Sunday, December 27, 2009

Online Move Mailbox feature in Exchange server 2010:

This article explains the Online Move Mailbox feature in the exchange server 2010. In the previous version of exchange, during the course of the mailbox movement, the resultant mailbox user cannot access his email. The downtime during the course of mailbox movement is still an area which needs an attention from the providers, Microsoft has rightly addressed this effectively by bringing in the new feature called Online Move Mailbox feature. By means of this, user mailbox can be moved between databases without affecting the online users. So users will be able to send and receive emails as normal on the course of the movement. This functionality has been named as ”MoveRequest” in exchange 2010.

In the exchange mixed mode environment, the MoveRequest works fine (i.e., the move is online) when you are trying to move mailbox from exchange 2007 to 2010 in transition phase. But unfortunately vice versa i.e., mailbox movement from 2010 to 2007 or 2010 to 2003, the move is offline.

Hope the above is informative.


971552596187 |

Script for Event log backup and clearing:

The below is the simple script for backing up and clearing the event logs.

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate, (Backup, Security)}!\\" _
& strComputer & "\root\cimv2")
Set colLogFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile where LogFileName='Security'")
For Each objLogfile in colLogFiles
OutputFile = "c:\eventlog\" & "Security "
OutputFile = OutputFile & Day(Now) & "-" & month(now) & "-" & year(now)
OutputFile = OutputFile & ".evt"
errBackupLog = objLogFile.BackupEventLog(OutputFile)
If errBackupLog = 0 Or errBackupLog = 183 Then
Wscript.Echo "The Security event log could not be backed up."
End If

In the above, you can specify the log file type accordingly and also specify the location where the event log .evt file will be stored. After taking the backup of the event log, it will clear the event log.



971552596187 |

Post Step after Exchange server 2010/2007 and Make it Live:

This article explains the post check steps that need to be carried after installation of internal exchange server for sending and receiving emails from internet. In other words, we are actually making the exchange server into the production world.

After the installation of all mandatory roles of exchange servers and if edge exist then after the synchronization of the edge server with the Hub transport server role, and of course after checking the internal mail flow, we need to perform the below steps to be carried out in the organizational level to make the external mail flow.

1. License Key feed.
2. Accepted Domain setting.
3. Configure Email address policy.
4. Configure a Send Connector to send email to the Internet.
5. In case if Edge server name is not used, then configure the hub transport to accept anonymous SMTP. By default, this option is not set.
6. Configure external certificate for the CAS server for public access.
7. Configure the CAS server according to your organization. The options like Outlook anywhere, Exchange Active sync, Outlook Web access - OWA (2010 called as Outlook Web app)



971552596187 |

Saturday, November 14, 2009

Exchange Server 2010: Previous exchange server Coexistence

Exchange server 2010 have the option for coexisting with the previous version of Exchange server 2003 and 2007 in the same forest. It is not possible to have exchange 2000 or exchange 5.5 with the exchange 2010 in the same exchange organization. Integrating Exchange server 2010 into the existing exchange 2003 or 2007 is called the transition scenario, where as new deployment of exchange server 2003 in new active directory forest and then transferring/migrating the records across the forest is called migration scenario.

Hope the above is informative.


Message Routing in Exchange 2007 vs. Exchange 2003 Multisite Environment:

The message routing architecture in multi site environment is always an interesting one to explore. We all know the role of routing groups and also routing group connector in exchange2003, this has been revised in fact completely modified in exchange 2007. Routing group and connectors concept has been removed in the exchange 2003. Lets us consider the below scenario for example,

Site1 – Amsterdam Main Office – subnet

Site2 – Auckland Branch Office – subnet

We can domain controller in both sites for user authentication and other domain info. We can also have DNS in both sites. So with the help of the site link (WAN link), we will be able to enable the replication b/w the sites. Now, coming to the messaging part, we have only option to use the routing group and connector for message transport b/w the sites. Since active directory sites and Exchange server routing groups are independent one, i.e. not compatible with each other.

Exchange 2007 has the new feature that Hub transport server role has been built in a manner that it will use the active directory sites for the message routing. In this case, transport hub server in Amsterdam will use the active directory site link to route the message to the hub transport server in Auckland and vice versa.

I end up here; you people can explore more in this for more detail. Hope the above is informative.

9841499143 |

Wednesday, November 4, 2009

Exchange server 2010’s new features:

Hope, everyone are excited and waiting for the release of the exchange 2010. The below are some of the new features of the exchange 2010. I tried to put in simpler terms and have not described in detail, the idea is to have an overview of the exchange 2010 product. I have covered only the few important and major changes, apart from this there are still many other changes have been done. Please visit Microsoft site for more details.

