Category Archives: Server

Set up an Exchange 2003 SMTP Relay to allow Scan to Email on a scanner KB1039385

KB1039385

Description:  Set up an Exchange 2003 SMTP Relay to allow Scan to Email on a scanner.

Common customer description: “I need to set up scan to email on my scanner”

“When I send an email from my scanner, it brings up an error”

Probing questions: Has this been set up previously?

Does the scanner show a specific SMTP error or delivery error?

Is the scanner still accessible on the network?

Steps to isolate: Check the configuration on the scanner via the devices Web Console. This can normally be done by navigating to the device through a Web Browser and connecting to the devices ip address. There should be an Email section somewhere after you’ve logged in to the device. Make sure this is set to send mail through the exchange server through either “smtp.domain.com” or their OWA’s FQDN “mail.domain.com” on port 25. Confirm whether authentication is required and that the account, if there is one, has the correct password. 

Steps to resolve: If the scanner is confirmed to be using exchange to send mail, we will need to log in to the exchange server and open the System Attendant> Servers> Protocols > SMTP >  and Open the properties of the SMTP Virtual Server listed. After navigating to the Access tab, you can add the Scanners ip address to the Connection and Relay options listed.

1

2

3

These lists should include any other devices on the network that would send mail (Scanners, Printers, Fax) along with the Servers IP.

Additional considerations: If this does not correct the issue, make sure there are no external sources blocking port 25 internally. A router/firewall could possibly block port 25 on the network. Otherwise escalate to a tier 2 technician.

Note to be careful on which ip’s are set up for the open relay. If you leave the relay portion wide open it could cause a blacklist or smtp relay to fill the exchange queue.

 

Microsoft Updates on 2003 servers that keep refreshing KB1039382

KB1039382

Microsoft Updates on 2003 servers that keep refreshing

If the Windows Update is stuck in a constant refresh loop here are the steps to fixing this.

 

  1. Click on the red X to stop the page from reloading as marked below.

    1

  2. Then on the left hand side of the page click change settings
  3. Scroll all the way to the bottom and there is an option to Disable Microsoft updates
  4. Check the box and click apply changes now
  5. Close the page
  6. Re-open the page and this problem should be fixed

Website isn’t loading internally but is externally KB1039347

KB1039347

Description:   My Website isn’t loading internally but is externally

Common customer description:  We recently changed Web Host providers and ever since then we haven’t been able to load the website inside of our network but we can from at home.

Probing questions:  When did this start happening?

How many people are affected?

What is the URL of the website?

Do you know the IP address it’s supposed to resolve to?

Are you able to get to the site externally (outside of the network)?

Steps to isolate:  If it’s able to be resolved externally but not inside of the network, this is most likely because of internal DNS needs to be either setup properly or server cache needs to be cleaned out.  Here are some steps to isolate the problem:

-Ping the URL of the website both internally and externally

-Try to load the website from both inside and outside of the network

-If you load the correct website outside of the network, external DNS is properly configured and the cause is internal DNS

Steps to resolve:  At this point we should have the IP address that is being resolved to both internally and externally, also should have the URL.  To start to resolve this you’ll need to do the following*:

* This is only an example using the sub-domain WWW. Depending on which sub-domain they need adjusted will be the A record you need to adjust. If they cannot get to domain-name.com internally, but www.domain-name.com works, the A record you need to change will be (Same as parent folder).

  1. Log into the server that is hosting their internal DNS
  2. There should be a forward lookup zone for the domain of the URL
  3. Once inside of the lookup zone, there should be an A record for WWW. This record should have the old IP address of the old website, change this to the new IP address.
  4. Also, there should be a Start of Authority record that has the old IP address, change this to the new IP address
  5. After these changes are done, right click on the Server Name and select Clear Cache
  6. Will also need to do the following commands on the server: IPconfig /flushdns after this command is done run this command:  IPconfig /registerdns
  7. Once this is complete should be able to load the website on the server and will take some time to propagate through the network

 

Setup email to Android phone – from an Exchange environment KB103988

KB103988

Issue:  Setup email to Android phone (from an Exchange environment)

Common Description: “I need to have email setup on my Android phone.”

“My email stopped working on my phone.”

Probing questions:

What device is this going to? (this exercise is for Android phone only)

Gather info:

Email address. They will likely already have it.                     user@domain-name.com

Password if they don’t already have it.                                  Password

Server. This will be their OWA address                                  email.domain-name.com

Domain. Sometimes optional                                                 domain-name.com

Username                                                                                 user

Login to OWA and check SSL cert to be sure it’s valid.

Is this a working email account?

Steps to isolate: These are based on probing questions above, what to do to verify that the issue is what we think it is. (Actions to take- send a test message from account to itself, to test inbound and outbound mail; Check SPAM filter settings; Check AD groups)

The customer will know that the issue is email on their phone.

Steps to resolve:  Billable time, requires approval.

