Quantcast
Channel: Exchange Server 2013 - Setup, Deployment, Updates, and Migration 论坛
Viewing all 7008 articles
Browse latest View live

Configuration question (SSL, spf)

June 3, 2014, 2:33 pm
$
0
0

Hello, I am having a few issues configuring my Exchange 2013 Deployment. This is my first time setting up a deployment from scratch and it is very much on a budget. Here are the issues I've run in to.

1) Uncertain how to generate the proper SSL for external access.

We have a windows domain "domain.com" with the mailserver on it "exch01.domain.com", this is also on the secondary DC (jsyk, in case that may cause issues)

We have a webhost (lunarpages) with a domain that is: domain.pw.

mail.domain.pw has an A record that points to the static IP of the modem where exch01.domain.com is located.

There is an MX record for domain.pw with content: mail.abraxas.pw

I want to know how to generate the SSL certificate such that, when a user goes to mail.domain.pw/owa (externally) they are able to access the server without any SSL warnings. I have purchased a signed SSL to install. I think I just need to generate the CSR correctly but the two times I have done this it has resulted in the domain being designated host.domain.com (exch01.domain.com) instead of mail.abraxas.pw?

Any advice would be TREMENDOUSLY appreciated!

2) SPF record is not showing up as valid

I have set up a text record with the following: "v=spf1 a ip4:50.137.25x.xx ~all" (x's are filled in, obviously) and mxtoolbox is reporting this as valid, however, I have the same set up as an spf record and that is failing? Any ideas why? They are set for domain.pw and not on any subdomains.

Thanks so much!


Search

Office 365 subscription problem

June 9, 2014, 9:27 pm
$
0
0
I have an office 365 subscription account. yesterday I opened a excel file and got the message- "ACCOUNT NOTICE  We've run into a problem with your office 365 subscription, and we need your help to fix it"  beside a REACTIVATE tab. And after clicking this tab my 365 a/c opens but the issue remains same. Now how to reactivate office 365 pro plus?

Office 365 subscription problem

June 9, 2014, 9:29 pm
$
0
0
I have an office 365 subscription account. yesterday I opened a excel file and got the message- "ACCOUNT NOTICE  We've run into a problem with your office 365 subscription, and we need your help to fix it"  beside a REACTIVATE tab. And after clicking this tab my 365 a/c opens but the issue remains same. Now how to reactivate office 365 pro plus?

On Premise Exchange to O365, What is the migration sequence?

June 10, 2014, 6:46 am
$
0
0

I am about to migrate from an On-Premise exchange to O365.

DirSync - What sequence are the objects and attributes synchronized? Hierarchically?, AD Schema?

Exchange Sync - What sequence are the mail objects synchronized? inbox, calendar, notes etc or using another flow process?


Outlook Anywhere - Exchange 2013 /2007 co-existence,certificate upgrade

June 10, 2014, 7:09 am
$
0
0

Hi,

We are in process of migrating from Exchange 2007 to Exchange 2013 Servers.

To meet the migration requirements we have changed the standard single name SSL certificate with UCC Certificate having multiple SAN values using the exchange 2013 EAC wizard. Later on we applied the same certificate to both Exchange 2013 and 2007 CAS servers.

Outlook Anywhere was enabled since long on exchange 2007 servers and was working fine till we made the certificate change. After we make the change of certificate given were the error message we started encountering:

The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.

Another change which we noticed were of Domain Controllers names in the same AD site as exchange getting added to VALID PORTS key under given HASH:

HKLM\Software\Microsoft\RPC\RPCProxy

As per my understanding Valid ports entry is populated with all the mailbox servers in organization only until unless we define DC there, which we never did until now. I can also see values for Exchange 2013 mailbox server there.

And now since Valid ports entry contains reference for domain controller i have to made following registry entry on my domain controllers to make it work :

On the Global Catalog servers: a REG_MULTI_SZ  entry needs to be created on each GC named NSPI interface protocol sequences at HKLM\System\CCS\Services\NTDS\Parameters\ and the value set to ncacn_http:6004

I have tried modifying the Valid Ports entry manually and removing the domain controllers reference from there but then my Outlook Anywhere doesn't work anymore. Yes i know that RPCConfigurator again populate the entry every 15 minutes and i can turn it off,i have tried that but no luck.

