Events 1863 and 2093 post SBS 2003 SP2 Migration to 2008 R2 SP1

Similar Messages

• Events 1863 and 2093 post 2003 Migration to 2008 R2

  I have migrated AD from a 2003 SBS SP2 server to a 2008 R2 SP1 server using the following article: http://technet.microsoft.com/en-us/library/dd379526.aspx
  That was 2 days ago, this morning I noticed the following events in the 2008 error log: Error 1863 and Warning 2093
  There appears to be no issue with the domain currently, everyone was able to login in without issue this morning. Both servers are continuing to run, although I plan to demote the 2003 and decommission the hardware if there are no issues (as advised by the
  post-migration instructions of the above article). I can provide full text of the events, but I have removed identifying information:
  Log Name:      Directory Service
  Source:        Microsoft-Windows-ActiveDirectory_DomainService
  Date:          2/17/2014 4:18:14 AM
  Event ID:      1863
  Task Category: Replication
  Level:         Error
  Keywords:      Classic
  User:          ANONYMOUS LOGON
  Computer:     SERVERNEW.generic.local
  Description:
  This is the replication status for the following directory partition on this directory server.
  Directory partition:
  CN=Schema,CN=Configuration,DC=generic,DC=local
  This directory server has not received replication information from a number of directory servers within the configured latency interval.
  Latency Interval (Hours):
  24
  Number of directory servers in all sites:
  1
  Number of directory servers in this site:
  1
  The latency interval can be modified with the following registry key.
  Registry Key:
  HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Replicator latency error interval (hours)
  To identify the directory servers by name, use the dcdiag.exe tool.
  You can also use the support tool repadmin.exe to display the replication latencies of the directory servers.   The command is "repadmin /showvector /latency <partition-dn>".
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS KCC" />
      <EventID Qualifiers="49152">1863</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>5</Task>
      <Opcode>0</Opcode>
      <Keywords>0x8080000000000000</Keywords>
      <TimeCreated SystemTime="2014-02-17T09:18:14.599176800Z" />
      <EventRecordID>243</EventRecordID>
      <Correlation />
      <Execution ProcessID="504" ThreadID="660" />
      <Channel>Directory Service</Channel>
      <Computer>SERVERNEW.generic.local</Computer>
      <Security UserID="S-1-5-7" />
    </System>
    <EventData>
      <Data>CN=Schema,CN=Configuration,DC=generic,DC=local</Data>
      <Data>1</Data>
      <Data>1</Data>
      <Data>24</Data>
      <Data>System\CurrentControlSet\Services\NTDS\Parameters</Data>
    </EventData>
  </Event>
  Log Name:      Directory Service
  Source:        Microsoft-Windows-ActiveDirectory_DomainService
  Date:          2/17/2014 4:18:14 AM
  Event ID:      2093
  Task Category: Replication
  Level:         Warning
  Keywords:      Classic
  User:          ANONYMOUS LOGON
  Computer:      SERVERNEW.generic.local
  Description:
  The remote server which is the owner of a FSMO role is not responding.  This server has not replicated with the FSMO role owner recently.
  Operations which require contacting a FSMO operation master will fail until this condition is corrected.
  FSMO Role: CN=Schema,CN=Configuration,DC=generic,DC=local
  FSMO Server DN: CN=NTDS Settings,CN=SERVEROLD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=generic,DC=local
  Latency threshold (hours): 24
  Elapsed time since last successful replication (hours): 25
  User Action:
  This server has not replicated successfully with the FSMO role holder server.
  1. The FSMO role holder server may be down or not responding. Please address the problem with this server.
  2. Determine whether the role is set properly on the FSMO role holder server. If the role needs to be adjusted, utilize NTDSUTIL.EXE to transfer or seize the role. This may be done using the steps provided in KB articles 255504 and 324801 on http://support.microsoft.com.
  3. If the FSMO role holder server used to be a domain controller, but was not demoted successfully, then the objects representing that server are still in the forest. This can occur if a domain controller has its operating system reinstalled or if a forced
  removal is performed.  These lingering state objects should be removed using the NTDSUTIL.EXE metadata cleanup function.
  4. The FSMO role holder may not be a direct replication partner. If it is an indirect or transitive partner, then there are one or more intermediate replication partners through which replication data must flow. The total end to end replication latency should
  be smaller than the replication latency threshold, or else this warning may be reported prematurely.
  5. Replication is blocked somewhere along the path of servers between the FSMO role holder server and this server.  Consult your forest topology plan to determine the likely route for replication between these servers. Check the status of replication using
  repadmin /showrepl at each of these servers.
  The following operations may be impacted:
  Schema: You will no longer be able to modify the schema for this forest.
  Domain Naming: You will no longer be able to add or remove domains from this forest.
  PDC: You will no longer be able to perform primary domain controller operations, such as Group Policy updates and password resets for non-Active Directory Domain Services accounts.
  RID: You will not be able to allocation new security identifiers for new user accounts, computer accounts or security groups.
  Infrastructure: Cross-domain name references, such as universal group memberships, will not be updated properly if their target object is moved or renamed.

