Author Archives: Michel de Rooij

Unknown's avatar

About Michel de Rooij

Michel de Rooij, with over 25 years of mixed consulting and automation experience with Exchange and related technologies, is a consultant for Rapid Circle. He assists organizations in their journey to and using Microsoft 365, primarily focusing on Exchange and associated technologies and automating processes using PowerShell or Graph. Michel's authorship of several Exchange books and role in the Office 365 for IT Pros author team are a testament to his knowledge. Besides writing for Practical365.com, he maintains a blog on eightwone.com with supporting scripts on GitHub. Michel has been a Microsoft MVP since 2013.

(Re)configuring IM Integration

Posted on by
10

Last Update: August 16th, 2016.

powershellNote: The procedure has changed for Exchange 2016, which can use overrides to make this setting persistent. For these instructions, consult this article.

Anyone who has configured Exchange 2013 IM integration with Lync Server at some point has to modify the web.config file on the Mailbox servers to configure OWA with the proper certificate for enabling IM. Another thing (read: nuisance) is that when you have configured IM integration and you apply a Cumulative Update to Exchange 2013, the web.config will be overwritten, in which case you need to reapply those changes to the web.config file.

This is where the script Configure-IMIntegration.ps1 might come in handy.

Requirements
Using the script requires Exchange 2013 and Lync Server. You need to provide the Lync pool and the Mailbox server you want to configure needs to have a valid certificate assigned to IIS (or UM) service. The script will modify the web.config remotely using the system share (e.g. C$), using the location of the Exchange installation, and uses WMI to recycle the OWA Application Pool in IIS. It will create a backup of the web.config before modifying it.

Note that the script does not perform the following steps:

  • It does not perform the Lync Server parts to configure IM integration, e.g. configure Exchange as a trusted application.
  • It does not configure Lync Server as an partner application for Exchange (Configure-EnterprisePartnerApplication.ps1).

Usage
The script Configure-IMIntegration.ps1 uses the following syntax:

.\Configure-IMIntegration.ps1 [-Server <String>[]] -PoolFQDN <String> [-AllCAS] [-AllMailbox] [-UM] [-Thumbprint <String>]

A quick walk-through on the parameters and switches:

  • Server specifies the server(s) to configure. When omitted, it will configure the local server. This parameter is mutually exclusive with AllMailbox.
  • AllMailbox switch specifies to configure all Mailbox servers. This switch is mutually exclusive with Server.
  • AllCAS switch specifies to enable IM integration on all Client Access servers.
  • PoolFQDN specifies the FQDN of the Lync Pool to use. This parameter is required.
  • UM specifies that the script should look for a certificate assigned to UM services instead of IIS (default).
  • Thumbprint to manually specify the thumbprint of the certificate to use.

So, suppose you want to quickly reconfigure IM integration on a Mailbox server after applying a Cumulative Update, you can use:

.\Configure-IMIntegration.ps1 -PoolFQDN lync.contoso.com –Server exchange01.contoso.com

image

Or, you can quickly configure Mailbox servers and CAS servers for IM integration after performing the required steps to configure the trusted application settings and installing and assigning the certificate for UM:

.\ Configure-IMIntegration.ps1 -PoolFQDN lync.contoso.com -AllMailbox –AllCAS

image

Also, in the example above, the CAS servers had already been enabled for IM.

Download
You can download the script from the TechNet Gallery here.

Feedback
Feedback is welcomed through the comments. If you got scripting suggestions or questions, do not hesitate using the contact form.

Revision History
See TechNet Gallery page.

Book: Pro Exchange 2013 SP1 PowerShell Administration

Posted on by
3

As some of you may have noticed, it has been a bit more quiet here than it used to be. Well, the reason for that, after several months of collaborative hard work, blood, sweat and tears, is finally here (and in stores just in time for the Holidays): A book titled Pro Exchange 2013 Service Pack 1 PowerShell Administration!

2013pa

Together with fellow Exchange MVP Jaap Wesselius, we will talk you through topics such as:

  • Deployment and co-existence scenarios.
  • The Client Access Server role and topics such as namespaces, certificates, load balancing, and publishing.
  • The Mailbox Server role and topics such as managing mailboxes, distribution lists and recipients, message transport
  • High availability topics like Database Availability Groups and Client Access and Transport availability.
  • Message Hygiene using the Edge Transport server role and anti-spam features.
  • Backup, Restore and Disaster Recovery, including the backup-less’ Native Data Protection scenario.
  • Unified Messaging features and integration with IP telephony solutions such as Microsoft Lync Server.
  • Compliance features like In-Place Archiving and MRM, In-Place Discovery, In-Place Hold, Data Loss Prevention including fingerprinting, and auditing.
  • Role-Based Access Control model and Split Permissions model for organizations that require this.
  • Office 365 and Exchange Online (EXO) scenarios, federating organizations, directory synchronization, ADFS and Multi-Factor Authentication, as well as basic tasks like onboarding and offboarding mailboxes.

