Hi,

We are doing a cross forest domain migration where both Forests have their own Exchange environments. The source domain is running Exchange 2007 SP2 and the Target is running Exchange 2010 SP3. All is setup and ready to go but we were asked if it were possible to allow users who have been migrated, along with their machines and their mailboxes, to be able to still login to their computers as well as their Outlook clients using their source domain credentials. This would just be for a period of time to "soften the blow" of all the changes that are taking place. We would maintain the Source domain for a period of time and then remove the trust and decommission it.

We have the MEU account created in the target first, then ran ADMT, then migrated the machine and the mail so they are 100% in the target domain, but SID History has been enabled. A migrated user can still login to their machine with the Source domain credentials, no problem. But when you launch outlook it wants them to authenticate to the CAS that is in the Target domain. This is all very logical.

Is it possible to allow them to use the old credentials? I have tried to Add-mailboxPermission unsuccessfully. I have read some posts about removing the SID History attribute and how that solved the problem, but I haven't tried it yet because I think we may need SID History for accessing Source resources and that it may affect login with the old credentials (not sure).

I have also read about Linked Mailboxes but that doesn't seem like what I want if I am migrating the users along with the mailbox.

Anybody have an answer?

Store crashed early this morning.

I see the following events in the event log: 9659, 1000, and 4999 in the event log. (Exported further below)

I see a kb article pertaining directly to my issue from what I can see.

http://support.microsoft.com/kb/2796490/en-us

However, this kb instructs to install RU1 for Exchange 2010 SP3.  I'm already running RU3

These are really the only events pertaining to this issue other than the actual failover of the databases.

________________________________________________

Log Name:      Application
Source:        MSExchangeIS
Date:          6/2/2014 12:40:14 AM
Event ID:      9659
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EXCH01.zhi.com
Description:
The Microsoft Exchange Information Store encountered an unexpected exception 0xC0000005 at address 00000001402D6969 while processing a request for user EXCH01$.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchangeIS" />
    <EventID Qualifiers="49158">9659</EventID>
    <Level>2</Level>
    <Task>6</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-06-02T05:40:14.000000000Z" />
    <EventRecordID>31843008</EventRecordID>
    <Channel>Application</Channel>
    <Computer>EXCH01.zhi.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>0xC0000005</Data>
    <Data>00000001402D6969</Data>
    <Data>EXCH01$</Data>
    <Binary>4500630050006F006F006C00530065007300730069006F006E0044006F0052007000630000005B444941475F4354585D0000FE010000FF808700000000000003F00100006183001017010480A9A360200F0104800B002B820F010480D31560200F0104800B002B8217010480C1E640100F010480F06E001017010480D25560200F010480B08417801701048061E3001017010480A9A360200F010480B08417800F010480531960200F010480B08417800F010480C1E640100F010480F06E001017010480D25560200F010480B08418800F01048061E300100F010480A9A360200F010480B08418800F010480531960200F010480B08418800F010480C1E640100F010480F06E00100F010480D25560200F010480B08419800F01048061E300100F010480A9A360200F010480B08419800F010480531960200F010480B08419800F010480C1E640100F010480F06E00100F010480618000100F010480A9A3602017010480400007300F010480618000100F010480A9A3602017010480B0841A000F010480618000100F010480A9A3602017010480B0841A000F010480D25560200F0104800300713A0F010480618300100F010480A9A360200F0104800300713A0F010480D31560200F0104800300713A0F010480C1E640100F010480F06E001040003380618000100F010480A9A3602017010480140048670F010480618000100F010480A9A360201701048014004A670F010480A9F3001017010480A9A360201701048014004D671701048061E11010837D1300</Binary>
  </EventData>
</Event>

__________________________________________

Log Name:      Application
Source:        MSExchange Common
Date:          6/2/2014 12:40:15 AM
Event ID:      4999
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EXCH01.zhi.com
Description:
Watson report about to be sent for process id: 11104, with parameters: E12N, c-rtl-AMD64, 14.03.0169.001, store.exe, store.exe, 496969, c0000005, 28d8, 14.03.0169.001.
ErrorReportingEnabled: False
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange Common" />
    <EventID Qualifiers="16388">4999</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-06-02T05:40:15.000000000Z" />
    <EventRecordID>31843009</EventRecordID>
    <Channel>Application</Channel>
    <Computer>EXCH01.zhi.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>11104</Data>
    <Data>E12N</Data>
    <Data>c-rtl-AMD64</Data>
    <Data>14.03.0169.001</Data>
    <Data>store.exe</Data>
    <Data>store.exe</Data>
    <Data>496969</Data>
    <Data>c0000005</Data>
    <Data>28d8</Data>
    <Data>14.03.0169.001</Data>
    <Data>False</Data>
  </EventData>
</Event>

