Archive for Dave Shackelford
Register now for our SMBNation All-Day Training
Posted by: | CommentsContent? Yes, we have content.
Eriq Neale: Configuring and Using Remote Desktop Services Remote Apps – A Love Story
Dave Shackelford: Things you didn’t know were in Exchange 2007
Cliff Galiher: AutoDiscovery, DNS and ActiveSync in depth. Like seriously deep
Wayne Small: Hyper-V R2, yes is does make a difference. Configuring Disk subsystems and effects on performance
Thanks to our sponsors, Hewlett Packard, Symform and Storagecraft we are able to keep the cost down to only $50. So head on over to the store and reserve your space for this all-day training session! http://www.thirdtier.net/store Training takes place October 21st.
Third Tier offering Technical Training at SMBNation PreDay Event!
Posted by: | CommentsI’ve been dying to announce this. I’m so excited! We’re doing a pre-day event at SMBNation in Vegas on October 21st. Make your flights accordingly. Very soon we will be posting a registration form. You must register in advance so keep an eye out for it.
Speakers are our own fabulous staff: Dave Shackelford, Cliff Galiher, Eriq Neale and Wayne Small
Our content has been selected by the guys to reflect the growing concern over compliance, business continuity, manageability and issues surrounding these that our customers are contacting us for help with. Case studies and examples will abound and they guys will show you how to configure the products they will be working with which including Exchange, Sharepoint, Terminal Services and Hyper-V. Expect the sessions to be intense with advanced material. Your brain will be exploding by the end of the day.
I’ll be posting more and more specifics about the content as the event gets closer. Let’s have a look at what Eriq is going to cover first:
Configuring and Using Remote Desktop Services Remote Apps – A Love Story
Many people have heard of Remote Desktop Services Remote Apps (formerly Terminal Server Remote Apps) but either haven’t had an opportunity to implement the solution or just are not sure how to. In this session, Eriq Neale will show how to configure RDS Remote Apps on a Remote Desktop Server and then go over several real-world deployment scenarios. We will also go over how to set up RDS Remote Apps to work with Remote Web Workplace on an SBS Server. Eriq will include case studies on when and why this technology is used.
Configuring RDS Remote Apps
Publishing an Application through RDS Remote Apps
Publishing an Application with multiple configuration options through RDS Remote Apps
Publishing an RDS Remote App through Remote Web Workplace
Please make your flights accordingly and plan to join us for a full day of intense training on October 21st.
Shout Out to Hewlett Packard, Symform and Storagecraft. Without awesome vendors that get the small business space and are willing to invest in partner education, this event would not be possible.
—
Connect with us now…
We’re Third Tier. We provide advanced Third Tier support for IT Professionals. 
Get Support 
Blog 
Twitter 
Facebook 
LinkedIN
Public Folder problem caused by Client-side Outlook Security update
Posted by: | CommentsJust a heads up. If any of your clients have a user that complains that they can’t access public folders, they may be having a problem with a recent client-side Outlook 2007 security update. If they attempt to access public folders and are getting this error:
Cannot expand the folder. The attempt to log on to Microsoft Exchange has failed
It’s likely that they recently installed KB980376. As of today, the only known fix is to uninstall that security update from the client machine so that they can get into public folders.
Giving one user access to another’s mailbox via PowerShell
Posted by: | CommentsThere are plenty of reasons why you might want to give one user access to another user’s mailbox. The first user may be in the hospital, or under HR review, or maybe they’ve been dropping the ball lately and management need to make sure that certain projects have been followed up on. It’s not really our job to care. The fact is, Bill in management has requested that you give Paul Stanley access to Gene Simmon’s mailbox, and for various reasons, logging on to Gene’s mailbox to set these permissions up is not a good option. For one, you’d only be able to delegate access to certain primary folders, not to the whole mailbox, and second, you’d have to know Gene’s password to do that. Because you are a smart admin, you tell Bill you can take care of it easily from the server. And here’s how you do it with Exchange 2007 or Exchange 2010:
Using this powershell command, you can give one user the permission to open and view another user’s entire mailbox. They won’t be able to send mail from that mailbox though, unless you add the SendAs permission:
Add-MailboxPermission user1 -User user2 -AccessRights fullaccess
So if you wanted to give Paul Stanley access to Gene Simmons’ mailbox, you would do this:
Add-MailboxPermission gsimmons -user pstanley -AccessRights fullaccess
To add sending functionality, you would do this:
Add-MailboxPermission gsimmons -User pstanley -AccessRights sendas
Make sure you run the Exchange Management Shell as Admin (escalated) or you may not get the results you were expecting.
