Pop3, you don’t see it very often these days but sometimes you will have to use it. Most times this is for legacy applications or applications which can’t work with the Exchange MAPI.

The pop3 connector has several options which can be configured, for example the banner which is displayed when making a connection to the server. This message may not be changed very often but when looking at the authentication method or the retrievel settings then you might make some changes to them.

After making the necessary changes you will need to restart the pop3 service, either via the services MMC or via the command net stop MSExchangePop3 followed by net start MSExchangePop3. In an environment where you only have one domain controller this will work. But in an environment where you have multiple domain controllers this might take a while, despite you restarted the pop3 service.

The reason for this? Settings for the pop3 connector are stored in the Active Directory. You can find them in the configuration partition of AD in the following folder:

CN=Services, CN=Microsoft Exchange, CN=Administrative Groups,CN=Exchange Administrative Group  (FYDIBOHF23SPDLT),CN=Servers,CN=CASServer,CN=Protocols,CN=Pop3,CN=1

When you get the properties of the object you will see the settings of the pop3 connector:

So keep in mind that if you change the pop3 settings in an environment with multiple DC’s it might take a while before the changes are applied.

Gepost in Exchange ~ Geen Reactie

Opening a calender from another user using OWA is not a very hard proces, when you have enough permissions you can easily open the other users calender. But what if you would like to do this via OWA?  This depends on the Exchange version you are using, let’s start with Exchange 2003:

http://ex01.company.om/exchange/johan/calender

In Exchange 2003 you can do this by specifying the url which is used to open but add the following part to the url username/calender. In this case we will open the calender of johan.

For both Exchange 2007 and 2010 you will need to use another method. This is because both the OWA from 2007 and 2010 are using web-parts to build the OWA. In Exchange 2007 and 2010 you will have the option to open another users mailbox followed by the calender, backside from using this is that you will need full mailbox access, this is not what you want in all scenario’s. To open a calender directly use the following syntax:

https://owa.company.com/owa/johan@domain.com/?cmd=contents&module=calendar

Almost the same as 2003 only the last part has changed to username@domain.com/?cmd=contents&module=calender. Besides this way there are a few other options which you can use in Exchange 2007 and 2010 to display the calendar, below an overview:

https://owa.domain.com/owa/johan@domain.com/?cmd=contents&f=calendar&view=dialy

The above command will open the calender folder by using the f parameter which makes it possibly to open a specific folder in a mailbox. Using the view parameter we will specify how we want to display the calender, when you don’t specify this it will be opened using the dialy view standard. The command above will do exactly the same, open the calender using the dialy view.

https://owa.domain.com/owa/johan@domain.com/?cmd=contents&f=calendar&view=weekly

This command will open the calender using the weekly view.

https://owa.domain.com/owa/johan@domain.com/?cmd=contents&f=calendar&view=monthly

And as last option this command will open the calender view using the monthly view. At least you may think this was the last one there is one other possibility:

https://owa.domain.com/owa/johan@domain.com/?cmd=content&f=calendar&view=daily&d=10&m=26&y=2010

This will open the calendar using the dialy view and will open it on the 26th of October 2010.

Gepost in Exchange ~ Geen Reactie

Microsoft has released security updates for Exchange 2000 SP3, Exchange 2003 SP2, Exchange 2007 SP1/SP2 and Exchange 2010. For both Exchange 2007 and 2010 this security fix is  included in a rollup. For Exchange 2007 SP1 this is the 10th rollup, for Exchange 2007 the 4th and for Exchange 2010 the 3rd.

The update applies a fix to the Windows SMTP service because of a vulnerability which was recently found. This made it possible to perform a DOS attack on the Windows SMTP service.

Below you will find the links to the patches and a link to the security bulletin which has been published about this  vulnerability.

Exchange 2000 SP3: open
Exchange 2003 SP2: open
Exchange 2007 SP1: open
Exchange 2007 SP2: open
Exchange 2010: open
Microsoft Security Bulletin MS10-024: open

Gepost in Exchange ~ Geen Reactie

Sometimes you may have the discussion if it is supported to place these files on fileserver so they can be accessed via a LAN/WAN connection. The answer for this is no, it isn’t officially supported by Microsoft. But when you will try it in your environment it will work, so what are the reasons it isn’t supported?

