Monthly Archives: May 2014

Whatever Happened to This Likely Lad?

So in August 2013 Jeff Dailey, the Director of Diagnostics at Microsoft Support was talking about Microsoft Fix-It Center Pro on Channel 9. He was really excited about it too, and who can blame him? It was really exciting stuff. Three months later, it was dead. I don’t know why. Like white dog poo, it’s a mystery. However, the automated diag packages remain, and are still being added to.

What’s the point?

If you’ve never used them, you’re really missing out. You may recall the old MPS report of some time ago, which gathered a huge amount of evidence from a machine and then just dumped it into a cab file. This was great, if you knew what to do with the data, but otherwise it was just 40MB of confusion. Some of it was obviously useful, like the event logs and cluster logs, some of it less so – do I care about symbols? No, not really. I’m shallow like that. There was the MPS report parser tool for the early implementations, which basically trawled through all the text files looking for the word “FAIL”, then later the MPS Report Viewer or you could use the old manual method.  But by and large, to get anything useful out of them, you had to have a pretty good idea what you were doing. Not any more. No longer do you have to know the meaning of:

00001df3.000016bd::2012/10/07-10:40:20.271 INFO  [GUM] Node 3: Processing GrantLock to 3 (sent by 2 gumid: 1249)


I exaggerate. Probably best if you know a little. These tools will sit on your poorly machine, run for a few minutes (maybe half an hour) and then tell you in short clear phrases *what is wrong*. Mostly. And if they don’t, hell , you’ve got all the evidence collected.


How to use them properly.

Go to the Support Diagnostics Website. It still retains the ghost of fix-it center pro in the title “ficp”. You will need to log in with your live id (a Hotmail account in other words).

Select the relevant package from the large number available – I lost count at fifty. I’m rather fond of the “Exchange Server 2007 and Exchange Server 2010 Diagnostic” but I’ll use the Windows performance Diagnostic for this post. Click on the diagnostic tool and give it a name.


You’ll need to download it and follow the instructions:


You may see references to “Microsoft Automated Troubleshooting Services” and “Microsoft Fix-it”. You’ll probably want to be an administrator to run it as well.1-4

Follow the steps as requested by the tool. It will ask if you want to install on the local machine or another machine, in which case it will create a portable diagnostic utility – more of this later. After a couple of minutes it will suggest you run a diagnostic tool to collect information from your computer. Do so. You can then wait up to an hour for the utility to do it’s thang.


Once it has finished, you’ll get the chance to check through the files it has collected and if necessary stop them being uploaded to Microsoft.1-5

Once you click “next” it will compress the files, and then give you a chance to save a copy of the cab file before uploading it to Microsoft.1-6

Click “send”, and then sit back and wait.1-7

If you go back to the Support Diagnostics page and click on the “recent sessions” tab, after a while (five minutes or so) you will see your upload has been received:1-8

But not yet analysed. This takes a couple of hours, usually, but keep checking back, and you’ll eventually see “completed”1-9

Click on the link, and see what the problem was:2-1

If you’re stuck, it gives you the option to “Get Assisted Support”. This will possibly (probably?) cost you money.

If you open the cab file you saved earlier (you did save it, didn’t you?) then you will see a whole heap of files. Some of them are clearly recognisable, some of them less so. The file you are after is called “resultReport.xml” – open this up in Internet Explorer, and bask in its troubleshooting goodness.2-2

Look at the things that is checking for! Networked PST files. Dodgy versions of SEP (SEP 1-SEP n, basically). Fantastic.

Click on the links for the issues that were found:2-3


And better yet, here’s where you get to make sense of the files it collected. Scroll down and expand detection details2-4

And then below that, there are links to all the evidence files you gathered:


But if you want, you don’t need to upload them:

Go to

Open link for the directed report generator

Click run

“save this file”

“click run”

Accept agreement

Select “a different computer” and tick “this machine has powershell in it”, if applicable.

Read the instructions and follow steps 1-3. Do not follow step four yet.2-6

Save the tool to a local disk on the machine to be investigated, and run it (preferably as an administrator).


