Search This Blog

Monday, April 27, 2009

Group Policy for safe sender lists in Outlook 2007 does not work

Description:
You have set Outlook 2007 safe sender list through GPO however it isn’t applying to users. You’ve check that the GPO was applied successfully.

Resolution:
Change the safe sender list path to
\\servername\sharefolder\filename. It cannot use the %logonserver%\sharefolder syntax.

Proxy Exception at Internet Explorer does not work

Description:
You have set proxy exception for IE through Group Policy (GPO). For some reason the setting won’t apply to user’s computer. You verified that the GPO has the right setting and has no conflict with other GPO. You also confirmed that the GPO was applied to user’s computer, but the computer registry contains different data.

Resolution:
Please check the exception list content. Make sure there’s no invalid character or value. If the http address in Proxy Exception list contains more than two “/” characters, the IE Branding extension would accept this setting. You should remove the rest of the “/” from the http address in proxy exception list.

Exchange SMTP Internet Connector frequently down

Description:
You have Exchange 2003 Front-End server configure to route emails to third party appliance smart host. One day the Exchange Internet connector frequently converted to down state causing mail queue when sending to external address. No issue when the connector is configures to use DNS instead of smart host to dispatch email. You have check for possible Antivirus or SMTP Protocol issue using Winroute and Regtrace but everything looks ok.
On the Netmon trace result, you can see that Exchange didn’t receive ACK for certain packet from the smart host and it terminates the connection after some times.

Resolution:
Make sure that the network speed and duplex setting at the smart host is the same with the connection setting at core switch. Running manual setup might be required to eliminate the issue.

Monday, April 6, 2009

Missing PTR Record in DNS

Description
You create a PTR record on your Active Directory Integrated DNS Server. After a while the PTR record suddenly missing. Your Active Directory and your DNS server are working fine. Replication between Domain Controller also working normally.

Resolution
Be sure the "register this connection's addresses to the DNS" checkbox option is enable, the server than will automatically register its ptr record to the DNS server.

Wednesday, March 18, 2009

Enable Strict Replication Consistency

Description
Supposed a domain controller get disconnected from the replication topology for an extended period and then later on reconnect it. You need to make sure that no outdated Active Directory objects can be replicated within the forest.

Resolution
Use regedit command and go to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Create a Strict Replication Consistency with REG_DWORD data type. Set 1 as the value.

This setting ensures that no outdated objects are reintroduced into Active Directory Domain Services (AD DS).
You need to set it on all of the Domain Controller within the Forest.

Search Google