Disable SafeHTML in OWA on Exchange 2010? XML attachment with non-XML extension content gets stripped

Similar Messages

• Recall message from OWA in Exchange 2010

  Dear All,
  Is it possible to Recall message from OWA in Exchange 2010?? we have ex2010 sp2.
  if possible please provide steps
  Sunil
  SUNIL PATEL SYSTEM ADMINISTRATOR

  First, Exchange 2010 SP2 is no longer supported.  Please update to SP3 at your earliest convenience. 
  https://social.technet.microsoft.com/Forums/en-US/b3085dd9-6777-454e-af30-279dfccffb8b/exchange-2010-sp1-and-sp2-are-no-longer-supported?forum=exchange2010
  Second, message recall has never been available in OWA.  This is an Outlook feature, not an Exchange feature. 
  http://support.microsoft.com/kb/197094

• ISA 2006 publish Exchange 2010 Outlook Anywhere with Kerberos Constrained Delegation

  Hi,
  I have two Exchange 2010 Sp1 CAS with Windows Network Loadbalancing. I set up an alternate Serviceaccount and mapped the http,ExchangeMDB,PRF and ExchangeAB SPNs.
  Then i published the Exchange Services via ISA 2006. OWA is working using Internet -> via NTLM -> ISA(webmail.domain.com) -> via KCD -> CAS-Array(ex2010.domain.com)
  I tried the same with Outlook Anywhere (RPC over HTTP) without success.
  Authentication to the ISA via NTLM works fine, but i think the isa server cannot delegate the Credentials successfully to the CAS-Server.
  The ISA Log looks like:
  Allowed Connection ISA 24.11.2011 15:50:40
  Log type: Web Proxy (Reverse)
  Status: 403 Forbidden
  Rule: Exchange 2010 RPC
  Source: Internal (172.16.251.33)
  Destination: (172.18.10.182:443)
  Request: RPC_OUT_DATA
  http://webmail.domain.com/rpc/rpcproxy.dll?ex2010.domain.com:6001
  Filter information: Req ID: 108b89d8; Compression: client=No, server=No, compress rate=0% decompress rate=0%
  Protocol: https
  So i always get a 403 Forbidden from the CAS.
  I the IIS logfile from the cas server i see this entry:
  2011-11-24 15:51:37 172.18.10.182 RPC_OUT_DATA /rpc/rpcproxy.dll ex2010.domain.com:6001 443 - <ISA IP> MSRPC 401 1 2148074254 203
  I use the same Listener for OWA and Outlook Anywhere. Authentication Methods are Basic and Integrated. I forward the request to a webfarm which exists of the two physical CAS. Internal Site Name is set to the NLB name ex2010.domain.com, SPN is set to http/ex2010.domain.com
  Thanks for your support

  Hi, i ran into the same Problem.
  the steps above solved mine too (Creating a custom AppPool which runs under LocalSystem).
  I wonder why they included only the Script: convertoabtovdir.ps1
  http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/thread/dc24ccd3-378a-47cc-bbbf-48236f8fe5b0
  Ist this a supported configuration (changing AppPool of RPC)?

• ISA 2006 publish Exchange 2010 Outlook Anywhere with KCD/NTLM and IPSEC - Problem

  Hi
  I have setup ISA 2006 to publish Exchange 2010 Outlook Anywhere with Kerberos Constrained Delegation and IPSEC.
  The clients have an IPSEC policy pushed to them via GPO.  The clients are windows 7 laptops and the ISA server is server 2003, so the IPSEC connection is IKE not AuthIP.
  However, it seems that the connection will work for a while, then all of a sudden stop working with zero trace of why.  I cant get the Oakley log to work and I cant see any traffic on the ISA.
  I am wondering if I need to publish the CRL's externally?  Currently we don't, and the Outlook Anywhere uses private certificates (as the whole point of IPSEC is to validate the internal certificate, there is no point in using
  public certificates).
  I have tried using the StrongCRLCheck=0 registry key in the IPsec Policy Agent on the windows 7 machine but it doesn't seem to make a difference.
  Any advice would be appreciated.
  Steven

  Hi,
  Firstly, have you received any related error messages in ISA server or on the clients' side? Besides, as you mentioned IPsec, did you have a VPN connection?
  In addition,
  While ISA 2006 only includes a Client Access Web Publishing Wizard for both Exchange 2003 and Exchange 2007. Which Exchange version you have chosen when publishing Exchange 2010?
  Please also make sure that you have selected the
  External interface for the web listener to listen on.
  Besides, the link below would be helpful to you:
  OWA publishing using Kerberos Constrained Delegation
  method for authentication delegation
  Best regards,
  Susie

• Exchange OWA does not load OWA for Exchange 2010 users

  I have recently installed Exchange 2013 SP1 CU4 in my existing Exchange 2010 SP3 environment but when I use Exchange 2013 OWA to login Exchange 2010 users (it should automatically take the user to Exchange 2010 OWA) but I get this error message "Forbidden
  403- Access is denied". However exchange 2010 users can login to their /ecp directory from exchange 2013. Exchange 2010 users can use OWA using their exchange2010/owa URL without any problems. We do not have any http or https redirection enabled
  on any of the server. Also I have tried to uncheck the "Required SSL" settings for default web site on both Exchange servers but error is still same. Any help will be highly appreciated.

  Hi,
  According to your description, your Exchange 2013 cannot proxy OWA request to Exchange 2010 server, but ECP　request　can work properly.
  In this case, Ｉ'd like to confirm OWA and ECP settings on Exchange 2013 and 2010 servers before going further:
  Get-OWAvituraldirectory |fl identify,*url,*authentication
  Get-ECPvituraldirectory |fl identify,*url,*authentication
  Thanks,
  Angela Shi
  TechNet Community Support

• Disable Lync 2013 Client and Exchange 2010 Integration

  Is it possible to disable integration to Exchange 2010 from a Lync 2013 client?  I found a key that works for Lync 2010 by setting HKLM\Software\Policies\Microsoft\Communicator\PersonalContactStoreOverride to 1.  That does not seem to do anything
  to a Lync 2013 client, nor have I been able to find a solution to disable it via Registry/GPO.  Some things I have found seem to indicate that key does is not used by a Lync 2013 client but that is somewhat speculation.  Can someone tell me if there
  is a key to disable this connectivity and disable it like what the key above does for 2010?  Thank you!

  Create a new-csclientpolicyentry -name "PersonalContactStoreOverride" -value "1" and assign it to a Client Policy
  see Raffaele's post at: http://social.technet.microsoft.com/Forums/lync/en-US/0762e036-1f9f-43a6-bb81-686864260c9d/how-to-install-the-lync-client-through-sms-with-personal-information-manager-set-to-none?forum=ocsplanningdeployment
  Please mark posts as answers/helpful if it answers your question.
  Blog
  Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

• Sharepoint 2013 vs Exchange 2010 SP3 search (Error while crawling LOB contents)

  Hi there:
  We are trying to solve the problem: ERROR CRAWLING LOB CONTENTS when we wish to search Exchange 2010 SP3 public folder content on Sharepoint 2013 Foundation.
  Quick briefing:
  Followed this instructions:
  http://technet.microsoft.com/en-us/library/jj591608(v=office.15).aspx
  * Created CRAWL RULE
  - Used Domain Admin for content access ---> IS THIS WRONG?
  - Domain Admin can access public folder thru Outlook Web Access (checked)
  - Included all items in this path
  PRINTSCREEN 1
  * Added a content source for Exchange Server public folders
  - Logged to Outlook Web Access with domain admin, expanded Public folders and opened 1st subfolder in new window and copied the address
  - Logged to Outlook Web Access with domain admin, expanded Public folders and opened 2nd subfolder in new window and copied the address
  PRINTSCREEN2
  * Did a FULL CRAWL
  PROBLEM:
  - Search results does not throw "correct data". Some items are not being found
  CRAWL LOG is reporting: Error while crawling LOB contents
  Detailed error message:
  https://mail.domain.com/OWA/?ae=Folder&id=PSF.LgAAAAAaRHOQqmYRzZvIAKoAL8RaAwAnt2ed15IATLg8XoXLNj4EAAAAXsN8AAAB&t=IPF.Note
  Error while crawling LOB contents.
  Error caused by exception: Microsoft.BusinessData.Infrastructure.BdcException
  The shim execution failed unexpectedly - Exception has been thrown by the target of an invocation..:
  System.InvalidOperationException An internal server error occurred.
  Try again later.; SearchID = 4E8542D3-48EF-404E-8025-8D9AAEFE777A )
  We thought it's a throttling issue / found possible solution:
  http://powersearching.wordpress.com/2013/07/23/exchange-public-folders-search-fail-error-while-crawling-lob-contents/
  Tried it, still same Error messages, problem not resolved.
  Any hints? Please advise.
  With best regards
  bostjanc

  Hi Bostjan,
  From the error message, the issue might be caused by throttling policy on Exchange side. And the article you posted provides the right solution, some modification to the solution and please try again.
  For throttling policy part
  1.Execute the command for Set-ThrottlingPolicy
  Set-ThrottlingPolicy SharePoint -RCAMaxConcurrency Unlimited -EWSMaxConcurrency Unlimited -EWSMaxSubscriptions Unlimited -CPAMaxConcurrency Unlimited -EwsCutoffBalance Unlimited -EwsMaxBurst Unlimited -EwsRechargeRate Unlimited
  2.Execute the command Get-ThrottlingPolicy SharePoint to double confirm the policy setting has been successfully executed
  For registry key part
  1. Start Registry Editor (regedit).
  2. Navigate to the following registry subkey:
  \\HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
  3. Right-click ParametersSystem, point to New, and then click Key.
  A new key is created in the console tree.
  4. Rename the key MaxObjsPerMapiSession, and then press Enter.
  5. Right-click MaxObjsPerMapiSession, point to New, and then click DWORD (32-bit) Value.
  The new value is created in the result pane.
  6. Rename the key to <Object_type>, where <Object_type> is the name of the registry object type that you're modifying. For example, to modify the number of messages that can be opened, use objtMessage. Press Enter.
  7. Right-click the newly created key, and then click Modify.
  8. In the Value data box, type the number of objects that you want to limit this entry to, and then click OK. For example, type 350 to increase the value for the object.
  9. Restart the Microsoft Exchange Information Store service.
  If it still doesn’t help, please check ULS log for related error message.
  Regards,
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected] .
  Rebecca Tu
  TechNet Community Support

