Category: Microsoft

Public Folder Migration from Exchange 2003 or 2007 to Exchange 2010

Step 1: Replicating Exchange 2003 or 2007  PF’s to Exchange 2010

Add PF replica’s to an Exchange 2010 Server:

.\AddReplicaToPFRecursive.ps1 -server "Exchange 2003/2007 Server" -TopPublicFolder "\" -ServerToAdd "Exchange 2010 Server"

Replicate the System Folders to an Exchange 2010 Server:

.\AddReplicaToPFRecursive.ps1 -TopPublicFolder "\NON_IPM_Subtree" -ServerToAdd "exchange2010 server”

If you are planning to have multiple Exchange 2010 PF servers, you can repeat the Cmdlet

From the Exchange 2010 server: Update-PublicFolderHierarchy -Server "Exchange 2010 Server"

Step 2: Moving Exchange 2003/2007 PF’s to Exchange 2010

As a last step, after you confirmed that all the PF have been replicated to the Exchange 2010, you can move all replicas from Exchange 2003/2007 to Exchange 2010. The "move all replicas" will actually remove the Exchange 2003/2007 replicas.

To move all Exchange 2003/2007 replicas to Exchange 2010, which will actually remove the Exchange 2003/2007 replicas:

.\MoveAllReplicas.ps1 -Server "Exchange 2003 Server" -NewServer "Exchange 2010 Server"

Additional Cmdlets

To view a list of the replicas in the public folder hierarchy: Get-PublicFolder -recurse |fl name,replicas

For System Folders: Get-PublicFolder -recurse \non_ipm_subtree |fl name, replicas

To compare content replicated between the source and destination servers: Get-PublicFolderStatistics

Reference

Move Public Folder Content from One Public Folder Database to Another Public Folder Database – http://technet.microsoft.com/en-us/library/bb331970.aspx

Exchange 2010 Outlook Mobile Update

This guide was created to help you deploy the new Outlook Mobile update for the Windows Mobile 6.1 devices that connect to your Exchange 2010 servers. This guide focuses on Microsoft Exchange Server 2010 RTM & SP1 & SP2 and Windows Mobile 6.1, and covers the following topics:

· Overview

· How to configure your Exchange 2010 for the Outlook Mobile update

· Details about the Outlook Mobile update

· How to get support for Outlook Mobile updates

· How to subscribe for future updates

Overview

First, we’ll review the overall update experience that’s built into Exchange 2010.

clip_image002

As part of the Outlook Mobile update, users will receive an update notification in an e-mail message in their Inbox. The purpose of this message is to inform them that there’s an Outlook Mobile update for their phone.

The message will instruct the user to click an inline link. This prompts the phone to download the Initial Setup CAB. After the Initial Setup CAB is installed, it will check for available updates specific to the user’s device type.

Next, if an Outlook Mobile update is available, it will be downloaded and installed. The user will receive a notification message that tells them they need to restart their device. After the device is restarted, it will resynchronize the data (e-mail, calendar, contacts, and tasks) with the Exchange server so it will be compatible with the new format of Exchange Server 2010. After that synchronization is complete, the user will be ready to experience the new features in the Outlook Mobile update.

How to Configure Your Exchange 2010 Server for the Outlook Mobile Update

Now that you understand the tasks that the Outlook Mobile update performs, we’ll cover how to configure your Exchange server so that your users who have Windows Mobile 6.1 devices will receive the update notification e-mail message.

How to determine whether a user will receive the update notification e-mail message

The update notification e-mail message will be sent to the user’s device if the following conditions are true:

· The user’s mailbox is on a server running Exchange Server 2010.

· The Exchange ActiveSync mailbox policy parameter AllowMobileOTAUpdate is set to $True.

· The Windows Mobile OS version is 6.1. To check which version the device is running, from the Help About screen, look for the OS and Windows Mobile 6.1 build number (Start > Settings > System > About). You should see Windows OS = “Windows CE 5.2”, and the Windows mobile build should be between 19202 and 21142.

