Category: Exchange 2010

Exchange 2010

Update Rollup 4 for Exchange Server 2010 SP2

Update Rollup 4 for Exchange Server 2010 SP2 resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:

2536846 Email messages sent to a mail-enabled public folder may be queued in a delivery queue on the Hub Transport server in an Exchange Server 2010 environment

2632409 Sent item is copied to the Sent Items folder of the wrong mailbox in an Exchange Server 2010 environment when a user is granted the Send As permission

2637915 "550 5.7.1" NDR when an email message is sent between tenant organizations in a multi-tenant Exchange Server 2010 environment

2677727 MRM cannot process retention policies on a cloud-based archive mailbox if the primary mailbox is in an on-premises Exchange Server 2010 organization

2685001 Retention policies do not work for the Calendar and Tasks folders in an Exchange Server 2010 SP1 environment

2686540 Journal report is not delivered to a journaling mailbox in an Exchange Server 2010 environment

2689025 Performance issues when you use the light version of Outlook Web App in an Exchange Server 2010 environment

2698571 Some email messages are not delivered when you set the MessageRateLimit parameter in a throttling policy in an Exchange Server 2010 environment

2698899 Add-ADPermission cmdlet together with a DomainController parameter fails in an Exchange Server 2010 environment

2700172 Recipient’s email address is resolved incorrectly to a contact’s email address in an Exchange Server 2010 environment

2701162 User A that is granted the Full Access permission to User B’s mailbox cannot see detailed free/busy information for User B in an Exchange Server 2010 environment

2701624 ItemSubject field is empty when you run the Search-MailboxAuditLog cmdlet together with the ShowDetails parameter in an Exchange Server 2010 environment

2702963 The "Open Message In Conflict" button is not available in the conflict notification message in Exchange Server 2010

2707242 The Exchange Information Store service stops responding on an Exchange Server 2010 server

2709014 EdgeTransport.exe process crashes intermittently on an Exchange Server 2010 server

2709935 EdgeTransport.exe process repeatedly crashes on an Exchange Server 2010 server

2713339 Multi-Mailbox Search feature returns incorrect results when you perform a complex discovery search in an Exchange Server 2010 environment

2713371 Throttling policy throttles all EWS applications in Exchange Server 2010

2719894 The Microsoft Exchange RPC Client Access service consumes 100 percent of CPU resources and stops responding on an Exchange Server 2010 Client Access server

2723383 Incorrect time zone in a notification when the Resource Booking Attendant declines a meeting request from a user in a different time zone in an Exchange Server 2010 environment

2724188 A subject that contains colons is truncated in a mixed Exchange Server 2003 and Exchange Server 2010 environment

726897 Event 14035 or Event 1006 is logged when Admin sessions are exhausted in an Exchange Server 2010 environment

Update Rollup 4 for Exchange Server 2010 SP2 also resolves the issue that is described in Microsoft Security Bulletin MS12-058.
For more information about Security Bulletin MS12-058, click the following article number to view the article in the Microsoft Knowledge Base:

2740358 MS12-058: Vulnerability in Microsoft Exchange Server WebReady document viewing could allow remote code execution: August 14, 2012

Download

Kemp Exchange 2010 Templates

Kemp released Exchange 2010 Templates witch makes configure a Kemp Loadmaster easier

Microsoft® Exchange 2010 Templates

Core services: MAPI, SMTP and Unified HTTP/HTTPS
Extended services: Per-service HTTP/HTTPS
Additional Services: POP, IMAP and SMTP

Ward 06-07-2012: Fixed Links

Rollup 3 for Exchange Server 2010 Service Pack 2

The Exchange team released Rollup 3 for Exchange Server 2010 Service Pack 2.

The list of bug fixes that I found the most interesting:

  • 2510607  "Cannot open the free/busy information" error message when you try to view folder permissions in Outlook
  • 2586828 The EdgeTransport.exe process consumes 100 percent of CPU resources on an Exchange Server 2010 Edge Transport server
  • 2633043 "There were no writeable domain controllers found in Active Directory site" error message when you run the ExBPA tool in an Exchange Server 2010 organization
  • 2647396  You cannot disable a public folder by using the "Disable-MailPublicFolder" cmdlet in an Exchange Server 2010 environment
  • 2667120 MSExchangeAutodiscoverAppPool application pool crashes on an Exchange Server 2010 Client Access server when you try to view the free/busy information about a user in a trusted domain
  • 2671128  RPC Client Access Cross-Site connectivity issues occur in an Exchange Server 2010 environment
  • 2674185 MAPI_E_CALL_FAILED errors occur when a MAPI application that uses the MAPI function in Outlook 2007 MAPI or in Outlook 2010 tries to access an Exchange Server 2010 server
  • 2674445 cannot change the access permissions of a Calendar folder in an Exchange Server 2010 environment
  • 2682047 You cannot access a mailbox for several hours after you disconnect and then reconnect the mailbox in an Exchange Server 2010 SP2 environment
  • 2695836 You cannot move a mailbox in an Exchange Server 2010 environment that has a message size limit configured
  • 2698960 You cannot move some users’ mailboxes from one Exchange Server 2010 mailbox database to another
  • 2705647 A user cannot log on to a mailbox that is full by using Outlook Web App in an Exchange Server 2010 environment
  • 2706523 You cannot create a mailbox or mail-enable a mailbox for a disabled user account in an Exchange Server 2010 environment.

