I recently encountered an issue with email alerts in Team Foundation Server 2012. Unfortunately the process to enable email logging is a little more in-depth than it should be and I’ll cover that process here.

1. First open a command prompt on the TFS application server and navigate to the “tools” directory under your TFS install directory. Then run the following command:

tfsconfig configuremail /Enabled:True

2. Open PowerShell on the TFS application server and run the following commands to increase the log level from 0 to 2:

# Load client OM assembly.
[Reflection.Assembly]::Load("Microsoft.TeamFoundation.Client, Version=11.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a");
 
$collectionBaseUrl = "http://YOURTFSSERVER:8080/tfs/YOURCOLLECTION/";
 
$tfs = [Microsoft.TeamFoundation.Client.TeamFoundationServerFactory]::GetServer($collectionBaseUrl);
$collectionHive = $tfs.GetService([Microsoft.TeamFoundation.Framework.Client.ITeamFoundationRegistry]);
 
# Set the setting in the collection hive.
$collectionHive.SetValue("/Service/Integration/Settings/NotificationJobLogLevel", "2");

3. Login to the SQL server and run the following query against the TFS_Configuration database:

SELECT TOP 10 DATEADD(HOUR, -7, StartTime) AS StartTimePDT, RESULT, ResultMessage
 
FROM [Tfs_Configuration].[dbo].[tbl_JobHistory]
 
WHERE JobId = 'A4804DCF-4BB6-4109-B61C-E59C2E8A9FF7' AND RESULT <> 0
 
ORDER BY StartTime DESC

4. You will now see a detailed error under the “ResultMessage” column. In my case the following part of the error pointed me in the right direction:

Exception: System.Net.Mail.SmtpException: Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send as this sender

5. To clear this specific issue I needed to allow SMTP relay on our Exchange server for the TFS application servers IP. Generally this isn’t needed when sending to internal addresses but I think the way TFS was pulling the email addresses from AD had something to do with it.

6. After you are done troubleshooting remember to set the logging level to 0 in PowerShell:

# Set the setting in the collection hive.
$collectionHive.SetValue("/Service/Integration/Settings/NotificationJobLogLevel", "0");

Having to use another keyboard to unlock a secondary computer over Synergy can be annoying. Synergy let’s you unlock a secondary computer by sending CTRL + ALT + Pause/Break, however a default Windows setting prevents this from working. To allow this follow these steps.

1. Launch the local group policy editor by clicking start and enter “gpedit.msc”.

2. Navigate to Computer Configuration/Administrative Templates/Windows Components/Windows Logon Options

3. Double click “Disable or enable software Secure Attention Sequence”.

4. Check the “Enabled” box and then select “Services” from the dropdown.

5. Click OK.

Unfortunately you will not be able to lock the secondary computer with this same command. For faster locking I recommend creating a shortcut with the following target:
C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation

This can then be placed on your start bar or start menu.

This article describes how to use an existing SSL for use with Stash. The process involves converting the certificate using OpenSSL, importing it into the Java keystore, and then updating the Stash configuration to utilize it.

1. First you will need to arrange your certificate in a .pem file. Open Notepad and copy/paste the certificate, key, intermediate certificate, and root certificate in the following format:
—–BEGIN RSA PRIVATE KEY—–
Private key for yourdomain.com
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
SSL for yourdomain.com
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
Intermediate certificate from the issuing authority
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
Root certificate from the issuing authority
—–END CERTIFICATE—–

2. Save the file as “yourdomain.pem”.

3. Open a command prompt and navigate to where you saved the .pem file. Then run the following command:

openssl pkcs12 -export -in yourdomain.pem > yourdomain.p12

Note: This requires OpenSSL to be installed. If necessary this can be downloaded here.

4. Copy the new .p12 file to the server if it is not already there. Then open a command prompt and run the following to import the certificate into the keystore:

keytool -importkeystore -srckeystore yourdomain.p12 -destkeystore server.jks -srcstoretype pkcs12

You will be prompted for two passwords. Make sure to enter the same password for both and make note of this for later. If keytool is not recognized as a valid command you will have to change directories to the Java JRE bin directory.

