When a user’s password expires and they login to OWA, the system allows them to change the password. However, Exchange 2013 OWA requires them to use the format ‘DOMAIN\username’.

UPN authentication isn’t supported yet in Exchange 2013 OWA.

• When can’t expect the users to remember the domain name (unnecessary increase in support calls).
• We can’t expect the users to remember the Hosted domain name in a hosted environment.

In Exchange 2013 OWA when the UPN Is changed. User reset will happen in the below format.

DomainName\user@tenant1.com

As you know , when the logon format is “User Principal Name” the Domain\user name field is not populated by Exchange automatically.

This article will explain how to over come this situation by doing a autofill – when your login format is set to username or UPN  by customizing the fexppw.js file in OWA Folder.

Location of the file – “C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\XXX\scripts\premium”

Lets see my below example for better understanding -

My Root Domain name is testcareexchange.biz

my customer domain name is peppy.com

See my Users UPN (Userprincipalname) and Primarysmtp address

below mailbox is on testcareexchange.biz domain

Now lets see how resetting password at next logon works

“Your password has expired and you need to change it before you sign in to Outlook Web App”

Domainname\user@domain.local

In my case it is

Testcareexchang\user@peppy.com

Your password has been changed. Click OK to sign in with your new password.

Seriously , We can’t expect the users to remember this format . Which is going to increase the support calls for password resets on expiry. Especially users not joined in the domain and in a hosted environment.

Only way to overcome this issue is to do a autofil this domain\username details.

lets see how to do it.

Locate the file from below location – fexppw.js

Location of the file – “C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\XXX\scripts\premium”

—

Make sure OWA Virtual directory is set to

Use forms-based authentication Logon format:User principal name (UPN)

Take a backup of the below file –

Add the below line – in the else statement as shown below.

No IISreset required after the below change. Clear your browser cache and check.

gbid(“username”).value = “TESTCAREEXCHANG\\” + rg[3];

Once Changed. SAVE the file. Clear browser cache . check now.

As shown below .It should autofill.

What if your are using ?

Use forms-based authentication Logon format:User name only

REPLACE the below line – in the If statement as shown below.

No IISreset required after the below change. Clear your browser cache and check.

gbid(“username”).value = “TESTCAREEXCHANG\\” + rg[3];

Happy Customization.

NOTE ++++ THIS CUSOMIZATION IS NOT SUPPORTED BY MICROSOFT ++++++

++++++++++ANY UPDATES FROM MICROSOFT IS GOING TO REPLACE THIS SETTING AND YOU NEED TO REDO THIS CUSTOMIZATION +++++++

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

Am migrating users from Domain A to Domain B.

Primary domain has distribution groups having “Only senders inside my organization”

We can’t expose the distribution groups as some mailboxes are migrated across forest.

Create a receive Connector to allow emails to be authenticated for distribution groups.

Note: Appropriate mail contact/mail user should be available.

Add the IP to be allowed.

Open the properties of the connector –

Make sure Externally Secured is checked

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

Open Power shell ( Run as Administrator)

Set-OfficewebAppsfarm –SSLOffloaded:$true –AllowHTTP:$true

Restart Office Web App Server (OWAS_ server

Which fixed the above ID prompt

Attaching the standard settings with all OWAS functionality working with Exchange and SharePoint 2013 on Windows Server 2012

I have a internal CA – there my .local url is trusted with my internal CA. and External URL has a trusted cert.

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

Log Name: Application
Source: MSExchangeFrontEndTransport
Date: 19/01/2015 4:18:38 PM
Event ID: 7012
Task Category: Components
Level: Warning
Keywords: Classic
Computer: Exch.careexchange.in
Description:
The service state for frontend transport is inconsistent. Current state – Inactive. Expected state – Active.

Login to Exchange –

Start – run – services.msc – Restart

Microsoft Exchange Frontend Transport Service.

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

AutodiscoverServiceInternalUri is the the internal URL of the Autodiscover service.

Once you specify the internal URL , Domain Joined machines with Outlook will look at the AutodiscoverInternalURi acting as a Service Connection Point.

While Outlook trying to connect with different Autodiscover methods , Service Connection Point stands first. In some cases even after migrating to a hosting provider or to Office 365 we can see outlook still looking at the local exchange server and not to the right exchange server, Most of the cases as internal autodiscover is specified , Outlook takes the internal url as a priority.

Get-ClientAccessServer | fl AutodiscoverService*

To set the url

Set-ClientAccessServer “CasServerName” –AutoDiscoverServiceInternalUri “https://autodiscover.careexchange.in/Autodiscover/Autodiscover.xml”

Running Test E-Mail AutoConfiguration

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

What is Autodiscover ?

