Group Policy import error - no backups found

This annoyed me for about an hour today! I had copied some group policy backups to a new domain but when I tried to import into a new blank GPO I got an error saying no backups found. I discovered that the manifest.xml in the import location had all the gpo data removed. Checking the original backup location in the original domain I could see it contained data for each group policy backed up. Digging a little further I realised I had an apostrophe in the name of one of the group policies I had backed up.  So I removed the apostrophe and backed up again, then copied over to the new domain. Success! I guess the xml didn't cope too well with the '. So lesson learnt to be careful with non alphanumeric characters in group policy names.

Error Updating VUM vCenter Update Manager From 5.1 to 5.5

Running the update for vCenter Update Manager 5.5 from 5.1 on a WIndows 2008 R2 server after upgrading all the other components I was receiving an error like below and couldn't click next in the installer to get past the credentials page:

validation failed for service account user

setup failed credentials could not be validated

Looking in the install log vminst.log in %temp% showed the following but wasn't particularly useful:

process returned 199

Error:: unknown VC error

To get past this I checked if the service account for VUM can log in to vSphere client, I couldn't.  I then added the service account explicity as an administrator at the vCenter level with inheritance to be able to login to vCenter.  I could now validate the credentials for the install and complete it.

After completing the upgrade I had to change the update manager service in Windows to run as the service account.

Exchange OAB Folder Permission Privilege

Outlook users on Exchange 2010 mailboxes were failing to download the OAB (offline address book) due to list folder privilege being missing on OAB directories used for clients to download via IIS.  The directories require at least  the list folder privilege for the Authenticated Users group to be able to download an OAB.

To resolve I created a task that runs on every boot on each CAS server and sets the required privilege on the OAB and lower folders.  The task must be set to “run with the highest privileges” and I had to run it as a user with local administrator rights. The task runs a ps1 script like below which sets the parent OAB folder and all child OAB folders.  Each OAB in an Exchange 2010 environment has it's own folder named with a GUID.

#------------------------------------------------------------------------------------------------------------

$exdirpath = '<drive and path to>\Program Files\Microsoft\Exchange Server\V14\ClientAccess\OAB'

$launchpath = '<drive and path to script output file>'

# ---- note that xcacls.vbs should be stored in th $launchpath location ----

# ---- clear output file ----

$permout = ""

$permout | Out-File $launchpath\setperm01result.txt

# ----- Set privilege for authenticated users with read and list on OAB root -----

$permout = cscript $launchpath\xcacls.vbs "$exdirpath" /E /G SID#S-1-5-11:L

$permout | Out-File -append $launchpath\setperm01result.txt

# ----- Set privilege for authenticated users with read and list on OAB subfolders -----

$exdirs = gci $exdirpath | where {$_.Attributes -eq 'Directory'}

foreach ($exdir in $exdirs)

                {

                $permout = cscript $launchpath\xcacls.vbs "$exdirpath\$exdir" /E /G SID#S-1-5-11:L

                $permout | Out-File -append $launchpath\setperm01result.txt

                }