Syed Jahanzaib Personal Blog to Share Knowledge !

February 25, 2013

Symantec Mail Security for DOMINO / Short Notes


Symantec Mail Security For Domino Short References:

SAV QUARANTINE Size grow too large

If Quarantine file of Symantec Mail Security for DOMINO grow large in size , you can simply delete it by using

tell sav quit
tell npas quit

Now from DOMINO Admin Client, goto FILES, and goto SAV Folder, now right click on SAVQUAR.NSF and select DELETE

after its done deleting, simply re load SAV by using

load nntask
load npas

Done.!


Install License

To install (or change) SMSDOM License file in Windows 2008 64 bit, Follow the below.

First stop SAV and npas by

tell sav quit
tell npas quit

Now delete symantec license file from symantec folder which is in .slf extension. License Files Location (you can also search *.slf extension in C:\ drive)

C:\ProgramData\Symantec Shared\Licenses

Now start SAV by

load nntask
load npas

Now from domino admin client, goto Files/SAV/Settings/Licensing/ and click on INSTALL OR UPGRADE LICENSE
[Note: Make sure you are connected to internet before performing this action.]
Simply browse to the location where your license .lic file is available , You should have two license files, one for the product license, and second for the renewal/pas .

You should see Successful message upon valid license verification. If not, please provide valid license or contact your local vendor to acquire right license for your product.

TIP: Also make sure that you enable Premium Antispam from SAV SETTINGS / ANTISPAM / PREMIUM ANTISPAM / CONTROL and make sure there is Green Tick icon on your server displayed.


Howto disable SAV from loading at domino startup/ Service Startup order at the time of troubleshooting

Remove nntask and npas from notes.ini and try to re-start Domino. This time domino will not load SAV. Make sure you change the port back to 25, because sav changes the port form 25 to random port like 31425
For me,It was required at the time of troubleshooting when domino was not able to receive any email from outside. what a painful time that was bro 😦 😥

Also note that when SAV is enabled, try to load services in following order.

tell smtp quit
tell sav quit
tell npas quit

Now Start service in following order

load nntask
load npas
load smtp


How to gather Information of SAV via domino console

tell SAV info

Howto Start / Stop SAV & Premium AntiSpam PAS Service task

To quit SAV, issue following command at domino console

tell sav quit
tell npas quit

To start SAV & PAS (Premium Antivirus Service)

load nntask
load npas


Symantec Premium Antispam Service not enabling after Re installation / Upgrade

After you re install SAV , PAS is not enabling, which is essential in order to filter / block SPAM mails from arriving in your user’s Inbox. In SAV settings / ANTISPAM / PREMIUM ANTISPAM , when you double click on your server to enable PAS,

First make sure you have valid license installed for SAV. I ad SEPM suite, so i ad to install 2 license files, one for the product itself, second for the PAS (PAS have separate license)

Issue tell SAV info from domino console.

Sample of working sav info is below.

tell sav info

02/23/2013 06:34:18 PM  Remote console command issued by syed jahanzaib/XYZ: tell sav info
Auto-Protect:
EMail Scanning:             on
Write Scanning:             on
Mass-Mailer Cleanup:          on
Security Risk Detection:      on
Premium Antispam Services:    off
Standard Antispam Service:    on
Content Filtering:            off
Multimedia-Executable analysis: on
Outbreak Detection:           on
Virus Definitions:            02/22/2013 rev. 003
Spam Definitions:             07/28/2009
Last Threat Found:            none
Description:                none
Quarantined Documents:        0
Unrestored:                 0
Statistics Since:             02/23/2013 01:55:59 PM
Auto-Protect:
Files Infected:           00
Files Repaired:           0
Files Deleted:            00
Files Unrepaired:         0
Other Scans:
Files Infected:           0
Files Repaired:           0
Files Deleted:            0
Files Unrepaired:         0
Mass-Mailer Cleanup:
Messages Deleted:         0
Security Risks Detected:    0
Spam Mails Detected:        00
Scan Errors Detected:       0
Current product license: FULL LICENSE. Final product license expiration: NONE.
Current content license: FULL LICENSE. Final content license expiration: 06/20/xxxx.
Current premium antispam license: FULL LICENSE. Final premium antispam license expiration: 06/20/xxxx.

As you can see that Current product license , Current content license and current premium antispam license is valid but still PAS is not enabling, Follow the below . . .

