Note : Its Preferred to Move the Database Path and Rename the Databases instead of removing it. Still you will come across some situations you had to remove them. http://www.careexchange.in/how-to-move-database-path-and-log-folder-path-in-exchange-2013/

• Move your Mailboxes
• Move your Public Folder Mailboxes
• Do Not Move you Monitoring Mailboxes
• Move your Arbitration Mailboxes

Then you are good to Delete the Default Database

$olddb = Get-MailboxDatabase "Mailbox Database 2009099270"

$newdb = Get-MailboxDatabase "Database-001"

 To Check for Mailboxes –

Get-mailbox –Database $olddb

To move Mailboxes to Different Database

Get-mailbox –Database $olddb | New-moverequest –TargetDatabase $newdb

 To Check for Public Folder Mailboxes –

Get-Mailbox -Database $olddb –PublicFolder

To move Mailboxes to Different Database

Get-Mailbox -Database $olddb –PublicFolder | New-moverequest –TargetDatabase $newdb

 To Check for monitoring mailboxes –

Get-Mailbox -Database $olddb –Monitoring

It has to be removed by Exchange Server itself . But it wont have access to remove them. keep a copy of it and remove it from Active Directory.

• Don’t move the Health Mailbox from one database to another.

 To Check for arbitration mailboxes –

Get-Mailbox -Database $olddb –Arbitration

To move Mailboxes to Different Database

Get-Mailbox -Database $olddb –Arbitration | New-moverequest –TargetDatabase $newdb

Now Check all move request status

Get-MoveRequest | Get-MoveRequestStatistics

Now Remove all Move requests once completed.

Get-moverequest | remove-moverequest

Now remove the Database

Get-MailboxDatabase $olddb | Remove-MailboxDatabase 

Error –

This mailbox database contains one or more mailboxes, mailbox plans, archive mailboxes, public folder mailboxes or arbitration mailboxes. To get a list of all mailboxes in this database, run the command Get-Mailbox -Database <Database ID>. To get a list of all mailbox plans in this database, run the command Get-MailboxPlan. To get a list of archive mailboxes in this database, run the command Get-Mailbox -Database <Database ID> -Archive. To get a list of all public folder mailboxes in this database, run the command Get-Mailbox -Database <Database ID> -PublicFolder. To get a list of all arbitration mailboxes in this database, run the command Get-Mailbox -Database <Database ID> -Arbitration. To disable a non-arbitration mailbox so that you can delete the mailbox database, run the command Disable-Mailbox <Mailbox ID>. To disable an archive mailbox so you can delete the mailbox database, run the command Disable-Mailbox <Mailbox ID> -Archive. To disable a public folder mailbox so that you can delete the mailbox database, run the command Disable-Mailbox <Mailbox ID> -PublicFolder. Arbitration mailboxes should be moved to another server; to do this, run the command New-MoveRequest <parameters>. If this is the last server in the organization, run the command Disable-Mailbox <Mailbox ID> -Arbitration -DisableLastArbitrationMailboxAllowed to disable the arbitration mailbox. Mailbox plans should be moved to another server; to do this, run the command Set-MailboxPlan <MailboxPlan ID> -Database <Database ID>.

The post How to Remove Exchange 2013 Default Databases–Recommended way appeared first on CareExchange.in.

Resilient file system ReFS Requirements –

• OS Requirements – Windows Server 2012 R2
• Supports Exchange 2013/2016 Databases or later

Resilient file system ReFS Benefits –

• Refs can automatically correct the corruption.
• Even if corruption occurs and cannot be repaired it salvages the place making sure the Volume stays online.
• Scalability is high keeping future demands in mind.

Note : All Application doesn’t support ReFs Volumes yet, Only Exchange Database and Logs files are supported to keep in ReFs Volumes.

Add the Disk –

Bring the Disk Online

• Use GPT (GUID Partition Table)

as MBR has a 2TB limit.

Create a Simple Volume – Choose File System Type – ReFS

Disable Integrity Streams by Formatting the Volume you created –

Format-Volume -DriveLetter x -FileSystem ReFS -AllocationUnitSize 65536 -SetIntegrityStreams $false

Now your ReFs Volumes are Ready for Storing your Exchange 2013/Exchange2016 Databases.

The post Creating ReFs Volumes for Exchange 2013/2016 appeared first on CareExchange.in.

I am planning to cover all Disaster Recover Scenarios in this Article and Office 365 Architectures as well.

Lets dig some basics and go back some years so we can have a better understanding over this article. Exchange servers have evolved as a superior mail system over these years and the replication technology comes with it is more stable and reliable.if you configure it on the right way you can rely on it and there is no need to invest on third party replication technologies to attain a better RPO (Recovery Point Objective) and RTO (Recovery Time Objective). Adding Cloud based feature sets and hybrid technologies make it more feature rich technology. Now every feature added to this technology have been tested with office 365 which has millions of mailboxes over the cloud. Over the past era x86 systems and slow connectivity made the architectures more stretched and complex. Modern connectivity and cheap storage/hardware systems makes exchange configuration more affordable bringing back to a single server architecture.Of course x64 systems doesn’t limit us on the performance.

Hybrid Configurations are more effective . Moving the IT Overhead to cloud for large user base and for Small user base its more affordable on spending on the hardware itself. For Every Enterprise Disaster Recovery is a must . Proper Planning is always required in terms of business continuity .

Lets starts with basics and few recommendations on your Exchange Server Disaster Recovery Scenarios –

First Turn ON your Datacenter Activation Coordination (DAC) mode Which will prevent split brain syndrome at the application level ,  Datacenter Activation Coordination mode (DAC) cannot be used only only when you use third-party replication Software.

Basics –

• Odd number of nodes in a Cluster, Witness does not have a vote.
• Even Number of nodes in a Cluster ,witness have a vote.
• From Windows Server 2012 R2 – Dynamic Quorum – Cluster decides whether to use the witness vote based on the number of votes available in the cluster.

For Dummies – Windows Cluster Voting system is to decide the Cluster will be up or Down. For a Two Node Cluster n/2 + 1 is 2/2 +1 = 2 , Means Maximum of 2 votes has to be up for Cluster to remain active . For a Three Node Cluster n/2 is 3/2 = 1.5 is 2.Means Maximum of 2 votes has to be up for Cluster to remain active

There is a common misconception that if you have a two node cluster 1 node and witness going offline the last node can dynamically change the quorum keep the databases online. Oh wait. Dynamic Quorum Doesn’t support simultaneous node failures. For Example in a two node cluster it cannot sustain  1 node and 1 witness going down.

How to see my votes for a 2 Node Cluster using Witness  –

Note : If you are using Cluster without cluster administrative access points (IP less Database Availability Group (DAG))  it means you cannot use the GUI to manage or Troubleshoot the cluster. you can use only PowerShell as of now.

Get-ClusterNode | FT Name,DynamicWeight,State –AutoSize

(Get-Cluster).WitnessDynamicWeight

Having a Witness server on a third site was a misconception in Exchange 2010 but not any more. In Exchange 2013 and Exchange 2016 its recommended to have witness on the third site to achieve Active/Active Datacenter.

We will see a active/active site for a large enterprise utilizing a virtual infrastructure and Load Balancing appliances. As Exchange 2013/2016 supports unified URL,Like Mail.domain.com , Across site1 and site2 . For Anti-spam Appliances its always recommended to us DNS Round-Robin Methods for High Availability with Same DNS Preference MX Records. Load Balancers with reverse proxy capabilities can replace your existing TMG if you have one.

Suitability – For an Enterprise going Active/Active is only when the type of business requires such availability and the link between the sites are affordable and reliable.  Having equal number of active users in each site makes this design more suitable.

Failure Scenarios –

• When Site 1 Fails – Site 2 Takes over as it has the Witness
• When Site 2 Fails – Site 1 Takes over as it has the Witness
• When Site 1 and Witness Fails – Site 2 can be restored using Datacenter Switchover Methods. Using Start Stop DAG PowerShell Commands.

• LTM (Local Traffic Manager – Hardware Load Balancer.
• With BIG-IP DNS, users are directed to the nearest data center based on geo location or policies that will provide the best application experience.

We will see a active/Passive site for a Mid size enterprise utilizing a virtual infrastructure and Load Balancing appliances. In this scenario second site will be utilized only in the time of the disaster , As Exchange 2013/2016 supports unified URL across sites ,Like Mail.domain.com. If you have anti spam appliance licenses  with are CAL based and not server based you can build another set of Anti spam appliances and keep it off and turn it on when the disaster occurs (Changing the Mx Records manually). Most of the cases people don’t build anti spam appliance as the disaster recovery site is only a temporary solution to keep the messaging system active and DNS change is manual and the activation of the secondary datacenter consists of a series of steps .

Documenting this manual procedure will be used for Disaster Recovery planning and for Compliance Audits which will certainly define your planned RPO (Recovery Point Objective) and RTO (Recovery Time Objective).

Note : I just placed the load balancer in the below diagram as if more users are in the primary site you can always have two nodes in the primary site and one node in the secondary site as there is no need of witness(3 node – no witness needed).

Suitability – For an Enterprise going Active/Passive is more common.  Active users are more in a single site or Services are hosted from single datacenter.

Failure Scenarios –

• When Site 1 Fails – Site 2 waits for an Administrator to manually Activate the datacenter. Using Start Stop DAG PowerShell Commands doing Public DNS changes manually.
• When Site 2 Fails – Site 1 remains active as primary datacenter has the majority of the nodes.

