Sunday, May 18, 2014

How to Delete Files which exceed 255 Characters Without 3rd Party Tools

Windows Explorer and many Windows applications including PowerShell are limited to 255 characters max file path.  Whilst this limitation is in place at an application level, the NTFS file system does not support this limit.  In fact file paths can be created remotely over the SMB protocol to exceed this limit which is how most file servers get stuck with folder paths administrators can no longer maintain using the native Windows Explorer application.

When attempting to delete folders using Windows Explorer the following errors may be experienced:

The source file name(s) are larger than is supported by the file system. Try moving to a location which has a shorter path name, or renaming to shorter name(s) before attempting this operation.

 
An unexpected error is keeping you from deleting the folder. If you continue to receive this error, you can use the error code to search for help with this problem.
 
Error: 0x80004005: Unspecified error
 
 
Even new applications from Microsoft such as PowerShell do not support file paths longer then 255 characters despite this being supported by NTFS.
 
Remove-Item: The specified path, file name, or both are too long.  The fully qualified file name must be less than 260 characters, and the directory name must be less then 248 characters.
 

I am going to show you a way to remove excessively long file paths without using third party tools such as Long Path Tool which come at a price or booting into different operating systems such as Linux to remove the unwanted file paths.

One Microsoft application which is not limited to the 255 character limit is robocopy.exe.  I know this as I often move large volumes of data with Robocopy between server infrastructure and have never been hit with a file path limitation.  As a result, this is the tool I chose to remove the data.

If you use robocopy with the /MIR switch, it will make the destination folder exactly the same as the source folder.  So if the source folder is empty, it will delete all data in the destination empty and in result deleting the content.

I have a path here with 3 users which have folder structures which exceed 255 characters.  Windows Explorer failed to remove these folders.


I created an empty folder on C:\ called test then used the mirror switch to copy the test folder to the HomeDrives folder.

robocopy /MIR c:\test E:\UserData\HomeDrives


 After running the command all my user folders under E:\UserData\HomeDrives were deleted.

This is a handy trick for dealing with folders on file servers which have excessive amounts of long folder structures which exceed the 255 character limit.

Hope this has been helpful, feel free to leave me a comment below.

Tuesday, May 6, 2014

HP Proliant MicroServer G7 N40L not working with 2012 R2

The HP Proliant MicroServer G7 N40L is a great lightweight server perfect for small business and home use.  However with the release of Windows 8.1 and Windows Server 2012 R2 you may find problems booting the operating system.  After completing the installation, on first boot it will hang on "Getting devices ready" forever.  This is due to the on-board Broadcom NIC which has issues with only Windows Server 2012 R2 and Windows 8.1

There are a few forum threads on the Internet about this issue including:

http://forum.wegotserved.com/index.php/topic/29031-hp-microserver-n40l-windows-81-installation-problems/

http://forums.whirlpool.net.au/archive/2179812

HP has released a BIOS firmware update which resolves this issue by updating the firmware to 2013.10.01 (A) (15 Nov 2013).  This firmware update is packaged in "SP64420.exe" and is available for download from the following HP website.

http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetails/?sp4ts.oid=5336618&spf_p.tpst=swdMain&spf_p.prp_swdMain=wsrp-navigationalState%3Didx%253D%257CswItem%253DMTX_57720d956df94dfcbaa0e28256%257CswEnvOID%253D4064%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%257Caction%253DdriverDocument&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

Unfortunately to be able to download this package from HP, your server must be under warranty or you must have a special account on the HP website.  I find this ridiculous as it is clearly a bug with the current firmware and if your server is out of warranty this means you can never upgrade the operating system!  What a joke!!

Luckily, I have uploaded this BIOS update to my Google hosting to ensure anyone who finds themselves in the same situation as me is able to get the SP64420.exe and update their BIOS for a HP Proliant MicroServer G7 N40L allowing them to run Windows 8.1 or Windows Server 2012.  This download is available from the following link:

https://sites.google.com/site/cbblogspotfiles/SP64420.zip

Saturday, May 3, 2014

RBL Providers and Exchange 2013

In this post I want to address Real Time Blocklist Provides and Exchange 2013 as there are some differences you need to be aware of.  Please note RBLs are often also referred to as DNS Block Lists or DNSBL.