AllowMobileOTAUpdate

The AllowMobileOTAUpdate setting is one of the standard Exchange ActiveSync mailbox policy settings. This is the main setting that determines whether the update notification e-mail message is sent to the device.

The default value for the AllowMobileOTAUpdate parameter is enabled ($True). To confirm that your Exchange ActiveSync mailbox policy has this setting enabled, follow these steps:

1. Check which policy the user is assigned to by running the following command.

Get-CasMailbox <user> | fl ActiveSyncMailboxPolicy

In the preceding example, the result is the following.

ActiveSyncMailboxPolicy : Default

2. Check that the policy returned in the preceding step has the AllowMobileOTAUpdate setting enabled by running the following command.

Get-ActiveSyncMailboxPolicy Default | fl AllowMobileOTAUpdate

If the AllowMobileOTAUpdate setting is set to $True, the following will be returned.

AllowMobileOTAUpdate : True

Details About the Outlook Mobile Update

The following section covers the end user experience for the Outlook Mobile update. The update notification e-mail message the user receives will look like this.

clip_image004

The user can click the first link in the message to start the download. This downloads the initial setup CAB, which is necessary to find the appropriate Outlook Mobile update for that user’s device.

Next, the user will see a URL Confirmation page that informs them that they’re being taken to a Web site. The user should click Yes to continue. Clicking No will cancel the update process.

clip_image006

After the file begins downloading, the user will be asked if they want to open the file, save it to a location, or click Cancel. The user should click Yes to continue opening the file, making sure that the open file after download box is selected.

clip_image008

The next screen they’ll see is the progress bar that shows that the initial setup CAB is being downloaded and installed.

clip_image010

The initial setup CAB finds the appropriate Outlook Mobile update for the user’s specific device. After the initial setup CAB is installed, it connects to the Outlook Mobile Update Service to find the update. If an update is found, the user will be asked if they want to download the Outlook Mobile update. The user should select Yes to download and install the update.

clip_image012clip_image014

clip_image016clip_image018

After the Outlook Mobile update has been installed, the user needs to restart their device to ensure that all new Outlook Mobile files loaded correctly.

clip_image020

After the user restarts their device, they’re presented with a warning message that informs them that they need to resynchronize their data with Exchange. This is necessary because the existing format of the synchronized data isn’t compatible with the new features built into Exchange Server 2010. The user should click Yes in this warning message box.

clip_image022

Occasionally, a user may see the following error, which can appear when the resynchronization hasn’t yet occurred. The user will need to manually resync their data with Exchange.

clip_image024

How to Subscribe for Future Updates

There may be updates available for your users’ Windows Mobile 6.1 phones in the future. The Outlook Mobile update package will ask users if they would like Outlook Mobile to automatically check for updates on a regular schedule. Users should click Yes to automatically check for updates and receive notification when new updates are available.

clip_image026

Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

Microsoft released Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2.

Issues that are fixed in this rollup package:

2654016 A client may be unsuccessful in accessing a Java SSO application published to the web in a Threat Management Gateway 2010 environment

2653703 You receive an "Error: Subreport could not be shown" error message in the User Activity or Site Activity report in a Forefront Threat Management Gateway 2010 environment

2654585 UDP packets may become backlogged when you increase the "Maximum concurrent UDP sessions per IP address" setting in a Forefront Threat Management Gateway 2010 environment

2624178 Threat Management Gateway 2010 administrators may be unable to generate reports

2636183 Both sides of a TCP connection are closed when the client or remote application half-closes the TCP connection in a Forefront Threat Management Gateway 2010 environment

2653669 Summary information for the Top Overridden URLs table and for the Top Rule Override Users table display incorrect information in a Forefront Threat Management Gateway 2010 environment

2617060 Forefront TMG 2010 enables L2TP site-to-site connections in RRAS

2655951 Japanese characters in the subject line of an Alert email message are not readable in the Japanese version of Forefront Threat Management Gateway 2010

