|
I have a scenario I am trying to wrap my head around. I am about to move an exchange 2007 single server installation over to a Exchange 2010 single server install. In order to keep things transparent for OWA and active-sync users I just need to make sure both servers are accessible over the internet and then... what else am I missing?
|
# ¿ Jun 6, 2012 18:57 |
|
|
# ¿ Apr 27, 2024 20:03 |
|
Check and check... I just feel like I am missing something and I am scared to proceed with mailbox moves
|
# ¿ Jun 6, 2012 19:06 |
|
Crackbone posted:Weird poo poo this morning. The problem is on the client end. Just nuke the mail profile and rebuild it. Kinda annoying but your service is golden
|
# ¿ Oct 4, 2012 21:28 |
|
Nahrix posted:The mail would show up in OWA if it was just a client issue. This might not be the cause, but I ran into a situation with similar symptoms, and the issue ended up being that the mail was being forwarded to another address.
|
# ¿ Oct 10, 2012 16:00 |
|
I just feel like you are going to be in a world of hurt trying to remove all references in ad manually. I would go the reinstall uninstall route
|
# ¿ Feb 4, 2013 05:22 |
|
Gyshall posted:Have you actually ever done this? No and I would never unless I had documentation on where all the references to the old server were located. Really... how hard is it just to install and uninstall instead of asking an internet forum if we think blowing away containers via ADSI is safe?
|
# ¿ Feb 4, 2013 18:29 |
|
Gyshall posted:So you're advocating a method you have no idea would even work? Are you aware of how Exchange tracks servers (GUID, product IDs, etc) that your method probably would just make stuff worse? An Install/Reinstall masquerading as the old server sounds like a horrible idea. Ive got a pretty good idea how it would work. The article everyone keeps linking even reccomends reinstallation and immediate uninstallation as a valid way to get everything cleaned up. Unless I had all potential references to the old server in ADSI documented I wouldnt make that my end method of doing this.
|
# ¿ Feb 4, 2013 22:32 |
|
Mierdaan posted:Make sure you get a SAN certificate that covers autodiscover.domain.tld, servername.domain.tld, mail.domain.tld. They're worth the extra cost to make sure people don't get SSL warnings periodically. A thousand times this and should be the first rule of any exchange rollout. As an IT guy you probably think to yourself 'k no prob a ssl warning here and there is no big deal I'll just hit accept and move on'. To the end user though it translates to TICKET TIME EMAIL IS BROKE YOU FIX IT LOSER
|
# ¿ Feb 26, 2013 17:41 |
|
What's everyone using for an archiving app?
|
# ¿ Apr 6, 2013 02:25 |
|
madsushi posted:10 GB is more than plenty for your environment. I have one client environment with 150 mailboxes and about a 100 GB database running on a single 8 GB server without issue. I would keep an eye on the event logs but wouldn't concern myself with that at all. I run an exchange 2010 vm with a single database hosting about 370 mailboxes and the database is around 250GB. Its a single server install with all roles on 1 vm and it only has 8gb of ram and it runs fantastic. In fact it rarely uses all the ram it has assigned to it. Really Exchange has become wonderful over the years at resource usage. As to the mail archive question I posed, I see a lot of people answering GFI. This is where we are leaning, its so darn cheap
|
# ¿ Apr 6, 2013 14:36 |
|
LmaoTheKid posted:So after a bunch of back and forth, my boss decided O365 wasn't going to work and we're going to implement a 2 server DAG for our E2010 setup. The problem is, the email server is 2008 R2 Standard and we need it to be enterprise. How hosed am I? Keep in mind 2 server dag only gives you ha of your info stores. If one server of the two dies no one is still going to get email because you haven't got ha of your cas role. Only supported way to get ha of your cas role is thru a cas array which uses NLb which does not Coexist with a dag cluster. You can futz around it with some ad trickery but just know what you're doing before you try
|
# ¿ May 8, 2013 03:48 |
|
Has anyone ever seen outlook 2011 interact with exchange 2010 (or any other version) stupidly? We tracked down a couple mac clients yesterday that had outlook 2011 and were pushing MASSIVE amounts of bandwidth AT our exchange server. It was all SSL traffic so I am certain it was outlook trying to push the EWS directory, I just have no clue whats going on here.
|
# ¿ May 8, 2013 14:11 |
|
This should be fun. Stop using outlook or I am banning the mac of your mac!
|
# ¿ May 8, 2013 18:24 |
|
Stugazi posted:How long do you wait on an Exchange Server to reboot before you power cycle it? It's Exch2007 running on Server 2003. Keep waiting. Takes FOREVER to dismount the info store cleanly.
|
# ¿ Jul 18, 2013 16:52 |
|
Man the new versions of Exchange are so dang easy to install and admin and perform so well I wonder why people are still looking at hosted Exchange. I guess when an office has literally zero servers.
|
# ¿ Aug 28, 2013 18:37 |
|
bull3964 posted:Even if you are good at the whole server thing, it's sometimes just not something you want to deal with. Yeah i get that... I just dont get it totally. "Dealing" with Exchange in so much as differences between hosted and onsite is like a once every couple months thing. Run it as a vm, give it the right resources, and watch 2 decades of engineering that Microsoft has actually done incredibly well just sit there and work.
|
# ¿ Aug 30, 2013 03:33 |
|
bull3964 posted:Yes and no. Eh, I really dont want to argue with you because youre not wrong ... its just your idea of things that should be done I dont think are as hard as you make them out in a lot of situations and thats probably mostly due to philosophy. For instance, if you do run your exchange as a vm, your backup, backup testing, dr testing, etc should actually be already in place and done for you. Veeam does every single bit of this for us along with automated testing and it was already in place because we have lots of vms. Same with patching. You should already have a patching mechanism in place and again that stuff doesnt require much effort. And outlook admin is going to happen wether you have O365 or onsite. I get not having any servers and running hosted exchange but as soon as you are managing more than a handful I think it makes a lot more sense to bring it back in house Syano fucked around with this message at 16:30 on Aug 31, 2013 |
# ¿ Aug 31, 2013 14:31 |
|
Misogynist posted:I'm not sure I agree with any of your assertions besides backup. I dont know if I agree. Granted I only have about 450ish client PCs with maybe 5 total Macs, but (knock on wood please smile on me Exchange gods) in 6 years we havent had a problem with an Exchange patch yet. We have had some issues with other patches but this discussion is about the ease of running Exchange not other things. And I totally agree with you about the other aspects... my point is you dont need those things to match or beat the up time expectations of most organizations Syano fucked around with this message at 20:14 on Aug 31, 2013 |
# ¿ Aug 31, 2013 20:10 |
|
What is your end goal in this scenario?
|
# ¿ Oct 30, 2013 14:59 |
|
Here is a nice writeup I have in my favorites about a 2007 to 2010 migration. It should roughly apply to what you are trying to do http://www.petenetlive.com/KB/Article/0000236.htm
|
# ¿ Oct 30, 2013 15:29 |
|
The authority may allow you to request a new name without charging for a new request, but you are still going to have to generate a new request with all names wanted and they are still going to have to generate a new cert
|
# ¿ Nov 4, 2013 19:55 |
|
KS posted:That doesn't necessarily invalidate the old cert. Digicert, for instance, lets you do unlimited reissues and only invalidates by explicit choice. It requires a new certificate request for a reissue though correct>?
|
# ¿ Nov 8, 2013 15:52 |
|
Lord Dudeguy posted:
Beaten on this but it is highly dependent on what the mailbox of those 490 users looks like. I host 415 mailboxes on almost an identical setup (actually 2 less vcpus) and have zero issue. Whats your underlying storage? Also, are you sending to a smarthost or are you routing mail via DNS?
|
# ¿ Nov 9, 2013 03:23 |
|
Lord Dudeguy posted:200GB sitting on a SAN, but it's not dedicated raw SAN storage, it's part of the VHDK on its own dedicated datastore. Create a temporary send connector that routes via DNS instead of smarthost and have it send your mail for a while and see if it still happens. If that fixes it, make sure you havent had any public IP changes recently that you havent updated with your smarthost. Make sure you arent doing in wan load balancing. Stuff like that Syano fucked around with this message at 17:08 on Nov 9, 2013 |
# ¿ Nov 9, 2013 17:05 |
|
Our GFI mail archive installation went live this morning, in no small part thanks to reccomendations from this thread. It is pretty darn awesome. Install was completely painless. Web interface is snappy and the built in reports are fantastic. This is going to make legal compliance sooooo much easier. Highly reccomend if you need an archive solution
|
# ¿ Nov 21, 2013 20:21 |
|
TKovacs2 posted:How does it compare to the built in archiving functionality of Exchange 2010? Ive only used the built in archive solution in a lab environment. That being said, GFI is way ahead as far as functionality and ease of use
|
# ¿ Nov 22, 2013 02:15 |
|
Stugazi posted:FWIW, the SSR restored EDB did recover the mail. I think the client was flat out lucky and I had serious doubts but it worked so we're happy. If you want cloud based look at mime cast or McAfee mxlogic. Both offer archiving though I'd lean towards mime cast since it seems to be a nicer product. In house gfi all the way. It's awesome
|
# ¿ Dec 21, 2013 02:08 |
|
EuphrosyneD posted:Is there a very good reason why an Exchange 2007 installation would suddenly drop all the mail within a mailbox? This has happened twice for one particular user at one of our clients now. This user swears up and down they haven't nuked their email on purpose - it's there one day and gone the next. We can't even get it back from OWA. We're able to restore all emails from backup though, but we don't want to have to keep doing this. They are deleting it all then lying to you VVVV Or that VVVV Syano fucked around with this message at 19:15 on Jan 8, 2014 |
# ¿ Jan 8, 2014 19:09 |
|
Ive got a weird one I wonder if someone could help me identify the issue: We had a company we manage have a problem with the storage yesterday. Long story short Exchange came back up corrupt so we did an instant recovery via veeam to the last available backup. Everything seemingly came back online fine. Problem is this morning we have an issue where outlook will not load on the remote desktop servers for this company. Also outlook will not load a new mail profile on a fat client. Specifically when opening outlook the users are getting a prompt to enter their username and password. When they do they get a message indicating the server is unavailable. The only errors we can see are on the exchange server in the security log. Its throwing some audit failures for these accounts indicating bad username or password, but thats not the case. No other errors really indicate whats going on. Real strange and making us beat our heads against the wall
Syano fucked around with this message at 17:34 on Jan 17, 2014 |
# ¿ Jan 17, 2014 17:25 |
|
Misogynist posted:I'm suspecting you have some cached Kerberos tickets with tokens that no longer exist on the Exchange server, and Windows is doing something dumb as it tries to reuse them. If this is the case, and you have the default Kerberos ticket lifetime of 10 hours, this issue has most likely cleared itself up already. If not, try clearing all cached Kerberos user tickets on the Outlook client system and try again. This may have been it. That being said we got it licked by futzing around with the preferred domain controllers for the Exchange server. We assigned one specifically and then everything started working
|
# ¿ Jan 18, 2014 04:21 |
|
Misogynist posted:Your Exchange server isn't also a domain controller, is it? Negative. Stranger still is we migrated the server back to production storage and now have no issues whatsoever. I'm thinking you're correct about cached Kerberos creds
|
# ¿ Jan 19, 2014 20:26 |
|
Is your archiver pulling in the email because of journaling? If so then the fact that its in your archive IS your audit trail... or at least should be good enough to be
|
# ¿ Jan 29, 2014 19:58 |
|
gallop w/a boner posted:We have had a strange certificate-related problem occur seemingly out of nowhere. There was a critical update last night that updated a certificate up the trust chain and for some reason it corrupted the chain or the cert or both on those clients. Do a system restore on the machines this affected and they will be fine. Source: been working on it all day Syano fucked around with this message at 21:34 on Mar 12, 2014 |
# ¿ Mar 12, 2014 21:31 |
|
gallop w/a boner posted:We have had a strange certificate-related problem occur seemingly out of nowhere. Probably going to hit the rest of your machines today. I am guessing you have your cert through entrust? If you dont mind letting me know if you found another easy fix I would appreciate it
|
# ¿ Mar 13, 2014 14:39 |
|
We have just been blowing away the local stores. Seems to work. Cause I have read that entrust post about 14 times now and I am not quite sure what exactly they are saying to do
Syano fucked around with this message at 16:42 on Mar 13, 2014 |
# ¿ Mar 13, 2014 16:35 |
|
gallop w/a boner posted:Grab the new intermediate cert from https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=94 and load into the local computer certificate store on your Exchange CAS boxes. This should fix the issue. We went through and updated our mail servers along with all our RDP servers this morning by installing the new certificate. Still have a lot of clients with the same issue. Any clues?
|
# ¿ Mar 14, 2014 15:12 |
|
Syano posted:We went through and updated our mail servers along with all our RDP servers this morning by installing the new certificate. Still have a lot of clients with the same issue. Any clues? Had to 100 percent redo our certificate environment today. Been a crazy 6 hours or so. We imported the updated certificate from Comodo and it just flat didnt work. So we basically started from scratch, generated a new unified communications CSR and reissued the certificate through comodo. 6 hours later we now have shiny new certificates on all our mail and remote desktop servers.
|
# ¿ Mar 14, 2014 19:45 |
|
|
# ¿ Apr 27, 2024 20:03 |
|
No clue what the deal was. I actually opened a support ticket with Comodo and they recommended reissuing the certificate so that the chain was fresh. We did that and ended up completely rebuilding our PKI. Kinda sucks too because now we have thousands of remote apps in the field signed with the old certificate. Doesnt prevent the user from working but the pop up telling somone they have a bad cert has generated a lot of noise for our help desk
|
# ¿ Mar 16, 2014 19:04 |