Problems upgrading #VMWare ESX 4.0 to 4.0 Update 1

This is a bit scary


When attempting to upgrade ESX 4.0 to ESX 4.0 Update 1 (U1), you may experience these symptoms:

  • Upgrade operation may fail or hang and can result in an incomplete installation
  • Upon reboot, the host that was being upgraded may be left in an inconsistent state and may display a purple diagnostic screen with the following error:
    COS Panic: Int3 @ mp_register_ioapic
Who is affected
  1. Customers using VMware vSphere 4 upgrading to ESX 4.0 U1 on HP Proliant systems with a supported version of HP Insight Management Agents running.
  2. Customers running rpm commands on systems from any vendor while upgrading to ESX 4.0 U1.

Exchange 2003 Support Lifecycle

Ohh, check it out .. Mainstream Support Retired: 14/04/2009 TODAY!

As for Exchange Server 2003 Service Pack 2 .. Support ends 12 months after the next service pack releases or at the end of the product’s support lifecycle, whichever comes first .. that is today then!

So Exchange 2003 now goes in to extended support until 08/04/2014

3. What is the difference between Mainstream Support, Extended Support, and online self-help support? (

Support provided

Mainstream Support phase

Extended Support phase

Paid support (per-incident, per hour, and others)



Security update support



Non-security hotfix support

No-charge incident support

Warranty claims

Design changes and feature requests





Requires extended hotfix agreement, purchased within 90 days of mainstream support ending.

Product-specific information that is available by using the online Microsoft Knowledge Base



Product-specific information that is available by using the Support site at Microsoft Help and Support to find answers to technical questions



Note A hotfix is a modification to the commercially available Microsoft product software code to address specific critical problems.

960384: Description of Update Rollup 7 for Exchange Server 2007 Service Pack 1

Well the Exchange team blog says it all:

Yes, it has been only 5 weeks since we shipped the last update roll-up on February 10 and usually our gap between roll-ups is about eight weeks. Since the release of update roll-up 6, we have fixed about 50 issues and wanted to go ahead and provide them to customers.

… The release of the roll-up via Microsoft Update will happen on March 24

So what do we have in this KB.  Well 50 fixes listed in v1.0 and this really is a bug fix release:

  1. 946449 A non-read report message is sent after you perform a “Mark All as Read” operation against unread e-mail messages in Exchange Server 2007

  2. 949113 Unexpected modified instances of a recurring meeting may appear when you use Entourage to access a calendar on a computer that is running Exchange Server 2007

  3. 949114 Duplicate calendar items may appear when you use Entourage to access a calendar on an Exchange 2007 server

  4. 949464 The customized properties are removed in the recipients’ calendars when you send a meeting request that includes customized properties

  5. 950115 When a CDO 1.2.1-based application generates a meeting request that includes some European characters in the message body, these characters appear as question marks in Exchange 2007

  6. 951341  Users cannot read calendar items when they connect Exchange Server 2007 by using certain IMAP4 or POP3 clients

  7. 952778 Event ID 9874 is frequently logged on Exchange Server 2007 with Service Pack 1

  8. 953094 The value in the “Messages queued for submission” performance counter on the mailbox role of Exchange Server 2007 increases after a meeting request is delivered

  9. 954213 All Test commands that are related to the Client Access Server fail when you run the commands on an Exchange 2007 server in a disjoint namespace

  10. 954741 The UseRUSServer parameter does not work if an administrator has specified an RUS server on a target mailbox server

  11. 954898 The LegacyExchangeDN attributes for mail-enabled objects are incorrectly set in an environment that contains Exchange 2003 and Exchange 2007

  12. 955027 The Edgetransport.exe process may crash on a hub transport server that is running Exchange Server 2007 Service Pack 1

  13. 955462 You notice high CPU usage when the IMAP service is running on an Exchange 2007 Service Pack 1 server that has the CAS role

  14. 955778  You receive a Non-Delivery Report (NDR) message when you send an e-mail message to a non-SMTP address in an Outlook client that is using Cached mode

  15. 956069 A Non-Delivery Report (NDR) is generated when an Exchange Server 2007 user tries to send a message to a recipient who has a one-off FAX address that includes any characters that are larger than 0xFF in Unicode

  16. 956205 Corrupted characters appear in the Subject field or in the Location field of a recurring calendar item after a user adds DBCS characters to a field in a meeting occurrence by using an Outlook 2002 client