Accept the license agreement, and the following screen will appear briefly, and then disappear. Nothing will happen for 15 seconds or so.2-8

You will then be asked to run the tool:2-9

Click start. The tool will take about 10-15 minutes to run, in some instances.3-1

When it finishes, you’ll see the following:3-2

Click next, and select a location to save the file. This can be a network drive.3-3

When it finishes creating the cab file you will see the following screen:


Click “close” and browse to the location you saved the evidence. Extract the cab file and enjoy resultreport.xml. I know I will.

I hope this is useful to you. I love these tools, and think they’re much ignored, outside of Microsoft, anyway…


Interesting things that i see on the internet, 30th May.


Ever wanted to know more about 3d printing? Course you have. How about two and a half hours of video on it, then? Channel 9 have done a video series overview that covers the hardware, software, use of kinect as a scanner and lots more on this that I will definitely watch once I have time – I’m planning on breaking a leg later this year, which will be an ideal opportunity.


Also, you may find something of interest in this post regarding self-training  from Ed Baker. It’s no surprise he works for Microsoft… however there is a new gamification attempt over at the MVA – wanna be a superhero? Thought not.


Exchange Design:

How to create a group policy that will add your ADFS servers to the local intranet group for users, facilitating single sign on.

Really, you’re not as clever as you think you are. Why you should avoid manual server hardening.


Exchange Troubleshooting:

Andrew S Higginbotham is one of the best exchange support guys around. His blog is always worth a read, and his latest post is no exception – basically, the customer had a little bit of a problem, and in trying to fix it, they created a bloody great massive one. When you’re in a hole, stop digging.

My friend Justin Harris has written two great posts on his blog, discussing ways of troubleshooting two common problems in Exchange 2013; using get-servercomponentstate when  services are stopped unexpectedly, and how to use pipeline tracing when transport agents are shot. Justin passed his MCM qual lab first time, and is therefore officially “insanely clever”.


Recent knowledgebase articles:

If you used the hybrid configuration wizard with exchange 2010, and then upgraded to 2013, you may be struck by this: “‎Subtask Configure execution failed” error when you run the Hybrid Configuration Wizard in Exchange 2013 after an upgrade from Exchange 2010

Don’t set the receive connector on your multirole exchange 2013 box to “hub transport” – it’ll break when you upgrade to SP1: The front-end Microsoft Exchange Transport service stops and does not restart after you upgrade to Exchange Server 2013 SP1

I’ve not called out the kb articles associated with sp3 ru6 or 2013 cu5 – have a look at the articles below for links. I’ll make an exception for “Store.exe crashes if you create a deeply nested subfolder in Outlook” though. we recently had exactly this problem with Exchange 2007 sp3 ru13 – as there are no more rollups coming out for 2007 by the look of it, then those of you on that product will remain vulnerable. I’m going to do a proper article on how to diagnose it and fix it in the very near future, honest.


Exchange General:

Exchange 2013 CU5 and Exchange 2010 SP3 RU6 have been released this week. As well as the EHLO blog posts, it’s probably worth casting an eye over Rhoderick Milne’s assessment of them; CU5 and RU6. Are you going to rush off and install them? I’d leave it a week or so and see who moans about what. So far this is the only thing I’ve seen for 2013 (Exchange Shared Cache Service restarts frequently in Exchange Server 2013 Cumulative Update 5), but I’d give it a few days more yet…

There is a always a huge amount of confusion over shared folders, especially calendars. Sam Drey answers the question “Is the calendar connection opened “on access” or is the connection made everytime the user opens Outlook?”

So you want secure remote powershell – why you don’t do it by just setting it on the powershell virtual directory (you break powershell ,and then you can’t use powershell to fix it)


Core General:

I found a link to a Mark Russinovich video on Channel 9, the microsoft “tv station”, which was great for three reasons – first, it’s Mark Russinovich (may his tribe increase), second it had links to a whole lot more of his stuff from this year’s Tech Ed, and thirdly it led me on to two links for stuff I’d not really bothered looking at before; the Defrag Show, a 25 minute troubleshooting show which has some great tips and tricks, and, even more excitingly, the Defrag Tools show, which is an irregular yet frequent deep dive into the troubleshooting tools used on the Defrag Show… this stuff is great – an hour on performance counters? You bet. Walkthroughs of analysing crashes and hangs, message analyzer, systinternals tools. This is essential stuff.

