This post is a follow-on post to the SystemMailbox post from last week.
Here I’m talking about System Attendant mailbox in Exchange 200x.
System Attendant mailbox
What is it and what is it used for?
Each
Exchange 200x server has one (and hopefully only one) System Attendant
mailbox. If the server has a System Attendent mailbox (note the
misspelling), someone has probably been messing around with the server.
Yes, I put that in mostly so it would be indexed with the incorrect
spelling as a keyword also. J
The System Attendant
mailbox has a folder within it called
SpecialPrivateFolderForFreeBusyStorage. This folder is used when CDO or
OWA push Free/Busy information up to the store through the
MSExchangeFBPublish process.
System Attendant mailbox is
also required to be available during mailbox moves. For instance, if
you have the mailbox store containing the System Attendant mailbox
dismounted during a mailbox move, the move will fail and you’ll find
events 9175, 9167, and 1008 in your application event log (see
KB.264413).
The SA mailbox is also used to send and receive the messages used by the legacy link monitoring service.
Where can it be found?
There
are two parts to make up the complete System Attendant mailbox: a
directory object and a mailbox object. The directory object is the
actual System Attendant object in the configuration container (ie, at a
location like: CN=Microsoft System
Attendant,CN=<servername>,CN=Servers,CN=<sitename>,CN=Administrative
Groups,CN=<orgname>,CN=Microsoft
Exchange,CN=Services,CN=Configuration,CN=<domain> ). This
directory object hosts all of the directory attributes associated with
the system attendant. There is also a mailbox object, stored in the
first Mailbox store created on an Exchange 200x server. This is
generally the “Mailbox Store (servername)” store.
When does it get created? Can it be moved and/or recreated?
The
System Attendant mailbox is created when the System Attendant is
created on a server. It is associated with the first mailbox store
created on a server.
If an attempt is made to delete the mailbox store containing the System Attendant mailbox, the following warning will appear:
“Deleting
this mailbox store may result in the loss of system messages used by
Exchange, such as Free/Busy or Key Management Security. If you choose to
continue, you need to restart the system attendant service after the
store is deleted.”
If the store is then deleted, the
System Attendant mailbox will be moved automatically into another
mailbox store on the server (ie – the HomeMDB value on the directory
object will be updated). System Attendant service will have to be
restarted to reconfigure MSExchangeFBPublish to use the new mailbox
location, and the mailbox object may not reappear under the “Mailboxes”
node of ESM until it is used in the future.
If there is a
System Attendant directory object but no mailbox object (ie – one good
cause of this is dropping in a blank store for troubleshooting), the
mailbox store object will be recreated automatically in the mailbox
store referenced by the HomeMDB attribute as soon as it’s needed.
How can I log onto the System Attendant mailbox?
It can be done, but it’s a fairly complicated set of steps and you’ll have to call PSS to get them.
SHOULD I log on to the System Attendant mailbox?
Probably not. I can’t think of any good reasons for accessing this mailbox without PSS directing you to do so.
What happens if I don’t have a proper System Attendant mailbox?
If
there’s no System Attendant mailbox available on a server (and in a
mounted and functional mailbox store), anything that requires it will
almost certainly fail. You’ll see 9175 events logged in the application
log, indicating a failure to logon to this mailbox by the system. You’ll
see OWA-generated Free/Busy information not getting updated. You’ll see
mailbox moves fail. It’s a very important mailbox to have configured
properly and available!
(Added some more on Dec 27, 2004):
Should I delete it? Do I have to delete it before I can uninstall the Exchange server?
Nope,
definitely should not delete it. If you’re getting the error “One or
more users currently use this mailbox store. These users must be moved
to a different mailbox store or be mail disabled before deleting this
store. ID no: c1034a7f Exchange System Manager” when trying to remove
the mailbox store or uninstall the server, this is not due to the System
Attendant Mailbox. Have a look at KB.279202 for more information on how
to determine which mailbox is causing this behavior.
Search This Blog
Saturday, 2 June 2012
How to Configure a Relay Connector for Exchange Server 2010
Taken from:
http://exchangeserverpro.com/how-to-configure-a-relay-connector-for-exchange-server-2010
In most Exchange Server 2010 environments there will be the need to allow relaying for certain hosts, devices or applications to send email via the Exchange server. This is common with multi-function devices such as network attached printer/scanners, or applications such as backup software that send email reports.
SMTP communication is handled by the Hub Transport server in an Exchange organization. The transport service listens for SMTP connections on it’s default Receive Connector. However, this connector is secured by default to not allow anonymous connections (ie, the type of connection most non-Exchange systems will be making).
You can see this in effect if you telnet to the server on port 25 and try to initiate unauthenticated SMTP communications.
220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 19:42:27 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: somebody@hotmail.com
530 5.7.1 Client was not authenticated
For some Hub Transport servers that are internet-facing, anonymous connections may already be enabled. In those cases relay would still be denied but will behave differently than the first example.
220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:01:44 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: somebody@hotmail.com
250 2.1.0 Sender OK
rcpt to: somebody@gmail.com
550 5.7.1 Unable to relay
You’ll note that relay is denied if I try to send from an @hotmail.com address to an @gmail.com address, because neither is a valid domain for the Exchange organization. But with Anonymous Users enabled on the Receive Connector I can send from an @hotmail.com address to a valid local address.
220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:05:54 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: somebody@hotmail.com
250 2.1.0 Sender OK
rcpt to: alan.reid@exchangeserverpro.local
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
test
.
250 2.6.0 [In
ternalId=2] Queued mail for delivery
However if I try to relay out to an external recipient, the Exchange server does not allow it.
220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:11:27 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: backups@exchangeserverpro.net
250 2.1.0 Sender OK
rcpt to: alerts@managedserviceprovider.com
550 5.7.1 Unable to relay
To permit a non-Exchange server to relay mail we can create a new Receive Connector on the Hub Transport server. Launch the Exchange Management Console and navigate to Server Management, and then Hub Transport. Select the Hub Transport server you wish to create the new Receive Connector on, and from the Actions pane of the console choose New Receive Connector.
- newreceiveconnector01.png (48.71 KiB) Viewed 4 times
Give the new connector a name such as “Relay ” and click Next to continue.
- newreceiveconnector02.png (12.04 KiB) Viewed 4 times
You can leave the local network settings as is, or optionally you can use a dedicated IP address for this connector if one has already been allocated to the server. Using dedicated IP addresses for each connector is sometimes required if you need to create connectors with different authentication settings, but for a general relay connector it is not necessary to change it.
- newreceiveconnector03.png (5.81 KiB) Viewed 4 times
Highlight the default IP range in the remote network settings and click the red X to delete it.
- newreceiveconnector04.png (6.2 KiB) Viewed 4 times
Now click the Add button and enter the IP address of the server you want to allow to relay through the Exchange server. Click OK to add it and then Next to continue
- newreceiveconnector05.png (8.53 KiB) Viewed 4 times
Click the New button to complete the wizard.
The Receive Connector has now been created but is not yet ready to allow the server to relay through it. Go back to the Exchange Management Console, right-click the newly created Receive Connector and choose properties.
Select the Permission Groups tab and tick the Exchange Servers box.
- newreceiveconnector07.png (3.58 KiB) Viewed 4 times
Select the Authentication Tab and tick the Externally Secured box.
- newreceiveconnector06.png (5.37 KiB) Viewed 4 times
Apply the changes and the Receive Connector is now ready for the server to relay through.
220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:31:00 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: backups@exchangeserverpro.net
250 2.1.0 Sender OK
rcpt to: alerts@managedserviceprovider.com
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
test
.
