Error transfering Schema Master role from Windows 2003 to 2008

After tranfering the first 4 operation master roles without a problem from windows 2003 to the new windows 2008 server, the Schema Master role gave an error using the Active Directory Schema mmc add-in:

The parameter is incorrect.
The transfer of the current Operation Master could not be preformed.

Solution: First check if the windows 2003 role owner is alive and you can reach that server. You can check which server holds the role “netdom query fsmo”. If that all is fine try moving the role with ntdsutil.
Open a command prompt on your windows 2008 server and type: ntdsutil
Type roles and then press ENTER
Type connections, ENTER
Type connect to server , ENTER
Type q, ENTER
Type Transfer schema master, ENTER
You will get a warning message choose Yes to continue.
Then type q and again q to exit ntdsutil.

You can use: Transfer domain naming master, Transfer infrastructure master, Transfer PDC and Transfer RID master if you also would transfer the other FSMO roles with ntdsutil.

Posted in Blog, Windows 2008 at October 31st, 2010. No Comments.

SharePoint Services 3 Search event errors after applying certificate on a SBS2008 server

It seems that changing the search accounts, creates a problem with installing SharePoint updates like SP2. So before changing the search accounts read this article!

After installing a ssl certificate on a SBS 2008 server you get 2 different SharePoint Services 3 Search event errors.

Event ID: 2424
The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again

Event ID: 2436
The start address cannot be crawled.
Context: Application ‘Search inde file on the search server’, Catalog ‘Search’
Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository. If the repository being crawled is a SharePoint repository, verify that the account you are using has “Full Read” permissions on the SharePoint Web Application being crawled. (0x80041205)

Solution: Got this solution from my brother, thanx for that:

First we have to create 2 service accounts: SPSearch and SPContent

  1. On your SBS, open Active Directory Users & Computers (Start –> Administrative Tools –> Active Directory Users & Computers.
  2. Within ADU&C, navigate to the Organizational Unit where you want to create the new user accounts.
  3. Right-click on the OU and select New –> User
  4. On the first page of the new user window, enter the following info:
    o First Name: SPSearch
    o Last Name:
    o Username: spsearch
  5. Click Next.
  6. Enter a strong password for the new account.
  7. Uncheck the option “User must change password at next login”
  8. Check the option “User cannot change password”
  9. Check the option “Password never expires”
  10. Click Next
  11. Click Finish.
  12. Repeat steps 3-11, using “SPContent” instead of “SPSearch” in step 4

We do not have to worry about granting any access or permissions to the two new accounts we created.
After the accounts have been created, close Active Directory Users & Computers, then open SharePoint Central Administration (Start –> Administrative Tools –> SharePoint 3.0 Central Administration).

  1. When SharePoint 3.0 Central Administration opens, go to the Operations tab.
  2. Click on the “Services on Server” link
  3. In the Action column, click the link to Stop the “Windows SharePoint Services Search” service.
    o You will receive a warning that stopping the search service will remove existing indices. Click OK to acknowledge the warning.
  4. When you return to the SharePoint Central Administration Operations tab, the Windows SharePoint Search Service will show as stopped. Click the link to Start the Windows SharePoint Services Search service. This will open the Search service configuration page.
  5. In the Service Account section, select the “Configurable” option
    o. For a username, enter \SPSearch (where is your AD domain).
    o. For a password, enter the strong password you assigned to the SPSearch account.
  1. In the Content Access Account section, select the “Configurable” option
    o. For a username, enter \SPContent (where is your AD domain)
    o. For a password, enter the strong password you assigned to the SPContent account.
  2. In the Search Database section, change the database name by appending and underscore 1 (“_1”) to the database name.
    o By default, the database name should be WSS_Search_[SERVERNAME], so we’re changing it to WSS_Search_[SERVERNAME]_1.
    o Changing the name is necessary because the default database name already exists with search data. If we attempted to use the default database name, SharePoint would throw an error that the database contains user-defined schema and cannot be used. By changing the search database name on this configuration page, SharePoint Central Administration will create a new database using this name and configure search to use this new database. Since the new database is empty, we won’t encounter any errors.
  1. Accept the remaining defaults and click the OK button.

