Tuesday, February 04, 2014

Getting an Exchange Database into a Clean Shutdown State using Eseutil

So you’ve just restored an Exchange database, and now you are trying to mount it. To your surprise, you are getting an error similar to the following:
Couldn’t mount the database that you specified. Specified database: DB2; Errorcode: An Active Manager operation failed. Error: The database action failed. Error: An error occurred while trying to select a database copy for possible activation. Error: The database ‘DB2′ was not mounted because errors occurred either while validating database copies for possible activation, or while attempting to activate another copy. Detailed error(s):
An Active Manager operation failed. Error: Operation failed with message: MapiExceptionCallFailed: Unable to mount database. (hr=0×80004005, ec=-550)
Before you can mount a database restored from a backup, it needs to be in a clean shutdown state. You can use the Eseutil tool to check whether a database is in a clean shutdown state – if it is not in a clean shutdown state you can perform a repair to get the database into consistency.

Soft Recovery using Eseutil

The first thing you want to do is verify that the database is in a dirty shutdown state. We can do this using the eseutil /mh command. For example:

The output from the above command shows us that the database is dirty shutdown:

We can also see from the output, under Log Required, the database is missing a transaction log. We can replay log files into the database (as long as they exist) to get the database into consistency. To do this, we use the following syntax with eseutil:
eseutil /r /l /d
For example, my log file prefix is E02, and my database and logs are stored in G:\E_\Program Files\Microsoft\Exchange Server\V14\Mailbox\DAGDB1 . Here is a screen shot of the command:

When this repair is complete, I can run the eseutil /mh command again to verify that the database is in a clean shut down state:

At this point, I’ll be able to mount the database. This will almost always work when you restore a database from a Windows Server Backup, but there may be times when this doesn’t work and you need to perform a hard repair.

Performing a Hard Repair

Performing a hard repair using eseutil /p will check the database for any damaged pages; if it finds any, it will delete them. Make sure that you can live without any data inside the database before doing a hard repair, because you may lose data. Also, make sure you have twice as much free space as the size of the database before doing a hard repair – this is required for the temporary database that will be created.
To perform a hard repair, use the eseutil /p command, as shown here:

Once this completes, you can use the eseutil /mh command to verify the database is clean shutdown.

Tuesday, July 16, 2013

Redirection Folder My document From GPO

The following instructions work for redirecting My Documents/Documents. I cannot guarantee it will work for other redirected folders but it follows the same pattern so there is no reason why it shouldn't.

When setting up the root folder for redirected folders:

Setting the NTFS permissions
Create the folder in the required location (ie. E:\Users)
Disable inheritance of permissions from the parent and remove all inherited permissions by clicking the appropriate button.
One entry will already be in the DACL: Local Administrators.
  1. Alter Local Administrators: Full Control: This folder, subfolders and files
  2. Add SYSTEM: Full Control: This folder, subfolder and files.
  3. Add CREATOR OWNER: Full Control: This folder, subfolders and files.
  4. Add Authenticated Users: List folder / read data, Create folders / append data: This folder only
  5. Add Domain Admins: Full Control: This folder, subfolders and files.
  6. Click OK.
These permissions grant users the ability to create their redirected folder in the root folder but not the ability to browse the contents of other people's folders. Best practice dictates that you should allow the redirected folder locations to create themselves as users log on.

Create the share and add share permissions
Share the root folder created earlier as \\SERVER\Users (or if you want to hide it, \\SERVER\Users$\
Adjust the share permissions as follows:
  1. Remove Everyone
  2. Grant Authenticated Users Full Control
  3. Grant Domain Admins Full Control (Not necessary but useful for completeness)
Configure the GPO
  1. Open Group Policy Manager
  2. Create a new GPO or edit your existing one.
  3. Expand User Configuration > Policies > Windows Settings > Folder Redirection
  4. Right-click My Documents/Documents and click Properties.
  5. Choose Basic - Redirect everyone's folder to the same location
  6. Under Target folder location choose Create a folder for each user under the root path
  7. Set the Root Path: to \\SERVER\Users
  8. As you type, you will see an example location listed to show you how the folders will be created as users log on.
  9. On the Settings tab, uncheck Grant the user exclusive rights to Documents
  10. Under Policy Removal, select your preferred option depending on your requirements.
  11. Link the GPO at the appropriate OU.
Despite assurances from Microsoft in another article, granting users exclusive rights to My Documents in the GPO will stop you from being able to access the contents of a users' folder. Probably not good for backup!