See KB2685289 Description of Update Rollup 3 for Exchange Server 2010 Service Pack 2 for full info.

Download File: Rollup 3 for Exchange Server 2010 Service Pack 2

Exchange 2010 Service Pack 2 Language Pack Available for Download

Exchange Team released the newest version of the Exchange 2010 language pack and that it is available for download here.

This language pack resolves three key issues some customers have experienced;

  • Events being logged in the application log for any user not using en-us as their chosen language after installing SP2 RU1.
  • A wording error in the German version of OWA
  • A wording error in the Dutch version of OWA

Note that Exchange 2010 Service Pack 2 included the full language pack, and if you are not experiencing the problems or have not installed any language packs post SP2 you do not need to apply this language

Unable to open PST file with mailbox import/export request

When you do a import or export request using the New-MailboxExportRequest or New-MailboxImportRequest CMDlet in Exchange 2010. It gave me an error.

Unable to open PST file ‘\\Server\Exports\Test.pst’. Error details: Access to the path ‘\\ExServer1\Imports\Test1.pst’ is denied.;

Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: Access to the path ‘\\Server\Exports\Test.pst’ is denied.

The Mailbox Replication Server (MRS) is running as LocalSystem it can’t access a network share. By adding the Exchange Trusted Subsystem group to the share permissions you will give the LocalSystem account and therefore MRS access to the share.

Increasing simultaneously number of Mailbox moves in Exchange 2010

Sometimes we want to minimize the time required to move all the current mailboxes available on Exchange 2003 / 2007 to Exchange 2010, and for configuring your Exchange 2010 to process high number of mailboxes move simultaneously, we need to change the default configuration, which described as follows:

1. Go to all Exchange 2010 CAS Servers, open the below file in notepad or any file editor:
X:\Program Files\Microsoft\Exchange Server\V1\Bin\MSExchangeMailboxReplication.exe.config

2. Change the below values:

MaxActiveMovesPerSourceMDB = “25″

MaxActiveMovesPerTargetMDB = “25″

MaxActiveMovesPerTargetServer = “25″

3. Save the file and restart the “Microsoft Exchange Replication” service.

Update Rollup 2 for Exchange Server 2010 SP2

The Exchange CXP team released Update Rollup 2 for Exchange Server 2010 SP2.

This update contains a number of customer-reported and internally found issues since the release of SP2 RU1. See KB2661854: Description of Update Rollup 2 for Exchange Server 2010 Service Pack 2 for more details.

Note: Some of the following KB articles may not be available at the time of publishing this post.

The most important fixes:

  • KB2696913 You cannot log on to Outlook Web App when a proxy is set up in an Exchange Server 2010 environment
  • KB2688667 High CPU in W3WP when processing recurrence items who fall on DST cutover
  • KB2592398 PR_INTERNET_MESSAGE_ID is the same on messages resent by Outlook
  • KB2630808 EwsAllowMacOutlook Setting Not Honored
  • KB2661277 Android/Iphones stuck with 451 during Cross forest proxy in datacenter
  • KB2678414 Contact name doesn’t display company if name fields are left blank

Note that this fix will not cause the CAS to CAS OWA proxying incompatibility with Exchange 2007 as discussed here. No additional updates are required on Exchange 2007 for proxying to work once Exchange 2010 SP2 RU2 is installed.

Note for Forefront Protection for Exchange users:

Before installing the update, disable ForeFront by using this command: fscutility /disable. After installing the update, re-enable ForeFront by running fscutility /enable.

What is the best way to migrate PDA’s or Tablets from a legacy version of Exchange to Exchange 2010.

Microsoft released November 2010 a great document: Publishing Exchange Server 2010 with Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010.

One thing that I misted in that document: What is the best way to migrate PDA’s or Tablets from a legacy version of Exchange to Exchange 2010.

In most cases you wil use TMG als a firewall. Between the Internet and your internal Network.

Some weeks ago I did a Exchange 2010 migration en I don’t wanted a big bang scenario.

