Exchange 2010, 2008R2, Event 106 MSExchange Common

Problem: Exchange 2010, 2008R2, Event 106 MSExchange Common

Solution: Reload the correct performance counter file in Powershell

Event 106, MSExchange Common

Performance counter updating error. Counter name is Base for Average Number of Mailboxes Processed per Request, category name is MSExchange Availability Service. Optional code: 1. Exception: The exception thrown is : System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.

at System.Diagnostics.PerformanceCounter.Initialize()

at System.Diagnostics.PerformanceCounter.IncrementBy(Int64 value)

at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.IncrementBy(Int64 incrementValue)

Last worker process info : System.UnauthorizedAccessException: Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ExchangeServer\v14\Transport' is denied.

at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)

at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck permissionCheck, RegistrySecurity registrySecurity)

at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.GetLastWorkerProcessInfo()

Processes running while Performance counter failed to update:

2164 MSExchangeMailSubmission

 

Get the "D:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf" path

Open Exchange Powershell:

Add-pssnapin Microsoft.Exchange.Management.PowerShell.Setup

D:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\RpcClientAccessPerformanceCounters.ini

 

 

[PS] C:\ >Add-pssnapin Microsoft.Exchange.Management.PowerShell.Setup

[PS] C:\ >New-perfcounters -definitionfilename "D:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\RpcClientAccessPerformanceCounters.xml"

[PS] C:\ >

 

Event 1000, Source LOADPERF > OK

Performance counters for the MSExchange RpcClientAccess (MSExchange RpcClientAccess) service were loaded successfully. The Record Data in the data section contains the new index values assigned to this service.

 

If this does not fix try following (Correct the paths again)

Add-pssnapin Microsoft.Exchange.Management.PowerShell.Setup


new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\AdminAuditPerfCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\ResourceHealthPerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\ThrottlingPerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\MiddleTierStoragePerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\IsMemberOfResolverPerfCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\ADRecipientCachePerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\RpcClientAccessPerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\ExchangeTopologyPerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\ExSearchPerformanceCounters.xml"
new-perfcounters –definitionfilename "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\ExSearchCatalogPerformanceCounters.xml"

 

Your worst case scenario in terms of risk would be at the end if all does not solve it you have to re-index the Exchange Databases.

In would wait with that UNTIL you check all the Permissions/Counters and if they are registered correct!

https://social.technet.microsoft.com/Forums/exchange/en-US/5d56b384-2071-49ad-a74f-b76ca8615b94/exchange-2010-msexchange-common-error-106-performance-counter-updating-error?forum=exchangesvrgenerallegacy

https://social.technet.microsoft.com/Forums/exchange/en-US/079598ef-08fe-49b6-af5f-8920d8b34a39/msexchange-common-error?forum=exchange2010

Here is the official Linkl for the RE-INDEX (Last options if it currently fails all of the time)

https://technet.microsoft.com/en-us/library/aa995966.aspx

The certificate is invalid for exchange server usage Exchange 2010 SAN/UC

Error after importing a SAN/UC Certificate in Exchange 2010:

Error 1: "The certificate is invalid for exchange server usage"

This is because of a missing ROOT and Intermediate CA not imported.

Now Error After you resolved you get:

Error 2: "The certificate status could not be determined because the revocation check failed"

That means the Certificate Service (Certutil) can reach some URL from Microsoft or from the Cert PKI provider (Example Comodo)

Error: When your see the second error you are unable to"Export" a certificate in EMC / Exchange 2010 GUI. (Like for Load Balancer or CAS-Array)

HINT> If the certificate Status is NOT valid you still are able to "ENABLE"  the imported Certificate with Powershell.  We are unsure if Export would work.

See http://www.butsch.ch/post/Generate-SAN-UC-Certificate-SSL-on-Exchange-2010.aspx on how to do that.

 

First error comes "The certificate is invalid for exchange server usage" because suddenly your up to date Windows Server does not have an actual updated ROOT CA from some Cert Publishers.

