Knowledge Base

Exchange

Expand allClose all

OWA Redirect Exchange 2010

Configure OWA Redirect Exchange 2010

One of the things I’ve been doing for as long as I can remember is redirecting requests that don’t go to https://owa.customer.com/owa (or /exchange) to the correct URL. So, if someone goes to http://owa.customer.com or https://owa.customer.com, they get redirected to the correct (secure) URL. Historically I’ve always done this with two components:
•A custom website listening on Port 80 on each CAS server
•A default.aspx file in the root of the Default Web Site redirecting to /owa

This approach no longer works with Exchange 2010 CAS because the PowerShell virtual directory actually operates over Port 80 (authentication is Kerberized). If you try and tinker with this, you’ll start getting errors from Remote PowerShell like this:

VERBOSE: Connecting to cas01.customer.com
[cas01.customer.com] The WinRM service cannot process the request because the request needs to be sent to a different machine. Use the redirect information to send the request to a new machine. Redirect location reported: https://owa.customer.com/owa/PowerShell. To automatically connect to the redirected URI, verify “MaximumConnectionRedirectionCount” property of session preference variable “PSSessionOption” and use “AllowRedirection” parameter on the cmdlet.
+ CategoryInfo : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [], PSRemotingTransportRedirectException
+ FullyQualifiedErrorId : PSSessionOpenFailed

In order to work around this, you need to use the HTTP Redirection feature in IIS (the default.aspx trick mentioned above should work too), as well as remove the requirement for SSL at the top level Default Web Site object. You have to be careful doing this because when you set settings on the web site, IIS will push them down to any virtual directory below which does not explicitly set that setting itself. To setup the redirect, select the Default Web Site in IIS Manager, and open the HTTP Redirect option under IIS. Complete it like this:

Warning: It’s very important that you check the checkboxes exactly as shown in the screenshot above!

Once this step is complete, you need to remove the enforced redirect from each of the virtual directories under the Default Web Site. To do this, select each virtual directory individually, and then open the HTTP Redirect property and uncheck the “Redirect requests to this destination” checkbox. You’ll need to do this on the following virtual directories:
•aspnet_client
•Autodiscover
•ecp
•EWS
•Microsoft-Server-ActiveSync
•OAB
•PowerShell
•Rpc

Note: The Exchange, Exchweb, and Public virtual directories should redirect to /owa.

If at this point you simply browse to http://cas01.customer.com, you’ll get an HTTP 403.4 error. This is because SSL is required at the top-level website. In order to get the redirect working, we need to disable SSL for the toplevel website while leaving it enabled for the relevant child virtual directories.

Select the Default Web Site and open the SSL Settings properties. Uncheck the Require SSL checkbox as shown below:

Like the redirection settings, this change will be inherited down the tree for any virtual directory which does not explicitly set the setting independently. Ensure that SSL is required for the following virtual directories:
•Autodiscover
•ecp
•EWS
•Microsoft-Server-ActiveSync
•OAB
•owa
•Rpc

Warning: If you require SSL for the PowerShell virtual directory, you will render Remote PowerShell inoperable!

Mark as helpful. 0

Grant Full Access to All Mailboxes in Exchange 2010

Add the first line seperately

$user = Read-Host -Prompt:”Enter UserName to grant permissions”;

It will ask you to enter in a username that you want to grant full access for

Add this second line and it gives the permission to all the databases in Exchange 2010

$organization = Get-OrganizationConfig;
$databasesContainer = “CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,” + $organization.DistinguishedName;
Add-ADPermission -User:$user -AccessRights ExtendedRight -ExtendedRights Receive-As, Send-As, ms-Exch-Store-Admin -Identity:$databasesContainer;

Mark as helpful. 0

Error 0x3ee starting the Microsoft Exchange Information Store. Failed to init VSERVER

https://kc.mcafee.com/corporate/index?page=content&id=KB66391

Problem

The Microsoft Exchange Information Store service fails to start and you see the following in the Application Event Log:

Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 9564
User: N/A
Description: Error 0x3ee starting the Microsoft Exchange Information Store. Failed to init VSERVER

Event Type: Error
Event Source: MSExchangeIS
Event Category: (40)
Event ID: 9565
User: N/A
Description: Invalid virus scanner configuration. Unable to start virus scanner. Check the following parameter: Library

Solution

CAUTION: This article contains information about opening or modifying the registry.
•The following information is intended for System Administrators. Registry modifications are irreversible and could cause system failure if done incorrectly.
•Before proceeding, McAfee strongly recommends backing up your registry and understanding the restore process. For more information, see: http://support.microsoft.com/kb/256986.
•Do not run a .REG file that is not confirmed to be a genuine registry import file.

Disable the Microsoft VSAPI in the registry as follows:

To start the Windows registry editor
1. Click Start, Run, type regedit and then click OK.
2.Navigate to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\VirusScan

3.In the right-pane, double-click Enabled.
4.Type 0 and then click OK.
5.Click File, Exit to close Registry Editor.
The Exchange Information Store can now be started without generating the errors.

Mark as helpful. 2

Change Language on Exchange 2010 Mailbox

So first thing we did was check the language on the users mailbox by running the following CMDLET

Get-Mailbox –Identity “username” | fl languages

This Returned a value of “ Languages : {es-SV}” . So we had found that the problem was that the mailbox had been set to the wrong language, so we run the following command to set the language to English (US)

Set-Mailbox –Identity “username” –Languages “en-US”

To confirm the language of mailbox had change we ran the first command again and it returned the “en-US” value

Mark as helpful. 0

Outlook 2010 mailbox cleanup not archiving all old email

Modified Date must be changed

Please follow the below steps:
1.Click Start, click Run, type regedit in the Open box, and then click OK.
2.HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Preferences

3.On the Edit menu, point to New, click DWORD Value, type ArchiveIgnoreLastModifiedTime, and then press ENTER.
4.Right-click ArchiveIgnoreLastModifiedTime, and then click Modify.
5.In the Value data box, type 1, and then click OK.
6.Exit Registry Editor.
7.Restart Outlook.

Mark as helpful. 0

452 validating sender: 4.3.1 insufficient system resources

452 4.3.1 Insufficient system resources
Not a good thing the night before a presentation – Murphy’s law at work again!

The Application Event Log has Event ID 15002 from MSExchangeTransport saying “The resource pressure is constant at High. Statistics… “. The event goes on to tell you that inbound mail submission has stopped, and it’s due to disk space being low on the volume where the queue database is located.

Figure 1: Event ID 15002 logged by MSExchangeTransport

Exchange Server 2007 transport queues are not the familiar .eml files you see in Exchange Server 2003/2000, which reside in the \mailroot\vsi <1>\queue folder (<1> is the instance number of the SMTP virtual server) on the file system. Yes, transport queues have been moved to a JET database of its own.

What’s Back Pressure?

In Exchange Server 2007, the Transport service monitors system resources such as disk space and memory on Transport servers (the Hub Transport and the Edge Transport servers), and stops message submission if it’s running low on these resources. It continues to deliver existing messages in the queue. When resource utilization returns to normal, it resumes message submission. The feature is called Back Pressure.

In this case, Exchange required 4 Gigs of free disk space on the volume where the Queue database was located – I had about 3.95 Gigs. 🙂

Changes to Back Pressure settings in Exchange Server 2007 SP1

The Back Pressure settings in Exchange Server 2007 RTM stop inbound mailflow if free disk space is below 4 Gigs. This static threshold has been lowered in SP1 to a more realistic 500 MB.

The Resolution

Many configuration options for transport servers are saved in an XML file named EdgeTransport.exe.config (it’s the same file name on both server roles— Edge Transport and Hub Transport) located in \Exchange Server\Bin\.

To get transport to resume submissions, you can use any of the following methods. All of the following require you to edit the EdgeTransport.exe.config file.
1.Disable BackPressure: Although Microsoft doesn’t recommend it, it does provide a way to Disable Back Pressure
2.Tweak BackPressure thresholds: Modify BackPressure parameters to more accurately define what’s high utilization for your deployment or server configurations, as explained in the above docs.
3.Move the queue database to another volume: Another resolution, and the one I used in this case, was to move the queue database to another volume with ample of free space, using the following procedure: 1.
Add the following key in the section in EdgeTransport.exe.config, as documented in “How to Change the Location of the Queue Database“:

2.Save the file and restart the Microsoft Exchange Transport service from the Services console or by using the Restart-Service cmdlet (Restart-Service MSExchangeTransport).

Message submission resumes.

Mark as helpful. 0

Troubleshoot/Rebuild Outlook Searching

You can rebuild the search catalog, which restarts the indexing of your data files. The search catalog is a file where all of your Outlook and Microsoft Windows items (data files) are indexed. To rebuild your search catalog, do the following:
1.Exit Outlook.
2.In Microsoft Windows, click the Start button, and then click Control Panel.
3.Locate Indexing Options.
4.Click Modify, select the check boxes for the locations you want to index, and then click OK.
4.Click Advanced.
5.Click Rebuild.
6.Restart Outlook.

Mark as helpful. 0

Exchange 2010 SP3 Upgrade

Exchange 2010 Service Pack 3 SP3 Upgrade

Exchange 2010 SP3 upgrade fails at Mailbox Role state.

DiscoverySearchMailbox is causing the issue.
Simply remove the account and re-create it.