  17. 956275  An Exchange 2007 sender’s address is split into two separate addresses when an external recipient replies to the message

  18. 956455 The display name appears in a received message even though the property of the user mailbox is set to “Hide from Exchange address lists” in Exchange Server 2007

  19. 956687 Messages stay in the submission queue after you enable per-mailbox database journaling in an Exchange Server 2003 and Exchange Server 2007 coexisting environment

  20. 957019 Images cannot be pasted in an Exchange Server 2007 Outlook Web Access message body

  21. 957071 The MSExchange Transport service may crash intermittently on the Exchange 2007 server

  22. 957124 do not receive an NDR message even though your meeting request cannot be sent successfully to a recipient

  23. 957227 The Exchange Management Console crashes when one or more domain controllers of a top-level domain are not reachable

  24. 957485 The Test-OwaConnectivity command returns a warning message in Exchange Server 2007 when there is a disjoint namespace

  25. 957504  The IMAP4 service crashes intermittently, and Event ID 4999 is logged on Exchange Server 2007

  26. 957683  An IP Gateway can still be used to dial out for a “Play on Phone” request after the IP Gateway is disabled

  27. 957834 Network shares are deleted and created intermittently by the replication service on an Exchange SCC cluster when SCR is enabled on the Exchange server

  28. 957947 The Exchange Information Store service may crash when an Entourage client synchronizes with an Exchange 2007 server

  29. 958091 You cannot update the task complete percentage to any value other than 0 or 100 in Outlook Web Access

  30. 958093 Voice mail messages are not stamped with the disclaimer that is defined in the transport rule in an Exchange Server 2007 environment

  31. 958128 Replication messages stay in a queue in a retry state after a public folder database is dismounted

  32. 958331 The Restore-StorageGroupCopy command may fail in an Exchange Server 2007 SCR environment

  33. 958444 ( ) Event 522 is logged when replication is resumed on a suspended Storage Group on an Exchange Server 2007 CCR or SCR environment

  34. 958472  An unexpected text string appears at the top of the message body when an Exchange Server 2007 user sends an HTML message by using Outlook Web Access

  35. 958552 The ByteEncoderTypeFor7BitCharsets setting does not take effect for the US ASCII character set after you install the hotfix that is mentioned in Microsoft Knowledge Base article 946641

  36. 958638 Exchange 2007 Server cannot parse X-Priority headers from clients that submit X-Priority headers that contain additional comments

  37. 958803 The EdgeTransport.exe process may stop responding in Exchange Server 2007 when the priority queuing feature is enabled

  38. 958872 The Map This Address feature in the contact page for an OWA client does not work in Exchange Server 2007

  39. 959100 Exchange Server 2007 cannot route e-mail messages to mail enabled Non-MAPI public folders that are hosted on an Exchange Server 2003 server

  40. 959135 ( ) Event 9673 occurs when the Microsoft Exchange Information Store service crashes on a computer that is running Exchange 2007 with Service Pack 1

  41. 959397 An increase in database size is generated unexpectedly when IMAP4 users use a Copy command in Exchange 2007

  42. 959434 The last logon time is not updated to reflect the logon times that have occurred after users log on to their mailboxes by using the Entourage client in an Exchange 2007 environment

  43. 959545 A redirection message in Outlook Web Access 2007 is incorrect when the message is translated to Korean

  44. 959671 The Manage Mobile Devices option is not displayed in Exchange Management Console after a mobile device re-synchronizes with an Exchange 2007 server

  45. 959952 The Set-Mailbox command does not change the AutomateProcessing attribute for an Exchange Server 2007 user when a regular user mailbox is converted from a room mailbox

  46. 960291 Outlook Web Access or an Exchange Web Service application does not correctly display a monthly or yearly recurring appointment or meeting request

  47. 960292 The MSExchangeIMAP4 service may crash intermittently after you apply an update rollup for Exchange Server 2007 Service Pack 1

  48. 960349 ( ) The Exchange Information Store service may crash after you enable tracing for the logon actions

  49. 961281 An error is returned when you enable SCR from any source in a child domain after you install Exchange Server 2007 Service Pack 1 Rollup 5

  50. 961395 The Exchange 2007 Unified Messaging server does not update the caller information if an external user makes a call

So I’ll keep an eye out for any additions to the list, but I can see potential “issues” in the environment I am currently working on :-o … and what’s the betting SP2 is only round the corner now too !

