Friday, March 27, 2015

Configure exchange DAG server in DR to not auto activate

If you have a DAG server in a DR site and you don't want the databases to automount in the event of a failover set the server to intrasite only.

Set-MailboxServer -Identity EXDR01 -DatabaseCopyAutoActivationPolicy IntrasiteOnly 


To confirm this, run 


Get-MailboxServer EXDR01 | Select DatabaseCopyAutoActivationPolicy






You should be told the server auto activation is set to Intrasite only.






To set it back to auto run 


Set-MailboxServer EXDR01 -DatabaseCopyAutoActivationPolicy Unrestricted






If you re-run the get command you will now see it is set to unrestricted.


















Posted by



at





1 comment:
  







































          

        

          

        

Wednesday, March 25, 2015


          

        









Exchange DAG getting split?










I had an incident where the DAG was telling me all my servers were offline.  I was not able to mount or move any databases.  I ended up running these commands:



From each DAG member run

net stop clussvc

then cluster (dagname) node  /forcecleanup



After the cleanup is complete on each dag member remove the nodes from cluster manager.



After that you need to re-add the servers back to the DAG



Start-DatabaseAvailabilityGroup -identity (dagname) -mailboxserver (servername)



after that the databases should mount and come back online. 









Posted by



at





No comments:
  

































          

        

          

        

Tuesday, March 10, 2015


          

        









SQL Backdoor










An
actual backdoor into SQL Server does exist that does not require restarting
and/or rebooting anything into single-user mode. I have done this on systems
where I did not have access but needed to check stuff.



Download PSexec tools from here. Place this on the server and then in a command
prompt execute this command:psexec -i -s SSMS.exe, or sqlwb.exe



This will open up SSMS as the system account that has sysadmin access to the
instance of SQL Server. This is done during installation of SQL Server, however
I have heard that this will not be so with SQL 2012.













Posted by



at





No comments:
  









































Script to unexpire/expire a password










Running this expires a password allowing a logged on user to change their password if you have domain requirements needing a certain number of days between password changes. 



$User = Get-ADUser user.name -properties pwdlastset

$user.pwdlastset = 0

Set-ADUser -instance $user



If a user has had their password expire, this script will unexpire it:



$User = Get-ADUser user.name -properties pwdlastset

$user.pwdlastset = -1

Set-ADUser -instance $user



This is handy if your domain security requires you to wait a day between password changes.  So if your user forgets their password and you change it, normally they would need to wait a day to change it again.  Instead run the script with the "0" setting once they are logged on and they can change their password.









Posted by



at





No comments:
  

































          

        

          

        

Wednesday, March 4, 2015


          

        









Script to dump IIS logs from exchange 










Running this will delete files older than 7 days:

You may also need to run it against w3svc2 as well



forfiles /p "C:\inetpub\logs\LogFiles\W3svc1" /s /m *.* /c "cmd /c Del @path" /d -7












Posted by



at





No comments:
  

































        

      









Subscribe to:
Posts (Atom)