250 2.6.0 <924bab1e-0f07-4054-8700-d121577993b4@EX3.exchangeserverpro.local> [In
ternalId=3] Queued mail for delivery
Because the remote IP range has been secured to that single IP address, any other servers on different IP addresses still won’t be able to relay through the Exchange Server. From any other IP address not included in the remote IP range on the Receive Connector relay will be denied.
220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:46:06 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.2]
mail from: backups@exchangeserverpro.net
250 2.1.0 Sender OK
rcpt to: alerts@managedserviceprovider.com
550 5.7.1 Unable to relay
You can later add more IP addresses, IP ranges, subnets, or even add multiple IP addresses to the Receive Connector using a script if necessary.
Useful Exchange Commandlets
Get Mailbox
Get-MailboxStatistics | where {$_.TotalItemSize -gt 1MB} | sort-object DatabaseName, TotalItemSize,LastLogonTime | format-table DisplayName, @{expression={$_.TotalItemSize.Value.ToMB()};label=”TotalItemSize(MB)”}, LastLogonTime, DatabaseName
(This will give you info on the selected users mailbox size, last login time and database)
Get-MailboxStatistics | where {$_.TotalItemSize -gt 1MB} | sort-object DatabaseName, TotalItemSize,LastLogonTime | format-table DisplayName, @{expression={$_.TotalItemSize.Value.ToMB()};label=”TotalItemSize(MB)”}, LastLogonTime, DatabaseName
(This will give you info on the selected users mailbox size, last login time and database)
you could use:
Get-MailboxStatistics –id “User name” |fl displayname,totalitemsize
Message Trackign log:
Get-MessageTrackingLog -Start "04/13/2009 9:00AM" -End "04/26/2009 5:00PM" -Sender "jamesluo@sg.com" | Select-Object Timestamp,Sender, {$_.recipients}, MessageSubject | export-csv c:\QueryAllRecipients.csv
Add full mailbox permission:
Add-MailboxPermission -Identity 'CN=Journal Technical,OU=Technical,DC=EGRP,DC=local' -User 'EGRP\Domain Admins' -AccessRights 'FullAccess'
How To Check Exchange Database Size with PowerShell
Get-MailboxDatabase -Status | select ServerName,Name,DatabaseSize
Edge Sync
Start-EdgeSynchronization -Server Hub1
Calendar Permissions:
add-MailboxFolderPermission -Identity DarrenBos:\calendar -AccessRights Editor -User Scotteastman
Which Servers are people logged onto
Get-LogonStatistics -Identity "seastman" |fl clientname
Message Tracking
Get-Exchangeserver | where {$_.isHubTransportServer -eq $true -or $_.isMailboxServer -eq $true} | Get-Messagetrackinglog -sender user@domain.com -MessageSubject "Subject of message” -Start "8/27/2010 7:00 AM" -End "8/27/2010 11:00 AM" | Select-Object Timestamp,Clienthostname,eventid,source,sender,@{Name="Recipients";Expression={$_.recipients}},Recipientcount,serverhostname,SourceContext | Export-Csv c:\temp\Messageinfo.csv
Search mailbox - then put results into my mailbox in folder called XEN:
Search-Mailbox -Identity zwood -SearchQuery "From:'cs@enta.net'" -TargetMailbox seastman -TargetFolder "XEN" -LogLevel Full
Removing Emails from all mailbox's
Get-Mailbox -database "ENTA IT" -resultsize unlimited | Search-Mailbox -SearchQuery "From:'*@*.acidkrew.com'" -DeleteContent
Get-Mailbox -resultsize unlimited | Search-Mailbox -SearchQuery "From:'xraytechnician.ekcgen@aqveii.acidkrew.com'" -DeleteContent
Get-Mailbox -resultsize unlimited | Search-Mailbox -SearchQuery "From:'User X' To:'All Email Users'" -DeleteContent
Get-Mailbox -resultsize unlimited | Search-Mailbox -SearchQuery "Subject: Update Your E-Mail Details Account" -DeleteContent
Tracking Emails
get-messagetrackinglog -Server "ourExch2007" -Start "10/25/2009 9:34:00 AM" -End "11/6/2009 9:44:00 AM" -resultsize unlimited |where {$_.Sender -like "*@domain.com"}
Wondering how many log files are generated per database every minute? Quickly find out by typing:
Get-MailboxDatabase -Server $env:ComputerName | %{ Get-ChildItem -Path $_.LogFolderPath -Filter "*????.log" | Group-Object -Property {$_.LastWriteTime.Day,$_.LastWriteTime.Hour,$_.LastWriteTime.minute} | ?{$_.Count -gt 1} | Measure-Object - Property Count -Min -Max -Ave }
Mailbox Size
Get-MailboxStatistics -server exchangemb11 | Sort-Object TotalItemSize -Descending | ft Display
Name,@{label="TotalItemSize(MB)";expression={$_.TotalItemSize.Value.ToMB()}},ItemCount | Format-List > c:\file.txt
Export Mailbox Request
New-MailboxExportRequest -Mailbox journal1 -FilePath "\\vmmlibrary\Exchange_Backup\Journal Backup\Master Journal\Journal1.pst"
Get-MailboxStatistics –id “User name” |fl displayname,totalitemsize
Message Trackign log:
Get-MessageTrackingLog -Start "04/13/2009 9:00AM" -End "04/26/2009 5:00PM" -Sender "jamesluo@sg.com" | Select-Object Timestamp,Sender, {$_.recipients}, MessageSubject | export-csv c:\QueryAllRecipients.csv
Add full mailbox permission:
Add-MailboxPermission -Identity 'CN=Journal Technical,OU=Technical,DC=EGRP,DC=local' -User 'EGRP\Domain Admins' -AccessRights 'FullAccess'
How To Check Exchange Database Size with PowerShell
Get-MailboxDatabase -Status | select ServerName,Name,DatabaseSize
Edge Sync
Start-EdgeSynchronization -Server Hub1
Calendar Permissions:
add-MailboxFolderPermission -Identity DarrenBos:\calendar -AccessRights Editor -User Scotteastman
Which Servers are people logged onto
Get-LogonStatistics -Identity "seastman" |fl clientname
Message Tracking
Get-Exchangeserver | where {$_.isHubTransportServer -eq $true -or $_.isMailboxServer -eq $true} | Get-Messagetrackinglog -sender user@domain.com -MessageSubject "Subject of message” -Start "8/27/2010 7:00 AM" -End "8/27/2010 11:00 AM" | Select-Object Timestamp,Clienthostname,eventid,source,sender,@{Name="Recipients";Expression={$_.recipients}},Recipientcount,serverhostname,SourceContext | Export-Csv c:\temp\Messageinfo.csv
Search mailbox - then put results into my mailbox in folder called XEN:
Search-Mailbox -Identity zwood -SearchQuery "From:'cs@enta.net'" -TargetMailbox seastman -TargetFolder "XEN" -LogLevel Full
Removing Emails from all mailbox's
Get-Mailbox -database "ENTA IT" -resultsize unlimited | Search-Mailbox -SearchQuery "From:'*@*.acidkrew.com'" -DeleteContent
Get-Mailbox -resultsize unlimited | Search-Mailbox -SearchQuery "From:'xraytechnician.ekcgen@aqveii.acidkrew.com'" -DeleteContent
Get-Mailbox -resultsize unlimited | Search-Mailbox -SearchQuery "From:'User X' To:'All Email Users'" -DeleteContent
Get-Mailbox -resultsize unlimited | Search-Mailbox -SearchQuery "Subject: Update Your E-Mail Details Account" -DeleteContent
Tracking Emails
get-messagetrackinglog -Server "ourExch2007" -Start "10/25/2009 9:34:00 AM" -End "11/6/2009 9:44:00 AM" -resultsize unlimited |where {$_.Sender -like "*@domain.com"}
Wondering how many log files are generated per database every minute? Quickly find out by typing:
