Archive for the ‘Exchange 2010’ Category

Marc Lognoul's IT Infrastructure Blog

Having recently dealt with MS Exchange vs. Firewall and flows issues, I thought it might be interesting to post a summary of useful links related to network ports and flows used by Exchange and various clients . Bottom line: Exchange and firewalls ain’t no good friends but you already knew hat don’t you?

Clients and Mailflows

Unified Messaging

Hybrid Deployments

Other Resources

View original post

Hi Folks,

today’s challenge was to bulk set calendar rights in a multilingual environment (with powershell).
On the net you can find some articles that address similar problems, but no real solution.

Download the follwing scripts as txt here.

Here my quick an dirty script:

# Set default as LimitedDetails for all calendars.
# Will get the language forch each users calendar Folder
# TEST WITH ONE ORE MORE USERS
# foreach($mbx in Get-Mailbox -identity USER | where-object {$_.displayname -like "*test user*"})


foreach($mbx in Get-Mailbox -ResultSize Unlimited | where-object {$_.displayname -notmatch "discovery"})

{
$Calfolder = $Mbx.Name
$Calfolder += ':\'
$CalFolder += [string](Get-mailboxfolderstatistics $Mbx -folderscope calendar).Name
$mbx = $CalFolder
$test = Get-MailboxFolderPermission -Identity $mbx -erroraction silentlycontinue
if($test -ne $null)
{
Set-MailboxFolderPermission -Identity $mbx -User Default -AccessRights LimitedDetails | out-null
}
}

If you want to create all new mailboxes with special permissions you nee to configure the Cmdlet Extension Agent
To enable the agent this you have to the following steps:

  • Create an XML file named ScriptingAgentConfig.xml  and save it in your Exchange’s Default Directory on EVERY Exchange Server in your organization
    e.g. C:\Program Files\Microsoft\Exchange Server\V15\Bin\CmdletExtensionAgents

    <?xml version=”1.0″ encoding=”utf-8″ ?>
    <Configuration version=”1.0″>

    <Feature Name=”MailboxProvisioning” Cmdlets=”New-Mailbox”>
    <ApiCall Name=”OnComplete”>
    if($succeeded)
    {
    start-sleep -s 10
    $mbx =  (Get-User $provisioningHandler.UserSpecifiedParameters[“Name”]).distinguishedName
    Set-MailboxFolderPermission -Identity $mbx”:\Calendar” -User “Default” -AccessRights LimitedDetails
    }
    </ApiCall>
    </Feature>

    <Feature Name=”MailboxProvisioning” Cmdlets=”Enable-Mailbox”>
    <ApiCall Name=”OnComplete”>
    if($succeeded)
    {
    start-sleep -s 5
    $user = Get-User -Identity $provisioningHandler.UserSpecifiedParameters[“Identity”]
    $mbx = Get-Mailbox -Identity $user.DistinguishedName
    Set-MailboxFolderPermission -Identity $mbx”:\Calendar” -User “Default” -AccessRights LimitedDetails
    }
    </ApiCall>
    </Feature>

    </Configuration>

 

  • Use the Exchange Management Shell and run the following command on EVERY Exchange server in your organization:
    Enable-CmdletExtensionAgent “Scripting Agent”
  • Create new user

Cheers,

Chris

Hey folks,

in the following post I want to give you a list of alternative solutions for the safe publishing of exchange (some with pre-auth):

KEMP Edge Security Pack
http://kemptechnologies.com/de/tmg-edge-security-authentication

Barracuda ADC
https://techlib.barracuda.com/adc/msx2013deploy

CITRIX Netscaler
http://blogs.citrix.com/2013/12/19/tmg-replacement-for-exchange-2013-with-netscaler/

SOPHOS UTM
http://www.sophos.com/en-us/products/unified/utm/tmg-replacement.aspx

Microsoft WAP
http://blogs.technet.com/b/jrosen/archive/2013/12/28/setting-up-windows-application-proxy-for-exchange-2013.aspx

Cheers,

Chris

 

 

Patrick's Blog

Recently after setting up a second Exchange 2010 server I had an issue where Public Folder replicas were not replicating. When running the following cmdlet it showed the replicas as being configured but they never showed up on the second server.

I didn’t get any errors when configuring the replicas. I even set the Diagnostic Logging Level on certain services under MSExchangeIS9001 Public to Expert but still nothing.

After a few days of dead ends on the Internet I was reminded about ExFolders. So I downloaded it & tried to run it but got an error that says, “An error occurred while trying to establish a connection to the Exchange server. Exception: The Active Directory user wasn’t found.” Finally an error I can search for. I quickly came across this site.

I opened ADSIEdit & connected to the Configuration partition. I deleted the empty CN=Servers container from the old administrative…

View original post 70 more words

JAMIE MCKILLOP

UPDATE: Version 2.1 is available. For details, click here.

The Exchange tracking logs provide a wealth of information about mail flow through your organization. Unfortunately, the tools that ship with Exchange aren’t very good at leveraging this information in a useful way. You can use the message tracking tool that ships with EMC to search for specific logs but beyond viewing the raw log data, there isn’t much information available. Fortunately, Microsoft has provided us with powershell and powershell can be used in all sorts of interesting ways to gather, aggregate and present data in useful summaries and reports.

One of the great things about powershell and the IT community is that there are plenty of people who have built powershell scripts to solve problems, automate or streamline tasks, and gather and present data. Most people are more than happy to share their scripts with anyone who would like…

View original post 1,095 more words

Hi Folks,

sometimes you forget to delete the Exchange 2010 CAS Array Object with “Remove-ClientAccessArray” within the Exchange 2010 Shell while migrating to Exchange 2013.

After Deinstallation of Exchange 2010 the “Remove-ClientAccessArray” isn’t available in the Exchange 2013 Shell.

To remove the CAS Array Object open ADSI-Edit and go to configuration

Navigate to this path:

CN=Configuration,DC=DOMAIN,DC=LOCAL
CN=Services
CN=Microsoft Exchange
CN=EXCHANGE_ORG
CN=Administrative Groups
CN=Exchange Administrative Group (FYDIBOHF23SPDLT)
CN=Array
DELETE CAS Array Entry and wait for AD Replication

cas-array

Cheers, Chris

Hey Folks,

after updateing a customers’ Exchange 2010 SP3 Server to SP3 Rollup 1 we got massive Problems with the ExchangeTransport Service.

The serivce crashed repeatedly and generated several Event log entries with the following IDs:

4999,10001,10002,10003,12028

The Exchange poison quee was filled up with normal mail traffic.

After uninstalling SP3 Rollup 1 from the HT servers the problem disappeared.

Cheers,

Chris

UPDATE:

My colleague Michael Miklis pointed out to me, that this behaviour is referred in the SP§ RU1 release article:

Known Issue

After this update is applied, there is an issue in which messages stick in a poison queue and the transport service crashes.

This issue is caused by a transport rule (disclaimer) that tries to append the disclaimer to the end of HTML-Formatted messages. When this occurs, messages are put in the poison queue and the transport service crashes with an exception. We are investing resources to develop a code fix. To work around this issue, you can disable or reconfigure the disclaimer transport rule.

(Source: http://support.microsoft.com/kb/2803727/en-us)

I am often approached by clients on Exchange’s singel item recovery feature. Without tools you can only configure the single item recovery feature PowerShell. This article will provide an overview of the necessary steps.

Activation in Exchange 2010
Activate single-item-recovery for all users

get-mailbox -RecipientType ‘UserMailbox’ | Set-Mailbox -SingleItemRecoveryEnabled $true

Set the deleted-item retention for all databases to 30 days

Get-MailboxDatabase | Set-MailboxDatabase -DeletedItemRetention 30

Fetch deleted-item retention, database and server

Get-MailboxDatabase | ft name, server, deleteditemretention

Get an overview about mailbox, logon, size, deleted items filtered by city Hamburg

get-recipient  -RecipientType ‘UserMailbox’ -Filter ‘((City -like ”Hamburg”))’ | Get-MailboxStatistics | ft DisplayName,LastLogonTime,LastLogoffTime,TotalItemSize,DeletedItemCount

Recovery
Recover deleted items from user mailboxes

Mailbox export request

New-MailboxExportRequest -Mailbox “Discovery Search Mailbox” -SourceRootFolder “Folder of deleted Mail” -ContentFilter {Subject -eq “Subject of deleted Mail”} -FilePath \\FileServerName\C$\ExchangeRecovery\RecoveredMails.pst

If you got an error message that the command Search-Mailbox does not exist, simply close and reopen the Exchange Management shell

Import the messages to the user’s mailbox, use the following command:

New-MailboxImportRequest -Mailbox “Username” -TargetRootFolder “Recovered by Admin” -FilePath \\FileServerName\C$\ExchangeRecovery\RecoveredMails.pst

In the Exchange Management Shell, enter the following command:

Search-Mailbox “Discovery Search Mailbox” -SearchQuery “from:’Username’ AND Subject of deleted Mail” -TargetMailbox “Username” -TargetFolder “Recovered by Admin” -LogLevel Full -DeleteContent

Switch back to the client workstation and check if the message has disappeared from the Discovery Search Mailbox.

Open Outlook and review the new folders from the recovery processes.

Cheers,

Chris