by Jason Prahl | Oct 16, 2015 | Computer Tips, Microsoft Exchange, Microsoft Windows
When trying to open attachments using Internet Explorer from within Outlook Web Access users were only able to save the attachments.
It was not allowing them to just open them.
This fixed it:
In IE to Internet Options > Advanced > in the security part uncheck “Do not save encrypted pages to disk”.
by Jason Prahl | Jul 21, 2014 | Blog, Computer Tips, Microsoft Exchange
I have an Exchange mailbox with several other mailboxes that it has full permissions on.
Exhange 2010 or 2013, I don’t remember which, added a feature that adds the mailboxes to Outlook automatically.
So, instead of having to go to account settings and navigating to advanced settings and manually adding additional mailboxes to open it does it for you.
That’s great except when you don’t want them to or when you remove the full access permissions and it decides to stay in Outlook.
To remove a mailbox that keeps showing up even though you’ve removed the Full access permissions. Open Active Directory Users and Computers find the users account. Click on Attribute Editor. Scroll down the list until you find msExchDelegateListLink and remove the user account you don’t want the mailbox showing up in.
You can also turn off Exchange auto mapping on individual accounts.
This will give Administrator full access on the TheUser account without automatically adding it to Outlook:
(so you will have to manually add the account in account settings, open these additional mailboxes)
Add-MailboxPermission -Identity TheUser -User ‘Administrator’ -AccessRight FullAccess -InheritanceType All -Automapping $false
by Jason Prahl | Oct 8, 2013 | Blog, Microsoft Exchange, Software
We use Exchange 2013 and Outlook 2010 at my work. I had a few people trying to share their calendar to others in the organization.
When they tried this they received the following error message:
“Calendar sharing is not available with the following entries because of permission settings on your network.”
Well I’m the network and Exchange admin and I know I haven’t intentionally setup anything to block sharing of calendars. After a bit of playing around I found a strange but easy fix.
When you select the person you want to share the calendar with make sure you click the to button and select the person you want to share with from the global address list.If you simply start typing the users name in the to box you’ll get Outlook’s cached version of a user and that will give you the permissions error.
I found this issue to be present in Outlook 2010 as well as Outlook 2013.
by Jason Prahl | Feb 10, 2012 | Blog, Microsoft Exchange
After a report from a user that they were not able to get an email from someone I started poking into the exchange log files and quickly noticed multiple lines that read: 452 4.3.1 Insufficient system resources.
I checked memory, networking, CPU usage and finally hard drive space. All seemed fine though my C drive only had about 1.95gb free. I figured that didn’t sound like a lot but my mailbox databases are on a different drive that has 250gb free. After a bit of research I found that Exchange 2007’s mail queue folder is by default on the C drive and will start throwing these sort of errors if there is less than 4gb of space.
So, I decided to move the queue folder (which currently was about 500mb) to a different drive. I found the following command which easily moved the queue:
Move-TransportDatabase.ps1 -QueueDatabasePath: D:\Exchsrvr\TransportRoles\data\Queue -QueueDatabaseLoggingPath: D:\Exchsrvr\TransportRoles\data\Queue
Replace the D:\Exchsrvr…. with the path where you want the queue moved to.
The Move-TransportDatabase.ps1 script does the following:
- Free space is checked on the destination drive for the Queue Database and Queue Database Logs
- Create the destination path for the Queue Database and Queue Database Logs
- Assign Full Control permissions for Network Service, Local System, and Administrators for both paths
- Stop the Exchange Transport Service
- Backup the original EdgeTransport.exe.config file
- Move the Queue Database files, mail.que and trn.chk, to the destination folder
- Update the Queue Database path
- Move the file trn.log and any trn*.log files to the destination folder
- Update the path for Queue Database Logs
- Restart the Transport Service
Answer found on petri.co.il
by Jason Prahl | Jan 26, 2012 | Blog, Microsoft Exchange
I love exchange and have used it for several years each version adds functionality but sometimes they make things harder than they need to be.
You’ll have to use the Exchange Management Shell to accomplish these tasks.
This command will remove the mailbox and leave the user (disconnects it then you can get rid of the disconnected mailbox):
Disable-Mailbox -Identity domain\user
You’ll need to run the Clean-MailboxDatabase command to get Exchange to disconnect the mailbox so you can get rid of it.
Clean-MailboxDatabase
The Clean-MailboxDatabase prompts for Identity, this is the name of your mailbox database. In my case, and I think the default, it’s Mailbox Database.
At this point you can go to the disconnected mailbox area of the Exchange console, hit refresh and you can see the disconnected mailbox.
Now, to get rid of disconnected mailboxes.
Show all disconnected mailboxes:
Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid
Remove a single box:
Remove-Mailbox -Database <Database-Name> -StoreMailboxIdentity <MailboxGuid> -confirm:$false
Group them together and remove all:
$users = Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid
$users | ForEach { Remove-Mailbox -Database “Mailbox Database” -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }
See the size of mailboxes sorted by size:
Get-MailboxStatistics | Sort-Object TotalItemSize –Descending | ft DisplayName,@{ expression={$_.TotalItemSize.Value.ToKB()}},ItemCount
by Jason Prahl | Sep 27, 2011 | Blog, Microsoft Exchange
Had a user having problems sending an email to an email address. By all appearances the rejection notice seemed to point to an issue of our mail server having problems getting to their mail server.
