Exchange Server Share

… Information sharing on Exchange Server …

Archive for the ‘Script’ Category

Exchange 2013 SP1 – Powershell Tips – Part 2

avatar.jpg

Here are remaining 50 tips out of 94 that are getting displayed when you open Exchange Management Shell on an Exchange Server 2013 with Service Pack 1.

Exchange 2013 SP1 – Powershell Tips – Part 1 (First #44)

Exchange 2013 SP1 – Powershell Tips – Part 2 (Current article)

image

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #44:

Want to change the default prohibit send quota for a mailbox database? Type:

Set-MailboxDatabase -ProhibitSendQuota

You can specify a bytes qualifier when you use the ProhibitSendQuota parameter. For example, if you want to set the prohibit send quota to 200 megabytes, type:

Set-MailboxDatabase -ProhibitSendQuota 200MB

You can also configure the IssueWarningQuota parameter and the ProhibitSendReceiveQuota parameter in the same way.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #45:

Want to know what version of Exchange Server each of your servers is running? Type:

Get-ExchangeServer | Format-Table Name, *Version*

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #46:

Want to determine whether a server is running Exchange Server 2013 Standard, Enterprise or Hybrid Edition? Type:

Get-ExchangeServer | Format-Table Name, Edition

If you want to view which edition all your Exchange servers are running, omit the parameter.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #47:

Want to create a new resource mailbox that can be used to book a meeting room? Type:

New-Mailbox -Name -UserPrincipalName -OrganizationalUnit -Room

This command creates a disabled Active Directory user who has a mailbox that accepts meeting requests from users.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #48:

Want to control the properties of email messages sent to a specific domain? Use the RemoteDomain cmdlets. Create a new remote domain by using the New-RemoteDomain cmdlet. Type:

New-RemoteDomain -Name “Contoso.com Configuration” -DomainName contoso.com

Then modify the properties that you want for this remote domain by using the Set-RemoteDomain cmdlet:

Set-RemoteDomain “Contoso.com Configuration” -AutoReplyEnabled $True -AutoForwardEnabled $True

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #49:

Booleans are parameters that can be evaluated as either $True or $False. Booleans are typically used as a flag on an object that modifies the behavior of that object. In the Exchange Management Shell, you must supply a Boolean parameter with either a $True, $False, 1, or 0. No other values are accepted, including True or False. For example, both of the following commands set the enabled state of the ExampleAssignment management role assignment to $True:

Set-ManagementRoleAssignment ExampleAssignment -Enabled $True
Set-ManagementRoleAssignment ExampleAssignment -Enabled 1

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #50:

Want an easy way to apply deleted item retention limits across multiple databases and servers? Try the following command to configure deleted item retention across all databases on a specified server:

Get-MailboxDatabase -Server | Set-MailboxDatabase -DeletedItemRetention 45.00:00:00

You can also apply the same deleted item retention limits or mailbox retention limits across all servers in your organization:

Get-MailboxDatabase | Set-MailboxDatabase -DeletedItemRetention 45.00:00:00 -MailboxRetention 120.00:00:00

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #51:

Want to know what permissions an Active Directory user account has on a specific mailbox? Use:

Get-Mailbox | Get-MailboxPermission -User

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #52:

Want to know which mailboxes a specific Active Directory user has permissions to? Type:

$Mailboxes = Get-Mailbox -ResultSize Unlimited
$Mailboxes | Get-MailboxPermission -User | Format-Table Identity, AccessRights, Deny

Caution: This command enumerates all the mailboxes in your organization. If you have lots of mailboxes, you may want to target specific mailboxes.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #53:

Want to get a list of the backup status of all mailbox databases in your organization? Type:

Get-MailboxDatabase -Status | Format-Table Name, Server, *Backup*

How about just the mailbox databases on a specific server? Type:

$Databases = Get-MailboxDatabase -Server -Status
$Databases | Format-Table Name, *Backup*

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #54:

To retrieve the current status of an Exchange server or database, use the Status parameter. For example:

Get-ExchangeServer -Status | Format-List
Get-MailboxDatabase -Server -Status | Format-List

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #55:

Want to view the mounted status of all mailbox databases? Type:

Get-MailboxDatabase -Status | Format-Table Name, Server, Mounted

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #56:

What’s the difference between server-side filtering and client-side filtering? Server-side filtering is used with the recipient and queue cmdlets, which support the Filter parameter, because these cmdlets can return large result sets. The server filters the results by using the criteria you specify and then sends you the filtered results. Client-side filtering can be used with any cmdlet. The entire result set is sent to the client computer, which then filters the data and provides a filtered result set. Client-side filtering uses the Where-Object cmdlet, which can be shortened to Where.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #57:

With Exchange 2013 Unified Messaging, you can redirect unauthenticated callers to certain telephone extensions to an operator instead of to the extension that was dialed. To list users for whom Unified Messaging transfers unauthenticated callers to the operator, instead of to the user, type:

$Mailboxes = Get-UMMailbox
$Mailboxes | Where-Object { $_.AllowUMCallsFromNonUsers -eq `
[Microsoft.Exchange.Data.Directory.Recipient.AllowUMCallsFromNonUsersFlags] “None” }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #58:

You can use client-side filtering to return only the data that you want to see or work with. The following example retrieves all Active Directory user accounts in the Engineering department and puts the results in a table with two columns, Name and Department. By using the ResultSize parameter, the Get-User cmdlet limits the result set to 2,000 users.

$Users = Get-User -ResultSize 2000
$Users | Where { $_.Department -Eq “Engineering” } | Format-Table Name, Department

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #59:

The special variable $_ represents the objects being passed from one cmdlet to another cmdlet in the pipeline. The $_ variable is automatically initiated by the Shell and is bound to the current pipeline object. You can access the properties of the object assigned to the $_ variable as you would any other object. The following example shows how you can view the Name property of each mailbox object that is passed through the pipeline:

Get-Mailbox | ForEach { $_.Name }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #60:

You can import CSV files and treat them as objects by using the Import-Csv cmdlet. Each row in a CSV file becomes an element in an array, and each column becomes a property. You can assign the CSV file to a variable, or you can pipe its contents directly to another cmdlet. In the following example, there are three columns in the CSV file, Name, Alias, and EmailAddress, with several rows that the ForEach cmdlet will cycle through. The data in each row is used to create a new mail contact.

