Changing SID of a cloned machine using sysprep tool

I created some VMs in my lab recently and one of the VMs were cloned. When I tried to add this particular Windows Server 2012 R2 VM to domain it showed the following error

SID

I used the sysinternals tool PsGetsid to confirm that the SID on both the base VM and the clone were the same.

So, the next thing to do is change the SID of the server which I am trying to add to domain. By default, Sysprep is available in Windows with which you can perform this operation.

Go to Run and type Sysprep  and click Enter.

sid1

In the Sysprep folder, launch the sysprep application.

sid2sid3

Select the Generalize check box and click OK.

sid4

Sysprep will start and once done your machine will restart to the below screen

sid5.jpg

sid6

sid8

Input the values and you will login to the machine. You may have to change the hostnames etc. again.

Resolve “420 4.2.0 RESOLVER.ADR.Ambiguous; ambiguous address​” error in Queue viewer

Recently when in shift, I noticed that the scom alerts indicated more than 200 messages in queue of our transport servers. Upon checking the queue viewer I could see messages being piled up in the queue with the error 420 4.2.0 RESOLVER.ADR.Ambiguous; ambiguous address.

Queue

As the error says, the messages were getting piled up due to a duplicate smtp address. The event viewer log revealed the following:

Event1

Event2

The logs clearly says another AD object is assigned with the duplicate email address and the next thing to do is to find out the object and delete it.

So, you can search for the email address in Active Directory Users and Computers console in the custom search section with the “proxy address” attribute.

Search

Once you find the AD object, delete the ambiguous address from the proxy address attribute of the other AD object.

proxy

Check and confirm that the issue has been resolved.

Updating a Dynamic Distribution List

A Dynamic Distribution Group is little bit different from a normal distribution group. The membership of a dynamic distribution group depends on the filters or conditions supplied to it whereas, a normal distribution group membership is calculated by the users added to the particular group. Also, you will not be able to expand a DDL like you can do on a normal distribution group.

This post discusses the steps to modify the filter for a particular DDL to include a new department or role. Once the new filter is applied, all the members matching the filter gets added to the DDL. This has to be done from Exchange Management Shell.

The below fig shows a DDL with the filter details :

DG

You can use the below command to view the currently configured recipient filter :

Get-DynamicDistributionGroup “test” | fl recipientfilter

DDL

Now in order to modify the recipient filter, use the following cmdlet:

Get-DynamicDistributionGroup “test” | Set-DynamicDistributionGroup -recipientfilter {}

The modified recipient filter should be mentioned in between the brackets {} as shown above. The change will be applied shortly and if you click the Preview button in the filter tab, you can find the newly added members based on the new filter.

Reference : https://social.technet.microsoft.com/Forums/exchange/en-US/cdd98de6-550d-4821-9ca3-9496c8cf18aa/edit-existing-dynamic-distribution-group

Upgrade Exchange Server 2013 RTM to SP1 on Windows Server 2012 R2

The Exchange Server 2013 RTM version number is 15.0 (Build 516.32). We are planing to upgrade it to Exchange Server 2013 Sp1 which is [Build no – 15.00.0847.032]. 

Before proceeding with the upgrade make sure you have a proper backup in place. Also, update your server with the latest patches.

You can check your current Exchange Schema Version using the Powershell command “Exchange Schema Version = ” + ([ADSI](“LDAP://CN=ms-Exch-Schema-Version-Pt,” + ([ADSI]”LDAP://RootDSE”).schemaNamingContext)).rangeUpper”

  • Make sure you have downloaded the setup files to your local server
  • Check and confirm that the mail flow is working
  • Execute the command “Get-ServerComponentState ServerName” and confirm that the status of all Exchange components are Active
  • Execute the command “Set-ServerComponentState ServerName –Component HubTransport –State Draining –Requester Maintenance &”Set-ServerComponentState ServerName –Component UMCallRouter –State Draining –Requester Maintenance” to put the components in Maintenance Mode
  • Execute the command “Set-ServerComponentState ServerName –Component ServerWideOffline –State inactive –Requester Maintenance” to change the status of all the components to Inactive state
  • Check and confirm that all components are in Inactive state using the command “Get-ServerComponentState ServerName

1

  • Now launch Exchange Management Shell and navigate to the Exchange 2013 SP1 setup folder
  • Execute the command “setup.exe /preparead /IAcceptExchangeServerLicenseTerms” to prepare your AD server for the upgrade

Note : You may face several issues during this process. The issues that were reported during the upgrade while I was working are discussed here :-

A reboot from a previous installation is pending. Please restart the system and rerun Setup.

Reboot

Checked the following registry keys :

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\UpdateExeVolatile
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations

Since I was not able to find the Updates key, had to manually create the same along with the string value UpdateExeVolatile. The value of the string was set to 0 [which indicates that system restart is not required]. Also, deleted the key PendingFileRenameOperations.

After performing the above steps, re ran the PrepareAD command again. The Prerequisites and Organization Checks completed successfully.

new4

  • Next step is to run the Setup.exe file from its location. Double click the Setup.exe file and proceed. You might face the below error at some point during the readiness checks ;

Service ‘WMSVC’ failed to reach status ‘Running; on this server

Error 2

Upon searching regarding the error online, it led me to Web Management Service in IIS Manager.

  • Launch IIS Manager
  • Select the Server and on the right hand side, under Management double click Management Service

5

  • Assign the SSL certificate you have previously installed to the service and Start the WMSVC service

6

This resolved the issue and the setup installation completed successfully.

Now the pending work is to remove the Exchange services from the Maintenance Mode. Execute the below commands for the same :

  • Set-ServerComponentState ServerName –Component ServerWideOffline –State active –Requester Maintenance
  • Set-ServerComponentState ServerName –Component HubTransport –State active –Requester Maintenance
  • Set-ServerComponentState ServerName –Component UMCallRouter –State active –Requester Maintenance

Confirm that all Exchange components are in Active state by executing the command : Get-ServerComponentState ServerName

Restart the Exchange Services and test the mail flow. Confirm that the SP1 upgarde completed successfully by executing the ‘Get-ExchangeServer | fl‘ in EMS.

new6

Verify the build number in the above screen shot.

 

Note:- Please also check the link ‘https://anishjohnes.wordpress.com/2014/08/14/resolve-mail-flow-issues-with-exchange-server-2013-after-failed-exchange-sp1-upgrade/’ for resolving issues with SP1 upgrade. 🙂

 

Reference :

  1. http://technet.microsoft.com/en-us/library/cc164360(v=exchg.80).aspx
  2. http://social.technet.microsoft.com/Forums/exchange/en-US/7f193833-de94-408b-91ad-266d6811a26b/exchange-2013-cu2-to-cu3-upgrade-error?forum=exchangesvrdeploy