Also on channel 9 is this great link which has all the exam prep videos from TechEd – 75 minute presentations on common exams – including Exchange, Windows, Lync… you’re all doing exams, all the time, so I daresay this will be of some use…

They’re more alike than you might think – Andrew S Higginbotham uses ESEUTIL to fix an AD problem.

It’s the end-times, I tell ya. Powershell DSC. For linux.

A reminder that Microsoft release security updates as DVD ISO images – that’s handy for those of us with labs that are isolated from the internet.

A great article from Tom Moser on the AskPFE blog on how DCs are located across forest trusts. This is part two – part one was a year ago, and is here. This is the real stuff, and will give you a lovely warm glow when you’ve read it. for the third or fourth time, in my case.

Some new knowledgebase articles have been published:

You hopefully aren’t using iSCSI, but if you are, here’s another thing that doesn’t work very well: List of iSCSI targets may be truncated or missing

I know we’ve got some customers who do this sort of thing: You cannot create more than four SMTP virtual servers in Windows Server 2008 R2


Office 365:

Learn more about Support issues with Office 365 Message Encryption (OME), an easy-to-use service.

This might be a bit noddy for you all, but maybe not: Simplifying the Office 365 admin experience

The official Microsoft “security in Office 365” white paper was updated recently. I don’t know what the changes were, though. you might want to have a look.

Tony Redmond has written an interesting piece explaining how changes are introduced in Office 365.



Software defined networking for lync and unified comms. It’s coming someday, or maybe.

Jeff Schertz has written another blog post in his series on H.264 Scalable Video Coding  implementation in Lync 2013. See all of them here.


And finally,


Ever wondered how they laid transatlantic cables in the 50’s? well, wonder no longer. AT&T have released some video from their archives. It’s more interesting than I’ve made it sound.


Interesting things that i see on the internet, 19th May

I know, so soon? These things are always too long, so I’m going to try and get them out more frequently, so people don’t give up after the first four items.

I also wanted to share with you an interesting post on being a career hermit crab. In among all the good advice Ashley has for those who are both technically able and hate chasing other people for their timesheets there are two things that really stand out for me:

  1. Learn to code
  2. Learn powershell DSC

If you’ve not considered the former, and you’ve never heard of the latter, you might want to explore the possibilities.

Anyway, on to the meat. This is what you come here for, right?


Exchange Design:

what BDMs and architects need to know about Exchange Online and Exchange Server deployments”. In a poster. I assume that’s not *everything* architects need to know. Good work Microsoft, on reinforcing stereotypes… 😀

Paul Robichaux has written a post about running Exchange on Azure, and why it is a bad thing.


Exchange Troubleshooting:

A 1 hour webcast on troubleshooting activesync. It’s due on May 20th, but will be available for download shortly after, if you can’t make it.


Exchange General:

Ross Smith IV has published an article on the upcoming changes in OAB that we can expect in Ex2013 CU5. When’s CU5 out, btw, nick? No official date yet, but I’d put money on May 27th at the earliest. Will there be an exchange 2010 ru? I hope so…

Michel de Rooij, UC architect and MVP, has a slide deck here on the things he found interesting and useful at MEC.

Steve Goodman (another UC architect and MVP) has written a good explanation on his blog about why it’s not worth spending a ton of money on storage.  He’s also posted the slides from the recent Office 365 UK Midlands User group meeting if you’re interested.


