Category Archives: Exchange2010

Steps to run Experfwiz remotely on all Exchange Servers

Exchange2010, Exchange2013 December 4, 2014 Leave a comment

I have created a simple script to run experfwiz remotely on all the exchange servers. Below steps can be done to accomplish this task.

First get all the servers  and store them in a text file. Ensure that are no spaces between them.

Note: We need to download the experfwiz and have them  on the remote machine from where we are executing this script.

Lets say if we are running this script on all the exchange servers remotely  from one machine we  will be prompted to answer yes or no after it enables the counters on each servers. So each and every time it would ask us an input before it starts collecting the data for all the counters.

In-order to avoid this input each and every-time for all the servers probably we can bypass this confirm switch  parameter to yes so that no manual confirmation of (YES or NO)  is not  required from the admin side. We need to do small modification in the experfwiz script to avoid this input.

Follow the below steps to avoid this manual confirmation.

First download the experfwiz from the below technet link

https://experfwiz.codeplex.com/releases/view/135743

Open the ps1 file in notepad

Look for the value $answer = confirmAnswer

experfwiz

Change the above value from

$answer = confirmAnswer

to

$answer = “yes” as shown below

experfwiz2

save the PS1 file in the computer where we are going to run experfwiz

Now copy the below script in notepad  , save them in a ps1 file on the computer where we are going to run the experfwiz

*********************************************************************************

$server = Get-Content c:\servers.txt

foreach ($s in $server)

{.\experfwiz.ps1 -Server $s -duration 08:00:00 -interval 5 -filepath \\$s\c$\Logs}

**********************************************************************************

In my example i’m storing it as experfwiz.ps1

Then navigate to the drive and run this command and it will start to run experfwiz  on all exchange servers

experf222

The above script will query all the servers we have in text file and will run experfwiz . After that it will store these perfmon logs in  respective servers in the path c$ in a folder called logs.

To directly download the file as PS1 go to  – https://gallery.technet.microsoft.com/Steps-to-run-Experfwiz-73f3d662

Thanks 

Sathish Veerapandian

MVP – Exchange Server

Determining the users connected in Outlook Online/Cached mode

Exchange2010, Exchange2013, Performance November 19, 2014 1 Comment

At times we might run into checking the users how they are connected through online mode or cached mode during troubleshooting performance issues. If we have more number of users connected in online mode then we might need to look into the number of users connected through online mode as this could cause performance issues if we have more online users.

First we need to analyze and identify always users who can be used to connect online mode and the rest of the users can be connected through cached mode . Since cached mode stores the local copy of the user’s email and the OAB in the form of OST file.User no longer needs to  depend upon the network connectivity and the users latest information is available offline.

Probably for most of the users it is better to have the outlook in cached mode since end user will have better experience of reading the latest emails offline and would be able to update them periodically whenever they get connected. Users would be able to read important email even when the laptop is not connected in the LAN or WIFI.

Online mode can be used only in few exemptions where if we have a generic mailbox which has a secure sensitive data which should not be stored locally on any  common PC’s and should be available only for few users. Or if size of the mailbox is very large let’s say greater than 20 GB then it takes more time to update the information.  In those scenarios we can use online mode.

I have just collected few troubleshooting steps which we might think of doing if we are in a situation to determine the users connected in online and cached mode

To see users connected in Cached mode or online mode –

The first easiest way to identify this is through RPC Client Access Logs.

To achieve this goal, we can use Excel to open the RPC Client Access logs. RPC logs can be located in Client Access Server in the below Location.

(<Install Path>:\Program Files\Microsoft\Exchange Server\V14\Logging\RPC Client Access)

These logs would be in Text File. Copy them and open these logs in excel file do some formatting and filter. After filtering them the logs would look like the below screenshot.

RPC logs

We have 2 options classic and cached.Classic is for Online Mode and Cached is for cache mode.

Another way to achieve this is to use EXMON tool to identify the list of online/cached mode users

 

Download the exmon tool from the Microsoft site  http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=11461

Just proceed with the installation
Once the installation is done we need to go the installed directory and look for the file ExMon.reg,Double click on this file to add the required registry entries.

We might get warnings as below and just proceed with the adding the registry entries

exmon1

 

We should get the below screen upon successful registration of the Reg keys

exmon2

We have an option to check the users connected in cached mode as shown below in by clientmon Tab

cached mode

 

Also we have an option to see the client version and the client ip address in by user tab.

 

exmon4

 

Apart from the above we can use the below script which will give only the Outlook Client Version and the computer name and not the ip address and the type of connection users are connected. It can be used only to find the type of Outlook version users are connected and the computer name from which they are connected.

Get-LogonStatistics -server ServerName| where {$_.ClientMode -ne “Cached”} | select-object FullMailboxDirectoryName,UserName,Windows2000Account,ClientMode,ClientName,ClientVersion,Identity | sort-object UserName -Unique| Export-Csv -Path C:\scripts\UserCount.csv -NoTypeInformation

 

Above steps can be used to troubleshoot the Exchange Performance issues and to identify the users connected in online mode in an Exchange Environment.

