Archive for the ‘Articole IT’ Category

Interforest Migration with ADMT 3.2 and Exchange 2010 interforest Migration

October 28, 2011 1 comment

Yesterday I had to migrate 25 users from our forest into a brand new forest and I was told to just create all the users on the new forest and export the mails to PST and import them into the new Exchange. But this is not me, I just wanted to migrate them as it is a while since I performed my last interforest migration.

So I prepared the target forest for migration by setting up the trust relationship between our forest and the target forest, delegated the rights on the remote forest for my administrative user and installed ADTM 3.2 on both forests as I was going to experiment migration from both forests.

Now, before you install ADMT 3,2 remember you will have to install SQL Express server. In my case I had the ADMT installed on Domain Controller instead of a member server. If this is your case also then do NOT install SQL Express 2008, just install SQL Express 2005 SP1 because the ADMT 3.2 will not work with SQL Express 2008 installed on the DC.

So first install SQL Express 2005 SP1 then install the ADMT.

Now, if you also plan on migrating the passwords and SID history from one forest to the other you will also need to further prepare the target and source domain for the migration. Please see this Technet article regarding preparation of the domain, and here is the Technet article regarding password migration domain preparation.

You will probably find many more guides on the internet on how to prepare the domain and groups and other small things.
After you install ADMT and you want to migrate also the Passwords then you will have to install also “Password Export Server”.

After you install PES you will have to create a KEY for password encryption. They key needs to be created on the TARGET domain and imported on the SOURCE domain.
So you will need to run this command on the TARGET domain :

admtkey /option:create /sourcedomain:<SourceDomain> /keyfile:<KeyFilePath> /keypassword:{<password>|*}

ADMTKEY example :

admtkey /option:create /sourcedomain:sourcedomain.local /keyfile:c:\ /keypassword:yourpassword

After you copy the key from the target domain to the source domain you will also have to IMPORT IT ! No article will tell you this. The PES key must be imported on the source domain by this command :

admt key /option:import /sourcedomain:sourcedomain.local /keyfile:key.pes

Only now START the “Password Export Server Service”.

If you are planing to migrate mailboxes as I did, DO NOT use ADMT to migrate them just yet. You will first need to use the Exchange 2010 Prepare-MoveRequest.ps1 script to prepare the source mailboxes for migration.

Open the Exchange Management console on the TARGET domain. Then add the Source Forest by right clicking the “Microsoft Exchange” and say “Add Exchange Forest”. Then add the remote (source exchange) forest.
Let’s say you want to migrate USER1 from S1 forest to T1 forest.

Open Exchange Management Shell on the T1 forest and type :

$LocalCredentials = Get-Credential

$RemoteCredentials = Get-Credential

Input the credentials for the local forest and remote forest.
.\Prepare-MoveRequest.ps1 -Identity USER1 -RemoteForestDomainController -RemoteForestCredential $RemoteCredentials -LocalForestDomainController dc.targetdomain.local -LocalForestCredential $LocalCredentials -TargetMailUserOU “OU=YourTargetOU,DC=targetdomain,DC=local” -UseLocalObject

This will prepare USER1 mailbox for migration and prepare an USER1 object on the T1 forest.

Now you can migrate the USER1 from S1 to T1 by using ADMT 3.2 and MERGE objects, migrate SID history and EXCLUDE all this attributes from migration :


After migrating the user fire this command on the Target forest Exchange Management Shell :

New-MoveRequest -Identity “USER1” -RemoteLegacy -TargetDatabase “Mailbox” -RemoteGlobalCatalog “” -RemoteCredential $Remote -TargetDeliveryDomain “targetdomain.local”

Now your mailbox will be migrated.

A very nice guide is presented here on the Exchange Team Blog. but not everything is lined out therefore I made this short guide.

If you have any questions please don’t hesitate to ask.


Force RDC 6 Install – Force KB952155 install – RDC 6.1 Install over RDC 7

March 23, 2011 Leave a comment

I guess many of you have had this problem until now with the new Remote Desktop Client version 7 and Termianl Server Published applications using Windows XP clients.
The problem is that on Termianl Server Published applications the user is unable to choose an option from a drop down menu when running it on a Windows XP client with RDC 7 installed.