Friday, May 10, 2013

Configuring HP-UX 11i for the HP LeftHand SAN



Follow these steps to configure the iSCSI initiator, incl
uded in the installation of HP-UX 11i, to use with
the HP LeftHand SAN.
Step 1: Verify the iSCSI initiator is running
To verify that the iSCSI initiator is running
, in HP-UX 11i execute the following command:
iscsiutil –l
This returns something similar to the following:
Initiator Name :
iqn.1986-03.com.hp:hpntc916.Z3e113981e2afd927
Initiator Alias :
Authentication Method :
CHAP Method : CHAP_UNI
Initiator CHAP Name :
CHAP Secret :
NAS Hostname :
NAS Secret :
Radius Server Hostname :
Header Digest : None,CRC32C (default)
Data Digest : None,CRC32C (default)
SLP Scope list for iSLPD :
Use the initiator node name (shown here in bold) to register the server in the CMC as detailed
in the
HP SAN/iQ Software Users Guide
.
Step 2: Add the discovery target address
To add the discovery target address or addresses,
run the following command using the virtual IP
(VIP) address in the cluster:
iscsiutil –a –I (Virtual IP)
(Note that there is no confirmation output of this command.)
2

Step 3: Confirm connection to volume targets
Run the following command to ensu
re that the initiator was able to establish a connection to
the volume targets:
iscsiutil –p –D
This returns discovery target informatio
n, which looks similar to the following:
Discovery Target Information
----------------------------
Target # 1
-----------
IP Address : 10.160.32.21
iSCSI TCP Port : 3260
iSCSI Portal Group Tag : 1
User Configured:
----------------
Authentication Method :
CHAP Method : CHAP_UNI
Initiator CHAP Name :
CHAP Secret :
Header Digest : None,CRC32C (default)
Data Digest : None,CRC32C (default)

 In this example, there are 1 volumes.
Note:
The iSCSI sessions were not configured us
ing CHAP, SLP, or any form of digest.
For information on these options, use the
HP SAN/iQ Software Users Guide
and the
iscsiutil
man pages.
Step 4: Confirm HP SAN/iQ

Software volumes
To confirm that HP-UX has operating HP SAN/iQ
Software volumes, and to discover the logical
device files for the targets,
enter the following command:
ioscan –fnH 255
This command returns something similar to the following:
Class I H/W Path Driver S/W State H/W Type Description
===========================================================================
ext_bus 21 255/0/3.0 iscsial CLAIMED INTERFACE iSCSI-SCSI
Protocol Interface
disk 1032 255/0/3.0.0.0 sdisk CLAIMED DEVICE
LEFTHANDiSCSIDisk
/dev/dsk/c21t0d0 /dev/rdsk/c21t0d0
ext_bus 22 255/0/6.0 iscsial CLAIMED INTERFACE iSCSI-SCSI
Protocol Interface
disk 1033 255/0/6.0.0.0 sdisk CLAIMED DEVICE
LEFTHANDiSCSIDisk
/dev/dsk/c22t0d0 /dev/rdsk/c22t0d0
ext_bus 24 255/0/12.0 iscsial CLAIMED INTERFACE iSCSI-SCSI
Protocol Interface
disk 1035 255/0/12.0.0.0 sdisk CLAIMED DEVICE
LEFTHANDiSCSIDisk
/dev/dsk/c24t0d0 /dev/rdsk/c24t0d0
There is an entry for each target or volume.
Note:
HP-UX has a limit of 256 block device targets. Af
ter the initial discovery, HP-UX creates a single
logical device for each new device
target (volumes and snapshots) it finds on the HP LeftHand SAN.
Once the HP-UX iSCSI initiator recognizes a target, yo
u need to clear devices from the kernel registry.
See “
Clearing the kernel registry
” below for details of the procedure to clear devices from the kernel
registry.
Step 5: Start using the iSCSI volumes
You can now begin using the iSCSI volumes as you
would any direct-attached disks, either as raw
disks or by formatting the disks.
Clearing the kernel registry
HP-UX accommodates 256 iSCSI sessions and does
not clear block device links to old targets
including deleted snapshots. You must manually clear the registry of stale sessions once this
maximum is reached in order to
establish new iSCSI sessions. Note that clearing the kernel
registry clears out all configurations, so afte
r clearing you will need to recreate any old
configurations you want to preserve.
Here is the procedure to clear out your iSCSI configuration from the kernel registry:
1.
Before deleting all the iSCSI information in the registry and rebooting the system, preserve
the original configuration as follows:
# ioscan -kfn > /tmp/ioscan.pre_shutdown.out
# iscsiutil -p > /tmp/iscsi_tgt.pre_shutdown.out 
2.
Delete all iSCSI information from the registry (all steps must be done as root):
# echo "iscsi_krs_delete/W 1" |adb -w /stand/vmunix /dev/kmem
(assuming system was booted
from /stand/vmunix ...)
# iscsiutil –x
3.
Reboot the system immediately.
4.
Once the system is back online, you will have
to recreate your iSCSI configuration.
This completes the procedure for configuring HP-UX 11i for use with the HP L