1. DAG – Database Availability Group.
2. Improved Outlook Web Access called as outlook web app which has features like search options, favorites, attaching message to message, etc.
3. Edit option for user properties like username, telephone number in OWA.
4. ECP called Exchange control panel for organization level changes like user, group and distribution list creation/changes.
5. No More LCR and SCR clustering technology of exchange 2007 are removed and replaced by new Database Availability group.
6. Server Cluster failover technique also removed because still the so many system administrator are not comfortable in doing it. The Microsoft has come up with the effective and ease alternative for this.
7. No more storage groups term available in exchange 2010, so only database is the predominant one and other database files, transaction log and database type(JET) are same as of the exchange 2007.
8. SIS – Single Instance Storage is no longer available in exchange, means that traditional model has been changed. I.e. when you send a mail of 1 MB to 10 different recipients, the db potentially grows 10 MB. So obviously consumes for storage requirement but the performance on the database I/O has been improved drastically.
9. Database page file size has been increased from 4KB to 8KB, improving the I/O on the disk file system.
10. No more 32 bit processor support for testing also.
11. Microsoft is also gradually moving to the cloud technology. Microsoft Online Services helps to host the mailbox also. It can be 100% hosted or 100% in premise or can be also mixed environment.
12. Powershell V2 more powerful, also has a new feature called IDE Interactive Development Environment using which you can built a script and also run the output with the small output window. The option for remote management of exchange is also possible with Windows Remote Management, which is included with the Powershell V2.
13. Send mail GUI option available in the EMC for testing mail flow.
14. Active Directory Rights Management enables to have the control of the message after sending to the recipients like disabling the forward option of the confidential messages.
15. Cross premises routing is possible.
16. Enhanced disclaimer with HTML code, pictures, hyperlinks, etc is available.
17. In exchange 2007, after delivering the message from hub transport server to next hop, it will be deleted. The same in exchange 2010, the message will be deleted only after the successful receipt of the message from the next hop, in case of non-receipt, it will try to redeliver the message. This type reliable routing model is called as Shadow Redundancy Routing Model.
18. Role Based Access Model for implementing the permission for the administrative accounts.
19. Personnel archive folder option or can be called as Archive PST with all live mailbox.
20. Improved Unified messaging roles with some exciting new features like Voicemail preview, integration with SMS test message, additional language support, etc.

Hope the above is informative.


Logan | 971552596187

Sunday, October 25, 2009

Configuring LCR – Local Continuous Replication:

Hi friends,

This article briefs the configuring LCR in the exchange 2007 server. As it name implies, the local continuous replication is the new feature in the exchange 2007 and it has the local copy of the database just like a mirror. Either you can do either in GUI or powershell, here I have explained in the powershell

Design the structure first, for example will have the below for our configuration,

SG1 – storage group name, SG1DB1 – database

Source system path (disk1): c:\SG1

Source log path (disk1): c:\SG1\log

Source edb path (disk1): c:\SG1\DB

Destination system path (disk2): D:\SG1LCR

Destination system path (disk2): D:\SG1LCR\log

Destination system path (disk2): D:\SG1LCR\DB

1. Enabling Database copy,

#Enable-DatabaseCopy –identity ‘servername\sg1\sg1db1’ –CopyEdbFilePath ‘D:\SG1LCR\DB\SG1DB1.edb’

2. Enabling Storage group copy,

#Enable-StorageGroupCopy –identity sg1 –CopyLogFolderPath ‘D:\SG1LCR\log’ -CopySystemFolderPath ‘D:\SG1LCR\DB’

3. To check the status of the replication,


The LCR Configuration has been completed now; you can check the logs which are copied from the source to the destination and also any new generated logs will automatically seed to the destination location as we defined above.

Restore from the LCR copy:

Let us assume that if something goes wrong with the source database, we are in a position to restore from the replica. So, let’s see how to do the restore,

1. Dismount the database - #dismount-database sg1db1

2. Restore from replica - #Restore-StorageGroupCopy –identity ‘servername\sg1’

3. Mount the database back - #mount-database sg1db1

4. Now, the point to be noted is old LCR configuration of SG1DB1 is no more enabled. Please enable the LCR for this Storage group again and also clear the old logs so that it will start seeding from the source from the first.

Hope the above is useful.




Difference types of Mailbox in Exchange 2007:

Unlike previous version of exchange, the general mailbox has been classified into four types. But there are few difference b/w each type.

1. User Mailbox – for traditional user mailbox.

2. Room Mailbox – for meeting rooms

3. Equipment Mailbox – for equipments like projector, TV, etc. It is just like creating AD accounts for such objects.

4. Linked Mailbox – Hosting mailbox for users in separate forest.

In the above, the core mailbox attributes are same except few are different.

1. Basic notification GUI symbol is different for each object.

2. Resource mailbox (i.e., both room and equipment mailbox) are by default will be in the disabled state.

3. In OWA à Options, we have the “resource setting” only for the resource mailbox.

4. In creating a calendar meeting either in outlook or OWA, we have the scheduling assistant for configuring the meeting in which, “Select room” option will there and will list the entire room mailbox available in the organisation.