• LTM (Local Traffic Manager – Hardware Load Balancer.  Hardware load balancer will be utilized only when you have two nodes in the primary datacenter.

We will see a single site Architecture for a small enterprise utilizing a virtual infrastructure . In this scenario second site 2 will be utilized by taking a manual offsite backup where one cannot afford a disaster recovery site, Where in the time of disaster he can restore the system and databases using a backup software.For Anti-spam Appliances its always to leave it with Round-Robin Methods for High Availability with Same DNS Preference. Now if you don’t want to opt or invest on a On-premises Anti-spam servers you can utilize cloud based anti spam which comes at a subscription cost.

Documenting this manual procedure will be used for Disaster Recovery planning and for Compliance Audits which will certainly define your planned RPO (Recovery Point Objective) and RTO (Recovery Time Objective).

Suitability – For a small Enterprise .  Most of these type of Customers have already migrated to Office 365 to save Operational and management costs.

Failure Scenarios –

• When Site 1 Fails –  Waits for an Administrator to rebuild the backup software and manually recover using the offsite backup.

It’s a cloud based site for a large enterprise with Single Sign On utilizing a virtual infrastructure .

Suitability – For an large Enterprise – Adopted cloud and manages their Users from their On-Premises Hybrid Exchange Server using Single SignOn.

ADFS (Active Directory Federation Services) Also plays a major Role on Enterprises who doesn’t want to sync their Passwords to the cloud. But if ADFS (Active Directory Federation Services) being down Users cannot Login to the  cloud as authentication happens locally to the users.

Failure Scenarios –

• When Site 1 Fails – Cloud has all the data only ADFS Fails over Across the site. (Hybrid and Azure AD Connect has to be rebuilt/restored)
• When Site 2 Fails – No Impact
• When Cloud Fails – Wait from the cloud provider to resolve as Cloud Providers Provide Standard SLA.

To have a disaster recovery for the Active Directory,We can always stretch Active Directory a cloud based site like Azure.

• LTM (Local Traffic Manager – Hardware Load Balancer.
• With BIG-IP DNS, users are directed to the nearest data center based on geo location or policies that will provide the best application experience.

It’s a cloud based for a mid size enterprise with Password Synchronization utilizing a virtual infrastructure .

Suitability – For an small and mid size Enterprise – Adopted cloud and manages their Users from their On-Premises Server.

There is a common misconception that without ADFS (Active Directory Federation Services) Single Sign cannot be achieved. Note : ADFS gives us various advantages when it has to be shared across organizations .

Failure Scenarios –

• When Site 1 Fails – Cloud has all the data (Azure AD Connect has to be rebuilt)
• When Cloud Fails – Wait from the cloud provider to resolve as Cloud Providers Provide Standard SLA.

To have a disaster recovery for the Active Directory,We can always stretch Active Directory a cloud based site like Azure.

Hope this Article was informative. Looking forward to add more Architectures in the same Article.

Article is open for Feedbacks.

The post Exchange Server–Disaster Recovery – Reference Architectures appeared first on CareExchange.in.

Exchange 2013 Setup fails with an Error. (Installation)

Solution – Re Run the Setup.

Error:

The following error was generated when "$error.Clear();

if ($RoleProductPlatform -eq "amd64")

{

$fastInstallConfigPath = Join-Path -Path $RoleBinPath -ChildPath "Search\Ceres\Installer";

$command = Join-Path -Path $fastInstallConfigPath -ChildPath "InstallConfig.ps1";

$dataFolderPath = Join-Path -Path $RoleBinPath -ChildPath "Search\Ceres\HostController\Data";

try

{

# the BasePort value MUST be kept in sync with dev\Search\src\OperatorSchema\SearchConfig.cs

&$command -action i -baseport 3800 -dataFolder $dataFolderPath -silent;

}

catch

{

$errorMsg = "Failure configuring SearchFoundation through installconfig.ps1 - " + $_.Exception.Message;

Write-ExchangeSetupLog -Error $errorMsg;

# Clean up the failed configuration attempt.

&$command -action u -silent;

try

{

if ([System.IO.Directory]::Exists($dataFolderPath))

{

[System.IO.Directory]::Delete($dataFolderPath, $true);

}

}

catch

{

$deleteErrorMsg = "Failure cleaning up SearchFoundation Data folder. - " + $dataFolderPath + " - " + $_.Exception.Message;

Write-ExchangeSetupLog -Error $deleteErrorMsg;

}

}

}

" was run: "Failure configuring SearchFoundation through installconfig.ps1 - Error occurred while configuring Search Foundation for Exchange.System.ServiceModel.Security.SecurityNegotiationException: A call to SSPI failed, see inner exception. ---> System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The system cannot contact a domain controller to service the authentication request. Please try again later

--- End of inner exception stack trace ---

at System.Net.Security.NegoState.StartSendAuthResetSignal(LazyAsyncResult lazyResult, Byte[] message, Exception exception)

at System.Net.Security.NegoState.StartSendBlob(Byte[] message, LazyAsyncResult lazyResult)

at System.Net.Security.NegoState.ProcessAuthentication(LazyAsyncResult lazyResult)

at System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)

at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)

--- End of inner exception stack trace ---

Server stack trace:

at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)

at System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorBase.InitiateUpgrade(Stream stream)

at System.ServiceModel.Channels.ConnectionUpgradeHelper.InitiateUpgrade(StreamUpgradeInitiator upgradeInitiator, IConnection& connection, ClientFramingDecoder decoder, IDefaultCommunicationTimeouts defaultTimeouts, TimeoutHelper& timeoutHelper)

at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)

at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection connection, TimeoutHelper& timeoutHelper)

at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)

at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)

at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)

at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)

at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)

at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)

at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)

at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:

at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)

at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)

at Microsoft.Ceres.HostController.WcfTypes.IHostController.GetHostInformation()

at Microsoft.Ceres.Exchange.PostSetup.HostControllerManager.ConnectHost(Uri uri, Boolean secure, String userIdentity, Int16 timeoutInSeconds)

at Microsoft.Ceres.Exchange.PostSetup.NodeManager.DeployContentEngineNode()

at Microsoft.Ceres.Exchange.PostSetup.DeploymentManager.Install(String installDirectory, String dataDirectoryPath, Int32 basePort, String logFile, Boolean singleNode, String systemName, Boolean attachedMode)

at CallSite.Target(Closure , CallSite , Type , Object , Object , Object , Object , Object , Object , Boolean )".

Exchange 2013 Setup fails with an Error. (Installation)

Solution – Re Run the Setup.

The post Setup Issues – Failure configuring SearchFoundation through installconfig.ps1 appeared first on CareExchange.in.

Exchange Management Shell Fails with below Error –

Comparing Registry with – Nonworking/Working machines

Solution –

Exported Missing Registries – Imported to non-working server.

‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine’

Once PowershellEngine  registries were back . Exchange Management shell worked.

Error Reference  –

VERBOSE: Connecting to EXCH2013.Cloudid.biz.
New-PSSession : [exch2013.cloudid.biz] Processing data from remote server exch2013.cloudid.biz failed with the
following error message: [ClientAccessServer=EXCH2013,BackEndServer=exch2013.cloudid.biz,RequestId=21ec5dc7-79e9-4e74-a
ce2-8ab6189d4966,TimeStamp=8/4/2016 6:56:05 AM]
[AuthZRequestId=93d5835d-9dcd-4e4d-b2a7-c41ebcc620e3][FailureCategory=AuthZ-SetupVersionInformationCorruptException]
Unable to determine the installed file version from the registry key
'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine'. For more information, see the
about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : IncorrectProtocolVersion,PSSessionOpenFailed

The post Exchange Management Shell FailureCategory =AuthZ-SetupVersionInformationCorruptException appeared first on CareExchange.in.

Like Distribution Groups , Primary Mailboxes ,Shared mailboxes which has Access to sending to All users for Example may require a additional layer of Approval.

• Sensitive Announcements.
• Payment Releases.

Transport Rules can help achieving it.

For Example like below any email from Test2016-1 requires moderators approval from Test2016-2.

Moderator can Approve or Reject with Response

On Reject – Approver can edit the reject response.

With Moderator Comments –

Does it work on Normal Mailboxes – Yes

Does it work on Shared Mailboxes – Yes

Does it work on Send As  – Yes

The post Message Approvals with Moderator in Exchange Servers appeared first on CareExchange.in.

• Saving Sent Items can be on Shared Mailboxes Only (Converting Mailbox to Shared to Set-Mailbox MailboxName –Type Shared)

Get-Mailbox test2016-4 | Set-Mailbox -MessageCopyForSendOnBehalfEnabled:$true -MessageCopyForSentAsEnabled:$true

User1 do SendAs on Test2016-4 Mailbox

Now in Test2016-4  Sent Items you can see Items being saved. Which is not by default.

Enabling From in Outlook Web Access After Applying SendAs Permission in Shared mailbox delegation properties.

From –

Send As is Saved to SharedMailbox

The post Configuring Sent Items Behavior in Exchange 2016 appeared first on CareExchange.in.

• Standard Journaling is on Database Level requires a Exchange Standard client access license (CAL)  – All messages Collects to Journal Mailbox
• Premium Journaling is on User/Group Level requires a Exchange Enterprise client access license (CAL) – More Granular messages Collects to Journal Mailbox

End User Cannot Retrieving the Email by himself from a journaling Mailbox,But in Archiving End user can retrieve the email himself from the Archiving Mailbox. So Journaling can never replace archiving. They are used in different requirements. Plan and Size your Journal Mailboxes properly otherwise it can go unmanaged very easily as it collects more emails applying on a database level. Its good to put it on a dedicated database based on the requirements. Most of the situations Decision has be made seeing how deleted emails can be handled and serves the compliance which we are looking for.