Get-MailboxDatabase -Server $env:ComputerName | %{ Get-ChildItem -Path $_.LogFolderPath -Filter "*????.log" | Group-Object -Property {$_.LastWriteTime.Day,$_.LastWriteTime.Hour,$_.LastWriteTime.minute} | ?{$_.Count -gt 1} | Measure-Object - Property Count -Min -Max -Ave }
Mailbox Size
Get-MailboxStatistics -server exchangemb11 | Sort-Object TotalItemSize -Descending | ft Display
Name,@{label="TotalItemSize(MB)";expression={$_.TotalItemSize.Value.ToMB()}},ItemCount | Format-List > c:\file.txt
Export Mailbox Request
New-MailboxExportRequest -Mailbox journal1 -FilePath "\\vmmlibrary\Exchange_Backup\Journal Backup\Master Journal\Journal1.pst"
get-messagetrackinglog -Sender
"Jim.Woods@entagroup.com" | Select-Object Timestamp,Sender,
{$_.recipients}, MessageSubject | export-csv 'V:\IT\Exchange\LOGS\Jim
Woods\jimEdge.csv'
Use the Shell to remove a mailbox export request:
Remove-MailboxExportRequest -Identity "Ayla\MailboxExport"
Use the Shell to remove multiple mailbox export requests:
Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest
Remove-MailboxExportRequest -Identity "Ayla\MailboxExport"
Use the Shell to remove multiple mailbox export requests:
Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest
Archiving Info:
Get-Mailbox | where {$_.ArchiveDatabase -ne $null}
Get-Mailbox | where {$_.ArchiveDatabase -ne $null} | ft name, archivedatabase, archivename, archivequota, archivewarningquota -AutoSize
Find a users Archive information:
get-mailboxstatistics mailboxname –archive
Get-Mailbox -archive | Get-MailboxStatistics -archive |fl DisplayName, Total*
Get-Mailbox | where {$_.ArchiveDatabase -ne $null}
Get-Mailbox | where {$_.ArchiveDatabase -ne $null} | ft name, archivedatabase, archivename, archivequota, archivewarningquota -AutoSize
Find a users Archive information:
get-mailboxstatistics mailboxname –archive
Get-Mailbox -archive | Get-MailboxStatistics -archive |fl DisplayName, Total*
Export Tracking Logs to CSV
Export-MessageTrackingLogsForRecipient.ps1 -Recipient steve -OutputCSV .\output.csv
Export-MessageTrackingLogsForRecipient.ps1 -Recipient steve -OutputCSV .\output.csv
Mailbox Size Report:
get-mailbox | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft DisplayName,@{
label="TotalItemSize(MB)";expression={$_.TotalItemSize.Value.ToMB()}},@{label="TotalItemSize(GB)";expression={$_.TotalItemSize.Value.ToGB()}} >c:\scott4.xls
Database size report:
Get-MailboxDatabase -status | Sort-Object databaseSize -Descending |ft name,databasesize
get-mailbox | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft DisplayName,@{
label="TotalItemSize(MB)";expression={$_.TotalItemSize.Value.ToMB()}},@{label="TotalItemSize(GB)";expression={$_.TotalItemSize.Value.ToGB()}} >c:\scott4.xls
Database size report:
Get-MailboxDatabase -status | Sort-Object databaseSize -Descending |ft name,databasesize
Get Managed Folder Assistant
Get-MailboxServer | fl Name,ManagedFolderAssistantSchedule
Get Mailbox Database Copy Status
Get-mailboxdatabasecopystatus -connectionstatus | fl name,outgoingconnections,incominglogcopyingnetwork
Add Domain Admins FULL access rights to every mailbox
Get-MailboxDatabase | Add-ADPermission -user "Domain Admins" -AccessRights GenericAll
Get-MailboxServer | fl Name,ManagedFolderAssistantSchedule
Get Mailbox Database Copy Status
Get-mailboxdatabasecopystatus -connectionstatus | fl name,outgoingconnections,incominglogcopyingnetwork
Add Domain Admins FULL access rights to every mailbox
Get-MailboxDatabase | Add-ADPermission -user "Domain Admins" -AccessRights GenericAll
Enable Pipeline Tracing
Set-TransportServer -id Exchangemb11 -PipelineTracingEnabled $true -PipelineTracingSenderAddress news@entagroup.com -PipelineTracingPath "C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\PipelineTracing"
First turn it on: Set-TransportServer Server1 -PipelineTracingEnabled $True
This will create a folder called PipelineTracing and all the email messages and info will be in there
Mailbox Permission Change:
Add-MailboxPermission -Identity 'CN=Journal Master4,OU=IT,DC=EGRP,DC=local' -User 'EGRP\Domain Admins' -AccessRights 'FullAccess'
Set-TransportServer -id Exchangemb11 -PipelineTracingEnabled $true -PipelineTracingSenderAddress news@entagroup.com -PipelineTracingPath "C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\PipelineTracing"
First turn it on: Set-TransportServer Server1 -PipelineTracingEnabled $True
This will create a folder called PipelineTracing and all the email messages and info will be in there
Mailbox Permission Change:
Add-MailboxPermission -Identity 'CN=Journal Master4,OU=IT,DC=EGRP,DC=local' -User 'EGRP\Domain Admins' -AccessRights 'FullAccess'
Using web parts in Exchange OWA
https://portal.domain.com/owa/?cmd=contents&fpath=calendar&view=monthly
This will give you just the calendar for the logged on user
You can also change path=inbox / contacts / tasks etc to just view those parts
This will give you just the calendar for the logged on user
You can also change path=inbox / contacts / tasks etc to just view those parts
Exchange Mailbox Size
List Exchange users by mailbox size in Exchange 2007 & 2010
This tip shows you how to query an Exchange mail server to determine users with the largest mailboxes. This is useful if you need to move mailboxes to reduce store size, or find users to ping about reducing their mailbox.
The command to do this is as follows. You can copy-paste this into the Exchange Management Shell on your server:
Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft DisplayName,@{label="TotalItemSize(MB)";expression={$_.TotalItemSize.Value.ToMB()}},ItemCount
And you should get the following output:
DisplayName TotalItemSize(MB) ItemCount
----------- ----------------- ---------
Lastname, Firstname 1934 30959
Lastname, Firstname 1849 40519
Lastname, Firstname 1841 43277
Lastname, Firstname 1770 41790
Lastname, Firstname 1643 43348
Lastname, Firstname 1511 21973
Lastname, Firstname 1500 31290
Lastname, Firstname 1499 34474
Lastname, Firstname 1482 25253
Lastname, Firstname 1468 15313
Lastname, Firstname 1461 20534
Lastname, Firstname 1410 31545
Lastname, Firstname 1396 22245
Lastname, Firstname 1344 24807
Lastname, Firstname 1314 25633
... etc ...
The important column is the second one, TotalItemSize. As you can see the largest mailbox is listed first, and is a whopping 1.9 GB.
The breakdown of the command is as follows. Management Shell uses the powerful Unix pipeline idiom to pass and filter output between commands.
The first command is Get-MailboxStatistics which does pretty much what it sounds like it does.
This output is piped to the Sort-Object command, which orders by the TotalItemSize column in descending order.