_____________________________________

Log Name:      Application
Source:        Application Error
Date:          6/2/2014 12:40:16 AM
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EXCH01.zhi.com
Description:
Faulting application name: store.exe, version: 14.3.169.1, time stamp: 0x5254cc7d
Faulting module name: store.exe, version: 14.3.169.1, time stamp: 0x5254cc7d
Exception code: 0xc0000005
Fault offset: 0x0000000000496969
Faulting process id: 0x2b60
Faulting application start time: 0x01cf6b3034ea02f4
Faulting application path: D:\Program Files\Microsoft\Exchange Server\V14\bin\store.exe
Faulting module path: D:\Program Files\Microsoft\Exchange Server\V14\bin\store.exe
Report Id: 5fb245dc-ea18-11e3-9517-b499ba02c85e
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-06-02T05:40:16.000000000Z" />
    <EventRecordID>31843010</EventRecordID>
    <Channel>Application</Channel>
    <Computer>EXCH01.zhi.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>store.exe</Data>
    <Data>14.3.169.1</Data>
    <Data>5254cc7d</Data>
    <Data>store.exe</Data>
    <Data>14.3.169.1</Data>
    <Data>5254cc7d</Data>
    <Data>c0000005</Data>
    <Data>0000000000496969</Data>
    <Data>2b60</Data>
    <Data>01cf6b3034ea02f4</Data>
    <Data>D:\Program Files\Microsoft\Exchange Server\V14\bin\store.exe</Data>
    <Data>D:\Program Files\Microsoft\Exchange Server\V14\bin\store.exe</Data>
    <Data>5fb245dc-ea18-11e3-9517-b499ba02c85e</Data>
  </EventData>
</Event>

Bobby Pendino

Hi All,

Does anyone know of a way to bulk create a custom web enabled folder for selected mailboxes on Exchange 2010. I would like the folder to have a default home page pointing to a specific site.

Regards,

Michael.

Hi,

I've got a user, that uses the "Do not deliver before" Option in Outlook 2010. This user doesn't use Outlook Cache Mode. The user already has a new profile and a new mailbox. Other users don't have the problem. We use Exchange 2010.

The problem is, that when the user tries to send a scheduled mail, the mail will stay in the Outbox-Folder, even after the point of time the mail should be send and even if Outlook is running (that should not matter, because no offline cache).

After the user got a new exchange-mailbox it works exactly one time immediate after the recreation of the mailbox. The next scheduled mail in the evening was not send.

Anyone has any Idea what else I can do?

Regards,

Kristian

Hi,

We are currently moving 20 locations from Exchange 2003 to 2010. 3 locations have completed successfully, without any issues. 5 other locations are ready for the mailbox move and the last 12 will follow later this month/year. 19 locations will have Ex 2010 MBX, CAS, HUB on one server, the main location will two MBX servers and two separate hub/cas servers.

When I was adding the 8th Exchange 2010 server, all of a sudden I got the following warnings during configuration of the Exchange server. Or actually it is even worse, every configuration change I make on any exchange server will give me the warning shown below. I make the configuration changes local on the exchange server itself. The configuration is applied successfully, but why all of a sudden this warning?!? How do I get rid of it/fix this?

(Google search hasn't given me any clues as of yet)

--------------------------------------------------------
Microsoft Exchange Warning
--------------------------------------------------------
The following warning(s) occurred while saving changes:

Set-ReceiveConnector
Completed

Warning:
The cmdlet extension agent with the index 0 has thrown an exception in OnComplete(). The exception is: System.Net.WebException: The operation has timed out
   at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
   at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
   at Microsoft.Exchange.SoapWebClient.CustomSoapHttpClientProtocol.GetWebResponse(WebRequest request)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.Exchange.SoapWebClient.CustomSoapHttpClientProtocol.<>c__DisplayClass4.<Invoke>b__3()
   at Microsoft.Exchange.SoapWebClient.HttpAuthenticator.NetworkServiceHttpAuthenticator.AuthenticateAndExecute[T](SoapHttpClientProtocol client, AuthenticateAndExecuteHandler`1 handler)
   at Microsoft.Exchange.SoapWebClient.SoapHttpClientAuthenticator.AuthenticateAndExecute[T](SoapHttpClientProtocol client, AuthenticateAndExecuteHandler`1 handler)
   at Microsoft.Exchange.SoapWebClient.EWS.ExchangeServiceBinding.FindFolder(FindFolderType FindFolder1)
   at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.EwsMailer.GetAdminAuditLogsFolder(ADUser adUser)
   at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.EwsMailer..ctor(OrganizationId organizationId, ADUser adUser, ExchangePrincipal principal)
   at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.Create(OrganizationId organizationId, ADUser mailbox, ExchangePrincipal principal)
   at Microsoft.Exchange.ProvisioningAgent.AdminLogAgentClassFactory.ConfigWrapper.get_MailboxLogger()
   at Microsoft.Exchange.ProvisioningAgent.AdminLogProvisioningHandler.OnComplete(Boolean succeeded, Exception e)
   at Microsoft.Exchange.Provisioning.ProvisioningLayer.OnComplete(Task task, Boolean succeeded, Exception exception)


--------------------------------------------------------
OK
--------------------------------------------------------

This is an example of configuring the receive connector, but I get the same warnings when disabling/deleting mailboxes or changing any other config in Exchange 2010, no matter if I am using EMC or EMS.

Update:

Creating a new-moverequest used to take only 26 seconds, now it takes about 105 seconds. So it takes 4 times longer than before. I am pretty baffled

heres my problem
have a customer with the following setup:

- Exchange 2010 SP2
- single CAS cluster - internet accessible
- internal and external URLs are currently the same for all exchange web services
  "webmail.company.com"

There was no difference in URL for internal and external. They are all the same for all service
This is because they had a split horizon DNS, and their internet names are able to resolve to internalprivate addresses when on the LAN

This was great! It made their SSL certificate very simple. it only had 2 names: because whether inside or outside, the name is always the same:
"webmail.company.com"
"autodiscover.company.com"

that was all they needed and everything was fine

now - the company changed its name recently, and want to eradicate all uses of the old name
So I know at least they will need to change the SSL certificate for OWA, so people dont get errors when the use the new URL

So they need a new exchange certificate with a new Subject name:
SN= "webmail.newcompany.com"
(this MUST be the Subject Name. browsers dont check alternate names when making SSL connections)

So i'm thnking thats going to be enough to break a bunch of stuff

Actually what i'd like to do is get a new certificate with

SN="webmail.newcompany.com"

Alternate names:

"webmail.company.com"
"autodiscover.newcompany.com"
"autodiscover.company.com"

then update all their internal and external URLs to "webmail.newcompany.com" in EMS
This will migrate everything over to the new domain name

has anyone got any idea if this will work?

I havent seen anything out there that covers a company name change as a scenario for altering certificates and exchange URLs
All the documentation seems to assume you set this stuff up at the start, and dont change it.

im really not sure of the impact on existing Outlook / Outlook Anywhere users of changing the certificate CN, and the urls while the users are already using the old ones. I dont fully know the impact on the availability, autodiscovery, and address book services etc, and cut them off from exchange completely

Am i correct in thinking that if there are any problems - wherever a user is located, i can just get them to do a'repair' on their mail account settings thereby forcing outlook to do a new autodiscovery?

I was thinking even if everything gets FUBAR in outlook, the 'repair' (autodiscovery) process should get all the internal and external URL information on the client lined up again, and back in tune with the new CAS SSL subject name

Anyone give me a steer on this? because i cant do it in the lab

I'm trying to revert a precanned management role "Mailbox Import Export" to the default out-of-the-box state. Some time ago, someone removed a handful of parameters and entries from it.

When I try to just add them back I get an error "The precanned management role "Mailbox Import Export" can't be modified."

I understand that it's not normally done, and some people think its not possible to do. But someone figured out how to remove entries in the past -- now I have to figure out how to put them back.

Anyone have any experience with this?

Also, is it possible to modify assigned management roles? This role is already a member of a group & has some assignments. If possible, I'd like to modify it in-place.

Hi,

I'm working on a migration of a rather small site from 2003 to 2010. For the most part, everything is working. I have moved about 10 accounts, and all are accessible via Outlook, OWA and activesync with no problems. I did the "swing method" the 2003 still lives but, waiting till everything is working fine before removing it from the network.

