The experiences of an SMB IT technician
Archive for the ‘Exchange’ Category.
How to Cheat at Configuring Exchange Server 2007 is the book i’m reading right now, preparing myself for the first Exchange 2007 deployment that is going to come.
So far i’m through the first three chapters, and i think it’s pretty good so far. I’ve setup a few Exchange 2007 testing environments before, but i never did anything serious with it.
If you’re running Outlook 2007 against an Exchange 2003 server, and have alerts generated by Sharepoint Services 3.0, you will notice very strange effects within Outlook, namely MAPI Error messages, mails that are not openable, etc.
The problem is a bug in Exchange 2003 - there is even a hotfix available in KB930807. However, this Hotfix is not publicly downloadable. You will need to contact Microsoft PSS, in order to get the Hotfix.
And here is where it gets interesting. If you’re running a native language version of your Microsoft Software, Support is only available by phone, for the small sum of 450 US$ - this fee is usually waived though if you just request a hotfix. For original US-English language software, support is also available by E-Mail, for much more reasonable 150 US$.
I’ve tried requesting the Hotfix by E-Mail, and it worked fine (though they referred me to the Phone Support option). It worked fine, and Microsoft provided me with the appropriate Hotfix.
The good thing is, that these problems will be mostly over because both Vista and Longhorn Server are true multilanguage Operating Systems.
Recovering deleted items in Outlook 2003/2007 works great.
However, some users reported that not all deleted items were visible in the “Recover deleted items” dialog. The reason for this was that they didn’t just delete the file, but instead used shift-delete to delete the file immediately, skipping the recycle bin.
In this case, the deleted item is not visible through selecting the recycle bin, and then “Recover deleted items”. Instead, you must select the Inbox, and then the “Recover deleted items” option. This is not as obvious as it should be.
I’ve spent the entire day at the Kongresshaus Zürich, attending Microsoft TechDays 2007.
In general, i enjoyed this first part of the event. As always, the Kongresshaus has severe logistical problems, they don’t have enough parking space. Microsoft offered free parking at Albisgüetli, but that is about 15 minutes away.
So instead i choose to go early, and parked right next to the Kongresshaus - arrived at 08:15, and there was still plenty of parking space available. At 27.- CHF for the entire day, it didn’t come cheap, though.
Microsoft seems to have moved back from stickers to lanyards, and there were croissons available in the morning.
The Keynote was very good, held by a guy named Rafal Lukawiecki. A review on security in the past, and in the future. Very interesting, and very well done.
The next on the list was about Windows Sharepoint Services, but aimed at developers (which i didn’t really pay attention too, when choosing). Even though i’m not a developer, it was very interesting to see the architecture behind WSS.
I then attended a talk about Exchange HA & Disaster Recovery - i enjoyed this one too, but i think the title was a bit misleading, it concentrated on backups and reasons for disasters.
It was interesting to hear that he saw incorrectly configured anti virus software as the main reason for exchange full restore - i couldn’t really believe this, because it didn’t look like this guy worked with Small Businesses. He even wrote an Article about this topic on msexchange.org. While listening, i enjoyed that it seems i did everything right in the setups i did in the past, which was very reassuring.
Next was something about Windows Storage Server, or file serving from windows in general. It was very well, with a very competent speaker. It was also interesting to see that Microsoft is entering the Backup Market with DPM - at competitive prices, even though DPM requires a seperate server, which is a bit of a letdown. DFS/DFS-R was also covered very well, though there wasn’t anything there new to me.
What i wondered was that it seems that even though most people attending TechDays aren’t exacly working in SMBs didn’t know much about DFS. I assumed that most bigger companies were already using this.
At that point, i called it a day and went home. Stay tuned for the next part.
After migrating several users into our Exchange server, which were first defined as an external contacts (for proper forwarding), everything worked fine.
However, one user was unable to send mail to the new users. It generated a bounce/NDA, and failed to deliver. I first checked the Exchange Server, and everything seemed to be perfect. I then walked this user through the procedure of selecting the user from the address book, and then sending the mail. This worked.
At first, i was baffled, but then i remembered about the external contacts - the external contacts where defined as X.400 addresses, which coexisted with the new users for a short while. so the external contacts had different X.400 addresses than the new users. (I did handle the SMTP Addresses correctly, but not the X.400 ones).
