Sep 13 2016

Error due to mismatch of GUID: Recipient “NameOfRecipient” has mismatched Archive GUID

You receive the error “Recipient “NameOfRecipient” has mismatched Archive GUID” when you try and off board a mailbox from Exchange Online to on premises Exchange.

Follow the below steps o resolve the issue and migrate the mailbox back to the on premises Exchange environment:

  1. Logon to Exchange Online using Powershell.
  2. Run: get-mailbox user | fl *archiveguid*
  3. Make a note of the GUID
  4. Open Exchange Management Shell on premises
  5. Run: Get-RemoteMailbox User | fl *archiveguid*
  6. You should see that the GUID on prem is different to the GUID from Exchange Online
  7. To resolve, in Exchange Management Shell on prem run: Set-RemoteMailbox User -ArchiveGuid “GUID you got from Exchange Online”

The above should work without any issues but we had an issue where the mailbox in question was migrated from Exchange 2007, we want to migrate it back to an Exchange 2010 DAG and received the below error when trying to set the GUID as per step 7 above:

Property Archive GUID can’t be set on on this object because it requires the object to have version 0.10 (14.0.100.0) or later. The object’s current version is 0.1 (8.0.535.0)

To resolve the above error follow the below steps:

  1. Open Active Directory Users and Computers
  2. Make sure you choose view -> Advanced Features
  3. Browse to the User, right click on the user and choose Properties
  4. Click on the Attribute Editor Tab
  5. Look for MSExchVersion and open it
  6. We had to change the version to Exchange 2010 from 2007. Thus change the data to 44220983382016
  7. Click OK
  8. Wait for replication and run the Set-RemoteMailbox User -ArchiveGuid “GUID you got from Exchange Online” again from Exchange Management Shell on prem.
  9. Wait for replication
  10. Run get-mailbox User | fl *archiveguid* and make sure the GUID has now been changed to the GUID you found in Exchange Online
  11. Proceed to migrate the mailbox to on prem after the GUID has been set

The Exchange Version AD Attributes are:

Exchange 2010: 44220983382016

Exchange 2007: 4535486012416

We used the below 2 web articles / blogs which assisted us greatly. Please check out these articles as well as they were the sources used to resolve the above mentioned issues:

Paul Cunningham’s ExchangeServerPro.com website:

The Article which describes how to get the Archive GUID and set it on prem.

Technotip blog.

Here we found the attribute values for the Exchange versions.

 

 


Sep 7 2016

There is currently no route to the distribution group expansion server

You see the error “There is currently no route to the distribution group expansion server” in a stuck message from your Exchange Hub Transport server submission queue.

To resolve this:

  1. Make note of the distribution group in the recipient information tab.
  2. Search for the Distribution Group in Exchange Management Console
  3. Right click on the group and choose properties
  4. Go to the Advanced tab
  5. Untick the box next to “Set expansion server”

You might have to restart the Hub Transport or SMTP service depending on your Exchange version.

We found this happened because the Expansion server was removed from the environment and not accessible. Another cause could also be the deletion of a routing group in Exchange 2003.

 


Aug 1 2015

Delegate Server Admin rights to another user to install Exchange 2007

I had to delegate access to an admin in another country to let him install Exchange 2007 on his new servers. The below video shows how this works as I tested this the day before hand in my lab.

I did however run in to some problems in production as we have multiple domains. The Microsoft article below the video shows you to open cmd prompt and then run the commands. However check the following:

1. Always right click and choose “run as administrator” when opening the cmd prompt or you will get errors.
2. You need to browse to the Exchange install file (setup.com) in the cmd prompt before running the command.
3. Advise your peer to whom you’ve granted delegate access to right click on the Exchange setup.com and choose “run as administrator” otherwise he will receive access denied errors.
4. In the multi domain environment I had to run “Setup.com /NewProvisionedServer:”ServerName” /ServerAdmin User1@domain.localOrWhatYouUse instead of …
Setup.com /NewProvisionedServer:”ServerName” /ServerAdmin Domain\User1
5. Running Setup.com /NewProvisionedServer /ServerAdmin will delegate access to the server you are running the command from so make sure you add the remote server name if you need to           delegate access to the user on another server.

Here’s the Official Microsoft Article

 


Jan 8 2015

E-Mail delivers to Deleted Items folder

We had a shared mailbox where all the mail sent to the mailbox delivered to the deleted items folder. To resolve this do the following:

1. Open Exchange Management Shell
2. Type Get-CalendarProcessing “mailboxname” | fl and press enter
3. If AutomateProcessing shows AutoAccept in the returned results then run the next cmdlet
4. Set-CalendarProcessing “mailboxname” -automateprocessing none
5. Wait for replication and check that Get-CalendarProcessing “mailboxname” | fl shows that it’s set to :none

We verified after running the above that mail delivered to the mailbox deliveres to the Inbox as expected.

 

 


Dec 21 2014

Microsoft Exchange Replication Service Starts and then Stops

We had an Exchange 2007 CCR cluster where the passive node databases stopped seeding. After some investigation we noticed that the Exchange Replication Service starts and a second or two later stops. The event log did not give us much information, only stating that the service started and stopped again.
We checked all the databases on the passive node and noticed that they were in a dirty shut down state as the logs stopped replaying to the database a few days earlier.

Resolution that worked for us:

1. Move each database to a new folder on the disk that it resides.
2. Start the Exchange Replication Service. (We monitored the service and noted that it did not stop again.
3. Opened Exchange Management Console, chose a database and selected to update the database copy. Made sure to tick the option to delete the log files on the passive node.
4. Exchange started the seeding process and we deleted the copy of the database that was moved to the new folder to create disk space for the new seeded database.
5. Seeding finished and the copy status was healthy again for that database. We then continued with the other databases.

 

 

 

 


Aug 13 2014

E-mail address strikethrough in Exchange 2007

We had a problem when our provisioning system would not update the “managed by” property for a distribution list.

Further investigation showed that the distribution list’s e-mail address had a strike through like this: (Seen in the DL’s properties using EMC)

email@company.com

We could not add a new smtp address to the group nor delete the current address.

We then opened ADSIedit to have a more in depth look. We then noticed that the SMTP address in proxyAddresses had a space before the @ in the SMTP address. We rectified that and the strikethrough disapeared.

We made the changes and managed to provision the DL without any problems.


Jul 26 2013

Meeting requests sent to a room mailbox, replaces the Subject, with the Senders name

We received a call today where a meeting request sent to a Room mailbox shows the meeting organiser’s name in the subject line.
This can be rectified by running the following:

Exchange 2010/2013:

Set-CalendarProcessing -identity “meeting room name” -DeleteComments $true -AddOrganizerToSubject $true -DeleteAttachments $true -DeleteSubject $true

Exchange 2007:

set-mailboxcalendarsettings -identity “meeting room name” -deletesubject $false -addorganizertosubject $false

Hope this makes your life a bit easier.


Dec 28 2010

Renewing TLS Certificate on a Hub Transport Server

I received an event today advising me that the local TLS certificate has expired and needs to be renewed. Here is the event info.

TLS Cert Expired Event

We need to renew this Certificate otherwise mailflow in Exchange 2007 will stop working. To do this open Exchange Management Shell and type the following:
Get-ExchangeCertificate | fl
You will be presented with all the certs installed on the server. You need to now find the cert that has expired. An example of an expired cert is:
AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System
                     .Security.AccessControl.CryptoKeyAccessRule, System.Securi
                     ty.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {XXXX01, XXXX01.domainname.local}
HasPrivateKey      : True
IsSelfSigned       : True
Issuer             : CN=SERVER01
NotAfter           : 2010/12/28 09:33:12 AM
NotBefore          : 2009/12/28 09:33:12 AM
PublicKeySize      : 2048
RootCAType         : Unknown
SerialNumber       : 8E1600C9A48960A64F515084A643CF4D
Services           : SMTP
Status             : Invalid
Subject            : CN=SERVER01
Thumbprint         : 459CA3A8D2CE3A300839D6254ACD4A5642F25185
The easiest way to renew the above certificate is to export the first cmdlet we ran to a text file and then copying the cert. To do that do the following:
  • Get-ExchangeCertificate | fl >c:cert.txt
  • Now open the cert.txt document that you created with the above command and copy the Thumbprint of the expired cert.
  • Then run Get-ExchangeCertificate -Thumbprint c6289cd8465c99ab249c60f8893jan7d889a4afc | New-ExchangeCertificate where the thumbprint number should be the one you copied from cert.txt. (Just delete the above thumbprint and paste your thumb print in it’s place)
  • Choose yes to overwrite the old certificate. (Before you click yes make sure the thumbprint is the same as the one in cert.txt as you do not want to overwrite a different cert)
  • Run Get-ExchangeCertificate | fl and check the dates and status to see if the new cert was created successfully.

I used the following URL to assist me with renewing the Cert. There are more info on the article regarding 3rd Party Certs etc.


Dec 22 2010

How to setup Autodiscovery on Exchange 2007

This is how to setup Autodiscover for Exchange 2007 after the trusted certs have been setup:

Create an AutoDiscover DNS Record on you DC

– Open t DNS Manager.
– Expand Forward Lookup Zones then expand domain.xx
– Right-click domain.xx and select New Host(A)
– Type autodiscover and the IP Address of the Exchange 2007 server, then click on add.
– Click OK then click Done.

Configure Exchange 2007 Server

– On the Exchange server open Exchange Management Shell
– Type the following:  Set-OutlookProvider –id exch –ssl:$true and press Enter.
– Then type the following: Set-OutlookProvider –id exch –server:servername and then press Enter.