Event Source:MSExchangeMU Event ID:1043

If this is what you guys are looking for : Metabase Update failed to initialize enumerator of virtual server on cluster database. Error code is error 800706d9 (There are no more endpoints available from the endpoint mapper

As usual I will write about my life and then the resolution to the problem. If you are not interested in me .. scroll down .. :) .. I don't mind.

As we are a step away from the new year .. Thanks to the economic slowdown .. there is less work .. After a long time .. I enjoy coming to office ... I could catch up with lot that has changed during the last few months when i was burried under loads of work / pressure / dead lines / ego's / mergers / fast changing bosses ...

Also, i m going to Nilgiris on 1st for 2 days .. this is a resort at the foothills of ooty and i will have lot to write about when i am back. I have a topic in my mind already .. This may well be my last trip as a bachelor. After that the count down starts and a new chapter begins ..

Here is the resolution :

Then you are at the right place. I faced a simliar issue and could not find much on google. Thus, giving me an oppurtunity to write another post.

This error should take you to cluster service and no where else .. There is no problem with the cluster database .. Still, you can check it :

C:\windows\cluster\clussvc /debug > c:\debug.log

Check the log file to find more ..

If you are not able to RDP to the server .. Then, use DRAC / ILO etc to get inside the box and delete the profile of the cluster admin account. You need to remove it from :

1. C:\Documents and Settings
2. Right-click My Computer, click Properties, and then click Settings on the Advanced tab under User Profile.

Once done .. Log off fromt the server. Then login with the cluster account. All you need to do now is to start the cluster service .. BINGO !!!

You have done it .. The issue is resolved .. If then you have to find a RCA .. Best of Luck .. If you find one .. lemme know ..

Resource Scheduling - The operation timed out

I have been a lot busy for last few months and I had good stuff to write about. But thanks to nisha ( the cyclone in chennai ) .. I got some time out .. I will cover an interesting topic today that is not easy to find on the internet. But before I begin .. as custom .. I will talk about myself and then the technical stuff ..

I completed one year in this city of humidity / cyclones / heavy rains ( Good for me at times ) .. It was a slow start but the last few months have moved at the speed of F1. There have been ups and downs .. But I am confident of a great future.

We shifted to a new building and it is a cool place .. I have a permanent place to sit ( Finally .. As I thought a manager should have one .. But my company did not feel that way ) .. Roll # 1 .. Just opposite to my Boss's cabin .. I have to walk half a mile to take a print out and 3 steps to get a thrashing from my boss .. Not a good place .. But my boss is happy as he has a printer in his cabin and all his team in front of his eyes ...

The city girls have been kind to me .. Sangeetha ( Where I had food ) and Nisha ( The cyclone ) .. Lets move on to the technical stuff ..

We recently moved out data center and it was sever by server ... So we were actually decommissioning - shipping - reinstalling with a new name .. In the process .. we came across a problem that the conference room ( Mailbox enabled AD accounts ) stopped showing the free / busy info and when we clicked " Resource Scheduling " it gave an error - Operation time out.

It happened as all the information for free / busy is stored in the system folder ( Schedule free + busy ) and old PF server was moved and renamed. This is what needs to be done to fix it :

1) Open PFADMIN and add the new server with PF as replicas under ( Schedule free + busy )

2) Correct the site folder server name .. This is how you do it.

• Open an Active Directory editor, such as ADSI Edit.
• Locate the public folder information store you want to designate as the Site Folder Server, by expanding the following: CN=, CN=, CN=InformationStore, CN=, CN=Servers, CN= ,CN=Administrative Groups, CN=, CN=Microsoft Exchange, CN=Services, CN=Configuration,DC=,DC=com.
• In the right pane, right-click CN= and select Properties.
• In the Attributes field, scroll down and select the distinguishedName attribute.
• Click the Edit button, and then copy the entire attribute to the Clipboard.
• Expand the Configuration container, and then expand CN=Administrative Groups,CN=,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=,DC=com.
• Right-click the administrative group you want to modify and select Properties.
• In the Attributes field, scroll down and select the siteFolderServer attribute.
• Click the Edit button and paste the value for the distinguishedName attribute into the Value field.
• Double-check the contents of the Value field to ensure the paste was done correctly, and then click OK to save the change.Click OK to close the administrative group properties dialog box.
• Exit ADSI Edit and restart the Microsoft Exchange Information Store service on all Exchange Server computers in the site for the change to take effect or wait for replication.

