THE OFFICIAL BLOG OF THE SBS "DIVA"

EVENT #	27757
EVENT LOG	Application
EVENT TYPE	Error
OPCODE	Info
SOURCE	MSExchangeSA
CATEGORY	OAL Generator
EVENT ID	9360
COMPUTERNAME	SERVER
DATE / TIME	11/22/2009 5:09:22 AM
MESSAGE	OALGen encountered an error while generating the changes.oab file for version 2 and 3 differential downloads of address list '\Global Address List'. The offline address list has not been updated so clients will not be able to download the current set of changes. Check other logged events to find the cause of this error. If the cause of the problem was intentional or cannot be resolved, OALGen can be forced to post a full offline address list by creating the DWORD registry key 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeSA\Parameters\OAL post full if diff fails' and setting it to 1 on this server. When OALGen next generates the offline address list, clients will perform a full OAB download. After that time, the registry key should be removed to prevent further full downloads. - Default Offline Address List

One of the clean up things in the migrated test server is that message.

Following Eventid.net points me to this:

Error message when a user performs the Send/Receive operation in Outlook:"Unknown error 0x8004011B":
http://support.microsoft.com/default.aspx?scid=kb;en-us;922255

Okay but I don't have that key, nor do I have Exchange 2003 anymore.

So let's try this instead:
http://chicagotech.net/netforums/viewtopic.php?t=3476

The events 9340 and 9360 could occur if the Offline Address Book (OAB)'s
parent Legacy Exchange DN container was not updated properly.

I suggest we delete the current OAB and then create a new one to check if
the issue persists. To do this:

=================

1). Start the Exchange Management Console on the Exchange 2007 server

2). Expand Organization Configuration, highlight Mailbox

3). Click the Offline Address Book tab

4). Right click the Offline Address list and choose Remove.

5). Then, refer to the following article to create a new offline address
list

How to Create an Offline Address Book
http://technet.microsoft.com/en-us/libr ... 24270.aspx

1. Start the Exchange Management Console.

2. In the console tree, expand Organization Configuration, and then click Mailbox.

3. In the action pane, click New Offline Address Book. The New Offline Address Book wizard appears.

• Offline Address Book Generation Server   Click Browse to specify the location where the OAB generation server will be located. The OAB generation server is the Mailbox server on which the OABs are generated.
• Include the Default Global Address List   The OAB is a snapshot of the Active Directory directory service information that is available in the global address list (GAL). Select this check box to include the default GAL in the OAB.
• Include the following address lists   Select this check box to add address lists to or remove address lists from the OAB. Click Add to select one or more address lists to add to the OAB. You can select one or multiple address lists. Click Remove () to remove the selected address list from the OAB. For more information, see How to Create an Address List.

1. Click Next.

• Enable public folder distribution   If this OAB will be distributed from public folders, and the clients are running Outlook 2003 SP1 or earlier, select this check box. 
  

  Note:
  If you select the Enable public folder distribution check box, and your organization does not have any public folder infrastructure, you will receive an error when you complete this wizard. For more information, see Managing Public Folders.

1. Click Next.

2. On the New Offline Address Book page, review your configuration settings. Click New to create the offline address book. Click Back to make configuration changes.

3. On the Completion page, confirm whether the OAB was created successfully. A status of Completed indicates that the wizard completed the task successfully. A status of Failed indicates that the task was not completed. If the task fails, review the summary for an explanation, and then click Back to make any configuration changes. Click Finish to complete the New Offline Address Book wizard
   
   6). After creating the offline address list, right click it and choose
   Update.

4. 
   
   Check if the events 9340 and 9360 are still logged.

Just so you see the visual... two vhd files sitting on an external USB drive.... are powering a copy of the SBS 2008 that I built at the office.  Once you have the "server" in vhds you can just copy and move them around.

This is where a nice bitlocker to go comesin handy as well... as I just walked off with a copy of my entire server in a very portable and easily transportable package.  Now that we have such an easy way to copy around the computers we use, are we thinking about the "what ifs?" that may occur?

So at the office I've been doing a dry run of the migration and the resulting migrated SBS 2008 is sitting as two vhd files on a HyperV server.  So I went to Office Depot, bought a small usb powered 500 gig drive, turned off the SBS 2008 running in HyperV, copied it to the hard drive.  Brought it home, connected it to the HyperV at home, browsing to the external usb drive locations for the hard drives.  I then booted the box.  Mind you the box at the office has different nics, different hardware but no bsod was seen.  Now think about this.  Next time you need to test patches, think how easy it is to make a copy of that production server and test ahead of time.

