Monthly Archives: July 2016

Create Shared Mailbox (Exchange 2007/10)

Summary

Certain groups can require access to a shared Exchange mailbox that they can use to send emails from, view all incoming emails and emails that have been sent. Exchange 2007/2010 and Outlook 2013 provide functionality to create a secured shared mailbox, one which leaves the mailbox user disabled in Active Directory for security purposes. This is opposed to creating a standard user with a mailbox, which then requires a username and password and be left enabled. The document will describe how to create the shared mailbox and also how to configure its Sent Items folder to capture emails sent by users using the “send as” functionality (by default these are logged in the user’s own Sent Items folder)

Create Shared Mailbox

In Exchange 2007/2010 there is no GUI option for creating shared mailboxes, the Exchange Management Shell (EMS) must be used.

Open Exchange Management Shell > New-Mailbox -Name <Maibox Name> -Alias <Alias> -OrganizationalUnit “<OU path>” -Database “<Database>” -UserPrincipalName <E-mail Address> -Shared

Example (Create shared mailbox for the company Charity Club)

New-Mailbox -Name:’Charityclub’ -OrganizationalUnit:’domA.com/Mailing Lists’ -Database:’DomA DB 3′ -UserPrincipalName:’Charityclub@domA.com’ -Shared

Set Permissions

Once created Full Access and Send As permissions must be added for those users wanting to access the Mailbox and send emails as that user respectively.

Example (Give Charlie Charles full access and send-as permissions

Open the Exchange Management Shell and type:

get-mailbox -identity “Charityclub” | Add-MailboxPermission -user “Charlie Charles” -accessrights ‘FullAccess’

get-mailbox -identity “Charityclub” | Add-ADPermission Info -User “Charlie Charles” -ExtendedRights Send-As

NB This can also be done by right clicking on the mailbox in the EMC and select Manage Send As permission and Full Access permission

Allow Send As Sent Items to be Saved to the Shared Mailbox Sent Items Folder

A change to the registry of the computer of each user that has Send As permissions is required so that emails sent as the shared mailbox user are stored in the Sent Items folder of the Shared mailbox not the local user.

Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Preferences then create a new DWORD value called DelegateSentItemsStyle setting the value to 1. A restart of Outlook is required for this changed to be applied.

This can also be issued via a group policy preference.

Change Existing Standard Mailboxes to Shared

For existing mailboxes these can be changed to the type “Shared” > set-mailbox SportsandSocial -Type Shared

 

Disclaimer: provided “AS IS” with no warranties and confer no rights

TeamCity – Superuser access to UI

The Scenario

Some developers use TeamCity. This instance uses the built-in authentication model, i.e. no LDAP authentication.

The Problem

A team of developers forgot the password to login to their TeamCity server UI. No one had a copy of it so all access was denied.

The Solution

TeamCity provides a Superuser account (enabled by default – check if it’s enabled navigate here: http://<teamcity-server-url>/login.html?super=1 )

You need a security token to proceed, you’ll find this in the teamcity-servers.log file in the location <teamcity_install_directory_root\logs. i.e. C:\TeamCity\logs. A new token is generated each day so search for the latest instance of “Super user authentication token”

To login as superuser navigate to your TeamCity login screen (http://<teamcity-server-url>/login.html ) leave the username field blank and enter the security token as the password. Once logged in you will have full administrator privileges.

 

Disclaimer: provided “AS IS” with no warranties and confer no rights

Server 2012: Stuck at “Updating your System 8%”

The Scenario:

One of my Windows Server 2012 R2 Standard servers installed a large number of updates +200 all at once (so unfortunately I’ve no idea which one caused this problem).

The Problem:

After the reboot the server was stuck on the start-up splash screen stating “Updating your system 8%”. I tried the following

  • Waiting several hours
  • Rebooting
  • Rebooting in Safe Mode (press F8 immediately as the server boots to access this boot option)
  • Rebooting using Last Known Good Configuration (press F8 immediately as the server boots to access this boot option)

None of the above worked.

The Solution:

  1. Reboot the server, press F8 to access advanced boot options. NB If your server is a Hyper-V VM you may be having problems getting the F8 prompt to work, if so see this link for details on how to resolve this.
  2. Select the Option “Repair Your Computer”
  3. 8_per_1
  4. In the Options screen select Troubleshoot > Command Prompt > Click Administrator user
  5. 8_per_2
  6. 8_per_3
  7. 8_per_4
  8. Enter the Local Administrator password.
  9. 8_per_5
  10. 8_per_6
  11. The server boots into a limited command prompt at the X drive:
  12. 8_per_7
  13. Get a list of all the available drives, type “wmic logicaldisk get name“. This is important as whilst in the repair environment the drive mappings often get changed around i.e. I was panicking when I changed to the C drive only to find it was empty. In fact the system drive was mapped to the D drive. There’s no obvious way to tell, you just have to change to each drive mapping a run a Dir command.
  14. 8_per_8
  15. Navigate to the \Windows\Winsxs folder. Once here you need to find all the files called pending.xml* and rename them all by adding .OLD to the end of the file name. (In my server I had two pending.xml and pending.xml.random_number – I added .OLD to the end of both of these). The reason for this is it’s in one of these there is a corruption that’s the cause of the problem.
  16. 8_per_9
  17. Create a new blank pending.xml file in the \Windows\Winsxs folder; echo > pending.xml
  18. Create a scratch folder in the \Windows directory; mkdir D:\windows\scratch (This is a requirement for step 19, otherwise you will get a 3017 error, which complains the default temporary location for the scratch folder is too small.)
  19. Next up is to run a DISM command to remove/revert all pending actions from the image, in our case these updates attempting to install. Run the following command (NB my system drive was mapped to the D drive);    DISM /Image:D:\ /Cleanup-Image /RevertPendingActions /scratchdir:D:\Windows\Scratch
  20. Once step 19 is complete rename the \windows\SoftwareDistribution to SoftwareDistributionOLD:
  21. ren D:\windows\SoftwareDistribution SoftwareDistributionOLD
  22. Finally, run sfc /scannow – the System File Checker tool to repair missing or corrupted system files
  23. Reboot the server. The start-up splash screen should show spinning dots for a minute or two then boot normally. In my instance it then reported updates couldn’t be installed and so reverted those that had been installed. It then forced another reboot.
  24. At this stage the server is ready to have updates installed, but this time only do a few at a time to locate the faulty update.

Disclaimer: provided “AS IS” with no warranties and confer no rights