Exchange Server 2013 Preview Installation

As promised, here are some more details of the brand new Exchange Server 2013 Preview! In this post, we will start by performing a simple installation of an “all-in-one” on a Windows Server 2012 virtual machine.

Roles

I will go into more details on this topic soon, but as a quick note in case you don’t know yet, Exchange 2013 Preview consists only of the following two server roles:

• Client Access server proxies connectivity for all clients (Outlook, OWA, mobile devices, POP and SMTP) and also accepts e-mail from and delivers e-mail to other mail hosts on the Internet;
• Mailbox server stores mailbox data, processes client connections proxied by the CAS and handles Unified Messaging requests. And yes, we still have DAGs   :)

Note that the Edge Transport server role isn't included with Exchange 2013 Preview. However, it supports the Exchange Server 2010 SP2 Edge Transport server role.

System Requirements

You can check the full System Requirements in the Exchange 2013 System Requirements technet page. In here, I will just provide a basic overview.

Coexistence

At this stage, Exchange 2013 Preview does not support coexistence with any other versions of Exchange... However, the RTM version is said to support coexistence starting with Exchange 2007 (not sure what Service Pack yet).

Active Directory

Your Active Directory must be at Windows Server 2003 forest functionality mode or higher, with at least one Global Catalog on Windows Server 2008.

IPv6 Support

IPv6 is supported only when IPv4 is also used. A pure IPv6 environment is still not supported...

Operating System

This one is really important, so I will mention all of them. For the Mailbox and Client Access server roles:

• Windows Server 2012

• Windows Server 2008 R2 Standard with SP1

• Windows Server 2008 R2 Enterprise with SP1

• Windows Server 2008 R2 Datacenter RTM or later

For the Management Tools:

• Windows Server 2012

• Windows Server 2008 R2 Standard with SP1

• Windows Server 2008 R2 Enterprise with SP1

• Windows Server 2008 R2 Datacenter RTM or later

• 64-bit edition of Windows 8 Release Preview

• 64-bit edition of Windows 7 with SP1

Supported Clients

Exchange 2013 Preview supports the following minimum versions of Microsoft Office Outlook and Microsoft Entourage for Mac:

• Outlook 2013 Preview

• Outlook 2010 SP1 with April 2012 Cumulative Update 

• Outlook 2007 SP3 with July 2012 Cumulative Update

• Entourage 2008 for Mac, Web Services Edition

• Outlook for Mac 2011

Virtualization

The following is supported:

• Windows Server 2012

• Windows Server 2008 R2 with Hyper-V technology

• Microsoft Hyper-V Server 2008 R2

• Any third-party hypervisor that has been validated under the Windows Server Virtualization Validation Program.

Prerequisites

Again, you can check the full prerequisites in the Exchange 2013 Prerequisites technet page as I will just provide a basic overview and only how to install Exchange 2013 Preview on Windows Server 2012! Note that there are many more steps involved to install it on Windows Server 2008!

To install both Mailbox and CAS server roles in the same server follow these steps:

Open Windows PowerShell.

Run the following command to install the required Windows components:

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

After you've installed the operating system roles and features, install the following software in this order:

• Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

• Microsoft Office 2010 Filter Pack 64 bit

• Microsoft Office 2010 Filter Pack SP1 64 bit

For the Preview edition, you must also uninstall Microsoft Visual C++ 11 Beta Redistributable (x64). This must be done after you've installed UCMA, but before you run Exchange 2013 Preview Setup! To uninstall Microsoft Visual C++ 11 Beta Redistributable (x64), do the following:

• Open Control Panel > Programs and Features.

• Select Visual C++ 11 Beta Redistributable (x64) - 11.0.50531 and then click Uninstall.

• In Microsoft Visual C++ 11 Beta setup, click Uninstall.

• When Microsoft Visual C++ 11 Beta is uninstalled, click Close.

