Archive for March, 2010

Publishing Printers in Active Directory

Posted: March 28, 2010 in Active Directory, Printers, Server, System Information
0

Problem

You want to publish a printer in Active Directory to make it easier for users to locate and access it.

Solution

Using a graphical user interface

  1. Open the Print Management MMC snap-in. Double-click on the print server that you want to manage, and then select Printers.

  2. Right-click on the printer that you want to list or remove, and then click “List in Directory” or “Remove from Directory.”

Using a command-line interface
	> cscript pubprn.vbs \\<ServerName>\<PrinterName> "<PrinterDN>"

Discussion

The idea of publishing printers in Active Directory has been around since its inception with Windows 2000; in fact, the “List in Directory” option is selected by default when you first share a printer object. By listing a printer in Active Directory, users on your network can easily search for printers that meet certain criteria such as name, location, or other identifying characteristics. Any changes that are made to the printer’s attributes get automatically propagated to Active Directory.

Deploying Printers Through Group Policy

Posted: March 28, 2010 in Active Directory, Printers, Server, System Information
Tags: ,
0

Problem

You want to deploy printers to a group of users or computers using a GPO.

Solution

Using a graphical user interface

To deploy a printer using Group Policy, you must first push the printer installation settings to a GPO as follows:

  1. Open the Print Management MMC snap-in. Double-click on the print server you want to manage and then click Printers.

  2. Right-click the printer you want to manage and select “Deploy with Group Policy.”

  3. From the Deploy with Group Policy dialog box, click Browse to select a GPO and click OK.

  4. Select one or both of the following:

    • The users that this GPO applies to (per user), to allow a printer connection to follow a user to multiple computers
    • The computers that this GPO applies to (per machine), to allow a printer connection to be available to any user who logs on to a particular computer

  5. Select Add and then OK when you’re finished.

    Using a command-line interface

    After you’ve created the appropriate GPO, add the following to a startup script (for per-machine printer connections) or to a logon script (for per-user printer connections):

    	> pushprinterconnections.exe -log

    Discussion

    A common complaint with previous versions of the Windows Server operating system was the inability to easily push printer settings to clients using Group Policy. This has been greatly improved with the Print Management Console in R2, as you now have a “Deploy with Group Policy” option built right into the MMC console. You can deploy printers on a per-user or per-computer basis; the former is useful for users whose printer connections need to follow them from computer to computer, while the latter is useful in a branch office or lab setting where all users of a particular computer need access to the same printer.

Managing Printer Drivers

Posted: March 28, 2010 in Active Directory, Printers, Server, System Information
Tags: ,
0

Problem

You want to add or remove print drivers on a print server.

Solution

Using a graphical-user interface

To add a print driver to a print server, do the following:

  1. Open the Print Management MMC snap-in.

  2. Double-click on the Print Servers node, then the print server that you want to manage.

  3. Right-click on the Drivers node and select Add Driver. Click Next to continue.

  4. On the Processor and Operating System Selection screen, place a checkmark next to the processors and OSes that will be used by your client computers. Click Next to continue.

  5. Select the manufacturer and model of the printer, or click Have Disk to use a manufacturer-supplied print driver.

  6. Click Next and then Finish to add the driver.

To manage existing print drivers, do the following:

  1. Open the Print Management MMC snap-in.

  2. Double-click on the Print Servers node, then the print server that you want to manage.

  3. Right-click on the Drivers node and select Manage Drivers.

  4. To add a new driver, click Add and follow the instructions in the previous section. To delete an installed driver, click Remove. To reinstall a print driver from media, click Re-Install.

  5. Click OK when you’re finished.

Using a command-line interface

To add a printer driver, enter the following:

	> cscript prndrvr.vbs -a -v 3 -e "Windows NT x86"

To delete a printer driver, use the following syntax:

	> cscript prndrvr.vbs d m "<DriverName>" v 3 e "Windows NT x86"

To list the printer drivers that are installed on a print server, use the following:

	> cscript prndrvr.vbs l

Creating a Printer Filter

Posted: March 28, 2010 in Active Directory, Printers, Server, System Information
Tags: ,
0

Problem

You want to create a printer filter to view only specific printers within the Print Management Console.

Solution

Using a graphical user interface

  1. Open the Print Management Console MMC snap-in.

  2. Right-click on Custom Printer Filters and select Add New Printer Filter.

  3. Enter a name and description for the printer filter. Optionally, place a checkmark next to “Display the total number of printers.” Click Next to continue.