Result of the above change now my CAS is directly speaking for my domain controllers which earlier mailbox server was doing through DSPROXY.

Can anyone suggest me what is happening wrong here...given are the environment details:

2 CAS +HUB Exchange 2007 SP3 RU13 server on windows 2003 R2

Exchange 2007 Mailbox Server SP3 RU13 SCC on Windows 2003 R2

Exchange 2013  CU5  CAS + Mailbox Server on Windows 2012 R2

Windows 2003 AD with mix of 2008R2 DC.

Regards,

Vishal Malhan

2010 > 2013 Migration - Cached Mode Looks For Non-Existent Public Folders

June 10, 2014, 8:59 am
$
0
0

Hello,

Here's what we have:

2010 Exchange migration to 2013 SP1
Clients use Outlook 2013

I think the issue has to do with the removal of public folders on 2010 - which we were not using at all.
We did an ADSI edit in order to remove them because standard methods weren't working as expected.
Everything 'seemed' fine for a few hours afterwards.

Now when clients connect to Exchange 2013 - the inbox 'flashes' as well as any folders they have. If I examine the connection status it looks like it's trying to find the public folders.

Cached mode also prompts users that the Exchange admin made changes and they need to reboot.

If I take Outlook out of cached mode it works as non-cached mode usually works.

Any ideas? 


Thanks.


Autodiscover not working internally

June 10, 2014, 6:17 am
$
0
0

Hi

So far this has driven me crazy. I cannot seem to get this to work. I am going to try and explain the situation fully. What we have is a hosted Exchange environment where we have multiple tenants with their own domains. We have a SSL certificate for our own domain domain.com. It has the following domain names linked to it:

webmail.domain.com (Primary) 
autodiscover.domain.com (SAN) 
mail.domain.com (SAN)

We have multiple tenants with each a unique domain (i.e. tenant.com). We have setup CNAME records for this domains so that they point to our HTTP redirection website which in turn redirects them to our autodiscover website (= autodiscover.domain.com). This is to avoid having to buy an SSL certificate with several SAN hostnames. Our domain domain.local or domain.com (= externally) also hosts a series of other servers including terminal servers which are tenants/clients use. 
The autodiscovery service works externally (which means devices that are not within our domain.local domain). It is able to use the autodiscover service for i.e. autodiscover.tenant.com Internally it does not work for some strange reason. It is able to reach the redirect website and it is able to get to the right web server hosting the autodiscover website but it fails when it tries to find the hostname autodiscover.domain.com in the SSL certificate webmail.domain.com. Even though the hostname autodiscover.domain.com is included in the SAN. It says that they can't validate the certificate name. Externally it is able to find this and validate the certificate but not internally for some strange reason. Why would this be?

Thanks again for all your help. It is much appreciated.

Daniel



PST Capture Tool - Only finding some of Office365 mailboxes

June 10, 2014, 1:01 pm
$
0
0

We are using the PST Capture tool to migrate some PSTs to Office365 mailboxes.  When we go to select a destination mailbox for the PSTs it only displays a portion of the mailboxes we have in our Office365 tenant.  It appears to only be around 2,000-3,000 out of 10,000+ in our tenant.  Is anyone aware of a result list limit in the GUI or it is necessary to do something else to get them all to display?

Thanks

Search

Failed CU5 update, need help recovering

June 2, 2014, 12:42 pm
$
0
0

I went to install the CU5 update today and it fails on the step Mailbox role: transport service.

Error:
The following error was generated when "$error.Clear(); 
          $connectors = Get-ReceiveConnector -Server $RoleFqdnOrName;
          foreach($connector in $connectors) { if($connector.MaxLocalHopCount -gt 1) { Set-ReceiveConnector -Identity $connector.Identity -MaxLocalHopCount 5 } };" was run: "Microsoft.Exchange.Management.SystemConfigurationTasks.ReceiveConnectorRoleConflictException: The values that you specified for the Bindings and RemoteIPRanges parameters conflict with the settings on Receive connector "MAIL\MFP". Receive connectors assigned to different Transport roles on a single server must listen on unique local IP address & port bindings.
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.SetReceiveConnector.InternalValidate()
   at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
   at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

