The server encountered an error while creating . No reason given.

If you have received the error:
“The server encountered an error while creating <virtual machine name>”

When creating a new virtual machine or trying to add a new virtual machine from existing VHD, where there is no reason given for the error other than “Creating the virtual machine failed”.

You will find that there is a lack of info on Google relating to this, as most users would have had a reason under Creating the virtual machine failed.

On top of that, the Event Log ID 16000 doesn’t tell you much other than “The locale specific resource for the desired message is not present”, which is also a generic message with no real reason.

My Fix:

In my case, I retraced some steps and noticed this issue occurred after joining the Hyper-V server to the domain. All virtual machines added before then worked fine, but could not add, import, mount any existing VHD disks.

It appears to be a GPO related problem. In my case, I setup an OU with no inheritance to fix the issue. The server once joined to the domain was dropped into the default “Computers” container.

More info can be found from Microsoft here with alternate fixes:


Exchange 2013 – Room mailbox – Cannot expand folder

Came across this issue with an onprem installation of Exchange 2013.

Created a new room mailbox. Assign Full Access permission to a user, and when you attempted to expand the mailbox in Outlook it gave the error “Cannot expand folder”.

Manually adding the room mailbox to Outlook did not resolve the issue.

Fix was to open the mailbox in OWA first, go through the initial Language and Timezone selection. Then Outlook opened the mailbox fine.

Windows 7/2008 installer does not detect hard drives, BIOS does – hard drives from RAID?

Spent hours on this one thinking it was a motherboard issue. The fix only applies to a specific scenario.

If the hard drives were used in a RAID array (mine were from an Intel Matrix RAID), then the hard drives are formatted in a way that the Windows 7 installer can no understand.

You have two options:

  • Run an XP installation over the top of the hard drive (yes, XP will be able to install onto the hard drive). You do not need to go through with the full XP install. When files start to copy on the blue screen with the yellow bar, just reset the PC and install Windows 7/2008.
  • Format the hard drives in Linux or similar (put an ext3 filesystem on it). Putting the hard drive into an USB case and formatting it in Windows does not resolve the issue.

HP A3000 Wireless Controller – cannot see web interface

If you’re logging into the web interface of a HP A3000 controller (also known as H3C WX3010) and received a garbled output that looks like a console screen:

H3C Series Wireless LAN Device H3C WX3010 en 164F77D65B5E8AB0192884F4A4E63D Save Help Logout Are you sure to save the current configuration? H3C Series Wireless LAN Device H3C WX3010 H3C WX3010 ie 0 0 admin admin 3

This is likely due to using Internet Explorer 8 or 9. You need to enable Compatibility View under the Tools menu. You should be able to see the usual web interface afterwards.

ISA 2006 and Exchange 2010 OWA SSL Publishing

May be an unusual mix of products, but my ISA 2006 installation has been rock-solid and I haven’t seens a real need to upgrade to the newer TMG.

The scenario is as follows:

  • GoDaddy SSL Certificate Purchase
  • Secure Exchange 2010 with cerficate for OWA
  • Publish OWA via ISA using HTTPS

GoDaddy has pretty good guides for downloading and installing the certifcate into IIS7 (assuming you’re running Exchange 2010 on Windows 2008).

When you try to publish the site using SSL via ISA 2006, ISA requires you to make it aware of the SSL certificate. This was not a requirement back in the day of ISA 2004. The world of IT seems to get more complicated with each revision.

If you import the SSL certificate onto the ISA 2006 server by just double-clicking on it, ISA still will not be able to see the certifcate when you click on the Certificate tab for the Listener.

The correct way to import the certificate is via MMC console.
Load up the MMC Console, and add the Certificate snapin. Make sure you use Computer Account, and choose This Computer.

The certificate needs to be imported into the Personal section.

Here is the important part. You need to import the certificate with the Private Key. How do you do this?

If you don’t, you’ll probably have an error like:

  • Private key handle error
  • Private key not installed
  • See below…

Easy, go to Exchange Management Console on the server where you just imported the certificate. Do this by opening IIS, click on your server name on the left. Click on Server Certificates in the middle.

Then click on Export in the right. This will allow you to export the GoDaddy Certificate you just purchased (or any other certificate for that matter), with a Private Key. You know when a private key is being exported because a password is needed. Save this certificate somewhere, and copy it to the ISA 2006 server.

Armed with a certficate with Private Key, we can now import it into the Certificate store. Resuming from where we left off, right-click on the Personal certificate store, All Tasks, Import. Display all files (*.*), and select the certificate you just copied over. You will need to enter the password you set earlier. Click next and ensure the certificate is stored under Personal.