•Reboot the server before you start to clear any pending reboots
•Right click to Discovery Search Mailbox and remove, object is going to be under Disconnected Mailboxes
•Confirm AD object is also deleted.
•Reboot (to make replication faster)
•Run SP3 setup
•Complete
•Now you need to re-create AD object first
•Run setup.com /preparead from the location where you have run sp3 upgrade
•Complete
•Confirm AD object has been created.
•Go to properties of new discoverysearchmailbox AD user and copy the ID. It looks like something like this DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7E09334BB852}
•Open Exchange Management Shell and type this line
•Enable-Mailbox –Discovery “DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7E09334BB852}”
•Confirm mailbox is created and you are all done.
•Now if you want you can cleanup the old discoverysearch from disconnected mailboxes by using command line.
•Remove-StoreMailbox -Database “mailbox database name where it was” -Identity “Discovery Search Mailbox”
•State: Disabled
•Confirm: YES
•Done.

Mark as helpful. 0

How to create an email enabled Distribution Group (Exchange 2003)

How to create a distribution list (distribution group)
To create a distribution list (distribution group): 1.Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2.Expand DomainName.
3.Right-click Users, point to New, and then click Group.
4.In the Group name box, type a name for the group.

By default, the name that you type in the Group name box is also used in the Group name (pre-Windows 2000) box.
5.Under Group scope, specify the group scope that you want.
6.Under Group type, click Distribution, and then click Next.
7.Click to select the Create an Exchange e-mail address check box, specify the alias that you want in the Alias box, specify the administrative group that you want in the Associated Administrative Group box, and then click Next.

Note You can only choose the administrative group where you want to create the distribution group if you are in mixed mode in Microsoft Exchange 2000 Server and in Exchange 2003.
8.Click Finish.
9.To add members to the group, double-click the distribution group that you created, click the Members tab, and then click Add.
10.Click the users or groups that you want to add, click Add, click OK, and then click OK.

Mark as helpful. 0

Verify if BESadmin account can access a user account in Exchange

The BlackBerry® Enterprise Server requires permission to access each BlackBerry device user’s mailbox to process email messages. The IEMSText.exe tool runs a test to verify whether the Windows®account has the Send As permission in Microsoft® Exchange so that the BlackBerry Enterprise Server can access user accounts. The IEMSText.exe tool does not verify whether the BlackBerry Enterprise Server can send email messages on behalf of a BlackBerry device user. 1.Copy the BlackBerry® Enterprise Server installation files to the computer that you want to install the BlackBerry Enterprise Server on.
2.Extract the contents to a folder on the computer.
3.Navigate to \Tools.
4.Double-click IEMSTest.exe.
5.In the Profile Name drop-down list, select the profile names for the user accounts.
6.Click OK.
7.In the left pane, select the user accounts that you want to check.
8.Click Select.
9.Click OK.

Mark as helpful. 0

Autoreply Rule

Once this mailbox has been set as the primary profile, then go to tools => Rules and Alerts => New Rule => Start from a Blank Rule then select “check messages when they arrive” => Next=> then select “Where my name is in the To or Cc box” = Next => then select “Have server reply using a Specific Message” on the Step2 box underneath, click “a specific template” then compose the autoreply on the body of the email and put the subject you want on the sibject field. Once completed composing the autoreply dont forget to click “Save and Close”. => Next => Next => Finish.

Close your outlook and let someone try to send a test email to the “secondary mailbox”. They should be able to receive an autoreply regardless if your outlook is closed.

Mark as helpful. 0

Offline Defrag Exchange 2007/2010

If you have recently deleted any large mailboxes from said database store run this command

To clean up the mailbox database you need to run the clean-mailboxdatabase command.

clean-mailboxdatabase -identity “Mailbox Database”

To check how much white space you have on your databases you have to run the following command

Get-MailboxDatabase -Status | Sort-Object DatabaseSize -Descending | Format-Table Name, DatabaseSize, AvailableNewMailboxSpace

To perform the offline defrag use the following command

eseutil /d /p “D:\Exchangedata\Mdbdata\priv1.edb” /t”D:\Exchangedata\Mdbdata\tempdb.edb”

Replace the first part with the Database store you are doing the offline defrag on.

Mark as helpful. 0

Assigning service account permissions for a BlackBerry Enterprise Server for Microsoft Exchange

Task 1

To assign Local Administrator rights to the BlackBerry Enterprise Server service account, complete the following steps:

For a BlackBerry Enterprise Server on a Domain Controller
1.Click Start > Programs > AdministrativeTools > Active Directory Users and Computers.
2.Select the Builtin folder.
3.Double-click Administrators.
4.On the Members tab, click Add.
5.Type the BlackBerry Enterprise Server service account name (for example, BESAdmin), and then click Check Names.
6.Click OK.
7.Click Apply then OK.

For a BlackBerry Enterprise Server on a Member Server
1.Click Start > Administrative Tools > Computer Management.
2.In the left pane, expand System Tools and click Local Users and Groups.
3.In the right pane, double-click Groups.
4.Right-click Administrators and click Properties.
5.In the Administrators Properties window, Click Add
6.In the Select Users, Contacts, Computers, or Groups window, type the BlackBerry Enterprise Server service account name (for example, BESAdmin), and then click Check Names.
7.Click OK.
8.Click Apply then OK.

——————————————————————————–

Task 2

To assign Local Security Policy permissions to the BlackBerry Enterprise Server service account, complete the following steps:

Note: This procedure allows the BlackBerry Enterprise Server service account to access the local computer and to run the BlackBerry Enterprise Server as a Windows service.
1.Click Start > Administrative Tools > Local Security Policy.
NOTE: If the computer is a Domain Controller, click Start > Administrative Tools > Domain Controller Security Policy.

2.In the Local Securities window, click Local Policies > User Rights Assignment (for Windows Small Business Server 2008, click Start > Administrative Tools > Group Policy Management window, then Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment).
3.Perform one of the following steps: ◦For Windows Server 2000, double-click Log on Locally.
◦For Windows Server 2003 and 2008, double-click Allow Log on Locally.

4.Click Add User or Group.
5.Select the BlackBerry Enterprise Server service account name, and then click Add.
6.Click OK.
7.In the Local Security Settings window, double-click Log On As a Service.
8.Click Add User and then select the BlackBerry Enterprise Server service account.
9.Click OK.

——————————————————————————–

Task 3

To grant the Send As permission on a single account for all BlackBerry smartphone users in a Microsoft Active Directory domain or container, complete the following steps:
1.Open Active Directory Users and Computers.
2.On the View menu, select the Advanced Features option.
Note: If Advanced Features is not selected, the Security tab will not be visible for domain and container objects.

3.Right-click the appropriate domain or container, and then click Properties.
4.On the Security tab, click Advanced.
5.If the BlackBerry Enterprise Server service account that requires the Send As permission is not listed, click Add and then select the BlackBerry Enterprise Server service account name.
6.Click OK.
7.Double-click the BlackBerry Enterprise Server service account name.
8.Select User Objects in the Applies Onto list.

Note : If the Domain Controller is Windows Server 2008, select Descendant User Objectsin the Applies Onto list.

9.Select the Send As check box.
10.Click Apply, and then click OK.
11.Close the Properties window, and then close Active Directory Users and Computers.
Note: For more information about the Send As permission, visit the Microsoft Support Knowledge Base and search for Users cannot send e-mail messages from a mobile device or from a shared mailbox in Exchange 2000 Server and in Exchange Server 2003.

For Microsoft® Exchange Server 2007 and Microsoft Exchange Server 2010, the Send As permission can be granted to the BlackBerry Enterprise Server service account at a container level in Active Directory by using the PowerShell command shell.

Note: This command applies the same permission described in the steps above to a specific container within Active Directory. If new BlackBerry smartphone users are added that are located in a separate Active Directory container, this command will need to be run again, specifying the new location.

In the Exchange Management Shell command prompt window, type the following and press Enter:

Add-ADPermission -InheritedObjectType User -InheritanceType Descendents -ExtendedRights Send-As -User “BESAdmin” -Identity CN=,DC=,DC=,DC=

or

Add-ADPermission –InheritedObjectType User –InheritanceType Descendents –ExtendedRights Send-As –User “BESAdmin” –Identity OU=,DC=,DC=,DC=

In this Distinguished Name format, the location of the object to be modified (in this case, the container in which BlackBerry smartphone users are found) is explicitly specified from most specific to least specific identifier. For example, if the domain name is www.example.com, and the container is Users, the Identity string should read: CN=Users,DC=example,DC=com . Note that there is no domain_3 in this example, as none is required.

Successful application of this permission can be verified via Active Directory Users and Computers (Steps 1 through 4 of Task 2, above), or via the Exchange Management Shell interface. To verify that this permission has been applied using PowerShell, run the following command:

Get-Mailbox -Identity “” | Get-ADPermission | where { ($_.ExtendedRights -like “*Send-As*”) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | select Identity, User, ExtendedRights, IsInherited | FT -Wrap

Where is the display name of the BlackBerry smartphone user to be verified. The following output indicates success:

Identity User ExtendedRights IsInherited
——– —- ————– ———–
user01 domain\BESAdmin {Send-As} True

——————————————————————————–

Task 4

To assign Microsoft Exchange Server permissions at the Administrative Group level, complete the following steps for the appropriate Microsoft Exchange environment:

Note: This procedure allows an administrator to manage BlackBerry smartphone users and groups.