But I had the all the sort of phone’s that are on the marked today (Iphone, Android, Windows Phone 7.5 and some Windows Mobile phones and all so Ipad’s)

The First thing what is asked my self when design the new infrastructure.

Domain Joining Forefront TMG or Leaving in a Workgroup

In most organizations, the decision whether to domain join the server hosting Forefront TMG your production domain may be one of the most important parts of the deployment.

Forefront TMG deployments are more complex to discuss because Forefront TMG is considered a firewall and can protect the network edge. Domain joining Forefront TMG offers many advantages: it allows certificate based authentication to be used at Forefront TMG, using Kerberos Constrained Delegation to communicate to Exchange; it allows easy use of Active Directory groups and user objects in publishing rules to restrict access; and it provides other benefits. If your are not sure to domain join Forefront TMG, see Debunking the Myth that the ISA Firewall Should Not be a Domain Member.

I thinks that the best practice is to domain join TMG. Because is makes your live a lot easier.

First I created a Exchange 2010 group in the Active Directory.

Second you make the Exchange 2010 group available in TMG

Third you make four rules 2 for Exchange 2010 (OWA & ActiveSync) and 2 for your legacy server of servers (OWA & ActiveSync)

Fourth makes sure that the Exchange 2010 rules are above the legacy rules.

Fith: You change on the Exchange 2010 rules the all authenticated users to Exchange 2010. (After the migration you delete the legacy rules and change on the 2010 rules the Exchange 2010 back to all authenticated users).

pdasync2010pic2

Sixth: When you do a mailbox move you puth the user in de Exchange 2010 group.
Why you thing. When the user is in the Exchange 2010 group the PDA wil use the Exchange 2010 rule. When there user is not in the Exchange 2010 group the legacy rule will do the trick.

I migrated at this way about 300 users with random pda’s and tablets with no downtime at all Knipogende emoticon

Screenshot from the TMG rules.
 pdasync2010pic1

Load Balancing Exchange 2010 Client Access Servers using an Hardware Load Balancer Solution (Kemp)

At first you need to create a casarray on Exchange 2010 Server or Servers.

Configuring Client Access Array for Exchange 2010

If you want more info about Casarray and how it works read: Exploring Exchange 2010 RPC Client Access service & Demystifying the CAS Array Object – Part 1 & Demystifying the CAS Array Object – Part 2

Second: Configure Virtual Directories
Set Exchange 2010 Virtual Directories

Third: You set static RPC ports on your Client Access Server
Exchange 2010: Setting Static RPC ports when using a Kemp LoadMaster

Fourth: you register in DNS your casarray name and autodiscover name on a new “virtual” IP address.

Fifth: You configure the Kemp loadbalacers as descriptind in: LoadMaster Deployment Guide for MS Exchange 2010 with the new “virtual” IP address.

When you are done you have 6 Virtual Services
kemp1

When a hardware load balancer based CAS array has been properly configured, all servers in the array are represented by a single virtual IP (VIP) address and a fully qualified domain name (FQDN). When a client request comes in, it will be sent to an Exchange 2010 CAS server in the CAS array using DNS round robin distribution method.

Set Exchange 2010 Virtual Directories

With the following following powershell commands you set al the Exchange 2010 virtual directories

Set-ClientAccessServer -Identity ward-ex2010 -AutoDiscoverServiceInternalUri https://casarray.hyperv.local/Autodiscover/Autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "ward-ex2010\EWS (Default Web Site)"-ExternalUrl "https://webmail.wardvissers.nl/ews/exchange.asmx" -InternalUrl "https://casarray.hyperv.local/ews/exchange.asmx"

Set-OABVirtualDirectory -Identity "ward-ex2010\oab (Default Web Site)" -InternalUrl http://casarray.hyperv.local/oab -ExternalUrl https://webmail.wardvissers.nl/oab

Enable-OutlookAnywhere -Server ward-ex2010 -ExternalHostname "webmail.wardvissers.nl" -ClientAuthenticationMethod "Basic" -SSLOffloading:$False

Set-ActiveSyncVirtualDirectory -Identity "ward-ex2010\Microsoft-Server-ActiveSync (Default Web Site)" -InternalURL https://casarray.hyperv.local/Microsoft-Server-Activesync -ExternalURL https://webmail.wardvissers.nl/Microsoft-Server-Activesync

Set-ECPVirtualDirectory –Identity "ward-ex2010\ecp (default web site)" -InternalURL https://casarray.hyperv.local/ECP -ExternalURL https://webmail.wardvissers.nl/ECP

Set-AutodiscoverVirtualDirectory "ward-ex2010\Autodiscover (Default Web Site)" -InternalUrl http:/casarray.hyperv.local -ExternalUrl https://autodiscover.nifv.nl

Translate »