exchange

How to find Active Directory Search Base

To find out your user and group base DN, you can run a query from any member server on your Windows domain.

To find the User Base DN:
– Open a Windows command prompt.
– Type the command: dsquery user -name <known username>
(Example: If I were searching for all users named John, I could enter the username as John* to get a list of all users who’s name is John)
– The result will look like: “CN=John.Smith,CN=Users,DC=MyDomain,DC=com”
– In Blue Coat Reporter’s LDAP/Directory settings, when asked for a User Base DN, you would enter:  CN=Users,DC=MyDomain,DC=com
To find the Group Base DN:
– Open a Windows command prompt
– Type the command: dsquery group -name <known group name>.
(Example: If I were searching for a group called Users, I could enter the group name as Users* to get a list of all groups who’s name contains “Users”)
– The result will look like: “CN=Users,CN=Builtin,DC=MyDomain,DC=com”
– In Blue Coat Reporter’s LDAP/Directory settings, when asked for a User Base DN, you would enter: CN=Users,CN=Builtin,DC=MyDomain,DC=com.

By ncol on January 25, 2018 · Comments Off on How to find Active Directory Search Base

How to configure an internal relay connector for Exchange 2013

Go to the webpage of the exchange management page (https://exchangeserver/ecp)
Go to the Mail flow > Receive Connectors > + for add a new connector.

exchrelay1

Enter a name for the connector. If you want to relay outside your organization than you need to select Frontend Transport role instead of the Hub Transport role.

exchrelay2

Leave the setting below unchanged.

exchrelay3

Remove the IP address which are shown in the picture below.

exchrelay4

You get an error that the field is required. (click on the + to add a new range)exchrelay5

Enter a single IP address or a local LAN address which is allowed to email via the exchange server.

 

 

 

exchrelay6

The remote network settings will show the list like below.exchrelay7

When clicked on finished. You have to edit the relay connector and go to security tab.
Select the option “Anonymous users”.exchrelay8

Click on Save..

Now you have to open a powershell CLI of exchange on the exchange server ( with administrative rights ).

Get-ReceiveConnector “Receive Connector Name” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

 

By ncol on April 27, 2017 · Comments Off on How to configure an internal relay connector for Exchange 2013

Exchange 2013 mailbox move stuck at StatusDetail FailedOther

You have to remove the current move request and resubmit:

Remove-MoveRequest -Identity userID

New-MoveRequest -Identity “userID” -TargetDatabase “Mailbox Database 0422167200” -BatchName “userID” -BadItemLimit “200”

By ncol on April 6, 2017 · Comments Off on Exchange 2013 mailbox move stuck at StatusDetail FailedOther

Perform a full backup on Exchange to purge logs

1. Open Command prompt as Administrator
2. Launch Diskshadow

A.Add volume d:
B.(optional, add one line for each additional drive to include) Add volume X:
C.Begin Backup
D.Create
E.End Backup

3. At this step you should notice the following events in the application log indicating that the backup was indeed successful and logs will now be deleted.

Here’s some screenshots from the process:

Command promptdiskshadow

Event Logese-event-id-2005

 

 

By ncol on September 28, 2015 · Comments Off on Perform a full backup on Exchange to purge logs

101 Free Network Monitoring Tools

http://www.gfi.com/blog/101-free-admin-tools/

By ncol on June 11, 2015 · Comments Off on 101 Free Network Monitoring Tools

How to configure Exchange to redirect OWA HTTP requests to HTTPS requests in IIS 7

To enable SSL redirection to the OWA virtual directory, follow these steps:

  1. Start IIS 7 Manager.
  2. Expand the server, expand Sites and select the Default Web Site.
  3. Double-click HTTP Redirect.
  4. Select the Redirect requests to this destinationcheck box, and then enter /owa.
  5. Select the Only redirect requests to content in this directory (not subdirectories)check box.
  6. Select Found (302) from the Statuscode drop-down list.
  7. Click Apply to save the settings.
    Note The changes that you made to the Default Web Site will propagate down to the virtual directories for that site.
  8. Expand the Default Web Site.
  9. Select the aspnet_client virtual directory.
  10. Double-click HTTPRedirect.
  11. Clear the check box for Redirect requests to this destination.
  12. Click Apply to save the settings.
  13. Repeat steps 9-12 for the following virtual directories:
    • Autodiscover
    • Ecp
    • EWS
    • Microsoft-Server-ActiveSync
    • OAB
    • Owa
    • PowerShell
    • PowerShell-Proxy
    • Rpc
By ncol on February 24, 2015 · Comments Off on How to configure Exchange to redirect OWA HTTP requests to HTTPS requests in IIS 7

How to renew a self signed certificate in Exchange Server 2007

The Exchange 2007 self signs a certificate when the server role is first added for all the Exchange services that run in unison with IIS (smtp & owa etc). The  certificate expires after one  year from the date the server was first installed or the date the certificate was assigned manually.

First, check the status of the certificate by opening the Exchange Management Shell and executing the commandGet-ExchangeCertificate |FL’ – this displays all information about the currently assigned certificates and the status of each certificate.

It is common that they may be more than one certificate listed in the display – if that is the case, find the certificate that shows an expired date in the field ‘NotAfter‘ – as this defines when each certificate becomes invalid/expired. An expired certificate may cause problems such as connectivity to web services, SMTP transport and Outlook prompting certificate security warnings.

Use the following steps to generate a new certificate and enable it to run IIS services:

1. Type ‘Get-ExchangeCertificate |FL’ – This only lists details of certificates that are assigned to Exchange Services. Then note down the Thumbprint of the expired certificate.

2. Then type ‘Get-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63” | New-ExchangeCertificate’ . This generates a new certificate, and you will then be prompted to confirm if you want to overwrite the expired certificate and use the new one for the SMTP service.

3. If you run the cmdlet in step 1 you will notice the new certificate is not used to secure IIS services anymore. Make a note of the new thumbprint and run the following command typing the new thumbprint between the quotation marks: ‘Enable-ExchangeCertificate – Thumbprint “7A843B04EA2865CA9E6C34B42329AEE4456F9013” –Services IIS’

4. Be sure to verify all the services are working correctly after renewing and enabling the certificate – test Outlook clients by closing and opening Outlook to esnure there are no security certificate warnings.

6. Finally, Remove the old certificate by typing the following cmdlet into the management shell: Remove-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63″.

By ncol on June 5, 2013 · Comments Off on How to renew a self signed certificate in Exchange Server 2007

Outlook Web Access with Internet Explorer 10

If you experience issues in Internet Explorer 10 logging in and accessing emails with Outlook Web Access try the following:

Run Outlook Web Access in Internet Explorer compatibility view and see if it helps.

a: Click Tools  present at the top right corner in internet explorer.
b: Now Select Compatilbility view with the Website opened.
By ncol on May 13, 2013 · Comments Off on Outlook Web Access with Internet Explorer 10