5. Also while adding attendees in the address bar, in the address book window; we will have the classified option as “default global address list” and “All rooms”. The latter is specifically designed to list the room mailbox alone.

6. On the attribute side, Isresource attribute of a mailbox will be set as “True” for the resource mailbox and “False ” for the user mailbox. The attribute resourcetype attribute will be set as “room” and “equipment” respectively.

Useful Powershell command:

To get the resource mailbox,

#get-mailbox where-object { $_.isresource –eq ‘true’ }

To get the resource mailbox related attribute,

#get-mailbox where-object { $_.isresource –eq ‘true’ } fl res*

To convert user mailbox to resource mailbox

#set-mailbox mailboxname –type room

Hope the above is useful.




Exchange server 2007 Services.

This article explains the different type of services, its description. Since exchange 2007 has so many new features, changes and different mailing architecture when compared to earlier exchange versions. We know that exchange server 2007 has five different server roles which has its specific services. In this article, I am going to concentrate only on the exchange specific services, though there are many dependent services like WWW, RPC, WMI and etc.

Common Services on all Server roles:

The below services are present in all five server roles,

1. Microsoft Exchange Active Directory Topology Service: This is the core exchange services which communicate with AD often. This service uses DSACCESS component for accessing the active directory. Since, AD tightly integrated with Exchange, all server roles will have this service up running.
2. Microsoft Exchange Monitoring Service: This service is responsible for collecting all kind of diagnostic logs from the exchange application.

Services in Mailbox server role:

1. Microsoft Exchange information store: This is the service related to core exchange databases. It is the main services in the Mailbox server role and this is services is not dependent to other exchange services.
2. Microsoft Exchange Mail Submission: This service maintains the mail queue for transferring mails from mailbox server to hub transport server. Used to notify a Hub Transport server located in the Mailbox server's Active Directory site that messages are ready for retrieval from a sender's outbox. This service is also responsible for relaying and other tasks like Transport rules, Message Records Management etc.
3. Microsoft Exchange mailbox assistants: Provides functionality for Calendar Attendant, Resource Booking Attendant, Out of Office Assistant, and Managed Folder Mailbox Assistant.
4. Microsoft Exchange Replication Service: This service responsible for the replication of database information in the LCR and SCR cluster environment. This does the log shipping/seeding b/w the cluster peers.
5. Microsoft Exchange Search Indexer: This service is responsible for indexing the mail content in the database which in turn helps in improving the faster access/searching of the mail contents.
6. Microsoft Exchange Service Host: Configures the RPC virtual directory in Internet Information Services (IIS), and registry data for Valid Ports, NSPI Interface Protocol Sequences, and Allow Anonymous for Outlook Anywhere. It basically acts as a host for holding exchange related services like IIS.
7. Microsoft Exchange System Attendant: This service is responsible for following components. It provides maintaining, monitoring and directory lookup services functionality.
• DSAccess (DSAccess.dll) – Provides Exchange Active Directory Access
• DSProxy (DSProxy.dll) – Provides Directory Service Lookup for older Outlook clients
• Server Monitor Component - Monitoring server resources
• Mailbox Manager Component - Managing mailboxes
• Metabase update service - Replicating settings from Active Directory to the IIS metabase
• System Attendant Component - Verifies computer account configuration
8. Microsoft Exchange Transport Log Search: Provides message tracking and transport log searching. It is basically used for querying of transport log remotely.
9. Microsoft Search (Exchange): Provides full-text indexing of mailbox data content. This is a Microsoft Exchange-customized version of Microsoft Search.

Services in CAS Servers:

1. Microsoft Exchange File Distribution: Used to distribute offline address book and custom Unified Messaging prompts.
2. Microsoft Exchange IMAP4: Responsible for Internet Message Access Protocol IMAP4 Clients connections.
3. Microsoft Exchange POP3: Responsible for Post Office Protocol POP3 Client connections.
4. Microsoft Exchange Service Host: Configures the RPC virtual directory in Internet Information Services (IIS), and registry data for Valid Ports, NSPI Interface Protocol Sequences, and Allow Anonymous for Outlook Anywhere. It basically acts as a host for holding exchange related services like IIS.

Services in Hub transport Servers:

1. Microsoft Exchange Anti-Spam Update: Used to automatically download anti-spam filter updates from Microsoft Update.
2. Microsoft Exchange Edgesync: Connects to ADAM instance on subscribed Edge Transport servers over secure Lightweight Directory Access Protocol (LDAP) channel to synchronize data between a Hub Transport server and an Edge Transport server.
3. Microsoft Exchange Transport: This is the new SMTP service in exchange 2007, which don’t rely on Windows server SMTP services as like in previous version of the exchange. It is the core transport stacks which process the routing of messages.
4. Microsoft Exchange Transport Log Search: Provides message tracking and transport log searching. It is basically used for querying of transport log remotely.