But the external contacts where deleted, and no longer in the GAL or the OAB. But Outlooks address cache for type-ahead finding of contacts is independent of these two address sources. And that’s what the user used. You can delete entries in this cache by selecting them with the cursor keys, and then pressing the delete key. Seems logical, but i haven’t seen this mentioned anywhere explicitly.
I recently ran into an interesting problem related to Active Sync and Cached Exchange Mode in Outlook 2003.
In this case, the user running Outlook 2003 was connected to the exchange server through a WAN link, and has just imported a rather large .pst file, which was being uploaded to the Exchange server.
At that point, i tried to configure Active Sync on the PDA (through a GPRS connection), but it just hung while retrieving the folder list. An Event from Source “Server ActiveSync” and ID 3005 was logged on the Exchange-Server. At first, i thought the device (running PocketPC 3.0) had issues with the Exchange server, but that wasn’t the case. When i quit Outlook (and it stopped uploading from the local store to the server), everything was fine.
I waited until Outlook finished uploading, and from that point on Active Sync didn’t have any issues.
It seems that Active Sync doesn’t work when the Exchange Server is receiving files from a client.
Many SMB setups i’ve seen still use the included POP3 Connector to receive mails. Microsoft’s POP3 Connector is included in Small Business Server, but not in regular Exchange installations (this was different with Exchange 2000). That’s actually a good thing, because non-SBS customers can’t use POP3.
The POP3 connector included with SBS 2003 sucks - it can only poll at 15 minutes intervalls, which makes for unnecessary delays. It’s nasty to debug, and setting up new accounts means doing the work twice.
SMTP has a few requirements over POP3, which is why it sometimes not used
When sending out mails, you should still use your ISP’s Smarthost. The reasons for this are several
On the other hand, you will lose a bit of control when using your ISPs smarthost. It’s best to make your own judgment.
Image this: You’ve setup a new machine, running Exchange 2003, installed Backup Exec with AOFO, and start running your backups. Everything works fine.
A few days later, the clients calls you, telling you that Exchange is no longer working. You connect to the machine through VPN, and see that the log partition (you do have log partition, don’t you?) ran full. But you have properly set up your backups and everything. But the log files don’t get deleted.
When using Backup Exec with the Advanced Open File Option (AOFO, Snapshots), BE might not delete the backed up exchange database logfiles.
The culprit here is the option “Process logical volumes for backup one at a time” option.
When you activate this option, BE will no longer delete your Exchange logfiles. I do not really understand why this is the case, but i was able to get it to work fine without this option, by shutting down some services in preparation to preparing the snapshots.
DATALINE AG uses E-Mail addresses in the style f.lastname@domain.tld - i was rather irritated that the MMC console of Exchange 2007 didn’t offer a way to create custom address templates. Most of the advanced functionality is now PowerShell only - which i don’t see as a bad thing, it just takes some time getting used to.
Set-EmailAddressPolicy -Identitiy 'Default Policy'
-enabledPrimarySMTPAddressTemplate "%1g.%s.@exchange2007.local"
And there it already is. You even view this from the MMC, but you can’t change it. I still hate the PowerShell tab completion - it just doesn’t offer as many features as the zsh i’ve customized over the years.
RPC-over-HTTP or Outlook Anywhere as it is called in Exchange 2007 offers users a way to access their E-Mail using Outlook securely from anywhere in the World, without using a VPN connection.
If you’re using Microsoft’s ISA product line at your border, then you’re fine. ISA works just fine with RPC over HTTP. However Apache’s mod_proxy doesn’t support passing along the proprietary RPC_IN_DATA and RPC_OUT_DATA.
There are other proxies which support it, like Pound, however Pound doesn’t allow SSL-Backend connections, leaving plaintext passwords in your mostly-trusted-lan.
In the end, i gave up and published a seperate IIS website directly to the web. For this, i created a new IIS website, assigned it to a random port, added the proper port forwardings on the gateway, and added just the RPC directory to this new site, and exposed it only through HTTPS. I think this is as good as it gets.
If you don’t know how to move these virtual directories yet, it is quite simple. Right click the directory, select “All tasks”, select “Export to a file”, and then go to the new website, right click on it, select “New” and then “New virtual directory (from file)”. Quite easy - if you know where to find it.
If you’re having trouble getting RPC over HTTP to work, here are two tips:
outlook.exe using the /rpcdiag switch. This allows you to see how outlook establishes the connection.