After clicking OK, the settings should be applied and you should return to the “Services on Server” page in SharePoint Central Administration, and the Windows SharePoint Services Search” service should be listed as started.

Close SharePoint Central Administration and open the Services MMC (Start –> Administrative Tools –> Services). Restart the Windows SharePoint Services Search service. Verify that the Windows SharePoint Services Search service is configured to login with the SPSearch account you created.

And as last we have to create the following registry key:
[HKLM\System\CurrentControlSet\Control\Lsa] “DisableLoopbackCheck”=dword:00000001

Posted in Blog, SBS 2008 at October 26th, 2010. 2 Comments.

SQL Server (dbname) service won’t start after promoting the server to a domain controller

When you promote your windows member server to a domain controller the SQL Server (dbname) service won’t start anymore.

The system event log notes error even id: 7024 “The SQL Server (dbname) service terminated with service-specific error 17113 (0x42D9).”

Solution: This is because the SQL Server (dbname) service is started under the local system account, this doesn’t work on a domain controller. Start the service under a user account with enough rights.

Posted in Blog, SQL 2005, SQL 2008 at October 22nd, 2010. 2 Comments.

SQL Maintenance Plan won’t start

After creating a Maintenance Plan in SQL 2008 to create a backup or something. You’ll notice it hasn’t run by schedule. But if you copy the T-SQL and execute it as an query it qorks fine.
When you take a look at the application event log, you will see an event id: 208 on the SQLAgent$EXACTSQL source.

“SQL Server Scheduled Job ‘MaintenancePlan.Subplan_1’ (number) – Status: Failed – Invoked on: time – Message: The job failed. The Job was invoked by Schedule 9 (MaintenancePlan.Subplan_1). The last step to run was step 1 (Subplan_1).”

Solution: You have to install SQL 2008 Integration Services.
Another thing which can cause a problem is when the SQL ServerAgent service isn’t started or started with wrong credentials, make sure it’s started with user credentials that has access.

Posted in Blog, SQL 2008 at October 18th, 2010. No Comments.

MSExchangeTransport error, EventID: 12014 on a Exchange 2010 server

On the Exchange 2010 with the Hub Transport role installed you get several EventID 12014 errors on the MSExchangeTransport source.
“Microsoft Exchange could not find a certificate that contains the domain name mail.domain.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector “your send or receive Connector” with a FQDN parameter of mail.domain.com. If the connector’s FQDN is not specified, the computer’s FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.”

Solution: This error will occur when the FQDN you have entered in the send or receive connector doesn’t match with the FQDN names used at your exchange certificates.

You can change the FQDN at the connector to a name available on you certificate or install a new certificate with the right FQDN name.
It can also be that the SMTP service is not bind to the right certificate, in this case you can bind the SMTP service to the certificate using this FQDN.

Posted in Blog, Exchange 2010 at October 14th, 2010. 2 Comments.

SBS 2008 or SBS 2011 installation error “The User Role Cannot be found. Select a different User Role” on Hyper-V

When installing SBS 2008 or SBS 2011 in Hyper-V you get the error “The User Role Cannot be found. Select a different User Role” during installation.

Solution: Problem is caused by different time zone settings. If Hyper-V has enabled time synchronization, this is the default settings, the time zone of the host and the guest has to be the same. If not this error will occur and only solution is to start over and reinstall SBS.

Recommendation is to turn off time syncronization for the SBS Hyper-V.
Start Hyper-V manager, select your SBS server and choose settings.
At the management part choose Intergration Services.

Then uncheck Time synchronization.

More information can be found here: KB 2097035

Update: error also occurs with SBS 2011.

Posted in Blog, Hyper-V, SBS 2008, SBS 2011 at October 8th, 2010. 1 Comment.

Sharing Buttons by Linksku