  Hi,
  The guide you are using is not for SBS. If you look at the detailed supported migration scenarios you will see this matrix:
  Source server   processor
  Source server operating system
  Destination server operating system
  Destination server processor
  x86- or x64-based
  Windows Server 2003 with Service Pack 2 (SP2)
  Windows Server 2008 R2, both full and Server Core installation   options
  x64-based
  x86- or x64-based
  Windows Server 2003 R2
  Windows Server 2008 R2, both full and Server Core installation   options
  x64-based
  x86- or x64-based
  Windows Server 2008, both full and Server Core   installation options
  Windows Server 2008 R2, both full and Server Core installation   options
  x64-based
  x64-based
  Windows Server 2008 R2
  Windows Server 2008 R2, both full and Server Core installation   options
  x64-based
  x64-based
  Server Core installation option of Windows Server 2008 R2
  Windows Server 2008 R2, both full and Server Core installation   options
  x64-based
  There is no Small Business Server specified.
  This forum is not really for SBS migrations and you can also ask on the SBS forums
  for better advice about SBS.
  And yes, if you want to decommission the SBS server, running as a DC, you will at some point have to transfer the FSMO roles to the destination server. Please follow the steps in the guide I posted earlier to migrate the roles or applications that you need.
  And also ask more details on the SBS forums.
  Marius
  http://mariusene.wordpress.com/

• SCOM 2007 server OS upgrade from 32 bit Win 2003 SP2 to Win 2008 R2 64 bit

  Dear Experts,
  We are planning to upgrade where in SCOM 2007 R2 presents on 32 bit Virtual Machine Win 2003 SP2 to Win 2008 R2 32 bit or 64 bit. Though OpsManager Database is already upgraded to SQL 2008 R2 from SQL 2005. So No pblm with DB upgradation.
  So my point is If I go ahead to upgrade from Win 2003 (SCOM 2007 R2 resides) to Win 2008 R2 does it create any impacts on SCOM 2007 R2 environment ? Please let me know the procedure for this or any documentation is available to complete this.
  Thanks in advanced!
  Saravana Raja

  Firstly,
  Please note that you can only upgrade an OS to the same architecture (i.e. from x86 to x86, and not to x64). See the following Support Article about supported upgrade paths for Windows Server 2003: https://support.microsoft.com/kb/951041?wa=wsignin1.0.
  Therefore, if you plan to upgrade to a x64 architecture, you will need to perform a new installation, and not an in-place upgrade. If you are going that route, I'd suggest skipping Windows Server 2008 R2, and try to push to Windows Server 2012 if not Windows
  Server 2012 R2; to more future-proof your environment.
  Further, If you are going to perform a new OS installation (to move into x64 architecture), why not also utilize the "new installation" requirement in that scenario to also upgrade to System Center 2012 R2 Operations Manager?
  The base scenario would be for you to perform an in-place upgrade of Windows Server 2003 x86 to Windows Server 2008 R2 x86. Except, there is no x86 version of Windows Server 2008 R2, only x64! Note: Windows Server 2008 (without the 'R2') has an x86 option.
  --- If you found this post/reply helpful, please visit my personal blog for more helpful articles. --- AdinE MCSE, MCSA, MCITP, MCTS; (Specializing in System Center and Private Cloud) LinkedIn: http://ca.linkedin.com/in/adinermie Website: http://AdinErmie.Wordpress.com

• SBS 2003 SP2: VSS errors; unable to create system state backup (NTBACKUP)

  NTBACKUP system state on W2k3 server fails after "thinking" for ~10 mins and "creating" shadow copy; almost no disk activity, almost no CPU load. Errors in the Application
  log:
  Source: SQLVDI EventID: 1
  Loc=SignalAbort. Desc=Client initiates abort. ErrorCode=(0). Process=3392. Thread=29348. Client. Instance=. VD=Global\{9B35142B-C687-4766-9707-BC387534BA38}1_SQLVDIMemoryName_0. 
  Several of them.
  Then: 
  EventID: 8019
  Source: NTBackup
  End Operation: Warnings or errors were encountered. 
  Consult the backup report for more details.
  Then: 
  Source: VSS
  EventID: 12305
  Volume Shadow Copy Service error: Volume/disk not connected or not found. Error context: CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy9,0xc0000000,0x00000003,...).
  And finally:
  EventID: 12293
  Source: VSS
  Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details PostFinalCommitSnapshots({de0d580b-68ce-4eae-a046-b5b5b7a80235}, 1) [hr = 0x80042308].
  When creating shadow copy on the system volume, the operation may take ~40-90 mins. On the data volume -- <1 min.
  "vssadmin list writers" shows:
  vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
  (C) Copyright 2001 Microsoft Corp.
  Writer name: 'System Writer'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'SqlServerWriter'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'MSDEWriter'
     State: [1] Stable
     Last error: No error
  Writer name: 'FRS Writer'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'NTDS'
      State: [1] Stable
     Last error: No error
  Writer name: 'IIS Metabase Writer'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'Event Log Writer'
     State: [1] Stable
     Last error: No error
  Writer name: 'COM+ REGDB Writer'
     State: [1] Stable
     Last error: No error
  Writer name: 'Dhcp Jet Writer'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'Certificate Authority'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'WINS Jet Writer'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'Registry Writer'
     State: [1] Stable
     Last error: No error
  Writer name: 'Microsoft Exchange Writer'
     State: [1] Stable
     Last error: No error
  Writer name: 'TermServLicensing'
     State: [10] Failed
     Last error: Retryable error
  Writer name: 'WMI Writer'
     State: [10] Failed
     Last error: Retryable error
  Here is what I tried to do:
  1. Restarted that thing.
  2. Cleaned the security log.
  3. Installed Windows Server 2003 Hotfix rollup KB940349-v3.
  4. Stopped both SBSMONITORING and SHAREPOINT instances of MSDE, SQL 2005, SQL 2005 VSS and tried to perform the system state backup then. Stopped Exchange 2003 before launching NTBACKUP as well.
  5. "regsvr32 sqlvdi.dll" in MSDE directory.
  6. Renamed "System Volume Information" on all volumes and VSS has re-created them.
  7. chkdsk /f was fun on all volumes, no major issues found.
  8. Installed Hotfixes KB967551, KB975928-v2 (someone recommended).
  9. Disabled SQL Server VSS Writer (SQLVDI errors disappeared from the application event log, VSS and NTBACKUP errors stayed).
  10. Re-registered the DLLs as per Shaon Shan's post at http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/346fa42c-a476-457f-bcf3-59f87e444b55
  The above had no effect on the issue whatsoever, except a little change at item 9 as mentioned.

