Category Archives: Exchange Server

Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft. It runs exclusively on Windows Server operating systems.

Modify Office 365 Exchange Online Dynamic Distribution Group to exclude shared mailboxes

This shows you how to Modify Office 365 Exchange Online Dynamic Distribution Group to exclude shared mailboxes. I used the following PowerShell script to only send to user mailboxes that aren’t shared.

Connect to O365 in PS:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session

Modify your Dynamic Distribution group with this command:
set-DynamicDistributionGroup -Name "[email protected]" -RecipientFilter {((RecipientType -eq 'UserMailbox') -and -not (RecipientTypeDetailsValue -eq 'SharedMailbox'))}
Verify in Exchange Admin Console

Preventing the on-premise exchange server from resolving after an Office 365 Migration

This post goes over preventing the on-premise exchange server from resolving after an Office 365 Migration.

First change your local DNS
autodiscover.yourdomain.com cname autodiscover.office365.com

(Option 1)Next, you need to disable SCP site-wide. I did this performing a GPO Registry edit.
HKEY_CURRENT_USER\Software\Microsoft\Office\x.0\Outlook\AutoDiscover
Notex.0 in the above registry path corresponds to the Outlook version (16.0 = Outlook 2016, 15.0 = Outlook 2013, 14.0 = Outlook 2010, 12.0 = Outlook 2007).
ExcludeScpLookup DWORD 1

(Option 2)Now you can also do this with a Reg file. Name it SCPDisable.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeScpLookup"=dword:00000001

The above is Office 2010, Notice the 14.0, and make sure you change it to the version you have.
Now simply create a new profile and your domain should now point to Office 365 by default.

Grant Full Access to all Public Folders for a user in Exchange

This post goes over granting full access to all public folders for a user in Microsoft Exchange. I recently was migrating all public folders from an Exchange 2010 to Office 365 Environment and didn’t have access to some of the folders.

Enter the following in Exchange Management Shell:

Get-PublicFolder –Identity "\Root Folder Name" -Recurse | Add-PublicFolderAdministrativePermission -User "ctitus" -AccessRights AllExtendedRights

This will recurse the root folder and grant all rights to the user you specify.

Exchange Online Archive in Outlook

I recently completed a staged migration from exchange 2007 to exchange online aka Office 365. I have one user with over 50 GB of mail and I put some of the older mail in the Exchange Online Archive via the PST import tool using Azure Copy. I noticed after this was done, that the user did NOT have access to the archive in the native Outlook Client but did in Outlook Web Access. After Searching I found the following article about Licenses and Exchange Online Archiving.

https://support.office.com/en-ie/article/Outlook-license-requirements-for-Exchange-features-46b6b7c5-c3ca-43e5-8424-1e2807917c99?ui=en-US&rs=en-IE&ad=IE&fromAR=1

In short, If you don’t have Office 2013 Pro Plus / Stand-Alone Outlook or Office 365 E3/Pro Plus plan you CAN NOT use the exchange online archive in outlook. So if you don’t feel like spending the money for the license I would use a second mailbox for that user’s old mail. Personally, I just went ahead and bought the Pro Plus and installed it for that user since we only have 1 user needing it.

In my opinion this was a horrible licensing decision by Microsoft and they should revert it so any outlook can access it.

Exchange 2007 SP1 Installation Error HRESULT E_FAIL has been returned from a call to a COM component.

I was recently installing and configuring a new server with 32 processors and installing server 2008 Standard and Exchange 2007 SP1 Standard. During installation I received the following error:

HRESULT E_FAIL has been returned from a call to a COM component.

After finding a Knowledge-base article from Microsoft, I discovered Exchange 2007 SP1 doesn’t support installation on a server with more than 24 processors, but is perfectly fine updating and running on a server with more than 24 processors.

Here is the fix for installing Exchange 2007 SP1 on a server with more than 24 cores.

For Windows Server 2008 and for Windows Server 2008 R2

To reduce the number of active processor cores, follow these steps:

  1. Click Start start button, and then type cmd in the Search programs and files box.
  2. Right-click cmd.exe in the Programs list, and then click Run as administrator.
     UAC If you are prompted for an administrator password or for confirmation, type the password, or provide confirmation.
  3. At the command prompt, copy or type the following command, and then press ENTER:
    msconfig.exe
  4. Click the Boot tab.
  5. Select the operating system that is used with Exchange Server 2007. Typically, this is labeled Current OS.
  6. Click Advanced.
  7. Note the number of processors that are currently set, and then set the number of processors to 24 or fewer.
  8. Restart the server.
  9. Install Exchange 2007.
  10. Click Startstart button, and then type cmd in the Search programs and files box.
  11. Right-click cmd.exe in the Programs list, and then click Run as administrator.
     UAC If you are prompted for an administrator password or for confirmation, type the password, or provide confirmation.
  12. At the command prompt, copy or type the following command, and then press ENTER:
    msconfig.exe
  13. Click the Boot tab.
  14. Select the same operating system that you selected in step 5 and that is used with Exchange Server 2007.
  15. Click Advanced.
  16. Restore the number of processors to the value that you noted in step 7.
  17. Restart the computer.

Setting Anti-Spam SCL in Microsoft Exchange

This post goes over setting the Anti-Spam SCL in Microsoft Exchange. I typically recommend leaving the Delete and Reject settings alone, but change the Move Message to Junk if the user is reporting a high amount of spam making it to his inbox. This is done with the command below SCLJunkThreshold.

