Monday, July 23, 2007

How to: Fix Background Cleanup Errors

During my morning checks of the servers I run the command Test-Systemhealth on my Microsoft Exchange 2007 server and I was getting the error "The 'Background Cleanup' value for mailbox store '[Mailbox Store Name]' on Server '[Exchange Server Name]' is missing. This will cause mailbox size discrepancies.

To fix this I found a Microsoft Technet Article "Background Cleanup interval for a mailbox store is missing". It supplies an easy fix for my problem.

Open a registry editor, such as Regedit.exe or Regedt32.exe.
Navigate to: HKLM\System\CurrentControlSet\Services\MSExchangeIS\\Private-

Create a DWORD value called Background Cleanup with value data of 60000 (decimal) or 0xEA60 (hexadecimal). Do this for each mailbox on the server.

Close the registry editor. To make the changes take effect, do one of the following:
Dismount and mount the affected information stores.
Restart the Microsoft Exchange Information Store service.

Thursday, July 19, 2007

552 5.3.4 Message size exceeds fixed maximum message size

If you are running Exchange 2007 and you are getting the above error message from users outside your organization there is a very simple fix.

Set-ReceiveConnector -identity "Default [SERVERNAME]" -maxmessagesize 20MB

That will double your receive limit from the internet. Now if you want to go bigger you could do:
Set-ReceiveConnector -identity "Default [SERVERNAME]" -maxmessagesize 1GB
but that is not recommened at all.
The available options for the size are: B (bytes), KB (kilobytes), MB (megabytes), & GB (gigabytes). The maximum you can do is 2GB and any unqualified sizes are treated as bytes.

If there are other options you want to change with your Receive Connectors check out Set-ReceiveConnector on TechNet.

Tuesday, July 17, 2007

Troubleshooting Tips: RPC over HTTP

While getting "Outlook Anywhere" to work in our Microsoft Exchange 2007 environment I had to do a little trouble shooting. Here are some things to look for if things are not working.

Make sure you are using Basic Authentication with the RPC proxy.
Triple check that Outlook Anywhere is enabled on the Microsoft Exchange 2007 server and that the RPC Proxy is installed.
Close Outlook and open it backup with the switch /rpcdiag (Start, Run, Outlook.exe /RPCDIAG).

Also since you are using Basic Authentication you must be using SSL. The SSL certificate must be trusted by the computer that is running Outlook, so I suggest it is a third party certificate that came from a reputable online source. You can only use self-signed certificates if all the computers that will be connecting to Outlook Anywhere are also part of the domain that created them.

Maybe I should do a complete series of how to's in regards to Outlook Anywhere and RPC over HTTP.

Wednesday, July 11, 2007

Microsoft Exchange 2007 Distribution Group Security

Today I found out that Distribution Groups within Microsoft Exchange 2007 have security placed on them that requires users to authenticate when sending emails to them. I understand having this feature, but I would argue against it being on by default.
With this setting on users outside your company cannot email to the distribution group. For some of my groups this is what I want. But for specific groups I want people outside my enterprise to be able to send them email.

To change this setting open up the "Exchange System Console" and go to the Recipient Configuration, Distribution Group. Then right click on the distribution group you wish to edit and choose properties. Next click the "Mail Flow Settings" tab and select the "Message Delivery Restrictions" and then hit the "Properites" button. On the "Message Delivery Restrictions" screen uncheck the "Require that all senders are authenticated" option and you will be all set.

To do all of the above from the "Exchange Management Shell" you can use the one-liner below.
Set-DistributionGroup -identity "DisplayNameOfDistributionGroup" -RequireSenderAuthenticationEnabled $False
It's really that easy.

When I first got my hands on Microsoft Exchange 2007 I did not like the idea of doing alot of things by the command line, but as time goes on I have found out that the Management Shell is a very powerful tool that every Exchange admin should learn how to use and fall in love with.

