Friday, October 28, 2011

Outlook Cached Exchange Mode

Cached Exchange Mode is the process of when 2003/2007/2010 downloading a copy of the users mailbox and storing it locally on their workstation. This means all emails opened by the user from there onwards does not hit the Exchange servers significantly reducing load.

Many clients however still disabled cached Exchange mode on their users workstations. When asking them "why", their answer is always:

Because we need the user can access the most updated address book when they click the global address book.

If your company has this requirement this doesn't mean you need to disable Cached Exchange Mode. You can configure a registry key on your clients to simply keep the address book in online mode.

For more information on this key for Outlook 2003/2007/2010 please see:

http://support.microsoft.com/kb/841273

Generally the only time you want to disable cached exchange mode is if your users run on a terminal services or Citrix shared environment where you do not want a copy of EVERY users mailbox downloaded and stored locally on the terminal server!

Outlook does not Redirect to Exchange 2010 SP1 CAS Array

Problem:

You have a single Exchange 2010 SP1 server "Ex2010.domain.local" running HT, MBX and CAS roles. You move a mailbox from the Exchange 2010 SP1 install to a new Exchange 2010 SP1 CAS Array installation "CASArray01.domain.local".

Outlook 2003, 2007 and 2010 will still points at the mailbox "Ex2010.domain.local", it will not automatically update and point at "CASArray01.domain.local". This is because the RPC CA service doesn't respond with a "ecWrongServer" like previous versions of Exchange did.

Microsoft is aware of this issue however their is no easy resolution in terms of a little code tweak.

How do I prevent this from happening:

Microsoft has been telling customers for a long time to always create a CAS Array even if they have one server - they need a one server array. If all servers single servers were setup in an Array from the beginning this problem would not exist.

Is there a way to force all Outlook clients to automatically perform a full re-autodiscover and attach to the new server?

Yes - if you remove the "Host A" record from DNS for the old Exchange 2010 server old Exchange 2010 server "Ex2010.domain.local" the Outlook clients should do a full re-autodiscover and attach to the new CAS array "CASArray01.domain.local" automatically.

This however is generally impractical especially when you want to stage your mailbox move slowly instead of attempt the big bang approach where all mailboxes are moved in one hit. For small server migrations this is a workable solution.

Is there another work around other then removing a Host A record from DNS?

Yes - create a PRF (Outlook Profile) configuration file to automatically update Outlook to point to the new server. You will need to script this out to ensure it automatically runs on all workstations.

http://technet.microsoft.com/en-us/library/cc179062.aspx

Please look at this article for information on pushing these settings via Group Policy or Script:

http://www.howto-outlook.com/howto/deployprf.htm

Monday, October 17, 2011

An IIS directory entry couldn't be created. The error message is Access is denied.

Today while building a new Exchange 2010 environment I noticed a problem where Exchange servers were able to access themselves but not other Exchange 2010 servers in the same organisation.

The error I received when my powershell attempted to connect to another Exchange 2010 server was:

An IIS directory entry couldn't be created. The error message is Access is denied.
. HResult = -2147024891
+ CategoryInfo : NotInstalled: (DEVDREXCH171\EWS (Default Web Site):ADObjectId) [Get-WebServicesVirtualDirectory], IISGeneralCOMException
+ FullyQualifiedErrorId : E2E22D81,Microsoft.Exchange.Management.SystemConfigurationTasks.GetWebServicesVirtualDirectory




The problem was the Microsoft Exchange Security Groups\Exchange Trusted Subsystem group was no longer a member of the local admins on the Exchange 2010 servers. The customer was setting local admin on servers via Group Policy. When policy refreshed it removed any Exchange 2010 specific groups from the local administrators.

UAC Beware with Update Rollups

Beware of user account control (UAC) when installing update rollups for Microsoft Exchange 2007/2010. It will cause your update to fail!

If you get the following error it is most likely because of UAC.

Setup Wizard for Update Rollup 5 for Exchange Server 2010 Service Pack 1 (KB2582113) ended prematurely.

Setup Wizard for Update Rollup 5 for Exchange Server 2010 Service Pack 1 (KB2582113) ended prematurely because of an error. Your system has not been modified. To install this program at a later time, please run the installation again.

To exit the Setup Wizard, click Finish.




So what is an easy way to install the update without having to turn UAC off? Run a command prompt as administrator and launch the msp from command line.

Sunday, October 16, 2011

Do I need to install update rollups in order for Exchange 2010?

Today I'm going to answer a simple question I get asked all the time. You have just setup a new Exchange 2010 SP1 server. As of this writing we are currently up to Exchange 2010 SP1 Update Rollup 5.

Do we need to install Update Rollups 1 through to 5 in order?

The answer is no. Exchange Update Rollups are cumulative. Cumulative means it contains all previous hotfixes. Exchange 2010 Update Rollup 5 also contains update rollups 1-4.

You only need to install the latest service pack followed by the latest update rollup.

For a list of update rollups and build numbers please see the following link:

http://social.technet.microsoft.com/wiki/contents/articles/240.exchange-server-and-update-rollups-builds-numbers.aspx

Sunday, October 9, 2011

#< #5.6.1 smtp;554 5.6.1 Body type not supported by Remote Host> #SMTP#

One of my customers has just finished migrating their user mailboxes from Exchange 2003 to Exchange 2010. After the migration of users my customer experienced a weird NDR (Non-Deliverable Report). This NDR was generated when an Exchange 2010 mailbox user emailed a mail enabled distribution groups containing a mail enabled contact object in Active Directory.

This problem only occured for a select few distribution groups. The NDR received was:

#< #5.6.1 smtp;554 5.6.1 Body type not supported by Remote Host> #SMTP#

The Exchange server generating the NDR was one of the old Exchange 2003 servers. Now why would Exchange 2010 be delivering this email to Exchange 2003? This gave it away. Straight away I looked to see if there was an Expansion Server configured for the distribution group. Yes there was - it was pointing at one of the old Exchange 2003 servers. I simply removed the Exchange 2003 server as an expansion server for the distribution group.

To view if your group has an expansion server configured, go to the properties of the distribution group in Exchange Management Console and click the Advanced tab.



To view if any of your other distribution groups have expansion servers configured for Exchange 2003, use the following powershell command in Exchange Management Shell.

Get-DistributionGroup | fl Name, ExpansionServer

What is an Expansion Server?

Expansion servers route messages that are sent to a single distribution list or group for each of the recipient objects in that list or group. When a user sends a message to a group, the Exchange server that is acting as the expansion server expands the group to its individual members. This expansion permits members of the distribution list or group to receive the message. An expansion server also resolves the names of all recipients in the distribution list or group, and then determines the most efficient path for routing the message.

You configure which hub transport server or Exchange 2000/2003 server you wish to use as your expansion server on the distribution group.

If you do not designate a specific server as the expansion server that expands a message that is sent to a group, the first server that the message is submitted to expands the group, and then sends the message to all of the destination servers.

NOTE: There is a drawback to setting a specific server as the expansion server for a group. If that server is down, no members of the distribution group receive the message.

[Fixed] Can't Insert Page Number Microsoft Word

A customer of mine experienced a weird issue where they were unable to insert a page number in Microsoft Word 2007. When they went to insert page number in Word they received "Save Selection to Page Number Gallery".



After using system internals process monitor I discovered that Word references a file called "Building Blocks.dotx" to create the page number.

On Windows XP/Server 2003 this file is located under:

C:\Documents and Settings\username\Application Data\Microsoft\Document Building Blocks\1033

In Vista/7/2008 this file is located under:

C:\Users\username\AppData\Roaming\Microsoft\Document Building Blocks\1033

I copied Building Blocks.dotx from another computer with Word 2007 installed replacing the file in my user profile. This resolved my issue.

Note: I believe that this resolution will also work for Word 2010.

Offline Address Book 0x80190197

Issue: when Outlook 2007/2010 attempts to download the offline address book via CAS Web Distribution the following error is recieved:

Task 'Microsoft Exchange' reported error (0x80190197) : 'The operation failed'



This error occurs when Outlook attempts to download the offline address book through a proxy server. This is heavily identified... please see:

http://support.microsoft.com/kb/939765

However today I found another scenario which produces exactly the same error. My clients internally download the OAB through HTTP and externally they download the OAB via HTTPS.

In IIS7 go to the OAB Virtual Directory and click SSL Settings.



Untick Require SSL as internal clients are trying to download the OAB without SSL encryption.



Apply the settings.

Thursday, October 6, 2011

Determine if binary is 32bit or 64bit?

Now that there are 16bit, 32bit and even 64bit binaries around for different processor and operating system platform types we need an easy method for determining which machine architecture a binary has been compiled for.

I found a neat little tool called MiTeC EXE Explorer which does exactly that and more. This tool was developed by a guy named Michal Mutl. Michal has developed all sorts of system admin tools... please visit his website at http://www.mitec.cz/.

MiTeC EXE Explorer is such a great little tool as it does not require installing, its a portable executable which can be executed on any server or workstation within your organisation. It is also completely free.

This is a third party non Microsoft tool however you can feel save executing it on your enterprise environment knowing it will not perform unknown miscellaneous activities as the tool received the Softpedia 100% clean award.

To download MiTeC EXE Explorer please visit http://www.mitec.cz/exe.html.

Here is a screenshot of the tool in action:

Sunday, October 2, 2011

The Exchange server for the database object wasn't found in Active Directory Domain Services

Today when working on a customers Exchange server I had an interesting problem. When I ran the Get-PublicFolderDatabase command I received the following error:

The exchange server for the database object "Public Folders" wasn't found in Active Direcoty Domain Services. The object may be corrupted.



I opened the configuration partition with ADSIEdit. Under Services --> Microsoft Exchange --> Exchange Org Name --> Administrative Groups --> Exchange Administrative Group --> Databases I had two public folder databases, 0261515011 and 0931127523. My Exchange 2010 server had a database associated with 0261515011. There was no database associated with 0931127523.

To resolve the issue I deleted 0931127523 with ADSIEdit.