So tonight I'm taking my sister's "baby laptop", the old Travelmate C110 (a match of what I have) and moving it from an older slower harddrive up to a 7200 rpm drive.

While I can't justify the pricetag of a solid state drive, I can bump up a drive to a faster speed.

http://www.apricorn.com/product_detail.php?type=family&id=41 The Apricorn kit is a very easy way to do it as well.  And then the bonus when you are done is you get a very nice caddy for your old hard drive to be put into and now have a spare external drive.  I picked up to 500 gig external usb powered drives at Office Depot today, and was surprised at some of the slower speeds of drives I saw offered in SATA drives.  5900 RPM was the fastest SATA drives I saw at Office Depot.  Granted this was office depot... not Frys or some other uber computer store, but I wasn't about to get out on the road and fight though the crowds to get to Best Buy which is about the only other major computer store we got in Fresburg (yeah I know, we live in the hood, what can I say).

So what speeds are you putting in your systems? 

Are you picking solid state? 

Why does my CSR need to be 2048 bit length? - GoDaddy Help Center, Search the GoDaddy Knowledge Base:
http://help.godaddy.com/article/5619

From the "oh now I get it" category.  I kept seeing folks say that they had to rekey their certificates when asking for a new one, and when they did they had to ensure that in the wizard they pulled down the arrow in the key cert generation screen and specifically selected 2048 or higher.

Keep that in mind when you generate that key cert that you may/will need to request one with a higher bit length.

So one of the clean up things you need to do post install is this:

EVENT #    25091
EVENT LOG    Application
EVENT TYPE    Warning
OPCODE    Info
SOURCE    Windows SharePoint Services 3 Search
CATEGORY    Gatherer
EVENT ID    2436
COMPUTERNAME      SERVER
DATE / TIME      11/20/2009 11:20:30 PM
MESSAGE    The start address <sts3s://domain.com:987/contentdbid={b523f4fb-4a4a-4f37-98d3-855fda2496d1}> cannot be crawled.
Context: Application 'Search index file on the search server', Catalog 'Search'
Details:
Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository. If the repository being crawled is a SharePoint repository, verify that the account you are using has "Full Read" permissions on the SharePoint Web Application being crawled. (0x80041205)

The Official SBS Blog : Event 2436 for SharePoint Services 3 Search:
http://blogs.technet.com/sbs/archive/2009/05/07/event-2436-for-sharepoint-services-3-search.aspx

You'll see two fo these over and over and over again.

Resolution

To resolve this issue, it is recommended to manually register the URL in your system, or even disable the Loopback check feature. To register this URL, please use the following steps,

Note: We recommend that you use this method.

1. Click Start, click Run, type regedit, and then click OK.
2. In Registry Editor, locate and then click the following registry key:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
3. Right-click MSV1_0, point to New, and then click Multi-String Value.
4. Type BackConnectionHostNames, and then press ENTER.
5. Right-click BackConnectionHostNames, and then click Modify.
6. In the Value data box, type the URL mentioned in the above warning event, and then click OK.
7. Quit Registry Editor, and then restart the IIS service.

You can figure out how to fix this a couple of ways... first by seeing this and googling, or merely by running the www.sbsbpa.com that now points specifically how to fix this issue.  As you can see, post install I've got some clean up to do.

Go through them one by one, expanding them and see what they tell you to do.

1.  It tells me that Exchange 2007 is missing SP2.  Who cares at this point in time.  I'm waiting for the sbs specific wrapper that will install this on the box.  I'm not following a KB, I'm holding out until that installer wrapper is released.

2.  It told me to set up the backconnectionshost name just as I did above.  This will get rid of the SharePoint error.

3.  It tells me I forgot to remove the Backup User account.  I have to go into Active Directory Users and Computers and delete it there.

4.  It tells me to get rid of add-on congestion control by typing in netsh int tcp set global congestion=none in an elevated command windows.

5.  It reminds me that the built in admin group is missing the logon as a batch job user right.  (I accidentally got the wrong group with the logon as a batch right)

6.  It is reminding me that IE Enhanced security is disabled (I did it as I was building this test box as I couldn't get downloads from HP on there)

7.  It reminds me that the "Local activation permission to the IIS WAMREG Admin service is required  - fixed with KB920783

1. Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
2. Expand Component Services, expand Computers, expand My Computer, and then click DCOM Config.
3. Right-click IIS WAMREG admin Service, and then click Properties.
4. Click the Security tab.
5. Under Launch and Activation Permissions, click Edit.
6. In the Launch Permission dialog box, click Add.
7. In the Select Users, Computers, or Groups dialog box, type the domain user account that you specified as the Windows SharePoint Services 3.0 service account, [it's network service for sbs] click Check Names, and then click OK.
8. In the Permissions for UserName list, click to select the Allow check box that is next to Local Activation, and then click OK two times

8.  I'm warned about Windows Auto tuning level -- at an elevated command prompt type in netsh int tcp set global autotuning=disabled

9.  I'm warned about Receive side scaling -- at an elevated command prompt type in netsh int tcp set global rss=disabled

10.  I forgot to remove the STS_WPG group.... and remove the STS_worker and the IUSR_Domainname, and IWAM_Domainname user accounts.  Do not touch the IIS_WPG, but you can find the Iuser and Iwam with an _domainame and delete those.

