Exchange 2010


Exchange 2003/2010 cross forest routing problem solved

For a customer I ran into a strange problem. While doing a cross forest mailbox migration I noticed that mails were queuing up and were not delivered. It took some troubleshooting untill I found the solution. First I noticed that newly created users received email for several domains without any problems. Migrated users didn’t receive any external email.

I opened the user’s properties with ADSIEDIT and I noticed the old email addresses on the targetaddress field. I decided to delete the values and re-register those email addresses using the Exchange console. The user concerned received external email immediately .

adsi001

Because it’s a cross forest migration we are using ADMT for the user migration. It’s possible to exclude this value and doing so will prohibit to these old values being migrated to the new domain.

adsi002


Exchange 2010 move database error WMI exception occurred..

Today I tried to move a database to a different drive and I ran into the following problem :

PF_error

After some investigation I noticed a large amount of log files. After enabling circular logging and dismount and mounting the database everything went fine! Disable circular logging afterwards and make sure your backup solution is running working and flushes the logfiles correctly.


Howto : Split SMTP domain Exchange 2003 and … (2010, Zimbra etc) 1

This is how to create a split SMTP domain using Exchange 2003 and another SMTP program like Exchange, Zimbra or something like that.

Step 1. Make sure you’re MX-record is already point to your Exchange 2003 mailserver and that part is working.

Step 2. Add the new domain name to the Recipient Policies:

 

SMTP01

Make sure the “This Exchange…” is not selected! (That’s important)

SMTP02

Now create a new SMTP connector :

SMTP03

Fill the IP-adres in brackets [] and select an Exchange 2003 server using Add.

SMTP04

Goto Address space, add the new split SMTP domain and select the Allow Messages to be relayed option.

At this point the mail which can’t be delivered at the Exchange 2003 is being forwarded to the IP adres specified. At this point you have to make a receive connector (Exchange 2010 for example) or something else.


How to use EMC to migrate mailboxes from Exchange on premises to Office365 and vice versa

In my previous post you can read how easily it is to use the EMC to administer your Office365 account. Now you can imagine how easily it could be to migrate Exchange mailboxes from your on premises Exchange Server to Office365 or the other way around! This is how you can do that :

First open the console and select New Remote Move Request

office365_console_004

Choose the user you wish to migrate :

office365_console_005

Now specify the target domain and the remote database  and hit next.

office365_console_007

Hit next and watch your mailbox fly to the cloud!

Technorati Tags: ,

How to use the EMC to administrate Office365

Nowadays more and more people are migrating from Exchange to Office365/Exchange Online or are using a Hybrid solution. Many people don’t know that they can use the Exchange 2010 Management Console to control their Office365 settings and users. This is how you can link your Office365 environment to the EMC.

First download and install EMC, this is straight forward.  Now open the EMC and select add Exchange forest :

office365_console_001

Enter a friendly name and choose the option “Exchange Online”.

office365_console_002

Enter your credentials and hit ok!

office365_console_003

Notice that you have the possibility to administer your on premises Exchange and Office 365.

office365_console_003b

 

Technorati Tags: ,


Exchange set external/internal URL’s

When configuring Exchange it’s important to have your external and internal url’s correctly configured. Otherwise you are running into errors like those :

digicert_error

Configuring those url’s isn’t that difficult, you just want to make sure you configure all the URL’s and have an appopiate SSL cert. After importing the right SSL you can use a free tool from DIGIcert who makes all the settings for you. Let’s take a look :

 

digicert_001

Hit next Glimlach

digicert_002

Next again..

digicert_003

Next..

digicert_004

Next ofcourse..

digicert_005

And finally Execute (not next!)

I think it’s a nice tool. It’s quick and easily and you make sure you don’t forget anything. Exchange 2013 isn’t supported yet… Bedroefde emoticon
You can find their tool here : http://www.digicert.com/internal-domain-name-tool.htm

Tags van Technorati: ,

Insufficient Access Rights to Perform the Operation (Exchange 2010)

While moving some mailboxes I got the following error :

Active Directory operation failed on servername.domainname.local. This error is not retriable. Additional information: Insufficient access rights to perform the operation.

Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:

‘domainname.local/Users/User Name’ | New-MoveRequest -TargetDatabase ‘User Mailbox Database’

I found out the error was because inheritable permissions was not turned on for this specific user. (In this case this user was a member of the domain admin usergroup). This is how you can fix this problem :

Open dsa.msc (make sure advanced features has been enabled). Open the specific user and go to properties and select security

advanced

Go to advanced and enable “Include inheritable permissions..”

include_inheritable

In my case I was enable to move this specific mailbox.

 

move_succesfull


Exchange & Outlook Certificate errors.. (solved)

Today I was testing Outlook with a new Exchange server config and I received the following error :

Outlook_Cert_Error

I knew I correctly imported the new SSL certifcate because I tested OWA before Outlook and that was working fine. The solution was simple. You must specify in Exchange which Exchange services  (for example SMTP, IIS, POP, UM etc) must use which certificate.

Open the Exchange console :

Exchange_Console_1

Now go to the right pane, select the correct certifcate and choose

Assign_services

Assign Services to certifcate. Make sure you select IIS and SMTP for OWA and Outlook functionality. In my case the Outlook error disappeared.


Create Exchange 2010 CAS (NLB) Cluster

Today I installed a Exchange 2010 CAS cluster using (Windows) NLB. After some final preparation I followed Microsoft best practices for creating a CAS cluster. (Microsoft recommends creating a CAS cluster also when you’re only using one CAS cluster).

This is how you can do that :

New-ClientAccessArray -Name <NameOfArray> -Fqdn <NLB Name>

Exchange asked for your site name, you can find this name in Active Directory sites and services.