Archive for the ‘Uncategorized’ Category

If You Don’t Manage Your Employees Career, Someone Else Will

February 19, 2014 Leave a comment

There is a stark difference how an internal IT team is managed vs a team of IT Consultants. The focus of managing consultants is not around resource allocation and keeping employees motivated, but focused on making sure the employees have the tools and training to be successful, and want to continue working at your organization. Sometimes the latter part is overlooked.

IT Consultant Managers are often tasked with many duties, and managing employees is only a small part, so what a Manager does with the time spent with employees is crucial. Since consultants often complete projects, and keep up-to-date on new technology without much oversight, it is easy go adopt the “stay out of their way” methodology, and keep face-time to a minimum. But, management is one of the few differentiators consultants have when deciding to stay or leave a company. Face time should be regular, and used to track career goals, training opportunities, concerns, and overall job satisfaction. A great book called First Break All the Rules (also summarized in a slideshare), walks through a Gartner study that devised the most important factors attributed to employee retention, job satisfaction, efficiency, and profitability. If you don’t know how your employees would answer these critical questions, you are at risk for turnover and surprises. I implemented a quarterly review system for my employees to review these questions, and each one they mark as anything but “satisfied”, we discuss ways we can increase the rating. This builds rapport with my employees, helps both of us manage their career, and helps the employee think about their future in my organization.

Knowing these things about your employees does not prevent all your employees from exploring other options. There will be items that are out of your control, travel preference is a good example. If travel is a big part of the job, and the consultant decides they want to spend more time at home, it is unlikely you will be able to change their job satisfaction as long as they have a strong preference you can’t control. There will be many other factors that will not be in your direct control as a manager. When an employee leaves, you will likely know the reason why.

In short, you may not have to manage your consultants day-to-day, but if you’re not managing their overall career satisfaction, the likelihood of turnover increases.

Content change notice

February 12, 2014 Leave a comment

To my readers, I have transitioned into a new role, and this blogs content is going to change. There will still be some technical articles, but the focus is going to shift to posts about managing professional services.

Categories: Uncategorized

Setting Internal and External URL’s in Exchange 2013

April 13, 2013 22 comments

Microsoft made a nice GUI for setting internal and external URL, however they still did not put in the AutodiscoverServiceInternalUri, and the OutlookAnywhere URL in the GUI. In my opinion, if you’re going to make a GUI for setting URL’s, it would make sense to present all the necessary URL settings in the GUI, so certificate errors don’t occur.  I made a script to set all the necessary URL’s on a CAS server.

Copy/Paste the script below and save it as Set-Exchange2013Vdirs.ps1

# Author: Scott Jaworski
# Website:
# Version: 1.0
# Description: This script sets internal and external URL’s on the specified Exchange 2013 Client Access Server
# then displays the results of all the urls that have been set.
# How to Use: Copy the text file to a location on the Exchange server. Change the .txt extension to .ps1,
# Open Exchange Management Shell, Browse to the location of the script in EMS, Run .\Set-Exchange2013Vdirs

Function Set-Exchange2013Vdirs
$ExServer = Read-Host “Please enter the Exchange 2013 Server Name you’d like to set Vdirs ”
$InternalName = Read-Host “Input the internal domain name eg.. ”
$ExternalName = Read-Host “Input the external domain name eg. ”

Write-Host “Configuring Directories for $ExServer..” -Foregroundcolor Green

Get-WebservicesVirtualDirectory -Server $ExServer | Set-WebservicesVirtualDirectory -InternalURL https://$InternalName/EWS/Exchange.asmx -ExternalURL https://$externalName/EWS/Exchange.asmx
Get-OwaVirtualDirectory -Server $ExServer | Set-OwaVirtualDirectory -InternalURL https://$InternalName/owa -ExternalURL https://$ExternalName/owa
Get-ecpVirtualDirectory -Server $ExServer | Set-ecpVirtualDirectory -InternalURL https://$InternalName/ecp -ExternalURL https://$ExternalName/ecp
Get-ActiveSyncVirtualDirectory -Server $ExServer | Set-ActiveSyncVirtualDirectory -InternalURL https://$InternalName/Microsoft-Server-ActiveSync -ExternalURL https://$ExternalName/Microsoft-Server-ActiveSync
Get-OABVirtualDirectory -Server $ExServer | Set-OABVirtualDirectory -InternalUrl https://$InternalName/OAB -ExternalURL https://$ExternalName/OAB
Set-ClientAccessServer $ExServer -AutodiscoverServiceInternalUri https://$internalName/Autodiscover/Autodiscover.xml
Set-OutlookAnywhere -Identity “$ExServer\Rpc (Default Web Site)” -InternalHostname $internalName -ExternalHostName $ExternalName -InternalClientAuthenticationMethod ntlm -InternalClientsRequireSsl:$True -ExternalClientAuthenticationMethod NTLM -ExternalClientsRequireSsl:$True

