International Man of Awesome's Blog – When Too Much Awesome Isn't Enough

August 5, 2011

Decreasing Exchange 2010 DAG Failover Sensitivity by Increasing Cluster Timeout Values.

Filed under: Backups, Disaster Recovery, ESX, Exchange, Microsoft, Veeam, Virtualisation, VMware, vSphere, Windows 2008 R2 — internationalmanofawesome @ 2:21 pm

Whem running an Exchange 2010 DAG over a WAN, you may run into some of the limitations of Microsoft FCS (Failover Cluster Service). This service defaults to fairly low timeouts for fast failover in LAN environments. In a WAN environment, where latency may be higher, and some packet loss may occur, you may need to tweak the timeouts for FCS. I advise to tweak most of the settings via the FCS admin tool. However, there are a few settings to tweak via the command line, and here are the maximum values you can configure to make it “less sensitive”:

Exchange 2010 DAGs use Windows Failover Clustering. By default, FCS has fairly low timeouts that are ideal for use in fast localised LAN environments

If you operate your Exchange 2010 DAGs over a WAN where issues such as latency and packet loss can occur, you may find that your email databases are failing over. By default, heartbeat frequency (subnet delay) is 1000ms for both local and remote subnets and when a node misses 5 heartbeats (subnet threshold) another nod within your DAG cluster will initiate a failover.

You can change these values to their maximums by issuing the commands below on a DAG mailbox server in a command box.

cluster /prop SameSubnetDelay=2000:DWORD

cluster /prop CrossSubnetDelay=4000:DWORD

cluster /prop CrossSubnetThreshold=10:DWORD

cluster /prop SameSubnetThreshold=10:DWORD

You can check that the properties have been applied by executing the following command on a DAG mailbox server in a command box.

cluster /prop

If you virtualise your Exchange 2010 mailbox servers, this may also assist in preventing failover when backing up your VMs using backup products that take snapshots of your VMs like Veeam Backup and Replication. Note that doing backups in this manner is NOT supported by Microsoft at this time.

Reference – Configure Heartbeat and DNS Settings in a Multi-Site Failover Cluster – http://technet.microsoft.com/en-us/library/dd197562(WS.10).aspx

Advertisements

February 3, 2011

Exchange 2007 Management Console error on Windows 2008 R2 post installation

Filed under: Exchange, Firewalls, Microsoft, Windows 2008 R2 — internationalmanofawesome @ 2:24 pm

We are currently migrating from a single server Exchange 2003 setup to multi server Exchange 2007 SP3 system. When using the EMC 2007 application, selecting the servers in either the Organisation or Server Configuration displayed an error which started as such;

——————————————————–
Microsoft Exchange Warning
——————————————————–
The following warning(s) were reported while loading topology information:

Get-OWAVirtualDirectory
Completed

Warning:
Extended protection has not been enabled.  Install the operating system update specified in KB968389 onto server “servernamehere” and try again.

Now that KB does not relate to Windows 2008 R2, so it can’t be applied.

The fix is to add a registry entry that sets the RPC  port for the Application Host Administration (AHADMIN) which is used by EMC, then allow that port through the Windows firewall.

To add the registry entry requires a change to the permissions of the registry key. Only the TrustedInstaller process has read\write permissions, so you need to take ownership of teh key in question, then change the permissions that would allow you to make the change. In my case, as I was a local admin on the server in question, I added the local Administrator group. Once the permissions are change you perform the following;

1. Open an administerative command box

2. Type without the quotes “REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9fa5c497-f46d-447f-8011-05d03d7d7ddc} /v EndPoints /d “ncacn_ip_tcp,0,7000” /t REG_MULTI_SZ /f” and press enter

3. Type “NETSH” and press enter

4. Type “ADV FIR” and press enter

5. Enter the following. Note that you can and should change the Scope of the firewall rule from being remoteip=any to remoteip=your.ip.range(s).here

add rule name=”RPC Mapper” dir=in action=allow remoteip=any protocol=tcp localport=135 service=rpcss
add rule name=”AHADMIN Fixed Endpoint” dir=in action=allow remoteip=any protocol=tcp localport=7000 program=%windir%\system32\dllhost.exe
add rule name=”AHADMIN Fixed Endpoint” dir=in action=allow remoteip=any protocol=tcp localport=rpc program=%windir%\system32\dllhost.exe

6. Check the Windows Firewall with Advanced Security that teh firewall rules have been entered correctly.

That’s it, you will no longer get the error! Awesome!

 

For more info, you can see this blog post by Mike Volodarsky at http://mvolo.com/blogs/serverside/archive/2008/05/26/Accessing-IIS-7.0-configuration-remotely-and-on-server-core.aspx

September 2, 2010

Installing Exchange System Manager 2003 on Windows 2008 R2 and Windows 2003 R2 x64

Filed under: Exchange, Microsoft, Windows 2008 R2 — internationalmanofawesome @ 5:48 am

Update 05/04/2011: This process has also been tested and works on Windows 2003 R2 x64!

Currently trying to get Quest MessageStats 6.8 installed onto a Windows 2008 R2 server. The catch is we are currently using Exchange 2003, and I hadn’t seen anything that would allow Exchange System Manager 2003 on a W2K8R2 server. So, I like a challenge…..

Disclaimer: I’m doing this on a server that is expendable, in a test lab. I’m not responsible if you destroy your production environment by following the instructions below.

Here is the process

  1. Install the W2K8R2 RSAT ADDS tools and II6 compatibility. This will require a reboot, which is forced by the installation of the ADDS tools.
  2. Download and install the Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1. Download from here
  3. Download and install: Exchange System Manager for Windows Vista found here.Now this can be a bit tricky, as the ESM for Vista does an OS detection and stops you from installing it. Luckily, there is a way around it. Extract the .msi file from the download, open a command prompt as Administrator, change to the location of the .msi file and execute the following:

    msiexec /i esmvista.msi /q

    This will install ESM for Vista silently, without the OS check.

  4. Copy all DLL´s file from C:\Progam Files(x86)\exchsrvr\bin to your \windows\syswow64\  Don’t overwrite any files that already exist!
  5. Copy  the \windows\system32\ntlsapi.dll from your Exchange Server to your \windows\syswow64\
  6. Then execute as in a command prompt as Administrator:regsvr32 c:\windows\syswow64\cdoexm.dll
    regsvr32 c:\windows\syswow64\exadmin.dll
  7. Run Exchange System Manager and you’re away!

I’m AWESOME!

Create a free website or blog at WordPress.com.