Posted on

Exchange 2010 Certificate Wizard request wont complete with Certificate Services

Exchange 2010 includes a certificate wizard to help you generate a certificate request without having to manually type each of the fields and make your own requests in the certificates MMC. Unfortunately you then cannot complete the request using the Microsoft certification authority as you get an error message. Normally this error is along the likes of “Bad TAG” or “Certificate not issued (Incomplete)”

Credits to Laurance at Dell for the solution to this particular error which turned out to be that the CSR generated by Exchange 2010 is in Unicode format and certificate services is expecting it to be in ANSI. Simply open the request file in notepad and save it in ANSI file format. Make sure to surround the entire file name in quotes to preserve the file extension and change the file name from the original.

 

Now you will get a new error because exchange hasn’t included a certificate template along with the request and certificate services needs to know which template to use. Open a CMD window (as admin or you will get another error) and type in the following: certreq -attrib “CertificateTemplate:WebServer” you should then be prompted to browse for your request file and if all is well for a place to save the completed certificate. Then you can use this certificate file to complete the pending request with the exchange 2010 certificate wizard.

Posted on

Deploying Lync 2010 Client as with Batch file

There are two versions of the Lync 2010 client, one for x86 and one for x64.  My understanding is that the client itself is 32bit but a number of the pre-requisits (silverlight & c++ reditributible) are arhitecture specific.  If you run the wrong version you will get an error message.

If you are sure all your machines have already met all the pre-requisits you can simply take the msi file from a machine which has already had the lync client installed and deploy that in the usual way.  (By default it is here: C:\Program Files (x86)\OCSetup\lync.msi)

But for most environments we cant be sure all the machines have met the pre-reqs and it may not be possible to just run one of the versions as you may have a mixed environment of x86 and x64.  This was the case for my environment and I ended up deploying the client with the following script configured as a computer start up script.  (if your users have admin rights you can run this as a logon script, but they dont have admin rights do they?)

If Exist %systemroot%\%computername%.txt goto END
If Exist “C:\Program Files (x86)\” goto X64
Set ARCHITECTURE=x86
IF NOT EXIST “%USERPROFILE%\Lync_Client\X86? MKDIR “%USERPROFILE%\Lync_Client\X86?
pushd “\\domain.com\staff\Installs\Lync\x86\”
XCOPY “*.exe” “%USERPROFILE%\Lync_Client\X86? /I /Y /Q
“%UserProfile%\Lync_Client\%ARCHITECTURE%\LyncSetup.exe” /install /silent /fulluisuppression
Echo “Lync client Successfully installed” on %COMPUTERNAME% >\\domain.com\staff\Installs\Lync\Lync_Client_Deployment_Results\%computername%.txt
Echo “Lync client Successfully installed” on %COMPUTERNAME% > %systemroot%\%Computername%.txt
:X64
If NOT EXIST “C:\Program Files (x86)\” goto END
Set ARCHITECTURE=x64
IF NOT EXIST “%USERPROFILE%\Lync_Client\X64? MKDIR “%USERPROFILE%\Lync_Client\X64?
pushd “\\domain.com\staff\Installs\Lync\x64\”
XCOPY “*.exe” “%USERPROFILE%\Lync_Client\X64? /I /Y /Q
“%UserProfile%\Lync_Client\%ARCHITECTURE%\LyncSetup.exe” /install /silent /fulluisuppression
Echo “Lync and Office clients Successfully installed” on %COMPUTERNAME% >”\\domain.com\staff\Installs\Lync\Lync_Client_Deployment_Results\%Computername%.txt”
Echo “Lync and Office clients Successfully installed” on %COMPUTERNAME% > %systemroot%\%Computername%.txt
:END
EXIT

As mentioned earlier, you can then deploy this script via Group Policy or your favorite deployment mechanism.  Note that the Lync installer must be run as a user with rights to install software.  For this reason, it may be easier to install as a computer startup script.  I also reccomend you used a DFS share for all your scripts/policies as it allows you to change the servers behind the share without actually changing the share name and having to edit all your scripts/policies.

Make sure the user/computers accounts have permission to write to the Lync_Client_Deployment_Results folder and also make sure you have extracted the client and put the relevant x64 and x86 client installers into the correct folders. e.g. put the x64 installer in \\domain.com\staff\Installs\Lync\x64\ and the x86 installer in \\domain.com\staff\Installs\Lync\x86\

Posted on

Microsoft excel files are slow to load with excel 2003 and the office validator add-in is installed.

Recently we have been experiencing problems with excel 2003, more specifically files are very slow to open on network drives on some machines. Opening the same file from a local copy works fine. It also loads perfectly on excel 2007 and 2010. Upon examination it became apparent that the computers exhibiting this slow loading behaviour all had the “office file validator” installed. Armed with this information I came across this http://support.microsoft.com/kb/2570623 where microsoft basically tell you to work around the issue or install office 2007 or 2010.
So the only options are:
1. Copy the file locally and open it.
2. Remove the office validator add-in (and accept the increased risk)
3. Disable the office validator for excel files
4. Upgrade to office 2007 or 2010
The following reg entry disables the file validation check for excel and works around the issue.
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileValidation]
“EnableOnLoad”=dword:00000000

Posted on

Customizing the ItemStyle.XML to style content queries

On a sharepoint installation I am working on the main homepage is built from a number of content queries which are all configured to use a blog site in the same site collection.  The functionality out of the box is great in terms of filtering which posts appear but a little less so in terms of what the links look like.  To my dismay it appears that the content query web parts completely ignore any CSS overrides and do thier own thing.  In order to style them I found myself editing the itemstyle.xml file which can be found at the root of the site under “Style Library>XSL Style Sheets>ItemStyle.XML”

It is possible to simply edit one of the existing xsl templates within the file however I prefered to copy and paste an existing style template, change its name and then adjust it until I achived the style I wanted.  The benefit of doing it this way is that the existing styles are all preserved.  To use the new style simply select it in the content query web part.  I have attached the additional text I added to the file which creates a new style called “BlogPostBlack”

Make sure to publish a new major version when you are done and if version control is not enabled take a backup of the file before you change it.

