Posts from February 2012

Living the Dream: Exchange, SharePoint and Lync

Richard Green on

If you happen to work for a Microsoft prodominant environment and you either are thinking about deploying the holy trinity of Exchange, SharePoint and Lync or you are interested in the integration between the services, then check out these two posts from DrRez on the TechNet Blogs. These two posts go into techincal detail about the integration between the services and how to actually setup some of them.

http://blogs.technet.com/b/drrez/archive/2011/04/26/lync-2010-exchange-2010-sharepoint-2010-and-office-2010-integration-part-1.aspx
http://blogs.technet.com/b/drrez/archive/2011/04/27/lync-2010-exchange-2010-sharepoint-2010-and-office-2010-integration-part-2.aspx

One nugget I learnt from reading it was that for Exchange to see the LDAP thumbnailPhoto attribute to allow it to publish the pictures into the Global Address List and Outlook clients is that you ust update the AD Schema to allow replication of the thumbnailPhoto attribute to Global Catalog servers.

Import Custom Phyiscal Resources in VMM 2012

Richard Green on

This evening, I have been working to create some Physical Resource Packages in System Center VMM 2012 for a project at work. VMM by default supports the following file types and extensions for resources:

  • Answer Files (.inf .ini .xml)
  • ISO Images (.iso)
  • Script Files (.ps1 .sql)
  • Virtual Floppy Disks (.flp .vld)
  • Virtual Hard Disk (.vhd .vmdk)

The resource package I am trying to create will be used as part of an Application Profile to allow VMM to install a server-side application as part of a Service Template Deployment, however as the installation file consists of a .msi Windows Installer Package, VMM wouldn’t import it.

Looking at the pre-defined resource packages, I noticed that the Server App-V and the Web Deploy resource packages contained .msi files and they were imported okay, so what was the difference?

The difference is in the handling. VMM by default asks for a folder path where your custom resources reside after which it will import them into a library. By default, once you provide a path, VMM will import all supported objects from path. To add unsupported objects such as .exe and .msi files for Application Profiles, you must append the folder name for your source files with .cr.

This addition causes VMM to import the entire folder regardless of content. In my example, my folder name went from Microsoft_iSCSI_Software_Target to Microsoft_iSCSI_Software_Target.cr and VMM now has the package imported.

Building Active Directory Based Outlook Signatures – Update

Richard Green on

Looking through our corporate Global Address List last night after posting my original article at http://richardjgreen.net/2012/02/24/building-active-directory-based-outlook-signatures/, I discovered a couple of special case users.

In our company, we have two users with identical names, so to differentiate between them, their names in Active Directory have been modified to include their department as a trailing item. For example:

  • Richard Green (ICT)
  • Richard Green (HR)

In the Outlook signature, it is pretty redundant having this included in the name as the department is shown on the following line, so I’ve added a new section to the script which will trim this information.

Firstly, you need to update the Dim statement at the top of the script to include a new integer.

Dim intNameLen

Once you have declared the integer, add the following section. I’ve added it between the existing country specific configuration and the phone number internationalisation sections, but so long as it gets defined before the building of the signature it will work.

If InStr(1, strName, "(") > 0 Then
    intNameLen = InStr (strName, "(")
    intNameLen = intNameLen -2
    strName = Left(strName, intNameLen)
Else
End If

First, we need to look to see if an opening bracket exists in the string using InStr. If there is a bracket present then we move into the If statement, otherwise we move into the empty Else statement and then continue through the script.

Within the If statement, first, we find the character position of the opening bracket using InStr again, but this time we push the value into the intNameLen integer variable. Next, we need to take into account that InStr will return the position of the bracket itself, but as we want to remove the space between the name and the bracket symbol we need to reduce the value of the intNameLen variable by two.

Once we’ve subtracted two from the value, we can use Left to retrieve the value of the strName variable, but only the name portion by excluding the trailing department tag, then save the name back into the strName variable.

Building Active Directory Based Outlook Signatures

Richard Green on

One thing that many companies strive for is a consistent brand identity. There is many reasons for wanting this is anything just to appear to be a professional, unified front your customers. With email being one of the most prevalent communication forms in industry today, one of the best ways to achieve this brand identity.

Active Directory Directory Services, being the centralised gatekeeper of corporate information in a Microsoft environment, the service which feeds Exchange, SharePoint, Lync and many other services with user identity data is the ideal place to get the information needed to generate these signatures.

The key to making this work however is the dynamic automation. Any company can have their Marketing or HR department send a mail shot to the entire company asking the users to update their own signatures in Outlook, but there is always room for ‘creativity’ with this scenario; users trying to make small or subtle changes to the intended design affecting the corporate image.

