February 2008 - Posts
As you may already be aware that in Exchange 2007, when you create a mailbox – by default only the owner has the permission and no body else and not even the administrator or the person who create the mailbox has any permission to it.
There is a PowerShell cmdlet can help us to add permission to mailbox:
Add-MailboxPermission
Here is an example:
Add-MailboxPermission -Identity "John Doe" -User yli -Accessright Fullaccess -InheritanceType all
“John Doe” is the target mailbox user and yli here is the user account you want to grant permission to.
You can get more detailed information by doing
get-help Add-MailboxPermission -full
SCOM 2007 uses SQL2005 broker service to perform discoveries, so before you use the Discovery Wizard to install agents, you need to set the Enable_Broker value.
To set ENABLE_BROKER
|
1. Open SQL Server Management Studio.
2. In the Connect to Server dialog box, select the appropriate values in the Server type list, in the Server name list, in the Authentication list, and then click Connect.
3. Click New Query.
4. In the query window, enter the following query:
ALTER DATABASE OperationsManager SET SINGLE_USER WITH ROLLBACK IMMEDIATE
5. Click Execute.
6. Enter the following query:
ALTER DATABASE OperationsManager SET ENABLE_BROKER
7. Click Execute.
8. Close SQL Server Management Studio.
Note
Closing SQL Server Management Studio closes the connection to the database in single user mode. Depending on your configuration, you may have to manually kill any process that is connected to the database before completing the ALTER query below.
9. Open SQL Server Management Studio.
10. In the Connect to Server dialog box, select the appropriate values in the Server type list, in the Server name list, in the Authentication list, and then click Connect.
11. Click New Query.
12. In the query window, enter the following query:
ALTER DATABASE OperationsManager SET MULTI_USER
13. Click Execute. |
You can verify the setting for ENABLE_BROKER is set to 1 by using this SQL query: SELECT is_broker_enabled FROM sys.databases WHERE name='OperationsManager'.
I was following the above instruction but when I try “ALTER DATABASE OperationsManager SET MULTI_USER”
I got an error contains “the database is in a single-user mode and a user is currently connect to the database” which puzzled me for a while, Tried to close SQL Server Management Studio a couple of times with out success and even tried to stop SQL service. Until I realized that “Root Management Server” is that “single-user”. After I stopped Config Service and the SDK Service, I was able to run the above statement without any issues. This is one of those “Duh” moment!
I have run into issues to push SCOM 2007 Agent on a few Window 2000 servers (SP4).
After playing around, here are some identified problems:
Dcom wasn’t enabled on some of the box;
The installation account is not part of Local Administrators on the target machine;
When I tried to install the agent manually on some of the box. I run into the below error:
“Error 28205 failed to uninstall SDK mof. error code: -2147217407 idpatch error#3585.”
After searching on the net, I found and verified that the below solution solved my problem:
1, Copy *.mof and *.mfl over from the windows\system32\wbem directory on a working machine, copy this to the same dir on the failing machine.
2, Then open a command prompt, switch to the windows\system32\wbem dir and run : For /f %s in ('dir /b *.mof *.mfl') do mofcomp %s
As a security best practice, it is recommended that we do not log on our computer with administrative credentials because it will otherwise increase security risks.
When we want to perform administrative tasks, we could use RUNAS to start a program using administrative accounts.
We know we can do Shift + Right Click to get RUNAS command in some of the case but for some, that is not an option, such as Active Directory management tools.
What we can do is to use command line to accomplish those tasks.
runas /user:domain\yli "mmc %windir%\system32\dsa.msc"
Of course, this applies to other .msc snap-ins.
We can then create shortcuts for these RUNAS commands on the desktop to make them handy.
In SCOM 2007, at times you will need to place a server (servers) in maintenance mode to prevent getting unnecessary alerts.
Here is how you can do it using New-MaintenanceWindow cmdlet:
$strServer = Get-Agent | Where-object {$_.Name – match “FWS”}
$strServer.HostComputer |New-MaintenanceWindow `
-StartTime (Get-Date) `
-EndTime (Get-Date).AddMinutes (60) `
-Comment “Windows Server 2003 Service Pack 1”
Here is a PowerShell one liner to list startup command on your machine
PS C:\Users\Ying> Get-WmiObject -class "Win32_Startupcommand"
Command User Caption
------- ---- -------
DING!.lnk Dino\Ying DING!
腾讯QQ.lnk Dino\Ying 腾讯QQ
"C:\Program Files\DellSupport\DSAgnt... Dino\Ying DellSupport
"C:\Program Files\Windows Live\Messe... Dino\Ying MsnMsgr
.
.
.