2654068 "The Web Listener is not configured to use SSL" warning message may occur when you configure a Web Listener to use a valid SSL certificate in a Forefront Threat Management Gateway 2010 environment

2654193 You receive a "Bad Request" error message when you try to access Outlook Web App in a Forefront Threat Management Gateway 2010 environment

2654074 String comparison may become case-sensitive when you publish a website by using Forefront Threat Management Gateway 2010

2658903 The Forefront Threat Management Gateway Firewall service (Wspsrv.exe) may crash frequently for a published website secured by SSL after you install Service Pack 2

Note that along the lines of products like Exchange, cumulative updates for ForeFront TMG are now also called Rollup instead of Software Update or Update.

You can request ForeFront TMG SP2 RU1 directly from support here.

mail-enabled public folders stopped working after installing Exchange 2010 in existing Exchange 2003 or 2007 environment

I recently came across the following issue while performing an Exchange 2007 to Exchange 2010 migration for a company that still heavily utilised mail-enabled public folders. The client’s Exchange environment was quite old and had been previously migrated from Exchange 5.5 to 2003 and hadn’t been properly decommissioned with the original move to 2007, but that’s another story!

Issue

The issue I had was that once I moved all receive connectors to the new Exchange 2010 server, emails sent to any of the mail-enabled public folders (which were still being replicated between the 2 servers) was being rejected with the following NDR:

#< #5.2.0 smtp;554 5.2.0 STOREDRV.Deliver.Exception:ObjectNotFoundException; Failed to process message due to a permanent exception with message The Active Directory user wasn’t found. ObjectNotFoundException: The Active Directory user wasn’t found.> #SMTP#

The following error was found in Event Viewer:

Log Name: Application
Source: MSExchange Store Driver
Date: 7/09/2010 2:00:02 AM
Event ID: 1020
Task Category: MSExchangeStoreDriver
Level: Error
Keywords: Classic
User: N/A
Computer: server@domain
Description:
The store driver couldn’t deliver the public folder replication message “Folder Content (PublicFolderDatabase@domain)” because the following error occurred: The Active Directory user wasn’t found.

Solution

Given this Exchange environment was originally running versions prior to Exchange 2007, the legacy Administrative Group and all its empty subcontainers still existed. An explanation from the Microsoft Exchange Team of why this issue occurs can be found here: http://msexchangeteam.com/archive/2010/05/05/454821.aspx

The solution to this issue was to delete the empty Servers container from the legacy Administrative Group.

Using ADSIEdit.msc, connect to a domain controller and navigate to:

CN=Configuration , CN=Services, CN=Microsoft Exchange, CN=[ExchangeOrganisationName], CN=Administrative Groups, CN=[LegacyAdministrativeGroupName], CN=Servers.

Right click the Servers container and select Delete

Click Yes

Restart the Microsoft Exchange Active Directory Topology Service and the Microsoft Exchange Information Store on both the Exchange 2007 & Exchange 2010 Servers

Internet Explorer Stops Randomly when using TMG als proxy or Error 502 The number of HTTP requests per minute exceeded the configured limit.

Some users report that Internet stops Randomly. After investing i say the following error:

image

On the TMG Management server I saw also the The number of HTTP requests per minute exceeded the configured limit.

Solution:

1. Open TMG Management Console

clip_image001
2. Go Intrusion Prevention System

3. Flood Mitigation
clip_image002

4. Click on the Edit button: The number of HTTP requests per minute exceeded the configured limit
clip_image003
Default = 600 I configured = 3000

Exchange 2007 & 2010: Current issues with Microsoft Exchange ActiveSync and Third Party Devices

The following is a list of current issues observed by Microsoft Support personnel for Exchange Server 2007 and Exchange Server 2010 with third-party vendor devices. If you are using Exchange Server 2007 SP3 or Exchange Server 2010 SP1 and you are experiencing an EAS issue not listed below, contact Microsoft Support Services to investigate the issue.