Error:
The following error was generated when "$error.Clear(); 
          $connectors = Get-ReceiveConnector -Server $RoleFqdnOrName;
          foreach($connector in $connectors) { if($connector.MaxLocalHopCount -gt 1) { Set-ReceiveConnector -Identity $connector.Identity -MaxLocalHopCount 5 } };" was run: "Microsoft.Exchange.Management.SystemConfigurationTasks.ReceiveConnectorRoleConflictException: The values that you specified for the Bindings and RemoteIPRanges parameters conflict with the settings on Receive connector "MAIL\Client Frontend MAIL". Receive connectors assigned to different Transport roles on a single server must listen on unique local IP address & port bindings.
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.SetReceiveConnector.InternalValidate()
   at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
   at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

When I try to re-run the setup, it fails at the same spot. I can't use the ECP nor the Shell to remove the Receive Connector (it is just a receive connector for the MFP).

Is there any way to remove this receive connector with Powershell not working?

(It looks like this is the problem: http://exchangemaster.wordpress.com/2014/01/24/incorrectly-adding-new-receive-connector-breaks-exchange-2013-transport/ but since I can't get a shell to run in this failed upgrade state I can't take the recommended fix nor just remove the connector.)

After fresh installation of exchange 2013 I am not seeing Exchange Management shell EMS and EAC is redirecting to OWA

June 4, 2014, 9:11 am
$
0
0
I am trying to upgrade my Exchange 2010 environment to exchange 2013. I was able to install exchange 2013 on a VM running windows 2012 R2 without any errors, however after installation I am not able to login to Exchange admin center as it keeps redirecting to OWA and I am not seeing Exchange management shell.

Exchange 2007 mailbox database growing in size 400MB everyday

June 5, 2014, 12:00 am
$
0
0
Hi,

Mailbox database is getting bigger and bigger.. now it is 130GB,

white space is only 500MB so offline defrag won't help much.

How can I stop database from growing everyday? it grows 400MB everyday..

"There are more results available than are currently displayed" When selecting domain OU

June 4, 2013, 6:26 am
$
0
0

Hello,

I have an organization with a mix of Exchange 2007, Exchange 2010 and Exchange 2013 CU1.

When, via Exchange 2013 ECP, I try to, for example, create a distribution group, and try to select the OU in which I want to create that distribution list, I cannot see all OUs (there are several domains but I can only see some OUs of each domain). At the top of the window it is open when trying to select the desired OU, I can see the following message "There are more results available than are currently displayed", but there is no option there for changing it and to see all of then, such as when you're displaying recipients.

Does someone know if it can be changed, and how?

Thank in advance,

BR, Juan

Migrating Mixed E2K3/E2K7 Org to E2013 SP1 Greenfield Org w/Shared Namespace - Source to Target Delivery Probs

June 6, 2014, 8:16 am
$
0
0

I'm currently migrating AD Forest/Org A with mixed E2K3 (SP2) & E2K7 (SP1) into Separate AD Forest/Org B with E2013 SP1.  Most all MBs are still on 2K3.  SMTP Domain will not change so this will be a 'shared namespace' scenario.  Note that the new AD/Exch is a greenfield and trusts have been created/validated and DNS resolution via 2ndary zones on each side is working.

I’ve searched/dug reviewed and found all of the 2003-2013 KBs for handling the shared namespace but I think my scenario is not ‘standard’ because of the mixed source environment (maybe…)

SOURCE:

4 E2K3 servers – not true FE/BE config.

2 E2K7 Servers (1 CAS, 1 MBX)

TARGET: 

2 2013 CAS Servers – DNS Round Robin

4 2013 MBX Servers

Mail flow from 2013 to source org MBs (both 2K3 & 2K7) works fine via 'accepted domain', send connectors, etc.  However, my problem is with flow from 2K3/2K7 into 2013 target org.  When I reply back to the 2013 MB (or send to another known good in 2013), I get the 5.1.1 ‘e-mail account does not exist…’ NDR. 

I've modded the 2003 default recipient policy to make the shared namespace nonauthoritative for source org, assigned another domain as authoritative, & created the SMTP connector to 2013 for the shared domain namespace.  I also reset the shared namespace as the Primary SMTP in the default recipient policy due to the requirement that all new & existing users continue to be able to send/receive with our internet domain.

However, despite the org-level changes in 2K3, in 2K7 the shared namespace still shows up as authoritative.  Next, when I change the shared domain in 2K7 from authoritative to internal relay, the queues start filling up (either via the SMTP connector to 2013 or the outgoing internet queue).  Changing things back in 2K7 to authoritative allows the queues to empty out and mail to be delivered again.  Also, when I change the domain setting back in 2K7, the domain settings on the 2K3 recipient policies are reset back to authoritative as well!  

How do I handle this mixed/inconsistent configuration in my source/legacy environment?  Recipient policies have not been upgraded in the legacy environment to E2K7 yet, BTW.  Do I need to change things in both 2K3/7, or only manage things from one side?  If so, what and/or which one?  Since mail is being sent from 2013 into 2K3 (per the send connector) and arriving in both 2K3 & 2K7 mailboxes, is this even the issue?  I’m not sure where to go with this.

Thanks

John


MAPI_E_FAILONEPROVIDER == 0x8004011D when accessing public folders using mfcmapi

June 11, 2014, 6:38 am
$
0
0

I seem to be getting this error when selecting the public folder in mfcmapi. I'm using the Feb 2014 release of mfcmapi.

Code: MAPI_E_FAILONEPROVIDER == 0x8004011D
Function CallOpenMsgStore( lpMAPISession, (ULONG_PTR)m_hWnd, lpEntryID, ulFlags, (LPMDB*)lppMAPIProp)
File MainDlg.cpp
Line 437

I can access the private mailbox without issue using mfcmapi, but the public folders I'm not able to. This problem is causing my backup software not to do document level backups. So I need to resolve this issue.

Also, if I create another user and give them the same access as administrator, the new user cannot access both the private mailbox nor the public mailbox when using mfcmapi so it must be a rights issue, but I can't find where it is!

Any idea's would be appreciated.

Thanks

UpdateMovedMailboxPermanentException has occurred.

June 11, 2014, 1:34 am
$
0
0

Hi members,

I cannot move mailboxes from Exchange 2007 CCR to Exchange 2013 sp1 mailbox server.I have the following error

UpdateMovedMailboxPermanentException has occurred.

My Exchange 2007 CCR was running on 2007 sp1 .Here is what I had done to migrate

Upgrade present Exchange 2007 sp1 to sp3
Apply rollup 10.
Started with Installation of new exchange 2013 sp1 on windows server 2012 r2 using setup.exe
The installation went smooth with no errors.

Iam able to open EAC and view all the exchange objects but unable to move mailboxes from 2007 to 2013.
Cannot create new mailbox from EAC.

I did not run the following

setup /PrepareLegacyExchangePermissions 
setup /PrepareSchema 
setup /PrepareAD 

I run the setup directly from setup.exe GUI and was successful in completing the wizard with no errors

Appreciate if someone can help me with this issue.

Regards               

Search

Exchange Cutover Migration Mailbox limit

June 11, 2014, 7:34 am
$
0
0

Greetings,

In the Microsoft documentation says:
You can migrate a maximum of 2,000 mailboxes from your on-premises Exchange organization to Exchange Online using a cutover migration. This migration method only moves mailboxes, mail users, mail contacts, and mail-enabled groups. 

But in the EAC migration console when I select cutover migration it says the limit is 1000 mailboxes

I need to validate if the limit is 2000 mailboxes or 1000, and also if I can migrate more than 1000 mailboxers without issues even when EAC says the maximum is 1000.

Thanks in advance for the help!

New install no send no receive exchange server 2013

June 10, 2014, 7:44 pm
$
0
0

new server 2012 domain controller, new forest and new Exchange server all clean fresh builds

I can create mailboxes and log in to OWA

connectors for sending were not automatically created

no mx record found in DNS so I added it

checked bindings for DNS to NIC

no joy

so where do I start to make sure all pieces are working ok?

David Sheetz MCP

How do you remove duplicate SID's when ntdsutil can't find them?

June 10, 2014, 5:20 pm
$
0
0
Trying to do a clean install of Exchange 2013 (old Exchange 2003 crashed and not recoverable).  3 DC's.  The Master is running Server 2008 R2 and the other 2 are running 2003 R2.  The new Exchange Server is running Server 2012.

When installing Exchange 2013 /prepareschema ran fine.  When trying /prepareAD it always ends with this error:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.NOUVEAUEYEWEAR>g:\setup.exe /prepareAD /OrganizationName:
Nouveau /IAcceptExchangeServerLicenseTerms

Welcome to Microsoft Exchange Server 2013 Service Pack 1 Unattended Setup
Copying Files...
File copy complete. Setup will now collect additional information needed for
installation.

Performing Microsoft Exchange Server Prerequisite Check

    Prerequisite Analysis                                     COMPLETED
 Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareA
D'. No Exchange 2007 server roles have been detected in this topology. After thi
s operation, you will not be able to install any Exchange 2007 servers.
 For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms
.exch.setupreadiness.NoE12ServerWarning.aspx

 Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareA
D'. No Exchange 2010 server roles have been detected in this topology. After thi
s operation, you will not be able to install any Exchange 2010 servers.
 For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms
.exch.setupreadiness.NoE14ServerWarning.aspx


Configuring Microsoft Exchange Server

    Organization Preparation                                  FAILED
     The following error was generated when "$error.Clear();
          $createTenantRoot = ($RoleIsDatacenter -or $RoleIsPartnerHosted);
          $createMsoSyncRoot = $RoleIsDatacenter;

          #$RoleDatacenterIsManagementForest is set only in Datacenter deploymen
t; interpret its absense as $false
          [bool]$isManagementForest = ($RoleDatacenterIsManagementForest -eq $tr
ue);

          if ($RolePrepareAllDomains)
          {
              initialize-DomainPermissions -AllDomains:$true -CreateTenantRoot:$
createTenantRoot -CreateMsoSyncRoot:$createMsoSyncRoot -IsManagementForest:$isMa
nagementForest;
          }
          elseif ($RoleDomain -ne $null)
          {
              initialize-DomainPermissions -Domain $RoleDomain -CreateTenantRoot
:$createTenantRoot -CreateMsoSyncRoot:$createMsoSyncRoot -IsManagementForest:$is
ManagementForest;
          }
          else
          {
              initialize-DomainPermissions -CreateTenantRoot:$createTenantRoot -
CreateMsoSyncRoot:$createMsoSyncRoot -IsManagementForest:$isManagementForest;
          }
        " was run: "Multiple objects with Sid S-1-5-21-1409082233-329068152-8395
22115-513 were found.".


The Exchange Server setup operation didn't complete. More details can be found
in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.


The SID belongs to the Domain Users Group .
NOUVEAUEYEWEAR  Domain Users                                    S-1-5-21-1409082233-329068152-839522115-513

NTDSUtil check duplicate SID finds nothing.

LDP.exe only finds the Domain Users.

Anyone have any help on this?

CAS 2013 on the DMZ? and best practices

June 11, 2014, 4:25 pm
$
0
0

I'm upgrading our organization from Exchange 2010 to 2013.  Right now we're using Forefront TMG as a bridge between internet clients and the CAS 2010, and I'm noticing TMG is not available for Exchange 2013.  Does this mean the 2013 CAS is prepared to interact directly with internet clients?  If so, what's the best practice? 

Right now Forefront TMG and a couple other edge servers (Lync Edge, Edge Transport) are dual-horned, with the internet-facing adapters resting in our DMZ.  That gets routed via our firewall to the internet.  Should the 2013 CAS also be dual horned?  Or should the firewall route directly to the CAS's internal IP? 

The CAS will need to service both internal and external clients.  For now I'm only going to have one CAS, though once I decommission Exchange 2010 I might bring up a second.  We have no NLB installed and have no immediate plans for one.

Any links Best Practice whitepapers and such would be appreciated.  A simple Google search doesn't return very satisfactory results.

----------- Ron E Biggs Network Administrator Entertainment Studios

can't recover exchange 2013 server using recoverserver switch

May 31, 2014, 7:09 pm
$
0
0

CU5 crashed while installing on one of our 4 DAG members.  I was able to coax it back to life with some manual steps and doing a repair of sp1, but was unable to get cu5 to install or to cleanly uninstall sp1 despite repeated tries.

Finally I decided to rebuild it and use recoverserver (after removing database copies and removing it from the DAG).  I built a new server with the same name, reset the AD account, domain joined it, and then ran the /recoverserver switch.  But I get this error every time:

"Can't specify installation mode because no Exchange Server is installed on this machine. Install Exchange Server."

Viewing all 7008 articles
Browse latest View live
Search