DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 2527626 - Last Review: July 12, 2013 - Revision: 9.1

Hotfix Download Available
View and request hotfix downloads
 

On This Page

Symptoms

You may experience one or more of the following issues in Windows Small Business Server (SBS) 2011.
Collapse this tableExpand this table
When you install Windows SBS 2011, you receive one or more of the following error messages:
  • Setup: Here is the list of errors we encountered during setup.
  • Setup: Exchange Server 2010 cannot be installed
  • ConfigureWSSOutgoingEmailTask: Incoming and outgoing e-mail for Microsoft SharePoint Foundation are not configured.
After you install Windows SBS 2011, the following issues occur:
  • Exchange Server 2010 runs in an evaluation mode and requires an activation key.
  • You cannot create new users in the Windows SBS Console.
  • You cannot apply roles to users in the Windows SBS Console.
  • You cannot complete the "Connect to the Internet" Wizard or the "Internet Address Management" wizard.
When you open the Exchange Management Console on a computer that is running Windows SBS 2011, you receive the following message:
The following servers in your organization running Exchange Server 2010 are currently unlicensed.
Note This message also displays the computer name of the computer that is running Windows SBS 2011 Standard.

Cause

These issues may occur if one of the following conditions is true:
  • Condition 1

    During the setup of Windows SBS 2011, Exchange Server 2010 did not install. Exchange Server 2010 was later installed manually.
  • Condition 2

    Exchange Server 2010 was uninstalled from Windows SBS 2011, and then was reinstalled.
  • Condition 3

    A repair installation of Exchange Server 2010 was completed on the Windows SBS 2011 server.

Resolution

To resolve this issue if you experience Condition 1 or Condition 2, follow the steps in the "PowerShell script to resolve Exchange Server issues" section. Then, install the hotfix that is described in the "Hotfix information" section.

To resolve this issue if you experience Condition 3, install the hotfix that is described in the "Hotfix information" section.

PowerShell script to resolve Exchange Server issues



Important
Before you complete these steps, Exchange Server 2010 must be installed correctly. Do not complete the steps that are described in this article if the following Exchange Server 2010 roles are installed incorrectly:
  • Mailbox
  • Hub/Transport
  • CAS (Client Access server)
  • Management
The following steps configure Exchange Server 2010 to the default settings of a successful Windows SBS 2011 Setup.

Note If you have manually configured settings in Exchange, the settings may be changed and mail flow may stop until you finish the correct Windows SBS wizards or until Exchange Server is reconfigured. Additionally, you must have a supported network topology of a single network adapter and of a class C subnet.

These steps make the following changes:

  • Sets the Mailbox Database name in the registry
  • Fixes the Admin tools role version in the registry
  • Adds a default value of the msSBSEmailQuota Active Directory attribute for the three default Windows SBS roles
  • Configures the correct security roles to manage the server that is running Exchange Server
  • Adds permissions at the organization level to give access to the system account
  • Creates the following groups if the groups were not created:
    • SBSAdmins
    • Allusers
    • Postmaster
    • FSRMReports
  • Sets the same membership and settings for each of these groups
  • Configures transport settings for internal servers and a postmaster address
  • Rebinds the default receive connector to the internal network, not including the router internal IP
  • Deletes the default client receive connector
  • Enables the Windows SBS self-issued certificate that has CN=Sites
  • Removes the Exchange Server self-signed certificate
  • Configures outgoing email message settings in Microsoft SharePoint
  • Adds a host record in DNS for the SharePoint Simple Mail Transfer Protocol (SMTP) server
  • Adds miscellaneous registry keys to remove the installation issues
  • Activates the Exchange server by using the provided tool
To resolve these issues if Exchange Server 2010 was installed manually after Windows SBS 2011 was installed, or if Exchange Server 2010 was re-installed on the Windows SBS 2011 server, follow these steps:
  1. Select the Run as Administrator command to run Exchange Management Shell in an elevated mode.
  2. In the Exchange Management Shell, run the following commands in this order:

    #SBS 2011 Std
    #Launch from Exchange Management Shell as an admin.
    #This script completes the missing tasks after a failed Exchange setup during a migration.

    # Run each section, separated by the comments individually.

    ##Exchange setup should be completed using the proper parameters before running this script.