1. Automatic meeting processing

Issue 1.1 – Recurring meeting is removed from calendar when organizer cancels single occurrence

When you synchronize your iOS device by using Exchange ActiveSync on an Exchange Server 2007 mailbox, if the organizer cancels a single occurrence of a recurring meeting, the device may unexpectedly delete the entire recurring meeting.

Solution

There are two parts to this solution:

Install the Exchange Server 2007 Service Pack 3 (SP3) update rollup 4 (RU4). The problem details and the link to the update are documented in the following Microsoft Knowledge Base article:

2502276 A meeting request series are deleted unexpectedly from the calendar in an Exchange Server 2007 environment

Update the Apple iOS on your device to version 4.3 or later. For more details on the latest iOS version, click the following link:

http://www.apple.com/ios

Apple has documented the issue at the following web site:

http://support.apple.com/kb/ts3714

Issue 1.2 – Attendee becomes meeting organizer

When you synchronize your iOS or Android device by using Exchange ActiveSync on an Exchange Server 2007 mailbox, you may unexpectedly become the organizer for a meeting that you were invited to. This does not change the meeting for all attendees.

Solution

This can occur if you change the reminder for a single occurrence of a recurring meeting on an iOS or Android device. There may be other property changes to meeting items that may result in the same symptom.

This issue is resolved in Rollup Update 4 for Exchange Server 2007 Service Pack 3. See the KB article below for additional information.

2521063 You are incorrectly displayed as a meeting organizer after you synchronize the meeting by using your mobile device in an Exchange Server 2007 environment

Note Affected meetings must be deleted and replacement meetings must be created after the servers are patched.

Issue 1.3 – Your meeting response to the organizer appears to have been sent by someone else

When you respond to an Exchange ActiveSync (EAS) meeting invitation, the meeting originator may see someone else’s name displayed as having accepted the invitation instead of you.

Solution

Ensure the Apple iOS on your device is version 4.3 or later. For more details on the latest iOS version, click the following link:

http://www.apple.com/ios

This was fixed by Apple in iOS 3.1. For more details, visit the following Apple web site:

iPhone and iPod touch: My replies to Exchange ActiveSync invitations seem to come from someone else

http://support.apple.com/kb/TS2806

Issue 1.4 – All Day Flag is not set properly on Mobile devices when meeting is scheduled cross multiple days

Mobile device clients do not treat a meeting request as an all day event meeting request. Additionally, the All Day field is marked with "No".

Solution

This issue is resolved in Exchange 2007 Service Pack 3 Rollup 2. The problem is documented in the following articles from the Microsoft Knowledge Base online:

2201236  The "All Day" field is marked with "No" when you access a meeting request that has a duration time that is more than 24 hours by using a mobile client through ActiveSync in an Exchange Server 2007 environment

2201236  Description of Update Rollup 2 for Exchange Server 2007 Service Pack 3

Issue 1.5 – Recurring Exchange calendar events deleted

In some situations, recurring calendar events can be removed from both the iOS device and Exchange when the organizer cancels an event instance.

Solution

This issue is resolved by Apple iOS 4.3, and impacts only the 4.2.6 and earlier versions. Apple has documented the issue at the following web site:

iOS: Recurring Exchange calendar events deleted

https://support.apple.com/kb/ts3714

Issue 1.6 – Appointment exceeding 24 hours changed to multiple day All Day Event

When an appointment item’s duration exceeds 24 hours, but is not marked as an All Day Event, Exchange ActiveSync changes the item on the device to become a multi-day All Day Event. The next time that the device synchronizes with the mailbox, the change is propagated from the item on the device to the item on the Exchange Server 2010 mailbox.

Solution

Microsoft is investigating this issue. This problem can occur when using any ActiveSync device synchronizing with Exchange Server 2010.