  Hi there.
  I just had that problem. I saw friday my backup from my sbs 2003, was not completing becasuse it said it couldn´t creat a shadow copy in the external drive... It kept giving me errors os VSS and Volsnap... But strange thing is, i have VSS turned off in all
  drives, and from months no problems with backups... So i went in Event viewer and look at it with attention, i saw a error that keep coming up from time to time (because we change the external drive form week to week). And i realize that there's a disk error
  event...
  Couldn´t run checkdisk from server, dont now why.. So i disconnected the drive, connected to my laptop, and ran a CheckDisk /F /X. ... It had BAD SECTORS! So i ran check disk... waited like 10-20 minutes. And then i ran it again just in case, and the 2nd
  time was much more faster, like 3-6 minutes. 
  I disconnected from laptop, and connected to server. I went to the Backup wizard (in server managment), and press Backup now... 
  It hang 5-10 second in Creating Shadow copy..... And it started making the Backup :_D
  I've seen all errors that were reported exactly as mine. I ran the Hotfix, all stayed the same, i followed all manual steps and still the same... and the problem was always in the external drive, which had bad sectors. 
  Hope it will help the next person that needs this info!

• Can´t install KB961143 on Spanish language server SBS 2003 SP2

  We need to apply this KB961143, we found 
  Hotfix SBS2003SP1-KB961143-X86-ENU.EXE  but is doesn´t work with our server
  2003 SBS SP2 - Spanish-
  Thanks.

  Hi LCSMAR,
  Based on your description, it’s hard to narrow down the root cause. Would you please let me know the complete
  error message that you can get when fail to install this Hotfix?
  In addition, please check if .NET Framework 2.0 installed before you apply this Hotfix.
  Meanwhile, please check if you have installed
  KB2028492. If not, please install KB2028492, then download the Hotfix
  here manually and check if you can install it successfully.
  If this issue still persists, please refer to the following article to reset Windows Update components and
  monitor the result.
  How do I reset Windows Update components?
  By the way, please check Event Viewer and log file if you can find some relevant errors. Those may help us
  to go further.
  Hope this helps.
  Best regards,
  Justin Gu

• How to achieve streaming audio and video with SBS 2003

  Basic Fact:  SBS 2003 is frozen at SP1.  I am connecting to Verizon DSL--now Frontier DSL-- using their DSL modem, which is a Linksys 7550 modem.  The gateway on the modem card is 192.168.254.254.  Communication to and from the internet
  works, but there is apparently a lot of noise on the line and SBS2003 responds by disconnecting the WAN line.  I have to get to the Network Connections page, select the WAN connector, right-click it and tell it to repair itself (an image that is definitely
  R-rated).  Where can tell the system to not disable the WAN line if it detect some noise?  This process of repairing the line is inconnevient when I am in the room with the SBS box, and impossible if I am trying to stream video to the set in the
  living-room.

  Hi Hollis:
  It is not clear why the server is in play here.  If you have a "better than average" firewall at the edge you can use SBS in a single NIC config and from your living room go straight to the internet through the firewall and the ISP device
  without impacting the SBS other than for DNS.
  And if you don't care about who accesses your internal network from the internet a "better than average" firewall would not be required.
  Larry Struckmeyer[MVP] If your question is answered please mark the response as the answer so that others can benefit.
  Larry,
  Thanks for the reply. What you are really saying is that SBS server is so complicated and. because so little is documented about its guts and internal workings, that it is better to treat it as a black box and use an external solution. That is a sad commentary
  on a really good product, even if I am frozen at 2003 SP1. There really has to be somewhere that the wan line is set to be disabled on the lowest level of noise. There should be a means of boosting that trigger level. If we just knew where it is done.
  Given that that we really are dealing with a black box here, can you give me the names of a few firewalls qualifying as "better than average". I do recognizing that I am living at that queasy stage where any major catastrophy with the server will
  cause complete abandonment of the server, and all the conveniences it provides. When the motherboard died last time I bit the bullet and replaced it at not too great a cost. So, here we are again--do I convert to just Frontier security offerings and google
  apps. Google is notorius for providing no support. Then again, the Microsoft products are so bloated that I use less than 10% of any one. Fortunately, that 10% has really never needed any support. And I have pretty much given up pondering the use of XML due
  to a dirth of info from Microsoft about it. Sigh. I think I had better take a dramamine before going farther into the murk here.
  Hollis

