Not sure if this is normal or not. I don't think so. Haven't done mailbox moves in a while on Exchange. Using Exchange 2010 SP3 with Update Rollup 1. I had to apply rollup 1 to address a problem with mailbox moves outlined in this article:http://support.microsoft.com/kb/2763065. The update addressed part of the issue but the server still logs event ID 9660 in the Application log which I have never seen before.

The bigger issue is I noticed Outlook goes into a disconnected state while the mailbox is being moved. This is not supposed to happen as far as I can remember. This means you really can't move a mailbox during the day. I don't remember any of these issues prior to SP2. Is anyone else experiencing this issue? Like I said, we are running Exchange 2010 SP3 UR1 on Windows 2008 R2 SP1. Two CAS server in a CAS array. Two MB servers in a DAG. Just moving a mailbox from one DB to another when both DB's are mounted on the same server produces the problem. During the move, the workstation (XP SP3) can successfully ping the CAS Array so that is not the issue. After the move, the client reconnects and all is well. I was always able to move mailboxes while the user was online and never had any issues. I have two environments. Test and Prod. It happens in both. Both environments are at the same levels in terms of SP's etc.....I looked at the Log tab on the mailbox in the Move Request folder in EMC and everything looks fine. No issues or errors. UR1 fixed the cleanup issue. It still puts a ton of event ID 9660 warnings in the application log and I think this may have something to do with it. Any help on this would be appreciated.

Receive a popup when running Exchange 2010 SP3 update.  "The LPVERSIONING File has an Invalid Value"

The installed Language is US (1033), Windows 2008 Standard with Service Pack2, Exchange SP rollup 8

I checked the exchangesetup.txt in c:\exchangesetuplogs, found "Setup couldn't find LPVersioning.xml"

Tried SP2 same issue.

Hi,

I am starting a Cross Forest Migration and so far I have all my users in the Source domain and I have created contacts for these users in the Target domain.

I have migrated some test users and at the moment I am having the following problem < #5.1.1 smtp;550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found>

I can fix this by going to the source domain and copied the LegecyExchangeDN attribute off the non-migrated account, then went to the source domain and added this as a x500 to the contact that corresponds to the account. 

Now i used ldife to export all the LegecyExchangeDN from the accounts in the source domain, but does anyone know how to import these into AD as a x500 for all the corresponding contacts ??

I have tried using ADModify but I don’t have a matching attribute so I had to give up this as it won’t work for me.

Any ideas would be great as I can’t manually edit the Target Contacts as there are thousands of them.

This is Exchange 2010 DAG. I can send mail with attachment with 3-10mb from outlook client (MS office outlook 2010) or from OWA, but from smartphone (iphone, android) can't from same mailbox. When I send from iphone4 got error: "An error occured while delivering this message"; and mail stuck in Outbox.

All exchange configuration let send mail larger than 3mb:

[PS] C:\Windows\system32>Get-TransportConfig | ft MaxSendSize, MaxReceiveSize
MaxSendSize                                                 MaxReceiveSize
-----------                                                 --------------
30 MB (31,457,280 bytes)                                    30 MB (31,457,280 bytes)

[PS] C:\Windows\system32>Get-mailbox | ft Name, MaxSendSize, MaxReceiveSize

all mailboxes -> unlimited

Where can be a problem?  

Hi,

We are planning to install exchange 2010 on our office. We have 2 sites. Primary Site and DR Site. All the active users are on Primary Site and DR site is only for disaster purpose. Primary site and DR site are connected through 100mb EPL. Also it is streched network. So we have for example 10.10.10.0 network avilable on both primary and dr. Both has AD with GC installed. Both site has separate Internet Connection.

We have 2 designs in our mind.

1. Create single DAG with 4 node in a Single site . Server 1 and 2 in primary site and server 3 and 4 on DR site.  Basically MB1 is active on Server1 and copies on Server 2 and Server 3. MB2 is active on Server 2 and copies on Server 1 and Server 4.  File Share witness is configured in Primary site and Backup file share witness is configured on DR site. CAS Array and Hub contains 4 servers 3 are on primary Site and 1 is dr site. So if any disaster we don't need to change any DNS b/c all the servers are up in DR and we need to just change the OWA point to new IP from ISP DNS and MXrecord.

2. Create separate site for DR.

Pls advise

SMI

SI

Hi all,

Is there a way to know who added a member to a distribution group in Exchange 2010 from its logs?

We in process of setting up Cross Forest Availability between two exchange organizations without doing federation. Org A is running Exchange 2010 SP2 RU6 in Single domain single forest environment. The other Org B is running Exchange 2007 however to share Availability they have introduced two Exchange 2010 SP2 CAS Server. The other org AD environment has single forest with Multiple Domain. Both Forest and Domain are at Windows Sever 2003 Functional level. All the exchange Server is installed in the child domain and not in the root forest in Org B. We have established two way non transitive ad trust with our domain and their Child domain.

Here is my first question to share Per User FB we need two way ad trust.