Core General:

There have been a whole load of hotfixes published just recently for windows 2008 and 2012. Some highlights include the ability to use a range of ports for the udp comms in a failover cluster, instead of just port 3343, long certificate authority hostnames, A memory leak in Network Store Interface Service, a web client service cookie fix, XML errors due to Audit Event 4661, an interesting CRL related hotfix that requires careful thinking about before applying, NetLogon 3210 events, stop 50 errors in remote desktop sessions, yet another fix for multiple authentication prompt problems, iSCSI stress testing causes your computer to give up, new HBAs cause windows 2008r2 to crash, system state backups fail, Pass the Hash vulnerability, group policy preferences allow elevated privilege attack, MS14-027: Vulnerability in Windows shell handler could allow elevation of privilege, retrieval of paged results is interrupted when an LDAP server receives queries that generate many results and finally  Vulnerabilities in iSCSI could allow denial of service. Phew.

A marvellous article on cleaning up the winSxS directory by charity Shelburne on the AskPFE blog. I’m sure I’m not the only one who has computer semiliterate friends and relatives who ask “why can’t I just delete it? it’s got 7 drokking gig!”

Channel 9 are far quicker at getting the teched videos up than they were with lync or mec. Sigh. </poor relations>. Here’s the keynote, one on cloud for it professionals featuring a man in a hat, indoors, (!) and an actually decent one on powershell with Don Jones. I’ve not watched the keynote, as it’s two hours long.


Office 365:

A windows hotfix to address an apparent office 365 problem; Outlook may take two to three minutes to connect to an Office 365 mailbox.

This article has big pictures and friendly colours. I find this helpful. Choosing a sign-in model for Office 365. has just started a three part series on multifactor authN for Office 365. This is part 1. Parts two and three over the next couple of weeks, I expect.

Tony Redmond has a nice oped piece comparing gmail and office 365, here. Lots of good links in there, too.

Interesting things that i see on the internet, may 2014.

So, a lot has happened since my last post. Exchange 2003 has ceased to exist, utterly. If you think you have 2003 installed, you’re wrong. There is no such thing, so don’t ring me up about it. outlook 2003 has suffered the same fate.


Exchange 2010 sp2 has likewise stopped existing. If you’re not on SP3 then all I can see is a grey blur where your server is supposed to be. Outlook 2010 sp1 will suffer a similar fate in October – are you ready?



Exchange Design:

Many of you have been asking “what’s the replacement for TMG?” – I’ve already told you it’s WAP (in fact, I think I might of said IRR, and one of Mark Wilson’s team corrected me… :D). so, how do you use WAP? I was going to write a cheat sheet on it when my eternus arrived and I built my new lab (current ETA – 12th of never). Luckily the AskPFE blog has written it for me. Secure Extranet Publication of Exchange 2010 OWA via Server 2012 R2 Web Application Proxy. So there you go.


Rhoderick Milne has done a deep zoom of the Exchange 2013 SP1 architecture poster, so you can look at it on your phone. If you cache it, you can look at it while you’re on the tube. So much nicer than reading the adverts.


Ross Smith IV has written an article introducing the preferred architecture for exchange 2013. This is a bit of a departure for the product group, In the past they’ve left us to figure out what they meant. It’s pretty close to the office 365 architecture, apparently, so don’t expect it to change much over time (unlike the recommendations for exchange 2010).


Jeff Mealiffe has published a short update to Exchange 2013 sizing requirements for SP1. There’s also an updated edition of the Exchange Deployment assistant out.


Tony Redmond discusses recent changes in best practice that were talked about at MEC 2014.


Paul Robichaux has a couple of nice posts, one on the increasing usefulness of lagged copies in exchange 2013, and one around multifactor authentication for outlook.



Exchange Troubleshooting:

There has been a recent update to the “current issues with ActiveSync” kb article. It’s worth making a habit of checking this article – device software updates pretty rapidly, and this the first place confirmed problems get listed.


The “troubleshooting longrunning MAPI connections through load balancers” article has also had a recent update, although it still seems not to include scott schnoll’s suggested best practice from 2012. If you can’t be bothered digging through  an hour long two year old presentation, Jeff Guillet has helpfully abstracted and interpreted it here. It says “set it to 120 minutes”. Scott says “set it to 120 seconds”. For absolute clarity – the value that we’re talking about is “HKLM\Software\Policies\Microsoft\Windows NT\RPC\MinimumConnectionTimeout” yes, I know in the past I have told people not to fiddle with this setting. The advice was correct at the time ;-). In the meantime, I’d follow Scott’s advice. He’s rarely wrong.