• IPhone gets event 3005 Activesync error with SBS 2003

  I have a Microsoft Windows 2003 Small Business Server  that has been communicating with all of my IOS devices for months and now one of the iPhones get an Activesync error when trying to access Exchange mail.  I get an event 3005 -
  Unexpected Exchange mailbox server error.
  Verify that the Exchange Mailbox server is working correctly.
  I have other iPhones and iPads that are accessing the server correctly and when I setup the same user on different iPhones they are able to access the accoutn for the user accountthat is having the problem which means the issue is something on the phone.
  We took the phone to AT&T and had them reset it.  We then setup the Exchange account again and it worked for about a minute and then started the same errors. 
  Does anyone have any ideas?

  I have a Microsoft Windows 2003 Small Business Server  that has been communicating with all of my IOS devices for months and now one of the iPhones get an Activesync error when trying to access Exchange mail.  I get an event 3005 -
  Unexpected Exchange mailbox server error.
  Verify that the Exchange Mailbox server is working correctly.
  I have other iPhones and iPads that are accessing the server correctly and when I setup the same user on different iPhones they are able to access the accoutn for the user accountthat is having the problem which means the issue is something on the phone.
  We took the phone to AT&T and had them reset it.  We then setup the Exchange account again and it worked for about a minute and then started the same errors. 
  Does anyone have any ideas?

• Compatibility Exchange Server 2003 SP2 and Domain controllers Windows Server 2008 R2

  Hi all, I have this scenario:
  - Two Domain Controllers Windows Server 2003 R2 SP2
  - Two mail servers Exchange Server 2003 with the following version:
    6.5 (Build 7638.2 Service Pack 2)
  I want to upgrade my domain controllers to Windows Server 2008 R2.
  My question is whether exchange Server 2003 6.5 (Build 7638.2 Service Pack 2) is supported with Domain Controllers Windows Server 2008 R2.
  Can you tell me some official Microsoft website where this reflected?
  regards
  Microsoft Certified IT Professional Server Administrator

  Exchange Server 2003 SP2 supports DCs running Windows Server 2008 R2. These DCs should be RWDCs and not RODCs:
  Exchange 2003 SP2 will now be supported against writeable Windows Server 2008 R2 Active Directory Servers.  Additionally, with the General Availability of Exchange Server 2010, and those looking to standardize on Windows
  Server 2008 R2 we have enhanced the supportability of forest and domain functional levels up to Windows Server 2008 R2.  This change is effective immediately on Exchange 2003 SP2.
  Reference: http://blogs.technet.com/b/exchange/archive/2009/11/30/3408893.aspx
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Migrate SBS 2003 with AD and Exchange to Windows Server 2012 Standard

  We are using SBS 2003 and we have configured Exchange server and AD with DNS and DHCP. Now we are planning to move SBS 2003 to Separate servers like windows server 2012 standard AD with DNS and DHCP and Windows server 2012 Standard with Exchange
  2010.
  Is it Possible?? we need step by step guide.
  Thanks in advance.

  Hi,
  You probably would not find any step by step guide for this kind of migrations. If you are not comfortable with doing such migrations I would recommend to if you need to do it your self do some test migrations. Or otherwise get help by a local IT company
  that is familiar with migrations.
  But to give you some information, first thing before starting a migration is check the health of your SBS 2003 server / domain. Use tools like dcdiag, netdiag and best practice analyzer. I wrote a blog post about steps to think about before you start this
  might help: http://blog.ronnypot.nl/?p=914
  When every thing is clean you can start adding the new windows server 2012 machines as member servers to your domain. 
  Next you can promote one of the servers to additional domain controller on your domain (Keep in mind SBS needs to hold all FSMO roles so moving these is the last step your should do.) Also promoting a windows server 2012 to domain controller has slightly
  changed, you need to install the ADDS role and follow the wizard to promote the server to a DC.
  With installation of the new DC install DNS allongsite it will automatic replicate settings during confiugration.
  DHCP must be installed manual, depending on your scope and settings it might be as easy to create a new scope and disable the old dhcp server.
  On the server Exchange needs to be installed, make sure you install and do all pre-requirements. Than install Exchange it will automaticly detect you already have an Exchange organization and is installed as additional server. You can configure all settings
  and when everything is configured right you start moving mailboxes.
  When everything is moved away from the SBS 2003 server, uninstall exchange, move the FSMO roles to the new DC and after that demote the sbs 2003 server so it is not listed anymore as an additional DC in the domain. Last would be shutdown the server and remove
  all records left in AD and DNS.
  There is this guide for migrating SBS 2003 to windows server 2008 R2 and Exchange 2010, this might give you some usefull information, not everything will be the same but it is a good start:
  http://demazter.wordpress.com/2010/04/29/migrate-small-business-server-2003-to-exchange-2010-and-windows-2008-r2/ 
  Regards Ronny
  Visit my Blog or follow me on
  Twitter

