Category Exchange

Exchange Server Deployment Assistant

Here is another great tool from Microsoft. This is the Exchange Server Deployment Assistant. It is for Exchange 2010 deployments. It can assist you in creating a step by step plan for your Exchange deployment. It can help with On-premise, Cloud, or Exchange Hybrid deployments. This tool will also help you with upgrade scenarios.

Basically the tool will ask you a series of questions about your environment and how you want to setup Exch...

Read More

Restore Exchange 2007 using Windows Backup

When I first started working with Exchange I could not find any information that lays out step by step or in an easy to follow format on how to backup and restore mailboxes in Exchange 2007 that have been backed up by Windows backup that comes with Server 2008. I went through the hassle of figuring out these steps. I want to share these 5 steps through this blog post. In this post we are working on Small Business Server 2008 so everything is on the same server.

1. RESTORE THE STORAGE GROUP FROM BACKUP

  • Launch Windows Backup. Click on Recover and restore your Exchange data to an alternate location. Be sure to document the location you restore to. This is going to restore your Exchange .edb and all the log files. The steps in the wizard are below in the form of screen shots.

image

image

image

image

image

image

image

 2. CREATE A RECOVERY GROUP

  • Open Exchange Management Console. Go to Toolbox then Database Recovery Management. Now create a Recovery Storage Group. Leave the defaults.

image

image

image

3. COPY THE RESTORED STORAGE GROUP TO THE RECOVERY STORAGE GROUP FOLDER

  • Now navigate to the alternate location that you restored your Exchange backup to. Copy the .edb database and all the log files to the Recovery Storage Group directory. This will typically be named something like: RSG20101227144101 and will be located in: %systemdrive%\Microsoft\Exchange Server\Mailbox\First Storage Group. and rename the files. VERY IMPORTANT: Change the first letter of...
Read More

Move Exchange Stores & logs to a Different Disk

This blog is for those that have your Exchange stores and logs on the C drive and the c drive on your server is running out of space. You know you need to move them but you don’t know how. Well I will cover this in this blog step by step below.

NOTE: Here are a couple of things to note before going further:

  1. If your server is running out of space on the C drive check all possible areas and be sure Exchange is the culprit before moving its components around.
  2. Do not jump on the server and start manually deleting log files.
  3. This post is to be used before your disk is full or after you have recovered from a full disk disaster. If your disk is completely full now visit this link How to Recover from “Disk Full” on an Exchange Log Drive once you have cleared some space come back to this blog to move the log files and database store.
  4. Make sure you have a good backup of Exchange before following these steps.
  5. Use the below steps at your own risk.

MOVING THE DATABASE:

First off we are going to use the Move wizards in this post for both the logs and databases move. Using the wizards will simplify these tasks  and we like to keep things simple. If you would prefer to do this in PowerShell see the link at the end of this blog post.

  • Open “Exchange Management Console”.
  • Expand “Server Configuration”>Select “Mailbox” .
  • image
  • You should now see the “Database Management” tab in the lower center console.
  • Right click on each of the Storage groups and click “Move Database Path”.
  • image
  • Record the “Database file paths”.
  • Go to your new drive that you are going to move the store to and create a folder to move it to. I recommend that you create a similar path (folder structure) to the folder you are moving your store to. EXAMPLE: %newdrive%\Microsoft\Exchange Server\Mailbox\First Storage Group\.
  • No go back into “Exchange Management Console”>”Server Configuration”>“Mailbox”.
  • In the lower center console right click on the Storage group you want to move and click “Move Database Path”
  • Click the browse button and select the path to the folder you created in the previous step.
  • Once you have selected the path click the “Move” button.

image

NOTE: This next step will take your Exchange offline so your users will not have Exchange services until this process is complete. It is a best practice to plan for downtime when moving Exchange stores.

  • Immediately you will get a popup that warns you that the Exchange store database has to be dismounted during this process. Just click yes to continue.

image

  • Now the move will take place. Be patient as this usually takes a while. The time it takes to complete depends on the size of your Exchange database and number of users. You will see a progress bar during the move.

image

  • Once it is done you will see a completed status...
Read More

How to increase session timeout in Exchange 2007

On a network I administer some of the end users wanted the session timeout in OWA to be longer so they don’t have to keep logging in after being idle for a while. This is an Exchange 2007 environment. This setting is stored in the registry on the Exchange server with the Client Access Server (CAS) role installed. There is two ways to modify this setting. One of course is to go into the registry and add the key for this value and set this value to the amount of time you want the session timeout to be.  The second way to set the session timeout is a by running a PowerShell command.

 

NOTE: The session timeout is set in seconds for example 1800 seconds = 30 minutes.

 

Option #1

1. Log on to the Exchange server as an Administrator.

2. Start the registry editor (regedit.exe).

3. Navigate to the Hkey\Local Machine\SYSTEM\CurrentControlSet\Services\MSExchange OWA subkey.

4. From the Edit menu, select New – DWORD value.

5. Enter a name of TrustedClientTimeout and press Enter.

6. Double click on the new value you just added and set it to the amount time you want the session timeout to be, set the type to decimal, and click OK.

7. Now you have to reset IIS. Open a command prompt and type: iisreset /noforce

 

Option #2

1. Log on to the Exchange server as an Administrator.

2...

Read More

Step-by step guide on how to protect your network from spam

Intro

Spam, or more accurately Unsolicited Commercial Email, is still on the rise, with some estimates measuring it at 90% of all email traffic. It’s a nuisance for users, a storage nightmare for admins, and often a vector for phishing attacks and malware. Using a defense in depth approach, this article provides steps an email administrator can take to protect their network from spam.