Last step is to tell ISA 2006 to use that certificate. With any luck, you’re greeted with all green ticks. Select the certificate and OK all the way out.

For later down the track…

I found that when my GoDaddy certificate expired, I renewed and updated the certicate on the Exchange 2010 server only. I did not reimport the certificate in ISA 2006 or install it into the Certificate store. Seems to be running fine, and no certificate errors.

Seems ISA 2006 only wants to “see” the certificate initially, and subsequent renewals doesn’t seem to phase it.

Also note that if you are trying to use Outlook Anywhere, this method may not work. Outlook Anywhere requires some more fiddling with ISA 2006 to allow the certificate to be passed through successfully. More info soon…

3Com 4400 Switch Password Recovery and Factory Reset/Defaults

Here’s one from the history books. You are unlikely to encounter these switches, but if you do and wish to restore them to defaults, this will be your saviour.

Password Recovery

Use the password recovery method outlined below to reset the admin password.

1.Use a console cable to connect to the CLI, and enter username “recover” and password “recover” to place your unit in password recovery mode. The unit will remain in password recovery mode for a maximum of 30 seconds, before it returns to the CLI login prompt.

2. During the 30 seconds, perform a hard reset on the unit while it is still in password recovery mode by switching it off (pulling the power on it), waiting a few seconds, and switching it on again.

3. When the unit has rebooted following the hard reset enter a new password for the “admin” user account.

4. Enter enable to leave password recovery enabled, or enter disable to turn it off. You are now logged in as the default “admin” user. WARNING: If you enter disable here, you will not be able to perform password recovery again! I have not figured out a way to get around this… It is best to leave it enabled!
Reset Factory Defaults

Use admin login (not manager). Use procedure above if you have lost the admin username. The manager username does not have as much access rights to perform the steps below.

Once logged into the CLI, use command: gettingStarted – this will allow you to set IP address, amongst a couple other minor things. Follow prompts, and apply settings, reboot. Done.

For full factory reset/defaults, issue command: system, control, initialize. Then type Yes to proceed.

This is what you should see at the console.

Menu options: ————–3Com SuperStack 3 Switch 4400—————
initialize         – Reset to factory defaults
reboot             – Perform system reboot
softwareUpgrade    – Perform agent software upgrade

Type “quit” to return to the previous menu or  ? for help
————————————Stack 005 (1)———————–
Select menu option (system/control): initialize
WARNING: This command initializes the system to factory defaults (excluding
Management IP Configuration) and causes a reset.
Do you wish to continue (yes,no)[no]: yes

Cannot map printers without admin rights on Windows XP or 7

This will generally occur if you need to install a printer driver that is not approved by Microsoft.
You will find it either fails or asks for the administrator username and password.

There are various Group Policy Adjustments that need to be made.
On Windows XP, follow this article ->

On Windows 7, you need to disable this GPO (same policy as that for XP in the article above, but different location):
Computer Configuration/Policies/Admin Templates/Printers/Point and Print Restrictions

Make sure you apply Computer Configuration Policies to OU’s with Computers, and User Configuration Policies to OU’s with Users in it (or lump them both into one policy and appy them to both Computer and User OU’s). Then everything should work find once the policy refreshes on the PC.

Exchange 2003 to 2010 Migration with Tips and Tricks

Now I know there are articles out there, but I wanted to write one that had enough detail for anyone attempting this to follow, but with as few steps as possible.

Obviously make sure you Exchange 2003 server is working well before moving to 2010.