Also Refer –

http://social.technet.microsoft.com/wiki/contents/articles/28446.determining-the-list-of-users-connected-in-outlook-onlinecached-mode.aspx

http://go.microsoft.com/fwlink/?LinkId=142433.

Thanks 

Sathish Veerapandian

MVP – Exchange Server

Quick Bites – Best practices for installing Exchange Servers across different subnets/sites

Exchange 2007, Exchange2010, Exchange2013 November 12, 2014 Comments: 2

In this article i have collected few information that we need to look into while we are  planning for Exchange Servers across different subnets.

Exchange servers will work perfectly fine on different subnets. As long as there is no firewall interruption between Exchange servers in the subnet you should be fine.Even if you have firewall it will work fine but ensure that you have DC and GC connectivity if you have firewall to these servers since exchange needs them to contact frequently.

But keep in mind the exchange servers need to talk to each other almost constantly and that would just make things extremely difficult and make troubleshooting harder if you run into any issues with Exchange and GC/DC connectivity.
Ensure that there is no Windows Firewall or A/V interfering perhaps between 2 subnets. Let’s have a look at few things that we need to consider during our planning.

 

For DAG –
If I’ve got servers on multiple subnets do I need to have a DAG IP in the range of each subnet ?

There needs to be a new Subnet added to the DAG before the node in a different subnet can join the DAG.The reason for this is so the DAG name can be switched and hosted in either of subnets.

MAPI network and Replication Network should not be on the same subnets. Having them on a different subnets will not be single point of failure. When a replication network fails, replication should automatically fail-over to the DAG’s MAPI network .Always, DAG member which communicates with other site requires each site with different Replication Network Subnet.

Probably you can perform the below tasks as a part of checking to ensure that the DAG configuration is correct

Run the below command to check the network settings of DAG :-

Get-DatabaseAvailabilityGroup -Identity DAGNAME | ft DatabaseAvailabilityGroupIpAddresses

To provide network connectivity between each of the replication subnet, a persistent static route must be entered into the Exchange member’s routing table.

To create a persistent static route run the below command :-

netsh interface ip add route (Example IP)10.3.0.0/ 24 “replication 1” 10.4.0.2
netsh interface ip add route (Example IP)10.4.0.0/ 24 “replication 2” 10.3.0.2
Validate through Failover Cluster Manager and ensure that DAG IP is Online.

 
For CAS Array –

CAS Array is site Specific

It is possible to add 2 CAS Servers belonging to different subnet in a CAS Array but they should be in same AD sites. Since they should be querying the same DC’s so we can have Exchange servers spanned across 2 datacenters in a single site if you are planning for adding cas servers in a array in 2 different subnets.

If it is going to be 2 different subnets and different sites then we need to create 2 different CAS array one in each site and probably need to do a DNS round robin which will not give a full HA even by setting the TTL values.

 
For HUB –

We need to have hub servers in each site and they are site specific.Hub servers can support HA for different subnets and help in mail routing only when they are spanned across  the same site in different datacenters.
If we are planning for HA for hub servers in different subnet and different site then we need to install hub servers on each site for HA.

The above points will be useful while we plan for Exchange server deployment in 2 sites and subnets.

Reference –

http://blogs.technet.com/b/timmcmic/archive/2014/05/06/exchange-2010-2013-what-constitutes-a-failure-of-the-replication-network.aspx

http://social.technet.microsoft.com/wiki/contents/articles/28362.best-practices-for-installing-exchange-servers-across-different-subnetssites.aspx

Thanks 

Sathish Veerapandian

MVP – Exchange Server 

Update – Exchange Server meetings in Russian time zones as well as names of time zones may be incorrect after October 26, 2014

Exchange2010, Exchange2013, General Information October 28, 2014 Leave a comment

After October 26, 2014, Exchange Server some users who are in Russian time zones may see meeting times incorrect Time Zone-display names may be outdated in OWA.

Microsoft released an update (KB 2998527) for Windows on September 23, 2014 to address this change and it should be installed on the end user PC’s and Servers since exchange and outlook relies on windows for the time zone information.

How to obtain this update

The following files are available for download from the Microsoft Download Center.

Update for Windows Server 2012 R2 (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=1bf7a4a0-3bc1-41cc-a374-b4ce39468c32

Update for Windows Server 2012 (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=4f9e0be3-8b1e-4a55-a901-397a4b63953b

Update for Windows 8.1 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=ab371992-26ff-41dc-9c4f-d5ada0f40f5c

Update for Windows 8.1 for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=349e7859-5815-45f3-8f4a-8054a3db804d

Update for Windows 8 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3691d9fd-6a0a-47cd-b809-82ad81a71082

Update for Windows 8 for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=2f8d1b1f-ec76-4a3c-9d48-a85bfc0394b4

Update for Windows Server 2008 R2 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=388ab764-8dd4-4ec9-ab03-d7005c553d9c

