Feb 13 2017

This operation requires a unique source object, but multiple objects have been found. Please remove any wildcard characters and check the data source for corruption.

You receive an error as per below when trying to restore a user’s mailbox in Exchange from a Recovery Database:

This operation requires a unique source object, but multiple objects have been found. Please remove any wildcard characters and check the data source for corruption.

I’m currently busy with a hand over at work and the engineer that will be taking over from me ran into this error when trying to restore a user’s mailbox. The Recovery Database has been created and the data has been restored to the database. The database is mounted and he was trying to run the below from the Exchange management Shell:

Restore-Mailbox -Identity “UserSurname, UserName” -RecoveryDatabase RecoveryDB -RecoveryMailbox “UserSurname, UserName” -TargetFolder RestoredEmail

He then received the error as another user in the restored database has the same Name and Surname. To get around that you need to do the following:

  1. Open the Exchange management Shell.
  2. Run: Get-MailboxDatabase -id RecoveryDatabaseName | Get-MailboxStatistics | FL > pathToYourTextFile.txt (This will dump the data in a list format)
  3. Hit Enter to export the Mailbox Statistics results to the text file.
  4. Open the text file and hit ctrl+F to open the search function.
  5. Search for the user you are trying to restore.
  6. Make a note of the user’s MailboxGUID as you will use the MailboxGUID in your restore cmdlet.
  7. Run: Restore-Mailbox -Identity “The Mailbox GUID You got from step 6” -RecoveryDatabase RecoveryDB -RecoveryMailbox “UserSurname, UserName” -TargetFolder RestoredEmail

Your restore will now copy the user’s data from the Recovery Database to the mailbox of the user as specified in your cmdlet.


Jan 10 2017

Removing mail with the same subject from the Exchange Queues

Sometimes you need to remove thousands of e-mails in your Hub Transport server queues. We see this every now and then with mail storms from an application that went off the rails or maybe with 2 mailboxes sending each other auto replies causing a mail loop.

There’s a few ways to stop the mail storm before removing the mail items in your Exchange queues but that is not the scope for this article. If you are ever in the situation of thousands of mails queued on all your Hub Transport servers then the below cmdlet should help you to quickly remove those mails from the queue. (Obviously do this with mails that are not classified as normal business or valid mail i.e. auto response loops)

  1. Get-TransportServer HubTransportServerName| Get-Queue | Get-Message -ResultSize unlimited | where {$_.Subject -eq “Paste the subject you need removed here.”} | Remove-Message -WithNDR $False

a better way might be #2 below if you don’t want to confirm deletion and have to run it across all your Hub Transport Servers: (Thanks to Clinton Hardenberg for the updated cmdlet)

2. Get-TransportServer HTServer0* | Get-Queue |where {$_.MessageCount -gt 25} | Get-Message -ResultSize unlimited | Where {$_.Subject -eq “Paste the subject you need removed here.”} |            Remove-Message -WithNDR $False -Confirm:$false

The 2nd cmdlet will use the 1st part of your server names i.e. if you have HT01, HT02 and HT03 then use HT0* to remove the mail across all your HT servers. The -WithNDR $False will delete the mail and not send an NDR which is important in this case as you will just increase the number of mails when it’s set to $True. -Confirm $False negates the need to select “A” and confirm that you want to remove the mail items from the queues.

There are other parameters you can use to define which items you want to remove but in the above examples we use the Subject as we deal mostly with mail storms by Subject as they are usually

 


Nov 14 2016

Unable to access or move a mailbox receiving error the mailbox is disabled when it’s not

If you ever try to move a mailbox and you receive an error that the mailbox is disabled but you have checked and the mailbox is not disabled then try the following:
(other errors we received was trying to access the mailbox using Outlook Web App and stating it’s disabled or from Outlook stating you need to connect to Exchange)

  • Verify that the mailbox is indeed not disabled. If not proceed to the next steps
  • Open Exchange Management Shell and run: Set-CASMailbox -Identity mailboxSMTPAddress@domain.com -MAPIEnabled $False
  • Wait for replication
  • Run: Get-CASMailbox mailboxSMTPAddress@domain.com (check that it shows MAPI Enabled is false)
  • If MAPI Enabled is false run: Set-CASMailbox -Identity mailboxSMTPAddress@domain.com -MAPIEnabled $True
  • Wait for replication
  • Run: Get-CASMailbox mailboxSMTPAddress@domain.com (check that it shows MAPI Enabled is true)
  • Try an connect to the mailbox using Outlook, Outlook Web App or moving the mailbox.
  • If you still get an error try running: Clean-MailboxDatabase DatabaseNameWhereTheMailboxIsHomed (we actually had to run this for one of the mailboxes giving us issues)

This should sort out the issue for you.


