Archive for January, 2011

Migrating Small Business Server 2003 to Small Business Server 2008 (SBS 2008)

Posted in Microsoft Exchange, Small Business Server on 2011/01/11 by CRCerr0r

I recently installed a Small Business Server 2008, migrating content and mailboxes from a Small Business Server 2003 installation. I came across a few issues that I thought would post here in case they are helpful to someone else…

Issue 1:

BlackBerries (through Verizon Wireless) stopped getting mail after the upgrade was complete. iPhones and Android phones did not have issues, just BBs. “Peeling the onion” I realized that BlackBerry uses the Outlook Web Access URL to login to the mailbox and get mail, while the iPhones and Android phones use Microsoft ActiveSync (as ALL normal modern devices should). The problem lies in the fact that the URL changed from https://SERVER-URL/Exchange in Exchange 2000 (on SBS 2003) to https://SERVER-URL/owa in Exchange 2007 (on SBS 2008). The Blackberries apparently keep trying the old URL and fail miserably.

After many calls to Verizon and BlackBerry Technical Support and predatory forcing of data plan upgrades the BBs still did not get connected. In the BlackBerry web site they would get setup, but eventually the little check mark next to the mail profile would turn into a circle with a cross through it. So I gave up that route.

I decided to set them up with an IMAP profile. One of the devices setup without issues after I enabled the IMAP client access on Exchange and created a Client Mail connector for them to be able to send mail. The other device failed with an error “This POP server is not supported as it does not have sufficient capabilities. Please try a different POP server.”. Very helpful. 😦 Afer more calls to Verizon and more changed to the plan and asking me to force a “routing table update” on the phone and blah, blah, blah, still nothing. So I decided to see if the same account would be able to setup the mailbox for the device that worked. It did. So it was not the BlackBerry service, or the account plan or none of that nonsense. It had to be something with that mailbox.

I tried setting it up through Outlook thinking that it would give me a little more sensible error. It didn’t… But I thought I’d share what Outlook gave me in case someone else comes across the same error:

Connection is closed. 15
Protocol: IMAP
Server: SERVER-URL.com
Port: 993
Error Code: 0x800CCCDD

So I proceeded… I followed this article to enable IMAP logging (by the way this article has a really nice explanation of Exchange 2007 logs) and then tried again. Here is the result:

2011-01-11T12:45:11.464Z,,0000000000EA8015,0,192.168.1.10:993,99.35.169.191:50126,+,,
2011-01-11T12:45:12.010Z,,0000000000EA8015,1,192.168.1.10:993,99.35.169.191:50126,>,* OK The Microsoft Exchange IMAP4 service is ready.,
2011-01-11T12:45:12.135Z,,0000000000EA8015,2,192.168.1.10:993,99.35.169.191:50126,<,1 LOGIN FLAST *****,
2011-01-11T12:45:12.135Z,,0000000000EA8015,3,192.168.1.10:993,99.35.169.191:50126,*,,”User FIRST LAST Server name SERVER.DOMAIN.local, version 1912701168, legacyId /o=First Organization/ou=first administrative group/cn=Recipients/cn=FLAST
2011-01-11T12:45:12.151Z,,0000000000EA8015,4,192.168.1.10:993,99.35.169.191:50126,>,1 OK LOGIN completed.,
2011-01-11T12:45:12.197Z,,0000000000EA8015,5,192.168.1.10:993,99.35.169.191:50126,<,2 CAPABILITY,
2011-01-11T12:45:12.197Z,,0000000000EA8015,6,192.168.1.10:993,99.35.169.191:50126,>,* CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN IDLE NAMESPACE LITERAL+,
2011-01-11T12:45:12.197Z,,0000000000EA8015,7,192.168.1.10:993,99.35.169.191:50126,>,2 OK CAPABILITY completed.,
2011-01-11T12:45:12.244Z,,0000000000EA8015,8,192.168.1.10:993,99.35.169.191:50126,<,3 SELECT INBOX,
2011-01-11T12:45:12.260Z,,0000000000EA8015,9,192.168.1.10:993,99.35.169.191:50126,>,”3 BAD Duplicate folders Drafts, Journal, Notes, Tasks were detected in the mailbox. Therefore the user’s connection was disconnected.“,
2011-01-11T12:45:12.260Z,,0000000000EA8015,10,192.168.1.10:993,99.35.169.191:50126,>,* BYE Connection is closed. 15,
2011-01-11T12:45:12.260Z,,0000000000EA8015,11,192.168.1.10:993,99.35.169.191:50126,-,,Local