The PST, OST and PAB files will be accessed by a method called file-access-driven. With this method special file access commands will be offered by the OS to read and write files. For writing files to local disks this is an excellent method but when writing to a fileserver via a LAN/WAN another method is used. This method is called network-access-driven and uses specific command from the OS to send/receive data from/to other systems which are connected to the network.

But what does Outlook when a PST is located on the network? Outlook will first try to use the file-access driven commands to read/write to the file. Because the file is not on the local disk but on the network, the OS will send the network-access-driven commands to the server where the file is located.

This will cause a lot of time  for the process to be completed because of all the extra steps.

Besides the performance issues you might  get there are some other things which you should keep in mind:

• files can get corrupted caused by network issues
• writing- can take 4 times longer then read actions

If you want to get more information after reading this have a look at the sides below:

Ask the Performance team: Network stored PST files …. don’t do it! open
Configuring Outlook for Roaming Users open

Gepost in Exchange ~ Geen Reactie

Because Microsoft hasn’t released the new version of the Exchange Supportability Matrix I decided to create my own updated version. This “new” version is created using the information found on Technet. If your missing something please let me know so I can update it:

Release Model

Supported Operating System Platforms

* only for Exchange Management Tools
** only for Exchange 2000/2003 System Manager
*** only with Exchange 2003 System Manager for Windows Vista

Supported Active Directory Environments

* Only Rollup 9 or higher for Microsoft Exchange Server 2007 Service Pack 1, or later

Supported Web Browsers

* Requires Update Rollup 6 for Microsoft Exchange Server 2007 Service Pack 1
** Requires the hotfix that is described in Knowledge Base article 963664
*** Requires the hotfix that is described in Knowledge Base article 911829
**** Safari 3.1 only for Mac OS

Supported Web Browsers for using with smime

* Hotfix Knowledge Base article 963664 required
** Rollup 8 voor Exchange 2007 SP1 required
*** Hotfix Knowledge Base article 924334 required

Supported clients

* Enable encryption on Outlook profile
** WebDav: Contacts, Events, IMAP: Mail
*** WebDav
**** Rollup 4 for Exchange 2007 SP1 required

Supported .NET versions

* .NET Framework 2.0 Post-RTM Rollup required
** Only applicable when upgrading from .NET 2.0
*** .NET Framework 3.5 and 3.5SP1 contain the supported .NET versions

Supported Powershell versions

Supported MMC

Supported Windows Installer

Gepost in Exchange ~ Geen Reactie

Microsoft Exchange couldn’t start transport agents. The Microsoft Exchange Transport service will be stopped. This is one of the errors you may get when you’ve got a corrupted transport agent. This can cause that the transport service won’t start anymore as you can see in the example, which causes that the mail traffic will stall.

There are two solutions for this issue

- remove the transport agent
- disable the transport agent

The first method maybe is the best method because you have a corrupted agent on your system which you don’t want. To remove the agent execute the following Powershell command:

Uninstall-TransportAgent “Name of the Agent”

If you would like to do some more research you may decide to temporarily disable the agent, this can be done by using the following Powershell command:

Disable-TransportAgent -Identity “Name of the Agent”

When you solved the issue you can enable the agent by using this command:

Enable-TransportAgent -Identity “Name of the Agent”

If you would like to have more information then have a look at the site below:

Technet: Transport Agent Cmdlets open

Gepost in Exchange ~ Geen Reactie

As Exchange 2010 is general available it may be nice to see the current effectiveness of Single Instance Storage on your current databases. It’s always nice to know what will happen if you will not be using Single Instance Storage anymore, in Exchange 2010 this is the case.

You can measure this by using the counters which will be added during the installation of Exchange, you will find them in the Performance Monitor under the objects:

• MsExchangeIS mailbox
• MsExchangeIS public

When the object is selected you will find the counter called Single Instance Ratio. Add it to perfmon en keep an eye on the statistics or save the results to a log file which can be investigated later.

Gepost in Exchange ~ Geen Reactie

Starting from Exchange 2010 Microsoft will not use single instance storage anymore. But what did single instance storage do and what are the pro’s/cons of it?