Update for Windows Server 2008 R2 for Itanium-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=de6ccda2-8ddc-4368-bf20-57e54d3b1d18

Update for Windows 7 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=c3aaf9fd-9bcb-45d6-9573-370a750ed200

Update for Windows 7 for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=1f09acc5-8791-4d63-ae59-8a9b8d4f0ef3

Update for Windows Embedded Standard 7 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3f1ec6b5-8d72-45e9-9c14-26afeb8a92fb

Update for Windows Embedded Standard 7 for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=afe9f877-1554-465c-a89b-0be103ab5468

Update for Windows Server 2008 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=04ff80b6-4581-4f2c-8133-f344d26d5d35

Update for Windows Server 2008 for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=dede4525-57c1-4cb2-b454-0b617f35e357

Update for Windows Server 2008 for Itanium-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=27a6e895-869b-4011-ae11-ada1c25e26e2

Update for Windows Vista for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=ef48921e-d478-46d3-9b6f-8620a53fa4e8

Update for Windows Vista for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=1707623b-ae1c-4250-ad55-011ec063c279

Update for Windows Server 2003 for x64-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=8573abcf-47a0-4a24-88fc-d8adde177781

Update for Windows Server 2003 for x32-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=1f44929a-fc1b-4b41-b179-c48e4a2b1975

Update for Windows Server 2003 for Itanium-based systems (KB2998527)
http://www.microsoft.com/downloads/details.aspx?FamilyId=de452734-bb99-4d05-873e-0f12988f61d6

 

Things that we can troubleshoot for the affected reported user even if any issues reported from end users after the above update is applied

1) Restart the affected user’s PC and see the results.

2) login to owa for the affected user and see the time zone whether it is set to UTC+4 as below

d

 

3) If it is set to different time zone then correct the value to UTC + 4 as above

Check the affected user date and time settings in his PC and it should reflect as UTC + 3 as below which is Russian Time Zone

Untitled1

4) Also run the below command to check to ensure that the affected user Time Zone is in Russian Standard Time

Get-MailboxRegionalConfiguration “affecteduserid”

 

img111

 

5) If you notice the user TimeZone is set to a different region then run the below command to change the user to Russian Standard Time

Set-MailboxRegionalConfiguration “affecteduserid” -TimeZone “russian standard time”

References – https://support.microsoft.com/kb/2998527?wa=wsignin1.0

Thanks 

Sathish Veerapandian

Ports and protocols Requirement for Exchange and Lync Server Deployment

Exchange2010, Exchange2013, port October 25, 2014 Comments: 3

Very often we might get confused in a new deployment project if we are running into multiple issues and tasks. The most confusing part that we will often run into is the port requirements for internal,external as well as related services.I have consolidated and prepared a document for the port requirements for a new deployment of on-premise  Lync and Exchange servers.

Lets have a look at the Lync server requirements first –

Following ports for the respective protocol and direction  should be opened, for hassle free and full featured Lync enabled User to function perfectly fine.

Port                   Protocol            Direction               Usage

5060/5061          TCP/UDP               Bidirectional          For SIP

1434                  UDP                      Bidirectional          For SQL servers

443                    STUN/TCP            Outgoing              Audio, video, application sharing sessions

444                    HTTPS/TCP          Bidirectional          Lync Front End server

443                    PSOM/TLS            Outgoing              Data sharing sessions

3478                  STUN/UDP            Outgoing              Audio, video sessions, Desktop Sharing

5223                  TCP                     Outgoing              Lync Mobile pushes notifications

50000 – 59999    RTP/UDP              Outgoing              Audio, video sessions

5067                  TCP/TLS              Bidirectional          Incoming SIP requests for Mediation servers.

57501-65535     TCP/UDP              Bidirectional           VideoConferencing

8057,8058         TCP/TLS              Bidirectional          Front End Service

 
For remote access to work for IM and Presence, it is mandatory that SIP traffic is allowed to flow bi-directionally. Hence, Port needs to be allowed as follows:

• Port 443 and 5061 from Internet to Access Edge External IP (bi-directional)
• Port 5061 from Edge Internal IP to Internal Network (bi-directional)

Edge server should be accessible from the Internet over port 443, 3478 and 5061.
Reverse Proxy require Port 443 to be opened.
For a Mobile Access user who is outside the corporate network, the request hits the Reverse Proxy and is then sent to the Front End pool or Director.No user level authentication is done on the reverse proxy.
Its always recommend to implement a Director Server Role for additional security.The Director is both offloading the authentication and providing an extra layer of security against DoS attacks.
Director must be in the same subnet where the Front End Servers reside which will be in the Private network. It should not be in the perimeter or DMZ.

 
Below will be the Flow of mobile application requests for Mobility Service :

All the External user Lync log in requests through mobile devices –> will go through the reverse proxy server –> and it will go to the edge server –> and hit the front end pool.
The Microsoft Lync Server gets user information from Auto-discover Service and then it returns all the Web Services URLs for the user’s home pool, including the Mobility Service URLs.