Services in Edge Transport Servers:

1. Microsoft Exchange ADAM: Connects to ADAM instance on subscribed Edge Transport servers over secure Lightweight Directory Access Protocol (LDAP) channel to synchronize data between a Hub Transport server and an Edge Transport server.
2. Microsoft Exchange Anti-Spam Update: Used to automatically download anti-spam filter updates from Microsoft Update.
3. Microsoft Exchange Credential Service: Monitors credential changes in ADAM and installs the changes on the Edge Transport server.
4. Microsoft Exchange Transport: This is the new SMTP service in exchange 2007, which don’t rely on Windows server SMTP services as like in previous version of the exchange. It is the core transport stacks which process the routing of messages.
5. Microsoft Exchange Transport Log Search: Provides message tracking and transport log searching. It is basically used for querying of transport log remotely.

Services in Unified Messaging Servers:

1. Microsoft Exchange Unified Messaging: Provides Unified Messaging features, such as the storing of inbound faxes and voice mail messages in a user's mailbox, and access to that mailbox via Outlook Voice Access.
2. Microsoft Exchange Speech Engine: Provides speech processing services for Unified Messaging.

Hope the above is informative.



Types of clustering in exchange 2007:

This article explains the different types of clustering technology available with the exchange 2007 server. The exchange 2007 version has some new exciting features in terms of the high availability. It has four types of clustering and which has its own level of fault tolerance and availability. I have also added the diagram for better understanding.

1. Single copy clusters(SCC):

# This cluster type is similar to the one as in previous exchange versions. In fact it is exactly similar to the one in exchange 2003.

# Uses a single copy of database is shared between the nodes of the cluster.

# The database copy is stored in the SAN Storage device and also at any point of time the database will be owned by single node.

# Fault tolerance – There is chance of SOP i.e., Single point of failure. SCC environment works great if a node/server fails, but still Database failure in the SAN will cause the damage.

2. Local Continuous Replication (LCR):

# This is the new feature of exchange 2007.

# LCR is a single server solution which creates and maintains a copy of the database in the same server just like a mirroring concept.

# This cluster type provides usual log shipping, log replaying and can be switched to the mirror copy by manual action in case of any database issues.

# One prerequisite for implementing LCR is that Storage Group can contain only one database. So if you need to implement multiple databases you automatically need to implement multiple Storage Groups.

# This overcomes the drawbacks of single point of failure for database crashes, but it doesn’t help in server failure.

# Automatic failover will not happen, in case of database failure or any issue.

3.Cluster Continuous Replication (CCR):

# This is the new feature of exchange 2007. It is the best and highly improved version of clustering solution

# This cluster type is non-shared one, fault tolerant in terms of server and database front, high availability and site resilience. CCR is very different from clustering in previous exchange versions.

# CCR is a multi server solution which creates and maintains a copy of the database in the second servers in a failover cluster.

# CCR will automatically failover in case of any server related issues and also database related failures. So no need of manual switch action as in LCR.

4. Standby Continuous replication (SCR):

# This is the new feature introduced in exchange 2007 SP1.

# SCR is a clustered solution that is used to have the standby copies of the clustered server databases. As by its name, we can call as standby recovery servers.

# SCR uses the same log shipping and replay technology used by LCR and CCR. It is just getting seeded by and from either CCR or LCR cluster server.

# This is ideal for the situation like you need to recover from the complete site failure. We can call this for disaster recovery.

Hope the above is informative.




Wednesday, September 30, 2009

Recipient limit feature in exchange server 2003 and 2007

This article explains the working of recipient limit feature in both exchange 2003 and 2007 server versions. Many people will have a questions on how the distribution list recipient is counted ?, in fact there is change in the working of recipient limits in exchange 2007 compared to the older exchange 2003 version.

In Exchange 2003:
In processing of email message, the recipient limits are applied after the expansion of the recipients. The expansion is nothing but the designated expansion server will expand all group lists, it will have the individual and non-duplicated recipient entries. So, if a user is having a recipient cap set to 50, when a user try to send a mail to a distribution list of 60 members, the result only the first 50 users of the expanded list will receive the mail, for the rest it will through the respective NDR.

In Exchange 2007:
But, in exchange 2007, the recipient limits are applied in the hub transport server role before the expansion of the recipient limits. In simpler words, expanded DL members are not counted in turn it will be counted as a single recipient. So, if a user is having a recipient cap set to 50, when a user try to send a mail to a distribution list of 60 members, the result all the users will be able to receive the mails henceforth it just count DL as a single recipient.

Hope the above is informative


Saturday, August 22, 2009

Deploying Edge Transport Server Role:

This article gives you the step by step procedure for installing the Microsoft exchange server 2007 – edge server role and configuring the connection with the hub transport server. As we now, edge server role is used as the front end security wall with antispam and antivirus protections and not parted of domain, which is basically hosted in the DMZ zone.

