Archive for the ‘Microsoft Exchange’ Category

Good Day to All, I was asked to create Contact Cards in Microsoft Exchange 2010, now this seems like an easy task in the EMC (Exchange Management Console) but when you have 2,000 contacts to create, EMC doesn’t seem much fun after all. Scripting power! I went to Microsoft Website and got some information on how to do it.




“New-MailContact -ExternalEmailAddress -Name [-Alias ] [-ArbitrationMailbox ] [-Confirm []] [-DisplayName ] [-DomainController ] [-ExternalDirectoryObjectId ] [-FirstName ] [-Initials ] [-LastName ] [-MacAttachmentFormat ] [-MessageBodyFormat ] [-MessageFormat ] [-ModeratedBy ] [-ModerationEnabled <$true | $false>] [-Organization ] [-OrganizationalUnit ] [-OverrideRecipientQuotas ] [-PrimarySmtpAddress ] [-SendModerationNotifications ] [-UsePreferMessageFormat <$true | $false>] [-WhatIf []]”

after a little fine tuning it ended up like this: “Import-CSV Contact-Card.csv | ForEach-Object {New-MailContact -Name $_.Name -ExternalEmailAddress $_.ExternalEmailAddress -OrganizationalUnit $_.OrganizationalUnit -WhatIf}

Let’s break it down:

  1. Import-CSV Contact-Card.csv (where contact-card.csv is the file where we have the information we want to import.
  2. | ForEach-Object {                        (Since we’re doing batch it’s going to execute the command for each record)
  3. New-MailContact                          (Power Shell command to create a mail contact)
  4. -Name $_.Name                            (Exchange Field and Colum name match on csv)
  5. -ExternalEmailAddress $_.ExternalEmailAddress         (Exchange Filed and Column name match on csv)
  6. -OrganizationalUnit $_.OrganizationalUnit               (Exchange Filed and column name match on csv)


Now the “-WhatIf” at the end of the command will show us a preview of the outcome, once were are ready to execute the command in Production, remove the -WhatIF

After a while, all 2000 contact cards were created…. Next o the Agenda… Script to Forward emails to the created contact cards…





How to Check and Exchange Mailbox for corruption

About a year ago I was migrating exchange 2003 mailboxes to Exchange 2010, after all is working a received a complaint from a user that emails, calendar were not available. I began troubleshooting and after checking the EMC (Exchange Management Console) that particular mailbox had a lot of corrupted items that did not migrate. I proceeded to check mailbox corruption:

  1. Open Exchange Management shell Exch-Management-Shell
  2. Run command:
    1. New-MailboxRepairRequest -mailbox <mailbox alias> -CorruptionType AggregateCounts -DetectOnly
    2. New-MailboxRepairRequest -mailbox <mailbox alias> -CorruptionType FolderView –DetectOnly
    3. New-MailboxRepairRequest -mailbox <mailbox alias>  -CorruptionType SearchFolder –DetectOnly
    4. New-MailboxRepairRequest -mailbox <mailbox alias>  -CorruptionType ProvisionedFolder –DetectOnly

To actually repair them run the commands without the -DetectOnly.


I recently posted on how to assign a CAS to Exchange Databases, but some were asking me how to view where the database is assigned at first hand:

  1. Open Exchange Management ShellExch-Management-Shell
  2. Execute command Get-MailboxDatabase <DB name> | fl RpcClientAccessserver where <DB name> is the name of the Database
  3. Press enter and you should get the information you needGet-MailboxDB-CAS


Set Mailbox Database connect to specific CAS – Exchange 2010

I recently found myself in a client that needed Exchange Database mailboxes to connect to a specific CAS. Reasoning behind it is that all users could not reach all the CAS servers, so instead of letting Exchange Services decide where to Connect your MS Outlook we would have to direct assign.

The Power Shell command looks something like this:

Set-MailboxDatabase <Mailbox Database Name> -RpcClientAccessServer <ClientAccessServer or ClientAccessServerArrayID>

Where Mailbox Database =  TEST and the CAS you want to assign it = CAS3

Set-MailboxDatabase TEST -RpcClientAccessServer CAS3


Repeat for every database you want to attach to a specific CAS, then you are done, MS Outlook should now connect to their assigned CAS.