Write-Host “Vdirs have been set to the following..” -Foregroundcolor Green
Write-Host “$ExServer EWS”
Get-WebservicesVirtualDirectory -Server $ExServer |Fl internalURL,ExternalURL
Write-Host “$ExServer OWA”
Get-OWAVirtualDirectory -Server $ExServer | Fl internalUrl,ExternalURL
Write-Host “$ExServer ECP”
Get-ECPVirtualDirectory -Server $ExServer | Fl InternalURL,ExternalURL
Write-Host “$ExServer ActiveSync”
Get-ActiveSyncVirtualDirectory -Server $ExServer | Fl InternalURL,ExternalURL
Write-Host “$ExServer OAB”
Get-OABVirtualDirectory -Server $ExServer | Fl InternalURL,ExternalURL
Write-Host “$ExServer Internal Autodiscover URL”
Get-ClientAccessServer $ExServer | Fl AutodiscoverServiceInternalUri
Write-Host “$Exserver Outlook Anywhere Settings”
Get-OutlookAnywhere -Identity “$ExServer\rpc (Default Web Site)” |fl internalhostname,internalclientauthenticationmethod,internalclientsrequiressl,externalhostname,externalclientauthenticationmethod,externalclientsrequiressl

Write-Host “The Powershell URL have not been set as part of this script. Set it if you choose” -ForegroundColor Yellow

Fixing Lync/OWA Integration After Upgrading to Windows 2008 R2 SP1 or .NetFramework 4.0

February 8, 2012 Leave a comment

So you had Lync integration working with OWA brilliantly by followingJeff Guillet’s blog article, and then you patched your Exchange Servers to Server 2008 R2 SP1 and everything broke. Here’s why, and here’s how to fix it.


.Net Framework 4.0 is rolled up in Server 2008 R2 Sp1, which is incompatible with the UCMA package required for the Lync/OWA integration. We can see in the Windows Updates that .net Framework 4.0 has been installed. It is possible that this was installed outside of SP1 as an optional update.

Unfortunately we cannot simply Uninstall this update, it does not show up in the list of available updates to Uninstall. So how do we get rid of .Net Framework 4.0 without Uninstalling the Server 2008 R2 SP1 update?


1. Download the .Net Framework 4.0 bits from Microsoft, and install it on your Exchange CAS server(s).

2. Once the install is complete, go to Control Panel – Programs and Features, and Remove the .Net Framework 4 Extended, and then the .Net Framework 4 Client Profile.

3. Reboot the Server.

4. Re-run the original .msi and .msp patches you installed for the Lync Integration from Jeff’s blog article. No reboot should be necessary.

5. Open OWA and enjoy your fixed OWA/Lync integration.

Categories: Uncategorized

Outlook Prompt Some Users “connecting to”

Recently I ran into an issue where a subest of internal, domain joined users were getting prompted in Outlook. Most users were not experiencing the issue at all. There are dozens of reasons Outlook will prompt users. In most cases it is due to a misconfiguration of Exchange, but sometimes it has to do with the users. This is what they were seeing when they opened Outlook, or after their computer went to sleep.

Notice that no server name is listed in the prompt. The users were also experiencing Outlook disconnects due to the account being locked out from this prompt. If the user enters the wrong password a few times here, Outlook will disconnect, and it may be awhile before the user realizes their account has been locked out.


The users at some point had cached the wrong credentials in Outlook. Clicking the “Remember my credentials” can cause Windows to cache the credentials, and the next time the application is opened it will attempt to use the cached credentials instead of the AD login. This would theoretically be ok, until the user changes their password.


Open Control Panel | User Accounts | Credential Manager

Remove the cached credentials for the Exchange Server under “Windows Credentials”.

Remove the cached credentials for any Outlook entries under “Generic Credentials”.

It may be in a slightly different location in Windows XP and Vista, but you can still find it under user accounts.

Search queries: Outlook prompting for UPN. Outlook connecting to e-mail address. Outlook prompts for e-mail address. Outlook prompts some users. Outlook caching wrong credentials. Outlook disconnecting. Outlook disconnected after prompt.

Categories: Uncategorized

Common Exchange 2010 Mailbox Move Errors

February 23, 2011 4 comments

Moving Mailboxes from Exchange 2003 or 2007, to 2010 sometimes fail, for various reasons. This is a list of errors I see frequently, as well as how to resolve the error and get the mailbox moved. This post will be updated as I come across more errors.