1. Basic server check-up likes recommended hardware resources and server 2003/2008 OS, latest SP and appropriate patches.

2. N/w Card configuration – Two NIC cards, one for public/external and the other for private/internal.

3. Check the Name resolution between hub transport and the edge server. Also configure the edge server for the external name resolution.

Set-TransportServer -Identity ExEdge01 –ExternalDNSAdapterEnabled $false –ExternalDNSServers

Note : If the name resolution b/w hub and edge server doesn’t work, then the edge synchronisation fails.

4. Installing ADAM SP1 : Active Directory Application Mode SP1 is the one which acts as a tunnel passage for passing the limited AD related i.,e Domain related information from Hub transport server to the edge server.

5. Install Core edge exe : Run the setup.exe from the exchange installation disk, go for the custom type installation, select the edge server and complete the installation.

6. Check the Edge related configuration EMC, will find option like antispam, accepted domains and others, I will leave this up to you for exploring.

7. Since Exchange 2007 rollup 4 has some important updates, install the rollup 4 package also.

8. Restart the edge server after completing the above and run the command “test-servicehealth” to check all edge related services are up and running.

9. Ports to be opened : Edge server used custom ports for communication with the hub server. If firewall is placed in b/w hub server and edge server, the following ports have to be opened.

• LDAP 50389/tcp
• Secure LDAP 50636/tcp
• SMTP 25/tcp
• RDP 3389/tcp (optional)

10. Creating the edge subscription file in Edge server,

New-EdgeSubscription -FileName "C:\EdgeSubscriptionInfo.xml"

11. Copy the xml file to the Hub server.

12. Mapping the edge subscription file in Hub Server,

New-EdgeSubscription -filename "C:\EdgeSubscriptionInfo.xml" -CreateInternetSendConnector $true -site "Default-First-Site-Name"

13. By Default, the edge synchronisation happens at four hour intervals. For immediate sync,


14. Edge server is ready, just verify connectors in Edge EMC console, will show the current hub server related connectors.

Hope the above is informative.

Logan | 971552596187

Monday, August 17, 2009

Logon Event 528 Log:

This article explains about finding the user logon details using the normal event log and also how to interpret to event log details. In server side, environment it is always wise to have the user logon and logoff audits. If you check for the event log 528 under the security logs, you will find some of the positive hits. The typical 528 log entry will have the below information,

  • user name
  • domain
  • logon id
  • logon type
  • logon process
  • authenication package
  • workstation name

In Particular, logon type is the one which needs to be paid attention.



User logged on to the computer's console.



User logged on to the computer over the network (e.g., through a drive mapping). Note: On Win2K and later systems, event ID 528 doesn't log this logon type; for network logons, Win2K and later OS versions log event ID 540 with logon type 3.



Batch logon (commonly logged when a COM+ server component starts up).



Service logon (required by user accounts configured as account for services).



Workstation unlocked.



Network logon, but with a clear-text password. By default, Windows doesn't allow clear-text password logons unless you explicitly enable them. (However, all versions of Microsoft IIS use clear-text passwords for Basic authentication.)



User used alternative credentials to connect to a resource on the network or used the RunAs command to start programs under a different user account.



User logged on to the computer remotely using Terminal Services or Remote Desktop.



Domain user logged on with cached credentials. Usually logged when a traveling user logs on to a notebook with his or her domain account but no domain controller (DC) is available. Note that event ID 537, not event ID 528, logs this event.

Using the above, we can find the exact mode of logon and also the user details.

Hope the above is useful.


Logan | 971552596187

Saturday, August 15, 2009

To list the DB size in all mailbox server

This script can be used to list the each database size in the exchange org. This can be easily modified as per your need.


# Script for finding all the database size in GB present in the organization.
# please use redirect '<' for reporting# Eg, .\Tofinddbsize.ps1 > report.txt

$exchangeservers = Get-ExchangeServer where-object {$_.admindisplayversion.major -eq 8 -and $_.IsMailboxServer -eq $true }

foreach ($server in $exchangeservers)
$db = Get-MailboxDatabase -server $server
foreach ($objItem in $db)
$edbfilepath = $objItem.edbfilepath

$path = "`\`\" + $server + "`\" + $objItem.EdbFilePath.DriveName.Remove(1).ToString() + "$"+ $objItem.EdbFilePath.PathName.Remove(0,2)

$dbsize = Get-ChildItem $path $ReturnedObj = New-Object PSObject

$ReturnedObj Add-Member NoteProperty -Name "Server\StorageGroup\Database" -Value $objItem.Identity

$ReturnedObj Add-Member NoteProperty -Name "Size (GB)" -Value ("{0:n2}" -f ($dbsize.Length/1024MB))

Write-Output $ReturnedObj



LOGAN 971552596187

To find the disconnected mailbox in the mailbox servers.

