Archive for Exchange

Long Live Exchange Public Folders!

Back in 1996, Microsoft introduced Public Folders as a replacement for social aliases, and was “designed from the ground up to enhance group collaboration applications” (per this Lane Severson blog post)

By the time that Exchange 2003 was released (13 years ago!), however,  the rumors that public folders would be discontinued in a future release of Exchange were swirling around. Take for instance this WindowsIT Pro post from 2004:

The handwriting has been on the wall for public folders for a year or two. I first heard a Microsoft speaker strongly discourage use of public folders at the MEC 2002 conference. An administrator who attended the same session was in a state of near panic because her university has thousands of public folders in active use.

In a TechRepublic 2010 post it was declared that public folders would probably be gone by Exchange 2013:

Since before the release of Exchange 2007, Microsoft has been telling us that public folders will eventually be discontinued. This hasn’t happened just yet though. Public folders are alive and well in Exchange 2010. Even so, public folders probably won’t be supported in the next version of Exchange.

So here we are in 2016, and guess what? Not only are public folders still around, Microsoft has decided that “public folders are great” per this Microsoft Technet FAQ:

No. Public folders are great for Outlook integration, simple sharing scenarios, and for allowing large audiences to access the same data.

And on February 1, 2016, Microsoft announced they will be increasing the number of public folder mailboxes in Exchange 2016 from 100 to 1,000!

Happy 20th birthday to Public Folders!

Setup BlackBerry Priv for Exchange Email

I have a customer that still uses Blackberry phone with their SBS 2011 server with Exchange 2010. Their previous BlackBerry 10 connected up with no problems to Exchange and ActiveSync several years ago. The owner recently replaced his BB10 with a newer BB Priv.

When he went to configure his new phone to Exchange, however, it was asking him to install a SSL security certificate, which the previous phone did not require.

Listed below are the steps we took to get his phone connected to Exchange.

Two things to note before we begin:

  • The person with the phone needs to setup up an alternate email (such as GMail) on the phone before proceeding. The reason will become obvious below.
  • You need access to the SBS/Exchange server to export the SSL certificate, and then email the exported certificate file to the user

So, let’s get started

Part 1 – From the SBS/Exchange Server, create an exported PFX certificate file

  1. From the server, open up MMC from an administrator level command prompt
  2. Select to load the Certificates snap-in to the local Computer account.
    (Note: if you do not know how to do this process, see this Microsoft article for detail instructions)
  3. Drill down Certificates –> Personal –> Certificates and locate your SSL certificate from the middle pane
    image
  4. Right click on the certificate, then select All Tasks –> Export
  5. Click Next –> Click Yes, export Private Key –> verify PFX format is selected
    image
  6. Enter a password when prompted (keep it short – very short, like ‘abc’)
  7. Click browse to assign a filename and select a location to save the exported file

Part 2 – Send PFX file to user’s alternate mail account

  1. Now, you need to email the PFX certificate file you just created to the user, sending it as an attachment to the user’s alternate email account on his or her phone.
  2. How you do this is up to you – I’m sure you can figure out this step.

Part 3 – User creates Exchange account and installs SSL certificate on the phone

The following instructions are general in nature, and not specific, because I did not do these steps myself. My customer was able to do it, with just a couple of corrections that I was able to walk him through by phone.

  1. First, user should open up the Gmail (or other) account on their phone, locate the email you sent them, and select to save (download) the attachment to the phone. Just download the file, do not try to install it.
  2. Now let’s start creating the Exchange account.
  3. Select Settings –> Accounts –> Add Accounts –> Exchange
  4. Enter your email address and password.
  5. Phone will go out and check things, and should come back asking for more server information.
  6. For your username: enter DOMAINNAME\USERNAME
  7. When prompted, select to install a certificate, and located the file you saved.
  8. For the server name/address, enter the URL you would use to access your OWA account – such as remote.servername.com or mail.servername.com.
  9. Select SSL/TLS (Accept all certificates)

At this point, it should start setting up your email account. Good luck!