# Make sure your SAV and PAS service are set to auto start in notes.ini
Sample of notes.ini section where SAV info is entered, make sure you have ntask and npas in line. Sample is below

ServerTasks=nntask,npas,Replica,Router,Update,AMgr,Adminp,Sched,CalConn,RnRMgr,HTTP,IMAP,POP3

load npas service manually , and then try to enable PAS

load pas npas

Now try to enable PAS, hopefully it will enable in few seconds without any error 🙂 Dont forget to click on refresh after few seconds to get update result.

SYMANTEC MAIL SECURITY FOR DOMINO , LIVE UPDATE NOT WORKING

If you receive error: “Another instance of LiveUpdate is already running…

When running LiveUpdate in Symantec Mail Security 8.1.x for Domino, then

– at your domino server task manager, end task java.exe and any instance with liveupdate and then run live update again.
– In Windows Task Manager – Processes – End all the process containing “java”
– In C:\Windows\Temp (smsdom default temp directory) delete any file which is named “smsdulck” or “Jlu.Session.End.dat”
– In the LiveUpdate tab press “Run LiveUpdate Now”. This should update the definitions.

More to come.

Regard’s
Syed Jahanzaib

February 22, 2013

Howto block DHCP traffic via Mirkotik BRIDGE

Filed under: Mikrotik Related — Tags: , , — Syed Jahanzaib / Pinochio~:) @ 7:44 PM

Howto filter traffic via BRIDGE in Mikrotik RouterOS / RB

network-zaib

Scenario # 1

# Network A is running VPN server with DHCP server having ip pool 172.16.0.0/16 series.

# Network B is running PPPoE server with DHCP server having ip pool 10.0.0.0/xx series.

Now Network A wants to merge with Network B and the Operator A wants to use his own DHCP rather then using Network B DHCP. As we all know that we cannot run two DHCP parallel in same network. Following is an workaround to accomplish the task.Create BRIDGE in mikrotik and block DHCP traffic. See the following rules. These are CLI commands , but you can use the GUI to do the same.

First Add bridge port.

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes disabled=no forward-delay=15s l2mtu=1522 \
max-message-age=20s mtu=1500 name=ds-bridge priority=0x8000 protocol-mode=none transmit-hold-count=6

Now Add Ethernet ports in bridge, For example we want to use Port No 2 and 3 for bridge.
[ Port 2 is connected with Network A and port 3 is connected with Network B ]

/interface bridge port
add bridge=ds-bridge disabled=no edge=auto external-fdb=auto horizon=none interface=ether2 path-cost=10 point-to-point=\
auto priority=0x80
add bridge=ds-bridge disabled=no edge=auto external-fdb=auto horizon=none interface=ether3 path-cost=10 point-to-point=\
auto priority=0x80

Now enable firewall filtering for this bridge.

/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=n

Now your BRIDGE is ready to pass traffic to both networks.

Add firewall filter rules to block DHCP traffic, You can use the same topology to filter any traffic from passing by, For example common virus ports or any specific port you like to block , you can simply add it in filter rules.

/ip firewall filter

add action=drop chain=forward disabled=no dst-port=67 protocol=udp
add action=drop chain=forward disabled=no dst-port=68 protocol=udp

add action=drop chain=input disabled=no dst-port=67 protocol=udp
add action=drop chain=input disabled=no dst-port=68 protocol=udp

add action=drop chain=output disabled=no dst-port=67 protocol=udp
add action=drop chain=output disabled=no dst-port=68 protocol=udp

I dont remember exactly but I guess one or two rules in above are not necessary, i guess OUTPUT rules are not necessary. Just check the packets counting and remove un unnecessary rules.

 

Regard’s
Syed Jahanzaib

IBM Lotus Domino Migration and common troubleshooting Tips

Filed under: IBM Related — Tags: , , , , , — Syed Jahanzaib / Pinochio~:) @ 4:40 PM

lotus

Recently, in our company, we had a power failure dueto UPS malfunction. After restoring everything back to normal, our email system IBM Lotus Domino 8.5.2 (FP2) services failed to start. We also had Symantec for Lotus Domino installed. Its kernel also got panic, and failed to fire up. Few mail boxes were also corrupted and there inbox view disappeared.
Note that we have very big email boxes for many users like 15,20 30GB and mailtracking account crying loud at 40+GB.

After many hours of stress and painful struggling , removing Symantec for mail security, its port configuration in ports section, I was finally able to start the Domino Server and emails start flowing .