• If I delete a Email before archiving. Its removed from the server permanently after the retention period applied on Exchange Databases/users
• But in Journaling its not the case. Every Email is Moved to a Safe Place. Before End user can play around with it.

To Safe Guard the deleted emails without Journaling , Placing the mailbox on Litigation hold is the feature is to retrieve these emails using e-discovery feature. But placing all mailboxes on litigation hold is not recommended . Its just for a temporary measure on few or more mailboxes while on a legal dispute for example.

Just FYI – Some 3rd Party Archiving Software’s Collects Emails for Archiving from Journal Mailboxes using Exchange Web Services.

Standard Journaling –

Database Properties – Maintenance

Premium Journaling –  Requires Enterprise CAL

Compliance Management – Journal rules

Native Archiving –  Requires Enterprise CAL

• End User can move messages to Archiving or Using Retention Policies.
• End User Can always Delete Emails unless they are not in litigation hold.
• Helps Removing PST from the Environment.

3rd Party Archiving like Symantec Vault which stubs the emails from the exchange databases and places pointers in the database.

• Saves a lot of space on the Databases.
• Outlook Add-in Requires to Retrieve old emails
• Helps Removing PST from the Environment.
• Active sync devices requires to open the archived item via a phone browser. (After clicking the hyper link on the Archived item)

The post Standard and Premium Journaling vs Native and 3rd Party Archiving appeared first on CareExchange.in.

Updated – Script Supports Exchange 2013 and Exchange 2016 and Office 365

Download the Script

You can Use this Script to for the Below Tasks.

I would Strongly Recommended you to understand this script & Run it on your lab – Confirm it suits your Need

As it has the Ability to Delete Content in some tasks, Please be safe using it

Before running on the Production Server, Please Test it

Open Exchange Management Shell , Browse to the Location of the Script

PS C:\> .\DiscoverySearchSimplified.ps1

Discovery Search Simplified
----------------------------

1.Check for Discovery Search Permissions

2.Check for Mailbox Import Export Permissions

3. Add a User to Discovery Search Permission

4. Add a User to Mailbox Import Export Permission
Make Sure Discovery Search & Mailbox Import Export Permissions are Added to the Current Logged on User
To use Options greater than 4
5. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email

6. Remove a Email with a Specific Subject from One Mailbox

7. Remove a Email with a Specific Subject from all the Mailboxes in the Organization

8. Mailbox Cleanup - Emptying a Specific Mailbox (Exch2010 only)

9. Mailbox Dumpster Cleanup - Emptying a Specific Mailbox Dumpster(Exch2010 only)

10. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requir
es From Address

11. Remove a Email with a Specific Subject from One Mailbox and Requires From Address

12. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From Address

13. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requir
es To Address

14. Remove a Email with a Specific Subject from One Mailbox and Requires To Address

15. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires To Address

16. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requir
es From&To Address

17. Remove a Email with a Specific Subject from One Mailbox and Requires From&To Address

18. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From&To Address

Choose The Task: 6
Enter Alias of the User to Search for a Subject and Delete it: galsync1
Enter the Subject: Spam Email !!

Confirm
Deleting content from mailboxes galsync1
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): y

Identity         : careexchange.in/Users/Galsync1
TargetMailbox    :
TargetPSTFile    :
Success          : True
TargetFolder     :
ResultItemsCount : 3
ResultItemsSize  : 29.82 KB (30,535 bytes)    

In the Above Example – I removed a Spam Email with a Subject “Spam Email !!”

Without disturbing the User

Example –

With From to Options –  

Hope it will help Exchange Admins to simplify their work.

Download the Script

#Requires -version 2
<#
.SYNOPSIS
DiscoverySearchSimplified.ps1 - It Can Check for Required Permissions to do a Discovery Search

1.Check for Discovery Search Permissions

It will ask for the User Alias, Checks the User is a member of "Discovery Management" Role Group

2.Check for Mailbox Import Export Permissions

It will ask for the User Alias , Checks the User is a member of "Mailbox Import Export" Management Role

3. Add a User to Discovery Search Permission

It will ask for the User Alias, Adds the user a member of "Discovery Management" Role Group

4. Add a User to Mailbox Import Export Permission"

It will ask for the User Alias, Adds the user a member of "Mailbox Import Export" Management Role

5. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email

It will ask for the User Alias , Asks for the Subject , Asks for the Mailbox name where it can send a report

6. Remove a Email with a Specific Subject from One Mailbox

It will ask for the User Alias , Asks for the Subject , Removes it

7. Remove a Email with a Specific Subject from all the Mailboxes in the Organization

It will ask for the User Alias , Asks for the Subject , Removes it from the Entire Organization asking for Confirmation

It won't run for all the Mailboxes Unless you choose - [A] Yes to All

8. Mailbox Cleanup - Emptying a Specific Mailbox

It will ask for the User Alias , Empties the Entire Mailbox

9. Mailbox Dumpster Cleanup - Emptying a Specific Mailbox Dumpster

It will ask for the User Alias , Empties the Dumpster Alone

.DESCRIPTION

Simplifies the Usage for Discovery Search Feature

.OUTPUTS
Results are output to the PowerShell window.

.EXAMPLE

[PS] C:\Scripts>.\DiscoverySearchSimplified.ps1
Discovery Search Simplified
----------------------------

1.Check for Discovery Search Permissions

2.Check for Mailbox Import Export Permissions

3. Add a User to Discovery Search Permission

4. Add a User to Mailbox Import Export Permission
Make Sure Discovery Search & Mailbox Import Export Permissions are Added to the Current Logged on User
To use Options greater than 4
5. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email

6. Remove a Email with a Specific Subject from One Mailbox

7. Remove a Email with a Specific Subject from all the Mailboxes in the Organization

8. Mailbox Cleanup - Emptying a Specific Mailbox (Exch2010 only)

9. Mailbox Dumpster Cleanup - Emptying a Specific Mailbox Dumpster(Exch2010 only)

10. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requir
es From Address

11. Remove a Email with a Specific Subject from One Mailbox and Requires From Address

12. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From Address

13. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requir
es To Address

14. Remove a Email with a Specific Subject from One Mailbox and Requires To Address

15. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires To Address

16. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requir
es From&To Address

17. Remove a Email with a Specific Subject from One Mailbox and Requires From&To Address

18. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From&To Address -Fore
Ground Cyan
Note :

- Adding Permissions Doesn't Reflect on the Powershell Instantly, You got to Close and Reopen Powershell to Refresh the
Permissions
Choose The Task: 6
Enter Alias of the User to Search for a Subject and Delete it: galsync1
Enter the Subject: trrddd

Confirm
Deleting content from mailboxes galsync1
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
Identity : careexchange.in/Users/Galsync1
TargetMailbox :
TargetPSTFile :
Success : True
TargetFolder :
ResultItemsCount : 3
ResultItemsSize : 29.82 KB (30,535 bytes)

.NOTES
Written By: Satheshwaran Manoharan
Website : Www.careexchange.in

Change Log
V1.0, 20/09/2012 - Initial version

Change Log
V1.1, 15/08/2016 - Add Support to Exchange 2016 with From-To Options to Search and delete
#>

#Add Exchange 2010 snapin if not already loaded
if (!(Get-PSSnapin | where {$_.Name -eq "Microsoft.Exchange.Management.PowerShell.E2010"}))
{
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction SilentlyContinue
}

Write-host "

Discovery Search Simplified
----------------------------

1.Check for Discovery Search Permissions

2.Check for Mailbox Import Export Permissions

3. Add a User to Discovery Search Permission

4. Add a User to Mailbox Import Export Permission" -ForeGround "Cyan"
Write-host "

Make Sure Discovery Search & Mailbox Import Export Permissions are Added to the Current Logged on User
To use Options greater than 4" -ForeGround "Green"

Write-host "

5. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email

6. Remove a Email with a Specific Subject from One Mailbox

7. Remove a Email with a Specific Subject from all the Mailboxes in the Organization

8. Mailbox Cleanup - Emptying a Specific Mailbox (Exch2010 only)

9. Mailbox Dumpster Cleanup - Emptying a Specific Mailbox Dumpster(Exch2010 only)

10. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requires From Address

11. Remove a Email with a Specific Subject from One Mailbox and Requires From Address

12. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From Address

13. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requires To Address

14. Remove a Email with a Specific Subject from One Mailbox and Requires To Address

15. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires To Address

16. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requires From&To Address

17. Remove a Email with a Specific Subject from One Mailbox and Requires From&To Address

18. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From&To Address -ForeGround "Cyan""

Write-host "

Note :

- Adding Permissions Doesn't Reflect on the Powershell Instantly, You got to Close and Reopen Powershell to Refresh the Permissions

" -ForeGround "Green"
$number = Read-Host "Choose The Task"

switch ($number)
{
#1.Check for Discovery Search Permissions
1 {

$GetAlias = Read-Host "Enter Alias of the User to Check for Discovery Search Permissions"

$Discovery = ((Get-RoleGroupMember "Discovery Management") | where-Object{$_.Name -eq "$GetAlias"}).Name -eq "$GetAlias"

if ($Discovery -eq 'True')

{

"$GetAlias is a Member of Discovery Management"

}

Else

{

Write-Host "$GetAlias is not a Member of Discovery Management" -foreground "RED"

