Rollup 6 for Exchange Server 2007 SP3.

Earlier today the Exchange team released Update Rollup 6 for Exchange Server 2007 SP3.

De following list calls out the most important fixes which are included in this release:

22656040 An Exchange Server 2007 Client Access server may respond slowly or stop responding when users try to synchronize the Exchange ActiveSync devices with their mailboxes

2498852 "0x80041606" error message when you perform a prefix search by using Outlook in online mode in an Exchange Server 2007 environment

22653334 The reseed process is unsuccessful on the SCR passive node when the circular logging feature is enabled in an Exchange Server 2007 environment

22617784 Journal reports are expired or lost when the Microsoft Exchange Transport service is restarted in an Exchange Server 2007 environment

2289607 The week numbers displayed in OWA do not match the week numbers displayed in Outlook for English users and French users in an Exchange Server 2007 environment

For the complete list check HERE
General Notes:

Note for Forefront Protection for Exchange users For those of you running Forefront Protection for Exchange, be sure you perform these important steps from the command line in the Forefront directory before and after this rollup’s installation process. Without these steps, Exchange services for Information Store and Transport will not start after you apply this update. Before installing the update, disable ForeFront by using this command: fscutility /disable. After installing the update, re-enable ForeFront by running fscutility /enable.

Setup KMS Server for Windows Server 2008 R2 or Windows 7

Open the command prompt and run the following command:

cscript c: \ Windows \ System32 \ slmgr.vbs / ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx

Enter the product key xxxxx Windows Server 2008 R2. It is also able to activate Windows 7. The following text appears when the command is successful.

Microsoft ® Windows Script Host Version 5.7
Copyright © Microsoft Corporation. All rights reserved.
Installed product key xxxxx-xxxxx-xxxxx-xxxxx-xxxxx successfully.
The installation of the KMS server is complete. The server installs itself on port 1688. This port must be opened to be put in the firewall. To change the port the following command can be used.

Slmgr.vbs / SPRT xxxx
Once the firewall is open and the key is installed, the KMS server service has to be restarted. Do this by using the following command:

slsvc & net stop & net start slsvc

To check whether the data will be registered correctly in the DNS, the following command:

nslookup-type = srv _vlmcs._tcp

Here, the following output should appear:

_vlmcs._tcp.test.local SRV service location:
priority = 0
weight = 0
port = 1688
svr hostname = kms.wardvissers.local
internet address = 192.168.150.7 kms.wardvissers.local

Clients / Servers

The clientele / servers need to connect to the KMS host will automatically find the host by dns. When the client / server using a MAK key is activated. Should this be put back to a KMS client key. These keys are released by Microsoft. When this key is set on the client / server will automatically look for a KMS host. When not present, the client / server activation.

KMS client keys:

Windows 7 Enterprise: 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH
Windows Server 2008 Standard: TM24T-X9RMF-VWXK6-X8JC9-BFGM2
Windows Server 2008 Enterprise: YQGMW-MPWTJ-34KDK-48M3W-X4Q6V
Windows Server 2008 R2 Standard – YC6KT-GKW9T-YTKYR-T4X34-R7VHC
Windows Server 2008 R2 Enterprise – 489J6-VHDMP-X63PK-3K798-CPX3Y

The following commands can the key be changed from MAK to KMS here are the xxxxx is one of the above keys.

slmgr.vbs / ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
Note: To ensure that the client is forced to activate the command to be executed on the client.
slmgr-ato

It can happen that the RMS server returns the following message. This is because the KMS server is just beginning to work with 25 clients and 5 servers.

You can find here the list with error codes & solutions: http://support.microsoft.com/kb/938450

Special thanks to:Harm Hoekstra

Public Folder Migration from Exchange 2003 or 2007 to Exchange 2010

Step 1: Replicating Exchange 2003 or 2007  PF’s to Exchange 2010

Add PF replica’s to an Exchange 2010 Server:

.\AddReplicaToPFRecursive.ps1 -server "Exchange 2003/2007 Server" -TopPublicFolder "\" -ServerToAdd "Exchange 2010 Server"

Replicate the System Folders to an Exchange 2010 Server:

.\AddReplicaToPFRecursive.ps1 -TopPublicFolder "\NON_IPM_Subtree" -ServerToAdd "exchange2010 server”

If you are planning to have multiple Exchange 2010 PF servers, you can repeat the Cmdlet

From the Exchange 2010 server: Update-PublicFolderHierarchy -Server "Exchange 2010 Server"

Step 2: Moving Exchange 2003/2007 PF’s to Exchange 2010

As a last step, after you confirmed that all the PF have been replicated to the Exchange 2010, you can move all replicas from Exchange 2003/2007 to Exchange 2010. The "move all replicas" will actually remove the Exchange 2003/2007 replicas.

To move all Exchange 2003/2007 replicas to Exchange 2010, which will actually remove the Exchange 2003/2007 replicas:

.\MoveAllReplicas.ps1 -Server "Exchange 2003 Server" -NewServer "Exchange 2010 Server"

Additional Cmdlets

To view a list of the replicas in the public folder hierarchy: Get-PublicFolder -recurse |fl name,replicas

For System Folders: Get-PublicFolder -recurse \non_ipm_subtree |fl name, replicas

To compare content replicated between the source and destination servers: Get-PublicFolderStatistics

Reference

Move Public Folder Content from One Public Folder Database to Another Public Folder Database – http://technet.microsoft.com/en-us/library/bb331970.aspx

Exchange 2010 Outlook Mobile Update

This guide was created to help you deploy the new Outlook Mobile update for the Windows Mobile 6.1 devices that connect to your Exchange 2010 servers. This guide focuses on Microsoft Exchange Server 2010 RTM & SP1 & SP2 and Windows Mobile 6.1, and covers the following topics:

· Overview

· How to configure your Exchange 2010 for the Outlook Mobile update

· Details about the Outlook Mobile update

· How to get support for Outlook Mobile updates

· How to subscribe for future updates

Overview

First, we’ll review the overall update experience that’s built into Exchange 2010.

clip_image002

As part of the Outlook Mobile update, users will receive an update notification in an e-mail message in their Inbox. The purpose of this message is to inform them that there’s an Outlook Mobile update for their phone.

The message will instruct the user to click an inline link. This prompts the phone to download the Initial Setup CAB. After the Initial Setup CAB is installed, it will check for available updates specific to the user’s device type.

Next, if an Outlook Mobile update is available, it will be downloaded and installed. The user will receive a notification message that tells them they need to restart their device. After the device is restarted, it will resynchronize the data (e-mail, calendar, contacts, and tasks) with the Exchange server so it will be compatible with the new format of Exchange Server 2010. After that synchronization is complete, the user will be ready to experience the new features in the Outlook Mobile update.

How to Configure Your Exchange 2010 Server for the Outlook Mobile Update

Now that you understand the tasks that the Outlook Mobile update performs, we’ll cover how to configure your Exchange server so that your users who have Windows Mobile 6.1 devices will receive the update notification e-mail message.

How to determine whether a user will receive the update notification e-mail message

The update notification e-mail message will be sent to the user’s device if the following conditions are true:

· The user’s mailbox is on a server running Exchange Server 2010.

· The Exchange ActiveSync mailbox policy parameter AllowMobileOTAUpdate is set to $True.

· The Windows Mobile OS version is 6.1. To check which version the device is running, from the Help About screen, look for the OS and Windows Mobile 6.1 build number (Start > Settings > System > About). You should see Windows OS = “Windows CE 5.2”, and the Windows mobile build should be between 19202 and 21142.

AllowMobileOTAUpdate

The AllowMobileOTAUpdate setting is one of the standard Exchange ActiveSync mailbox policy settings. This is the main setting that determines whether the update notification e-mail message is sent to the device.

The default value for the AllowMobileOTAUpdate parameter is enabled ($True). To confirm that your Exchange ActiveSync mailbox policy has this setting enabled, follow these steps:

1. Check which policy the user is assigned to by running the following command.

Get-CasMailbox <user> | fl ActiveSyncMailboxPolicy

In the preceding example, the result is the following.

ActiveSyncMailboxPolicy : Default

2. Check that the policy returned in the preceding step has the AllowMobileOTAUpdate setting enabled by running the following command.

Get-ActiveSyncMailboxPolicy Default | fl AllowMobileOTAUpdate

If the AllowMobileOTAUpdate setting is set to $True, the following will be returned.

AllowMobileOTAUpdate : True

Details About the Outlook Mobile Update

The following section covers the end user experience for the Outlook Mobile update. The update notification e-mail message the user receives will look like this.

clip_image004

The user can click the first link in the message to start the download. This downloads the initial setup CAB, which is necessary to find the appropriate Outlook Mobile update for that user’s device.

Next, the user will see a URL Confirmation page that informs them that they’re being taken to a Web site. The user should click Yes to continue. Clicking No will cancel the update process.

clip_image006

After the file begins downloading, the user will be asked if they want to open the file, save it to a location, or click Cancel. The user should click Yes to continue opening the file, making sure that the open file after download box is selected.

clip_image008

The next screen they’ll see is the progress bar that shows that the initial setup CAB is being downloaded and installed.

clip_image010

The initial setup CAB finds the appropriate Outlook Mobile update for the user’s specific device. After the initial setup CAB is installed, it connects to the Outlook Mobile Update Service to find the update. If an update is found, the user will be asked if they want to download the Outlook Mobile update. The user should select Yes to download and install the update.

clip_image012clip_image014

clip_image016clip_image018

After the Outlook Mobile update has been installed, the user needs to restart their device to ensure that all new Outlook Mobile files loaded correctly.

clip_image020

After the user restarts their device, they’re presented with a warning message that informs them that they need to resynchronize their data with Exchange. This is necessary because the existing format of the synchronized data isn’t compatible with the new features built into Exchange Server 2010. The user should click Yes in this warning message box.

clip_image022

Occasionally, a user may see the following error, which can appear when the resynchronization hasn’t yet occurred. The user will need to manually resync their data with Exchange.

clip_image024

How to Subscribe for Future Updates

There may be updates available for your users’ Windows Mobile 6.1 phones in the future. The Outlook Mobile update package will ask users if they would like Outlook Mobile to automatically check for updates on a regular schedule. Users should click Yes to automatically check for updates and receive notification when new updates are available.

clip_image026

Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2

Microsoft released Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2.

Issues that are fixed in this rollup package:

2654016 A client may be unsuccessful in accessing a Java SSO application published to the web in a Threat Management Gateway 2010 environment

2653703 You receive an "Error: Subreport could not be shown" error message in the User Activity or Site Activity report in a Forefront Threat Management Gateway 2010 environment

2654585 UDP packets may become backlogged when you increase the "Maximum concurrent UDP sessions per IP address" setting in a Forefront Threat Management Gateway 2010 environment

2624178 Threat Management Gateway 2010 administrators may be unable to generate reports

2636183 Both sides of a TCP connection are closed when the client or remote application half-closes the TCP connection in a Forefront Threat Management Gateway 2010 environment

2653669 Summary information for the Top Overridden URLs table and for the Top Rule Override Users table display incorrect information in a Forefront Threat Management Gateway 2010 environment

2617060 Forefront TMG 2010 enables L2TP site-to-site connections in RRAS

2655951 Japanese characters in the subject line of an Alert email message are not readable in the Japanese version of Forefront Threat Management Gateway 2010

2654068 "The Web Listener is not configured to use SSL" warning message may occur when you configure a Web Listener to use a valid SSL certificate in a Forefront Threat Management Gateway 2010 environment

2654193 You receive a "Bad Request" error message when you try to access Outlook Web App in a Forefront Threat Management Gateway 2010 environment

2654074 String comparison may become case-sensitive when you publish a website by using Forefront Threat Management Gateway 2010

2658903 The Forefront Threat Management Gateway Firewall service (Wspsrv.exe) may crash frequently for a published website secured by SSL after you install Service Pack 2

Note that along the lines of products like Exchange, cumulative updates for ForeFront TMG are now also called Rollup instead of Software Update or Update.

You can request ForeFront TMG SP2 RU1 directly from support here.

mail-enabled public folders stopped working after installing Exchange 2010 in existing Exchange 2003 or 2007 environment

I recently came across the following issue while performing an Exchange 2007 to Exchange 2010 migration for a company that still heavily utilised mail-enabled public folders. The client’s Exchange environment was quite old and had been previously migrated from Exchange 5.5 to 2003 and hadn’t been properly decommissioned with the original move to 2007, but that’s another story!

Issue

The issue I had was that once I moved all receive connectors to the new Exchange 2010 server, emails sent to any of the mail-enabled public folders (which were still being replicated between the 2 servers) was being rejected with the following NDR:

#< #5.2.0 smtp;554 5.2.0 STOREDRV.Deliver.Exception:ObjectNotFoundException; Failed to process message due to a permanent exception with message The Active Directory user wasn’t found. ObjectNotFoundException: The Active Directory user wasn’t found.> #SMTP#

The following error was found in Event Viewer:

Log Name: Application
Source: MSExchange Store Driver
Date: 7/09/2010 2:00:02 AM
Event ID: 1020
Task Category: MSExchangeStoreDriver
Level: Error
Keywords: Classic
User: N/A
Computer: server@domain
Description:
The store driver couldn’t deliver the public folder replication message “Folder Content (PublicFolderDatabase@domain)” because the following error occurred: The Active Directory user wasn’t found.

Solution

Given this Exchange environment was originally running versions prior to Exchange 2007, the legacy Administrative Group and all its empty subcontainers still existed. An explanation from the Microsoft Exchange Team of why this issue occurs can be found here: http://msexchangeteam.com/archive/2010/05/05/454821.aspx

The solution to this issue was to delete the empty Servers container from the legacy Administrative Group.

Using ADSIEdit.msc, connect to a domain controller and navigate to:

CN=Configuration , CN=Services, CN=Microsoft Exchange, CN=[ExchangeOrganisationName], CN=Administrative Groups, CN=[LegacyAdministrativeGroupName], CN=Servers.

Right click the Servers container and select Delete

Click Yes

Restart the Microsoft Exchange Active Directory Topology Service and the Microsoft Exchange Information Store on both the Exchange 2007 & Exchange 2010 Servers

Internet Explorer Stops Randomly when using TMG als proxy or Error 502 The number of HTTP requests per minute exceeded the configured limit.

Some users report that Internet stops Randomly. After investing i say the following error:

image

On the TMG Management server I saw also the The number of HTTP requests per minute exceeded the configured limit.

Solution:

1. Open TMG Management Console

clip_image001
2. Go Intrusion Prevention System

3. Flood Mitigation
clip_image002

4. Click on the Edit button: The number of HTTP requests per minute exceeded the configured limit
clip_image003
Default = 600 I configured = 3000

No tags for this post.

Exchange 2007 & 2010: Current issues with Microsoft Exchange ActiveSync and Third Party Devices

The following is a list of current issues observed by Microsoft Support personnel for Exchange Server 2007 and Exchange Server 2010 with third-party vendor devices. If you are using Exchange Server 2007 SP3 or Exchange Server 2010 SP1 and you are experiencing an EAS issue not listed below, contact Microsoft Support Services to investigate the issue.

1. Automatic meeting processing

Issue 1.1 – Recurring meeting is removed from calendar when organizer cancels single occurrence

When you synchronize your iOS device by using Exchange ActiveSync on an Exchange Server 2007 mailbox, if the organizer cancels a single occurrence of a recurring meeting, the device may unexpectedly delete the entire recurring meeting.

Solution

There are two parts to this solution:

Install the Exchange Server 2007 Service Pack 3 (SP3) update rollup 4 (RU4). The problem details and the link to the update are documented in the following Microsoft Knowledge Base article:

2502276 A meeting request series are deleted unexpectedly from the calendar in an Exchange Server 2007 environment

Update the Apple iOS on your device to version 4.3 or later. For more details on the latest iOS version, click the following link:

http://www.apple.com/ios

Apple has documented the issue at the following web site:

http://support.apple.com/kb/ts3714

Issue 1.2 – Attendee becomes meeting organizer

When you synchronize your iOS or Android device by using Exchange ActiveSync on an Exchange Server 2007 mailbox, you may unexpectedly become the organizer for a meeting that you were invited to. This does not change the meeting for all attendees.

Solution

This can occur if you change the reminder for a single occurrence of a recurring meeting on an iOS or Android device. There may be other property changes to meeting items that may result in the same symptom.

This issue is resolved in Rollup Update 4 for Exchange Server 2007 Service Pack 3. See the KB article below for additional information.

2521063 You are incorrectly displayed as a meeting organizer after you synchronize the meeting by using your mobile device in an Exchange Server 2007 environment

Note Affected meetings must be deleted and replacement meetings must be created after the servers are patched.

Issue 1.3 – Your meeting response to the organizer appears to have been sent by someone else

When you respond to an Exchange ActiveSync (EAS) meeting invitation, the meeting originator may see someone else’s name displayed as having accepted the invitation instead of you.

Solution

Ensure the Apple iOS on your device is version 4.3 or later. For more details on the latest iOS version, click the following link:

http://www.apple.com/ios

This was fixed by Apple in iOS 3.1. For more details, visit the following Apple web site:

iPhone and iPod touch: My replies to Exchange ActiveSync invitations seem to come from someone else

http://support.apple.com/kb/TS2806

Issue 1.4 – All Day Flag is not set properly on Mobile devices when meeting is scheduled cross multiple days

Mobile device clients do not treat a meeting request as an all day event meeting request. Additionally, the All Day field is marked with "No".

Solution

This issue is resolved in Exchange 2007 Service Pack 3 Rollup 2. The problem is documented in the following articles from the Microsoft Knowledge Base online:

2201236  The "All Day" field is marked with "No" when you access a meeting request that has a duration time that is more than 24 hours by using a mobile client through ActiveSync in an Exchange Server 2007 environment

2201236  Description of Update Rollup 2 for Exchange Server 2007 Service Pack 3

Issue 1.5 – Recurring Exchange calendar events deleted

In some situations, recurring calendar events can be removed from both the iOS device and Exchange when the organizer cancels an event instance.

Solution

This issue is resolved by Apple iOS 4.3, and impacts only the 4.2.6 and earlier versions. Apple has documented the issue at the following web site:

iOS: Recurring Exchange calendar events deleted

https://support.apple.com/kb/ts3714

Issue 1.6 – Appointment exceeding 24 hours changed to multiple day All Day Event

When an appointment item’s duration exceeds 24 hours, but is not marked as an All Day Event, Exchange ActiveSync changes the item on the device to become a multi-day All Day Event. The next time that the device synchronizes with the mailbox, the change is propagated from the item on the device to the item on the Exchange Server 2010 mailbox.

Solution

Microsoft is investigating this issue. This problem can occur when using any ActiveSync device synchronizing with Exchange Server 2010.

2. Connectivity and synchronization failures

Issue 2.1 – Failures to Provision and Synchronize with Android OS

EAS policies can cause provisioning and synchronization to fail, when customized. Devices will not be provisioned if a policy is applied to the users of these devices that exceeds these limitations. This is discussed in comment 9 from the following post on Google’s Android forum:

http://code.google.com/p/android/issues/detail?id=9426

"We only support the basic (EAS 2.5) features in Froyo. So if your server requires, for example, password history or expiration, or complex characters, then it won’t be provisionable in Froyo. Our goal is to provide more policy support in future versions, but for now we support – password (PIN/alpha), minimum characters, max. fails to wipe, inactivity timeout, and remote wipe."

Solution

Updates to the Android OS version appear to resolve this problem. We encourage device users to update to the latest version available from their provider and follow vendor forums on synchronization issues. If the decision is made to allow older devices in the organization, Administrators can canvass device users, or use tools Log Parser or Export-ActiveSyncLog, to ensure that such devices are identified in the organization. Users of older devices can be grouped into a policy that can work for them.

Issue 2.2 – Unable to connect using Exchange ActiveSync due to Exchange resource consumption

There are several symptoms and remediation methods for issues with resource depletion caused by devices connecting with Exchange ActiveSync.

Solution

Administrators should review the following article in the Microsoft Knowledge Base to determine if they are experiencing the same server symptoms:

2201236  Unable to connect using Exchange ActiveSync due to Exchange resource consumption

Note This article also describes a known issue with iOS 4.0, defined by user agent 801.293 – http://support.apple.com/kb/TS3398 and is discussed in Issue 2.5, below.

Issue 2.3 – "This message has not been downloaded from the server" error when trying to open a message

You synchronize your Exchange Server mailbox with your iOS device. When you try to open a message on the iOS device, the following error may be displayed:

This message has not been downloaded from the server

Solution

You must configure the Accepted Domain using Exchange Management Shell. Use the steps in item #7 in the following post from the Exchange Team Blog:

Exchange 2010 SP1 FAQ and Known Issues

http://blogs.technet.com/b/exchange/archive/2010/09/01/3410888.aspx

This issue is being reviewed by the Microsoft Exchange product team.

Issue 2.4- You receive a synchronization failed email message when you synchronize your mobile device

When you synchronize your mobile device by using ActiveSync on an Exchange Server 2010 mailbox, you receive a synchronization failed email message similar to the following:

From: Microsoft Exchange on Behalf of <user>

Sent: <date>

To: <other user>

Subject: Synchronization with your <ActiveSync device> failed for 1 items.

Synchronization with your <ActiveSync device> failed for 1 items.

Microsoft Exchange was unable to send the following items to your mobile device. These items have not been deleted. You should be able to access them using either Outlook or Outlook Web Access.

Item Folder: Inbox

Item Type: IPM.Schedule.Meeting.Resp.Pos

Solution

This issue is described in the following article in the Microsoft Knowledge Base:

2201236 You receive a synchronization failed email message when you synchronize your mobile device by using ActiveSync on an Exchange Server 2010 mailbox

To resolve this issue, install the following update rollup:

2201236 Description of Update Rollup 3 for Exchange Server 2010 Service Pack 1

Issue 2.5- Users are unable to synchronize Apple iPhone iOS 4.0 with the Exchange Server mailbox

Immediately after updating to iOS 4.0, some users may notice that Exchange ActiveSync Mail, Contacts, or Calendars do not sync, or sync very slowly. In addition, some Exchange Server administrators may notice their servers running slowly. This problem is also discussed in Issue 2.2, above.

Solution

Update the device to a later iOS version. Apple has documented the issue at the following web site:

iOS 4.0: Exchange Mail, Contacts, or Calendars may not sync after update

http://support.apple.com/kb/TS3398

Issue 2.6- ActiveSync does not work for mobile device users connecting to Exchange Server 2007 mailboxes after swapping URLs between Exchange Server 2010 and 2007

This problem occurs because the device is unable to properly redirect a user whose mailbox has been moved. The 451 redirect response to the device is not properly interpreted.

Solution

Typically, this issue is resolved by device updates to the latest operating system. Verify the following:

Verify that you have configured the LegacyURL for Exchange 2007 users. This will automatically switch the URL for the user to the appropriate target on the device. See the following blog topic:

http://blogs.technet.com/b/jribeiro/archive/2009/11/26/transitioning-from-an-exchange-2007-environment-to-exchange-2010.aspx

This has been reported for several device types, to include iOS and Android operating system. If the problem is noted with the latest version of the device operating system, and the LegacyURL is correctly established and working for other devices, consult with the device vendor’s technical support.

If you are using an Apple iOS device, update the device to the iOS version 4.3.2.

Note In migrations where the mailbox moves are between different forests, a 451 is not sent. The reason for this is that the old server does not know of the new endpoint for connectivity. In such circumstances, the device must be manually reconfigured.

Check: http://support.microsoft.com/kb/2563324

2011 was interesting Year

2011 was a great year for me from a work & private perspective.

2012 is going to be crazy as well, nice projects in prospect. All in all it was a great year and there’s a lot of cool stuff already planned for 2012!. I wanted to share a couple of cool facts with you:

  • 40+% Traffic growth compared to 2010
  • Busiest Day: July 13th 2011 – 599 unique views
  • Busiest Month: May 2011 – 10.788 unique views
  • Totally 122.855 unique views

Lets make 2012 at least as successful!

Translate »