11.  I need to get rid of task offload -- at an elevated command prompt type in netsh int ip set global taskoffload=disabled

12.  And I forgot the Vista WMI filter on the box.

All of these clean up stuff I found out by merely running the www.sbsbpa.com on the system.  It's now specifically checking for post migration issues.  Cool huh!

So how do you do a dry run without buying a new server?  Look around/or build from Frys and find an overgrown desktop that can support HyperV and 64bit and stick at least 8 gigs of ram in there.  You don't need a test lab with boxes all over the place, you do need a nice enough overgrown desktop that can handle virtualization and lots of RAM.

Right now the machine I'm using for my dry run is the server I ultimately plan to migrate to.  But before that I have a box that is nothing but a virtual platform with even removable drive drays that I can slide drives and and out and make machines as I need them.

Like many things in tech, you can't just read, you have to do.  Invest in yourself here.

I did this already for the HyperV parent and I guess I forgot to do this on the child SBS 2008.  When I demoted the SBS 2003 out, the SBS 2008 now needs this command.

Event

The time service detected a time difference of greater than 5000 milliseconds for 900 seconds. The time difference might be caused by synchronization with low-accuracy time sources or by suboptimal network conditions. The time service is no longer synchronized and cannot provide the time to other clients or update the system clock. When a valid time stamp is received from a time service provider, the time service will correct itself.

It's very easy and we've blogged about this before -- http://msmvps.com/blogs/bradley/archive/2007/01/03/need-to-set-up-the-sbs-box-as-an-authoritative-time-server.aspx

The hardest part is remembering what nist time peer I've used in the past.

1. Click Start, click Run, type cmd , and then press ENTER.  

2. At the command prompt, type the following commands in the order that
they are given. After you type each command, press ENTER.

w32tm /config /manualpeerlist: NTP_server_IP_Address ,0x8/syncfromflags:MANUAL  
net stop w32time  
net start w32time  
w32tm /resync  

http://www.pool.ntp.org/en/use.html

w32tm /config /manualpeerlist: pool.ntp.org,Ox8/syncfromflags:MANUAL

net stop w32time

net start w32time

w32tm /resync

I had to do that last command twice.

And then we're good to go.

I'm taking a break from the Migration dry run blogging tonight because I had to do a slide show for a group of folks I'm doing a presentation for tomorrow.  My Dad's retired executives groups.  All of those years that I had to listen to Dad, I now get to give a presentation to "Dads and Moms" about computer security.  Or how to be paranoid just a little bit, without freaking yourself completely out.

Earlier this evening my Sister and I were chatting about software and she had heard that Office 2010 was coming out in beta.  And she mentioned that at her office they were just NOW starting to deploy Office 2007 and that she didn't see that they'd be upgrading soon.  There is the Microsoft upgrade cycle.  The one that hopes you'll be migrating and ripping things out every two years.  And then there's the reality of businesses, of change, of the economy.  So while Microsoft is announcing and touting Exchange 2010 and TechEd Berlin, I'm just NOW deploying Exchange 2007. 

Out here in the real world of deployment there's still a fair amount of Exchange 2003 deployed.  And the reason it is, is the very reason that it has taken me this long to deploy Exchange 2007.  There's a more sensible reason for the upgrade other than "it's got the latest cool thing".  In my case it's a hardware upgrade that is making the decision.

For all those that have asked, btw, the methodology that I'm doing it the most closely aligned to the "Microsoft Method" and yes at the end I'll put all of these blog posts in a word document you can download. But keep in mind that I'm not really using anything other that these documents:

http://blogs.msdn.com/sbsdocsteam/archive/2009/11/12/the-windows-sbs-2008-migration-guides-are-updated.aspx

And this book:

http://www.packtpub.com/small-business-server-2008-installation-migration-configuration/book

Which it too is basically taking the Microsoft method and giving me screen shots so I know where I'm supposed to be at.  Granted he does add the extras of the some scripts and things. 