When everything got back to normal (except for the Symantec mail security) and many hours downtime dueto R&D, I finally thought to create a DR server for DOMINO so all data should be moved to this DR server, and replace the Production server hardware with newer model of IBM Xseries M4 server.

Following is a complete method on how I migrated my Lotus Domino server to new machine.

SCENARIO:

IBM LOTUS DOMINO PRODUCTION SERVER

OS / APPLICATION
Windows 2008 R2 SP1 installed in OS C: drive
IBM Lotus Domino 8.5.2 FP4 installed in D:\LOTUS
Symantec For Lotus Domino 8.0.9.151 installed at setup default location

HARDWARE
IBM Xseries M2
RAID1 for OS
RAID5 for Lotus Domino Installation & DATA

For migration I followed following steps.

1) Install Windows 2008 R2 SP1 on new machine in C: Drive
2) Run Windows Update
3) Install IBM Lotus Domino 8.5.2 (or whatever Version you have) in D:\LOTUS
BUT
DO NOT RUN SERVER CONFIGURATION WIZARD . . .
4) Install Domino FP4, if any (or whatever FP Version you have)
5) Install Symantec For Lotus Domino 8.0.9.151 at setup default location (If you have SAV)
6) Copy notes.ini from Production Domino Server to this new machine at D:\LOTUS\DOMINO
7) STOP DOMINO SERVER AT PRODUCTION SERVER by using quit command in console.
(You can copy data from live server to this DR but chances are high that few mail boxes will require consistency check and possibly few attachments or user inbox view can be corrupted and need to re rebuild by refresh design and fixup. In my case I had the DATA folder in my file server, so I copied it from there.

8) Copy complete DATA folder from Production Domino Server (or File Server if you have backup it to file server) to this machine at D:\LOTUS\DOMINO  (Overwrite all files).
Please note that DATA folder can be big in size and can take long time for copying as it also contains mail and possibly archive folder which contains users mail files. In my case, DATA folder size was around 400GB and it took around 5 hours to copy the whole data.
The DR server was low specs IBM Xseries 3650 refurbished server with RAID5 for DATA .
At production server, I was using IBM Xseries M2 with RAID5 for DATA , and Gigabit connectivity, Copy time can vary as per the network and hardware capacity.

9) Unplug the Production server from LAN.
10) Rename the DR server name with the Production server name and same ip address, same as production domino server. and restart

Upon rebooting, Start the Lotus Domino Server console and monitor all the messages appearing on the screen. It may take some time to start the server because it will first initialize all the LOGs file. In my case it took 15-20 minutes to initialize the server at first time. You can delete un necessary logs file like LOG.NSF to speed up the process. Also dont forget to install license for Symantec Mail Security For Domino. Usually there are two license files for SAV, one for product, second for PAS, and renewal updates.

 


 

LOTUS DOMINO CRASH NiGHTMARE    :-o)

Last week I received following error at my Domino Server.

LN-ERROR

I tried restarting server several times, install all windows updates, removed antivirus for test purpose, removed all un necessary services, Updates Server hardware Firmwares and all other patches but still i received above error showed in the image.

QUICK FIX: Delete mil.box and log.nsf file from DATA folder and see if it helps. It helped me in starting Domino server. ( I guess some corrupt mail with undetermined string crashed the server). Also open the domino cosole, sometimes the last line gives you some crucial information. If Several crashes which occur just after mail delivery to a specific user , better to check his mail database, rules set, agents etc. Also check web access logs, name picker from iNotes DB also causes some issues.

I then re installed fresh copy of Windows 2008 OS on DR VM, Updates patches, Re install Fresh copy of Domino, and then I imported the DATA folder from the backup, but still this error keep appearing at the time of startup at various timings. After lot of googling, and a good working TIP from previous admin, I was able to solve the issue.

– Remove Lotus Domino, delete all its leftover entries and folders, usually D:\lotus folder
– Restart Server,
– Re Install Domino Server, Update FP if any, Its always a good idea to install latest FP availble
– Don’t import whole DATA folder from previous server, Just copy following data
>> LOTUS\DOMINO\notes.ini
>> LOTUS\DOMINO\DATA\MAIL folder which contains users mail
>> LOTUS\DOMINO\DATA\ARCHIVE  folder which contains users archive (If any)
>> LOTUS\DOMINO\DATA\name.nsf   admin4.nsf  server.id admin.id cert.id
>> LOTUS\DOMINO\DATA\INOTES  (If mail web access is enabled)
>> LOTUS\DOMINO\DATA\dominocg.nsf , iwaredir.nsf (If mail web access is enabled)