This script can be used to find the disconnected mailbox in your exhange organisation by just giving display name as input. This will be helpful if you have many mailbox servers in your org. The below script has been tested and works fine.


$search = read-host "Type part of DisplayName Ex Tom* *sson *middle* , searching mailbox servers one by one... "

Write "Press ctrl-C to stop search once you found your mailbox"

$exchangeservers = Get-ExchangeServer where-object {$_.admindisplayversion.major -eq 8 -and $_.IsMailboxServer -eq $true }

foreach ($server in $exchangeservers)

Write "Searching $server"

Get-MailboxStatistics -Server $server where { $_.DisconnectDate -ne $null } where { $_.DisplayName -like "$search" } fl


Write "Finished"



Logan 971552596187

Wednesday, August 12, 2009

Find the mailbox count per db in a server

This script can be used to find the mailbox count per database by giving the mailbox server name. This can be modified easily as per your need.


# script for finding the no of mailbox's per mailboxdatabase
write-host $server = read-host "Type the server name:"
foreach ($db in get-mailboxdatabase -server $server)
if ($db.getType().fullname -like "*PublicFolderDatabase")
$dbType = "Public"
$dbType = "Private"
$dbUserCount = (get-mailbox -database $db -erroraction silentlycontinue).count
$retObj = new-object psobject
$retObj add-member noteproperty -name "Server" -value $db.Server
$retObj add-member noteproperty -name "Name" -value $db.Identity
$retObj add-member noteproperty -name "Users" -value $dbUserCount


Please let me know if you have any queastions.


Logan 971552596187

Find the mailbox which exceeds the quota limit

The below is the script to find the mailbox in which the mailbox size limit has been exceeded.


#Script to find the mailbox which exceeds the quota limit
#in the mailbox server.
$server = read-host "Please Enter the Mailbox server name:"
get-MailboxStatistics -server $server where {"IssueWarning","ProhibitSend","MailboxDisabled" -contains $_.StorageLimitStatus} format-Table DisplayName,database,storagelimitstatus,Totaldeleteditemsize,TotalItemSize




Monday, August 10, 2009

Difference between BIS and BES

This article is about the blackberry service type and their differences. Also i have briefed about the respective email flow architecture. There are two types of BlackBerry service that are available to purchase.

#One is designed for individuals and small businesses (BIS)
#The other is designed for large companies and organisations (BES).

The ways in which they work are very different.

Difference between BIS and BES

BIS – (For individuals and small businesses)

The BlackBerry Internet Solution provides a wireless solution tailored to meet the needs of individual users and small and medium-sized businesses (SMB). The BlackBerry Internet Service, a component of the BlackBerry Internet Solution, allows wireless connectivity to Internet-based email and other applications. The architecture for BlackBerry Internet Service,
including Internet browsing functionality, is shown in the diagram below: BlackBerry Internet Service leverages centrally hosted wireless gateways, allowing users to access up to 10 supported email accounts and Internet browsing functionality* without the need to install and manage a BlackBerry Enterprise Server.

Fig1 : BIS (Please click on the figure to maximize)
Fig2 : BES (Please click on the figure to maximize)


The BlackBerry Enterprise Solution allows the wireless extension of corporate email and applications with the BlackBerry Enterprise Server™, an important component of the solution, and would be managed by the organisations own internal I.T. department. The typical architecture of the BlackBerry Enterprise Solution is shown in the diagram below: The BlackBerry Enterprise Server is installed and managed behind the corporate firewall and includes integrated support for extending corporate messaging solutions, including Microsoft Exchange, IBM Lotus Domino and Novell GroupWise. The BlackBerry Enterprise Server also acts as a wireless gateway allowing the BlackBerry Browser and custom applications on the BlackBerry device to connect to corporate applications and web servers, as well as to Internet-based web servers.

Hope the above info is useful. Please ping me if you have any queastions.

MFCMAPI Utility for Outlook - To delete the hidden or corrupted rules:

This instruction set describes how to delete corrupted and hidden rules from a user’s mailbox in Outlook 2000 and Outlook 2003.

Symptoms of a client affected by Corrupted and Hidden Rules:

SPAM Appliance filter does not automatically move identified SPAM mail to Junk E-Mail Folder.
User created server or client based Outlook rules will not function or only some will not function.

Download MFCMapi.exe from the internet.

1. In Outlook 2000/2003:

a. On the Tools menu, click Rules and Alerts.
b. In the Rules and Alerts dialog box, click Options.
c. In the Options dialog box, click Export Rules.