The Sort-Object output is then transformed via pipe by the Format-Table command, ft for short. This command gives you control of how the 'table' output will be viewed. In this case it transforms TotalItemSize from bytes to megabytes, which is much easier to grok. It also selects only the columns you want to see.
This tip shows you how to query an Exchange mail server to determine users with the largest mailboxes. This is useful if you need to move mailboxes to reduce store size, or find users to ping about reducing their mailbox.
The command to do this is as follows. You can copy-paste this into the Exchange Management Shell on your server:
Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft DisplayName,@{label="TotalItemSize(MB)";expression={$_.TotalItemSize.Value.ToMB()}},ItemCount
And you should get the following output:
DisplayName TotalItemSize(MB) ItemCount
----------- ----------------- ---------
Lastname, Firstname 1934 30959
Lastname, Firstname 1849 40519
Lastname, Firstname 1841 43277
Lastname, Firstname 1770 41790
Lastname, Firstname 1643 43348
Lastname, Firstname 1511 21973
Lastname, Firstname 1500 31290
Lastname, Firstname 1499 34474
Lastname, Firstname 1482 25253
Lastname, Firstname 1468 15313
Lastname, Firstname 1461 20534
Lastname, Firstname 1410 31545
Lastname, Firstname 1396 22245
Lastname, Firstname 1344 24807
Lastname, Firstname 1314 25633
... etc ...
The important column is the second one, TotalItemSize. As you can see the largest mailbox is listed first, and is a whopping 1.9 GB.
The breakdown of the command is as follows. Management Shell uses the powerful Unix pipeline idiom to pass and filter output between commands.
The first command is Get-MailboxStatistics which does pretty much what it sounds like it does.
This output is piped to the Sort-Object command, which orders by the TotalItemSize column in descending order.
The Sort-Object output is then transformed via pipe by the Format-Table command, ft for short. This command gives you control of how the 'table' output will be viewed. In this case it transforms TotalItemSize from bytes to megabytes, which is much easier to grok. It also selects only the columns you want to see.
Search Exchange Message Tracking logs for wildcard values
Unfortunately the Exchange Management Console does not allow use of
wildcard values for things like senders and recipients. These need to be
specific user or list of users. However you can search these logs for
wildcard values using the Exchange Management Shell.
Here are two examples to search for any user at example.com. These will output the results to a text file for easier viewing. Make sure to update the date ranges and domain name as needed.
Search for messages sent TO any users at example.com:
Get-MessageTrackingLog -ResultSize Unlimited -Start "5/1/2011" -End "5/12/2011" | where{$_.recipients -like "*@example.com"} | select-object Timestamp,SourceContext,Source,EventId,MessageSubject,Sender,{$_.Recipients} | export-csv C:\ExchangeLogResults.txt
Search for messages sent FROM users at example.com:
Get-MessageTrackingLog -ResultSize Unlimited -Start "5/1/2011" -End "5/12/2011" | where{$_.sender -like "*@example.com"} | select-object Timestamp,SourceContext,Source,EventId,MessageSubject,Sender,{$_.Recipients} | export-csv C:\ExchangeLogResults.txt
This information applies to Exchange 2003, 2007, and 2010.
Here are two examples to search for any user at example.com. These will output the results to a text file for easier viewing. Make sure to update the date ranges and domain name as needed.
Search for messages sent TO any users at example.com:
Get-MessageTrackingLog -ResultSize Unlimited -Start "5/1/2011" -End "5/12/2011" | where{$_.recipients -like "*@example.com"} | select-object Timestamp,SourceContext,Source,EventId,MessageSubject,Sender,{$_.Recipients} | export-csv C:\ExchangeLogResults.txt
Search for messages sent FROM users at example.com:
Get-MessageTrackingLog -ResultSize Unlimited -Start "5/1/2011" -End "5/12/2011" | where{$_.sender -like "*@example.com"} | select-object Timestamp,SourceContext,Source,EventId,MessageSubject,Sender,{$_.Recipients} | export-csv C:\ExchangeLogResults.txt
This information applies to Exchange 2003, 2007, and 2010.
How to Export Message Tracking Results in Exchange 2010
I know we all were a little uncomfortable when Microsoft has come up
with the new Message Tracking in Exchange Server 2007 and Exchange 2010
(of course even me). But, now I become very comfortable with it and
mainly because of its flexibility/features. Recently the message
tracking helped me in identifying a spam attack from an application
server, which made me to write this post. Here I have tried to explain
how to easily track and export the tracking results to a file and do the
further filtration for troubleshooting purpose.
Note – I used the Exchange 2010 SP1 Exchange Management Console and Shell.
Open the Tool Box from EMC and locate Tracking Log Explorer, and do your normal tracking for a desired output. Here I did tracking for couple of test message that I sent.
Below shows the result window,
As you know that the Exchange 2007 and 2010 tracking give plenty of detail in the message tracking result. Now, how will you interpret these results? Is it easy to read the information shows in this output?
At least few time you would have thought, how we can export these results. It is not difficult for administrators who work with Exchange Management Shell. Don’t worry, it is not difficult for you who are not comfortable with Shell as well.
Copy the Exchange Management Shell command from the Message tracking page,
get-messagetrackinglog -MessageSubject "Test Message to Verify Tracking Details" -Start "6/26/2011 9:00:00 PM" -End "6/26/2011 9:30:00 PM"
End of the Shell command that you copied add the field needed to export with a ‘select’ filter, see the below modified shell command.
get-messagetrackinglog -MessageSubject "Test Message to Verify Tracking Details" -Start "6/26/2011 9:00:00 PM" -End "6/26/2011 9:30:00 PM" | select timestamp, ClientIp, ClientHostname, ServerIp, ServerHostname, SourceContext, ConnectorId, Source, EventId, InternalMessageId, MessageId, {$_.Recipients}, {$_.RecipientStatus}, TotalBytes, RecipientCount, RelatedRecipientAddress, Reference, MessageSubject, Sender, ReturnPath, MessageInfo >c:\Track-results.csv
Open the results file in excel and do your rest of filtration, that’s it... you have done.
You may select only the fields that you need during the shell command execution, use the table below to decide your fields.
Timestamp
ClientIp
ClientHostname
ServerIp
ServerHostname
SourceContext
ConnectorId
Source
EventId
InternalMessageId
MessageId
Recipients
RecipientStatus
TotalBytes
RecipientCount
RelatedRecipientAddress
Reference
MessageSubject
Sender
ReturnPath
MessageInfo
Hope now you will like the message tracking of Exchange 2007 and 2010. You may use the same approach when tracking in Exchange 2007, more or less the same.
Note – I used the Exchange 2010 SP1 Exchange Management Console and Shell.
Open the Tool Box from EMC and locate Tracking Log Explorer, and do your normal tracking for a desired output. Here I did tracking for couple of test message that I sent.
- Message_Tracking_-EMC1.png (6.81 KiB) Viewed 1 time
Below shows the result window,
- Message_Tracking_-EMC2.png (14 KiB) Viewed 1 time
As you know that the Exchange 2007 and 2010 tracking give plenty of detail in the message tracking result. Now, how will you interpret these results? Is it easy to read the information shows in this output?
At least few time you would have thought, how we can export these results. It is not difficult for administrators who work with Exchange Management Shell. Don’t worry, it is not difficult for you who are not comfortable with Shell as well.