So that was great! Easy fix! The user did indeed have those duplicate folders and after deleting them in Outlook (it only lets you delete the ones that are not needed) the account setup fine through BlackBerry.com. 🙂

Issue 2:

Outlook keeps popping up an authentication prompt. This one I am almost certain I have solved (if there is more, I will update the post). It seems the users were getting the prompt almost every 5 min. It was saying “Welcome back to remote.external-server-url.com” I saw a lot of 401.1 and 401.2 errors in the IIS logs of the SBS Web Applications web site. In addition, the Outlook Autodiscover test was throwing a 0×80040413 erro error… After some digging I came across this post that pointed to Rollup 9 for Service Pack 1 for Exchange 2007. Since SP 2 is already out, I just downloaded that and installed it. If you do have to do that on a SBS 2008 server, you also need to download this tool and use IT to install or otherwise your install will fail.

Also, keep in mind that the SP install tool has a few known issues (see the KB article of the installation tool) like resetting SSL on the default web site and apparently (which was not documented, but I experienced first hand) it resets the logging configuration for IMAP (enabled in the C:\Program Files\Microsoft\Exchange Server\ClientAccess\PopImap\Microsoft.Exchange.Imap4.exe.config) and the X.509 Certificate Name in the Server Configuration – Client Access – POP3 and IMAP4 – IMAP4 – Authentication tab to the default server.domain.local certificate name. Bummer.

Issue 3:

QuickBooks Database Server Manager does not start. Well, apparently it is not meant to run on a Windows 2008 server. After installing it it copied all the files and created/updated a QBDataServiceUSer20 user account, created the QuickBooksDB20 service, but it failed to make sure the NTFS permission on the .\Program Files\Intuit\QuickBooks 2010 are properly setup so the QBDataServiceUSer20 user has access to it. It does not by default… So if you try to start it it fails with “The system cannot find the file specified”. Updating the permissions and opening the appropriate ports (TCP 55338, 8019, 10180) takes care of the issue.

Issue 4:

Installing SQL 2008 Standard on the SBS 2008 Premium server fails with “rule “SQL Server 2005 Express tools” failed. The SQL Server 2005 Express tolls are installed. To continue, remove the SQL Server 2005 Express Tools”. After some digging and looking at some posts on similar issues it turns out renaming the

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Microsoft SQL Server\90\Tools\ShellSEM key

to

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Microsoft SQL Server\90\Tools\ShellSEM.old

solves the issue. Oddly enough, the setup log shows this key being the culprit:

2011-01-15 12:35:25 Slp: Sco: Attempting to create base registry key HKEY_LOCAL_MACHINE, machine
2011-01-15 12:35:25 Slp: Sco: Attempting to open registry subkey
2011-01-15 12:35:25 Slp: Sco: Attempting to open registry subkey SOFTWARE\Microsoft\Microsoft SQL Server\90\Tools\ShellSEM
2011-01-15 12:35:25 Slp: Rule ‘Sql2005SsmsExpressFacet’ detection result: SQL 2005 Ssms EE installed=True
2011-01-15 12:35:25 Slp: Evaluating rule        : Sql2005SsmsExpressFacet
2011-01-15 12:35:25 Slp: Rule running on machine: SERVER_NAME
2011-01-15 12:35:25 Slp: Rule evaluation done   : Failed
2011-01-15 12:35:25 Slp: Rule evaluation message: The SQL Server 2005 Express Tools are installed. To continue, remove the SQL Server 2005 Express Tools.

But I think because the box is 64-bit the key is masked.

 

Hope this helps someone out there and saves them a few hours of hair pulling. 🙂