I ran into an interesting problem this weekend. I noticed that a lot of email was being returned as non-deliverable from my Exchange 2010 server. Many domains, specifically AOL and some of the major ISPs require that the domains they communicate have mail servers with reverse zone lookups, meaning that their name “mail.domain.com” for example, resolves to a specific IP. Well, my MX record does reverse resolve to the correct IP, however that IP wasn’t the IP address that my server was communicating from. My infrastructure goes through a firewall. It used to be Microsoft ISA Server, but recently I have been trying the new Forefront Threat Management Gateway. One of the nice things is TMG is supported on Windows 2008 and R2, and can be virtualized as well. I built mine on Windows 2008 R2, which appears to be part of my identity problem, at least as far as…

I noticed tonight that my domain controller’s clock had creeped ahead by about 15 minutes.  Inconsistent time, especially time that differs between servers, clients, and a domain controller can throw applications like Exchange, who depend upon Active Directory for information, for a loop.  In Windows 2008 R2 (and Windows 7), the /setsntp and /querysntp switches of NET TIME are deprecated.  W32TM.exe provides similar functionality that NET TIME provided when it came to configuring domain controllers as a primary time source. W32TM is not terribly intuitive, but I did get enough information to get my Windows 2008 R2 domain controller updated and again updating the time of the resources in my domain. If you are wondering how to set this up – here are a few steps to help you out. 1. Use W32TM to configure the peer list and then update the configuration.  In this case, I am using a…

This week I was in Las Vegas for the Exchange Connections Conference.  Traveling usually isn’t too much of a hindrance anymore of the availability of a wireless Internet connection just about everywhere you go.  The only downfall is that most public places, particularly hotels, tend to provide Internet access but block non-HTTP traffic in a lot of cases.  For VPN users, this can be a problem and prevent you from accessing the resources that would normal require you to be connected directly to your corporate network. With Windows 2008, the Routing and Remote Access service can now be used as a means for providing access via VPN to corporate resources.  Since SSL is a common protocol and just as common as it’s HTTP counterpart, it is usually accessible. I spent a couple of hours tonight working on creating a SSL VPN solution for my network.  I did get it up…

This can be a bit tricky … and you can either get enough exposure by doing it so many times that you just know what needs to be installed before you start, or you can get through a bunch of steps in the setup before it stops to tell you that the right things aren’t installed and can’t continue. Exchange 2010 requires Windows Server 2008 or Windows Server 2008 R2.  You can use Server Manager to install the Web Server (IIS) role, however, there are many, many pieces to IIS that are broken out into individual components in 2008.  Which ones are required to get you the prerequisites you need to get through the Exchange 2010 installation? Instead, consider using ServerManagerCmd.exe, which is built-in in Windows 2008 to automate the role installation for you.  This command is very useful in installing new components and making sure that you have the…

Not that all my desktops and laptops are running Windows 7, I wanted to get the newest tools for administering my Windows environment, including Hyper-V. It took a little bit of searching, and a lot of the search results pointed to the beta tools or the RSAT for Windows Vista, neither of which will work with the released version of Windows 7. So, if you’re looking for the link, here it is: http://www.microsoft.com/downloads/details.aspx?FamilyID=7d2f6ad7-656b-4313-a005-4e344e43997d&displaylang=en#filelist From there, you’ll find the direct download links to both the x86 and x64 versions of the tools.  Happy administering!