showing posts tagged with 'exchange'
by lunarg on June 11th 2015, at 15:09

You can easily convert an Exchange mailbox from one type to another through the Exchange Management Shell.

Set-Mailbox -Identity -Type Regular

There are four types you can use to convert to:

  • Regular (User mailbox);
  • Shared
  • Equipment
  • Room

The Equipment and Room types are used for reservations of meeting rooms and equipment (DLP).

by lunarg on March 19th 2015, at 14:43
You can quickly configure message tracking logging through the Exchange Management Shell (EMS). Among the things you can set up are: the time the logs are to be kept, where they should be stored, the individual log file size, the total maximum size for the tracking logs directory, etc.

Retrieve the current settings for a server with:

Get-TransportServer <server-name> | Select MessageTracking*

Change those values with:

Set-TransportServer <server-name> <parameters>

In case your mailbox role is running on different servers, you also need to run:

Set-MailboxServer <server-name> <parameters>

Example: set the message tracking log for a server called EXCH01 to   ...
by lunarg on March 18th 2015, at 16:05

After deleting an unused mailbox database from Exchange 2013, you may see warnings appearing in the Application log (Event Log):

The Microsoft Exchange Mailbox Replication service was unable to process jobs in a mailbox database.
Database: Missing database (GUID)
Error: Database 'GUID' doesn't exist.

If removed very recently, wait for replication of AD throughout your domain, but the Mailbox Replication service will also cache the existence of the database. You can resolve this by simply restarting the Microsoft Exchange Mailbox Replication service (can be done during operation).

by lunarg on March 13th 2015, at 13:08

Since Exchange 2010 SP1, when giving users Full access to another mailbox, they automatically get that mailbox added to their Outlook (2007 and up). This feature is called mailbox auto-mapping, and has made life a little easier for us IT administrators. But sometimes, you do not want a mailbox to be auto-mapped in Outlook for a particular user.

This can be achieved by setting the access permission through Powershell, and including the parameter -AutoMapping:$false in the cmdlet.

Add-MailboxPermission "Shared Mailbox" -User <user> -AccessRights FullAccess -AutoMapping:$false
by lunarg on March 10th 2015, at 16:12
You can easily view message tracking logs through the Exchange Management Shell (EMS). The cmdlet to use is called Get-MessageTrackingLog, and roughly provides the same search queries as before, and to be honest, it's faster than using the GUI in older Exchange versions, once you get to know the syntax. And thanks to the power of Powershell, you have a lot more options about exporting said data (e.g. to CSV).

The basic syntax is as follows:

Get-MessageTrackingLog [-Server <ServerIdentity.] [-ResultSize <Integer> | Unlimited] [-Start <DateTime>] [-End <DateTime>] [-EventId <EventId>] [-InternalMessageId <InternalMessageId>] [-MessageId <MessageId>] [-M  ...
by lunarg on March 5th 2015, at 12:35
By default, when opening up OWA (Outlook Web App) access to the internet, you could technically also get into Exchange Admin Center (EAC) by appending /ecp after the external OWA URL, potentionally creating a security vulnerability and increasing the chance for a brute-force attack to succeed.

While it is generally a good idea to deny access to the Administrator user to manage the Exchange-server, this is not always possible or desireable. Additionally, because EAC is a VirtualDirectory within a site in IIS, it is not possible to have it listen on a separate internal IP address and secure it through the edge firewall. Luckily, IIS also has some other mechanisms to secure access. There's an   ...
by lunarg on March 4th 2015, at 17:18

You can easily find quarantined mailboxes through Powershell:

Get-Mailbox | Get-MailboxStatistics | Where { $_.IsQuarantined -eq $True } | Select Name,Alias

More information about quarantined mailboxes: KB2603736.

by lunarg on March 4th 2015, at 15:09
By default, when a user first logs on to Outlook Web App, they are prompted to choose their language and time zone. Sometimes, it's required to change these settings for a certain user, or even, for all users. This can be done by an administrative user through Exchange Management Shell (EMS), and works for both Exchange 2010/2013 and Office365, with the cmdlet Set-MailboxRegionalConfiguration.

First, open EMS for your on-premise Exchange, or for Office365, connect to Exchange Online using Powershell.

You can then set/change the language and time zone for a user like so:

Set-MailboxRegionalConfiguration -Identity -Language -TimeZone

identity speaks for itself: it can be an alia  ...
by lunarg on February 27th 2015, at 12:06
By default, in Exchange 2013, OWA prompts the user to type in their username including the logon name. This can be altered so OWA accepts usernames in a different format.

Log on to EMS and run the following Powershell cmdlet:

Set-OwaVirtualDirectory "owa (Default Web Site)" -LogonFormat Username -DefaultDomain your-domain-name

Change your-domain-name to your domain name.

Next, restart IIS to apply the changes:

iisreset /noforce

Note: not entirely correct as, in fact, you change it to the UserPrincipalName, which is not necessarily the same as the e-mail address.

