Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
  • Post
  • Reply
wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

for exchange 2003, if you have HTTP logging on on your frontend server, you can use logparser to query for requests where cs-uri-stem is the activesync path and ask for cs-username and cs(user-agent). the user-agent for iphones is something like Apple-iPhone3C1/812.1, the part before the slash is the hardware model and the part after the slash corresponds to an iOS version (there's some docs on apple's site about how to figure out what those numbers correspond to). Not real easy to do as just a one time thing but if you have to do it repeatedly it's easy enough to setup.

exchange 2007/2010 probably does it alot better, but i haven't used those.

Adbot
ADBOT LOVES YOU

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

InfiniteDonkey posted:

I'm currently testing ActiveSync security policies with different mobile phones and tablets.

I just can't get OWA or Exchange Management Console to show the recovery password for any of my devices. I was wondering could the reason behind this be that i have specified that a machine will be wiped after 10 times of wrong codes? Does the recovery password only show if wipe is not configured?
Recovery password is WM6.x feature only (and I think a couple other 3rd party apps like touchdown), anything Android or iOS or WP7 doesn't support it.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Nevergirls posted:

I have a user who's getting a bunch of sync errors from the exchange server now that I switched her to cached mode. The errors can all be ignored but they are showing up in her mailbox. How can I prevent these from being generated?
is it folder [80004005-501-4B9-560]? We've had issues with that since we upgraded from 2003 to 2010, it has something to do with organizational forms. Rollup 3 for SP2 is supposed to fix it but we haven't installed it yet.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Anyone else think it's stupid that Outlook/Exchange still uses the legacyExchangeDN attribute for so much stuff?

EAT THE EGGS RICOLA posted:

gently caress Exchange.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Not directly Exchange, but it's related, so - we're looking at getting off of Postini (now Google Apps), since it seems to be like 2x the cost of most similiar SaaS offerings...does anyone have opinions of companies like EdgeWave, PostLayer, MX Guardian, or similar?

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Thanks all, I'll check out Mimecast....we're not looking for the full mail hosting, just the spam filtering and related features, probably should have clarified that

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Anonymouse Mook posted:

I am having some issues trying to get Voicemail Preview working on Exchange 2013.

We have recently got an Avaya IP Office system and I have managed to get the systems to talk to each other enough that you get the voicemail playback controls within the email, but I cannot get a text transcript to appear. Is there something obvious that I am missing?
The really obvious - 'Allow Voice Mail Preview' is enabled in your effective UM Mailbox Policy, correct? If Exchange is receiving the call and generating the voicemail, your PBX is handing off fine, so you don't have to worry about that side.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Anonymouse Mook posted:

Allow Voice Mail Preview is indeed checked. However, Exchange is not currently handling the calls- it is just being passed the voicemail from the Avaya Voicemail Pro server with Outlook installed. I assumed that as the playback control appeared, rather than just having the voicemail as an attached wav file that I was close to getting the text preview.

How would I go about setting my Exchange up to receive calls from the IP Office (running r9)? I can't find much good information on how to do this. Can I do it direct, or will I need some sort of SIP intermediary? Sorry for the silly questions, I am just starting out with UM.
Ahhh....if Avaya is actually generating the voicemail, I'm out of my depth. I don't know much about direct integration between Voicemail Pro and UM. Maybe Voicemail Pro packages the voicemail in a format such that Outlook knows to use its voicemail form when opening the message, so UM actually isn't in the picture, but that's a complete shot in the dark.

Unified Messaging does use SIP, our setup is an ancient definity phone system -> SIP Gateway via T1 -> Unified Messaging. Basically it just hands the call off to Unified Messaging via a coverage path, UM sees the extension it came from, and calls the appropriate voicemail box (or auto attendant). I've never used a SIP-enabled IP office, but if you've got SIP already, it may just be a matter of telling your IP Office to send certain calls to the UM box's IP (and telling UM to use the IP Office as its SIP gateway).

wyoak fucked around with this message at Nov 11, 2013 around 22:01

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

If you can setup the lovely POP3 server to route all incoming messages to one mailbox you could have Exchange connect to it as a global mailbox and sort it out based on routing rules. As it stands now it sounds like your IT staff has to know everyone's password which is pretty bad.

