Hello everyone!

I'm migrating from Exchange Srv 2007 to 2013 and changing NLB for HLB.

In Microsoft documentation I've found my HLB are supported and it's explained how to implement policies, farms,...

My doubt is because it says that I need to define Servers with port 80, not 443. And at the end of the document, it says how to do a policy for redirecting queries from http (port 80) to https (port 443).

Why is necessary doing that instead of configuring servers with port 443 and manage queries without thar redirection?My HLB are radware and the document is:

Thanks

hi,

i've got problem when update to cu8.

the file 'c:\program files\microsoft\exchange server\v15\transportroles\agents\hygiene\asdat.msi' is not a valid installation package for the product microsoft exchange 2007 standard anti-spam filter updates. try to find the installation package 'asdat.msi' in a folder from which you can install microsoft exchange 2007 standard anti-spam filter updates.

please help me..

Hello everyone,

I'm doing an exchange 2007 > 2013 migration and following Exchange server deployment assistant.

I've installed exchange 2013 servers and configured 2013 URL last week. Only one test mailbox on DAG DB.

This monday users using their laptop complained that they couldn't access their emails over the weekend and had a pop up asking them credentials. I've reproduced this and seems that only setting Outlook anywhere settings to Negotiate or NTLM in outlook make Outlook working again. Still this setting is not persitent and failback to basic auth.

I've looked on Google for solutions but can't find one that would match mine.

From where should I start my troubleshooting?

Outlook 2013 RTM

Exchange 2013 CU 13

Exchange 2007 SP3 RU15

Hello,

We are migrating from Exchange 2010 to Exchange 2013. All mailboxes are in Exchange 2010 databases.

When we change A hosts in DNS servers, all Outlooks, ActiveSync and OWA uses Exchange 2013 CAS to access 2010 mailboxes. We have problems with few Outlook clients, that are not able to connect to their mailboxes. We have tried to reconfigure entire Outlook profile, but we are not able to configure their Outlook account if A DNS are pointing to 2013 CAS.

These mailboxes are stored in two different databases and share database with another working mailboxes. Most of Outlook users are working fine.

What can I do to fix this problems?

Thank you

Can you please help me login to my Exchange Administration Center (EAC) For MS Exchange 2013?

-----Here is my problem:--------------------------------------------------------------------------

• ► The URL takes me to an HTTPS logon screen which refuses to accept my credentials
• ► I cannot login to the EAC from my server
• ► I cannot login to the EAC from another LAN

-----Here is my setup:-----------------------------------------------------------------------------

1. Windows Server 2012 Essentials (180 Day Evaluation Version)
2. Exchange Server 2013 CU13
3. 2 Year Old Machine (3.7 Ghz, 4GB RAM, 931 GB Hard Drive)

-----Background:-----------------------------------------------------------------------------------

• Out-of-the-box setup
• Operating system only
• No software installed
• No anti-virus installed
• No migration of files, servers, accounts, etc.

I have spent about 36 hours nonstop on this (with sleep breaks). Does anybody know how I can fix this problem with EAC access?

Thank you so much.

Elias

We are getting ready to migrate from a single Exchange 2007 server to Exchange 2013. We currently use an SSL cert that we have genterated with an in house CA server. I would like to purchase a 3rd party cert for the new server and I am looking at possibly using a wildcard cert. However, I have read that this can cause some problems internally.

Our current cert contains the following SANs:

mail.company.com

server1

server1.company.local

autodiscover.company.local

autodiscover.company.com

Can I do this with a wildcard cert?  Or would I need to use some type of multi domain SAN cert?  I have a couple other subdomains that I would like to secure and was just looking to take care of it all with one cert if possible.

Nate

I want to upgrade my exchange 2007 sp1 to sp2 but get the error "setup encountered an error".

Event viewer ID: 4999. Exchange Best practice Analyzer: Active Directory site does not contain any global catalog server....

We have an Exchange 2013 / Hybrid O365 deployment, with most of our mailboxes now on Exchange Online.  We plan on keeping some mailboxes on-premise.

We still have our MX and Autodiscover records pointed to the on-premise environment.

Now that the migrations are finished, we are getting ready to change the MX record to point to Exchange Online Protection.  Should Autodiscover be changed at the same time?

Any reasons to keep things how they are?