 

  1. Import the Root CA Files you got together with the provider on your Exchange 2010 CAS Server.

 

  1. If you have a ROOT CA (Certificate Authority) you may publish the Root CA through your OWN CA to the Windows Domain. Type CERTUTIL in command to find out if you have/had one and then please ask the PKI-Engineer in your environment to help (If you have one ;-)

 

Here is how to manual import on the Exchange 2010 CAS:

The file you got from your PKI-Provider together with your certificate.

Start > mmc

 

Import the Root CA you got from your ISP to your Exchange 2010 CAS Server.

  1. ROOT CA (Most with Root in the name) to "Trusted >Root Certification Authorities")

Import the second Certificate you got from the Provider to "Intermediate"

After this you see in the Exchange 2010 EMC under Server (on right side)

The certificate status could not be determined because the revocation check failed

 

 

Check which Certificate paths the Exchange wants to have access to AND open those on the FIREWALL/WEBFILTER or use the correct PROXY Settings. Open the URL string you see in a Browser and check if you can download the files. Just make sure your Exchange 2010 can reach those URLs.

certutil -URLcache CRL (Check)

 

Here is an output from certutil -URLcache

http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab

http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl

http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl

http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab

http://crl.microsoft.com/pki/crl/products/CSPCA.crl

http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab

 

Also and esp. for Comodo Certificates check and validate where your CERT itself want to go and OPEN those URL.

certutil -verify -urlfetch c:\edv\13296984.crt (13296984.crt filename of your provider Certificate)

----------------  Certificate AIA  ----------------

 Failed "AIA" Time: 0

   Error retrieving URL: The operation timed out 0x80072ee2 (WIN32: 12002)

   http://crt.comodoca.com/COMODOHigh-AssuranceSecureServerCA.crt

  ----------------  Certificate CDP  ----------------

 Failed "CDP" Time: 0

   Error retrieving URL: The operation timed out 0x80072ee2 (WIN32: 12002)

   http://crl.comodoca.com/COMODOHigh-AssuranceSecureServerCA.crl

 ----------------  Certificate OCSP  ----------------

 Failed "OCSP" Time: 0

   Error retrieving URL: The operation timed out 0x80072ee2 (WIN32: 12002)

   http://ocsp.comodoca.com


   Revocation Check Failed "Certificate (0)" Time: 0
    [0.0] http://crt.usertrust.com/AddTrustExternalCARoot.p7c

  Verified "Certificate (1)" Time: 0
    [0.1] http://crt.usertrust.com/AddTrustExternalCARoot.p7c

  Revocation Check Failed "Certificate (0)" Time: 0
    [1.0] http://crt.usertrust.com/AddTrustUTNSGCCA.crt

  ----------------  Certificate CDP  ----------------
  Verified "Base CRL (0bbc)" Time: 0
    [0.0] http://crl.usertrust.com/AddTrustExternalCARoot.crl

  ----------------  Base CRL CDP  ----------------
  No URLs "None" Time: 0
  ----------------  Certificate OCSP  ----------------
  Verified "OCSP" Time: 63
    [0.0] http://ocsp.usertrust.com

 

OPEN these URL on the Firewall also:

http://crt.comodoca.com/COMODOHigh-AssuranceSecureServerCA.crt
http://crl.comodoca.com/COMODOHigh-AssuranceSecureServerCA.crl
http://ocsp.comodoca.com
http://crt.usertrust.com/AddTrustExternalCARoot.p7c
http://crt.usertrust.com/AddTrustUTNSGCCA.crt
http://crl.usertrust.com/AddTrustExternalCARoot.crl
http://ocsp.usertrust.com

 

PROXY 

If you have a PROXY do not to EXCLUDE your > Exmaple > *.domain.local from the PROXY or your Exchange EMC want work anymore!

If you can't open the CAS Server to those URL or you don't have the right to do so. Check how to configure the Proxy Setting with NETSH.