Luckily, Outlook, or more specifically Word as a good Visual Basic for Applications (VBA) interface for programmatically generating documents and Active Directory Directory Services is one of the most easily and commonly accessed systems via VBScript.

The following script, broken down into chunks explained to allow you to make the script work for your own needs does exactly this.

Option Explicit
On Error Resume Next

Dim objSysInfo, strUser, objUser, strName, strJobTitle, strDepartment, _
    strCompany, strExtension, strPhoneLocal, strPhoneIntl, strMobileLocal, _
    strMobileIntl, strEmail, strCountry, strWebAddress, strPhonePrefix, _
    objWord, objDoc, objSelection, objEmailOptions, objSignatureEntries, _
    objSignatureObject

The opening section quite simply tells the Windows Script Host to only accept variables which are defined (Option Explicit). Many people omit this option from scripts for simplicity of coding, however I think that it’s lazy. Defining your variables with a Dim statement means you know that no rogue variables exist and it helps to prevent typos down the line.

The next line (On Error Resume Next) tells Script Host to continue running the script even if an error occurs. This is needed to prevent the script from generating popup alerts on client computers were the script is running, potentially confusing users. So long as you thoroughly test the script before deploying it, you can be safe in the knowledge that errors won’t happen, but better safe than sorry.

Set objSysInfo = CreateObject("ADSystemInfo")

strUser = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUser)

Here the connection to Active Directory Directory Services is made The connection is made in the context of the logged on user and is then placed into a variable.

If Err.Number <> 0 Then
    WScript.Quit
End If

This section is vitally important in environments with laptop users. If a connection to the domain is not available and this section isn’t included then the script will continue to run, and the user will end up with a very nasty looking signature. If a domain connection cannot be established at this point then the script will exit before anything is modified in the signature, so any exiting signature will continue to take effect.

strName = objUser.fullName
strJobTitle = objUser.title
strDepartment = objUser.department
strCompany = objUser.company
strExtension = objUser.telephoneNumber
strPhoneLocal = objUser.otherTelephone
strMobileLocal = objUser.mobile
strEmail = objUser.mail
strCountry = objUser.co

This section maps the user object attributes to the script variables. Depending on how you use the various attributes in Active Directory, you may need to tweak this, or if you want to pull more information such as building or office address. The format for each attribute is objUser.attributeName. Using a tool such as ADSI Edit will allow you to view all of the attributes in the schema for the user object and their LDAP names.

Select Case strCountry
Case "United Kingdom"
    strWebAddress = "http://www.testcorp.co.uk"
    strPhonePrefix = "+44 "
Case "Ireland"
    strWebAddress = "http://www.testcorp.ie"
    strPhonePrefix = "+353 "
Case Else
    strWebAddress = "http://www.testcorp.co.uk"
    strPhonePrefix = ""
End Select

For some people, this section might not be needed so you could instead simply define the strWebAddress and strPhonePrefix variables. My test lab environment emulates a multi-national company and as such you want each users’ signature to reflect their region. The Case statements evaluate the value in the Country attribute in Active Directory and based on it set the country dialling code and the regionalised web address. Make sure you define a Case Else statement to catch any users who don’t have a Country defined.

If strPhoneLocal = "" Then
Else
    If Left(strPhoneLocal, 1) = "+" Then
        strPhoneIntl = strPhoneLocal
    Else
        strPhoneIntl = strPhonePrefix + Right(strPhoneLocal, Len(strPhoneLocal)-1)
    End If
End If

If strMobileLocal = "" Then
Else
    If Left(strMobileLocal, 1) = "+" Then
        strMobileIntl = strMobileLocal
    Else
        strMobileIntl = strPhonePrefix + Right(strMobileLocal, Len(strMobileLocal)-1)
    End If
End If

Here, the phone numbers retrieved from Active Directory are evaluated and if needed converted to international dialling format. The statements take the first character from the direct dial and mobile phone numbers and if it begins with a plus symbol then no conversion is done and the number is taken literally. If the first character is not a plus symbol, then the first number is removed and replaced with the country dialling code determined in the previous code block.