How to: Verify nessesary Microsoft Exchange services are running

Every monrning as part of my daily routine I check to make sure all the nessesary services are running for Microsoft Exchange 2007 to run properly and respond to client requests. In the past I have been opening the Services.msc and visually verifying that all of the services are indeed running. But today while I was looking over the list of CMDLETS I found my time saver, Test-ServiceHealth.
This command will test all of the services that should be running and report back what is and is not running. Since I keep the Exchange Management Shell open at all times I can quickly type this command and verify that way that everything is running as normal.

Complete List of Microsoft Exchange 2007 CMDLETS

Microsoft has a complete list of cmdlets you can use in the Exchange Management Shell. This list has come in handy when attempting to do something for the first time and not too sure where to start.

I would suggest anyone running Microsoft Exchange 2007 add this link to their favorites as it comes in handy often. Also if you are running OpenDNS on your network you could setup a OpenDNS shortcut to make it even easier!

Tuesday, July 10, 2007

How to: Update the Global Address List in Microsoft Exchange 2007

This is a simple one liner that you can use to update the default Global Address List when running Microsoft Exchange Server 2007. It should be noted that this can take a long time in a large enterprise so use with caution during normal business hours.

Update-GlobalAddressList -identity "Default Global Address List"

Bulk importing contacts from CSV to Exchange 2007

When doing a bulk import of contacts you can use the following Powershell command to read a CSV file.
Import-Csv contacts.csv | ForEach { New-MailContact -Name $_.displayName -Firstname $_.FirstName -LastName $_.LastName -ExternalEmailAddress $_.EmailNddress -OrganizationalUnit "YourDomain.Local/Contacts" }

For an excellent list of what else you can import with the New-MailContact command (everything after the "|" character) you can go to the linked web site.

As something I found out while trying to use this command you must have the same capitalization in _.Variable as you do for your column headers in the CSV file. Also you cannot have the CSV file open while you are doing your import.

Monday, July 09, 2007

How to: Recreate Outlook Web Access Virtual Directory in Exchange 2007

Last week after another round of Microsoft update I rebooted our Microsoft Exchange 2007 server. After the reboot Outlook Web Access was no longer working. I could see in Event Viewer a bunch of errors relating to .Net 1.1 and a few other DLL files relating to authentication.

After a lot of looking around online I figured out a few things.
You cannot install .Net 1.1 on the OWA server. OWA requires IIS to be running in 64-bit mode (x64), while .Net requires 32-bit mode (x86). So I un-installed the .Net framework since I didn't need it any how and rebooted.

Things still where not working, so I tried to delete the Virtual Directory right from the IIS admin screen. That didn't work so I restored the Virtual Directory from a back up I had made right before (Trust me this is always a good idea!).

I also found out that with good examples and the proper references that the new PowerShell interface for Exchange is very powerful. However I am still looking forward to Exchange 2007 SP1 when Microsoft brings some things missing from the GUI back.

Today I found the proper way to recreate the Virtual Directory.
Step one is to view all of the Virtual Directories on the server.
Get-OwaVirtualDirectory will display a list of all the Exchange Virtual Directories on that server. The one you are looking for here is "OWA (Default Web Site)" on a default install.

Step two is to remove the default OWA Virtual Directory with:
Remove-OwaVirtualDirectory -identity "owa (Default Web Site)"

The next step is to recreate the OWA Virtual Directory with:
New-OWAVirtualDirectory -OWAVersion "Exchange2007" -Name "owa (Default Web Site)"

Now go into the Exchange 2007 Management Console and setup the correct internal and external URLs and any other settings you may have changed the first time around. One of the changes I recommend is on the "Authentication" tab the Logon Format for Forms based authentication to "User name only" and then setting the domain. This will make it easier for your users to login by not having to remember the domain or typing domain\username.

It's ALIVE!

I see that I haven't posted in a good long time (almost a month.) And that is because I have been busy getting our Microsoft Exchange 2007 server up and running.

It's been a busy week since we went live and I have learned a lot about Exchange and email in general. I have some hints and tips to post about things that can go wrong, and more importantly how to fix them when they do go wonky.