Our 600+ page book will take a PowerShell-first approach when talking about Exchange Server 2013. You can order the book from Amazon here.

I have also added it to the book page here, which also contains other useful books when you want to learn about Exchange or related technologies like PowerShell, Active Directory or Lync Server.

Outlook 2010 gets MAPI/http support

Posted on by
5

Office-2010-Outlook-Icon[1]Update: Hotfix KB2899591 pulled in Dec2014 due to possible issues, replaced in Jan2015 by KB878264.

A quick heads-up today as the recently released KB878264 hotfix adds MAPI/http support for Outlook 2010 clients. This will benefit organizations using Exchange 2013 SP1 or later considering switching from RPC/http to MAPI/http. The KB article includes details on additional fixes that are included in this hotfix as well.

You can request the hotfix for x86 and x64 versions of Outlook 2010 here.

Links to background information on MAPI/http, its impact on client performance, and impact on network traffic in an earlier blog post here.

Exchange 2013 Cumulative Update 7

Posted on by
1

Ex2013 LogoToday, Cumulative Update 7 for Exchange Server 2013 was released by the Exchange Team (KB2986485). This update raises Exchange 2013 version number to 15.0.1044.25.

Note: Customers that run backups of their Exchange databases are advised to upgrade to CU7 and perform a post-upgrade full backup. This is due to a race condition which could prevent proper restoration of pre-CU7 Exchange databases.

This Cumulative Update contains a security update to fix a potential elevation of privilege issue (bulletin MS14-075), as well as the following fixes:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014
  • 3012655 New-MailboxImportRequest causes unreadable characters when you import an ANSI format .pst file of Russian language
  • 3012652 CalendarProcessing cmdlet does not generate delegate permissions to universal security groups in Exchange Server 2013
  • 3009631 Advanced Find against the Sent Items folder in Outlook returns no result in Exchange Server 2013
  • 3009612 Outlook Web App shows organization details on the contact card beyond the scope of user ABP in Exchange Server 2013
  • 3009291 Shared mailbox cannot be opened in Outlook in an Exchange Server 2013 environment that has multiple domains
  • 3008453 Cannot edit or delete forms from the organizational forms library in Exchange Server 2013
  • 3008438 User who is trying to Log on to Exchange Admin Console is logged in to OWA instead
  • 3006672 Move request fails if the IsExcludedFromProvisioning option is true in Exchange Server 2013
  • 3005391 Exchange Server 2013 Cumulative Update 5 breaks free|busy lookup from Exchange Online to Exchange Server 2007
  • 3003986 RejectMessageReasonText in transport rule appears in the user section of a DSN in Exchange Server 2013
  • 3001217 TLS 1.0 is hardcoded for SMTP traffic encryption in Exchange Server 2013
  • 3001037 Distribution group cannot send email messages to a mail enabled public folder in an Exchange Server 2013 environment
  • 2999031 A cross-forest mailbox move from Exchange Server 2007 to Exchange Server 2013 finishes with CompletedWithWarnings status
  • 2998144 New-MoveRequest cmdlet with RemoteLegacy parameter cannot perform a cross-forest mailbox move
  • 2988553 Add-ADPermission and Remove-ADPermission can be run outside the management scope in Exchange Server 2013
  • 2981538 Exchange Control Panel crashes when you proxy from Exchange 2013 to Exchange 2010
  • 3014051 Cannot migrate mailboxes in a multiple domains environment in Exchange Server 2013
  • 3012986 ContentIndexRetryQueueSize value for a passive node never drops to zero in Exchange Server 2013 Cumulative Update 6
  • 3004011 Sound alerts do not work in Outlook Web App when new email or calendar notification is received in Exchange Server 2013
  • 3003580 Event ID 4999 and 4401 when the Microsoft Exchange Replication service crashes in Exchange Server 2013
  • 3003518 “550 5.7.1” NDR when you send messages to external recipients in an Exchange Server 2013 hybrid environment
  • 3003068 Cannot see online archive mailbox after you upgrade to Exchange Server 2013 Cumulative Update 6
  • 3000944 Subfolders under the Deleted Items folder are not visible in Outlook in an Exchange Server 2013 environment
  • 2997847 You cannot route ActiveSync traffic to Exchange 2007 mailboxes after you upgrade to Exchange 2013 CU6
  • 2997355 Exchange Online mailboxes cannot be managed by using EAC after you deploy Exchange Server 2013 CU6
  • 2997209 Exchange Server 2013 databases unexpectedly fail over in a co-existence environment with Exchange Server 2007
  • 2995263 OAB cannot be rebuilt if the .flt file is larger than two GB in Exchange Server 2013
  • 2994216 PublicFolderMoveRequest deletes all read or unread state in target mailbox for each user in Exchange Server 2013
  • 2993871 Resource Booking Assistant crashes after you upgrade to Exchange Server 2013 Cumulative Update 5
  • 2983216 Category setting on an item in Outlook jumps the selection to the top of the list in an Exchange Server 2013 environment
  • 2931223 MAPI virtual directory is missing from Default Web Site node

