Dec 24, 2004

In response to David's question
=========================
Seems you are big guy at Exchange. I'm not familar with it, but might will have a project for me seting up to monitor Exchange server. So any suggestions?

Answer
======

couple ways you can monitor your Exchange server.
1) you can do it via Exchange System Manager, open the properties of server object, Monitoring tab, define whatever as you wish
expand Tools, "monitoring and Status", right here you can view the status realtime and define the action you want your exchange server to take when something happen
2) you can also monitor your exchange services in "services.msc" snap-in.
that is more an OS functionality than Exchange's
3) you can monitory your free space/cpu usage etc via System Monitor, again, it's a OS function

Please come back and visit my blog as I will add posts from time to time.
But since I am so lazy, I will prefer answering questions to writing new topic.

Hope this helps.


Dec 10, 2004

ever confused with "discontinued networks" and "auto summary" command in Cisco routers?

If you read only Sybex's "CCNA study guide", which is so well known in the Cisco certification community, and you don't have too much experience, you most likely lost yourself. So this book is not that good as so many people say.

Refer to
http://www.oreilly.com/
catalog/iprouting/chapter/ch04.html#31695

for what is "discontinued networks"

Dec 8, 2004

Exchange 2000/2003 FE/BE topology step by step
======================================

Environment
----------------
AD domain: strongline.local
DNS domain: strongline.net
Exchange sites: site1 and site2
Exchange smtp domain: site1.com and site2.com
Users has either @site1.com or @site2.com email address

Objectives
----------
Users can access their emails by http://mail.site1.com or http://mail.site2.com
or http://mail.strongline.net/site1 or http://mail.strongline.net/site2

Steps
--------
1. Supposed that you have install all Exchange back-end servers ready
S1-Ex.strongline.local
S2-Ex.strongline.local

users can access their email internaly by Outlook, OWA (http://S1-Ex/Exchange or http://s2-ex)

2. Now install a new Exchange server (2000 Enterprise Edition or 2003 server) into either site1 or site2, it doesn't matter, check the box "it is a front-end server". In our example, the server will be named FE-Ex.strongline.local, it's public name will be mail.strongline.net

At this point, if all your users have a common email address, say @strongline.net, and @strongline.net is your default recipient policy, then
* internally, you can just type in http://FE-Ex to get your email. Of course you can create a CNAME record "mail" pointing to "FE-Ex" so you can just type in http://mail
* externally, you can type in http://mail.strongline.net
But remember in our example, users have either @site1.com or @site2.com address. So we will have to do a little more tweaking job

3. Create virtual directories for URL http://mail.strongline.net/site1 and http://mail.strongline.net/site2
- In Exchange System Manager, expand your FE server, Protocols, HTTP, right click, new virtual directory. Set Exchange Path to "Mailbox for site1.com" and "site2.com" respectively.
- Do the same on all back-end servers that contain mailboxes for site1.com/site2.com

Now you should be able to access your email via http://mail.strongline.net/site1 and http://mail.strongline.net/site2

4. Create HTTP virtual servers for URL http://mail.site1.com and http://mail.site2.com
- In Exchange System Manager, expand your FE server, Protocols, HTTP, right click, new virtual servers. Give it a proper name, select the correct IP address. Click on Advanced button, Add, Select IP address, type in "mail.site1.com" in Host Name box, OK. Select "mailboxes for site1.com".
- Create another HTTP virtual server for site2.com.
- Do the same on all back-end servers that contain mailboxes for site1.com/site2.com

Now you should be able to access your email via http://mail.site1.com and http://mail.site2.com

5. There are couple more things such as authentication, disabling un-neccessary services on FE server, and so on have to be done, please refer to http://www.microsoft.com/technet/
prodtechnol/exchange/2003/library/febetop.mspx
for more information.

Nov 25, 2004

I was too lazy to add couple new posts about Offline Address Books and Recipient Update Service that were planned long time ago.

I am not doing that today, even today is really quite and nice day - thanks to the Thanksgiving holiday in the States! I have not customer to call me today so far...

Probably some time after Chrismas...

Oct 27, 2004

Ethernet_II, 802.3, 802.2 vs. SNAP

There are four types of ethernet frame type:
Ether_II,
802.3,
802.2,
SNAP

Ether_II: has a field named "protocal", which specifys the upper layer(network layer)protocal(e.g. IP, IPX, etc.)

802.3: without a "protocal" field but has a "length"

802.2: Since the 802.3 Ethernet frame cannot by itself identify the upper-layer (Network)protocol, it obviously needs some help. The IEEE defined the 802.2LLC specifications to provide this function and more. an 802.2 frame is an 802.3 frame with the LLC information in the data field of the header. 802.2 frame is identified by "Dest. SAP" and "Source SAP" fields, these two fields specifys the upper layer protocal

SNAP: The SNAP frame has its own protocol field to identify the upper-layer protocol.This is really a way to allow an Ethernet_II Ether-Type field to be usedin an 802.3 frame. SNAP frame is identified by its "Dest. SAP" and "Source SAP" fields, always have the value of "0xAA" - SNAP, the upper layer protocal has already been specified in "protocal" field

In short words:
originally we have Ether_II or 802.3(created by Novell, with no Type field, then accepted by IEEE), then IEEE introduced 802.2 and SNAP to modify 802.3 so 802.3 can identify upper level protocol. when we say 802.2 frame, we mean a 802.3 frame with 802.2 header; when we say SNAP frame, we mean on top of 802.3, we have SNAP header. In the meantime, SNAP is a
special 802.2 frame with certain values on SSAP, DSAP, and Command fields.