For Microsoft Exchange Server 2000 or 2003
1.Click Start > Programs > Microsoft Exchange > System Manager.
2.Select Administrative Groups.
3.Right-click First Administrative Group and select Delegate Control.
4.In the Exchange Administration Delegation Wizard, click Next, and then click Add.
5.Click Browse and then select the BlackBerry Enterprise Server service account.
6.Click OK.
7.In the Role drop-down list in the Delegate Control window, select Exchange View Only Administrator.
8.Click OK to add the BlackBerry Enterprise Server service account to the Users and Groups list.
9.Click Next, and then click Finish.

For Microsoft Exchange Server 2007

To set an Exchange View Only Administrator role:
1.Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
2.Open the command prompt as administrator, type the following and then press ENTER:
add-exchangeadministrator -role ViewOnlyAdmin

where < BESAdmin>is the name of the BlackBerry Enterprise Server service account.

To check an Exchange View Only Administrator role:
1.Click Start>Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
2.Open the command prompt as administrator, type the following and then press ENTER:
get-exchangeadministrator | Format-List

3.Verify that the BlackBerry Enterprise Server service account has the ViewOnlyAdmin role.

For Microsoft Exchange Server 2010
1.Click Start > Programs > Microsoft Exchange Server 2010 > Exchange Management Shell.
2.Open the command prompt as administrator, type the following command and then press ENTER:
Add-RoleGroupMember “View-Only Organization Management” -Member “BESAdmin”

——————————————————————————–

Task 5

To assign Microsoft Exchange Server permissions at the Microsoft Exchange Server level, complete the following steps:

For Microsoft Exchange Server 2000 or 2003
1.Click Start > Programs > Microsoft Exchange > System Manager.
2.Select Administrative Groups > First Administrative Group > Servers.
3.Right-click the Microsoft Exchange Server name and then click Properties.
4.On the Security tab, select the BlackBerry Enterprise Server service account.
5.Select the following permissions from the Permissions list:
6.◦Administer Information Store
◦Send As
◦Receive As

7.Click the Advanced button.
8.Verify that the Select the Allow inheritable permissions from parent to propagate to this object and all child objects option is selected.
9.Click OK.
10.Repeat the preceding steps for each Microsoft Exchange Server that will host mailboxes within the routing group.

If inheritable rights do not propagate to the individual mail stores, to set the Send As, Receive As, and Administer information store permissions at the store level, complete the following steps from the Microsoft Exchange System Manager:
1.Click Start > Programs > Microsoft Exchange > System Manager.
2.Select Administrative Groups > First Administrative Group > Servers.
3.Click on the plus sign next to the Microsoft Exchange Server name to expand the next levels.
4.Click on the plus sign next to the First Storage Group to expand the information stores.
5.Right-click the first Mailbox Store name and then click Properties.
6.On the Security tab, select the BlackBerry Enterprise Server service account.
7.Select the following permissions from the Permissions list:
8.◦Administer Information Store
◦Send As
◦Receive As

9.Click the Advanced button.
10.Verify that the Select the Allow inheritable permissions from parent to propagate to this object and all child objects option is selected.
11.Click OK.
12.Repeat the steps 5-11 for each Mailbox Store that will host mailboxes for this server.

For Microsoft Exchange Server 2007

To set Send As, Receive As, and AdministerInformation Store permissions, complete the following steps:
1.Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
2.Open the command prompt as administrator.
3.Type the following line, and then press ENTER:

get-mailboxserver | add-adpermission -user -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

Where is the name of the Microsoft Exchange Server 2007 and < BESAdmin> is the name of the BlackBerry Enterprise Server service account.

If inheritance to the individual mail stores is not enabled, to set the Send As, Receive As, and Administer information store permissions at the store level, complete the following steps from the Microsoft Exchange management shell:

get-mailboxdatabase \’First Storage Group\Mailbox Database’ | add-adpermission -user -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

Note: First Storage Group\Mailbox Database is the default mailbox name within Microsoft Exchange Server 2007.

If inheritance to the individual mail stores is not enabled on a custom mailbox database, to set the Send As, Receive As, and Administer information store permissions at the store level, complete the following steps from the Microsoft Exchange management shell:

Add-ADPermission –identity “” –user “” -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

To verify the Send As, Receive As, and Administer Information Store permissions, complete the following steps:
1.Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
2.Open the command prompt as administrator, type the following line and press Enter.
get-mailboxserver | get-ADpermission -user | Format-List

To verify the Send As, Receive As, and Administer Information Store permissions at the mailbox store level, complete the following steps:
1.Click Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
2.Open the command prompt as administrator, type the following and press Enter.
get-mailboxdatabase \ | get-ADpermission -user | Format-List

Note: The Get-Mailboxdatabase cmdlet is designed to retrieve one or more mailbox database objects from a server or organization. For more info refer to the following Microsoft Technet.

For Microsoft Exchange Server 2010
1.Click Start > Programs > Microsoft Exchange Server 2010 > Exchange Management Shell.
2.Open the command prompt as administrator, type the following line and then press ENTER:
Get-MailboxDatabase | Add-ADPermission -User “BESAdmin” -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin, ms-Exch-Store-Visible

Note: The Get-Mailboxdatabase cmdlet is designed to retrieve one or more mailbox database objects from a server or organization. As such, if there are multiple Exchange servers with multiple mailbox database objects, this cmdlet will only need to be applied once provided that the Exchange servers are part of the same organization. However, for every new Exchange mailbox database created, run the cmdlet again in order to apply the Exchange permissions to that mailbox database. For more info refer to the following Microsoft Technet.

For Microsoft Exchange 5.5

The BlackBerry Enterprise Server service account requires the Service Account Admin permissions on the Site container and Configuration container.

——————————————————————————–

Task 6

To assign a throttling Policy for the BlackBerry Enterprise Server service account, complete the following steps:

Note: This only applies for Microsoft Exchange 2010

If a BESPolicy throttling policy has not already been created, then create a new throttling policy that does not limit concurrent connections to the Microsoft Exchange Server:
1.On the Microsoft Exchange Server, click Start > Microsoft Exchange Server 2010 > Exchange Management Shell.
2.Type New-ThrottlingPolicy BESPolicy -RCAMaxConcurrency $null -RCAPercentTimeInAD $null -RCAPercentTimeInCAS $null -RCAPercentTimeInMailboxRPC $null -EWSMaxConcurrency $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null -EWSMaxSubscriptions $null -EWSFastSearchTimeoutInSeconds $null -EWSFindCountLimit $null

Note: If the Microsoft Exchange Server is 2010 SP1, complete the following step as well:

set-ThrottlingPolicy BESPolicy -CPAMaxConcurrency $NULL -CPAPercentTimeInCAS $NULL -CPAPercentTimeInMailboxRPC $NULL
3.
Type Set-Mailbox “BESAdmin” -ThrottlingPolicy BESPolicy.

4.Restart the BlackBerry Controller Service (For existing installation).

If a BESPolicy throttling policy has already been created, but is still set to throttle concurrent connection, then modify the existing BESPolicy to disable throttling.
1.On the Microsoft Exchange Server, click Start > Microsoft Exchange Server 2010 > Exchange Management Shell.
2.Type Set-ThrottlingPolicy BESPolicy -RCAMaxConcurrency $null -RCAPercentTimeInAD $null -RCAPercentTimeInCAS $null -RCAPercentTimeInMailboxRPC $null -EWSMaxConcurrency $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null -EWSMaxSubscriptions $null -EWSFastSearchTimeoutInSeconds $null -EWSFindCountLimit $null
3.Type Set-Mailbox “BESAdmin” -ThrottlingPolicy BESPolicy.
4.Restart the BlackBerry Controller Service (For existing installation).
Important : Restarting the BlackBerry Enterprise Server or its services might delay email message delivery to BlackBerry smartphones.

Note : It might take up to 20 minutes for replication to occur and BlackBerry smartphones to start.

If the preceding method does not work to reset the throttling policy, remove the existing policy and re-create a new BESPolicy.

Remove the BESPolicy by typing Remove-ThrottlingPolicy -Identity BESPolicy.

Note : A policy that is assigned to BlackBerry smartphone users cannot be removed. In order to remove a policy that is associated with any BlackBerry smartphone users, reassign the default policy to the BlackBerry smartphone user and then remove the BESPolicy.

For more information on the Microsoft Exchange Server 2010 throttling policy and the commands to set default policy, refer to Microsoft Technet and search for Remove-ThrottlingPolicy.

——————————————————————————–

Task 7

If the server is a Microsoft SQL Server, assign the server roles by completing the following steps:
1.
Note: The following is not applicable to Microsoft SQL Server Desktop Engine (MSDE).

2.In the Microsoft SQL Enterprise Manager, go to Microsoft SQL Servers/SQL Server Group/.
3.Expand the Microsoft SQL Server and expand Security.
4.Right-click Logins.
5.Click New Login.
6.On the General tab, click the button next to the Name field.
7.Select the new BlackBerry Enterprise Server service account name from the Names list.
8.Click Add.
9.Click OK.
10.On the Server Roles tab, select Server Administrators and Database Creators from the Server Role list.
Note: If running BlackBerry Enterprise Server 4.1 to 5.0, add the System Administrators role to add BlackBerry smartphone users in a role-based administration environment. For instructions, see the Administration Guide – BlackBerry Enterprise Server for Microsoft Exchange .

11.On the Database Access / User Mapping tab, select the check box for the BlackBerry Configuration Database.
12.In the Database Roles for list, select the db_owner check box.
For additional information on assigning the required permissions for the BlackBerry Configuration Database, see KB03112 .

