Jan 8 2015

E-Mail delivers to Deleted Items folder

We had a shared mailbox where all the mail sent to the mailbox delivered to the deleted items folder. To resolve this do the following:

1. Open Exchange Management Shell
2. Type Get-CalendarProcessing “mailboxname” | fl and press enter
3. If AutomateProcessing shows AutoAccept in the returned results then run the next cmdlet
4. Set-CalendarProcessing “mailboxname” -automateprocessing none
5. Wait for replication and check that Get-CalendarProcessing “mailboxname” | fl shows that it’s set to :none

We verified after running the above that mail delivered to the mailbox deliveres to the Inbox as expected.

 

 


Dec 21 2014

Microsoft Exchange Replication Service Starts and then Stops

We had an Exchange 2007 CCR cluster where the passive node databases stopped seeding. After some investigation we noticed that the Exchange Replication Service starts and a second or two later stops. The event log did not give us much information, only stating that the service started and stopped again.
We checked all the databases on the passive node and noticed that they were in a dirty shut down state as the logs stopped replaying to the database a few days earlier.

Resolution that worked for us:

1. Move each database to a new folder on the disk that it resides.
2. Start the Exchange Replication Service. (We monitored the service and noted that it did not stop again.
3. Opened Exchange Management Console, chose a database and selected to update the database copy. Made sure to tick the option to delete the log files on the passive node.
4. Exchange started the seeding process and we deleted the copy of the database that was moved to the new folder to create disk space for the new seeded database.
5. Seeding finished and the copy status was healthy again for that database. We then continued with the other databases.

 

 

 

 


Aug 13 2014

E-mail address strikethrough in Exchange 2007

We had a problem when our provisioning system would not update the “managed by” property for a distribution list.

Further investigation showed that the distribution list’s e-mail address had a strike through like this: (Seen in the DL’s properties using EMC)

email@company.com

We could not add a new smtp address to the group nor delete the current address.

We then opened ADSIedit to have a more in depth look. We then noticed that the SMTP address in proxyAddresses had a space before the @ in the SMTP address. We rectified that and the strikethrough disapeared.

We made the changes and managed to provision the DL without any problems.


Jul 7 2014

Deleting disconnected Mailboxes in Exchange 2007

Purging disconnected mailboxes in Exchange 2003 was quick and easy.

With Exchange 2007 you need to use the Exchange Management Shell to purge/delete the disconnected mailboxes. Below are some examples on how to delete disconnected mailboxes in Exchange 2007. Make sure that you need to delete the disconnected mailboxes as it’s easier to reconnect a disconnected mailbox if a user account and mailbox got deleted by accident.

Delete a specific disconnected mailbox:

1. Get-MailboxDatabase (this will show you  the database names)
2. Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid (view the user’s GUID here)
3.  Remove-Mailbox -Database Type Your Database Name Here -StoreMailboxIdentity Type the Users Mailbox GUID Here -confirm:$false

Delete all disconnected mailboxes from a specific database:

First create a variable $users as per point 1

1. $users = Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid
2. $users | ForEach { Remove-Mailbox -Database “Type Your Database Name Here” -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }

All the disconnected mailboxes in the specific database will now be deleted.


Sep 25 2013

Out of Office not working – Using Exchange Autodiscover Redirect

Had an interesting one today with a bit of a lesson at the end of the article.

Scenario:

Users are able to connect to Exchange with Outlook, send and receive mails etc. Users are however unable to set up their Out of Office using Outlook but they are able to set it using Outlook WebApp. We have a hybrid Exchange environment with 2010 and 2007 CAS servers. In the back-end we are running an Exchange 2007 CCR Cluster.

Past troubleshooting with regards to Out of Office not working has taught me to check and test autodiscover. I bet that the OAB is also not downloading?
I ran the normal checks such as checking the certificates and running nslookup to see if autodiscover.domain.com redirects to autodiscoverredirect.domain.com asn it did.

My next step was to check IIS as I’ve had a previous issue there. Low and behold I noticed that an ex-admin used his credentials for authentication. This caused issues as the admin’s account has been deleted a few days ago as he left our company. I then created a service account and added the credentials in IIS to ensure that this does not happen again. Users reported that Out of Office is working again.

Below are some screenshots for where I changed the credentials. Note that when I tried opening any settings under the Autodiscoverredirect Webpage in IIS that the error explicitly told me that the account for admin-abc had problems authenticating. The challenge was that I was not too sure where this is supposed to be changed. But here you go:

1. Open IIS on your CAS server and browse to Sites => AutodiscoverRedirect (Or whatever you named it)

Capture1

2. On the right click on “Advanced Settings”

Capture2

3. Click on “Physical Path Credentials” and then set. Add your service account credentials and save.

Capture3

This solved my issue with redirection.

Lesson: No matter how many years of experience admins have, the still seem to take the quick route of using their personal credentials where a service account should be used causing issues for your users and customers. Don’t be a lazy engineer and use the service accounts and remember to document EVERYTHING!