$CSV = Import-Csv
$CSV | ForEach { New-MailContact -Name $_.Name -Alias $_.Alias -ExternalEmailAddress $_.EmailAddress -OrganizationalUnit Users }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #61:

Want to customize your Exchange Management Shell profile? Run the following command to determine the location of your Microsoft.PowerShell_profile.ps1 file:

$Profile

You may have to create the PSConfiguration folder and Microsoft.PowerShell_profile.ps1 file. After you’ve done that, you can add your favorite functions and aliases, which will be loaded every time that the Exchange Management Shell is opened.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #62:

Want to see everything that occurs when you run a command? Include the Verbose parameter with the command. This parameter instructs the Exchange Management Shell to display detailed information about each action that the server takes to complete the command. This information can be useful in troubleshooting.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #63:

Any cmdlet that accepts a size value lets you specify whether the integer value is in kilobytes (KB), megabytes (MB), gigabytes (GB), or terabytes (TB). For example:

Set-Mailbox “Kim Akers” -ProhibitSendQuota 200MB -UseDatabaseQuotaDefaults $False

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #64:

Want to create a new role group for your administrators? Use the New-RoleGroup cmdlet. The New-RoleGroup cmdlet lets you add management roles and specify the members to add to the new role group. Those members will be granted the permissions provided by the management roles. Type:

New-RoleGroup -Roles , , -Members , ,

Remember, role groups are used to grant permissions to groups of administrators or specialist end users who require special permissions. If you want to manage permissions for end users, use management role assignment policies.’\

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #65:

Do you want to create a new management role assignment policy that’s based on an existing policy, but you don’t want to include all the management roles? Use the Get-ManagementRoleAssignment cmdlet and pipe the results to the Where cmdlet. The Where cmdlet excludes any role assignments that contain the roles you specify. The remaining role assignments are piped to the New-ManagementRoleAssignment cmdlet. Type:

New-RoleAssignmentPolicy
New-RoleAssignmentPolicy
Get-ManagementRoleAssignment -RoleAssignee | Where { ($_.Role -NE “”) -And ($_.Role -NE “”) } | New-ManagementRoleAssignment -Policy

Then you can apply the new policy to a mailbox using the Set-Mailbox cmdlet:

Set-Mailbox -RoleAssignmentPolicy

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #66:

Do you want to remove a management role from a role group, role assignment policy, USG, or user but don’t know the name of the management role assignment? Just find the role assignment with the Get-ManagementRoleAssignment cmdlet and pipe the results to the Remove-ManagementRoleAssignment cmdlet. Type:

Get-ManagementRoleAssignment -RoleAssignee -Role | Remove-ManagementRoleAssignment

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #67:

Exchange 2013 uses management role groups and management role assignment policies to manage permissions. Role groups enable you to grant permissions to groups of administrators and specialist end users. These are people who manage your organization or perform special tasks, like mailbox searches for compliance reasons. Role assignment policies enable you to grant permissions to your end users. These permissions include whether users can manage their own distribution groups, edit their own profile information, access voice mail, and more.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #68:

Exchange 2013 uses management role groups and management role assignment policies to manage permissions. Role groups enable you to grant permissions to groups of administrators and specialist end users. These are people who manage your organization or perform special tasks, like mailbox searches for compliance reasons. Role assignment policies enable you to grant permissions to your end users. These permissions include whether users canmanage their own distribution groups, edit their own profile information, access voice mail, and more.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #69:

Exchange 2013 uses management role groups and management role assignment policies to manage permissions. Role groups enable you to grant permissions to groups of administrators and specialist end users. These are people who manage your organization or perform special tasks, like mailbox searches for compliance reasons. Role assignment policies enable you to grant permissions to your end users. These permissions include whether users can manage their own distribution groups, edit their own profile information, access voice mail, and more.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #70:

Exchange 2013 uses management role groups and management role assignment policies to manage permissions. Role groups enable you to grant permissions to groups of administrators and specialist end users. These are people who manage your organization or perform special tasks, like mailbox searches for compliance reasons. Role assignment policies enable you to grant permissions to your end users. These permissions include whether users canmanage their own distribution groups, edit their own profile information, access voice mail, and more.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #71:

Management role groups enable you to grant permissions to groups of administrators and specialist end users. These are people who manage your organization or perform special tasks, like mailbox searches for compliance reasons. If you want to manage permissions for end users, use management role assignment policies.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #72:

Management role assignment policies enable you to grant permissions to your end users. These permissions include whether users can manage their own distribution groups, edit their own profile information, access voice mail, and more. If you want to manage permissions for administrators and specialist users, use management role groups.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #73:

Management role assignments determine what management roles are associated with management role groups and management role assignment policies. Role assignments also control what objects users who are members of role groups or assignment policies can modify using the cmdlets available on the associated management roles.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #74:

The Get-RoleGroupMember cmdlet lists all the members on a management role group. But if you want to get more details about the members of the role group, use the Get-ManagementRoleAssignment cmdlet. The Get-ManagementRoleAssignment cmdlet enables you to view the members of universal security groups that are members of role groups, view the management scope that applies, and more.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #75:

Do you need to store a value in a variable in a script and make sure it never changes? If so, make the variable a constant using the New-Variable cmdlet. Constants can be set once and don’t allow their values to be changed. For example, the following creates the $IPAddress constant with the value 10.0.0.2.

New-Variable -Option Constant -Name IPAddress -Value “10.0.0.2”

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #76:

To get a list of all parameters available for a cmdlet, type:

(Get-Command <Cmdlet Name>).Parameters | ft key

For example, to get all parameters for the New-TransportRule cmdlet, type:

(Get-Command New-TransportRule).Parameters | ft key

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #77:

Did you know that you need to use the AssembleMessage script when exporting messages from a queue? For example, if you want to export the message with message ID 1234 from the contoso.com queue on server Mailbox1, you need to run the following command:

Export-Message -Identity Mailbox1\contoso.com\1234 | AssembleMessage -Path “C:\ExportedMessages\Message1234.eml”

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #78:

Wondering how many log files are generated per server every minute? Quickly find out by typing:

Get-MailboxDatabase -Server | ?{ %{$_.DatabaseCopies | ?{$_.ReplayLagTime -ne [TimeSpan]::Zero -And $_.HostServerName -eq $env:ComputerName} } } | %{ $count = 0; $MinT = [DateTime]::MaxValue; $MaxT = [DateTime]::MinValue; Get-ChildItem -Path $_.LogFolderPath -Filter “*????.log” | %{ $count = $count + 1; if($_.LastWriteTime -gt $MaxT){ $MaxT = $_.LastWriteTime}; if($_.LastWriteTime -lt $MinT){ $MinT= $_.LastWriteTime} }; ($count / ($MaxT.Subtract($MinT)).TotalMinutes) } | Measure-Object -Min -Max -Ave

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #79:

Wondering how many log files are generated per database every minute? Quickly find out by typing:

Get-MailboxDatabase -Server | %{ Get-ChildItem -Path $_.LogFolderPath -Filter “*????.log” | Group-Object -Property {$_.LastWriteTime.Day,$_.LastWriteTime.Hour,$_.LastWriteTime.minute} | ?{$_.Count -gt 1} | Measure-Object -Property Count -Min -Max -Ave }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #80:

Get quick health and status information for your mailbox database copies by typing:

Get-DatabaseAvailabilityGroup DAG1 | %{ $_.Servers | %{ Get-MailboxDatabaseCopyStatus -Server $_ } }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #81:

Did you know that you can share your calendar and contacts folders with other federated Exchange 2013 organizations by first creating a federation trust with the Microsoft Federation Gateway with a valid digital certificate? Just use the New-FederationTrust cmdlet and the certificate thumbprint to get started. Type:

New-FederationTrust-Name “Microsoft Federation Gateway” -Thumbprint

Finish by setting up an organization relationship with another federated Exchange organization to share limited calendar free/busy information. Type:

Get-FederationInformation -DomainName | New-OrganizationRelationship -Name “” -FreeBusyAccessEnabled $true -FreeBusyAccessLevel -LimitedDetails

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #82:

Need to quickly get a list of your Exchange certificates and their thumbprints? Just use the Get-ExchangeCertificate cmdlet. Type:

Get-ExchangeCertificate | fl

Want to filter the list and include just the self-signed certificates? No problem! Type:

Get-ExchangeCertificate | where {$_.IsSelfSigned -eq $true} | fl

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #83:

Not sure your federation trust with the Microsoft Federation Gateway is working correctly? To test if a security token can be retrieved, just type:

Test-FederationTrust

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #84:

Need a report on the status of each Exchange certificate installed on all Mailbox and Client Access servers? Try this:

Test-FederationTrustCertificate

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #85:

Need to verify that an organization relationship is correctly configured and functioning as expected for a user in an external Exchange organization? Just type:

Test-OrganizationRelationship -UserIdentity -Identity -Confirm

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #86:

Use this command to get all active mailbox move requests on a mailbox server:

$(Get-MailboxDatabaseCopyStatus -Server MBX | ?{ $_.status -eq “Mounted” }) | %{ Get-MoveRequest -TargetDatabase $_.DatabaseName } | ?{ $_.Status -ne “Completed” -and $_.Status -ne “CompletedWithWarning” }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #87:

Use this command to find all non-completed move requests and group them by target database:

Get-MoveRequest | ?{ $_.Status -ne “Completed” -and $_.Status -ne “CompletedWithWarning” } | group targetdatabase | sort Count -Descending

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #88:

Use this command to find failure messages for all failed moves:

Get-MoveRequest -MoveStatus Failed | Get-MoveRequestStatistics | ft Alias, percentcomplete, message -auto

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #89:

Use these commands to get a snapshot of the move throughput for completed moves.

$stats = Get-MoveRequest -MoveStatus Completed | Get-MoveRequestStatistics $stats | sort totalmailboxsize | ft Alias,{$_.totalmailboxsize.ToMB()},totalinprogressduration -auto

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #90:

Use this command to view how many move requests are in the queue to be moved:

(Get-MoveRequest -MoveStatus Queued).count

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #91:

Use this command to find all mailbox move requests for mailboxes on the active mailbox database copies that are hosted on the specified mailbox server. This command returns the display name, status of the move request, and the database to which the mailbox is being moved.

$(Get-MailboxDatabaseCopyStatus -Server MBX01 | ?{ $_.status -eq “Mounted” }) | %{ Get-MoveRequest -TargetDatabase $_.DatabaseName }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #92:

Need to see a list of the URLs for a user’s calendar that has been published for Internet access? Just type:

Get-MailboxCalendarFolder -Identity :\calendar | fl

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #93:

Did you know that you can download and integrate the latest version of Help for all cmdlets on the local Exchange server? Type:

Update-ExchangeHelp

You need to run this command on each Exchange server to get updated Help.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Advertisements

Written by Amit Tank

May 21, 2014 at 8:47 pm

Exchange 2013 SP1 – Powershell Tips – Part 1

avatar.jpg

I have been collecting all the Tips that are getting displayed when we launch the Exchange Management Shell on an Exchange Server 2013 with Service Pack 1. I have seen quite interesting tips so thought of sharing with all.

There are total #94 tips I have seen so far, I will post them in two different posts, here is the first set of 44 tips (#0 to #43) and I will post remaining 50 tips in next one. I know it has some duplicates but that’s what it’s there.

Exchange 2013 SP1 – Powershell Tips – Part 1 (Current article)

Exchange 2013 SP1 – Powershell Tips – Part 2 (Remaining #50)

image

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #0:

Did you know that the Identity parameter is a “positional parameter”? That means you can use:

Get-Mailbox “user” instead of: Get-Mailbox -Identity “user”

It’s a neat usability shortcut!

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #1:

Did you know that the Identity parameter is a “positional parameter”? That means you can use:

Get-Mailbox “user” instead of: Get-Mailbox -Identity “user”

It’s a neat usability shortcut!

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #2:

Did you know that the Identity parameter is a “positional parameter”? That means you can use:

Get-Mailbox “user” instead of: Get-Mailbox -Identity “user”

It’s a neat usability shortcut!

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #3:

Did you know that the Identity parameter is a “positional parameter”? That means you can use:

Get-Mailbox “user” instead of: Get-Mailbox -Identity “user”

It’s a neat usability shortcut!

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #4:

Did you know that the Identity parameter is a “positional parameter”? That means you can use:

Get-Mailbox “user” instead of: Get-Mailbox -Identity “user”

It’s a neat usability shortcut!

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #5:

Tired of typing a long command every time that you want to do something? Alias it! Type:

Set-Alias GetMre Get-ManagementRoleEntry

For all the current aliases, type:

Get-Alias

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #6:

Want to see the members of a dynamic distribution group that has a custom filter? Just use the Get-Recipient cmdlet. Type:

$DDG = Get-DynamicDistributionGroup “Contoso Marketing Managers”
Get-Recipient -RecipientPreviewFilter $DDG.RecipientFilter

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #7:

The Exchange Management Shell is a calculator, too! Try it directly at a command prompt:

1.2343+3123 or (23/435)*2

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #8:

Command line SOS! Do you need help? Type:

Help <cmdlet-name>  or  <cmdlet-name> -?

You can choose what information to return when you view Help by using the Detailed, Full, and Examples switches:

Help Get-Mailbox –Detailed

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #9:

Want to look at Help for a cmdlet but don’t want to read through pages and pages of text in the Shell window? Just use the Online switch with the Get-Help cmdlet. The Online switch tells the Shell to open the online version of the cmdlet’s Help topic in your default browser. Type:

Get-Help -Online

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #10:

The tilde character (~) should be familiar to Unix users. It represents the shortcut to your root directory. To see what it’s evaluated to by default, type:

Dir ~

You can use it as a useful shortcut:

Cp SomeFile “~\My Documents”

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #11:

CTRL+C is the equivalent of the hard-break command in the Exchange Management Shell. If a command is taking too long to run or you want to cancel an operation quickly, press CTRL+C to stop execution.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #12:

Pushd and Popd work the same way in the Exchange Management Shell as they do in cmd.exe. Type:

Pushd

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #13:

XML over everything! The Exchange Management Shell treats XML as a native type, so that you can do interesting things like:

$Sample = [XML](Get-Content SomeXMLFile.xml)

This command assigns $Sample to the actual XML object. To see it, type:

$Sample

To navigate, type:

$Sample.Prop1.Prop2

No need for text parsing when you want to load XML data!

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #14:

Cmdlets that end in “Config” manage singleton configuration, either one per server or organization. For these tasks, you don’t have to specify an identity because there is only one instance of the configuration. You may have to specify theServer parameter if the configuration is per server.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #15:

To get a list of all users on an Exchange 2013 server who aren’t Unified Messaging-enabled, type:

$Mailboxes = Get-Mailbox
$Mailboxes | ForEach { If($_.UmEnabled -Eq $False){$_.Name}}

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #16:

To get a list of all users on an Exchange 2013 server who are Unified Messaging-enabled, type:

$Mailboxes = Get-Mailbox
$Mailboxes = | ForEach { If($_.UmEnabled -Eq $True){$_.Name}}

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #17:

To display the user’s alias formatted in a table together with the user’s Exchange 2013 server name and telephone extension, type:

Get-Mailbox | Format-Table ServerName,@{e={$_.SamAccountName};Label=”User Alias”},@{Expression=”Extensions”;Label=”Telephone numbers”}

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #18:

To display the list of UM IP gateway server names disabled for outbound calling and hunt groups associated with a UM IP gateway server, type:

$Gateways = Get-UMIPGateway
$Gateways | ForEach {If($_.OutCallsAllowed -Eq $False){ “Gateway Name = ” +$_.Name;ForEach ($HuntGroup In $_.Huntgroups){“Huntgroups ” + $Huntgroup}}}

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #19:

If you want to test all IP Block List providers, you just have to pipe the Get-IpBlockListProvider cmdlet to the Test-IpBlockListProvider cmdlet:

Get-IpBlockListProvider | Test-IpBlockListProvider -IpAddress 192.168.0.1

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #20:

Before you remove an object by using the Remove verb, use the WhatIf parameter to verify the results are what you expect.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #21:

Sometimes it’s useful to convert the output of a cmdlet to a string to interoperate with native cmdlets. For example, type:

Get-Mailbox | Out-String | Findstr “Administrator”

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #22:

Get all Win32 WMI information, such as Perfmon counters and local computer configurations. For example, type:

Get-WMIObject Win32_PerfRawData_PerfOS_Memory

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #23:

Who isn’t tired of spam? You can configure real-time block list (RBL) providers with the Exchange Management Shell by running the following two commands:

Set-IPBlockListProvidersConfig -Enabled $True -ExternalMailEnabled $True

and then

Add-IPBlockListProvider -Name -LookupDomain -AnyMatch $True

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #24:

Access the event log from the Exchange Management Shell. To retrieve the whole event log, type:

Get-EventLog Application | Format-List

To retrieve all Exchange-related events, type:

Get-EventLog Application | Where { $_.Source -Ilike “*Exchange*” }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #25:

One benefit of the Exchange Management Shell is that cmdlets can output objects to the console. You can then manipulate this output and organize it in interesting ways. For example, to get a quick view in tabular format, use Format-Table:

Get-Mailbox | Format-Table Name,Database,RulesQuota

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #26:

Forget a property name? Not a problem because you can use wildcard characters to retrieve all properties that match the part of the name that you specify:

Get-Mailbox | Format-Table Name,*SMTP*

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #27:

Want to work with data contained in a CSV file? Use Import-CSV to assign the data to an object. For example, type:

$MyCSV = Import-CSV TestFile.CSV

You can then manipulate the data easily in the Exchange Management Shell. For example, if there is a column called Mailboxes in the CSV data, you can use the following commands to sort or group the data by the Mailboxes column:

To sort: $MyCSV | Sort Mailboxes
To group: $MyCSV | Group Mailboxes

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #28:

This command spins through all your mailbox servers and reconnects all the uniquely identified but disconnected mailboxes in any one of the mailbox stores:

$Servers = Get-ExchangeServer
$Servers | `
Where { $_.IsMailboxServer -Eq ‘$True’ } `
| ForEach { Get-MailboxStatistics -Server $_.Name `
| Where { $_.DisconnectDate -NotLike ” } `
| ForEach { Connect-Mailbox -Identity `
$_.DisplayName -Database $_.DatabaseName} }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #29:

Tab completion reduces the number of keystrokes required to complete a cmdlet. Just press the TAB key to complete the cmdlet you’re typing. Tab completion kicks in whenever there is a hyphen (-) in the input. For example:

Get-Send<tab>

should complete to Get-SendConnector. You can even use wildcards, such as:

Get-U*P*<tab>

Pressing the TAB key when you enter this command cycles through all cmdlets that match the expression, such as the Unified Messaging Mailbox policy cmdlets.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #30:

Tab completion reduces the number of keystrokes required to complete a cmdlet. Just press the TAB key to complete the cmdlet you’re typing. Tab completion kicks in whenever there is a hyphen (-) in the input. For example:

Get-Send<tab>

should complete to Get-SendConnector. You can even use wildcards, such as:

Get-U*P*<tab>

Pressing the TAB key when you enter this command cycles through all cmdlets that match the expression, such as the Unified Messaging Mailbox policy cmdlets.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #31:

Tab completion reduces the number of keystrokes required to complete a cmdlet. Just press the TAB key to complete the cmdlet you’re typing. Tab completion kicks in whenever there is a hyphen (-) in the input. For example:

Get-Send<tab>

should complete to Get-SendConnector. You can even use wildcards, such as:

Get-U*P*<tab>

Pressing the TAB key when you enter this command cycles through all cmdlets that match the expression, such as the Unified Messaging Mailbox policy cmdlets.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #32:

Tab completion reduces the number of keystrokes required to complete a cmdlet. Just press the TAB key to complete the cmdlet you’re typing. Tab completion kicks in whenever there is a hyphen (-) in the input. For example:

Get-Send<tab>

should complete to Get-SendConnector. You can even use wildcards, such as:

Get-U*P*<tab>

Pressing the TAB key when you enter this command cycles through all cmdlets that match the expression, such as the Unified Messaging Mailbox policy cmdlets.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #33:

Want to create a group of test users in your lab? Use this command:

1..100 | ForEach { Net User “User$_” MyPassword=01 /ADD /Domain; Enable-Mailbox “User$_” }

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #34:

Like the Exchange Management Shell Tip of the Day? Try this:

Get-Tip

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #35:

Want to set the properties on all or some Outlook Web Access virtual directories? Pipe the output of Get-OwaVirtualDirectory to the Set-OwaVirtualDirectory cmdlet. For example, the following command sets the Gzip level for all Outlook Web Access virtual directories:

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -GzipLevel High

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #36:

Want to move your database path to another location? Type:

Move-DatabasePath -EdbFilePath DestFileName

To change the file path setting without moving data, use this command together with the ConfigurationOnly parameter. This command is especially useful for disaster recovery. Caution: Misuse of this cmdlet will cause data loss.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #37:

Need an easy way to add a new primary SMTP address to a group of mailboxes? The following command creates a new email address policy that assigns the @contoso.com domain to the primary SMTP address of all mailboxes with Contoso in the company field:

New-EmailAddressPolicy -Name Contoso -RecipientFilter {Company -Eq “Contoso”} -EnabledPrimarySMTPAddressTemplate “@contoso.com”

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #38:

Want to retrieve a group of objects that have similar identities? You can use wildcard characters with the Identity parameter to match multiple objects. Type:

Get-Mailbox *John*
Get-ReceiveConnector *toso.com
Get-JournalRule *discovery*

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #39:

Want to configure a group of objects that have similar identities? You can use wildcard characters with the Identity parameter when you use a Get cmdlet and pipe the output to a Set cmdlet. Type:

$Mailboxes = Get-Mailbox *John*
$Mailboxes | Set-Mailbox -ProhibitSendQuota 100MB -UseDatabaseQuotaDefaults $False

This command matches all mailboxes with the name John in the mailbox’s identity and sets the ProhibitSendQuota parameter to 100MB. It also sets the UseDatabaseQuotaDefaults parameter to $False so that the server uses the new quota you specified instead of the database default quota limits.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #40:

Forgot what the available parameters are on a cmdlet? Just use tab completion! Type:

Set-Mailbox -<tab>

When you type a hyphen (-) and then press the TAB key, you cycle through all the available parameters on the cmdlet. Want to narrow your search? Type part of the parameter’s name and then press the TAB key. Type:

Set-Mailbox -Prohibit<tab>

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #41:

Want to add an alias to multiple distribution groups that have a similar name? Type:

$Groups = Get-DistributionGroup *Exchange*
$Groups | Add-DistributionGroupMember -Member kim

This command adds the alias kim to all distribution groups that contain the word Exchange.

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #42:

Want to record exactly what happens when you’re using the Exchange Management Shell? Use the Start-Transcript cmdlet. Anything that you do after you run this cmdlet will be recorded to a text file that you specify. To stop recording your session, use the Stop-Transcript cmdlet.

Notice that the Start-Transcript cmdlet overwrites the destination text file by default. If you want to append your session to an existing file, use the Append parameter:

Start-Transcript c:\MySession.txt –Append

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Tip of the day #43:

Do you have a user who has network access but maintains an external mail account outside your Exchange organization? With Exchange 2013, you can now create mail-enabled users that are regular Active Directory accounts, but also behave like mail-enabled contacts. By using the Enable-MailUser cmdlet, you can add email contact attributes to any existing Active Directory user who doesn’t already have a mailbox on an Exchange server. Users in your Exchange organization will then be able to send email messages to that user’s external mail account. Type:

Enable-MailUser “Active Directory Alias” -Identity -ExternalEmailAddress “Destination SMTP Address”

-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-

Written by Amit Tank

May 15, 2014 at 9:36 pm

Exchange 2007: Database Statistics in Powershell

Many times we need to find number of mailboxes in each database and the size of the database (EDB file) of all servers in an Exchange 2007 environment. With PowerShell, it is fairly simple to grab in a single line.

1.  How do we find number of mailboxes in each database?

On Screen: Get-MailboxDatabase | Select Server, StorageGroupName, Name, @{Name="Number Of Mailboxes";expression={(Get-Mailbox -Database $_.Identity | Measure-Object).Count}} | Format-Table -AutoSize

Export to CSV: Get-MailboxDatabase | Select Server, StorageGroupName, Name, @{Name="Number Of Mailboxes";expression={(Get-Mailbox -Database $_.Identity | Measure-Object).Count}} | Export-Csv C:\ServerStat-1.csv

2.  How do we find number of mailboxes and size of EDB file for each Database?

On Screen: Get-MailboxDatabase | Select Server, StorageGroupName, Name, @{Name="Size (GB)";Expression={$objitem = (Get-MailboxDatabase $_.Identity); $path = "`\`\" + $objitem.server + "`\" + $objItem.EdbFilePath.DriveName.Remove(1).ToString() + "$"+ $objItem.EdbFilePath.PathName.Remove(0,2); $size = ((Get-ChildItem $path).length)/1048576KB; [math]::round($size, 2)}}, @{Name="Size (MB)";Expression={$objitem = (Get-MailboxDatabase $_.Identity); $path = "`\`\" + $objitem.server + "`\" + $objItem.EdbFilePath.DriveName.Remove(1).ToString() + "$"+ $objItem.EdbFilePath.PathName.Remove(0,2); $size = ((Get-ChildItem $path).length)/1024KB; [math]::round($size, 2)}}, @{Name="No. Of Mbx";expression={(Get-Mailbox -Database $_.Identity | Measure-Object).Count}} | Format-table -AutoSize

Export to CSV: Get-MailboxDatabase | Select Server, StorageGroupName, Name, @{Name="Size (GB)";Expression={$objitem = (Get-MailboxDatabase $_.Identity); $path = "`\`\" + $objitem.server + "`\" + $objItem.EdbFilePath.DriveName.Remove(1).ToString() + "$"+ $objItem.EdbFilePath.PathName.Remove(0,2); $size = ((Get-ChildItem $path).length)/1048576KB; [math]::round($size, 2)}}, @{Name="Size (MB)";Expression={$objitem = (Get-MailboxDatabase $_.Identity); $path = "`\`\" + $objitem.server + "`\" + $objItem.EdbFilePath.DriveName.Remove(1).ToString() + "$"+ $objItem.EdbFilePath.PathName.Remove(0,2); $size = ((Get-ChildItem $path).length)/1024KB; [math]::round($size, 2)}}, @{Name="No. Of Mbx";expression={(Get-Mailbox -Database $_.Identity | Measure-Object).Count}} | Export-CSV C:\ServerStat-2.csv

Written by Amit Tank

July 27, 2009 at 11:05 pm

Exchange Update Rollup Installation. It is not Nightmare!!!

Many people feel that installation of Exchange Update Rollup is a nightmare, does it really? Well, It doesn’t, if you take certain steps of prevention.

Here are some of the myths which prevents from getting sleepless night for Update Rollups installation.

Known Issues & Pre Installation Checklist

 

1. Previous Interim Update (IU) Exists, Remove/Uninstall

Microsoft releases critical IUs for Exchange outside the Rollup schedule and can be obtained by contacting PSS. If you attempt to install the Rollup prior to removing the IU, you may get an error.

Prevention Step: Any installed IUs must be removed prior to applying a Rollup.

2. Permission Required

It is recommended to use the same account which was used to install Exchange server while installing Update Rollups.

If you have to use different account then make sure that you have highest permission like Exchange Organization Admin and a member of Local Admin group of Exchange server.

3. Do you have CAS-CAS Proxying deployed?

Apply the update rollup to the Internet-facing Client Access servers before you apply the update rollup to the non-Internet-facing Client Access servers.

4. Do you have Outlook Web Access customization?

When you apply an update rollup package, the update process will copy over the OWA files if it is necessary. If you have modified the Logon.aspx file or other OWA files, the customizations will be overwritten to ensure that OWA is updated correctly.

Prevention Step: Always make a backup copy of any customized Outlook Web Access files before you apply the update rollup.

After you apply the update rollup package, re-create Outlook Web Access customization in Logon.aspx.

5. Status of IPv6

Do you have IPv6 enabled in “Local Area Connection”? If you have IPv6 network and ticked/enabled in Local Area Connection, then it is fine.

But if you do NOT have IPv6 network and somehow unticked/disabled in Local Area Connection, follow below steps before Update Rollup installation.

  • Enable IPv6 in Local Area Connection.
  • Use Registry Editor and add registry key to completely disable IPv6 on a Windows Server 2008 computer as per KB952842

This may cause Exchange services to start or from changing ‘Startup Type’ (disabled to Automatic) after installation.

6. Lack of Internet Connectivity

You may experience long installation times and you may receive the following message:
“Creating Native images for .Net assemblies”

This issue occurs because the Exchange server issues network requests to connect to http://crl.microsoft.com/pki/crl/products/CodeSigPCA.crl and look up the certificate revocation list at NGEN time for each assembly that it compiles to native code.

Because the Exchange server is not connected to the Internet, each request must wait to timeout before moving on.

Prevention Step: Turn off the Check for publisher’s certificate revocation option on the server that is being upgraded. Follow these steps:

In Windows Internet Explorer –> Tools –> Internet Options –> Advanced tab
In the Security section, uncheck or clear the box for below tow options

“Check for publisher’s certificate revocation”
“Check for server certificate revocation”

It is considered safe to clear this security option in Internet Explorer if the computer is in a tightly controlled environment. After the setup has completed, turn on the Check for publisher’s certificate revocation option again

image

Further information can be found here…
Exchange 2007 managed services might time out during certificate revocation checks
http://msexchangeteam.com/archive/2008/07/08/449159.aspx

7. Managed code services may not start after you install this update rollup

This problem occurs because you do not have a Microsoft .NET Framework common language runtime (CLR) build that supports the generatePublisherEvidence configuration setting.

Prevention Step: If you are using the .NET Framework 2.0, install one of the following software updates:

.NET Framework 2.0 Service Pack 1
Problems that are fixed in the .NET Framework 2.0 Service Pack 1

Software update 936707 with CRL build 2.0.50727.876
FIX: A .NET Framework 2.0 managed application that has an Authenticode signature takes longer than usual to start

Software update 942027 with CRL build 2.0.50727.926
FIX: You may notice that the memory load is very high when you run an application that is built on the .NET Framework 2.0

Refrence: Exchange Server 2007 managed code services do not start after you install an update rollup for Exchange Server 2007
http://support.microsoft.com/kb/944752

8. Exchange Best Practice Analyzer

Run ExBPA regularly to find any misconfiguration, problems or standard recommendation from Microsoft on your Exchange environment.

It is also recommended to run it before installation UR and correct the errors if shows in result.

Troubleshooting Update Rollup Installation Failure

Now what if UR installation failed, where to start looking for the cause or reason behind failure?

The Exchange Software Updates forum is available to get assistance if you come across with any update rollups installation issue. Microsoft engineers monitor the forum and assist you, but what they need to troubleshoot the issue? Information on your Exchange environment, how you are installing update rollup, and errors come up in various log files. These all things gives you and them hints to get resolution while troubleshooting.

Here are some of the logs to start investigation.

  1. Look into Event Log for any error related to UR installation.
  2. Enable Verbose MSI Logging to generate setup log and look into it for any error.
  3. ServiceControl.log available at C:\ExchangeSetupLogs.
  4. UpdateOwa.log available at C:\ExchangeSetupLogs.

1. Look into Event Log for any error

This is the starting place of forensic lab :), you may see some MSI related or any other errors which might have some numbers and with it setup would have failed.

Here is an example…

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1024
Description:
Product: Microsoft Exchange Server – Update ‘Update Rollup 8 for Exchange Server 2007 Service Pack 1 (KB968012) 8.1.375.2’ could not be installed. Error code 1603.

Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error code 1603 is pretty generic in MSI installation and to look further deep we need to enable verbose MSI logging. Question comes, how? Ok, let’s discuss it in next portion.

2. Enable Verbose MSI Logging to generate setup log

We can enable MSI verbose logging to get extensive details of update rollup installation with below switches…

Exchange2007-KB<kb # of Rollup>-x64-EN.msp /lxv* c:\LogName.log

Let’s take an example of Exchange 2007 SP1 UR8 which was released sometimes back. I am executing it with below command.

Exchange2007-KB968012-x64-EN.msp /lxv* c:\SP1UR8.log

image

This will generate extensive log of UR installation and log an activity of each and every step.

image 

You can open this log and check for errors which may shed some light on why the installation failure occurred. If you create a thread at Exchange Software Updates forum or log a call with Microsoft PSS, they will ask for this file anyway.

3. ServiceControl.log available at C:\ExchangeSetupLogs

This file keeps the log of service ‘Status’ and ‘Startup Type’ changes happened by ServiceControl.ps1 script during UR installation.

We may find the cause of service, if stopped or disabled during UR installation.

image

4. UpdateOwa.log available at C:\ExchangeSetupLogs

This file keeps the log of OWA changes performed by UpdateOWA.ps1 during UR installation.

image

Here is an example of UpdateOwa.log file generated during successful UR8 installation but we may find the cause here if OWA comes up with errors after UR installation.

image 

We can also find UpdateOWA.PS1 script under Program Files\Microsoft\Exchange Server\Bin directory which can be run to correct OWA errors came after UR installation.

image

Written by Amit Tank

May 30, 2009 at 1:26 pm

Exchange 2010 Beta1: Bunch of FAQs, Tips & Known Issues

Exchange 2010 has many new features, advance administration methods, significant changes in Information Store to give better performance, new and simple high-availability approach and role based access control features for permissions. Sounds great so who doesn’t want to start testing this early version, Exchange 2010 Beta1.

As we know that Exchange 2010 product is still under development and being optimized, so here are certain FAQs, Tips and Known Issues which might help you to evaluate it easily and save your time while finding solutions or workarounds on some common queries and issues.

=======================================================

1. Production Use?

First question comes in your mind while testing Exchange 2010 Beta1 is, can I use Exchange 2010 Beta 1 in production?
~ Answer is "NO", here is an official article from Exchange Team on why you shouldn’t use Beta in production environment. 
Reference: "Can I install Exchange 2010 Beta in production?"

2. Windows 2008 Editions

~ Exchange 2010 can be installed on Windows 2008 & Windows 2008 R2 but wait…

2.1 Can I install Exchange 2010 on Windows 2008 Server Core?
~ No, Exchange 2010 can NOT be installed on Windows 2008 Server Core, it requires full edition of Windows 2008 Standard or Enterprise.
~ Reason is, Exchange requires some of the components which are not supported on Windows 2008 Server Core, example is .Net Framework.

2.2 Can I use Exchange 2010 Beta 1 with Windows 2008 R2?
~ Yes, you can use Windows 2008 R2 but read below couple of points.

2.2.1 Which build of Windows 2008 R2 I can use for Exchange 2010 testing?
Exchange 2010 Beta1 PowerShell & WinRM are incompatible with post 7000 build of Windows R2 and requires wire-level change so it can be installed only on build 7000 of R2 and not on later builds so keep in mind if you are planning to install it on R2.

2.2.2 You may get below error while accessing EMC on Windows 2008 R2.

Connecting to remote server failed with the following error message : The WinRM client received an HTTP server error status (500), but the remote service did not include any other information about the cause of the failure. It was running command ‘Discover-ExchangeServer -UseWIA $true’.

This is know issue and to solve it follow below two steps…
     ~ Disable “Anonymous Authentication” on PowerShell virtual directory of IIS.
     ~ Enable remote powershell for user with below cmdlet in “Exchange Management
        Shell (Local Powershell)”
        Set-User “User Name” -RemotePowerShellEnabled $true

3. Coexistence

Coexistence with legacy Exchange versions (2007or 2003) is NOT supported with Exchange 2010 Beta1. We may need to wait for next release of Exchange 2010.

4. Installation

4.1 Domain & Forest Functional Levels of your AD environment.

Exchange 2010 requires Domain and Forest (both) Functional Levels to at least Windows 2003. You can refer below articles to raise Functional Levels of your AD to Windows 2003.
References: Raise the Domain Functional Level 
                     Raise the Forest Functional Level

4.2 Setup fails at Hub Transport Server role installation with below error.

The execution of: “$error.Clear(); if ($RoleStartTransportService) { start-SetupService -ServiceName MSExchangeTransport }”, generated the following error: “Service ‘MSExchangeTransport’ failed to reach  status ‘Running’ on this server.”

~ This could be because you have disabled IPv6 in Local Area Connection. Correct method to disable IPv6 is with Registry Key and remove the entry from hosts file.
Refer below article.

Reference: Exchange 2010: Hub Transport Role Installation Fails

4.3 You get below error while running installation.

"An error occurred while copying file D:\Exchange2010-Beta1-x64\…\templates editor.msc"

Workaround:
~ Copy Setup dump to local hard drive and execute Exchange 2010 setup from there.
~ Make sure that account, being used to run Exchange 2010 setup, has Domain, Enterprise and Schema Admin rights.

4.4 You may get below error while installing additional Mailbox Server in Exchange 2010 Beta1 environment.

"Object reference not set to an instance of an object"

~ This might be due to "Admin Audit Log Agent" Cmdlet Extension Agents enabled in your environment. This will be resolved in later builds but current Workaround for this problem is disable Admin Audit Log Agent with below cmdlet.
          Disable-CmdletExtensionAgent "Admin Audit Log Agent"
References:
Understanding Cmdlet Extension Agents
Disable a Cmdlet Extension Agent

5. Exchange Management Console / Shell Tips

5.1 When you try to access EMS/EMC with newly created administrator account, you get below error.
EMS
:

Connecting to remote server failed with the following error message : Access is denied.
At C:\Program Files\Microsoft\Exchange Server\V14\bin\ConnectFunctions.ps1:154 char:28
+         $global:r = new-pssession <<<<  -connectionURI
https://$fqdn/powershell -ConfigurationName Microsoft.Exchange -Authentication NegotiateWithImplicitCredential -SessionOption $sessionOption #-erroraction  silentlycontinue
    + CategoryInfo          : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : RemoteRunspaceOpenFailed

EMC:

Connecting to remote server failed with the following error message: Access is denied. It was running command ‘Discover-ExchangeServer -UseWIA $true’

Solution:
You need to enable Remote Powershell for newly created Admin account with below cmdlet.
          Set-User “User Name” -RemotePowerShellEnabled $true

5.2 When you click on CAS Server properties you may get below error.

—————————
Microsoft Exchange
—————————
Unable to create IIS (Internet Information Service) directory entry. Error Message is: Access is denied.
. HResult = -2147024891 It was running command ‘get-ActiveSyncVirtualDirectory’.

This is know issue with current Beta1 and you need to add "Microsoft Exchange Security Groups\ Exchange Trusted Subsystem" group to Local Administrators group on all Exchange servers and Restart the CAS server.

5.3 If you create User with ADU&C and enable mailbox with EMC/EMS, now while removing the same mailbox in EMC you get below error.

Active Directory operation failed on Server1.Contoso.com. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-03151D12, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Solution: You need to use EMS to remove the mailbox with Remove-Mailbox cmdlet.

5.4 How to manage mailbox folder permission with EMS.

This is one of the New Mailbox and Recipient Functionality in Exchange 2010. Let’s take an example here, if you want permission on a folder named "SharedFolder1" of  User1’s mailbox to User2 in Exchange Management Shell.

~ You can use Add-MailboxFolderPermission cmdlet. But what is the format of folder name which we should pass in cmdlet to give permission? So, format should be blow.

Add-MailboxFolderPermission -Identity User1:\SharedFolder1 -AccessRights Editor -User User2

6. Mailbox Access & Client Issues

6.1 How can I access Exchange 2010 mailbox?
~ You can access mailbox with MAPI clients like Outlook 2007 or 2003, OWA premium experience with IE, FireFox & Safari browser or Windows Mobile 5.0, 6.0 devices.

6.2 Outlook 2007 is not able to access mailbox and/or unable to start "MSExchange Rpc Client Access" Service.
This is know issue and it will be corrected in later build. Workaround is to add below two registry keys on Exchange 2010 Server.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ MSExchangeIS\ParametersSystem]
"Mapi Rpc Endpoint Registration"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ MSExchangeRPC\ParametersSystem]
"ExecutionFlags"=dword:00000002

6.3 Outlook 2003 is unable to access mailbox.
RPC/MAPI Mailbox access with Outlook 2003 may not work while testing in Beta1, you need to use Outlook 2007 to gain mailbox access. You may use RPC/HTTPs method with Outlook 2003 to access Mailbox.

7. Public Folders Access & Client Issues

7.1 Public Folder Support in Exchange 2010

Public Folder is fully supported in Exchange 2010 life cycle as Exchange team is already announced earlier.
Reference: Updated Exchange Public Folder Guidance
But you need to start looking for other alternative if PFs are being heavily used in your organization, Share Point is a good alternative from that stand point.

7.2 Where is Public Folder option in OWA?

Public Folder, Notes, Tasks, Views etc… modules are not included in current Beta, these will be available in later builds.

7.3 Unable to access Public Folder in Outlook 2007 and you get below error.

"Cannot expand the folder. The set of folders cannot be opened. Your profile is not configured"

Public Folder access has problem with MAPI/RPC Outlook 2007 profile and can not be accessible, this will be corrected in later build.

8. Outlook Web Access

8.1 Certain features (like drag and drop items) are not yet fully implemented in this version of Beta to work on Firefox and Safari web browser so you can still find some gaps and which will be covered by RTM.

8.2 OWA, where is integrated IM and Presence functionality?
~ IM & Presence functionality is not yet included into Beta1 so we may need to wait for next build releases.
~ However You need to have Office Communications Server 2007 R2 installed in your environment to have basic IM functionality then you can configure an integration between OCS and Exchange OWA to connect together and give you status indication (presence information) of other persons, have chat with them etc…

8.3 OWA gives blank display with below in address bar
"https://localhost/owa/auth/logon.aspx?url=https://localhost/owa/&reason=0"
You may need to reinstall CAS server role and IIS.

9. Exchange Control Panel (ECP)

9.1 When you click on Options in OWA to login on ECP, again it asks for authentication.
~ This is expected behaviour in Beta1 because ECP virtual directory doesn’t support FBA yet. This will be corrected by RTM releases of Exchange 2010.

9.2 Authentication fails when you click on Options button in OWA and you get below error.

Unexpected Error – An error occurred and your request couldn’t be completed. Please try again.

~ This happens if you are accessing OWA with FQDN of your OWA address like  https://mail.domainname.com/owa but didn’t set urls on virtual directories.
~ You need to set InternalURL to https://FQDNofExchange/OWA and ExternalURL to https://mail.domain.com/owa of OWA virtual directory with Set-OWAVirtualDirectory cmdlet.

Set-OWAVirtualDirectory “Owa (Default Web Site)” –InternalURL “https://FQDNofExchange/owa” –ExternalURL “https://mail.domain.com/owa”

~ Similarly for ECP directory with Set-ECPVirtualDirectory cmdlet. Once these are configured it prompts for passwords (Refer #9.1) and authentication redirects to ECP.

Set-ECPVirtualDirectory “Ecp (Default Web Site)” –InternalURL “https://FQDNofExchange/ECP” –ExternalURL “https://mail.domain.com/ECP”

10. Archive or Alternate Mailbox

10.1 How to create Archive Mailbox?
You can use below cmdlet to create archive mailbox. In later builds you can create archive mailbox in EMC too.

New-AlternateMailbox -Name User-Archive -Mailbox UserName -Type Archive
Reference: New-AlternateMailbox

10.2 Where will be Archiving mailbox created?
~ Archive mailbox will be created automatically on the same mailbox database where primary mailbox of user is available.

10.3 Does discoveries feature work on Archive mailbox to find emails by Compliance Officer?
Yes, Compliance Officer can search emails from Archive Mailbox. Exchange Control Panel (ECP) is an interface for Discovery feature of Exchange 2010.

10.4 How to access Archive Mailbox?
It can be accessed via OWA or Outlook 2010 but unfortunately OWA doesn’t have that feature included in current Beta1 to access Archive Mailbox and beta version of Outlook 2010 will be released in Q3 so we may need to wait until next build of Exchange 2010 available.

11. MailTips

11.1 What are supported clients for MailTips feature?
~ MailTips are supported in OWA and Outlook 2010.
~ But current Exchange 2010 public beta doesn’t have this feature module ported in OWA and Outlook 2010 Beta has not released yet so we may need to wait for next releases of Exchange 2010…
Reference: Introducing MailTips

12. High Availability & Recovery

12.1 Database Availability Groups (DAG)

12.1.1 You get below error while adding a server into DAG by using EMC.

Insufficient permissions to view the network shares on machines <FileShareWitness>. Error code 5.

~ This is known issue, remote powershell can add a server in DAG since it requires to install Windows Failover Cluster (WFC) components which are not accessible through remote powershell.
~ Use "Exchange Management Shell (Local Powershell)" to add the server into DAG with Add-DatabaseAvailabilityGroupServer cmdlet.

Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer E2010SRV1

Reference: Add-DatabaseAvailabilityGroupServer

12.2 What is the alternative of Recovery Storage Group (RSG)?

~ As we know that there Storage Group concept is deprecated and we have only Databases so now we can use Recovery Databases for recovery purpose.
~ Here are cmdlets to create Recovery Database and to restore mailbox.
New-MailboxDatabase -Recovery <DatabaseIdParameter> –Server <StoreMailboxIdParameter>
Restore-Mailbox -Identity <MailboxIdParameter> -RecoveryDatabase <DatabaseIdParameter> -RecoveryMailbox <StoreMailboxIdParameter>

References:
New-MailboxDatabase
Restore-Mailbox

=======================================================

Hope this article helps you to test Exchange 2010 Beta1 with greater comfortably and yeh, most of these know issues will be corrected in later builds or by RTM release…

Written by Amit Tank

May 3, 2009 at 10:24 am