Below are the list of additional features that require external access through a reverse proxy for users accessing them externally.We need to think of validating them once the deployment is completed.

1) Enabling external users to download meeting content for any meetings.
2) Enabling external users to expand distribution groups.
3) Enabling remote users to download files from the Address Book service.
4) Accessing the Microsoft Lync Web App client.
5) Accessing the Dial-in Conferencing Settings webpage.
6) Accessing the Location Information service.
7) Enabling external devices to connect to Device Update web service and obtain updates.

Now we will look into the port requirement for Exchange servers as well.

Port Requirements for Exchange On-premise Servers (Applies to Exchange2 2010 and 2013):

Port                   Protocol            Direction               Usage

25                     SMTP                  Bidirectional            For Sending and receiving emails

50636                 TCP                   Bidirectional            From Hub to Edge and Vice Versa

135                    TCP/RPC             Outgoing                HUB to Mailbox via MAPI

80/443               HTTP/HTTPS       Bidirectional            Autodiscover

993                     TCP                   Incoming                IMAP

995/110               TCP                   Incoming                POP3(Any one of the port depends upon config)

5075-5077           TCP                   Incoming                CAS to OCS Communications

5061                   TCP                   Outgoing                 CAS to OCS Communications

 

For OWA and Outlook Anywhere port 443 should be opened in firewall.
For IMAP port 993 should be opened in Firewall.Port 25 should be opened on Firewall for both internal and external internet mail flow traffic.

I think most of the port requirement for Lync and Exchange deployment have been added above. Feel free to comment or correct me if anything needs to be added or corrected.

Also Refer – http://social.technet.microsoft.com/wiki/contents/articles/28141.ports-and-protocols-requirement-for-exchange-and-lync-server-deployment.aspx

References:

http://technet.microsoft.com/en-us/library/gg398833.aspx

http://technet.microsoft.com/en-us/library/bb331973.aspx

http://support.microsoft.com/kb/2409256#VerifyNetworkRequirements

http://support.microsoft.com/kb/2423848

http://technet.microsoft.com/en-us/library/gg425727

Thanks 
Sathish Veerapandian

MVP – Exchange Server

Steps to Delete circulated Suspicious emails with Search-Mailbox

Antispam, Exchange2010, Exchange2013 October 16, 2014 Comments: 6

In this article we will have a look at steps to identify the spam emails circulated in an environment. When a user suspects any spam email and informs the IT Team  first and the foremost thing that would come to an Admin is that whether the emails have been circulated to everyone or not.

There are multiple scenarios where the spam messages can be circulated in an environment.

  • From single spam source  email address to single recipient.
  • From Single spam email address to multiple recipients.
  • From multiple spam email address to multiple recipients with different subject line.

Its always better to make a search in the whole organization to make sure the emails are not circulated to all the users.

The easiest way to identify the spam emails is to run a search command with the subject line so that all the affected mailbox can be identified.

Now we will have a look at the steps to perform this action with search-mailbox command.

First we need to add the user who is going to perform this task to Discovery Management group
This should be done in order to use the search-mailbox command. If we do not add this then the user won’t be able to run search command.

Create a new role group as below. We need this in order to export/Import the contents from the source mailbox and copy it to the target mailbox.
Run the below commands to create the role group if we don’t have already . If we have the import/export rolegroup already then just add the user who is going to perform this action into that rolegroup.
To Create –  New-RoleGroup “Mailbox Import-Export Management” -Roles “Mailbox Import Export”
To Add user – Add-RoleGroupMember “Mailbox Import-Export Management” -Member Administrator

newsearch5

Even if single user suspects a virus message it is better to search in the whole organization to make sure the emails are not circulated to others.Now run the below command to search the virus email throughout the organization. In our example we are going to identify an infected email with the subject “Virus Infected”

get-mailbox -ResultSize unlimited -IgnoreDefaultScope | search-mailbox -SearchQuery ‘Subject:”virus infected”’ -LogOnly -TargetMailbox administrator -TargetFolder filter -LogLevel Full

NewSearch1

Once we run the command we could see the searching would be started as shown in the above screenshot. The search results may take some time depending upon the environment and number of mailboxes we have.

Upon a successful completion of search we can see the logs and the emails in the zip file attached as shown in the screenshot.

newsearch2

Now we need to run the below command to search the infected emails and delete all of them in the whole organization

get-mailbox -ResultSize unlimited -IgnoreDefaultScope | search-mailbox -SearchQuery ‘Subject:”virus infected”’ -TargetMailbox administrator -TargetFolder filter -deletecontent -LogLevel Full

newsearch4

Once it identifies the affected emails it would ask us for confirmation as shown above before deleting the suspected emails as shown in the screenshot above.

Apart from the above as an additional part of security check we can also run a message tracking with the subject in the whole organization to see to whom all the infected emails have been circulated and ensure all the emails have been deleted.

Run the below command to perform a Message Tracking with subject in the whole organization. In our case we are using the subject “Virus Infected” .