Copy the Exchange Management Shell command from the Message tracking page,
get-messagetrackinglog -MessageSubject "Test Message to Verify Tracking Details" -Start "6/26/2011 9:00:00 PM" -End "6/26/2011 9:30:00 PM"
End of the Shell command that you copied add the field needed to export with a ‘select’ filter, see the below modified shell command.
get-messagetrackinglog -MessageSubject "Test Message to Verify Tracking Details" -Start "6/26/2011 9:00:00 PM" -End "6/26/2011 9:30:00 PM" | select timestamp, ClientIp, ClientHostname, ServerIp, ServerHostname, SourceContext, ConnectorId, Source, EventId, InternalMessageId, MessageId, {$_.Recipients}, {$_.RecipientStatus}, TotalBytes, RecipientCount, RelatedRecipientAddress, Reference, MessageSubject, Sender, ReturnPath, MessageInfo >c:\Track-results.csv
- Message_Tracking_-EMS.png (7.8 KiB) Viewed 1 time
Open the results file in excel and do your rest of filtration, that’s it... you have done.
- Message_Tracking_CSV.png (14.13 KiB) Viewed 1 time
You may select only the fields that you need during the shell command execution, use the table below to decide your fields.
Timestamp
ClientIp
ClientHostname
ServerIp
ServerHostname
SourceContext
ConnectorId
Source
EventId
InternalMessageId
MessageId
Recipients
RecipientStatus
TotalBytes
RecipientCount
RelatedRecipientAddress
Reference
MessageSubject
Sender
ReturnPath
MessageInfo
Hope now you will like the message tracking of Exchange 2007 and 2010. You may use the same approach when tracking in Exchange 2007, more or less the same.
Changing Certificate on CAS Servers
Go to IIS7 and click on portal.domain.com - then go to Sites / Default Web site
Then on right hand side go to bindings and on "https-443-*" Edit and select the correct certificate
Restart IIS
Then you will have to run these commands on the CAS Servers to change the outlook provider to the new certificate name (E.g. the new cert i have used below is for portal.entagroup.com)
Set-OutlookProvider EXPR -CertPrincipalName:"msstd:portal.domain.com"
Set-OutlookProvider EXCH -CertPrincipalName:"msstd:portal.domain.com"
This setting relates to the account info in outlook - under account and more settings / Connections Tab / Outlook anywhere / Exchange Proxy Settings / Proxy Server principal name
Then on right hand side go to bindings and on "https-443-*" Edit and select the correct certificate
Restart IIS
Then you will have to run these commands on the CAS Servers to change the outlook provider to the new certificate name (E.g. the new cert i have used below is for portal.entagroup.com)
Set-OutlookProvider EXPR -CertPrincipalName:"msstd:portal.domain.com"
Set-OutlookProvider EXCH -CertPrincipalName:"msstd:portal.domain.com"
This setting relates to the account info in outlook - under account and more settings / Connections Tab / Outlook anywhere / Exchange Proxy Settings / Proxy Server principal name
DAG and DAC (Datacenter Activation Coordination)
When you have a two-member
DAG, the system can no distinguish between the different types of
failure. It could be a single server failure, a multiple-server failure
or a site failure. To manage a datacenter switchover for a two-member
DAG that is extended across multiple datacenters you must use Windows
failover cluster management tools.
More information on datacenter switchovers can be found here:
http://technet.microsoft.com/en-us/libr ... 51049.aspx
If you can wait until Exchange Server 2010 Service Pack 1 changes has been made so that DAC supports two-member DAGs in separate datacenters. DAC, or Datacenter Activation Coordination mode is a property setting for a database availability group (DAG). It enables control of the activation behavior of the DAG members preventing split-brain syndrom by not allowing databases to mount automatically even though the DAG has a quorum.
More information on DAC can be found here:
http://technet.microsoft.com/en-us/libr ... 79790.aspx
More information on datacenter switchovers can be found here:
http://technet.microsoft.com/en-us/libr ... 51049.aspx
If you can wait until Exchange Server 2010 Service Pack 1 changes has been made so that DAC supports two-member DAGs in separate datacenters. DAC, or Datacenter Activation Coordination mode is a property setting for a database availability group (DAG). It enables control of the activation behavior of the DAG members preventing split-brain syndrom by not allowing databases to mount automatically even though the DAG has a quorum.
More information on DAC can be found here:
http://technet.microsoft.com/en-us/libr ... 79790.aspx
Datacentre Activation Mode is a mode specifically for multsite Data
Availability Groups with 3 or more members. It is there to stop
datacentre DAG split brain syndrome.
For example you have 2 Sites with DAG members in each. Catastrophic errors occur and your WAN linking the two sites goes down. You now have a potential scenario where both sites will make a passive database active. The site that already had the active database, and the second site seeing the loss of the active database and automatically activating a copy.
so DAC operates this using literally a bit that it flips from either 0 or 1. 0 meaning it cannot mount a database and upon talking to other DAG members using DACP and finding another server with 1, will mount the databases as it knows it is allowed to.
For a more detailed explanation see here:
http://technet.microsoft.com/en-us/library/dd979790.aspx
DAC must be enabled manually if you are in a split datacentre scenario with 3 or more members. To see the cmdlet to activate again see:
http://technet.microsoft.com/en-us/library/dd979790.aspx
For example you have 2 Sites with DAG members in each. Catastrophic errors occur and your WAN linking the two sites goes down. You now have a potential scenario where both sites will make a passive database active. The site that already had the active database, and the second site seeing the loss of the active database and automatically activating a copy.
so DAC operates this using literally a bit that it flips from either 0 or 1. 0 meaning it cannot mount a database and upon talking to other DAG members using DACP and finding another server with 1, will mount the databases as it knows it is allowed to.
For a more detailed explanation see here:
http://technet.microsoft.com/en-us/library/dd979790.aspx
DAC must be enabled manually if you are in a split datacentre scenario with 3 or more members. To see the cmdlet to activate again see:
http://technet.microsoft.com/en-us/library/dd979790.aspx
Outlook Cant preview or open email attachments
Error opening attachments / Cleaning out the Temporary Outlook Files folder
When opening an attachment directly from within Outlook you could get an error message saying that it can’t create the file and to that you need check the permissions on the folder you want to save it in. In most cases the permissions on the folder isn’t the issue but the fact that the folder is “full”. When you open an attachment directly from within Outlook it will first save a copy to a subfolder of the Temporary Internet Files folder. Cleaning out the folder will solve the issue.
Outlook Secure Temp folder
Unfortunately this is easier said than done. The subfolder name Outlook creates (on installation of Outlook) in the Temporary Internet Files folder is quite random. In Outlook 2003 and previous, the name starts with OLK and is followed by up to 4 random numbers or letters. In Outlook 2007 and Outlook 2010, this folder is called Content.Outlook and then has a subfolder which is named with with 8 random numbers and letters. In addition, by default, you cannot simply browse to the folder to clean it out. Getting to the Temporary Outlook Folder can still be accomplished in 2 easy steps though.
Step 1: Locate the folder
The folder location is stored in the registry in the following key;
Outlook 97 HKEY_CURRENT_USER\Software\Microsoft\Office\8.0\Outlook\Security
Outlook 98 HKEY_CURRENT_USER\Software\Microsoft\Office\8.5\Outlook\Security
Outlook 2000 HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Outlook\Security
Outlook 2002/XP HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security
Outlook 2003 HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security
Outlook 2007 HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Security
Outlook 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Security
Step 2: Get to the folder
Open the OutlookSecureTempFolder registry key from the location provided in Step 1.
Copy the path from the key.
Open Explorer
Paste the address in the Address Bar and press Enter
and remove all files in that folder
should work then
When opening an attachment directly from within Outlook you could get an error message saying that it can’t create the file and to that you need check the permissions on the folder you want to save it in. In most cases the permissions on the folder isn’t the issue but the fact that the folder is “full”. When you open an attachment directly from within Outlook it will first save a copy to a subfolder of the Temporary Internet Files folder. Cleaning out the folder will solve the issue.
