Posts Tagged ‘2010’

Hi Folks,

today’s challenge was to bulk set calendar rights in a multilingual environment (with powershell).
On the net you can find some articles that address similar problems, but no real solution.

Download the follwing scripts as txt here.

Here my quick an dirty script:

# Set default as LimitedDetails for all calendars.
# Will get the language forch each users calendar Folder
# foreach($mbx in Get-Mailbox -identity USER | where-object {$_.displayname -like "*test user*"})

foreach($mbx in Get-Mailbox -ResultSize Unlimited | where-object {$_.displayname -notmatch "discovery"})

$Calfolder = $Mbx.Name
$Calfolder += ':\'
$CalFolder += [string](Get-mailboxfolderstatistics $Mbx -folderscope calendar).Name
$mbx = $CalFolder
$test = Get-MailboxFolderPermission -Identity $mbx -erroraction silentlycontinue
if($test -ne $null)
Set-MailboxFolderPermission -Identity $mbx -User Default -AccessRights LimitedDetails | out-null

If you want to create all new mailboxes with special permissions you nee to configure the Cmdlet Extension Agent
To enable the agent this you have to the following steps:

  • Create an XML file named ScriptingAgentConfig.xml  and save it in your Exchange’s Default Directory on EVERY Exchange Server in your organization
    e.g. C:\Program Files\Microsoft\Exchange Server\V15\Bin\CmdletExtensionAgents

    <?xml version=”1.0″ encoding=”utf-8″ ?>
    <Configuration version=”1.0″>

    <Feature Name=”MailboxProvisioning” Cmdlets=”New-Mailbox”>
    <ApiCall Name=”OnComplete”>
    start-sleep -s 10
    $mbx =  (Get-User $provisioningHandler.UserSpecifiedParameters[“Name”]).distinguishedName
    Set-MailboxFolderPermission -Identity $mbx”:\Calendar” -User “Default” -AccessRights LimitedDetails

    <Feature Name=”MailboxProvisioning” Cmdlets=”Enable-Mailbox”>
    <ApiCall Name=”OnComplete”>
    start-sleep -s 5
    $user = Get-User -Identity $provisioningHandler.UserSpecifiedParameters[“Identity”]
    $mbx = Get-Mailbox -Identity $user.DistinguishedName
    Set-MailboxFolderPermission -Identity $mbx”:\Calendar” -User “Default” -AccessRights LimitedDetails



  • Use the Exchange Management Shell and run the following command on EVERY Exchange server in your organization:
    Enable-CmdletExtensionAgent “Scripting Agent”
  • Create new user



Hey folks,

in the following post I want to give you a list of alternative solutions for the safe publishing of exchange (some with pre-auth):

KEMP Edge Security Pack

Barracuda ADC

CITRIX Netscaler


Microsoft WAP






UPDATE: Version 2.1 is available. For details, click here.

The Exchange tracking logs provide a wealth of information about mail flow through your organization. Unfortunately, the tools that ship with Exchange aren’t very good at leveraging this information in a useful way. You can use the message tracking tool that ships with EMC to search for specific logs but beyond viewing the raw log data, there isn’t much information available. Fortunately, Microsoft has provided us with powershell and powershell can be used in all sorts of interesting ways to gather, aggregate and present data in useful summaries and reports.

One of the great things about powershell and the IT community is that there are plenty of people who have built powershell scripts to solve problems, automate or streamline tasks, and gather and present data. Most people are more than happy to share their scripts with anyone who would like…

View original post 1,095 more words

Hi Folks,

sometimes you forget to delete the Exchange 2010 CAS Array Object with “Remove-ClientAccessArray” within the Exchange 2010 Shell while migrating to Exchange 2013.

After Deinstallation of Exchange 2010 the “Remove-ClientAccessArray” isn’t available in the Exchange 2013 Shell.

To remove the CAS Array Object open ADSI-Edit and go to configuration

Navigate to this path:

CN=Microsoft Exchange
CN=Administrative Groups
CN=Exchange Administrative Group (FYDIBOHF23SPDLT)
DELETE CAS Array Entry and wait for AD Replication


Cheers, Chris

Hey Folks,

after updateing a customers’ Exchange 2010 SP3 Server to SP3 Rollup 1 we got massive Problems with the ExchangeTransport Service.

The serivce crashed repeatedly and generated several Event log entries with the following IDs:


The Exchange poison quee was filled up with normal mail traffic.

After uninstalling SP3 Rollup 1 from the HT servers the problem disappeared.




My colleague Michael Miklis pointed out to me, that this behaviour is referred in the SP§ RU1 release article:

Known Issue

After this update is applied, there is an issue in which messages stick in a poison queue and the transport service crashes.

This issue is caused by a transport rule (disclaimer) that tries to append the disclaimer to the end of HTML-Formatted messages. When this occurs, messages are put in the poison queue and the transport service crashes with an exception. We are investing resources to develop a code fix. To work around this issue, you can disable or reconfigure the disclaimer transport rule.