SCL (Spam Confidence Level) determines what to do with a message

By Default Exchange is set as follows:

9 = Delete Message with no NDR

7= Reject Message with NDR

5= Move Message to Junk Mail in Mailbox

There is also a Quarantine option in Exchange that is configurable through EMC (Exchange Management Console) in Organization Configuration -> Hub Transport -> Anti-Spam Tab under the Content Filtering Module Properties

Note Junk Mail Threshold is NOT configurable in EMC and must be set via Shell. Here is the commands for EMS (Exchange Management Shell)

Set SCL Junk Mail Threshold

Set-OrganizationConfig -SCLJunkThreshold 5

 

Check SCL Junk Mail Threshold

Get-OrganizationConfig | Format-List SCLJunkThreshold

 

This should give you a good control over what is getting filtered and where it is going. You can always check a message SCL rating in Outlook by looking at the email’s header.

Internal Outlook “The name of the security certificate is invalid or does not match the name of the site”

Found this article on Spiceworks and was very helpful to fix internal clients receiving certification warning messages from me switching to a 3rd party cert on the exchange server.

(Original Link: http://community.spiceworks.com/how_to/show/48384-outlook-the-name-of-the-security-certificate-is-invalid-or-does-not-match-the-name-of-the-site)

 

Issue: Outlook anywhere works fine with third party cert, but internal Outlook clients get cert error with NETBIOS name of Exchange server.
Note: I tested this on Exchange 2010 as well.

By default, the URL that is stored in these objects references the NetBIOS name of the server. For example, a URL that resembles the following URL is stored:
https://NetBIOS_name.contoso.com/autodiscover/autodiscover.xml

To resolve this issue, change the URLs for the appropriate Exchange 2007 components. To do this, follow these steps:

1.Start the Exchange Management Shell.
2.Change the Autodiscover URL in the Service Connection Point. The Service Connection Point is stored in the Active Directory directory service. To change this URL, type the following command, and then press Enter:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUrihttps://mail.contoso.com/autodiscover/autodiscover.xml

3.Change the InternalUrl attribute of the EWS. To do this, type the following command, and then press Enter:
Set-WebServicesVirtualDirectory -Identity “CAS_Server_NameEWS (Default Web Site)” -InternalUrlhttps://mail.contoso.com/ews/exchange.asmx

4.Change the InternalUrl attribute for Web-based Offline Address Book distribution. To do this, type the following command, and then press Enter:
Set-OABVirtualDirectory -Identity “CAS_Server_nameoab (Default Web Site)” -InternalUrl https://mail.contoso.com/oab

5. Change the InternalUrl attribute of the UM Web service. To do this, type the following command, and then press Enter:
Set-UMVirtualDirectory -Identity “CAS_Server_Nameunifiedmessaging (Default Web Site)” -InternalUrlhttps://mail.contoso.com/unifiedmessaging/service.asmx

Note The command in step 5 is required only in an Exchange 2007 environment. This command no longer exists in an Exchange 2010 environment. Instead, the WebServices URL is used for this purpose.
6.Open IIS Manager.
7.Expand the local computer, and then expand Application Pools.
8.Right-click MSExchangeAutodiscoverAppPool, and then click Recycle.

gfi mailarchiver

How to Move GFI MailArchiver to another server

The following walkthrough shows you how to move GFI MailArchiver to another server. I recently moved GFI MailArchiver from one server to another and used the following knowledge base article to achieve this feat. The process is very involved and requires copying all the data files over to the new server, then backing up every single SQL database (archive store) and dettaching them. From there you reattach the stores, and reinstall GFI MailArchiver.

Here is the Article describing the data file moves and re-installation on new server. Please Note: DO NOT re-install GFI before moving SQL Databases from second article unless you plan on leaving SQL on old server!

http://kb.gfi.com/articles/SkyNet_Article/Is-it-possible-to-move-MailArchiver-to-a-new-server?retURL=%2Fapex%2FSupportHome&popup=true

This Article describes the actual SQL Server Move

http://kb.gfi.com/articles/SkyNet_Article/How-to-move-a-GFI-MailArchiver-database-from-one-Microsoft-SQL-Server-to-another?retURL=%2Fapex%2FSupportHome&popup=true

 

Installation Notes:

-I was unsuccessful at using windows authentication on new server and had to switch to SQL authentication, because my old archive store kept poping up errors

-Very long process, because of the massive amount of emails in this archiver. Depending on the business it can take a few days or weeks!

Windows Server 2008 could not continue installation as a reboot is needed

Microsoft Server setup cannot continue because a restart from a previous installation or update is pending.

The following Registery keys control this error message. If you have rebooted and are still experiencing this issue, clear out these keys and relaunch your installer.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftUpdatesUpdateExeVolatile

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerPendingFileRenameOperations

The Setup MSI displays an error message if one of the following conditions is true:.

The value of the UpdateExeVolatile registry key is anything other than 0.

The PendingFileRenameOperations registry key has any value.

You can read this article about regedit.

http://technet.microsoft.com/en-us/library/cc164360(v=exchg.80).aspx

Exchange Server on Primary Domain Controller (P-DC) Slow Reboot and Startup

If you had the misfortune of installing Exchange on a Primary Domain Controller you will experience some pain when doing a reboot. Typically it will take 10-15 minutes before it restarts and up to 30 minutes to start the Microsoft Exchange Information Store. What is really happening in the background is the IS service is being terminated incorrectly on shutdown and the store is left in a “DIRTY” shutdown state. This is very bad on several levels and can cause the Store to corrupt and not start at all.

Its a simple fix to make your life much easier and give you peace of mind. All you have to do is shutdown the services before restarting. Below is a script that does it automatically, just plug it into a .cmd or .bat file and run.

@ECHO OFF
ECHO ARE YOU SURE YOU WANT TO RESTART SERVER??
pause

net stop msexchangeadtopology /y
net stop msftesql-exchange /y
net stop msexchangeis /y
net stop msexchangesa /y
net stop iisadmin /y

ECHO DONE STOPING SERVICES REBOOT NOW!
pause