Recently I had the mission of connecting Outlook 2010 for MAC  to Microsoft Exchange Server 2010, for Administrators who connect their CAS to an appliance firewall you will have no issues whatsoever, for those like me who still use Microsoft Threat Management Gateway [TMG] 2010, you will run into a few issues, but the task I simpler than you think.

1. Go to your TMG 2010 server and Open Forefront TMG Console

2. Make a Copy of rule you created to publish Outlook Web App and Save it with another name [EWS & Autodiscovery for Mac]

3. Open the new rule and go directly to the Paths tab:

Delete all paths except: /ews/* and /autodiscovery/

4. Then go to the Authentication Delegation tab:

Select “No, delegation, but client may authenticate directly”

5. Click Apply and OK on the new rule Properties page

6. Click Apply for the modifications on the TMG Console

7. move the new rule “EWS & Autodiscovery for Mac” above your original rules where you published Exchange 2010.

8. Click Apply for the modifications on the TMG Console

I a couple on minutes you will have you Microsoft Outlook for Mac users connecting without issues to your Microsoft Exchange Sever.

I was recently found myself with a couple of calls from Tier 1 Support Team that random Users were unable to use MS Outlook.

I followed standard procedure and asked for a “Clear definition of the problem”, the response was: “The connection to Microsoft exchange is unavailable. Outlook must be online or connected to complete this action”


I quickly connected to one of the workstations of the affected user and did some basic troubleshooting:

1. Went to Control Panel and created a new Mail Profile

and BAM!, the automatic discovery did not kick in as it always does, and it was prompting for credentials.

2. Input the credentials DOMAIN\%USERNAME% and the password, clicked on Save password and it started to connect

and BAM!, the user is not found.


3. I modify the Microsoft Exchange Server name to my secondary Exchange CAS Server, click on check name and it finds the user and changes the Server backup to EXCHANGE-CAS.DOMAIN.COM

4. I think to myself,  I’m in the clear it went through, but why didn’t Auto discovery  work, and why do I have to manually workaround it? E-mails begin to download everything seems good and then BAM! Address Book throws error: “The connection to Microsoft exchange is unavailable. Outlook must be online or connected to complete this action” .

I asses the situation:

1. Random users (from Site 1) have issues connecting to the primary CAS Server

2. Random users (from Site 2) have issues connecting to the primary CAS Server

3. Checked Outlook connectivity, everything is OK

4.  Event Logs on primary CAS and affected workstations, No errors

5. I go to Primary CAS Server to Exchange Management Shell and verify which database is using what CAS server: Get-MailboxDatabase |select name, RpcClientAccessServer

6. Using command Set-MailboxDatabase -identity <databasename> -RpcClientAccessServer <CASServerName>, and I assign another CAS to the database where the random users are experiencing issues.

7. I call Tier 1 Support Team and ask them to have the users close and reopen MS Outlook.

8. Issue was resolved.

9. I then checked the primary CAS did a thorough check, fixed some issues on it rebooted and it was working perfectly again .

Active Directory operation failed on This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

I recently found myself with a dilemma, I have an Exchange 2003 and Exchange 2010 environment, and about a week ago, both exchange servers started to have issues with creating mailboxes, updating OAB, etc.  I started to troubleshoot the basics “permissions”. These kind of issues normally indicates “permissions”, open Active Diretory Users and Computers, and under view select Advanced Features,1 then right click your Domain and select Properties afterwards got to the Security tab and it will take you to this section. 2Now it is very important that if the “Include Inheritable permissions from this objects parent” is cheked you uncheck it Apply setting, then go back check it and Apply agaain, ensuring that permission will get re-applied. If this doesnt’ work then you could also go to the System Folder on your domain:

4right click, and select properties on AdminSDHolder and verify that  “Include Inheritable permissions from this objects parent” is cheked.

Now if you still get:

Active Directory operation failed on This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

there is still hope, now this is what worked for me, from Exchange Server

1.  insert the Installation dvd for Exchange 2010

2.  open command prompt

3.  change directory to the Exchange setup dvd

4. execute the following command : Setup /PrepareAD


this command will run the ForestPrep and Domain Prep for Exchange Environment, and will re-add all the permissions to the Forest and Domain.

After this all should be working as it was before.