Thursday, March 15, 2012

Exclude a Mailbox Database from Provisioning


While with previous versions of Exchange we always had to specify a mailbox database when we created or moved a mailbox, or mail-enabled an existing user, with Exchange 2010 we have the option of letting Exchange choose the database for us by using the new Automatic Mailbox Distribution feature.

Automatic distribution is used when we don't specify the -Database parameter in the New-Mailbox and Enable-Mailbox cmdlets or the -TargetDatabase parameter in the New-MoveRequest cmdlet.

This feature looks at all mailbox databases in the organization and then randomly chooses a database where the mailbox should be located.

By default, all online and healthy databases on Exchange 2010 servers can be chosen by this process. However, because you might have some databases that you don’t want to be selected by this feature (a journaling database, for example), you can manually exclude them. To do this, you can either permanently or temporarily exclude databases from the exclusion process with two properties available in each database:
  • IsExcludedFromProvisioning: used if we want to indicate that the database should be permanently excluded from automatic mailbox distribution;
  • IsSuspendedFromProvisioning: used if we want to indicate that the database should be temporarily excluded from automatic mailbox distribution.

Which one we choose is purely for our information. Setting either one to $True has the same result of excluding the database from the automatic distribution process.

Let’s say we want to permanently exclude database MDB01 from automatic distribution: 
Set-MailboxDatabase MDB01 -IsExcludedFromProvisioning $True

To temporarily exclude it, we use the following cmdlet:
Set-MailboxDatabase MDB01 -IsSuspendedFromProvisioning $True

To check which databases are excluded or suspended from provisioning and which ones are not, use the following cmdlet:
Get-MailboxDatabase | FT Name, IsExcludedFromProvisioning, IsSuspendedFromProvisioning
Posted by 0 comments
Links to this post
Labels: ,

Thursday, March 8, 2012

Exchange 2010 ECP Performance Console


A hidden feature that most Exchange Administrators don't know about is the Exchange Control Panel [ECP] Performance Console.

This console, which is not visible by default, provides numerous counters regarding the performance of the ECP. We can use it to check how long it takes to authenticate a user, how many PowerShell cmdlets have been invoked and even how long the server took to process requests.

To learn more about this console and how to enable it, please check the Exchange 2010 ECPPerformance Console article on MSExchange.org


Posted by 0 comments
Links to this post
Labels: , ,

Log Parser Studio


I have been using Log Parser for some years now and sometimes it is a life saver! It is easy to use and makes parsing logs so simple. However, in order to create some nice graphs you have to either write a more complex query or export all the data to Excel and then do it from there.

Until now! “With Log Parser Studio (LPS) we can house all of our queries in a central location. We can edit and create new queries in the ‘Query Editor’ and save them for later. We can search for queries using free text search as well as export and import both libraries and queries in different formats allowing for easy collaboration as well as storing multiple types of separate libraries for different protocols.

For more information:



Source: TheExchange Team Blog

Posted by 0 comments
Links to this post
Labels:

Sunday, February 19, 2012

Exchange Web Services Managed API 1.2 Released

As discussed in my previous post EWS Managed API 1.2 SDK Documentation Available, the EWS Managed API v1.2 is now available for download here.

You can check all the new features in the What’s New website, but for me best additions/improvements are:

For more information:
Posted by 0 comments
Links to this post
Labels:

Tuesday, February 14, 2012

Microsoft Outlook Configuration Analyzer Tool


Microsoft just released the Outlook Configuration Analyzer Tool (OCAT ), which provides a quick and easy method to analyze your Outlook profile for common configurations that may cause problems.

This first version of OCAT allows you to do the following:
  • Scan your computer;
  • Open a previously run scan on your computer;
  • Import a scan from another computer;
  • Use several reporting formats to view the scan results ;
  • Start the Exchange Remote Connectivity Analyzer tool;
  • Send feedback to the OCAT team.

System requirements
Before you install OCAT, make sure that your computer meets the following system requirements.
Supported operating systems:
  • Windows 7
  • Windows Vista Service Pack 2
  • Windows XP Service Pack 3

This download works with the following Microsoft Office programs:
  • Microsoft Office Outlook 2007
  • Microsoft Outlook 2010 (32-bit or 64-bit)

You also need (minimum version) Microsoft .NET Framework Version 2.0
Be aware that you must make sure that Outlook is running before you start an OCAT scan!

The document that comes with the download covers really well everything that there is to know with this tool, so I will just post here some examples of what I got when I ran it on my Outlook profile.

Just like ExTRA and ExBPA, there are 3 report types: List Reports, Tree Reports and Other Reports.

When in List Reports, you have an “easy to read” view of Informational Issues, All Issues and Critical Issues:




Tree Reports gives you a more detailed a technical view:


Like I said, OCAT’s manual covers these in great detail, so I just wanted to put here a few example so you know what to expect.

DOWNLOAD: you can find OCAT here.
Posted by 0 comments
Links to this post
Labels:

Monday, February 13, 2012

Exchange Server 2010 SP2 Help

The latest version of the Exchange 2010 help file has been released. This version (related to SP2) is from 31st of January 2012 and can be found here.
Posted by 0 comments
Links to this post
Labels: , ,

Wednesday, February 8, 2012

Infinite Loop of Nested Folders


A few weeks ago one user moved a subfolder of her Inbox into another subfolder beneath that one, which triggered the creation of an “infinite” loop of nested subfolders:


I tried to recreate this behaviour but every time I would get the following error (as one would expect):


So I am still not sure how all this happened... Anyway, time to delete those folders! And this is where it got interesting... First thing I tried was obviously to give myself FullAccess permissions to the mailbox and delete the folders myself. However, Outlook returned the following error:


4,000?! Humm... Let’s see how many items are in these folders and how many folders in total. To do this, I used the following two cmdlets (most output removed for simplicity):

[PS] C:\> Get-MailboxFolderStatistics “user” | ? {$_.FolderPath -eq "/Inbox/Pictures of Y"}
Name                              : Pictures of Y
FolderPath                        : /Inbox/Pictures of Y
FolderType                        : User Created
ItemsInFolder                     : 0
DeletedItemsInFolder              : 0
FolderSize                        : 0 B (0 bytes)
ItemsInFolderAndSubfolders        : 0
DeletedItemsInFolderAndSubfolders : 0
FolderAndSubfolderSize            : 0 B (0 bytes)

[PS] C:\> (Get-MailboxFolderStatistics “user”).Count
2922

Ok, so excluding all the default folders and the ones manually created by the user, there’s “only” around 2,890 folders with nothing on them. So why the error about the 4,000 limit?! Time to troubleshoot and get rid of these annoying folders!


Attempt 1
Although I had FullAccess permissions to the mailbox, decided to use ExFolders to grant myself Owner permissions on the top folder and all the subfolders. After almost 1h of propagating the permissions throughout all folders, still got the same error when trying to delete them using Outlook...

Noticed that after trying to delete the folders in Outlook, I would get the following error in the Application log of the Mailbox server (using my account to access the user’s mailbox):
Mapi session "a7198e9f-265f-4e94-b63d-7ee3d78c00c3: /o=domain/ou=exchange administrative group (fydibohf23spdlt)/cn=recipients/cn=motan" exceeded the maximum of 500 objects of type "objtFolder".


Attempt 2
Tried to delete the folders using OWA but a similar result...


Attempt 3
Tried exporting the mailbox to a PST file but it wouldn’t export it because of the folders... The export reaches 100%, then it goes down to 5%, then up again, until it eventually fails.
Tried excluding the top folder from the export using the following cmdlet:

New-MailboxExportRequest "user" -FilePath “\\server\F$\PSTs\user.pst” -ExcludeFolders “#Inbox#/Pictures of Y”

But it still didn’t work. I am not sure if the ExcludeFolders parameter also excludes subfolders or not... Both failed with the following message:
Error: MapiExceptionPartialCompletion: Unable to copy to target. (hr=0x40680, ec=0)
Operation: ISourceFolder.CopyTo
OperationSide: Source
Primary (c0e7ee8d-6f43-430a-b11f-dfba42501ee6)
PropTags: [ContainerContents; FolderAssociatedContents; ContainerHierarchy; DisplayName; RulesTable; 1071710466]


Attempt 4
Tried deleting the folders with MFCMapi but got the following error:


Attempt 5
Tried using Microsoft Exchange Server Information Store Viewer (MDBVU32) but it didn’t work as well. I wasn’t getting any errors and could create and delete other folders, but not the ones I wanted to...

MDBVU32 works “a bit” like MFCMapi. You basically logon and open the Message Store you want to access and then look for the folder (or e-mail) you want to work on.

You then change the operation to DeleteFolder() and click on Call Function... Select the flags you want and then click OK.

In my case nothing would happen for these folders although it would work for any other folders/e-mails...


Attempt 6
Thought about creating another mailbox and simply copy everything across but this would have an impact on the user and the categories wouldn’t be moved, so out of the question for now...


Attempt 7
Changing the type of the folder using MFCMapi:
  • Start MFCMapi with Outlook not set to cached mode;
  •  Logon and display store table;
  • Open mailbox/Top of Information Store;
  •  For an email sub folder that you want to delete;
  • Change PR_CONTAINER_CLASS to IPF.IMAP from IPF.Note;
  • Click OK in the property pane.

 But still the same error when deleting both from MFCMapi and Outlook...


Attempt 8
Isinteg was out of the question as it would take days to run on the DB where the user is and would affect everyone on that DB. So tried moving the mailbox to another DB but it didn’t work... After more than 3h always in 5%, it finally failed with the error (some output removed for simplicity):

Alias                            : user
Status                           : Failed
StatusDetail                     : FailedMAPI
BadItemLimit                     : 5000
BadItemsEncountered              : 0
OverallDuration                  : 04:38:45
TotalFailedDuration              : 03:25:37
TotalQueuedDuration              : 00:00:03
TotalInProgressDuration          : 01:13:04
TotalTransientFailureDuration    : 00:31:19
TotalMailboxSize                 : 1.23 GB (1,320,399,499 bytes)
TotalMailboxItemCount            : 25749
BytesTransferred                 : 0 B (0 bytes)
ItemsTransferred                 : 0
PercentComplete                  : 5
FailureCode                      : -2147024882
FailureType                      : MapiExceptionNotEnoughMemory
FailureSide                      : Source
Message                          : Error: MapiExceptionNotEnoughMemory: Unable to synchronize manifest. (hr=0x8007000e,
                                    ec=1008)
                                   Diagnostic context:
                                       Lid: 55847   EMSMDBPOOL.EcPoolSessionDoRpc called [length=142]
                                       Lid: 43559   EMSMDBPOOL.EcPoolSessionDoRpc returned [ec=0x0][length=739][latency
                                   =46]
                                       Lid: 23226   --- ROP Parse Start ---
                                       Lid: 27962   ROP: ropOpenFolder [2]
                                       Lid: 27962   ROP: ropIncrCfg [112]
                                       Lid: 27962   ROP: ropUpldStStrmBegin [117]
                                       Lid: 27962   ROP: ropUpldStStrmEnd [119]
                                       Lid: 27962   ROP: ropUpldStStrmBegin [117]
                                       Lid: 27962   ROP: ropUpldStStrmEnd [119]
                                       Lid: 27962   ROP: ropUpldStStrmBegin [117]
                                       Lid: 27962   ROP: ropUpldStStrmEnd [119]
                                       Lid: 27962   ROP: ropUpldStStrmBegin [117]
                                       Lid: 27962   ROP: ropUpldStStrmEnd [119]
                                       Lid: 27962   ROP: ropFXSrcGetBufferEx [156]
                                       Lid: 17082   ROP Error: 0x3F0
                                       Lid: 23137
                                       Lid: 21921   StoreEc: 0x3F0
                                       Lid: 27962   ROP: ropExtendedError [250]
                                       Lid: 1494    ---- Remote Context Beg ----
                                       Lid: 1238    Remote Context Overflow
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 7155    StoreEc: 0x3F0
                                       Lid: 6131    StoreEc: 0x3F0
                                       Lid: 22184
                                       Lid: 24312   StoreEc: 0x3F0
                                       Lid: 22360
                                       Lid: 2238    StoreEc: 0x3F0
                                       Lid: 20888
                                       Lid: 24504   StoreEc: 0x3F0
                                       Lid: 24148   StoreEc: 0x3F0
                                       Lid: 23796
                                       Lid: 2478    StoreEc: 0x3F0
                                       Lid: 1750    ---- Remote Context End ----
                                       Lid: 26849
                                       Lid: 21817   ROP Failure: 0x3F0
                                       Lid: 32758
                                       Lid: 16586   StoreEc: 0x3F0
                                       Lid: 22518
                                       Lid: 28874   StoreEc: 0x3F0
                                       Lid: 29516
                                       Lid: 31820   StoreEc: 0x3F0
FailureTimestamp                 : 02/02/2012 10:27:38
FailureContext                   : --------
                                   Operation: ISourceMailbox.EnumerateHierarchyChanges
                                   OperationSide: Source
                                   Primary (c0e7ee8d-6f43-430a-b11f-dfba42501ee6)
                                   Catchup: True


Attempt 9
Already getting desperate, decided to temporarily increase the maximum number of objects that can be handled by Outlook clients by setting both objtfolder and objtfolderview to a value greater than 500 (KB842022 or Maximum open folder objects per logon has been changed).

WARNING: this affects everyone on the mailbox server you set this and it also needs an IS restart so be very careful!!!

As I have a few servers that only host passive DBs, decided to implement the change in one of those servers (I set the registry key value to 3000) and switched over only that DB to that server.
Tried deleting the folders but was getting the same error regarding the 4,000 limit! Not sure why this time... Increased the registry key’s value to 6000 and decided to try again. However, although there were no errors at all on the server, no one could access any mailbox in that server!... Ups! Time to quickly rollback!
Another failed attempt...


Resolution
So how did I fix this problem? Since the beginning that I was thinking about what would happen if I tried to delete the last folder? Because I didn’t feel like expanding almost 3,000 folders (probably for Outlook to complain about the 500 limit!) this had to be done using a script.

Although I love writing scripts, I was avoiding doing this for some reason. But since everything else was failing, I decided to give it a go. And the result was that it worked without any problems!   :-D

I just wanted to quickly try this, so didn’t pay much attention to performance. For this reason, the script is not very efficient because:
it goes through all the folders one by one and then deletes the last one;
starts all over again, goes through all the folders one by one and then deletes the last one;
starts all over again....

In this case it took between 30 to 60 minutes to delete 2,890 folders but it eventually got there!   :)


WARNING: as with every script, make sure you test it properly before running it for a live user!!!


You can also find the script in the Microsoft TechNet Script Repository: Delete Outlook Folders Bottom-Up

# Script: DeleteFoldersBackwards.ps1
# Purpose: This scripts deletes every folder and subfolders for a specific top-folder starting from the last one
# Author: Nuno Mota
# Date:  Feb 2012

[String] $mbxName = "motan@parliament.uk"
[Int] $intCount = 0

[String] $dllPath = "E:\Program Files\Microsoft\Exchange\Web Services\1.1\Microsoft.Exchange.WebServices.dll"
[Void] [Reflection.Assembly]::LoadFile($dllPath)

$Service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2010_SP1)
$Service.AutodiscoverUrl($mbxName, {$True})

# This is the root folder from where we want to start searching for the folder we want to delete.
# Once we find it, then we will go recursively down that folder.
# Other option would be to get the FolderID and start the search straight from there
$RootFolderID = new-object Microsoft.Exchange.WebServices.Data.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::Inbox, $mbxName)
#$RootFolderID = new-object Microsoft.Exchange.WebServices.Data.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::Root, $mbxName)
$RootFolder = [Microsoft.Exchange.WebServices.Data.Folder]::Bind($Service, $RootFolderID)

$FolderView = New-Object Microsoft.Exchange.WebServices.Data.FolderView(1000)
$FolderView.Traversal = [Microsoft.Exchange.WebServices.Data.FolderTraversal]::Deep
$Response = $RootFolder.FindFolders($FolderView)

# Go through all folders under the Inbox folder looking for the folder we want to delete
ForEach ($folder in $Response.Folders)
{
 # Check if the current folder is the folder we want to delete
 If ($folder.DisplayName -eq "Pictures of Y")
 {
  # Found the folder, so start a new Deep search across all its sub-folders
  $FolderView = New-Object Microsoft.Exchange.WebServices.Data.FolderView(3000)
  $FolderView.Traversal = [Microsoft.Exchange.WebServices.Data.FolderTraversal]::Deep
  $Response = $folder.FindFolders($FolderView)
  $RootFolder = $folder
  
  # Loop to go through all sub-folders while there are any
  While ($($Response.Folders).Count -gt 0)
  {
   # Get the last folder so we can then delete it (not very efficient...)
   ForEach ($folder in $Response.Folders)
   {
    #$folder.DisplayName
    $lastFolder = $folder
   }

   Write-Host "Deleting", $lastFolder.DisplayName
   $lastFolder.Delete([Microsoft.Exchange.WebServices.Data.DeleteMode]::HardDelete)
   $intCount++
   Write-Progress -Activity "Deleting Folders" -Status "Folders Deleted: $intCount"

   $Response = $RootFolder.FindFolders($FolderView)
  }

  # Delete the top folder and exit the first ForEach
  #Write-Host "Deleting Top ""$($RootFolder.DisplayName)"""
  $RootFolder.Delete([Microsoft.Exchange.WebServices.Data.DeleteMode]::HardDelete)
  Break
 }
}
Posted by 0 comments
Links to this post
Labels: ,

Friday, February 3, 2012

Exchange AD Schema Changes


We all know that with every Exchange Service Pack [SP] we have to run the usual setup /PrepareSchema (or setup /ps) in order to prepare the Active Directory Domain Services Schema for the newer version of Exchange. This is because every new SP introduces new attributes and modifies some existing classes and attributes in the Schema. But what exactly is added and/or changed?! To help answering this question, Microsoft made available the Exchange Server Active Directory Schema Changes Reference document.

The latest version of the document, from November 2011, includes changes made by:
  • Exchange Server 2010 SP2, SP1 and RTM
  • Exchange Server 2007 SP3, SP2, SP1 and RTM
  • Exchange Server 2003

Not sure why the file is not available a “simple” download, but you have to download a nADSchemaRef.msi file, install it and then get the document from (by default) C:\Program Files\Microsoft\ExDevCenterDownloads\Exchange Server Active Directory Schema Changes Reference. Very strange...

DOWNLOAD: Exchange Server Active Directory Schema Changes Reference,November 2011

Other alternative you have, is by looking at all the .ldf files that are used in the process, which are located in the \amd64\Setup\Data\ directory on the setup DVD.

I recon you will prefer the first method   :)
Posted by 0 comments
Links to this post
Labels: ,

Sunday, January 29, 2012

Exchange 2010 SP2 Breaks OWA


The other day we decided it was time to apply SP2 to our Exchange 2010 SP1 environment (in pre-production first of course). After installing it to one CAS server without any issues, it was time to test it to make sure OWA, ECP, etc., was working fine.

We have Hardware Load Balancers in front of our CAS servers and we also do SSL Offloading so to test it we connected directly to the CAS server:
  1. OWA opened fine. We could navigate through all the e-mails in the Inbox folder without any problems;
  2. We noticed that the integration with OCS wasn’t working… After checking all the configurations, everything seemed to be correct;
  3. The ECP was working without any problems;
  4. But whenever we selected a different folder in OWA, we would get the following error message:



After a while, we noticed that by using HTTP://CASserver/OWA we would experience all these problems but if we used HTTPS everything would work fine!

So we checked IIS settings regarding SSL, Certificates, SSL Offloading and the OWA Virtual Directory configuration but everything was as before!...

It was only when we compared the web.config file for OWA that we noticed something different:


SP2 introduces a new key called httpCookies:
<!-- Require all cookies to be sent over SSL only. This config applies only to DataCenter where HTTPS is required (PS: 445778) -->
<httpCookies httpOnlyCookies="false" requireSSL="true" domain="" />

Although in IIS we have the Default WebSite to require SSL but the OWA one to not require SLL, this setting seems to take precedence and so it makes OWA to require SSL. For this reason, we were getting all those problems when using HTTP only...
After changing the requireSSL="true" to false, everything was back to normal!


According to Microsoft, this is a new feature in SP2 to simplify the Outlook Web App URL (in most scenarios).
In the Exchange 2010 SP2 Release Notes there is a mention to this that we missed:
If you’re using redirection for Outlook Web App and aren’t requiring Secure Sockets Layer (SSL), redirection will fail after the Client Access server is upgraded to Exchange 2010 SP2. To avoid this problem, after you’ve completed the upgrade to Exchange 2010 SP2, modify the Outlook Web App web.config file. For directions, go to “Use IIS Manager and Notepad to simplify the Outlook Web App URL when SSL isn’t required” in Simplify the Outlook Web App URL. You don’t have to make any changes in IIS Manager to prevent redirection from failing. You just have to modify the web.config file.


Bottom line: always read everything in the release notes and always test it before implementing any change/rollup/SP in your production environment!
Posted by 2 comments
Links to this post
Labels: , ,
Subscribe to: Posts (Atom)