For additional information on the permissions that are required to manage the BlackBerry Configuration Database

http://btsc.webapps.blackberry.com/btsc/viewdocument.do?externalId=KB02276&sliceId=2&cmd=displayKC&docType=kc&noCount=true&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl

Mark as helpful. 0

Error attempting to Delete Exchange 2010 Database

Error Attempting to Delete Exchange 2010 Database , ” This mailbox database is associated with one or more active MailboxImport requests”

Deleted Filed :

Failed
Error:
This mailbox database is associated with one or more active MailboxImport requests. To get a list of all MailboxImport requests associated with this database, run Get-MailboxImportRequest | ?{ $_.RequestQueue -eq “” }. To remove a MailboxImport request, run Remove-MailboxImportRequest .

Run, below to get list of error’s
Get-MailboxImportRequest | ?{ $_.RequestQueue -eq “DATABASE NAME” }

to remove entries run
exmaple – Remove-MailboxExportRequest -Identity “Ayla\MailboxExport”

Mark as helpful. 1

Increase the number of simultaneous mailbox moves exchange 2010

By default Exchange 2010 allows 2 simultaneous mailbox moves to run. When you perform a migration of many mailboxes you might want to increase this number. Here is how you do it:
1.Open explorer on the Exchange server and navigate to C:\Program Files\Microsoft\Exchange Server\V14\Bin (This is the default path, the path on your server might be different)
2.Make a backup copy of the file MSExchangeMailboxReplication.exe.config. I have a habit of creating a file copy and naming it _backup but that’s just my approach.
3.Use your favorite text editor and open MSExchangeMailboxReplication.exe.config.
4.Find the following part in the file:


5.Change the following parameters to match you requirements:
MaxActiveMovesPerSourceMDB = “5?
MaxActiveMovesPerTargetMDB = “2?
MaxActiveMovesPerSourceServer = “50?
MaxActiveMovesPerTargetServer = “5?
MaxTotalMovesPerMRS = “100?
6.Feel free to look through the rest of the parameters in this file, you will see that there is plenty more parameters you can change.

Please note that changing these values and allowing more simultaneous mailbox moves etc. increases the load on the server. Change these values with care and do not add extremely high numbers.

Increase the number of simultaneous mailbox moves

Mark as helpful. 0

Install an SSL Certificate in Microsoft Exchange 2010

1.From the Start menu, click Run..
2.Type mmc, and then click OK. The Microsoft Management Console (Console) window opens.
3.In the Console window, click the File menu and select Add/Remove Snap-in. The Add or Remove Snap-ins window displays.
4.Select Certificates, and then click Add.
5.Select Computer Account, and then click Next.
6.Select Local Computer, and then click Finish.
7.Click OK.
8.In the Console window, expand the Certificates folder on the left.
9.Right-click Intermediate Certification Authorities, mouse-over All Tasks, then click Import.
10.In the Certificate Import Wizard, click Next.
11.Click Browse to find the intermediate certificate file.
12.Change the file extension filter to PKCS #7 Certificates (*.spc;*.p7b), select the *_iis_intermediates.p7b file, and then click Open.
13.Click Next.
14.Select Place all certificates in the following store.
15.Click Browse, select Intermediate Certification Authorities, and then click Next.
16.Click Finish.
17.Close the Console window.
18.From the Start menu, go to Programs, Microsoft Exchange 2010, and click Exchange Management Console.
19.Click Manage Databases.
20.Click Server Configuration.
21.In Exchange Certificates, select your certificate.
22.From the Actions panel on the right, click Complete Pending Request.
23.Click Browse to locate the certificate file. The file extension might be .txt or .crt instead of .cer (search for all files).
24.Click Open.
25.Click Complete.

If you receive the error, “The source data is corrupted or not properly Base64 encoded,” check the Self Signed field. If it is True, refresh console by pressing F5 on your keyboard. If it still displays True, create a new CSR and then re-key your certificate.

26.Click Finish.
27.From the Actions menu, click Assign Services to Certificate.
28.Select servers, then click Next.
29.Select services you want to assign to the certificate, then click Next.
30.Click Assign.
31.Click Finish.

Mark as helpful. 0

Exchange Mailbox Size 2007-2010

Here is the power shell command for viewing all users mailbox size and item number. This command also sorts the data from highest to lowest.

Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft DisplayName,@{label=”TotalItemSize(MB)”;expression={$_.TotalItemSize.Value.ToMB()}},ItemCount

On the exchange 2010 server or multi server environments. The identity must be specified.

Get-MailboxStatistics –server “servername” | Sort-Object TotalItemSize -Descending | ft DisplayName,@{label=”TotalItemSize(MB)”;expression={$_.TotalItemSize.Value.ToMB()}},ItemCount

You can export this command to a text file by adding this at the end: > c:\mailboxes.txt

Mark as helpful. 0

Configure Message Delivery Restrictions for a Mailbox – Exchange 2010

In the EAC, navigate to Recipients > Mailboxes.

  • In the list of user mailboxes, click the mailbox that you want to configure message delivery restrictions for, and then click Edit Edit Icon.
  • On the mailbox properties page, click Mailbox Features.
  • Under Message Delivery Restrictions, click View details to view and change the following delivery restrictions:
    • Accept messages from   Use this section to specify who can send messages to this user.
      • All senders   This option specifies that the user can accept messages from all senders. This includes both senders in your Exchange organization and external senders. This is the default option. It includes external users only if you clear the Require that all senders are authenticated check box. If you select this check box, messages from external users will be rejected.
      • Only senders in the following list   This option specifies that the user can accept messages only from a specified set of senders in your Exchange organization. Click Add Add Icon to display a list of all recipients in your Exchange organization. Select the recipients you want, add them to the list, and then click OK. You can also search for a specific recipient by typing the recipient’s name in the search box and then clicking Search Search Icon.
      • Require that all senders are authenticated   This option prevents anonymous users from sending messages to the user. This includes external users that are outside of your Exchange organization.
    • Reject messages from   Use this section to block people from sending messages to this user.
      • No senders   This option specifies that the mailbox won’t reject messages from any senders in the Exchange organization. This is the default option.
      • Senders in the following list   This option specifies that the mailbox will reject messages from a specified set of senders in your Exchange organization. Click Add Add Icon to display a list of all recipients in your Exchange organization. Select the recipients you want, add them to the list, and then click OK. You can also search for a specific recipient by typing the recipient’s name in the search box and then clicking Search Search Icon.
  • Click OK to close the Message Delivery Restrictions page, and then click Save to save your changes.

Mark as helpful. 1

Delete bulk messages by Subject thru Exchange 2010 command shell

This is very useful to delete multiple messages on a large mailbox by subject without logging into the mailbox.

Before you can delete message you have to make sure the administrator has proper access.

First you have to add your administrator to the Discovery Management role group

Add-RoleGroupMember -Identity “Discovery Management” -Member Administrator

Then you have to make sure your Administrator is apart of the Mailbox Import Export role The easiest way to add that is by following these steps

Open up your Exchange Management Console Go to Toolbox and open up Role Based Access Control Login and double click “Organization Management Add “Mailbox Import Role” Also check to make sure Administrator is a user in that account.

Restart your Exchange Management Shell and now you can use the following command to delete your messages

Search-Mailbox -Identity “April Stewart” -SearchQuery ‘Subject:”Your bank statement”‘ -DeleteContent -force

Mark as helpful.

Increase Receive Connector Limit Exchange 2007

In any case, the setting MaxMessageSize, which has a default of 10 MB in Exchange 2007, is the parameter that needs adjustment. If you want to get a look at the values for the MaxMessageSize parameter for all of the SMTP receive connectors in your Exchange organization, start up the command line-based Exchange Management Shell and issue the following command:

get-receiveconnector | select identity,maxmessagesize

The output in Figure A shows you that, for the three Exchange servers in this organization, all of the installed SMTP receive connectors have a maximum message size of 10 MB.

Figure A

Mark as helpful.

Configure OWA Redirection for Exchange 2010

Very important NOTE – After all the steps below are completed, make sure to remove redirection from “Public” folder in Default Web site otherwise users will have issues with opening attachments and emails. You do this by clicking on the public folder, going to HTTP redirect and un checking “redirect requests to this destination” box and applying the settings. After everything is complete run the iisreset in the command prompt to restart the necessary services.

One of the things I’ve been doing for as long as I can remember is redirecting requests that don’t go to https://owa.customer.com/owa (or /exchange) to the correct URL. So, if someone goes to http://owa.customer.com or https://owa.customer.com, they get redirected to the correct (secure) URL. Historically I’ve always done this with two components:

  • A custom website listening on Port 80 on each CAS server
  • A default.aspx file in the root of the Default Web Site redirecting to /owa

This approach no longer works with Exchange 2010 CAS because the PowerShell virtual directory actually operates over Port 80 (authentication is Kerberized). If you try and tinker with this, you’ll start getting errors from Remote PowerShell like this:

 

VERBOSE: Connecting to cas01.customer.com
[cas01.customer.com] The WinRM service cannot process the request because the request needs to be sent to a different machine. Use the redirect information to send the request to a new machine.  Redirect location reported: https://owa.customer.com/owa/PowerShell. To automatically connect to the redirected URI, verify “MaximumConnectionRedirectionCount” property of session preference variable “PSSessionOption” and use “AllowRedirection” parameter on the cmdlet.
+ CategoryInfo          : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [], PSRemotingTransportRedirectException
+ FullyQualifiedErrorId : PSSessionOpenFailed

 

In order to work around this, you need to use the HTTP Redirection feature in IIS (the default.aspx trick mentioned above should work too), as well as remove the requirement for SSL at the top level Default Web Site object. You have to be careful doing this because when you set settings on the web site, IIS will push them down to any virtual directory below which does not explicitly set that setting itself. To setup the redirect, select the Default Web Site in IIS Manager, and open the HTTP Redirect option under IIS. Complete it like this:

image

 

Warning: It’s very important that you check the checkboxes exactly as shown in the screenshot above!