};

break}
#2.Check for Mailbox Import Export Permissions
2 {

$GetAlias = Read-Host "Enter Alias of the User to Check for Mailbox Import Export Permissions"

$MailboxImportExport = (((Get-ManagementRoleAssignment -Role "Mailbox Import Export" -GetEffectiveUsers) | Where-Object{$_.EffectiveUserName -eq "$GetAlias"}).Count -ge "1")

if ($MailboxImportExport -eq "true")
{

"$GetAlias is a Member of Mailbox Import Export Permission"

}

else
{

Write-Host "$GetAlias is not a Member of Mailbox Import Export Permission" -foreground "RED"

};

break}
#3. Add a User to Discovery Search Permission
3 {

$GetAlias = Read-Host "Enter Alias of the User to add Discovery Management Permissions"

Add-RoleGroupMember "Discovery Management" -Member "$GetAlias"

; break}
#4. Add a User to Mailbox Import Export Permission"
4 {

$GetAlias = Read-Host "Enter Alias of the User to add Mailbox Import Export Permissions"

New-ManagementRoleAssignment -Role "Mailbox Import Export" -User "$GetAlias"

; break}
#5. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email
5 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject"

$GetSubject = Read-Host "Enter the Subject"

$GetMailboxtoSendLog = Read-Host "Enter the Mailbox Alias to send the Generated Log"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject'" -Logonly -Targetmailbox "$GetMailboxtoSendLog" -Targetfolder "Inbox"

; break}
#6. Remove a Email with a Specific Subject from One Mailbox

6 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject and Delete it"

$GetSubject = Read-Host "Enter the Subject"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject'" -DeleteContent

; break}
#7. Remove a Email with a Specific Subject from all the Mailboxes in the Organization
7 {

$GetSubject = Read-Host "Enter the Subject of the Email to Delete from the Entire Organization"

get-Mailbox | search-mailbox -searchquery "Subject:'$GetSubject'" -DeleteContent

; break}
#8. Removed - Mailbox Cleanup - Emptying a Specific Mailbox
8 {

$GetAlias = Read-Host "Enter the Mailbox Name to Cleanup - Empyting a Mailbox"

search-mailbox -identity $GetAlias -searchquery "Subject:'*'" -DeleteContent

; break}
#9. Removed - Mailbox Dumpster Cleanup - Emptying a Specific Mailbox Dumpster
9 {

$GetAlias = Read-Host "Enter the Mailbox Name to Cleanup the dumpster Alone"

search-mailbox -identity $GetAlias -searchquery "Subject:'*'" -SearchDumpsterOnly -DeleteContent

; break}

#10. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requires From Address
10 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject"
$FromAddress = Read-Host "Enter from address of the Email Format user@domain.com"
$GetSubject = Read-Host "Enter the Subject"

$GetMailboxtoSendLog = Read-Host "Enter the Mailbox Alias to send the Generated Log"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject' -AND from:$FromAddress" -Logonly -Targetmailbox "$GetMailboxtoSendLog" -Targetfolder "Inbox"

; break}
#11. Remove a Email with a Specific Subject from One Mailbox and Requires From Address
11 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject and Delete it"
$FromAddress = Read-Host "Enter from address of the Email Format user@domain.com"
$GetSubject = Read-Host "Enter the Subject"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject' -AND from:$FromAddress" -DeleteContent

; break}
#12. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From Address
12 {

$GetSubject = Read-Host "Enter the Subject of the Email to Delete from the Entire Organization"
$FromAddress = Read-Host "Enter from address of the Email Format user@domain.com"
get-Mailbox | search-mailbox -searchquery "Subject:'$GetSubject' -AND from:$FromAddress" -DeleteContent

; break}
#13. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requires To Address
13 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject"
$ToAddress = Read-Host "Enter To address of the Email Format user@domain.com"
$GetSubject = Read-Host "Enter the Subject"

$GetMailboxtoSendLog = Read-Host "Enter the Mailbox Alias to send the Generated Log"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject' -AND to:$ToAddress" -Logonly -Targetmailbox "$GetMailboxtoSendLog" -Targetfolder "Inbox"

; break}
#14. Remove a Email with a Specific Subject from One Mailbox and Requires To Address
14 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject and Delete it"
$ToAddress = Read-Host "Enter To address of the Email Format user@domain.com"
$GetSubject = Read-Host "Enter the Subject"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject' -AND to:$ToAddress" -DeleteContent

; break}
#15. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires To Address
15 {

$GetSubject = Read-Host "Enter the Subject of the Email to Delete from the Entire Organization"
$ToAddress = Read-Host "Enter To address of the Email Format user@domain.com"
get-Mailbox | search-mailbox -searchquery "Subject:'$GetSubject' -AND to:$ToAddress" -DeleteContent

; break}
#16. Generate a Log - To identitfy the Number of Emails Exist in a mailbox Specifying the Subject of the Email and Requires From & To Address
16 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject"
$FromAddress = Read-Host "Enter from address of the Email Format user@domain.com"
$ToAddress = Read-Host "Enter To address of the Email Format user@domain.com"
$GetSubject = Read-Host "Enter the Subject"

$GetMailboxtoSendLog = Read-Host "Enter the Mailbox Alias to send the Generated Log"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject' -AND from:$FromAddress -AND to:$ToAddress" -Logonly -Targetmailbox "$GetMailboxtoSendLog" -Targetfolder "Inbox"

; break}
#17. Remove a Email with a Specific Subject from One Mailbox and Requires From & To Address
17 {

$GetAlias = Read-Host "Enter Alias of the User to Search for a Subject and Delete it"
$FromAddress = Read-Host "Enter from address of the Email Format user@domain.com"
$ToAddress = Read-Host "Enter To address of the Email Format user@domain.com"
$GetSubject = Read-Host "Enter the Subject"

search-mailbox -identity $GetAlias -searchquery "Subject:'$GetSubject' -AND from:$FromAddress -AND to:$ToAddress" -DeleteContent

; break}
#18. Remove a Email with a Specific Subject from all the Mailboxes in the Organization and Requires From & To Address
18 {

$GetSubject = Read-Host "Enter the Subject of the Email to Delete from the Entire Organization"
$FromAddress = Read-Host "Enter from address of the Email Format user@domain.com"
$ToAddress = Read-Host "Enter To address of the Email Format user@domain.com"
get-Mailbox | search-mailbox -searchquery "Subject:'$GetSubject' -AND from:$FromAddress -AND to:$ToAddress" -DeleteContent

; break}
Default {Write-Host "No matches found , Enter Options 1 to 18" -ForeGround "red"}
}

Download the Script

The post Discovery Search Simplified Script to Delete a Specific Email and other Tasks – Exchange 2010 & 2013 appeared first on CareExchange.in.

Mail flow Stopped to External in Queue – SMTP Relay to Active Directory Site

Intermittent Emails are not sent to External World.

Queue Error  –  “451 4.4.0 primary target IP address responded with “451 5.7.3 Cannot achieve Exchange Server authentication.”

Solution  –

Two Mailbox Servers in the Environment .

One of the Exchange Server IP was added to Relay Connectors of the other Exchange Server.
Eventually Breaking the Exchange Authentication . Causing Any email submitted to 2 mailbox server cannot transmit/pass it to the other Exchange server in the environment as its trying to communicate using the relay connector.

–

Removing the Exchange Server IP from the relay connector of the other exchange server . Restarting the Exchange Transport Service from the non-working Exchange server.

Bringing back the exchange server authentication to work. Mail flow came back to normal

The post Mail flow Stopped to External – SMTP Relay to Active Directory Site appeared first on CareExchange.in.

In some situations we have to Export all the Distribution group and all the members of it to a CSV file. There is no command let available to retrieve the distribution group and distribution group members in bulk. Pipe line won’t work in this case.

NEW

**** Export all the Distribution group and Distribution Group managers as well***

***Export all the Dynamic Distribution group and Dynamic Distribution Group managers as well***

DisplayName
Alias
RecipientType
Recipient OU
Primary SMTP address
Distribution Group
Distribution Group Primary SMTP address
Distribution Group Managers
Distribution Group OU

I have wrote a script which will make Exchange Administrators life Easy to export distribution group and its members.

.Requires -version 2 – Runs in Exchange Management Shell

.\DistributionGroupMemberReport.ps1 – It Can Display all the Distribution Group and its members on a List

Or It can Export to a CSV file

Download the Script

Browse the Shell to the Appropriate Location

Run it as above

Output of CSV file look like Below

You can add some more entries if required

Download the Script

How to use this Script for Office 365 – 

Local desktop . PowerShell – Run as Administrator

Make Sure your Execution Policy is set to RemoteSigned or Unrestricted

Set-ExecutionPolicy RemoteSigned

my Case its unrestricted.

To Get Execution Policy Status

Get-ExecutionPolicy

$UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session

Now Run the Script – It should work.

The post How to Export all distribution Group and All members of it (Exchange 2007 & Exchange 2010 & Exchange 2013) appeared first on CareExchange.in.