Note : On the client side, click Start, click Run, type Outlook /cleanfreebusy, and then press ENTER. Alternatively, send a test meeting request to all users homed to this server and ask them to accept the request.

Exmerge Decoded

Today, I wrote my 1st email announcing the promotion of my team member .. It was a good feeling .. I feel it was yesterday when I started working here .. Time is flying .. It has been nearly 2 years when I was sitting in the office at my home town and I took an interview of a guy who looked smart but was nearly shivering .. The same guy came along with me to a place .. where we had to battle it out all over again .. Battling the new office / new city ( Town - Village .. Whatever you call it ) / new team / new food / new apartment / new aunty .. But life has started to settle down ( work not personal ) .. So my happiness has doubled .. seeing some one grow from day 1 ..

Like sparrows sitting on a tree .. When there was a "BANG" .. Lot of them flew in different directions .. Some flew even before the D day .. Now that most of them have settled .. It takes away any bitter feeling that was left inside .. Having said that .. There are couple of sparrows which hurt a lot when they flew away .. Not because I couldn't fly without them .. but 'cos they took the U turn too late

How can I forget the crow's .. Wohi to ... the one's who turned white and the colours changed like a chameleon .. They remind me of the trust vote of Dr. Manmohan Singh .. I still pray .. God give some wisdom to the souls that are roaming around on this planet .. doing things that shouldn't be done ..

Back to work :
Exmerge is an utility which i believe is not used to its potential .. However, it is very easy to use and to understand ..

This tool was developed by : Kali Buhariwalla ( Naam se to Hindustani Lagta hai )

You can get EXMERGE from http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q174197&

Lets go step by step :
Start Exmerge

1. On the “Procedure Selection” dialogue box, select “Export or Import (One Step Procedure)” or “Export or Import (Two Step Procedure)”

• One step procedure is not used much in Exchange 2003 as you can move mailboxes between Administrative groups.
• Two step procedure is the most commonly used way for exporting / importing the mailbox / mails / permissions ..

2. On the “Two Step Procedure” dialogue box, select “Step 1: Extract data from and Exchange Server Mailbox” or “Step 2: Import data into an Exchange Server Mailbox”

• As we can see, the two options are either to import the PST that was extracted or copied from source to the destination mailbox or to export the contents in the form of mails or permissions

3. We are now presented with the “Source Server” dialogue box, specify the name of your Exchange server, and if applicable the name and LDAP port number of your Domain Controller, if you do not specify the Domain Controller Exmerge will use your Global Catalogue server to find the users, this will take longer, but if you have a multiple domain environment this should be used.

• You don't need to specify the FQDN anywhere on this tool .. Neither for the name of exchange server Nor for the domain controller.

4. The most important thing to know in exmerge is the "Options" button on the “Source Server” dialogue box

On the first tab “Data”, the options are :

• User Messages and Folders : This option is used to copy all the contents of the mailbox. Free / Busy information will not be copied as it resides on the public folders.
• Associated Folder Messages : We should always select this option while exporting a mailbox. One of the reasons if that OOF message will not be exported if we don't select this message.
• Folder Permissions : As the name suggests all folder permissions will be exported ..
• Items from Dumpster : Dumpster is a feature that is disabled by default in outlook. Usually this is not used when we want to export mailbox.