  4. On the “Define a printer filter” screen, you can specify up to three conditions for the filter.

  5. In the Field drop-down box, select one of the following:

    • Printer Name
    • Queue Status
    • Jobs in Queue
    • Server Name
    • Comments
    • Driver Name
    • Is Shared
    • Location
    • Share Name

  6. For the Condition drop-down, select one of the following:

    • is exactly
    • is not exactly
    • begins with
    • not begin with
    • ends with
    • not end with
    • contains
    • not contain

  7. In the Value textbox, type a value that the condition should meet.

  8. When you have entered all necessary information, click Next to continue.

  9. On the Set Notifications (Optional) page, select one or both of the following:

    Send e-mail notification

    This will send an email whenever a printer that meets the criteria of the filter is found. Enter the recipient email address(es), sender email address, SMTP server, and message.

    Run script

    This will run a script whenever a printer that meets the criteria of the filter is found. Enter the path to the script and any command-line arguments.

  10. Click Finish to create the filter.

Discussion

One of the new features of the Print Management Console is the ability to create one or more custom printer filters using WMI information. This provides you with an at-a-glance view of all the printers in your environment, as well as printers that meet one or more specific criteria. There are three default print filters available when you first launch the PMC: All Printers, Printers Not Ready, and Printers With Jobs. You can create additional filters based on the printer name, queue status, the number of jobs in a queue, etc.

Installing the Print Server Role

Posted: March 28, 2010 in Active Directory, Printers, Server, System Information
Tags: ,
0

Problem

You want to add the print server role on a Windows Server 2003 server.

Solution

Using a graphical user interface

  1. Open the Configure Your Server wizard.

  2. Click Next to bypass the initial Welcome screen.

  3. On the Server role screen, select Print Server and click Next.

  4. On the Summary screen, click Next to begin the installation.

  5. Specify the path to the second R2 disc if necessary, and then click Finish.

Using a command-line interface

To add the Print Server role from the command-line, first create an unattend.txt> file containing the following:

	[Networking]

	[NetServices]
	MS_Server = params.MS_Server

	[Components]
	PMCSnap = On

Once you’ve saved the file, use the following syntax to install the Print Server role:

	> sysocmgr /i:c:\windows\inf\sysoc.inf /u:c:\unattend.txt

Using VBScript
	' This code creates an unattended installation file,
	' and then installs the Print Server Role
	' ------ SCRIPT CONFIGURATION -----
	strFile = "c:\unattend.txt"
	constForWriting = 2
	strComputer = "<ServerName>" ' use "." for the local computer
	' ------ END CONFIGURATION --------

	set objFSO = CreateObject("Scripting.FileSystemObject")
	set objFile = objFSO.OpenTextFile(strFile, constForWriting, True)
	objFile.WriteLine("[Networking]")
	objFile.WriteLine("[NetServices]")
	objFile.WriteLine("MS_Server = params.MS_Server
	objFile.WriteLine("[Components]")
	objFile.WriteLine("PMCSnap = ON")
	objFile.Close

	set objWshShell = WScript.CreateObject("WScript.Shell")
	intRC = objWshShell.Run("sysocmgr /i:%windir%\inf\sysoc.inf /u:" & _
	                        strFile, 0, TRUE)
	if intRC <> 0 then
	   WScript.Echo "Error returned from sysocmgr command: " & intRC
	else
	   WScript.Echo "Print Server role installed"
	end if

Discussion

The Print Manager role is not installed by default in Windows Server 2003 R2; you need to add the role manually using Add/Remove programs or the Configure Your Server wizard. This role has been greatly improved in R2 by including the Print Management Console MMC snap-in, which provides a unified view of installed drivers and forms, printer ports, and the ability to deploy printers using Group Policy.

Creating a Storage Group

Posted: March 28, 2010 in Active Directory, Exchange Server, Server, System Information
Tags: ,
0


Problem

You want to create a new storage group to allow for more mailbox stores, faster backups, or a logical organization of mailboxes.

Solution

Using a graphical user interface

  1. Open the Exchange System Manager (ESM) snap-in.
  2. In the left pane, browse to the server that you want to create a new storage group for.
  3. Right-click on the server and select New Storage Group.
  4. Enter a name, transaction log location, system path location for storage of temporary and recovered files and click OK.