At the end of the day YOU have to do a dry run and practice.  YOU have to establish a confidence in yourself.  YOU have to take WHATEVER method you chose, tweak it and make it your own for the needs of your client base.  What I've personally ended up with, isn't the Microsoft method, it's the "what Susan decided to do because she was the most comfortable with choosing it" method.

At the end of the day, that's what counts the most.  You have to be comfortable in your skills, and surround yourself with the tools that make you feel that way.

 >>>Partner Community Hot issues November 2009<<<:
http://social.microsoft.com/Forums/en-US/partnerwinserver7rcthreads/thread/cf96edb8-afd7-48e2-aac9-519844f5d048

>>>Partner Community Hot issues November 2009<<<

TOP SUPPORT ISSUES
NEW & UPDATED KB ARTICLES

TOP SUPPORT ISSUES

[ISSUE 1]

Problem Description:
=============
Get intermittent network pauses on the Windows 7 computer.

Resolution:
==========
Disable auto-tunning.

Use the below command in command line on the Windows 7 computer:

netsh int tcp set global autotuninglevel=disabled

[ISSUE 2]

Issue:

===========

You cannot change the power settings on a Win 7 ultimate client that is member of a SBS2003 domain.

Cause Analysis:

===========

If the power options are configured via group policy, the following registry key should be added to the Win7 client:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Power\PowerSettings]

We ran gpresult /v to generate a group policy results report on the problematic Win 7 client and found the GPO’s that configure the PowerSettings are:

Local Group Policy

Small Business Server - Windows Vista policy

Solution:

===========

Configure the settings under the Power Management node to Not Configured in both GPO

Remove the Vista GPO from the server and it is working now.

[ISSUE 3]

Problem

========

You have problem with inbound FTP connections from the public network if the Windows Firewall is enabled on the brand new Windows 7 Server.

Cause

========

FTP is a special case because of the way in which an FTP server establishes the data channel for an FTP file transfer. During a typical FTP user session, an FTP client initiates a control channel with an FTP server. When the FTP client transfers a file from the FTP server, the FTP server tries to establish a data channel with the FTP client by initiating communication on a TCP port different from the one used for the control channel.

Solution

========

Since you are using Windows Firewall with non-secure FTP traffic, to overcome the problem described above, Windows Firewall uses the Application Layer Gateway Service to provide dynamic port mapping for the FTP data channel, thereby facilitating the stateful filtering of FTP traffic. We can open port 21 and enable stateful FTP filtering on the Windows Firewall by using the following commands:

1. To open port 21 on the firewall, type the following syntax in a command prompt then hit ENTER:

netsh advfirewall firewall add rule name="FTP (non-SSL)" action=allow protocol=TCP dir=in localport=21

2. To enable stateful FTP filtering that will dynamically open ports for data connections, type the following syntax in a command prompt then hit ENTER:

netsh advfirewall set global StatefulFtp enable

Reference

========

I have also included some articles below, just for your reference. Hope they are helpful to you.

 How Windows Firewall Works http://technet.microsoft.com/en-us/library/cc755604(WS.10).aspx

How to Configure Windows Firewall for a Passive Mode FTP Server http://technet.microsoft.com/en-us/library/dd421710(WS.10).aspx

Netsh Commands for Windows Firewall with Advanced Security http://technet.microsoft.com/en-us/library/cc771920(WS.10).aspx

[ISSUE 4]

Issue:

===========

Step-by-step document about TS  gateway and remote app

Solution:

===========

Here is the basic sequence we should follow to deploy remote desktop service on windows server 2008 R2.

1.    Licensing server.

Deploying Remote Desktop Licensing Step-by-Step Guide

http://technet.microsoft.com/en-us/library/dd983943(WS.10).aspx

2.    Install Remote desktop service role.

Installing Remote Desktop Session Host Step-by-Step Guide

http://technet.microsoft.com/en-us/library/dd883275(WS.10).aspx

3.    Create virtual desktop pool using remote desktop web access.

Deploying Virtual Desktop Pools by Using Remote Desktop Web Access Step-by-Step Guide

http://technet.microsoft.com/en-us/library/dd883265(WS.10).aspx

4.    RDS(ts) gateway.

Deploying Remote Desktop Gateway Step-by-Step Guide

http://technet.microsoft.com/en-us/library/dd983941(WS.10).aspx

About application virtualization, this is entire solution for desktop level virtualization.

It has advantage over RDS like management, deployment and scale. However, it will remote more server and technical resource involved.

We are noticed that Application virtualization(previously called softgrid) is totally another solution. It use different protocol, different mechanism to implement application for client.