Jul 26 2013

Meeting requests sent to a room mailbox, replaces the Subject, with the Senders name

We received a call today where a meeting request sent to a Room mailbox shows the meeting organiser’s name in the subject line.
This can be rectified by running the following:

Exchange 2010/2013:

Set-CalendarProcessing -identity “meeting room name” -DeleteComments $true -AddOrganizerToSubject $true -DeleteAttachments $true -DeleteSubject $true

Exchange 2007:

set-mailboxcalendarsettings -identity “meeting room name” -deletesubject $false -addorganizertosubject $false

Hope this makes your life a bit easier.


Apr 8 2011

OWA redirect URL error or stating you should use HTTPS when no certs are used

We’ve had an issue where we log on to the OWA URL and the site either gives us a redirect URL error or ask us to use https:// instead of  http:// when we are not using SSL/certs

Eventually we logged into powershell and recreated all the OWA virtual directories. This solved the issue and we could access OWA again.


Jan 5 2011

OoO not working because AutoDiscover does not work



1     First: Always check Certificates and DNS

 

 

1.1 Check if your certificates are configured correctly and if they have expired.

 

Open the Exchange Management Console and run: Get-ExchangeCertificate | fl
Review your certificates and ensure that they have not expired

1.2 Check DNS

 

A good way to test DNS is using NSLOOKUP. Open cmd and type nslookup and hit enter.
(In our case we need to run nslookup to our client’s autodiscover address to test redirection as we user autodiscover redirect.)

 

Type autodiscover.yourdomain.com (or .net etc.) this should return with the redirect address as per below screenshot.

 

 

 

 

 

 

 

  1.3 Additional Tests

 

You should also run the below tests in Outlook and in a Web Browser to test Autodiscover:

 

Outlook:

 

Hold Ctrl and Right click on the Outlook Icon in the task bar. Then choose “Test E-mail AutoConfiguration”.

Within the dialog box type your e-mail Address, password and untick Use Guessmart and Secure Guessmart Authentication. Then click on “Test”

 

 

 

 

  

  

  

  

  

  

  

  

  

  

  

    

The test should be successful with doing a redirect.

You could also test autodiscover using http://testexchangeconnectivity .com but make sure there is no mail in the mailbox and OoO is not on as it will spit out an error.

  

2     IIS Settings

 

We found that the problem we had had nothing to do with DNS or Certs but the tests still failed. While testing the rules on ISA we saw an entry that pointed us to the following location.

 

IIS=>Computer Name=>Websites=>AutoDiscoverRedirect=>AutoDiscover=>AutoDiscover.xml

 

Right Click on AutoDiscover.xml ans untick the following tick box.

 

 

 

This resolved the issue and all AutoDiscover tests where successful. OoO and OAB was working once again.

 

Note: When we restarted IIS we noticed that the tick was back and we had to untick the checkbox again. We are still looking into this.


Dec 28 2010

Renewing TLS Certificate on a Hub Transport Server

I received an event today advising me that the local TLS certificate has expired and needs to be renewed. Here is the event info.

TLS Cert Expired Event

We need to renew this Certificate otherwise mailflow in Exchange 2007 will stop working. To do this open Exchange Management Shell and type the following:
Get-ExchangeCertificate | fl
You will be presented with all the certs installed on the server. You need to now find the cert that has expired. An example of an expired cert is:
AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System
                     .Security.AccessControl.CryptoKeyAccessRule, System.Securi
                     ty.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {XXXX01, XXXX01.domainname.local}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=SERVER01
NotAfter           : 2010/12/28 09:33:12 AM
NotBefore          : 2009/12/28 09:33:12 AM
PublicKeySize      : 2048
RootCAType         : Unknown
SerialNumber       : 8E1600C9A48960A64F515084A643CF4D
Services           : SMTP
Status             : Invalid
Subject            : CN=SERVER01
Thumbprint         : 459CA3A8D2CE3A300839D6254ACD4A5642F25185
The easiest way to renew the above certificate is to export the first cmdlet we ran to a text file and then copying the cert. To do that do the following:
  • Get-ExchangeCertificate | fl >c:cert.txt
  • Now open the cert.txt document that you created with the above command and copy the Thumbprint of the expired cert.
  • Then run Get-ExchangeCertificate -Thumbprint c6289cd8465c99ab249c60f8893jan7d889a4afc | New-ExchangeCertificate where the thumbprint number should be the one you copied from cert.txt. (Just delete the above thumbprint and paste your thumb print in it’s place)
  • Choose yes to overwrite the old certificate. (Before you click yes make sure the thumbprint is the same as the one in cert.txt as you do not want to overwrite a different cert)
  • Run Get-ExchangeCertificate | fl and check the dates and status to see if the new cert was created successfully.

I used the following URL to assist me with renewing the Cert. There are more info on the article regarding 3rd Party Certs etc.


Dec 22 2010

How to setup Autodiscovery on Exchange 2007

This is how to setup Autodiscover for Exchange 2007 after the trusted certs have been setup:

Create an AutoDiscover DNS Record on you DC

– Open t DNS Manager.
– Expand Forward Lookup Zones then expand domain.xx
– Right-click domain.xx and select New Host(A)
– Type autodiscover and the IP Address of the Exchange 2007 server, then click on add.
– Click OK then click Done.

Configure Exchange 2007 Server

– On the Exchange server open Exchange Management Shell
– Type the following:  Set-OutlookProvider –id exch –ssl:$true and press Enter.
– Then type the following: Set-OutlookProvider –id exch –server:servername and then press Enter.