    ##Configure Mailbox Name in the registry
    $mbx = Get-MailboxDatabase -server $env:COMPUTERNAME
    Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\SmallBusinessServer\Messaging" -name "MailboxDatabaseName" -value $mbx.Name

    ##Add reg key for admin tools, this is needed due to the way SBSSetup is packaged.
    $Version = get-itemproperty "HKLM:\Software\Microsoft\ExchangeServer\V14\AdminTools"
    Set-ItemProperty "HKLM:\Software\Microsoft\ExchangeServer\V14\AdminTools" -name "ConfiguredVersion" -value $Version.UnpackedVersion

    ##Configure Exchange attribute in user roles. This might fail if the User Roles are missing.
    Import-Module ActiveDirectory
    set-aduser "Standard User" -Add @{msSBSEmailQuota=2097152}
    set-aduser "WebWorkplaceTools" -Add @{msSBSEmailQuota=2097152}
    set-aduser "Network Admin" -Add @{msSBSEmailQuota=2097152}

    ##ExchangeAdminPrep
    Add-RoleGroupMember -Identity "Organization Management" -Member "$env:USERDOMAIN\Domain Admins" -BypassSecurityGroupManagerCheck
    Add-RoleGroupMember -Identity "View-Only Organization Management" -Member "$env:USERDOMAIN\$env:COMPUTERNAME$" -BypassSecurityGroupManagerCheck
    $org = Get-OrganizationConfig
    add-adpermission -Identity $org.DistinguishedName -User "SYSTEM" -AccessRights "GenericAll" -InheritanceType "All"

    ##CreateMailDisributionGroupsTask
    # If the groups already exist you may get an error, that is ok, it is just a sign that the SBS Setup was done multiple times and the source never never restored from a backup.

    New-DistributionGroup -SamAccountName "sbsadmins" -Alias "sbsadmins" -Name "Windows SBS Administrators" -OrganizationalUnit $env:USERDNSDOMAIN"/MyBusiness/Distribution Groups" -Type "Distribution" -ErrorAction SilentlyContinue

    New-DistributionGroup -SamAccountName "allusers" -Alias "allusers" -Name "All Users" -OrganizationalUnit $env:USERDNSDOMAIN"/MyBusiness/Distribution Groups" -Type "Distribution" -ErrorAction SilentlyContinue

    Enable-DistributionGroup -Identity "All Users" -Alias "allusers" -WarningAction SilentlyContinue -ErrorAction SilentlyContinue

    Enable-DistributionGroup -Identity "Windows SBS Administrators" -Alias "sbsadmins" -WarningAction SilentlyContinue -ErrorAction SilentlyContinue

    Set-DistributionGroup -RequireSenderAuthenticationEnabled $false -Identity "Windows SBS Administrators" -ForceUpgrade

    New-DistributionGroup -SamAccountName "postmaster" -Alias "postmaster" -Name "Postmaster and Abuse Reporting" -OrganizationalUnit $env:USERDNSDOMAIN"/MyBusiness/Distribution Groups" -Type "Distribution" -WarningAction SilentlyContinue -ErrorAction SilentlyContinue

    Set-DistributionGroup -Identity "Postmaster and Abuse Reporting" -RequireSenderAuthenticationEnabled $false -HiddenFromAddressListsEnabled $true -EmailAddresses "SMTP:postmaster@$env:USERDNSDOMAIN","SMTP:abuse@$env:USERDNSDOMAIN" -EmailAddressPolicyEnabled $false -ForceUpgrade -WarningAction SilentlyContinue -ErrorAction SilentlyContinue

    Add-DistributionGroupMember -Identity "Postmaster and Abuse Reporting" -Member "Windows SBS Administrators"

    New-DistributionGroup -SamAccountName "fsrmreports" -Alias "fsrmreports" -Name "File Server Resource Manager Reports" -OrganizationalUnit $env:USERDNSDOMAIN"/MyBusiness/Distribution Groups" -Type "Distribution" -WarningAction SilentlyContinue -ErrorAction SilentlyContinue

    Set-DistributionGroup -Identity "File Server Resource Manager Reports" -HiddenFromAddressListsEnabled $true -ForceUpgrade
    Add-DistributionGroupMember -Identity "File Server Resource Manager Reports" -Member "Windows SBS Administrators"

    ##ConfigureIntranetSMTPTask

    Set-TransportConfig -InternalSMTPServers 127.0.0.1
    set-transportconfig -ExternalPostmasterAddress "postmaster@$env:USERDNSDOMAIN"

    ##rebind Default receive connector
    # This section is going to change the Default receive connector to only listen on the Internal subnet (minus router), mail flow may stop at this point.

