Monday, 28 October 2013

Event ID 12339 and 12344: File Server Resource Manager failed to find claim list

Problem: You are running a Windows Server 2012 file server and you see the error messages in your logs every 15 minutes or so.

1) Event ID: 12339
File Server Resource  Manager failed to find the claim list 'Global Resource Property List' in Active Directory (ADsPath: LDAP://dc1.domain.local/CN=Global Resource Property List,CN=Resource Property Lists,CN=Claims Configuration,CN=Services,CN=Configuration,DC=domain,DC=local).  Please check that the claims list configured for this machine in Group Policy exists in Active Directory.
 2) Event ID: 12344
File Server Resource  Manager finished syncing claims from Active Directory and encountered errors during the sync (0x80072030, There is no such object on the server.) Please check previous event logs for details.

Solution: You can either upgrade the Active Directory schema to version 56 (Windows Server 2012) or safely ignore the error messages.

If you can update the schema of your domain. Follow these steps:

 log on to Windows Server 2012 as Administrator of your domain
 Copy from "support \adprep" in the media of Windows Server 2012 to "c:\"
run this command
 c:\adprep\adprep.exe /forestprep

Monday, 21 October 2013

Event ID 12306 FSRM SMTP cannot send email

File Server Resource Manager  Windows Server 2012 - SMTP cannot send email to Exchange Server 2007
Event ID: 12306
Event Source: SRMSVC
Event Viewer Application logs:
A File Server Resource Manager Service email action could not be run.
Error-specific details:
Error: IFsrmEmailExternal::SendMail, 0x8004531c, Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send as this sender.
The problem is that your file server does not have the rights to authenticate against an Exchange Server using the computer account (domain\computername$ format) account of the server.  This computer account must be granted send as permissions on the mailbox that you are trying to send as, or it will fail with this error. What you need to do is to run the command below on the mailbox you would like to send as, on your Exchange server.

 Add-ADPermission -Identity "Mailbox Display Name" -user "Domain\ServerName$" -extendedrights "Send-as"

Monday, 14 October 2013

Remove character from folder name

Have you ever needed to remove a character from a bunch of folders? This Powershell script does the trick.

Get-ChildItem -name | ForEach-Object { Move-Item $_ $_.replace("character to remove", "") }

Monday, 7 October 2013

Unable to delete a DC - dcpromo error

Deleting a DC is most of the time a rather straightforward procedure but a few weeks ago i received the error message below trying to uninstall a customers DC.

"The operation failed because: the attempt at remote directory server serverx.customerdomain.local to remove directory server CN=ServerX,CN=Servers,CN=customerdomain,CN=Sites,CN=Configuration...
was unsuccessful. "Access is denied"

The account which i was running dcpromo with was both Domain Admin and Enterprise Admin, i could ping the other DC's, i checked with ADSI edit that my account had the rights to delete the DC. Everything seemed ok.

So what was the problem? I had a look in Sites and Services and found the solution to my problem. The DC had the checkbox "Protect object from accidental deletion" ticked. I unchecked the tickbox and could then run the dcpromo without any problems.

Friday, 4 October 2013

Windows Server 2008 R2 DHCP problem "The parameter is incorrect"

A few weeks ago I was decommissioning a domain controller which had the DHCP server role installed. When I tried to unauthorize the server I received the following error:

"The parameter is incorrect"

  • I verified that the server was authorized in Active Directory
  • I verified that I had sufficient rights to unauthorize the server

These are the steps that solved the problem:
  1. Stop DHCP service
  2. Delete the DHCP server object from the DHCP console
  3. Re-add the DHCP server to the DHCP console
  4. Start the DHCP service
  5. Try again to unauthorize the DHCP server