Single instance storage has been a part of Exchange since Exchange 4.0 and is a part of it until Exchange 2007 and did not change very much. Single instance storage will allow a message which has been sent to 50 users will be saved one time per mailstore. Exchange will place a pointer in the other mailboxes which point to the original message, this is applied both to the message and the attachment. Since Exchaneg 2007 Exchange will only apply SIS on the attachments. This will not be applied if  Exchange is upgraded to 2007 from Exchange 2000/2003. In this case it will apply SIS on both the message and attachment if the following statements are true:

• the mailboxes must be kept together in the new database
• a transistion instead of a migration is done to Exchange 2007

You may think, why is Microsoft not using SIS anymore in Exchange 2010?  The reason for this is quit simple, storage is cheaper nowadays. One of the benefits of SIS was that you need less space on the storage environment, one of the con’s was that it took more IOPS. Today the focus is more on reducing the IOPS instead of reducing the disk-capacity.

Below some usefull links:

Technet: understanding single instance storage open
MsExchange Team: single instance storage in Exchange 2007 open
Harold Wong’s Blog site: Exchange 2010 archiving and retention open

Gepost in Exchange ~ Geen Reactie

As you may already know Exchange does a discovery to find the domain controllers  in the AD. When you have a look at the application event log you will see events with the source MsExchange ADAccess and Event id 2080. This event will be seen every 15 minutes, this because the check is performed every 15 minutes.

The event can contain the following info:

Event Type: Information
Event Source: MSExchangeDSAccess
Event Category: Topology
Event ID: 2080
Computer: Ex01
Description:
Process MAD.EXE (PID=1808). DSAccess has discovered the following servers with the following characteristics:
(Server name | Roles | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
dc01.domain.com  CDG 7 7 1 0 0 1 7 1
dc02.domain.com  CDG 7 7 1 0 1 1 7 1

Out-of-site:

For more information, click http://search.support.microsoft.com/search/?adv=1.

Nice all those shortnames and numbers but what do they mean:

• servername, the first column contains the servername of the domain controller
• roles, which roles does the domain controller fullfill: C the domain controller will be used as a configuration domain controller, D a domain controller and G a domain controller which is also a global catalog server. When seeing a – this means that the role is not fullfilled by the domain controller
• reachability, each 15 minutes a connection is made to the server. When the server fullfills the role of global catalog server it tries to connect on port 3268,  when this succeeds the value 0×1 will de displayed. When a connection can be made to port 389 the server knows it is a domain controller and will display the value 0×2. When the server is also a configuration domain controller again a connection is made to port 389. If this succeeds it will get the value 0×4. When a server fullfills multiple roles all values will be added up, for example when a server fullfills 3 roles: 0×1+0×2+0×4=0×7.
• synchronized, when the isSynchronizedflag is set on the rootDSE of the domain controller this value will be set to true. The values in the column are used in the same way the are used in the collumn reachability.
• GC capable, is the domain controller also a Global Catalog Server
• PDC, is the domain controller also the PDC for the domein
• SACL right, are the rights correct for DSAccess to read the SACL
• Critical Data, this will tell you if DSAccess found the Exchange Server in the configuration partition of the domain controller.
• Netlogon Check, can a connection be made to the netlogon server of the domain controller
• OS version, when this value is 1 it will tell you the domain controller has a OS which is Windows 2003 Service Pack 3 minimal.

It may happen that you don’t want to use a specific domain controller. But how can you configure this ?

You can do this with the command: set-exchangeserver -identity exchange.domain.com -StaticExcludedDomainControllers dc.domain.com

When you would like to specify the configuration domain controller, domain controller(s) and global catalog server(s) yourself use the following command: set-exchangeserver -identity exhange.domain.com -StaticConfigDomainController dc01.domain.com -StaticDomainController dc01.domain.com,dc02.domain.com -StaticGlobalCatalogs dc01.domain.com

Technet set-exchangeserver open

Gepost in Exchange ~ Geen Reactie

As Exchange 2010 is almost there you may got the question from which version of Exchange can I upgrade to 2010 and which versions can run besides each other. Below an overview of this and the prerequisites you must met:

When you would like to have more info after having a look at the table have a look at the sites below:

Exchange 2007
Upgrading to Exchange 2007 open
Coexisting with Exchange Server 2003 and Exchange 2000 Server open

Exchange 2010
Planning Roadmap for Upgrade and Coexistence – Exchange 2003 open
Planning Roadmap for Upgrade and Coexistence – Exchange 2007 open

Gepost in Exchange ~ Geen Reactie