How to Disable Autodiscover in Outlook 2010/2013

There is an MS KB article to reference and Outlook 2007 and 2010 ADM files http://support.microsoft.com/kb/2612922. The ADM files attached to the article were great because they gave a way to disable the different methods Outlook uses to determine autodiscover in Outlook 2007 and 2010. Outlook (generically) uses 5 methods to determine discoverer.

1. SCP object lookup
2. Root domain query based on your primary SMTP address
3. Query for the AutoDiscover domain
4. HTTP redirect
5. SRV record query in DNS

Unfortunately Outlook 2013 is a little new and MS doesn't have a nice preconfigured ADM. That's ok because the exact same methods for autodiscover are used in 2013 as they were in previous version.

We can create a reg file for 2013 by exporting the key that gets created when the ADM is applied via GPO for 2010 and just changing the registry path. So instead of:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover

I changed it to:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\15.0\Outlook\AutoDiscover

You can change the various options from the registry file as well. They are:

"ExcludeScpLookup"=dword:00000001
"ExcludeHttpsRootDomain"=dword:00000000
"ExcludeHttpsAutoDiscoverDomain"=dword:00000000
"ExcludeHttpRedirect"=dword:00000000
"ExcludeSrvRecord"=dword:00000000

Above the SCP lookup is disabled.

 

How to use the ADModify.NET tool to add an X.500 proxy address to multiple accounts

How to use the ADModify.NET tool to add an X.500 proxy address to a user account

Admodify2.1 nolonger support X500 tab entry, thus we will have to use custom tab.

 

X500 addresses are useful once we migrated volume of mailboxes from another organization and we enabled GAL sync between Exchange organizations before migration. Lack of the lagacyExchangeDN of old organization or x500 address, migrated users may get NDR once they tried to reply to existing emails to certain users.

1. Click the Custom tab.
2. Under Custom Attribute Set, follow these steps:
3. Click to select the Make a customized attribute modification check box.
4. In the Attribute Name box, type proxyAddresses.
5. In the Attribute Value box, type the X.500 address.
   
   For example, if you want an X.500 address of /o=OldOrganization/ou=OldSite/cn=Recipients/cn=mailNickname, type the following in the Attribute Value box:
   X500:/o=OldOrganization/ou=OldSite/cn=Recipients/cn=%'mailNickname'%
   
   
   In this example, we use the %'mailNickname'% variable because we assume that the mailNickname attribute in the new organization matches the mailNickname attribute in the old organization. If these attributes do not match, use another variable.
   
   Note If the migrated user account is from an Active Directory directory service environment, use the Adsiedit tool to locate the old legacyExchangeDN attribute of the user. Then, use the old legacyExchangeDN attribute for the X.500 address.
6. Click Multivalued Append, and then click Go.

 

 

http://support.microsoft.com/kb/909271

 

Use Poolmon to identify Exchange 2010 mailbox server memory leaking issue

We have four hardware identical Cisco UCS servers that installed as Exchange mailbox servers mailbox role and joined DAG replication partners. Two local servers are working fine. However, two remote servers keeping running out of memory and we had to reboot these two servers at regular base (once a month) until we used Poolmon to identify the cause of the memory leaking, a known Cisco NIC teaming bug. Poolmon was able to identify with tag Team caused memory leaking that consumed more than 5 GB nonpaged memory before the server running out of available memory less than 20MB of 96 GB physical RAM and Hard Faults per sec pager constantly reached 100.

 

Once poolmon identify tag Team, then we used the following string to find the driver that caused the memory leaking:

 

findstr /m /l team *.sys either of system32  or \system32\drivers directory.

 

for more info, please read the following links:

 

http://forum.sysinternals.com/nonpaged-pool-memory-leak-caused-by-dire_topic16133_page3.html

 

http://blogs.technet.com/b/askperf/archive/2008/04/11/an-introduction-to-pool-tags.aspx?Redirected=true

How to Disable Attachment Filtering on Exchange 2010 Edge Transport

We had an interesting issue recently where our Exchange 2010 Edge Transport server was erroneously stripping out .docx, .xlxs, and .pdf files. 

 

There is a Microsoft KB to address the issue, however, it doesn't work for us.

 

http://support.microsoft.com/kb/2855809

The attachmentfilteragent has been enabled by default, and I wanted it off, so we needed to add an exception for our receive connector. It's not as straightforward as you would expect though to turn off attachment filtering on an Exchange 2010 Edge Transport server.

 

The first step is to see if there are any connectors on the attachment filter exception list presently.  To do so, run this command:

 

Get-AttachmentFilterListConfig
 

About the fifth line down you should see "ExceptionConnectors" which probably has nothing next to it. 