If you want to verify the permissions you’ve given Paul, you can run this command:
Get-MailboxPermission gsimmons -User pstanley | fl
After you tell Bill that you’ve taken care of it, he asks you what Paul is supposed to do to view the mailbox. You send him the following instructions:
In Outlook, go into Tools -> Account Settingss and open up the properties on your Exchange email account. Choose More Settings, and when you get to the tabbed window, choose the Advanced tab.
On the Advanced tab, you will see the option to open additional mailboxes. Click Add and type the name of the user whose mailbox you want to open. In this case, Paul could type “Gene Simmons” or “gsimmons”. OK all the way out, and you should see another root mailbox for Gene Simmons added to Paul’s Outlook.
And yes, this can be done in the Exchange Management Console, but PowerShell is quicker!
Interested in SBS 2008 Training?
Posted by: | CommentsLast month TrainSignal released a new video course course I created, and I thought I’d talk about it a little bit here, since I wrote it with the SMB consultant audience in mind.
I think that if I was looking for a course to take myself, I’d want to know that it did two things: cover all the essentials and additionally give me some beyond-the-basics expertise to add value to my consulting. Beyond that, I’d also want it to efficiently cover a given topic in a demo-driven way so that instead of having to plow through the whole course, I’d be able to sit down for 45 minutes or so with a specific topic and walk away feeling more prepared to implement.
That’s pretty much what I’ve put together, and when you add up all the content, it comes to over 17 hours of video, including segments covering SharePoint customization, certificates, WSUS, SBS 2003-2008 migrations, Exchange disaster recovery and much more.
TrainSignal typically sells scenario-driven courses, so there’s usually a fictitious company with fictitious characters whose needs the course is built around, and as part of the course, we field management requests from our “client” and translate them into technological solutions. In this course we are working for Mal Falconi, who runs KingFish Private Investigations, and she wants to set up a solution that maximizes her decentralized office strategy. Many videos begin with a description of a “business need” and we move on to craft and implement a solution that meets that need. I had a lot of fun building the course.
You can check out a larger overview here.
If you’ve already looked at the course, I’d be glad for any feedback you might have.
User can’t log into OWA
Posted by: | CommentsSometimes a strange situation crops up in which a user can access his Exchange 2003 email from an Outlook client without trouble, but can’t successfully log into Outlook Web Access. You will get the standard, “You could not be logged on to Outlook Web Access” error message.
Chances are this user recently had a password change, or maybe the users account was deleted and then recreated again. But you’ve checked everything: the password, the OWA feature turned on for that user, the ability to log on with other user accounts, the temporary internet files cache, IISRESET. But nothing works–no matter which workstation you use to access OWA, you can’t log on as that user.
If you really press on and actually reboot the server, you find that the problem is resolved, but you are left uneasy. What actually happened, and why did it take a server reboot to fix it? Very unsatisfactory.
The problem is actually related to how IIS caches credentials when it uses Forms Based Authentication. If you change a user password or delete and recreate a user account, sometimes IIS has a different SID/password cached for that user and any attempts to authenticate will fail until that cache is emptied. An IISRESET will not resolve the problem, but a reboot will.
But there’s another way to resolve this without a reboot.
1. Open up the Exchange System Manager and drill down into the Server section and down into Protocols.
2. Open the HTTP folder and get properties on Exchange Virtual Server.
3. Go into the Settings tab and uncheck the Enable Forms Based Authentication checkbox. Apply it.
4. Go to the command-line and do an IISRESET.
5. Now go and recheck the Enable Forms Based Authentication checkbox.
That’s it. You should be able to log into OWA with that user now.
Dave Shackelford Named Exchange MVP
Posted by: | CommentsThird Tier is proud to announce that Dave Shackelford has been honored by Microsoft with the MVP (Most Valuable Professional) award for 2010.
Microsoft Most Valuable Professionals (MVPs) are exceptional technical community leaders from around the world who are awarded for voluntarily sharing their high quality, real world expertise in offline and online technical communities. Microsoft MVPs are a highly select group of experts that represents the technical community’s best and brightest, and they share a deep commitment to community and a willingness to help others. For more information on the MVP program, visit http://mvp.support.microsoft.com/.
Dave was awarded for the Exchange Server category. His MVP profile can be found at https://mvp.support.microsoft.com/profile=B058C0A5-2970-4645-BEA1-A7EAECEA9C2A
Avoiding Trouble with Windows Updates
Posted by: | CommentsDo you ever wonder why there are so many sporadic one-off problems with Windows Update? Someone runs a .Net update and it breaks a lot of things, even though thousands of other admins have run that same patch without problems?