I told the user to try it again later (this and telling them to reboot fixes most issues). Still more rejections after a couple of days.
So I Googled the error and found the fix on the second link that showed up.
The problem was actually a malformed contact in the user’s Microsoft Outlook contacts.
By copying and pasting the email address into notepad and then back into the contact it was fixed.
The issue stems from the email address that was stored in the contacts had mailto: and some other weird characters even though what was displayed looked just fine.
The other thing I did was to clear the auto address that pops up in the to field when composing a new message to make sure it was getting the address from the newly fixed contact.
by Jason Prahl | Nov 2, 2009 | Blog, Microsoft Exchange
I had a user account who’s mailbox would not open from the Outlook Web Access. After some poking around on the web and trying several things the following fixed it:
1) Open Active Directory Users and Computers
2) Enable Advance features from the View Menu
3) Find the user and click Properties, go to the Security Tab
4) Click the Advanced button
5) Check the box next to "Inherit from parent. . . "
6) Click Apply and OK 2x
That fixed it for this user.
by Jason Prahl | May 19, 2009 | Blog, Microsoft Exchange
We needed to setup about a hundred new users in our Exchange 2007 environment. Rather than create each user individually I researched how to import the users from a CSV file. To do this you need to download and install Quest Software’s free active directory powershell commands.
Here is the script I finally ended up with:
$OuBorn = ‘OU=OrganizationalUnit,DC=MyDomain,DC=com’
$Freshmen = ‘C:\ImportUsers.csv’
import-csv $Freshmen |`
where {new-QADUser -ParentContainer $OuBorn `
-name $_.name -sAMAccountName $_.sAMAccountName `
-City $_.city -Company $_.Company -Department $_.Department `
-FirstName $_.FirstName -LastName $_.LastName `
-StreetAddress $_.StreetAddress -State $_.State `
-Title $_.Title -userPrincipalName $_.userPrincipalName `
-userPassword $_.userPassword -DisplayName $_.name `
-Office $_.Office ; enable-QADUser $_.name `
}
The first 2 lines setup where you are creating the new users and the path to the file you are creating them from. Line 3 through the end is the main work. This will create users populated from a CSV file and fills in the First and Last name, City, Company, Department, Street Address, User Principal Name, Password, Display Name and their Office. Finally it also enables the user account. (Note: take notice of the ` at the end of each line in the main script. This allows you to write the script in a text editor and use multiple lines which helps with readability)
I created the users into a new OU so I could keep track of the users and make it easier to work with just those accounts. You could get fancy and add to the script to make the mailboxes and such but I just decided to make the users and then use the Exchange GUI to make the mailboxes since you can pick a whole OU of users and generate mailboxes from there.
One problem I ran into was I tried to give all of the user accounts a generic password and then set the “User must change password on next logon” flag. This worked but these users will only be logging onto the network using Outlook Web Access. Exchange 2007’s Outlook Web Access get’s stuck and won’t let the user logon to change the password unless you first logon to the account then set the “User must change password on next logon” setting. Since I didn’t want to have to log onto 90 something user accounts I just generated their password for them and it’ll prompt them to change the password in 6 months.
Here is a sample CSV file that I used for testing.
Also I wanted to restrict these new users from receiving email from outside the organization to cut down on potential spam. I did this by using the following powershell:
Get-Mailbox -OrganizationalUnit “NewUsers” | Set-Mailbox -AcceptMessagesOnlyFromDLMembers “All Company Email”
So we have a dynamic distribution list called “All Company Email” that has everyone in the organization in it. This script restricts everyone in the NewUsers OU (by using the Get-Mailbox command) to only be able to receive email from those in the “All Company Email” distribution list.
by Jason Prahl | Apr 7, 2009 | Blog, Microsoft Exchange
We’ve recently upgraded our Exchange 2003 server to Exchange 2007. There’s a lot of new and updated features in this version. The Anti-Spam features seem to be working very good but are catching some legitimate emails. I found the following shell commands for adding email addresses or whole domains to the white lists to keep them from getting blocked.
If you are like I was and didn’t have a clue what shell commands meant, open the Exchange Management Shell from the start menu. It’s a command prompt for doing various command line based tasks. You can perform pretty much everything you can normally do from the gui interface from a command line. This makes creating scripts to perform repetative tasks a snap.
Whitelist a domain:
Set-ContentFilterConfig -BypassedSenderDomains somedomain.com,someotherdomain.com
Whitelist an address:
Set-ContentFilterConfig -BypassedSenders foo@somedomain.com,foo2@somedomain.com
Copy the config of the content filter to the clipboard for viewing in a text editor:
get-contentfilterconfig | clip
I found these commands here.