From Office365/Gmail fails to Exchange On-Premises

External to Internal Mails 550 Address unknown

Anti-spam Sophos UTM 9

NDR From Office 365 to Exchange 2010/2013/2016 On Premises –

NDR From Gmail to Exchange 2010/2013/2016 On Premises –

Delivery to the following recipient failed permanently:

user@careexchange.in
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain careexchange.in by mail.careexchange.in . [81.13.83.22].
The error that the other server returned was:
550 Address unknown
—– Original message —–
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:from:date:message-id:subject:to;
bh=dZ+ndmdI1p6cWqUcsfJgQOCj3fZJYQi48MT/FaXgX8g=;
b=Nk6rN0yWdwctAitjOJt8nmNInBfI7PcjXy2tf2DGL6MRVX4kvGcU6gOlhk3v3sxjBs
3+JD31IxI+m33333333333333333QJfJ4/YmonoDQrymlBLiL5ZWJfe0
kVuisrrnbws650cEA3NWgin2T8LFomQXsymcImucrndNAU2hJXn4ijIDDhNMKHHINKu3
33333333333333333333333333333333333/h37XFiPTX69
j4zuGUZie5lUu9XKpxCs/u/VVzr5DXJw8zkN9GuMFMXZgRFJxa8qUni67CQwqEfNfwUM
n9wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
bh=dZ+ndmdI1p6cWqUcsfJgQOCj3fZJYQi48MT/FaXgX8g=;
b=brbRKkaNqFja0Mn0H3333333333333j44FpKUYCgn1NHkIslBpQbA0QGZNdala
XJT6mqu8f9t2KlVy5OiN71vZ+XmY4ZxPUVNj5jb8LzbaklCO5TXU1RDjx8FqupA1lRLv
GObo/NW941kln+DwoXk9333333333333333+jBXvc1GeDPCUNBj9OWPUdfinOqe
sAD3FHfh35DETPskq1hYcl7X/zHfAnvLK6T4jqsWMo6e5NR89brdp0tdzTlT1IwAPT3G
rF/IecyK+uEHDF6lcHM8NG+yPN2EQ6prwAlIlSVZwvSlUC2R/7EHkN6xwbLoB6Dzr8l/
/5EQ==
X-Gm-Message-State: ABUngvfPYs55pDPkjNAB2zR/O8vG7A/uxJlTIuQRO9vgy8onWUUb8HXNwhPqasz4SZvmjCCXmeGrZk2C/JP9hg==
X-Received: by 10.31.107.135 with SMTP id k7mr8987043vki.119.1478625038433;
Tue, 08 Nov 2016 09:10:38 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.67.70 with HTTP; Tue, 8 Nov 2016 09:10:38 -0800 (PST)
From: user@gmail.com>
Date: Tue, 8 Nov 2016 09:10:38 -0800
Message-ID: <CAHHVjUVTJefrH-i33333333333333yLwvbAvZSLdiFWObg0KZ-98a3yYA@mail.gmail.com>
Subject: 22
To: user@careexchange.in
Content-Type: multipart/alternative; boundary=001a133307da0540cd38a3

Solution –

Disable Recipient Verification on Sophos UTM 9 Email Protection.

The post 550 Address unknown – Sophos UTM 9 appeared first on CareExchange.in.

Most Common Mistakes. On First Run – Admins – Run Azure Active Directory Sync and Choosing the whole domain/directory to sync.

And later realize they sync so much garbage accounts to Cloud.

Lets see how to cleanup this mess.

Open Azure Active Directory PowerShell.

Set-ADSyncScheduler –SyncCycleEnabled $False

Open Azure Synchronization Service Manager.

Right Click Properties.

Choose Containers –

Choose the OUs you need who has users and groups and computers which are running windows 10 to leverage azure feature sets

Now run a Full Import

Now you can see the Deletes –

if you see below error

Stopped-deletion-Threshold-exceeded.

Disable (Prevents accidental deletes) – Temporarily. use below command

Disable-ADSyncExportDeletionThreshold

Enabled it back (Prevents accidental deletes)

Enable-ADSyncExportDeletionThreshold

Enable Sync Scheduler Back.

Set-ADSyncScheduler –SyncCycleEnabled $True

The post Azure Active Directory Sync – Choose Specific OUs appeared first on CareExchange.in.

Lets see how to do Office 365 Hybrid Configuration Wizard Step by Step with Test Data Migration and see how to Manage Endpoints.

Making sure Exchange Server Running Latest CUs in my Case they are running Exchange Server 2013 Cumulative Update 13 (CU13) 15.0.1210.3

USE IE – Internet Explorer

Login to Exchange Control Panel – On Premises

Hybrid –  Enable

412 Cookies are Disabled

Make sure ECP , Office 365 Urls are added to Trusted Sites.

Download And Run the Hybrid Setup

Choose Next

Choose the Optimal Exchange Server

Or Specify the Exchange Client Access Server Manually. (Internet Facing Client Access Server)

uncheck – Use windows Credentials and enter it manually.

Enter On-Premises Credentials

Enter Office365 admin Creds.

Checks Local and Remote Connectivity.

Choose Full Hybrid Configuration.

Choose Configure my Client Access and mailbox servers for Secure Mail Transport (Typical)

Securing Email flow Using TLS transport layer certificates with On-Prem And Office 365 Servers.

Choose Servers to coexist mail between Office 365 and On-premises.

in my case . Both

Certificate Used are not there in all servers.

In my case . Both sites are in different countries. using different SSL Certs.

Exchange the certs between them by exporting as .pfx and import them(you can use Exchange Control Panel to export/import certs). Clicked Search Again. Chosen the certificate

Choose the Certificate for TLS (Transport Layer Security).

Enter the FQDN which has port 25 opened.

Its done.

Make sure 443 is opened and its the internet facing Client Access server.

Error :

2016.11.16 08:59:47.842 WARNING [Functionality=RunWorkflow]

HCW8078 Migration Endpoint could not be created.

Microsoft.Exchange.Migration.MigrationServerConnectionFailedException

The connection to the server ‘outlook.careexchange.in could not be completed.

Microsoft.Exchange.MailboxReplicationService.RemoteTransientException

The call to ‘https://outlook.careexchange.in/EWS/mrsproxy.svc’ failed. Error details: Access is denied..

Microsoft.Exchange.MailboxReplicationService.RemotePermanentException

Access is denied.

Solution – Once MRS Proxy is accessible

• Firewall Ports 443
• MRS proxy not enabled in Web services Virtual Directory.

Endpoints can be created manually using the office 365 console.

—

Now lets see how to Create a Endpoint and do a test migration

Office 365 Admin Console – Data Migration – Exchange

Choose Settings to Get your First Migration Endpoint Created.

Once Migration end point is Created

Choose Mailboxes – Assign License to mailbox and Start Migration

Once test mailbox is created.

Sample End Point Default Settings

Choose Migration to see status.

Choose Migration Endpoints to Manage Endpoints

Manage Migration Endpoints –

Co-existence Connectors can be Customized here below .

The post Office 365 Hybrid Configuration Wizard Step by Step appeared first on CareExchange.in.

Error: Mailbox Changes Failed to replicate . Database doesn’t satisfy the constraint second copy because commit time isn’t guaranteed by replication time.

• Verified NTP is fine,
• Time zones are fine.
• Verified all DAG members showing same time.
• They are in Same VLAN in same site. (In my Case its a three node DAG , 2 on primary , 1 on Second Site.)
• Database Replication seems to be healthy.
• Replication link seems to be healthy.

Even Smaller Mailboxes tend to fail with same error.

To workaround this error : We temporarily set DataMoveReplicationContraint to None

Set-mailboxdatabase DatabaseName -DataMoveReplicationContraint None

Mailboxes moved to new databases without any errors instantly.

The post Move Fail : Mailbox Changes Failed to Replicate appeared first on CareExchange.in.

Script Supports – Exchange 2007, 2010, 2013 , 2016 & Office 365

.\MailboxSizeReport.ps1 Created a Mailbox Size Report for Exchange 2010 and Exchange 2013.

It can Generate CSV, Display all and Display with Wild Card.

Download the Script

Download the Script

Example CSV –

Note: If the LastLogonTime Cell is empty. User hasn’t logged on yet.

Please feel free to add comments for additions or customizations.

For Office 365 Admins –

Connect to Office 365 Power shell – Before running the script

https://technet.microsoft.com/en-us/library/jj984289(v=exchg.160).aspx

<#

.Requires -version 2 - Runs in Exchange Management Shell

.SYNOPSIS
.\MailboxSizeReport.ps1 - It Can Display all the Mailbox Size with Item Count,Database,Server Details

Or It can Export to a CSV file

Or You can Enter WildCard to Display or Export
Example 1

[PS] C:\>.\MailboxSizeReport.ps1
Mailbox Size Report
----------------------------

1.Display in Exchange Management Shell

2.Export to CSV File

3.Enter the Mailbox Name with Wild Card (Export)

4.Enter the Mailbox Name with Wild Card (Display)

5.Export to CSV File (OFFICE 365)

6.Enter the Mailbox Name with Wild Card (Export) (OFFICE 365)

Choose The Task: 1

Display Name                  Primary SMTP address          TotalItemSize                 ItemCount
------------                  --------------------          -------------                 ---------
Tes433                        Tes433@Welcome.com
Test                          Test@testcareexchange.biz     335.9 KB (343,933 bytes)      40
Test X500                     TestX500@Testexchange.biz     6.544 KB (6,701 bytes)        3
Test100                       test100@testcareexchange.biz  40.74 KB (41,719 bytes)       7
Test22                        Test22@Testexchange.biz       60.04 KB (61,483 bytes)       7
Test3                         Test3@testcareexchange.biz    364.7 KB (373,503 bytes)      31
Test33                        Test332@testcareexchange.biz  93.34 KB (95,585 bytes)       6
Test33                        Test33@FSD.com                5.335 KB (5,463 bytes)        3
Test3331                      Test3331@Testexchange.biz     24.14 KB (24,720 bytes)       2
Test46                        Test46@testcareexchange.biz   254 KB (260,071 bytes)        21