Prepare Active Directory

Now the usual steps in order to prepare AD. From a Command Prompt window, run the following commands:

1. setup /PrepareSchema or setup /ps

2. setup /PrepareAD /OrganizationName:<organization name> or setup /p /on:<organization name>

Now run one of the following:

• Run setup /PrepareDomain or setup /pd to prepare the local domain. You don't need to run this in the domain where you ran Step 2. Running setup /PrepareAD prepares the local domain;

• Run setup /PrepareDomain:<FQDN of domain you want to prepare> to prepare a specific domain;

• Run setup /PrepareAllDomains or setup /pad to prepare all domains in your organization.

If you want to verify that AD has been successfully prepared:

• In the Schema naming context, verify that the rangeUpper property on ms-Exch-Schema-Verision-Pt is set to 15132;

• In the Configuration naming context, verify that the objectVersion property in the CN=<your organization>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<domain> container is set to 15448;

• In the Default naming context, verify that the objectVersion property in the Microsoft Exchange System Objects container under DC=<root domain> is set to 13236.

Install Exchange 2013 in Unattended Mode

The unattended mode is very similar to what it has been in the previous versions. The only differences so far seem to be the addition of the [/IAcceptExchangeServerLicenseTerms] parameter and the removal of [/AdamLdapPort:<port>], [/AdamSslPort:<port>], [/LanguagePack:<language pack bundle>] and [/Hosting]:

Setup.exe
[/Mode:"setup mode"]
[/IAcceptExchangeServerLicenseTerms]
[/Role:"server roles to install"]
[/InstallWindowsComponents]
[/OrganizationName:"name for the new Exchange organization"]
[/TargetDir:"target directory"]
[/SourceDir:"source directory"]
[/UpdatesDir:"directory from which to install updates"]
[/DomainController:"FQDN of domain controller"]
[/AnswerFile:"filename"]
[/DoNotStartTransport]
[/LegacyRoutingServer]
[/EnableErrorReporting]
[/NoSelfSignedCertificates]
[/AddUmLanguagePack:"UM language pack name"]
[/RemoveUmLanguagePack:"UM language pack name"]
[/NewProvisionedServer:"server"]
[/RemoveProvisionedServer:"server"]
[/MdbName:"mailbox database name"]
[/DbFilePath:"Edb file path"]
[/LogFolderPath:"log folder path"]
[/Upgrade]

For example:

Setup.exe /mode:Install /role:ClientAccess,Mailbox /OrganizationName:LetsExchange /IAcceptExchangeServerLicenseTerms

This command creates an Exchange 2013 Preview organization in Active Directory called LetsExchange, installs the Client Access server role, Mailbox server role and the management tools, and accepts the Exchange 2013 Preview licensing terms.

Setup.exe /mode:Install /role:ClientAccess,Mailbox /TargetDir:"C:\Exchange Server"

This command installs the Client Access server role, the Mailbox server role and the management tools to the "C:\Exchange Server" directory. This command assumes an Exchange 2013 Preview organization has already been prepared.

Install Exchange 2013 Using the Setup Wizard

1. Start Exchange 2013 Preview Setup by double-clicking Setup.exe;

2. On the Check for Updates page, choose whether you want Setup to connect to the Internet and download product and security updates for Exchange 2013 Preview. Click next to continue;

3. On the Copying File page, Setup copies files required for setup. When Setup is finished copying files and is ready to begin, click next;

4. The Introduction page begins the process of installing Exchange. Click next to continue;

5. On the License Agreement page, review the software license terms. Select I accept the terms in the license agreement and then click next;

6. On the Error Reporting page, select whether you want to enable or disable the Exchange Error Reporting feature, and then click next;

7. On the Checking Required Software page, Setup makes sure that you've installed the software required for setup to run. If any applications are listed, install them and then run Setup again. If all required software is found, click next to continue;

8. On the Server Role Selection page, choose whether you want to install the Mailbox role, the Client Access role, both roles or just the Management Tools (you can add additional server roles later if you choose not to install them during this installation). Click next to continue;

9. On the Installation Space and Location page, either accept the default installation location or click Browse to choose a new location. Make sure that you have enough disk space available in the location where you want to install Exchange. Click next to continue;

10. If this is the first Exchange server in your organization, on the Exchange Organization page, type a name for your Exchange organization;

11. If you want to use the Active Directory split permissions model, select Apply Active Directory split permission security model to the Exchange organization. Click next to continue;