Exchange 2007 SP3 Rollup 17 Released

The Microsoft’s Exchange Team released Rollup 17 for Exchange 2007 SP3 (KB 3056710) on June 16, 2015

This release provide minor improvements and fixes for customer reported issues.

Download Update Rollup 17 for Exchange Server 2007 SP3

Microsoft Announces New Support Policy for Repaired Exchange Databases

On May 1, 2015 Microsoft announced a new support policy for repaired Exchange databases. The details are in this blog post from the Exchange team.
image

Simply put — if the Exchange database has previously been repaired (repair count greater zero), then the contents of that database needs to be moved to a new Exchange database.

The question will be asked: how can I determine the repair count of an Exchange database?

The suggested way is to use the ESEUTIL utility with the MH option:
eseutil /mh <exchange_mailbox_filename.edb>

Running this command does not modify or update Exchange. It simply displays information about the Exchange database. But be sure to dismount your Exchange database before running the command.

SNAGHTML1c9b777e

Finally, for the record books: back in August, 2006 I wrote a blog post titled: Defragging Exchange in 4 Easy Steps. This was written in the Exchange 2003 era.

Do not install Exchange 2010 SP3 RU8 yet

On Thursday Dec 11, 2014 Microsoft released new updates for Exchange 2007, 2010, and 2013. Read more here.

However, an issue has been identified in the Exchange Server 2010 SP3 Update Rollup 8. The update has been recalled and is no longer available on the download center pending a new RU8 release. Customers should not proceed with deployments of this update until the new RU8 version is made available. Customers who have already started deployment of RU8 should rollback this update.

The issue impacts the ability of Outlook to connect to Exchange.

Please note: this issue only impacts the Exchange Server 2010 SP3 RU8 update, the other updates remain valid and customers can continue with deployment of these packages.

Tool to Analyze Message Headers

Microsoft’s Remote Connectivity Analyzer is a great resource tool for testing and running diagnostics against Exchange, ActiveSync, OWA, POP3/IMAP, Lync, and Office 365. It also includes Message Analyzer, which is an SMTP header analysis tool and makes reading email headers less painful.

image

Microsoft’s Exchange Team has a good blog post on how to use the Message Analyzer feature.

For grins and giggles, I sent myself and email from my Gmail account to my business email account, and then processed the message header through the Message Analyzer.

  1. Open up the Message Analyzer tab of Microsoft’s Remote Connectivity Analyzer in a browser window.
    image
  2. Open up your email client and access/view the message header. Select and copy the complete contents of the message header.
    I have a separate post that explains how to view email message headers from Outlook 2010/2013.
    image
  3. Flip back to your browser, and paste the message header into the Message Header Analyzer area.
    image
  4. Click Analyze Header and you will get a Summary report, plus a list of Received Headers and other headers.
    image

    image

How to fix WinMail.dat attachment issues with Exchange

From time to time I will encounter an Exchange Server where the customer reports that attachments to emails they send out are being received as WinMail.dat files by some recipients. This hold true whether it’s an image file, a PDF file, etc.

The cause is quite simple: The Exchange server has an option to define whether or not to send attachments in “rich-text format”. If this option is enabled, this will cause attachments to be converted by some email clients into a WinMail.dat file. This is due to a methodology called “Transport Neutral Encapsulation Format” (TNEF) for sending messages across the Internet.

The solution is also quite simple: we just need to set the option on Exchange to “never use”. No rebooting of Exchange or the server is required after making this change.

Here are the detail steps (based on Exchange 2010):

  • Open up Exchange Management Console (EMC)
  • Drill down Organization Configuration –> Hub Transport
  • Click (to select) the Remote Domains tab
  • Right-click on Default, then click Properties
  • Click  (to select) the Message Format tab.
  • Under Exchange rich-text format section, click (to select) Never use
  • Click Apply and OK

image

Microsoft fixes OWA Premium issue when using IE11

My fellow MVP’er, Oliver Sommer, posted on his blog site yesterday (6-25-2014) that Microsoft quietly resolved an outstanding issue (KB 2866064) with Internet Explorer 11 and Outlook Web Access (OWA), where it would only display the “lite” version of OWA instead of the full “premium” version.