• SBS 2003 to Server 2008/Exchange 2007

  We are in the process of moving our location and are in need of moving
  from SBS to something with more CALs.  I want to make this as seemless
  as possible for the end-users.
  We are currently on SBS 2003.
  My plan:
  Purchase new 64 bit server with Server 2008 and Exchange 2007.
  Add new server to existing domain.
  Move/migrate exchange from SBS to new server.
  Make sure the user info and and Group profiles move to the new server
  (not sure how to do that)
  Remove the SBS, and promote the new 2008 to DC.
  Possibly rename the 2008 to the same name and IP as the old SBS (so
  outlook users do not have to change anything)
  Would that be the correct route?  If so, what am I missing?  (Looks
  easy on paper)
  Thanks,
  Mike

  hi
  here is  a lead
  Start by installing Windows Server 2008 on the server you’re intending on using for mail. In our example we installed all the Exchange functionality on a single server – in practice you’ll probably want to separate out the Hub and Storage
  functions, and use a separate Edge server for mail traffic and user access to mail. There’s no problem with connecting to the network while you’re doing the install – Windows Server 2008 installs as a workgroup server – and you’ll
  automatically be delivered the latest drivers and the most up to date OS patches. You’ll also need to give the server an appropriate fixed IP address, as it’s going to become a key component of the network infrastructure.on the role and feature-based
  install model introduced with Windows Server 2003 and enhanced in Windows Server 2003 R2. Make sure you use these tools to install Internet Information Server – as Exchange 2007 will use it for Outlook Web Access and Exchange ActiveSync. Exchange 2007
  requires that servers have the PowerShell management scripting environment and the
  .NET framework. We’d also recommend installing Terminal Services as part of any Windows Server installation, as using Remote Desktop to access the new server and the existing SBS 2003 domain controller will let you handle much of the
  migration process from the comfort of your desk.Once Windows Server 2008 has been installed, take out the install DVD and shut the server down. As you’re going to be adding a Windows Server 2008 machine to what’s really a Windows Server 2003 network,
  you need to upgrade the Active Directory schema on our SBS 2003 server. This will allow you to manage the Windows Server 2008 machine from the SBS 2003 machine. You may need to update your version of Remote Desktop to one that supports the latest versions
  of the RDP protocol.Put the Windows Server 2008 DVD in your SBS 2003 machine’s DVD drive (a network accessible DVD drive is suitable, especially if access to any machine room is limited, and you’re using Remote Desktop to manage
  the server). Open a command line and change directory to SOURCES\ADPREP. You need to use ADPREP.EXE to update the Active Directory schema. Start by typing the following command to update the Active Directory forest.adprep.exe /forestprep.This will
  begin the process of updating the schema. Be prepared to wait some time, especially if you’re working with SBS 2003 rather than SBS 2003 R2. Once the forest schema has been updated you can update the domain schema. Type the following command:adprep.exe
  /domainprep.You’re now ready to bring the new Windows Server 2008 machine into your existing domain. Turn on the server, and then log in as a local administrator. Again, you can use Remote Desktop to work with the server, so you don’t need
  to sit in the machine room.to the existing SBS-managed domain. Once the server is part of the domain, you will to promote it from a member server to a domain controller. Launch DCPROMO
  using the Start menu search bar to find the program. Choose to add a domain controller to an existing domain. You’ll need to use the credentials of an existing domain administrator to start the process.Make the server a Global Catalog server.
  If you’re going to be keeping the existing SBS 2003 system there’s no need to make the new server a DNS server. DCPROMO will then add the requisite Active Directory Domain Services to your Windows Server 2008 machine. This can take some time, especially
  if you’re working with a large SBS-managed network with more than 50 users. Once the DCPROMO process is complete you’ll need to restart the server. You can now log in as a domain administrator.Now you can start the process of installing Exchange
  2007 on the new server. There’s one key issue that needs to be dealt with first. Exchange 2007 needs to install on a server that’s a Schema Master.
  One of the limitations of SBS 2003 is that the SBS server needs to own all five of the FSMO
  roles. The Flexible Single Master Operations are key domain management tasks, and in a standard Active Directory implementation, these roles can be parcelled out across several servers. Microsoft’s restrictions on SBS can be overcome –
  as the SBS licence allows FSMO roles to be temporarily transferred to other servers for the purpose of server migration and major hardware upgrades. You can continue to run SBS for up to seven days (there is an option to install an update that extends this
  to 21 days) with the FSMO roles on other servers. Don’t let the migration drag on as after that point, the server will reboot every hour, until the roles are transferred back.You’ll need to be logged in to your SBS server to move the Schema Master
  to the Windows Server 2008 machine. Start by registering SCHMMGMT.DLL. This allows you to use the Windows Schema Master management tools to transfer the Schema Master role to the Windows Server 2008 machine. Open a command line and type the following command.regsvr32
  schmmgmt.dll
  You’ll next need to open the Windows Management Console. Once you’ve done this, by typing
  mmc at a command prompt or from the Run option on the start menu, you can load the Active Directory Schema management snap-in. From the File menu click Add/Remove Snap-in. This opens a dialog box where you can choose to add the appropriate