 

Once this step is complete, you need to remove the enforced redirect from each of the virtual directories under the Default Web Site. To do this, select each virtual directory individually, and then open the HTTP Redirect property and uncheck the “Redirect requests to this destination” checkbox. You’ll need to do this on the following virtual directories:

  • aspnet_client
  • Autodiscover
  • ecp
  • EWS
  • Microsoft-Server-ActiveSync
  • OAB
  • PowerShell
  • Rpc

 

Note: The Exchange, Exchweb, and Public virtual directories should redirect to /owa.

 

If at this point you simply browse to http://cas01.customer.com, you’ll get an HTTP 403.4 error. This is because SSL is required at the top-level website. In order to get the redirect working, we need to disable SSL for the toplevel website while leaving it enabled for the relevant child virtual directories.

Select the Default Web Site and open the SSL Settings properties. Uncheck the Require SSL checkbox as shown below:

image

Like the redirection settings, this change will be inherited down the tree for any virtual directory which does not explicitly set the setting independently. Ensure that SSL is required for the following virtual directories:

  • Autodiscover
  • ecp
  • EWS
  • Microsoft-Server-ActiveSync
  • OAB
  • owa
  • Rpc

 

Warning: If you require SSL for the PowerShell virtual directory, you will render Remote PowerShell inoperable!

 

Once you’ve configured the redirection and SSL settings, open a command prompt and run iisreset. At this point you should be able to browse to http://localhost on the CAS server and get redirected to https://owa.customer.com/owa. These steps were tested on Windows Server 2008 R2. While they should be similar under Windows Server 2008, they may not be identical.

Mark as helpful.

Setup Autodiscover Record

How to use the new DNS SRV lookup method to locate the Exchange 2007 Autodiscover service

To use the new DNS SRV lookup method in order to locate the Exchange 2007 Autodiscover service, follow these steps.

Note You must create the Autodiscover SRV record in the external DNS zone that matches the right side of your user’s SMTP addresses. For example, if a user’s primary SMTP address is user@contoso.com, the record must be created in the contoso.com external DNS zone. If you have multiple primary SMTP address domains in your organization, you must create an Autodiscover SRV record in each zone.

  1. In your external DNS zone, remove any HOST (A) or CNAME records for the Autodiscover service.
  2. Use the following parameters to create a new SRV record:
    Service: _autodiscover
    Protocol: _tcp
    Port Number: 443
    Host: mail.contoso.com

Mark as helpful.

Exchange 2010 Powershell command to delete all content in mailbox

**Note that this command deletes all of the mail in the inbox as well as the folders.

[PS] C:\Windows\system32>Search-Mailbox -Identity “Luk, Terence” -DeleteContent

 

Exchange 2010 SP1 or SP2 PowerShell cmdlet for deleting all email in a mailbox

I haven’t had to do a whole lot of Exchange 2010 work recently as most of the projects I’ve been involved in were either desktop virtualization or datacenter related but just about a week ago I was asked what the cmdlet was to delete all the mail in an inbox.  I remember executing the cmdlet a while ago and after a bit of digging in my notes, I found it.  Knowing that I’m bound to come across this again, I thought I’d write a short blog on the prerequisites required for setting up the account and finally the cmdlet for future reference.

Prerequisites

The first thing you’ll need to do is ensure that you have given the account you’re going to use the proper permissions by adding them into the following groups:

  1. Discovery Management <—Already Exists
  2. Exchange Support Diagnostics <—Does not exist so you’ll need to create it
  3. Exchange Mailbox Import Export<—Does not exist so you’ll need to create it

Discovery Management

The Discovery Management group is located in the Microsoft Exchange Security Groups OU in your domain:

image

Members of this management role group can perform searches of mailboxes in the Exchange organization for data that meets specific criteria.

clip_image001

Exchange Support Diagnostics & Exchange Mailbox Import Export

The Exchange Support Diagnostics & Exchange Mailbox Import Export groups are not created by default which means you’ll need to manually create them.  The following TechNet blog does a great job of explaining these groups so I won’t reiterate it here:

http://blogs.technet.com/b/exchange/archive/2010/03/26/3409621.aspx

The instructions in the blog above never worked for me as switch:

-Members “<domain\groupname>”

Would cause the cmdlet I execute to continuously fail.  My workaround is to simply omit that switch and add the members with the Active Directory Users and Computers GUI once the group has been created so to create the Exchange Mailbox Import Export group, execute the following cmdlet:

[PS] C:\Windows\system32>New-RoleGroup -Name “Exchange Mailbox Import Export” -Roles “Mailbox Import Export” -DisplayName “Exchange Mailbox Import Export” -Description “This group will provide access to mailbox import and export cmdlets within entire Exchange Organization.”

Name                          AssignedRoles                 RoleAssignments               ManagedBy

—-                          ————-                 —————               ———

Exchange Mailbox Import Ex… {Mailbox Import Export}       {Mailbox Import Export-Exc… {domain.internal/Microsoft …

[PS] C:\Windows\system32>

image

To create the Exchange Support Diagnostics group, execute the following cmdlet:

[PS] C:\Windows\system32>New-RoleGroup -Name “Exchange Support Diagnostics” -Roles “Support Diagnostics” -DisplayName “Exchange Support Diagnostics” -Description “This group will provide access to support diagnostics cmdlets within entire Exchange Organization.”

Name                          AssignedRoles                 RoleAssignments               ManagedBy

—-                          ————-                 —————               ———

Exchange Support Diagnostics  {Support Diagnostics}         {Support Diagnostics-Excha… {domain.internal/Microsoft …

[PS] C:\Windows\system32>

image

Once those 2 cmdlets have been successfully executed, you should now see the following 2 groups:

image

Proceed with adding the the account you intend on executing the cmdlet to delete the contents in a mailbox into those 2 groups.

Deleting contents of a mailbox

To delete the contents of a mailbox, first obtain the identity of the mailbox by executing the following:

[PS] C:\Windows\system32>Get-Mailbox | where-object {$_.alias -match “tluk”}

Name                      Alias                ServerName       ProhibitSendQuota

—-                      —–                ———-       —————–

Luk, Terence              tluk                 svrexmb12        unlimited

clip_image001[4]

Now that you have the identity execute the following cmdlet to delete the content:

**Note that this command deletes all of the mail in the inbox as well as the folders.

[PS] C:\Windows\system32>Search-Mailbox -Identity “Luk, Terence” -DeleteContent

Confirm

Deleting content from mailboxes Luk, Terence

[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is “Y”): Y

RunspaceId       : e9269d66-4888-4dd4-96cd-c72e0358e099

Identity         : domain.internal/Domain/Users/CCS/Luk, Terence

TargetMailbox    :

TargetPSTFile    :

Success          : True

TargetFolder     :

ResultItemsCount : 145

ResultItemsSize  : 18.22 MB (19,107,056 bytes)

[PS] C:\Windows\system32>

image

Check the mailbox to ensure that the content has been deleted:

image

Mark as helpful.

Recreating user profiles while maintaining the users mailbox

If you delete a user from Active Directory his mailbox won’t show up for a few hours under the disconnected mailboxes unless you run any of these commands
Deleted mailboxes will appear in disconnected mailbox list, but it will not reflect immediately. We have to wait for online maintenance to run and complete.

If we accidentally delete mailbox and if we wanted to reconnect it back then we may not be able to find it Disconnected Mailbox. We have run Clean-MailboxDatabase to get the deleted mailbox.

Eg.

Clean-MailboxDatabase \servername\SGName\Store
Cleaning Database of Individual Store

Get-Mailboxdatabase | Clean-MailboxDatabase
Cleans all the database in the Organization

Get-Mailboxdatabase | Where{ $_.Server –eq “<servername>”}| clean-MailboxDatabase
Cleans all the database in the specific store

Get-Mailboxdaatabase | Where{ $_.Name –eq “<DatabaseName>”}| clean-MailboxDatabase
Cleans all the Database which matches the specific name given in Databasename

Mark as helpful.

Exchange 2010 sends attachments as winmail.dat

  • In Microsoft Exchange Server 2010, select Microsoft Exchange On-Premises, select Organization Configuration, select Hub Transport, select the Properties for Default (or Domain name you have defined), select Never Use under Exchange Rich-text format. Save.

Never Use - Exchange Rich-Text Format - Hub Transport - Organization Configuration - Exchange Server 2010

Mark as helpful.

Setup Public Folder rights Exchange 2007

You can only do this through the Exchange Management Shell in Exchange 2007

 

Add-PublicFolderClientPermission -Identity “\Corporate Calendar” -AccessRights Owner -User Dave

to double check rights

Get-PublicFolderClientPermission -Identity “\Corporate Calendar” | fl

to remove settings

Remove-PublicFolderClientPermission -Identity “\Corporate Calendar” -Access Rights Owner -User Dave

If the name is more then one word spaced out then it requires “quotations”

Mark as helpful.

Troubleshoot OWA Server 2008 SBS Exchange 2007

SBS 2008. OWA was spitting out HTTP Error 500.19 – Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.

It then listed information, owaauth.dll was mentioned somewhere. Should start taking screen shots of these… It also referenced a line of web.config from program files\windows small business server\bin\webapp\sbs web applications, a line containing only . The event log showed an error relating to the DLL as well:

The Module DLL C:\Program Files\Microsoft\Exchange Server\ClientAccess\Owa\auth\owaauth.dll failed to load. The data is the error.

And this one:

Could not load all ISAPI filters for site ‘SBS WEB APPLICATIONS’. Therefore site startup aborted.

The error on the website complained of something being locked.

Searches all talked about 32bit mode vs 64bit, unlocking strings, resetting IWAM and IUSR accounts (though they don’t seem to apply to SBS 2008?), recreating your OWA folders… I did all that for hours with no luck. In the end, it was permissions: owaauth.dll had Authenticated Users granted Read and not Read & Execute. I discovered this by comparing the file to another server. The whole OWA folder was jacked. IISRESET and we were back up.

The moral here is to always remember to check your basics first. Two of my co-workers looked at this for well over an hour before it was passed to me and I won’t say how long I spent working on it before I found this. If the error says that a file can’t be loaded, maybe it actually means that the file can’t be loaded.

Mark as helpful.

Setup OWA Exchange 2007

1. Start IIS Manager.

2. Expand the local computer, expand Sites, and then click Default Web Site.

3. At the bottom of the Default Web Site Home pane, click Features View if this option isn’t already selected.

4. In the IIS section, double-click HTTP Redirect.

5. Select the Redirect requests to this destination check box.

6. Type the absolute path of the /owa virtual directory. For example, type https://mail.contoso.com/owa.

7. Under Redirect Behavior, select the Only redirect requests to content in this directory (not subdirectories) check box.

8. In the Status code list, click Found (302).

9. In the Actions pane, click Apply.

10. Click Default Web Site.

11. In the Default Web Site Home pane, double-click SSL Settings.

12. In SSL Settings, clear Require SSL.
Note:

If you don’t clear Require SSL, users won’t be redirected when they enter an unsecured URL. Instead, they’ll get an access denied error.

13. For the new settings to take effect, open a Command Prompt window, and then type iisreset /noforce to restart IIS.

Mark as helpful.

WinRM error: The content type is absent or invalid Exchange 2010

The error message is something to the effect of “Console initialization failure: WinRM error: The content type is absent or invalid.” I’ve since forgotten if this message shows up in the management console or the shell but both will display a similar message when trying to connect the the installed exchange server. Other errors you might see are along the lines of “The WinRM client sent a request.”

The resolution actually turned out to be very simple. Go to your IIS install and find the wwwroot directory. In that directory is a file called web.config. Rename this file. Now open a command prompt and issue the following command:
iisreset
You should now be able to get into the Exchange Mangement Console or Shell.

Mark as helpful.

Deleted Delegates Still Receive Meeting Invites for Other Mailbox Users

I encountered two cases this week caused by the same bug. They began with different problem descriptions:

  1. When people in a team send meeting requests to a room mailbox their team regularly uses, they receive an NDR for a person who left the company some time ago and no longer has an account or mailbox
  2. A person who used to be the delegate/manager for a room mailbox continues to receive meeting requests for that room, even though they no longer appear in the delegates list

Note that this doesn’t only impact room mailboxes, it just happens that was the situation in both of my cases this week.

In both cases the same bug was the root cause.  When delegates are added to a mailbox an invisible rule is added to that mailbox to forward the meeting requests to the delegates. When they are later removed the rule continues to send them the meeting requests.

For example in this case Ana Williams has one delegate, Alan Reid, but a former delegate Alex Heyne is also still receiving a copy of the meeting requests, even though he does not appear in the delegates list.

Because the invisible rule is invisible :) it can’t be seen in Outlook.

Instead we need to open the mailbox using MFCMAPI to see the rule.

Update: a few people have let me know that they’ve had success fixing this issue by simply removing all existing delegates, then re-adding them. That seems to remove the invisible rule with the stale entry, and then it is re-added with just the intended delegates. Though that approach didn’t work for me in these cases, it would be the quickest win so is worth trying first before going further with MFCMAPI.

Download MFCMAPI here and extract the file onto a computer that also has Outlook installed (it will use the Outlook profile to logon to Exchange).

After launching MFCMAPI click the Session menu and choose Logon.

After logging on choose MDB, Open other mailboxes, then From GAL.

Choose the suspect mailbox from the GAL, in this case Ana Williams. Click OK at the “CreateStoreEntryID flags” dialog that appears.

Navigate the Root Container down to Top of Information Store and then Inbox. Right-click Inbox and choose Other tables and then Rules table.

Depending on the number of regular inbox rules the mailbox has you may see more than one entry. To locate the invisible rule that handles email forwarding for delegates look for the rule that has a blank “Rule Name“, and has a PR_RULE_PROVIDER value of “Schedule+ EMS Interface“.

Before proceeding to the next step be aware that this process removes the email forwarding for all delegates on the mailbox. So before you delete it make sure you’ve made a note of the delegates who are supposed to remain on the mailbox, as they will need to be re-added.

Right-click the rule and choose Delete.

The final step is to re-add any delegates to the mailbox that are still wanted.

When this is complete only those intended delegates will receive the meeting requests, and the deleted delegates should receive no more meeting requests, or in the case of the former staff member, no longer cause NDRs back to the meeting organizers.

Mark as helpful.

Disable Back Pressure Exchange 2007

When running Exchange 2007 in a testing lab with limited resources you might experience issues in mail delivery like emails goes to draft folder or not receiving them at all. The reason for that is the Back Pressure feature that stops specific functions.

To disable Back Pressure: Go to C:\Program Files\Microsoft\Exchange Server\Bin directory and open the EdgeTransport.exe.config file using notepad.
Change the value of EnableResourceMonitoring from True to False: To: Save file and Restart Microsoft Exchange Transport Service. –

Mark as helpful.

Stop Foreign Language Spam – McAfee MxLogic

While the Email Protection Service does not have a direct method to filter messages in foreign languages, you can set a content filter to catch these messages based on the character set.
Please follow these instructions to minimize these messages:
1. Login to the Control Console to access your account
2. Click Email Protection
3. Select Policies
4. Double-click the desired inbound policy
5. Select Content
6. Select the Custom Content Groups sub-tab
7. Under content groups press the NEW button to create a new group
8. Name the group with a name that will make sense to you for later reference and enter the character set specified in the header (for example -“koi8-r” for Russian/Cyrillic) into the keyword box (NOTE -do not include the quotations)
9. Select the desired corrective action: Quarantine, Deny, Tag Subject, Allow, None
10. After finishing your choices press SAVE
11. Press SAVE again to complete the action and allow up to 15 minutes for the changes to take effect.

The following list is the Character Set codes for most of the available Character Sets, grouped by language or region. It is recommended that when using Character Set codes in a filter that extreme caution be used, and use only the Character Sets absolutely needed to block unwanted mail.
When including the Character Sets in a policy, do not include the “charset=” portion, as this is left in only for reference.
–ARABIC–
ASMO 708 charset=ASMO-708
DOS charset=DOS-720
ISO charset=iso-8859-6
Mac charset=x-mac-arabic
Windows charset=windows-1256
IBM EBCDIC charset=x-EBCDIC-Arabic
–BALTIC–
DOS charset=ibm775
ISO charset=iso-8859-4
Windows charset=windows-1257
–CENTRAL EURPOEAN–
DOS charset=ibm852
ISO charset=iso-8859-2
Mac charset=x-mac-ce
Windows charset=windows-1250
IBM EBCDIC charset=x-EBCDIC-DenmarkNorway
IBM EBCDIC charset=x-ebcdic-denmarknorway-euro
IBM EBCDIC charset=x-EBCDIC-FinlandSweden
IBM EBCDIC charset=x-ebcdic-finlandsweden-euro
IBM EBCDIC charset=x-ebcdic-france-euro
IBM EBCDIC charset=X-EBCDIC-Spain
IBM EBCDIC charset=x-ebcdic-spain-euro
–CHINESE SIMPLIFIED–
EUC charset=EUC-CN
GB2312 charset=gb2312
HZ charset=hz-gb-2312
Mac charset=x-mac-chinesesimp
IBM EBCDIC charset=x-EBCDIC-SimplifiedChinese
Government Standard charset=GB18030
–CHINESE TRADITIONAL–
Big5 charset=big5
CNS charset=x-Chinese-CNS
Eten charset=x-Chinese-Eten
Mac charset=x-mac-chinesetrad
Mac charset=950
IBM EBCDIC charset=x-EBCDIC-TraditionalChinese
–CYRILLIC RUSSIAN, ETC.–
DOS charset=cp866
ISO charset=iso-8859-5
KOI8-R charset=koi8-r
KOI8-U charset=koi8-u
Mac charset=x-mac-cyrillic
Windows charset=windows-1251
IBM EBCDIC Russian charset=x-EBCDIC-CyrillicRussian
IBM EB… Serbian-Bulgarian charset=x-EBCDIC-CyrillicSerbianBulgarian
–EUROPE–
Europa charset=x-Europa
–GERMAN–
IA5 charset=x-IA5-German
IBM EBCDIC charset=x-EBCDIC-Germany
IBM EBCDIC charset=x-ebcdic-germany-euro
–GREEK–
Greek DOS charset=ibm737
Greek ISO charset=iso-8859-7
Greek Mac charset=x-mac-greek
Windows charset=windows-1253
DOS charset=ibm869
IBM EBCDIC charset=x-EBCDIC-GreekModern
IBM EBCDIC charset=x-EBCDIC-Greek
–HEBREW–
DOS charset=DOS-862
ISO-Logical charset=iso-8859-8-i
ISO-Visual charset=iso-8859-8
Mac charset=x-mac-hebrew
Windows charset=windows-1255
IBM EBCDIC charset=x-EBCDIC-Hebrew
–ICELANDIC—
DOS charset=ibm861
Mac charset=x-mac-icelandic
IBM EBCDIC charset=x-EBCDIC-Icelandic
IBM EBCDIC charset=x-ebcdic-icelandic-euro
–INTERNATIONAL EUROPEAN
IBM EBCDIC charset=x-ebcdic-international-euro
–ITALIAN–
IBM EBCDIC charset=x-EBCDIC-Italy
IBM EBCDIC charset=x-ebcdic-italy-euro
–ISCII Languages—
Assamese charset=x-iscii-as
Bengali charset=x-iscii-be
Devanagari charset=x-iscii-de
Gujarathi charset=x-iscii-gu
Kannada charset=x-iscii-ka
Malayalam charset=x-iscii-ma
Oriya charset=x-iscii-or
Panjabi charset=x-iscii-pa
Tamil charset=x-iscii-ta
Telugu charset=x-iscii-te
–JAPANESE—
EUC charset=euc-jp
EUC charset=x-euc-jp
JIS charset=iso-2022-jp
JIS-Allow 1 byte Kana -SO/SI charset=iso-2022-jp
JIS-Allow 1 byte Kana charset=csISO2022JP
Mac charset=x-mac-japanese
Shift-JIS charset=shift_jis
IBM EBCDIC Kaakana charset=x-EBCDIC-JapaneseAndKana
IBM EBCDIC Japanese-Latin charset=x-EBCDIC-JapaneseAndJapaneseLatin
IBM EBCDIC US-Canada charset=x-EBCDIC-JapaneseAndUSCanada
IBM EBCDIC katakana charset=x-EBCDIC-JapaneseKatakana
–KOREAN—
Korean charset=ks_c_5601-1987
EUC charset=euc-kr
ISO charset=iso-2022-kr
Johab charset=Johab
Mac charset=x-mac-korean
IBM EBCDIC charset=x-EBCDIC-KoreanAndKoreanExtended
IBM EBCDIC charset=x-EBCDIC-KoreanExtended
–LATIN—
ISO charset=iso-8859-3
ISO charset=iso-8859-15
Multilingual Latin charset=CP870
–NORWEGIAN—
IA5 charset=x-IA5-Norwegian
–OEM UNITED STATES—
IBM OEM charset=IBM437
–SWEDISH—
IA5 charset=x-IA5-Swedish
–THAI—
Windows charset=windows-874
IBM EBCDIC charset=x-EBCDIC-Thai
–TURKISH—
DOS charset=ibm857
ISO charset=iso-8859-9
Mac charset=x-mac-turkish
Windows charset=windows-1254
Latin-5 charset=CP1026
IBM EBCDIC charset=x-EBCDIC-Turkish
–UNICODE—
Unicode charset=unicode
Unicode (Big-Endian) charset=unicodeFFFE
Unicode (UTF-7) charset=utf-7
Unicode (UTF-8) charset=utf-8
–US ASCII—
US-ASCII charset=us-ascii
–UNITED KINGDOM–
IBM EBCDIC charset=x-EBCDIC-UK
IBM EBCDIC charset=x-ebcdic-uk-euro
–US/CANADA–
IBM EBCDIC charset=ebcdic-cp-us
IBM EBCDIC –Euro charset=x-ebcdic-cp-us-euro
–VIETNAMESE—
Windows charset=windows-1258
–WESTERN EUROPEAN—
DOS charset=ibm850
IA5 charset=x-IA5
ISO charset=iso-8859-1
Mac charset=macintosh
Windows charset=Windows-1252

Mark as helpful. 0

Clear out Deleted Items Folder with MFCMapi Exchange 2010

When your Deleted Items folder is over 10gb you will run into issues clearing out the folder and none of the powershell commands I used worked properly.
MFCMapi does the trick for this
Load up MFCMapi on a machine with the Outlook profile loaded on it. Also make sure Cached mode isn’t enabled.

– Give your account rights to open the mailbox.
– Go to control panel > mail > profiles > ask for a profile each time outlook opens
– Open Outlook > New profile > input appropriate info for mailbox and users alias > UNCHECK “cached exchange mode” > open the users mailbox once w/ Outlook, then close Outlook.
– Open MFCMapi (if Outlook is x64, then use x64 of MFCMapi)
– ok > Session > Logon and display store table
– Select the profile for the user you added.
– Double click “mailbox – user”
– Expand “Root Container” > right click on “Recoverable Items” and select > open contents table
– Give it a min to enumerate all items
– Select any unwanted items and right click “delete message”
– You can also expand recoverable items and then highlight purge or deletions and open the contents table for those as well.
– Open up Top of Information Store
– Expand “Deleted Items”
– Select any unwanted items and right click “delete message”
– Then close windows until you get the original one and logoff.

Be careful with MFCMapi as it can cause serious damage to a mailbox.

Mark as helpful. 2

Purge Disconnected Mailboxes in Exchange Server 2007

Listing all disconnected mailboxes

Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid

Removing a single entry

Remove-Mailbox -Database <Database-Name> -StoreMailboxIdentity <MailboxGuid> -confirm:$false

Removing all users at the same time

$users = Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid

Now that we have all disconnected mailboxes in a var, we can run the following cmdlet to remove all of them:

$users | ForEach { Remove-Mailbox -Database “Mailbox Database” -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }

Mark as helpful. 0

Move Exchange Queue on Exchange 2007

1. On a separate disk volume, create a new folder structure, D:\Microsoft Exchange\Queue.

2. Open the Exchange Management Shell and type the following command:

Move-TransportDatabase.ps1 -QueueDatabasePath: “D:\Microsoft Exchange\Queue” -QueueDatabaseLoggingPath: “D:\Microsoft Exchange\Queue”

3. This PowerShell script performs the move operation for the queue database and queue database logging
from “C:\inetpub\mailroot\Queue” (as in case of Exchange 2007) to “D:\Microsoft Exchange\Queue”

4.You can now see the queue database and it’s associated log files on the new volume

Mark as helpful. 0

Purge Disconnected Mailboxes in Exchange Server 2010

List mailbox databases guid
> Get-MailboxDatabase |ft Name, Guid

List disconnected mailboxes in a specific database
> Get-MailboxStatistics -Database | Where-Object {$_.DisconnectDate -Notlike $NULL} | FL DisplayName, DisconnectDate, MailboxGuid

Delete a specific disconnected mailbox
> Remove-Mailbox -Database “” -StoreMailboxIdentity -confirm:$false

Delete all disconnected mailboxes in a specific database
> $users = Get-MailboxStatistics -Database “” | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid,Database

> $users | ForEach { Remove-Mailbox -Database $_.Database -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }

Example
Delete a specific disconnected mailbox in the database named My Database
> Remove-Mailbox -Database “My Database” -StoreMailboxIdentity g437dd12-2f96-4a67-8f6f-c47fa70247e2 -confirm:$false

Delete all disconnected mailboxes in the database named My Database
> $users = Get-MailboxStatistics -Database “My Database” | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid,Database

> $users | ForEach { Remove-Mailbox -Database $_.Database -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }

Mark as helpful. 0

Delete Disconnected Mailboxes on Exchange 2010 Version 2

Problem

In older versions of Exchange, we just had to “Purge” disconnected mailboxes, now we don’t have that option.

Solution

WARNING this will remove ALL disconnected mailboxes, make sure you actually want to do this before proceeding.

1. On one of the Exchange servers > Start > All Programs > Microsoft Exchange Server 2010 > Exchange Management Shell.

2. Issue the following commands;

$mailboxes = Get-ExchangeServer | Where-Object {$_.IsMailboxServer –eq $true} | ForEach-Object { Get-MailboxStatistics –Server $_.Name | Where-Object {$_.DisconnectDate –notlike ‘’}} | select displayname, mailboxguid, database

Then;

$mailboxes | ForEach { Remove-Mailbox -Database $_.Database -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }

Purge Mailboxes

2. If you have the Exchange Management console open (as above), you may need to refresh, before they disappear.

Mark as helpful. 0

Setup Barracuda Journaling via SMTP

Register each Exchange Server as a Trusted SMTP Server

To ensure that journaled message archiving begins as soon as your Exchange Servers are configured to send them, register each Exchange Server as a Trusted SMTP Server with the Barracuda Message Archiver (on the MAIL SOURCES > SMTP page) prior to configuring your Exchange Servers. Also see Understanding SMTP Forwarding and Trusted Servers.

Once the Barracuda Message Archiver is configured to receive SMTP traffic, you must complete the following from the Exchange Management Console (EMC) of each Exchange Server that will be journaling directly into the Barracuda Message Archiver:

  • From Recipient Configuration – Create a Mail Contact that is to act as the recipient of all journaled messages.
  • From Organization Configuration > Hub Transport– Create the following items:
    • a (non-routable) Remote Domain, to act as the recipient domain for journaled traffic
    • a Send Connector, for routing journaled messages
    • a Journaling Rule to actually enable journaling on your Exchange Server

Configure the Barracuda Message Archiver

On the Barracuda Message Archiver, use the the following steps to enable SMTP forwarding:

  1. Go to the MAIL SOURCES > SMTP page.
  2. In the Trusted SMTP Servers section, enter the IP address of each Exchange Server that is to journal directly to the Barracuda Message Archiver.

Create a Remote Domain

The Remote Domain must be a non-existent or externally non-routable and unresolvable domain, from either inside or outside your organization, and must match the Mail Contact that is the recipient of journaled messages as it is used by the Exchange Server for routing all SMTP Journal traffic. Use the following steps to create a remote domain:

  1. Open the EMC, expand Organization Configuration, select Hub Transport, and click the Remote Domains tab in the center pane.
  2. In the Actions panel in the right pane, click New Remote Domain. The New Remote Domain dialog displays.
  3. Enter a Name to describe the domain, and the actual Domain name you want to use. In this example, bma.int is the “fake” domain name that is used. You will use this domain name later when creating the Mail Contact:
    newremotedomain.png
  4. Click New to verify the domain settings, and click Finish to save your settings. The newly created domain displays in the Remote Domains list.
  5. Double-click on the newly created domain to open the Properties dialog for the newly created domain, and:
    • In Exchange 2007, select Format of original message sent as attachment to the journal report.
    • In Exchange 2010, select the Message Format tab in the Properties dialog box.
  6. Select the following options to ensure journal messages sent to this domain are MIME Plain Text format (rather than the unsupported Exchange Rich Text format):
    • In the Message Format Options section, turn on Allow automatic forward.
    • In the Exchange rich-text format section, select Never Use:
      bmaproperties.png

      Verify that only Never use and Allow automatic forward are selected in the dialog box.

  7. Click Apply to save your settings, and click OK to close the Properties dialog.

Create a Mail Contact

The Mail Contact is the account that is to act as a “holding location” for journaled messages. The email address associated with this account is the designated recipient, and should be associated with a non‑routable, “dummy” domain name. Use the following steps to create a Mail Contact:

  1. In the EMC, expand Recipient Configuration, select Mail Contact, and in the Actions panel, click New Mail Contact:
    newmailcontact.png
  2. In the dialog, select New Contact, and click Next.
  3. Enter a First name and Last name; the Name field automatically populates based on the entered values. Enter an Alias:
    newmailcontact2.png
  4. Click Edit to the right of the External e-mail address field, and in the SMTP Address dialog, enter the delivery email address, for example, BMA_Journal@bma.int:
    smtp address.png

    The account name can be anything you want, but the domain name must match what you created in the preceding section, Create a Remote Domain.

  5. Click OK to close the dialog box. In the Wizard, click Next to verify the information:
    newmailcontact3.png
  6.  Click New to create the Mail Contact. The newly-created contact appears in the Mail Contact list. Click Finish to close the Wizard.

Create a Send Connector

  1. In the EMC, expand Organization Configuration, select Hub Transport, and select the Send Connector tab. In the Actions panel, and click New Send Connector. The New Send Connector dialog displays. Enter a Name to identify this send connector, e.g., Barracuda Message Archiver:
    newsendconnector.png
  2. From the Select the intended use for this Send connector menu, select Custom, and click Next.
  3. In the Address Space section, click Add; the SMTP Address Space dialog box displays:
    smtpaddressspace.png
  4. In the Address space field, enter the domain created earlier, e.g., bma.int, and click OK. The SMTP connector is added:
    newsendconnector2.png
  5. Click Next. Select Route mail through the following smart host:
    newsendconnector3.png
  6. Click Add. In the Add smart host dialog box, select IP address, and enter the IP address of your Barracuda Message Archiver:
    add smart host.png
  7. Click OK to add the IP address. Click Next, then click Next again.
  8. In the Source Server page, if your Exchange server is not already listed, click Add to search for and add the server to this list. Click Next to verify your configuration, and click New to create the Send Connector. Click Finish to return to the Send Connectors tab; the newly-created Send Connector displays in the list.
  9. Right-click on the new Send Connector, and click Properties.
  10. In the Properties dialog box, clear Maximum message size (KB):
    send connector properties.png
  11.  Click Apply, and then click OK to save your changes and close the dialog box.

Create a Journaling Rule

Both the Standard and Enterprise versions of Microsoft Exchange Server 2007 and 2010 support Standard and Premium Journaling. Open the EMC, and complete the following steps to add a journaling rule:

  1. In the EMC, expand Organization Configuration, select Hub Transport, and select the Journal Rules tab.
  2. In the Actions panel, click New Journal Rule; the New Journal Rule dialog displays.
  3. Enter a Rule name, and for the Send Journal reports to e-mail address, click Browse and navigate to and select the mail contact created in the section Create a Mail Contact; e.g., BMA_Journal@bma.int:
    newjournalrule.png
  4. Select the Scope for archiving; the recommended setting is Global – all messages for the most complete coverage.
  5. Turn on Enable Rule, click New to create the Journaling rule, and click Finish to return to the Journal Rules tab where the newly-created rule displays in the list.

Mark as helpful. 0

Setting Max Send and Receive size using Exchange Powershell 2010

Before you run the commands you should check the Transport settings config and check the individual mailbox settings also.

This command is to check the transport config
get-transportconfig | ft maxsendsize, maxreceivesize

This command is to check the send and receive max for individual or all users
get-mailbox “Administrator” |ft Name, Maxsendsize, maxreceivesize
Put an individual user in the quotation or to see all users remove the user and quotations.

This command will set the transport
Set-TransportConfig -MaxSendSize 15MB -MaxReceiveSize 15MB

This command will set all the individual users
Get-Mailbox “Administrator” | Set-Mailbox -MaxSendSize 10MB -MaxReceiveSize 10MB
You can use it on an individual user or remove the user and quotation so it runs on all users.
Change the number accordingly.

Mark as helpful. 0

Manually Purge Exchange Log Files – Exchange 2010

This KB is great for purging log files on Exchange 2010 especially if you don’t have time to run a backup and can’t afford any downtime. Also works great if you have a DAG setup.

Note: If you have separated your log files and database file in different drives, or you want to include additional databases in the “backup” you must include the additional drives in the process, so in the example below, you will “Add volume e:” after “Add volume drive d:” and so on…
1.Open Command prompt
2.Launch Diskshadow 1.Add volume d:
2.(optional, add one line for each additional drive to include) Add volume X:
3.Begin Backup
4.Create
5.End Backup

3.At this step you should notice the following events in the application log indicating that the backup was indeed successful and logs will now be deleted.

Here’s some screenshots from the process:

Diskshadow commands for the example

The Diskshadow example screenshot.

ESE Event ID 2005

ESE – Event ID 2005 – Starting a Full Shadow Copy Backup

MSExchangeIS Event ID 9811

MSexchangeIS – Exchange VSS Writer preparation.

ESE Event ID 224 – Logs being Purged

ESE Event ID 224 – Logs are now purged

MSExchangeIS Event ID 9780 – Backup complete

MSExchangeIS Event ID 9780 – Backup is now complete.

side note: although this example was tested against Exchange 2010, it should work just as fine with Exchange 2013 & 2007.

Mark as helpful. 0

Bypass HTTPS root domain for Autodiscover

https://blog.jamesbayley.com/2015/12/01/registry-hack-to-enable-outlook-2016-to-connect-to-office-365/

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover\ DWORD: ExcludeHttpsRootDomain Value: 1 DWORD: ExcludeScpLookup DWORD: ExcludeHttpsAutoDiscoverDomain DWORD: ExcludeHttpRedirect

Mark as helpful. 2

Limit CPU Usage – Exchange 2010

Make a copy of registry keys before doing this.

Step:-1

 

?             Create the below registry key on Domain controller and Exchange Server.

?             Browse to the path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

?             Create the below dword value

?             Value Name: MaxConcurrentApi

?             Data Type: REG_DWORD

?             Value: 50

 

Step:-2

  • Create below registry key only on Exchange Server

?             Browse to the path  HKLM\Software\Policies\Microsoft\Windows NT

?             Create the new key RPC and add the below dword value in that

?             Data Type: REG_DWORD: MinimumConnectionTimeout

?             Value: 0x00000078 (120 decimal)

 

Step:-3

?             Create below registry keys only on Exchange Server.

?             Browse to the path HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

?             Create the below value

?             Value Name: KeepAliveTime

?             Value Type: REG_DWORD (32 Bit)

?             Value: 300000(Decimal)

 

Restart server after completed.

Mark as helpful. 0

The server appears to be rate limiting connections – Exchange 2010

To resolve this you need to create a new throttling policy for the affected user

New-ThrottlingPolicy -Name MessageRateLimit -MessageRateLimit 100

Set-Mailbox “User1” -ThrottlingPolicy MessageRateLimit

Mark as helpful. 0

EXCHANGE 2010 – THE WINRM CLIENT RECEIVED AN HTTP SERVER ERROR STATUS (500)

Check Powershell directory in IIS on the problem server. Make sure SSL is not required.
Allow only Anonymous access – no basic/IWA auth etc.
If you can get into Windows Powershell Modules, run the set-user command suggested above from there.
Remove-powershellvirtualdirectory, and then New-powershellvirtualdirectory (either remotely or using Windows Powershell Modules.
Re-check SSL/authentication once this is done.

Also run iisreset command when completed if you made any changes to any IIS directories.

Mark as helpful. 1