Autodiscover is a feature of Exchange Server . Outlook 2007/2010/2013 and Active sync mobile clients use this methodology to configure their clients with just email address and password. Where Autodiscover helps in retrieving all the server information and URLs information automatically.

Understanding Outlook Autodiscover is more important where you can have your Outlook configured in seconds, you should have control over your autodiscover methods used in your environment.

Outlook has a pre-defined set of methods to go in order , So if you are using like 4th option in your autodiscover order , Outlook will try the first 3 methods in order to reach the fourth method. If you want to have your Outlook to configure quickly or to restrict your outlook to redirect to a wrong server. 

You can disable autodiscover methods through registry entries or through group policies

Disabling via GroupPolicy -

Administrative Templates–>>Microsoft Outlook 2013–>>Account Settings–>>Exchange–>>Disable AutoDiscover.

Refer below link for deploying and Configuring administrative templates.

Deploy Office 2013 Sp1 via Group Policy to all domain joined machines

Disabling via registry - HKEY_CURRENT_USER\Software\Microsoft\Office\x.0\Outlook\AutoDiscover

Note -

Value 1 — DISABLE

Value 0 — ENABLE

Below screenshot disables HTTP Redirect and HTTPS Autodiscover Domain

Autodiscover redirect servers saved in below location -

HKEY_CURRENT_USER\Software\Microsoft\Office\x.0\Outlook\AutoDiscover\RedirectServers

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

When Exchange 2010 or Exchange 2013, Coexist between a old pop system or Google apps , You can see the messages sent to those systems from Exchange 2010 or Exchange 2013 servers will receive the email in plain text.

Note : This happens when those external recipients are added as mail contacts in our Exchange Global Address list.

Coz by detault Mail Contacts uses MapiRichTextFormat which old POP system or Google Apps work email cannot understand.

Below parameter by default –

UseMapiRichTextFormat  : Always

To overcome this issue – Set the parameter to Never so that it doesn’t use the MapiRichTextFormat

UseMapiRichTextFormat  : Never

To set for all Mail Contacts –

Get-MailContact -ResultSize Unlimited | Where-Object {$_.primarysmtpaddress -like “*Careexchange.in”} | Set-MailContact -UseMapiRichTextFormat Never

Now you can receive those emails in a common format from Exchange 2010/2013 servers.

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

After Cumulative updates on Exchange Server 2013 . Imap.Porxy/Pop.Proxy test probes went inactive. Restarting Imap/POP services didn’t help.

Alerts keep raising as IMAP proxy and POP Proxy is in Inactive state.

The issue was “State” of the ImapProxy/PopProxy component was set to Inactive:

Get-ServerComponentstate -Identity EXCH01

Run below . To get the Components to active state.

Set-ServerComponentState -Identity EXCH01 -Component PopProxy -Requester HealthAPI -State Active

Set-ServerComponentState -Identity EXCH01 -Component ImapProxy -Requester HealthAPI -State Active

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

Simple booking system Requirement –

• Visit to a location.
• Meeting should be auto accepted.
• Should not be Double booked.
• Should inform the user that the response is from a automated booking system.
• One Delegate should be able to Add/Move/Cancel the meeting

Lets see how to create it –  Login to EAC and Create a Room Mailbox

AutoAccept is set below –

• Should not be Double booked.

Uncheck – Allow Repeating Meetings

• Should inform the user that the response is from a automated booking system.

Add a note — Response is provided by our automated booking system.

One Delegate should be able to Add/Move/Cancel the meeting

Add full access – to the delegate as below.

Now delegate can add the calendar of this mailbox to his outlook and manage it .

Any Meeting request sent to the resource mailbox

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

   

Open Exchange Management Shell –

Set-ExchangeServer EXCH01 -ProductKey 86VXV-O2HKP-32RH4-7JP6V-GF4BQ

Restart Information Store Services to Take Effect.

Get-ExchangeServer | FT Name,Edition,*Trial* -Auto

The post Quick Tip : Entering Exchange Server 2013 Product key using Shell appeared first on CareExchange.in.

For Exchange Server 2013,Exchange Server 2016

Most of the admins/consultants wants to turn off the Exchange admin center on the internet facing exchange servers. Due to the scare of Security Breach , Where guys who have potential access to exchange can do severe damage to the organization.

Lets see how to disable it.

