Exchange / Outlook

Fixing exchange2003 unable to send to exchange2007 mailboxes.

In my newly installed exchange2007 site I also had an exchange2003 server that handles all the incoming/outgoing mail apart from the test user that I had moved to the 2007 server. Unfortunately I could not send mail to the 2007 user but I could receive mail from this user. T here was a lot of postings on the internet and various forums for solutions for a similar problem but normally in the opposite direction.
After a post at petri (2nd posting down) I deleted my smarthost setting on the virtual server on the 2003 machine and mail started flowing. Now I can progress in my mail migration. Many thanks to Andy at Petri for the answer on this one.
Annoyingly this did come up in the best practise analyzer, but only as a warning. As the smarthost had been working I left it alone – I really should have known better.

Outlook address not updated from AD when not in cached mode

There are tons of reports on regenerating the offline address book and forcing outlook to download a new version once a change has been made, but that doesn’t really apply when outlook is not being used in cached mode.

I had renamed a couple of distribution lists but they were showing up as the old name in outlook for all my users. Turns out that I had renamed them on a server without the exchange add-ins which made it harder to troubleshoot as it all looked good on there! However, because of this I had not changed the Exchange General tab which includes the Display Name – sure enough this was showing the old name.  I changed this and the users address book came up properly.  Next time I’ll do ALL renames on my exchange server 😉

Removing pesky paragraph marks

I’m sure you’ve all had the annoying experience when you are typing in a Word document or an outlook email and all of a sudden the screen is filled with backwards P’s – the paragraph marks. I’ve never been able to work out what triggers this to occur until today when I decided to find out after yet another helpdesk ticket came in asking how to turn this function off. (It is especially tricky in outlook as the button does not appear in the standard toolbars within outlook.)
I found that pressing ctrl, shift and 8 (or more correctly ctrl *) will toggle the paragraph mark status. I suspect that the keyboards are registering the ctrl key being held down at the same time as the shift 8 key is being pressed to get a * displayed in the text.
Note that you can find out what other shortcut keys take affect by right clicking an empty part of the toolbar, clicking customize, selecting the Options tab and then enabling “Show shortcut keys in Screen Tips” and then clicking ok to close the dialog boxes. Turning this on helped me determine the buttons to press.

Exchange 2007 Migration is almost done.

Day 50 - Too late!The migration from NT4 and Exchange 5.5 to Exchange2007 and Windows 2003 is almost done. This weekend was the installation of Exchange 2007 and the move of mailboxes. Unfortunately it did not go to plan. Upromote worked great on the first server that needed the software and after two or three reboots it was acting as a member server. The second server however did not go well. Instead the server bluescreened in the middle of the process and I was left with a server that was neither in a domain or in a workgroup.  The logon box did not include the domain option but the local SAM was corrupted and wouldn’t let me login. As the machine was out of the domain I couldn’t connect to it remotely apart from ping activity. After struggling for a long time with a multitude of recovery tools we ended up with a parallel installation of NT4 on the machine so that we could access the data on the drives. This was not without hassles – the RAID controller drivers would not recognise the disk in NT4 – you would have thought that downloading the drivers for the raid controller that appears in the BIOS boot would work but nope – we had to use different drivers!  I tried to access the machine using Microsoft’s Dart Tool – the rebranded ERD commander, but this tool doesn’t support NT – in the end I had to go back to ERD Commander 2002 to get a version that worked with NT4 (although it didn’t actually help). The parallel installation of NT also needed SQL 7 reinstalling but this needed ie4 installed (and where do you get *that* from?)  Fortunately it would also accept IE6 too.

Installing the Exchange2007 sp1 was not a fun experience either – the process stopped half way through with an error saying that a file was in use and that I needed to reboot the server to continue. When I did so, the installation would not continue as all of the Exchange services and several other essential windows services had been set to disabled by the previous installation and the upgrade needs the Information Store to be running. As the other services were stopped the machine acted like it was behind a firewall – you were not able to ping out or into it. Setting all the services to automatic and then starting them got through this problem – I had to boot up my Virtual Exchange 2007 server to see which disabled services should normally be running though. I actually had to try the upgrade about 3 times before I got through with no errors but the whole experience made SQL2005 look stable.

Now I am having major trouble getting the remote outlook clients to connect through to the exchange 2007 server using RPC over HTTPS – it worked great with the Exchange 2003 server but just will not work with Exchange 2007 – if you have any bright ideas then let me know – tomorrow I’ll be logging a call with Microsoft for some assistance.

At the end of the weekend I felt like I had installed every piece of Microsoft software just to get Exchange migrated onto new servers. I have got some great ideas for future migrations and I know that I don’t want to repeat the process sometime soon!