For those of you running three node DAGS on windows 2008 r2 here is a reminder about an important hotfix for a known error in cluster comms that can cause perfectly good nodes to lose quorum when there is a comms issue. If you haven’t got this installed you might want to ask yourselves “why?”. Waiting until you’ve got a cluster down is probably a bad time to decide whether or not you need it.


I’ve mentioned before the guided walkthroughs that MS have started publishing. These cover setup and troubleshooting of common scenarios, and are really useful for making sure that you’ve got everything covered and done in the right order – they’re handy for you, in that you know you’ve got everything right, and they’re handy for me because they generate all the right evidence. There are now a load of walkthroughs published for Exchange Online (sharing calendar and contacts, hybrid migration, outlook connectivity), Lync Online (set up external comms, troubleshoot sign-in) and Sharepoint Online (onedrive setup). I thoroughly recommend you have a look, and more importantly, have a play.


Steve Griffin, author of one of the finest client troubleshooting tools, MFCMapi, has written a nice little script for automatically attaching procdump to outlook to generate memory dumps when it crashes. Interesting in that it automates something I have to do on occasion, but also because it doesn’t have to be outlook.exe…


Updated “top support” articles for Exchange 2010 and Exchange 2013.


Remember the days of starting up a telnet session and blatting out a few emails on the cmd line? Now we have to use PuTTY, but even that has its drawbacks. So say HELO to pelnet. That’s Powershell Telneting, to you.


I have been quite vocal on the subject of item count in the past; well here is an interesting article regarding that very topic – Some folders are not visible in outlook web app. It turn out, the maximum number of folders in one mailbox that can be displayed in OWA is 10,000.


Tim McMichael has written a couple of good blog posts on cluster networks – what constitutes a “failure” and another brief one pointing to Elden Christensen’s post on tuning failover cluster network thresholds.


Exchange General:


Mark Wilson has sent us a link to all the MEC video content –


Earlier this year I passed on a link to a post about improvements in Exchange Online Protectionhere’s the second part.


This is one of those things I’ve mentioned in the past and is due for a reminder – best practices for configuring delegates in outlook 2010. If you have sniffy vip users with sniffier PAs, then perhaps you need to read this article. Perhaps? Who am I kidding? There’s no perhaps. Read, mark, learn and inwardly digest.


There’s a new Exchange 2013 on Windows 2012 r2 base config test lab guide been published. If you have a good root around that site you can unearth some real gems. Once my eternus comes…


The exchange team blog has a pretty good and reasonably thorough explanation of outlook and MAPI over HTTP here. This is, I am told, going to be the preferred method of connecting outlook to exchange, eventually, so we’d better get used to it. The product group would prefer it if we ditched the client altogether and all used OWA, mind.


A nice post here from Clint “K-Bomb” Boessen elaborating on real time block lists and exchange 2013.



Core General:

A little explanation of how much support you can expect if you decide to try NATing your domain controllers; basically “don’t do it”. this is an interesting philosophical question, and neatly illustrates the difference between design and operations. When I point out things like this, I quite often get designers asking me why it’s not supported and can, if I’m not careful, en up in a protracted discussion about the feasibility of doing this or that very clever technique. Operations tend to care less about why. The long and the short, from an operations point of view, is that MS have told us, in advance, that if we do this sort of thing they’ll not support it. the bottom line is it is an untested solution. MS haven’t tested it, so they don’t support it. if we test it an decide it’s a great solution, then MS will expect us to provide support for it. it probably won’t make a difference if that support is required at 2am. in short, when you’ve got a crocodile chewing your leg, it’s not the time to start wondering if it might not be an alligator.


