MsExchange Blog Spot Telnet25

August 26, 2010

Remove Public Folders from Exchange 2003 to Exchange 2010

Filed under: General — telnet25 @ 9:31 pm

If you are in the middle of migration or will start one and wondering how to deal with PF folders on your legacy Exchange 2003 server , here is the link and this is pretty much all you need to know and will do to move them from Exchange 2003 to Exchange 2010.

 image Click here

 

First create PF database on the Exchange 2010 server

image

Move existing Pf folder replicas from E03 server into this newly created PF database on E210 Server , by logging on E03 server…..

image

Make sure the Public folder is empty

image

Dismount the PF folders on E03 Server for a while to make sure no one is complaining

image

After making sure everything works fine delete the PF folder database on E03 Server , if you still have replicas you will receive fallowing… allow time for replication to finish

image 

You could achieve same goal from PS on E210 server

\MoveAllReplicas.ps1 -Server MySourceServer -NewServer MyTargetServer

 

Get-PublicFolderStatistics -Server <server with public folder database to be removed>

   
    
   
   
  image  

Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 25, 2010

Exchange 2010 SP1 is available for Download

Filed under: General — telnet25 @ 8:15 pm

Finally Exchange 2010 SP1 has been released and here is the link for download. There are many changes in SP1 and to be honest most of you will be very happy to discover what they are. SP1 brings more stability in Exchange 2010 and  I believe will help for migration scenarios. Click on the picture below to download SP1

imageimage[4]

 

Archiving white paper

Yes Virginia, there is an Exchange Server 2010 SP1

The Future of Exchange Starts Here: Exchange Server 2010 SP1 Is Now Available

What’s New in Exchange 2010 SP1

More Exchange 2010 links Thumbs up

image[4]

image

 

image

 

 

Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 24, 2010

Set OWA Private Computer Cookie Time-Out Value Exchange 2010.

Filed under: General — telnet25 @ 10:02 pm

If you ever wondered how long it takes for your browser to close after opening OWA ( outlook web App) if there is no activity?  here are the measurements.

  • Public 15 minutes
  • Private 8 days

image 

For whatever reason you may have if you decide to change these default values here is the link how to get the work done. The simplest way to achieve desired goal is using PS. Let’s say we will increase the Public cookie time out settings from 15 minutes to 25 minutes.

set-ItemProperty ‘HKLM:\SYSTEM\CurrentControlSet\Services\MSExchange OWA’ -name PrivateTimeout –value 25 -type dword

copy and paste above PS code into  EMS ( management Shell) , adjust the time as you wish , in this case we are going to set it to “25” minutes….

image

image

Cookies to control access


The first time that the user name and password are sent to the Client Access server to authenticate an Outlook Web App session, an encrypted cookie is created that’s used to track user activity. When the user closes the Internet browser or clicks Sign Out to sign out of their Outlook Web App session, the cookie is cleared. The user name and password are sent to the Client Access server only for the initial user sign-in. After the initial sign-in is complete, only the cookie is used for authentication between the client computer and the Client Access server.

   

Read more click here…………..

Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 20, 2010

Import and Export Certificate Exchange 2010

Filed under: General — telnet25 @ 5:06 am

Here is the scenario , we are doing migration from Exchange 2003 to Exchange 2010. We have existing certificate called webmail.smtp25.org and we wish to move this over to Exchange 2010. 

I think this will be pretty common thing in these type of migrations. One thing I found out supper easy is not to kill yourself to try to share  the existing  cert and the URL being used to access the webmail. For instance if you are using webmail.yourCompany.com

webmail.yourCompany.com =Valid Cert = Exchange-2003 Server

And as soon as you moved first user on Exchange 2010 , accessing Existing  URL wont work for the user on Exchange 2010.  Here is what I have done couple times to get around this type of issues and make migration pretty seamless to end users (-: …..

I purchased new cert ( GoDady fro $10 bucks) and called it  owa.yourCompany.com

owa.yourCompany.com=New Valid Cert=Exchange 2010

 

I configured this cert on the E210 server and told costumer everyone who gets migrated on E210 will use this link to access their webmail. This made my job supper easy and at the end of the migration I export the cert from E03 imported into E210 and done with migration.Wink

  • STEP 1:  Export Certificate and Private Key from the IIS 6.0 server

    Create an MMC Snap-in for Managing Certificates:

    1. Start > run > MMC
  • Go into the Console Tab > File > Add/Remove Snap-in
  • Click on Add > Click on Certificates and click on Add
  • Choose Computer Account
  • Choose Local Computer
  • Close the Add Standalone Snap-in window.
  • Click on OK at the Add/Remove Snap-in window

image

image

  • Open Certificates Console Tree
  • Go to Personal
  • Right click Certificates
  • Choose ALL TASKS
  • Select Import to start the Certificate Import Wizard
  • Click Browse
  • Locate the .pfx file
  • Click Open
  • Next
  • Finish

image

image

After this is completed rest of the work is supper easy go to EMC and drill down to server configuration , you will see the certificate there , just assign services to this certificate to finish the work

image

image

image

image

 

 

Resource Links

Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 19, 2010

Exchange 2010 Migration & EmailAddressPolicy

Filed under: General — telnet25 @ 3:15 am

If you are performing migration, you probably noticed after introducing Exchange 2010 server you cannot manage certain futures from Exchange 2010 EMC , management console. You most likely aware of Evan Dodds article on MS Exchange team blog in regards to “EmailAddressPolicy” and how to migrate them into E210.

image Click here to see the articleimageimage

In this article you will only see some pictures but same CMDLETS , so let’s get started. Note you can copy and paste CMDLETS into your EMS to get the work done quickly.

Step-1

Open EMS on the E210 Server and insert fallowing commands by copying  and pasting….

image

Get-EmailAddressPolicy | where {$_.RecipientFilterType –eq “Legacy”}

 image image

Get-EmailAddressPolicy | where {$_.RecipientFilterType –eq “Legacy”} |
Set-EmailAddressPolicy –IncludedRecipients AllRecipients

image

image

image

STEP-2

Set-AddressList "All Users" -IncludedRecipients MailboxUsers

image

image

STEP-3

Set-AddressList "All Contacts" -IncludedRecipients MailContacts

image

image

STEP-4

Set-AddressList "Public Folders" -RecipientFilter { RecipientType -eq ‘PublicFolder’ }

 

image

image

STEP-5

Set-GlobalAddressList "Default Global Address List" -RecipientFilter {(Alias -ne $null -and (ObjectClass -eq ‘user’ -or ObjectClass -eq ‘contact’ -or ObjectClass -eq ‘msExchSystemMailbox’ -or ObjectClass -eq ‘msExchDynamicDistributionList’ -or ObjectClass -eq ‘group’ -or ObjectClass -eq ‘publicFolder’))}

image

image

Now you can open and edit all from EMC from GUI with no problems

Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 8, 2010

Internal Relay Domain & Forward all mail with unresolved recipients to host:

Filed under: General — telnet25 @ 8:16 pm

 

You will remember the option “Forward all mail with unresolved recipients to host” option on Exchange 2003 on the SMTP virtual server properties. The propose of this configuration is most likely , sharing SMTP name space with another mailing system within your organization such as “ListServer” etc.

Now let’s remember what was SMTP name sharing briefly , you have Exchange server and your SMTP name space is   @telnet25.org  and you installed List server in your network because you wish to perform mass mailing and not wanting to use your Exchange server for this purpose while you will use same SMTP name space. Now you created  mail address called  marketing@telnet25.org  on the ListServer, and you defined bunch of external mail addresses in there. Your ListServer has its own IP address when its sends mail out incase the IP getting in RBL list etc due to mass mailing.

here how it works

1. User A opens his outlook sends mail to “Marketing@telnet25.org”  User A mailbox resides on E210 Server

2. E210 Receives mail goes trough the GAL and finds out the SMTP address “Marketing@telnet25.org” is NOT a valid recipient, E210 sees the matching “Send” connector with same SMTP address space and instead of bouncing mail back to sender it sends the smart host defied in the send connector, which is the IP address of the mass mailing system ( ListServer) in this case. 

3.ListServer accepts mail and , markeing@telnet25.org is the group e-mail address and ListServer sends mail to each group member.

image

 

This is how it worked on if we were doing in on E03 server “Forward all mail with unresolved recipient to host”

image

now here are the steps to configure this on Exchange 2010 server, we will create convert our Authoritative domain to Internal Relay Domain,

***doing this is safe it does not effect your mail flow***

image

image

 

To see the accepted Domain from PS

Step1

Get-AcceptedDomain | fl domainname, *type*

image

 

Step2  ( Replace Telnet25.org————>TO your own SMTP name space)

Set-AcceptedDomain telnet25.org -DomainType InternalRelay

image 

 

Step3 ( Replace Telnet25.org————>TO your own SMTP name space)

New-SendConnector -Name "telnet25.org Send Connector" -Internet -AddressSpace telnet25.org -DNSRoutingEnabled $false -SmartHosts ListServer.telnet25.org -SmartHostAuthMechanism ExternalAuthoritative -MaxMessageSize 20MB

image

  • Now When you sent mail from E210 to non valid Recipient on GAL E210 will use the matching connector and send it to smart host defined in there which will be your list Server.

image

Notes:

If you have existing E03 Server , I recommend changing your mail flow, if your mail start bouncing ( inbound) with 5.7.1 unable to relay, on the E03 server , pass mail to E210 Servers and sent all out from E210 servers.

 

 

image

Understanding Accepted Domains

http://technet.microsoft.com/en-us/library/bb124423.aspx

Configure Exchange 2010 to Route Messages for a Shared Address Space

http://technet.microsoft.com/en-us/library/bb676395.aspx

Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

Create a free website or blog at WordPress.com.