1. Does this has to be Forest Level Trust?

 Because the 1st challenge we had was when provisioning the ms-exch-epi-token-serialization permission for the other Org B as we couldn't see the Exchange Server Group which belongs to the other Org B as it resides in Forest Root with which we don't have trust relation with. We overcame with by creating Group in Child domain having the Exchange 2010 CAS Servers in org B and provisioned the permission using this group in org A.

We have published auto discovery information for each other thru DNS. We Used Add-AvailabilityAddressSpace to add each other address space with accessmethod as PerUserFB and UseServiceAccount as $ture.

We can connect to Autodiscover server of Org b from our CAS Servers and also access the Autodiscover and EWS web services from our CAS Server. There are no certificate error as we are trusting we others Root CA. However when trying to access the Auto discovery and/or EWS Web Services thru IE it prompts for password.  This is my second question:

2. It is normal get the authentication prompt when accessing EWS Web Services as we have given Access to the CAS Server? How do I validate that ms-exch-epi-token-serialization permission I have granted is actually working both ways? Should I run IE under System Account and try to access the EWS service to validate this?

When I try to access the FB of the user from Org B we get error indicating 'The attendee's server couldn't be contacted. (Error Code : 5016). I tried Test-outlookwebservices for users in Org B I am getting the following error

 "When querying Availability for the recipient e-mail address user1@OrgB.com, the following error code and message were received: ErrorProxyRequestProcessingFailed:Unable to send cross-forest request for mailbox <User 1>SMTP:User1@OrgB.com because of invalid configuration., inner exception: AvailabilityAddressSpace 'OrgB>.com' couldn't be used because the Autodiscover endpoint couldn't be discovered."

autodiscover.OrgB.com is resolvable and accessible from our CAS Servers. Not sure why it is indicating it is not able to discover it.

I have also turned up the Diagonistic logging for MSExchange Availbility to Max but no 4002 error are logged.

We have FIM 2010 syncing OrgB Users are contact in our Forest using GALSync.

I am not sure what I am missing here? Any advice on what else to troubleshoot. I looked at similar post and but couldn’t get answer specific to our environment.

With Regards, M S Ali

hello;

testing env.  Currently have 1 exchange 2010 server with all server roles.  (eventually would like to do this on my production environment)

i would like to move this server into a Hyper-v environment, split the server roles into a front end/back end.

i believe the process would be:

step1: create HV-exchange: move the CAS/mailbox.

step2: create HV2-exchange: move the HUB

step3: remove the original exchange server

can someone direct me to a best practices link, or maybe give me heads up on which roles i should move first??

thank you..

We have a DAG consisting of 3 Exchange 2010 servers w/ Spk2 Roll-up6 installed. Of the three, one server, at least weekly if not more, has the content indexes in a failed state. The servers are configured identically as far as we can tell. Can anyone shed light on what we might be overlooking that could cause this one server to constantly have Content Index issues?

I've searched Knowledge base documentation, and forums targeting Exchange 2010, but have not located any feedback hitting on this specific issue. Any suggestions are appreciated.

Hi. We using SBS 2011 with E2010 SP3.

Early, before installing SP3 or SP2, i had access for connect over Remote PowerShell from non-domain PC. I used Exchange Management Console for this.

Now, i want connect directly from PowerShell on Windows Server 2012. That i did:

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://mail.domain.com/PowerShell/ -Authentication Kerberos -Credential $UserCredential

and got error:

New-PSSession : [mail.domain.com] Connecting to remote server mail.domain.com failed with
the following error message : WinRM cannot process the request. The following error with errorcode
0x80090311 occurred while using Kerberos authentication: There are currently no logon servers available
to service the logon request.
 Possible causes are:
  -The user name or password specified are invalid.
  -Kerberos is used when no authentication method and no user name are specified.
  -Kerberos accepts domain user names, but not local user names.
  -The Service Principal Name (SPN) for the remote computer name and port does not exist.
  -The client and remote computers are in different domains and there is no trust between the two
domains.
 After checking for the above issues, try the following:
  -Check the Event Viewer for events related to authentication.
  -Change the authentication method; add the destination computer to the WinRM TrustedHosts
configuration setting or use HTTPS transport.
 Note that computers in the TrustedHosts list might not be authenticated.
   -For more information about WinRM configuration, run the following command: winrm help config. For
more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:12+ $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri ht ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSess
   ion], PSRemotingTransportException+ FullyQualifiedErrorId : AuthenticationFailed,PSSessionOpenFailed

The mail.domain.com is Extarnal name for OWA, ECP. The local name is mx.mail.local. Early i had access - now haven't access. Was only SP2-3 changes on Server, and Client OS now is 2012 (Before was 2008 R2 SP1)

Whats wrong? Thank You!

You can test a mailboxs readiness by using the Whatif switch in powershell i.e.

New-MoveRequest -Identity 'tony@alpineskihouse.com' -TargetDatabase "DB01" -WhatIf
Am i able to determine the amount of bad items using this switch?  
I've tested this switch with the move-mailbox.ps1 script with no errors 
encounted.  Would this suggest if i was to move this mailbox no bad items would be detected? 

