Exchange Server

Exchange 2010 OAB GAL not updating

0
1 month ago
in

After migrating from Exchange 2007 to 2010 and running co-existance for a bit, users noticed that their GAL was missing new addresses.

 

Trying to download the Address Book: Produces an Outlook client error 0×80200049 The operation failed.

You will notice that the OAB / GAL in cached mode is out of date, but the OAB / GAL in online mode is correct.

Note: This article assumes you have already created a Public folder database on Exchange 2010.

 

HOW TO FIX THIS

First check that your databases are pointing to the correct 2010 server for Default public folder database and Offline address book.

 

In EMC

Organization Configuration > Mailbox > Database Management tab > Properties on a DB > Client Settings tab

 

In Windows Explorer

Delete all files/directories INSIDE but not the directories themselves:

C:\Program Files\Microsoft\Exchange Server\V14\ExchangeOAB

C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\OAB

 

In EMC

Server Configuration > Client Access > select SERVER > In action pane: Reset Virtual Directory…

Browse… > select OAB (Default Web Site) and click OK.

Click Next, when prompted choose Yes to All and choose Finish when complete.

Wait 30 sec for AD to replicate the changes.

 

In a command prompt

iisreset (/noforce is optional, MS support never had me use it)

 

In Exchange Management Shell

Set-OABVirtualDirectory -Identity “OAB (Default Web Site)” -RequireSSL $true -ExternalURL “https://exchange.contoso.com/OAB”

Get-OABVirtualDirectory |fl

Verify your InternalURL (http) and ExternalURL (https) and RequireSSL True

 

In EMC

Organization Configuration > Mailbox > Offline Address Book tab > Properties on Default Offline Address Book > Distribution tab > Enable Web-based distribution > Add… > Choose your OAB on Exchange 2010 > Apply/OK

Right-click Default Offline Address Book > Update > Yes

 

In Services MMC

Restart the service: Microsoft Exchange File Distribution

(This will populate the OAB guid in C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\OAB)

 

In a command prompt

iisreset (/noforce is optional, again MS support never had me use it)

 

Here is this entire documentation in PDF format with screenshots to help.

BlackBerry Enterprise Server MAPI initialization error

4
8 months ago
in

While upgrading from BlackBerry Enterprise Server Express 5.0.2 to 5.0.3, I ran into one issue. After the setup-based server reboot, you will log back in and the installation continues. It is at this point that MAPI is used to finalize the communication to the Exchange server.

Things seemed to be going just fine until the following popped up:

Fortunately, a quick search on the BlackBerry forums helped me resolve my problem. To avoid confusion for end users, I had hidden the BESAdmin account from the Exchange address list. This prevents the MAPI from thinking configuration is okay.

 

Error: The setup application could not initialize the Microsoft Exchange Server MAPI client.

Resolution: In the Exchange Management Console, (Uncheck) Hide from Exchange address lists for the BESAdmin user account.

BlackBerry Enterprise Server Express 5.0.2 MR1 documentation corrections

1
1 year ago
in

There were a few documentation issues I noticed for this update. They are as follows:

It says that you should have version 5.0.2 (Bundle 36), however it should be at version 5.0.2 (Bundle 14).

Also when you are done with the update the documentation claims that you will be at 5.0.2 (Bundle 51). This too is incorrect and it should be 5.0.2 (Bundle 25)

Before you apply the update be sure to stop the services in the proper order (for BES or BES Express):

  • BOTH BlackBerry Administration Service services
  • BlackBerry Mail Store Service
  • BlackBerry MDS Integration Service
  • BlackBerry Instant Messaging Connector
  • BlackBerry MDS Connection Service
  • BlackBerry Dispatcher
  • BlackBerry Attachment Service
  • BlackBerry Controller
  • all of the remaining BlackBerry Enterprise Server services

If I had to guess, maybe the bundle versions were from the full version instead of express.

Change expired passwords in OWA 2007

0
1 year ago
in

This is mainly for admins running Exchange Server 2007 SP3 installed on Windows Server 2003 with IIS 6 (see PDF). If you are running Exchange 2007 SP3 on Windows Server 2008 with IIS 7, things are a lot easier and you will just need to review this documentation and make the simple registry change as mentioned further below:

Windows Server 2003 with IIS 6

  • In a command prompt: cd C:\inetpub\AdminScripts
  • Run cscript.exe adsutil.vbs set w3svc/passwordchangeflag 0 (use a 0 for usage with an SSL cert….read here for more info. The hotfix is not needed for Server 2003 SP1 or newer)
  • Next, in IIS Manager right-click on Default Web Site and run the Wizard to create the new virtual directory IISADMPWD. Point it to C:\Windows\System32\Inetsrv\Iisadmpwd and give it Read and Run Scripts permissions only.
  • Now select the Properties for this new virtual directory and set the application pool to MSExchangeOWAAppPool. The directory security settings do NOT need to be adjusted.
  • Finally, while still in IIS Manager, go to Web Service Extensions and Allow Active Server Pages.