  tools. Choose Active Directory Schema. This will load the schema management tools, which you can use to move the Schema Master to a new machine.In the Schema Manager console, right click on Active Directory Schema and then choose Change Domain Controller.
  You’ll see a list of available servers. Choose the new Windows Server 2008 machine, and then click Change to move the Schema Master role to your new Exchange machine. Right click Active Directory Schema again, and choose Operations Master. This allows
  you to make the new server the operations master for the FSMO role we’ve just transferred.
  Now you can start the Exchange 2007 installation. Log on to the server, and load the Exchange 2007 DVD; using an Exchange 2007 SP1 DVD reduces the amount of time you’ll need to set aside for downloading and installing uploads. Choose the appropriate Exchange
  installation for your network needs – a typical install with Hub Transport, Client Access and Mailbox roles should be sufficient for most small networks. Once Exchange has installed, restart the Windows Server 2008 machine and then open the Exchange
  Management console to confirm that your install completed successfully.You will now have added your new Exchange server to the existing SBS Exchange network. On the SBS server open the Exchange System Manager.Expand the Administrative Groups tab to see the
  available administrative groups. Your new server should have added itself as Exchange Administrative Group (FYDIBOHF23SPDLT). Do not move it out of this Administrative Group or the associated routing group, Exchange Routing Group (DWBGZMFD01QNBJR) –
  these are required to allow Exchange 2007 to interoperate with Exchange 2003. (As a side note, there’s definitely a sense of humour in the Exchange team at Microsoft, as the default administrative group and routing group names are both Caesar Ciphers
  of EXCHANGE12ROCKS).If you’re planning to run the two servers together, you can now move the Schema Master FSMO role back to the SBS server; if you’re not, you now have seven days to finish your complete server migration before the reboots start.
  To move the role back use the Active Directory Schema MMC snap-in and change both Domain Controller and Operations Master to point to your SBS server.Now you can start to move mailboxes between the two servers. This is where things can start to take time,
  so schedule mailbox moves for evenings and weekends – and make sure that you’ve backed up all the existing mailboxes before you start the migration.
  You’ll also need to make sure that both servers have the same mailbox size limits – otherwise large mailboxes will fail to move successfully. If you’re unable to make moves at night, you can do them during working hours –
  but users will be unable to connect to the Exchange server while their mailboxes are being transferred (remember to warn them in advance). Any mail that’s been delivered to the server during a mailbox transfer will be queued and delivered once the mailbox
  is on the new server.
  The actual process of moving mailboxes from the SBS Exchange 2003 server to Exchange 2007 is relatively simple. Log on to your Exchange 2007 server, and open the Exchange Management Console. Expand Recipient Configuration, and select the Mailbox
  view. This lets you see the organisation’s mailboxes, along with where they’re currently stored. A pane on the right gives you various Actions you can perform on the mailboxes. These include the Move Mailbox wizard.
  This wizard is the simplest way of moving mailboxes between servers – and, along with the underlying move – Mailbox PowerShell commandlet, is the only supported way of moving mail to an Exchange 2007 server. If you’re moving a large set of
  mailboxes it’s worth writing a PowerShell script to handle the move for you.
  Use the Move Mailbox wizard to move either an individual mailbox or groups of mailboxes (shift-click to select several at once). As the wizard is multi-threaded it can handle up to four mailbox moves at once. First select the target database, and then choose
  the move options. You can choose to abort the move if corrupted messages exist, as well as choosing the appropriate Active Directory servers. You can also schedule the moves for out of hours – so you don’t have to be on site for a move to take
  place – as well as making sure that any moves that haven’t taken place inside a set time limit are cancelled. The wizard will check mailbox quotas before making a move to make sure that the system limits allow the mailbox to transfer to a new server.
  Once a move’s started you’ll see a progress bar showing the status of the move, with descriptive text for the current step in the move process. When a move completes there’s a summary screen with the results. There’s also an XML
  format report you can use for further analysis.
  We found that a large 4GB mailbox took about 3 hours to move, over a gigabit network. In practice, most mailboxes are a lot smaller, so expect to be able to move many more SBS mailboxes in a single overnight session. Once the mailboxes have been moved, your
  Outlook users will automatically be switched to the new Exchange server. There’s no need to change anything on the desktop – the Exchange organisation will handle the changes for you. There’s one exception; if you have used a self-certified
  certificate for the SBS Exchange server, you may need to delete it from all client devices (including Windows Mobile) so they can connect – especially if you’re using the same external DNS name.While Outlook handles the changes gracefully, things
  aren’t so easy for users working with ActiveSync connections to mobile devices or for secure IMAP and POP3
  connections. Mobile users will need to perform a manual sync on their phone (they’ll get a message in ActiveSync reminding them to do this) and accept the server policies before mail will start arriving. POP3 and IMAP connections will only continue
  to work if you make sure that your new mail server has the same external CNAME as the old SBS install. If you’re not using the same DNS name, you’ll need to recreate connections for external mail clients.
  Naeem Bhatti MCITP EA, MCITP, MCTS Exchange 2007 MCSE security,MCSE AD, MCSE in Messaging, MCDST SBS2003 and SBS2008 Specialist

• VMM 2008 R2 SP1 support SQL 2008 R2 SP2?