12. If you're installing the Mailbox role, on the Malware Protection Settings page, choose whether you want to enable or disable malware scanning. If you disable malware scanning, it can be enabled in the future. Click next to continue;

13. If you're installing the Client Access server role, on the Configure Client Access Server external domain page, click This Client Access server will be Internet-facing if the Client Access server you're installing will be accessible from the Internet. Then, enter a domain name to use to configure your Client Access servers. If the Client Access server won't be Internet-facing, you can click next without configuring a domain name. Click next to continue;

14. On the Customer Experience Improvement Program page, choose the appropriate selections for your organization, and then click next to continue;

15. On the Readiness Checks page, view the status to determine if the organization and server role prerequisite checks completed successfully. If they haven't completed successfully, you must resolve any reported errors before you can install Exchange 2013 Preview. From the screenshots below you will see I was missing a few updates... If/when all readiness checks have completed successfully, click next to install Exchange 2013 Preview;

16. On the Completion page, click Finish;

17. Restart the computer after Exchange 2013 Preview has completed;

18. Complete your deployment by performing the tasks provided in Exchange 2013 Post-Installation Tasks.

Overview

As I mentioned before, this post is only about installing Exchange 2013 Preview. I will be posting more about this new version of Exchange, but in the mean time here are some screenshots to satisfy your curiosity:

Exchange Administration Center

Exchange Management Shell

Exchange Toolbox

OWA

Stay tuned for more on Exchange 2013!

Exchange 2010 Litigation Hold

A feature not widely used by Exchange administrators is Litigation Hold which was introduced in Exchange 2010 RTM. In some cases, there may be no need or regulatory requirement to implement it but, there are instances where users do not implement it due to lack of understanding of what exactly Litigation Hold is and how it differs from Single Item Recovery and Retention Hold.

Litigation is, simply put, the conduct of a lawsuit. When an employee or an organization faces a lawsuit or even expects one, it is required to keep all information related to the case, whether this is information on paper or most commonly, electronically stored. If all relevant information is not kept, the subject of the lawsuit might undergo further legal action, sanctions or fines.

Nowadays e-mail plays a very important role in these situations due to its vast use and it is crucial to keep every single e-mail message related to the case. But how do you prevent users from advertently or inadvertently deleting e-mails needed for the investigation? What about Messaging Records Management? Do you just temporarily disable it for all your Exchange databases? This is where Litigation Hold comes in, allowing administrators to easily:

• Preserve deleted or edited mailbox items (by users);

• Preserve automatically deleted mailbox items (by MRM);

• Search and capture items placed on hold;

All of this is easily achieved my simply placing a mailbox on Litigation Hold as you can see in this article in MSExchange.org.

Exchange 2010 Client Throttling Policies

Exchange 2007 introduced a feature called RPC Client Throttling to allow administrators to manage end-user performance by preventing client applications, such as Outlook for example, from sending too many Remote Procedure Call [RPC] requests per second to Exchange, causing the server to suffer in terms of performance. When Exchange determines that a client is having a negative effect on the server, it will send a "back-off" request to the client telling it to delay sending any additional requests for a specified time (maximum of 2000 milliseconds) in order to reduce the performance effect on the server.

In Exchange 2010, Client Throttling has been much improved, monitoring and controlling much more than just RPC requests. Its purpose is still to ensure that users are not intentionally or unintentionally straining Exchange and that users share resources proportionally.

In this article, we will explore Client Throttling Policies in Exchange 2010, what they are used for and how to change them if necessary.

For the full article, please click here: MSExchange.org.

Exchange 2013 Preview and Lync 2013 Preview

If you would like to try the new Preview editions of Exchange Server 2013 and Lync Server 2013 just go to the Office Preview website.

To check the requirements for both systems:

• Exchange 2013 System Requirements
• Lync Server 2013 Requirements

I’m just starting to install them so stay tuned for updates!!   :)

Multi-Mailbox Search Licensing

In Exchange 2010, Microsoft introduced the ability for discovery managers to search mailboxes across an Exchange 2010 organization using Multi-Mailbox Search. Along with Personal Archives, which allow you to eliminate the risk from PST files and store historical messaging data in Exchange; Legal Hold, which allows you to preserve data for eDiscovery, and Retention Policies, which allow you to manage email lifecycle, it has been one of the more popular features of Exchange 2010.