Many years ago MS used to produce a tool called the Microsoft Premier Support Reporting Tool, which gathers a great bunch of logs and diagnostic tool output. A particularly popular version was called the PFE MPSRT, which not only gathered the stuff for the OS, but also exchange sql and some other things that might be installed This has been replaced for some while now by the Microsoft Support Diagnostic Tool, which while being much better than MPSRT, is also much more focussed, with versions for Clustering, Name resolution and god knows what. The good news is they’ve released a PFE version, here. This should help us get a lot more info in the first pass. There have been a whole bunch of other new diagnostic tool packages released recently as well: PKI, MaxConcurrentAPI, Machine memory dump collector, and a package for VSS and backups.


So you’d like to know more about azure, hyper-v and stuff, but you just don’t know where to start? Fancy some certifications, but don’t have the time or money to go to a class? Try the early experts programme. You can’t win the surface, unfortunately.


MSPress announce that there is an updated version of the Microsoft Script Browser available –View article… what’s the script browser? A tool for browsing the script repository  –  a collection of powershell, vb etc scripts that do useful things, hosted by Microsoft. Not necessarily written by them, mind. There’s al so a useful tool that will help you clean up your code and suggest better alternatives…


You may find this short video on virtualising office of interest – it’s a bit noddy, but there are some better links off the first page… The new Office: Managing Office in Virtualized Environments


Updated “top support” articles for windows 2008 and  windows 2012 and 2012 r2.


Here is an active directory article that I found really interesting. How to use a snapshot to recover AD attributes. Now, before you go “oh nick, AD and snapshots?”, this is written by a MS PFE who is also an AD and powershell expert. It looks really neat-o. I’d not even think about doing this in your live environment until you’ve thoroughly tested it in your lab – not because I think there’s anything wrong with the method, but because I think you need to really understand it before putting it in live.


If you’re using the latest version of netmon,  Message Analyser(or playing with it, like I am), then you really should be reading the MA blog. There’s been a couple of good posts on there in the last month, one on filtering and a more general “tips and tricks” one. It looks great, so why am I still using wireshark? Sigh.


Office 365:

Oh how we laughed at the RUS in 2003. What a pathetic excuse for a service. Turns out it had its uses after all – because it scavenged stale AD attributes, it meant 2003 objects were immune from this little problem – stale or invalid GAL entries prevent Exchange Online migration.


There’s lots of articles about how to migrate to exchange online. There’s a few on how to merge exchange organisations while doing a exchange online migration. Until now, I’ve not seen anything on how to merge two different exchange online organisations.


Possibly of more interest to us, here’s a video on how to use multifactor authentication with Office 365.


Why trying to lock down access to office 365 using IP addresses is a big pain in the neck. Office 365 content delivery networks explains why you shouldn’t do it this way. More detail on client connectivity here.


Self service password reset for users of Windows Azure Active Directory. Sounds cool. Here’s how to set it up and use it… and there’s more on WAAD premium here.


There’s a webcast introduction to the new diagnostic features in office 365 here. That url seems a little non-specific, so if you are coming to this in a few weeks time, and the url takes you to a video that appears completely different to the one you expected, try this link instead.


Here’s a link to the announcement about encrypted storage for office365.


Rhoderick Milne has a done a series of articles on enabling ADFS 2012 r2 for Office 365. Start here. He’s also done a nice “how-to” on enabling ADFS extranet account lockout protection.


It’s probably worth calling out the article on ADFS troubleshooting that he mentions. Not that anyone will need it – what could possibly go wrong with ADFS?


The UCGuy blog has done a series of helpful tips on office 365 migrations which look interesting.



Updated “top support solutions for Lync 2013” article.


Garry Newsham has emailed in a link to the Lync  (see what I did there?) conference slides –





Right, hopefully you’ve made it this far. If so, may I commend a couple of blogs to you? First of all my friend Justin Harris has a blog here called NT Excellence – talk about setting yourself up for a fall, and some of his stuff can be found on GeeksWithABlog as well, which he writes with another of my acquaintances, Larry Novak. Both blogs are pretty new, and could do with some encouragement…


Congrats to my colleague Mark Bodley; he

Congrats to my colleague Mark Bodley; he’s made the news!- IT News from