Note after disabling , Exchange Admin Center wont be accessible. And only Exchange management shell will be active to manage the exchange server. Most of the organizations what they do is . They disable EAC on the internet facing servers and install a dummy Exchange Server with Exchange admin tools and manage using that. It makes sense in terms of security.

Get-EcpVirtualDirectory "EXCH01\ECP (Default Web Site)"

Set-ECPVirtualDirectory -Identity "EXCH01\ECP (Default Web Site)" -AdminEnabled $false

The post Quick Tip : Turning off Exchange Admin Center for security reasons appeared first on CareExchange.in.

First select the mailboxes you want to enable auditing.

Note: To run non-owner Mailbox access report . Auditing has to be enabled in advance to capture the behaviour of the user mailboxes.

Get-Mailbox *careexchange.in | Set-Mailbox -AuditEnabled:$true

Logging into EAC (Exchange Admin Center) – Compliance Management – Auditing

Click on Run a owner mailbox access report.

Choose the mailboxes you want to audit –

Click on Search. Now you can see if any unauthorised access has been made. it will be showing up .

In my case – Archiving server is using a impersonated account to pull all the email items from the mailboxes.

Now to export the same report you need to do few changes in attachment settings as report is generated in the form of XML which is blocked by default.

To see the Allowed Files list –

Get-OwaMailboxPolicy | Select-Object -ExpandProperty AllowedFileTypes | export-csv C:\Extensions.txt

To see the Blocked Files list –

Get-OwaMailboxPolicy | Select-Object -ExpandProperty BlockedFileTypes | export-csv C:\BlockedExtensions.txt

If export-csv doesn’t work After Allowedfiletypes use >C:\Extensions.txt

Opening the Blockedextensions.txt i could see the .xml

Checking Which is the OWA maibox policy assigned on the mailboxes where it needs to receive the report.

Get-CASMailbox Testuser* | Fl *owa*

Now i got the owamailboxpolicy name.

Adding the .xml in the allowed file types –

Set-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default -AllowedFileTypes @{add='.xml'}

Removing the .xml from the allowed file types –

Set-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default -BlockedFileTypes @{remove='.xml'}

Now you can receive the Auditing report as below –

These logs are stored in the dumpster of the mailbox itself. so it will be archived after 90 days as a default retention limit.

The post How to run a Non-owner mailbox access report in Exchange server/Office365 for audit purposes. appeared first on CareExchange.in.

I have a common mailbox where the messages have to be cleared which are older than 30 days.

Note : This feature requires an Enterprise Client Access License.

Login to EAC (Exchange Admin Center) – Compliance Management – Retention Tags – Click on 1 month Delete.

We are specifying

Delete and Allow recovery – Moving to dumpster then it stays in the dumpster for the retention period specified on the database. if there is a retention specified on the mailbox it takes precedence.

If you choose Permanently delete it never gets moved to dumpster – Non recoverable. We are specifying the item reaching the age of 30 will get archived.

Compliance Management – Retention Policies  – Add the retention tag we created “Click on 1 month Delete”

Choose save

Now apply the Retention Policy on the mailbox

Recipients mailboxes – Mailbox Features – Retention Policy (Choose the policy we created)

Choose save.

Now any Items which are older than 30 days will be archived in the common mailbox.

The post Deleting a Common Mailbox Messages after so many days in Exchange servers/Office 365 appeared first on CareExchange.in.

From Exchange 2013 Cu9 or later versions of Exchange 2013 and Exchange Online (Office 365). When user sends emails using send as over a shared mailbox we have an option of saving sent items on the shared mailboxes. So that all sent items can be stored in a centralized location. make sure all the exchange 2013 servers in the environment running cu9 or later.

Lets see how to do that.

• you cannot login to a shared mailbox directly.
• Sent items are not stored when you do SendAs by default.
• Mostly shared mailboxes are department mailboxes like HR, contact us, info mailboxes.

Creating a Shared Mailbox –

New-Mailbox commonmailbox -Database "*514" -Shared

Providing User2 Full access to the Common Mailbox (for the user to access all the content in that mailbox) –

Add-MailboxPermission Commonmailbox -User user2 -AccessRights FullAccess -InheritanceType All

To Remove the Mailbox Permission –

Remove-MailboxPermission -Identity ayla -User "Jim Hance" -AccessRights FullAccess –Inheritance

Providing User2 Send As to the Common Mailbox –

On-premises –

Add-ADPermission -Identity commonmailbox -User user3 -ExtendedRights "Send As"

Exchange Online –

Add-RecipientPermission -Identity "commonmailbox" -Trustee "user3" -AccessRights SendAs

By Default “From” is not enabled in Outlook Web App .  To Enable that – login to owa go for options. Check the options always show “from”

As default am sending as commonmailbox to my CEO.

