September | 2009 | Blog (at) Mreza.Info

Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih

September 30, 2009 erdeljanov Leave a comment

Pa še eno vabilo… tudi tokrat v ne-angleškem jeziku… 🙂

msinv1

Spoštovani!

Vabimo vas, da se nam pridružite na dogodku Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih. Tehnologijo in prednosti, ki jih prinaša, vam bo približal kot še nikoli, saj bomo obiskali kar 7 slovenskih mest – Koper, Kranj, Ljubljano, Maribor, Mursko Soboto, Novo Gorico in Novo mesto. Najnovejše tehnologije bodo tako prišle dobesedno na vaš prag. Na prijetnih dogodkih z omejenim številom prostih mest boste spoznali izdelke Windows 7, Windows Server 2008 R2 in Exchange Server 2010 ter razvijalske tehnologije na novih platformah.

Ob uradnem datumu predstavitve operacijskega sistema Windows 7 smo za skupnost strokovnjakov in razvijalcev za informacijske tehnologije pripravili posebne dogodke, ki bodo z bogatimi in privlačnimi vsebinami predstavili najnovejši namizni operacijski sistem Windows 7. Dogodki na različnih lokacijah bodo potekali vzporedno, ob istem času. Obenem pa vam želimo zagotoviti čim več informacij tudi o drugih dveh izdelkih, ki bosta nedvomno vplivala na vaše delo – strežniški operacijski sistem Windows Server 2008 R2 in sporočilni sistem Exchange Server 2010.

Slovenski strokovnjaki za informacijske tehnologije vam bodo v vašem domačem mestu predstavili prednosti, ki jih novi izdelki prinašajo v informacijska okolja podjetij vseh velikosti. Prav tako boste lahko spremljali prenose izbranih predavanj. Na dogodkih boste imeli priložnost spoznati predavatelje in predstavnike Microsoftovih partnerjev, prav tako pa je to enkratna priložnost za navezovanje stikov z drugimi strokovnjaki.

Več informacij o dogodku vam bomo posredovali v prihodnjih dneh.

Categories: Microsoft

Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih

September 30, 2009 erdeljanov Leave a comment

Pa še eno vabilo… tudi tokrat v ne-angleškem jeziku… 🙂

msinv1

Spoštovani!

Več informacij o dogodku vam bomo posredovali v prihodnjih dneh.

Categories: Microsoft

Pregled IT novosti sporočilnega sistema Microsoft Exchange Server 2010

September 30, 2009 erdeljanov Leave a comment

Vabim vas, da se udeležite tehničnega seminarja na tematiko Exchange Server 2010. Prilagam izvorno vabilo…

Spoštovani!

Vabimo vas na tehnični seminar Pregled IT novosti sporočilnega sistema Microsoft Exchange Server 2010.

O upravljanju, namestitvi in vzdrževanju novega Exchange strežnika bo iz svojih izkušenj predaval Sašo Erdeljanov, strokovjnak in slovenski MVP (Most Valuable Professional) za področje sporočilnih sistemov.

Sašo bo na seminarju predstavil nove zmožnosti Exchange 2010, izboljšave glede na prejšnje različice, nove tehnologije, ki pripomorejo k bolj učinkovitemu sporočilnemu sistemu, ter dobre razloge, zakaj bi IT strokovnjak izbral novi strežnik za boljšo podporo sporočanju v svoji infrastrukturi.

Skupaj smo za vas pripravili dva termina, da si boste lažje organizirali svoj čas:

– 19. 10. 2009, Ljubljana (Predavalnica Microsofta) in

– 29. 10. 2009, Maribor (Microsoft Center inovacij).

Enodnevni seminar je namenjen IT strokovnjakom in IT vodjem, ki želijo in potrebujejo nova znanja o prihajajočih sistemih za bolj učinkovito vpeljavo novih tehnologij v svoje IT okolje.

Predavanje bo v slovenščini, materiali pa bodo zaradi velikega števila tujih izrazov v angleščini.

Čas	Modul
09:00 – 10:30	Novosti v Exchange Server 2010
10:30 – 10:45	Odmor
10:45 – 12:15	Arhitektura in RBAC
12:15 – 13:15	Kosilo
13:15 – 14:45	Prehod na Exchange Server 2010
14:45 – 15:00	Odmor
15:00 – 16:30	Arhiviranje in visoka razpoložljivost
16:30 – 17:00	Vprašanja in odgovori

Categories: Microsoft

POW #9 – Exchange Server 2007 Edge & DNS Server

September 2, 2009 erdeljanov Leave a comment

POW_Blue_S

I noticed that some of the users are running Exchange Server 2007 Edge and public DNS Server on the same server.

Problem

There are some issues with services failing at start up if following is true:

Exchange Server 2007, Exchange Server 2007 SP1, Exchange Server 2010 (Edge Role).
Windows Server 2003, Windows Server 2008, Windows Server 2008 R2.
DNS Server role is installed.
Hotfix KB951746 is installed.