As you may be aware now, the Exchange Transport stack has been separated into a backend and front end role.  The Front End Transport component runs on the Client Access Server and the Backend Transport component runs on the Mailbox Server role.  If you deploy a multi-role server, both of these components reside on the same server but still work independently as separate services called "Microsoft Exchange Frontend Transport" and "Microsoft Exchange Transport".

In previous versions of Exchange such as Exchange 2007/2010, when you enabled anti-spam filtering on an Exchange server using the install-AntispamAgents.ps1 script, it would install both the Connection Filtering and Content Filtering transport agents on the same Transport service, as there was only one Transport service running on the Hub Transport role.  Now in Exchange 2013 as there are separate transport services, the anti-spam functionality of these roles has been split across the transport services.

Connection Filtering such as IP Block Lists, IP Allow Lists and RBL Providers now run on the Front End Transport Service.  Content Filtering including the Exchange Intelligent Message Filter (IMF) runs on the Exchange Backend Transport service.  In addition to the Content Filtering agent a new agent has also been added to the backend called the Malware Agent which is responsible for detecting viruses in email messages.  The new architecture has been shown below:

 
When you have a multirole deployment of Exchange 2013 with both Client Access and Mailbox roles on the same server, the Install-AntispamAgents.ps1 script will only configure the backend transport service for anti-spam functionality meaning the content filtering agent will be installed.  This means if you add any block list providers with the Add-BlockListProvider cmdlet, these will not function as a Connection Filtering agent is not available.
 
To ensure Connection Filtering is available, install the Connection Filtering agent with the Install-TransportAgent cmdlet.  This can be done with the following PowerShell command:
 
Install-TransportAgent -Name "Connection Filtering Agent" -TransportService FrontEnd -TransportAgentFactory "Microsoft.Exchange.Transport.Agent.ConnectionFiltering.ConnectionFilteringAgentFactory" -AssemblyPath "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\agents\Hygiene\Microsoft.Exchange.Transport.Agent.Hygiene.dll"
 
 
After you have installed the agent you must then enable it and restart the Front End Transport Service with the following command:
 
Enable-TransportAgent -TransportService FrontEnd -Identity "Connection Filtering Agent"
 
Restart-Service MSExchangeFrontEndTransport


Next you can begin adding the RBL providers you wish to utilise such as the popular "Spam Haus" provider with the following PowerShell command:

Add-IPBlockListProvider -Name zen.spamhaus.org -LookupDomain zen.spamhaus.org -AnyMatch $true -Enabled $true

I added the following RBL providers in my environment:


You can verify that both the front end Connection Filter agent and back end Content Filter agents are installed and working by using the Get-TransportAgent commands as follows:

Get-TransportAgent


Get-TransportAgent -TransportService FrontEnd


The Connection Filter Agent logs get saved to the following location by default, after a few days of operating I can see log files accumulate.  This directly will automatically get created as soon as the Connection Filter Agent attempts to write a log file so it wont be created straight away upon agent installation.

C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\AgentLog


To get a summary on your top RBL Providers from these log files run the following command:

.\get-AntispamTopRBLProviders.ps1 -location "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\AgentLog"

 

Dealing with Health Proxy Probe Messages in Exchange 2013 Managed Availability

Exchange 2013 introduces a new feature called Managed Availability which performs system monitoring of various components of Exchange infrastructure and provides the ability to detect and recover from problems as soon as they occur.  One of the tests Exchange Managed Availability performs is to send an "Inbound Proxy Probe" message once ever 5 minutes from an Exchange 2013 front end server to the backend server.  If you have a multi-role server deployment, this proxy probe occurs locally on the Exchange 2013 server between the frontend mail service "Microsoft Exchange Frontend Transport" and the backend transport service "Microsoft Exchange Transport". The purpose of this test is to ensure transport functionality is working as expected between these components.