Example 2

[PS] C:\>.\MailboxSizeReport.ps1
Mailbox Size Report
----------------------------

1.Display in Exchange Management Shell

2.Export to CSV File

3.Enter the Mailbox Name with Wild Card (Export)

4.Enter the Mailbox Name with Wild Card (Display)

5.Export to CSV File (OFFICE 365)

6.Enter the Mailbox Name with Wild Card (Export) (OFFICE 365)

Choose The Task: 2
Enter the Path of CSV file (Eg. C:\Report.csv): C:\MailboxReport.csv

.Author
Written By: Satheshwaran Manoharan

Change Log
V1.0, 10/08/2014 - Initial version

Change Log
V1.1, 05/12/2016 - ProgressBar,Seperate Office 365 Options, QuotaLimits,EmailAddresses

#>

Write-host "

Mailbox Size Report
----------------------------

1.Display in Exchange Management Shell

2.Export to CSV File

3.Enter the Mailbox Name with Wild Card (Export)

4.Enter the Mailbox Name with Wild Card (Display)

5.Export to CSV File (OFFICE 365)

6.Enter the Mailbox Name with Wild Card (Export) (OFFICE 365)"-ForeGround "Cyan"

#----------------
# Script
#----------------

Write-Host "               "

$number = Read-Host "Choose The Task"
$output = @()
switch ($number)
{

1 {

$AllMailbox = Get-mailbox -resultsize unlimited

Foreach($Mbx in $AllMailbox)

{

$Stats = Get-mailboxStatistics -Identity $Mbx.distinguishedname -WarningAction SilentlyContinue

$userObj = New-Object PSObject

$userObj | Add-Member NoteProperty -Name "Display Name" -Value $mbx.displayname
$userObj | Add-Member NoteProperty -Name "Primary SMTP address" -Value $mbx.PrimarySmtpAddress
$userObj | Add-Member NoteProperty -Name "TotalItemSize" -Value $Stats.TotalItemSize
$userObj | Add-Member NoteProperty -Name "ItemCount" -Value $Stats.ItemCount

Write-Output $Userobj

}

;Break}

2 {
$i = 0

$CSVfile = Read-Host "Enter the Path of CSV file (Eg. C:\Report.csv)"

$AllMailbox = Get-mailbox -resultsize unlimited

Foreach($Mbx in $AllMailbox)

{

$Stats = Get-mailboxStatistics -Identity $Mbx.distinguishedname -WarningAction SilentlyContinue

if ($Mbx.UseDatabaseQuotaDefaults -eq $true)
{
$ProhibitSendReceiveQuota = (Get-MailboxDatabase $mbx.Database).ProhibitSendReceiveQuota.Value.ToMB()
}
if ($Mbx.UseDatabaseQuotaDefaults -eq $false)
{
$ProhibitSendReceiveQuota = $Mbx.ProhibitSendReceiveQuota.Value.ToMB()
}

$userObj = New-Object PSObject

$userObj | Add-Member NoteProperty -Name "Display Name" -Value $mbx.displayname
$userObj | Add-Member NoteProperty -Name "Alias" -Value $Mbx.Alias
$userObj | Add-Member NoteProperty -Name "RecipientType" -Value $Mbx.RecipientType
$userObj | Add-Member NoteProperty -Name "Recipient OU" -Value $Mbx.OrganizationalUnit
$userObj | Add-Member NoteProperty -Name "Primary SMTP address" -Value $Mbx.PrimarySmtpAddress
$userObj | Add-Member NoteProperty -Name "Email Addresses" -Value ($Mbx.EmailAddresses.smtpaddress -join ";")
$userObj | Add-Member NoteProperty -Name "Database" -Value $mbx.Database
$userObj | Add-Member NoteProperty -Name "ServerName" -Value $mbx.ServerName
if($Stats)
{
$userObj | Add-Member NoteProperty -Name "TotalItemSize" -Value $Stats.TotalItemSize.Value.ToMB()
$userObj | Add-Member NoteProperty -Name "ItemCount" -Value $Stats.ItemCount
$userObj | Add-Member NoteProperty -Name "DeletedItemCount" -Value $Stats.DeletedItemCount
$userObj | Add-Member NoteProperty -Name "TotalDeletedItemSize" -Value $Stats.TotalDeletedItemSize.Value.ToMB()
}
$userObj | Add-Member NoteProperty -Name "ProhibitSendReceiveQuota-In-MB" -Value $ProhibitSendReceiveQuota
$userObj | Add-Member NoteProperty -Name "UseDatabaseQuotaDefaults" -Value $Mbx.UseDatabaseQuotaDefaults
$userObj | Add-Member NoteProperty -Name "LastLogonTime" -Value $Stats.LastLogonTime

$output += $UserObj
# Update Counters and Write Progress
$i++
Write-Progress -Activity "Scanning Mailboxes . . ." -Status "Scanned: $i of $($AllMailbox.Count)" -PercentComplete ($i/$AllMailbox.Count*100)
}
$output | Export-csv -Path $CSVfile -NoTypeInformation

;Break}

3 {
$i = 0
$CSVfile = Read-Host "Enter the Path of CSV file (Eg. C:\DG.csv)"

$MailboxName = Read-Host "Enter the Mailbox name or Range (Eg. Mailboxname , Mi*,*Mik)"

$AllMailbox = Get-mailbox $MailboxName -resultsize unlimited

Foreach($Mbx in $AllMailbox)

{

$Stats = Get-mailboxStatistics -Identity $Mbx.distinguishedname -WarningAction SilentlyContinue

if ($Mbx.UseDatabaseQuotaDefaults -eq $true)
{
$ProhibitSendReceiveQuota = (Get-MailboxDatabase $mbx.Database).ProhibitSendReceiveQuota.Value.ToMB()
}
if ($Mbx.UseDatabaseQuotaDefaults -eq $false)
{
$ProhibitSendReceiveQuota = $Mbx.ProhibitSendReceiveQuota.Value.ToMB()
}

$userObj = New-Object PSObject

$userObj | Add-Member NoteProperty -Name "Display Name" -Value $mbx.displayname
$userObj | Add-Member NoteProperty -Name "Alias" -Value $Mbx.Alias
$userObj | Add-Member NoteProperty -Name "RecipientType" -Value $Mbx.RecipientType
$userObj | Add-Member NoteProperty -Name "Recipient OU" -Value $Mbx.OrganizationalUnit
$userObj | Add-Member NoteProperty -Name "Primary SMTP address" -Value $Mbx.PrimarySmtpAddress
$userObj | Add-Member NoteProperty -Name "Email Addresses" -Value ($Mbx.EmailAddresses.smtpaddress -join ";")
$userObj | Add-Member NoteProperty -Name "Database" -Value $mbx.Database
$userObj | Add-Member NoteProperty -Name "ServerName" -Value $mbx.ServerName
if($Stats)
{
$userObj | Add-Member NoteProperty -Name "TotalItemSize" -Value $Stats.TotalItemSize.Value.ToMB()
$userObj | Add-Member NoteProperty -Name "ItemCount" -Value $Stats.ItemCount
$userObj | Add-Member NoteProperty -Name "DeletedItemCount" -Value $Stats.DeletedItemCount
$userObj | Add-Member NoteProperty -Name "TotalDeletedItemSize" -Value $Stats.TotalDeletedItemSize.Value.ToMB()
}
$userObj | Add-Member NoteProperty -Name "ProhibitSendReceiveQuota-In-MB" -Value $ProhibitSendReceiveQuota
$userObj | Add-Member NoteProperty -Name "UseDatabaseQuotaDefaults" -Value $Mbx.UseDatabaseQuotaDefaults
$userObj | Add-Member NoteProperty -Name "LastLogonTime" -Value $Stats.LastLogonTime

$output += $UserObj
# Update Counters and Write Progress
$i++
Write-Progress -Activity "Scanning Mailboxes . . ." -Status "Scanned: $i of $($AllMailbox.Count)" -PercentComplete ($i/$AllMailbox.Count*100)
}

$output | Export-csv -Path $CSVfile -NoTypeInformation

;Break}

4 {

$MailboxName = Read-Host "Enter the Mailbox name or Range (Eg. Mailboxname , Mi*,*Mik)"

$AllMailbox = Get-mailbox $MailboxName -resultsize unlimited

Foreach($Mbx in $AllMailbox)

{

$Stats = Get-mailboxStatistics -Identity $Mbx.distinguishedname -WarningAction SilentlyContinue

$userObj = New-Object PSObject

$userObj | Add-Member NoteProperty -Name "Display Name" -Value $mbx.displayname
$userObj | Add-Member NoteProperty -Name "Primary SMTP address" -Value $mbx.PrimarySmtpAddress
$userObj | Add-Member NoteProperty -Name "TotalItemSize" -Value $Stats.TotalItemSize
$userObj | Add-Member NoteProperty -Name "ItemCount" -Value $Stats.ItemCount

Write-Output $Userobj

}

;Break}

5 {
$i = 0
$CSVfile = Read-Host "Enter the Path of CSV file (Eg. C:\Report.csv)"

$AllMailbox = Get-mailbox -resultsize unlimited

Foreach($Mbx in $AllMailbox)

{

$Stats = Get-mailboxStatistics -Identity $Mbx.distinguishedname -WarningAction SilentlyContinue