You receive following error and all Exchange services are stopped.

Log Name:      System
Source:        Service Control Manager
Date:          14.7.2009 10:19:36
Event ID:      7023
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EDGE.exchange.pri
Description:
The Microsoft Exchange ADAM service terminated with the following error:
An attempt was made to access a socket in a way forbidden by its
access permissions.

So let’s start troubleshooting… 😉

If we take a look with netstat we can see that DNS Service (dns.exe) is using 50636 port.

Exchange Server uses Active Directory Lightweight Directory Services (AD LDS), previous known as Active Directory Application Mode (ADAM), for storing Exchange (Organization)configuration. By default, the Edge Transport server uses the non-standard port 50636 for EdgeSync (Secure LDAP). We can check that with dsdbutil.

Open cmd.exe, type dsdbutil and press Enter.
Type list instances and press Enter.

Issue is with hotfix KB951746 (MS08-037: Description of the security update for DNS in Windows Server 2008, in Windows Server 2003, and in Windows 2000 Server (DNS server-side): July 8, 2008).

After security update KB951746 is installed on Windows Server 2008 (RTM/SP2), this issue occurs because the DNS server’s method of port allocation changes, and this change could prevent AD LDS from obtaining the port that it requires to function correctly.

By default, after security update KB951746 is installed, the DNS server randomly allocates 2,500 UDP ports in the ephemeral port range. This is new behavior that is introduced by this update. A conflict may occur if one of these randomly allocated ports is a port that an AD LDS instance has to use.

We can check the size of socket pool with dnscmd:

Background information

To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535.

We can check ephemeral port range in Windows Server 2008 witch netsh.

This is a change from the configuration of earlier versions of Microsoft Windows that used a default port range of 1025 through 5000.

In Windows Server 2003 or in Windows 2000 Server, the value of the MaxUserPort registry entry defines the ephemeral port range. The range is from 1024 to the value that is defined by the MaxUserPort registry entry.
After you install security update 953230 on Windows Server 2003 and down-level platforms, the following conditions are true:

If the value of the MaxUserPort registry entry is set, the ports are allocated randomly from the [1024, MaxUserPort] range.
If the value of the MaxUserPort registry entry is not set, the ports are allocated randomly from the [49152, 65535] range.

In Windows Server 2008:

Ephemeral port allocation and the MaxUserPort registry entry:
In Windows Server 2008 or in Windows Vista, the value of the MaxUserPort registry entry signifies the number of ephemeral ports. The range is from the [start port, start range + MaxUserPort]. The default start port is port 49152.
Effective ephemeral port range:
Ephemeral port allocation occurs in the [49152-65535] port range before you install security update 953230 on Windows Server 2008. This port allocation behavior does not change after you install security update 953230.

Solution for Windows Server 2003

We need to reserve Ephemeral port range for Exchange Server 2007 Edge AD LDS instance. We need to specify reserved ports in registry.

Start regedit.exe
Locate following registry key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters
Create New Multi-String Value with name ReservedPorts
Enter following values for EDGE Ports that we want to exclude:
50389-50389
50636-50636
Reboot server

Solution for Windows Server 2008

Although we can change port range in Windows Server 2008 there is simple trick that does the job. We can change DNS Server service startup type to Automatic (Delayed Start).

Solution for Windows Server 2008 R2

Windows Server 2008 R2 DNS Server provides SocketPoolPortExclusionList that would allow us to exclude certain ports from DNS Server.

Dnscmd /Config /SocketPoolPortExclusionList

Exchange Server 2007 & Windows Server 2008 R2?

I was warned that mentioning Windows Server 2008 R2 in post of Exchange Server 2007 could be misleading (Thanks to Miha Pihler!). Some quick facts about Exchange Server 2007 and Windows Server 2008 R2:

Exchange Server 2007 is NOT supported on Windows Server 2008 R2
You need to deploy Update Rollup 9 for Exchange Server 2007 SP1 or SP2 for Exchange Server 2007 if you intend to run DC/GC servers on Windows Server 2008 R2

Links

Categories: DNS, Exchange, Microsoft, POW, Windows

Blog (at) Mreza.Info

Archive

Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih

Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih

Pregled IT novosti sporočilnega sistema Microsoft Exchange Server 2010

POW #9 – Exchange Server 2007 Edge & DNS Server

Recent Posts

Archives

Categories

Blog (at) Mreza.Info

Archive

Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih

Nova učinkovitost – novi val tehnologij v 7 slovenskih mestih

Pregled IT novosti sporočilnega sistema Microsoft Exchange Server 2010

POW #9 – Exchange Server 2007 Edge &amp; DNS Server

Recent Posts

Archives

Categories

POW #9 – Exchange Server 2007 Edge & DNS Server