It’s a busy week at the office this week as I’m at a 3 day event on Exchange2010 training as part of Microsoft’s Ignite sessions. You do need to be a Microsoft Partner to register for the Exchange 2010 training (if there are any further events going on – I’m not sure) but if you are going to be using or supporting Exchange2010 then I highly recommend it. So far it seems to be very similar to the Exchange admin training courses you would normally attend, but at a fraction of the cost. It’s a level 300 course so pretty technical – by about 4pm on the first day my mind was starting to get a bit confused – there was a lot of theory today and you certainly need to have some familiarity with previous versions of exchange.
The neat thing was that we’ve just recently moved to Exchange2010 in-house, so I was able to check some of the features that I didn’t already know about on our live client (outlook or outlook web app) as we progressed through the training.
We’re using Windows2008 machines running Hyper-V with 8gb of memory which means some creative juggling of memory and sometimes the machines are slow, but it really is the only way to do the training. Some points we have 4 machines running – this would have been almost impossible before virtualization was around to reduce the hardware requirements for enterprise lab environments. This course is also the first one I’ve been to that has some users in the local office and some using gotomeeting to attend the training over the internet. So far I think the arrangement has worked well for the internet users although I feel sorry for the person in Washington who has to start work at 6am due to the time zones. I was surprised that they were not using LiveMeeting to host the training (as this is a Microsoft event) but apparently the screenupdates were not been fast enough for the remote users.
I’ll be posting a few links on my twitter account – helsbyhome, and my absoblogginlutely delicious account as the course progresses. Mostly these are links for extra tools, utilities or downloads to assist in the management and implementation of Exchange2010.
My company would like to apologise for the weather (ie tons of snow) that Columbus, Ohio is currently experiencing. We believe it is entirely our fault as we have started our migration from Lotus Notes to Exchange 2010 – something I believe would only ever happen if Hell froze over. Therefore we are totally to blame for the weather. Thankfully there is no way we are going back to Notes, so it looks like this weather is here to stay.
After a recent migration of mail to Exchange2007, we’ve just started getting users logging tickets where a security window pops up saying “The name of the security certificate is invalid or does not match the name of the site”. This can happen even when the client is not at their desk. It took a few seconds to work out what was causing it – the clue was that the window had an icon in the taskbar for outlook. Searching in Google found Microsoft’s KB article 940726 with the resolution to the fix which involves changing various internal url attributes.
The instructions are fairly straightforward but I wanted to see what the values were set to before making the change. As I’m not very familiar with powershell it took me a while to work out what I needed.
For the command
Set-ClientAccessServer -Identity Servername -AutodiscoverServiceInternalUri https://name.contoso.com/autodiscover/autodiscover.xml
you want to run the command
Get-ClientAccessServer -Identity Servername | fl
The pipe fl provides all the values in a list – if you don’t include this part of the code you will end up with one line containing the name of the server – a value that you hopefully know already!
I really need to get cracking on my powershell skills – I still prefer good old fashioned dos batch programming but now that we’ve started to roll out powershell across all machines, powershell skills will be in demand more and more.
The past two reboots (where the server has been offline for a while) has resulted in non delivery reports being sent back to some of the mailboxes for mail that was sent several weeks ago and that had not been reported as failed when the mail was initially sent.
The first time this happened I thought it was just one of those things, especially as I had not seen mail in the queue before rebooting the server. After the second occurrence I knew it was time to investigate.
SBSisyphus has a great posting including a link to the exchange2003 (sp2) patch that should fix the “kb950757 Email senders do not receive an indication that some messages have been held by Exchange Server 2003 until the SMTP service, The Microsoft Exchange Information Store service, or the Exchange server is restarted”. I applied it to my machine and I’ll have to see what happens.
For what it’s worth you do not need to reboot the server (unless wmiprvse.exe is running – but you get an option to kill this process if it is running before proceeding) but it will stop and start your mail and web services so don’t apply it during the day and it goes without saying that you should have a backup first.
The other powershell script I worked on was to retrieve a detached mailbox that was still retained in exchange, archive the mail to a pst file, move the pst file to the managers home directory and then delete the mailbox again.
The following script does this – note some paths are hardcoded and I already have a temporary account in AD called tempuser that does not have a mailbox. This is the account that the deleted mailbox is attached to.
The main disadvantage to this method is that at the end of the script all of the detached mailboxes will appear as tempuser in the exchange console. In this particular script I also do very little error checking as this was designed for my use but hopefully helps others too.
$user=$args[0] #user is the first parameter passed
$fname=$args[1] #first name
$lname=$args[2] #last name
$fullname=$fname + " " + $lname
$manager=$args[3] #manager windows accountname is the last parameter passed
if ($manager -eq $null) {exit} # if not enough parameters are provided then quit the script
write-host $user
write-host $manager
$Host.UI.RawUI.WindowTitle = "attaching mailbox to tempuser account"
$result=Connect-Mailbox -Identity $fullname -Database 'servername\First Storage Group\Standard User Mailbox' -User 'domain\tempuser' -Alias 'tempuser'
$Host.UI.RawUI.WindowTitle = "Sleeping 60 until moving mailbox"
start-sleep -s 60 # sleep 60 seconds after moving mailbox to tempuser account before doing the export
$Host.UI.RawUI.WindowTitle = "exmerging mailbox"
export-mailbox tempuser -pstfolderpath d:\mailboxes -confirm:$false
$Host.UI.RawUI.WindowTitle ="sleep 20 seconds"
start-sleep -s 20 # sleep 20 seconds after exporting mailbox to tempuser account before doing the mailbox move
$Host.UI.RawUI.WindowTitle = "Moving pst file to managers mailbox"
$newdir="\\archiveserver\c$\users\" + $manager + "\" + $user
$result=mkdir $newdir
$newpst=$newdir + "\" + $user + ".pst"
$newpst
Move tempuser.pst $newpst
$Host.UI.RawUI.WindowTitle = "disabling tempuser mailbox for reuse"
disable-mailbox tempuser -confirm:$false
Note that I use the $Host.UI.RawUI.WindowTitle statement a lot – this enables me to easily see whereabouts in the script I have got to. I much preferred to use the command title in my batch files to do the same thing. Likewise the $null = $host.UI.RawUI.ReadKey(“NoEcho,IncludeKeyDown”) is the equivalent of the batch command pause
This week at work I’ve been doing a fair amount of work with powershell. It has been a slow process as I’ve had no training in powershell and was basically teaching myself as I went along. I had two goals in mind.
The first was to automatically attach a mailbox to a temporary account, export the mail within this mailbox to a pst file, move the pst file to a folder and then delete the account again. As Exchange2007 needs to use powershell to export the data I had to change my user deletion script to run within powershell.
My other goal was to write a report for all mail sent or received through the exchange server in the past 24 hours. Using the exchange tracking logs I was able to pull the information required to do this.
The second problem was causing me more hassles as I could not work out how to retrieve the time from 1 day ago AND have the result in the format needed for the next part of the script. I could get the current time in the correct format OR I could get the time from 1 day ago but not in the current format. I went onto the #powershell room on irc.freenode.net but it looked like everyone was asleep as I didn’t get any response to my query. I decided to post a tweet on twitter about the problem and within 5 minutes I had about 3 or 4 responses which was great. At the same time I also got a response in the chatroom. As usual with coding, there are several ways to get an answer. However Jaykul was very helpful in telling me that “get-date (get-date).addays(-1) -f g” is 2 ten thousandths of a second quicker than “[datetime]::now.adddays(-1).tostring(“g”)”
Now you can probably see why I was confused and struggling to get the code working!
I’m going to post the resulting code in the next posts to make it easier to search on.
The very useful post from EHLO has a good walkthrough on how to allow other servers to relay via Exchange2007. At first glance it looks complicated, but it was actually pretty simple. I had tried to authenticate my smtp session from the NT4 IIS smtp session but that didn’t work so I followed up with the document above.