Md. Ramin Hossain

Hi,

I’m currently working on a migration project quite some classic: Source is a mono-forest mono-domain Active Directory 2008R2 with Exchange Server 2010. Target is a mono-forest mono-domain Active Directory 2012R2. For now, I’m doing a POC on a duplicated infrastructure. I built the target forest and added a member server with ADMT. The PES Server is up and running. I disabled the sID Filtering option and enabled the sID History option. I’m able to migrate my users from the source to the target. They keep their password and they are able to get access to their resources (shares, files, etc.). However, even if they are able to open Outlook and access to their mailbox, calendar, etc. they are unable to send an email (to themselves or to outside). The NDR details are related to a send as permission not granted. I used Add-ADPermission "usermailbox" -User "TARGET\migrateduser " -Extendedrights "Send As" but it does not work. In the same time, I’ve seen that calendar availability is not working: users cannot see the free/busy details…

On previous migration projects, I used to migrate to a new Exchange Server version and used cross forest scripts to create disabled contacts, etc. But in this project, I should not change the email system for now (the customer is waiting 2017 to begin a O365 migration).

I also know that ADMT is skipping some attributes like proxyaddresses, mail, etc. Should be a situation when I will need to migrate to O365…

That’s why I ask you migration gurus! What is the best option to achieve this migration? Do I have to build a new Exchange 2010 organization and achieve a cross-forest migration? Is there a simplest solution?

Thank you in advance!

Hi,

My customer has 1 EX2K13 CU7 server. He installed six months ago .net framework 4.6.1 (KB3102467). I know that version is not supported with CU7 but the customer is not experiencing issues. I would like to install CU13. Should I first uninstall .net 4.6.1, install CU13 and then reinstall .net 4.6.1 or can I just go ahead and install CU13 immediately?

Best regards,

Frederic

I am a little confused at which path I should go down with regards to giving both the online mail users and the on-premise mail users access to my on-premise Exhcange 2013 public folders.

At the moment I have migrated some but not all users over to O365. The users that have been migrated cannot see my Public Folders. I'm not sure if my Public Folders are classified as Legacy or not?

Do I need to 'mail-enable' them or are they ok the way they have been setup now?

I have run: Set-OrganizationConfig -PublicFoldersEnabled Remote -RemotePublicFolderMailboxes PF-Mailbox

As well as the Sync-MailPublicFolders.ps1 script.

But users still cannot see the public folders in Exchange Online. I have two calendars and a list of contacts that my users access on the Public Folders.

Thank you in advance.

Dear All , 

Need help for configure Exchange server 2013 . When configure Exchange Server showing some errors . Errors are below

:

Error:
The following error was generated when "$error.Clear(); 
          if (($RoleIsDatacenter -ne $true) -and ($RoleIsDatacenterDedicated -ne $true))
          {
            if (test-ExchangeServersWriteAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue)
            {
              # upgrade the discovery mailboxes to R5 version, this will fix the RecipientDisplayType property of the discovery mailbox which was wrong in R4.
              get-mailbox -RecipientTypeDetails DiscoveryMailbox -DomainController $RoleDomainController | where {$_.IsValid -eq $false} | set-mailbox -DomainController $RoleDomainController
              $name = [Microsoft.Exchange.Management.RecipientTasks.EnableMailbox]::DiscoveryMailboxUniqueName;
              $dispname = [Microsoft.Exchange.Management.RecipientTasks.EnableMailbox]::DiscoveryMailboxDisplayName;
              $mbxs = @( get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1 );
              if ( $mbxs.length -eq 0) 
              {
                $dbs = @(get-MailboxDatabase -Server:$RoleFqdnOrName -DomainController $RoleDomainController);
                if($dbs.Length -ne 0) 
                {
                  $mbxUser = @(get-user -Filter {name -eq $name} -IgnoreDefaultScope -ResultSize 1);
                  if ($mbxUser.Length -ne 0) 
                  {
                    enable-mailbox -Discovery -identity $mbxUser[0] -DisplayName $dispname -database $dbs[0].Identity;
                  }
                }
              }
            }
            else
            {
              write-exchangesetuplog -info "Skipping creating Discovery Search Mailbox because of insufficient permission."
            }  
          }
        " was run: "Microsoft.Exchange.Data.DataValidationException: Database is mandatory on UserMailbox.".

Error:
The following error was generated when "$error.Clear(); 
          if (($RoleIsDatacenter -ne $true) -and ($RoleIsDatacenterDedicated -ne $true))
          {
            if (test-ExchangeServersWriteAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue)
            {
              # upgrade the discovery mailboxes to R5 version, this will fix the RecipientDisplayType property of the discovery mailbox which was wrong in R4.
              get-mailbox -RecipientTypeDetails DiscoveryMailbox -DomainController $RoleDomainController | where {$_.IsValid -eq $false} | set-mailbox -DomainController $RoleDomainController
              $name = [Microsoft.Exchange.Management.RecipientTasks.EnableMailbox]::DiscoveryMailboxUniqueName;
              $dispname = [Microsoft.Exchange.Management.RecipientTasks.EnableMailbox]::DiscoveryMailboxDisplayName;
              $mbxs = @( get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1 );
              if ( $mbxs.length -eq 0) 
              {
                $dbs = @(get-MailboxDatabase -Server:$RoleFqdnOrName -DomainController $RoleDomainController);
                if($dbs.Length -ne 0) 
                {
                  $mbxUser = @(get-user -Filter {name -eq $name} -IgnoreDefaultScope -ResultSize 1);
                  if ($mbxUser.Length -ne 0) 
                  {
                    enable-mailbox -Discovery -identity $mbxUser[0] -DisplayName $dispname -database $dbs[0].Identity;
                  }
                }
              }
            }
            else
            {
              write-exchangesetuplog -info "Skipping creating Discovery Search Mailbox because of insufficient permission."
            }  
          }
        " was run: "Microsoft.Exchange.Data.DataValidationException: Database is mandatory on UserMailbox.
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow)
   at Microsoft.Exchange.Configuration.Tasks.DataAccessTask`1.Validate(TDataObject dataObject)
   at Microsoft.Exchange.Configuration.Tasks.SetTaskBase`1.InternalValidate()
   at Microsoft.Exchange.Configuration.Tasks.SetRecipientObjectTask`3.InternalValidate()
   at Microsoft.Exchange.Management.Common.SetMailEnabledRecipientObjectTask`3.InternalValidate()
   at Microsoft.Exchange.Management.RecipientTasks.SetUserBase`2.InternalValidate()
   at Microsoft.Exchange.Management.RecipientTasks.SetMailboxBase`2.InternalValidate()
   at Microsoft.Exchange.Management.RecipientTasks.SetMailbox.InternalValidate()
   at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
   at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

Please help me resolve this issue 

Simply put. I inherited a complete mess on the Amazon Cloud. The thing is a damn nightmare. (actually two boxes not in a DAG environment)

Is there a procedure to actually move exchange 2013 from one box to another?
We are looking to try and move the setup to another box at our physical location.

any thoughts or guidance would be deeply appreciated.

Brett

I am trying to update an Exchange 2013 server running on windows 2012 server. 
The Scheme, Active Directory and Domain preparation finish with no errors. But once I run the Setup, I get errors related to IIS 7 (not 8) and components that are already installed. 

Exchange Setup Log:

=====================================================================

[10/06/2016 17:05:15.0684] [1] Failed [Rule:LonghornIIS7HttpCompressionDynamicNotInstalled] [Message:The 'IIS 7 Dynamic Content Compression' component is required. Install the component via Server Manager.]
[10/06/2016 17:05:15.0684] [1] Failed [Rule:LonghornIIS7HttpCompressionStaticNotInstalled] [Message:The 'IIS 7 Static Content Compression' component is required. Install the component via Server Manager.]
[10/06/2016 17:05:15.0684] [1] Failed [Rule:LonghornDirectoryBrowse] [Message:The 'Directory Browsing' component is required. Install the component via Server Manager.]
[10/06/2016 17:05:15.0684] [1] Failed [Rule:LonghornHttpTracing] [Message:The 'Tracing' component is required. Install the component via Server Manager.]
[10/06/2016 17:05:15.0684] [1] Failed [Rule:LonghornStaticContent] [Message:The 'Static Content' component is required. Install the component via Server Manager.]
[10/06/2016 17:05:15.0684] [1] Failed [Rule:ManagementServiceInstalled] [Message:The 'Web-Mgmt-Service' component is required. Install the component via Server Manager.]
[10/06/2016 17:05:15.0747] [1] [RECOMENDED] This computer requires the update described in Microsoft Knowledge Base article KB2884597 (http://support.microsoft.com/kb/2884597). Without this update, disks formatted with ReFS may not work reliably.
[10/06/2016 17:05:15.0762] [1] [RECOMENDED] This computer requires the update described in Microsoft Knowledge Base article KB2894875 (http://support.microsoft.com/kb/2894875). Without this update, disks formatted with ReFS may not work reliably.
[10/06/2016 17:05:15.0778] [1] [REQUIRED] The 'IIS 7 Dynamic Content Compression' component is required. Install the component via Server Manager.
[10/06/2016 17:05:15.0778] [1] Help URL: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.LonghornIIS7HttpCompressionDynamicNotInstalled.aspx
[10/06/2016 17:05:15.0793] [1] [REQUIRED] The 'IIS 7 Static Content Compression' component is required. Install the component via Server Manager.
[10/06/2016 17:05:15.0793] [1] Help URL: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.LonghornIIS7HttpCompressionStaticNotInstalled.aspx
[10/06/2016 17:05:15.0793] [1] [REQUIRED] The 'Directory Browsing' component is required. Install the component via Server Manager.
[10/06/2016 17:05:15.0793] [1] Help URL: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.LonghornDirectoryBrowse.aspx
[10/06/2016 17:05:15.0793] [1] [REQUIRED] The 'Tracing' component is required. Install the component via Server Manager.
[10/06/2016 17:05:15.0793] [1] Help URL: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.LonghornHttpTracing.aspx
[10/06/2016 17:05:15.0793] [1] [REQUIRED] The 'Static Content' component is required. Install the component via Server Manager.
[10/06/2016 17:05:15.0793] [1] Help URL: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.LonghornStaticContent.aspx
[10/06/2016 17:05:15.0793] [1] [REQUIRED] The 'Web-Mgmt-Service' component is required. Install the component via Server Manager.
[10/06/2016 17:05:15.0793] [1] Help URL: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.ManagementServiceInstalled.aspx
[10/06/2016 17:05:15.0825] [1] Ending processing test-SetupPrerequisites

======================================================================

Thank you and any help is appreciated. 

I currently have a 2010 Exchange environment which has a working 2010 hybrid for several years. It is working between the 10,000 Office 365 users and approx. the same on-prem. The problem we always have had it Shared Mailboxes and accessing them which requires the users to be on-prem Exchange.

The company I work for has made the decision to start migrating all users to Office 365, or as many as we can. The question I have is, is there a benefit of having Exchange 2013 Hybrid to allow the smooth transition of the Shared Mailboxes with keeping the 2010 Mailbox/CAS Servers? Is there much of a benefit in doing this or would we be better off skipping that portion.

The goal is to make it as transparent as possible to the users. I already know we are going to lose delegates and some permissions which we accept.

What would others suggest?

Dear All,

I ran the exchnage 2013 CU13 on my Exchange, 2013 CAS server,the installation went smoothly but at the final stage i am receiving the below error,can someone shed some light on this.

full text of the error.

Regards

JAck

TechGUy,System Administrator.

Hello,

I've generated & installed a new SSL certificate, which caused problem described in:

https://blogs.technet.microsoft.com/jasonsla/2015/01/15/the-one-with-the-fba-redirect-loop/

I tried a solution described above but in key point 4:
Import the new certificate into a CSP using certutil (pfx/p12):
certutil -csp "Microsoft RSA SChannel Cryptographic Provider" -importpfx <CertificateFilename>

I received an error:
C:\Windows\system32>certutil -csp "Microsoft RSA SChannel Cryptographic Provider
" -importpfx c:\work\certificate.pfx
Enter PFX password:
CertUtil: -importPFX command FAILED: 0x80090005 (-2146893819 NTE_BAD_DATA)
CertUtil: Bad Data.

What should I do ?

Maybe solution in below case is good ?:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/61d8ff98-c71a-40e4-b030-afe70edf1d2e/key-archival-again?forum=winserversecurity

best regards Janusz Such

Hello,

Some of you may not have noticed, but there are corps that have a topology that consists of many other softwares that requires to run a certain version of Exchange 2013 in your environment. Now why does Microsoft remove CUs and where can i find CU9?

Because you know, my customer doesn't want to go through the process of for example upgrading their EV system?

Thanks..

Hi,

I had a couple of other posts open for issues with mailflow during AD upgrade, but thought this needed a new post.

Essentially we have a single domain in a single forest. Three sites (main office and two remote offices), the main site containing 2 x 2008R2 AD servers, 2 x MSX2007 servers (Primary and SCR Target) and 2 x MSX2013 servers in a DAG. The remote sites each contain a 2008R2 DC only.

This has been in place for probably a year (slowly slowly migrating) and seems to work reasonably well. We were decommissioning some old AD servers and at around this time I noticed mail flow issues, mainly from 2013 to everywhere else.

I've made entries in the MSX2013 hosts files for each others IP addresses, and created a new receive connector on one of the MSX2007 servers for Exchange Authentication so that both MSX2007 machines can talk Exchange Auth.

This has fixed most of the problems, but from time to time one of the MSX2013 servers shows the queue with a next hop domain of 'Site:Default-first-site-name' begin retrying with the last error of"451 4.4.0 DNS query failed. The error was: DNS query failed with error InfoNoRecords"

The queue will contain messages from people on MSX2013 mailboxes to people with MSX2007 mailboxes.

Usually after 15 minutes, the queue empties and the messages send.

I see solutions such a using smarthosts for the affected domains (eg. if mail gets like this when sending to gmail.com) but I am not sure what I would do for an AD site.

Does anyone know what might cause this or where I could check for more information?

Thanks