Using a command-line interface

First create an LDIF file called add_sg.ldf with the following contents:

dn: CN=<

Storage Group Name>,<ParentDN>

changetype: add

objectClass: msExchStorageGroup

cn: <

Storage Group Name>

showInAdvancedViewOnly: TRUE

systemFlags: 1610612736

msExchESEParamEnableIndexChecking: TRUE

msExchESEParamEnableOnlineDefrag: TRUE

msExchESEParamSystemPath: <Path to store system files>

msExchESEParamPageFragment: 8

msExchESEParamPageTempDBMin: 0

msExchRecovery: TRUE

msExchESEParamZeroDatabaseDuringBackup: 0

msExchESEParamBaseName: E01

msExchESEParamCircularLog: 0

msExchESEParamEventSource: MsExchangeIS

msExchESEParamCheckpointDepthMax: 20971520

msExchESEParamCommitDefault: 0

msExchESEParamLogFilePath: <Path to log files>

msExchESEParamDbExtensionSize: 256

msExchESEParamLogFileSize: 5120

Replace < Storage Group Name> with the name of the storage group, <ParentDN> with the distinguished named for storage groups container for the appropriate server, <Path to store system files> with the filesystem path where you want system files (temporary and recovered files), and <Path to log files> with the filesystem path where you want exchange log files. Then run the following command:

>ldifde -i -f add-sg.ldf

Using VBScript

‘ This code creates a Storage Group.

‘ —— SCRIPT CONFIGURATION ——

strServer = “<

Exchange Server>”   ‘ e.g. ExchServer2

strName = “<Storage Group Name>”  ‘ e.g. SG1

strPath = “<File Path>” & strName ‘ e.g. D:\Program Files\ExchSrvr

‘ —— END CONFIGURATION ———

‘ Create URL to Storage Group

Set objSrv = CreateObject(“CDOEXM.ExchangeServer”)

objSrv.DataSource.Open strServer

‘ This for loop is a bit of a hack to retrieve the first Storage Group

‘ in the collection. VBScript doesn’t let you access specific elements

‘ of a collection the way Jscript can.

for each strSg in objSrv.StorageGroups

strTemp = strSg

exit for

next

strTemp = mid(strTemp,instr(2,strTemp,”cn”,1))

strSGUrl = “LDAP://cn=” & strName & “,” & strTemp

‘ Create/configure

Storage Group and save it

set objSG = CreateObject(“CDOEXM.StorageGroup”)

objSG.MoveSystemFiles(strPath)

objSG.MoveLogFiles(strPath)

objSG.DataSource.SaveTo strSGUrl

Wscript.Echo “Successfully created storage group.”

Discussion

Storage groups are used for physically breaking your databases up into smaller management groups. This is done for several reasons. Chief among them are so you will have more numerous but smaller databases, a logical organization of mailboxes, or faster Exchange backups and restores since the Exchange Server can run one simultaneous backup for each storage group. For example, if you have four mailbox databases in a single storage group, you can only have one backup running for that storage group; if you spread those four mailbox databases across two storage groups, you can run two simultaneous backups. For more detailed information on Exchange backups and file structures, see the Exchange Server Cookbook by Paul Robichaux et al. (O’Reilly).

Depending on the version (Standard or Enterprise) of Exchange, you can have up to four storage groups per server and up to five mailbox stores per storage group. ESM enforces these limits, but it is possible to directly modify Active Directory to exceed them. If you create more databases or storage groups than allowed by your version, the additional databases will not mount. In Exchange 2003, Microsoft recommends that you spread your mailboxes across as many stores and storage groups as possible; this is because of memory management improvements since Exchange 2000.

Storage groups are represented in Active Directory by the msExchStorageGroup class. This class has several attributes that have fairly intuitive string values and names and can be matched up to the options in ESM. Unfortunately, the raw Active Directory objects and attributes and their valid values for Exchange are not well documented. You can experiment with their settings, but you should do so only in a lab environment.

Using a Command-Line Interface

One negative aspect of creating storage groups by direct Active Directory object manipulation is that you will not get warnings concerning the maximum number of storage groups allowed.

Using VBScript

The process of calling the CDOEXM interfaces to create storage groups is rather straightforward once you have the URL for the location of the object in Active Directory. In this solution, to get the distinguished name of the storage group container for the server, the script loops through all storage groups on the sever and sets strTemp to the URL value of the last storage group. This value is then parsed to get the parent container for the storage groups to build the new storage group URL.