Step one-user training

Users should be educated on how their actions can lead to or reduce the amount of spam destined for their inbox. Using corporate email for personal use, subscribing to mailing lists, registering their email address for promotions and giveaways, and forwarding chain mails are all vectors that can lead to spam. Consider disabling html support to prevent downloads that can confirm an address is valid, as well as to reduce the risk of email based malware.

Step two-web content

Spammers frequently scan websites looking for embedded email addresses in contact information. Raise awareness with your web developers and establish a policy that all email addresses in web pages should be masked using JavaScript or other encoding that allows a person to click or read the address, but makes it more difficult for a spider to harvest it. Use contact forms when possible instead of displaying email addresses.

Step three-tighten up your SMTP gateway

Disabling the verify command (VRFY) on your SMTP gateway makes it that much harder for spammers to check for valid email addresses. If supported, implement a delay before your server responds to a request with its banner. Legitimate email servers will wait for the 220 response before trying to send email, while many programs/scripts used by spammers will not. Your server can then drop email from this misbehaving sender. If your SMTP gateway supports Quit detection, configure it to drop email that it receives from a host that don’t close the session properly. Legitimate email servers end a session with the QUIT command, but many programs/scripts used by spammers don’t.

 

Step four-Check for MX and SPF records

Email servers that can receive mail should all have valid MX records in DNS. Those that send email should also have SPF records. Sender Policy Framework (SPF) records are txt records in a DNS zone that list servers authorized to send email on behalf of a domain. Configure your SMTP gateway to check for MX and SPF records when accepting an email to verify the sending domain of the from address matches what is in DNS. You may have to soft fail some messages until SPF gains in popularity, but this can help later lines of defense to identify spam.

Step five-Configure limits on your incoming SMTP gateway

Configure your email se...

Read More

Free Relay and SPAM Filter

May of 2009 I posted a blog on how to Setup Exchange 07 using a Dynamic IP (click here to read it). In this article I suggested a paid email relay service. At the time I was not able find a free email relay but now I have found a free email relay service. This service is www.mxguarddog.com.

 

It is not only email relay but a SPAM filter as well. I stumbled upon this looking for a free SPAM filter service for one of my clients...

Read More

Access Window shares in OWA

You can access window network shares through Outlook Web Access (OWA).

 

You need to allow the servers you want users to access first or you will see an error. The error is:  For security reasons, Outlook Web Access is configured to prevent access to this type of document or folder. For more information, contact technical support for your organization.”

 

  • How to add server shares in Exchange:

 

Open Exchange Management Console and expand Server Configuration –> select Client Access Server.  Then right click on the OWA directory –> Select Properties.

 

 

 

On the Remote File Servers tab click the Allow button to configure the server/s with the shares.

 

 

 

 

In the Allow List window type in the server name you want your users have access to. Click add to add it to the list and click ok.

 

  • How to access the file share/s in OWA:

Go to your OWA site it will have a URL similar to this mail.yourdomainname.com/owa

 

On the lower left hand side click on Documents

 

   

On the upper left hand side click on Open Location

 

 

 

A window will pop up. Type the UNC to the server share you want to access like in the picture.

 

 

 

Once you click open you will see all the...

Read More

Exchange 07 backup with DPM 07

I recently had the task of backing up Exchange 2007 using DPM 2007. I added the DPM agent to the Exchange server just fine. When I modified the protection group to add my storage groups I got an error saying I needed the eseutil.exe and ese.dll on the DPM server. I got these off my Exchange server and copied them to the DPM bin folder (C:\program files\Microsoft DPM\DPM\bin\). This took care of that error...

Read More

Source: MSExchange ADAccess Event ID: 2114

At a client’s site they had Small Business Server 2008. For some reason Exchange 2007 was no longer working after they ran some windows updates on SBS 2008 and did a reboot. The information store service would no longer start. I checked event logs and saw this “Source: MSExchange ADAccess Event ID: 2114“. After doing some research I found out that if you disable IPv6 it will cause this error. Sure enough they had disabled IPv6.

I r...

Read More

Install certificate in Exchange 2007

 I recently had to renew my Exchange certificate as it expired. The original admin that set up this Exchange bought the previous certificate from Digi. I decided to go with Startcom (Free SSL) as I have used them once before in an OCS deployment and they worked out well. Exchange is a little different in that you must use Exchange management shell (PowerShell) during the process of installing a certificate for Outlook Web Access (OWA). I am going to cover 5 steps to installing a certificate Exchange for OWA.

 To Open Exchange Management Shell: Go to START >>Programs>>Microsoft Exchange Server 2007 >> Exchange Management Shell

 

This is the management shell

 

Step1 – Generate Certificate Request in Powershell:

New-ExchangeCertificate -GenerateRequest -Path c:\myReq.csr -KeySize 1024 -SubjectName “c=GB, s=Middx, l=MyCompany, ou=IT, cn=mail.domain.com” -PrivateKeyExportable $True

Output should look like this:  

 

Step2 – Get the certificate request approved by a Certificate Authority:

You will see the generated certificate request looks like this inside if you were to open it in notepad.

—–BEGIN NEW CERTIFICATE REQUEST—–
MIIC1zCCAkACAQAwWDEYMBYGA1UEAwwPbWFpbC5kb21haW4uY29tMQswCQYDVQQL
DAJJVDESMBAGA1UEBwwJTXlDb21wYW55MQ4wDAYDVQQIDAVNaWRkeDELMAkGA1UE
BhMCR0IwgZ8wDQYJKoZIhvcNAQEBBQADg...

Read More