You can only turn off attachment filtering by referencing the GUID, so now we need to get the GUID of the relevant receive connector. 

 

Get-ReceiveConnector  | Format-List
 

This will give us all the properties of our Receive Connector, including the GUID, which will be listed about 10 lines up from the bottom. Now that we have the GUID, we can run the command to add the receive connector to the list of exceptions for attachment filtering by running this:

 

Set-AttachmentFilterListConfig –ExceptionConnectors [GUID]
 

Replacing [GUID] with the GUID we retrieved in the previous step.

 

Finally, run Get-AttachmentFilterListConfig again and check the Exceptions line, you should now see your receive connector listed there.

 

reference link:

 

http://beccabits.com/2011/05/24/how-to-turn-off-attachment-filtering-on-exchange-2010-edge-transport/

Migrate Public Folders to Exchange 2013 From Previous Versions

 

http://technet.microsoft.com/en-us/library/jj150486(v=exchg.150).aspx

 

Move Public Folder Content from One Public Folder Database to Another Public Folder Database

Use the MoveAllReplicas.ps1 script to move all public folder content from one server to another server

 

To move all public folders in a public folder database on one server to a public folder database on another server, use the MoveAllReplicas.ps1 script. This script replaces a server with a new server in the replication list for all public folders, including system folders. For more information about using public folder scripts, see Scripts for Managing Public Folders in the Exchange Management Shell.

This example moves all public folder content from Server01 to Server02.

cd $EXscripts

.\MoveAllReplicas.ps1 -Server Server01 -NewServer Server02

 

If you are move from Exchange 2007 to Exchange 2010, you had better run the scripts from Exchange 2010 servers.

 

However, I would prefer you run the following script first, and make sure all public folders including system folders are replicated to new server first,

 

1. run Get-PublicFolder -Server OldPFServername -Recurse | FL Name,Replicas

 

If there is any issue, fix it first, say, some of old PF folders may contain leading or trialing whitespace that no longer support in new Exchange server.

 

WARNING: The Name property
contains leading or trailing whitespace, which must be removed.

 

2. use AddReplicaToPFRecursive.ps1 to replicate all Folders to new server

 

[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\AddReplicaToPFRecursive.ps1

 

AddReplicaToPFRecursive.ps1 -Server "MyEx2007Server" -TopPublicFolder "\" -ServerToAdd "MyEx2010Server"

 

3.\AddReplicaToPFRecursive.ps1 -Server "MyEx2007Server" -TopPublicFolder "\NON_IPM_Subtree" -ServerToAdd "MyEx2010Server"

 

The above command will add replica of all public folders to exchange 2010 public folder database.

Once the replica is added you can move the replica from Exchange 2007 to Exchange 2010. To do this execute the below EMS command:

4. .\MoveAllReplicas.ps1 -Server "MyEx2007Server" -NewServer "MyEx2010Server"

OfflineAddressBook, PublicFolderDatabase still points to old Exchange server

 

After migrating your Exchange server   (I've seen this in transition  from Exchange 2003 to Exchange 2007 and from Exchange 2007 to 2010) the PublicFolderDatabase for your OfflineAddressBook is still pointing to the old servers public folder store.

 

When you run the get-OfflineAddressBook | fl command or Get-OfflineAddressbook | FL Server, *public* |FL in an exchange management shell on your new server, you get a result like this:

 

At Server you see the new servername and the PublicFolderDatabase is still pointing to your old server. Public folder replica's and offline address book generation server are already moved to the new server.

 

Solutions: I found if you do the following steps you can change the PublicFolderDatabase.

 

1. Start adsiedit and browse to CN=Configuration, CN=Services, CN=Microsoft Exchange, CN=First Organization, CN=Address Lists Container, CN=Offline Address Lists and open the properties of CN=Default Offline Address List Look for the siteFolderServer attribute, here you will see the old public folder store.

 

2. Choose clear and close with ok, now you may close adsiedit.

 

3. Go to the exchange management console, Organization Configuration, Mailbox, Offline Address Book open the properties of the Default Offline Address List and go to the tab distribution. Uncheck "Outlook version 2 and 3″ at client support and "Enable public folder distribution". Make sure "Web-based distribution" is enabled. Choose apply and ok, then right click on Default Offline Address List and choose update.

4. Go back to properties and distribution and recheck "Outlook client support version 2 and 3″ and "Enable public folder distibution". Again choose apply and ok and right click and choose update. When you go back to the exchange management shell and repeat Get-OfflineAddressbook | FL Server, *public* |FL  now you now will see the PublicFolderDatabase is  pointing to your new public folder server now.