I had this problem with the Microsoft Dynamics Axapta and RDC7 , choosing printer under a published application and RDC7 and some drop down menus not working. If the clients are running RDC 6.1 then you can simply apply a Microsoft patch KB968358 and the problem will be fixed. But if you are as unlucky as I am and you have already installed RDC 7 on the clients you can not apply the patch anymore. Or if you deployed the RDC 7 client trough Wsus, you can not choose the uninstall option and if you have 2-3k clients this becomes a serious problem.

Of course I have open a case with Microsoft and I was told plain and simple to piss off as I am to small for them to bother with my problem but I am not the only one and I should just upgrade all my clients to Windows 7, which for me is not an option.

So if you are in the same boat as I am you have only a few options :

1. Uninstall RDC7 (KB969084) on all the machines if you still have the $NtUninstallKB969084$ folder under the Windows catalog.
You can simply make a logon script that will execute something like this :

start /wait %SYSTEMROOT%\$NtUninstallKB969084$\spuninst\spuninst.exe /q

Which will uninstall the RDC 7 quietly.
Then install RDC 6.1 and then apply the KB968358 patch.

2. If you no longer have the %SYSTEMROOT%\$NtUninstallKB969084$\ folder that means you can not uninstall and somehow you will have to trick the RDC 6.1 installation.
In this case you can just overwrite a few files on the System32 folder and use the brute force šŸ™‚
You will need to replace the mstsc.exe and mstscax.dll files in the %SYSTEMROOT%\system32\ folderĀ  and depending on your language locale (in my case Danish / German)
also this mstscax.dll.mui and mstsc.exe.mui within the %SYSTEMROOT%\system32\da-dkĀ  (da-dk or de-de or any other language you might have)

You can download the RDC 6.1 files from HERE and unpack them on a shared folder on one of your servers. (There is no RDC 6 MSI package available from Microsoft) Then download the KB968358 patch and put it in the same location (the patch will be named WindowsXP-KB968358-x86-ENU.exe or something like this).
Make a logon script that would look something like this:

@echo off

cd %SYSTEMROOT%\system32\
Echo Renaming Old RDC 7 Files….

ren mstsc.exe mstsc99.exe
ren mstscax.dll mstscax99.dll

cd %SYSTEMROOT%\system32\da-dk\

ren mstscax.dll.mui mstscax99.dll.mui
ren mstsc.exe.mui mstsc99.exe.mui

Echo Copy new files to local machine….

copy \\servername\sharename\mstsc.exe %SYSTEMROOT%\system32\ /y
copy \\servername\sharename\mstscax.dll %SYSTEMROOT%\system32\ /y
copy \\servername\sharename\mstscax.dll.mui %SYSTEMROOT%\system32\da-dk\ /y
copy \\servername\sharename\mstsc.exe.mui %SYSTEMROOT%\system32\da-dk\ /y

Echo Starting the patch….

start /wait \\servername\sharename\WindowsXP-KB968358-x86-ENU /q

echo Patch Done

Now you can run your published application and everything should be fine.

Rockey100 – Rockey200 Windows 7 Drivers problem solved.

February 16, 2011 Leave a comment

I have recently purchased a Rockey200 smart card reader for and I use it as SIM card editor. The interface is produced by The drivers are available for download at

The installation software tells you that you do NOT have to plug the card reader into the USB port until you have installed the driver. I didn’t and even so the card reader appeared as an unknown device and windows could not find the drivers for it and the software package is kinda badly designed as it does not come with any “.inf” (driver information file) file that you can select and install the driver separately.

The solution is to force the drivers manually. Open the Computer Management , select “Device Manager” and find the unidentified device under Card Readers. Right click it , properties, go to the Drivers tab and select “Update Driver”. At the next step select “Browse my Computer for driver software” , and then click “Let me pick from a list of device drivers on my computer”. On the list ion the left find “OEM” and select “USB CCID Smart Card Reader”. Next , next ok and it should be installed. Now you will see under the Smart Card Readers TWO times the “USB CCID Smart Card Reader”. One in working condition and one in non working condition. Let them as they are.