Get-ExchangeServer | where {$_.isHubTransportServer -eq $true -or $_.isMailboxServer -eq $true} | Get-MessageTrackingLog -Messagesubject “Virus Infected” | Select-Object Timestamp,ServerHostname,ClientHostname,Source,EventId,Recipients | Sort-Object -Property Timestamp

newsearch6

Imp Note Note:

Hi Please add your account to Discovery Management role group for the search-mailbox command to work.

Add-RoleGroupMember -Identity “Discovery Management” -Member Administrator

Above method can be used to identify and delete any circulated spam email in our organization.

Thanks

Sathish Veerapandian

MVP – Exchange Server

Troubleshooting rapid Log Files and Database growth in Exchange 2010

Database, Exchange2010 July 24, 2014 Leave a comment

In this article let me discuss about troubleshooting unusual growth in log files and database in Exchange 2007 and Exchange 2010.

It’s always better to check and validate first before we jump into any troubleshooting. It’s better to check first from what time  the log files and the database starts growing rapidly.

We can probably filter out events for any related information about logs and database in the application logs in the affected mailbox server.

Also we need to collectively gather all information about the list of third party software’s installed and running on the affected mailbox server.This could be the problem as well if the handshake between Exchange and third party agent is broken.

I have classified  few troubleshooting steps which would help us in narrowing down and rectifying these kind of issues.Below are the list of troubleshooting that can be possibly done .

 

EXMON

The first step that would easily help us in identifying the problem is using EXMON tool to see if there are any user’s unusual activity which causes the log files to grow rapidly.

You can download the exmon tool from the below location

http://www.microsoft.com/en-us/download/details.aspx?id=11461

Run exmon tool and sort the the value by % cpu and look for high CPU consuming users. Also you can check the log bytes column to monitor the log growth.

If you identify any potential users then you can see the following things

  • See if there are any email with a large attachment which is stuck on the outbox.
  • Also you can monitor if there are any spam mails circulating on the affected user’s mailbox.

 

Exclude FILE LEVEL AV SCANNING

If the AV scanning running on mailbox servers is not aware of exchange databases and log files then this will definitely cause the transaction logs to grow rapidly.

Following things can be checked

  • Check if there are any recent updates that happened on the AV scanner on the mailbox servers which might remove  exchange databases and log files exclusions.
  • Ensure that AV exclusions are set for Exchange databases and Log files on the AV scanner in the mailbox servers.
  • Disable AV scanning on the affected mailbox server where transaction logs and DB are growing rapidly. Monitor for few hours and see the log files and database growth and compare the results.

 

 

OPEN RELAY

Check if the server is an open relay to the internet, there will be tons of transaction logs. You will also usually see a bunch of items in the junk mail folder. So ensure that the environment is not open for relay as huge amount of spam mail circulated also will cause the server performance and server to send out more number of spam messages internally as well as externally.

It’s better to have a look at all the queues in all hub servers to ensure that no spam messages are been sent out from our organization in such kind of scenarios.

 

 

PUBLIC FOLDER REPLICATION

  • Check if there are any PF replicas initiated recently on the affected mailbox server recently as it could cause the problem.
  • Check in the message queue if there is more number of public folder replication messages.

 

 

CHECK BACKUP CONFIGURATION

If you have any backup running in the environment ensure that the backup is scheduled properly. Ensure that you are running only full and incremental backups as only these two types of backups will truncate the logs and the rest wouldn’t have the capability to truncate them.

Imp Note:

If a server hosting the data being backed up is a member of a database availability group (DAG) and hosts both active and passive database copies, you must disable the Microsoft Exchange Replication service VSS writer. If the Microsoft Exchange Replication service VSS writer is enabled, the backup operation will fail.

 

To disable the Microsoft Exchange Replication service VSS writer, perform the following steps:

  • Log on to the server by using an account that has local administrator access, and then start Registry Editor (regedit).
  • Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\ExchangeServer\v14\Replay\Parameters.
  • Add a new DWORD value named EnableVSSWriter, and set its value to 0.

Exit Registry Editor and then restart the Microsoft Exchange Replication service.

 

 

Bulk Mailbox Move

If there are any recent bulk mailbox move that is happening that could generate lot of log files if few of the mailboxes are larger in size and if it has more corrupted items. Probably for this as a temporary fix until the mailbox move completes you can enable circular logging on the source and the destination mailbox database. Ensure that you need to disable circular logging once the move is completed as enabling circular logging always is not a good choice.

Hope this helps in scenarios where we come across scenarios  in troubleshooting unusual  rapid growth in database and log files.

Cheers

Sathish Veerapandian

Installing and Configuring PST Capture 2.0 in Exchange 2013 Environment

Exchange2010, Monitoring Tools April 29, 2014 Leave a comment

In this article we will be discussing about installing and configuring PST capture agent in Exchange 2013 environment.

Since everyone will be familiar with the enhanced features which are available from the version 2.0 I’m not going to list down the improvements. For those who would need to know the enhancements you can refer this TechNet blog http://blogs.technet.com/b/exchange/archive/2013/02/22/time-to-go-pst-hunting-with-the-new-pst-capture-2-0.aspx

Installation in Exchange 2013 is the same procedure as we do it  for Exchange 2010. But only PST Capture version 2.0 supports Exchange 2013 and not the earlier version.

Now let’s go ahead with the prerequisites of installing this tool.

  1. Microsoft .NET Framework 3.5 or 3.5 Service Pack 1 (SP1).
  2. A Central Service account for managing the PST captures central service.
  3. Outlook 2010 to be installed on a PC where we have PST capture console and we are performing the export and import.

 

Download the setup from the below location.

http://www.microsoft.com/en-us/download/details.aspx?id=36789

We could see there will be 2 files which will be available in the setup.

PSTCapture.msi – This is the main installation file which should be installed on a PC where we require the PST capture console. All the PST capture in the organization and import happens through central service running in this PC.

PSTCaptureAgent.msi – It should be installed on the machines (client pc’s) where we need to scan for the PST files. This particular service running after the installation on the client pc’s will be sending the requested PST files to the PST capture console when requested for an import.

 

Note: If we do not install this agent on the client machines then we won’t be able to detect the PST files on those particular machines.

Image

Installation is pretty simple and just navigate through the setup one by one.

Image

 

 

Now specify the host name of the Central service computer you wish to select and click next. Also you can see the default port assigned for this function which can also be altered within the specified values.

Image

 

Once the installation is completed on the PC you can see the PST capture icon as below in that PC.

 

Image

When you open the wizard it has the following options.

Image

The PST search happens in 4 steps.

 

1st step

Select the computers that we need to perform the PST search.

Note: If we do not install the PST capture agent on the client machines then we won’t be able to detect the PST files on those particular machines.

Image

 

2nd Step

We have locations to search and locations to ignore as well as shown below.

Image

3rd step

We have an option to run the schedule manually as well as to run on a scheduled date.

Image

 

4th step

Finally we get the summary. Just click on finish.

Image

Finally we get the below screen while PST search is running.

Image

Once the search is completed it displays the below results with the list of PST files scanned.

Image

Now we need to select the scanned PST files and then create a new Import list.

Cloud Import list – For Importing PST files to an online account.

OnPrem Import List – For Importing PST files to an on premise Exchange account.

Now select the destination mailbox to which it needs to be imported.

Image

Image

You can see the import status in percent and once the import is complete you would be able to see the emails in the imported mailbox.

Image

Note: Outlook 2010 64 bit version is required on the host computer where we are performing this action through PST capture console. If Outlook is not installed then Import will be failure.

This tool is really useful in effectively managing the end users PST files during migration as well as in transition to BPOS/O365 from an on premise  setup.

Steps to upgrade Exchange 2010 SP3 in Graphical User Interface

Exchange2010 February 9, 2014 Leave a comment

Download the Exchange 2010 SP3 setup 

http://www.microsoft.com/en-us/download/details.aspx?id=36768

Navigate to the setup file and open setup and click on setup icon which opens the below screen.

Now click on the Install Microsoft Exchange server upgrade.

Image

Now the setup starts copying the files as shown below

Image

 

Now it takes us to the introduction screen where we just need to click on next

Image

 

Set up initializes as shown below

Image

Accept the license agreement

Image

 

During the readiness check you might run into this error as shown below  if you are upgrading from Exchange 2010 SP2 earlier versions to Exchange 2010 SP3.

Note: If you are upgrading from Exchange 2010 Sp2 and later rollups version  to Exchange 2010 Sp3 you will not come across the below error and you can proceed with the upgrade.

Reason why we require this feature to be installed.

Because this feature IIS 6 WMI compatibility is required for the new feature outlook web app mini introduced from Exchange 2010 SP2

What is outlook web app mini

The mini version of Outlook Web App is a lightweight browser-based client, similar to the Outlook Mobile Access client in Exchange 2003. It provides access from simple HTML-compatible browsers that support cookies and it’s designed to be used on a mobile operating system

So we just need to install IIS 6 WMI compatibility on the all CAS servers to get rid of this error

Image

Install the IIS6 WMI compatibility.

Image

Rerun the setup and  readiness check will be successful.

Image

Now click on upgrade and the setup will be successful.

Image

Once upgrade is completed you just need to click on Finish and reboot the server which completes the SP3 installation.

 

 

 

 

 

 

 

 

 

 

Quick Reference for Managing Public Folders in Exchange 2010

Exchange2010, Public Folder June 28, 2013 Leave a comment

Below are the few commands which will be Helpful and can be a quick reference for managing the public folders through Exchange Management Shell

Public helpFollowing command will provide all the parameters for New-Publicfolder Cmdlet which is use to create new public folder.