I've inherited an Exchagne 2003 environment and a "planned" migration to 2010 but had a couple questions that hopefully someone here can assist with.

Current:
1- Exchange 2003 Front-end servers
2- Exchange 2003 Back-end servers

Planned:
2- Exchange 2010 servers running CAS, Hub Transport and Mailbox roles. The mailbox databases will be setup in a DAG

Client access will be load balanced through a Netscaler.

My questions are:

1. How are the CAS servers configured? Do I need to setup a CAS array and then create a certificate for the array?

2. How should I setup my SSL certificate and where will it be applied? If my ssl certificate must (maybe not) contain the server's fqdn, what names to I assign the certificate?

3. How does the Netscaler come into play here? I have seen hardware load balancers used for web traffic in the past but how does it work with Outlook clients and mobile devices?

Thank you
dj

Good Morning all,

I've recently started a new deskside role and am having no end of problems with a few VIP users, something which I don't believe is their fault. The organisation was originally operating an 03 exchange server and have decided to upgrade to 2010. The migration is not completed yet and currently chunks of users are on 03 while others are on 2010.

The migration for one user seems to have been completely messed up. She was migrated from 03 to 10 then back again and finally today back to the 2010 server. Not sure why, as the team responsible are releasing little information. This specific user seems to have been created multiple addresses in the move. For example; original address wasfirst.lastname@company.com; misspelt surname - first.lastnmae@company.com and first.lastname1@company.com

She wasn't aware the address ever changed, neither was anyone else. So this looks like a typo during a migration stage. I've found this through looking at old email records and the ensuing NDRs others have experienced. The email is nowfirst.lastname@company.com (the original). I've rectified NDRs by removing any related addresses from the NK2 of users experiencing problems contacting her, but this is obviously not very efficient.

My biggest concern now is that she is a PA to multiple directors and therefore manages multiple calendars. I had to give her back delegate permissions on those calendars as this was pointing to an incorrect address showing "(Not Found) Username" (X500/legacyexchangedn issue? not sure as I dont have enough system privelage).

She can't however edit OLD calendar meetings/events!!! If she does edit a meeting in a delegated calendar, it DUPLICATES. She can edit the duplicate fine (modify, cancel etc) but seems to have no permissions on the ORIGINAL item. It remains in the calendar amd doesn't provide her with the option to cancel it.

I'm very limited with what I can do as I have no view of the exchange setup as this is only a temp contract, but am looking for technical suggestions/advice to relay on or at least get them to look at this thread!

Any ideas? All reasonable suggestions welcomed!

Thanks!

Having issues with Free/Busy.  Following this procedure below fixes the issue, however since the mailbox is a "Room" mailbox we have to enable the user, open it in Outlook and then follow the steps.  Then disabled the Room mailbox again.  This just seems silly.  Is there a way to do the below in Powershell (EMS)?

http://support.microsoft.com/kb/958443/en-us

Outlook 2010

For the free/busy publishing feature

1. Start Outlook.
2. On the File tab, click Options, and then clickCalendar.
3. Click Free/Busy Options, and then click Other Free/Busy.
4.   In the Free/Busy Options dialog box, change the Publish month or months of Calendar free/busy information on the server setting value to a value that differs from the current setting.
   
   Note If you do not change the Publish month(s) of Calendar free/busy information on the server setting value, Outlook does not  update the hidden free/busy information.
5. Click OK three times.
6. On the File tab, click Exit.

Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.

When users follow non-standard URL links in OWA, they're presented with an error.

Example of a non-standard link:

• exampleprotocol://examplepath.domain.com

When users click such a link, they're sent to https://exampleserverpath/owa/UrlBlockedError.aspx. The page contains a window titled "Link Disabled" that states:

• "This link has been disabled to protect your security."

This error is similar to the one outlined in this 2007 KB article:

• http://support.microsoft.com/kb/982463

Unfortunately, the KB article isn't entirely clear as to what's changed for 2010. The article states that this feature is working as intended, but is also resolved for Exchange 2010.

We would like to exempt certain non-standard protocol links from this security feature (e.g., allow users to follow links that start withexampleprotocol://). Is it possible to whitelist certain protocols or otherwise get around this feature in Exchange 2010?

Have Outlook Anywhere configured on two servers in a CAS array.   I installed SP2 and RU6 on one of the two servers...once I did that...I downed the server that wasn't updated and tested OLA.   I'm not able to connect now to OLA...gives me autodiscover errors.  If I up the server that wasn't updated...then OLA starts working again...so somehow...SP2 RU6 has done something to autodiscover on the updated server.

I have disabled and reenabled OLA on the updated server and no luck.

I've compared the settings with Get-AutodiscoverVirtualDirectory and there are some differences with WSSecurity Authenication being enabled now on the updated server.

Did SP2/RU6 do this or did disabling and enabling do this?  Anyway...anybody had issues with Autodiscover/OLA after SP2 RU6 install ?