Most work fine after being moved but, there are 2 (important ones), that can access via Outlook and ActiveSync but, OWA does not work. After checking over some permissions (activesync did not work to start but, after troubleshooting, I got that working). Others work fine, so, I can only assume it's got something to do with the accounts, not the server.

What happens when one of these users log into owa, it just hangs with a hourglass and if I let it sit, it will sit for a long time. No errors in the event log or anything I can see. I have tried <domain>\<user> and <user> (I did set it to not need domain).

Can someone help direct me to how I can troubleshoot this one ? I see nothing in the event log showing a problem(as it never errors out) and would love to figure out what is going on with these 2 accounts.

These 2 accounts are older and larger accounts (over 1gb), they were also one of the very first accounts on the server when setup back in 2005ish.

any idea on where to go from here on this one ?

Thanks in advance for anyone's help here !

-Dave

Hi,

how can I delegate Distribution List management to an AD-group? All I find are articles how to delegate management to end-users or how to add separate users. But I would like to delegate the management to a group.

If I try command:
Set-DistributionGroup -Identity deliveryGroup -ManagedBy "SDGroup"

I get error:

The group "xxx.xxx" can't be managed by recipient "xxxx/groupxxx"
The owner of the group should have the following recipient type details: Us
erMailbox,LegacyMailbox,SharedMailbox,MailUser,LinkedMailbox,RemoteUserMailbox,RemoteSharedMailbox,MailContact,User

BR,

Exchange 2010 - Outlook 2007

Here's the problem.  We are looking to export around 200 mailboxes into pst's -- but some of the mailboxes (around 20) are in the ballpark of 10 Gb.  I'm looking at the Export-Mailbox function of PowerShell, but it seems as if it will export the mailbox in one large pst.  I'm under the impression that pst's shouldn't be larger than 2 Gbor you run the risk of corruption.  Is there any variable in PowerShell to break the pst's down into chunks?  I've seen a vb script online and some free tools -- unfortunately I will not be able to use these due to the nature of my job.  I will only be able to use Microsoft approved tools.  All of the users that have large mailboxes are remote users using OWA and I don't trust them to archive their mailboxes locally.  If anyone has any suggestions I would truly appreciate it!!!!

Hi there,

on our Exchange 2013 server we find that Outlook and OWA are both working fine. Mac users can't connect. This seems to be related to the following error [sorry for the Dutch language]:

Basically it complains that an endpoint is already bound to the URI.

WebHost failed to process a request.
 Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/34026242
 Exception: System.ServiceModel.ServiceActivationException: De service /EWS/exchange.asmx kan niet worden geactiveerd als gevolg van een uitzondering tijdens de compilatie. Het uitzonderingsbericht is: Er is reeds een bindingsexemplaar gekoppeld aan luister-URI https://bilbo.ourdomain.loc:444/EWS/Exchange.asmx/http. Als twee eindpunten dezelfde LuisterURI willen delen, moeten ze ook hetzelfde bindingsobjectexemplaar delen. De twee conflicterende eindpunten zijn opgegeven in AddServiceEndpoint()-aanroepen, in een configuratiebestand, of in een combinatie van AddServiceEndpoint() en configuratiebestand. . ---> System.InvalidOperationException: Er is reeds een bindingsexemplaar gekoppeld aan luister-URI https://bilbo.ourdomain.loc:444/EWS/Exchange.asmx/http. Als twee eindpunten dezelfde LuisterURI willen delen, moeten ze ook hetzelfde bindingsobjectexemplaar delen. De twee conflicterende eindpunten zijn opgegeven in AddServiceEndpoint()-aanroepen, in een configuratiebestand, of in een combinatie van AddServiceEndpoint() en configuratiebestand. 
   bij System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost)
   bij System.ServiceModel.ServiceHostBase.InitializeRuntime()
   bij System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
   bij System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   bij System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(ServiceActivationInfo serviceActivationInfo, EventTraceActivity eventTraceActivity)
   bij System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)
   --- Einde van intern uitzonderingsstackpad ---
   bij System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)
   bij System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath, EventTraceActivity eventTraceActivity)
 Process Name: w3wp
 Process ID: 8320

The IIS Manager has two sites ('Default Web Site', 'Exchange Back End').

For the Default Site only the bindings *:80, *:443, 127.0.0.1:80, 127.0.0.1:443 are enabled.

For the Exchange Back End only the bindings *:81, *:444 are enabled

There are no other sites. 

I have tried searching the config files by doing:

PS C:\inetpub> Get-ChildItem . -include *.config -rec | select-string -pattern "444"

This does give files under C:\inetpub\history and C:\inetpub\temp but I don't know [given the history/temp] names if I should look further here.

