDAdmin and this would do it for you, or use the Exchange ExFolder tool, or even the powershell scripts included with Exchange 2010 (like AddReplicatoPFRecursive.ps1). But sadly all these failed for me today.

To use the Exchange 2010 Scripts click here.

In the end, with the aid of third line support at Microsoft, it was fixed using a feature of Exchange 2003 that I NEVER KNEW was there 🙂

Solution

1. The bad news is you still have to add the new Exchange 2010 server as a replica on the top level folder. (Right click > Properties > Replication Tab > Add > Add in the new server > Set the interval to always run > priority to urgent (unless you have a LOT! then choose Normal) > Apply.

Update: Eagle eyed visitor Brian Morphey, mailed me to point out that in my diagram all the folders are under the Exchange 2010 Administrative group, How did they get there? You need to use Exchange system Manager to create a public folder group in the new administrative group then simply DRAG the public folder group from the old admin group to the new one.

2. Right click the folder again > All Tasks > Manage Settings.

3. Select “Modify lists of replica servers” > Next.

4. Add servers > Next.

5. Add in BOTH the 2003 server AND the 2010 server > Next.

6. Finish.

7. It will now run through all the sub folders and apply the same replication settings on all of them, this can take a while depending on the number of folders.

8. Go to the Exchange 2010 Server and open the Public Folder Management console, right click Public Folder {your server name} > Update Hierarchy.

9. Repeat the above, but this time select “Refresh”.

10. Finally to speed things along, you can right click each folder and select “Update Content”.

11. Now wait! It can take a while till replication is complete.

Removing Public Folder Replicas

Once All the data has replicated across you can remove the 2003 replica by doing the reverse.

1. Right click the public folder > All Tasks > Manage Settings > Next > Modify List of replica servers > Next.

2. Remove servers> Next > Tick the server you want to REMOVE the replica from > Next.

3. Finish > Depending on the amount of data it may take a while.

Migrating Public Folders with Exchange 2010 Scripts

Step 1 Set up Public Folder Replication to Exchange 2010

On the Exchange 2010 Server open the Exchange Management Shell and execute the following three commands;

[box]
CD “C:Program FilesMicrosoftExchange ServerV14Scripts”
.AddReplicaToPFRecursive.ps1 -TopPublicFolder “” -ServerToAdd “EX-2010.petenetlive.com”

Update-PublicFolderHierarchy -Server “EX-2010.petenetlive.com”
[/box]

Step 2 Once the Replication Has occurred

Warning: Check that replication is complete before you do this!

Check replication with a “Get-PublicFolderStatistics ” command, once you are happy, run the following two commands;

[box]CD “C:Program FilesMicrosoftExchange ServerV14Scripts”
.MoveAllReplicas.ps1 -Server “EX-2003.petenetlive.com” -NewServer “EX-2010.petenetlive.com”[/box]

Related Articles, References, Credits, or External Links

Thanks to Brian Morphey for the feedback.