Sep 13 2016

Error due to mismatch of GUID: Recipient “NameOfRecipient” has mismatched Archive GUID

You receive the error “Recipient “NameOfRecipient” has mismatched Archive GUID” when you try and off board a mailbox from Exchange Online to on premises Exchange.

Follow the below steps o resolve the issue and migrate the mailbox back to the on premises Exchange environment:

  1. Logon to Exchange Online using Powershell.
  2. Run: get-mailbox user | fl *archiveguid*
  3. Make a note of the GUID
  4. Open Exchange Management Shell on premises
  5. Run: Get-RemoteMailbox User | fl *archiveguid*
  6. You should see that the GUID on prem is different to the GUID from Exchange Online
  7. To resolve, in Exchange Management Shell on prem run: Set-RemoteMailbox User -ArchiveGuid “GUID you got from Exchange Online”

The above should work without any issues but we had an issue where the mailbox in question was migrated from Exchange 2007, we want to migrate it back to an Exchange 2010 DAG and received the below error when trying to set the GUID as per step 7 above:

Property Archive GUID can’t be set on on this object because it requires the object to have version 0.10 (14.0.100.0) or later. The object’s current version is 0.1 (8.0.535.0)

To resolve the above error follow the below steps:

  1. Open Active Directory Users and Computers
  2. Make sure you choose view -> Advanced Features
  3. Browse to the User, right click on the user and choose Properties
  4. Click on the Attribute Editor Tab
  5. Look for MSExchVersion and open it
  6. We had to change the version to Exchange 2010 from 2007. Thus change the data to 44220983382016
  7. Click OK
  8. Wait for replication and run the Set-RemoteMailbox User -ArchiveGuid “GUID you got from Exchange Online” again from Exchange Management Shell on prem.
  9. Wait for replication
  10. Run get-mailbox User | fl *archiveguid* and make sure the GUID has now been changed to the GUID you found in Exchange Online
  11. Proceed to migrate the mailbox to on prem after the GUID has been set

The Exchange Version AD Attributes are:

Exchange 2010: 44220983382016

Exchange 2007: 4535486012416

We used the below 2 web articles / blogs which assisted us greatly. Please check out these articles as well as they were the sources used to resolve the above mentioned issues:

Paul Cunningham’s ExchangeServerPro.com website:

The Article which describes how to get the Archive GUID and set it on prem.

Technotip blog.

Here we found the attribute values for the Exchange versions.

 

 


Sep 7 2016

There is currently no route to the distribution group expansion server

You see the error “There is currently no route to the distribution group expansion server” in a stuck message from your Exchange Hub Transport server submission queue.

To resolve this:

  1. Make note of the distribution group in the recipient information tab.
  2. Search for the Distribution Group in Exchange Management Console
  3. Right click on the group and choose properties
  4. Go to the Advanced tab
  5. Untick the box next to “Set expansion server”

You might have to restart the Hub Transport or SMTP service depending on your Exchange version.

We found this happened because the Expansion server was removed from the environment and not accessible. Another cause could also be the deletion of a routing group in Exchange 2003.

 


Aug 12 2016

Unable to see remote mailbox on the on premises Exchange servers but can see it in Exchange Online

We’ve had a few instances where a user could not receive mail into their Exchange Online mailbox. Upon investigation we noted the onmicrosoft.com address is the primary SMTP address for the user and that the remote mailbox object is not available in Exchange on premises.

