Damn remote powershell!!

Hello sysadmins!

have you ever found any error like this trying to open your powershell?

[server.fq.dn] Connecting to remote server failed with the following error message : The WS-M
anagement service cannot process the request. The system load quota of 1000 requests per 2 seconds has been exceeded. S
end future requests at a slower rate or raise the system quota. The next request from this user will not be approved fo
r at least 1854475008 milliseconds. For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
   eption
    + FullyQualifiedErrorId : PSSessionOpenFailed

and you found this useless page http://support.microsoft.com/kb/2027064 on your road. What a shame!!

Opening and closing the shell doesn’t work, obviously, and you can’t reboot the machine, obviously, your server is on a production enviroment…

“Damn! Just tell me how to fix it!”

Ok, ok, so just recycle your MSExchangePowerShellAppPool application pool on IIS7 and enjoy your powershell!

Some useful articles everyone should read before christmas:

Troubleshooting Exchange 2010 Management Tools startup issues http://blogs.technet.com/b/exchange/archive/2010/02/04/3409289.aspx

Resolving WinRM errors and Exchange 2010 Management tools startup failures http://blogs.technet.com/b/exchange/archive/2010/12/07/resolving-winrm-errors-and-exchange-2010-management-tools-startup-failures.aspx

Lazy Set-ExchangeServer DC exclusion

Hello lazy admins!
Have you heard about your company’s AD team? They’re just promoting, demoting, rebooting, reinstalling some DCs…
What?!?!?!? Are you crazy?!?!? Thankyou for telling me the activities you are doing before actually doing them!!! We are just having “SOME” problems on our Exchange server!…

If this doesn’t sound new to you, here is what you need.

Maybe you also see something like this on your event log:

Log Name:      Application
Source:        MSExchange ADAccess
Date:          29/07/2012 10:40:40
Event ID:      2080
Task Category: Topology
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      yourexchangeserver.f.q.d.n
Description:
Process STORE.EXE (PID=2504). Exchange Active Directory Provider has discovered the following servers with the following characteristics: 
 (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version) 
In-site:

[...]
your-weird-dc.f.q.d.n          CD- 1 6 6 0 0 1 1 6 1
[...]

You will see many event like this, normally every 15 minutes, reporting the list of the available domain controllers.
Just take a look at that strange number configuration.
For every line, we have something like:

Server name         | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version

good-dc-1.f.q.d.n   CDG     1         7              7              1            0     1            1               7          1
good-dc-2.f.q.d.n   CDG     1         7              7              1            0     1            1               7          1

I won’t bother you about the meaning of every number, just know that “CDG 1 7 7 1 0 1 1 7 1” is good and “CD- 1 6 6 0 0 1 1 6 1” bad.
If you want to learn more about this, I found this page for the same event in Exchange 2003 and I’m pretty sure the meaning of the codes are the same:
Event ID 2080 from MSExchangeDSAccess http://support.microsoft.com/kb/316300
If you find the updated KB just drop me a message with the right URL for Exchange 2010.

Ok so, let’s go on.
Let’s grab the DC name list and exclude them from your exchange environment:

$dclist = @( "your-weird-dc-1.f.q.d.n","your-weird-dc-2.f.q.d.n","your-weird-dc-3.f.q.d.n" )
Get-ExchangeServer | Set-ExchangeServer -StaticExcludedDomainControllers $dclist

Check with:

Get-ExchangeServer -status | fl Name,StaticExcludedDomainController

and call your boss singing “everything’s gonna be allright… everything’s gonna be allright…”

Then on the following events I’ll see something like:

good-dc-1.f.q.d.n        CDG 1 7 7 1 0 1 1 7 1
your-weird-dc.f.q.d.n    CD- 0 0 0 0 0 0 0 0 0
good-dc-2.f.q.d.n        CDG 1 7 7 1 0 1 1 7 1

Be careful with this configuration, because you can by mistake exclude ALL your DC.

Before to go have a look at:

nltest http://support.microsoft.com/kb/158148
Get-ExchangeServer http://technet.microsoft.com/en-us/library/bb123873.aspx
Get-ExchangeServer http://technet.microsoft.com/en-us/library/bb123716.aspx

nltest /dsgetsite
nltest /dsgetdc:yourADdomain
nltest /dclist:yourADdomain

Ciao!
AR

Please, do not cut the queue

Even on a transport server, like in real life, it’s not polite to cut the queue.
But there are some situations in wich you must do that, to manage some particular problems.

