Monthly Archives: March 2013

Time and the Single Windows Server

How Windows servers update, or not update, their clocks is something that might not be readily understood by the average hosting customer, but it can be very important if your web applications are time-sensitive.  In this article, I’m going to cover time on standalone (or single – couldn’t resist not using this title) Windows servers.  A standalone server is one that is not a member of an Active Directory domain.  I’ll cover time on domain servers in the another article.

Installed out of the box, every Windows server is set to update its time from time.windows.com, which is an NTP service maintained by Microsoft.  But as the number of Windows servers on the Internet increases, this service has rapidly become overloaded.  I’ve encountered countless errors in the System Event Log where the server was unable to contact time.windows.com.  The key to good timekeeping on Windows, therefore, is to find another reliable time source (short of purchasing your own Stratum 2 time server).

Naturally, the Internet long ago solved this problem with the NTP Pool Project.  It describes itself as “a big virtual cluster of timeservers providing reliable easy to use NTP service for millions of clients.”  These are systems located around the world acting as highly accurate time servers that allow anonymous connections via the Network Time Protocol (NTP).  The load is distributed across all the servers, so every time you connect, it will be to a different pool server.  All of which is handled through the magic of DNS.

The host name used for the NTP Pool Project server allows you to use any of the servers located around the world, or to restrict youself to servers located in a particular country or in a particular region.  Naturally, there are more servers located in some countries than others (United States, Germany, France, and United Kingdom are the top four, in that order), so in the US or UK, you can safely restrict yourself to your country.  But in most other places, you’ll want to use the bigger regional pool or the entire world-wide pool.  This is especially true for Africa (15 servers), South America (43 servers), and Oceania (89 servers).  The country pools use the two-letter country code in the host name, and the regional pools use the region’s name in the host name.  If you exclude the country or region in the host name, all the servers in the world-wide pool are available to you.

Setting a Windows server to use the NTP Pool Project servers (or any other NTP server, for that matter) is best done using the W32TM command.  You can set the NTP server from the “Internet Time” tab of the Date and Time applet in the Control Panel, but the W32TM allows to set multiple time servers and configure other options.  This command, which works with Windows Server 2003 and higher, will set the server to update time from the NTP Pool Project US servers (this command is one line and broken into two lines here for clarity):

w32tm /config "/manualpeerlist:0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org
     3.us.pool.ntp.org" /syncfromflags:manual /update

Here is what the option mean:

/config  –  queries or updates the Windows Time Service configuration

/manualpeerlist  –  specifies the NTP servers to use.  This is a space-delimited list of DNS and/or IP addresses and must be enclosed in quotes when more than one server is specified.

/syncfromflags  –  sets what sources should used.  Choices are MANUAL (use the manual peer list), DOMHIER (use an Active Directory domain controller), ALL (use both sources), or NO (don’t sync from an NTP server).  The DOMHIER option only makes sense on a server joined to a domain.

/update  –  commits the changes.

After you change the NTP server list, you have to restart the Windows Time service, either from the Services MMC or using the NET commands as shown below:

net stop w32time
net start w32time

NOTE:  On Windows Server 2008 and higher, the Windows Time service is not set to automatically run on standalone servers.  You need to change the Startup Type in the service properties.

You can verify that your server is updating its time from the NTP Pool Project servers by looking for Time-Service events (Event ID 37) in the System Event Log.

Time Update Event

Time on standalone Windows servers is not as critical as it is on domain member servers and workstations, as we will see in the next article.  But having the correct time makes everything that uses a timestamp (and there are a lot of them) much easier to understand, especially when troubleshooting problems that only happen during a particular time.

Posted in Windows.

Getting Version Information of a Microsoft SQL Server Instance

When working on a customer's Microsoft SQL Server, it often helpful to know what edition it is and what service packs are install.  This is a Transact-SQL query that will return (almost) everything one needs to know about the SQL Server instance:

SELECT SERVERPROPERTY('machinename') AS 'Server Name',
     SERVERPROPERTY('instancename') AS 'Instance Name',
     SERVERPROPERTY('productversion') AS 'SQL Server Version',
     SERVERPROPERTY('productlevel') AS 'Product Level',
     SERVERPROPERTY('edition') AS 'SQL Server Edition',
     SERVERPROPERTY('collation') AS 'Default Collation',
     SERVERPROPERTY('licensetype') AS 'License Type';

The results returned by this query are:

Server Name  –  The name of the computer on which SQL Server is installed.

Instance Name  –  If SQL Server was installed as the default instance, this value will be NULL.  Otherwise, it will name of the instance.

SQL Server Version  –  The version of the SQL Server instance.  This can be used to determine what updates have been applied to the instance.

Product Level  –  The current installed Service Pack.  If this value is RTM (Release To Manufacturing), then no service pack is installed.

SQL Server Edition  –  This is the edition of the SQL Server instance.  Possible values are “Express Edition”, “Workgroup Edition”, “Web Edition”, “Standard Edition”, or “Enterprise Edition”.  The edition determines what features are available in the SQL Server instance.

Default Collation  –  The default server collation value that was selected when the SQL Server instance was installed.

License Type  –  The type of client licenses used by the SQL Server instance.  If this value is DISABLED, then the license type is per-processor (which is anonymous access).

This query works with all editions of SQL Server 2005 and higher.

Posted in Windows.

FrontPage Server Extensions – The End Is Nigh

How many of you out there are still using FrontPage Server Extensions?  A few hands.  Most have moved off FrontPage, but there are still a few whose websites are totally dependent on FrontPage.  For whatever reason, they haven't revamped their code to get away from FrontPage. Microsoft officially killed off FrontPage Server Extensions with the release of Windows Server 2008 and IIS 7.  But despite everything that Microsoft has done, FrontPage continues to cling to life by its fingernails.  It's been a while, but just recently I ran into someone still using FrontPage.  A customer whose old server died and had to be rebuilt was facing the sudden and unplanned upgrade from Windows Server 2003 to Windows Server 2008.  And all of his web applications depended heavily on FrontPage Server Extensions.  As one who has helped out customers migrating to new servers, I've had to advise them about the current state of FrontPage and their options.

Official Status of FrontPage Server Extensions – The View from Redmond

Windows Server 2003 (and R2) was the last version to include support for FrontPage Server Extensions.  Microsoft FrontPage 2002 (the web designer application) was last version to be included with Microsoft Office, in the higher-end editions of Office XP.  FrontPage 2003 was released as a standalone product and was not included in any edition of Office 2003.  And with that, Microsoft hoped to move people along to ASP.NET, Expression Web (the web designer replacement for FrontPage), and SharePoint.  Realizing that people might still need to work with their FrontPage web applications for a while, Expression Web was able to open and edit, but not create, FrontPage web pages. The FrontPage Server Extensions that were released for Apache running on Unix/Linux were withdrawn by Microsoft in 2006, and though they can still be used on the servers where they were installed, it's technically illegal to install them on a new server.  But I seriously doubt many in the Linux community shed any tears over this. Windows Server 2008 was released without any support for FrontPage Server Extensions from Microsoft.  Legacy ASP code was fully supported, but FrontPage was officially dead.  (But what Microsoft wasn't telling anybody was that FrontPage Server Extensions were still being used to publish ClickOnce applications as late as Visual Studio 2008.)

Ready-to-Run Software to the Rescue

While Microsoft declared FrontPage dead, there were enough people out there still dependent on FrontPage Server Extensions that Ready-to-Run Software created a package that could be installed on Windows Server 2008 and IIS 7 to support FrontPage web applications.  This is a free-to-use download from the IIS community site.  I personally have not used this package, so you are on your own. For those running Windows Server 2008 R2 and IIS 7.5, Ready-To-Run has also released a FrontPage Server Extensions package for that platform as well.  But this time, you have to buy a license to use it.  I guess they figure that anyone still using FrontPage web applications are desperate enough to pony up some cash to put off the inevitable for one more version of Windows Server.

The Sun Sets on FrontPage

Despite the work by Ready-To-Run Software, this has only bought those you still using FrontPage Server Extensions a short lease on life (for your web applications, that is).  Windows Server 2012 is unlikely to have any support for FrontPage Server Extensions, so a revamp of your web applications is unavoidable.

Posted in Windows.

IIS SMTP Server SmtpOutboundCommandSupportOptions Bug

The Simple Mail Transport Protocol (or SMTP for short) Server has been a part of Internet Information Services (IIS) since the days of Windows NT Server.  Over the years, little about it has changed, nor is any big revamp expected by Microsoft.  This is underscored by the fact that the SMTP Server was not made a part of IIS 7, instead remaining available in Windows Server 2008 has an IIS 6 legacy feature.  And for the most part, this is fine.  Although totally useless as an inbound mail server (except for Windows Server 2003, when Microsoft added a matching POP3 server), it excels in one area that keeps it firmly a part of the Windows Server feature set, even though IIS has moved on to be fully integrated with the Microsoft .NET framework.  It's a capable relay for outbound email create by web applications.

The SMTP Server is a smart mail server, meaning that it can deliver messages directly to the recipient's mail server.  Which allows web applications to send out email directly from the server without having to relay through an intermediate mail system.  (Of course, there is a trick to this, and I'll cover the proper configuration the IIS SMTP Server in a future post.)  But while the SMTP Server hasn't changed much over the years, how mail servers communicate with other did when Enhanced SMTP (ESMTP) was introduced to extend the SMTP command set.  It has eclipsed the older SMTP command set and ESMTP is now used by the vast majority of all mail servers.  In fact, the large public email services like AOL, Gmail, Hotmail (or Outlook.com), and Yahoo won't even talk to a mail server that doesn't speak ESMTP.

And here lies a big problem for most IIS SMTP Servers.  Although the SMTP Server supports ESMTP, it is disabled by default!  Thus when the SMTP Server tries to deliver email to recipients at one of the large public email services, the connection is simply closed without any failure notice.  The SMTP Server keeps trying to deliver the email, each time being rebuffed by the large public email services, until it finally gives up and moves the message to the Badmail folder.

When I encountered this a couple of years back, I was trying to figure out why email relayed through the SMTP Server wasn't getting to Gmail and Yahoo recipients.  Mail was being delivered to other mail systems just fine, just not the big players, which represented about half of the intended recipients.  I finally stumbled upon an obscure TechNet article that partially (partially!) documented the IIS metabase setting called SmtpOutboundCommandSupportOptions.  This a bit-mapped value, and by setting or clearing various bits, you can turn off or on support for various ESMTP commands when making outbound connections.  (There is a similar setting called SmtpInboundCommandSupportOptions which does the same thing for inbound connections.)

According to the documentation, the value of the SmtpOutboundCommandSupportOptions setting defaults to 7697601, which turns on support for all the ESMTP commands for outbound connections.  But the default value as listed in the official Microsoft documentation is totally incorrect.  The real default value is 7!  Which means that ESMTP support for outgoing connections is disabled, so trying to communicate with the large public email services is a completely futile exercise.  By when I changed the setting to officially document default value of 7697601, the SMTP Server was now able to deliver email to the large public email services without problems, and the outbound mail queue was suddenly empty.

So how do you change the value of the SmtpOutboundCommandSupportOptions setting?  It's actually very simple.  It can done using the ADSUTIL.VBS script or by editing the metabase directly.

Using The ADSUTIL.VBS Script

ADSUTIL.VBS is a VBscript utility created by Microsoft for working with IIS metabase.  It must be run from a Command-Line Prompt windows using CSCRIPT.  It is normally find in the folder C:\inetpub\AdminScripts\, and on Windows Server 2008, requires that the "IIS 6 Scripting Tools" feature be installed.  Some hosting companies move this to a different folder in their Windows Server builds, which was the case for Windows Server 2003 at Peer 1, where it's locating the D:\AdminScripts folder (we stopped moving it in Windows Server 2008).  Once you've located the ADSUTIL.VBS script, open a Command Prompt windows, change to the directory where the script is located, and run the following command:

cscript adsutil.vbs SET SmtpSvc/SmtpOutboundCommandSupportOptions 7697601

which will return the following message:

SmtpOutboundCommandSupportOptions: (Long) 7697601

In order for the change to take effect, you need to restart the "Simple Mail Transport Protocol" service.

Editing The IIS Metabase

Should the ADSUTIL.VBS script not be available, you can edit the IIS metabase directly using Notepad.  NOTE: You will need to stop IIS in order to save the changes made in Notepad.

  1. Stop the IIS services using the command:

    IISRESET /STOP
  2. Open the file C:\WINDOWS\system32\inetsrv\MetaBase.xml in Notepad.
  3. Under the section IIsSmtpService Location = "/LM/SmtpSvc", find the property SmtpOutboundCommandSupportOptions. Since this property appears only once in the metabase, the quickest way to locate it is Notepad's Find utility (Edit –> Find).
  4. Change the property so it reads:

    SmtpOutboundCommandSupportOptions="7697601"
  5. Save the file.
  6. Restart the IIS services using the command:

    IISRESET /START

And that's all there is to it.

Posted in Windows.
All information in this blog is provided "AS IS" with no warranties and confers no rights.
The opinions expressed in this blog are mine alone and do not represent those of my employer.
 
Powered By PEER 1 Managed Hosting
POWERED BY PEER 1 MANAGED HOSTING