 

<xsl:template name=”BlogPostBlack” match=”Row[@Style=’BlogPostBlack’]” mode=”itemstyle”>

        <xsl:variable name=”SafeLinkUrl”>

            <xsl:call-template name=”OuterTemplate.GetSafeLink”>

                <xsl:with-param name=”UrlColumnName” select=”‘LinkUrl’”/>

            </xsl:call-template>

        </xsl:variable>

        <xsl:variable name=”DisplayTitle”>

            <xsl:call-template name=”OuterTemplate.GetTitle”>

                <xsl:with-param name=”Title” select=”@Title”/>

                <xsl:with-param name=”UrlColumnName” select=”‘LinkUrl’”/>

            </xsl:call-template>

        </xsl:variable>

        <div class=”custom_posttitle”>

            <xsl:call-template name=”OuterTemplate.CallPresenceStatusIconTemplate”/>

            <font size=”3?><a style=”font-weight:bold;color:#3B2A31? href=”{$SafeLinkUrl}” title=”{@LinkToolTip}” onClick=”document.getElementById(‘divIDName’).style.color=’#907673?”>

              <xsl:if test=”$ItemsHaveStreams = ‘True’”>

                <xsl:attribute name=”onclick”>

                  <xsl:value-of select=”@OnClickForWebRendering”/>

                </xsl:attribute>

              </xsl:if>

              <xsl:if test=”$ItemsHaveStreams != ‘True’ and @OpenInNewWindow = ‘True’”>

                <xsl:attribute name=”onclick”>

                  <xsl:value-of disable-output-escaping=”yes” select=”$OnClickTargetAttribute”/>

                </xsl:attribute>

              </xsl:if>

              <xsl:value-of select=”$DisplayTitle”/>

            </a>

            </font>

        </div>

                <xsl:variable name=”StartDate”>

                                <xsl:value-of select=”ddwrt:FormatDateTime(string(@PublishedDate), 1033, ‘g’)” />

                </xsl:variable>

                <div class=”custom_date”>

                                <xsl:value-of select=”$StartDate” />

                </div>

                <div class=”custom_description”>

                                <xsl:value-of select=”@Body” disable-output-escaping=”yes” />

                </div>

  </xsl:template>

Posted on

Sharepoint blog comment text colour css

In my efforts to brand a SharePoint installation with a number of unusual colours I found my self struggling with the comments text on the blog pages. Comments were always being displayed in a light grey which was hard to read against a slightly off white background. To make things worse when a user is creating a comment they have no control over font/colour.  I ended up using the following CSS to force the comments to be displayed in a much darker colour.

H3.ms-CommentHeader {
POSITION: relative; PADDING-BOTTOM: 0px; MARGIN: 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; COLOR: #1e1e1e; FONT-SIZE: 1.6em; RIGHT: auto; FONT-WEIGHT: normal; PADDING-TOP: 0px; TOP: -0.25em; LEFT: -2px
}
H4.ms-CommentTitle {
PADDING-BOTTOM: 0px; LINE-HEIGHT: 1.7em; MARGIN: 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; COLOR: #1e1e1e; FONT-SIZE: 8pt; PADDING-TOP: 0px
}
.ms-CommentBody {
PADDING-BOTTOM: 12px; LINE-HEIGHT: 1.7em; WIDTH: 775px; COLOR: #1e1e1e; FONT-SIZE: 8pt; PADDING-TOP: 6px

Posted on

Exchange 2010 Messages stuck in queue to remote AD site

I have recently been working on implementing a number of new exchange 2010 servers and had an issue where some mail was getting stuck in a queue. For example messages from mailboxes on Server B to mailboxes on Server A end up in one of Server B’s queues called “SMTP Relay to Remote Active Directory Site.” and the last error is 451 4.4.0 Primary Target IP address responded with: “421 4.4.2 Connection dropped.

Now I knew it wasn’t a firewall or network issue as I could telnet into port 25 from each of the servers to each other and sending email in this way also worked. Curiously I couldn’t see anything in the event logs either. The Mail Flow Troubleshooter gives the message ”It appears that the SMTP service and SMTP instance(s) on server A are started but the port did not respond. Check if there are any network errors or hung services.” Also gives “Error submitting mail.” The issue remains after a service and server restart.

The resolution for me was to re-assign the original self signed certificate to the SMTP service instead of the 3rd party CA signed certificate we were using for OWA. (even though it had a valid SAN for the internal FQDN) and then restart the transport service on server A. Once the SMTP service was using the self signed cert all the queued mail was delivered. I hope this helps someone else out there struggling with this issue.