Creating a Recipient Policy

Posted: March 28, 2010 in Active Directory, Exchange Server, Server, System Information
Tags: ,
0

Problem

You want to create a recipient policy to configure an additional email address or mailbox manager policy.

Solution

Using a graphical user interface

  1. Open the Exchange System Manager (ESM) snap-in.

  2. In the left pane, browse to the Recipients Recipient Policies container.

  3. Right-click on Recipient Policies and select New Recipient Policy.

  4. Select the property pages you a want on the recipient policy form and click OK.

  5. Enter the recipient policy name.

  6. Click on Filter Rules, click Modify, select the search criteria, click OK.

  7. Read the warning message that is displayed and click OK.

  8. Set the desired policies on the E-Mail Addresses (Policy) and Mailbox Manager Settings (Policy) tabs.

  9. When you are done, click OK.

Configuring Mailbox Limits

Posted: March 27, 2010 in Active Directory, Exchange Server, Server, System Information
Tags: ,
0

Problem

You want to enable storage limits for user mailboxes on an Exchange server.

Solution

Using a graphical user interface

  1. Open the Exchange System Manager (ESM) snap-in.

  2. In the left pane, browse to the mailboxes container of the server, storage group, and database you want to configure a storage limit for.

  3. Right-click the mailbox store. Select Properties, and then select the Limits tab.

  4. Select one or more of the following checkboxes:

    Issue warning at

    Warns users that they have exceeded the storage limit, but their mailbox will continue to function.

    Prohibit send at

    Warns users that they have exceeded the storage limit and then prevents them from sending new messages until their mailboxes are brought back underneath the configured storage limit. Users can still receive messages.

    Prohibit send and receive at

    Warns users that they have exceeded the storage limit and then prevents them from both sending and receiving messages until they have corrected the situation.

  5. Specify the appropriate values for these settings in kilobytes (KB).

The maximum value that you can configure for these items through the GUI is 2 GB (2,097,151 KB). To establish larger values than that, you need to use ADSI Edit or the command-line or script solutions listed next.

Using a command-line interface

To configure the size at which a warning will be issued, use the following syntax:

	> adfind config rb "cn=<StorageGroup>,cn=InformationStore,cn=<ServerName,
	cn=Servers,cn=<Administrative Group>,cn=Administrative Groups,cn=< 
ExchangeOrg,
	cn=Microsoft Exchange,cn=Services" dsq | admod mDBStorageQuota::<LimitinKB>

To configure the size at which a user can receive mail but not send, use the following:

	> adfind config rb "cn=<StorageGroup>,cn=InformationStore,cn=<ServerName,
	cn=Servers,cn=<Administrative Group>,cn=Administrative Groups,cn=<ExchangeOrg,
	cn=Microsoft Exchange,cn=Services" dsq | admod mDBOverQuotaLimit::<LimitinKB>

To configure the limit at which a user can neither send nor receive messages, use:

	> adfind config rb "cn=<StorageGroup>,cn=InformationStore,cn=<ServerName,
	cn=Servers,cn=<Administrative Group>,cn=Administrative Groups,cn=<ExchangeOrg,
	cn=Microsoft Exchange,cn=Services" dsq | admod mDBOverHardQuotaLimit::<LimitinKB>

You can set multiple attributes in a single command by specifying more than one attribute in the AdMod portion of the command syntax, as follows:

	> adfind config rb "cn=<StorageGroup>,cn=InformationStore,cn=<ServerName,
	cn=Servers,cn=<Administrative Group>,cn=Administrative Groups,cn=<ExchangeOrg,
	cn=Microsoft Exchange,cn=Services" dsq | admod mDBStorageQuota::<LimitinKB>
	mDBOverQuotaLimit::<LimitinKB> mDBOverHardQuotaLimit::<LimitinKB>

Using VBScript
	' The following script will update the Warning, OverQuota, and
	' HardOverQuota attributes of a  
mailbox store
	'-----------SCRIPT CONFIGURATION-----------------------------
	' strLDAPString = "cn=<StorageGroup>,cn=InformationStore," & _
	"cn=<ServerName>,cn=Servers,cn=<AdministrativeGroup>," & _
	"cn=Administrative Groups,cn=<ExchangeOrg>,cn=Microsoft Exchange," & _
	"cn=Services,cn=Configuration,<ForestRootDN>"

	strWarningLimit = "<WarningLimitinKB>"
	strSoftQuotaLimit = "<ReceiveOnlyLimitinKB>"
	strHardQuotaLimit = "<NoSendOrReceiveLimitinKB>"
	'-------------------END CONFIGURATION----------------------