  I plan to install service pack SP2 to SQL 2008 R2 SP1 which host OM and VMM Database. Does VMM 2008R2 SP1 support this version of the SQL server?
  As i know OM2007R2 supportes SQL2008R2 SP2 since CU4. 

  Is SQL Server 2008 R2 SP1 supported on Windows Server 2008 R2 SP1? I've found this website
  You have mentioned windows Server 2008 R2 SP1, it works and supported.
  https://msdn.microsoft.com/en-us/library/ms143506(v=sql.105).aspx
  If you are talking about Windows Server 2008 then you might need SP2
  SQL Server 2008 R2 is not supported on:
  Any version of Windows Server 2008 less than Windows Server 2008 Service Pack 2

• FIM 2010 R2 Sp1, Windows 2008 R2 SP1 and Recycle Bin issues

  Hi,
  We are running FIM 2010 R2 Sp1 (build 4.1.3613.0)
  Also running Windows 2008 R2 Forest and Domain functional level environment. (Windows Server 2008 R2 SP1 on all DCs). The previous Recycle Bin hotfix https://support.microsoft.com/en-us/kb/979214/ fails to install since we are already running WS08 R2 SP1
  on all the DCs.
  During deprovisioning, when a user is deleted from the source HR system, FIM deletes the object from AD, FIM Sync & Portal.
  FIM also manages a FIM Portal group, where membership is assigned manually. This membership is then updated in AD.
  When a user (who is part of this group) is deleted in HR, FIM deletes it from AD, FIM Sync, FIM Portal, FIM also removes user from FIM Portal group. The user is also removed from the AD group (by FIM group object membership attribute flow to AD)
  ...however, on the next AD Export, FIM fails to update the same group and complains about this very same user (CD Error) and lists the user as: CN=username\0ADEL:GUID, CN=Deleted Objects,DC=domain,DC=com
  It appears that there is a problem with FIM and the Recycle Bin again?
  Are there any new Recycle Bin/FIM hotfixes ?
  Thanks,
  SK

  May I suggest you review the following:
  Is the AD MA user account part of the Domain Admins group? If yes, please remove it from this Group
  Verify that the "CN=Deleted Objects" container has not somehow been included in the AD MA OU scope

• Migration; Exchange 2003 SP2 to Exchange 2013 on new Domain and DC

  I wasn't prepared for this task, and it was thrown at me to do...  Eyes are bleeding from planning reading and planning, would LOVE any input from you guys.  First time posting, here and have heard great things about these forums.  The Company
  I work for obtained a new client and a network that is in a cluster at the moment, so I'm having to dig through everything and restructure..
  Scenario:
  Old Domain/Server: (To be decommissioned)
  Server 2003 Standard SP2 (Domain: cosco.com; NETBIOS name: coscoex)
  Exchange 2003 SP2 (6.5.7638.1)
  Server is a domain controller and exchange server.
  Migrating to:
  Server 2012 R2 Datacenter (New Domain ad.cosco.com; NETBIOS name: cosco)
  VM #1: Server 2012 R2 Domain Controller at 2012 R2 Functionality 
  VM #2: Server 2012 R2 with Exchange 2013 Standard (Not Yet Installed) Joined to ad.cosco.com domain
  VM #3: Server 2012 R2 with Exchange 2010 (Not Yet Installed) joined to ad.cosco.com domain
  These are probably not ideal conditions, but I have to work with what I'm given.
  Host server (2012 R2) is in work group mode.  Hyper V Installed with a VM of Server 2012 R2 and as a DC at a functionality level of Server 2012 R2.  I had intended starting at a lower functionality level and raising
  it later, but.... ya I forgot to change it.  If needed I can spool up a new DC with a lower functional level.
  DNS, AD and group policy is all jacked up on the 2003 DC so that doesn't matter, All user accounts are going to be created under the new domain.  The concern is migrating the mailboxes from Exchange 2003 on the old domain to
  Exchange 2013 on the new domain.  The client is going to provide CSV of the AD accounts that are still valid (a lot of accounts are no longer used or are from people that no longer with the organization.)
  I had some ideas, but I'm not sure if they will work.  This is something I have never done before (Senior Engineer Quit).
  My thoughts:
  - Establish a two way trust relationship between the two domains.
  - Create two VM's, one with Exchange 2010 and one with Exchange 2013 (They have a 2010 licence that was not used).
  - Create the users on the new domain
  - Use the double hop method from Exchange 2003 > Exchange 2010 > Exchange 2013 
  - Link Exchange accounts to the correct user accounts on the new DC.
  Can this be done cleanly? Am I going about this the correct way?  Any feedback would be GREATLY appreciated.
  Note: We are forced to use ad.cosco.com (Obviously not the actual domain name)

