Send on Behalf and Send As

Posted on by

Send on Behalf and Send As are similar in fashion. Send on Behalf will allow a user to send as another user while showing the recipient that it was sent from a specific user on behalf of another user. What this means, is that the recipient is cognitive of who actually initiated the sending message, regardless of who it was sent on behalf of. This may not be what you are looking to accomplish. In many cases, you may want to send as another person and you do not want the recipient to be cognitive about who initiated the message. Of course, a possible downside to this, is that if the recipient replies, it may go to a user who did not initiate the sent message and might be confused depending on the circumstances. Send As can be useful in a scenario where you are sending as a mail-enabled distribution group. If someone replies, it will go to that distribution group which ultimately gets sent to every user who is a part of that distribution group. This article will explains how to use both methods.

Send on Behalf

There are three ways to configure Send on Behalf. The first method is by using Outlook Delegates which allows a user to grant another user to Send on Behalf of their mailbox. The second method is having an Exchange Administrator go into the Exchange Management Shell (EMS) and grant a specific user to Send on Behalf of another user. The third and final method is using the Exchange Management Console (EMC).

Outlook Delegates

There are major steps in order to use Outlook Delegates. The first is to select the user and add him as a delegate. You then must share your mailbox to that user.

  1. Go to Tools and choose Options
  2. Go to the Delegates Tab and click Add
  3. Select the user who wish to grant access to and click Add and then Ok

Note: There are more options you can choose from once you select OK after adding that user. Nothing in the next window is necessary to grant send on behalf.

  1. When back at the main Outlook window, in the Folder List, choose your mailbox at the root level. This will appear as Mailbox – Full Name
  2. Right-click and choose Change Sharing Permissions
  3. Click the Add button
  4. Select the user who wish to grant access to and click Add and then Ok
  5. In the permissions section, you must grant the user at minimum, Non-editing Author.

Exchange Management Shell (EMS)

This is a fairly simple process to complete. It consists of running only the following command and you are finished. The command is as follows:

Set-Mailbox UserMailbox -GrantSendOnBehalfTo UserWhoSends

Exchange Management Console (EMC)

  1. Go to Recipient Management and choose Mailbox
  2. Choose the mailbox and choose Properties in Action Pane
  3. Go to the Mail Flow Settings Tab and choose Delivery Options
  4. Click the Add button
  5. Select the user who wish to grant access to and click Add and then Ok

Send As

As of Exchange 2007 SP1, there are two ways to configure SendAs. The first method is having an Exchange Administrator go into the Exchange Management Shell (EMS) and grant a specific user to SendAs of another user. The second and final method (added in SP1) is using the Exchange Management Console (EMC).

Exchange Management Shell (EMS)

The first method is to grant a specific user the ability to SendAs as another user. It consists of running only the following command and you are finished. The command is as follows:

Add-ADPermission UserMailbox -ExtendedRights Send-As -user UserWhoSends

Exchange Management Console (EMC)

  1. Go to Recipient Management and choose Mailbox
  2. Choose the mailbox and choose Manage Send As Permissions in Action Pane
  3. Select the user who wish to grant access to and click Add and then Ok

Miscellaneous Information

No “From:” Button

In order for a user to Send on Behalf or Send As another user, their Outlook profile must be configured to show a From: button. By default, Outlook does not show the From: button. In order to configure a user’s Outlook profile to show the From: button:

Replies

If you are sending as another user, the recipient user might reply. By default, Outlook is configured to set the reply address to whoever is configured as the sending address. So if I am user A sending on behalf of user B, the reply address will be set to user B. If you are the user initiating the sending message, you can configure your Outlook profile to manually configure the reply address.

Conflicting Methods

If you are configuring Send on Behalf permissions on the Exchange Server, ensure that the user is not trying to use the Outlook delegates at the same time. Recently, at a client, I was given the task to configure Send As as well as Send on Behalf. As I was configuring Send As on the server, I found out that the client was attempting to use Outlook Delegates at the same time. Send As would not work. Once the user removed the user from Outlook Delegates and removed permissions for that user at the root level of your mailbox that appears as Mailbox – Full Name, Send As began to work. So keep in mind, if you are configuring Send As or Send on Behalf, use only one method for a specific user.

