Outlook 2013/2016 Meetings in room resources replace subject with organizers name...

Ran into this today.. last time was a number of years ago so I had forgotten about it.  Anyway you create a room resource mailbox in Exchange right? I 'assign' it to a conference room so users can schedule meetings and keep some semblance of order right?
Except first user opens their personal calendar, creates a meeting object, selects your new room as the location, types a descriptive subject line and send it on.
The room accepts, and adds the meeting to it's calendar except it's deleted teh subject and replaced the text with the users name.  WTH?

While I do not understand the reasoning.. this is by default.  Logon to your Exchange server, open the Management shell and type the following:

Set-CalendarProcessing -Identity <RESOURCEMAILBOX> -DeleteSubject $False -AddOrganizerToSubject $False 

Exchange 2013: A Reboot is Required...

So today while installing the management tools on my localhost I ran into this issue of the repeating reboot request. The url linked in the install window specifically mentions how it's unsafe to try to work around this issue by modifying registry entries... oh really? lol.

Located here:

Computer\HKLM\System\CurrentControlSet\Control\Session Manager

I deleted the DWORD value PendingFileRenameOperations, then hit re-try on the installer and boom.  Done.

Removing Public Folders using ADSIEDIT for Exchange 2010

Since our migration to Office365, I now have zero active mailboxes on my on-premise servers.  So now it's time to re-purpose them.  Starting with the one in my local site, I need to use a few of those drives so here I got uninstalling Exchange 2010.

Long story short, I ran into an issue where I could not remove teh PF's (I have two PF db's)

All forms of removing the public folder databases left me with mysterious replica's that I could not see via get-publicfolderstatistics, nor using the Public Folder Management Console.

So I headed off to ADSIEDIT and deleted the two entries in there.  Re-ran the uninstall and it's completing as I type this.

Source: http://blog.dargel.at/2012/01/19/remove-public-folder-using-adsiedit/


Exchange 2010

Open ADSI-Edit and got to configuration

Navigate to this path:

CN=Configuration,DC=DOMAIN,DC=LOCAL
CN=Services
CN=Microsoft Exchange
CN=EXCHANGE_ORG
CN=Administrative Groups
CN=Exchange Administrative Group (FYDIBOHF23SPDLT)
CN=Databases
CN=PUBLIC_FOLDER_DATABASE

Restoring data to mailbox, Exchange 2010 SP3

Ok so in our migration from on premise to Office365, we had sent out a note to all the users about cleaning up their Deleted Items folders.  Explaining how the migration process will remove all items older than 30 days.

So yeah.. I've got a user who somehow thought that if he created subfolders inside the Deleted Items that the emails would be safe.  Because he used the Deleted Items for things he wasn't entirely sure he wanted to delete.  I know, I know.. makes no damn sense to me either.

So that's exactly what he did.. he created /Deleted Items/deleted 2013, 2014 and 2015.

Ok so it's my job to try to recover those.  First things first I restored the database via Symantec Backup Exec, then followed the steps here: http://msexchangeguru.com/2010/05/23/exchange2010-recovery-database/ then I had tried both New-MailboxRestoreRequest and Restore-Mailbox.

The latter gave me fits.. it would not recognize the source mailbox name of "Waters, Cliff".  I tried all different variations and could not get it to work.

The New-MailboxRestoreRequest however proved working except finding syntax info was semi-hard.
So in the end my syntax was:

new-mailboxrestorerequest -sourcedatabase recovery -sourcerestoremailbox 'Waters, Cliff' -targetmailbox cwaters1 -allowlegacymismatch -includefolders "#deleteditems#/deleted 2013"


While logged in as the new temp user 'cwaters1' in OWA i could see those three subfolders populating with deleted emails.

Yay.

SMTP Delivery failure, Source: AGENT

So I ran into an issue the other day involving emails not being delivered.. Upon further inspection I noted that the Barracuda passed the messages through because the sending domain was whitelisted.  Funny though because I was one of the recipients and the message did not come through.

We have two Exchange 2010 servers so I began inspecting the Transport logs on teh gateway server.  Turns out those messages had a status of "FAIL" due to a 'SOURCE: AGENT'.

Agents meaning Transport Agents.  Now yes, we do have a Barracuda 410 Spam Filter, but also had the Anti-Spam agents in Exch enabled.

Not knowing which one is causing this failure I started with what I would logically think was causing my issue.. Sender ID.

Then re-pushed the messages from the 'Cuda.  Checking the Transport logs again I found out they still Failed.  So making a long story short I went down the list disabling each Agent was disabled and wound up my Transport Rule Agent was the cause except none of my actual Transport Rules were affecting this particular sender, message body or content.

IDK it's weird.  But at least I got mail flowing which is the important part.

Modify DistributionGroup field en masse

Ok so we are in the process of migrating to Office365.. a push started by our parent company.  After the move there will be one giant GAL for all the operating companies.  To help combat the complexity of such a beast I have to pre-pend ALL of my existing DG's with 'UB_"

I found a quick way to accomplish such a task, Enter POWERSHELL! lol.


Ok so first export your DG view from the EMC to a .csv.  You will end up with a spreadsheet with a few columns, delete all but the Name column and Save.

Then from the EMS type:

I had around 154 groups to rename, and caught errors on 4 of them.  MUCH better than a manual process obviously.

Now just to help keep things as simple as possible I wanted both the Name, DisplayName and Aliases to match.  By changing $_.Name after the Set-DistributionGroup to $_.DisplayName, then to $_.Alias I was able to accomplish that.

Changing certificate on Exchange 2010 SP3

Today I ran into an issue with Exch2010 and adding a new certificate.

See we have two primary sites at the company I work for.. MS and MI.  MS is and has always been the SMTP gateway as our spam filter is there.  Which is fine and dandy.  However we are in the beginning stages of an Office 365 migration and in preparation for that I decided to allow external access to my Exch server here in the MI site.. so as not to traverse slow MPLS to MS then to the cloud when uploading mailbox data.

So since our external URL for OWA is https:\\internetmail.unifiedbrands.net, I chose 'internetmail2' for the common name.

So I buy the cert for Network Solutions, add it to the server, assign IIS and SMTP services to it then edit the Internalurl for OWA, ECP, Active-Sync, OAB, EWS and CAS.
Which worked pretty much except for this nagging Security Alert when opening Outlook complaining at how there was a name mis-match, it was looking for the FQDN of the server.

Oh what now! I hate problems.

I went through and double and triple checked every Virtual Directory there is.  I'll be damned their all correct!  I reset IIS, I rebooted the server.. the cert mis-match was still here.

Here's the Cliff-Notes version on checking the VD's:

Get-ClientAccessServer | fl identity,autodiscoverserviceinternaluri
Get-Webservicesvirtualdirectory | fl identity,internalurl,externalurl
Get-OABvirtualdirectory | fl identity,internalurl,externalurl
Get-OWAvirtualdirectory | fl identity,internalurl,externalurl
Get-ECPvirtualdirectory | fl identity,internalurl,externalurl
Get-ActiveSyncVirtualDirectory | fl identity,internalurl,externalurl
*Get-OutlookAnywhere | fl identity,externalhostname  (if used)

So as much as I hate recreating VD's.. I wound up recreating the EWS virtual directory.  Then re-set the InternalURL value.. verifying all Authentication settings were correct, flushing my local DNS cache, resetting IIS again and after about 15 minutes Outlook opened without complaint.  MailTips were back and I could see Free/Busy info for both users on my CAS and users on the MS server's CAS.
YAY.

Searching Exchange 2010 mailboxes from Powershell

Customer Service reported an email they never received.. and the sender says they did not get an NDR.  I found a VERY nice explanation Here.

We have a Barracuda Spam Filter 300 in place, however it's dreadfully slow lately.  So searching it's logs takes FOREVER.

So I went to the Exchange side of things..

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery attachment:<filename> -TargetMailbox <name of mailbox> -TargetFolder <name of folder> -LogOnly -LogLevel Full

So I specified subject:'Woodbury Hospital' and a -targetmailbox as my own.  I had questioned whether or not the targetfolder needed to exist or not.  I created a folder, specified it as the target but the cmdlet created it's own subfolder with the specified name.

You can also delete emails using this method as well, as seen here:

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:<verbatim subject line> -DeleteContent

Now if you wanted to search all mailboxes, copy the results then delete the content you;d do this:

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:<verbatim subject line> -TargetMailbox <name of mailbox> -TargetFolder <name of folder> -DeleteContent

Powershell - Adding new email address alias to Exchange 2010 mailboxes

$users = get-mailbox
foreach ($a in $user) {$a.emailaddresses.Add("smtp:$($a.alias)@new_domain.com")}
$users | %{Set-Mailbox $_.Identity -EmailAddresses $_.Emailaddresses}


I ran this with a -WhatIf inside the last } and it worked on my setup perfectly. Exchange 2010 SP3.

Exchange 2010 - Managing shared permissions

I created a new mailbox per Marketings request late week before last.  I was apparently in a rush so today one of the users reports that she cannot Send As this new account.

Get-MailboxPermissions shows that she has FullAccess, however Full Access does not mean you can Send on Behalf Of.

DOH.

So, Set-Mailbox 'name' -GrantSendOnBehalfTo 'user'

Mysterious duplicate Contacts on iPhone

So I've had this nagging issue for the past couple of years now and I guess I never really pursued it very far.  My last company phone was a Blackberry Z10 and I loved it.
Anyway I had a major issue with duplicate contact entries.. and by duplicate I mean some would have 18, others 3.  It varied by that much!

The only accounts I had tied to any phone was my Gmail and my corporate Exchange and neither of those listed many of these weird contact entries in their address or contact lists.  I ignored it often, cussed it other times and today I discovered the reason:  Outlook Suggested Contacts.

By default everytime you email someone from Outlook that does not have an existing contact entry in either your GAL or a local Contact Group/list Outlook automatically creates one under the 'Suggested Contacts'.  So in Outlook if you click on Address Book"

Then Suggested Contacts:

You'll undoubtedly see a TON of entries, most of which you won't give a care about having as a contact.  Hell I had Craigslist randomized addresses in mine.  So do disable such a nonsensical thing, click on File then Options then Contacts:

Exchange 2010 - Relaying Externally

Ran into this issue earlier today.. a few weeks ago while working with our DBA in getting internal relaying setup for some Oracle servers I must've broke the external relaying they also performed but since that is just an occasional thing it was missed.. until today.

So in order to configure a Receive Connector for External relaying you must run the following command via the EMC:

Get-ReceiveConnector "External Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

So create your Connector choosing Custom, clear out all the checkboxes under Authentication then Finish.  Once created run the above command and you're golden Pony Boy.

Creating new address lists in Exchange for non-employees

So the company I work for has a rather unique AD structure.  For whatever reason we do not use the default containers Users, or Computers.  Someone years before me thought that was too insensitive or whatever.. we have People and Machines.  Funny no?

But we also have containers or OU's for Vendors, Customers, Reps, Dealers, ASAs and Distributors.  Now I'm seeing all these user objects.. because they access an externally hosted website that uses AD authentication, and wonder why there are not address lists for these so Customer Service or Sales can contact them a little easier.

So here we go.. Mail-Enabling in bulk.  I've exported all those OU's out to a tab-delimited CSV, re-arranged the columns to include only Name and ExternalAddress.

get-User -OrganizationalUnit 'domain.com/people/customers' | Export-CSV c:\users\bhart\customers.csv

import-csv "c:\users\bhart\customers.csv" |  foreach-object {Enable-MailUser -identity $_.Name -ExternalEmailAddress $_.ExternalAddress}

And BOOM 

The 100+ user objects are now mail enabled.. well except for the few objects without an ExternalEmailAddress variable, but you get the idea.

Now I just need to go through this process on the remaining 4 other OU's.

Exchange 2010 - Find database sizes..

Every Exchange admin and even non-admins will need to know how big their db's are at some point.  Here's the command needed to do that:

Exchange 2010 - Corrupted SystemMailbox, FederatedEmail mailbox, etc

We had an issue recently where our customers Exchange 2010 servers arbitrations mailboxes had become corrupt and were giving the below errors when running “Get-mailbox –arbitration”

WARNING: The object SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} has been corrupted, and it’s in

an inconsistent state. The following validation errors happened:

WARNING: Database is mandatory on UserMailbox.

WARNING: Database is mandatory on UserMailbox.

To resolve this we had to run through the following steps

• Open AD Users and Computers
• Expand the Domain go to users OU
• Find the following accounts and delete them
• “SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}”
• “FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042”
• “SystemMailbox{1f05a927-****-****-****-*******}” (Make a note of the Guid of previous system mailbox as it varies on every enviroment)
• Open Command prompt navigate to your Exchange Setup files and run setup.com /preparead
• Open the Exchange Management Shell and run the below
• Enable-Mailbox –Arbitration –Identity “FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042”
• Enable-Mailbox –Arbitration –Identity “SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}”
• Enable-Mailbox –Arbitration –Identity “SystemMailbox{1f05a927-****-****-****-*******}” (Remember to change *** to your Guid)
• Set-Mailbox –Arbitration –Identity “SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}” –DisplayName “Microsoft Exchange”
• Set-Mailbox –Arbitration –Identity “FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042” –ProhibitSendQuota 1MB

Your arbitration mailboxes should now be fine, run Get-Mailbox –arbitration to confirm and all should appear with no errors 

Exchange 2010 OWA certificate, Part 2

Ok now that you've created your certificate request file and submitted it to your 3rd party SSL cert provider of choice you will have been emailed your .cer file.

Find your request in the certificate list in the EMC

Right click the request and choose Complete Pending request

Find the .cer file you copied to your Exchange server

Then click on Complete.  Now once your certificate is listed in the certificate field, you will then right-click on it and select Assign Services and choose the services you will want, (For OWA you will need at least SMTP and IIS but most likely IMAP and POP as well)

And finally, Assign them..

Click here for Part 1

Exchange 2010 OWA certificate, part 1

Ok so you are setting up a new Exchange 2010 server and you plan on offering the employees webmail or Outlook Web Access.  To do so you will need a 3rd party signed SSL certificate.

So step 1: You need to generate a certificate request using the wizard in Exch 2010 i.e. New Exchange Certificate from the EMC

Next leave wildcard empty..

Next you will select the services you want assigned to this certificate

Set or select your cert domains

Enter in your Org, OU, Location information

Select a location and name of the .req file

And finally, click New to create the certificate request file.

Click here for Part 2

Exchange 2010 - System Attendant/AD Topology services will not start.

Ok so sometimes you might run into an issue where either the System Attendant or the AD Topology or both services will not start.  Typically this can be caused by 1 of 2 reasons:

A. The server is being disallowed from accessing AD
B. The server cannot reach AD

Here's a list of the most common fixes:

1. Verify your DNS records for Exchange, and DC's
2. Disable any firewalls on your Global Catalog server
make sure your Sites in AD are configured correctly and that the sites can talk to each other
3. check to make sure the security groups Exchange Domain Servers and Exchange Enterprise Servers still exist in ADUC
4. Verify the server hosting your GC is up and accessible
5. Ping your GC from Exchange
6. Make sure AD replication is working correctly
7. Make sure the NTFS perms on the Exchange folder on your Exchange server is still set to allow full access to System and Administrators

Exchange 2010 - Troubleshooting 'Delivery is Delayed' auto-replies..

So sometimes you try to email a person and you get a response back saying that delivery of your email has been delayed but that the server will keep trying to X amount of time.  Don;t worry.. it happens to everyone from time to time.
The list of possible causes are numerous.. everything from RBLs, DNS issues to high latency on someones internet pipe.

Below are some things you can do to help figure out where the problem lies:

I always verify the message left my queue via the Queue Viewer
Next would be checking the Message Tracking Logs, that can be handled a number of ways.  You could check it via /ECP (Exchange Control Panel) or via powershell (my favorite).  Try out the following commands:

Get-MessageTrackingLog -ResultSize "Unlimited" -Recipients "[recipient's address]"
Get-MessageTrackingLog -ResultSize "Unlimited" -Sender "[sender's address]"
Get-MessageTrackingLog -ResultSize "Unlimited" -Start "[date/time]" -End "[date/time]"


There are tons of variances to that cmdlet, you can even pipe the output to a .txt or .csv if so desired.  Which is very helpful when sifting through hundreds of lines of log.

Next is DNS.. sometimes a delay can be caused by a DNS resolution issue.  Verify your mail server can successfully ping and nslookup the target of their MX record.

Speaking of MX records.. another good tip is to verify that you nor them are listed on any RBLs.  I prefer MXToolbox myself, check their Blacklist tab and enter their domain name or SMTP ip address if you know it.  While you are there be sure to sign up for their free RBL monitor.  Once a month you get an email showing the RBL status of a single domain.  I've been using their service for over 4 years now, it's nice to know where your domain stands with regards to the MANY RBLs out in the wild.

Lastly verify all is good with your server at https://www.testexchangeconnectivity.com/

Exchange 2010 - Search for and Delete items from user's mailboxes administratively

Credit to Help.outlook.com/en-us/140/gg315525.aspx

You have to be assigned the following roles to search for and delete messages in users' mailboxes:

• Mailbox Search   This role allows you to search for messages across multiple mailboxes in your organization. Administrators aren't assigned this role by default. To search multiple mailboxes, add yourself as a member of the Discovery Management role group. See Add or Remove Role Group Members.
• Mailbox Import Export   This role allows you to delete messages from a user's mailbox. This role isn't assigned to administrators by default. To delete messages from users' mailboxes, add the Mailbox Import Export role to the Organization Management role group. See Edit Role Group Properties.

Collect information for the search query

---

You need to obtain and review a few copies of the infected or inappropriate message so you can create a search query that will find it.

Top of page

Search and delete options

---

You can use the Search-Mailbox cmdlet with the DeleteContent parameter to search for and delete messages in one step. However, when you do this, you can't preview the search results or generate a log that records which messages were returned by the search. This means you won't know which messages were deleted.

A better option is to first run the Search-Mailbox cmdlet with the LogOnly parameter. This command generates a log that contains information about all the results that meet the search criteria but it doesn't delete the messages. This information is provided in a comma-separated value (CSV) file that is attached to an e-mail message sent to the mailbox and folder you define by using the TargetMailbox and TargetFolder parameters with the Search-Mailbox cmdlet. After you review the log, you can refine the search criteria and rerun a log-only search as needed, or run the search with the DeleteContent parameter.

A third option is to first copy the offending message before you delete it from the user's mailbox so you can access it later if necessary. Do this by including the TargetMailbox and TargetFolder parameters in the command that you run to delete the message.

Top of page

Search for messages and log the search results

---

Let's walk through some examples of what you can do with the Search-Mailbox cmdlet. For a list of the message properties that you can include in the value for the SearchQuery parameter, see E-mail message properties to search.

Search a single mailbox

---

The following command searches a specific mailbox in your organization for messages with a specific value in the Subject line and then sends a message with the results to the target mailbox. Messages aren't deleted from the mailbox that is searched.

Copy

Search-Mailbox -Identity <name> -SearchQuery subject:"<verbatim subject line>" -TargetMailbox <name of mailbox> -TargetFolder <name of folder> -LogOnly -LogLevel Full

Example   The following command searches Pilar Pinilla's mailbox for messages that have the phraseDownload this file in the Subject field and logs the search results in the SearchLogs folder in the administrator's mailbox.

Copy

Search-Mailbox -Identity "Pillar Pinilla" -SearchQuery subject:"Download this file" -TargetMailbox Administrator -TargetFolder SearchLogs -LogOnly -LogLevel Full

Search all mailboxes

---

The following command searches all mailboxes in your organization for messages that have a specific file attached and then sends a message with the results to the target mailbox. Messages aren't deleted from the mailboxes searched.

Copy

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery attachment:<filename> -TargetMailbox <name of mailbox> -TargetFolder <name of folder> -LogOnly -LogLevel Full

Example   The following command searches all mailboxes for messages that have any type of attached file named Trojan and sends a log message to the administrator's mailbox.

Copy

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery attachment:trojan* -TargetMailbox Administrator -TargetFolder SearchLogs -LogOnly -LogLevel Full

Top of page

Search for and delete messages

---

The following command searches all mailboxes and deletes any message that has specific text in the Subject line:

Copy

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:<verbatim subject line> -DeleteContent

Example   The following command searches all the mailboxes for messages with the subject line Download this file, and then permanently deletes them.

Copy

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:"Download this file" -DeleteContent

Important   Before you permanently delete messages, we recommend that you either use the LogOnlyparameter to generate a log of the messages found in the search before they're deleted, or copy the messages to another mailbox before deleting them from the source mailbox.

Copy a message before deleting it

---

The following command searches all mailboxes for any message that has specific text in the Subject line, copies the actual search results to a folder, and then deletes all the messages that meet the search criteria.

Copy

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:<verbatim subject line> -TargetMailbox <name of mailbox> -TargetFolder <name of folder> -DeleteContent

Example   The following command searches all mailboxes for messages with the subject line Download this file, copies the search results to the DeletedMessages folder in the administrator's mailbox, and then permanently deletes the messages from users' mailboxes.

Copy

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:"Download this file" -TargetMailbox Administrator -TargetFolder DeletedMessages -DeleteContent

Top of page

E-mail message properties to search

---

The following table lists common message properties that you can include in the value for the SearchQueryparameter.

 

Property	Example	Search results
Attachments	attachment:annualreport.ppt	Messages that have an attachment that is named annualreport.ppt. The use of attachment:annualreport or attachment:annual* returns the same results as using the full name of the attachment.
Cc	cc:"gurinder singh" cc:gurinders cc: gurinders@fineartschool.edu	Messages with Gurinder Singh in the Cc field
From	from:"Max Stevens" from:maxs from:maxs@contoso.com	Messages sent by Max Stevens
Sent	sent:10/19/2010	Messages that were sent on October 19, 2010
Subject	subject:"Quarterly Financials"	Messages that contain the exact phrase "Quarterly Financials" in the subject line
To	to:"Judy Lew" to:judyl to:judyl@contoso.com	Messages sent to Judy Lew