Common mailbox – send as emails are not storing in sent items by default.

Lets see how to enable that –

set-mailbox commonmailbox -MessageCopyForSentAsEnabled $True

Good to know – For SendOnBehalf

set-mailbox commonmailbox -MessageCopyForSendOnBehalfEnabled

Now you can see the Sent items saved in the Common mailbox

The post Copy Sent Items to Shared Mailboxes and delegates appeared first on CareExchange.in.

Lets see how to create an Anonymous Application relay connectors in Exchange 2016. Every Application needs to have relay permission when they need to send out email using Exchange server.

Like ticketing systems ,Monitoring servers to CRM applications.

Relaying in simple terms –

Email relaying is using an email server to send out emails which does not originate on the
email server.Most Commonly used for fax servers, CRM , Email Routing from different forests etc..

Step 1 –

Login to Exchange Control Panel – Mail Flow – Receive Connectors – Click “+”

Choose “FrontEnd Transport”

Remove the whole range. Enter the required IPs which needs to be allowed for relay.

Double click on created connector – Security – Choose Anonymous users –

Or Use Power shell –

New-ReceiveConnector -Name "Relay" -RemoteIPRanges ("10.128.57.54","10.128.57.55") -TransportRole "FrontendTransport"  -Bindings ("0.0.0.0:25") -Usage "Custom" -Server "Servername.careexchange.in"

Set-ReceiveConnector -Identity "Servername\Relay" -PermissionGroups "AnonymousUsers"

Step 2 –

Giving permission to the Receive connector to accept any recipient

Get-ReceiveConnector "Servername\Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

Step 3 – TESTING

lets test the same from an windows machine using simple telnet – Assuming the relay ip which i added is a windows machine

Open Server Manager – Manage – Add Roles and Features

Next and Finish to install

Open Powershell –

telnet Exch2016D.dubai.com 25
Helo
MAIL FROM: cloud@Application.com
RCPT TO: info@domain.com
DATA
"SUBJECT:My Subject"
Test
.

As i received the email – The relaying works without any issues.

Note that any applications you are allowing should use a valid domain to send out emails as there is a risk of ip getting blacklisted when huge junk emails are sent out using applications.

Its always recommended to set a rate limit on anti-spam servers.

The post Anonymous Application relay connectors in Exchange 2016 appeared first on CareExchange.in.

We should look for options when “Exchange Databases are not mounting”

• Good backup Available.
• No Backup – Exchange mailbox Databases are down.
• Mounting a blank database – Keeping the messaging alive until you repair the exchange databases.
• Soft recovery and Repairing the Exchange Databases
• Recovery Databases

Have tried to include as much scenarios as possible.

Good backup Available

Best option is restoring from Backup software’s like Symantec which is the best option to have minimal downtime. but make sure you have to retain the live data whichever is on the existing drives – As you will lose data from the Backup taken time to the Storage Failure time.

if you have a good backup First Restore from the Backup get the production running. Then you can create a recovery database and repair the broken databases and merge with your production.

you may have to take a copy or rename the database file before restoring using the backup software as they can overwrite the databases files residing on the existing drives.

No Backup – Exchange mailbox Databases are down

Some Organizations start depending on DAG . Backup less solutions . Still there are chances where your Database didn’t failover due to a network issue or various other reasons. Try forcing the failover. Check you can access the storage and bring that back. The stability of the databases have increased where the server or storage undergoes a intermittent failure new exchange version cure themselves in few scenarios when it comes to database copies.

If you don’t have a backup , repairing the existing databases takes time approximately 5-10 Gb per hour.Totally depends on the IOPS/processor. if you don’t have a backup always take a copy of the broken databases. so that even if your repair is interrupted you don’t lose hope,you can copy it again for recovery purposes . Before that,There are various ways to get your databases healthy, 5-10 gb per hour is the worst case scenario.

You got to check the health of the database , Where Exchange cannot connect back to a database again . if its not gracefully dismounted or disconnected from storage or server or anti virus removes sometimes hold the log files mistakenly. lets see how to check the health of the databases.

Open powershell

Locate to the .\eseutil.exe,Default location –

Cd "C:\Program Files\Microsoft\Exchange Server\V15\Bin"

To Check the status of the Exchange database :

locate to the bin folder to check the health of the exchange database

.\eseutil.exe /mh "D:\log files\Mailbox Database\Mailbox Database.edb"

there are two results, It may say clean or dirty , will go through both.

showing CLEAN SHUTDOWN –  Database is healthy and its in a good shape. It couldn’t mount as its not able to understand the existing sequence of the log files.