 

 

How to Delete Mail from Multiple Mailboxes

How to Delete Mail from Multiple Mailboxes

 

Issue:

I had this recently where a spam email had went around.  I needed to find a way to delete the email from every mailbox. This can be done from Powershell command:

 

NOTICE out of the box these commands are not enabled, you will need to see this article first if you have not already enabled them – Enable Export Mailbox Commands In Exchange 2010

 

http://exadminmcse.blogspot.com/2013/06/how-to-enable-export-mailbox-or-import.html

 

Once the above is done you can now proceed the following powershell cmdlet:

 

get-mailbox -result unlimited -Server YourServername | Search-Mailbox -SearchQuery 'Subject:"Your XYZ order"', 'from:"mailto:sender@xyz.com%22', 'body:"your body text"' -TargetMailbox hltest -TargetFolder "xyzspam"  -LogLevel full -DeleteContent >C:\deletedxyz10.txt

 

Where  YourServername is your mailbox server and "Your XYZ order" is the subject content, from, and body, you can search for one of them, or combination of two or three

 

You will need to use an account that has the correct permissions to give the correct permissions to the user use this command

get-mailbox -server "yourservername"| add-mailboxpermission -user administrator -AccessRights FullAccess

That command will give the correct rights to the administrator account.

 

With above commands you will be able to remove email from multiple mailboxes in Exchange 2010 and Exchange 2013.

How to Enable Export-Mailbox or Import-Mailbox Powershell commands

When using powershell in  Exchange 2010 or Exchange 2013 and you try Export-Mailbox or Import-Mailbox the commands or delete messages from multiple mailbox, you will get error since these are not available by default, we need to enable them…

 

Note, if you are running exchange 2010 SP1 and above and you are trying to delete multiple emails then go here http://www.techieshelp.com/delete-mail-from-multiple-mailboxes/

IT Solution

1) Check if you have the Exchange Server Admin Tasks installed in the Exchange Management Shell

 

Get-PSSnapin
 

2) It should not be in the list displayed as you cannot run the command. Run the command below to see what is registered.

 

Get-PSSnapin -registered
 

3) Now to install the appropriate "Admin Tasks for the exchange Server" run the command below:

 

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
 

NOTE: for MS Exchange 2007 you should change the point (3) to a command like the one below:

 

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin
 

You will now find the import and export commands are available in powershell

If you want to add multiple users or groups to be able to run these commands use the command below, it will create two new security groups with the members you specify.
New-RoleGroup -Name "Exchange Mailbox Import Export" -Roles "Mailbox Import Export" -Members "<yourdomainyourgroupname>" -DisplayName ""Exchange Mailbox Import Export" -Description "This group handles permissions to the import and export commands in powershell."

That creates a group and adds users who are allowed access to the import and export powershell commands.
New-RoleGroup -Name "Exchange Support and Diagnostics" -Roles "Support Diagnostics" -Members "" -DisplayName ""Exchange Support Diagnostics" -Description "This group handles permissions to the support diagnostics cmdlets in exchange."."

That creates a group and adds users who are allowed access to all the exchange powershell diagnostics applets

 

Get-DistributionGroupMember

1. Get-DistributionGroupMember from a regular DL

 

Get-DistributionGroupMember -identity "mydl" | Export-Csv C:\MyFile.Csv

 

Where mydl is our distribution group, and myfile.csv is the resulting CSV file.

 

2. Get-DistributionGroupMember from a Dynamic DL

 

$members = Get-DynamicDistributionGroup -Identity "dynamicgroupname"

 

Get-Recipient -RecipientPreviewFilter $members.RecipientFilter > C:\MyDDLmembersall.txt


 

How to create or remove ForeignConnector Exchange 2010

After migrating from Exchange 2007 to Exchange 2010, we are in process of decommiossion of Exchange 2007. Since we have AccuRoute Fax, so we need to change Fax ForeignConnector from Exchange 2007 Hub to Exchange 2010 Hub.

 

Here is the cmdlet we used for the migration,

 

Remove-ForeignConnector "AccuRoute Fax Connector"

New-Foreignconnector "AccuRoute Fax 10 Connector" -AddressSpaces "FAX:*;1" -SourceTransportServers "hub10-1","hub10-2", "Hub10-3"

Set-Foreignconnector -Identity "AccuRoute Fax 10 Connector" -Maxmessagesize 20Mb -dropdirectory "file://fax-10/Drop$"

 

If you need the connected be scoped for local AD site, the following cmdlet need to be run:

 

Set-Foreignconnector -Identity  "AccuRoute Fax 10 Connector" -Isscopedconnector true$

 

Email Routing Using Exchange Cost for Multiple AD Sites In Exchange 2010

Exchange 2010 uses AD Sites and Services information to route emails from one AD site to another. All site links will have a default AD cost of 100. Smaller companies might leave the configuration as it is, as they will only have a single site in most cases.