I have also looked at

PS C:\windows\system32\inetsrv> Get-ChildItem . -include *.config -rec | select-string -pattern "444"

This returns only a single line in config\applicationHost.config which matches what I see in the IIS Manager GUI.

Where else can I search to find the duplicate binding?

Eljakim

Hi all,

This one is giving me a headache. I have created some Room Mailboxes which I all want to act the same, which is as followed:

- Everyone (we have mailgroup with all users) has review rights
- Certain users have editor rights
- Resource Booking Attendant is disabled

Basically I want to configure these in a similar way as the old fashioned Public Folders.

I've tried a lot of settings / methods, currently I did as followed:

- Within Exchange 2010 EMC I created a Room Mailbox
- I gave myself Full Access rights
- Mailbox is automatically added to my Outlook 2013
- I right-click the calendar and go to properties. I set Default and Anonymous to no rights. I add a mailgroup with all our users and set that to review (so no creation of items / folders)

I would now expect that no users except for myself / administrator are allowed to make an appointment: WRONG. But a strange wrong this is:

- If I use Outlook 2003, I am unable to create an appointment
- If I use Outlook 2013, I am unable to create an appointment
- If I use Exchange webmail (OWA), I am unable to create an appointment
- If I use Outlook for Mac, I am unable to create an appointment
- If I use Outlook 2010, I can suddenly simply create a Meeting Request. This then sends a mail to the Room Mailbox and adds an appointment as tentative

All of the above is done with the same useraccount.

So what's up with this? I simply want to disable this tentative stuff altogether. I only want people with editor rights to create and change meetings, all the other folks should simply be reviewers unable to create anything whatsoever. Hopefully anyone here has the solution for me, thanks a lot for your time / help.

All the best, Jim.

Hi there,

I’ve just created a new universal mail-enabled distribution group and when I right click on my newly created public calendar in Outlook 2010 and select the permission tab and click on Add and select All Groups I can see my new DG but there is a little red circle beside it and when I click on it to add it is says “One or more users cannot be added to the folder access list. Non-local users cannot be given rights on this server.”

I don’t have a clue why this is.  Some distribution groups don’t have the red circle beside it and I can add those DGs into the permission tab so any help in allowing me to add that new distribution group would be much appreciated!

Out of curiosity I am using Exchange Server 2010 so if there is a better / server-side why to achieve my goal of having a public shared calendar, restricted to some people having owner rights and some having reviewer rights then please explain how I do that.

Thanks in anticipation,

Tony

Hi:  We have a server 2008R2 x64 bit.  The DC is an server 2008sp2.  Single domain.local On trying to install Exchange 2010 we get a series of errors:

1. AD doesn't exist or cannot be contacted

2. must be a member of organization Management role or enterprise admins

3. The credential for machine|Administrator is not on bind

4. The user is not logged on to a windows domain.

DCDiag >> no errors.  Have read through a lot of posts with these errros but most apply to server 2003 where there were tools used not available in 2008.  Help is greatly appreciated.  Chris

we are using a couple transport rules in exchange which look for specific header information and then stamp those messages with an SCL of 6.  That part is working fine.

The problem is that when my users add senders which were sent to spam to the "Safe Senders List" or Contacts List, it still goes to the Junk E-Mail folder.

I've tried disabling and re-enabling the junk email filtering within the mailbox, verified the users are in the safe senders list, verified the contacts were created, , but that does not have any effect.

What am I missing?

Bobby Pendino

I've been using the following script to export mailboxes in bulk (10 user test - looking to export a total of 200) using a text file:

$Export = Get-Content .\Mailbox.txt

(Saving to a Variable)

$Export|%{$_|New-MailboxExportRequest -FilePath "\\servername\pst\$($_.alias).pst"}

All the exports queue, but only one out of the 10 successfully exports -- the rest fail.  The one export that is successful exports the pst, but there's no alias associated with it (literally it's saved out as ".pst".  I've tested all ten exports manually (all ten have been successful) one at a time so I don't think it's an NTFS issue on the share I'm exporting them to.  I've also granted my account the appropriate role by using:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User AD\Administrator

When I try to export command I'm getting the following error in event viewer:

The server or share name specified in the path may be invalid, or the file could be locked. -->  The process cannot access the file <server\share\.pst> because it is being used by another process.

Any suggestions before I try to manually run each export?