IISReset /noforce (if that doesn’t run in the 1 minute time frame, just issue a plain IISReset)

Downloadable PDF directions with a couple screen shots

Windows Server 2008 or newer with IIS 7

  • Regedit > HLKM\SYSTEM\CurrentControlSet\Services\MSExchange OWA
  • Create a DWORD value called: ChangeExpiredPasswordEnabled and give it a value of 1
  • IISReset /noforce (if that doesn’t run in the 1 minute time frame, just issue a plain IISReset)

Best Practices for Exchange Folder Assistant and Online Maintenance Schedules

0
1 year ago
in

A good Exchange administrator will want to take note of three main blocks of time: Online Maintenance, (MRM) Folder Assistant Schedule, and the Backup Window. According to Microsoft best practices you should not let any of these overlap each other, and you should leave at least a 15 minute gap in between each task. Suggested online maintenance interval: Each database should get maintenance once every 2 weeks.

Depending on how many users your server has and the hours your business operates, your configuration may vary. Example: In an environment with 250 mailboxes on 7 storage groups, I would try to have the folder assistant go first, then run a backup in the evening, and finish with online maintenance all through the night until office hours resume. Don’t forget to leave at least 15 minutes between online maintenance of each storage group’s database.

One thing to keep in mind for online maintenance is that database check-summing is not enabled by default. It is important that this is enabled and that you monitor your Event Viewer to make sure that the databases are in good health. Backup your registry and visit the following TechNet article on how to enable this important feature. Also, if your environment needs to adhere to strict security requirements regarding the deletion of email after retention periods, you should also enable database page zeroing. To gauge the time needed for these scans, refer to Event Viewer.

In regards to Messaging Records Management (retention policies) you will want it to run as often as your legal needs requires it to. A simple policy might aid users in purging emails in the Deleted Items folder after 30 days of being moved there. Another folder that can get out of control is the Sent Items. For some companies a 6 month retention of sent emails is a safe buffer. MRM can keep Outlook’s offline file in check, via size, and can improve users’ experience by performing automatic purging of old content. It is imperative to have an email policy that mentions retention rules, testing guidelines, and procedures involving legal discovery.

To quickly enable MRM to run daily on your server input the following into the Shell:

Set-MailboxServer -Identity MailServerNameHere -ManagedFolderAssistantSchedule “Mon.16:15-Mon.19:45″,”Tue.16:15-Tue.19:45″,”Wed.16:15-Wed.19:45″,”Thu.16:15-Thu.19:45″,”Fri.16:15-Fri.19:45″,”Sat.16:15-Sat.19:45″,”Sun.16:15-Sun.19:45″

This easily applies to small businesses. Those of you maintaining much larger deployments these areas become troubling sometimes.  High availability most definitely will come into play but that is for a later discussion.

Switching users over to a fresh BlackBerry Enterprise Server Express install

5
1 year ago
in

So you have done your research and you have decided to move towards using the BlackBerry Enterprise Server Express edition. Can you run a BlackBerry Enterprise Server along side a BlackBerry Enterprise Server Express edition on the same domain?  This is not supported by RIM… but it does work.  For my scenario I just had 100 users. The transporter tool does not work either, so this is a manual process- I am told this is because the database schemas are different between the two versions.  So I am not going to be saving the users personal settings, at the end of the day I just want their contacts and emails to sync again.  The resetting of the filters, time zone, and other personal preferences is not a big deal at the end of the day.  After-all, we are going to save money both on licensing and monthly phone bills, since we don’t really need to have the BES data plan.

To begin we needed to add our users from one BES to a BES Express (BESX we’ll say). I ended up making the switch before switching their phones over from a BES plan to a BIS just to make my life a lot easier. OTA activations are handy, no arguing that fact.

I will now ask that you have followed RIM’s documentation on installing BESX, so I can keep this post brief. The following steps need to be performed to add users to the new database. You cannot share db’s.