2. Use MFCMapi to remove all rules that are applied to a client’s mailbox. To do this, follow these steps

a. Open the folder C:\_localdata, double click mfcmapi.exe and then click OK.
b. On the Session menu, click Logon and Display Store Table.
c. If you are prompted to select a profile, click the client’s mail profile in the Profile Name list, and then click OK.
d. Double-click the mailbox that contains the inbox rules that you want to delete.
e. Expand Root Container, and then expand Top of information Store.
f. Right-click Inbox and then click Open Associated Contents Table.
g. Use the Horizontal Scroll Bar to bring the Message Class column in view.
h. IMPORTANT! Highlight and delete ONLY items named IPM.Rule.Message and IPM.ExtendedRule.Message.
i. Once you hit the delete key you will be prompted to choose the type of deletion. Using the drop down box select, Permanent delete passing DELETE_HARD_DELETE (unrecoverable).
j. Close all MFCmapi windows and restart Outlook. Double check that all client rules have been removed by going into ToolsàRules and Alerts.

3. Import the backed-up rules into Outlook. To do this, follow these steps:

In Outlook 2000/2003:

a. On the Tools menu, click Rules and Alerts.
b. In the Rules and Alerts dialog box, click Options.
c. In the Options dialog box, click Import Rules.
d. Locate the rules that you backed up in step 2, click Open, and then click OK.

So, reopen the outlook, should be the end of the story.

Hope the above is informative.



Reason for duplicate items in Outlook

Most of the Outlook users would have faced the problem of getting duplicate emails or calendar entries. In this article, I have listed down the possible reason for getting the duplicate entries.

There can be many reasons why a user would see multiple messages in their mailboxes. The most likely ones are outlined here.

1. The message has actually been sent more than once by the originator. Check the date in the "Date:" clause. If the dates are different, then the message was sent by the originator more than once.
2. The user is an alias of another account and both accounts received a copy of the mail. To see if this has occurred, open both messages and view the complete header. Look at the last "Received:" clause. This clause will say who the message saw sent to. If there are different addresses, then this explains why the message appeared twice.
3. The user gets mail forwarded from another account and both accounts received a copy of the message. Use the same check as above to see if this is the case.
4. One mail server between the sender and recipient is (incorrectly) duplicating the message. To see if this has occurred, open both messages and view the complete header. Match each of the "Received:" clauses until you find two that are different. These two received clauses will give a different time for the receipt of the message. This clause identifies the server that is duplicating email messages. You will need to contact the owner of the server for further investigation.

Other items to help determine the cause of the duplicate messages appearing include taking a look in the headers of the messages themselves. The topmost Received header will contain a unique ID for the message consisting of 8 characters.

You can then take a look in the SMTP log for the server and search for this unique ID. This will show you the exact SMTP transaction that caused the message to enter your server. You will be able to see exactly which users the message was delivered to.

If the unique ID's are different then the messages are the result of more than one transaction. Likely reason being that the message was delivered to the server more than once. Again this can be confirmed from the logs.

When trying to debug these issues it is helpful if you enable all of the logging options for the SMTP service.

Reasons why you might see a message being sent more than once can include

1. Misconfiguration of the sending server
2. High CPU usage on your server for extended periods of time, causing connections to time out and thus the remote server retries the message again.
3. Malformed content being sent by the remote server

If you use the Anti-spam option to scan content for restricted words and do not limit the scanning to a certain number of lines, you are likely to see periods of high CPU usage on your server, particularly if you frequently process messages containing large attachments.

Hope the above detail is useful.


HTTP Status Codes in IIS 6.0

This article explains the need for understanding the HTTP status codes. The IIS 6.0 helps to display the appropriate status code for the built in core website. Most HTTP status codes have three digits, for example, 401. Some status codes have three digits followed by a decimal point, and one or two more digits (for example, 300.12). In such a case, the number that follows the decimal point is called the sub status code.
The following is the Status Code Range and the respective Code Types.
100 Informational
200 Successful
300 Redirection
400 Client Error
500 Server Error
Under each status code, there will be a sub status code and it will have its own description on the issue.

Expansion server in exchange server 2003

This article explains the function and role of expansion server in the exchange server 2003.
1. Expansion server generally routes the message that are sent to a single distribution list or group of users listed in that group.
2. It is also responsible for expanding the group to its individual members and also will resolves the name of the recipients.
3. Importantly it is used to determine the most efficient path for routing the messages.
4. To find the expansion server for a distribution group, Right click the distribution group àproperties à Exchange advanced à Expansion server à click the drop down button to list.
5. In detail,
a. When user selects group from GAL in outlook. The outlook obtains the GAL via NSPI(Name Service Provider Interface) request sent to a GC.
b. Once the name verification succeeds, it will turn the recipient address bold.
c. When user sends, outlook uses MAPI to transmit the message to the user’s home exchange server.
d. Exchange server sees that the recipient is a group, and it sends an LDAP query to GC for the member’s list along with the email attributes.
6. By default any server can in the exchange organization can acts as a expansion server. This option is recommended because it totally avoids the single point of failure. Assigning particular server as a expansion server for particular group will result in failure if that particular server is unavailable.
Hope the above is informative.

