Ubuntu, PPTP, Windows 2003 VPN Server

Jun 14

Ben KingNetworks , No Comments

My transition from a Windows to a Linux desktop has raised a few teething problems, almost the most annoying was the fact that I for some reason I could only VPN into certain MS PPTP VPN servers.

In the end I figured out that that the difference was I could VPN into Windows 2000 servers but not Windows 2003.

In the logs I was getting:

LCP terminated by peer (random load of symbols)

I tracked it down in the end to one setting under the PPTP config.

Under KNetworkManager this appears under ‘Compression & Encryption’, ‘Encryption’, ‘Require 128 bit MPPE encryption’. Check this and it all works.

Exchange 2003 and Exmerge Woes

Jun 14

Ben KingNetworks , , No Comments

Today I needed to extract some mailboxes to PSTs from our Exchange 2003 server.

I kept getting a permissions error in my Exmerge.log file:

'Verify that the Microsoft Exchange Information Store service is running and that you have the correct permissions to log on. (0x8004011d)'

This is one of those annoying ‘exchange being oversecure for no good reason moments’, basically the administrator user (under which you are probably logged on for such an exercise) is denied permission to access individual mailboxes.

I found a couple of MS documents on the subject:

http://support.microsoft.com/kb/322312

and,

http://technet.microsoft.com/en-us/library/aa996410.aspx

Neither of them unfortunately resolved the problem in my case. It appears that even adding the administrator user to a temporary windows ‘exchange recovery’ group still didn’t allow access to the mailbox for extraction.

The solution is to:

  1. Create a new Active Directory Group called ‘Exchange ExMerge’ (or whatever you like).
  2. Give the new group full permissions on the store as per the 2nd MS article above.
  3. Create a new user and add it to the Exchange ExMerge group and Domain Admins.
  4. Logon to the Exchange server as the new user, run Exmerge and it should finally work.

You could of course just create the user and give it the appropriate permissions but I was just being ‘proper’! :)