On the second tab “Import Procedure”, the options are:

• Copy Data into the Target Store : This will copy the data to the destination mailbox and will not check for duplicate emails.
• Merge Data into the Target Store : This option will do the similar thing like the previous option. But is intelligent enough to eliminate any duplicates.
• Replace Existing Data in Target Store : This should be used when the destination mailbox is corrupted and we are restoring the mails from the PST backup.
• Archive Data to Target Store : This option is used to archive emails when the users are too lazy to do it on their own or if the IT has pampered them too much .. :)

On the third tab “Folders”, the options are:

• Ignore these folders : This will give you an option to ignore specified folders while importing or exporting. Hidden folders like sync folders are not available here. Also folders created by the user are also not available.
• Process only these folders : It is of similar use as the last option .. Use your brains to see what suits your requirement the best .. It depends on case to case as to which radio button to select.
• It also has a check box " Apply action to subfolders " .. Which is self explanatory

On the fourth tab “Dates”, the options are:

• All : This will select all messages.
• Dated From / To : this gives you an option to specify the dates between which the mailbox items have to be exported.
• We can also select the radio button to perform the actions based on the Delivery Time or the Last Modification Time

On the fifth tab “Message Details”, the options are:

• Enter new message subject : This will give us an option to add / delete a message with specific subject or messages which contain a specific word in the subject.
• Enter new attachment name : This also gives us an option to add / delete a message with specific attachment or messages which contain a specific word in the attachment name.

5. Once we have click on Next the “Database Selection” dialogue box is displayed, from here we can choose what Stores we would like to search through.

• This will show all mailbox stores and not public folder or recovery storage groups

6. On moving to the next screen, we are presented with the “Mailbox Selection” dialogue box,

• You can select individual mailboxes or you have the option to “Select All”

7. the next screen is the “Locale Selection” dialogue box

• If you are using say Chinese Locale on the exchange server then it has to changed accordingly.

8. Next is the “Target Directory” dialogue box

• You just have to browse to the folder path where you want to save the file.

9. The next screen is the “Save Settings” dialogue box,

• File Names : Here we can change the file names and location where exmerge saves its files. e.g Subjects.txt, Folders.txt, etc

10. On the next screen the actual process starts .. :)

If we abort the process .. it will only get killed till the current folder that the tool is working upon is not completed.

How to add change password option in OWA

I liked the way I wrote my last post. . It should start with something about me and then about the work .. This gives those people who know me a reason to read the blog who have nothing to do with AD / Exchange or even technology .. :)

Today one of my Best Friend called and asked .. What is the your definition of achievement .. I joked that .. I have moved from roti to idli .. that is an achievement .. But if I really think .. That is what it is actually .. I came here to make my life better .. Lot of things that I left behind .. roti is also one of them ..

I wonder .. how can 2 words on your signature or on the business card make you leave friends / family / good food / luxury / place where you spent your childhood ..

Idli has been my staple diet .. and the first time I ordered parota thinking it was parantha .. It was 11 PM and I had to eat it as I had no choice .. @11 PM .. It is like a curfew in chennai ..

Sangeetha my GF as I call it has been feeding me from the time I have been here .. Don't jump to conclusions ... Sangeetha is a resturant near my office .. I have tried all Dosa's / Idli's and Vada @ Sangeetha .. I don't eat stuff if I can't pronounce the name .. I wish I had a similar choice with people .. ;)

*** Work ***

When I had to implement the change password option in OWA in my company .. I strugglled a bit .. as there was no good documentation any where . Not even google helped .. It has stuff here and there .. So I decided to put all at one place ..
Note : This will work for BE - FE - ISA setup

The Virtual Directory is created on the FE server and the change password option is enabled on the BE as the option is loaded in OWA through the BE server and not FE. Also, We need to modify the rule on ISA for ISA to allow access to the Virtual Directory on FE to remote users.

The following steps have to be done on all the FE servers or servers where you have the OWA site running on IIS.