Removing all the logs files from the logs files location and Mount the database. It should generate a new series of log files and mounting the database gracefully.

To get log file Location –

Get-mailboxdatabase | fl Name,*path

To force mount the databases –

Get-mailboxdatabase "Database Name" | Mount-database –Force

showing Dirty SHUTDOWN –  Database is not in a good state (worst case) , if the database sizes are massive, you cannot keep the environment down until the databases are repaired. here is the trick of mounting a blank database to keep the environment active going with a blank mailbox. and repair the broken databases and swap it again then merge them. if you don’t want to mount a blank database.skip it.

Mounting a blank database – Keeping the messaging alive until you repair the exchange databases.

• Stop Microsoft Exchange Search Service
• Stop Microsoft Exchange Search Host Controller Service

Now you can rename the database folder. Create a identical folder.

Mounting the store will force the creation of an empty database.

As soon as you mount a blank database in the messaging environment. Outlook will prompt for a restart. Once the outlook is restarted.

Users get an option of getting into Temporary mailbox to send and receive emails or Use Old data to look their cached PST ,if they are in Outlook cache mode.

if health check shows dirty –

.\eseutil.exe /mh "D:\log files\Mailbox Database\Mailbox Database.edb"

Lets see how we can handle the broken database. you can see a row called “logs required”

Check the required logs are available or not . in my case its 6079 – 6104

Check if you have the logs available

if you have the logs available – Make sure you got the .chk file in the same location. If you don’t have the required log files skip this step.

You can try running the soft recovery –  (/r)

Have the database and log files in the default location

If you cannot have in the default location use /D for database location , /s for checkpoint file location , /l for log file location.

if you don’t mention it. it will take the default location

“/a” is for – even if some log files are missing it will try to get the database to a good shape (Data loss will be there)

E01 – Go to the log file location check how it starts E00 or E01 or E02

.\eseutil.exe /r e01 /l "D:\log files\Mailbox Database" /d "D:\Program Files\Microsoft\Exchange Server\V15\Mailbox\Mailbox Database\Mailbox Database.edb" /a

Check the status after the soft Recovery – If its showing Clean Shutdown – You can mount the database, if it doesnt , you can always move the logs and try mounting it as the databases are in clean shutdown.

If its not in Clean shutdown . Even after soft recovery Process

Repairing the Exchange Database : (5 to 8 GB /hour) (Exchange 2010 and later versions are much faster)

.\eseutil.exe /p "D:\Databases\Mailbox Database\Mailbox Database.edb"

It will repair the database with 98% of success – Where data loss will be there in the corrupted portion of it. Mostly its minimal.

Once the repair process is completed.We can see the database to Clean shutdown .

I would recommend to get the mailboxes moved to a different database as soon as possible , to be on a safer side. also the Microsoft supportability point of view.

Recovery Databases  –

when its comes to recovery databases,you have to understand about database swapping as well.if you repaired a 500 Gb databases and your temporary database is 5 gb. there is no point in merging 500 gb recovery database with 5 gb temporary database. Also the outlook will always wants the old database back in place to overcome the initial prompt when you have a temporary database mounted. As you dismount the blank database and mount the repaired database as primary and smaller database on the recovery . So that merging can be done quicker and simpler.

Creating a recovery database with existing database –

New-MailboxDatabase -Recovery -Name RDB -Server mail -EdbFilePath "C:\Program Files\Microsoft\Exchange Server\V15\Mailbox\Recover\Mailbox Database.edb" -LogFolderPath "C:\Program Files\Microsoft\Exchange Server\V15\Mailbox\Recover"

Merge them for one mailbox –

New-MaiboxRestoreRequest -SourceDatabase "RDB" -SourceStoreMailbox "vaishika sathesh" -TargetMailbox vaishika@careexchanged.in

If you have different users with same display name – below command should help you.