The basics:

Get-Queue http://technet.microsoft.com/en-us/library/bb124904.aspx
Get-Message http://technet.microsoft.com/en-us/library/bb124738.aspx
Suspend-Message http://technet.microsoft.com/en-us/library/aa997457.aspx
Export-Message http://technet.microsoft.com/en-us/library/aa997214.aspx
Remove-Message http://technet.microsoft.com/en-us/library/aa996371.aspx

Let’s start playing a bit:

[PS] C:\>get-queue

Identity                                    DeliveryType Status MessageCount NextHopDomain
--------                                    ------------ ------ ------------ -------------
hub_server_1\29531                          MapiDelivery Ready  0            dag00_db01
hub_server_1\29534                          MapiDelivery Ready  0            dag00_db00
...
[PS] C:\>Get-Queue | select -first 
RunspaceId           : 2ca1a5f4-960b-4190-b53a-0c1036882ced
DeliveryType         : MapiDelivery
NextHopDomain        : dag00_db16
TlsDomain            :
NextHopConnector     : c981887b-f155-44c2-9065-8126975d9cf7
Status               : Ready
MessageCount         : 0
LastError            :
LastRetryTime        : 29/07/2012 16:55:05
NextRetryTime        :
DeferredMessageCount : 0
QueueIdentity        : hub_server_1\29536
Identity             : hub_server_1\29536
IsValid              : True

Then

[PS] C:\Windows\system32>Get-Queue | ? { $_.MessageCount -gt 0}  | Get-Message

Identity                FromAddress             Status Queue                   Subject
--------                -----------             ------ -----                   -------
hub_server_1\Submiss... support.extranet_1@p... Active hub_server_1\Submission xxxxxxx...
hub_server_1\Submiss... <>                      Active hub_server_1\Submission xxxxxxx...
hub_server_1\Shadow\... <>                      Ready  hub_server_1\Shadow\... xxxxxxx...
hub_server_1\Shadow\... <>                      Ready  hub_server_1\Shadow\... xxxxxxx...
hub_server_1\Shadow\... <>                      Ready  hub_server_1\Shadow\... xxxxxxx...

Then, when you figured out wich message you want to export, first you have to suspend it with Suspend-Message

Suspend-Message hub_server_1\Submission\418207

now you can export the message

Export-Message -Identity  "hub_server_1\184726\1468849" | AssembleMessage  -Path "C:\support\message.eml"

and you will have a clean .eml file.
If you want to quickly suspend/export all messages without messing with file names, just type this:

$i = 0
Get-Queue | Get-Message | Suspend-Message
Get-Queue | Get-Message | ?{ $_.status -eq "Suspended" | % { Export-Message -Identity  $_ | AssembleMessage  -Path ("C:\support\" + $i + ".eml" ; $i++ }

See you!

Message Tracking I love you!

User1: “Hey I sent an important message to Mr Sarkazz, CEO of Limurtacch Inc. but he said he has never received it!! That email is the most important agreement I’ve done in my life!!! I will cut your head!!!

How many support ticket with requests like this, how many annoying discussions with users about business goals missed because of you!

Let’s check if they are right or they just have to attend a first level computing course: Get-MessageTrackingLog is what we need!

Basic informations:
Understanding Message Tracking http://technet.microsoft.com/en-us/library/bb124375.aspx
Get-MessageTrackingLog http://technet.microsoft.com/en-us/library/aa997573.aspx

With this you just query the machine in wich you are logged on (a HUB server or it won’t work)

Get-MessageTrackingLog [-End <DateTime>] [-EventId <String>] [-MessageId <String>] [-MessageSubject <String>] [-Recipients <String[]>] [-ResultSize <Unlimited>] [-Sender <String>]  [-Start <DateTime>]

If you have more than one transport server on your infrastructure, just type:

Get-TransportServer | Get-MessageTrackingLog

If you want to exclude a particular transport server from the list:

Get-TransportServer | ? { $_.Name -notlike "server_prefix_*" } | Get-MessageTrackingLog

Again

Get-TransportServer | ? { $_.Name -notlike "server_prefix_*" } | Get-MessageTrackingLog -MessageId blabla@cucu -Recipients i@b.m -ResultSize Unlimited -Sender c@n.n -Start 07/07/2007

Or better

Get-TransportServer | ? { $_.Name -notlike "server_prefix_*" } | Get-MessageTrackingLog -MessageId blabla@cucu -Recipients i@b.m -ResultSize Unlimited -Sender c@n.n -Start 07/07/2007 | sort timestamp | fl

And then you realise that the destination email address was wrong and you can smash the door on User1’s face.

Regards
AR

Hello world!

I want to leave this, it’s just the first message of the blog 🙂