I wanted to add the ability to send messages to users on my domain for a few reasons. One of the main reasons is to let them know when the server might be going down etc.
The built in tool that does this is called NET SEND. To use it open a command prompt and type in: net send %computername% %message%. There are many things you can do with this but I’m not going to get into that just yet.
I was successful at it by manually turning on the Messenger service on my workstation. Again command prompt: services.msc. Locate the messenger service and enable it. But I have about 30 users and didn’t want to go to each workstation. So I was on the hunt how to do this using Group Policy from the server. After many blunderings I think I found it, because it does work…
First you want to create a Group policy object and link it to an OU that you will be using the policy for. Give it a friendly name like NET SEND or something. Then here’s the edits to make it go…
***CAUTION***I am a novice at these things so please be careful!
Computer configuration->Administrative Templates->Windows Components->Windows Messenger set the 2 items to ‘disabled’
Computer Configuration->Windows Settings->Security Settings->System Services->Messenger to Automatic.
Then force the group policy to update: (gpupdate /force).
Odly enough someone in IRC tipped me off that sometimes the workstations need to be restarted twice. I’m not sure why that is but it did work.
Now I’m not sure what adverse or unsafe situation this may present. I always make notes of what changes I’ve made, and when. If anyone reading this has any insight to any negative impact this may have by enabling this service please speak up! (I do know messenger in itself could be troublesome if not protected well).
Technorati Tags: Exchange, net send, windows services
Posted by ^Lestat on Wednesday, December 13th, 2006
I was having some major issues getting ActiveSync to work with some Treo 700w’s we purchased for our sales force.
A lot of this was because of my inexperience with Exchange 2003, and Windows Mobile 5.
A few days ago after spending about 6 hours on this and some phone time with palm (which is a horrible experience by the way), I discovered that you can’t sync both to the server and to a PC. Technically you can except for the email, but you want that to sync via the server anyways to get up to date email. So I pretty much left all the USB cables in the box.
I was using a “homegrown” certificate for my OWA SSL setup. As a result was also getting a sync code (I can’t recall which it was) that there was a certificate issue with the server. After further searching I found out that homegrown certificates do not play well with wm5 and the treo700w. The palm site recommended a few trusted vendors for this phone on their site. So I went and bought a shiny new certificate from entrust.com. This was a very good experience. The sales/ technical people were extremely friendly and spoke to you in lay mens terms. They were also very professional and knew their stuff.
After requesting and installing the certificate (which only took about 3 hours to get configured and delivered) I was still receiving an error code on the device. Error code 0×85010014. It came with a vague description of the code that there is “a problem with the exchange server”. I was able to get it to sync, but only with SSL disabled. When I enabled it, it timed out. Of course I didn’t want to run with it disabled because I was running OWA too and wanted it to remain secure. At this point I gave up and called in a consultant for help. I had already been working on this project for 3 days and just wanted it fixed.
In a nutshell here’s what he did. First he turned on forms based authentication on the exchange server. Secondly he properly configured OMA by using method 2 in KB817379.
Thats all it took. Apparently my OMA was not setup properly. Using method 2 we kinda rebuilt it. WHEW!
Recap:
Get a trusted public certificate.
Enable forms based authentication.
Make sure OMA is properly installed.
Side note:
You also need to make sure that the mobile services properties are set for mobile devices. (ESM–>Global Settings–>Mobile Services–>Properties)
Technorati Tags: Treo, 700w, Echange, ActiveSync, 0×85010014
Posted by ^Lestat on Tuesday, December 12th, 2006
I have a Mac added to my Active Directory domain lately. Mainly due to graphics editing software and capability. The brand new iMac was loaded and also running Parallels in order to run both XP Professional along with the Mac OSX. Parallels is a virtual pc environment.
Why the 2? The user needed to have his mapped network share. They can use the XP Pro within parallels to access their domain share. From what I’ve read you cannot get a users AD share accessable to a Mac because of the Windows protocols. However, you CAN connect a Mac to a domian so that they can use their Entorouage email with exchange. Thanks to Someone Else for the instructions!
I followed the instructions step by step and it was gold. You pretty much create an Organizational Unit, and add the computer account to it (Not a user account!). Then go to the Mac and adjust the network and share utilities accordingly.
The only thing I had to figure out was how to configure the mail client. Which if you need to do, make sure you choose the manual route. There is some network info you need to add in that doesnt come with the default mail account setup.
Technorati Tags: Exchange, Mac, Active Directory, Domain
Posted by ^Lestat on Thursday, November 2nd, 2006