Setup Exchange as the MX of record and have it journal everything to the POP3 box. POP3 still gets traffic!

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Internet Explorer posted:

I would double check to make sure the emails with that issue aren't been sent as Rich Text.
Yeah we had issues with other companies when people sent as Rich Text. There's an option on the connector to never use RTF.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

TheDestructinator posted:

A client lost a hub transport server recently. We spun up a new server (new server name as well) and set it up as CAS and Hub Transport. Mail flow is working fine, but out of office on the local client does not (It does work from OWA).

We spun up a new server with the name of the failed hub transport server and reinstalled Exchange with the /recoverserver switch. I tried recreating the EWS virtual directory and get the following output:
code:
C:\Documents and Settings\(username).XXXXXXX>New-WebServicesVirtualDirec
tory -WebsiteName "EWS (Default Web Site)" -InternalUrl "https://xxxxxxxxxxx/EWS
/Exchange.asmx" -BasicAuthentication 1 -WindowsAuthentication 1
New-WebServicesVirtualDirectory : The Web site 'EWS (Default Web Site)' on serv
er '(Servername).(domain).local' does not exist. The name of a Web site is case s
ensitive.
Most people recommended reinstalling IIS and the CAS role. I'd really prefer not to have to do that again.

Does that web site ('EWS (Default Web Site)') exist in the IIS console? Usually it's just called 'Default Web Site'

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

TheDestructinator posted:

Default Web Site exists in IIS, but EWS does not.
Change WebsiteName in the command to match that:
code:
C:\Documents and Settings\(username).XXXXXXX>New-WebServicesVirtualDirectory 
-WebsiteName "Default Web Site" 
-InternalUrl "https://xxxxxxxxxxx/EWS/Exchange.asmx" 
-BasicAuthentication 1 -WindowsAuthentication 1

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Yeah, don't run another site in IIS on the CAS server if you can avoid it. Is it redirecting HTTP to HTTPS or something? Check the site bindings, you probably want the exchange site to have 80 and 443 on whatever IP (and the default site should maybe be shut off).

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Shouldn't o365 users always show up as mail-enabled users once they're migrated? Mail enabled users are accounts with exchange attributes set, but no actual mailbox since it's up in the

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Trastion posted:

I am building a new Exchange 2010 server on a Windows Server 2008 R2 box. Our current server is having issues because of the hard drive space. My plan is to bring up this new server and move everything over to it and make the current server go away.

The current server has all roles installed on the one server (except Unified Messaging which we don't use). I have setup the new server and got all the transport rules and such setup but I am having an issue. Yesterday a user said a bunch of his emails disappeared. When looking into this I noticed that the missing emails went to the new server but there does not seem to be any certain characteristic to the email that went there. I also am not sure if it was just this one user or if others are affected and just don't realize it.

A couple things that I know are a problem that I am not sure how to resolve. One is that the 2nd server has its own mailbox database even though all the mailboxes are still on the 1st server except 2 that I moved over. Those 2 are just test ones that I have. Is there a way to copy the original database over to the new server and use that instead of having 2 different ones?

The second thing is I do not have a CAS array or DAG setup at all. It looks like I cannot do a DAG because I am not running Server 2008 R2 ENTERPRISE edition, just standard. I assume I can get away with not having that especially if I am going to be at a single server again when completed. I don't know why there was never a CAS setup as I did not setup the 1st server. Will creating the CAS solve the other issue? Can I create one after the fact and not have it mess everything up?

I am still learning all this Exchange stuff but I am getting better at using powershell and EMC.
You don't need DAG or a CAS array if you're only going to have one server at the end. You don't want to move the original database over, it'll be easier just to move mailboxes (they stay online during the move). You do need the CAS role though, that's what lets people connect via Outlook or OWA.

When you say emails disappeared, do you mean new mail he tried to send or expected to receive was gone, or do you mean old messages in his mailbox were moved? Where were they on the new server? Transport rules are org-wide, so you shouldn't have had to set them up on the new server at all.

Unless.....what version of Exchange is the old server?

