|
kiwid posted:Ah, yeah that makes more sense.
|
#
?
Apr 10, 2014 15:06
|
|
|
|
| # ? Apr 26, 2024 04:14 |
|
|
They should ideally have an SPF record setup on a domain they control the DNS for that you can just include in your own SPF record, means they can make changes without causing any issues.
|
|
#
?
Apr 10, 2014 16:18
|
|
|
Caged posted:They should ideally have an SPF record setup on a domain they control the DNS for that you can just include in your own SPF record, means they can make changes without causing any issues. It's like there's an echo in here...
|
|
#
?
Apr 10, 2014 16:37
|
|
|
I skimmed your reply a bit quickly and missed the point of it. Once you've made your SPF run it through one of the various online tools to check whether it's valid, some places tell you to include their SPF information that ends up being a ton of redirects that stops the SPF from ever evaluating properly.
|
|
#
?
Apr 10, 2014 16:42
|
|
|
I posted about this a while ago and never really got anywhere. I get an expired cert warning through Outlook when outside of the office and using Outlook anywhere. It looks like the certificate is actually a self-signed certificate on an externally hosted server. Going to https://ip throws a warning with the same info I get in the warnings in Outlook. Our website is at https://www.ourdomain.com which resolves to an IP address that is not ours. Everything accesses our mail server via smtp.ourdomain.com which resolves to our public IP address. There is a DNS entry for webmail.ourdomain.com which points to smtp.ourdomain.com... not sure if that could be causing the problem? Why is Outlook (some phones throw warnings as well) picking up this cert when outside of the office? e: On another note, I ran a digicert cert checker on our mail server and it's saying that SSL 2.0 is enabled. Should I add this registry entry and reboot the Exchange (2010 on 2008 R2) server? http://stevenrobert.wordpress.com/2009/12/02/how-to-disable-ssl-v2-in-iis-7/ goobernoodles fucked around with this message at 00:44 on Apr 11, 2014 |
|
#
?
Apr 11, 2014 00:41
|
|
|
I've got a unique situation, and my only experience with Exchange is fixing broken databases and poo poo. I've got a DR scenario where I bring up two site DCs and the exch box. The DCs are eventually fine, after removing the AD dependencies from other sites. DNS, AD, all domain services are fine. Exch is 2013 on 2012, highest DC is 2k3. Even after adsi and metadata cleanup, while the domain is fine, the Exchange server shits itself about not finding the computer account in the domain (event viewer). Leaving and rejoining the domain yield the same result. My question is, is there some sort of metadata/ldap cleanup I should do on the Exchange side? Something obvious I'm overlooking? I'm sorry, I'm terrible with Exchange and it's dependencies. Thanks for any help.  Edit-clarity Wake_N_Bake fucked around with this message at 01:48 on Apr 11, 2014 |
|
#
?
Apr 11, 2014 01:42
|
|
|
goobernoodles posted:I posted about this a while ago and never really got anywhere. I get an expired cert warning through Outlook when outside of the office and using Outlook anywhere. It looks like the certificate is actually a self-signed certificate on an externally hosted server. Going to https://ip throws a warning with the same info I get in the warnings in Outlook. so when you bought the cert and applied it to the exchange server did you also assign the services to it? after you install the cert you have to say "use this cert for iis" the different aliases for your mail server shouldn't matter if outlook anywhere is pointing to smtp.ourdomain.com and the cert has that as a name. wouldn't be a bad idea to add webmail. to your ucc as well.
|
|
#
?
Apr 11, 2014 02:46
|
|
|
Tab8715 posted:How come I need to include a pipe to "format-table" to display the Manager of the Distribution-Group? Isn't there a way I could just include all info? Because Get-DistributionGroup is returning an Object to you that has a Property named ManagedBy. You piping the command to "Format into a List, include Name and ManagedBy" is including those properties for you. You can also pipe into Select-Object Name,ManagedBy and it will do the same thing. Another option is (Get-DistributionGroup whatever).ManagedBy which tends to look neater in big scripts. You can convert a property of an object into a string using Select-Object -ExpandProperty if the need ever arises. Keep in mind that the property of what you're Selecting or Format-List/Tabling is sometimes an Object itself and has its own properties and methods. An easy way to view the properties and methods of an object is to pipe it into Get-Member.
|
|
#
?
Apr 11, 2014 06:29
|
|
|
I've got a real quick one for all you Exchange nerds. What are the consequences of disabling the Content Index on an Exchange 2010 Mailbox DB? I've got one here that's too tight around the belt and the CI just fails because it runs out of space. Plenty of room in the edb for actual mail, but Exchange never gives anything back to the filesystem  , and I haven't figured out how to move the CI to a different set of disks. If it just means OWA searches will be slower and exclude attachments, I'm A-OK with that.
|
|
#
?
Apr 11, 2014 16:01
|
|
|
Reiz posted:Because Get-DistributionGroup is returning an Object to you that has a Property named ManagedBy. You piping the command to "Format into a List, include Name and ManagedBy" is including those properties for you. It's more so about why doesn't Get-Distribution return all the properties for the object, why must I pipe the command to FL or FT? Did Micrsoft just decide which one are displayed by default?
|
|
#
?
Apr 11, 2014 17:05
|
|
|
Get-DistributionGroup has 92 properties. They just picked the ones they thought would be most important at a quick glance, I imagine.
|
|
#
?
Apr 11, 2014 17:14
|
|
|
NullPtr4Lunch posted:I've got a real quick one for all you Exchange nerds. Move the content to another volume, create a mount point on the catalogdata folder to the volume where your content is at. Stop the ms exchange search indexer service before hand. To clean up your DB either schedule some down time to compress or spin up a new DB and shuffle all the users out destroying the old one when done.
|
|
#
?
Apr 11, 2014 17:36
|
|
|
The Electronaut posted:Move the content to another volume, create a mount point on the catalogdata folder to the volume where your content is at. Stop the ms exchange search indexer service before hand. To clean up your DB either schedule some down time to compress or spin up a new DB and shuffle all the users out destroying the old one when done. Yeah, I thought about doing that with a junction point but I was asking to find out what would happen if I just turned off the CI instead. Its easy to find out *how* to do it, but I haven't been able to find any info on what doesn't work w/o the CI. Everything I've read about doing a defragmentation on the db with ESEUTIL indicates that I need enough free space to make a complete copy of the DB minus whitespace. Is that not the case?
|
|
#
?
Apr 11, 2014 19:14
|
|
|
Not sure what you mean about it being too tight. Where are your logs being stored? On different partitions? If you're talking about whitespace, you need to back your poo poo up, son. You shouldn't be disabling content index, ever.
|
|
#
?
Apr 11, 2014 19:49
|
|
|
NullPtr4Lunch posted:Yeah, I thought about doing that with a junction point but I was asking to find out what would happen if I just turned off the CI instead. Its easy to find out *how* to do it, but I haven't been able to find any info on what doesn't work w/o the CI. Correct you'd need a load of space with the added benefit of your mail store being down while the process runs which is why I suggested the shuffle method. You could nuke the CI by disabling the search service then kill the CI leaving the service disabled but I wouldn't suggest it for the long term.
|
|
#
?
Apr 11, 2014 21:09
|
|
|
Gyshall posted:You shouldn't be disabling content index, ever. Why? What happens? That's the whole reason why I asked in the first place. If all it does is make it so people can't search the contents of attached .XLS and .DOC files, I couldn't give a poo poo. They can live without it until I have a permanent solution to this. Gyshall posted:Not sure what you mean about it being too tight. Where are your logs being stored? On different partitions? Yep, logs have their own pair of disks, as does the public folder store. Plenty of space on both of them. The other admin here kept disabling user accounts w/o ever disconnecting their mailboxes so things piled up on the mailbox DB disks. Now we've got a huge DB that's so big there's no room for the CI and plenty of whitespace after deleting old mailboxes. If there's no way to do an in-place defrag without having an equal amount of free space available (defeats the purpose of a defrag, huh?), then the only option is to migrate to a new server or hook up an iSCSI LUN to this guy. The Electronaut posted:You could nuke the CI by disabling the search service then kill the CI leaving the service disabled but I wouldn't suggest it for the long term. Yeah that's the plan. I wanted to get an idea of what the consequences of disabling the CI are before doing it. As of right now, mail works fine except for OWA search.
|
|
#
?
Apr 11, 2014 23:29
|
|
|
When someone creates their own distribution groups in their contacts by adding people or groups from the GAB, those groups are a snapshot of how they were at that time and not live, right? For example, if someone creates their own distribution group that includes groups from the GAB and then we delete people from the real groups which propagate to the GAB, the other person's distribution list is not updated with the current group membership, am I correct?
|
|
#
?
Apr 16, 2014 15:19
|
|
|
Orcs and Ostriches posted:Get-DistributionGroup has 92 properties. They just picked the ones they thought would be most important at a quick glance, I imagine. Yea, that makes sense but I'm sort confused how come they don't have this listed in the TechNet Article? Or am I reading this wrong? Get-DistrobutionGroup.
|
|
#
?
Apr 16, 2014 15:54
|
|
|
Tab8715 posted:Yea, that makes sense but I'm sort confused how come they don't have this listed in the TechNet Article? Or am I reading this wrong? Get-DistrobutionGroup. Welcome to PowerShell. Remember that get-distributiongroup is returning an object, and each object should have an XML file describing its default formatting options. You can get around this with format-table or format-list, which will ignore the default formatting instructions. Just wait until you run across stuff like get-aduser, which not only has the same default formatting issue, but only returns a subset of the object's properties even if you specify format-list. To get the rest of the properties, you have to explicitly ask for them. code:
|
|
#
?
Apr 16, 2014 17:05
|
|
|
Tab8715 posted:Yea, that makes sense but I'm sort confused how come they don't have this listed in the TechNet Article? Or am I reading this wrong? Get-DistrobutionGroup. You would probably want to hit the link towards the bottom for Output Types, and then find Get-Distributiongroup in the gigantic spreadsheet of possible commands, and then select the "Distribution Group" link on the far right of that row. Then from here you'll want to scroll down and click 'Distribution Group Members' towards the bottom. Or, if a command isn't behaving the way you expect it to, pipe the output into get-member ( do-something | gm ) and take a look at it. If you still can't figure it out, try googling for a stack overflow thread. TechNet articles are my third choice when it comes to actually solving a problem.
|
|
#
?
Apr 17, 2014 06:51
|
|
|
NullPtr4Lunch posted:Why? What happens? That's the whole reason why I asked in the first place. I was digging around writing test scripts today and realized set-mailboxdatabase has a parameter of indexenabled. Going to the technet article the command confirms this will disable exchange search for the database. Obviously may want to test this before hand...
|
|
#
?
Apr 17, 2014 15:27
|
|
|
Yeah, I wish I had a test env for just this kind of experimentation.
NullPtr4Lunch fucked around with this message at 16:12 on Apr 17, 2014 |
|
#
?
Apr 17, 2014 16:06
|
|
|
Does the email attribute become completely useless when you migrate to Office 365? Talking about this:  That field doesn't seem to control anything. Office 365 seems to look at only the proxyAddresses attribute and completely ignores this one. So can anyone tell me why we'd still need to fill in this field?
|
|
#
?
Apr 17, 2014 16:43
|
|
|
kiwid posted:Does the email attribute become completely useless when you migrate to Office 365? 365 will use that field if there's nothing in the proxy address attribute. Realistically, you shouldn't need to use the proxy address attribute unless the person has an alias.
|
|
#
?
Apr 18, 2014 01:46
|
|
|
What's considered the standard for capping email attachments these days for internally hosted exchange servers? It seems like, with more and more people going to external hosting, we're seeing people sending messages to our users with larger and larger attachments.
|
|
#
?
Apr 22, 2014 15:06
|
|
|
tadashi posted:What's considered the standard for capping email attachments these days for internally hosted exchange servers? It seems like, with more and more people going to external hosting, we're seeing people sending messages to our users with larger and larger attachments. I'd say 50 megs or 100 megs
|
|
#
?
Apr 22, 2014 15:16
|
|
|
tadashi posted:What's considered the standard for capping email attachments these days for internally hosted exchange servers? It seems like, with more and more people going to external hosting, we're seeing people sending messages to our users with larger and larger attachments. We're capped at 20mb and have only ever had one person complain about it. In my opinion, if its larger than 20mb then you should be using something like dropbox and emailing the link across.
|
|
#
?
Apr 22, 2014 15:58
|
|
|
How much time should I budget for a Exchange 2007 to Exchange 365 Cutover Migration? How idiot proof is this process?
|
|
#
?
Apr 22, 2014 17:31
|
|
|
WhoNeedsAName posted:We're capped at 20mb and have only ever had one person complain about it. In my opinion, if its larger than 20mb then you should be using something like dropbox and emailing the link across. Gmail itself only allows you to send 25MB attachments https://support.google.com/mail/answer/6584?hl=en
|
|
#
?
Apr 22, 2014 18:21
|
|
|
tadashi posted:What's considered the standard for capping email attachments these days for internally hosted exchange servers? It seems like, with more and more people going to external hosting, we're seeing people sending messages to our users with larger and larger attachments. We cap at 10Mb. Anything larger and we point our users to our encrypted ZendTo server.
|
|
#
?
Apr 22, 2014 19:51
|
|
|
Calidus posted:How much time should I budget for a Exchange 2007 to Exchange 365 Cutover Migration? How idiot proof is this process? How many mailboxes? We took 3 months to do a staged migration but my help desk is retarded and does one at a time. With a cutover we probably could have done it in a few weeks. The biggest slow down to the process is pointing everyone's Outlook at Office 365. With SSO and good documentation you could delegate that process to your users, do the cutover migration and tell everyone to repoint their Outlook or use OWA.
|
|
#
?
Apr 22, 2014 19:51
|
|
|
Bob Morales posted:Gmail itself only allows you to send 25MB attachments Same with Exchange Online/Office 365 http://technet.microsoft.com/en-us/library/exchange-online-limits.aspx
|
|
#
?
Apr 22, 2014 19:53
|
|
|
Tab8715 posted:It's more so about why doesn't Get-Distribution return all the properties for the object, why must I pipe the command to FL or FT? Did Micrsoft just decide which one are displayed by default? Yes, the default displayed properties of any object are often pre-determined and truncated. Manipulating powershell objects to get the correct information is real powershell 101 type stuff. Select object on the other side of the pipe get-whatever | select property1,property2 or expressing the property via an encapsulated query (get-whatever).property1 or via storing it to a variable and expressing it that way $var.property1 are all common. Learning powershell conventions can be done really quickly, and pay huge dividends, especially in larger applications, like Exchange, VMWare, and AD. I once wrote a completely automated exchange 2007 database consolidation routine that compiled the deltas between about 200+ database backups into a single database that was then exported to PST files and sent up to mimecast for retention. All fully automated. We had bids well into 6-figures for this project before I decided to see if I could just ghetto-shell it. Powershell is just that, well, powerful. O'reilly media has a great powershell cookbook that opens with a very eye-opening primer on exactly what powershell is (vs traditional shells). I can't recommend it enough.
|
|
#
?
Apr 22, 2014 22:51
|
|
|
kiwid posted:How many mailboxes? Only 20 mailboxes, so could I possibly do it over a weekend?
|
|
#
?
Apr 23, 2014 03:57
|
|
|
Calidus posted:Only 20 mailboxes, so could I possibly do it over a weekend? Yeah I'd say so, you can do a lot of prep work prior to the actual migration (dir sync, etc.) so that all you have to do is the actual migration step and mx record move. Keep in mind though that the speed of migrations also depends on your upload speed and the size of the current mailboxes.
|
|
#
?
Apr 23, 2014 20:44
|
|
|
We're having an interesting issue with a user mailbox today. One of our users has the proper permissions to create appointments on the calendars of our entire C-suite and she has been doing so for quite literally years. When she came in to work this morning, however, she was only able to send meeting requests. She still has the same permissions she had last week and the issue persists even when she logs in to other computers. There were no major changes over the weekend to the Exchange environment that I can find. The people in question are all using Outlook 2010 and we are running on Exchange 2007. Does anybody have an idea on what might be causing this?
|
|
#
?
Apr 28, 2014 19:25
|
|
|
How do I go about troubleshooting permissions problems in Exchange 2010? I have a User A who has Full Access permission as well as Send As permission to User B. However User A is not able to send as User B. I've never delved into Exchange logs but I assume this is where I need to go?
|
|
#
?
May 2, 2014 03:50
|
|
|
I would verify in OWA (outlook web access) by going to the upper right, click their name, open other mailbox, and having them swap to that user they can send privileges as. You'll never need to dive into exchange logs...ever. Then if that works (as in you can see the other users mailbox) make sure you're using the options-> Show fields-> FROM and explicitly saying the send as users email address. You may need to google the Powershell commands to give a user explicit send as and full rights privileges.
|
|
#
?
May 2, 2014 04:40
|
|
|
In my experience if the user has the proper permissions and they can't send as something they should they're usually doing it wrong. I'd sit down with the user and verify they know how to send as before you start going into in depth Exchange trouble shooting. If you did do that then have them try to send as in OWA like mentioned above, if the message sends but is coming out as the wrong person check the transport logs etc. if they can't send at all get a copy of the error and go from there. vv How does it fail? NDR, error message? Messages deliver but appear as the wrong person? Will Styles fucked around with this message at 05:42 on May 2, 2014 |
|
#
?
May 2, 2014 05:04
|
|
|
|
| # ? Apr 26, 2024 04:14 |
|
|
I'm adding permissions via code:This issue seems to affect just the one user. And he is configured exactly the same as the others.
|
|
#
?
May 2, 2014 05:32
|
|