Archive for 2014

Exchange Server 2010 To 2013 Migration Guide

Ending my year with Exchange Server 2010 To 2013 Migration Guide. I hope it helps to accomplish your migration project.


Signing out from year 2014. Wish you all very happy and prosperous year 2015.

Cheers,
Gulab Prasad

How to Request and Configure Exchange Server 2013 Certificate

I wrote one small guide on "How to Request and Configure Exchange Server 2013 Certificate".
You can download this guide from the below link.



Cheers,

Cannot access LcsCDR or QoEMetricson Monitoring back-end database.Verify that these databases has been deployed, and that access to the Monitoring back-end database is not blocked by firewall.

While deploying Lync Server 2013 Archiving and Monitoring role, I ran into the below error message.




























Check your SQL Server which will be used for Archiving and Monitoring for Lync Server 2013. I found that databases were not created.
























Resolution:
Login to your SQL Server and open SQL Server Management Studio and connect to the SQL Server. Create LcsCDR and QoEMetrics database manually.



































Rerun the deployment again and it will complete successfully.




























Cheers,

How to Install and Configure Exchange 2013 Edge Server

It's been long time I wrote any articles, but it's good to be back. In this article we will learn how to install and configure Exchange Server 2013 Edge Transport Role.
LAB environment:
  • 2 Windows Server 2008 R2 Domain Controller
  • 1 Exchange Server 2013 CU5 with Mailbox and CAS Server Role on Windows Server 2012 R2
  • 1 Exchange Server 2013 CU5 Edge Server Role on Windows Server 2012 R2
  • 2 NIC Card, 1 Internal and 1 External

The Edge Transport Server is not an Active Directory domain joined server, but it should have a normal FQDN which should be resolvable from the Internet. In the lab I am using exch03.exchangeranger.net for the server FQDN.

After installing the Windows Server 2012 R2 rename the server as per your requirement and add the Suffix, in my case it's exchangeranger.net


































As the Edge Transport server is using the internal DNS servers for name resolution this should not be a problem on the Edge Transport Server, but on the internal network you have to add the Edge Transport server manually to the internal DNS servers. Create Host record in DNS for Edge Server.


















First we will have to install prerequisites for Exchange 2013 Edge Transport Server by running the below commands:

Install-WindowsFeature RSAT-ADDS
Install-WindowsFeature ADLDS

Start the installation of Edge Transport Server 2013.






























Next part is to make sure that Edge Server is able to ping the Mailbox Server and vise versa.
When I pinged the Mailbox Server from Edge Server it failed.








Make sure you disable the Windows Firewall on both Mailbox and Edge Server.



















After disabling the Firewall you can ping the server both way.










Now the next part is to create the Edge Subscription.
To create the Edge Subscription file open the Exchange Management Shell and enter the following command:
New-EdgeSubscription –FileName C:\EdgeSubscription\Edge01.xml








Copy the XML file from Edge Transport to Mailbox Server to a location on the local disk in my case it's C:\EdgeSubscription drive of the Exchange 2013 Mailbox server. To import the XML file open the Exchange Management Shell and enter the following command:
New-EdgeSubscription -FileData ([byte[]]$(Get-Content -Path “C:\EdgeSubscription\Edge01.xml” -Encoding Byte -ReadCount 0)) -Site “Default-First-Site-Name”






Once you are done with Importing XML file on Mailbox Server successfully you need to start the  Edge Synchronization, to start it we need  run Start-EdgeSynchronization on Mailbox Server.












In the output above you see Result: CouldNotConnect and FailureDetails: The LDAP server is unavailable, don't panic give this process sometime and you will see Result: Success and FailureType: None as shown in below image.











Now it's time to get this newly installed Edge Server to work specifying it in a Smart Host on existing Send Connector on Mailbox Server or creating the new Send Connector all together. We are going to create new Send Connector named Internet.












































Note: Make sure you restart MSExchange Transport Service on Mailbox Server after creating the Send Connector.

Cheers,

Cumulative Update 6 for Exchange Server 2013

Microsoft released Cumulative Update 6 for Exchange Server 2013. You can download from here...

This Cumulative Update comes with several and some of the important fixes. Some of those are...

  • Blank page after you sign in to Exchange Server 2013 EAC (formerly ECP)
  • OAB generation fails if FIPS is used in an Exchange Server 2013 environment
  • You cannot access the archive mailbox of a delegated user after enabling MAPI over HTTP
  • Exchange Server 2010 public folder replication fails in an Exchange Server 2013 environment
  • Duplicate mailbox folders after migration to Exchange Server 2013

List of Issues that the cumulative update resolves KB2961810

Cheers,

How to configure Exchange Server 2013 Virtual Directories

After you installed Exchange Server Certificate and enabled the services on Certificate like IIS, SMTP, UM etc. You will have configure the virtual directories so that you can access the resources like OWA, ECP, Autodiscover, ActiveSync, OutlookAnywhere from Exchange Server.
There are several articles available on the internet, still I thought of writing one [for myselft ;) ]
 
Here is the list of commands you need to run to configure the different Virtual Directories. Run Get- commands to check if you have configured the Virtual Directories properly or not.

Exchange Control Panel:
Get-ecpVirtualDirectory -Server "ExchangeServerName" | Set-ecpVirtualDirectory -InternalURL https://webmail.exchangeranger.net/ecp -ExternalURL https://webmail.exchangeranger.net/ecp
Get-ECPVirtualDirectory -Server "ExchangeServerName" | Fl InternalURL,ExternalURL

Outlook Web App:
Get-OwaVirtualDirectory -Server "ExchangeServerName" | Set-OwaVirtualDirectory -InternalURL https://webmail.exchangeranger.net/owa -ExternalURL https://webmail.exchangeranger.net/owa
Get-OWAVirtualDirectory -Server "ExchangeServerName" | Fl internalUrl,ExternalURL

EWS (Exchange Web Services):
Get-WebservicesVirtualDirectory -Server "ExchangeServerName" | Set-WebservicesVirtualDirectory -InternalURL https://webmail.exchangeranger.net/EWS/Exchange.asmx -ExternalURL https://webmail.exchangeranger.net/EWS/Exchange.asmx
Get-WebservicesVirtualDirectory -Server "ExchangeServerName" |Fl internalURL,ExternalURL

Autodiscover:
Set-ClientAccessServer "ExchangeServerName" -AutodiscoverServiceInternalUri https://webmail.exchangeranger.net/Autodiscover/Autodiscover.xml
Get-ClientAccessServer "ExchangeServerName" | Fl AutodiscoverServiceInternalUri

ActiveSync:
Get-ActiveSyncVirtualDirectory -Server "ExchangeServerName" | Set-ActiveSyncVirtualDirectory -InternalURL https://webmail.exchangeranger.net/Microsoft-Server-ActiveSync -ExternalURL https://webmail.exchangeranger.net/Microsoft-Server-ActiveSync
Get-ActiveSyncVirtualDirectory -Server "ExchangeServerName" | Fl InternalURL,ExternalURL

Offline Address Book:
Get-OABVirtualDirectory -Server "ExchangeServerName" | Set-OABVirtualDirectory -InternalUrl https://webmail.exchangeranger.net/OAB -ExternalURL https://webmail.exchangeranger.net/OAB
Get-OABVirtualDirectory -Server "ExchangeServerName" | Fl InternalURL,ExternalURL

OutlookAnywhere:

Set-OutlookAnywhere -Identity "ExchangeServerName"\Rpc (Default Web Site)" -InternalHostname webmail.exchangeranger.net -ExternalHostName webmail.exchangeranger.net -InternalClientAuthenticationMethod ntlm -InternalClientsRequireSsl:$True -ExternalClientAuthenticationMethod Basic -ExternalClientsRequireSsl:$True
Get-OutlookAnywhere -Identity "ExchangeServerName"\rpc (Default Web Site)" |fl InternalHostName,InternalClientAuthenticationMethod,InternalClientsRequiressl,
ExternalHostName,ExternalClientAuthenticationMethod,ExternalClientsRequiressl

Cheers,

BitTitan Data Encryption for your email in the cloud

Maintain ownership and control of your information with BitTitan Data Encryption, a monthly service that ensures your company’s internal email security by encrypting your Office 365 Outlook data. BitTitan Data Encryption, the latest addition to the BitTitan suite of offerings, provides a persistent layer of protection for your email in the cloud.
Moving to the cloud makes a lot of sense – it saves money, simplifies support, and allows a flexible approach to IT as your company grows. It’s definitely the best option in today’s marketplace. But when you give up control and place your vital information in someone else’s hands, there are security and privacy questions you need to consider:
  • How do you make sure that your information stays private?
  • Where are the keys that protect your data stored?
  • How do you prevent loss of information from theft, accidents, or government snooping?
  • Do your existing security measures account for all states of data? At rest, in use, and in transit?
  • How do you make sure you are complying with laws that make you fully liable for the protection of private personal, medical, or financial information you handle?
    For more information visit http://www.bittitan.com/DataEncryption 

    Script to get Mailbox Information

    I was deploying archiving solution for Exchange 2010 for more than 20K seats environment. And I have been asked by the vendor to find certain information for all the Mailboxes in exchange environment, like TotalItemSize, TotalDeletedItemSize, ItemCount and DeletedItemCount.

    I came up with the below script which made the JOB easy. I ran the script per Exchange Server, but you can also run it per Mailbox Database, you just need to change the switch from -Server to -Database.

    Get-Mailbox -Server "MailboxServerName" -ResultSize Unlimited -IgnoreDefaultScope -RecipientTypeDetails UserMailbox,RoomMailbox,EquipmentMailbox,SharedMailbox | Get-MailboxStatistics | Select DisplayName,@{expression={$_.TotalItemSize.value.ToMB()};label="TotalItemSize(MB)"},@{expression={$_.TotalDeletedItemSize.Value.ToMB()};Label="TotalDeletedItemSize(MB)"},ItemCount,DeletedItemCount,Database,OrganizationalUnit | Export-Csv C:\temp\Content.csv

    If you want to run it across your Exchange environment without using Server or Database switch, then just run Get-Mailbox only.
    You can also add other attributes like SentItems, Attachment etc. to the script.
    This script can be run on Exchange Server 2010 and 2013.

    Cheers,

    Update Rollup 6 for Exchange Server 2010 Service Pack 3

    Update Rollup 6 for Exchange Server 2010 Service Pack 3. This updated fixes several important issues. You can download it from here...

    Update Rollup 6 for Exchange Server 2010 SP3 resolves the issues: KB2936871

    Cheers,

    Cumulative Update 5 for Exchange Server 2013 SP1

    Microsoft has released much awaited Cumulative Update 5 for Exchange Server 2013 SP1. You can download it from here...

    Update resolves the issues KB2936880
































    Cheers,

    Exchange Server 2013 SP1 Architecture Poster

    Exchange Server 2013 SP1 Architecture Poster. There are lots of changes in the diagram as compare to Exchange 2013 RTM. Download from here...

    Cheers,

    Unable to determine the installed file version from the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine'.

    Today I planned to work on Exchange 2013 in my LAB, thought of playing around with it. So I opened Exchange Management Shell and guess what I have been greeted with!!!














    I started regedit on the server and went to the location "'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1" but I couldn't find "PowerShellEngine" Key at the location, it was missing.
     






















    Now, what are the options I have to fix it?
    1: Reinstall PowerShell 1.0, well which would be hilariously crazy, as this is Windows Server 2012 R2.
    2: I can take a look on other server (2008 or 2012) to see if the value is present.

    So I looked at another server, which is Exchange 2010 running on Windows 2008 R2. And this is how it looks.




















    I can export PowerShellEngine Key, save it and move it on Windows 2012 and Import it under "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1". Or create all the 6 strings manually.

    Well I chose to do manually ;). Created the Key "PowerShellEngine" under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1.
    Created all 6 Strings under "PowerShellEngine". and copied the values from Windows Server 2008.
    1: ApplicationBase
    2: ConsoleHostAssemblyName
    3: ConsoleHostModuleName
    4: PowerShellVersion
    5: PSCompatibleVersion
    6: RuntimeVersion.

    Restarted the server after creating the Key and Strings. And Exchange Management Shell started without any errors.


















    Cheers,

    How to Install and Use Windows PowerShell Web Access

    I was reading and doing LAB on Windows PowerShell few days ago and it came to mind that, what if there's a way to access Windows PowerShell from Internet. No VPN, Domain login etc. Just pure internet and you can access your environment over the internet and work on applications like Exchange, Lync etc.

    And I found that there's something called Windows PowerShell Web Access. Unbelievably awesome feature. Now here is the requirement you must full fill to deploy Windows PowerShell Web Access in your environment.

    You Must Have:
    1: Windows PowerShell 3.0
    2: At least One Windows Server 2012.

    On Windows Server 2012 you have Windows PowerShell 3.0 installed by default. Lets check if Windows PowerShell Web Access is installed or not.
    Run this command Get-WindowsFeature "PowerShell"












    Now as you see Windows PowerShell Web Access is available. Next we are going to install this feature on the server, remember you need to run this on Windows Server 2012.

    Install-WindowsFeature WindowsPowerShellWebAccess








    Installation has completed successfully and no restart required. :) After it gets installed it will add 6 new modules to PowerShell and we can see it by running Get-Help Cmdlets.
    Get-Help *pswa*










    Installing PowerShellWebAccess isn't completes the process. It needs function called PswaWebApplication which we got after installing WindowsPowerShellWebAccess. Also you are going to need Certificate also, remember you are going to access PowerShell over the internet and hence it has to be https (secure). If you are running in the Test environment you might not have certificate and for that you will have to run this command "Install-PswaWebApplication -UseTestCertificate".  But I already have certificate installed on the server hence I wouldn't need to run the above command.

    Install-PswaWebApplication
















    Now we have PswaWebApplication installed on the server, lets check IIS if it's listed there or not. Open IIS, expand the server and under ApplicationPool at the bottom you will see pswa_pool.
























    At this point we have installed PSWA on the server and it's ready to use, but wait next most important thing is to authorize user who can run what and what to not. Like which server they can access and which server they shouldn't. To authorize we will run this command "Add-PswaAuthorizationRule".








    Note:
    As this is LAB environment I am running this command as it will give access to everyone. You do not want to run this in your production ever.

    Run this command to start the browser with PowerShell.





    After you ran this command you should have Internet Explorer open asking you for the credentials.





















    Enter the credentials.





















































    There you go, you are connected to Windows PowerShell in your web browser.

    Cheers,

    Updated: Exchange Server Deployment Assistant

    Yesterday Exchange Team updated the Exchange Server Deployment Assistant.

    Updated the Deployment Assistant to include the following:
    • Support for the Exchange 2013 Edge Transport server role in all on-premises and hybrid deployment scenarios
    • Support for the new, automated process for requesting an Exchange 2013 or Exchange 2010 Hybrid Edition product key
    Exchange Server Deployment Assistant

    Also newly released, you can now use the new product key wizard to submit your request to Microsoft Support to obtain an Exchange 2013 or Exchange 2010 product key for use in hybrid deployments. The request process is quick and easy and you’ll have your product key in minutes!

    You can request a Hybrid Edition product key if all the following conditions apply to you:

    • You have an existing, non-trial, Office 365 Enterprise subscription
    • You currently do not have a licensed Exchange 2013 or Exchange 2010 SP3 servers in your on-premises organization
    • You will not host any on-premises mailboxes on the Exchange 2013 or Exchange 2010 SP3 server on which you apply the Hybrid Edition product key.

    Cheers,

    Download Lync Server 2010

    One of my friend asked me few days ago if Lync Server 2010 is available for download from Microsoft website. And without hesitating, my answer was off course, but when I tried to find the link for downloading Lync Server 2010 I couldn't find myself.

    I came across several link to download Lync Server 2010, but all the link took me to this location:
    http://technet.microsoft.com/en-in/evalcenter/hh973393.aspx
























    I thought of uploading and creating a download for Lync Server 2010. If you want to download Lync Server 2010 you can download from my below link.
    Download Lync Server 2010

    Note: It's .ISO file, you will have to extract it to installer file after download using WinISO, Ultra ISO or other tools.

    June, 8, 2014 Update: I found the Microsoft site from where you can download lots of Previous Version software's including Lync, Exchange, Windows and SQL Servers.

    Previous Version

    Cheers,

    KEMP Calling: KEMP APAC Application Delivery Technical Summit 2014





    SAVE THE DATE
    KEMP APAC Application Delivery Technical Summit 2014
    April 3 to 4, 2014 (Thursday to Friday)
    We didn't become the fastest growing Load Balancing Company in Asia Pacific by accident.  We want to continue this growth and so we want to hear what you have to say.  We would like to tell you what we have planned for the coming years and we'd like to share the success we've had in a great year of growth in 2013.  How do we increase momentum? How do we become your best vendor and how do we uncover new opportunities together? These are a few of things we would like to achieve in the very first KEMP Partner Summit and Application Delivery Technical Summit for Asia Pacific to be held in Singapore.

    You have been carefully selected to be part of this Summit because we believe in your contribution to the Technical Community and your breadth of knowledge in influencing the future of the Industry.

    Discussions will involve:

    ·         The latest trends in Application Architectures

    ·         The effects of NFV & SDN technologies on Applications

    ·         Designing Cost Effective High Availability & DR solutions

    ·         Application Optimisation and Troubleshooting

    ·         Challenges to Application Delivery in Asia-Pacific

    ·         The Role of the Community in Technology Adoption

    We will also be sharing KEMP's product roadmap and vision and show casing some of the latest developments in the industry. You will have an opportunity to meet Application Experts from around the APAC region as well as from the U.S.

    SEE YOU IN SINGAPORE...

    Cheers,

    The action 'Set-Mailbox', 'EmailAddresses', can't be performed on the object 'User Mailbox' because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.

    After implementing and migrating Exchange 2010 On-Premises to Office 365 I am getting this error/warning. And this is not just with editing email address of Exchange Object but there are several other error/warning I am getting while performing these kind of actions.

    Here is the same error I am getting when editing the E-Mail Address:



























    Now Microsoft says to to keep at least One On Premises Exchange Server to manage environment when you are doing Hybrid Deployment. Now the question is, what happens when I am doing Cut Over Migration with 2000 seats. Do I need to have On Premises Exchange to manage Office 365? What if a customer with 30K seat environment wants to migrate to Office 365 and keep all messaging related thing with Office 365 and Active Directory On Premises. And none of Exchange Server On Premises, what is the option in that case? These are the questions which needs to be answered.

    As per this TechNet blog also, it ask you to keep One Exchange Server On Premises.
    http://blogs.technet.com/b/exchange/archive/2012/12/05/decommissioning-your-exchange-2010-servers-in-a-hybrid-deployment.aspx

    I wonder why do I get the above error? I have asked this question by my client and the only technical answer I could give them was, it's happening due to AD Sync between On Premises and Office 365. Another thing is, last time I checked DirSync is one way Sync, and this could be one of the reasons why it's happening. I looked at several places but didn't got the satisfactory answer.

    Here is I am creating Room Mailbox using EAC or Office 365 Dashboard and I got the some error/warning.



























































































    One thing is, after I click on OK and save and check for the Room Mailbox, it's present in there.
    I am still looking for the answer of this behavior, that why I am getting the Sync error when editing the object.

    Cheers,

    Outlook client experiencing slowness while accessing public folders Exchange 2010

    I ran into an issue where as Outlook client experiencing slowness when accessing Public Folder on Exchange Server 2010. I was facing 2 different issues at 2 different geographical location, users at Europe were experiencing slowness when trying to access Public Folder via Outlook and Users in US where getting credential prompt when it failed to connect to default Public Folder Database.

    I was able to fix Outlook slowness issue while accessing the Public Folder by making the registry changes on Public Folder Server, as Outlook client were trying to connect to Public Folder Server which were in US.

    I followed this article and applied Method 2 to fix the issue.

    But, the issue at US location was Outlook client were prompting for credential when trying to connect Public Folder Database which was not a Default Public Folder Database on Mailbox Database. So to fix this issue I had to apply the same registry fixes but I also had to install Hot Fix on Public Folder Server. Hot Fix is part of Method 1, but this article doesn't have a link to download the Hot Fix.

    I had to call Microsoft get this Hot Fix which you can download from here. Writing this article, so that you don’t have to call Microsoft to get this Hot Fix.

    I hope it helps.

    Cheers,

    Microsoft Exchange Server 2013 Service Pack 1

    Some exciting news today...
    Microsoft released Service Pack 1 for Exchange 2013. You can download it from here

    But make sure you read the Release Notes for Exchange 2013 properly before you start installing/updating the server.

    New feature and fixes includes the below:
















    Cheers,

    Microsoft Exchange Unified Messaging Service Failed to Start on Exchange Server 2010

    Microsoft Exchange Unified Messaging Service Failed to Start on one of Unified Messaging Server. When I tried to start the service it failed with error.











    When I check the application log I found the Event ID 1038. Useful information in the event was "The total number of explicit and implicit subfilters exceeds maximum allowed number of 200".


























    There's another event MSExchange Common logged on the server.


























    Exchange UM 2010 Server was choking on a dial plan, apparently Exchange UM 2010 has a limit on the number of IP gateways per dial plan.
    As per the event 1038, it says it exceeded the limit of 200, but there's no were written in the Microsoft articles which says there's limitation of Dial Plan.

    Now to fix the issue I had to disassociate dial plan from the Exchange UM 2010 servers. Means I had to break up the Dial-plan so the number of IP gateways will be below 200. But I am wondering how it got choked on weekends.

    After splitting the dial plan and breaking into two between two UM Servers, I was able to start the service.

    Cheers,

    EXCHANGE RANGER