Exchange 2013: Resubmitting messages from the safety net using Add-resubmitrequest

Exchange 2013: Resubmitting messages from the safety net using Add-resubmitrequest

Yes, I am still blogging, it has been a while, but I am still alive, this time, I am back to Exchange blogging.
I faced a tough case last week, one of my customers faced an awkward Exchange issue when the log drive was full, and followed by a power cut that put the DB in dirty shutdown and we faced a logical/physical corruption.

So let us see what happened, I was called in after this disaster happened and several attempts to recover the DB has failed, so I started by trying to bring the DB out of the dirty shutdown state, this can be done using ESEUTIL
eseutil /r “E02” /l “m:\usersdb” /d “m:\usersdb
but that didn’t bring the DB out of the dirty shutdown state; I resorted to /P switch
Eseutil /p usersdb.edb
But that failed with error message “illegal duplicate key”, but the DB moved to clean shutdown, so I tried to mount the DB, but I got this fancy error:
“Dbtime on current page is greater than global database dbtime”
Tim McMichael has a great blog about this error here http://blogs.technet.com/b/timmcmic/archive/2011/10/10/error-567-jet-errdbtimetoonew.aspx
So, I figured that the EDB file is gone, and I have to restore the DB. Luckily we had a complete full back up from last night, so I restored it, brought it out of the dirty shutdown and swapped the DB files, that went fine, and the DB was mounted, but what about the emails from the time of the backup to the time of failure (the backup completed 1 AM and the failure happened 10:40 AM).

I knew that we can get emails resubmitted from the safety net https://technet.microsoft.com/en-us/library/jj657495(v=exchg.150).aspx but this is done by the active manager, so the question was how to resubmit those messages manually?!

I had to revert to my own safety net, my friend Mohamed Dawy from the MS Exchange PFE team, and he advised me that I can use the Add-resubmitrequest https://technet.microsoft.com/en-us/library/jj215718(v=exchg.150).aspx to resubmit messages from the safety net after restore.

That was new to me and it worked perfectly, that caused duplicate resubmissions for some users, so they got the same email delivered twice, but that was fine because we recovered all the emails that were lost.

The Add-resubmitrequest was new to me and I didn’t find a lot of people speaking about it, so I hope that this command could be handy to you one day.

Till next time.

Azure Point to Site Error: A certificate could not be found that can be used with this Extensible Authentication Protocol.

While configuring Azure point to site VPN, you might get this error at the client side:

A certificate could not be found that can be used with this Extensible Authentication Protocol. (Error 798) For customised troubleshooting information for this connection

while connecting, this error basically means that:

  • Either you are missing a EAP certificate in your personal store.
  • If you have installed the certificate already, it might not be ready for EAP usage, this can happen for different reasons, I have seen for example that you can’t use powershell to generate client certificates to use with Azure VPN, only makecert.exe works.

so calm down and focus on fixing the EAP certificate at the client side on the personal store, this is the source of the problem, make sure that you have the private key and that the certificate is issued by the same Root CA certificate installed on Azure Gateway and use Makecert to create the client certificate, a sample command would be:

makecert.exe -n “CN=SureskillzClient” -pe -sky exchange -m 96 -ss My -in “sureskillzRoot” -is my -a sha1

How to publish Citrix Xenapp/Xendesktop online without Netscaler using HTTP for workgroup computers

How to publish Citrix Xenapp/Xendesktop online without Netscaler using HTTP for workgroup computers

I always get this weired stuff, I am not sure if it is a curse or something, but I have got this request to publish Citrix XenApp 7.6 online without NetScaler and using HTTP for workgroup computers.

 

Previously, this was an easy task, but due to the changes Citrix has made to StoreFront and Citrix Receiver, it became a tedious task, so here are the simple guide that will give you the exact configuration to publish Citrix online, and allow workgroup computers to connect to it.

 

I will not walk you thought the Citrix Installation, I assume that Citrix installation and Configuration is done.

 

So let us go:

  • Modify the Citrix Storefront URL to match the External URL.

Because how Citrix Xenapp’s logic, you need to set the URL to match the External URL, you can do that from from the studio console:

Configure Base URL without Netscaler

Make sure that Delivery controller resolves the external name to its own internal IP, you can use hosts file to achieve this

  • Modify the global ICA settings file to include the external server name, the file is located at (C:\inetpub\wwwroot\Citrix\Store\App_Data\default.ica)

[Application]

Address=ExternalserverFQDN

TransportDriver=TCP/IP

DoNotUseDefaultCSL=On

BrowserProtocol=HTTPonTCP

LocHttpBrowserAddress=!

WinStationDriver=ICA 3.0

ProxyTimeout=30000

AutologonAllowed=ON

 

By now you are done with the server configuration, now you need to install the Citrix Receiver, you need to allow HTTP stores, add the PNA site, and configure the receiver NOT to use usernames and password (because these are workgroup computers), so let us go:

 

Install the receiver client usign the following command line:

CitrixReceiver.exe /ALLOWADDSTORE=A /ALLOWSAVEPWD=A /STORE0=”http://ExternalFQDN/Citrix/Store/PNAgent/config.xml;on;storename”

 

This will add the store and configure the receive to accept HTTP stores.

 

Now import the Receive ADM Files into the local group policy, and the authentication section and disable the username and password.

Configure Citrix Receiver password settings

By that time, you will be able to open your receiver and access your PNA store if the stars are alligned.

 

 

%d bloggers like this: