Monday 17 October 2011

EMC 2007/2010 IE9 bug fixed

Microsoft have release an IE9 fix to resolve the interoperability issues with between Exchange 2007 and 2010 EMC. Great news (not that I ever get use EMC anymore, well at least that was until this announcement Future of /Hosting Mode).

Anyway back to the fix… Exchange 2007 or 2010 EMC might fail to close with "You must close all dialog boxes before you can close Exchange Management Console". The Exchange team have posted this on there blog with links to the fix, http://blogs.technet.com/b/exchange/archive/2011/10/17/a-fix-for-the-interoperability-issues-between-exchange-2007-and-2010-emc-and-ie9-is-now-available.aspx.

Daniel

Thursday 13 October 2011

RIP /Hosting Mode – Exchange Server 2010 /Hosting

I have been waiting for this for a while, http://blogs.technet.com/b/exchange/archive/2011/10/13/future-of-hosting-mode.aspx.

In summary…

  • 180 U turn on hosting!
  • You don’t need to use /Hosting Mode, on-premise is probably the preferred choice now
  • No new features will be added to SP2 /Hosting Mode, that includes UM Sad smile
  • You will probably need to use an automation partner or have s**t hot Exchange Admins

While I do not agree with this, I do understand working with one product with tweaks it is mush easier. Looks like is back to the way I used to do Hosted Exchange 2000, 2003 and 2007 before /Hosting Mode was born.

I’ know what I’m doing for the rest of the month….

Friday 16 September 2011

Send as permissions with Hosted Exchange 2010

If you need to assign Send As rights with Hosted Exchange 2010 it can easily be achieved with PowerShell.
I want the user Daniel to be able to send email out as the Event DL address:

Add-RecipientPermission "Event" -AccessRights SendAs -Trustee "Daniel"

Nice and easy.

Daniel

Tuesday 9 August 2011

U-turn on Exchange 2010 SP1 /hosting mode guidance?

If you have been following Exchange 2010 options for hosters you will know that until recently you were pretty much pushed down the /hosting mode route. Well today I spotted this blog post by Ian Hameroff and Michael van Dijken, So, You Want to Host Exchange?, suggesting we don’t have to use /hosting if we want UM and some other functionality.

image

As with Exchange 2000, 2003 and 2007 we are able to make a standard deployment of Exchange 2010 SP1 work as a multi-tenant environment, Paul Roman covers it nicely here, The Hard Way - Hosting Environment Preparation.

My first Hosted Exchange solution was Exchange 2000 with a custom built automation engine, which was great, but I remember how much better the support was when HMC was introduced. With /hosting mode it became even simpler and although I desperately want UM in my solution today, I am not sure moving away from /hosting is the right direction.

What are your thoughts?

Daniel

Technorati Tags: ,,

Monday 4 July 2011

Remove a domain from Office 365

If you are having trouble removing a domain using the Office 365 management portal you can use the Microsoft Online Services Module for Windows PowerShell to help.

First off download the module and find out a little bit more about the MSOL module from here, http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh124998.aspx.

Use the following cmdlets to connect, identify and remove domains.

Connect-MsolService

the following command will list the domains you have added to O365.
Get-MsolDomain

Change the default domain.
Set-MsolDomain -IsDefault -Name exchangegeek.onmicrosoft.com

Remove the domain.
Remove-MsolDomain -domainname exchangegeek.com –force

Hope this helps, it worked for me out moving domains between tenant organisations and not getting any response to my “service requests”.

Thursday 30 June 2011

BES 5.0.3 support for Exchange 2010 SP1 Hosting Mode–CDO - no longer supported

The compatibility matrix for BES has been updated to include Exchange 2010 SP1 Hosting Mode support, BlackBerry Enterprise Server Compatibility.

When BES 5.0.3 was released I upgraded BES in my Exchange 2010 SP1 Hosting Mode environment to resolve a calendar issue preventing meeting management from devices, this was great news for my team as it had caused some pain internally.

I actually performed a fresh install and moved users to the new BES, for me this minimised down time, allowed time for testing and gave me an easy roll back operation.

CDO no longer supported by BlackBerry® Enterprise Server for Microsoft ® Exchange 2010 SP1 Hosting Mode

To enable Microsoft Exchange Web Services on BlackBerry Enterprise Server 5.0 SP3:

  1. Copy the BlackBerry Enterprise Server installation files to a computer that hosts a BlackBerry Enterprise Server instance.
  2. Extract the contents to a folder on the computer.
  3. At the command prompt, navigate to <extracted_folder>\tools.
  4. Perform one of the following actions:
    • To enable Microsoft Exchange Web Services for a specific BlackBerry Enterprise Server , type
      TraitTool -server <server_name> -trait EWSEnable -set true
    • To enable Microsoft Exchange Web Services for all BlackBerry Enterprise Server instances in a BlackBerry Domain, type
      TraitTool -global -trait EWSEnable -set true
  5. Press ENTER.
  6. Restart the BlackBerry Controller Service for every BlackBerry Enterprise Server modified.

Daniel

Monday 20 June 2011

Restoring a DAG member, don't forget to evict the node!

Hi,

When restoring a DAG member (please see a previous blog post on how to to do this) it is important to remember to evict the node from the cluster, otherwise errors will occur when you re-introduce it.

The error that will be shown should the server still be a cluster member, when running the cmdlet 'Add-DatabaseAvailabilityGroupServer' is shown below:













To remedy this open the Failover Cluster Manager on a valid DAG member. Select the DAG member you are performing DR on, right click it and select "Evict node"












Go back to your open Powershell session and re-run 'Add-DatabaseAvailabilityGroupServer' and this should now run succesfully.

You will see it succesfully adding the server to the cluster:












Finally once configuration is complete, it will show the server as a valid member:











You now simply have to reseed any databases that should reside on this DAG member and you are all set!

Take care,

Oliver Moazzezi MVP - Exchange Server

Thursday 16 June 2011

setup.com /m:recoverserver when server is a DAG member

Hi,

You cannot just recover a DAG member using /m:recoverserver, the setup process will notice the server is part of a DAG and stop, as can be seen below.













In order to succesfully recover an Exchange 2010 Server that is a DAG member we must remove it from the DAG. This involves removing any database copies it may have as a DAG member and also removing it from the DAG entirely.

The following process shows how this is done.

1. Remove any Database copies this DAG member may have

Remove-MailboxDatabaseCopy DATABASE\SERVER












2. Remove the server from the DAG it is a member of. Because the server is offline, or a standby server is present ready to be used, we use the -ConfigurationOnly switch. This tells Exchange not to search for the Exchange server (as it would error as it is not there), and instead remove the configuration data only.

Remove-DatabaseAvailabilityGroupServer -Identity DAG -MailboxServer SERVER -ConfigurationOnly











3. Going back to the server we are performing the recovery on, and re-running setup.com /m:recoverserver we should now see no issues performing DR












Finally after performing recovery setup completes and we can see the server is ready once a reboot is complete.












If the server is a combined server role it is important to make changes to any .config files you previously made changes too, as the recoverserver command will not re-introduce those changes.

Finally there are some other switches that can be used when recovering the Exchange 2010 server.














/TargetDir - this lets you specify the install location of the Exchange 2010 setup files. You can use this to ensure it is installed elsewhere if previously you did not install to c:\

/UpdatesDir - this allows you to place any updates in the directory so Exchange can slipstream these and ensure you do not have to apply them seperately after.

/InstallWindowsComponents - this will automatically install windows features should they be missing on the new server you are performing the recovery on.

/DoNotStartTransport - if the server is a Hub Transport or Combined Server Role, then you can initiate this switch to ensure the Transport Service doesn't start, should you need to perform more configuration or perform tests prior to allow SMTP to flow through it (from Mailbox Servers or Internet).


Take care,

Oliver Moazzezi MVP - Exchange Server

Tuesday 19 April 2011

Hosted Exchange 2010 Webinar Today

Just a quick post to say this is starting at 1pm GMT. You can sign up here

http://www.cobweb.com/learn-now/webinars--events/webinar-exchange-2010.aspx

Oliver Moazzezi MVP - Exchange Server

Thursday 14 April 2011

#CloudPro @asktechnetuk Twitter Event 15/04/2011

Hi,

I will be one of many on a panel for Technet tomorrow (@asktechnetuk) where you can ask questions in a live Twitter Q&A!

Topics will covered will be based on what YOU want to hear advice on, such as Exchange, SQL, Powershell, Cloud Hosting, Virtualization and System Centre.

I will be one of a number of MVPs including

- Vikas Sahni – SQL Azure MVP: @sahnivi
- Myles Jeffrey – Office365 MVP: @mjthinkscape
- Mark Rendle – Windows Azure MVP: @markrendle
- Damian Flynn – Virtual Machine MVP: @damian_flynn
- Oliver Moazzezi – Exchange Server MVP: @OliverMoazzezi
- Patrick Lowdns – Virtual Machine MVP: @PatrickLownds
- Thomas Lee – Powershell, MVP

Microsoft experts will also be on hand to answer questions.
See you there!

Oliver Moazzezi MVP - Exchange Server

Thursday 7 April 2011

BES 5 SP3 MR1– already available

Just 2 days after releasing BES 5 SP3 for Exchange, now BES 5 SP3 MR1 has hit the web. Just a couple of updates which I have copied and pasted below.

Release notes: http://docs.blackberry.com/en/admin/deliverables/26577/BlackBerry_Enterprise_Server_for_Microsoft_Exchange-Maintenance_Release_Notes--1561918-0404053903-001-5.0.3-US.pdf

Software download: https://swdownloads.blackberry.com/Downloads

What's new

The BlackBerry® Enterprise Trait Tool includes a new trait named ExchangeEnablePropertyPromotion. This trait specifies if and how the BlackBerry Messaging Agent promotes MAPI properties. The possible values are:

  • 0 – Disabled
  • 1 - The BlackBerry Messaging Agent promotes MAPI properties on all folder reloads, if required.
  • 2 - The BlackBerry Messaging Agent promotes MAPI properties on all folder reloads, if required, except for the first folder reload. On the first folder reload the BlackBerry Messaging Agent does not promote MAPI properties.

Example: To disable the promotion of MAPI properties for the BlackBerry Domain, type traittool -global -trait ExchangeEnablePropertyPromotion -set 0.

Example: To disable the promotion of MAPI properties for a BlackBerry® Enterprise Server instance, type traittool -server <server_name> -trait ExchangeEnablePropertyPromotion -set 0.

For information about using the BlackBerry Enterprise Trait Tool, see the BlackBerry Enterprise Server Administration Guide.

Fixed issues

BlackBerry Administration Service
If one BlackBerry® Administration Service instance sent a reconciliation task to a second instance, and the connection between the instances dropped before the second instance could notify the first that the reconciliation was complete, reconciliation stopped on all BlackBerry Administration Service instances. The first BlackBerry Administration Service instance then wrote the following error to its log file: “org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection for InvokerLocator [sslsocket:”. The BlackBerry Administration Service checks for unprocessed reconciliation events every 24 hours and restarts them at that time. For more information, contact RIM Support. (DT 1159175)

BlackBerry Messaging Agent
In some circumstances email messages were not delivered promptly because of high disk I/O on Microsoft® Exchange 2010 mailbox servers. (DT 1141515)

Happy patching.

Daniel Noakes

Converting a mailbox to a linked mailbox, improvements in Exchange 2010 SP1

In Exchange 2007 and 2010 you have to perform two actions to accomplish this. First Disable-Mailbox and then Connect-Mailbox, specifying the linked account to convert the mailbox upon re-attachement into a linked mailbox.

The problem with this method is that it removes all Exchange attributes, basically resetting them. The mailbox is in a disconnected state and until you re-attach the mailbox and re-apply Exchange attributes (email addresses just one example) you can potentially bounce mail.

Exchange 2010 SP1 has a new feature that isn't spoken of (infact TechNet documentation here still points to the above method!) This new command will automatically convert the mailbox to a linked mailbox without any disconnection or loss of Exchange attributes, and will automatically disable the account when applying the linked user.

Set-User -Identity Oliver@contoso.com -linkeddomaincontroller UserAccoundForestDC -LinkedCredential $(Get-Credential accountforestdomainadmin) -linkedmasteraccount Oliver@fabrikam.com

Try it, it works great!





























Enjoy,
Oliver Moazzezi MVP - Exchange Server

Wednesday 6 April 2011

Lync Server 2010 Visio Stencil: What is your favourite shape?

In February Microsoft published the Lync Server 2010 Visio Stencil, which I have been using to produce designs for our hosted solution.

My favourite shape has to be Microphone, it just looks a bit funny to me and I’m sure not many people have free standing devices like this. What is your favourite shape?

image
Microphone - Lync Server 2010 Visio Stencil

You can download the Lync Server 2010 Visio Stencil here, http://www.microsoft.com/downloads/en/details.aspx?FamilyID=65b5a396-2c87-445d-be23-d324727d19cb.

Daniel Noakes

Friday 25 March 2011

Exchange 2010 holiday calendar with delegate approval

After a recent migration from dedicated to hosted Exchange 2010 we needed to provide solutions for a few shared public folder calendars, one of which was used for booking holiday. The solution was a resource mailbox with the addition of delegate approval.

This should work with any Exchange 2010 service that supports remote PowerShell access.

The mailbox can be easily created in ECP, although I chose to use PowerShell. I also created a distribution group for the delegates, don’t forget to add members.

New-Mailbox –Name “Holiday” –Room

New-DistributionGroup –Name HolidayAdmins | Set-DistributionGroup -HiddenFromAddressListsEnabled $true

I then setup the calendar processing parameters.

Set-CalendarProcessing –Identity “Holiday” –ResourceDelegates “HolidayAdmins”

Set-CalendarProcessing –Identity “Holiday” –AllBookInPolicy $false –AllRequestInPolicy $true –AutomateProcessing AutoAccept –AdditionalResponse “Holiday request has been submitted. Confirmation will be sent separately.” –EnforceSchedulingHorizon $false –AllowConflicts $true

Users can now book holiday by adding the Holiday resource to meeting. Members of the distribution group (managers/HR) will receive a delegated meeting request which can be accepted or declined.

clip_image001

Daniel Noakes

Monday 21 March 2011

Populating Lync 2010 Contact Lists

Lync does a great job at searching for contacts, as well as displaying team and frequent contacts. If you work for a smaller organisation or a group of people with no particular hierarchy you may want to populate the contact list with a bunch of people for different groups.

Can you believe there doesn’t appear to be a way to do this out of the box. Luckily Microsoft have built a great product with a load of really clever people who can help. Jeff Guillet has posted just a solution on his blog, http://www.expta.com/2011/01/introducing-lyncaddcontacts.html.

With 3 lines I have been able to pre-populate contacts for groups of users.

CScript LyncAddContacts.vbs /backup backup.xml
CScript LyncAddContacts.vbs daniel.noakes@noak.es
CScript LyncAddContacts.vbs /import “OU=noak.es,OU=Microsoft Exchange Hosted Organizations,DC=exchangegeek,DC=com”

Daniel Noakes

Wednesday 16 March 2011

Exchange 2010 SP1 RU3 pulled until BlackBerry issue resolved

If you haven’t already picked up on it, Microsoft have withdrawn Exchange 2010 SP1 RU3 due some problems highlighted with BlackBerry Enterprise Server.

Read more from Kevin Allison on The Exchange Team Blog, http://blogs.technet.com/b/exchange/archive/2011/03/14/exchange-2010-sp1-rollup-3-and-blackberrys-sending-duplicate-messages.aspx

Daniel Noakes

Free BES for Office 365 Users

BPOS and Office 365 users will be getting BlackBerry Enterprise Server (BES) for free based on the information in this slide deck, http://www.slideshare.net/jessiethe3rd/blackberry-now-free-with-bposoffice-365.

I get the impression this will be built on BES 6, as the slide deck makes reference to the service being hosted and managed by RIM. It will probably be the “Express” edition, but the difference between it and the full product a diminishing anyway.

If you have requirement for BES in business you should work with a partner who can develop a complete solution from devices to air-time and app development to hosting.

Daniel Noakes
twitter.com/dannoakes

Tuesday 25 January 2011

HMC: Autodiscover works but Exchange 2007 users cannot download the OAB

Hi,

A few months back I was hit with an OAB issue, I actually raised a case to PSS as it was so odd but ended up resolving it myself before they called.

I was tasked with performing a 'staged migration' from HMC3.5 and Exchange 2003 to HMC4.5 and Exchange 2007 for a Customer. This was theoretically possible because Cobweb have both solutions deployed in the same Forest (cool huh).

Normally we would perform the HMC upgrade and then move mailboxes to Exchange 2007 with a period of confirmed outage to the customer, moving them in a big bang migration approach. But this customer was so large and needed continous messaging that this was not possible.

So I devised the following.

1. Upgrade the mailboxes for their users during the day to Exchange 2007
2. Keep them under HMC3.5 (this went through major testing in our Labs) and locking them out from Control Panel Management
3. Once all mailboxes we upgraded, confirm all was OK and then perform a 30 second 'flip' moving all their HMC data to HMC4.5 and the corresponding panel.


This needed pin point accuracy as not to cause them any outages. It was also crucial the permission group changes from HMC3.5 to 4.5 was performed flawlessly as access to Public Folders, the GAL, and other objects was controlled this way.

When in the lab I noticed an issue IF the customer was an HMC3.5 and Exchange 2003 customer prior to HMC4.5 and Exchange 2007 going into the Forest and Exchange Org.

Any customer I upgraded in testing that were created after the HMC4.5 installation worked fine. It just affected pre-4.5 customers. It caused an issue with the Offline Address Book.

Here is what Autodiscover gave back when looking at an upgraded mailbox

















It’s missing the OAB URL.

The OAB was there and accessible for all Exchange 2003 users yet to have their mailboxes moved, and version4 was available. If I checked connection status I could see the Public Folder referral happen before I download the OAB from the Exchange 2003 server. So I knew this was working. It just didn't work once for users once their mailbox was moved to Exchange 2007.

Exchange 2007 CAS and Mailbox can perform a referral to an OAB on an Exchange 2003 server. So I knew this wasn't an incompatibility problem. This was also a single AD site, so there was no crazy Exchange 2007 to 2003 referrals happening across AD sites.

So what was the issue?

It turns out that the 'Exchange Domain Servers' Security Group was not granted permissions on the legacy OAB. This was due to the OAB existing prior to HMC4.5 and Exchange 2007 going into the Forest and Exchange Org. Any customer created after this had no issues.













Adding the correct permissions to allow this Security Group access fixed the issue. Adding the permissions via ADSIEdit, "Configuration Container, Services, Microsoft Exchange, Address List Containers, Offline Address Book, select customer OAB"













Now when I go back to Outlook I can see OAB availability and download it successfully.











As a side note both the GAL and AL also had this permission discrepancy. But it did not seem to create any ill side effects. As a best practice measure I also set the correct permisssions on these objects also.



Oliver Moazzezi MVP - Exchange Server

Thursday 6 January 2011

duplicate SID from OS templates during Active Directory creation

I built a new test Forest in my Test Lab, deploying from a template Windows 2003 and 2008 images.

The Forest consisted of a Root and 2 childs, an example:

contoso.com
tailspintoys.contoso.com
forthcoffee.contoso.com

I had read an article on the myth of changing the SID of a machine when deploying or cloning from a template. The article is here

However when I came to build my first child domain, I had major issues during the DCPROMO process. The Active Directory installation wizard informed me that the specified domain already existed.


















Now this was news to me :-) and a quick double take confirmed it indeed did not exist, and then I realised both the root Domain Controller that was already running and this new Child DC were spun from the same template.

I remembered that when you DCPROMO a server the SID for the domain is taken from the first server to be promoted - and there was my issue.

So ensure that you use Newsid (retired now and not supported for Windows 2008 R2 or Windows 7) or ensure you properly sysprep any of your templates in your test or production virtualized environments.

Oliver Moazzezi

MVP - Exchange Server


Disable EHLO on an Exchange Send Connector

I recently had an incident where a client running Exchange 2007 could not send mail to his chosen smarthost. In this instance the customer did not want to use DNS to route outbound internet mail but rather through their ISP - using the free and not premium service.
Exchange could not send email through the smarthost, however using that smarthost in an email client allowed mail to pass without any authentication.
It turned out that the smarthost didn't support pipelining (see here) so the Send Connector was modified to send out via SMTP instead of EMSTP.
This simply means Exchange sent a HELO rather than an EHLO.
To modify a Send Connector to send via HELO perform these steps in Powershell.

Set-SendConnector -Identity [Send Connector Here] -ForceHELO $true

More information here


Oliver Moazzezi

MVP - Exchange Server