You can now start using the Rockey200 SIM Editor. This is the only way I could make it work under Windows 7 after a few unsuccessful attempts with other methods.

If you have a better way to do it and make it work properly please let me know as I am out of ideas.

Re-Flashing / Repairing a bricked Bufalo WZR-HP-G300NH

December 10, 2010 Leave a comment

Many ISP’s (Internet Service Provider) are today upgrading your internet connection for free , and you will get more bandwidth for the same price.
Many of you have old routers that are simply not capable to handle the speed of your newly internet connection and therefore you are forced to make some upgrades on
the hardware , like your cable modem or your router.

Most of the new routers are better in terms of performance and are Plug & Play and you won’t need to do anything beside plugging in the power , internet connection cable and your computer and you are ready to go !
But some of you are a bit more demanding and are not satisfied with the standard capabilities of the router and want to have better performance , more options , more functions
than the standard firmware offers and therefore you have decided to upgrade the router with a new firmware or a non standard firmware. Upgrading the firmware it’s pretty easy this
days and can be simply done from the web interface of the router and in a few minutes you will have the new firmware up and running.
But sometimes the things don’t go as planned and your firmware upgrade can fail and then you will have a so called “bricked” router and you don’t know what to do with it.

Most of the so called SOHO (Small Office/Home Office) routers are pretty hard to brick by accident but if this happen they can be fixed and I am going to show you how.
In our case we will take the new Buffalo WZR-HP-G300NH router.
The standard firmware that comes with the router can be the version 1.76 or 1.72 and in our case we will try to replace this firmware with a non standard firmware like the one
offered by DD-WRT and we can download the latest firmware from the DD-WRT website.
You can either download the firmware from or you can download it from here : DDWRT Wiki Buffalo WZR-HP-G300NH (I recommend the second one).

After downloading the firmware you will find detailed information on how to actually flash the new firmware within the ZIP file containing the firmware and the How-To manual.
The firmware upgrade it is pretty straight forward :

  1. Start up Windows.
  2. Please confirm that both the LAN adapter and the AirStation’s IP addresses are on the same network subnet. Refer to AirStation’s User Manual for instructions on changing IP address settings.
  3. Select [Run] from the Start Menu.
    Enter “; (the AirStation’s LAN side IP address) in the field and click “OK”.
  4. Navigate to the AirStation’s Web Admin interface. (If you haven’t created a account yet, enter a username and password. Click “Change Password”.)
  5. Click “Administration” from the upper menu.
    When the login prompt appears, enter your new username and password.
  6. Click “Firmware Upgrade”.
  7. Click “Browse” to the right of “Please select a file to upgrade” and navigate to the extracted firmware file. The file should be of the form “wzrhpg300nh-pro-***” where *** is the version number. Click “Upgrade”.
  8. During the firmware update, the Diag LED will flash for about 5 minutes. When the update is complete, the LED will turn off. Do not turn off the AirStation until the firmware update is complete. If the unit is unplugged while the Diag LED is still flashing, the AirStation may be damaged.

After flashing the router with the new firmware please wait for at least 5 minutes or until you see the green lights on the router and the DIAG led stopped flashing.
You are done.

Now the tricky part after this is that IF you want to go back to the original firmware you will have to DOWNGRADE the firmware to version 1.65 , 1.66 or similar before
you can actually re-flash the router to another version.
You can download the standard firmware from the Buffalo website here :Ā

Now the router has some kind of built in fail-safe mechanism that will not let you downgrade from the web interface and when you try to re-flash the router to a previous version , the firmware upgrade process will fail. The only way to re-flash the router is then by TFTP (Trivial File Transfer Protocol).
This method can also be used if your initial firmware upgrade failed by some reason and the only light you can see on the router is the DIAG led that flashes constantly.

In order to flash the router by TFTP you will have to know a few things :
– The Buffalo WZR-HP-G300NH can only be flashed when the router has its factory default IP address that is :
So if you changed this , please change it back to the factory defaults. This can be simply made by pressing the reset button on the bottom of the router for more than 3 seconds.
– You will need to know the MAC address of the router. You can find that on the web interface of the router or on the router itself on the white sticker.

Now , you can either do this from the Windows or Linux.