SendAs Disappearing

If you are in a Protected Group, something in Active Directory called SDProp will come by every hour and remove SendAs permissions on users in these protected groups.  What security rights are configured on these security accounts are determined based on what security rights are assigned on the adminSDHolder object which exists in each domain.  The important part for you to remember is that every hour, inheritance on these protected groups will be removed and SendAs will be wiped away.

A good blog article explaining what adminSDHolder and SDprop are and what Protected Groups  is located here.



The Missing Manual Part 1: Veeam B & R Direct SAN Backups

Posted on by

One thing that I had problems with the first time I installed Veeam was the ability to backup Virtual Machines directly from the SAN. Meaning that instead of proxying the data through an ESXi host, the data would flow from SAN to backup server directly. The benefits of this process are very clear… reduced CPU and network load on the ever so valuable ESXi resources.

The problem is that by default this just doesn’t work with Veeam if you haven’t properly setup your backup server. I will try and keep this process simple, and vendor agnostic ( from a SAN point of view).

The first step to making the vStorage API “SAN backup” work is to make sure your backup server has the Microsoft iSCSI initiator installed. It is already installed by default on Windows 2008 server, however for windows 2003 server you will need to go to Microsoft to download the latest version. (Note: You will need to configure your SAN to allow the IQN address of the iSCSI initiator to have access to the volumes on the SAN… this process is different for each vendor. See screen shot on how to find this in the Configuration tab of the iscsi initiator) After installing MS iSCSI initiator, and setting up your SAN, we need to configure it to see the SAN volumes; do this by opening the “iSCSI initiator” option from control panel. At the top of the main tab there is a field where you can put your SAN’s IP address, enter that now and then press Quick Connect. Shortly a list of all of the volumes that your backup server has access to should appear, once they do select each one and press the “connect” button. Because the volumes are formated VMFS windows will not show them in My Computer, but if you go to Disk Management inside of Computer manager you should now see that the backup server can see these volumes.

Update: A note from the Veeam Team “One thing that we (Veeam) recommends is to disable automount on your Windows backup server. To do this open up a command prompt and enter in diskpart. Hit enter and then type “Automount disable”. This is to ensure that the Windows server doesn’t try and format the volumes at all. However, before any of this is done if you can through your SAN software, give the Veeam Backup server Read-Only access to your VMFS volumes.”

After preforming these steps go ahead and configure Veeam to use the SAN backup option, and you should notice (especially if you have separate NICs for the SAN network) that all of your data is moving through the SAN directly to the backup server without proxying through the ESXi hosts.

How to determine which service pack of sql server is installed

Posted on by

To get to know what service pack is installed on a sql server instance you can obtain the current version of SQL Server and then look up to which service pack it correspond or you may use query against SQL Server instances starting from sql server 2005.

1
2
3
SELECT SERVERPROPERTY('productversion') as productversion
,SERVERPROPERTY('productlevel') as productlevel
,SERVERPROPERTY('edition') as edition

which returns exactly what you need like

product version         productlevel              edition
——————– ——————– ——————–
9.00.3068.00           SP2                             Developer Edition

For more information read Microsoft Knowledge Base article 321185.
To determine what is the version of SQL Server inctance run query.

1
select @@version

Then look up the version number up in one of the tables below.

For SQL Server 2005:

@@version Version and Service Pack
    9.00.4028.00 SQL Server 2005 with service pack 3
9.00.3054.00 SQL Server 2005 with service pack 2 GDR2.
9.00.3050 SQL Server 2005 with service pack 2 GDR1.
9.00.3042 SQL Server 2005 with service pack 2.
2005.90.2047 SQL Server 2005 with service pack 1
2005.90.1399 SQL Server 2005 with no service pack applied

For SQL Server 2000:

@@version Version and Service Pack
8.00.2039 SQL Server 2000 with Service Pack 4
8.00.760 SQL Server 2000 with Service Pack 3a
8.00.760 SQL Server 2000 with Service Pack 3.
8.00.532 SQL Server 2000 with Service Pack 2
8.00.384 SQL Server 2000 with Service Pack 1
8.00.194 SQL Server 2000 with no service pack applied

For SQL Server 7:

version Service Pack
7.00.1063 SQL Server 7 with Service Pack 4
7.00.961 SQL Server 7 with Service Pack 3
7.00.842 SQL Server 7 with Service Pack 2
7.00.699 SQL Server 7 with Service Pack 1
7.00.623 SQL Server 7 with no service pack applied

For SQL Server 6.5:

version Service Pack
6.50.479 SQL Server 6.5 with Service Pack 5a (updated)
6.50.416 SQL Server 6.5 with Service Pack 5a.
6.50.415 SQL Server 6.5 with Service Pack 5
6.50.281 SQL Server 6.5 with Service Pack 4
6.50.258 SQL Server 6.5 with Service Pack 3
6.50.240 SQL Server 6.5 with Service Pack 2
6.50.213 SQL Server 6.5 with Service Pack 1
6.50.201 SQL Server 6.5 with no service pack applied

For SQL Server 6:

version Service Pack
6.00.151 SQL Server 6 with Service Pack 3
6.00.139 SQL Server 6 with Service Pack 2
6.00.124 SQL Server 6 with Service Pack 1
6.00.121 SQL Server 6 with no service pack applied

KILLING A WINDOWS SERVICE THAT SEEMS TO HANG ON “STOPPING”

Posted on by

It sometimes happens (and it’s not a good sign most of the time): you’d like to stop a Windows Service, and when you issue the stop command through the SCM (Service Control Manager) or by using the ServiceProcess classes in the .NET Framework or by other means (net stop, Win32 API), the service remains in the state of “stopping” and never reaches the stopped phase. It’s pretty simple to simulate this behavior by creating a Windows Service in C# (or any .NET language whatsoever) and adding an infinite loop in the Stop method. The only way to stop the service is by killing the process then. However, sometimes it’s not clear what the process name or ID is (e.g. when you’re running a service hosting application that can cope with multiple instances such as SQL Server Notification Services). The way to do it is as follows:

  1. Go to the command-prompt and query the service (e.g. the SMTP service) by using sc:

    sc queryex SMTPSvc

  2. This will give you the following information:

    SERVICE_NAME: SMTPSvc
    TYPE               : 20  WIN32_SHARE_PROCESS
    STATE              : 4  RUNNING
    (STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE    : 0  (0×0)
    SERVICE_EXIT_CODE  : 0  (0×0)
    CHECKPOINT         : 0×0
    WAIT_HINT          : 0×0
    PID                : 388
    FLAGS              :

    or something like this (the “state” will mention stopping).

  3. Over here you can find the process identifier (PID), so it’s pretty easy to kill the associated process either by using the task manager or by using taskkill:

    taskkill /PID 388 /F

    where the /F flag is needed to force the process kill (first try without the flag).

Please be careful when you do this; it’s useful for emergencies but you shouldn’t use it on a regular basis (use it as a last chance to solve the problem or to avoid the need of a reboot in an exceptional situation). It can even be used to stop a service that has the “NOT-STOPPABLE” and/or ”IGNORES_SHUTDOWN” flag set (e.g. Terminal Services on a Windows Server 2003 is non-stoppable), at least when it’s not hosted in the system process. You can query all this information by means of the sc command.

For real freaks (don’t do this on a production machine!): if you want to show the behavior of the “Blaster” worm which caused the RPC service to stop, try to stop the RPC service (but safe your work first :-) ). It’s pretty simple to do if you have administrative privileges (just a great example of why you should NOT run as a high-privileged user on the system). When you succeed in killing the process (pretty straightforward), you’ll see the shutdown countdown popping up (if you’ve seen Blaster in action in the past, you’ll have a deja-vu). You can stop this by typing the command shutdown -a (abort shutdown), as I posted previously in the Blaster-timeframe since this wasn’t known very well and it was quite useful to abort the started shutdown in order to apply the patch. You can even restart the service then by using sc again. Notice that if the RPC is stopped, you can’t even connect to the MMC console for the Services management (services.msc) since this relies on RPC. So, you really can’t start the service again by using the MMC snap-in. The only way to start the service again is by using sc start <servicename>. The output of this (nice but at the same time ugly) demo looks like this (again, don’t try this at home; I’m not responsible for any damage or data loss possible):