Thursday, June 4, 2009

Virtual Memory Fragmentation Exchange

Virtual Memory:
Virtual Memory is nothing but making your hard disk acts as a temp space for swapping the data from the RAM when it is busy or fully occupied. The Process of exchanging/swapping the data back and forth from hard disk and RAM is called Thrashing. The area of the hard disk which stores the RAM data is called Page files, have a .SWP extensions.

In exchange server too allocations of the virtual memory plays a vital role for the efficient functioning of the exchange server. If the virtual memory allocation is not up to the mark, which results in hitting the performance of the exchange server in greater extend.

The below are the way to optimize the virtual memory related issues.

1. Adding the /3GB switch in the boot.ini file.
2. Adding the /userva= where Number value ranges b/w 2970 and 3030. The recommended value is 3030

Eg., boot.ini file

[boot loader]
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows Server 2003" /fastdetect /3GB
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows Server 2003" /fastdetect /userva=3030

The above option can be used only in pre windows server 2003 versions alone. In windows 2000, they have the below option for fine tuning the virtual memory.

1. Edit the "HeapDecommitFreeBlockThreshold" Registry key.
2. Set the “msExchESEParamCacheSizeMax” value via ADSIEDIT.
3. Also the value “msExchESEParamMaxOpenTables” value has to be set appropraitly via ADSIEDIT.
Please let us know if you have any questions.

Sunday, February 22, 2009

PFDAVAdmin Tool - Exchange

PFDAVAdmin is an one of the useful tool in the exchange environment.The name PFDAVAdmin stands for Public Folder Distributed Authoring and Versioning (DAV)-based Administration tool. The following are the features..

1. Propagate public folder permissions.It is used to propagate public folder Access Control Entry (ACE) additions, removals and modifications without overwriting the existing Access Control List (ACL).
2. used to Rectify damaged Discretionary Access Control Lists (DACL).Bad DACL is caused due to the incorrect permission from the explorer or from other tool.
3. Import or export permissions against either mailboxes or public folders. This will be a handy option to have the portable different complex level of permission.
4. Setting up Calendar folder permissions in bulk.



Garbage Collection and Tombstone object in AD

1. Garbage collection is a housekeeping process that is designed to free space within the Active Directory database. 

2. In Windows 2000 and in the original release version of Windows Server 2003, this process runs on every domain controller in the enterprise with a default lifetime interval of 12 hours. 

3. You can change this interval by modifying the garbageCollPeriod attribute in the enterprise-wide DS configuration object (NTDS) using ADSIEDIT.msc or ldp.exe. 

4. The Active Directory (AD) garbage-collection process performs two vital functions.First, it cleans up deleted objects. When you delete an object in AD, the system doesn't immediately delete the object because when replication occurs, a replication partner would recreate the object. Instead, the system uses a tombstone with a finite lifetime to mark the object as deleted. The tombstone replicates to all domain controllers (DCs), and after it expires, the garbage-collection agent deletes the object.

5. The garbage-collection process also performs online AD defragementation.

6. The default tombstone delete lifetime in windows 2000 and 2003 (w/o SP1) is 60 days. In 2003 Sp1, the value is increased to 180 days.





It is a life saver tool in maintainng the exchange database ie. , tool that manipulates Exchange's Extensible Storage Engine. This tool is similar to ntdsutil in term it manipulates with the Active directory.

/d - Performs off-line defragmentation/compaction of a database.
/r - soft recovery, bringing all databases to a consistent state or clean shutdown state.
/g - Verifies integrity of a database.It just fix the database tables but not the relation and others database stuff.That 
can be rectified by using the isinteg tool.
/m - Generates formatted output of various database file types. It is used to take the file dump.
/p - Repairs a corrupted or damaged database.
/y - Copies a database, streaming file, or log file.
/cc - Performs a hard recovery after a database restore.It is used to replay the logs after restoring from the backups.
/mh - to check the status/state of the mailbox store. To determine whether the last shutdown was clean or dirty. 
/mk - to check the last committed transastion log file into the database.
/ml - similar to /mh, except this switch performs an integrity check on log files.
/mm - Dumps metadata from the database file.


It is used to do some tests on your information store and to fix some detected errors and problems.ISINTEG is the only repair for exchange database engine. ESE is a generic database engine that can be used by different applications (Exchange, ActiveDirectory).
ESEUTIL looks into the database as just another ESE database, and can see their tables and indexes. ESEUTIL just fixes the database tables.Now it is time for ISINTEG. ISINTEG is aware of the relation between database tables and records that turn them into folders and messages.

Isinteg -fix -test alltests

In case of damaged database, the below is the idle steps...

1. Run Eseutil /P.
2. After Eseutil /P completes successfully, run Eseutil /D.
3. After Eseutil /D completes successfully, run Isinteg –fix –test alltests.