To resolve this do the following:

  • Open Active Directory Users and Computers (dsa,msc from start -> run)
  • Click on View -> Advanced Features
  • Do a search for the user who has the issue as per above
  • Right click on the user and choose properties
  • Click on Object and make a note of the path
  • Close the search you made.
  • Now navigate in Active Directory Users and Computers to the user by dropping down through the OU’s etc.
  • Right click on the user and choose properties
  • Click on Attribute Editor (Note that changes made here could break something so make sure you compare it to a working user just in case)

Now you need to look for the below entries and change them or ensure they are set correctly as per below:

  • homeMDB – <not set>
  • homeMTA – <not set>
  • msExchHomeServerName  – <not set>
  • msExchRemoteRecipientType – 6
  • msExchRecipientDisplayType – (-2147483642)
  • msExchRecipientTypeDetails – (2147483648)
  • proxyAddress – check SMTP addresses are all there and correct
  • targetAddress – smtp:alias@yourdomain.mail.onmicrosoft.com (check this against a working user in your environment)


Dec 17 2015

Exchange 2010 Queue Build up with Event ID 1035

We had an interesting issue with queues building up to remote sites. In queue viewer we noted errors sending mail to different remote sites as per below:

451 4.4.0 Primary Target IP Address responded with: “235 00000xxxxxxxxx”

QueueBuildUpinQueueViewer

And in the Event Viewer we noticed event ID 1035 , MSExchangeTransport

QueueBuildUPEventViewer

At first we thought the issue has to be on the specific Exchange 2010 server trying to send the mail as it was the only server in the DAG that could not send mail to the remote servers. However, the problem was still present after restarting the Hub Transport Service on the server experiencing the above issues.

As a shot in the dark we restarted the SMTP and Hub Transport Services on the remote servers (to where the mail is destined) and the errors disappeared and the mail was sent to the remote servers.


Aug 26 2015

Unable to Update a Storage Group copy and the event log shows – Event ID 2059, MSExchangeRepl

We had failed data base copies on a CCR cluster and running Update-StorageGroupCopy failed. The backups have not run for a while but I could verify that the logs were indeed present.

The best way to get around this is to run an Exchange backup and the Update the Storage Group Copy. This was not possible as wee needed to urgently get the database copies healthy.

We then had to dismount all the databases, checked that they are in a clean shut down state using eseutil.exe /mh and move the logs to a different folder. We then mounted the databases and were then able to seed the database copies.

Update-StorageGroupCopy issue


Aug 1 2015

Delegate Server Admin rights to another user to install Exchange 2007

I had to delegate access to an admin in another country to let him install Exchange 2007 on his new servers. The below video shows how this works as I tested this the day before hand in my lab.

I did however run in to some problems in production as we have multiple domains. The Microsoft article below the video shows you to open cmd prompt and then run the commands. However check the following:

1. Always right click and choose “run as administrator” when opening the cmd prompt or you will get errors.
2. You need to browse to the Exchange install file (setup.com) in the cmd prompt before running the command.
3. Advise your peer to whom you’ve granted delegate access to right click on the Exchange setup.com and choose “run as administrator” otherwise he will receive access denied errors.
4. In the multi domain environment I had to run “Setup.com /NewProvisionedServer:”ServerName” /ServerAdmin User1@domain.localOrWhatYouUse instead of …
Setup.com /NewProvisionedServer:”ServerName” /ServerAdmin Domain\User1
5. Running Setup.com /NewProvisionedServer /ServerAdmin will delegate access to the server you are running the command from so make sure you add the remote server name if you need to           delegate access to the user on another server.

Here’s the Official Microsoft Article

 


Jan 8 2015

Outlook Web Access stops working after renewing 3rd party Certificate

We had an interesting issue this week. We renewed our Exchange certificate with a 3rd party vendor. Installed the certificate on Exchange and ISA Server.

OWA access from the internet stopped working after we installed the certificates. We tested OWA internally and it worked which pointed to something on the ISA server. After a long investigation we found the issue to be ISA running on Windows 2003 which is not compatible with the Secure Hash Algorithm 2 (SHA2) family of hashing algorithms that the certificates from our 3rd party cert provider issues.

Microsoft has a hotfix available to get around this. We were able to access OWA from the internet after installing this hotfix on the ISA server running Windows 2003 Server.

The Microsoft article can be found below. You will find more technical detail within this article and have the opportunity to download the hotfix. Note that you need to restart your Windows 2003 Server after installing the hotfix.

Microsoft KB938397