$userObj = New-Object PSObject

$userObj | Add-Member NoteProperty -Name "Display Name" -Value $mbx.displayname
$userObj | Add-Member NoteProperty -Name "Alias" -Value $Mbx.Alias
$userObj | Add-Member NoteProperty -Name "RecipientType" -Value $Mbx.RecipientType
$userObj | Add-Member NoteProperty -Name "Recipient OU" -Value $Mbx.OrganizationalUnit
$userObj | Add-Member NoteProperty -Name "Primary SMTP address" -Value $Mbx.PrimarySmtpAddress
$userObj | Add-Member NoteProperty -Name "Email Addresses" -Value ($Mbx.EmailAddresses -join ";")
$userObj | Add-Member NoteProperty -Name "Database" -Value $Stats.Database
$userObj | Add-Member NoteProperty -Name "ServerName" -Value $Stats.ServerName
$userObj | Add-Member NoteProperty -Name "TotalItemSize" -Value $Stats.TotalItemSize
$userObj | Add-Member NoteProperty -Name "ItemCount" -Value $Stats.ItemCount
$userObj | Add-Member NoteProperty -Name "DeletedItemCount" -Value $Stats.DeletedItemCount
$userObj | Add-Member NoteProperty -Name "TotalDeletedItemSize" -Value $Stats.TotalDeletedItemSize
$userObj | Add-Member NoteProperty -Name "ProhibitSendReceiveQuota-In-MB" -Value $Mbx.ProhibitSendReceiveQuota
$userObj | Add-Member NoteProperty -Name "UseDatabaseQuotaDefaults" -Value $Mbx.UseDatabaseQuotaDefaults
$userObj | Add-Member NoteProperty -Name "LastLogonTime" -Value $Stats.LastLogonTime

$output += $UserObj
# Update Counters and Write Progress
$i++
Write-Progress -Activity "Scanning Mailboxes . . ." -Status "Scanned: $i of $($AllMailbox.Count)" -PercentComplete ($i/$AllMailbox.Count*100)
}

$output | Export-csv -Path $CSVfile -NoTypeInformation

;Break}

6 {
$i = 0
$CSVfile = Read-Host "Enter the Path of CSV file (Eg. C:\DG.csv)"

$MailboxName = Read-Host "Enter the Mailbox name or Range (Eg. Mailboxname , Mi*,*Mik)"

$AllMailbox = Get-mailbox $MailboxName -resultsize unlimited

Foreach($Mbx in $AllMailbox)

{

$Stats = Get-mailboxStatistics -Identity $Mbx.distinguishedname -WarningAction SilentlyContinue

$userObj = New-Object PSObject

$userObj | Add-Member NoteProperty -Name "Display Name" -Value $mbx.displayname
$userObj | Add-Member NoteProperty -Name "Alias" -Value $Mbx.Alias
$userObj | Add-Member NoteProperty -Name "RecipientType" -Value $Mbx.RecipientType
$userObj | Add-Member NoteProperty -Name "Recipient OU" -Value $Mbx.OrganizationalUnit
$userObj | Add-Member NoteProperty -Name "Primary SMTP address" -Value $Mbx.PrimarySmtpAddress
$userObj | Add-Member NoteProperty -Name "Email Addresses" -Value ($Mbx.EmailAddresses -join ";")
$userObj | Add-Member NoteProperty -Name "Database" -Value $Stats.Database
$userObj | Add-Member NoteProperty -Name "ServerName" -Value $Stats.ServerName
$userObj | Add-Member NoteProperty -Name "TotalItemSize" -Value $Stats.TotalItemSize
$userObj | Add-Member NoteProperty -Name "ItemCount" -Value $Stats.ItemCount
$userObj | Add-Member NoteProperty -Name "DeletedItemCount" -Value $Stats.DeletedItemCount
$userObj | Add-Member NoteProperty -Name "TotalDeletedItemSize" -Value $Stats.TotalDeletedItemSize
$userObj | Add-Member NoteProperty -Name "ProhibitSendReceiveQuota-In-MB" -Value $Mbx.ProhibitSendReceiveQuota
$userObj | Add-Member NoteProperty -Name "UseDatabaseQuotaDefaults" -Value $Mbx.UseDatabaseQuotaDefaults
$userObj | Add-Member NoteProperty -Name "LastLogonTime" -Value $Stats.LastLogonTime

$output += $UserObj
# Update Counters and Write Progress
$i++
Write-Progress -Activity "Scanning Mailboxes . . ." -Status "Scanned: $i of $($AllMailbox.Count)" -PercentComplete ($i/$AllMailbox.Count*100)
}

$output | Export-csv -Path $CSVfile -NoTypeInformation

;Break}

Default {Write-Host "No matches found , Enter Options 1 or 2" -ForeGround "red"}

}

The post .\MailboxSizeReport.ps1 for Exchange 2010/2013 appeared first on CareExchange.in.

Suddenly Outgoing mails stopped. with below error

Error : Exchange Toolbox – queue Viewer

4.4.0 Primary Target IP Address Responded with: “535 Authentication Credentials invalid.” Attempted to failover to alternate host, but that did not succeed. Either There are no Alternate hosts, or delivery failed to all alternative hosts.

Solution –  Smart Host Authentication  – Credentials were invalid

In Send Connector Properties . Smart host authentication password was changed. Had to Update the new password.

Without any service restart mail flow started flowing.

Optional – Restart Transport service to refresh.

The post 535 Authentication Credentials invalid on Outgoing mails appeared first on CareExchange.in.

something went wrong
We’re having trouble getting to your mailbox right now. Please refresh the page or try again later. If the problem continues, please contact your helpdesk.
X-ClientId: MOAG – DKFF – BDUB – 333

X-OWA-Error: Microsoft.Exchange.Data.Storage.MailboxOfflineException
X-OWA-Version: 15.0.1076.9
X-FEServer: EXCH01
X-BEServer: EXCH02
Date: 14/12/2016 05:57:00

Events Generated –

Log Name:      Application
Source:        MSExchange Control Panel
Date:          12/14/2016 12:02:46 PM
Event ID:      4
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EXCH02.careexchange.in
Description:
Current user: ‘careexchange.in/Microsoft Exchange System Objects/Monitoring Mailboxes/HealthMailbox0eba0829c21c4694b00335082686d519′
Request for URL ‘https://exch02.careexchange.in:444/ecp/default.aspx(https://exch02/ecp/)’ failed with the following error:
System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Management.ControlPanel.CanaryExtensions.CheckCanary15(HttpContext context, Boolean shouldRenew, String canaryName)
at Microsoft.Exchange.Management.ControlPanel.CanaryExtensions.CheckCanary(HttpContext context)
at Microsoft.Exchange.Management.ControlPanel.RbacModule.Application_PostAuthenticateRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at Microsoft.Exchange.Clients.Common.Canary15.Init(Byte[] userContextIdBinary, Byte[] timeStampBinary, String logonUniqueKey, Byte[] hashBinary, String logData)
at Microsoft.Exchange.Clients.Common.Canary15..ctor(String logonUniqueKey)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpCookie(HttpCookie cookie, String logonUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Clients.Common.Canary15Cookie.TryCreateFromHttpContext(HttpContext httpContext, String logOnUniqueKey, Canary15Profile profile)
at Microsoft.Exchange.Management.ControlPanel.CanaryExtensions.CheckCanary15(HttpContext context, Boolean shouldRenew, String canaryName)
at Microsoft.Exchange.Management.ControlPanel.CanaryExtensions.CheckCanary(HttpContext context)
at Microsoft.Exchange.Management.ControlPanel.RbacModule.Application_PostAuthenticateRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance, False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration, True],[Eac.AllowRemoteOnboardingMovesOnly, False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging, True],[Eac.CrossPremiseMigration, False],[Eac.DevicePolicyMgmtUI, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch, False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled, False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups, False],[Eac.Office365DIcon, False],[Eac.OrgIdADSeverSettings, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions, False],[Eac.UnifiedAuditPolicy, False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy, False],[Eac.UnlistedServices, False],],  Flights:[],  Constraints:[[LOC, EN-US],[MACHINE, EXCH02],[MODE, ENTERPRISE],[PROCESS, W3WP],[USER, HEALTHMAILBOX0EBA0829C21C4694B001F5082686D519@],[USERTYPE, BUSINESS],], IsGlobalSnapshot: False

Log Name:      Application
Source:        Windows Error Reporting
Date:          12/14/2016 12:09:15 PM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      EXCH01.careexchange.in
Description:
Fault bucket , type 0
Event Name: E12IIS
Response: Not available
Cab Id: 0

Problem signature:
P1: c-RTL-AMD64
P2: 15.00.1076.009
P3: w3wp#MSExchangeOWAAppPool
P4: M.E.Clients.Common
P5: M.E.C.C.Canary15.Init
P6: System.NullReferenceException
P7: 4058
P8: 15.00.1076.000
P9:
P10:

Attached files:
C:\Windows\Temp\981892be-0fdc-445f-9fc5-43a087f8408a\report.txt
C:\Windows\Temp\981892be-0fdc-445f-9fc5-43a087f8408a\report.xml

These files may be available here:
Analysis symbol:
Rechecking for solution: 0
Report Id: 98c251d8-c1d4-11e6-80e6-005056a13698
Report Status: 262144
Hashed bucket:

Log Name:      Application
Source:        MSExchange Common
Date:          12/14/2016 12:09:13 PM
Event ID:      4999
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EXCH01.careexchange.in
Description:
Watson report about to be sent for process id: 3436, with parameters: E12IIS, c-RTL-AMD64, 15.00.1076.009, w3wp#MSExchangeOWAAppPool, M.E.Clients.Common, M.E.C.C.Canary15.Init, System.NullReferenceException, 4058, 15.00.1076.000.
ErrorReportingEnabled: True

Solution –

Start – Run – Adsiedit.msc clear these values

CN=Client Access,CN=“Organization name”,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=“domain”

Took backup of those values.