Now restart Domino server, hopefully it will work fine 🙂


 

Server Error: File truncated – file may have been damaged

LN-File-Truncated-message

If you see the above error message when you try to open your mail box via Lotus Notes, or from the Domino Admin client, then simply run fixup on your mail box via console.

load fixup -f mail/yourmailbox.nsf
(also add -J if you have transactional logs enabled)


 

Cannot find external name: NAMESORTVIEWPO

IMAGE$582E57263ED9BF60

Open your inbox
Select ActionsFolderUpgrade folder design
Choose “Automatic” and complete the process.
Close/re-open mail.

This should fix your problem.


 

Domino Console Commands

To show task or users
show task
sh task

show users

 

Administration Process Force update
tell adminp p all

To restart HTTP / Router or SMTP task
tell http quit
tell http start

tell smtp quit
load smtp

tell router update config
tell router quit

load router

To disconnect all notes users on server
Drop all

Mail File Repairing / Compacting / ODS conversion commands

To repair mail files, (-J for Transactional logs, if you are not using it then remove -J)
load fixup -F -J mail\

To convert Database ODS from previous to new (Dont forget to add Create_R85_Databases=1 in notes.ini)
load compact -c mail\

To compact DB with removing whitespace and reduce file size.
load compact -B mail\yourmailfile.nsf

To initiate archiving the mail DB
load compact -a mail\yourmailfile.nsf

To remove white-space and reduce file size.
load compact -B mail\yourmailfile.nsf

To shutdown / cancell compact process
tell compact quit

UPDALL keep view indexes and full-text indexes up-to-date.
load updall -R mail\


 

LOTUS DOMINO SERVER MAIL RETRY VALUES

Messages going out to the Internet are placed into a Retry state, if there’s issue attempting to send the message . Default retry timings are

15 minutes,
then 30 minutes,
and then every 45 minutes for 24 hours (by default). This is also configurable.

To force delivery , you can use route * command in console.


 

Regard’s
Syed Jahanzaib

Start windows service under different user credentials

Filed under: Microsoft Related — Tags: , , — Syed Jahanzaib / Pinochio~:) @ 3:02 PM

To start windows service under another user credentials , Use following

In Windows 2003:

IF the user belongs to local system

sc.exe config SERVICENAME obj= .\USERNAME password= 123456
net start “SERVICENAME”

OR

IF the user belongs to Domain

sc.exe config SERVICENAME obj= DOMAIN_NAME\syed.jahanzaib password= 123456
net start “SERVICENAME”

TIP: Make sure you add SPACE after each equal sign in command .

For example: obj= SERVICENAME

It was required for me to start SAP services, after configuring user account with password in services console, they remove password after every restart of system, therefore I made this batch file to execute on startup so they start automatically upon reboot.

Regard’s
Syed Jahanzaib

February 4, 2013

Lotus Notes 8.5 hangs at Splash Screen after Entering Password


Today morning I faced problem in Lotus Notes Client (8.5.2) that after entering password, it hangs on Splash screen on

Loading . . . .Please wait

and it loops forever , or some times it exit automatically after entering password.
As showed in the image below . . .

lotus.

I did the following to resolve it.

First try this quick fix.

Open Task Manager and end all the notes related tasks, e.g

notes2.exe
nlnotes.exe
rcplauncher.exe

Now try to launch Notes Client again, if it showed the same issue of hanging, then proceed with the following FIX.

*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-

Open Task Manager and end all the notes related tasks, e.g

notes2.exe
nlnotes.exe
rcplauncher.exe

Now Delete all the contents in the folder \Program Files\IBM\Lotus\Notes\Data\workspace

 

(For Win7 64 Bit)
C:\Program Files (x86)\IBM\Lotus\Notes\Data\workspace

(For Win7 32 Bit)
C:\Program Files\IBM\Lotus\Notes\Data\workspace

 

As showed in the image below . . .

delete.

Now restart Lotus Notes client. Hopefully it will start without any issue this time 🙂

 

TIP:

[You can also rename the workspace folder to some other name like workspace.old1 and restart lotus notes, it will recreate the fresh folder and files again]

Always try to use latest version of Lotus Notes client with its FP. As of writing the last version of notes client (in 8.x series) is 8.5.3 with FP3 available. (July  2013)

 

Regard’s
Syed Jahanzaib

Create a free website or blog at WordPress.com.