To put it simple,

  • DACPAC – Only Schema
  • BACPAC – Schema + Data (Native BCP format, previously compressed JSON)

A data-tier application (DAC) is a self-contained unit for developing, deploying, and managing data-tier objects. A DAC enables data-tier developers and database administrators to package Microsoft SQL Server objects, including database objects and instance objects, into a single entity called a DAC package (.dacpac file). The BACPAC format extends the DAC package format to include BACPAC-specific metadata and JavaScript Object Notation (JSON)–encoded table data in addition to the standard DAC package contents.

They can be interacted using SSMS, PowerShell and .NET. It is the most used method of backup and restore SQL Azure database.

You can rename either of the packages to a *.zip extension to see the XML content, however it is not the same as unpacking them.

If you have DAC installed on the machine, you can “Unpack” the file by right click contest menu entry.

DACPACs can be extracted through commandline using sqlpackage.exe

e.g. “C:\Program Files (x86)\Microsoft SQL Server\110\DAC\bin\sqlpackage.exe” /action:Extract /OverwriteFiles:False /tf:”C:\MyTestDB.dacpac” /SourceConnectionString:”Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=TailSpinToys;Data Source=SQL2012SERVER”

More info on sqlpackage – http://msdn.microsoft.com/en-us/library/hh550080%28v=vs.103%29.aspx


Outlook cannot resolve user hidden from Exchange address lists

I tried to add an Exchange 2007 mailbox user to my Outlook profile as an additional mailbox. Outlook was unable to resolve the username or the email address.

I realised that this particular user is Hidden from Exchange address lists and so it does not appear in Global Address list.

The workaround to add this user without un-hiding is to use the LegacyExchangeDN attribute of that user from active directory. To find the value of this attribute, you need to have Active Directory Service Interfaces Editor (ADSI Edit). ADSI Edit (Adsiedit.msc) is an MMC snap-in. You can add the snap-in to any .msc file through the Add/Remove Snap-in menu option in MMC, or just open the Adsiedit.msc file from Windows Explorer.

Mailboxes, for example, have the following LegacyExchangeDN structure:

/o=Organisation/ou=Administrative Group/cn= Recipients/cn=Username

So for example a user called support, in the Contoso organisation in the Europe Administrative Group would have the following LegacyExchangeDN:

/o= Contoso/ou=Europe/cn=Recipients/cn=support

Once you have the ADSIedit installed from http://go.microsoft.com/fwlink/?LinkId=100114 navigate to Domain>CN=Users>

Right Click on the user and select Properties. You can get the value of LegacyExchangeDN by clicking on Edit

Forefront High CPU utilization or Quarantines with Virus name: ‘Exceeded Internet Timeout’

Today few of my colleagues started to receive emails from Exchange 2007 Server as follows:


The original contents of this file have been replaced with this message because of its characteristics.
File name: ‘Body of Message’

Virus name: ‘Exceeded Internet Timeout’

Since we have an Edge Transport Server that has forefront server security installed, I tried to login to the server to check the logs. The CPU is at its peak and the server is inaccessible. After a long wait, I finally managed to get in there, but I am still unable to open Services or Event Log.

I checked the Hub Transport server and all the outbound emails are in the queue. The Edge Transport server is not processing inbound or outbound emails. I did a hard reset and still 100% CPU utilization.

When I managed to get the Services console open, I stopped the following services in this order.

  1. Microsoft Exchange Transport
  2. FSCController

Then the server started to behave normally. On the Application Event Log, the following entries appear.

  • The execution time of agent ‘FSE Routing Agent’ exceeded 300000 (milliseconds) while handling event ‘OnSubmittedMessage’. This is an unusual amount of time for an agent to process a single event. However, Transport will continue processing this message.
  • Transport scan exceeded the allowed scan time limit.
  • At least one of the engines that is in use is slated to be discontinued. You need to take immediate action to prevent a reduction in malware/spam protection. Details can be found at: http://go.microsoft.com/fwlink/?LinkId=165685.

After a few minutes of search on Bing (http://technet.microsoft.com/en-us/forefront/serversecurity/dd940095.aspx), I found out that Microsoft is revising its engine mix on Dec. 1, 2009 for the Forefront and Antigen products.

The AhnLab, CA and Sophos engines will be retired on Dec. 1, 2009.  As of this date, customers will not receive any updates for these retired engines. Any customers running the AhnLab, CA or Sophos engines must DISABLE these engines before Dec. 1, 2009 and select from the new set of five engines – Authentium, Kaspersky, Microsoft, Norman and VirusBuster.

So I had to disable the Forefront Security for Exchange Server.

From a command prompt, navigate to the Forefront Security for Exchange Server installation directory (C:\Program Files (x86)\Microsoft Forefront Security\Exchange Server). Disable Forefront Security dependencies by typing:

FSCUtility /disable

To confirm that the Forefront Security dependencies have been removed, type:

FSCUtility /status

Restart the Exchange services (Microsoft Exchange Transport). Now the emails should go without being scanned.

Do the changes to the engines in Forefront Administrator console. Make sure you do it to the Transport Scan Job as well as Default.

If you think that the scan engines are corrupted, you can delete the folders at “C:\Program Files (x86)\Microsoft Forefront Security\Exchange Server\Data\Engines\x86″ So the next time the Forefront updates according to the schedule, it will get the latest engine and recreate the folders.

After you disable the retired engines in the console, you can enable the Forefront for exchange again.

FSCUtility /enable

Hopefully, the CPU utilization will be normal and the emails are checked for viruses.

Setup groups and users in FileZilla Server and connect with ftpes

Following my earlier post on how to Install and configure an FTP server, this post describes on how to setup groups and users in FileZilla.

Open the FileZilla Server console by clicking on the taskbar icon.

Choose Edit->Groups->Add


Create a folder on one of your drives called Filezilla. Create a subfolder called clients. After the group has been added in the FileZilla console, select the group and configure it as follows

The path will be F:\Filezilla\clients\:u

:u represents to automatically select the subfolder based on the login username.

H represents the Home folder

Eg: If you create a folder as F:\Filezilla\clients\sujeeth, then the client with username ‘sujeeth’ will be automatically be mapped to that folder and it will be that login’s home folder.


To create an Alias, Click on Add and give local path. Right click on the path and select Edit aliases. So when the client login, they will see a folder called website, and when they upload the files, it will be stored in C:\autopublish


You can set the Speed Limits and IP Filter based on your requirements. After you create the group, you follow the same procedure to add the users. Any user that is member of a group will inherit all the settings of that group.


After you have setup the user, you can connect using FileZilla client on the remote machine with the following syntax

ftpes://<username>:<password>@<host IP address>/

eg: ftpes://sujeeth:pa55w0rd@

You have to use ftpes protocol because you have configured the FileZilla Server to force explicit SSL as per my previous post