If you install Exchange 2013 CU1 in an existing Exchange 2010 SP3 environment you might wonder why you will be redirected to Exchange 2010’s OWA/ECP when trying to open Exchange 2013 EAC.
In a mixed environment you have to add the Exchange client version as parameter:

After adding this parameter you should be able to open the EAC.

Cheers, Chris

We know a lot of you have been waiting for this, and so it is with great excitement that we announce that Exchange Server 2013 RTM Cumulative Update 1 (CU1) has been released to the web and is available for immediate download! This is the first release using the new servicing model for Exchange Server 2013. In addition to this article, the Exchange 2013 RTM CU1 release notes are also available.

Note: Article links may not be immediately available at the time of this post’s publishing. Exchange 2013 documentation update for CU1, including Release Notes, is scheduled for tomorrow (4/3/2013) .

CU1 is the minimum version of Exchange 2013 required for on-premises coexistence with supported legacy Exchange Server versions. The final build number for CU1 is 15.0.620.29. For more information on coexistence, check out the Planning and Deployment documentation, and this Ignite webcast covering deployment of and coexistence with Exchange Server 2013.

Upgrading/Deploying Cumulative Update 1

Unlike previous versions, cumulative updates do not use the rollup infrastructure; cumulative updates are actually full builds of the product, meaning that when you want to deploy a new server, you simply use the latest cumulative update build available and do not necessarily need to apply additional Exchange Server updates.

Active Directory Preparation

Prior to upgrading or deploying the new build onto a server, you will need to update Active Directory. For those of you with a diverse Active Directory permissions model you will want to perform the following steps:

  1. Exchange 2013 RTM CU1 includes schema changes. Therefore, you will need to execute setup.exe /PrepareSchema.
  2. Exchange 2013 RTM CU1 includes enterprise Active Directory changes (e.g., RBAC roles have been updated to support new cmdlets and/or properties). Therefore, you will need to execute setup.exe /PrepareAD.
  3. Exchange 2013 RTM CU1 includes changes to the permissions within the domain partition (e.g., Exchange Servers have been granted the ability to modify msExchActiveSyncDevices class on inetOrgPerson objects). Therefore, you will need to execute setup.exe /PrepareDomain in each domain containing Exchange servers or mailboxes.
Note: If your environment contains only Exchange 2007, and you upgrade to Exchange 2013, keep in mind you cannot deploy Exchange 2010 in that environment at a later time. If you foresee a need to deploy Exchange 2010 servers into your environment, deploy an Exchange 2010 multi-role server (with all four servers roles) prior to executing Exchange 2013 setup.exe /PrepareAD. As long as you retain at least one role of each legacy server, you will continue to be able to install additional servers of that version into your coexistence environment. Once you remove the last server role of a legacy version, you will no longer be able to reintroduce that version into the environment.

Coexistence Pre-Deployment Step: OAB Verification

As mentioned in the Exchange Server 2013 CU1 release notes, when you deploy the first Exchange 2013 Mailbox server in an existing Exchange organization, a new default Offline Address Book is created.

Figure 1: The new OAB as shown in an Exchange Server 2010 SP3 & 2013 CU1 environment

All existing clients that rely on an OAB will see this new default OAB the next time they look for an OAB update. This will cause these clients to perform a full OAB download. To prevent this from happening, you can configure your existing mailbox databases to explicitly point to the current default OAB prior to introducing the first Exchange 2013 server. You can do this one of two ways:

  1. Within the Exchange Management Console (EMC), navigate to Organization Configuration –> Mailbox –> Database Management –> Mailbox Database Properties –> Client Settings.CU1-2
    Figure 2: Modifying the default Offline Address Book at the database level in the EMC
  2. Alternatively, if you have many mailbox databases to update, the following Exchange Management Shell command can be used to view all mailbox databases without a default OAB explicitly set on them. If you have both Exchange 2007 and Exchange 2010 deployed on-premises then you will have to run the following commands using the respective Exchange Management Shell version as the Get/Set-MailboxDatabase commands are version specific.Get-MailboxDatabase | Where {$_.OfflineAddressBook -eq $Null} | FT Name,OfflineAddressBook -AutoSizeIf no values are returned then you are already prepared. However, if you need to configure some databases, then this next command will find all mailbox databases in an Exchange 2007 or Exchange 2010 environment with no default OAB defined at the database level, and it will set it to the current default OAB in the org.

    Get-MailboxDatabase | Where {$_.OfflineAddressBook -eq $Null} | Set-MailboxDatabase -OfflineAddressBook (Get-OfflineAddressBook | Where {$_.IsDefault -eq $True})

    To confirm all Exchange 2007/2010 mailbox databases now have a defined default OAB, re-run the first command. This time it should return no entries.