1. Log on to the Front End server.


2. Click Start All Programs Administrative Tools Internet Services Manager.


3. Expand Local Computer Web Sites.


4. Right-click the OWA Web Site and point to New, then click Virtual Directory.


5. The Virtual Directory Creation Wizard is launched. Click Next.


6. In the Virtual Directory Creation Wizard, type IISADMPWD in the Alias box, then click Next.


7. You now need to specify the directory path. Type C:\windows\system32\inetsrv\iisadmpwd ,then click Next.


8. Verify that only the Read and Run scripts (such as ASP) check boxes are set.


9. Click Next and then Finish.


10. Right-click the IISADMPWD virtual directory, then select Properties.


11. On the Virtual Directory tab, ExchangeApplicationPool should be selected under Application Pool.


12. Select the Directory Security tab, and then under Authentication and access control, click Edit.


13. Put a check mark in the Basic Authentication box.


14. Click Yes. On the IIS Manager popup.


15. Under Default Domain type your <> not the FQDN.


16. Click OK twice and close the IIS Manager.

Now lets move to the BE servers .. This is easy ..

1. Open Regedit


2. Go to : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWEB\OWA


3. Change the value of DisablePassword REG_DWORD from 1 to 0.


4. Close the registry editor.


5. Restart IIS.

Last thing .. We should go to the ISA server.

1. Log on to the ISA server.


2. Navigate to Firewall Policy.


3. On the right side pane, Right Click on OWA Publishing Rule and Click Properties.


4. Click the Paths tab and hit the ADD button.


5. Type /IISADMPWD/* in the box and Click OK.


6. Click OK and Click Apply to commit the change on ISA.

How to remove a specific user from Mailbox Manager Policy

I am back after a looong time .. There has been a lot of work as I have moved to a new place .. Geographically this is a city .. But it is not more than a town . I travel the same road to office everyday and visit my sisters place ( Not too far either ) and I cant count my Boss's place as we stay on the same road. . So what I call as the town has shrunk to a village .. ;)

Life has changed a lot in the last 6 months .. Got promoted professionally and personally .. I had a lot of friends / family back home ( The place which is a city and also qualifies to be called a Metro ) .. But here life is restricted to people whom I can count on the fingers of my left hand. I interact with more people on email than personally .. :)

I could have written more but I vomitted my frustration on my friend / mentor .. Divy .. ( Just got off the call ) .. So lets get back to work ..

As the title says ... this is a request that came today from an executive to make sure the deleted items policy does not affect a particular user. I had done this long time back .. but forgot the schema change .. So I want to save it for my own good as well as for other's who might need it.

I will try to keep it as simple as possible :
Mailbox Manager Policies are uniquely identified by their GUID {3B6813EC-CE89-42BA-9442-D87D4AA30DBC}. E-mail Address Policies have their own GUID of {26491CFC-9E50-4857-861B-0CB8DF22B5D7}.

So inorder to exclude a user we need to use adsiedit.msc and drill down to the properties of the user. One of the attributes will read : msExchPoliciesIncluded. Remove the GUID values that is set. Then add the GUID values to the attribute : msExchPoliciesExcluded

Attribute Name : msExchPoliciesExcluded
Attribute Value :
{3B6813EC-CE89-42BA-9442-D87D4AA30DBC}
{26491CFC-9E50-4857-861B-0CB8DF22B5D7}

Explanation : msExchPoliciesIncluded has values set as GUID,GUID. Like GUID,{3B6813EC-CE89-42BA-9442-D87D4AA30DBC} for a mailbox manager policy and / or GUID,{26491CFC-9E50-4857-861B-0CB8DF22B5D7} for an email address policy. The 1st GUID specifies the actual policy and the 2nd part is the default GUID.
So what actually we did was to remove all the policies and that can be applied and also adding the default GUID's to the exclusions. Because if we dont add to exclusions and just remove from inclusions .. it will be populated again by RUS.

Time to get breakfast otherwise the line will be too long .. The next topic will be posted soon .. I promise the delay will not be as long as it was for this one .. :)