Get-help New-Publicfolder

You can use the New-PublicFolder cmdlet to create a new public folder with the specified name

New-PublicFolder -Name [-Path ] [-Server ]
EXAMPLE
New-PublicFolder -Name Marketing
New-PublicFolder -Name Marketing -Path Legal\Cases -Server Server2

Use the Get-PublicFolder cmdlet to retrieve the attributes of a public folder or a set of public folders

Get-PublicFolder [-Identity ] [-Server ]
Get-PublicFolder [-Identity ] -GetChildren [-ResultSize ] [-Server ]
Get-PublicFolder [-Identity ] -Recurse [-ResultSize ] [-Server ]

EXAMPLE
Get-PublicFolder
Get-PublicFolder -Identity \NON_IPM_SUBTREE -Recurse | Format-List Name
Get-PublicFolder -Identity
Get-PublicFolder -Identity “\Legal\Documents\Pending Litigation”
Get-PublicFolder -Identity “\Legal\Documents\Pending Litigation” -Recurse
Get-PublicFolder -Identity “\Legal\Documents\Pending Litigation” -Recurse -ResultSize Unlimited
Get-publicfolder “\” -recurse -server

• The first example uses the Get-PublicFolder command without parameters to return the root public folder object (IPM_SUBTREE).
• The second example returns the names of all the system folders (which are not shown by default), starting at the system folder root (\NON_IPM_SUBTREE).
• The third example returns the public folder with the specified long-term entry identifier.
• The fourth example returns the Pending Litigation public folder from \Legal\Documents\.
• The fifth example returns the Pending Litigation public folder from \Legal\Documents\ and up to 9,999 public folders under the Pending Litigation public folder.
• The sixth example returns the Pending Litigation public folder from \Legal\Documents\ and all the public folders under it, without a limit on the number returned.
• The seventh example returns the hierarchy of all IPM_SUBTREE folders on the server SERVER1

Use the Set-PublicFolder cmdlet to set the attributes of public folders
USAGE
Set-PublicFolder -Identity [-AgeLimit ] [-HiddenFromAddressListsEnabled ] [-MaxItemSize ] [-Name ] [-PerUserReadStateEnabled ] [-PostStorageQuota ] [-Replicas ] [-ReplicationSchedule ] [-RetainDeletedItemsFor ] [-Server ] [-StorageQuota ] [-UseDatabaseAgeDefaults ] [-UseDatabaseQuotaDefaults ] [-UseDatabaseReplicationSchedule ] [-UseDatabaseRetentionDefaults ]

Set-PublicFolder -Identity [-AgeLimit ] [-HiddenFromAddressListsEnabled ] [-LocalReplicaAgeLimit ] [-MaxItemSize ] [-Name ] [-PerUserReadStateEnabled ] [-PostStorageQuota ] [-Replicas ] [-ReplicationSchedule ] [-RetainDeletedItemsFor ] [-Server ] [-StorageQuota ] [-UseDatabaseAgeDefaults ] [-UseDatabaseQuotaDefaults ] [-UseDatabaseReplicationSchedule ] [-UseDatabaseRetentionDefaults ]

Set-PublicFolder [-AgeLimit ] [-HiddenFromAddressListsEnabled ] [-Instance ] [-MaxItemSize ] [-Name ] [-PerUserReadStateEnabled ] [-PostStorageQuota ] [-Replicas ] [-ReplicationSchedule ] [-RetainDeletedItemsFor ] [-Server ] [-StorageQuota ] [-UseDatabaseAgeDefaults ] [-UseDatabaseQuotaDefaults ] [-UseDatabaseReplicationSchedule ] [-UseDatabaseRetentionDefaults ]

EXAMPLES
Set-PublicFolder “\Customer Service Requests” -UseDatabaseReplicationSchedule $false
Set-PublicFolder “\Customer Service Requests” -ReplicationSchedule Always
Set-PublicFolder \MyPublicFolder -ReplicationSchedule “Saturday.12:00 AM-Monday.12:00 AM”

• In the first example, the Set-PublicFolder command is used to change a public folder so that it does not use the database default replication schedule.
• In the second example, the Set-PublicFolder command is used to set the replication schedule to Always.
In the third example, the Set-PublicFolder command is used to set the folder to replicate only on weekends

Use the Remove-PublicFolder cmdlet to remove an existing public folder.

USAGE
Remove-PublicFolder -Identity [-Recurse ] [-Server ]

EXAMPLES
Remove-PublicFolder -Identity “\Test\Directory\My Public Folder”
Remove-PublicFolder –Identity “\Test” -recurse

• First example deletes the public folder named My Public Folder from the \Test\Directory tree. Please note that if there will be any sub-folder under My Public Folder then it will give you error saying that ” The folder ‘My Public Folder’ has subfolders, so it cannot be deleted”
• In Second example it will delete the Test folder and all subfolders under Test folder.

Use the Enable-MailPublicFolder cmdlet to mail-enable public folders. This is asynchronous operation and it may take several minutes before the public folder is actually mail enabled. The task will return before operation is complete.

