Recover an Exchange 2010 SP1 Server

Posted on December 29, 2010 by Ward

Recover a Lost Exchange Server

1. Install the proper operating system and name the new server with the same name as the lost server. Recovery won’t succeed if the server on which recovery is being performed doesn’t have the same name as the lost server.

2. Join the server to the same domain as the lost server.

3. Install the following 2008 R2 HotFixes

The following hotfixes are required for the Client Access server for Windows Server 2008 R2:

Install the update described in Knowledge Base article 979099, An update is available to remove the application manifest expiry feature from AD RMS clients. Without this update, the AD RMS features may stop working.
Install the hotfix described in Knowledge Base article 982867, WCF services that are hosted by computers together with a NLB fail in .NET Framework 3.5 SP1. For more information, see these MSDN Code Gallery pages:
- For additional background information, see KB982867 – WCF: Enable WebHeader settings on the RST/SCT.
- For the available downloads, see KB982867 – WCF: Enable WebHeader settings on the RST/SCT.
Install the update described in Knowledge Base article 979744, A .NET Framework 2.0-based Multi-AppDomain application stops responding when you run the application.
Install the update described in Knowledge Base article 983440, An ASP.NET 2.0 hotfix rollup package is available for Windows 7 and for Windows Server 2008 R2. For more information, see these MSDN Code Gallery pages:
- For additional background information, see KB983440 – Win7 rollup package (PR for QFE 810219).
- For the available downloads, see KB983440 – Win7 rollup package (PR for QFE 810219).
Install the update described in Knowledge Base article 977020, FIX: An application that is based on the Microsoft .NET Framework 2.0 Service Pack 2 and that invokes a Web service call asynchronously throws an exception on a computer that is running Windows 7.

4. Set-Service NetTcpPortSharing -StartupType Automatic

5. RUN –> E:\Setup.com /m:recoverserver /InstallWindowsComponents

Exchange 2010 Client Access Throttling

Posted on December 27, 2010 by Ward

Environment:
Windows 2008 R2 – Exchange 2010 RTM
Later I installed SP1 & Rollup 2 for SP1

Outlook 2003 Service Pack 3 Clients
Issue:
During normal working hours users randomly was unable to access their mailboxes when they launched their Outlook client.

The users were receiving the following Outlook message:

“Unable to open your default e-mail folders. The Microsoft Exchange Server computer is not available. Either there are network problems or the Microsoft Exchange Server computer is down for maintenance.”
It was also reported that some users had issues expanding additional mailboxes. (Delegate Mailboxes )
The following Outlook message appeared.

Or users have issues opening Shared Calendars.

Solution:
http://support.microsoft.com/kb/2299468

With Get-ThrottlingPolicy you can see the value of RCAMaxConcurrency

(Exchange 2010 RTM default value 20) (Exchange 2010 SP1 default value 214748364)

I changed RCAMaxConcurrency to 214748364 and the problem is fixt:

Get-ThrottlingPolicy | set-ThrottlingPolicy -RCAMaxConcurrency 214748364

Infrastructure Planning and Design (IPD) Guide for Microsoft Exchange Server 2010 with Service Pack 1

Posted on December 24, 2010 by Ward

The Infrastructure Planning and Design (IPD) Guide for Microsoft Exchange Server 2010 with Service Pack 1 is very handy for successfully designing an Exchange Server 2010 infrastructure. The guide will help consultants make informed decisions about the design of fault tolerance and scalability so that their overall requirements are met.

The guide covers these key steps in the Exchange Server 2010 infrastructure design process:

Defining the project scope by identifying your individual business and IT requirements for a messaging infrastructure.
Mapping features and functionality based on the defined scope to develop the appropriate Exchange Server 2010 design.
Designing the infrastructure and role requirements for the proposed Exchange Server 2010 architecture.
Determining the sizing, fault tolerance, and physical placement of Exchange Server 2010 roles.

The Exchange Server 2010 Guide includes the following content:

Step 1: Define the Business and Technical Requirements
Step 2: Define the Instances of Exchange Server 2010
Step 3: Design the Mailbox Server Infrastructure
Step 4: Design the Client Access Server Infrastructure
Step 5: Design the Hub Transport Server Infrastructure
Step 6: Design the Edge Transport Server Infrastructure
Step 7: Design the Unified Messaging Server Infrastructure
Step 8: Define the Active Directory Domain Services Requirements

Launch the download of the IPD Guide for Microsoft Exchange Server 2010 with Service Pack 1.

Launch the download of the entire Infrastructure Planning and Design Guide series.

Publish Exchange 2010 With TMG (Forefront Threat Management Gateway)

Posted on December 21, 2010 by Ward

When you want you use Forefront Threat Management Gateway to publish Exchange 2010 you must do the following things

1. Get a SAN Certificate.

I my case I have the following URL’s registered with the certificate.
webmail.wardvissers.nl
autodiscover.wardvissers.nl
legacy.wardvissers.nl
casarray.wardvissers.local

2. Import the Certificate in to Exchange 2010.
How to check HERE

3. Create on the Exchange 2010 Server a Client Access Array.
How you must do it I spoke it Configuring Client Access Array. I this case a used casarray.wardvissers.local for the client acces array.

4. Setting the internal & external url’s

Set-ClientAccessServer -Identity ward-ex01 -AutoDiscoverServiceInternalUri https://casarray.wardvissers.local/Autodiscover/Autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “ward-ex01\EWS (Default Web Site)” -InternalUrl https://casarray.wardvissers.local/ews/exchange.asmx -ExternalUrl https:// webmail.wardvissers.nl/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “ward-ex01\oab (Default Web Site)” -InternalUrl http:// casarray.wardvissers.local/oab -ExternalUrl https://webmail.wardvissers.nl/oab

Enable-OutlookAnywhere -Server ward-ex01 -ExternalHostname “webmail.wardvissers.nl” -ClientAuthenticationMethod “Basic”-SSLOffloading:$False

Set-ActiveSyncVirtualDirectory -Identity “ward-ex01\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://casarry.wardvissers.local/Microsoft-Server-Activesync
-ExternalURL https://webmail.wardvissers.nl/Microsoft-Server-Activesync

Set-ECPVirtualDirectory –Identity ward-ex01\ECP (default web site) -InternalURL https://casarry.wardvissers.local/ECP -ExternalURL https://webmail.wardvissers.nl/ECP

5. Configure Exchange 2010 for basic authentication

Set-OwaVirtualDirectory -id ward-ex01\* -BasicAuthentication $true -WindowsAuthentication $true -FormsAuthentication $false

set-WebServicesVirtualDirectory -Identity “ward-ex01\EWS (Default Web Site)” -WindowsAuthentication $true -BasicAuthentication $true

set-EcpVirtualdirectory –Identity ward-ex01\ECP (default web site) -BasicAuthentication $true -WindowsAuthentication $true -FormsAuthentication $false

set-OabVirtualDirectory -Identity “ward-ex01\oab (Default Web Site)” -WindowsAuthentication $true -BasicAuthentication $true

set-ActiveSyncVirtualDirectory -Identity “ward-ex01\Microsoft-Server-ActiveSync (Default Web Site)” -BasicAuthentication $true

6. Import the SAN certificate in to the TMG server.

1. Click Start –> Run –> Type MMC
2. Click File –> add remove Snap-in –> Certificates –> ADD –> Computer account-> Next –> finish-> ok
3. Click Personal –> certificates
4. Right Click certificates –> all task –> import –> next –> select the *.pfx file –> next –> Password –> next –> next –> Finish

7. Publish OWA

1. Publish Exchange Web Client Access

2. Exchange Publishing rule name: OWA 2010

3. Choose Exchange Server 2010 & Outlook Web Access

4. Next ( I have only Single TMG Server)

5. Next

6.Internal Site Name: Client Access Array name. My Case casarray.wardvissers.local

7. Public Name: webmail.wardvissers.nl

8. At this moment I have no Web Listener so we gone create them

9. Weblister Name: HTTPS

10. Next

11. I choise for All Networks (and local host) because the Server has one NIC.

12. Select the Certificate that you just imported.

13. Choise for LDAP (Active Directory)

14. SSO Domain name: my case wardvissers.nl (External Domain name)

15. Finish

16. Next

17. Next

18. Next

19. Finish

8. Publish Active Sync

1. Publish Exchange Web Client Access

2. Exchange Publishing rule name: Active Sync 2010

3. Exchange Server 2010 & Exchange ActiveSync

4. Next

5. Next

6. Internal Site name: CasArray name

7. Public Name: I my case webmail.wardvissers.nl

8.Choise the HTTPS web listerner

9. Next

10. Next

11. Finish

Next Time I will publish how to deploy a Legacy Exchange Server 2003 & 2007 with TMG

Exchange 2010 Tested Solutions

Posted on December 20, 2010 by Ward

Microsoft provides some documentation examples of well-designed, cost-effective Exchange 2010 solutions deployed on hardware offered by some partners from Microsoft.

9000 Mailboxes in Two Sites Running Hyper-V on Dell M610 Servers, Dell EqualLogic Storage, and F5 Load Balancing Solutions

16000 Mailboxes in a Single Site Deployed on IBM and Brocade Hardware

500 Mailboxes in a Single Site Running Hyper-V on Dell Servers

It’s really nice info to read Smile if you designing a Exchange 2010 Solution for your company or customer.

Rollup 2 for Exchange Server 2007 Service Pack 3

Posted on December 15, 2010 by Ward

Today the Exchange Team released Rollup 2 for Exchange Server 2007 Service Pack 3 KB2407025. This update raises Exchange 2007 version number to 8.3.137.3.

The List with fixes:
972186 Some functions do not work if you install Security Configuration Wizard on a Windows Server 2008 SP2-based Exchange Server 2007

979046 Attachments are empty when you save them by using OWA after you have applied the update of KB 958881 on an Exchange Server 2007

980038 The Microsoft Exchange System Attendant service crashes intermittently in the Oabgen.dll module on an Exchange Server 2007 server

981602 Event ID: 4999 is frequently generated in a mixed Exchange Server 2007 and Exchange Server 2003 environment

982476 The Imap4.exe process crashes intermittently on an Exchange Server 2007 server

982478 Notes URL links in a plain text message are not clickable when you open this message by using OWA in an Exchange Server 2007 environment

2028675 The MSExchangeFDS.exe process occupies lots of memory if there are thousands of OABs created on an Exchange Server 2007 server

2029086 Some characters of an email message are displayed in an incorrect text size when you access your mailbox by using OWA in Exchange Server 2007

2032216 The Microsoft Exchange Information Store service crashes on an Exchange Server 2007 server when you start it or try to mount certain databases

2121536 Exchange Server 2007 cannot index a message

2201236 The "All Day" field is marked with "No" when you access a meeting request that has a duration time that is more than 24 hours by using a mobile client through ActiveSync in an Exchange Server 2007 environment

2203212 Certain mailboxes cannot be moved from an Exchange Server 2007 server to an Exchange Server 2010 server

2210042 A sub contact folder is still visible after you set the "PR_ATTR_HIDDEN" attribute to "True" in an Exchange Server 2007 environment

2230824 The Microsoft.Exchange.POP3.exe process or the Microsoft.Exchange.Imap4.exe process may crash after you enable protocol logging for POP3 or IMAP4 on an Exchange Server 2007 server

2249814 You receive misleading information when you run the "New-TestCasConnectivityUser.ps1" script on an Exchange Server 2007 server

2263342 "The operation failed" error message in Outlook client when a user sends a recurring meeting request with an email message attachment in an Exchange Server 2007 SP2 environment

2276439 (http://support.microsoft.com/kb/2276439/ ) The Microsoft.Exchange.IMAP4.exe process crashes when an IMAP4 client retrieves a meeting request that includes exception attachments in an Exchange Server 2007 environment

2280234 "Your POP3 server has not responded in 60 seconds." error message when a POP3 client connects to an Exchange Server 2007 Client Access server to access an Exchange Server 2003 mailbox

2282570 "550 5.1.3" NDR message when an Exchange Server 2007 user sends an email message to a recipient

2265306 The Exchange Information Store service stops responding when you perform a search operation on an Exchange Server 2007 mailbox in Outlook

2282746 The "Private" sensitivity status of an occurrence of a recurring meeting request is lost when you edit the occurrence in OWA in an Exchange Server 2007 environment

2286782 The response details are still included in the response email message when you set the "EnableResponseDetails" property to "False" in an Exchange Server 2007 environment

2290105 A shared document cannot be open by using OWA after you install Exchange Server 2007 SP3 on an Exchange Server 2007 server

2290159 The POP3 service crashes on an Exchange Server 2007 server

2344372 You cannot move mailboxes to an Exchange Server 2007 server

2362371 You receive a "Success" response when using the Test-Mailflow command on an invalid or nonexistent external email address in an Exchange Server 2007 environment

2384754 "Unable to identify local server row in Replication state table for this FID" error message when you run the Information Store Integrity Checker tool on an Exchange Server 2007 server

2387915 The ESEBack component does not support ETL tracing on an Exchange Server 2007 server

2388057 The Exchange Transport service crashes on Exchange Server 2007 servers in a mixed Exchange Server 2007 and Exchange Server 2010 environment

2394731 An HTML attachment of a shared mailbox cannot be saved when you set the "BypassOwaHTMLAttachmentFiltering" setting to "True" in an Exchange Server 2007 environment

2424499 Exchange Server 2007 does not support to assign a mailbox with the "Send on behalf" permission of a security group in the EMC or in the EMS

2427297 The created time and the modified time of an attachment are incorrect when you save an email message on an Exchange Server 2007 mailbox

2430674 The "Leave message intact" method in a Folder Assistant rule does not work when you post an item by using OWA in an Exchange Server 2007 environment

Download the hotfix HERE

FREE Exchange 2010 Training available

Posted on December 8, 2010 by Ward

Exchange 2010 Upgrade and Deployment (HOLO)

This 300 level hands-on labs online course (including seven hands-on labs) will prepare learners with the knowledge to engage with customers to help them implement best practices for smooth Exchange 2010 upgrades and deployments. These hands-on labs online (HOLOs) are provided at no charge to Microsoft partners, and provide IT Professionals with the essential information they need to setup, deploy, and configure Microsoft Exchange Server 2010. The course will address gaps in knowledge around topics such as new features, upgrade paths, tools and processes to support upgrade and deployment planning.

Training includes the following curriculum:

Course (Online): Using Exchange 2010 Tools to Plan a Deployment (Part 1)

Course (Online): Using Exchange Tools to Plan a Deployment (Part 2)

Course (Online): Exchange 2010 Setup, Deployment, and Server Role Configuration

Course (Online): Configuring Mail Flow and Outlook Web Access

Course (Online): Moving Mailboxes to Exchange 2010

Course (Online): Moving Other Services to Exchange 2010 (Part 1)

Course (Online): Moving Other Services to Exchange 2010 (Part 2)

Thanks to

Bryan Von Axelson

Home folders renamed to My Documents

Posted on December 7, 2010 by Ward

When you redirect users home folders to network share the folders are show as My Documents folder.

This is a bug in Windows 7
http://support.microsoft.com/kb/947222

Solution:

Do not grant the Read permission to the administrator for the Desktop.ini files on the server. To do this, follow these steps:

Note If more than one Desktop.ini file exists, follow these steps for all the Desktop.ini files.

Right-click the Desktop.ini file, click Properties, and then click the Security tab.
In the Group or user names pane, click Administrators.
Click to select the Deny check box for the Read permission.
Click OK.

If you have 1000+ home folders this is not great thing to do Sad smile

Richard Willis created a nice powershell script that will do it for you Open-mouthed smile
You need only change the groupName to the group that you will give deny read permissions.
Save the script in de home folder where all the “My Documents” are and run the script.

The Script:
———————————————————————————————————–

$folders = Get-ChildItem | where-object {$_.psiscontainer};
foreach ($folder in $folders)
{
$desktopIni = Get-ChildItem $folder -Filter desktop.ini -Force
if ($desktopIni -ne $null)
{
$Acl = Get-Acl $desktopIni.FullName
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule `
("groupName","Read","Deny")
$Acl.SetAccessRule($Ar)
Set-Acl $desktopIni.FullName $Acl
}
}

———————————————————————————————————-