C:\Documents and Settings\Administrator>sc queryex rpcss

SERVICE_NAME: rpcss
TYPE               : 20  WIN32_SHARE_PROCESS
STATE              : 4  RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN))

        WIN32_EXIT_CODE    : 0  (0×0)
SERVICE_EXIT_CODE  : 0  (0×0)
CHECKPOINT         : 0×0
WAIT_HINT          : 0×0
PID                : 2332
FLAGS              :

C:\Documents and Settings\Administrator>taskkill /pid 2332 /F
SUCCESS: The process with PID 2332 has been terminated.

C:\Documents and Settings\Administrator>shutdown /a

C:\Documents and Settings\Administrator>sc start rpcss

SERVICE_NAME: rpcss
TYPE               : 20  WIN32_SHARE_PROCESS
STATE              : 2  START_PENDING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN))

        WIN32_EXIT_CODE    : 0  (0×0)
SERVICE_EXIT_CODE  : 0  (0×0)
CHECKPOINT         : 0×0
WAIT_HINT          : 0x7d0
PID                : 2520
FLAGS              :

C:\Documents and Settings\Administrator>sc queryex rpcss

SERVICE_NAME: rpcss
TYPE               : 20  WIN32_SHARE_PROCESS
STATE              : 4  RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN))

        WIN32_EXIT_CODE    : 0  (0×0)
SERVICE_EXIT_CODE  : 0  (0×0)
CHECKPOINT         : 0×0
WAIT_HINT          : 0×0
PID                : 2520
FLAGS              :

If you decide to try it (ignoring my warnings), don’t rely on the system afterwards since various applications will have suffered from this. I’m experimenting with these things myself only on a Virtual PC with undo disks enabled.

To go short: sc is one of my favorite commands to mess around with services (install, uninstall, etc) and to query for information on services. The sc command can also be used to query all the active drivers on the system. If you don’t like system-beeps for example, you can use sc stop Beep to stop the according driver. But please again, be careful when you play with it. Fortunately, disastrous driver stoppings are not possible and will be denied by sc.

More info on sc.exe can be found via http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sc.mspx

How to Make the Shutdown Button Unavailable by Using Group Policy

Posted on by

How to Make the Shutdown Button Unavailable by Using Group
Policy

You can use Group Policy Editor to make the Shutdown button unavailable in the Log On to Windows dialog box that appears when you press
CTRL+ALT+DELETE on the Welcome to Windows screen.

To Edit the Local Policy on a Windows 2000-Based Computer

To
make the Shutdown button unavailable on a standalone Windows
2000-based computer:

  1. Click Start,
    and then click Run.
  2. In the Open box, type gpedit.msc, and then click OK.
  3. Expand Computer
    Configuration    , expand Windows Settings, expand Security
    Settings    , expand Local Policies, and then click Security
    Options    .
  4. In the right pane, double-click Shutdown:Allow
    system to be shut down without having to log on    .
  5. Click Disabled, and then click OK.NOTE: If domain-level policy settings are
    defined, they may override this local policy setting.
  6. Quit Group Policy Editor.
  7. Restart the computer.

To Edit the Group Policy in a Domain

To edit a domain-wide
policy to make the Shutdownbutton unavailable::

  1. Start the Active Directory Users and
    Computers snap-in. To do this, click Start, point toPrograms, point to Administrative Tools, and then click Active Directory Users and Computers.
  2. In the console, right-click your domain, and
    then click Properties.
  3. Click the Group
    Policy    tab.
  4. In the Group Policy Object Links box, click the group policy for which you
    want to apply this setting. For example, click Default
    Domain Policy    .
  5. Click Edit.
  6. Expand User
    Configuration    , expand Administrative Templates, and then clickStart Menu & Taskbar.
  7. In the right pane, double-click Disable and remove the Shut Down command.
  8. Click Enabled, and then click OK.
  9. Quit the Group Policy editor, and then
    click OK.