Notes:

  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to stay current.
  • CU7 adds support for hierarchies containing 250,000 modern public folders. Consult this article for co-existence scenarios.
  • Be advised of OAB architectural changes introduced with CU5 which are documented here. If you are affected, it is recommended to update CAS servers prior to Mailbox servers.
  • If you have installed the Interim Update to fix Hybrid Configuration Wizard, you can install the Cumulative Update over it – there is no need to uninstall the IU prior to installing CU6.

This Cumulative Update includes schema and AD changes, so make sure you run PrepareSchema / PrepareAD. After updating, the schema version will be 15312. If you want to speed up the process, you can temporarily disable certificate revocation checking as described here.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM or Service Packs prior to installing Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

You can download Exchange 2013 Cumulative Update 7 here; UM Language Packs can be found here.

Exchange 2010 SP3 Rollup 8v2

Posted on by
4

Exchange 2010 Logo

UPDATE (December 12th, 2014): Exchange 2010 SP3 Rollup 8 v2 is released, addressing the issue mentioned below in the initially published version. The new version number is 14.3.224.2 (was 14.3.224.1). You can download RU8v2 here.

UPDATE (December 10th, 2014): Exchange 2010 SP3 Rollup 8 has been pulled after discovery of Outlook MAPI issues. It is currently recommended not to deploy RU8 and when you have installed RU8, to revert to RU7 to prevent walking into this issue. Other protocols, such as EAS or IMAP4, as unaffected which is why you might not encounter this problem immediately.

Today the Exchange Team released Rollup 8 for Exchange Server 2010 Service Pack 3 (KB2986475). This update raises Exchange 2010 version number to 14.3.224.1.

This Rollup contains a security update to fix a potential elevation of privilege issue (bulletin MS14-075), as well as the following fixes:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014
  • 3009132 Hybrid mailbox moves to on-premises environment but finishes with CompletedWithWarnings status
  • 3008999 IRM restrictions are applied to incorrectly formatted .docx, .pptx, or .xlsx files in an Exchange Server 2010 environment
  • 3008370 Group members are not sorted by display name when HAB is used with OAB in Exchange Server 2010
  • 3008308 Public folder database migration issue in a mixed Exchange Server environment
  • 3007794 Hub Transport server cannot deliver messages when a database fails over to a cross-site DAG in Exchange Server 2010
  • 3004521 An Exchange server loses its connection to domain controllers if a public folder server is down in Exchange Server 2010
  • 2999016 Unreadable characters when you import ANSI .pst files of Russian language by using the New-MailboxImportRequest cmdlet
  • 2995148 Changing distribution group takes a long time in an Exchange Server 2010 environment
  • 2992692 Retention policy is not applied to Information Rights Management protected voice mail messages in Exchange Server 2010
  • 2987982 Issues caused by ANSI mode in Exchange Server 2010
  • 2987104 Email message is sent by using the “Send As” instead of “Send on Behalf” permission in Exchange Server 2010
  • 2982017 Incorrect voice mail message duration in Exchange Server 2013 and Exchange Server 2010
  • 2977279 You cannot disable journaling for protected voice mail in Exchange Server 2013 and Exchange Server 2010

Notes:

  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • If you got a DAG and want to properly update the DAG members, check the instructions here.
  • Rollups are cumulative per service pack level, i.e. they contain fixes released in earlier update Rollups for the same product level (RTM, SP). This means you don’t need to install previous Rollups during a fresh installation but can start with the latest Rollup package.

As with any Hotfix, Rollup or Service Pack, I’d recommend to thoroughly test this rollup in a test and acceptance environment first, prior to implementing it in production.
You can download Exchange 2010 SP3 Rollup 8 here.