Archive for November, 2012


Regex Tools

These are some tools that could get you started with regex. They also include testers for your regex

RegExr Desktop

Free RegEx Tool for MacOSX, Windows, and Linux

RegExr Desktop is a tool for learning, editing, and testing regular expressions

http://gskinner.com/RegExr/desktop/

 

For Testing your regexes

http://regexpal.com/

http://regexhero.net/tester/

Advertisements

If you ever want to export / import a mailbox use the below

1- You need to set a role assignment to the user

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User AD\Administrator

2- To Export Run the following command

New-MailboxExportRequest -Mailbox "SourceMailbox" -IncludeFolders "Namethefolder" -FilePath \\servername\c$\mailboxexport.pst

3- To import run the following command

New-MailboxImportRequest -Mailbox "NewRoomMailbox" -IncludeFolders "namethefolder" -FilePath \\servername\c$\mailboxexport.pst

 

For Example, the below exports calendar items from one Mailbox to the other

New-MailboxImportRequest -Mailbox "OLDRoomMailbox" -IncludeFolders "#Calendar#" -FilePath \\servername\c$\meetingroomcalendat.pst

New-MailboxExportRequest -Mailbox "NEWRoomMailbox" -IncludeFolders "#Calendar#" -FilePath \\servername\c$\meetingroomcalendat.pst

When installing Lync you will need the following for the roles

FrontEnd

 

For Server 2012:

PS C:\> Import-Module ServerManager
PS C:\> Add-WindowsFeature Web-Server, Web-Static-Content, Web-Default-Doc, Web-Scripting-Tools, Web-Windows-Auth, Web-Asp-Net, Web-Log-Libraries, Web-Http-Tracing, Web-Stat-Compression, Web-Default-Doc, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Errors, Web-Http-Logging, Web-Net-Ext, Web-Client-Auth, Web-Filtering, Web-Mgmt-Console, Web-Asp-Net45, Web-Net-Ext45, Web-Dyn-Compression, Web-Mgmt-Console, Desktop-Experience

For Server 2008 R2 SP1:

PS C:\> Import-Module ServerManager
PS C:\> Add-WindowsFeature Web-Server, Web-Static-Content, Web-Default-Doc, Web-Scripting-Tools, Web-Windows-Auth, Web-Asp-Net, Web-Log-Libraries, Web-Http-Tracing, Web-Stat-Compression, Web-Default-Doc, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Errors, Web-Http-Logging, Web-Net-Ext, Web-Client-Auth, Web-Filtering, Web-Mgmt-Console, Web-Dyn-Compression, Web-Mgmt-Console, Desktop-Experience

 

In-addition to the above you will need

1- Windows Identity Foundation from here

2- .NET Framework 4.5 from here

3- PowerShell 3.0 from Here

 

Office Web Apps

 

For Windows 2008 R2, run:

Import-Module ServerManager

Add-WindowsFeature Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,Web-Security,Web-Windows-Auth,Web-Filtering,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Console,Ink-Handwriting,IH-Ink-Support

For Windows 2012, run:

Import-Module ServerManager

Add-WindowsFeature Web-Server,Web-Mgmt-Tools,Web-Mgmt-Console,Web-WebServer,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Security,Web-Filtering,Web-Windows-Auth,Web-App-Dev,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,InkandHandwritingServices,NET-Framework-Features, NET-Framework-Core, NET-HTTP-Activation, NET-Non-HTTP-Activ, NET-WCF-HTTP-Activation45

 

In addition you will need the below

1- Office Web Apps Server from here

2- .NET Framework 4.5 from here

3- PowerShell 3.0 from Here

4- KB2592525 from here

 

AD FS 2.0 Unhandled Exception

At a client side after deploying the AD FS 2.0 for SSO with Office 365, Whenever I tried logging in to the Office 365 Portal, I get redirected to the FS Proxy Forms based and it would show an Unhandled Exception with the view of a Correlation ID.

Now inorder to see what really happened you will need to navigate to the Event Viewer –> Applications –> AD FS Admin and in the view pane just add the Correlation ID tab.

In most cases the error you will be getting is like below

Encountered error during federation passive request.

Additional Data

Exception details:
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. —> System.ServiceModel.FaultException: An error occurred when verifying security for the message.
   — End of inner exception stack trace —

Server stack trace:
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Microsoft.IdentityServer.Protocols.PolicyStore.IPolicyStoreReadOnlyTransfer.GetState(String serviceObjectType, String mask, FilterData filter, Int32 clientVersionNumber)
   at Microsoft.IdentityServer.PolicyModel.Client.PolicyStoreReadOnlyTransferClient.GetState(String serviceObjectType, String mask, FilterData filter, Int32 clientVersionNumber)
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.FetchServiceSettingsData()
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.GetServiceSettingsData()
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.GetFederationPassiveConfiguration()
   at Microsoft.IdentityServer.Web.PassivePolicyManager.GetPassiveEndpointAbsolutePath()
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.GetPassiveEndpointAbsolutePath()

System.ServiceModel.FaultException: An error occurred when verifying security for the message.

 

Now this is normally caused by one of the below two reasons

1- The ADFS server identifier URL has been changed to https and using the same URL extension adfs/services/trust. This manifests a bug in the AD FS, so the solution is either to change the HTTPS back to HTTP or change the Extension. You cant have both

This bug is documented here http://social.technet.microsoft.com/wiki/contents/articles/1670.ad-fs-2-0-federation-server-proxy-servers-fail-to-authenticate-users-events-248-and-996-logged.aspx 

 

2- This is not very well documented and was my problem, it was the TIME. Given that I have not joined the proxy servers to the domain, but the federation servers were indeed joined. There was a time skew between both.

So I made sure that the Proxy Servers would always Sync the time from the Domain controller holding the PDC.

Fixing this fixed the problem.

So if you have the same, make sure that you check the above 2.