Cleared below Attributes from Active Directory .

msExchCanaryData0

msExchCanaryData1

msExchCanaryData2

Recycled – OWA and ECP pool

It logged in Successfully.

The post HTTP 500 Error in OWA and ECP Something Went wrong appeared first on CareExchange.in.

We will see below topics in this article

• Install Certificate Authority on Windows Server 2016
• Configuring Certificate Authority on Windows Server 2016
• Assigning Certificate on Exchange Server 2016
• Assigning on Test Machine to see Certificate authority is working for Outlook Web Access

Step 1:

You need to have this role installed to have a  Certificate Authority

Preferred to be on Dedicated Server or on a Domain Controller.

Open Server Manager – Manage – Add Roles and Features

Step 2:

Choose : Active Directory Certificate Services

Choose Next

And Choose : Certification Authority Web Enrollment

Choose :

• Certification Authority
• Certification Authority Web Enrollment

Choose Install and Close

Step 3:

To Configure Active Directory Certificate Services – Choose the Exclamation Mark on the Flag

Configure Active Directory Certificate Services on the Destination Server

Choose Next

Choose

• Certificate Authority
• Certification Authority Web Enrollment

Choose Enterprise CA

• Enterprise CAs Must be domain members and are typically online to issue certificates or certificate policies.

Step 4:
Choose Root CA

Root CAs are the first and may be the only CAs Configured in a PKI Hierarchy.

Step 5:
Create a new Private key

Step 6:

• Use SHA256
• RSA#Microsoft Software Key Storage Provider
• Key Length – 2048

Step 7:

Click Next

Step 8:
By Default Certificate is valid for 5 years , Don’t make any changes on it , Click next

Step 9:

Specify Certificate Authority Default Database Locations

Click Configure

Choose Configure

We have successfully Installed and Configured – Certificate Authority on Windows Server 2016

Let us see how to Request a Create a Simple Cert from Internal Certificate Authority

Step 10:

Browse http://localhost/certsrv/

You would see a page below like this , Choose “Request a Certificate”

Step 11 –
Click on Advanced Certificate Request

Step 12:
Choose the Second one
Submit a certificate request by using a base-64-Encoded CMC

Step 13:

Now Copy the  Note pad Certificate Request Data – You have to generate a Certificate Request from the application. For example how we are doing in exchange server

http://www.careexchange.in/how-to-create-an-ssl-certificate-request-for-exchange-server-2013/

Or you can use https://www.digicert.com/util/

Example – Data Should be like below –

—–BEGIN NEW CERTIFICATE REQUEST—–
MIIEXDCCA0QCAQAwgYAxHTAbBgNVBAMMFGV4Y2gyMDE2LmNsb3VkaWQuYml6MRYw
FAYDVQQLDA1FeGNoYW5nZSBUZWFtMRUwEwYDVQQKDAxDYXJlRXhjaGFuZ2UxETAP
BgNVBAcMCE5ldyBZb3JrMRAwDgYDVQQIDAdOZXcgWW9yMQswCQYDVQQGEwJVUzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKXVbwTkx4zhUobUvODoSwf1
8b0ti+dQ/WAoJPHlcSTW4weE5vVwQZbjtTqRhHOAOFEDYDnwZhuU1fOjjro+B2B3
zMTlvq0x7JJPsA9Zc611p+slYeTs/pI8hT9Ud2FgbwE3veF5u2uVw6/lbZdA20yU
ZizIsCJkq9Qo2hLpMji3MB4eFRtyvd1eQpCJPnqseUdRVzfdSwN2zf0U7UQCzzG+
q7bL1Pb2jfjFlhr5xb9/RfpaR/U3TmVHjf3/u49mK1JOBuJwJQVCK/HBYHfMPOp6
VEjt8IVApclOE7tZcR3DjjyF73tHYfxUJp2HuVWml/UVemKIcSfVYOcGofNrF88C
AwEAAaCCAZQwGgYKKwYBBAGCNw0CAzEMFgo2LjIuOTIwMC4yMF8GCSsGAQQBgjcV
FDFSMFACAQUMFEVYQ0gyMDE2LkNsb3VkaWQuYml6DBFDTE9VRElEXEVYQ0gyMDE2
JAwiTWljcm9zb2Z0LkV4Y2hhbmdlLlNlcnZpY2VIb3N0LmV4ZTByBgorBgEEAYI3
DQICMWQwYgIBAR5aAE0AaQBjAHIAbwBzAG8AZgB0ACAAUgBTAEEAIABTAEMAaABh
AG4AbgBlAGwAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8AdgBp
AGQAZQByAwEAMIGgBgkqhkiG9w0BCQ4xgZIwgY8wDgYDVR0PAQH/BAQDAgWgMFAG
A1UdEQRJMEeCFGV4Y2gyMDE2LmNsb3VkaWQuYml6ghhBdXRvRGlzY292ZXIuQ2xv
dWRpZC5iaXqCCEVYQ0gyMDE2ggtDbG91ZGlkLmJpejAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBQWEHXi+M7zoQZ3FlnOeRqsRscG0jANBgkqhkiG9w0BAQUFAAOCAQEA
FlYjkXO1rxadJmNB9g9KEqWU7NlxC3UdX2zyqWwK06cDB3/k+ThKBiYE7uoiaais
YqlE6yoT3T09Nf+rihH8DfS+of14oMYQTKo9By9VdisD6R/iztY05StbVoSambRk
jnOohs1z4v3itufuEzQaqf8Q0Qu8w2xsVVRZx2t0SKfktPASqOzJZEIRS6egqELH
h9dkQBjsdOaTSsqapJXiHpMN53wxXNoztO6mWSVtPzgbfML0+NLT41ZBiIAMjyIj
ztp61S/7O5dfoR9St0cwzaxWSZ5XPriJzKfYQ3dRvl+j/e1gi/rJmw9IUyWGQ2qz
27HqRbsEa/LqFharKDjeBw==
—–END NEW CERTIFICATE REQUEST—–

SavedReqest – (NEW CERTIFICATE REQUEST Data like above)
Choose Template : WebServer

Choose Submit

Step 14:
Choose “Base 64 encoded”

Download Certificate

Step 15:
Save the Certificate – should be .cer extension

–

Lets how we are applying on Exchange 2016 for Example

Copied my Request .CER File generated from CA to the Exchange and using it.

Shows Certificate Invalid.

Lets see why.

1 – Start – MMC –FILE – Add/Remove Snap-In

2 – choose certificates – Add

3 – Computer Account

4 – Local Computer

5 – Expand Personal – Certificates / Expand Trusted Root Authorities Certificates

Now Login to Root CA Server and Export the Root CA.

Now login to Exchange Server Import the export cert.

Now Certificates looking ok

Make sure you Assign the Certificate for IIS in Exchange Control Panel.

Now you can see things are fine locally on Exchange 2016 server –

– Lets see how we can use on Desktop

First Login to Exchange Server MMC and Export the Certificate with all the certificate path into a PFX file.

Now we have the PFX File Exported.

Open MMC and Import or Install PFX Desktop.

Now browsing the URL –

The post Install and Configure Certificate Authority in Windows Server 2016 appeared first on CareExchange.in.

Lets see what are the Public DNS records we need to Configure for Exchange 2013/Exchange 2016  (Client Access / mail flow / Autodiscover)

Create A record – Mail.CareExchange.in

and point to the Exchange 2013 Server or Exchange 2016 Server .

If the server is load balanced – You will have to point to the VIP (Virtual IP of the load balancer)

Which will be the internet facing server  for your Webmail and all other URLs

Create a A Record – autodiscover.careexchange.in

and point to the Exchange 2013 Server or Exchange 2016 Server .

If the server is load balanced – You will have to point to the VIP (Virtual IP of the load balancer)

Which will be the internet facing server  for your Webmail and all other URLs

Which will serve your outlook and Active Sync phones to send configuration settings automatically.

Create a MX record – and point to the A record you created above for small businesses

Which will serve your mail flow

if you are going to use any Cloud based anti – spam or Anti-Spam Appliances . you will have to point it to their DNS Records or your Anti-spam Appliances.

Required Public IPs – 1

Required Public IPs with One Anti-Spam Server – 2

Ports need to be Opened on the firewall

Ports for HTTPS – 443

Port for Mail flow – 25

POP3 – port 110

IMAP – port 143

SMTP – port 25

HTTP – port 80

Secure IMAP (IMAP4-SSL) – port 585

IMAP4 over SSL (IMAPS) – port 993

Secure POP3 (SSL-POP) – port 995

Secure SMTP (SSMTP) – port 465 | Exchange specifically does not support SMTPS (implicit TLS)

Updated – Download as Excel Sheet

Note :

If you want to Split Mail flow and Outlook Web App URL. you can also do that .

You can have outlook web app and other URL’s has mail.careexchange.in

and for mail flow you can have mx.careexchange.in

by doing this – the advantage you can re route your mail flow anytime without disturbing anything .

For Reference :

Lets see a practical scenario on create DNS records with one of the public DNS providers

HOST A records – mail.testcareexchange.biz

HOST A records – autodiscover.careexchange.biz

MX Records – Testcareexchange.biz

Note : Mail is delivered to the mail exchange server with the lowest preference number (highest priority)

Thank you .

Hope the article was informative

The post Configuring Public DNS and MX records for exchange 2013 appeared first on CareExchange.in.