To start with I need to export my users on my BES and import their info on the BESX. On the current BES perform the following:

  • User -> Manage Users -> Search
  • Scroll to the bottom click Manage multiple users
  • Click Select all results on all pages
  • Click Export user then click Download file and save UsersData.csv to your Desktop (all we need from this file is the list of email addresses)

At this point we need to format the file so that we can import the users into our new BESX server:

  • Format the UsersData.csv by adding these column headings and populating it to your liking: ( Email Address | SRP ID | Activation Password Operation | Activation Password | Activation Password Expiry )
  • The Activation Password Operation field can either be: generate or specify
  • Activation Expiry is in hours. I used 48
  • Remove the BESAdmin user from your .csv or whatever ID you use to manage your server
  • Also the SRP ID is also known as the Serial Number. You received this info when signing up for the BESX

Assuming your BESX is installed we will head over to that server and import the users:

  • User -> Create a user
  • Import new users -> Browse… to the Data source file UsersData.csv that you modified
  • Click Continue

If all goes well then your users are now being emailed their activation info for them to activate over the air.  It is also at this point your users might see an error message pop up about an IT policy issue.  That is because they need to wipe their phones and activate on the new server to grab it’s IT policies. If they have BIS accounts they will have to authenticate with their Active Directory credentials to https://besxhostname.yourdomain:3443/webdesktop/login and activate their phones via a USB cable. Note: They will need administrative privileges to install the ActiveX module or you can use a GPO and push it out for them…see the install guide.

Overall this is not a difficult process. Just be prepared to hear grief from your users about their settings. I was under the gun and didn’t have much time as we wanted to get our plan changes done by our next billing date. You might have more time and could mention to your users to backup their BlackBerry Messenger contacts to their Media Cards as a handy hint. In the end it is very much like installing a BES for the first time with the exception that you don’t have to figure out which users you need to create one at a time.  You have an existing server’s user list, as a cheat sheet to import into the BESX. Our 100 users were able to complete this process over a weekend.

Here is a template of how I instructed my users to redo their Enterprise Activation

Palm Pre stops receiving emails via ActiveSync

0
2 years ago
in ,

Every now and again I get a call from a Palm Pre user who is no longer receiving emails.  They explain that they pull the battery and hope for the best, but no dice. The next step on my end is to see if there are any errors showing up in the server logs. So as an Exchange administrator I have the ability to peak into Event Viewer and see what the issue is.

The error:

MSExchange ActiveSync

Event ID 1008

An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization.

The fix:

The only successful way to get emails going is to have the user remove the email account from the Pre and re-add it.

Search for and delete emails in Exchange 2007 mailboxes using PowerShell

0
2 years ago
in

Export-Mailbox: Search for and delete emails in Exchange 2007 mailboxes using PowerShell

Have you haver had someone in your organization accidentally send out information that requires you to do damage control? How about a virus or spam that was emailed to all your users? This can also come in handy when searching for emails for  litigation purposes.
Well Exchange Server 2007 has a handy commandlet to save the day: Export-Mailbox

Requirements: 32-bit computer with Outlook 2007 (supports larger exports than 2003) and Microsoft Exchange Server 2007 Management Tools (32-Bit)

Exchanger Server 2007 SP1 syntax:

Across all mailboxes

Get-Mailbox -Server EXCHSVR01 | Add-MailboxPermission -User Admin01 -AccessRights Fullaccess -InheritanceType all
Get-Mailbox -Server EXCHSVR01 | Export-Mailbox -SubjectKeywords “Confidential reports” -StartDate “06/09/2009″ -DeleteContent

For just certain mailboxes

Get-Mailbox -Identity ktaber | Add-MailboxPermission -User Admin01 -AccessRights Fullaccess -InheritanceType all
Get-Mailbox -Identity ktaber | Export-Mailbox -SubjectKeywords “Confidential reports” -StartDate “06/09/2009″ -DeleteContent

After running the command the messages will disappear from Outlook immediately.

To see more parameters and examples please visit: http://technet.microsoft.com/en-us/library/aa998579.aspx

To see the log of what your export did, peek inside <ExchangeRoot>\Logging\MigrationLogs\.

Exchange Server 2007 ActiveSync for the Palm Pre

0
2 years ago
in ,

So you just got the new Palm Pre and you are wanting to get it syncing with your Exchange 2007 server; that’s easy! The only port you need open for ActiveSync direct push is: TCP 443 https. By default ActiveSync is enabled for all users’ mailboxes but it can’t hurt to double check. More often than not you are probably using OWA and therefore your firewall ACL should already be allowing the capability for your Palm Pre to sync.

When testing your Palm Pre to see if it is receiving emails, take into account your Outlook rules. If you have a rule that handles emails from certain addresses to be moved to a folder other than your Inbox, then on your Palm Pre you will have to first click the folder to see the email. This is just my first go at this but it seems like only the Inbox folder updates automatically. If I find out how to make messages in other folders appear automatically I will update this post.

MORE INFO: http://technet.microsoft.com/en-us/library/aa998010.aspx

Go to Top