IPAM – Event Log Access Status: Blocked (DNS)

After letting IPAM do its discovery for 3 days the only problem I picked up was that the status below was still showing as blocked even though the firewall rules were adjusted and the IPAM server was part of the correct security groups.

IPAM Blocked

The data is refreshed once a day but I was manually refreshing it without success.

Seems to be a bug in IPAM as I added the IPAM server to the Administrators group in AD and all of a sudden everything was unblocked.

Hope it helps

IPAM Windows Server 2012

So Microsoft introduced this cool feature on Windows Server 2012 called IPAM (IP Address Management).

To install this make sure it is not on a Domain Controller.

Installation is pretty simple, open up server manager, Add new features and select IPAM.

Here are a few firewall inbound rules that need to be enabled on your DNS and DHCP Servers:

DNS Service (RPC)
DNS Service (RPC Endpoint Mapper)
Remote Service Management (RPC)
Remote Service Management (RPC-EPMAP)
Remote Event Log Management (RPC)
Remote Event Log Management (RPC-EPMAP)

Now you need to give IPAMUG access to the Event Log Readers Built-In Security group in AD.  Your machine running IPAM needs to be part of IPAMUG.

The key to this is patience, once all the Firewall Ports/Inbound Rules are correct and access give as above everything will be green.

For more info check out MS article:


Hope it helps.

Create new Exchange 2010 Database fails in the EMC

Today I went to create a new Mailbox Database as I wanted to get rid of the white space in the current one. So I thought I would open the EMC (Exchange Management Console) and quickly create it. Upon giving the new database a name and setting the DB and Log location it failed immediately when creating the database.

So I opened up the EMS (Exchange Management Shell) and ran the following command:

new-mailboxdatabase -name ‘DB Name’ -server ‘Server Name’ -edbfilepath ‘Path File.edb’ -logFolderPath ‘Path FileName_Logs’

This ran without any issues, then you need to mount the Database:

mount-database -identity ‘DB Name’

Now if you open the EMC you will now see the new DB.

Hope it helps.

Exchange 2010 Server Public Folder Database was not found.

Today I wanted to add another CAS/HUB Server to my environment and encountered a small error which can be fixed with running a command from the EMS.

When I tried to install the CAS role it gave this error:

Action “Update” could not be performed on the object ‘Default Offline Address List’
Error: Exchange server “PF database” was not found. Please make sure you typed the name correctly.

So I dismounted and mounted the PF database and still it didn’t fix the problem. After trying to make changes to the OAB it gave this error as well:

PF error

Coming from an Exchange 2003 environment when Exchange 2003 was decommissioned the server was actually looking for a name rather than the DB.

In the EMS I ran the following command:

Move-OfflineAddressBook -Identity “Default Offline Address list” -Server ServerName

Upon going back to the EMC and now going to the properties of the OAB I was able to enable the stuff I wanted enabled. Then from the EMS I ran setup.com /roles:clientaccess and the installation went through without any issues.

Hope it helps.

Exchange 2010 Mail Queue – 451 4.4.0 DNS Query Error

If you come across the following error it is because Exchange cant query the domain. If you ping the domain name it will give you an error saying it cannot find it.

Simple fix, under organization management -> Hub Transport -> Send Connector, right click on your send connector and select properties. On the network tab check the box that says Use External DNS lookup settings on the transport server.

Then under Server Configuration -> Hub Transport right click on the server name and select properties. Click the External DNS lookup tab and then “Use these DNS servers” and enter in your ISP DNS entries.

Click Okay and then refresh your queue and mail should start going out.

Hope it helps.

SCCM 2012 Client stuck at 0% when downloading updates

Today I came across all servers and clients in my organization not downloading windows updates from SCCM 2012. There was about 17 updates and all stuck on 0%.

I changed the boundary settings on the SCCM server from AD to IP subnet, removed all the updates that were released previously and re-deployed them again. Once I did this the clients were downloading and installing updates again without an issue.

Hope it helps.

One or more prerequisites for protecting this data source is missing – Windows 2003 & DPM System State Backups

If you want to protect a Server running Windows 2003 SP2 or SBS you need to ensure that the correct KB is applied as you will get the following error when trying to select a source.

One or more prerequisites for protecting this data source is missing.
Ensure that the following prerequisite software is installed on server and/or all nodes in the cluster:
Windows Server 2003 SP1 with Knowledge Base article 940349 (http://go.microsoft.com/fwlink/?LinkId=99034)
– OR –
Windows Server 2008 (http://go.microsoft.com/fwlink/?LinkId=128812)

To fix this you need to download and install the KB940349. Once you apply this KB to your  Windows 2003 Server and have rebooted, DPM will then allow you to select a source.

Hope it helps.

DPM Replica is inconsistent on Windows Server 2012 DC backup

Today I moved my DC System State backups to DPM 2012. After running the first initial sync the status goes to a green OK and then immediately to a red “replica is inconsistent”. Made sure that space was not an issue as this can cause problems but the servers had ample space.

So like Windows Server 2008 R2 I i installed the following feature: Windows Server Backup.

After a reboot I ran a consistency check and all the DC’s were showing OK now.

Hope it helps.

Exchange 2010 Database Copy Status in a Failed State.

Prerequisites List

  • Admin access to be able to manage Mailbox Databases in Exchange.
  • EMC or Exchange Management Shell.

If you running an Exchange DAG and the copy status is sitting in a failed state you can reseed the Database.


You first need to run the following command below to Suspend the copy, open up the EMS (Exchange Management Shell).

  • Suspend-MailboxDatabaseCopy -Identity “Mailbox Database XXXXX\Server Name”

You will be prompted to choose an option. Type in “y” and press enter.


  • Database Copy Status will go from “Failed” to “Failed and Suspended”.

Now to reseed the database you can run the following command, remember the bigger the database the longer it is going to take:

  • Update-MailboxDatabaseCopy -Identity “Mailbox Database XXXXX\Server Name” -DeleteExistingFiles


If you check the status now by running the command below you will see that the second server is busy Resynchronizing (as above).

  • Get-MailboxDatabaseCopyStatus *

Once this is complete the Copy Queue Length should start going down.

SeSecurityPrivilege privilege Error when installing Exchange 2010 SP2 Hub Transport Role

Today while installing a new Exchange Server to create a DAG (Database Availability Group) I ran into the following error below:


First thing that I checked was that the domain\Exchange Servers was part of the following Manage Auditing and Security Log.

Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment -> Manage auditing and security log

Indeed it was, so all I did was block inheritance on the OU and then tried running the setup again and it worked without a problem. Once done I removed the block and set everything back to what it was. Alternatively you can move the machine to an OU where inheritance is blocked on the policies.

Hope it helps.