It has nothing to do with RDS(TS) anymore and client didn’t use “remote desktop” client anymore. User didn’t need to create a remote desktop session to access application running on server. It will “cache” the data on local machine and run it locally.

Here is some article for your reference.(A lot of document, really…)

Planning and Deployment Guide for the Application Virtualization System

http://technet.microsoft.com/en-us/library/cc843778.aspx

NEW & UPDATED KB ARTICLES

Computers that are running Windows 7 or Windows Server 2008 R2 stop responding at a black screen if a screen saver is enabled

http://support.microsoft.com/?kbid=976427

The "Run only allowed Windows applications" Group Policy setting displays no entries on a computer that is running Windows Vista, Windows Server 2008, or Windows 7

http://support.microsoft.com/?kbid=976922

Best regards,

Brandon Jiang
Partner Online Technical Community
-----------------------------------------------------------------------------------------
We hope you get value from our new forums platform! Tell us what you think:
http://social.microsoft.com/Forums/en-US/partnerfdbk/threads
------------------------------------------------------------------------------------------
This posting is provided "AS IS" with no warranties, and confers no rights.

Complete your post-migration tasks. Follow the instructions on pages 75 through 78 in the Microsoft migration document.
  Manage natively joined computer objects in Windows SBS Console

This setting is only if you manually joined 'stuff' and thus it didn't end up in the MybusinessOU/SBSComputers bucket.

Drag and drop the computer objects from their current location to the SBSComputers container, and then click Yes in the warning dialog box.

If you were a good SBSer, you won't have to do a thing here.

  Remove Source Server entries from DNS  

 
  Configure POP3 Connectors

Some folks use pop connectors for legacy programs.. I don't use them at all.  If you need to, it's in the Network tab under connectivity.  It's pretty self explanatory what to do.

  Update mailbox quotas

Yeah like we don't set any quotas in small business, other than tell people "I told you so" when their Outlook runs slow.  I already took all the quotas off and we'll be leaving them off.

  Share line-of-business and other application data folders

We already did that via David Overton's handy dandy script.  You do need to poke holes in the server firewall as you need them for databases.  More on this in another blog post as well.

  Install 32-bit printer drivers on the server running SBS 2008. See the blog post http://blogs.technet.com/sbs/archive/2009/02/13/how-to-add-32-bit-print-drivers-to-sbs-2008.aspx  for more information

This one is going to get it's own blog post.  Stay tuned.

  Fix client computer issues after migrating from SBS 2003

"When migrating to Windows SBS 2008 from Windows SBS 2003 Premium Edition with Microsoft Internet Security and Acceleration (ISA) Server installed, client computers on the network still have the Microsoft Firewall Client and Internet Explorer configured to use a proxy server. This causes connectivity issues on the client computers, because the proxy server no longer exists. If there is a different proxy server configured, the client computers continue to use the server running Windows SBS 2003 for the proxy server. To fix this issue, you must remove the Firewall Client on the client computers, and then reconfigure Internet Explorer either to not use a proxy server or to use the new proxy server."

Dude, if I just ripped out the SBS 2003 premium with ISA, I should have done this (which I did) as a preliminary step when I installed the brand new firewall.  This needs to be done as a pre-step, not a post step.  Now here is where you do want to reset someone's password, log in ON THEIR PROFILE and make sure everything works.  Like ... oh.. the BOSS THAT PAYS YOUR BILLS would be a good one to log into and check. 

Delete the old Folder Redirection Group Policy object. Follow the instructions on pages 73 through 74 in the Microsoft migration document.

Give the built-in Administrator group the right to log on as a batch job for Windows SBS 2008 migration

After you migrate, you should give the Administrator group the right to log on as a batch job.

After you migrate an existing Windows SBS 2003 domain to Windows SBS 2008, verify that the built-in Administrator group still has the right to log on as a batch job to the Destination Server. Administrators need this right in order to run an alert on the Destination Server without logging on.

One step I don't have to do... so we can pass on that one.. but on this one I need to do:

Give the built-in Administrator group the right to log on as a batch job. Follow the instructions on pages 74 through 75 in the Microsoft migration document.

At this point of the migration we need to physically remove any attached printers and attach them to the new server (more on that in another blog post).

And now we're ready to say goodbye to the SBS 2003 box.

Demote the Source Server

You must demote the Source Server from the role of an Active Directory Domain Services (AD DS) domain controller to the role of a domain member server.

Both the Source Server and the Destination Server must be connected to the network while the Group Policy changes are updated on the client computers. If you are about to demote and disconnect the Source Server from the network, ensure that Group Policy settings are applied to all client computers.

