We were having a few SCOM alerts each day to inform us that the anti spam updates that usually come through Windows Update were failing to install on a customers Exchange 2007 server that was running on Windows Server 2008 SP1.

Looking in the c:WindowsWindowsUpdate.log file I could see that there was an error with BITS (Background Intelligent Transfer Service) which Windows Update uses to download updates. This led me to use the bitsadmin tool to see if there was any downloads stuck:

1. Open a command prompt as administrator

2. Type in the following command and press enter:

bitsadmin /list /allusers

3. If there any lines in the output such as the following then we need to reset the jobs:

{04D0B991-54E3-41C4-B475-572D9E31BFE5} ‘WU Client Download’ SUSPENDED 0 / 1 0 / 13352278

To kill off the jobs is not as simple as it seems as even with an administrator account I could not kill off the jobs giving me an unable to cancel error. The task had to be run as system as a scheduled task:

1. Open up notepad and put in the following line:

bitsadmin /reset /allusers

2. Save the notepad file back as a batch file by save as and giving it a name with the extension .bat

3. Open Task Scheduler and create a new task that runs that batch file and put it to run at a certain time or manually.

4. Before the task runs we just need to change the user account that it runs under system by clicking on Change User or Group button, typing in system as object name and clicking on Check Names:

5. Either schedule the job to run or right click on the job and select run now.

Once the job has run then you can again run the bitsadmin /list /allusers and you should get an output showing no jobs:

The update for the Anti Spam updates should then install without any problems and you should no longer receive this alert.

Hope this helps.

Cheers

Paul

A customer recently had an issue where the Microsoft Exchange Information Service and the Exchange Transport service would fail to start after a reboot. While investigating this issue, we noticed the following events in the Application log:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7022
Description:
The FSCController service hung on starting.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7001
Description:
The FSEIMC service depends on the FSCController service which failed to start because of the following error:
After starting, the service hung in a start-pending state.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7001
Description:
The Microsoft Exchange Transport service depends on the FSEIMC service which failed to start because of the following error:
The dependency service or group failed to start.

Solution:

Ensure Service Pack 2 is installed for Forefront Security for Exchange Server

When using Forefront Protection for Exchange, a legitimate sender gets the following bounce back when trying to e-mail you:

“550 5.7.1 :127.0.0.3:Client host … blocked using 88.blocklist.zap; Mail from IP banned. To request removal from this list please forward this message to delist.forefront@messaging.microsoft.com”

If you are sure that the sender is legitimate and trusted, mail from the senders domain can be allowed by completing the followings solution.

Solution:

Add the IP address of the remote domain to the “IP Allow List” on your Edge servers. (This IP can be found in the NDR or by contacting the remote party):

We began receiving alerts from our SCOM 2007 R2 server that daily summary reports were failing to create on a TMG box shortly after installing TMG SP1.

Solution:

Run the “fixsqlserverlogin.vbs” script from the “Installing Forefront TMG SP1” TechNet article:

http://technet.microsoft.com/en-us/library/ff717843.aspx#fixsqlserverlogin_vbs

I’ve recently been engaged on a project where we have multiple web servers (IIS7.5 on 2008r2 for those interested) which require exactly the same content and configuration (they’re sitting behind a Forefront TMG server using a web farm).  The configuration in IIS for this application happens to be complicated & while I have documented how to configure the servers, doing it over and over will not only be tedious but probably introduce some human error. 

To resolve this issue I implemented IIS 7’s shared configuration and put a process in to replicate the content between web servers.

You will need a domain account (or local account on each web server if your web servers aren’t domain joined) which will be used to access the shared configuration (it only does this – your web applications continue to run under what ever application pool identity you have set) and a file share to store the configuration on.

Assuming you’re at the stage of having a configured web server with the IIS configuration how you want it you need to export the configuration:

1. On the first web server / machine which will host the shared configuration create a directory & share it giving full share and ntfs permissions to the service account created, all other permissions should be removed.
2. In IIS manager on the server with IIS configured as per the previous steps click on the server node in the left pane, then open shared configuration in the right pane, then finally select the export configuration option on the right, store the export in the directory created in step 1, entering an encryption key (this should be recorded as it is needed for all nodes which will be accessing the shared configuration).
3. When exported tick the ‘Enable shared configuration’ box, enter the UNC path to the configuration (eg \machinenameiisconfig) enter the username domainserviceaccount and the password for that account, press apply, you will be prompted for the encryption key provided in step 2.
4. Restart the server to apply configuration, then check IIS is still functioning and the IIS manager can be accessed.

The above steps will reconfigured your already configured web server to work from the shared configuration, now we need to replicate the web content and configure all other web servers to work from the same configuration.

There are several ways of replicating the physical content, DFSR is one option, however I chose not to use it as the content on the web servers is staying static so frequent updates to the other nodes will not be required and it gives the operator responsible for the servers more control over how content updates are deployed.  So instead I used robocopy (which has been built in since Vista / Server 2008) to mirror the content from the configured server to all others (this was executed on the web server to be copied to):

robocopy \configuredwebserverc$inetpubwwwroot c:inetpubwwwroot /MIR

Once the file content was in place two quick steps are required to configure IIS to use the shared configuration:

1. Open IIS manager, click on the server name in the left pane, then select the shared configuration option in the right pane, tick the ‘Enable shared configuration’ box, enter the UNC path to the configuration as specified on the first web server (eg \machinenameiisconfig) enter the username domainserviceaccount and the password for that account, press apply, you will be prompted for the encryption key.
2. Restart the server to apply configuration, then check IIS is still functioning and the IIS manager can be accessed.

This process will replicate all application pools and IIS configuration, however if you have ODBC data sources etc.. (things external to IIS which your web applications are using) then you will need to find a way to replicate these settings as well. 

An important point is how IIS behaves if the configuration becomes unavailable, under Server 2008 (not R2) if the configuration disappears IIS will essentially stop, under R2 the server will detect this, continue working and reconnect when the configuration source comes back online.  You can enable offline files for added resiliency should you require it.

Forefront Threat management Gateway the successor to ISA server 2006 is now RTM and the eval is available for download form the following link above