New-MailboxRestoreRequest -SourceDatabase "RDB" -SourceStoreMailbox 3965757c-f9f4-4c8d-a8c2-56a410257b52 -TargetMailbox vaishika@careexchanged.in -SkipMerging StorageProviderForSource

Merge them in bulk –

Foreach ($mailbox in Get-MailboxStatistics -Database RDB)

{

New-MailboxRestoreRequest -SourceDatabase RDB -SourceStoreMailbox $mailbox.DisplayName -TargetMailbox $mailbox.DisplayName

}

Known Errors :

he call to 'net.tcp://mail.careexchange.in/Microsoft.Exchange.MailboxReplicationService mail.careexchange.in(15.0.620.24 caps:3F)'
failed. Error details: must be logging in with GUIDs, not legDN
Parameter name: owner.
+ CategoryInfo : NotSpecified: (:) [New-MailboxRestoreRequest], CommunicationErrorTransientException
+ FullyQualifiedErrorId : 436EF2E5,Microsoft.Exchange.Management.RecipientTasks.NewMailboxRestoreRequest
+ PSComputerName : mail.careexchange.in

Resolution –

Use

Foreach($mailbox in Get-MailboxStatistics -Database RDB)

{

New-MailboxRestoreRequest -SourceDatabase RDB -SourceStoreMailbox $mailbox.DisplayName -TargetMailbox $mailbox.DisplayName -SkipMerging StorageProviderForSource

}

Now Consider Database Repair Failed –

Mount a blank database.

Go to the cached outlook – Export to PST via Outlook.

Create a new Outlook Profile – Import PST

Other options – you can consider 3rd party solutions for EDB to PST conversion.
After repairing the databases if users have issues in accessing folder you can run a repair on the mailbox

New-MailboxRepairRequest -Mailbox vaishika@careexchanged.in -CorruptionType ProvisionedFolder,SearchFolder,AggregateCounts,Folderview

Known issues –

Issue :

Unable to submit online integrity check request for database Mailbox Database. Failure:An unexpected error occurred

while trying to submit the request. Detailed error information follows

Microsoft.Mapi.MapiExceptionInvalidParameter: MapiExceptionInvalidParameter: Queue online isinteg request failed.

(hr=0x80070057, ec=-2147024809)

Resolution –

Database is in bad share after repair – Create a new database and move them

Issue :

Log Name:      Application
Source:        MSExchangeIS
Event ID:      2006
Level:         Error
Description:
Microsoft Exchange Information Store worker process (12584) has encountered an unexpected database error (Illegal duplicate key) for database ‘Mailbox Database’ with a call stack of
at Microsoft.Exchange.Server.Storage.PhysicalAccessJet.JetTableOperator.Insert(IList`1 columns, IList`1 values, Column identityColumnToFetch, Boolean unversioned, Boolean ignoreDuplicateKey, Object& identityValue)
at Microsoft.Exchange.Server.Storage.PhysicalAccessJet.JetInsertOperator.ExecuteScalar()
at Microsoft.Exchange.Server.Storage.PhysicalAccess.DataRow.Insert(IConnectionProvider connectionProvider)
at Microsoft.Exchange.Server.Storage.StoreCommonServices.ObjectPropertyBag.Flush(Context context)
at Microsoft.Exchange.Server.Storage.LogicalDataModel.Item.Flush(Context context)
at Microsoft.Exchange.Server.Storage.LogicalDataModel.Message.Flush(Context context)
at Microsoft.Exchange.Server.Storage.LogicalDataModel.Message.SaveChanges(Context context)
at Microsoft.Exchange.Server.Storage.LogicalDataModel.TopMessage.SaveChanges(Context context, SaveMessageChangesFlags flags)
at Microsoft.Exchange.Protocols.MAPI.MapiMessage.SaveChangesInternal(MapiContext context, MapiSaveMessageChangesFlags saveFlags, ExchangeId& newMid)

Log Name:      Application
Source:        MSExchangeIS
Event ID:      1046
Level:         Error

Description:
Unexpected error encountered in critical block. Location:(Microsoft.Exchange.Diagnostics.LID), scope: (MailboxShared), callstack: (   at Microsoft.Exchange.Server.Storage.StoreCommonServices.Context.OnCriticalBlockFailed(LID lid, CriticalBlockScope criticalBlockScope)
at Microsoft.Exchange.Server.Storage.StoreCommonServices.Context.CriticalBlockFrame.Dispose()
at Microsoft.Exchange.Server.Storage.LogicalDataModel.TopMessage.SaveChanges(Context context, SaveMessageChangesFlags flags)
at Microsoft.Exchange.Protocols.MAPI.MapiMessage.SaveChangesInternal(MapiContext context, MapiSaveMessageChangesFlags saveFlags, ExchangeId& newMid)
Log Name:      Application
Source:        MSExchangeIS
Event ID:      1002
Level:         Error

