Open regular POwershell and run:
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
Load MS Exchange Powershell snapin
How to disable antimalware on Exchange 2016
To disable malware filtering on the local Mailbox server, run this command in the Exchange Management Shell:
& $env:ExchangeInstallPath\Scripts\Disable-AntimalwareScanning.ps1
To enable malware filtering on the local Mailbox server, run this command in the Exchange Management Shell:
& $env:ExchangeInstallPath\Scripts\Enable-AntimalwareScanning.ps1
If the command was successful, you see this message:
Anti-malware scanning is successfully
Note: The enable script also applies malware engine and definition updates as needed.
Restart the Exchange Transport service by running this command, which will temporarily interrupt mail flow on the server:
Restart-Service MSExchangeTransport
The change might take up to 10 minutes to take effect.
Kill a process using PowerShell
Open PowerShell. If required, run it as Administrator.
Type the command Get-Process to see the list of running processes
To kill a process by its name, execute the following cmdlet: Stop-Process -Name “ProcessName” -Force
To kill a process by its PID, run the command: Stop-Process -ID PID -Force
Enable the Password Reset Option in Exchange Server 2016
The easiest way to change the password of a user’s Microsoft Exchange mailbox is to use the Active Directory User and Computer (ADUC) console. You can also reset the password from the Exchange Admin Center, but this option is disabled by default. This article describes how to enable the password reset option in the Exchange Admin Center in Microsoft Exchange Server 2016.
1. Log in to exchange server with your admin credentials.
2. Open PowerShell with administrative privileges and execute the following three commands.
Add-pssnapin microsoft*
Install-CannedRbacRoles
Install-CannedRbacRoleAssignments
3. Log in to the Exchange Admin Center and click on Permissions.
Right-click ‘Organization Management’ and then click Edit.
Click the ‘+’ sign on the roles section. Select ‘Reset Password’ and then click Add. Click OK and then click Save.
4. Log out from the Exchange Admin Center.
5. When you log in again to the Exchange Admin Center and open any existing user mailbox properties, you should see the reset password option.
How to stop a Windows Backup job
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.LOCAL>wbadmin stop job
wbadmin 1.0 – Backup command-line tool
(C) Copyright 2013 Microsoft Corporation. All rights reserved.
Are you sure you want to stop the current operation?
[Y] Yes [N] No y
The backup operation ended before completing.
C:\Users\Administrator.LOCAL>
Exchange 2010/2013/2016: Starting Exchange Services with a simple command
As an Exchange Admin, you might be looking after 1 server or several hundred.
Sometime after a reboot you might notice that some of the services don’t start. It is a daunting task to go manually start them all 1 at a time.
A simple way is to run the following command from an elevated PowerShell Window:
- Get-Service *Exchange* | Start-Service
Some services like the Transport and Unified Messaging Services take a bit longer to start but the window will echo the starting of all services.
How to find Active Directory Search Base
To find out your user and group base DN, you can run a query from any member server on your Windows domain.
To find the User Base DN:
– Open a Windows command prompt.
– Type the command: dsquery user -name <known username>
(Example: If I were searching for all users named John, I could enter the username as John* to get a list of all users who’s name is John)
– The result will look like: “CN=John.Smith,CN=Users,DC=MyDomain,DC=com”
– In Blue Coat Reporter’s LDAP/Directory settings, when asked for a User Base DN, you would enter: CN=Users,DC=MyDomain,DC=com
To find the Group Base DN:
– Open a Windows command prompt
– Type the command: dsquery group -name <known group name>.
(Example: If I were searching for a group called Users, I could enter the group name as Users* to get a list of all groups who’s name contains “Users”)
– The result will look like: “CN=Users,CN=Builtin,DC=MyDomain,DC=com”
– In Blue Coat Reporter’s LDAP/Directory settings, when asked for a User Base DN, you would enter: CN=Users,CN=Builtin,DC=MyDomain,DC=com.
How to configure an internal relay connector for Exchange 2013
Go to the webpage of the exchange management page (https://exchangeserver/ecp)
Go to the Mail flow > Receive Connectors > + for add a new connector.
Enter a name for the connector. If you want to relay outside your organization than you need to select Frontend Transport role instead of the Hub Transport role.
Leave the setting below unchanged.
Remove the IP address which are shown in the picture below.
You get an error that the field is required. (click on the + to add a new range)
Enter a single IP address or a local LAN address which is allowed to email via the exchange server.
The remote network settings will show the list like below.
When clicked on finished. You have to edit the relay connector and go to security tab.
Select the option “Anonymous users”.
Click on Save..
Now you have to open a powershell CLI of exchange on the exchange server ( with administrative rights ).
Get-ReceiveConnector “Receive Connector Name” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”
Exchange 2013 mailbox move stuck at StatusDetail FailedOther
You have to remove the current move request and resubmit:
Remove-MoveRequest -Identity userID
New-MoveRequest -Identity “userID” -TargetDatabase “Mailbox Database 0422167200” -BatchName “userID” -BadItemLimit “200”
Perform a full backup on Exchange to purge logs
1. Open Command prompt as Administrator
2. Launch Diskshadow
A.Add volume d:
B.(optional, add one line for each additional drive to include) Add volume X:
C.Begin Backup
D.Create
E.End Backup
3. At this step you should notice the following events in the application log indicating that the backup was indeed successful and logs will now be deleted.
Here’s some screenshots from the process:
Command prompt
Event Log
101 Free Network Monitoring Tools
http://www.gfi.com/blog/101-free-admin-tools/
How to configure Exchange to redirect OWA HTTP requests to HTTPS requests in IIS 7
To enable SSL redirection to the OWA virtual directory, follow these steps:
- Start IIS 7 Manager.
- Expand the server, expand Sites and select the Default Web Site.
- Double-click HTTP Redirect.
- Select the Redirect requests to this destinationcheck box, and then enter /owa.
- Select the Only redirect requests to content in this directory (not subdirectories)check box.
- Select Found (302) from the Statuscode drop-down list.
- Click Apply to save the settings.
Note The changes that you made to the Default Web Site will propagate down to the virtual directories for that site. - Expand the Default Web Site.
- Select the aspnet_client virtual directory.
- Double-click HTTPRedirect.
- Clear the check box for Redirect requests to this destination.
- Click Apply to save the settings.
- Repeat steps 9-12 for the following virtual directories:
- Autodiscover
- Ecp
- EWS
- Microsoft-Server-ActiveSync
- OAB
- Owa
- PowerShell
- PowerShell-Proxy
- Rpc
How to renew a self signed certificate in Exchange Server 2007
The Exchange 2007 self signs a certificate when the server role is first added for all the Exchange services that run in unison with IIS (smtp & owa etc). The certificate expires after one year from the date the server was first installed or the date the certificate was assigned manually.
First, check the status of the certificate by opening the Exchange Management Shell and executing the command ‘Get-ExchangeCertificate |FL’ – this displays all information about the currently assigned certificates and the status of each certificate.
It is common that they may be more than one certificate listed in the display – if that is the case, find the certificate that shows an expired date in the field ‘NotAfter‘ – as this defines when each certificate becomes invalid/expired. An expired certificate may cause problems such as connectivity to web services, SMTP transport and Outlook prompting certificate security warnings.
Use the following steps to generate a new certificate and enable it to run IIS services:
1. Type ‘Get-ExchangeCertificate |FL’ – This only lists details of certificates that are assigned to Exchange Services. Then note down the Thumbprint of the expired certificate.
2. Then type ‘Get-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63” | New-ExchangeCertificate’ . This generates a new certificate, and you will then be prompted to confirm if you want to overwrite the expired certificate and use the new one for the SMTP service.
3. If you run the cmdlet in step 1 you will notice the new certificate is not used to secure IIS services anymore. Make a note of the new thumbprint and run the following command typing the new thumbprint between the quotation marks: ‘Enable-ExchangeCertificate – Thumbprint “7A843B04EA2865CA9E6C34B42329AEE4456F9013” –Services IIS’
4. Be sure to verify all the services are working correctly after renewing and enabling the certificate – test Outlook clients by closing and opening Outlook to esnure there are no security certificate warnings.
6. Finally, Remove the old certificate by typing the following cmdlet into the management shell: Remove-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63″.
Outlook Web Access with Internet Explorer 10
If you experience issues in Internet Explorer 10 logging in and accessing emails with Outlook Web Access try the following:
Run Outlook Web Access in Internet Explorer compatibility view and see if it helps.
a: Click Tools present at the top right corner in internet explorer.
b: Now Select Compatilbility view with the Website opened.
b: Now Select Compatilbility view with the Website opened.