    $ip=(gwmi Win32_NetworkAdapterConfiguration | ? { $_.IPAddress -ne $null }).ipaddress.get(0)
    $gateway=(gwmi Win32_NetworkAdapterConfiguration | ? { $_.IPAddress -ne $null }).DefaultIPGateway
    $gw="$gateway"
    $gwIp=$gw.split('.')
    $subnet=$gw.Remove($gw.LastIndexOf('.'))+".0"
    $range=$subnet+"-"+$gw.Remove($gw.LastIndexOf('.'))+"."+($gwIp.get(3)-1)+","+$gw.Remove($gw.LastIndexOf('.'))+"."+([int]$gwIp.get(3)+1)+"-"+$gw.Remove($gw.LastIndexOf('.'))+".255"

    $con = get-receiveconnector -Identity "Default $env:computername"
    $ip+=":25"
    $con.Bindings=$ip
    set-receiveconnector -Identity "Default $env:computername" -Bindings $con.Bindings

    $ipAdd= $range.Split(',')
    $con.remoteipranges = $ipAdd[0]
    $con.remoteipranges += $ipAdd[1]

    set-receiveconnector -Identity "Default $env:computername" -RemoteIpRanges $con.remoteipranges


    ##delete default client receive connector
    # If in use by now, this step needs to be skipped or the connector recreated.
    remove-receiveconnector -Identity "Client $env:computername" -Confirm:$false

    ##Remove the default exchange cert and enable ours
    Get-ExchangeCertificate | ? {$_.Subject -eq "CN=Sites"} | Enable-ExchangeCertificate -services SMTP -force:$true
    #remove
    Get-ExchangeCertificate | ? {$_.FriendlyName -eq "Microsoft Exchange"} | Remove-ExchangeCertificate

    ##New receive connector
    #Create the internal receive connector for SharePoint, Fax and POP3 Connector

    new-receiveconnector -Name "Windows SBS Fax Sharepoint Receive $env:computername" -RemoteIPRanges 127.0.0.1-127.0.0.1 -Bindings "127.0.0.1:25" -AuthMechanism "BasicAuth" -PermissionGroups "AnonymousUsers, ExchangeUsers" -Usage "Custom" -Server "$env:COMPUTERNAME" -ConnectionTimeout "00.06:00:00"


    ##ConfigureWSSOutgoingEmailTask
    # Configures SharePoint outbound email routing to use Exchange.
    # This might not work if SharePoint is not using default settings or not working.

    Add-PsSnapin Microsoft.SharePoint.PowerShell
    $spWebApp=Get-SPWebApplication
    $mail="CompanyWebAdmin@"+$env:userdnsdomain
    $spWebApp.UpdateMailSettings("SharepointSMTPServer",$mail,$mail,65001)
    dnscmd $env:computername /recordadd $env:userdnsdomain SharepointSMTPServer A 127.0.0.1

    ##Add reg key messaging components
    $val = get-itemproperty "HKLM:\SOFTWARE\Microsoft\SmallBusinessServer\Components\"
    Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\SmallBusinessServer\Components" -name "Messaging" -value $val.administration

    ##Fix Display Issues
    Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\SmallBusinessServer\Setup" -name "DisplayIssues" -value False

    ##Tag script watermark
    $date=Get-Date
    Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\SmallBusinessServer\Setup" -name "RepairScript" -value "ExchangeFailureCompleteSetup $date"
  3. Add users by using the Windows SBS Console.
  4. Complete the "Internet Address Management" wizard.
  5. Install the realted hotfix package to activate the Exchange server.
Go to the next section to install the hotfix package to activate the Exchange server.

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support (http://support.microsoft.com/contactus/?ws=support)
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

To apply this hotfix, you must be running Windows Small Business Server 2011.

Registry information

To use the hotfix in this package, you do not have to make any changes to the registry.

Restart requirement

You do not have to restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

Applies to
  • Windows Small Business Server 2011 Standard
Keywords: 
kbqfe kbfix kbsurveynew kbexpertiseinter kbhotfixserver kbautohotfix KB2527626
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support