 

http://exchangeserverpro.com/exchange-2010-certificate-revocation-checks-and-proxy-settings/
http://www.geekmungus.co.uk/microsoft-exchange/exchange2010-ucccertificatethecertificateisinvalidforexchangeserverusage
http://blogs.technet.com/b/pki/archive/2007/09/13/how-to-refresh-the-crl-cache-on-windows-vista.aspx
http://blogs.technet.com/b/exchange/archive/2010/07/26/emc-and-certificates-with-failed-revocation-checks-in-exchange-2010.aspx
http://support.microsoft.com/kb/979694/en-us
http://msexchangeguru.com/2012/11/12/certificate-revocation/

 

 

 

certutil -urlcache crl delete (Clean Cache)

certutil -urlcache ocsp delete (Clean Cache)

KB2775511 W7 / 2008 R2 Hotfix Sammlung POST SP1 Pack (90 patches)

http://support.microsoft.com/kb/2775511

WIN7 32 & 64BIT / Server 2008 R2 ML / language Neutral

 Das soll es verbessern:

  • Logon Schneller
  • Policy Handling mit viel Policies auf clients schneller
  • Web-based Distributed Authoring and Versioning (WebDAV)
  • DFSN-client
  • Ordnerumleitung
  • Offline-Dateien und Ordner (CSC)
  • SMB-client
  • Umgeleiteten Drive Buffering Subsystem (RDB)
  • multiple UNC Provider (MUP)

Es gibt neu ein Enterprise Pack Update, welches vorwiegend fuer Firmen Umgebungen gedacht ist. Darin sind rund 90 Patche resp. Hotfixe enthalten.

Gibt einige Blogs die schreiben, dass einzelne enthaltene Hotfixe darin mit Ihrer Drittsoftware Probleme macht. Meist kleinere Datenbank Formate.

Fehler dann auch bei SMB 2.0:

http://blogs.msdn.com/b/winsdk/archive/2013/05/13/roll-up-update-kb-2775511-reports-with-smb-2-0-data-truncation.aspx

http://windowssecrets.com/forums/showthread.php/153760-Beware-KB-2775511-a-special-hotfix-rollup-post-Windows-7-SP1

 

Eventuell wenn jemand gerade an einigen W7 client ist und überhaupt nicht weiter kommt – Vor dem neu aufsetzen > Als letztes den HOTFIX Patch installieren.

Bei den einzelnen Patchen steht teils nicht installieren oder nur in Test Umgebung resp wenn Problem vorhanden. Daher an sich lieber nicht für alle und jeden...

 Ich vermute, dass dies ein SP2 Pre Check auf Kosten der Kunden ist. Aber immer noch besser als 10 Hotfixe Pro Problem anzufordern wenn es eilt…

Man kann diesen nicht direkt downloaden sondern muss in via Windows Update Catalog im WSUS integrieren lassen (Import). ,am kann das File aber aber ab einem client von

C:\Windows\Downloaded Installations drab kopieren oder mit Glueck (oder wissen ;-) das entsprechen File auf dem WSUSCONTENT finden.

These single Patches are included and people who have an idea of Deployment or Server Managment know what the single terms are.

The page is Language Neutral and has for some patches diffrent languages

language="neutral"

It's for Windows 7 32BIT and 64BIT and i think same patch for 2008R2? At least the package goes for sure in that direction FailoverCluster-Core-WOW64-Package or the FX RDP.

 

Microsoft-Windows-OfflineFiles-Package" language="zh-TW" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-Printing-Foundation-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-Printing-Server-Features-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-Printing-PremiumTools-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-RemoteFX-VM-Setup-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release" versionScope="nonSxS"
Microsoft-Windows-TerminalServices-MiscRedirection-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-TerminalServices-Gateway-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-TerminalServices-RemoteApplications-Client-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-GroupPolicy-ClientTools-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-Printing-ServerCore-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-ServerCore-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-ServerFoundation-Base-LanguagePack-Package" language="he-IL" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-FailoverCluster-Core-WOW64-Package" language="ar-SA" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-ServerCore-WOW64-Package" language="ar-SA" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
icrosoft-Windows-WinPE-LanguagePack-Package" language="tr-TR" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-WinPE-Package" version="6.1.7601.17514" processorArchitecture="amd64" language="neutral" buildType="release" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS"
WinPE-Dot3Svc-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35"
WinPE-MDAC-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35"
WinPE-WMI-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35"
Microsoft-Windows-Client-Features-Package" version="6.1.7601.17514" processorArchitecture="amd64" language="neutral" buildType="release" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS"
Microsoft-Windows-Printing-Server-Role-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-ServerDesktopExperience" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
Microsoft-Windows-WirelessNetworking-Package" language="neutral" version="6.1.7601.17514" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" buildType="release"
 