A. Windows
As your router is dead , your machine will not have any IP address assigned so you will need to assign it manually.
1) Go to Start and click on Control Panel.

2) Control Panel window will appear. Double click on Network Connections.

3) Network Connections window will appear. Right click correct Local Area Connection by identifying correct network card and click Properties.

4) Select Internet Protocol (TCP/IP). Click on Properties.
You can now manually type in the IP address, Subnet mask, Default gateway and DNS servers.
Assign the following IP address : and SubnetMask :

Locate the firmware file you want to have it flashed on your computer. Let’s say you have saved it on your C:Ā  drive in a folder called BUFFALO.
Please note the name of the BIN file you have there , it will be something like : wzrhpg300nh-176.bin
Download Linksys TFTP utility

Now , power off the router and leave it connected to your machine by the network cable plugged into one of the 4 black Ethernet ports.
Open a command prompt and type ” route print” in order to get a list of your network card adapters. Write down the number of your network card.
My list looks something like :

Network Adapter
12…00 1b fc 6b 3f d8 ……Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
11…00 1b fc 6b 36 d4 ……Realtek PCI GBE Family Controller
26…00 50 56 c0 00 01 ……VMware Virtual Ethernet Adapter for VMnet1
27…00 50 56 c0 00 08 ……VMware Virtual Ethernet Adapter for VMnet8
1………………………Software Loopback Interface 1

My active network card it is number 12
Now you will need to bind the interface number 12 with the routers MAC address and you can do this by going back to the command prompt and type :

netsh interface ipv4 add neighbors 12 xx-xx-xx-xx-xx-xx

Where xx-xx-xx-xx-xx-xx it’s the actual MAC address of your OWN router and replace the number 12 with your own interface number.
Run Linksys TFTP utility that you downloaded earlier .
Put in the Server address. Password field let it empty and the file is the firmware file you downloaded wzrhpg300nh-176.
Set retry time to 60 just in case so you have time to power on the router.

Now hit theĀ  “Upgrade” button in the TFTP utility and power on the router.
The flash process should start now
Wait until the flashing process is complete.
The router will reboot itself when the upgrade is done. This can take up to 10 minutes so please be patient until your router reboots by itself.
Now the green lights are ON and the DIAG led stopped flashing.

You can now open a browser and navigate to to see your router interface.

B. Linux

If you do not have a Linux running you can just download the Ubuntu from here and burn the image on a CD or put it on an USB flash drive.
You can download it from here :
On the same page you can also find out how to make a bootable CD or USB flash drive.
Save the firmware on a USB Flash drive.

Now that you are all set , boot the machine with the Ubuntu and choose to TEST the Ubuntu and not install it on your machine.
The machine will come booted in the graphic mode and you will need a shell in order to perform the tftp firmware upgrade.
When the Ubuntu booted up press : CTRL+ALT+F1
This will take you to a shell prompt.
While in the shell type :

sudo apt-get update
sudo apt-get install tftp-hpa
sudo /etc/init.d/networking stop
sudo ifconfig eth0
sudo ifconfig eth0 netmask
sudo arp -s xx:xx:xx:xx:xx:xx
# where xx:xx:xx:xx:xx:xx is your router MAC address.
#If you booted on a CD you will need to find the firmware on the USB flash drive.
# that would be something like /media/127648279256 (you will see what I am talking about)
cd /
cd media
#note the long number , that is your USB drive
cd 127648279256
#from now you are at the tftp command prompt, the “tftp>”Ā  Your prompt will look something like “tftp>” so the commands you need to give are after the prompt.
tftp> verbose
tftp> binary
tftp> trace
tftp> rexmt 1
tftp> timeout 60
tftp> put wzrg300nh-176.tftp

Now power on the router and wait. You will see the firmware being sent to the router.
Wait until the flashing process is complete.
The router will reboot itself when the upgrade is done. This can take up to 10 minutes so please be patient until your router reboots by itself.
Now the green lights are ON and the DIAG led stopped flashing.

You are done and can reboot the machine and enjoy your new un-bricked router.

This guide has been made with information from the DD-WRT Forum.