Server Deployment

Once the preparatory steps are completed, you can then deploy CU1 and start your coexistence journey. If this is your first Exchange 2013 server deployment, you will need to deploy both an Exchange 2013 Client Access Server and an Exchange 2013 Mailbox Server into the organization. As explained in Exchange 2013 Client Access Server Role, CAS 2013 is simply an authentication and proxy/redirection server; all data processing (including the execution of remote PowerShell cmdlets) occurs on the Mailbox server. You can either deploy a multi-role server or each role separately (just remember if you deploy them separately, you cannot manage the Exchange 2013 environment until you install both roles).

If you already deployed Exchange 2013 RTM code and want to upgrade to CU1, you will run setup.exe /m:upgrade from a command line after completing the Active Directory preparatory steps or run through the GUI installer. Deploying future cumulative updates will operate in the same manner.

Note: Unlike previous versions, in Exchange 2013, you cannot uninstall a single role from a multi-role server. For example, if you deploy the CAS and MBX roles on a single machine, you cannot later execute setup to remove the CAS role; you can only uninstall all server roles.

Mailbox Sizes in Exchange Server 2013

As you start migrating your mailboxes to Exchange 2013, one thing you may notice is that your mailboxes appear to be larger post move.

As you can imagine, with hosting millions of mailboxes in Office 365, accurate storage reporting is essential, just like in your on-premises deployments. One of the learnings that we accrued into the on-premises product is ensuring that the mailbox usage statistics are more closely aligned with the capacity usage within the Mailbox database. The impact of reporting space more accurately means that mailbox quota limits may need to be adjusted prior to the mailbox move so that users are not locked out of their mailbox during the migration process.

Our improved space calculations may result in a mailbox’s reported size increasing on average of 30% when the mailbox is moved from a legacy version of Exchange to Exchange 2013. For example, if a mailbox is reported as 10GB in size on Exchange Server 2010, then when the mailbox is moved to Exchange 2013, it may be reported as 13GB. This does not mean that migrating to Exchange 2013 will increase your capacity footprint by 30% per mailbox; it only means that the statistics are including more data about the space the mailbox consumes. 30% is an average value, based on what we have experienced in Exchange Online. Customers with pilot mailboxes should determine what their own average increase value may be as some environments may see higher or lower values depending on the most prevalent type of email within their mailboxes. Again, this does not mean there will be an increase in the size of the database file on disk; only the attribution of space to each mailbox will increase.

New Functionality Included in Cumulative Update 1

Exchange 2013 RTM CU1 includes a number of bug fixes and enhancements over the RTM release of Exchange 2013. Some of the more notable enhancements are identified below.

Address Book Policies

As discussed recently, an Address Book Policy Routing Agent has been included in Exchange 2013 RTM CU1. For all the juicy details, see Address Book Policies, Jamba Jokes and Secret Agents.

Groups can once again manage groups!

In Exchange 2010 you could not use a group as an owner for another group for membership management. Instead you had to deploy explicit permissions on groups or use a script as a workaround.

Since Exchange 2010’s release both Microsoft Support and the Exchange Product Group received resounding feedback on the need for this capability. The good news is that with Exchange 2013 RTM CU1 groups can once again be owners of groups for membership management.

Public Folder Favorites Access through Outlook Web App

In Exchange Server 2013 RTM there was no way to access Public Folder content through Outlook Web App. In CU1 you will now have access to Public Folders you have added as favorites via your favorites menu either in Outlook or Outlook Web App. However, this access is limited to Public Folders stored on Exchange Server 2013.

Figure 3: Adding a Public Folder as a favorite in Outlook Web App in Exchange Server 2013 RTM CU1

Remember, you cannot start creating Public Folders on Exchange Server 2013 until all users have been migrated to Exchange Server 2013. For how to migrate from legacy Public Folders to Exchange Server 2013 Public Folders, see Migrate Public Folders to Exchange 2013 From Previous Versions.

Exchange Admin Center Enhancements

The Exchange Admin Center (EAC) has been enhanced and now includes Unified Messaging management, improvements in the migration UI allowing more migration options reducing the gap between PowerShell and the UI, and general overall improvements in the user experience for consistency and simplification based on customer feedback.

High Availability and Monitoring Enhancements

There are have been several enhancements in the high availability and Managed Availability space. In particular:

  • The Best Copy Selection algorithm now honors MaximumActiveDatabases.
  • Auto-reseed now supports disks that have Bitlocker encryption.
  • Many probes, monitors, and responders have been updated and improved over the RTM release.
  • Get-HealthReport cmdlet has been streamlined and its performance has been optimized.
  • Exchange 2013 RTM CU1 will support the Exchange Server 2013 Management Pack for System Center Operations Manager (SCOM); this management pack will be available at a later date. This management pack is supported on SCOM 2007 R2 and SCOM 2012.

On behalf of the Exchange Product Group, thanks again for your continued support and patience, and please keep the feedback coming.

(Source: EHLO Team Blog)