Multi-Mailbox Search required an Enterprise Client Access License (CAL) for each mailbox searched. We’ve heard your feedback on how you use this feature and the licensing requirements. Today Microsoft made a change to Exchange 2010 licensing so we’ll no longer require an Enterprise CAL for Multi-Mailbox Search.

Source: The Exchange Team Blog

Suspend Multiple Database Copies

If you are doing maintenance on a server and want to suspend all passive database copies on that server it is very simple and all you have to do is run:

Get-MailboxDatabaseCopyStatus -Server "server_name" | Suspend-MailboxDatabaseCopy -Confirm:$False

Because we are not excluding the current mounted DBs (if any), the script will throw an error stating that “The suspend operation can't proceed because database "db_name" on Exchange Mailbox server "server_name" is the active mailbox database copy” - which is fine because it’s what we want.

If you want to suspend all passive copies of a particular database across all servers you can simply run:

Get-MailboxDatabaseCopyStatus "db_name" | Suspend-MailboxDatabaseCopy -Confirm:$False

But what if you are reducing the number of database copies in your environment and just want to suspend the 4th copy of all your DBs across all your servers? In this case, we will have to use the following script:

$dbs = Get-MailboxDatabase

ForEach ($db in $dbs) {
  ForEach ($dbCopy in $db.DatabaseCopies) {
    If ($dbCopy.ActivationPreference -eq 4) {
      Suspend-MailboxDatabaseCopy $dbCopy.Identity -Confirm:$False
    }
  }
}

Hope this helps!

Troubleshooting Outlook Calendar Problems

If your users are experiencing issues with their Outlook Calendar, Microsoft released back in May a tool to help administrators in these situations, the Calendar Checking Tool for Outlook (also known as CalCheck).

This is a command-line tool that opens an Outlook profile on the local machine, opens the Outlook Calendar and checks permissions, free/busy information and auto booking, for example. The tool then checks each item in the calendar for any problems.

The calendar to by analyzed must reside on an Exchange Server and this tool does not work with IMAP, POP3 or any other non-Exchange mail servers.

To download it go to this link.

Microsoft MVP Award 2012

Yesterday, July 1st 2012 was a happy day for many people out there and I was one of them. I was in the middle of writing a new article for MSExchange.org when I received an e-mail from Microsoft saying I was awarded the Microsoft Most Valuable Professional (MVP) 2012 for Exchange!     :)

This was the first time for me and I am really and truly honored to receive this award!

I want to thank everyone who reads this blog and my scripts on TechNet, my fellow MVP Ratish Nair from the great MSExchangeGuru.com, everyone on MSExchange.org, Cristina Gonzales (my MVP Lead) and Microsoft for this award and for the amazing product that Exchange is!

I promise to keep sharing everything I know and learn and to do even more for the community! I hope my articles and blog posts are useful and if you think there is anything I can improve or if you would like to see some particular topic on this blog, please just let me know!

According to About MVP:

“The Microsoft MVP Award recognizes exceptional technical community leaders from around the world who voluntarily share their high quality, real world expertise with others. Microsoft MVPs are a highly select group of experts representing technology's best and brightest who share a deep commitment to community and a willingness to help others. Worldwide, there are over 100 million participants in technical communities; of these participants, there are fewer than 4,000 active Microsoft MVPs.
(...)

As the most active, expert participants in technical communities, MVPs are recognized and awarded for their inspirational commitment to technical communities.

In order to receive the Microsoft MVP Award, MVP nominees undergo a rigorous review process. Technical community members, current MVPs, and Microsoft personnel may nominate candidates. A panel that includes MVP team members and product group teams evaluate each nominee's technical expertise and voluntary community contributions for the past year. The panel considers the quality, quantity, and level of impact of the MVP nominee's contributions. Active MVPs receive the same level of scrutiny as other candidates each year."


Thank you Microsoft!

Disable AutoForwarding Rules

A problem many companies face is users who automatically forward all their e-mails to external addresses. The easiest way to prevent this is to use the Set-RemoteDomain cmdlet which is used to configure a managed connection for a remote domain. In this case, we will configure the Default Remote Domain (with an address space of “*”) which is the remote domain related to the Internet (if you changed its name or created a different one, please update the code):

Set-RemoteDomain Default –AutoForwardEnabled $False

Please note, however, that this will block any messages that are auto-forwarded by client e-mail programs in your organization from being sent to the internet, for everyone!

Microsoft Lync Server 2010 Protocol Workloads Poster

A new version (5.12 – June 2012) of this great poster is now available. It shows each workload in Microsoft Lync Server 2010 communications software, describing relationships, dependencies, flow of information and certificate requirements.

This new version adds more details to the Enterprise Voice workload based on feedback from several Lync experts.

Get it now from the Download Center.

TechEd North America 2012 - Exchange 2010 Videos

TechEd North America 2012 is now over and, as usual, you can find online many of the presentations. HERE are some great videos regarding Exchange.

Empty Poison Queues

If for some reason you have e-mails in a Poison Queue and you can’t get rid of them using the Exchange Management Shell [EMS] or Console [EMC], here is another method:
1. Open the Windows Services MMC;
2. Find the Microsoft Exchange Transport service and Pause it;
3. Open the EMS and run Get-Queue –Server <server_name> until all the queues are empty (except for the Poison queue);
4. Once all queues are empty stop the Microsoft Exchange Transport service;
5. Navigate to the location where your transport database is located (by default C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\Queue\) and delete all files in that folder;
6. Start the Microsoft Exchange Transport service.

Exchange will create a brand new database and your Poison queue will be cleared!

Error with your new mobile phone partnership

By default Exchange 2010 SP1 limits the number of mobile devices each user can connect to Exchange to 10. This is done by a Throttling Policy but it is not limited just to ActiveSync [EAS].

A Throttling Policy allows administrators to limit the amount of resources each user can take to avoid possible performance issues. In regards with EAS, a policy can control 6 parameters:

• EASMaxConcurrency

• EASPercentTimeInAD

• EASPercentTimeInCAS

• EASPercentTimeInMailboxRPC

• EASMaxDevices

• EASMaxDeviceDeletesPerMonth

The one we are interested is EASMaxDevices which together with EASMaxConcurrency are the only ones set by default.

If the limit of 10 is reached, a user will receive the following message on the device he/she is trying to synchronize (in this case I changed the limit to 1 for testing):

To overcome this limitation, you can increase this limit using the Set-ThrottlingPolicy cmdlet. For example, to change it to 25, run the following cmdlet:

Set-ThrottlingPolicy <policy_name> –EASMaxDevices 50

If you don’t want to increase everyone’s limit, you can create a new Throttling Policy, increase its limit and assign it to the user(s) you want:

New-ThrottlingPolicy "Increased EAS" -EASMaxDevices 25
Set-Mailbox Nuno -ThrottlingPolicy "Increased EAS"

Alternatively you can delete any devices that you no longer need to sync with Exchange, if any. To achieve this, login to Outlook Web App, go to Options -> Phone -> Mobile Phones and delete any unused partnerships to reduce the number of devices associated with your account.

For more information: Set-ThrottlingPolicy

Archive Mailbox Statistics

Although Personal Archives in Exchange 2010 are often in cheaper storage than “normal” mailboxes, we still need to keep an eye on them to check how archives are growing and how (if!) users are using it.

Here’s a simple script to get some statistics regarding all the archive mailboxes in your environment:

$mbcombCollection = @()

$archiveMbxs = Get-Mailbox -Archive -ResultSize Unlimited | Select Identity, ArchiveWarningQuota, ArchiveQuota
ForEach ($mbx in $archiveMbxs)
{
 $mbxStats = Get-MailboxStatistics $mbx.Identity -Archive | Select DisplayName, StorageLimitStatus, TotalItemSize, TotalDeletedItemSize, ItemCount, DeletedItemCount, Database

 $mbcomb = "" | Select "Display Name", StorageLimitStatus, "TotalItemSize (MB)", "TotalDeletedItemSize (MB)", ItemCount, DeletedItemCount, Database, "ArchiveWarningQuota (GB)", "ArchiveQuota (GB)"

 $mbcomb."Display Name" = $mbxStats.DisplayName
 $mbcomb.StorageLimitStatus = $mbxStats.StorageLimitStatus
 $mbcomb."TotalItemSize (MB)" = [math]::round($mbxStats.TotalItemSize.Value.ToMB(), 2)
 $mbcomb."TotalDeletedItemSize (MB)" = [math]::round($mbxStats.TotalDeletedItemSize.Value.ToMB(), 2)
 $mbcomb.ItemCount = $mbxStats.ItemCount
 $mbcomb.DeletedItemCount = $mbxStats.DeletedItemCount
 $mbcomb.Database = $mbxStats.Database
 $mbcomb."ArchiveWarningQuota (GB)" = $mbx.ArchiveWarningQuota.Value.ToGB()
 $mbcomb."ArchiveQuota (GB)" = $mbx.ArchiveWarningQuota.Value.ToGB()

 $mbcombCollection += $mbcomb
}

#$mbcombCollection
$mbcombCollection | Export-Csv D:\Scripts\Reports\"ArchiveStats_$(Get-Date -f 'yyyyMMdd').csv" -NoType

Hope this helps!

Exchange Server 2010 SP2 Help (May 2012)

The latest Help file for Exchange 2010 SP2 from May 2012 is now available for download from here.

Forwarded External Emails Don’t Display Sender’s Address

After migrating thousands of mailboxes from Exchange 2007 to 2010, only recently came to my attention a bug in the whole process.

Let’s say we have a user (call it UserA) that has a rule to automatically forward every e-mail received to his assistant (UserB):

 

Using the scenario above, with Exchange 2007 when an external e-mail is received by UserA and forwarded automatically by the Outlook rule to UserB, this will receive the e-mail like this:

Note that the e-mail address of the external recipient is displayed.

However, with Exchange 2010 the same thing doesn’t seem to happen!... Running the exact same test with both users now on Exchange 2010, UserB receives the e-mail like:

Note that my external e-mail address is not displayed so UserB has no way of replying to the sender!

Workaround

There are two main workarounds for this:

1. Update the Outlook rule to use one of the following actions instead: “forward it to people or distribution list as an attachment” or “redirect it to people or distribution list”:

However (1) the e-mail will be received as an attachment which means it is an extra step for UserB to read the e-mail and (2) the e-mail will be received by UserB as having been sent directly from the external sender to him/her, when it was actually sent to UserA...

2. At the Exchange level, enable the auto forward feature from UserA to UserB (make sure “Deliver message to both forwarding address and mailbox” is also selected so that both UserA and UserB receive the e-mail):

However this only allows you to specify one user and although the e-mail received has the sender’s e-mail address, it looks different:

For me, this is the best workaround for overcome this issue, but I guess it’s all up to the user how he/she prefers it.

You could specify a second user by using the Shell instead and a little "cheat":

Set-Mailbox UserA -ForwardingAddress userc@letsexchange.com -DeliverToMailboxAndForward $true

Reason for This?!

It turns out this only happens for mailboxes migrated from Exchange 2007 to 2010. If a mailbox is created on 2010, it works as expected with the sender’s e-mail address being displayed!

According to Microsoft, this issue was recorded as a bug and was closed as “Won't Fix”, so I don’t expect it to get fixed any time soon...

It is hard to believe that with so many costumers and millions of mailboxes migrated from Exchange 2007 to 2010 all over the world, Microsoft is not planning to fix this, so I am still trying to find out if this is actually the case.


At the time of this post, I am running Exchange 2010 SP2 RU2.

Microsoft DirSync Force Directory Synchronization

Recently I have been working on Office 365 and AD FS and at this stage I keep creating, changing and deleting accounts. By default the Microsoft Online Services Directory Synchronization Tool synchronizes changes made to the Active Directory user accounts to those in the Microsoft Online Services directory every 3h, which is a long time for me to wait...

If you are testing something or want to immediately disable someone’s account (maybe because their contract has terminated), you will want these changes synchronized as soon as possible (like me).

To achieve this, you have to manually force a directory synchronization by running the Microsoft Online Services Directory Synchronization Configuration Wizard again or by using the Directory Synchronization PowerShell cmdlet.

To force directory synchronization using the Configuration Wizard:

1. On the computer that is running the Microsoft Online Services Directory Synchronization tool, click Start -> All Programs -> Microsoft Directory Synchronization and then click Directory Sync Configuration;
2. Follow the instructions in the wizard and provide the requested credentials;
3. On the Finished page of the wizard, select Start directory synchronization now, and then click Finish.

To force directory synchronization using PowerShell:

1. On the computer that is running the Directory Synchronization tool, navigate to the directory synchronization installation folder, %programfiles%\Microsoft Online Directory Sync (by default), and then run DirSyncConfigShell.psc1 to open a PowerShell window;
2. In the PowerShell window type Start-OnlineCoexistenceSync and then press Enter.

To double check that the synchronization worked, login to your Office 365 portal and click in Users. In here you will see when the last synchronization happened:

Another option is to change how often the directory synchronization occurs. To change this:

1. On the computer that is running the Directory Synchronization tool, navigate to the directory synchronization installation folder, %programfiles%\Microsoft Online Directory Sync (by default);
2. Open the Microsoft.Online.DirSync.Scheduler.exe.Config file for editing;
3. Update the value of the SyncTimeInterval key with the interval that you prefer (the value is expressed in hours, minutes and seconds).

Hope this helps!

Update IPs on Receive Connectors

If you have multiple HUB servers and ever had to update one or more IP addresses from a custom Receive Connector, you know how much work it is involved. Especially if you have to do this often.

If this is your case, here’s how you can easily remove (or add) IPs from a receive connector across all your HUB servers:

# Get Receive Connectors to update
$recCons = Get-ReceiveConnector | Where {$_.Name -match "Unauthenticated SMTP"}

ForEach ($recCon in $recCons)
{
   Write-Host "Updating", $recCon.Identity

   $recCon.RemoteIPRanges -= "10.101.74.10"
   $recCon.RemoteIPRanges -= "10.102.34.12"

   Set-ReceiveConnector $recCon -RemoteIPRanges $recCon.RemoteIPRanges
}

Hope this helps!

Exchange 2007 Cmdlet List

Have you ever wished for a website that had all the Exchange cmdlets in one page so that you could easily search for a cmdlet or even find new ones? Well, such page exists on TechNet! If you go to the Cmdlet List webpage, you will get all the cmdlets that manage features of Exchange Server 2007 together with the server roles on which they are used!

Receive Connector Rejected an Incoming Connection

On an Exchange server, you might get the error below if you have a server or an application creating more than 20 concurrent connections to a custom Receive Connector:

Log Name:      Application

Source:        MSExchangeTransport

Date:          04/20/2012 16:15:52

Event ID:      1021

Task Category: SmtpReceive

Level:         Warning

Keywords:      Classic

User:          N/A

Computer:      HTCAS1.letsexchange.com

Description:

Receive connector "Unauthenticated SMTP" rejected an incoming connection from IP address xxx.xxx.xxx.xxx. The maximum number of connections per source (20) for this connector has been reached by this source IP address.

This means that you have a large number of connections coming from the same IP address. To prevent connections from being rejected, if this volume of connections is normal, you have to change the maximum number of connections per source.

To check the current limit (20 by default), run the following cmdlet and look for MaxInboundConnectionPerSource:

Get-ReceiveConnector <server_name>\<name> | Select *MaxInbound*

To increase the limit, you have to use the Exchange Management Shell:

Set-ReceiveConnector <server_name>\<name> -MaxInboundConnectionPerSource 500 -MaxInboundConnectionPercentagePerSource 100

If you have the same receive connector in multiple servers, you can run the following cmdlet instead to update all at the same time and in one go:

Get-ReceiveConnector *\<name> | Set-ReceiveConnector -MaxInboundConnectionPerSource 500 -MaxInboundConnectionPercentagePerSource 100

Hope this helps!