To force a Group Policy update on a client computer

To demote the Source Server

After you make the Source Server a member of a workgroup and disconnect it from the network, you must remove it from AD DS on the Destination Server.

To remove the Source Server from AD DS

Remove the Source Server from the network

Remove the Source Server from the network, and keep it available for at least one week in case some necessary data was not migrated.

Edit the Software Updates Group Policy object on the Destination Server

After demoting and removing the Source Server, it is still included in the scope for the Update Services Group Policy object (GPO) on the Destination Server. This is now an unresolvable security identifier (SID) and should be removed in the Group Policy Management Console on the Destination Server.

To update the Software Updates GPO

Let's try this again now...

And voila

You must uninstall Exchange Server 2003 from the Source Server before you demote it. This removes all references in AD DS to Exchange Server on the Source Server. You must have your Windows Small Business Server 2003 media to remove Exchange Server 2003.

To remove Exchange Server 2003 from the Source Server, click Windows Small Business Server  2003 in Add or Remove Programs, and then click Remove. Follow the instructions to finish the procedure.

And we're done with that step. 

Finally.  The next step is dcpromo-ing down the SBS 2003.

But before ... remove printers physically attached to the SBS 2003...

Physically disconnect printers that are directly connected to the Source Server

Before demoting the Source Server, physically disconnect any printers that are directly connected to the Source Server and are shared through the Source Server. Ensure that no Active Directory objects remain for the printers that were directly connected to the Source Server. The printers can then be directly connected to the Destination Server and shared from Windows SBS 2008.

And... uh... I have none.  They are all attached via IP addresses as they have print servers.  Next up..a blog post about 32 versus 64 bit printer drivers and we dcpromo out our SBS 2003 and say goodbye.

You must uninstall Exchange Server 2003 from the Source Server before you demote it. This removes all references in AD DS to Exchange Server on the Source Server. You must have your Windows Small Business Server 2003 media to remove Exchange Server 2003.

Important  

To remove Exchange Server 2003 from the Source Server, click Windows Small Business Server  2003 in Add or Remove Programs, and then click Remove. Follow the instructions to finish the procedure.

We're now at the step on step 29 where we are ready to remove the Exchange 2003.  We've already done a dry run of turning off the SBS 2003 box (but keep in mind with the 2k3 box still in the active directory of SBS 2008 it makes the rebooting of that box kinda dicey as it makes the AD in the SBS 2008 box not the happiest in the world.  The server still runs just fine, but it drags it's feet a bit booting up as it's looking for the turned off SBS 2003.

Stick Disk 2 in the cdrom, or stick the disk 2 iso in the HyperV cdrom drive.

click on Windows SBS 2003 (not the r2)

Click on change/remove, then click next.  In my case it warned me I had the system on a machine with more than two processors and click next.

Go down to the Exchange server section pull the arrow key down and click change the check mark to remove.

Click next.

Confirm that you'll remove Exchange

The removal begins

It will then want the location of of the cdrom.

(note, do-do brain me downloaded the disk two of the SBS 2003 service pack 1 media. I'm now remote to the box at home and in my Jammies and can't walk over to the dvd drive and give it a disk.  So I'm having to download the right disk 2 to remove the exchange.  So step we're going to stop here at step twenty-nine and a half where I give the box the RIGHT disk 2 will have to wait until tomorrow.  If for whatever reason you  have a disk with a non functional cdrom drive you can always download the ISO, or convert it to an ISO and feed it into a usb drive and then mount the media using magicdisc )

We're revisiting Migration Step Twenty Eight

This has always been a confusing step to me as it says "Here do these steps".  What it should say is "Yo, go back and double check that you've done step 1, 2, 3, 4, 5, do steps 6 through 10.

Prepare your organization for removal of the last server running Exchange Server 2003

Tasks to complete prior to uninstalling Exchange Server 2003

For detailed instructions about how to complete these steps, see the section “To remove the last Exchange 2003 or Exchange 2000 server from an Exchange 2007 organization” in the article "How to Remove the Last Legacy Exchange Server from an Organization" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=141927 ).

We have moved mailboxes.  Check.  We know this because our mailboxes say "User Mailbox" not "Legacy Mailbox" when you go into Exchange Management console, then Recipient configuration, then click on mailbox.

We have moved public folders.  I know this because the SBS 2003 box is off, and I've gone into Toolbox, then into Public Folder Management console and my default public folders are there.  I also fired up OWA on the box, logged into a mailbox, clicked on Public folders to confirm that the info is there.

We have moved the offline address book.

We have moved the public folders.  See above.

We can send email.  We've checked this.

We now need to delete the SBS 2003 <<>> SBS 2008 connector that bridges across.