Oh nearly forgot check out too

Hyper-V, SCVMM and Windows 2008

this is kinda interesting, migrated from a VmWare Server Proof of Concept to Hyper-V (by rebuild it from scratch).  As part of this we used System Centre Virtual Machine Manager (SCVMM) templates.

So everything is going fine, but since the tail end of last week strange things started to happen.  Nothing was logged in any event log, but it started with weird authentication issues and general strange behaviour of Windows 2008.

After using netmon and turning on debug logging for netlogon, it looked like kerberos problem, so Neil done some digging.  First he created a 64bit Windows 2008 server from media and it all worked okay.  So then Neil templated it, and built another server from the template and it had the same problems as before :-|  He tried a few more and they all had the old problems, whereas a clean media build worked?

Don’t ask me, dunno what the hell is going on with SCVMM but it looks like some kind of undocumented feature or a step that is required before you template.

So note to self, if your using SCVMM dont template Windows 2008, just build it from media

Exchange 2007 Continuous Replication and Circular Logging

I want to thank Neil for finding this. So in my lab I have a CCR cluster want just wanted to enable circular logging … I just couldnt get it work, looks like I missed a step :-o

You can combine circular logging with continuous replication. In this configuration, you have a new type of circular logging called continuous replication circular logging (CRCL), which is different from the ESE circular logging described earlier in this topic. Whereas ESE circular logging is performed and managed by the Microsoft Exchange Information Store service, CRCL is performed and managed by the Microsoft Exchange Replication Service.

When enabled, ESE circular logging does not generate additional log files and instead overwrites the current log file when needed. However, in a continuous replication environment, log files are needed for log shipping and replay. As a result, when you enable CRCL, the current log file is not overwritten and closed log files are generated for the log shipping and replay process. Specifically, the Microsoft Exchange Replication Service manages CRCL so that log continuity is maintained, and logs are not deleted by the log deleter if they are still needed for replication. Therefore, enabling CRCL should not negatively affect replication.

In the release to manufacturing (RTM) version of Exchange 2007, combining circular logging with cluster continuous replication (CCR) or local continuous replication (LCR) is supported. However, we do not recommend this because it does not allow a roll-forward recovery after a backup has been restored. Exchange 2007 Service Pack 1 (SP1) also allows storage groups in a CCR, LCR or standby continuous replication (SCR) environment to have circular logging enabled. However, this practice is also not recommended for the reason indicated previously. When enabled in either of these environments, the functionality is CRCL and not ESE circular logging (also known as Joint Engine Technology (JET) circular logging). In a CCR, LCR, or SCR environment, you should always use the following process to enable or disable circular logging:

  1. Suspend continuous replication by using the Suspend-StorageGroupCopy cmdlet.
  2. Enable or disable circular logging. For detailed steps about how to enable or disable circular logging, see How to Enable or Disable Circular Logging for a Storage Group. (
  3. Dismount and then mount the database in the storage group that is being enabled or disabled for circular logging.
  4. Resume continuous replication by using the Resume-StorageGroupCopy cmdlet.

For storage groups in an LCR environment, before running the Enable-StorageGroupCopy cmdlet to turn on LCR for a storage group, you must make sure that the current circular logging setting is detected and utilized by the Microsoft Exchange Information Store service by dismounting and then mounting the database in the storage group. While the Microsoft Exchange Information Store service requires that you dismount and then mount the database to detect and utilize the configuration change, the Microsoft Exchange Replication service is able to detect and utilize the configuration change dynamically and without any restart. Therefore, if the preceding procedure is not performed, a database can end up in a situation where the Microsoft Exchange Replication service considers circular logging to be off (or on) while the Microsoft Exchange Information Store service considers circular logging to be in the opposite state. This can result in log files being truncated prematurely.

Exchange 2007 Self Signed Certificate

Couldn’t work out why my Outlook stopped working, then i worked it out .. the damm self signed cert has expired … (has it been a year already!)

So my thanks Bharat for this: but I had to add some stuff to get it work properly!!!