5. Edit the Server.xml file located in the “conf” directory of your Stash installation directory. Anywhere before the ending tab enter the following:

<Connector port="8443"
maxHttpHeaderSize="8192"
SSLEnabled="true"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
useBodyEncodingForURI="true"
acceptCount="100"
scheme="https"
secure="true"
clientAuth="false"
keystoreFile="C:\server.jks"
keystorePass="MyPassword"
sslProtocol="TLS" />

You may need to update the following values depending on your setup:
keystoreFile: This is the full path to the .jks keystore file.
keystorePass: This is the import password you used during step # 4.

I did not do any tweaking of the values listed above. They were simply taken from Atlassian’s guide Securing Stash with Tomcat using SSL.

6. Restart the Stash service and test by navigating to the following URL:
https://yourdomain.com:8443

When attempting to start sites in IIS the following error was thrown:

Full error from EventID: 15005

Unable to bind to the underlying transport for [::]:80. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.

First check to see what is listening on port 80. Open a command prompt and enter the following command:
netstat -ano | find ":80"

In this case process ID 4228 was listening on port 80. To check what this process is open task manager and locate that PID. (Note you may need to select View -> Select columns -> PID first).

It turns out a developer installed Apache which was listening on port 80 and causing a conflict. To resolve the conflict change one service to run on a different port or uninstall the unnecessary web server.

While trying to work with Microsoft Word on a server through .NET the following error was thrown:

Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005 Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).

To resolve this you will need to grant COM permissions to the user running the application pool.

1. Open up Component Services (Start -> Run -> dcomcnfg)
2. Expand Component Services -> Computers
3. Right click My Computer -> Properties

4. On the COM Security tab click Edit Default under the “Launch and Activation Permissions” section

5. Add the IIS_IUSRS group and check allow next to Local Launch and Local Activation

When trying to use Performance counters with WCAT testing I was getting this error on the final report:

An error occured collecting server information data. Check that WMI is available.

Looking back at the command prompt on the controller I also saw this:

ERROR:Unknown error -1073738789 (c0000bdb)

Wireshark and Procmon did not really indicate any problems. In my situation I was logged into the WCAT controller as a domain user which did not have administrative access on the web server I was trying to start the Perfmon counters on.

After adding this domain user to the administrative users group on the web server, the WCAT test successfully collected the Performance counters specified in my settings.ubr file.

After SQL was removed from Failover Cluster Manager I was unable to uninstall it. The following error was logged in the application logs:

Product: Microsoft SQL Server 2008 Database Engine Services — Error 25012. There was an error attempting to remove the configuration of the product which prevents any other action from occuring. The current configuration of the product is being cancelled as a result.

To correct this I needed to follow the steps below to tell SQL it was no longer in a cluster. Then I was able to uninstall normally.

1. Open Registry Editor (Start -> run -> type in ‘regedit’)

2. Navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10.MSSQLSERVER\ClusterState\SQL_Engine_Core_Inst

3. Change the value of this “SQL_Engine_Core_Inst” key from 1 to 0.

4. Uninstall as normal through Programs and Features

These instructions will work for Server 2003 and 2008. Here is the full error message:

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {12345} to the user NT AUTHORITY\NETWORK SERVICE SID from address LocalHost

1. Open Component Servers (Start -> Run -> dcomcnfg).

2. Expand Component Services -> expand Computers.

3. Right click My Computer -> Properties -> COM Security tab.

4. Click “Edit Default” under the “Launch and Activation Permission section.


5. Click Add -> Advanced -> Find Now.

6. Scroll down and select the “NETWORK SERVICE” user -> OK -> OK

7. Select the “NETWORK SERVICE” user and check the allow box next to “Local Launch”.


8. Click OK -> OK

I received the following error when trying to install the SNMP service on Windows Server 2008:

Attempt to install SNMP Service failed. The source for the specified package or file was not found (error value: 0x800F081F).

The solution was to install the System Update Readiness tool for the appropriate version of Windows. I recommend the manual install (method 2) here:
http://support.microsoft.com/kb/947821

After hotfix 947821 is installed just try installing the failing feature or role again. In my case an incomplete Windows update or feature installation was preventing the installation of the SNMP feature.

First check the current instance name by running these two queries:

1
2
select @@servername
sp_helpserver

Then to actually change this instance name run the following query. Make sure to update ‘old_instance_name’ and ‘new_instance_name’ accordingly:

1
2
3
4
sp_dropserver 'old_instance_name'
go
sp_addserver 'new_instance_name','local'
go

Restart the SQL service in order to apply this change. Then confirm it took effect by running the two queries mentioned above:

1
2
select @@servername
sp_helpserver