We need to delete or reconfigure the mailbox policies  For this I'll turn the SBS 2003 back on.

We will move the public folder hierarchy to the 2007 hiearchism.

We will MOVE (not delete) the Recipient update policies.  We can delete if we so deem, but moving was easier than pulling out ADSIedit for sure.

So for the steps we have left, first up is to log back into the turned off SBS 2003 and to move the public folder hierachism.

We have to go back to the 2003 box because that's where our GUI is.  If we did these steps on the SBS 2008 we'd be breaking out the Powershell.  There's a nice overview of what was depreciated in Exchange 2007 from 2003.  Obviously someone on the Exchange team has a thing for Powershell and a thing against GUI.  You might also want to learn how to use this as well.

So we need to remove the connectors.  As this article says you can do it via PowerShell/Exchange command shell or GUI.  And as Philip showcases, just find the connectors and delete them out.  It will say "are you sure" and it doesn't matter which one you delete first.

So next we will move the public folder hierachy to the 2007 box.

On your Exchange 2003 or Exchange 2000 server, perform the following steps to move the public folder hierarchy from the Exchange 2003 or Exchange 2000 administrative group to the Exchange 2007 administrative group:

1. In Exchange System Manager, expand Administrative Groups, right-click Exchange Administrative Group (FYDIBOHF23SPDLT), select New, and then select Public Folders Container.
2. 
   
3. Expand the Exchange 2003 or Exchange 2000 administrative group that contains the public folder tree, expand Folders, and then drag Public Folders to Folders under the Exchange 2007 administrative group.
4. 
5. Find them in the old server, copy/drag them over to the 2007 server
6. 

Deleting the receipient update services

1. Perform the following steps to delete the domain Recipient Update Services:
2. In Exchange 2003 or Exchange 2000 System Manager, expand Recipients, and then select Recipient Update Services.
3. Right-click each domain Recipient Update Service, and then select Delete.
4. Click Yes.

I want to remove this one as Michael B. Smith  Exchange guru said "If you point it to the new box, then you still can create new users using the old tools, but their Exchange attributes will be fubar'ed. Not a good thing"  Last night I browsed to the new box, tonight I'm changing my mind (like a female only should). 

You will not be able to delete the Recipient Update Service (Enterprise Configuration) by using Exchange 2003 or Exchange 2000 System Manager. Perform the following steps to delete the Recipient Update Service (Enterprise Configuration) by using ADSI Edit (AdsiEdit.msc):

1. Open ADSI Edit, expand Configuration, expand CN=Configuration,CN=<domain>, expand CN=Services, expand CN=Microsoft Exchange, expand CN=<Exchange organization name>, expand CN=Address Lists Container, and then select CN=Recipient Update Services.
2. In the result pane, right-click Recipient Update Service (Enterprise Configuration), click Delete, and then click Yes to confirm the deletion.

On this one I can either delete or point it to the new box.  (Pointing it to the new box was easier and if need be I can always come back and redo this)

Type in the new SBS 2008 server name, click check name and click okay.

And now we're ready for....

Uninstall Exchange 2003 or Exchange 2000 by using Add or Remove Programs from Control Panel. For more information, see How to Uninstall Exchange Server 2003 or How to Uninstall Exchange 2000 Server.

For this next step I'll need disk 2 of SBS 2003 or SBS 2003 R2.

And DON'T go in and remove the Exchange from where you think you need to remove Exchange, remove it from the SBS 2003 section.  I need to download that media from TechNet plus to put it on that box.  If you don't have access to your customer's media "any" SBS 2003 disk 2 media will do. 

You must uninstall Exchange Server 2003 from the Source Server before you demote it. This removes all references in AD DS to Exchange Server on the Source Server. You must have your Windows Small Business Server 2003 media to remove Exchange Server 2003.

Important

To remove Exchange Server 2003 from the Source Server, click Windows Small Business Server  2003 in Add or Remove Programs, and then click Remove. Follow the instructions to finish the procedure.

Stay tuned for the next chapter in ... Migration...or how the Server turns...

>>> Hot Issues for November 2009 <<<:
http://social.microsoft.com/Forums/en-US/partnermsgexchange/thread/debeed23-4f55-4325-9db0-c38df36c9208

>>>Partner Community Hot issues November 2009<<<:
http://social.microsoft.com/Forums/en-US/partnerofficeword/thread/3c3e80b4-c1bd-49bb-b7f8-f85bbdceccb9

TOP SUPPORT ISSUES
NEW & UPDATED KB ARTICLES
NEW WEBCASTS

TOP SUPPORT ISSUES
===============
The following "hot topics" were posted and resolved during the month of October in Office and Messaging client:

<Issue 1>

Product: Office Outlook 2007

Issue Description:

------------------------------

Outlook 2007 with BCM v3 was originally installed on Windows XP machine. The user uninstalled Windows XP OS and completely installed a new Windows 7 OS. After recovering the backup file for BCM database, the customer found (2 months ago) data is missing. The user wants to know how to recover missing data.