Set objWord = CreateObject("Word.Application")

Set objDoc = objWord.Documents.Add()
Set objSelection = objWord.Selection

Set objEmailOptions = objWord.EmailOptions
Set objSignatureObject = objEmailOptions.EmailSignature

Set objSignatureEntries = objSignatureObject.EmailSignatureEntries

Const wdParagraph = 4
Const wdExtend = 1
Const wdCollapseEnd = 0

objSelection.Font.Color = RGB(0,133,200)
objSelection.Font.Bold = True
objSelection.TypeText strName
objSelection.TypeText Chr(11)

objSelection.Font.Color = RGB(128,128,128)
objSelection.Font.Size = 10
objSelection.Font.Bold = False
objSelection.TypeText strJobTitle & ", " & strDepartment
objSelection.TypeText Chr(11)
objSelection.TypeText strCompany
objSelection.TypeParagraph()

objSelection.TypeText "Internal: " & strExtension

If strPhoneIntl = "" Then
Else
    objSelection.TypeText " | " & "External: " & strPhoneIntl
End If

If strMobileIntl = "" Then
Else
    objSelection.TypeText " | " & "Mobile: " & strMobileIntl
End If

objSelection.TypeText Chr(11)

objSelection.TypeText "Email: "
objDoc.Hyperlinks.Add objSelection.Range, "mailto:" & strEmail,,,strEmail
objSelection.TypeText " | " & "Web: "
objDoc.Hyperlinks.Add objSelection.Range, strWebAddress,,,strWebAddress

Here is the visual bit. The signature is built using a Word application. The script runs through the creation of the signature line by line. The phone number section is dynamic. If when the user information was retrieved from Active Directory one or more of the phone number fields were empty, then the label for that number type and also the number are omitted from the block.

Colours are all defined using RGB values. If you want to change these for your own use, simply use Word to find the colour you need, then select the Custom tab to view the RGB codes for it.

objSelection.StartOf wdParagraph, wdExtend
objSelection.Font.Color = RGB(128,128,128)
objSelection.Font.Size = 10
objSelection.Collapse wdCollapseEnd

Set objSelection = objDoc.Range()

The final and perhaps complicated thing going on here is the hyperlink generation. By default, the hyperlinks will adopt the default hyperlink style of blue text, size 11 font with an underline. Changes to this section should be heavily tested because at this point, Word begins moving the pointer caret through the document to select the hyperlinks which have been created to alter their style. Incorrectly placing the caret can result it items deleted or strangely laid out in the finished signature.

objSignatureEntries.Add "Test Corp Default", objSelection
objSignatureObject.NewMessageSignature = "Test Corp Default"
objSignatureObject.ReplyMessageSignature = "Test Corp Default"

objDoc.Saved = True
objWord.Quit

Last but not least, everything that has been done so far is saved into the document and configured in the default Outlook profile as the signature to be used for new messages and also reply messages.

If you wanted no signature to be added to replies then you could change the following line:

objSignatureObject.ReplyMessageSignature = ""

It would actually be possible to define a different signature for the reply messages if you so wished. To do this, you would need to save the new message signature and close the current Word object, then open a new Word object, define the signature and then save it to the reply message signature.

Deploying Server Core 2008 R2 for Hyper-V: Network Teaming

Richard Green on

In our deployment, we are using servers with Intel network adapters, so the first thing is to install the manufacturer driver package because this enables the ANS (Advanced Network Services) functionality such as Teaming.

The new version of the Intel driver for Server 2008 R2 includes a command line utility for managing networks in Server Core known as ProsetCL, which operates with a syntax not too dissimilar from PowerShell.

The commands from ProsetCL I will be using in this post are:

  • ProSetCL Adapter_Enumerate
  • ProSetCL Team_Create

The full Intel documentation for ProsetCL can be found at http://download.intel.com/support/network/sb/prosetcl1.txt.

With all of the adapters nicely named from the previous post Deploying Server Core 2008 R2 for Hyper-V: Network Naming, this part is actually pretty easy.

The first step is to run an export of the current network adapters to a text file with ipconfig /all > C:Adapters.txt. Once you have this open the file with Notepad.exe C:Adapters.txt.

With the text file open, in the command line window, navigate to the directory C:Program FilesIntelDMIXCL which is where the ProsetCL utility is installed. You could register the directory into the PATH environment environment variable if it makes your life easier, but I didn’t do this personally.

Execute the command ProsetCL Adapter_Enumerate. This will output a list of the network adapters on the server into the command line. Sadly, the Intel utility and Windows order the network adapters differently which is why the text file is needed to marry the two up.

Once you have figured out which adapters need to be teamed together to form your various Client Access, Management, Heartbeat, CSV and Live Migration networks, you are ready to proceed.