Description:
Unhandled exception (Microsoft.Exchange.Server.Storage.Common.DuplicateKeyException: JetTableOperator.Insert —> Microsoft.Isam.Esent.Interop.EsentKeyDuplicateException: Illegal duplicate key
at Microsoft.Isam.Esent.Interop.Server2003.Server2003Api.JetUpdate2(JET_SESID sesid, JET_TABLEID tableid, Byte[] bookmark, Int32 bookmarkSize, Int32& actualBookmarkSize, UpdateGrbit grbit)
at Microsoft.Exchange.Server.Storage.PhysicalAccessJet.JetTableOperator.Insert(IList`1 columns, IList`1 values, Column identityColumnToFetch, Boolean unversioned, Boolean ignoreDuplicateKey, Object& identityValue)

Resolution –

Database is in bad shape after repair – Create a new database and move them

The post How to restore Exchange Databases from a Storage failure appeared first on CareExchange.in.

Download the Script

Click to view the Complete Sample Report

Provides Below Exchange Environment Information –

• Number of Exchange Servers
• Number of Databases
• Number of Mailboxes
• Number of Public Folder Mailboxes
• Number of Distribution Groups
• Number of Dynamic Distribution Groups
• Number of Contacts
• Number of DAG
• Number of Accepted Domains
• Number of Organizational Administrators
• Exchange Server Roles
• Exchange Server  Edition
• Exchange Server Site
• Exchange Server Operating System
• Exchange Server Connectors used per Exchange Server
• Mailbox Database Mount Status
• Mailbox Database Mounted on Server
• Mailbox Database Primary Content Indexing Status
• Mailbox  Database Copies Information.
• Mailbox Database Mailbox Retention Information
• Mailbox Database Item Retention Information
• Mailbox Database Circular Logging Information
• Datacenter Activation Coordination (DAC) mode
• Database Availability Group Witness Server Information
• Database Availability Group Witness files location
• Database Availability Group Member Replication status information

Short Description of Datacenter Activation Coordination (DAC) mode –

Datacenter Activation Coordination (DAC) mode is a property of a database availability group (DAG). DAC mode is disabled by default but should be enabled for all DAGs with two or more members that use continuous replication. DAC mode shouldn’t be enabled for DAGs that use third-party replication mode unless specified by the third-party vendor.

DAC mode is designed to prevent split brain from occurring by including a protocol called Datacenter Activation Coordination Protocol (DACP). When DAC mode is enabled, DAG members won’t automatically mount databases even if they have quorum. Instead DACP is used to determine the current state of the DAG and whether Active Manager should attempt to mount the databases.

Its recommended to enable DAC in a multi-site environment (Value – DagOnly)

You can Open Power shell – Run it on your Exchange Server.

you can customize few settings on the script to generate emails . By default the script saves the HTML File to “C:\ModernExchangeEnvironmentReport.htm”

# ----- Settings ----

#Should the Script Open the HTML File locally on Finishing the script - Say Yes - if you wish to

$Openhtmllocally = "No"

Write-Progress -Activity "Email Settings" -status "Storing Email Settings"
## ----- Email ----Fill in with your details

$EmailTo = "administrator@dubai.com"
$EmailFrom = "administrator@dubai.com"
$EmailSubject = "Modern Exchange Environement Report $Date"
# Creating Anonymous Relay - http://www.careexchange.in/how-to-configure-a-relay-connector-for-exchange-server-2013/
$SmtpServer = "10.128.57.55"
$Attachment = "C:\ModernExchangeEnvironmentReport.htm"

# ----- Settings ----

Click to view the Complete Sample Report

Download the Script

The post Modern Exchange Environment Report with Health Checks appeared first on CareExchange.in.

Only Gmail to Exchange was throwing NDR –

TLS Negotiation failed: generic::failed_precondition: starttls error (0): protocol error

We were using IMSVA – Interscan Messaging Security Virtual Appliance for Anti-Spam

Went to http://checktls.com/

Verified TLS is ok – if not please fix them

Note : most of them wont have a Valid cert on the SMPT level , please ignore if you get the the cert error . as it’s a wild card cert applied in this environment everything says OK

Solution –

Raising a Ticket with Trend Micro They gave a Patch –

Some message digest algorithms are not supported during TLS communication in IMSVA 9.0.
This hot fix upgrades the OpenSSL version in IMSVA 9.0 to enable it to support these message digest algorithms.

Applied the Hotfix –  IMSVA 9.0.0.1510

Administration – End User Quarantine – Redistribute – Refreshed all the services

Now Gmail to Exchange servers Mail flow is normal !

NDR Information on Gmail – –

This is an automatically generated Delivery Status Notification
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipient has been delayed:
Test@careexchange.in
Message will be retried for 2 more day(s)
Technical details of temporary failure:
TLS Negotiation failed: generic::failed_precondition: starttls error (0): protocol error
—– Original message —–
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=Xq6cM0BHS/l8MJ4WYJNApvWzwZ/O8qe78VP1gy/BoaU=;
        b=vYdhhQdLa16iWPEvnjxOj0BrgSx7JM039VGxvfSwbC42tvV+62gtxeZjFA05+fXlux
         +bC3Qa5OsvqliBLGKwTwgsP8Pa+MAJoQwO22lOisXKWdqr2WEhN03kcmFwRNcCl5cvby
         E178c/OpEqBHSJdm/dsdfsdfsdgsdwesdf/nkIb6
         fMCz5aGx4QzqsLtdn5ThfEVL+ggAuczJ0TkI5kLJVK7LwFOc3OEejFBIDZX2t5nHx8jz
         gIKiPwODAVTwSyhVS55pYjSJ/jqS8HFwRWFamWB/osZzXYfZpUdVqKejOSDg5CDBpQsp
         3bBA==
MIME-Version: 1.0
X-Received: by 10.13.130.239 with SMTP id m78m435337939ioi.18.14467543592436;
Thu, 05 Nov 2015 00:08:12 -0800 (PST)
Received: by 10.33.33.149 with HTTP; Thu, 5 Nov 2015 00:08:12 -0800 (PST)
Date: Thu, 5 Nov 2015 12:08:12 +0400
Message-ID: <CAHHVjUV=VVrtJR4_QUic5ks95L363563mBb5YGRp_bPbRA@mail.gmail.com>
Subject: T1
From: Sam <test@gmail.com>
To: Administrator <test@careexchange.in>
Content-Type: multipart/alternative; boundary=001a113f000cd65650523c6a040

The post NDR from Gmail to Exchange Servers –TLS Negotiation failed appeared first on CareExchange.in.

Retrieving and Exporting mailbox Content sent and received to specific external Recipient.

Click the below Link – Make sure the Admin has appropriate Permissions

http://careexchange.in/deleting-a-specific-email-from-entire-organization-in-exchange-2010-2/

First did a Estimation on How many emails –

FROM –

Search-Mailbox –Identity sath@careexchange.in  -SearchQuery "From:90devilforwarder@gmail.com" –EstimateResultOnly

TO –

Search-Mailbox –Identity sath@careexchange.in  -SearchQuery "to:90devilforwarder@gmail.com" –EstimateResultOnly

–

Verified its pulling up some results.

–

Exported to my administrator mailbox –

Search-Mailbox –Identity sath@careexchange.in  -SearchQuery "From:90devilforwarder@gmail.com" -TargetMailbox Administrator -TargetFolder FROMDEVIL

Search-Mailbox –Identity sath@careexchange.in  -SearchQuery “To:90devilforwarder@gmail.com" -TargetMailbox Administrator -TargetFolder TODEVIL

The post Search-mailbox sent Received to Specific External Recipient appeared first on CareExchange.in.

• Power Failure in Datacenter . All nodes went up and down.
• Tried mounting Databases – Failed.
• Cluster lost the Votes and went to a state where it doesn’t know which one to mount.

Failed to mount database “DB”. Error: An Active Manager operation failed. Error: An Active Manager operation encountered an error. To perform this operation, the server must be a member of a database availability group, and the database availability group must have quorum. Error: Automount consensus not reached. [Server:EXCH01.careexchange.in]+ CategoryInfo : InvalidOperation: (DB:ADObjectId) [Mount-Database], InvalidOperationException+ FullyQualifiedErrorId : [Server=EXCH01,RequestId=5d2959e0-5976-4c94-a324-6bc5ad40be85,TimeStamp=3/7/2016 10:49:36 AM] [FailureCategory=Cmdlet-InvalidOperationException] 26486D4A,Microsoft.Exchange.Management.SystemConfigurationTasks.MountDatabase+ PSComputerName : exch01.careexchange.in

Resolution –

Start-DatabaseAvailabilityGroup -MailboxServer EXCH01

Note : In my case – Server in my primary site,DAC(Datacenter Activation Coordination mode) is ON , Databases are already in Exch01. Started DAG saying EXCH01 is live and functional and to check the started and stopped DAG members to come out the confusion.

Now Mounted all databases Successfully.

Get-MailboxDatabase | Mount-Database -Force

The post Automount consensus not reached : Databases Dismounted appeared first on CareExchange.in.