by
Shijaz Abdulla on 14.11.2008 at 06:09
I am moving thousands of Exchange 2003 mailboxes to Exchange Server 2007 over this weekend. Most of these are student mailboxes which have been provisioned using another third party system. Due to a minor bug, the third party system added a trailing space to every student’s display name.
A trailing space is a whitespace at the end of the displayName string. This may look like a very small issue, but unfortunately Exchange Server 2007 is very fussy about such things:
The DisplayName property contains leading or trailing whitespace, which must be removed.
More of that… (ouch!)
Exchange 2007 would not let me move these mailboxes across from Exchange 2003 unless I correct the DisplayName property for all the mailboxes.
I have several thousands of mailboxes having an ‘inconsistent’ display name. Correcting each of these manually would have been a frustrating exercise – so I decided to coin my own PowerShell command to remove leading/trailing spaces from all mailboxes in a given mailbox database. 
get-mailbox -Database ‘SERVER\MailStore’ -ResultSize 4850 | Foreach { Set-Mailbox -Identity $_.Identity -DisplayName $_.DisplayName.Trim() }
where SERVER is the Exchange 2003 server hosting the mailboxes you want to modify, MailStore is the Mailbox store on that server containing those mailboxes. I set the ResultSize to 4850 because I have more than 4000 mailboxes and by default the get-mailbox command fetches only 1000.
by
Shijaz Abdulla on 10.11.2008 at 09:35
Mainstream support for Exchange Server 2003 will end on April 14, 2009. This means that you cannot contact PSS for supporting problems on Exchange Server 2003 after this date, unless you sign up for ‘extended’ support at an additional cost.
Maybe this is a good time for organizations to seriously start thinking about upgrading to Exchange Server 2007 and make use of the new, advanced features.
For those who have made it to Exchange Server 2007 SP0, here is a shocker: Mainstream support for Exchange Server 2007 SP0 (i.e. Exchange Server 2007 with NO service pack installed) will end on January 13, 2009. Yes, that’s about two months from now.
For those who are still wary of installing SP1 on Exchange Server 2007, it’s time to take a call on the chicken-and-egg upgrade dilemma between Windows Server 2008 and Exchange Server 2007 SP1.
Some more information:
- Windows Server 2003 and Windows Server 2003 R2 will go out of mainstream support on July 2010.
- Windows XP will go out of mainstream support on April 14, 2009.
by
Shijaz Abdulla on 19.10.2008 at 11:09
Sometimes users may face problems logging in to new mailboxes created or moved in to Exchange Server 2007 when they use Outlook Web Access. Users may get error messages like the one below (abridged):
Request Url: https://webmail.company.com:443/owa/lang.owa
User host address: 192.168.x.x
Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.
Call stack
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on cs-ad-03.ad.hct.ac.ae. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
…
Here are some of the things that you may want to try out when you face this kind of a problem:
- Make sure that the user object is inheriting permissions from the parent object. To do this,
- Open ADUC.
- View > Advanced features
- Right click on the user choose Properties.
- On Security tab click Advanced
- Make sure that this object inherits permissions from parent object is checked.
- Click OK
- Try running the following Exchange Management Shell cmdlet:
Set-Mailbox "username" -ApplyMandatoryProperties
- Make sure SELF has permissions on the user account and the user mailbox.
- Make sure that there are no connectivity problems between Exchange Server and Active Directory. Also make sure that a GC is available.
by
Shijaz Abdulla on 27.09.2008 at 13:57
After I moved Blackberry-enabled mailboxes over from Exchange 2003 to Exchange 2007, there were no major problems as far as Blackberry was concerned – except that calendar items created on the blackberry devices did not get synchronized with Exchange/Outlook.
The primary reason for the problem is that Blackberry uses public folders to sync calendar items – and Exchange Server 2007 by default has no public folders!
To workaround the problem:
1 – Create a Public Folder database on the Exchange Server that has the mailbox server role installed.
2 – Link the Exchange Server 2007 mailbox database to the Public folder database you just created. To do this, open the properties of the mailbox database containing the blackberry user mailboxes and select the new public folder store in the Client Settings tab.
by
Shijaz Abdulla on 21.08.2008 at 11:44
I was amazed at the simplicity of configuring Outlook Voice Access (OVA) on Exchange Server 2007. You could be up and running with Exchange 2007 Unified Messaging in just a day.
Whatever the case may be, I will have to admit one fact: Microsoft has lived up to their ‘VOIP AS YOU ARE’ campaign. You practically don’t need any extra hardware as long as you have an IP telephony infrastructure in place – one that is not archaic, and you have a VOIP gateway that falls within the List of Supported IP Gateways for Exchange 2007.
Many VOIP hardware vendors have taken advantage of the release of the new Unified Messaging features in Exchange 2007, to push for upgrades and new installations of their own VOIP equipment/solutions. Some try to sell their own replacement for OCS (with voice integration), others try to bring add-ons or a replacement to the Office Communicator client. Some vendors even say that their hardware is necessary to "enable" the Exchange UM features. Others go a step ahead, and try to make an impression that its their hardware that’s doing the Voice access to email.
As far as configuration on your IP Gateway is concerned, the only thing you need to do to get OVA working is to configure the gateway to redirect the Subscriber Access Number (the phone number on which people dial in to OVA) to forward all calls to the IP Address of the Exchange 2007 Unified Messaging Server. In short, its like telling the telephony infra to just forward anything on the OVA phone number to the OVA server and stay put.
Here are the things that I had to do on Exchange Server 2007:
- Install Exchange Server 2007 UM role
- Create a UM Dial Plan
- Create a Unified Messaging Mailbox Policy based on the above dial plan.
- Create a UM IP Gateway, and set it to point to the IP Address of your VOIP Gateway
- Create a UM Hunt Group for the above UM IP Gateway
- Associate the UM Dial Plan with one or more Exchange UM Servers
- Enable Unified Messaging for one or more users
You don’t need to configure a UM Auto Attendant if you want to just enable Outlook Voice Access.
On our Mitel VOIP Gateway:
- Forward all calls incoming on the pilot number (our Subscriber Access Number extension) to the Exchange UM Server’s IP address.
Related Posts:
Outlook Voice Access Rocks!
Getting the Exchange UM Test Phone to work
Preparing for Unified Messaging, Part 1
Preparing for Unified Messaging, Part 2
Preparing for Unified Messaging, Part 3
Preparing for Unified Messaging, Part 4
by
Shijaz Abdulla on 21.08.2008 at 10:14
I’ve just enabled Outlook Voice Access here in HCT.
This comes after a day of testing with the UM Test Phone.
Outlook Voice Access is a new feature in Exchange Server 2007 that lets users dial a number from any telephone (anywhere in the world) to access their email, calendar, voicemail, and address book. Users dial a predefined phone number, and Exchange server answers the call. Users can login to their mailbox by entering their telephone extension number (stored in AD or Exchange) and their secret PIN number. The PIN number can be auto-generated or specified by the administrator for first time use. On the first use, users can be forced to change their PIN.
The menu is interactive and is speech enabled – you can actually say voice commands and Exchange will do things for you. It’s really exciting. Here’s a sample dialog between me and my server:
I dial the subscriber access number
Exchange Server: Welcome . You are connected to Microsoft Exchange. To access your mailbox enter your extension. To contact someone press the # key.
I enter my extension number
Exchange Server: Shijaz Abdulla, Please enter your PIN, then press the # key. If this is not your mailbox press the * key.
I enter my PIN and press the # key.
Exchange Server: You have no new voice messages and no new email messages. Please say voicemail, email, calendar, personal contacts, directory or personal options.
I wait for sometime and Exchange gives help on each of the above options.
Me: "Email"
Exchange Server: Opening your mailbox.
Exchange Server: First, a message from Saifudheen CEV, titled Test, arrived today at 9.56 AM
Hi Shijaz,
This is a test message
Saif
Me: "Next"
Exchange Server: "Next, a message from Varghese Varghese, titled Antigen uninstallation, arrived today at 9.49 AM
……"
Me: "Main Menu"
Exchange Server: "Sure. Please say voicemail, email, calendar, personal contacts, directory or personal options."