2. Connectivity and synchronization failures

Issue 2.1 – Failures to Provision and Synchronize with Android OS

EAS policies can cause provisioning and synchronization to fail, when customized. Devices will not be provisioned if a policy is applied to the users of these devices that exceeds these limitations. This is discussed in comment 9 from the following post on Google’s Android forum:

http://code.google.com/p/android/issues/detail?id=9426

"We only support the basic (EAS 2.5) features in Froyo. So if your server requires, for example, password history or expiration, or complex characters, then it won’t be provisionable in Froyo. Our goal is to provide more policy support in future versions, but for now we support – password (PIN/alpha), minimum characters, max. fails to wipe, inactivity timeout, and remote wipe."

Solution

Updates to the Android OS version appear to resolve this problem. We encourage device users to update to the latest version available from their provider and follow vendor forums on synchronization issues. If the decision is made to allow older devices in the organization, Administrators can canvass device users, or use tools Log Parser or Export-ActiveSyncLog, to ensure that such devices are identified in the organization. Users of older devices can be grouped into a policy that can work for them.

Issue 2.2 – Unable to connect using Exchange ActiveSync due to Exchange resource consumption

There are several symptoms and remediation methods for issues with resource depletion caused by devices connecting with Exchange ActiveSync.

Solution

Administrators should review the following article in the Microsoft Knowledge Base to determine if they are experiencing the same server symptoms:

2201236  Unable to connect using Exchange ActiveSync due to Exchange resource consumption

Note This article also describes a known issue with iOS 4.0, defined by user agent 801.293 – http://support.apple.com/kb/TS3398 and is discussed in Issue 2.5, below.

Issue 2.3 – "This message has not been downloaded from the server" error when trying to open a message

You synchronize your Exchange Server mailbox with your iOS device. When you try to open a message on the iOS device, the following error may be displayed:

This message has not been downloaded from the server

Solution

You must configure the Accepted Domain using Exchange Management Shell. Use the steps in item #7 in the following post from the Exchange Team Blog:

Exchange 2010 SP1 FAQ and Known Issues

http://blogs.technet.com/b/exchange/archive/2010/09/01/3410888.aspx

This issue is being reviewed by the Microsoft Exchange product team.

Issue 2.4- You receive a synchronization failed email message when you synchronize your mobile device

When you synchronize your mobile device by using ActiveSync on an Exchange Server 2010 mailbox, you receive a synchronization failed email message similar to the following:

From: Microsoft Exchange on Behalf of <user>

Sent: <date>

To: <other user>

Subject: Synchronization with your <ActiveSync device> failed for 1 items.

Synchronization with your <ActiveSync device> failed for 1 items.

Microsoft Exchange was unable to send the following items to your mobile device. These items have not been deleted. You should be able to access them using either Outlook or Outlook Web Access.

Item Folder: Inbox

Item Type: IPM.Schedule.Meeting.Resp.Pos

Solution

This issue is described in the following article in the Microsoft Knowledge Base:

2201236 You receive a synchronization failed email message when you synchronize your mobile device by using ActiveSync on an Exchange Server 2010 mailbox

To resolve this issue, install the following update rollup:

2201236 Description of Update Rollup 3 for Exchange Server 2010 Service Pack 1

Issue 2.5- Users are unable to synchronize Apple iPhone iOS 4.0 with the Exchange Server mailbox

Immediately after updating to iOS 4.0, some users may notice that Exchange ActiveSync Mail, Contacts, or Calendars do not sync, or sync very slowly. In addition, some Exchange Server administrators may notice their servers running slowly. This problem is also discussed in Issue 2.2, above.

Solution

Update the device to a later iOS version. Apple has documented the issue at the following web site:

iOS 4.0: Exchange Mail, Contacts, or Calendars may not sync after update

http://support.apple.com/kb/TS3398

Issue 2.6- ActiveSync does not work for mobile device users connecting to Exchange Server 2007 mailboxes after swapping URLs between Exchange Server 2010 and 2007

This problem occurs because the device is unable to properly redirect a user whose mailbox has been moved. The 451 redirect response to the device is not properly interpreted.