Resolution:

------------------------------

If the user has original BCM backup files <databasename>_offline.ldf and <databasename>_offline.mdf, he can restore the BCM dataset by using scripts.

For your reference:

Restoring a BCM database from SQL .mdf and .ldf files

http://blogs.msdn.com/bcm/archive/2007/10/22/restoring-a-bcm-database-from-sql-mdf-and-ldf-files-windows-vista-or-xp.aspx

<Issue 2>

Product: Office Word 2003 and Word 2007

Issue Description:

------------------------------

Some files are slow to open in Word 2003 and Word 2007 on the network.

Cause:

------------------------------

Those files are created by a template and will always to load the template in a shared folder when they are opened.

Resolution:

------------------------------

In Word 2003, please click “Tools” > “Templates and Add-ins” and clear the template file path here.

In Word 2007, please click “Developer” tab and click “Document Template” to clear the template file path.

<Issue 3>

Product: Office Outlook 2007

Issue Description:

------------------------------

The Country/Region drop down list is empty when you edit the business phone number in Outlook 2007 with BCM

Cause:

----------------------------------

The phone and modem options are not configured.

Resolution:

---------------------------------

Configure the options for a new location:

1. Start / Run / Services.msc / OK.

2. Double-click the Telephony service.

3. Set the Startup type to Manual.

4. Press Apply and OK.

5. Shutdown and restart your computer.

6. Verify that the Telephony service is started.

7. Configure your New location in the Phone and Modem options.

<Issue 4>

Product: Office Outlook 2007

Issue Description:

------------------------------

Customer cannot search either your own Calendar items or shared Calendar items in Outlook 2007. Have totally reinstall Office 2007 SP2 to troubleshoot this issue.

Cause:

-----------------------------

Some MAPI related files are corrupt or missing.

Resolution:

---------------------------------

Run Fixmapi.exe tool and Rebuild the computer's index catalog

1. Click Start, click Run, type %windir%\system32\fixmapi.exe, and then click OK.

2. Restart the computer.

3. In Control Panel, double-click Indexing Options.

4. In the Indexing Options dialog box, click Advanced.

5. Click the Index Settings tab, and then click Rebuild.

6. Click OK when you are prompted to rebuild the indexed locations on the computer.

7. Click Close to close the Indexing Options dialog box.

<Issue 5>

Product: Office 2003

Issue description:

-------------------

When trying to add clip art in Office 2003, we got the error “Clip Organizer cannot complete the operation - No such interface Supported error code 0x80004002”

Cause:

-----------------------

A third party software made windows use the old versions of two dll's: msdasql.dll and msdaps.dll

Resolution:

----------------------

Register the two files msdasql.dll and msdaps.dll from %COMMONPROGRAMFILES%\system\ole db:

regsvr32 msdasql.dll

regsvr32 msdaps.dll

NEW & UPDATED KB ARTICLES

================

940726  Security warning when you start Outlook 2007 and then connect to a mailbox that is hosted on a server that is running Exchange Server 2007 or Exchange Server 2010: "The name of the security certificate is invalid or does not match the name of the site"

http://support.microsoft.com/default.aspx?scid=kb;EN-US;940726

942995  You are prompted unexpectedly to restart the computer after you install a 2007 Office service pack or a 2007 Office update

http://support.microsoft.com/default.aspx?scid=kb;EN-US;942995

924074  How to open and save Word 2007, Excel 2007, and PowerPoint 2007 files in earlier versions of Office programs

http://support.microsoft.com/default.aspx?scid=kb;EN-US;924074

950929  How to contact a Microsoft Product Activation Center

http://support.microsoft.com/default.aspx?scid=kb;EN-US;950929

NEW WEBCASTS
===================

Microsoft Office System Webcast: Extend the 2007 Microsoft Office System (Level 300)

https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032422514&EventCategory=5&culture=en-US&CountryCode=US

Momentum Webcast: Using Microsoft Office for Business Intelligence (Level 100)

https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032423637&EventCategory=5&culture=en-US&CountryCode=US

>>>Hot Issue Nov-09 (Virtualization)<<<:
http://social.microsoft.com/Forums/en-US/partnervirtualserver/thread/fbca5f4a-e1c2-4f0a-8068-0e6c495fe18e