Then to top it all off, the advert shown in this blog post arrived stuck to the front cover of my Technet magazine today – talk about bad timing.  Having said that, I have received the white paper and I don’t think we’d use their services as it sounds expensive. The advice was pretty basic but did include the steps of removing old mailboxes and cleaning up the database. One REALLY annoying thing to see when you are moving mailboxes on a weekend without pay is a lot of “moving 1 of 3654 spam messages” and “moving 3 of 12876 deleted items”.  I had told the users to delete these items before the upgrade but this hadn’t been done.  I think next time I will include a step of telling the users to delete their spam, junk and deleted items BEFORE the upgrade as it will be done as part of the upgrade “automatically” (and if anyone has a tool that will walk through a message store deleting items in the spam, junk and deleted items then let me know)

Exchange server upgrade – pt 2

This weekend was meant to be the second stage in a NT4 and Exchange 5.5 migration to Windows 2003, Exchange 2007. This process has been a big nightmare so far – this weekend wasn’t helped by the cd being unreadable by any of the machines (although you could see *some* files the setup program wouldn’t completely launch.)
Trying to think of an alternative solution I wondered if the trial version of Exchange that is downloadable from Microsoft would work. However, although Microsoft say you can actually use a purchased key on the trial version, the only trial version available is 32bit and the only supported version of exchange is 64bit. The other problem is that the 64bit version is a 5.5GB DVD so not something you can easily download on a T1 connection 🙂
Eventually we managed to get a copy of the DVD from another branch of the company and I started the install process. Unfortunately it was then that I discovered that you can only install Exchange 2007 into a Native mode AD. Initially I thought it just had to be higher than 2000. Unfortunately as I’m doing an upgrade from Windows NT domain to Active Directory I still had NT4 domain controllers from the original installation and these are not machines that the client is willing to remove. So I’m now stuck with a half finished migration.
Currently my two solutions are to split the nt4 domain controllers into their own separate LAN and then remove the records for the W2k3 servers and delete the NT4 servers from the AD LAn – this should work as the 2 domain controllers are just serving as standalone machines now so don’t really need clients to connect to them but their services are needed.
The other solution (which might be more graceful) is to use upromote to demote the nt4 servers to member servers only. At $99 per server this will be more cost efficient and graceful than splitting the network into 2 lans.

I must say that this whole 5.5 to Exchange 2007 is not an easy migration by any stretch of the imagination and I would certainly not recommend that you try and do it over two consecutive windows – especially if your original NT servers provide extra services to your existing network.

Unable to run outlook – prompting for installation key – fixed

I had a remote user, working behind a vpn connection to the office log onto the pc for the first time (which was a hard job in itself – I had to use the dial up networking login to authenticate to the domain and cache credentials to the workstation). This user was having problems running outlook with the software prompting him to provide the location for the office source files with the error message “Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\Setup.hlp”
Entering the network installation location did not work. This issue is documented in KB Article 297834 which didn’t help what so ever, the setup /fvm took forever to run but didn’t work.
However, if I logged on as the administrator user outlook would run successfully. So I added the user to the administrators group and I still got the same error message.
Looking in the eventlog I got the generic error 1004, but I did get the message “Detection of product ‘{90110409-6000-11D3-8CFE-0150048383C9}’, feature ‘OutlookUserData’, component ‘{8ADD2C9C-C8B7-11D1-9C67-0000F81F1B38}’ failed. The resource ‘HKEY_CURRENT_USER\ Software\ Microsoft\ Office\ 11.0\ Outlook\ UserData’ does not exist.
Copying the registry entries for the admin user for the Office\11.0 tree didn’t work either.
A search on google for 11.0\Outlook\UserData came up with the article kb0106250 on rangersuite. I modified the text file to only include the version 11 entries, ran it and outlook ran through the first time wizard and the user (and I) was very happy.
For completeness sake, the registry entries to fix this problem are in the extended entry.

Getting a Samsung IP-830W to activesync.

After receiving a Samsung IP830W to allow international access to exchange, I had a big headache getting the device to sync with the exchange server.
The initial problem was caused by the SSL certificate having expired on the exchange server. Normal browsers can just hit the ok button to continue, but Windows Mobile5 will refuse to sync unless this is fixed.
Rather than purchase a new SSL certificate and wait the couple of weeks for Verisign or Network Solutions to provide me a certificate (this was needed *now*) I did some research and came up with the website SSL Enabling OWA 2003 using a free 3rd party certificate. Following the instructions was very simple and after a few minutes I had the certificate installed on the server. However the Windows Mobile Device would not accept the certificate! More research later the solution seemed to be to copy the cert file to the device and double click it but this still didn’t work.
In the end I copied the ca.cer file to my pc and then used the infrared connection to copy it to the device. This got around the previous problem I had with the certificate programs not recognising the previous certificate I had BUT I then got the issue “Security permission was insufficient to update your device”.
Whilst I was doing this I was on the phone with Sprint (on hold) for twenty minutes and at this point they answered the phone and were useless. They admitted they hadn’t had any training on this, that no certificates were allowed to be installed on the device and to contact Microsoft. I hung up on the guy as he obviously had no clue and downloaded the RegeditSTG file from Bernt Lervik. Using the instructions at Bernt’s site I edited the registry to allow the certificate to be installed. I did have to extract the zip file first and copy the exe file across as opposed to the zip file. Note that in order to expand the branches I had to use the center key within the rocker switch as the stylus/enter key wouldn’t work.
Start regeditSTG and navigate to the hive key HKLM\Security\Policies\Policies
Change the following three registry keys (hint: hit Values first)
a. 00001001 to 1 (was 2)
b. 00001005 to 40 (was 16)
c. 00001017 to 144 (was 128)
After that I was able to double click the ca.cer file to install it, and then start the activesync process with exchange.

Hope this (convuluted) solution will help any other users and me the next time I have to do this certification dance.