Quantcast
Channel: Exchange Server 2010 forum
Viewing all 8820 articles
Browse latest View live

Migration Exchange 2003 to 2010 routing connector

June 2, 2014, 11:58 pm
$
0
0

Hello

At least we deside to migrate from 2003 to 2010 Exchange now i'm preparing and stuck around one question.

In our Exchange 2003 organization we have couple backend servers and one frontend on which OWA is installed.

OWA server placed to second routing group others backend server in first routing group.

Roitung group connected to each other by connector.

So the question - when i install CAS Exchange 2010 he asked me with which Exchange 2003 server i want to create connector - which server i should choose? Backend or Frontend which placed in different RG?

Search

Exchange ADFS 2.0 integration to provide federated authentication and SSO

November 30, 2012, 11:01 am
$
0
0

Hello,

I've recently been researching methods to provide federated authentication to users of a multi-tenanted Exchange & Lync environment. Currently I am tackling the first challenge which is OWA. I have used the following guides:

http://allmsft.blogspot.com/2012/02/owa-sp2-and-adfs.html

http://www.theidentityguy.com/articles/2010/10/15/access-owa-with-adfs.html

Combined with some other various guides on general ADFS configuration in order to successively configure OWA to allow for ADFS 2.0 to authenticate using the "Claims To Windows Token Service" integration with the OWA site in order to authenticate.

This seems promising, from my novice perspective I am assuming that enabling federation with another domain would simply be a matter of adding the other domain's ADFS 2.0 Proxy as a claims provider trust on the ADFS server in which Exchange exists and then having a mailbox in the exchange domain which has the UPN that gets passed through from the proxy server.

I've done this much and I am able to authenticate on the ADFS 2.0 proxy page of the user domain, however I am getting a failure which I think is coming from the WIF part of the OWA integration:

Request
Url: https://webmail.lab1.local:443/owa/
User host address: 192.168.23.77
OWA version: 14.2.247.5

Exception
Exception type: System.IdentityModel.Tokens.SecurityTokenException
Exception message: ID1054: The IClaimsIdentity did not contain a valid UPN Claim. The automatic Windows identity mapping feature requires exactly one non-empty UPN Claim to be provided.

Call stack
Microsoft.IdentityModel.Tokens.WindowsMappingOperations.FindUpn(IClaimsIdentity claimsIdentity)
Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)
Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

I am wondering whether this is an issue with the way that I have the Claim Provider setup, or if it's simply an issue with the claim rules either on the Claim Provider or on the Relying Party Trust within the ADFS 2.0 server in the user domain for the Exchange domain's ADFS 2.0 STS url.

I realize that providing ADFS 2.0 for Outlook, Activesync, and Lync are a whole other animal. If anyone knows of anyone who has actually published a guide on how to achieve this or possibly a third party product that provides the same result I'd appreciate that information as well.

how to add multiple gmail RSS feeds in outlook 2007

December 22, 2012, 7:47 pm
$
0
0

Hi All,

I want to set up outlook to receive gmail rss feeds, but I found I only could set up it with one gmail account, i totaly have three gmail accounts, how to accomplish that ?

Thanks,

GM

Auto-reply not delivery after 24 hours

May 29, 2014, 8:09 pm
$
0
0

Dear All,

I have configured automatic reply on Exchange server 2010 and for end user on OWA. When I send an email to the user who turn on auto-reply, I'll get an auto-reply message. However, after 24 hours, I try to send an email to the user again, I won't get any auto-reply message. It seems the auto-reply is to fire once per sender for the duration of the time OOF is turned on.

What I want is I can get the next auto-reply message from the user who turn on auto-reply after 24 hours even I used to send an email to him/her. I have one support which turn on OOF, and I need my support to send  one auto-reply, per user, per day. My support account always turns on OOF.

Is there any way to do so?

I am looking forward to hearing from you.

Thanks in Advance

Veasna

exchange certificate has expired

April 7, 2014, 2:13 am
$
0
0

Hello,

Since few days, we all (all users) get the same message :

Security alert: the Security certificate has expired or Is not yet valid

So wenn I check, I Can SEE that the certificate has effectively expired.

After some research I think I can use this (found this in a other topic)

If you are using a exchange self signed certificate, please follow these steps to create a new certificate:

Step 1: Delete the expired certificate:

a. Runget-exchangecertificate |fl , please note the Thumbprint number of the expired certificate, such as 5113ae0233a72fccb75b1d0198628675333d010e.

b. Runremove-exchangecertificate -thumbprint 5113ae0233a72fccb75b1d0198628675333d010eto delete this expired certificate.