USAGE
Enable-MailPublicFolder -Identity [-HiddenFromAddressListsEnabled ] [-Server ]

EXAMPLES
Enable-MailPublicFolder “\My Public Folder”

• In this example, the Enable-MailPublicFolder command is used to mail-enable the public folder that has the name My Public Folder.

Use the Disable-MailPublicFolder cmdlet to mail-disable a public folder.

USAGE
Disable-MailPublicFolder -Identity [-Server ]

EXAMPLES
Disable-MailPublicFolder -Identity “My Public Folder”

• This example mail-disables a public folder that is called My Public Folder.

Get-MailPublicFolder | Format-List

• This example returns all mail-enabled public folders if total number of public folders are less then 10000 otherwise it will display up to 10000 public folders. In this example, the output of the Get-MailPublicFolder command is piped to the Format-List command so that all the available information is displayed in the result.
Use the Update-PublicFolder cmdlet to start content synchronization of a public folder.

USAGE
Update-PublicFolder -Identity -Server

EXAMPLES
Update-PublicFolder “\Legal\Cases\My Public Folder” -Server “My Server”

Get-PublicFolder “\Legal\Cases\My Public Folder” | Update-PublicFolder -Server “My Server”

• These examples show two ways to start content replication of the public folder named My Public Folder in the \Legal\Cases path from the server named My Server to all of the servers on the replication list for My Public Folder.

– Force hierarchy replication

Use the Update-PublicFolderHierarchy cmdlet to start content synchronization of the public folder hierarchy.
Get-MailboxServer -Identity Server1 | Update-PublicFolderHierarchy

• This example pipes the output of the Get-MailboxServer command to the Update-PublicFolderHierarchy command to start content replication of the public folder hierarchy from Server1 to Mailbox servers with a public folder store.

Use the Add-PublicFolderAdministrativePermission cmdlet to add administrative permissions to a public folder or a public folder hierarchy.

USAGE
Add-PublicFolderAdministrativePermission -Identity -AccessRights -User [-Deny ] [-InheritanceType ] [-Server ]

Add-PublicFolderAdministrativePermission -Identity -Owner [-Server ]

Add-PublicFolderAdministrativePermission [-Identity ] -Instance [-AccessRights ] [-Deny ] [-InheritanceType ] [-Server ] [-User ]

EXAMPLES
Add-PublicFolderAdministrativePermission -User Chris -Identity \MyPublicFolder -AccessRights ViewInformationStore
Add-PublicFolderAdministrativePermission -User Chris -Identity \MyPublicFolder -AccessRights ViewInformationStore –Deny

• In the first example, a user named Chris is given the ViewInformationStore permission on the public folder named MyPublicFolder.
• In the second example, the Deny parameter is added to the command in the first example, which denies the user named Chris the ViewInformationStore permission.

The AccessRights parameter specifies the rights that are being added. Valid values include:
• None
• ModifyPublicFolderACL
• ModifyPublicFolderAdminACL
• ModifyPublicFolderDeletedItemRetention
• ModifyPublicFolderExpiry
• ModifyPublicFolderQuotas
• ModifyPublicFolderReplicaList
• AdministerInformationStore
• ViewInformationStore
• AllStoreRights
• AllExtendedRights

Use the Remove-PublicFolderAdministrativePermission cmdlet to remove administrative permissions for a public folder or a public folder hierarchy.

USAGE
Remove-PublicFolderAdministrativePermission -Identity -AccessRights -User [-Deny ] [-InheritanceType ] [-Server ]

Remove-PublicFolderAdministrativePermission [-Identity ] -Instance [-AccessRights ] [-Deny ] [-InheritanceType ] [-Server ] [-User ]

EXAMPLES
Remove-PublicFolderAdministrativePermission -User Chris -Identity \MyPublicFolder -AccessRights ViewInformationStore

• In the example, the ViewInformationStore permission is removed from a user named Chris on the public folder named MyPublicFolder.

Use the Get-PublicFolderAdministrativePermission cmdlet to get the administrative permissions for a public folder or a public folder hierarchy.

USAGE
Get-PublicFolderAdministrativePermission -Identity [-Server ] [-User ]

Get-PublicFolderAdministrativePermission -Identity [-Owner ] [-Server ]

EXAMPLES
Get-PublicFolderAdministrativePermission -Identity “\My Public Folder”
Get-PublicFolderAdministrativePermission -Identity “\My Public Folder” -User Chris -Server “My Server” | Format-List
Get-PublicFolderAdministrativePermission -Identity “\My Public Folder” –Owner

• In the first example, the Get-PublicFolderAdministrativePermission command is used to retrieve the access rights for all users of the public folder named My Public Folder.
• In the second example, the Get-PublicFolderAdministrativePermission command is used to retrieve the administrative permissions for the public folder named My Public Folder, for the user named Chris, on the server named My Server. In this example, the output of the Get-PublicFolderAdministrativePermission command is piped to the Format-List command so that all the available information is displayed in the result.
• In the third example, the Get-PublicFolderAdministrativePermission command is used to determine the owner of the public folder named My Public Folder.

%d bloggers like this: