EmailName =

oRecordSet.MoveFirst

FindAnyMDB =

varDestUser =

After upgrading to iTunes 8, my music streaming from iTunes to my stereo stopped working. I was getting the following error:

"An error occurred while connecting to the remote speaker 'speaker_name'. An unknown error occurred (-3256)."

I was running the latest firmware (6.3) on my Airport Express, and running iTunes 8.0 on Windows Vista SP1.  I tried reinstalling iTunes, AirPort Admin Utiliity, turning off AirTunes on the AirPort Admin utility, then turning it back on, but I was still getting the same error.

Finally I found info about the error in the Apple forums here: http://discussions.apple.com/thread.jspa?messageID=8225777 Upon investigation, it looked like that windows firewall was blocking the ports I needed.  But I knew my Windows Firewall Service was disabled (I know, I know, bad me...)

I tried to start the windows firewall service, and it failed with the following error in the System Event Log:

The Windows Firewall service terminated with service-specific error 5 (0x5).

UGH.  Found the following MS article: http://support.microsoft.com/kb/943996  Fixed the registry keys as required and got my firewall service started, and AirTunes worked!

I discovered iTunes 8.0 will not connect to remote speakers (at least on Windows Vista) if the Windows Firewall service is disabled or stopped.  I verified this by disabling the service again, and AirTunes stopped working.  Once I started the service, I was able to stream music.  yay

I know all my fellow OpsMgr peeps are saying they have known about this tool for a while, but I just started using it to enable proxying on a group of agents.  I scoffed at it before, because I prided myself in being able to use command line tools.  But this tool is just too helpful to ignore!

Download it here

from http://blogs.msdn.com/boris_yanushpolsky/archive/2007/08/02/enabling-proxying-for-agents.aspx

I searched the internets high and low to find out how to add ADSIedit to a Server 2008 member server.  In previous versions of Windows, you installed ADSIedit and the other Windows Support Tools from the server installation media.  One of the main benefits of Server 2008 is that you should never have to insert the installation media again after the initial install.  No more being asked to insert the Windows 2003 SP2 CD (did this CD ever really exist?? I didn't think so...)

The Windows Support Tools are now included in the RSAT (Remote Server Administration Tools) and can be installed as features in Server 2008. 

ADSIedit is part of the Active Directory Domain Controller Tools feature, and can be added by following these steps:

1. In Server Manager, click on Features, then Add Features in the right pane
2. Expand Remote Server Administration Tools>Role Administration Tools>Active Directory Domain Services Tools
3. Put a check next to Active Directory Domain Controller Tools
4. Click Next, then Install

Cameron Fuller let me know that these tools are also installed when you add the Active Directory Role to a server.

I installed SQL 2005 Std 64-bit Reporting Services using a default configuration on a clean install of Server 2008.  I followed all the steps in Microsoft’s KB http://support.microsoft.com/kb/938245 entitled “How to install and how to configure SQL Server 2005 Reporting Services on a computer that is running Windows Server 2008” but was still getting an error when browsing to http://localhost/reports or http://servername/reports :

“Error.  Unable to connect to the remote server”

Here is how I fixed it:

1. In IIS 7 Manager, highlight the ReportServer application
2. In right pane click on Handler Mappings
3. Click Edit Feature Permissions in the Actions Pane
4. Enable Script and Execute.
5. Click OK
6. Restart IIS and SQL Reporting Services service

I found the solution here:

http://blog.dastrup.com/?p=48

1. It prompts the user for the SMTP server address, for the name of the RMS, and for the sender's email address. 
2. It creates a shared folder on the RMS for the script and MP xml to reside
3. It copies the script and the xml file to the shared folder
4. It replaces text in the script with the SMTP servername and with the sender address
5. Replaces text in the xml file with the RMS servername
6. Imports the script into OpsMgr (using supercool OpsMgr SDK)

Here are the alert parameters that are sent in the email:

Let me know if you have any questions about it. 

RON DOT WILLIAMS AT MAIL DOT COM

I recently decided installed Server 2008 with Hyper-V on my laptop and migrated all my virtual PC machines. 

If you use a Server 2008 32-bit vhd created in Virtual PC, you may not be able to install and use Hyper-V integration services.  The mouse service will not perform correctly and your network devices will not show up.  The VMbus will show a warning yellow icon in device manager and will say that there aren’t enough IRQ’s to load the bus.

In MSCONFIG, I changed the advanced boot options to check HAL when loading boot.ini and it fixed the problem.

I just realized, after much pre-deployment fretting, that it is very simple to assign multiple action accounts to the Active Directory Management pack.  Domain controllers in different domains need different action accounts for Active Directory monitoring to work.

Here is how you do it:

1. Go to OpsMgr console>Administration>Security>Run As Accounts.

2. Create an new action account for each of the domains that you will be monitoring.  Use “windows” as the type, and be careful typing the password, they are not validated in this field.

3. Go to Administration>Security>Run As Profiles and double click AD MP Account.  Click on the Run As Accounts Tab

4. Associate the account to each domain controller by clicking on New…  You must manually select each domain controller and choose an account on a by-machine basis.

I have a meeting at one of my really large clients, and for some reason I was a little nervous.  I found a some helpful links related to being a better presenter.  Basically they say to not try to avoid nervousness, but to work with it and accept it for what it is:

http://presenting2007.blogspot.com/2007/02/notes-on-being-nervous.html

http://www.professionalspeakers.org/cgi-bin/allegro.pl?article115

http://www.thepublicspeakingsite.com/

http://eirikso.com/2008/06/04/what-to-do-if-you-are-nervous-when-presenting/ 

I had a client who wanted some helpful links to articles about Outlook Anywhere.  Here is what i found:

Configuring Outlook Anywhere

http://exchange-genie.blogspot.com/2008/02/configuring-outlook-anywhere-for.html

How to Configure Outlook Anywhere in Exchange 2007

http://technet.microsoft.com/en-us/library/cc179036(TechNet.10).aspx

Tutorial on Setting Up Outlook Anywhere with ISA (ignore the ISA part)

http://www.msexchange.org/tutorials/Outlook-Anywhere-2007-ISA-Server-2006.html

Configuring an Outlook 2003 Client:

http://www.msexchange.org/tutorials/outlookrpchttp.html

You for any client not running outlook 2007, you will have to manually configure the rpc over http settings.  Outlook 2007 will automatically configure itself using the autodiscover feature

System Center Capacity Planner Download

http://technet.microsoft.com/en-us/sccp/bb969059.aspx

Technet Articles:

http://technet.microsoft.com/en-us/library/bb123741.aspx

http://technet.microsoft.com/en-us/library/7f885b45-cbd4-4349-bdd2-bc1f30fbe1b4.aspx

Last week, I took 70-400 to get my MCTS:Microsoft System Center Operations Manager 2007, Configuring.
The test was harder than I thought; I got an 860 but had expected I would do better than that.

Here is what I remember about the test:

· 47 total questions, 2 hours long

· All multiple choice with four answers

· There weren’t any “All of These” or “None of these” answer possibilities

· About 5 questions that allow multiple answers, but all specify the total number of answers that you choose, ie “choose two of the following.”

· There weren’t any definition questions

· All the questions were task-based and follow the format: You would like to <do something>.  In order to accomplish this you must <choose answer>.

· Several questions related to backup/restore.  Study different backup/restore scenarios, especially related to the loss of an RMS

· Know how to replicate an environment in a lab by copying the databases and restoring the encryption key

· Know which roles to which restore the encryption key

· Study SecureStorageBackup.exe syntax

· Study ManagementServerConfigTool.exe PromoteRMS syntax

· Study the export-managementpack cmdlet syntax

·  Know how to install a Gateway server to monitor servers in a DMZ

· Know how to authenticate agents using certificates in a DMZ, and how to use MOMcertimport.exe

· Study Audit Collection Services know how to turn it on and off on agents, and how to install on the server.  Also remember that you cant install on a server that is clustered.

· Study Agentless Exception Monitoring, know how to filter the results so not all exceptions are sent to MS

· Know how to use overrides to target a MP to a specific type of target (like all Server 2003 domain controllers for example)

· Remember that to discover cluster resources, you have to turn on agent proxying on the physical nodes

· Remember that to see reports related to specific MP’s, you have to import the MP’s

· Know the basic steps for creating a distributed application

· Know how to monitor a web site using synthetic transactions, and remember what situations would be appropriate for monitoring a site using synthetic transactions

· Know when to create a diagnostic task vs. a recovery task

· Know the difference between a console task an agent task

I am writing a script that will do one thing if outlook is installed, and do another if outlook isn't installed.  I tried all kinds of logical file checks etc to see if the outlook binaries existed, but it got complicated. 

I decided to see if the outlook object would successfully initialize.  If I cannot connect to the outlook application, then I can probably assume that outlook is not installed:

on error resume next
Set objOutlook = CreateObject("Outlook.Application")
If objOutlook Is Nothing Then
    wscript.echo "Outlook 2007 is NOT installed, or is not installed correctly!"
else
wscript.echo "Outlook 2007 is installed on this PC."
end if

I have domain controller in my lab running on Virtual PC 2007 whose boot disk was running out of space.  It was originally formatted as a dynamic expanding disk with a maximum size of 16 Gb, and had reached its capacity.  The virtual machine is also running OpsMgr and SQL 2005. 

I tried using VHDresizer available at http://vmtoolkit.com/files/folders/converters/entry87.aspx but could not get it to work.

VHDresizer is slightly annoying for two reasons:

1. You have to register to download the product
2. It took hours, then error'ed out at the very end

Here is how I cloned the boot partition to a larger VHD:

1. Created a new VHD with a maximum size of 36 Gb using the VHD wizard in Virtual PC 2007 and made note of the location of the file. 
2. Shut down the virtual PC that was running out of space.
3. Back up the original boot VHD
4. In ANOTHER virtual PC running server 2003, I assigned the 16Gb boot drive as the second hard drive (I will refer to this drive as the source)
5. Assigned the new 36Gb drive as the third drive on the second VPC (I will refer to this drive as the destination)
6. Using Disk Management, I assigned letter X: to the source drive
7. Using Disk Management I assigned letter Y: to the destination drive
8. I formatted the destination drive Y: with NTFS (quick).  Make sure you don't format the source.
9. I downloaded the Windows 2003 Resource Kit, which contains robocopy, and installed it on the second VPC  http://www.microsoft.com/downloads/details.aspx?FamilyID=9D467A69-57FF-4AE7-96EE-B18C4790CFFD&displaylang=en
10. I copied the source to the destination with the following command, which took about an hour
    robocopy X:\ Y:\ /E /COPYALL /R:5
11. There were 3 copy errors that I ignored (it didnt seems to cause problems--but don't quote me).
12. In Disk Management, I marked the destination drive as Active
13. Shut down the second VPC
14. Removed the vhd's from the second VPC
15. I edited the original VPC .vmc file in notepad and replaced references of the source_drive.vhd with references to the destination_drive.vhd
16. I started the original VPC and everything worked (much to my surprise) I thought there would be issues with the MBR, or with the server being a Domain Controller, but everything worked fine.

I was running OpsMgr Reporting, OpsMgr DB, DW, and RMS all on one server install.  I set up scheduled reporting to email a report on a weekly basis.  The links in the emails being sent were not working.  I read a post somewhere, and thought it said to uninstall OpsMgr reporting, then reinstall.  Looking back, I think i may have misread the post, because this was a bad idea (and i cant find the post anymore).  Here is what i did, and what i had to do to fix the problem.

Also, the original problem of the links not working in the scheduled email reports is a known-issue in SQL Reporting Services.  See http://support.microsoft.com/kb/949454/en-us 

Here is what I did:

1. Uninstalled OpsMgr Reporting. 
2. Tried to reinstall, but couldn't.  Data already exists (Panic Panic Panic.) LOL
3. Tried running resetSRS.exe  Failed with “unhandled exception” error, with following event in application log:
   .NET Runtime 2.0 Error.  EventID 5000
   EventType clr20r3, P1 resetsrs.exe, P2 6.0.4900.0, P3 47b73633, P4 system.data, P5 2.0.0.0, P6 471ebb06, P7 245c, P8 2c, P9 system.data.sqlclient.sql, P10 NIL.
4. Panicked even more, decided to uninstall SQL Reporting Services
5. Removed SQL Reporting Services (SRS) using add/remove programs
6. Dropped ReportingServices databases
7. Removed ReportServer IIS Virtual Directory/Application pool
8. Ran full ntbackup.exe  I should have done this yesterday, then I wouldn’t be in this situation LOL
9. Reinstalled SRS.  Note that I had to choose the SQL components that I wanted to be installed even if they were already installed.  In other words, I had to choose database services, and reporting services, even though database services were already installed
10. Upgraded SRS to SP2
11. Manually ran Reporting Services Configuration tool using default config on all tabs
12. Verified SQL reporting services install by browsing to http://localhost/reports  yay it worked
13. Rebooted just for fun
14. Reinstalled OpsMgr Reporting SP1
15. Still getting a bunch of SQL Log In failure events in the application log
16. Removed the simple log in accounts which were causing the SQL LogIn failures.  In OpsMgr UI>Administration>Run As Accounts>Simple Authentication>”Data Warehouse SQL Server Account”> Properties>Account Tab.  Change the user to a single space as the user name, and a single space as the password.
17. Followed this KB to recreate references to Datawarehouse in the opsMgr DB. http://support.microsoft.com/kb/942865/en-us  Using this query on the OperationsManagerDW db:
    EXEC MemberDatabaseAttach'dbserver\instanceName','datawarehouseDBname', 1, 1, 1
    I had to run the query with the single quotes, but without a space before the single quotes before it would run.  In the KB they have spaces before the single quotes which wouldn’t work for some reason.

This seemed to fix the issue, and everything is working properly now.  The moral of the story is to take a breather when you start to panic.  Also, always lab test database changes, and have a reliable, tested backup.

OpsMgr Gateway Server Installation Notes:

I have a client that has 10-15 servers in a workgroup in a DMZ that they need to manage using OpsMgr 2007.  We chose to install the role on a virtual server that resides in the DMZ.  They did not have a certificate authority to issue certificates, which are required in this setup, so we installed certification services on the same virtual server as the gateway role. 

Here are my notes:

• Using the document from systemcenterforum as a guide/bible, follow it step by step. http://systemcenterforum.org/wp-content/uploads/OpsMgr2007_Gateway_Config.zip
• Also, read this document Operations Manager 2007 Security Guide 
• Every server managed in the DMZ, the gateway server, and the RMS will all need their own certificate which will have to be imported into their local opsmgr agent (or to opsmgr in the case of the GW and RMS)
• Install a certificate authority that can be accessed by all the agents, the GW, and the RMS. 
• I chose to install the CA on the same server as the GW role.  If you install the CA on the same server as the GW: during the CA installation, you will need to name the CA anything besides the netbios name of the server.  This is so the CA can issue a cert to the GW server (which happens to be on the same box).  It took me about 4 days to figure out that a CA will not issue a cert to itself if the CA shares the same name as the server on which it resides.
• Download the CA Certificate Chain on the RMS.  Import the cert into the computers Trusted Root Certificate store.
• Download the CA Certificate Chain on the future GW.  Import the cert into the computers Trusted Root Certificate store.
• Request an advanced certificate using the FQDN of the RMS (follow guide)
• Issue/Approve the cert on the CA
• Download the cert on the RMS
• Request an advanced certificate using the FQDN of the future GW server
• Issue/Approve the cert on the CA
• Download the cert on the future GW
• On the RMS, make sure you have access to the installation media for SP1.  You can extract the SP1 download to a known directory.  SP1 has the advantage of a GUI for the MomCertImport.exe tool.  Double click momcertimport.exe which is located in <installation media directory>\UpdateCDImage\SupportTools\amd64 for 64 bit machines and <installation media directory>\UpdateCDImage\SupportTools\i386 for 32 bit servers.  Make sure you use the correct version.
• After double-clicking MomCertImport.exe, choose the cert that you just issued from the window that appears.
• Restart the health service on the RMS
• Run the gateway approval tool as specified in the article.
• Make sure the GW server shows up in the RMS console under Administration>Management Servers.  It will show as status "Not Managed" until you complete all of the remaining steps.  This is normal.
• On the future GW server, install the OpsMgr Gateway Service, use the FQDN of the RMS when it asks for the mgmt server name.