From Home screen  go to Applications -> Settings -> Personal -> Accounts and Sync

Add account -> Microsoft Exchange ActiveSync

Type the email address and password -> Next

Add the domain -> Next

If it fails you will have to Edit the details (there should be a popup with “Edit details” as an option)

Make sure the server name is correct.

Is the username the same as the email address?

Expired password?

If email stopped working on the device, often that issue is resolved by deleting and re-adding the account as well.

Additional considerations:

It is helpful to get the credentials and try this on a device of your own.

New user setup on an Active Directory domain – Procedural KB103986

KB103986

Description:  New user setup on an Active Directory domain (Procedural)

Common customer description:  “I have a new user starting and we need to have a login for them.”

“I need to have a new user setup.”

Probing questions:  Get approval from main contact if account requires admin/domain admin permissions.

Is there anyone we can copy with the same or similar permissions?

What password for the account?

Any rules for the password? (does it expire, user cannot change password, etc)

Are there any groups that they need to be a part of?

How do you spell their name?

What is the account name going to be? (i.e. firstinitial.lastname, firstname.lastname, etc)

Do they need an email address?

What is the email address?

Verify this is for a domain account.

Steps to resolve:

Go to Start -> Run -> dsa.msc.

If a user can be copied, right click on domain.local (the 3 computers icon) -> find -> type name -> enter.

Right click on user name -> copy.

Or:

Also in Active Directory (dsa.msc), Find location of user accounts (i.e. Active Directory Users and

Computers -> domain.local -> MyBusiness -> Users -> SBSUsers), go to Action -> New -> User.

Type in new user’s information.

Type in password and apply any password rules.

If they have Exchange 2003, choose whether they need an Exchange account.

If they have Exchange 2007 or later, you will have to add the email account through Exchange.

Important – Check spam filter in spam filter tab. Add user email account to spam filter.

Make sure the account can receive email through OWA.

Email or call main contact on completion.

Additional considerations: If you cannot login to OWA, check to be sure that the password is not set to change on next login.

Cannot RDP into my Computer – Terminal Server KB103942

KB103942

Description:  Cannot RDP into my Computer – Terminal Server

Common customer description:

-When I try to connect to the server I get a message that says I need the “Remote Terminal Service access Right” by default, the Remote Desktop Users group has this right.

-When I try to RDP I get an error message pop up, it says that it couldn’t find the computer.

Example:

image1

Another Example:  (This is just a generic message that comes up if it’s unreachable)

image2

Probing questions: Ask the usual questions:

Was this setup before-hand?

Anyone else affected by this?

Were you able to Remote Desktop to this machine before?

How are you connecting? (Ip address//port number)

Do you know the name of the computer you are remote desktoping into?

Do you know if you are in a domain environment or workgroup?

Steps to isolate: In my opinion, the first step to isolate is to determine how they are connecting.  This way you can find out exactly what machine it is that they are connecting to.  If they are connecting via RDP with port forwarding(Example: 71.72.73.74:3389) you’ll be able to log into the firewall//router and see where that port is forwarding to and try to RDP to It from the OM, or if they are connecting with a VPN then RDP.  They will have the internal address of the computer already in there.

At this point see what kind of error message they get when they try to connect.  If you get the Terminal services error go to the Remote Terminal service issue section below and same thing with the other issue.

Steps to resolve: There are two possible fixes for this particular problem:

Remote Terminal Service access Right issue:

This issue is incredibly easy to fix.  The problem is that the user that is trying to log into the computer//server doesn’t have the user right to log into the computer.  By default the “Remote Desktop Users Group” does indeed have this right.  This means that the LOCAL REMOTE DESKTOP USERS GROUP has this right, NOT THE DOMAIN REMOTE DESKTOP USERS GROUP.  This is very important to understand.  To fix this log into the offending computer and make sure that the user is added to the remote desktop users group by following these steps:

1) Click Start then right click on computer and go to manage. (On a server you will need to go into Administrative Tools//Computer Management)

image3

2) Once in this section break down Local users and computers. At this point go to Groups and find the Remote Desktop Users Group, and see if there are part of this group and add them if they are not, which should resolve the issue.  If it doesn’t resolve the problem proceed to the next step.

image4

3) If at this point they cannot connect, you need to look at Group Policy on the LOCAL COMPUTER//SERVER. To do this, run the command MSC from the run line.  Once open follow the diagram to the correct path:  (Path is:  Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow Logon through Remote Desktop Services.  It might be labeled as Terminal Services)

image5

4) At this point, just open up the Policy and make sure that the LOCAL REMOTE DESKTOP USERS GROUP is added, you can also add domain groups here as well if needed. For example DomainRemote Desktop Users.  After this is done, perform a GPUPDATE /FORCE and this should resolve the issue.

Remote Desktop Pop-up Error:  This error can come up for a number of different reasons.  The top causes for this, possible causes could be:

  • Incorrect IP address – (should’ve been ruled out during the isolation stage)
  • Correct IP address but incorrect port specified or not specified– (should’ve been ruled out during the isolation stage)
  • Computer isn’t configured for remote desktop– (should’ve been ruled out during the isolation stage)
  • Remote desktop listening ports are not open through the windows firewall on the remote computer
  • Computer could not be properly connected to the network(This could be the case on either side)
  • Computer is shut off, sleeping or hibernating

As you can see, there are a number of possibilities for this particular error to come up.  If you properly isolated the issue, you should be able to take off three of the possibilities, so they will not be covered in this section.

Port Number:  To find out the listening port of Remote Desktop, you will need to go into the Registry, Follow these steps:

  • From the run line type regedit
  • The path you need to go is located at KHLMSYSTEMCurrentControlSetControlTerminal ServerWInStationsPortNumber
  • This key specifies what the port number is for RDP and is what needs to be specified in remote desktop to be able to connect.
  • This port number needs to be opened in the windows firewall. So open up Windows Firewall Advanced Settings, and make both inbound and outbound rules for this port number.  This will allow this port to be used for RDP.

Not connected properly to the network:  Need to Verify that the computer is connected to the network.  Ethernet cable, connected to the switch, switch is on, etc and vice-versa on the Connector’s end.  Typical No internet troubleshooting at this point to rule this possibility out.

Computer is shut off, sleeping or hibernating:  This is a simple issue, To fix this you will need to have someone at the remote location to get the computer back up and running(Wake it up) and get connected to it.  At this point you will need to go into Control Panel and go into power options to turn off sleep//hibernate settings for the computer.

Additional considerations: If the user still cannot connect to the computer at this point, the problem might be related to the VPN or port forwarding.  Consult Tier 2 at this point.

Email distribution group from outside of company KB103931

KB103931

To send email to a distribution group for outside of the company:

First you must add the distribution list email to the spam filter .

Select the distribution list in EMC. (see #1)

Choose your distribution list from the console on the right (see #2)

image1

Select ‘ Message Delivery Restrictions’ (see #3) then click properties ( see #4)

image2

On the ‘ Message Delivery Restrictions’ window uncheck the box “Require all senders are  authenticated” (see #5)

image3

Send a test email to the distribution to test. If you receive a bounce back look to see if it is from the spam filter. If it is then you will have to wait longer and test later.

Remember until its tested working you can’t close your ticket

Cannot send or receive email – Exchange – Low Disc space KB103929

KB103929

Issue:  Cannot send or Receive Email – Low drive space on server

Common customer description:

We have not received email since yesterday

A customer emailed me, and I didn’t get the email.

Email messages are coming in delayed.

We can’t send email.

Probing questions:

When did this start to happen? Is it just you or everyone in the office? Have you tried accessing email on another computer or cell phone?

Can you access the internet?

Are you getting any bounce backs?

If you find email is down for everyone and they do not have exchange monitoring on contract this is now billable work, and needs to be approved by main contact. If main contact is not available ask a Tier 2 for instructions.

Steps to isolate:  Connect to users computer check to see if outlook is connected to exchange send test messages to yourself from yourself. This tests outgoing and incoming mail flow.

Look over bounce backs if any are available. Read closely for details of the issue.

Check to see if email is hosted onsite on their exchange server or if it is through a 3rd party.

Log into OWA and send test messages if you do not receive any login to server.  If no messages, log in to the server and check the drive space on the C: drive and also the drive with the exchange database.

If you confirm c: space is low this is more than likely what the problem is. If drive space is normal you would need to continue troubleshooting.

Steps to resolve:

Use basic space clearing steps.

Use Tree size utility. Look for log files or databases that could be moved. Escalate to Tier 2 if needed.

Additional considerations:  If the problem cannot be isolated within 15 minutes ask a team lead.

Drive c: needs 10 GB of free space (recommended).

The drive with the database needs to have 10% free space as well.

CAL Licenses no longer installed KB103921

KB103921

Description:  CAL Licenses no longer installed

Common customer description:

“Only 5 people can log into their computers at a time.”
“Only a few people can access email or shared folders at a time.”

Probing questions:

When did this start?
Has anything change recently?
How is drive space on the server?

Steps to isolate:

Connect to the PDC server.
Check the drive space.
Check ticketing system to see if anyone recently cleaned the C: drive because it had filled up.

Steps to resolve:

To start with clean up the C: drive, make sure there is plenty of free space.

Then copy the c:windowssystem32licstr.cpa file to the desktop.

Next, go to Admin Tools, click on License, click on Restore License, follow the prompts and find the autolicstr.cpa in c:windowssystem32 folder and finish.

This will put the licenses back to the way they were before. Now if everything went well, just delete the file you saved to the desktop and done.

Additional considerations:

Cause: The server has very low or no C: space left.  If the server runs out of C: space and Windows tries to backup the CAL license database, it will stop and just default back to the original 5 licenses because there isn’t enough space for the backup file.