	Set objMaiboxStore = GetObject _
	    ("LDAP://" & strLDAPString)

	objMailboxStore.Put "mdBStorageQuota", strWarningLimit
	objMailboxStore.Put "mdBOverQuotaLimit", strSoftQuotaLimit
	objMailboxStore.Put "mdBOverHardQuotaLimit", strHardQuotaLimit

	objMailboxStore.SetInfo

Discussion

It’s not uncommon for administrators to want to set reasonable size limits on individual users’ mailboxes; you can configure this globally at the mailbox store level. Since you can have multiple stores on a single server, this can allow you to create multiple stores with multiple storage limits for departments or groups that have greater storage needs. You can also override the mailbox store defaults for individual user accounts by modifying the Exchange General tab within Active Directory Users and Computers for an individual user account, or else by programmatically modifying the same three attributes and then setting the mdBUseDefaults attribute to FALSE. You can also set mailbox limits using a System Policy, and then apply the same policy to multiple stores.

Viewing Mailbox Sizes and Message Counts

Posted: March 27, 2010 in Active Directory, Exchange Server, Server, System Information
Tags: , ,
0

Problem

You want to view the sizes and message counts of all mailboxes on a server.

Solution

Using a graphical user interface

  1. Open the Exchange System Manager (ESM) snap-in.

  2. In the left pane, browse to the mailboxes container of the server, storage group, and database you want to view mailboxes in.

  3. In the right pane, scroll down through the list of mailboxes noting the Size and Total Items columns.

Using VBScript
	' This code displays all mailboxes and their sizes
	' ------ SCRIPT CONFIGURATION ------
	strComputer = "< 
Exchange Server>" 'e.g. ExchServer2
	' ------ END CONFIGURATION ---------

	set objWMI = GetObject("winmgmts:\\" & strComputer & _
	                       "\root\MicrosoftExchangeV2")
	set objMbxs = objWMI.ExecQuery("Select * from Exchange_Mailbox",,48)
	for each objMbx in objMbxs
	  Wscript.Echo objMbx.MailBoxDisplayName & " " & objMbx.size & "KB " _
	               & objMbx.TotalItems & " items"
	Next
	Wscript.Echo "Script completed successfully."

Discussion

Mailbox sizes and message counts are items on Exchange systems that administrators routinely want to know about for the purposes of reporting and metrics. Administrators want to know if their mail system is balanced and if users are spread across the mailbox stores evenly. Knowing the number of users and the size of their mail-boxes in each mailbox store, the administrator can make better decisions about where new user mailboxes should be placed or if some leveling of mailboxes is required.

Enumerating Disconnected Mailboxes

Posted: March 27, 2010 in Active Directory, Exchange Server, Server, System Information
Tags: ,
0

Problem

You want to enumerate all disconnected mailboxes on a server.

Solution

Using a graphical user interface

  1. Open the Exchange System Manager (ESM) snap-in.

  2. In the left pane, browse to the mailboxes container of the server, storage group, and database for which you want to view disconnected mailboxes.

  3. In the right pane, scroll down through the list, taking note of all mailboxes with a small red circle with an X.

Using VBScript
	' This code enumerates disconnected mailboxes.
	' ------ SCRIPT CONFIGURATION ------
	strComputer = "<Exchange Server>" 'e.g. ExchServer2
	' ------ END CONFIGURATION ---------
	set objWMI = GetObject("winmgmts:\\" & strComputer & _
	                       "\root\MicrosoftExchangeV2")

	set objDiscMbx = objWMI.ExecQuery("Select * from Exchange_Mailbox",,48)
	for each objMbx in objDiscMbx
	  if (objMbx. 
DateDiscoveredAbsentInDS <> "") then
	     Wscript.Echo objMbx.MailBoxDisplayName & " " & _
	                  objMbx.DateDiscoveredAbsentInDS
	  end if
	next
	Wscript.Echo "Successfully enumerated disconnected mailboxes."

Discussion

When you tell the system to delete an Exchange mailbox, it isn’t really deleted. It is simply disassociated or disconnected from the user object. These mailboxes are referred to as orphaned or disconnected. This recipe shows you how to enumerate the disconnected mailboxes you have on a specified server.

Older Entries
Newer Entries