I think I might have an inkling why.
How many times have you been checking on a server right before lunch and saw an optimization you could easily make, made the change and then saw that the server wanted a reboot? It wasn’t that critical a change, and you can’t restart the system during business hours, so you add a task to your list to restart the server that evening. Or do you? Did you ever actually get around to it?
Maybe you download a patch for a known issue and then it calls for a reboot, and you decide that you might as well run some other updates before the reboot to get your downtime’s worth.
Both of these situations are much more likely to result in failed Windows Updates, since there are unresolved .dll, file and registry changes underway.
The best practice is to restart a server BEFORE you run Windows Update or any significant patches. You would do this in order to ensure that there are no subsystems that can’t be patched properly due to their already holding their breath for a reboot. So a good Windows Update procedure would involve at least two server restarts: one before the updates are run, and another after.
The truth is, if your servers run for 30+ days between reboots, it’s fairly common for them to begin to accumulate some of these “pending reboot” situations, and if you don’t resolve those before doing any serious patching, you may end up with unpredictable results.
—
So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Get Support 
Blog 
Twitter 
Facebook 
LinkedIN
Setting up an external Autodiscover record for SBS 2008
Posted by: | CommentsWhen you migrate to SBS 2008 and you already have a domain name, you don’t need to use the domain registration wizard that is built into the SBS 2008 Setup process.
This is well and good, but it has a downside worth knowing about. You probably didn’t know it, but something that Microsoft does when they set up your new domain name at the registrar is create a custom SRV record for your domain so that Autodiscover will work properly for external client autoconfiguration. If you already have a domain name registered and are able to create your own DNS SRV records (some DNS hosts don’t allow SRV record creation), it would be a good idea to create an Autodiscover SRV record to make it easier for Outlook 2007 clients to autoconfigure themselves for Outlook Anywhere (RPC-over-HTTPS).
The details on how to set this record up are all in KB940881, but I’ll briefly summarize it here:
1. Get rid of any CNAME or A records for “autodiscover”
2. Build the SRV record to look like this:
Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: remote.smallbizco.net
Why do you need to do this for Autodiscover to work? Well when you feed an Outlook client an email address, it tries to autoconfigure itself, and it does this by trying to contact a series of hosts as follows:
- https://domainname.com/autodiscover/autodiscover.xml
- https://autodiscover.domainname.com/autodiscover/autodiscover.xml
- http://autodiscover.domainname.com/autodiscover/autodiscover.xml
Because your cert is tied to a single name: remote.domainname.com, any https connection to the autodiscover URL will fail. If you want to create an A or CNAME record for ‘autodiscover’ that points to your server’s public IP and allow port 80 to your server, autodiscover will work, but you would then have allowed port 80 traffic to your server. An alternate option, still using SSL, is what this article is about. This method takes advantage of a feature that was added in Outlook 2007 SP1 that allows it to look for an SRV record and use the SRV record to find the “real” autodiscover host. In this case, the SRV record is pointing to remote.smallbizco.net, which is the name covered by the cert, so a secure connection to that server to get Autodiscover information will succeed.
Got it? Great!
—
So who wrote this blog and what do they do for a living anyway?
We’re Third Tier. We provide advanced Third Tier support for IT Professionals.
Get Support Blog Twitter Facebook LinkedIN
Reminder Managing SBS 2008: Exchange. This Thursday!
Posted by: | CommentsThis month we’re going to discuss Exchange. In this session Third Tier welcomes staff consultant, David Shackelford Exchange MVP, to educate us all on Exchange 2007 as it is implemented in SBS 2008. We’ll learn about the new features and how to manage Exchange in the SBS 2008 environment.
When: Thursday, Feb 19, 2009 12:00 PM (EST)
Scheduled to Occur: Once
Duration: 1:00
Third Tier has invited you to attend an online meeting using
Microsoft Office Live Meeting.
https://www.livemeeting.com/cc/mvp/join?id=NNH33Q&role=attend&pw=k%7C%2F3j3w%23P
Meeting time: Feb 19, 2009 12:00 PM (EST)
Add to my Outlook Calendar:
https://www.livemeeting.com/cc/mvp/meetingICS?id=NNH33Q&role=attend&pw=k%7C%2F3j3w%23P&i=i.ics
AUDIO INFORMATION
-Computer Audio(Recommended)
To use computer audio, you need speakers and microphone, or a
headset.