The fix is included in the following rollups:

Exchange 2007 Service Pack 3 Rollup 13

Exchange 2010 Service Pack 3 Update Rollup 3

Exchange 2013 Cumulative Update 3

Exchange 2010 Queue Viewer Error

Customer is running Exchange 2010 SP3 on a Windows 2012 Server. Email is running fine. But whenever I open up Queue Viewer and try to drill down to a message detail, I get the following popup error message:

Cannot process argument transformation on parameter ‘BookmarkObject’. Cannot convert the “Microsoft.Exchange.Data.QueueViewer.PropertyBagBasedMessageInfo” value of type “Deserialized.Microsoft.Exchange.Data.QueueViewer.PrpopertyBagBasedMessageInfo” to type “Microsoft.Exchange.Data.QueueViewer.ExtensibleMessageInfo”.

image

It appears that others have been encountering this same error for over a year (see this thread from Microsoft forum). The very last post in this thread offers a “resolution” to the issue, if you wish to call  it a resolution.

image

In KB2931150, Microsoft says that this error is a known bug, and instead of using the Queue Viewer utility from EMC, you should use the Exchange power shell “Get-Queue” command.

So let’s open up the EMC Power Shell and try a couple of commands!

To get a list of queued messages, type get-queue and press enter.

image

To get details on a particular message, first take note of a specific message identity you wish to view. Then type get-queue –identity exchangeserver\messageid | fl and press enter

image

For a full list of options with the Get-Queue command, type get-help get-queue and press enter

image

 

Open up the EMC Shell, and type “get-queue” and press Enter. A list of queued messages will display

te

Outlook 2010 displays Autodiscover Security Certificate Alert window at startup

I had a customer with an SBS 2008 server who called this past week to say that they were getting the following popup alert when starting up Outlook 2010:

The name on the security certificate is invalid or does not match the name of the site

SNAGHTML17ae3bd2

I ran the Microsoft Remote Connectivity Analyzer to test Autodiscover for this customer. And sure enough, it was failing the test to validate the server name.

Certificate name validation failed. Host name xxx.com doesn’t match any name found on the server certificate.

The first article I reviewed was KB 940726. Although the title of this KB article indicates that it was written for Outlook 2007 and Exchange 2007, it is also applicable to Outlook 2010 and Exchange 2010. It covers how to change the internal URL for the Autodiscover service stored inside Exchange via Exchange PowerShell commands.

However, in my case, the PowerShell command get-ClientAccessServer | fl was showing that the AutoDiscoverServiceInternalUri field was showing the correct URL.

SNAGHTML17bae007

In talking with other MVPs, it appears that the issue may have to do with someone making changes to the domain name “A” or “cName”. I am still tracking that down.

But meanwhile, I was looking for a quick solution to at least suppress those popup alerts on a short-term basis, as I was going to be traveling for the next several days.

More research lead me to this blog post from Tipst3r titled: “Turn off Autodiscover for Outlook”, which was a recommendation for adding a registry key called “Exclude ScpLookup”. I gave it a try, but it did not appear to work. Also, I wanted more information as to what this registry key did, and why.

So, on further searching, I found Microsoft’s KB 2212902 titled: “Unexpected Autodiscover behavior when you have registry settings under the \Autodiscover key”. This article listed seven different optional registry settings that one might create and use.

I started working with these options, and found that using the following three options (setting them to a value of “1”) would disable the “security certificate is invalid or does not match” popup window from appearing:

  • ExcludeScpLookup
  • ExcludeHttpsAutoDiscoverDomain
  • ExcludeSrvRecord

image

I’m not one to generally implement a workaround. So part of this was just a desire to understand more what was going on “under the covers”, so to speak. I will be testing out making the recommended changes to the domain records later, but since I will be gone for a week, I did not want to make such changes at this time.