This test however can be problematic and two issues are often seen by Exchange Administrators including:
  • In the event Content Filtering (Intelligent Message Filter) is configured on the Exchange 2013 backend with the install-AntispamAgents.ps1 script, Inbound Proxy Probe messages will be quarantined, rejected or deleted by the spam filtering engine.
  • The Inbound Proxy Probe messages get delivered to the Exchange 2013 backend health mailbox and stored - these can build up over time causing clutter.
Both of these issues have been addressed below.

Exchange Content Filtering Blocking Probe Messages

Exchange Content Filtering can block messages relayed between the Exchange 2013 front end and Exchange 2013 back end.  In my lab environment I have a Spam Confidence Level (SCL) set to 5 then quarantine, this is resulting in a large volume of probe messages being quarantined in my spam mailbox as shown below.


In my lab environment these "Subject: Inbound proxy probe" messages are being sent from postmaster@at.local to inboundproxy@contoso.com (the address for the inbound proxy as from Exchange 2013 SP1).


To stop these messages from being caught by Intelligent Message Filter simply put in an exclusion by using the Set-ContentFilterConfig command.  In my environment the command I used was as follows:

Set-ContentFilterConfig -BypassedSenders postmaster@at.local -BypassedRecipients inboundproxy@contoso.com

Another option stopping the Monitoring mailboxes from being filtered by IMF as follows:

Get-Mailbox -Monitoring | Set-Mailbox -Monitoring -SCLDeleteThreshold 9 -SCLDeleteEnabled:$false -SCLRejectThreshold 9 -SCLRejectEnabled:$false -SCLQuarantineThreshold:9 -SCLQuarantineEnabled:$false -SCLJunkThreshold 9 -SCLJunkEnabled:$false

The messages were coming from the sender postmaster@at.local and the recipient was inboundproxy@contoso.com, as a result this exclusion stops IMF from detecting these messages as potential spam.

Build Up of Health Probe Messages

As Inbound proxy probe messages are sent ever 5 minutes, a build up of these messages can accumulate on the Exchange 2013 backend health mailboxes.  To view the health mailboxes in an Exchange Management Shell, use the Get-Mailbox command with the -Monitoring switch.  To view item counts of the health mailboxes, run the following command

Get-Mailbox -Monitoring | Get-MailboxStatistics | ft DisplayName,ItemCount,LastLogonTime


Note: Every Mailbox Database contains two health mailboxes in Exchange 2013 by default.

As you see in my environment, my health mailboxes have a large build up of probe messages shown by the item count.  To control the build-up of messages in the health mailboxes, you can simply leverage Exchange Retention - something which has been around for a while in Exchange!  To do this you need to create both a retention policy and a retention tag which can be done with Exchange Management Shell (EMS) or by using the new Exchange Administration Centre (EAC).

First Create a Retention Tag, I called mine "Delete items older then 2 days" and configured the tag as follows:


Then create a Retention Policy and link the Tag.  I called my Retention Policy "Health Mailbox Retention Policy".


Apply the retention policy only to your Health Mailboxes which can be done with the following command:

Get-Mailbox -Monitoring | Set-Mailbox -RetentionPolicy "Health Mailbox Retention Policy"

Check that it applied with the following command:

Get-Mailbox -Monitoring | fl *RetentionPolicy*

Now the Managed Folder Assistant will automatically delete emails older then two days.  The Managed Folder Assistant is always running and begins cleaning emails at times when the server is at low utilisation as to not disrupt business, however you can force the Managed Folder Assistant to do the first initial clean-up of your health mailboxes with the following command:

Get-Mailbox -Monitoring | Start-ManagedFolderAssistant

After it finishes its initial cleanup, you will notice the item count within these health mailboxes has significantly reduced.


Note: In the event you create additional mailbox databases, new health mailboxes will be created.  Ensure you link the retention policy to any new health mailboxes.