Outlook Secure Temp folder
Unfortunately this is easier said than done. The subfolder name Outlook creates (on installation of Outlook) in the Temporary Internet Files folder is quite random. In Outlook 2003 and previous, the name starts with OLK and is followed by up to 4 random numbers or letters. In Outlook 2007 and Outlook 2010, this folder is called Content.Outlook and then has a subfolder which is named with with 8 random numbers and letters. In addition, by default, you cannot simply browse to the folder to clean it out. Getting to the Temporary Outlook Folder can still be accomplished in 2 easy steps though.
Step 1: Locate the folder
The folder location is stored in the registry in the following key;
Outlook 97 HKEY_CURRENT_USER\Software\Microsoft\Office\8.0\Outlook\Security
Outlook 98 HKEY_CURRENT_USER\Software\Microsoft\Office\8.5\Outlook\Security
Outlook 2000 HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Outlook\Security
Outlook 2002/XP HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security
Outlook 2003 HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security
Outlook 2007 HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Security
Outlook 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Security
Step 2: Get to the folder
Open the OutlookSecureTempFolder registry key from the location provided in Step 1.
Copy the path from the key.
Open Explorer
Paste the address in the Address Bar and press Enter
and remove all files in that folder
should work then
Use Telnet on Port 25 to test SMTP communication
For purposes of providing an example, the following procedure uses the values that are described in the following list:
* Destination SMTP server mail1.fabrikam.com
* Source domain contoso.com
* Sender's e-mail address chris@contoso.com
* Recipient's e-mail address kate@fabrikam.com
* Message subject Test from Contoso
* Message body This is a test message
Bb123686.note(en-us,EXCHG.141).gifNote:
You should always use a valid sender e-mail address so that any non-delivery report (NDR) messages that are generated by the destination SMTP server are delivered to the sender of the message.
The commands in Telnet Client are not case-sensitive. The SMTP command verbs are capitalized for clarity.
1. At a command prompt, type telnet, and then press ENTER. This command opens the Telnet session.
2. Type set localecho and then press ENTER. This optional command lets you view the characters as you type them. This setting may be required for some SMTP servers.
3. Type set logfile <filename>. This optional command enables logging of the Telnet session to the specified log file. If you only specify a file name, the location of the log file is the current working directory. If you specify a path and a file name, the path must be local to the computer. Both the path and the file name that you specify must be entered in the Microsoft DOS 8.3 format. The path that you specify must already exist. If you specify a log file that doesn't exist, it will be created for you.
4. Type open mail1.fabrikam.com 25 and then press ENTER.
Bb123686.note(en-us,EXCHG.141).gifNote:
You can't use the backspace key after you have connected to the destination SMTP server within the Telnet session. If you make a mistake as you type an SMTP command, you must press ENTER and then type the command again. Unrecognized SMTP commands or syntax errors result in an error message that resembles the following:
500 5.3.3 Unrecognized command
5. Type EHLO contoso.com and then press ENTER.
6. Type MAIL FROM:chris@contoso.com and then press ENTER.
7. Type RCPT TO:kate@fabrikam.com NOTIFY=success,failure and then press ENTER. The optional NOTIFY command defines the particular delivery status notification (DSN) messages that the destination SMTP server must provide to the sender. DSN messages are defined in RFC 1891. In this case, you're requesting a DSN message for successful or failed message delivery.
8. Type DATA and then press ENTER. You will receive a response that resembles the following:
354 Start mail input; end with <CLRF>.<CLRF>
9. Type Subject: Test from Contoso and then press ENTER.
10. Press ENTER. RFC 2822 requires a blank line between the Subject: header field and the message body.
11. Type This is a test message and then press ENTER.
12. Press ENTER, type a period ( . ) and then press ENTER. You will receive a response that resembles the following:
250 2.6.0 <GUID> Queued mail for delivery
13. To disconnect from the destination SMTP server, type QUIT and then press ENTER. You will receive a response that resembles the following:
221 2.0.0 Service closing transmission channel
14. To close the Telnet session, type quit and then press ENTER.
* Destination SMTP server mail1.fabrikam.com
* Source domain contoso.com
* Sender's e-mail address chris@contoso.com
* Recipient's e-mail address kate@fabrikam.com
* Message subject Test from Contoso
* Message body This is a test message
Bb123686.note(en-us,EXCHG.141).gifNote:
You should always use a valid sender e-mail address so that any non-delivery report (NDR) messages that are generated by the destination SMTP server are delivered to the sender of the message.
The commands in Telnet Client are not case-sensitive. The SMTP command verbs are capitalized for clarity.
1. At a command prompt, type telnet, and then press ENTER. This command opens the Telnet session.
2. Type set localecho and then press ENTER. This optional command lets you view the characters as you type them. This setting may be required for some SMTP servers.
3. Type set logfile <filename>. This optional command enables logging of the Telnet session to the specified log file. If you only specify a file name, the location of the log file is the current working directory. If you specify a path and a file name, the path must be local to the computer. Both the path and the file name that you specify must be entered in the Microsoft DOS 8.3 format. The path that you specify must already exist. If you specify a log file that doesn't exist, it will be created for you.
4. Type open mail1.fabrikam.com 25 and then press ENTER.
Bb123686.note(en-us,EXCHG.141).gifNote:
You can't use the backspace key after you have connected to the destination SMTP server within the Telnet session. If you make a mistake as you type an SMTP command, you must press ENTER and then type the command again. Unrecognized SMTP commands or syntax errors result in an error message that resembles the following:
500 5.3.3 Unrecognized command
5. Type EHLO contoso.com and then press ENTER.
6. Type MAIL FROM:chris@contoso.com and then press ENTER.
7. Type RCPT TO:kate@fabrikam.com NOTIFY=success,failure and then press ENTER. The optional NOTIFY command defines the particular delivery status notification (DSN) messages that the destination SMTP server must provide to the sender. DSN messages are defined in RFC 1891. In this case, you're requesting a DSN message for successful or failed message delivery.
8. Type DATA and then press ENTER. You will receive a response that resembles the following:
354 Start mail input; end with <CLRF>.<CLRF>
9. Type Subject: Test from Contoso and then press ENTER.
10. Press ENTER. RFC 2822 requires a blank line between the Subject: header field and the message body.
11. Type This is a test message and then press ENTER.
12. Press ENTER, type a period ( . ) and then press ENTER. You will receive a response that resembles the following:
250 2.6.0 <GUID> Queued mail for delivery
13. To disconnect from the destination SMTP server, type QUIT and then press ENTER. You will receive a response that resembles the following:
221 2.0.0 Service closing transmission channel
14. To close the Telnet session, type quit and then press ENTER.
Exchange Web Services Managed API
http://msdn.microsoft.com/en-us/library ... 80%29.aspx
Videos:
http://msdn.microsoft.com/en-us/exchange/aa731546.aspx
http://msdn.microsoft.com/en-us/library ... 80%29.aspx
http://msdn.microsoft.com/en-us/library ... 80%29.aspx
Videos:
http://msdn.microsoft.com/en-us/exchange/aa731546.aspx
http://msdn.microsoft.com/en-us/library ... 80%29.aspx
http://msdn.microsoft.com/en-us/library ... 80%29.aspx
EXTEST_33788774A21E4 user is not there (Exchange Test User)
If the EXTEST_33788774A21E4 user is not there and needs to be to run the test-outlookconnectivity you need to do the following:
Then open Exchange Management Shell and navigate to the Scripts directory under where you installed Exchange, and run the new-TestCasConnectivityUser.ps1 script to recreate the mailbox-enabled user. It shouldn't matter that it creates a new mailbox; there shouldn't be any data in it that is of any importance.
