So it's been over a decade

So much has changed.  One thing I've noticed recently is how often I search for something online and get no results.  None.  This happens most often when pasting error messages to a Google search inside of quotes.  "Surely I cannot be the only one who's searched for this" is something I say out-loud on a regular basis.  What happened?  How is it possible that Google has not seen an error message before and suggests to remove the quotes?  Maybe more people are searching and less people are posting.  I don't know why else this may be.  So here.  I post an error and share some frustration.

Error: DeletingCloudOnlyObjectNotAllowed

This error indicates that a deleted object was recovered from the recycle bin in Azure AD before Azure AD Connect was able to confirm its deletion. Please delete the recovered object in Azure AD to fix this issue.

This is an AAD Connect sync issue related to Public Folders that are nowhere.  I cannot find them in the cloud and they don't exist in local AD.  I have been in contact with MS Support for months and have worked with two different engineers so far.  I've deleted public folders from EAC and ran multiple syncs - deltas, initials, and fulls.  I have used Remove-ADSyncToolsAadObject naively thinking that would do the trick, but it was just a different route to the same results.

Microsoft's error message points to support docs that are of no help.  For example, browse the docs and see if you can find the error message above.  In fact, search the web for DeletingCloudOnlyObjectNotAllowed.  Google returns only two pages of results.  Much of it is "Microsoft Answers" and is unrelated to my, apparently, one-of-a-kind issue.  None of the results are to official MS documentation.  Oh, there is a GitHub result buried in there, but it still gets me nowhere.

I'm not saying this is Google's fault.  The content apparently isn't out there.

With the present and future being cloud based, it would be great if there were more tools to give insight into cloud based products.  Take Azure AD for example.  Where is the equivalent of ADSI Edit?  PowerShell is great, but not everything is exposed which tends to leave us scratching our heads from time to time when troubleshooting things that should not be this hard to resolve.

If you found this while searching the same error, or if you've had this error before, I'd love to hear if and how you resolved it.

I guess that's all I got.  Maybe in another decade or so I'll have something else to say.

SYMEVENT.SYS -- I HATE YOU!

Recently, on a shiny new install of Windows 7 Professional of all things, I've experienced two BSOD's (blue screen errors) complete with nice fancy stop codes (sorry, I did not grab the stop codes).

A quick debug of the minidump file reveals something that I've seen before... in Vista!!

The culprit:

SYMEVENT.SYS

Symantec, what's up?

The first time I saw this was in Vista Home Premium last year, running Symantec Endpoint Protection (SEP) version MR4. Thankfully, the fix was quite simple: Boot to safe mode and uninstall SEP, reboot and reinstall SEP then rejoice. What has causes this? I have not searched for that answer yet.

In comes Windows 7 and my most recent (TWO!) run-in's with a BSOD caused by SYMEVENT.SYS -- only this time it is with version MR5. The fix is the same, but the catch is that Windows Installer does not work in Safe Mode. Well, out of the box that is. Following the instructions found on Symantec Connect here, editing the registry will allow Windows Installer to run in safe mode and let you uninstall SEP.

*NOTE: The registry entry is different for Safe Mode vs. Safe Mode with Networking so READ before you copy and paste! (I'm guilty, I've done it).

Taken directly from Symantec Connect:

1. Safe Mode.
   Type this in a command prompt:

   REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
   \Minimal\MSIServer" /VE /T REG_SZ /F /D "Service"
   
   

   and then

   net start msiserver
   
   

   This will start the Windows Installer Service.

2. Safe Mode with Network
   

   REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
   \Network\MSIServer" /VE /T REG_SZ /F /D "Service"
   
   

   and followed by

   net start msiserver
   
   

   This will start the Windows Installer Service.

Source: http://www.symantec.com/connect/blogs/windows-installer-safe-mode

SQL Server Service Manager

I needed to remove an MSDE instance from the SQL Server Service Manager because it no longer existed and I was annoyed by the error message I was receiving each time I logged onto the server. After to many unsuccessful Google searches, I just decided to open the registry and fire up the good old "F3" ("Find Next" function -- also found via the Edit menu) to look for the name of the instance I was trying to get rid of to see if I could edit it manually.

THANK GOD! It was actually extremely simple and successful.

If ever you run into the same situation as me, here is the registry key and the value you are looking for:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\InstalledInstances

It is a Multi-String Value (REG_MULTI_SZ) and it's as easy as removing the instance in question from the list.

Wish I would have felt like spending a few minutes doing this months ago.

The API Remoting Web Service is not working

So, ever since I upgraded from WSUS 2.x to 3.x, I have been seeing this error in my Application log. I couldn't find anything broken, I just kept seeing this error. After countless searches on Google and many hours wasted--I gave up. This morning I decided I really didn't like this error, so I decided to giver 'er another go.