 

Larger organizations will have fairly good number of AD sites and the AD site links will be configured with the appropriate AD cost for the links. By default, Exchange 2010 uses the link which has the least AD cost to send emails from one AD site to another. You may come across organizations where the AD costs will have to be altered for an efficient email routing, but you won't be given the go ahead. This mostly happens in large organizations, as changing the existing AD site costs may affect the production network or the AD team just don't want to make any changes.

Exchange 2010 (actually 2007 as well) has a solution for the above scenario. There is a way by which you can change the email routing without making any changes to the AD site link costs. It is known as "Exchange Cost" and is not configured by default.

Once an exchange cost for a site link is specified, it overrides the AD link costs for email routing.  By going so, it only overrides the email routing topology.

 

Set-ADSiteLink –identity "link name" –ExchangeCost "cost"

The maximum message size that passes through a site link can be restricted as well. It will come in handy if the link between the site is not great. Run the command below to specify a size limit for communications between various AD sites.

Set-ADSiteLink –identity "link name" –MaxMessageSize "size"

How to restore Exchange 2007 /2010 Organizational Form Library from Backup Tape

We run issue, all suddenly all of our Exchange 2010 Orgnaizational Forms Library are missing. We have full backup of Exchange 2007 public folder server. Here are the steps we did to restore the forms only to Exchange org:

 

1. Setup a restore server in Lab with different domain from production. Install Exchange 2007 server with the same SP with production.

2. Create a public folder database with the same public folder Database name (note: storage group name could be different). right click the Database, enable the database can be overwitten by a restore.

3. create Organizational forms Library (same as production)

4. follow the following link:

http://www.slipstick.com/exchange/2010-exs/organizational-forms-library-exchange-2010/

you may skip step 3 if you are working on Exchange 2007 server.

5. dismount the public folder database

6. run restore from backup tape (we use Symantec Backup Exec 2012 R3) (note only select the database, don't select log files)

7. After the restore, the public DB was mounted  automatically.

Note: 1). we had issue to see Organizational Forms Library from Outlook when I missed Step 4 above

Note: 2). after step4 to setup PR-EForm-Local-ID 1033 (for English), I was able to see the Organization Form Library, but there are no forms at all and got error load forms failed. You don't have permission, etc.

Double check restore LAB, realized there is another Exchange 2007 public folder database but DB was dismounted due to missing drive. So move the DB to different drive with -configurationOnly option using ps cmdlet. then mount the DB with empty DB. Then enable replication from the restored the public folder server to that empty public DB for Organization Forms Library only.

8. Create mailbox on a mailbox DB with Client public folder pointing to the restored public DB.

Open Outlook, now I see all forms there.

9. follow the following link to save the resored Orgnaizational forms to PST file.

http://support.microsoft.com/kb/190994

Copy the pst to a Outlook profile with production mailbox, then copy the forms from the pst to Organizational Forms Library in production.

 

Note: If your organization users still depends on Organizational Forms Library, the follow the link to make a copy of forms to a pst file to make your life easy : http://support.microsoft.com/kb/190994

 

Setting Message Size Limits ifor Exchange 2010 organization

 

Although you may have setup Max message size on every Hub sending /receiving connectors to more than 10 MB, say 20 MB, your users may still the following error:

 

The recipient won't be able to receive this message because it's too large.

The maximum message size that's allowed is 9 MB. This message is 10 MB.

 

The organizational send and receive size limits apply to all Exchange servers in the Organization. The default is 10MB.

You can modify the organizational message size limits using the Set-TransportConfig cmdlet from the Exchange shell:

 

Set-TransportConfig -MaxReceiveSize 20MB -MaxSendSize 20MB

Exchange 2010 Legacy Relay needs to increase maximum connections per source

Move Exchange 2010 Legacy Relay (PowerPMTA) from Exchange 2003  connector server to Exchange 2010 Hub

 

you will see connections per source exceed the limit error. By default, Exchange 2010 Hub only offer 20 connection per source IP.

 

Solution:

 

Create a dedicated receiving connector for PMTA. from Exchange 2010 Powershell

 

get-receiveconnector -id "hubServername\From PMTA" |FL

 

to see what parameters need to be modified to meet your needs, then run

set-receiveconnector -id "hubServername\From PMTA"  -MaxInboundConnectionPerSource 500 -MaxInboundConnectionPercentagePersource 10

 

Note: by default, MaxInboundConnection per server is set 5000, thus 500/5000 =10%

Just finished Exchange 2010 Project

will update my Blog soon.