Log on to EMS and run the following Powershell cmdlet:

Set-OwaVirtualDirectory "owa (Default Web Site)" -LogonFormat Pr  ...
by lunarg on February 17th 2015, at 12:45

Using EMS (Exchange Management Shell), you can quickly retrieve a list of mailboxes not using the default quotas:

Get-Mailbox | Where { $_.UseDatabaseQuotaDefaults -eq $False } | Select Name,UseDatabaseQuotaDefaults,ProhibitSendQuota
by lunarg on January 20th 2015, at 17:04

Open an EMS (Exchange Management Shell), and type these in, one by one:

Get-GlobalAddressList | update-GlobalAdressList
Get-AddressList | update-AddressList
Get-OfflineAddressBook | Update-OfflineAddressBook

Some users report having to restart the Exchange File Distribution service after running these PS cmdlets.

by lunarg on September 3rd 2014, at 14:56

Wanted to install the latest BES Express (at the time of writing, this was 5.0.4) on a fresh Windows-server. Starting Setup.exe briefly shows the Blackberry splash-screen, then immediately crashes ("this program has stopped working...").

Apparently, RIM did some sloppy programming: changing the regional settings to English (US) or English (UK) resolves the issue.

by lunarg on August 28th 2014, at 15:05
You can install the Exchange 2013 management tools on a standard workstation or on another server to remotely administer your Exchange 2013 servers. This is particular useful if you need to run Exchange Management Shell often, and don't want to log on to the Exchange-server in order to do so.

You need this:

A supported operating system, such as Windows 7, Windows 8, 2008R2, 2012, or 2012R2

The target computer must be domain-joined.

The following Windows Features: IIS 6 Metabase Compatibility

IIS 6 Management Console

IIS Management Console

and obviously: the Exchange 2013 DVD or ISO

For Windows 7 and 2008R2, these are extra:

Microsoft .NET Framework 4.5 (Windo  ...
by lunarg on August 28th 2014, at 13:11
For migrations from other e-mail platforms to Exchange, you probably want to have full access enabled for a certain Exchange-account to facilitate the migration without having to set up complex access rights. Exchange has something called application impersonation, which allows a user to impersonate other users to access individual mailboxes, which comes in very handy during a migration.

In order to set up application impersonation, you need access to the Exchange Management Shell (EMS), with an account which has permissions to set up access rights.

Exchange 2007 does not support application impersonation as in Exchange 2010 and up. Impersonation does exist but has to be set on each indivi  ...
by lunarg on August 28th 2014, at 13:09

If for some reason you need to enable Basic Authentication, you can do so quickly through the Exchange Management Shell. This is sometimes needed if you're migrating to Exchange from another (third-party) e-mail provider.

If you do not know what Basic Authentication is, you do not need this!

Start up EMS as an account which has the required permissions to make changes to the virtual directories used by Exchange. Then, run this:

Set-WebServicesVirtualDirectory -Identity "EWS (Default Web Site)" -BasicAuthentication $true

Note that Office365 has Basic Authentication enabled by default.

by lunarg on August 22nd 2014, at 12:44
In case you need to manually truncate the database logs of your Exchange server, you can follow the steps below. You'll need sufficient permissions and access to the Exchange Management Shell.

Be cautious when you perform this action, as making mistakes here could cause database corruption and loss of data. Don't do this during production hours because this will temporarily make some (or all) mailboxes unavailable! As always, it's a good idea to have a working backup before attempting this.

Open the Exchange Management Shell.

If you don't know the physical path of your database, locate it first:

Get-MailboxDatabase | Select Name,EdbFilePath,LogFolderPath

You'll notice the datab  ...
by lunarg on August 20th 2014, at 10:12

Exchange stores plenty of things in Active Directory, including mailbox information for each account. In case of a deinstallation of Exchange, this information usually remains behind, making it impossible to perform a new clean installation of Exchange and assigning a new mailbox to this user.

I found a solution here:

This command-line tool allows you to query and/or remove Exchange-attributes on AD objects (such as users and groups).

by lunarg on January 8th 2014, at 14:34

To allow an Exchange user to send from an external e-mail address, perform the following steps:

  1. Create a Mail Contact with the correct external e-mail address in AD and in Exchange.
  2. Open Exchange Management Shell and set up the permissions:
    Get-MailContact | Add-ADPermission -User MyUser@MyLocalDomain -AccessRights ExtendedRight -ExtendedRights "Send As"
    Replace the first e-mail address with the external one, the second part contains the user you wish to assign the permission to.
by lunarg on February 23rd 2013, at 11:13
Windows SBS has a nasty habbit of taking forever to shutdown/restart. This is because there's a built-in waiting mechanism to allow enough time for the Exchange-services to shutdown. Unfortunately this delay is usually a whole lot longer than it normally would take if you were to stop the Exchange-services yourself. Because the delay does no longer occur when the Exchange-services are already stopped manually, I usually tend to stop Exchange first, then do the shutdown/restart.

Because Exchange consists of many services, at work, we wrote some helper scripts to stop all Exchange-services with only a mouse click, allowing for a quicker shutdown/restart of a server. I've decided to share thes  ...
showing posts tagged with 'exchange'