Step 2: Generate a new exchange certificate

new-exchangecertificate

If You may get a prompt to overwrite the default SMTP certificate. type A to overwrite it.

Step 3: Enable this new certificate for the exchange services:

Enable-exchangecertificate -thumbprint  <the new certificate you just created> -services:IIS,SMTP,POP,IMAP

Because I'm not an exchange expert, I prefer ask you before doing something bad.

Can I use these command line like this or should I change something? I did not use a third certificate, just default settings of exchange on a SBS2011.

Hope you can help me soon.

Best Regards,

Thierry

Some users can’t access Exchange 2010 OWA

May 12, 2012, 2:08 am
$
0
0

Some users can’t access Exchange 2010OWA, after entering credentials with no error message or exceptions displayed.

Receive connector default settings

June 4, 2014, 8:43 am
$
0
0

Hi,

I'm taking over management of an existing Exchange 2010 SP1 server with client access and hub transport roles installed on one machine.  I'd like to verify the default receive connectors (client and default) have not been modified and are the default (network, authentication, and permission groups) setting.

Can someone please list those setting for me?



Use get-mailboxstatistics to report individual email sizes.

May 9, 2012, 4:34 am
$
0
0

Hello all,

In exchange2010 I use the "get-mailboxstatistics" to report on users with large email boxes.

Is there a way to use report in a csv file the individual email sizes in a particular users mailbox? e.g. instead of just saying "user Albert.Einstein has a mailbox of 512mb", digging deeper and saying "of Albert Einsteins 512mb there are 5*50mb emails".

That would be great if there was... then i could narrow down the chumps who send movies in company emails.

Thanks

Search

error after a move mailbox

June 5, 2014, 4:53 am
$
0
0

Exchange 2010 sp3, 2 hubs, 2 mbs

i'm moving several mailboxes to a lower db size limit and have encountered the following error:

Warning: Failed to clean up the source mailbox after the move.
Error details: MapiExceptionUnexpectedMailboxState: Unable to delete mailbox. (hr=0x80004005, ec=2634)

so far, I have three mailboxes that gave that error. all of them returned 100% completed but with warning.

should I continue the move of mailboxes?


Email Address Policies

March 14, 2012, 6:40 am
$
0
0

Hi Guys

we need to readdress, with a new primary smtp address, a large number of users,  (this is due to an company re branding/structuring - but within the context of the existing AD/Forest)

currently all (95%) of users have the address @legacycompany.com at the primary smtp address

we need to create 3 new email address policies to change the primary SMTP address to the following

users who will belong to the newcompany_a to have @companya.com at the primary smtp address

users who will belong to the newcompany_b to have @companyb.com at the primary smtp address   --- and so on

can we create either new security (or distribution) groups which represent the new companies i.e. companya , putting each AD account in the relevant group and filtering the email address policy by membership of this group

so in essense when each policy runs it check the user against group membership and adjusts the primary smtp address accordingly

Cheers


Adding new Primary SMTP address for 1000 users - considerations?

July 26, 2012, 2:58 am
$
0
0

Hi folks

I will be changing addresses next week for 1000 people.I have tested the following and they seem to have no issues with the changing email addresses:

1. BES

2. Out of Office

3. Cached Outlook values (If the old address is stored in cache, then it goes out of Exchange and my SMTP server will still accept it as a vaid incoming domain and route to the mailbox).

Can anyone offer any other potential areas\technologies I should consider that could be affected?We are Exchange 2010, use VMWare, SCOM, ISA,

Tom

GAL not populating correctly

June 5, 2014, 10:42 am
$
0
0

I have a group of newly added contacts that are not showing up in the GAL (Please note I *am not* talking about the OAB)

I can create new lists (for example I created one called "Contacts") and the contacts in question will appear in that list (it was set to use any contact with an external address) 

Then I created another one called "Global Address List" which has all contacts, users (mailboxes) and Groups in it, the contacts in question do appear in this list as well.

I am bypassing the OAB and looking for the contacts while in OWA (since that accesses the GAL in real time).

Thoughts?