Solution

Typically, this issue is resolved by device updates to the latest operating system. Verify the following:

Verify that you have configured the LegacyURL for Exchange 2007 users. This will automatically switch the URL for the user to the appropriate target on the device. See the following blog topic:

http://blogs.technet.com/b/jribeiro/archive/2009/11/26/transitioning-from-an-exchange-2007-environment-to-exchange-2010.aspx

This has been reported for several device types, to include iOS and Android operating system. If the problem is noted with the latest version of the device operating system, and the LegacyURL is correctly established and working for other devices, consult with the device vendor’s technical support.

If you are using an Apple iOS device, update the device to the iOS version 4.3.2.

Note In migrations where the mailbox moves are between different forests, a 451 is not sent. The reason for this is that the old server does not know of the new endpoint for connectivity. In such circumstances, the device must be manually reconfigured.

Check: http://support.microsoft.com/kb/2563324

You cannot close the EMC window on a computer that has Internet Explorer 9 installed

Microsoft released the official fix for: You cannot close the EMC window on a computer that has Internet Explorer 9 installed. Windows Internet Explorer 9 installed, you start the Exchange Management Console (EMC). After you make a change and then try to close the EMC window, the window does not close. Additionally you receive the following message:
image_thumb1

You must close all dialog boxes before you can close Exchange Management Console.

Download: KB2618444 Cumulative Security Update for Internet Explorer: December 13, 2011

MDT 2012: New Features – Hide Shell

Here is a common scenario. You are deploying an operating system using MDT Lite Touch, during the deployment you install some user specific applications. However the users think that the deployment is completed an they close the application installs or perhaps start messing with the machine while it is still logged in as the local administrator. Now you could simply inform the user that they should not touch the computer until the deployment is completed. However in my experience this “don’t touch” approach has not always been 100% successful.

Well now we have a better way, you can hide explorer shell while MDT is “doing it’s thing”!

So how do we do this? It is simple, just add the following line to the customsettings.ini file:

HIDESHELL=YES

I have included before and after shots below:

Look explorer…

,image

No explorer…. that’s better!

image

Glimlach

Exchange 2010 SP2 RTM

Exchange Server 2010 Service Pack 2 (SP2) has been released, raising the Exchange version number to 14.2.247.5. You can download Exchange 2010 SP2 here.

For those still unaware, the 530Mb+ file (1,4 GB extracted) contains the full set of binaries; you can use it to upgrade existing RTM or SP1 installations or deploy new Exchange 2010 SP2 installations.

Besides the usual set of hotfixes, SP2 introduces the following features:

Address Book Policies
Address Book Policies, also known as GAL segmentation, ABPs are meant to segmentize the address book, giving users a certain view of the address book like Address List Segregation did for Exchange 2003/2007.

OWA mini
This will be a lightweight browser like OMA in the past, meant for simple browsers.

Hybrid Configuration
This wizard is to make the configuration of an on-premise Exchange and Office 365/Exchange Online more simple, reducing the steps required from 49 to 6.

OWA Cross-Site redirection
This will allow clients to be silently redirected to the proper site if they log on to a CAS server located in a site different than the site where their mailbox is hosted and externalURL has been specified there.

After preparing your forest for Exchange 2010 SP2, the schema version number will have changed. Check the Schema Versions page for information on the new ObjectVersion and RangeUpper values for Exchange 2010 SP2.

Note that SP2 introduces an additional requirement, which is the IIS 6 WMI Compatibility feature; you can add this feature using the GUI or by using the Powershell cmdlets Import-Module ServerManager followed by Add-WindowsFeature Web-WMI.

The proper method to upgrade mailbox servers that are a member of a Database Availability Group is described here.

The releases notes are not available at time of writing; we’ll update this post when they become available.

Translate »