  1. Check Default SMTP Virtual Server to ensure you do not have any smarthosts in there on the Exchange 2003 server (Under First Administrative Group – Servers – Servername – Protocols – SMTP). This will prevent mailflow between 2003 and 2010 servers.
  2. Install Exchange 2010 on the new server (I’m assuming single server here – not recommended by Microsoft). Plenty of articles on how to do this.
  3. Disable Linkstate on Exchange 2003 and reboot (or restart Exchange 2003 services) (Command Prompt to x:ExchSvrBin and type Regsvr32 -u xlsasink.dll)
  4. Move/create a mailbox onto the 2010 server. Connect Outlook or log into webmail on that server to conduct some tests. Test the following: Email flow between 2003 and 2010 mailboxes (both directions) and email flow from 2003 -> external and 2010 -> external
  5. If there are issues with mailflow between 2003 and 2010 delete and recreate the connectors. The connectors are setup automatically when you installed Exchange 2010.
  6. Replicate Public Folders and other instructions as per article (do everything but decommision the Exchange 2003 server):
    Do not change Replication Schedule or Replication Priority when replicating the Public Folders. You could end up bogging down the connectors with excess traffic and grinding the Exchange servers to a halt.
  7. Move mailboxes. You will have to do this with the Exchange 2010 ESM (not the 2003).
  8. For seamless transition with Outlook 2003 clients, you need to disable the requirement for encrypted connection.
    Run this in the Exchange Powershell on the 2010 server:
    Set-RpcClientAccess –Server <servername> –EncryptionRequired $False
    Otherwise in Outlook 2003, you will need to choose the Encrypt Connection between Outlook and Exchange server option. This is not hard, however in migration scenerios, it will prevent seamless handover between legacy Exchange 2003 servers and Exchange 2010 servers when you are moving mailboxes.
  9. I would leave the Exchange 2003 server running for 2 weeks before removing to ensure there is a automatic handoff to the new Exchange 2010 servers when users connect in with Outlook for the first time. Otherwise you will be running around reconfiguring Outlook to point to the new 2010 server
  10. Rehome Receipient Update Services. Use the Exchange 2003 System Manager to do so. Point it to the other Exchange Server, and the correct Domain Controller.
  11. Remove Exchange 2003 server as per article above from Microsoft.
  12. It’s not unusual that during a process/migration like this to have errors with the Offline Address Book to Global Address List. If you are getting such errors during Sending/Receiving in Outlook, you may have to rebuild/recreate the Offline Address Book after all the above steps have been completed. Symptoms of a faulty OAB/GAL are that newly created users do not appear. A temporary workaround is to get your users to type in their full email address for the time being.

Exchange 2007/2010 Active Sync 0x85010004 or 85010014

Are you using the administrator account to test with activesync? You shouldn’t be!

If you are getting these messages in Event Log: User “domainnameadministrator” cannot synchronize their mobile phone with their mailbox because  Exchange ActiveSync has been disabled for this user.

And on your Windows Mobile phone have error code 0x85010004

It’s probably because you’re trying to use the administrator account to test with! This is not supported under Exchange 2007/2010 as the administrator does not inherit permissions in AD which makes it hard to give it activesync rights. Use a user’s account instead!

If this is not the case, then try one of two things (I found this normally happens when migrating from 2003 -> 2007/2010 – never seen it with a fresh install)

  1. Remove and recreate ActiveSync Directory (use Exchange Powershell)
    Remove-ActiveSyncVirtualDirectory -Identity “Microsoft-Server-ActiveSync (Default Web Site)”New-ActiveSyncVirtualDirectory -Server “xxx” -WebSiteName “Default Web Site” -ExternalURL “

    or for a single server deployment
    New-ActiveSyncVirtualDirectory -WebSiteName “Default Web Site” -ExternalURL “

  2. Use the powershell to give the user ActiveSync rights
    Set-CASMailbox -Identity <username> -ActiveSyncEnabled $true

    Also, more specifically for error 85010014
    Make sure you check that the user does Inherit permissions from the parent. Load up ADU&C – Make Sure View -> Advanced Options is ticked – Find User – Properties – Security – Advanced – Tick Allow Inheritable Permissions from the Parent… Ok all the way back out.

Other than that, make sure you check the obvious. Are you using SSL on both the Exchange and device side, or are you turning it off? It must match up.

Exchange 2007 and 2010 – Total emails/messages sent and received

I had a request to find out the number of emails sent out of an Exchange server as they wanted it for auditing purposes. Message tracking center is cumbersome to use for this. Instead, the performance monitor was fairly good (but had limitations).

To get to Performance Monitor for Exchange (you can use the standard one too if you want) . Load up Exchange Management Console – Toolbox – Performance Monitor.

Right click on graph and choose Add Counters. Choose MsExchangeTransport SMTPReceieve, highlight _total and click Add. Do the same for MsExchangeTransport SmtpSend.

Once added, scroll through the counter list on the bottom and highlight either Messages Sent Total or Messages Received Total. Look at the number in Last. This is the number of emails sent or received.

Your next question is, “emails sent or received since when?”. The answer to this is: Since the server was last restarted. To get when it was last restarted just use the command prompt and type: “net statistics server” or “net statistics workstation”. It will give you the time and date these two services were last restarted which will coincide with when the server was restarted (as these two services cannot be restarted without restarting the server).

Hope this helps!