Cross-Site Redirection Setup

June 2, 2014, 10:12 am
$
0
0

I have Site A (internet-facing) and Site B (no-internet facing).  I have Cross-Site Redirection working for OWA and ActiveSync for those users in Site B but I still have some issues for the following:

1.  Out of Office not working on Outlook clients

2.  ECP not working from external OWA

These are the main issues so far that I am hearing.

Settings on EMC for SiteB:

OWA - internalURL only pointing to casarray

ECP - internalURL only pointing to casarray

EAS - internalURL only pointing to casarray

OAB - internalURL only pointing to casarray

IIS settings for CAS node 1 on SiteB:

Default Web Site - Windows Auth - disabled, HTTP Redirect - unchecked, SSL - unchecked

ECP & EWS - Windows Auth - enabled, HTTP Redirect - unchecked, SSL - checked and ignore

OWA - Windows Auth - enabled, HTTP Redirect - check but blank, SSL - checked and ignore

EAS - Windows auth - enabled, HTTP Redirect - unchecked, SSL - checked and ignore

OAB - Windows auth - enabled, HTTP Redirect - unchecked, SSL - checked and ignore

Base on the information stated above, can anyone tell me if I have some settings incorrect?  This is what they told me that needed to be set on SiteB.  Again, OWA, and ActiveSync works fine.

 

Information rights management and iOS/Android devices

April 11, 2013, 2:52 pm
$
0
0

Microsoft say that IRM is supported over Activesync, but does anyone have any real world usage?  I cannot find any articles about whether non-Windows Mobile devices work natively.

A lot of the execs use iPhones, iPads and Galaxy S3 devices so if someone has an article/link explaining if these work natively with IRM or whether a special client is needed, that would be great!

Exchange Server 2010 SP3 Update Issues

May 30, 2014, 6:42 am
$
0
0

Hello,

I have been having some issue upgrading Exchange 2010 (RTM v14.00.0639.021) to SP3. According to all documentation that I have read I should have no issues upgrading from an older RTM version. I am receiving the following error related to the AD Schema (2008 R2, functional level of 2008): 

**************
[05/30/2014 13:38:20.0379] [0] Setup will run the task 'test-setuphealth'
[05/30/2014 13:38:20.0394] [1] Setup launched task 'test-setuphealth -DomainController 'DC.domain.com' -DownloadConfigurationUpdates $true -ExchangeVersion '14.3.123.4' -Roles 'Global' -ScanType 'PrecheckInstall' -SetupRoles 'Global' -PrepareDomain $null -PrepareLegacyExchangePermissions $null -PrepareOrganization $true -PrepareSchema $true -CustomerFeedbackEnabled $false'  
[05/30/2014 13:38:23.0733] [1] Active Directory session settings for 'test-SetupHealth' are: View Entire Forest: 'True', Configuration Domain Controller: 'DC.domain.com', Preferred Global Catalog: 'DC.domain.com', Preferred Domain Controllers: '{ DC.domain.com }'
[05/30/2014 13:38:23.0811] [1] Beginning processing test-setuphealth -DomainController:'DC.domain.com' -DownloadConfigurationUpdates:'True' -ExchangeVersion:'14.3.123.4' -Roles:'Global' -ScanType:'PrecheckInstall' -SetupRoles:'Global' -PrepareDomain:$null -PrepareLegacyExchangePermissions:$null -PrepareOrganization:'True' -PrepareSchema:'True' -CustomerFeedbackEnabled:'False'
[05/30/2014 13:38:30.0721] [1] Active Directory session settings for 'Get-OrganizationConfig' are: View Entire Forest: 'True', Configuration Domain Controller: 'DC.domain.com', Preferred Global Catalog: 'DC.domain.com', Preferred Domain Controllers: '{ DC.domain.com }'
[05/30/2014 13:38:30.0721] [1] Beginning processing Get-OrganizationConfig
[05/30/2014 13:38:30.0737] [1] Searching objects of type "OrganizationConfig" with filter "$null", scope "SubTree" under the root "$null".
[05/30/2014 13:38:30.0909] [1] Previous operation run on domain controller 'DC.domain.com'.
[05/30/2014 13:38:30.0909] [1] Preparing to output objects. The maximum size of the result set is "unlimited".
[05/30/2014 13:38:31.0845] [1] Ending processing Get-OrganizationConfig
[05/30/2014 13:38:38.0506] [1] [REQUIRED] The Active Directory Schema is not up-to-date, and this user account is not a member of the 'Schema Admins' and/or 'Enterprise Admins' group.
[05/30/2014 13:38:38.0537] [1] [REQUIRED] Global updates need to be made to Active Directory, and this user account is not a member of the 'Enterprise Admins' group.
[05/30/2014 13:38:38.0537] [1] [REQUIRED] A reboot from a previous installation is pending. Please restart the system and rerun setup.
[05/30/2014 13:38:38.0568] [1] Ending processing test-setuphealth
[05/30/2014 13:38:38.0568] [0] The Exchange Server setup operation didn't complete.  More details can be found in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.
[05/30/2014 13:38:38.0584] [0] End of Setup