If you don’t find the error you are looking for in this list, you may try Microsoft’s technet page that has additional errors and resolutions

The Database Already contains a move request for ‘user’

This is purposely put first, because after a mailbox move fails, you almost always have to remove the move request manually.


The queue in ‘User Mailbox Database’ database already contains a move request for ‘User Name’, while AD reports the mailbox as not being moved. It is possible that someone created this move request recently, while targeting a different domain controller, and AD replication did not yet occur. You can examine this move request by running ‘Get-MoveRequestStatistics -MoveRequestQueue ‘User Mailbox Database’ -MailboxGuid 2d2df646-036c-4c65-a986-861524dde06e -IncludeReport | fl’. If you believe this to be an abandoned move request, you can remove it by running ‘Remove-MoveRequest -MoveRequestQueue ‘User Mailbox Database’ -MailboxGuid 2d2df646-036c-4c65-a986-861524dde06e’.

Exchange Management Shell command attempted:

‘ Name’ | New-MoveRequest -TargetDatabase ‘User Mailbox Database’


Both are listed within the error message above. hit “Ctrl+C” to copy the contents of the error message, paste it into notepad, and then copy the given command. With the above example I would run the following command in Exchange Management Shell

Remove-MoveRequest -MoveRequestQueue ‘User Mailbox Database’ -MailboxGuid 2d2df646-036c-4c65-a986-861524dde06e

When it asks if you are sure, type Y then hit Enter

Property expression “UserName” isn’t valid.. ‘@’ cannot be the last character


Property expression “UserName” isn’t valid. Valid values are: Strings that includes ‘@’, where ‘@’ cannot be the last  character

Exchange Management Shell command attempted:

‘ Name’ | New-MoveRequest -TargetDatabase ‘User Mailbox Database’


The user login name is not set, so the username becomes “User@” This is an invalid username.


Open Active Directory Users and Computers. Open the Properties of the User – Account Tab. The Drop down for the User Login is blank. Set the user login to your primary domain, then try moving the mailbox again.

Insufficient Access Rights to Perform the Operation


Active Directory operation failed on This error is not retriable. Additional information: Insufficient access rights to perform the operation.

Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:

‘ Name’ | New-MoveRequest -TargetDatabase ‘User Mailbox Database’


Inheritable permissions are not turned on for the user. If the user is a member of the domain admins group, this setting will be unchecked. You can turn on this permission for the mailbox move. AD will run service in the background that will uncheck the box again in a few hours. This is ok, it just has to be checked during the mailbox move. This error does not seem consistent, ie some domain admins will experience it and some won’t. I have also seen normal users have this box unchecked as well.


Check the “Allow Inheritable Permissions from this object’s parent” box on the user Account. If you don’t know where to find that, keep reading.

1. Open Active Directory Users and Computers and make sure the Advanced Features is checked.

2. Open the Properties of the User Account and go to the Security Tab. Once there, click on Advanced

3. Check the box at the bottom left

4. In Exchange Management Console, try moving the mailbox again.

Microsoft Exchange Critical Error


A dialog box pops up that says Microsoft Exchange Critical Error. “Unexpexted Error [0x787DB51B] while executing command ‘New-MoveRequest -TargetDatabase ‘User Mailbox Database”


In my case, the mailbox was never migrated to the 2003 server, so it was still pointing to an non-existent Exchange 2000 Mailbox Server.

If I ran a get-mailbox “user” it would tell me that the object has been corrupted, and it’s in an inconsistent state. The following validation errors happened:

Warning: Database is mandatory on UserMailbox

This is telling me that the mailbox I was trying to move did not have a database assigned to it.
If I open the Properties of the User account – Exchange General Tab, I see that the Home Server attribute is pointed to an Exchange 2000 database.


Remove the Exchange attributes from the user account. If the mailbox was never migrated from a non-existent mailbox server, nobody is using the account and therefore at least it’s exchange attributes can be removed.

1. Open Up Exchange Users and Computers on the Exchange 2003 server.

2. Right click on the user – Exchange Taks

3. Follow the wizard to Remove Exchange Atrributes

Remote Desktop Connection Manager

October 20, 2010 Leave a comment

A lot of my customers ask me what software I’m using for RDP, so I thought I’d share it here.

If you often remote into servers, this free program from Microsoft makes life a lot easier. Just input the server name and credentials you use to login and add it to the list. Then select the server you want to connect to from the list, or connect to the entire group. Much better than multiple minimized RDP sessions. It also automatically selects a resolution so you can view the entire desktop.

Categories: Uncategorized

Get every new post delivered to your Inbox.