Oct 8, 2004

what IS this prisoner.iana.org?

Well, once RFC 1918 (and its predecessors, actually) came out, the IANA -- the old name, recall, for the folks in charge of handing out IP address blocks -- realized that they needed a "placeholder" in-addr.arpa zone for the three ranges of non-routable addresses. So they put zones named 10.in-addr.arpa, 16.172.in-addr.arpa, and 168.192.in-addr.arpa on a three DNS servers named blackhole-1.iana.org, blackhole-2.iana.org and prisoner.iana.org, at IP addresses 192.175.48.6, 192.175.48.42, and 192.175.48.1, and prisoner is set as the primary DNS server for the zones. Thus, if one of your systems with a 192.168.x.x address tries to register its PTR record then it will, unless you have a local DNS server with a 168.192.in-addr.arpa zone, end up trying to register with prisoner.iana.org -- which will reject the request. The bottom line is, don't worry about it in most cases. In one case, however, you MIGHT worry about it, if you were running an intranet with a dialup connection to the Internet.

copy from Expert-Exchange

Oct 1, 2004

Here are the network interface names commonly used by different Unix
types.

Sun le0 / hme0
DEC ultrix ln0
DEC OSF/1 ln0
HPUX lan0
AIX en0
GNU/Linux eth0
IRIX ec0
FreeBSD ep0
Solarisx86 dnet0

Aug 28, 2004

How to open Exchange System Folders in Internet Browser

http://localhost/public/non_ipm_subtree

Aug 13, 2004

zone shoud consist of only continous name space
zone name typically is the name of its root domain
in-addr.arpa is a sub-domain, like com, edu, org, etc., for reverse lookup purpose

A zone starts as a storage database for a single DNS domain name. If other domains are added below the domain used to create the zone, these domains can either be part of the same zone or part of another new zone(Delegated away). Delegating means creating a new zone

==== To be continued ====

Jul 29, 2004

command line equivalence to MMC's

AD Users and Computers : dsa.msc
AD Sites and Services : dssite.msc
AD domains and Trusts : domain.msc
Services Manager : services.msc
computer management : compmgmt.msc
Schema Manager : schema.msc
DNS Manager: dnsmgmt.msc
Device Manager: devmgmt.msc
Event Viewer: eventvwr
IIS Management: iis.msc (under "inetsrv" folder)
Local Users and Groups Management: lusrmgr.msc

Jun 8, 2004

AL, OAL, OAB, and OAB folder under System Folder

Address Lists reside in AD while OAL is put under Exchange system public folder
You can create as many as AL as you wish. The most used AL is GAL, created by Exchange setup by default.

An OAB can contain many OAL's,
An OAL can specify more than one AL's, but a user can download only one of them
A mailbox store is associated with an OAL
Default AL is associated with any newly created mailbox store

Before OAL's can be generated, the address lists, on which OAL based, in Active Directory must be up-to-date. The Exchange SA service calls RUS to maintain AL's. If RUS cannot populate the AL's, Exchange cannot build the OAB's.

once you create a new OAL, you have to wait for public folder store online maintainence to happen overnight to populate messages/attachments into OAB folders

When you delete an OAL, the server dosen't remove the corresponding system folder for 7 days, so if you create a new offline address book with the same name, it is added as OAB version 2 in a subfolder. When this happens, the outlook client can't find the OAB since it is in a folder instead of in System Folder directly.

An OAB server is the server that generates those messages/attachments, it has to be one of the replica server (Q286328)

Default OAL contains data from GAL, but you can populate it with any other ALs. Even you can put more than one ALs into one OAL, but only one AL will be used.

It's often desired to associate different OAL to different mailboxes

May 28, 2004

how to fire a LDAP query in ADUC

so you don't have to open ldp.exe or ldifde

in ADUC, find, customer search, advanced, go

May 11, 2004

how to clean ghost server object from AD
ADSI: DC ou,
system\file replication service\domain system volumn
Ntdsutil
metabase cleanup
DNS
NS/A records

see: Q216498

Apr 28, 2004

FileMon, RegMon from www.sysinternals.com to monitor which file(s), registry is being accessed
if want to know which AD object is being accessed, use netmon

also fport.exe to monitor TCP/IP ports

Apr 20, 2004

DLL Help Database
http://support.microsoft.com/default.aspx?scid=/servicedesks/fileversion/dllinfo.asp&SD=TECH&FR=0

Event ID .net

w2000msgs.chm in support tools

Apr 17, 2004

how to delete system protected object:
1. Add "Allow System Only" key to register under "hklm\system\CCS\...???"
2. use ADSI edit to delete it

using "repadmin /syncall object nam" to see underlying replication issue
use "replmon" see if replication happening

Apr 10, 2004

Send me an email to request my resume

lanjohn@hotmail.com



First post on strongline.blogger.com