Me: "Calendar"
Exchange Server: "Sure. And which day shall I open?"
Me: "Today"
Exchange Server: "Opening today’s calendar"
First, a meeting that you organized from 10 to 10:30 titled "exam" with no location specified. You can say ‘Attendants details’, ‘Previous’, ‘First’, ‘Last’, or ‘More Options.’
Me: "Goodbye"
Exchange Server: "I heard you say Goodbye, do you want to end this phone call?"
Me: "Yes."
Exchange Server: Thank you for calling. Goodbye!
See the Call Reference Guide to see all the Voice navigation options.
This is certainly an Exchange Server feature that wont be missed by users. And it adds visibility for any Exchange 2007 Upgrade project – so consider enabling UM as part of your Exchange upgrade. The upgrade from Exchange 2003 to 2007 is not "just another email server upgrade"!
Related posts
Configuring Outlook Voice Access
Setting up the Exchange UM Test Phone
Preparing for Unified Messaging – Part 1
Preparing for Unified Messaging, Part 2
Preparing for Unified Messaging, Part 3
Preparing for Unified Messaging, Part 4
by
Shijaz Abdulla on 19.08.2008 at 17:02
I am done with the setting up of the Exchange 2007 messaging transport infrastructure and moved all the mailboxes at the main site to Exchange 2007. Now I finally can focus on the real charm of Exchange Server 2007 — Unified Messaging!
To start off, one needs to set up servers that run the Exchange 2007 Unified Messaging role. I’ve got two of these installed – running on Windows Server 2008 x64. I then configured the following:
- UM Dial Plans (with subscriber access numbers)
- UM Mailbox Policy
Next you need a client machine (PC with a sound card) to run the Exchange UM Test Phone application. Here’s the catch: If you’re running 64-bit version of Exchange Server 2007 (which you would, if it’s a production environment), you need a client machine running a 64-bit OS to run the test phone application. No, chances are that you cannot use one of your 64-bit servers, because they don’t usually have sound cards in them. If you try to run the test phone from the 32-bit OS or without all the files I mention below, the application crashes.
So, I set up the Windows Server 2008 x64 OS on a Dell Optiplex 755 and then installed drivers for the sound card. I disabled the Windows Firewall as well. I also disabled all unnecessary network cards. Next, I copied the whole \Exchange\Bin folder directly off the Exchange 2007 UM server and pasted it in a new folder on my test PC. Then I copied the contents of the \Exchange\Public folder too in the same folder. The \Exchange\Bin folder contains the test phone application (ExchangeUMTestPhone.exe file).
Then I ran the following commands in the command prompt, to enable the desktop experience:
ServerManagerCmd -i Desktop-Experience
A server restart ensued and then I opened the test phone application (ExchangeUMTestPhone.exe file). It started happily.
Let’s get back to the UM Server. On the UM server, you need to create a UM IP Gateway. Normally this should be your hardware VOIP gateway IP, but if you want to test with the UM Test phone, you need to set this to the IP of the test phone computer. Next, you create a UM hunt group, in which you specify the same gateway you created in the previous step.
- In the setup window, I entered the IP address of my UM server in the Server Address field
- SIP Port is 5060 (default)
- Call security is Unsecured in my case
- Logging options: Both
To test the Outlook Voice Access, simply click on the Call button (green handset icon) on the test phone. Exchange 2007 will answer your call, greet you and ask you if you want to open your mailbox or just reach another user by voice. Outlook Voice Access is so cool! It is an exciting experience.
Now that the Exchange UM server is tested and working fine, I will wait for our VOIP guys to create a hunt group for the subscriber access number so that calls made to our subscriber access number (a.k.a Exchange’s phone number) gets forwarded to the IP address of the Exchange UM server and we can go-live!
See the Call Reference Guide to know the Voice navigation options.
Related posts
Configuring Outlook Voice Access
Setting up the Exchange UM Test Phone
Preparing for Unified Messaging – Part 1
Preparing for Unified Messaging, Part 2
Preparing for Unified Messaging, Part 3
Preparing for Unified Messaging, Part 4
by
Shijaz Abdulla on 03.08.2008 at 14:00
I finally decided to switch off my Exchange 2003 Servers which handled relay requests from application servers. The Exchange Server 2007 hub transport servers would be entrusted with this task. I modified the DNS record so that all SMTP relaying will be directed to my Hub transport server.
However, once I did this, I found that most of my application servers could not relay messages that were destined for recipients outside the organization. A closer examination revealed that the hub transport servers were closing connections by returning a "550 5.7.1 Unable to Relay" error message.
Here’s what I did to workaround the problem.
I created a new SMTP Connector with the following properties:
The important bit is where you specify the remote servers that should be allowed to send mail via this connector. Although it’s tempting to add all IP addresses, make sure you add only your application server IP addresses here. Otherwise you’re gonna have a major email security problem!
In the authentication options, enable only TLS and Externally Secured. This is a method of re-assuring Exchange that email sent is externally secured and its okay to take it easy and accept email and that you totally trust these IP addresses.
Under Permission Groups, make sure you select Exchange Servers and Anonymous.
And you’re all set. The IP addresses that you specified on this connector will use this receive connector to relay messages internally and outside your organization.
by
Shijaz Abdulla on 30.07.2008 at 15:31
If you are using a third-party/home-grown application or script to provision user accounts and mailboxes, you can still create mailboxes by populating Active Directory attributes. The recommended way would be to use PowerShell aka Exchange Management Shell or the Exchange Management Console. However, this may not always be possible – so here’s something that I’ve tried and it works.
Please pay special attention to the disclaimer at the bottom of the page. This (and any other post) is my own view and not endorsed by Microsoft. Supportability of this method is at Microsoft’s discretion. You are on your own when it comes to risk. 
The following attributes need to be populated, just like earlier versions of Exchange Server:
- HomeMTA
- HomeMDB
- legacyExchangeDN
- msExchHomeServerName
In addition, the following "mandatory attributes" need to be added. To know the values for these attributes in your environment, see the values on existing mailboxes using ADSIEDIT.
- msExchVersion
- msExchMobileMailboxFlags
- msExchRecipientDisplayType
- msExchRecipientTypeDetails
If you prefer not to add the "mandatory attributes", you can always run the following Shell command, and Exchange will do that stuff for you.
Set-Mailbox <mailboxname> -applymandatoryproperties
by
Shijaz Abdulla on 24.07.2008 at 16:37
If you had to change the legacyExchangeDN for your users as part of a migration or other manual process, or even an error in your automated user provisioning software, there are certain things that you need to be aware of.
For one thing, cached Outlook ‘autocomplete’ entries will stop working. If a sender uses his Outlook autocomplete to select a user whose legacyExchangeDN has been recently changedand sends an email to a user, chances are that the mail will bounce with the following NDR:
Jack Rabbit
The recipient’s e-mail address was not found in the recipient’s e-mail system. Microsoft Exchange will not try to redeliver this message for you. Please check the e-mail address and try resending this message, or provide the following diagnostic text to your system administrator.
The first thing you need to do after changing the legacyExchangeDN is to initiate an Offline Address Book rebuild. The way out of this problem is to instruct the sender to first download the Address Book by doing a full Send/Receive. Then ask the sender to manually select the affected recipient from the Address book instead of using the cached Autocomplete.
This is because, in an Exchange organization, Outlook client autocomplete caches do not save the SMTP email address. Instead, it saves the X.500 address using the legacyExchangeDN attribute from Active Directory. And that’s exactly what you have changed!
Workaround:
There is another workaround to prevent the NDRs. This would be to enter the old value of the legacyExchangeDN attribute as an X.500 address for the user account. This is done by opening the user object’s Email Address properties –> Add a Custom Address –> Enter the old value of legacyExchangeDN as the address and the address type as "X500" without the quotes. The drawback of this method is that you are populating the user’s email address field with garbage, which you don’t need after a while but can’t remove because you are unsure if traces of the old entries in Outlook caches are gone!
< Previous postsNext posts >
