Category: Exchange 2010

Exchange 2010

Security update available for Exchange 2007, 2010 and 2013

Microsoft has released a fix for Outlook Web App in all supported versions of Exchange.
In all cases, it comes to security issues that have been designated as Important.

Four security updates are also those offered by Microsoft Update, but here are the manually download links:

Rollup 15 for Exchange Server 2007 Service Pack 3
Rollup 8 for Exchange 2010 SP3
Security Update For Exchange Server 2013 SP1 (KB3011140)
Security Update For Exchange Server 2013 CU6 (KB3011140)
Cumulative Update 7 for Exchange Server 2013 (Provided not with Windows Update)

Versions that are not listed here are no longer supported or are not vulnerable. For more information read the security bulletin MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3,009,712)

Rollup 8 v2 for Exchange Server 2010 SP3

Exchange Team released Rollup 8 for Exchange Server 2010 SP3

Update Rollup 8 for Exchange Server 2010 SP3 resolves security issues that are described in December 2014 security update for Exchange Server 2007 and Exchange Server 2010.
Additionally, this update resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014

  • 3009132 Hybrid mailbox moves to on-premises environment but finishes with CompletedWithWarnings status

  • 3008999 IRM restrictions are applied to incorrectly formatted .docx, .pptx, or .xlsx files in an Exchange Server 2010 environment

  • 3008370 Group members are not sorted by display name when HAB is used with OAB in Exchange Server 2010

  • 3008308 Public folder database migration issue in a mixed Exchange Server environment

  • 3007794 Hub Transport server cannot deliver messages when a database fails over to a cross-site DAG in Exchange Server 2010

  • 3004521 An Exchange server loses its connection to domain controllers if a public folder server is down in Exchange Server 2010

  • 2999016 Unreadable characters when you import ANSI .pst files of Russian language by using the New-MailboxImportRequest cmdlet

  • 2995148 Changing distribution group takes a long time in an Exchange Server 2010 environment

  • 2992692 Retention policy is not applied to Information Rights Management protected voice mail messages in Exchange Server 2010

  • 2987982 Issues caused by ANSI mode in Exchange Server 2010

  • 2987104 Email message is sent by using the “Send As” instead of “Send on Behalf” permission in Exchange Server 2010

  • 2982017 Incorrect voice mail message duration in Exchange Server 2013 and Exchange Server 2010

  • 2977279 You cannot disable journaling for protected voice mail in Exchange Server 2013 and Exchange Server 2010

Download: Rollup 8 v2 for Exchange Server 2010 SP3 (KB2986475)

Block iOS devices with Block-IOS-Devices.ps1 Script

Microsoft keeps a list of problems: Current issues with Microsoft Exchange ActiveSync and third-party devices

After some problems at a customer i looked deeper at these problems.
Most problems come’s with iOS devices (iPhone and iPad)

Sow I made a list of al iOS versions (6,7 and 8) and there problems.

To keep this simple i created a powershell script: Block-IOS-Devices.ps1 or you can download it from the Technet Script Libary: Block iOS devices with Block-IOS-Devices.ps1 Script

image

Rapid growth in transaction logs, CPU use, and memory consumption in Exchange Server 2010, Exchange 2013 and Office 365 when a user syncs a mailbox by using an iOS 6.1-based or iOS 6.1.1-based device

Yesterday i was at customer who had problem dat transaction logs Rapid growl.
It was on a Exchange 2013 Server with CU5.

For Exchange 2010 there was released a KB http://support.microsoft.com/kb/2814847

This is still a issue for Exchange 2010, Exchange 2013 and Office 365.

Microsoft has al ready blocked IOS 6.1 – 6.1.1 devices at Office 365.

Server was OK…. But When i run Get-EASDeviceReport.ps1 i saw some IOS 6.1 devices. Sow we going to block this IOS versions.

Powershell:
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B141” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B142” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B143” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B144” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1.1 10B145” -characteristic DeviceOS -accesslevel block

Exchange 2010 SP3 Rollup 7

The Exchange Team released Rollup 7 for Exchange Server 2010 Service Pack 3 (KB2961522). This update raises Exchange 2010 version number to 14.3.210.2.

Fixes:

  • 2983261 “HTTP 400 – Bad Request” error when you open a shared mailbox in Outlook Web App in an Exchange Server 2010 environment
  • 2982873 Outlook Web App logon times out in an Exchange Server 2010 environment
  • 2980300 Event 4999 is logged when the World Wide Web publishing service crashes after you install Exchange Server 2010 SP3
  • 2979253 Email messages that contain invalid control characters cannot be retrieved by an EWS-based application
  • 2978645 S/MIME option disappears when you use Outlook Web App in Internet Explorer 11 in an Exchange Server 2010 environment
  • 2977410 Email attachments are not visible in Outlook or other MAPI clients in an Exchange Server 2010 environment
  • 2976887 eDiscovery search fails if an on-premises Exchange Server 2010 mailbox has an Exchange Online archive mailbox
  • 2976322 Assistant stops processing new requests when Events in Queue value exceeds 500 in Exchange Server 2010
  • 2975988 S/MIME certificates with EKU Any Purpose (2.5.29.37.0) are not included in OAB in Exchange Server 2010
  • 2966923 Domain controller is overloaded after you change Active Directory configurations in Exchange Server 2010

Download Exchange 2010 SP3 Rollup 7 here.

Manage Exchange 2010 Database Log Growth by Using the Troubleshoot-DatabaseSpace.ps1 Script in the Shell

The Troubleshoot-DatabaseSpace.ps1 script is used by Microsoft System Center Operations Manager 2007 to detect and correct any excess log growth or Microsoft Exchange database (.edb) file growth that, if unchecked, may cause database downtime. By default, System Center Operations Manager 2007 runs the script every 15 minutes. However, you can use Task Scheduler to configure and run this script to monitor database log and file growth.

The Troubleshoot-DatabaseSpace.ps1 script performs the following actions:

  1. Keeps track of log generation rate for the highest log generators per database. This helps determine which users are logging too heavily and potentially causing space issues.
  2. Keeps track of the available disk space for both the database and the log files. If either of these is within a configurable threshold of being full, further action must be taken.
  3. Keeps track of the log generation rate. If it appears that the disk is going to run out of space within the value specified by the HourThreshold parameter (based on the log generation rate), further action must be taken.

    noteNote:

    To avoid critical issues, make sure the value for the HourThreshold parameter is large enough to give you time to react during normal business hours while enough free space is available. If drives are filling up faster than the value specified, immediate action must be taken to protect the disk.

  4. If all of the preceding conditions are fulfilled, the script determines the list of top 25 users who accessed the database during the last one-hour period. The script then quarantines the top high-usage mailboxes for which the sum of the log generation rate is greater than the difference between the current generation rate and the sustainable generation rate that would allow tiding over the configurable time threshold. These users are quarantined for six hours, during which they won’t have access to e-mail.
  5. If the troubleshooter is unsuccessful at dropping the log generation rate to below the threshold level, it will write out events that translate into health model alerts. At this point, the script removes the database from provisioning by running the Set-MailboxDatabase cmdlet with the ExcludeFromProvisioning parameter set to $true against the specified database. You may need to move mailboxes to a new server to rebalance space.
  6. If the troubleshooter quarantines more than 10 users, this indicates a systemic issue, which you need to follow up on. The health model will trigger an urgent alert from this condition.

The default settings used in the Troubleshoot-DatabaseSpace.ps1 script are defined in the StoreTSConstants.ps1 script.

Command: .\Troubleshoot-databasespace.ps1 -server MBX01 -PercentLogFreeSpace 10 -PercentEDBFreeSpace 10 -HourThreshold 5 -Quarantine

Taskscheduler: powershell.exe -PSConsoleFile “C:\Program Files\Microsoft\Exchange Server\V14\bin\exshell.psc1” -command “. ‘C:\Program Files\Microsoft\Exchange Server\V14\Scripts\Troubleshoot-databasespace.ps1’ –server EX01 -PercentLogFreeSpace 10 -PercentEDBFreeSpace 10 -HourThreshold 1 -Quarantine”

Exchange Tools

Here I’ll share some free tools that can help simplify Microsoft Exchange deployment, troubleshooting, and administration. Some of the tools are simple—but still convenient—whereas others provide some powerful functionality.

There are some tools you can use during deployment to ease the process and reduce issues in the future, tools you can use for troubleshooting to reduce down-times, and tools you can use during day-to-day administration to monitor server health and perform tasks.

Microsoft Exchange Server Deployment Assistant

Microsoft’s Exchange Server Deployment Assistant is an online tool that produces a custom step-by-step checklist you can utilize during a server installation or upgrade. It first asks you questions about your current and desired deployment environment, such as the deployment type (on-premise, cloud, or hybrid), migration questions, desired features/functionality, and other miscellaneous caveats that impact the installation or upgrade.

Microsoft Remote Connectivity Analyzer

Microsoft’s Remote Connectivity Analyzer is a website with many tools to help test and troubleshoot connectively of Exchange servers, Outlook, Lync, OCS, Office 365, and POP, IMAP, and STMP email. Plus it offers downloadable Connectivity Analyzer Tools for local testing and a message header analyzer.

PFDAVAdmin and ExFolders
These are tools that enable you to perform tasks on Exchange public folders and mailboxes, such as checking or changing permissions. It can also connect to mailboxes, check the contents, and generate reports. PFDAVAdmin is for Exchange 2000, 2003, and 2007 and ExFolders is the updated version for Exchange 2007 and 2010 SP1 and later.

Jetstress

The Jetstress tool simulates disk I/O load on your server, allowing you to specify the amount of simulated Exchange users and profiles. This can help you verify the performance and stability of your server before installing Exchange and putting it into production-use.

Exchange Server Role Requirements Calculators

These are calculator tools that give sizing recommendations for your particular Exchange server roles for both client access and mailbox. The 2010 version is focused on mailbox calculations while the 2013 version includes recommendations on sizing Client Access servers too.

Exchange Environment Report

This Exchange Environment Report tool is from Steve Goodman and is a PowerShell script that generates an automatic overview of your Exchange environment. It supports Exchange 2003, 2007, 2010 and 2013 servers and database availability groups. It reports the number of and details about the servers, mailboxes, roles, and versions. It also gives you useful status on the Database Availability Groups (DAG) and non-DAG databases.

Exchange Reports

Exchange Reports offers reports on overall information about your Exchange Environment, supporting Exchange 2010 & Exchange 2013. You can keep an eye on configuration changes and status with Group Reports, Single Group Information, Mailbox Report, Single Mailbox Information, Message Tracking, and Environment Report.

The program doesn’t require any installation, but requires .Net 4.0, Powershell 2.0, and Remote Powershell access to the Exchange Server. Reports can be saved in history and also exported to Excel.

Microsoft Exchange Server MAPI Editor (MFCMAPI)

Microsoft’s Microsoft Exchange Server MAPI Editor (MFCMAPI) tool provides access to MAPI stores, useful when troubleshooting Exchange and Outlook issues, which can serve as a replacement to the old Microsoft Exchange Server Information Store Viewer. You can open and navigate through the message stores that are exposed through MAPI.

Free Exchange Monitor

The Free Exchange Monitor from SolarWinds supports Microsoft Exchange Server 2000 and 2003. It keeps tabs on the Exchange server stats, services, mail queue sizes, and host server health. In addition to notifying you of outages it can be useful in troubleshooting Exchange server problems and even help with pro-active monitoring, for instance detecting growing mail queues that can indicate bigger issues like transport failures, Internet connection failures, and virus activity.

Free Exchange Monitoring

This is another monitoring application, but from ManageEngine and supports Exchange Server 2003, 2007, 2010, and 2013. It gives stats on server health and Exchange services. It also provides details on the client access server, transport, Active Sync counters, and delivery aspects. You can generate real-time performance reports to be downloaded or emailed in PDF format.

Exclaimer Outlook Photos

Exclaimer Outlook Photos can help you import staff photos into the Active Directory so they’ll show up in the Outlook People Pane, SharePoint profile, and on Microsoft Lync. It can auto-match pictures from a batch to names or other data in Active Directory, and even automatically crop and center the photos as well.

Certificate Manager for Exchange 2007

Exchange 2007 enables SSL within IIS by default, but creating and managing SSL certificates via PowerShell commands can be confusing. However, the Certificate Manager for Exchange 2007 from U-BTech eases the process with a GUI.

You can generate an Exchange 2007 Certificate Signing Request and process the Certificate Authority and enable certificates for Exchange 2007 Services (POP, IMAP, SMTP, IIS, UM). Plus you can include additional subject names in a single certificate. It supports import and exporting as well.

Exchange PST Capture

Exchange PST Capture from Microsoft will search your network for PST files and then import those files to mailboxes in your organization. It supports both on-premises Exchange Server 2010 and 2013 and Exchange Online. This tool can help, for instance, during the initial deployment of an Exchange Server, to move local Outlook data files into the Exchange Server.

LINK

Update Rollup 6 for Exchange Server 2010 Service Pack 3

The Exchange team is announcing today the availability of Update Rollup 6 for Exchange Server 2010 Service Pack 3

Update Rollup 6 for Exchange Server 2010 SP3 resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:

  • 2960652 Organizer name and meeting status field can be changed by EAS clients in an Exchange Server 2010 environment

  • 2957762 “A folder with same name already exists” error when you rename an Outlook folder in an Exchange Server 2010 environment

  • 2952799 Event ID 2084 occurs and Exchange server loses connection to the domain controllers in an Exchange Server 2010 environment

  • 2934091 Event ID 1000 and 7031 when users cannot connect to mailboxes in an Exchange Server 2010 environment

  • 2932402 Cannot move a mailbox after you install Exchange Server 2010 SP3 RU3 (KB2891587)

  • 2931842 EWS cannot identify the attachment in an Exchange Server 2010 environment

  • 2928703 Retention policy is applied unexpectedly to a folder when Outlook rule moves a copy in Exchange Server 2010

  • 2927265 Get-Message cmdlet does not respect the defined write scope in Exchange Server 2010

  • 2925273 Folder views are not updated when you arrange by categories in Outlook after you apply Exchange Server 2010 Service Pack 3 Update Rollup 3 or Update Rollup 4

  • 2924592 Exchange RPC Client Access service freezes when you open an attached file in Outlook Online mode in Exchange Server 2010

  • 2923865 Cannot connect to Exchange Server 2010 when the RPC Client Access service crashes

Exchange Powershell Scripts that Every Exchange Admin need to have

The Following Powershell scripts that every Exchange Admin must have Glimlach

Test-ExchangeServerHealth
Get-DagHealth
PelNet.ps1
ADinfo.ps1
Get-VirDirInfo.ps1
CertificateReport.ps1
Get-EASdevicereport.ps1
Get-MailboxReport.ps1
Get-DailyBackupAlerts.ps1
Install-Exchange2013.ps1

Exchange Server Active Directory Supportability Matrix

Operating system environment

Exchange 2013 SP1

Exchange 2013 CU2 and CU3

Exchange 2010 SP3 RU5 or later

Exchange 2010 SP2

Exchange 2007 SP3 RU13 or later

Windows Server 2008 R2 SP1 Active Directory servers

X

X

X

X

X

Windows Server 2012 Active Directory servers

X

X

X

X

X

Windows Server 2012 R2 Active Directory servers

X

X

X

  

X

Domain and forest functional level

Exchange 2013 SP1

Exchange 2013 CU2 and CU3

Exchange 2010 SP3 RU5 or later

Exchange 2010 SP2

Exchange 2007 SP3 RU13 or later

Windows Server 2008 R2 SP1 domain functional level

X

X

X

X

X

Windows Server 2012 domain functional level

X

X

X

X

X

Windows Server 2012 R2 domain functional level

X

  

X

    

Windows Server 2008 R2 SP1 forest functional level

X

X

X

X

X

Windows Server 2012 forest functional level

X

X

X

X

X

Windows Server 2012 R2 forest functional level

X

  

X

    
Translate »