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Trastion posted:

Both are Exchange 2010. Sorry I meant Receive Connectors under Hub transport. There are separate ones on each server and things were broken until I put them on the 2nd server.

As for the disappeared emails they were ones he received and saw in the morning but some time around 1pm the were gone. I used tracking log explorer on each server to search for emails to him and they both came up with different stuff.

I do have the Client Access stuff setup just not the Array part.

The user in question is a remote user and would be checking his emails from Outlook in a remote office and with his phone and OWA sometimes. When I looked in his mailbox from my computer I could not see the emails either.

I am sure this is something I did wrong. I just cannot find anything searching for it.

I currently have the 2nd server shut off, because i do not want it eating any more emails, until I can figure out what to do to fix things.

Check his dumpster too. I can't imagine a second server eating something that made it into a mailbox.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Trastion posted:

At this point I am not really concerned with getting back the emails as much as I am in fixing things and getting everything finished on the new server.

Yeah, like Will Styles mentioned it's not about his mail but whether or not something is actually broken.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Pretty much that, converting a mailbox to shared will disable the user account associated with it.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

MS doesn't support CAS servers in the DMZ, just FYI. The Edge Transport role is the only one they support in a perimeter network.

In your situation I'd look at getting a reverse proxy or WAF (for OWA) and putting that in the DMZ. If you want to build a second exchange server, use it for redundancy purposes.

wyoak fucked around with this message at Dec 3, 2015 around 20:01

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

NevergirlsOFFICIAL posted:

OK so does this mean MS recommends putting OWA on the LAN and exposing it to the web?
I don't know if they have officially recommended deployments anymore since they stopped selling their ISA product (or whatever it was called in its later iterations), but you should probably have a reverse proxy of some sort sitting in your perimeter network. Load balancers, IIS with AAR, "next-gen" firewalls, SSL offloaders all do that.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Swink posted:

Anyone have some recommendations in this area? I have a small deployment but I'm overdue getting it behind a load balancer. Ideally i need something I can trial for a while to get my head around it.
A couple years ago I deployed some low-end AX series A10 load balancers to frontend a smallish Exchange deployment - at the time they were pretty affordable (much cheaper than F5's and such with similar feature sets) and could do stuff like URL rewriting, SSL offloading, virtual chassis, etc. I haven't paid much attention to the space recently though so I don't know how they stack up these days, but they might be worth a look (they have virtual appliances as well).

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Your powershell script as quoted is just going to try to set everyone's UPN to domain.com which isn't what you want (also it's set-aduser, not set aduser).

That said I'd probably just run it on the OU with mail enabled accounts, no need to mess with things that don't need to be messed with.

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

NevergirlsOFFICIAL posted:

CEO says: "I think one of the admins is spying on my email"

What can I put in place, and what can I check, to see if this is the case?

Exchange on prem.
There's a non-owner mailbox access report in OWA under 'Manage my Organization' -> Auditing, but mailbox auditing has to be on for the target mailbox

If the CEO gave his password to someone else you'd have to search AD logs for logins from non-CEO assets which would be a bigger pain

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

MC Fruit Stripe posted:

This isn't the company's Exchange server. I manage that for 30k users and that server actually does the thing it's supposed to do. This is just some piece of garbage in a closet.

Honestly this is why I hesitate to ever talk tech around here and tend to just hang out in the general purpose threads - everyone wants to know "why" and that's suddenly the topic. The why is cause I want to.

I'm trying to basically reset the entire server as though I just installed Exchange and am working there a piece at a time. Mailboxes and database emptied but unable to delete the database so far. Will see if I can figure that out. Having fun with my server.
What does database emptied mean? Anyway, if you've got all visible mailboxes deleted, run Get-Mailbox -database baddatabasename -Arbitration, you might have some system mailboxes there. Also could be a dumpster thing, I forget if Exchange holds onto deleted user mailboxes for a certain amount of time.

Adbot
ADBOT LOVES YOU

wyoak
Feb 14, 2005

a glass case of emotion


Fallen Rib

Are you trying to setup a privileged account (Domain Admin, Enterprise Admin, Schema Admin, etc etc etc) or is this all new user accounts?

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply