| Sys Admin Extraordinaire |

2011-01-10 Updated

2008-12-11 Original post

Tested on Microsoft Cluster Server - Windows Server 2003 R2 Enterprise Edition, SP2 and Exchange Server 2003 Enterprise Edition, SP2 for both Windows and Exchange hotfixes.

These are my simplified instructions based on the instructions from How to apply Exchange service packs and hotfixes. I’ve only used this for updating hotfixes since both Windows Server 2003 and Exchange Server 2003 have not had any service packs out since SP2.

I’ve used the steps below to update a two-node active/passive cluster in production and test environments with no issues. I used http://update.microsoft.com and selected the custom option. Change the node names to suite your configuration.

Prior to any updates to a cluster you should fail over the active node to verify that failover works properly. There isn’t really a technical requirement to perform the failover, but you should perform the failover to ensure that the passive node is working properly before running any updates. This is included in the steps below.

1. Check the event logs on both nodes for errors and ensure proper system operation.
2. Make system state backups of both nodes and make a full or incremental backup of all Exchange stores.
3. In Cluster Administrator, right-click on NODE-01 --> click on Stop Cluster Service. This will automatically start the failover of all cluster groups/resources over to NODE-02.
4. Check the event logs on both nodes for errors and ensure proper failover and system operation before continuing.
5. In the services applet on NODE-01, set Cluster Service to disabled.
6. Before installing any updates, make a note of exactly which updates were installed on the first node so that only those same exact updates are later installed on the other node. You can copy and paste the list of updates from the Microsoft Update screen into a text file and then use the FC command to compare the file from the first updated node to the file from the last updated node. Here's an example command to compare two files:  C:\>FC X:\File1.txt X:\File2.txt. You can install updates directly from a file or from http://update.microsoft.com. Install Windows and Exchange updates on NODE-01 and then reboot the node as necessary. Repeat this step after the reboot until all updates are installed. That is necessary because some updates require that others be installed first. Microsoft Update will show the Exchange updates with the word “Cluster” at the end, showing that it understands that the server is part of a cluster. You’ll get a lot of prompts for the Exchange updates, so don’t walk off during the updates.
7. Check the event log on NODE-01 for errors. If you find any errors, troubleshoot them before continuing.
8. In the services applet on NODE-01, set Cluster Service to automatic.
9. Reboot NODE-01 one last time.
10. In Cluster Administrator, right-click on NODE-02 --> click on Stop Cluster Service. This will automatically start the failover of all groups/resources over to NODE-01.
11. Check the event logs on both nodes for errors and ensure proper failover and system operation before continuing.
12. In the services applet on NODE-02, set Cluster Service to disabled.
13. Install Windows and Exchange updates on NODE-02 and then reboot the node as necessary. Repeat this step after the reboot until all updates are installed.
14. Check the event log on NODE-02 for errors. If you find any errors, troubleshoot them before continuing.
15. In the services applet on NODE-02, set Cluster Service to automatic.
16. Reboot NODE-02 one last time.
17. Check the event logs on both nodes for errors and ensure proper system operation. You’re done.

2010-12-09 Original Post

This is a registry update file to make the changes mentioned in How to enable the Security tab for the organization object in Exchange 2000 and in Exchange 2003 (KB 264733, Q264733). I don't know why MS doesn't include the .reg file with all their KBs. It doesn't take long for me to create my own for something this simple, but still, I have to spend some time to create it and test.

Windows Registry Editor Version 5.00

; Created by SysAdmin-E.com 2010-12-09 for Exchange Server 2003
; This is a PER USER setting under the HKCU key that will enable display of the security tab for the Org, Admin Groups, and Storage Groups.
; Based on instructions from http://support.microsoft.com/kb/264733:
;  By default, the Exchange System Manager does not display the Security tab when you view the properties of the Organizational object.
;  To view the Security tab, you must enable it by editing the registry.
; Make sure you've opened up ESM at least once, per "Microsoft Exchange Server 2003 Advanced Administration" by J. McBee, May 2006.
; You do not need to close or reopen ESM--the change is dynamic.
[HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin]
"ShowSecurityPage"=dword:00000001

				

2010-10-20 Initial Post

Exchange Server 2003 SP2, Windows Server 2003 SP2 AD

I ran into an issue at work the other day which was new to me and I didn’t really find any good documentation either on the Internet or at work, so I did some testing and wrote up a procedure to get around the issue. The issue has to do with the Associated External Account feature. Basically, that feature is used to grant permission to a mailbox in a cross-forest account/resource forest setup. If both of a user's accounts in the account and resource forest are enabled (not MS recommended), he will not be able to access other users'  Outlook folders or Outlook public folders unless a special procedure is followed.

I'm going to give an account of my testing scenario and will not be going into a lot of background details, so refer to the articles on MSExchange.org and MS TechNet for background info on the Associated External Account feature. The issue can be really confusing, so I don't expect anyone to follow it easily, but if you're reading this, then that means you might have run into the same issue and will understand what I'm describing. (more…)

2010-08-26 Initial post

This issue happened a few weeks ago and I had to contact MS support because I could not find a solution for it. It turns out that MS has the fix in KB 938650 (A meeting update message or a meeting cancellation message from an Exchange 2003 user is not delivered to an Exchange 2007 user). Although the KB specifically mentions an issue between Exchange Server 2003 and 2007, the description of the issue closely matched my issue.

My issue was between Exchange Server 2003 and IBM Lotus Notes (I'm not sure of the exact version of Notes since it's an external system). The MS tech told me that the KB fix would apply to my case as well, even though he was only able to find a mention of Lotus Domino having this issue. This fix might also apply to other e-mail systems such as Novell GroupWise. I did ask the MS tech to request that the KB be updated to mention that other systems besides Exchanges Server 2007 might have the issue. I would have found the KB on my own if it had "Lotus Notes" mentioned in there. (more…)

2010-07-06 Initial Post

Exchange Server 2003 SP2, Windows Server 2003 SP2 AD

These are the AD attribute names for common mailbox size limit settings. You can use these attributes in a script to make changes or view current settings. (more…)