Things I have done are, verify user is a member of appropriate groups, rebooted servers, and ran commands from an elevated command prompt. Any thoughts would be appreciated.

Search

Second Exchange account mail stuck in outbox

June 3, 2014, 7:54 am
$
0
0

Hello Everyone,

I have a strange issue. Nor me or my colleagues are able to wrap our heads around it.

We have an exchange account for our Value Added Services (VAS). I've added this mail account as a second exchange account to the outlook 2013 profile for the employees. However the problem is that all mails they sent are stuck in the outbox. And this happens only for the VAS mailbox.

1 User however doesn't face this issue, when that user sends a mail it is directly sent to the person. That user is currently responsible for cleaning up the outbox. 

The mail setup is as follows:

1. Personal Mailbox - Exchange
2. VAS Mailbox - Exchange
3. QA mailbox - Exchange
4. P&G mailbox - Second mailbox (read only access)

They all work fine except the VAS mailbox. 

Other relevant information:

They connect to our RDS (SRV 2012) farm and start Outlook 2013 trough remoteapp. 
Their PC is running W7
We are using Exchange 2010 with the latest updates. 

Any clues/ideas as why this could be happening? And why only the VAS mailbox has that issue?
In my testing i once setup the same mailbox structure locally, and this setup worked.

Thanks in advance.

Kind Regards,

Niek

Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

November 12, 2009, 7:00 am
$
0
0
We are running a coexisting environment (Exchange 2003 & 2010), when I try to move a user mailbox from Exchange 2003 to 2010 I get the following error:

 
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:01


Abc Xyz
Failed

Error:
Active Directory operation failed on Domain.Name.Kw. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0


The user has insufficient access rights.

Exchange Management Shell command attempted:
'Domain.Name.Kw/VPO/Staff/Users/Abc Xyz' | New-MoveRequest -TargetDatabase 'FOD'


Although, I'm performing the task by a user that is a member in "Domain Admins" and "Organization Management" groups.


Any solution will be appreciated.


Regards

Exchange 2013 SP1 users randomly prompted with “The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook”

May 4, 2014, 11:20 pm
$
0
0

I got a call to check an issue with a Exchange Server 2013 SP1 environment recently. All server was upgraded from Exchange server 2013 CU2 to Exchange Server 2013 SP1. It was done successfully but many users were being randomly prompted with a popup in their outlook client with the following message:-

“The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook”

Although there wasn’t any changes of late in the environment there were random popups like these for multiple users. As the behaviour was not consistent and effecting the entire upgration population

Please suggest us how to resolve the issue.

Regards, Md Ehteshamuddin Khan All the opinions expressed here is mine. This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

Exchange 2010 Dynamic Distribution Group based on part of an email address

June 6, 2014, 2:08 pm
$
0
0

Hi there,

I am trying to create a Dynamic Distribution Group in Exchange 2010 that can filter on part of a primary email address e.g. james.wilson.contractor@company.com. I would like to filter out people with the word .contractor.

Is this at all possible?

Thanks in advance,

Chris


Create new database to recover whitespace

June 6, 2014, 8:50 am
$
0
0

I have read that it is best, when recovering whitespace, to create a new database and migrate the mailboxes over to it then remove the old database. I have the capabilities to do this but I wanted to see what the repercussions of doing this is.

  1. Are the users who get transferred over to the new database going to experience anything other than the short outage while it is moving their inbox?  
  2. Do I just remove the old database after completion and I'm done?
  3. Should I do a backup before starting this process or is it not necessary?

I am wanting to make sure that when I start the process I know what to expect as far as errors go so I can handle them as they come up. Our database is ridiculously large (1.5TB) and about 500GB of that is whitespace that I would like to recover.

Please feel free to offer advise as this is my first time doing a complete migration to a new database.

Thanks!

Viewing all 8820 articles
Browse latest View live
Search