[PS] C:PS>Get-ExchangeCertificate

Thumbprint                                Services   Subject
———-                                ——–   ——-
B21AF4199919173F7A4D836ECE00F484EFD2E270  …W.,…
5C31EA83FC2FFE67B2BAB2136B7BC471B1C74038  IP…      CN=MSX, DC=flaphead, DC…
417E5CED6161B185A122839911E13FB4CCD82C24  IP..S      CN=msx

[PS] C:PS>Get-ExchangeCertificate -DomainName

Thumbprint                                Services   Subject
———-                                ——–   ——-
B21AF4199919173F7A4D836ECE00F484EFD2E270  …W.,…

[PS] C:PS>Get-ExchangeCertificate -DomainName | fl

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System
CertificateDomains : {}
HasPrivateKey      : True
IsSelfSigned       : False
Issuer             : CN=MSX, DC=flaphead, DC=local
NotAfter           : 17/01/2009 10:46:55
NotBefore          : 17/01/2008 10:36:55
PublicKeySize      : 1024
RootCAType         : Registry
SerialNumber       : 610843C8000000000002
Services           : IIS
Status             : DateInvalid
Subject            :, OU=Flaphead, O=Flaphead, L=London,
                      S=London, C=GB
Thumbprint         : B21AF4199919173F7A4D836ECE00F484EFD2E270

So you need to find the old cert and create a new one

[PS] C:PS>Get-ExchangeCertificate -DomainName | New-ExchangeCertificate –PrivateKeyExportable $True

Overwrite existing default SMTP certificate,
‘417E5CED6161B185A122839911E13FB4CCD82C24’ (expires 02/12/2008 20:22:37), with
certificate ‘581F669862218D36C2209DE47C899D4C758B352C’ (expires 17/01/2010
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help
(default is “Y”):a

Thumbprint                                Services   Subject
———-                                ——–   ——-
581F669862218D36C2209DE47C899D4C758B352C  …..      C=GB, S=London, L=Londo…

Now you need to enable it

[PS] C:PS>Enable-ExchangeCertificate -Thumbprint 581F669862218D36C2209DE47C899D4C758B352C -Services IIS

Sweet, now test.  I had to log on to OWA to check the cert.  I then added it to my trust root via IE.  After this Outlook worked okay!

Once your happy you can remove the old one BUT As I am a cheap skate, I need to upload the cert to my windows mobile device too … maybe I should look at getting a proper cert :-| to the theory goes that you need to export the cert

[PS] C:PS> Export-ExchangeCertificate -Path c:export.pfx -Thumbprint  AA7368BEC3BCEED86308B0EDE73368F71A02DD06 -BinaryEncoded:$true -Password:(Get-Credential).password

But this didn’t work when I added the cert to my WM6 device, agggggggghh :-o so using IIS admin I checked the Microsoft-Server-ActiveSync virtual directory and made sure the cert was okay (I had to import the exported cert to the certificate root).  Then I went to the default website and exported the cert to disk and imported that to my WM6 device.  Result at last, back to normal …. just need to remember these steps next year!!!

Note to self, install isa and get a commercial cert!

Backing up Exchange 2007 on Windows 2008

Yeah, yeah I know it’s not supported and doesn’t work out of the box, but hey just got it to work, and it was dead simple.

Basically get hold of the 64bit versions of ntbackup.exe, ntmsapi.dll, and vssapi.dll from a Windows 2003 server.

Now create folder on a Windows 2008 server that has the mailbox role installed and copy the files to it.

Now just run ntbackup.exe … sweeeeeeeeeet it works and can see the Information Stores!

Check out these two links for any more info:–Exchange-Server-2007–NO-SUPPORTED.aspx


Damm you Sacl right ;-)

This is just for me ;-) to remind me AGAIN about these errors: 

Event Type: Error
Event Source: MSExchange ADAccess
Event Category: Topology
Event ID: 2114
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=2908). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, “Microsoft LDAP Error Codes.” Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers.

Event Type: Error
Event Source: MSExchange ADAccess
Event Category: General
Event ID: 2501
Process MSEXCHANGEADTOPOLOGY (PID=2908). The site monitor API was unable to verify the site name for this Exchange computer – Call=HrSearch Error code=80040a01. Make sure that Exchange server is correctly registered on the DNS server.

 Event Type: Warning
Event Source: MSExchange ADAccess
Event Category: General
Event ID: 2601
Process MSEXCHANGEADTOPOLOGY (PID=2908). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account – Error code=80040a01.
 The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.

Event Type: Information
Event Source: MSExchange ADAccess
Event Category: Topology
Event ID: 2080
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=2908). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
 (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
ds1.server.local CDG 1 7 7 1 0 0 1 7 1
dc2.server.local CDG 1 7 7 1 0 0 1 7 1

Fix … add the server to the Exchange Servers Group and reboot the server