Feb 24 2016

Messages awaiting directory lookup – Queue Build up on Exchange

We had an Exchange 2003 server that had a queue build up. The messages were building up in the “Messages awaiting directory lookup” queue.

After investigation we found that the server had old DNS entries which were removed and new entries were added. The queue cleared almost immediately.

If you see build up in the Messages awaiting directory lookup queue then be sure to check DNS is working as expected.


Dec 17 2015

Exchange 2010 Queue Build up with Event ID 1035

We had an interesting issue with queues building up to remote sites. In queue viewer we noted errors sending mail to different remote sites as per below:

451 4.4.0 Primary Target IP Address responded with: “235 00000xxxxxxxxx”

QueueBuildUpinQueueViewer

And in the Event Viewer we noticed event ID 1035 , MSExchangeTransport

QueueBuildUPEventViewer

At first we thought the issue has to be on the specific Exchange 2010 server trying to send the mail as it was the only server in the DAG that could not send mail to the remote servers. However, the problem was still present after restarting the Hub Transport Service on the server experiencing the above issues.

As a shot in the dark we restarted the SMTP and Hub Transport Services on the remote servers (to where the mail is destined) and the errors disappeared and the mail was sent to the remote servers.


Dec 17 2015

Provisioning Layer initialization failed error when running a cmdlet in Exchange Management Shell

I’ve had the below error a few times this year when trying to open the Exchange Management Shell or running a cmdlet.

ScriptingAgentInitializationFailed

To get this working browse to another Exchange 2010 server and copy the ScriptingAgentConfig.xml file from the working server and paste it in the same directory (as per below) on the non-working server.

The file can be found under your Exchange Installation by default c:\Program Files\Microsoft\Exchange Server\V14\Bin\CmdletExtensionAgents\


Oct 13 2015

Could not start the Microsoft Exchange IMAP4 service on Local Computer. Error 1058: The Service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

A while ago we had an Exchange 2003 server on which the IMAP service would not start. The below error was displayed after trying to start it.

IMAP Service error

We found that the Logon Profile was disabled. To resolve this do the following:

  1. Click on Start and in Run type services.msc then hit enter
  2. Look for the Microsoft Exchange IMAP4 service. Right Click it and choose Properties
  3. When the properties dialog opens click on the Log On tab
  4. Under Hardware Profile click on the profile (i.e. Profile 1) and then click on Enable
  5. Click on Apply and OK
  6. Right click the Microsoft Exchange IMAP4 service and click on Start.

The Microsoft Exchange IMAP Service should now start.


Aug 26 2015

Unable to Update a Storage Group copy and the event log shows – Event ID 2059, MSExchangeRepl

We had failed data base copies on a CCR cluster and running Update-StorageGroupCopy failed. The backups have not run for a while but I could verify that the logs were indeed present.

The best way to get around this is to run an Exchange backup and the Update the Storage Group Copy. This was not possible as wee needed to urgently get the database copies healthy.

We then had to dismount all the databases, checked that they are in a clean shut down state using eseutil.exe /mh and move the logs to a different folder. We then mounted the databases and were then able to seed the database copies.

Update-StorageGroupCopy issue


Aug 26 2015

Event ID 490, ESE – edgetransport (7868) Transport Mail Database: An attempt to open the file “\Queue\trn.chk” for read / write access failed with system error 5 (0x00000005): “Access is denied”

Yes I know. The title for this post is extremely long but thought that it would be easier to find if it’s more descriptive.

In any case. We had to rebuild a multi role server and the Hub Transport role was also installed. After the install we checked that all is good and I found that mail were queued up on the server. Further investigation showed that the Hub Transport service was not started so I tried to start it, which failed.

The event logs showed the below error. I then checked the permissions of the trn.chk file and the queue folder and found that it did not match the permissions on another server. Manually adding the permissions did not work.

The Resolution: I renamed the Queue folder to Queue.old and then started the Hub Transport service. This created a new Queue folder and database and mail were flowing again as expected.

HT Access Denied Error

 

 


Aug 1 2015

Delegate Server Admin rights to another user to install Exchange 2007

I had to delegate access to an admin in another country to let him install Exchange 2007 on his new servers. The below video shows how this works as I tested this the day before hand in my lab.

I did however run in to some problems in production as we have multiple domains. The Microsoft article below the video shows you to open cmd prompt and then run the commands. However check the following:

1. Always right click and choose “run as administrator” when opening the cmd prompt or you will get errors.
2. You need to browse to the Exchange install file (setup.com) in the cmd prompt before running the command.
3. Advise your peer to whom you’ve granted delegate access to right click on the Exchange setup.com and choose “run as administrator” otherwise he will receive access denied errors.
4. In the multi domain environment I had to run “Setup.com /NewProvisionedServer:”ServerName” /ServerAdmin User1@domain.localOrWhatYouUse instead of …
Setup.com /NewProvisionedServer:”ServerName” /ServerAdmin Domain\User1
5. Running Setup.com /NewProvisionedServer /ServerAdmin will delegate access to the server you are running the command from so make sure you add the remote server name if you need to           delegate access to the user on another server.

Here’s the Official Microsoft Article

 


Mar 6 2015

Unable to expand a distribution list in Outlook – Exchange 2003 Environment

Have you ever receive an error stating that “There was an error while expanding the list. The list was not fully expanded.” when you try and expand a distribution list in Outlook? The error looks like the one below:

list

To solve this change the list to a Universal Distribution Group. Wait for replication if need be and you will then be able to expand the list and view the members within Outlook.


Jan 8 2015

Unable to connect a disconnected mailbox – User not found error when trying to connect a mailbox to a user in Exchange

We’ve had a few instances where we need to disconnect a mailbox and reconnect it to a new user account for a user. This should be easy right? Well not always.

It’s happened more than once where we try to use the Exchange Management Console to connect the mailbox to the user account but Exchange can’t find the user account. Have a look in Active Directory and the account shows up. You then try to connect the mailbox to the user account using the Exchange Management Shell with the same results. user not found.

See below on how to get this issue resolved:

1. Open adsiedit.msc (start, run and type adsiedit.msc)
2. Search for the user
3. Open the properties for the user you need to connect the mailbox to
4. Search for the msExchRecipientTypeDetails property
5. For users, change the value from 1 to 0

Wait for replication and then reconnect the mailbox to the user account.

Thanks goes to our colleague Waleed for sharing this with us.

 


Jan 8 2015

Outlook Web Access stops working after renewing 3rd party Certificate

We had an interesting issue this week. We renewed our Exchange certificate with a 3rd party vendor. Installed the certificate on Exchange and ISA Server.

OWA access from the internet stopped working after we installed the certificates. We tested OWA internally and it worked which pointed to something on the ISA server. After a long investigation we found the issue to be ISA running on Windows 2003 which is not compatible with the Secure Hash Algorithm 2 (SHA2) family of hashing algorithms that the certificates from our 3rd party cert provider issues.

Microsoft has a hotfix available to get around this. We were able to access OWA from the internet after installing this hotfix on the ISA server running Windows 2003 Server.

The Microsoft article can be found below. You will find more technical detail within this article and have the opportunity to download the hotfix. Note that you need to restart your Windows 2003 Server after installing the hotfix.

Microsoft KB938397