  Hi,
  Base on my experience, your idea is feasible.
  However, before getting started, you should note that Exchange 2010 (with any service pack or update rollups) is not (yet) supported to install on Windows 2012 R2. More details refer to the following link: 
  http://technet.microsoft.com/library/ff728623(v=exchg.150).aspx
  After all the preparations complete, you can refer to the following articles to migration exchange 2003 to 2010, then to 2013:
  Exchange 2003 to 2010 Cross-Forest Migration Step by Step Guide
  Exchange 2010/2007 to 2013 Migration and Co-existence Guide
  Best regards,
  Niko Cheng
  TechNet Community Support

• SBS 2003 server admin rights dont work access denied on VSS and Network settings

  Hi I have just taken over support for a company and have inherited a SBS 2003 Server.
  The server has had no backup for over a year (when the last admin left).
  VSS does not work, so the back does not work, unable to install any other backup as no admin rights.
  I want to repair it so I can do a backup to move to a new server.
  I did not know the administrator account password (the last admin didn't tell anyone)
  So I used a password reset boot cd and then restarted Windows 2003 in Directory Service Restore Mode.
  Copied SRVANY and INSTSRV to a temporary folder, mine is called D:\temp. Copied cmd.exe to this folder too. Next ran at a command prompt instsrv PassRecovery "d:\temp\srvany.exe"
  next
  Started Regedit, and navigated to
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PassRecovery
   Created a new subkey called Parameters and added two new values:
  name: Application
  type: REG_SZ (string)
  value: d:\temp\cmd.exe
  name: AppParameters
  type: REG_SZ (string)
  value: /k net user administrator 123456 /domain
  "123456 is substituted for the password I used" Im not daft enough to publish it lol
  Next
  opened the Services applet (Control Panel\Administrative Tools\Services) and opened the PassRecovery property tab. Checked the starting mode is set to Automatic.
  to the Log On tab and enable the option Allow service to interact with the desktop.
  Restart Windows normally, SRVANY run the NET USER command and reset the domain admin password.
  OK so now I am logged in as administrator but guess what I still don't have admin rights???
  I can add new user with admin rights and log in as them but they still don't have admin rights Im totally lost??????????? Help please

  I'm thinking the previous tech may have renamed the built-in domain Administrator and then created a new account called 'administrator' with lesser rights?  He then used another domain admin account to manage the server. 
  If so, and given the fact that you don't know any domain admin account usernames or passwords, I think you may be in for a move to a new server without a proper NT backup of the SBS 2003. 
  However, If you can at least log into the SBS 2003, I wonder if you could download and run DIsk2VHD and create VHDs (not VHDX) of the current SBS 2003 drives, saving them to an external USB drive connected to the server. 
  You could then 'attach' the VHDs to a Win7 Pro computer and gain access to the files/folders, although not the Active Directory stuff.  Moving Exchange and Sharepoint would impose additional pain.  For Exchange, you could log
  onto workstations as each user and export their Exchange mailboxes as .PSTs.  I believe you could do the same with any Public Folders.
  Disk2VHD
  http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx
  How to Mount a Virtual Hard Disk in Windows 7
  http://www.online-tech-tips.com/windows-7/mount-vhd-windows-7/
  Of course, the owner could also have his attorney contact the previous tech and threaten legal action unless he coughs up the correct domain admin username and password.  That username and password belong to the owner, not the
  tech.
  Merv Porter
  =========================

• Active Directory, Windows 2003 SP2 Server and SMB shares

  I have 10 new iMacs that will be returned and exchanged for 10 HP wintels if I can't resolve an issue with SMB shares in Mac OS X 10.4.9.
  We had an old win 2000 server, and all the macs could mount their smb shares without problems.
  Recently we upgraded to two new 2003 sp2 servers, one of them the domain controller, and we can't mount their SMB shares. I followed this http://weblog.bignerdranch.com/?p=6&page=3 and/or this http://allinthehead.com/retro/218/accessing-a-windows-2003-share-from-os-x to allow AD authentication, but still, I can't mount the 2003 shares (but can with the 2000 ones!!!).
  If I enable SFM (services for macintosh) then I can mount the shares, but:
  1) the network is slower (I supouse is due to appletalk implementation)
  2) and worse, names with more than 32 characters or with some special characters are not allowed. This renders 30% of our archives unavailable with the AFP solution.
  I also used all the authentication methods (Plain text apple, plain text windows, etc.) but no one works.
  I have now 10 days to find a solution, or all "my" macs will dissapear forever.
  Please, some advice or point to documentation.
  G4, G5, iMac Intel, Mac Book Pro, etc   Mac OS X (10.4.9)  

  Do you just want to mount arbitrary share from the win servers or do you want the macs to be bound to AD?
  The first requires the steps from your second link (allinthehead.com) but the latter (bind to AD) requires things like proper use of DNS, time synchronisation for kerberos to work and proper configuration as described in your first link (bignerdranch.com).
  Here are some more links for the latter (AD intergration):
  http://www.bombich.com/mactips/activedir.html
  http://www.afp548.com/article.php?story=20051202151540574&query=ad-od
  HTH
  -Ralph