Again, I don't think this will fix Outlook Anywhere, but it will allow you to test it.
Then open Exchange Management Shell and navigate to the Scripts directory under where you installed Exchange, and run the new-TestCasConnectivityUser.ps1 script to recreate the mailbox-enabled user. It shouldn't matter that it creates a new mailbox; there shouldn't be any data in it that is of any importance.
Again, I don't think this will fix Outlook Anywhere, but it will allow you to test it.
Content Index 'Failed' when mail server switch over
If this error occurs:
Error: "Content Index Catalog Files in the following state 'Failed'"
Do the following:
1. Suspend database copy
2. activate database copy: wait for the resync
It should work when status changed to HEALTHY and all indexes are ok.
Error: "Content Index Catalog Files in the following state 'Failed'"
Do the following:
1. Suspend database copy
2. activate database copy: wait for the resync
It should work when status changed to HEALTHY and all indexes are ok.
Exchange Restrict RAM
Incase u want to limit the size..Follow the steps below
1. Start ADSI Edit.
2. Open the following object:
Configuration/Services/Microsoft Exchange/Your organization/Administrative
Groups/Your administrative group/Servers/Server name/Information Store
3. Right-click Information Store, and then click Properties.
4. Under the list of Attributes, scroll down and select msExchESEParamCacheSizeMax.
5. Click the Edit button, then type the number of 8 kb pages that you
want to set the maximum cache size to.
For example. 1GB cache equates to 1048576 (1024x1024). Divide the cache that you want to set by 8kb to determine the value to enter.
6. Quit ADSI Edit, and then restart the Microsoft Exchange Information Store service
1. Start ADSI Edit.
2. Open the following object:
Configuration/Services/Microsoft Exchange/Your organization/Administrative
Groups/Your administrative group/Servers/Server name/Information Store
3. Right-click Information Store, and then click Properties.
4. Under the list of Attributes, scroll down and select msExchESEParamCacheSizeMax.
5. Click the Edit button, then type the number of 8 kb pages that you
want to set the maximum cache size to.
For example. 1GB cache equates to 1048576 (1024x1024). Divide the cache that you want to set by 8kb to determine the value to enter.
6. Quit ADSI Edit, and then restart the Microsoft Exchange Information Store service
Quorum log too small
The Microsoft® Exchange Server Analyzer Tool reads the following registry
entry to determine the size of the quorum log configured for the
cluster:
HKEY_LOCAL_MACHINE\Cluster\Quorum\MaxQuorumLogSize
If the Exchange Server Analyzer finds the value for MaxQuorumLogSize less than 4194304 decimal (0x400000 hexadecimal), a warning is displayed.
The MaxQuorumLogSize registry value represents the currently configured value for the Reset quorum log at cluster quorum parameter. This warning is generated if the MaxQuorumLogSize is less than 4096 kilobytes (KB).
The cluster records all changes to the cluster database in the quorum log file. When the quorum log attains the specified size, the cluster saves the database and resets the log file. On Microsoft Windows® 2000 Server-based clusters, the default quorum size limit is 64 KB. On Windows Server™ 2003-based clusters, the default quorum size limit is 4096 KB. For Exchange Server clusters, it is recommended that the Reset quorum log at property be configured to 4096 KB. This ensures that there will be sufficient space to hold the cluster configuration information, such as which servers are part of the cluster, what resources are installed in the cluster, and what state those resources are in (for example, online or offline).
To correct this warning
1. Open Cluster Administrator.
2. In the left pane, right-click the object that represents the cluster, and then click Properties.
3. On the Quorum tab, configure Reset quorum log at with a value of 4096.
4. Click OK to save the changes.
HKEY_LOCAL_MACHINE\Cluster\Quorum\MaxQuorumLogSize
If the Exchange Server Analyzer finds the value for MaxQuorumLogSize less than 4194304 decimal (0x400000 hexadecimal), a warning is displayed.
The MaxQuorumLogSize registry value represents the currently configured value for the Reset quorum log at cluster quorum parameter. This warning is generated if the MaxQuorumLogSize is less than 4096 kilobytes (KB).
The cluster records all changes to the cluster database in the quorum log file. When the quorum log attains the specified size, the cluster saves the database and resets the log file. On Microsoft Windows® 2000 Server-based clusters, the default quorum size limit is 64 KB. On Windows Server™ 2003-based clusters, the default quorum size limit is 4096 KB. For Exchange Server clusters, it is recommended that the Reset quorum log at property be configured to 4096 KB. This ensures that there will be sufficient space to hold the cluster configuration information, such as which servers are part of the cluster, what resources are installed in the cluster, and what state those resources are in (for example, online or offline).
To correct this warning
1. Open Cluster Administrator.
2. In the left pane, right-click the object that represents the cluster, and then click Properties.
3. On the Quorum tab, configure Reset quorum log at with a value of 4096.
4. Click OK to save the changes.
Application log size - CAS Servers
The Microsoft® Exchange Server Analyzer Tool reads the following
registry entry to determine the maximum size of the Application log
file:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\MaxSize
If the Exchange Server Analyzer finds that the value for MaxSize is less than 41,943,040 bytes (40 megabytes ), the Exchange Server Analyzer displays a best practice message.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\MaxSize
If the Exchange Server Analyzer finds that the value for MaxSize is less than 41,943,040 bytes (40 megabytes ), the Exchange Server Analyzer displays a best practice message.
Setup.com /M:RecoverServer
To recover a server first reset computer in Activity Directory and
re-add to domain under same name (Make sure you Reset and not delete)
The run Setup.com /M:RecoverServer on server to recover.
Also View and READ these:
http://www.msexchange.org/tutorials/Recovering-Exchange-2007-Server-RecoverServer-switch.html
http://technet.microsoft.com/en-us/library/dd638206.aspx
(Hub Transport Server role installed, and this is the only Exchange 2007 Server with this role installed, it's recommended to run Setup.com /M:RecoverServer with the /DoNotStartTransport syntax, as there are a few post-recovery steps that should be completed before this role is made active.)
Errors i received:
- Setup previously failed while performing the action "DisasterRecovery". You can't resume setup my performing the action "Install"
- Setup previously failed while performing the action "Uninstall". You can't resume setup my performing the action "Install"
The problem is that exchange thing he is in a DisasterRecovery, but he isn't ??? To solf this issue:
- Start regedit
- Goto HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ExchangeServer\v14.0\roleName
Here is the place that exchange says: DisasterRecovery. Just remove the key and try it again.
The run Setup.com /M:RecoverServer on server to recover.
Also View and READ these:
http://www.msexchange.org/tutorials/Recovering-Exchange-2007-Server-RecoverServer-switch.html
http://technet.microsoft.com/en-us/library/dd638206.aspx
(Hub Transport Server role installed, and this is the only Exchange 2007 Server with this role installed, it's recommended to run Setup.com /M:RecoverServer with the /DoNotStartTransport syntax, as there are a few post-recovery steps that should be completed before this role is made active.)
Errors i received:
- Setup previously failed while performing the action "DisasterRecovery". You can't resume setup my performing the action "Install"
- Setup previously failed while performing the action "Uninstall". You can't resume setup my performing the action "Install"
The problem is that exchange thing he is in a DisasterRecovery, but he isn't ??? To solf this issue:
- Start regedit
- Goto HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ExchangeServer\v14.0\roleName
Here is the place that exchange says: DisasterRecovery. Just remove the key and try it again.
Exchange Mail Log Info
Go onto the mailbox servers - logs for all mail sent / Received are located in:
C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs
Active User stats
Connectivity
Edge Sync
Message Tracking
are all logs to look at.
Message tracking will give you a record of all mail. Very usefull.
C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs
Active User stats
Connectivity
Edge Sync
Message Tracking
are all logs to look at.
Message tracking will give you a record of all mail. Very usefull.
Exchange 2010 Resourses
Tech Bulletins
>>> Tech Bulletin: Overview of Exchange 2010 Role Based Access Control <<<
http://social.microsoft.com/Forums/en-U ... 6376a5c760
>>> Tech Bulletin: How to move mailbox from legacy Exchange forest to Exchange 2010 forest <<<
http://social.microsoft.com/Forums/en-U ... 33694e9f7f
Hot Downloads
Download Microsoft Exchange Server 2010
http://technet.microsoft.com/en-us/eval ... 85495.aspx
Update Rollup 1 for Exchange Server 2010 (KB976573)
http://www.microsoft.com/downloads/deta ... laylang=en
Update Rollup 2 for Exchange Server 2010 (KB979611)
http://www.microsoft.com/downloads/deta ... laylang=en
Useful links
Microsoft Exchange Server 2010 Frequently Asked Questions
http://www.microsoft.com/exchange/2010/en/ca/faq.aspx
Exchange team blog
http://msexchangeteam.com/default.aspx
Exchange Server 2010
http://technet.microsoft.com/en-us/libr ... (EXCHG.140).aspx
>>> Tech Bulletin: Overview of Exchange 2010 Role Based Access Control <<<
http://social.microsoft.com/Forums/en-U ... 6376a5c760
>>> Tech Bulletin: How to move mailbox from legacy Exchange forest to Exchange 2010 forest <<<
http://social.microsoft.com/Forums/en-U ... 33694e9f7f
Hot Downloads
Download Microsoft Exchange Server 2010
http://technet.microsoft.com/en-us/eval ... 85495.aspx
Update Rollup 1 for Exchange Server 2010 (KB976573)
http://www.microsoft.com/downloads/deta ... laylang=en
Update Rollup 2 for Exchange Server 2010 (KB979611)
http://www.microsoft.com/downloads/deta ... laylang=en
Useful links
Microsoft Exchange Server 2010 Frequently Asked Questions
http://www.microsoft.com/exchange/2010/en/ca/faq.aspx
Exchange team blog
http://msexchangeteam.com/default.aspx
Exchange Server 2010
http://technet.microsoft.com/en-us/libr ... (EXCHG.140).aspx
Error Downloading Exchange Address Book
I seem to be having the same issue i had a few months back where the OAB
stops downloading, However if i add the authenticated users to the OAB
virtual directory in IIS they can then download the OAB again, however
these rights keep on disapearing every week. I raised this on http://social.microsoft.com/Forums/en-US/partnermsgexchange/thread/7c44b1d7-7969-4a76-b0a3-ce1e0bc5894b
So if the offline address book stops downloading to clients please complete the following as a temporary fix:
Go to all 3 of the CAS servers: exchangecas1.domain.com / exchangecas2.domain.com / exchangecas3.domain.com
Goto Internet Information Services (IIS) Manager / expand port.entagroup.com / Sites / Default Web Site /
Right click on OAB and go to Edit Permissions and add authenticated users with Just read right. (you may also need to do this with the actual OAB directory under the OAB directory)
For more info go to the Gold partner forums:
http://social.microsoft.com/Forums/en-US/partnermsgexchange/thread/c7da9e42-0725-47ec-98c2-8ea4acfab77f
http://social.microsoft.com/Forums/en-US/partnermsgexchange/thread/7c44b1d7-7969-4a76-b0a3-ce1e0bc5894b
So if the offline address book stops downloading to clients please complete the following as a temporary fix:
Go to all 3 of the CAS servers: exchangecas1.domain.com / exchangecas2.domain.com / exchangecas3.domain.com
Goto Internet Information Services (IIS) Manager / expand port.entagroup.com / Sites / Default Web Site /
Right click on OAB and go to Edit Permissions and add authenticated users with Just read right. (you may also need to do this with the actual OAB directory under the OAB directory)
For more info go to the Gold partner forums:
http://social.microsoft.com/Forums/en-US/partnermsgexchange/thread/c7da9e42-0725-47ec-98c2-8ea4acfab77f
http://social.microsoft.com/Forums/en-US/partnermsgexchange/thread/7c44b1d7-7969-4a76-b0a3-ce1e0bc5894b
Exchange File Extensions
*.edb - Exchange Database file
E:\database\Accounts\Accounts.edb
*.chk - checkpoint file - keeps track of which transactions have moved from the transaction logs to the database - so in the event of the being an interuption of those transaction logs being moved to the database, if anything happens the checkpoint file can be used to refernece.
E:\log\Accounts\E04.chk
*.log - 2 different types - the current transaction log e.g. E00.log, but once this gets to 1mb it is re-created again and is renamed to e.g. E00000000001.log
E:\log\Accounts
*.jrs - Used if the server gets to the end of its storage space and has no more room to wright any more information into transaction logs (There should be 2 of these logs just for an emergency like that)
E:\log\Accounts\E04res00001.jrs
tmp.edb - Tempory workspace to store data before written to main *.edb database
not present in 2010 - i think its now E:\database\Accounts\Accounts.edb.IRS.RAW
E:\database\Accounts\Accounts.edb
*.chk - checkpoint file - keeps track of which transactions have moved from the transaction logs to the database - so in the event of the being an interuption of those transaction logs being moved to the database, if anything happens the checkpoint file can be used to refernece.
E:\log\Accounts\E04.chk
*.log - 2 different types - the current transaction log e.g. E00.log, but once this gets to 1mb it is re-created again and is renamed to e.g. E00000000001.log
E:\log\Accounts
*.jrs - Used if the server gets to the end of its storage space and has no more room to wright any more information into transaction logs (There should be 2 of these logs just for an emergency like that)
E:\log\Accounts\E04res00001.jrs
tmp.edb - Tempory workspace to store data before written to main *.edb database
not present in 2010 - i think its now E:\database\Accounts\Accounts.edb.IRS.RAW
Outlook Autocomplete
In outlook the email address field - uses an auto complete file that holds all the history for email contacts
This file is the outlook.nk2 file
This file is the outlook.nk2 file
Testing your mail server security
Telnet IP 25
helo
mail from
rcpt to
enter message here, followed by a full stop on a new line
.
Also, check whether your email server divulges your internal users by supporting the EXPN and VRFY commands (for example, VRFY administrator -> admin@example.org):
' telnet 25
help - does it show EXPN / VRFY to be supported?
EXPN administrator
VRFY admin'
Finally, check if it's possible to send a spoofed email through the email server. For example, SMTP server for domain "example.org" receives an external email from john.smith@example.org. Does your email server drop this email? It should do
helo
mail from
rcpt to
enter message here, followed by a full stop on a new line
.
Also, check whether your email server divulges your internal users by supporting the EXPN and VRFY commands (for example, VRFY administrator -> admin@example.org):
' telnet 25
help - does it show EXPN / VRFY to be supported?
EXPN administrator
VRFY admin'
Finally, check if it's possible to send a spoofed email through the email server. For example, SMTP server for domain "example.org" receives an external email from john.smith@example.org. Does your email server drop this email? It should do
Subscribe to:
Posts (Atom)