Minister: OK to tax the Danish Google revenue in Ireland

September 6, 2010 Leave a comment

Taxation ministerĀ  Troels Lund Poulsen, can not and will not prevent Google billing Danish advertisers through its Irish subsidiary, allegedly to avoid tax in Denmark.

The U.S. search giant Google has recently been accused of evading tax payments in Denmark.

Treasury minister Troels Lund Poulsen (V), cleared this out by saying that multinational corporations can decide where in the world they want to build and operate.

The announcement comes in the context of a request by the IT spokesman Per Clausen, who had asked Taxation ministry :
“Will the minister prevent Google from selling ads for Danish companies using Ireland to avoid paying tax in Denmark?”

To which Troels Lund Poulsen Easy answered : ‘No.’

He explains, however, with the above arguments about the freedom to decide where to operate, and then he added that the Government has placed great emphasis on that multinational corporations pay the tax when they must – neither more nor less.
Therefore, the government has made an action plan to ensure that this happens.

Backup Exec 2010 can not view DAG, Exchange 2010

August 17, 2010 Leave a comment

Some people are currently faced with the following problem :

You are unable to access my Exchange 2010 DAG from Backup Exec 2010 for backup.
The DAG is visible from the selection list but fails authentication.

There are many people who as this quetsion on the net, but no expert from any forum the anwser yet.
The Backup Exec server has a Windows Server 2008 R2 OS and has the Exchange Management Tools installed.

My backup guy was fighting with this problem a few days and then finally asked my opinion.
After looking around the setup for a few minutes I found the problem and fixed it within seconds !

The solution is simple actually.
When you are faced with such a problem make sure that your DAG Cluster it’s OK and does not have any failed state.

Please check your DAG Cluster via the “Failover Cluster Management” in control panel.
I bet your DAG has the Cluster name / IP address in the Failed state.

Bring that resource up and everything should be ok.

An error occurred with error code ‘2147504141’

May 23, 2009 4 comments

I have decided to try and install / test the new Exchange 2010. I have downloaded the Beta from the MS site , prepared a Vmware environment with Windows 2008 Enterprise version.
Installed Windows , patched everything , promoted the machine to a DC and I started Exchange 2010 installation.
After promoting to DC , I remembered the computer name was something like : “PC2hjCJS-blablaxxx22x2” and would not be nice when I will have to test OWA and other stuff so I renamed the DC into something more easy to type and started Exchange installation.
All the preparation tasks were complete now and Exchange started installing the roles and checking the perquisites for the roles installation.
When it came to the HUB installation I got a strange Error.

The execution of: “$error.Clear(); install-ExsetdataAtom -AtomName SMTP -DomainController $RoleDomainController”, generated the following error: “An error occurred with error code ‘2147504141’ and message ‘The property cannot be found in the cache.’.”.

An error occurred with error code ‘2147504141’ and message ‘The property cannot be found in the cache.’.

After digging a while on the web I saw that the error is generated because the IPV6 was ENABLED but did not had an IP address assigned.
You can read a bit more about this on this Technet post :

I have then tried to manually assign an IP address to the IPV6 – Did not help
I have tried to totally disable IPV6 – it did not help
Tried to follow the instructions on the K952842 – did not help

So on Exchange 2007 the install did not work without IPV6 enabled and now on the Exchange 2010 will not work without disabling it ?

Well after a while of trying all kind of stuff I just gave up.

Installed a new Windows 2008 (this time I did a standard edition , just to have some variation) and disabled IPV6 BEFORE I started the Exchange installation.
Patched with all the patches.
Renamed the machine.
Installed IIS and .Net 3.0
Disabled IPV6 on the network adapter and in the registry.
Promoted the machine as DC on a new forest.
Started installation and everything went ok.

So my theory is : You need to disable the IPV6 BEFORE you even start the Exchange 2010 setup and BEFORE the exchange perorms all the test and the pre installation tasks and/or Install IIS after you renamed the machine.

So my theory is correct , at least for my environment.

IPV6 needs to be disabled BEFORE you start exchange 2010 installation tasks or Exchange / IIS does not like the fact that I renamed theĀ  machine after IIS was installed ?

Feel free to come with any arguments and let’s discuss this further if you feel different.