SBS 2011 Migration preparation tool: Error is found in DNS Zone domain.local

When running the Windows Small Business Server 2011 Standard Migration Preparation Tool it errors out with: “Error is found in DNS Zone domain.local”.

Description: In DNS zone domain.local, your local server is not in the name server records. Migration will fail without fixing this issue. Go to http://support.microsoft.com/kb/2578426 for more details.

When you just follow the link proposed you will find some possible solution for checking if the dns zone is set to Type: Active Directory-Integrated and that Dynamic updates is set to Secure only. Also to make sure on the Name Servers tab the source server is listed with correct name and / or ip address.

All those settings were correct but the error keeps occuring. After some more research I found this thread with the same issue, solution for this thread was contacting microsoft support who complete rebuild the dns zone. With this information I had seen a minor difference with other SBS dns servers.

In this customers DNS server when you take a look within the domain.local forward zone there was no _msdcs entry. There was a _msdcs.domain.local zone, so everything was like this picture accept the record within the red circle was missing.

After noticing that the solution is as follows:

1. First delete the _msdcs.domain.local dns zone (of course it would be wise to start with making a good backup, but this should have been done before you even start with running the migration preparation tool)
2. Create a new primary forward dns zone, _msdcs.domain.local
3. Open a command prompt and run ipconfig /registerdns
4. Last restart the net logon service. After restaring the net logon service all the _msdcs.domain.local and the _mcdcs record are automatically recreated.

Re-run the migration preparation tool and the error was gone.

Update: There has now been a official SBS Team post on this issue, read here for additional information.

Posted in Blog, SBS 2011 at October 20th, 2011. 17 Comments.

How to: disable or change the 4 digit pin code that is enabled after mobile device connects to the Exchange 2010 within SBS 2011

After you have configured your mobile device to receive its business e-mail via ActiveSync from your SBS 2011 Exchange 2010 server, it is asking for a 4 digit pin code. This is because the default configuration on the SBS 2011 Exchange Server is to require a password for ActiveSync devices when they are going to synchronize with your server.

To disable or change this feature open Exchange Management Console, go to Organization Configuration, Client Access and choose the Exchange ActiveSync Mailbox Policies. Do properties on the Default policy and select the Passwords tab.

To completely disable the password remove the check at Require password. Of course you can also change the settings to your own requirements.

You can also create separate Mailbox policies with different settings, so you can set other policies for different users. When you create a new policy and want to attach it to a user, go to Recipient Configuration, Mailbox, do properties for the Mailbox user you want to change the policy.

Select the Mailbox Features tab, select Exchange ActiveSync and choose properties, now you can browse to select the other policy you have created.

Some additional information about what settings you can control with the ActiveSync policy are listed over here: Understanding Exchange ActiveSync Mailbox Policies

Please note not all features are supported with all kinds of mobile clients, so before you configure the settings make sure the settings are supported with your type of mobile devices.

Posted in Blog, Exchange 2010, Howto, SBS 2011 at October 11th, 2011. 7 Comments.

Sharing Buttons by Linksku