Monday, 21 September 2015

#SCCM 2012R2 - Determine SCCM 2012 CU version

1. Launch registry, navigate HKLM\Software\Microsoft\SMS\Setup
2. On right panel, check on CULevel.

or Power Shell 
  • Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\SMS\Setup -Name "CULevel"

CULevel value is (0). Mean no CU installed.

#SCCM 2012R2 - Software Update Point unable to connect WSUS

Error: System.Net.WebException: The request failed with HTTP status 404: Not Found.~~   at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)~~   at Microsoft.SystemsManagementServer.WSUS.WSUSServer.ConnectToWSUSServer(String ServerName, Boolean UseSSL, Int32 PortNumber)

Event ID: 6703

1. Verify the WsusPool is Started. (Under Application Pools)

2. Verify WSUS port number correct. 
Default port for WSUS Windows 2012, 8530
Default port for WSUS Windows 2008, 80

Tuesday, 15 September 2015

#Exchange 2013 - Exchange server exist in AD schema

Error: The Exchange Server is in an inconsistent state. Only disaster recovery mode is available. Please use Setup /,:RecoveryServer to recover this Exchange server.

1. Log in to AD. Open ADSI Edit, connect AD with configuration.

2. Navigate to Configuration[Domain name] --> CN=Configuration,DC=Domain name,DC=Domain name --> CN=services --> CN=Microsoft Exchange --> CN=Domain name --> CN=Administrative Groups --> CN=Exchange Administrative Group --> CN=Servers.
3. Delete the exchange server with the error above. (example: CN=DO-EXCH)

Thursday, 10 September 2015

#Web application proxy - ADFS Proxy unable to connect second ADFS Proxy server

Enter credential adfs proxy fail.

Ensure that remote management is enabled on the selected server, and then enter the name and password of an account that has administrator rights on that server. For example, or domain\user name.  


1. Add 2nd proxy server to 1st proxy server in server manager.
Follow here 

Monday, 7 September 2015

#O365 - Mailbox can't create on portal

Warning - This user's on-premises mailbox hasn't been migrated to Exchange Online. The Exchange Online mailbox will be available after migration is completed. 

Cause: This is because the user have on-premise Exchange mailbox or/and haven't migrate the mailbox to cloud.


Hybrid mode migration

1. Migrate the mailbox from on premise to cloud.

Direct cut over mode (greenfield)

Delete the user from O365.

1. Move the user out from the sync OU to non-sync OU on AD users and computers.
2. Resync the DirSync.
3. Make sure the user show under deleted users.
7. Force to clear the deleted users on O365.
    Refer to this link.

8. Make the user under Deleted Users was deleted.

Remove the Synchronization of the user attribute to Office 365

1. Open Synchronization Service Manager (miisclient.exe)
2. Click on Management Agents tab, right click Windows Azure Active Directory Connector, select properties.
3. Click on Configure Attribute Flow, 
4. Expend Object Type: User and Object Type: Group, search and locate for msExchMailboxGuid.
5. Select the mapping and delete.
6. Select Select Attributes, search and uncheck the msExchMailboxGuid.

7. Click OK to save the changes.
8. Repeat the step 3-7 for Active Directory Connector Agent. (for step 4, expand Object Type: UserObject Type: Group and Object Type: inetOrgPerson, search and locate for msExchMailboxGuid.)
9. Move back the user from non-sync OU to Sync OU.
10. Resync the dirsync.

If all users cannot create the mailbox, you might need to remove all the users from deleted users, and then reysnc all the user again from on-premise AD.

#Hyper-V - Windows 7/8/10 unable remove Hyper-V

Cannot uninstall Hyper-V from Windows 7/8/10
Cannot uninstall Hyper-V services


1. Remove Hyper-V from program and feature, when restart computer, Windows roll back.


1. Reinstall and repair the windows.
2. Select Upgrade Install Windows and keep file, settings and application.
3. This step won't lose any data, application or settings.
4. Follow the instruction. Different Windows, different step.
5. Usually step will ask you login to windows and run the windows setup CD.
6. After completed reinstall/repair Windows, remove the Hyper-V services.

#O365 - Change User Primary SMTP Email Address with Dirsync

Error: The operation on mailbox "Username" failed because it's out of the current user's write scope. The action 'Set-Mailbox', 'EmailAddresses', can't be performed on this oject "Username" because teh object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.

Solution 1:

1. Run Windows Azure Active Directory Module for Windows PowerShell as administrator.
2. To enable execution policy remotesigned, type

  • Set-ExecutionPolicy RemoteSigned
3. To assign credential right, type

  • $MSCred = Get-Credential
(Enter O365 admin user and password when prompt)

4. To open a connection to O365 server, type

  • $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $MSCred -Authentication Basic -AllowRedirection
5. To enter the Exchange powershell session, type

  • Import-PSSession $Session

6. To change user primary smtp email address, type

  •  Set-Mailbox -identity -WindowsEmailAddress
7. To exit the Exchange powershell session, type

  • Remove-PSSession $Session
Reference: link

Solution 2:
(Eidt AD user attribute)

1, Open Active Directory Users and Computers. Search for the user you want to change the primary smtp email address.
2. Open user properties, select Attribute Editor. (If Attribute Editor not exist, enable advanced features under AD users and computers view or/and open user properties from the actual directory, don't open from the search box)
3. Look for ProxyAddresses, and edit.

4. If no SMTP exist, enter the value as: (with SMTP upper case)

For example:

    If SMTP exist, remove the existing SMTP value, and enter the value as: (with SMTP lower case)

For example:

5. Click add, and the apply the setting.

6. Resync the Dirsync server.

Wednesday, 2 September 2015

#GPO - Missing "Internet Explorer Maintenance" Windows Server 2012/2012 R2

Missing GPO IE Maintenance after restart.
Missing GPO IE Maintenance after upgrade IE8
Missing GPO IE Maintenance after upgrade AD
Missing GPO IE Maintenance 2012/ 2012 R2

Solution 1

  1. If AD Windows server 2008/ 2008 R2, uninstall IE (9,10,11) back to IE 8.
Solution 2

Use another server 2008 R2 with IE8 or Windows 7 with IE8 to manage GPO.

Server 2008 R2
  1. Add server features, Group Policy Management.
  2. Launch the Group Policy Management, connect to domain with domain admin right.

  3. Enter your domain name.
  4. Now Internet Explorer Maintenance is back.
Windows 7 

Refer to this