• I checked all the File Permissions as directed by TechNet
• I checked all the Registry permissions as directed by TechNet
  
• I checked all the ISS permissions as directed by TechNet
• I restarted IIS, Reset IIS, & restarted the WSUS Service
• I ran wsusutil.exe checkhealth
  

Still nothing.

As I'm staring at the values in this registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Update Services\Server\Setup

I notice that the String "HostHeader" contained the external DNS FQDN instead of the Internal. I figure "that's odd", so I change it to the local DNS FQDN, host.domain.local. after all, I'm only running WSUS internally. Sure, I host our .com zone internally so things like OWA can be accessed from inside without having to give users yet another URL, but I figured that in this case, WSUS should be using the local FQDN no matter what.

SUCCESS!!

I went from basically seeing the Event ID 12012 about 4 or 5 times a day to not seeing it at all. Whowuddathunkit?

"The simplest things are ALWAYS DNS!"

"It's Always DNS"

This is a phrase that I say quite often. Why? Because it often holds true. When things aren't acting as they should, and you've checked the physical layer (remember kids, "physical layer first!") DNS is the next place to look.

So why do I say "it's always DNS"? It is the most common answer to the most confusing scenarios. For example, why can't Susan use app x when Bill is having no issue with it? Or how come Susan's Outlook is working just fine, but Bill can't seem to open his passed the splash screen? In these cases--check DNS.

First step is to check things at the client-side. Do this by flushing the DNS cache via the command line:

c:>ipconfig /flushdns

Next, try to ping the hosting machine:

c:>ping AppServerInQuestion

If the pings reply, great! Try the app or service again. If the pings do not reply, flush the client again and move on over to the DNS server to have a look at what's going on. This is where knowing your environment will be key.

Take a look at the Forward Lookup table and make sure that there is only one entry for the machine in question. For an easy way to do this, sort by hostname to easily find the host in question. Also, sort by IP address and verify it is only listed once for this host.

Some common signs that a problem may be related to DNS:

• Mapped drives are not there, or not connected
• Remote administration tools are hanging or just not working
• Outlook mysteriously isn't working
• A ping to a host hangs, even though you can see that it is on and connected
• A ping to IP is successful, but a ping to a hostname is not
  

Error messages in the Event Logs are a big help in troubleshooting issues.... and when troubleshooting anything, remember to ask yourself "What changed?" as that can always clue you in to what's going on.

Other useful resources are places like EventID.net and just a plain Google search. Sometimes I've found that a Google search is more useful or more helpful than any other resource on my list.

Using Gmail as an E-Mail Client

I have read quite a few articles about people using Gmail to filter spam out of their company email or other email account. This does work very nicely since Gmail offers POP3 access free of charge. I have actually been using it for a somewhat similar solution. Ever since my toddler fried the motherboard in my laptop and I had no access to my Outlook, I had to think of something quick because my Road Runner Webmail only comes with 10MB of storage (yes, it would fill up after my Dad sends me 2 jokes with attachments). So, after a few seconds of thought process, I had an idea: "Why not setup Gmail as my Email Client!?" Gmail has some very nice features, so this was a no-brainer.

First, I logged into my Road Runner Webmail, went to the Options page and set it to forward everything to my Gmail address. Next, I logged back into Gmail and went to the Settings page. Here there is a tab labeled Accounts where you can add an email address to "send as". By adding my Road Runner email address and clicking the radio button for:

When I receive a message sent to one of my addresses:
Reply from the same address the message was sent to.

After adding the new "account" to Gmail, a message is sent to my Road Runner email confirming that this is my address and basically requesting permission to allow Gmail to send messages which claim to be from that address. Since I already set up forwarding, this message just shows up in my Gmail inbox. Once all of this is completed--viola! I never ever have to go into my Road Runner account for anything. If someone sends a message to my Road Runner account, I receive it in my Gmail account. When replying to that email, Gmail recognizes what E-Mail address the message was sent to and automatically replies using that address. Seamless! This can be taken a step further by using Gmail's Labels and Filters options to visually point out which address a message was sent to--if you feel you need to know. I opted out of that setting, as I really don't care anymore.
Another idea I came up with in regards to this feature was misspelled email addresses. My last name is often butchered, so I decided to setup a few more Gmail accounts, using the most common misspellings of my last name, and have them set to forward to Gmail in the same fashion as above. The only downfall to this is that my replies will come from the misspelled address as well, so there isn't a whole lot of room to force a spelling correction on the sender, unless I notice the misspelling in my "send as" address in the drop down menu which will display above every outgoing message.

I have also noticed that Gmail recently added an option to GET mail from POP3 accounts. I have not went through this process yet, as I have no other E-Mail addresses (THANK GOD!) to setup. I am not sure how recent this addition was, but it's new to me as I haven't peeked at the Gmail settings page in some time.

So there you have it. Multiple ways of using Gmail as your E-Mail client. Access your email from anywhere, including your mobile phone, and never worry about size limits again.