You need to know at this point what type of teams you want to create also. The Intel adapters and utility support the following team types:

Team Type Team Function ProsetCL Shorthand
Switch Fault Tolerance Two adapters are connected to independent switches, with only one adapter active at any one time. In the event of a switch failure, the standby link will become active allowing communication to continue. SFT
Static Link Aggregation Two or more adapters are teamed in an always active manner. This mode allows you to achieve a theoretical speed equal to the sum of the speed of all the adapters in the team. To be used when LACP (Link Aggregation Control Protocol) is not available on your switch infrastructure. SLA
LACP (Link Aggregation Control Protocol) Similar to Static Link Aggregation, however the network adapter and the switch to which it is connected negotiate the aggregation using the LACP protocol. 802.3AD
Adapter Load Balancing Two or more adapters are teamed together, whereby the utility forces traffic to be routed out of each port in turn, equally sharing the load across the ports. ALB
Adapter Fault Tolerance Allows two or more ports to be connected in a team whereby the ports may have differing connection speeds (Eg. 1Gbps for the Primary Active adapter and 100Mbps for the Failover adapter). AFT

For full details and a more detailed explanation of each teaming mode, refer to the Intel ANS page at http://www.intel.com/support/network/sb/cs-009747.htm

Now that you know which adapters to be teamed together and which teaming mode you want to use for each, it is time to create the teams.

Enter the command as follows:

ProsetCL Team_Create 1,2 MAN_Team SFT

In this example, a team will be created using ports number one and two (the numbers as referenced by the previous Adapter_Enumerate command) with a team name of MAN_Team for the Management network using the Switch Fault Tolerance mode.

Following the command, you should receive a prompt that the team was successfully created. A new network adapter will now be present if you execute the ipconfig /all command named, sadly, Local Area Connection.

Assuming you named all your adapters from the default name using the previous post, the adapter will always be called Local Area Connection with no trailing numbers. If you run the netsh interface set interface name command after creating each team, it makes it much easier to name the teams as you go rather than doing them in a batch at the end.

In the next post, I will describe configuring the network binding order to ensure the correct cluster communication occurs out of the correct adapter.

Deploying Server Core 2008 R2 for Hyper-V: Network Naming

Richard Green on

Currently, I am heavily involved in a project to deploy a new infrastructure project for a new branch office. In this office we are deploying a network in a box (pod) style configuration consisting of networking, storage array, fibre channel switching and last but not least, a pair of servers to operate a Hyper-V Cluster running on Windows Server 2008 R2 Server Core.

In this series of posts, I will share some of the things I have found, learnt and discovered on my journey to deploying the Server Core Hyper-V Cluster. This first post focuses on networking as this is the first thing that needs to be configured on the hosts before you can progress into anything else, and also is the most fundamental operational component of the Hyper-V role.

Luckily for us, Server Core still has Notepad which makes working with some of these commands much easier.

For things, first, run ipconfig /All > C:Adapters.txt to pipe a list of all of the adapters Windows can see to a text file along with their current configuration. The most important element here are the names. By default, all of the adapters are named Local Area Connection with a trailing number. For identification purposes, I wanted a naming convention for them all so in the event of a cable or port failure we could easily identify which port was at fault.This will also make identifying the adapters for the purpose of setting up the teams easier.

Open the text file with the command Notepad.exe C:Adapters.txt and identify which adapters in the text file map to the physical adapters on your server. The easiest way to connect all of the adapters to a physical network and then one by one, disconnect an adapter, re-run the piped ipconfig command and see which adapter has changed its link state.

Once you have identified an adapter, use the following command to name it:

netsh interface set interface name=”Local Area Connection” newname=”SL1-P1-MAN1”

My naming convention consists of SL1, which identifies which PCI slot the port is based on, P1 which identifies the port within that slot and finally MAN1 which tells me that it will be the first port in the Management team once configured.

Repeat these steps until all of your networks are named then sit back and be safe in the knowledge that if a problem occurs with one of your ports once your server is in the wild, you will be able to easily guide your on-site technician to the correct port.

Error Launching AD RMS Console

Richard Green on

Early last week, I encountered a problem with logging in our AD RMS (Active Directory Rights Management Services) production environment which is preventing us from generating reporting and RMS usage statistics. After speaking with Microsoft Premier Support we determined that our AD RMS Logging database was missing some of the stored procedures required to generate the reports.

I decided to do an install of AD RMS in our test lab environment so that I can simulate the reinstallation process to resolve the problem as Premier Support have recommended and I ran into a wierd issue.

Once the installation of the AD RMS role successfully completes, you will natrually try and launch the AD RMS console to check your new installation, however that won’t work. Doing so will result in a HTTP 401 Unauthorized error. To resolve the problem, you need to log off the server and then log on again. This will then grant you the necesarry tickets to access the AD RMS console and manage the new installation.