 

Powershell Links for Exchange 2007/2010

Hot wo automate a Powershell on Windows Server:

http://exchangeshare.wordpress.com/2008/12/08/how-to-schedule-powershell-script-for-an-exchange-task/

Free ActiveRoles Management Shell for Active Directory 32/64-bit from Quest:

http://www.quest.com/powershell/activeroles-server.aspx
http://ss64.com/ps/quest.html

How to load the Powershell Plugins into the Shell (As example Exchange and the Quest)

 

http://technet.microsoft.com/en-us/library/bb963745.aspx

Add-PSSnapIn -Name Microsoft.Exchange.Management.PowerShell.Admin,Quest.ActiveRoles.ADManagement

http://poshcode.org/2231

Here is how to skip/catch the error if the SNAP in has laready been registered.

 

  1. #Load Exchange PS Snapin
  2. If (@(Get-PSSnapin -Registered | Where-Object {$_.Name -eq "Microsoft.Exchange.Management.PowerShell.E2010"} ).count -eq 1) {
  3.     If (@(Get-PSSnapin | Where-Object {$_.Name -eq "Microsoft.Exchange.Management.PowerShell.E2010"} ).count -eq 0) {
  4.          Write-Host "Loading Exchange Snapin Please Wait...."; Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010}
  5.          }
  6.  
  7. #Load Exchange PS Snapin
  8. If (@(Get-PSSnapin -Registered | Where-Object {$_.Name -eq "Microsoft.Exchange.Management.PowerShell.Admin"} ).count -eq 1){
  9.     If (@(Get-PSSnapin | Where-Object {$_.Name -eq "Microsoft.Exchange.Management.PowerShell.Admin"} ).count -eq 0) {
  10.         Write-Host "Loading Exchange Snapin Please Wait...."; Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin}
  11.         }

 

Removing mailbox export and import requests from command New-MailboxExportRequest -Mailbox $Identity -FilePath $pstshare$user".pst"

http://thoughtsofanidlemind.wordpress.com/2010/12/21/removing-mailbox-export-and-import-requests/

Exchange Running Powershell from Batch on Server 2008/R2, 32/64BIT

Exchange Running Powershell from Batch on Server 2008/R2 32/64BIT, c:\windows\Sysnative Patch

If your recieve the error while running a Powershell from Batch:

WARNING: The following errors occurred when loading console D:\ProgramFiles\Microsoft\Exchange Server\bin\exshell.psc1:
Cannot load Windows PowerShell snap-in Microsoft.Exchange.Management.PowerShell.Admin because of the following error:
No snap-ins have been registered for Windows PowerShell version 2.
Command 'c:\batch\butsch.ps1' could not be executed because so me Windows PowerShell snap-ins did not load.

You may have to call the Powershell from within the Batch this way:

my_batch.cmd

:: 64BIT  C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell.exe
:: 32BIT  C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell.exe
:: 32BIT  C:\Windows\Sysnative\WindowsPowerShell\v1.0\PowerShell.exe < Server 2008 and R2 64BIT if you call the Powershell from DOS Batch.
c:
cd "D:\Program Files\Microsoft\Exchange Server\bin"
C:\Windows\Sysnative\WindowsPowerShell\v1.0\PowerShell.exe -PSConsoleFile "D:\Program Files\Microsoft\Exchange Server\bin\exshell.psc1" -noexit -command "c:\batch\butsch.ps1"

The sysnative was the soltion and not registering Components new or compiling the batch with 64BIT (In some surounding code with .exe)


The Hotfix which is mentioned in almost 70% of the Blogs is for Server 2003 and not for 2008.

http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/41c9cd78-74ad-4903-8a77-be6c09724669