Troubleshooting

Group Policy changes are not immediately
enforced. Group Policy background processing can take up to 5 minutes to be
refreshed on domain controllers, and up to 120 minutes to be refreshed on client
computers. To force background processing of Group Policy settings, use the
Secedit.exe tool. To do this:

  1. Click Start,
    and then click Run.
  2. In the Open box, type cmd, and then click OK.
  3. Type secedit /refreshpolicy user_policy, and then press ENTER.
  4. Type secedit /refreshpolicy machine_policy, and then press
    ENTER.
  5. Type exit, and then press ENTER to quit the command prompt.

Mapping MSCRM fields from Opportunity Product to Quote Product

Posted on by

MSCRM has an oversight in the default Opportunity-Quote-Order process in taking fields entered at the Opportunity Product stage and having these mapped to any resulting Quote Product or Order Product records.

This means that any fields (such as the field we added to the Opportunity Product screen to track the Product Number of the Product entered from main post in this category) are not mapped over to the resulting Quote Products on our Quote.

This obviously would be confusing to the end-user!

However whilst MSCRM does not directly list the relationship between a Quote Product and Opportunity Product within the available Customisation User Interface – this relationship (and crucially it’s Mappings) are available to us.

The following steps allow us to add or remove mappings to this relationship, and ensure that our custom Product Number field is mapped across.

STEP 1 - Run a SQL Query against the MSCRM Database (typically X_MSCRM where X is your Organisation Name for the MSCRM Deployment) to determine the GUID Id of the Relationship between the Quote Product Entity and the Order Product Entity.

1
2
3
SELECT EntityMapId
FROM EntityMapBase
WHERE TargetEntityName='quotedetail' AND SourceEntityName='opportunityproduct'

STEP 2 – Take the output of this SQL Query and insert this into the following URL:

1
http://[x]/Tools/SystemCustomization/Relationships/Mappings/mappingList.aspx?mappingId=[y">http://[x]/Tools/SystemCustomization/Relationships/Mappings/mappingList.aspx?mappingId=[y]

Where [x] is the URL address of the MSCRM Deployment in question and [y] is the GUID Id output of the SQL Query

STEP 3 – This will present the Relationship Mapping screen for mapping attributes from the Opportunity Product entity to the Quote Product entity:

From here, any number of mappings can be added to define how the Products attached to an Opportunity are mapped across when a Quote is added to the Opportunity. (obviously any changes or additional mappings will need to be published in usual MSCRM fashion)

The same steps can also be used for controlling how fields are mapped across from Quotes to Orders in a similar fashion:

1
2
3
SELECT EntityMapId
FROM EntityMapBase
WHERE TargetEntityName='salesorderdetail' AND SourceEntityName='quotedetail'

And similarly how fields are mapped from Order Products to Invoice Products:

1
2
3
SELECT EntityMapId
FROM EntityMapBase
WHERE TargetEntityName='invoicedetail' AND SourceEntityName='salesorderdetail'

This is a useful technique when working with any custom fields in a Opportunity-Quote-Order process in MSCRM.

Synchronize time with external NTP server on Windows Server

Posted on by

Time synchronization is an important aspect for all computers on the network. By default, the clients computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source. I usually use the servers listed at the NTP Pool Project website. Before you begin, don’t forget to open the default UDP 123 port (in- and outbound) on your firewall.

  1. First, locate your PDC Server. Open the command prompt and type:
    1
    C:\>netdom /query fsmo
  2. Log in to your PDC Server and open the command prompt.
  3. Configure the external time sources, type:
    1
    w32tm /config /manualpeerlist:"0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org",0x8 /syncfromflags:MANUAL
  4. Re sync the time services, type:
    1
    w32tm /resync /nowait

NOTE: when doing this on SBS you may get an access denied error if you do remove: /reliable:yes from the line on number 3.