• Internal outlook client connectivity in exchange 2010 when coexist with exchange 2013

  Hi all ,
  on my side i would like to clarify few queries.
  Say for instance i am coexisting exchange 2010 with exchange 2013 .Unfortunately if all of my exchange 2013 servers goes down .
  Q1 .On that time will the internal outlook users having their mailboxes on exchange 2010 can be able to connect mailboxes without any issues ? In case if they face any issues what kind of issues will they be? Because why i am asking is we should have pointed
  the autodiscover service to exchange 2013 during coexistence.
  When an user closes and reopens the outlook after whole exchange 2013 environment failure ,outlook will first query the autodiscover service for the profile changes to get it updated on users outlook profile.In such case autodiscover service will not be
  reachable and i wanted to know will that affects the internal client connectivity for outlook users having their mailboxes on exchange 2010.
  Q2. Apart from outlook internal users connectivity ,what kind of exchange services(i.e owa,active sync,pop,external OA and imap) will get affected when whole exchange 2013 environment goes down during coexistence ?
  I have read the below mentioned statement on this awesome blog but still i wanted to clarify with you all on my scenario.
  http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx<o:p></o:p>
  Internal Outlook Connectivity
  For internal Outlook clients using RPC/TCP connectivity whose mailboxes exist on Exchange 2010, they will still connect to the Exchange 2010 RPC Client Access array endpoint.
  For internal Outlook clients using RPC/TCP connectivity whose mailboxes exist on Exchange 2007, they will still connect directly to the Exchange 2007 Mailbox server instance hosting the mailbox.
  Please share me your suggestions and that would help me a lot .
  Regards
  S.Nithyanandham

  Hi Winnie Liang ,
  Thanks a lot for your reply.
  Scenario  1 : for internal outlook connectivity 
  We have below settings for exchange 2010 autodiscover.
  mail.domain.com - will be the namespace for internal autodiscover URI for all the exchange 2010 cas serves
  We are going to have below settings for exchange 2013 autodiscover.
  mail.domain.com - will be the namespace for internal autodiscover URI for all the exchange 2013 cas serves
  During coexistence mail.domain.com will be pointed to exchange 2013 cas servers . I mean to say if we try to resolve the mail.domain.com it will get resolved in to the exchange 2013 cas servers.
  So on such case if anything happened wrong to the new environment or else if entire environment goes down .Do we face any issues while outlook users connect to existing mailboxes in exchange 2010 ?
  Because why i am asking is ,on the below mentioned article i have read all the autodiscover request will go via exchange 2013 cas servers during coexistence.That means all the existing mailboxes in exchange 2010 will also have to query exchange 2013 cas
  servers for autodiscover request.During the whole exchange 2013 environemnt failure whenever the user tries to close and open outlook .Outlook will first queries the autodiscover service for any changes happened on that particular mailbox and it will try to
  get it updated on user profile.
  http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
  Would it be possible to make the exchange 2010 mailbox users to query only the scp points which belongs to the exchange 2010 cas servers for autodiscover request ?
  Scenario 2: For exchange services
  mail.domain.com - will be the namespace for all the exchange 2010 services (i.e owa,activesync,external outlook anywhere,pop,imap)
  mail.domain.com - will be the namespace for all the exchange 2013 services (i.e owa,activesync,external outlook anywhere,pop,imap)
  What about the above services will it get affected during whole exchange 2013 environment failure ?
  Note : We are not facing this issue , i hope everything goes well in my environment while doing coexistence i am just asking this question on my own interest?
  Regards
  S.Nithyanandham
  Thanks S.Nithyanandham

• Exchange 2010 CAS array with Exchange 2013 Mailbox Servers

  Here is our current scenario,
  Exchange 2007
  2 - Hub Transport Servers
  2 - CAS servers (cluster NLB)
  2 - Mailbox servers (clustered)
  Exchange 2010
  2 - Huib Transport Servers
  3 - CAS servers (array NLB)
  2 - Mailbox servers (1 DAG)
  We have not migrated any users to the Exchange 2010 environment yet. We're thinking that at this point we would rather go from 2007 to 2013. Does the 2013 mailbox server work with a 2010 CAS array?

  Hi,
  As far as I know, CAS array doesn' t exist in Exchange 2013. And OWA and other requests can be proxyed and redirected from Exchange 2013 to Exchange 2010.
  For more information, you can refer to the following article:
  http://blogs.technet.com/b/exchange/archive/2013/01/25/exchange-2013-client-access-server-role.aspx
  Thanks,
  Angela Shi
  TechNet Community Support

• Exchange 2010 - Report NDRs with powershell

  Hi all,
  I would like to analyze all internal NDRs within my exchange environment. For example we have systems which are hard coded with email addresses of internal recipients and people leave the business and their mailbox and associated email address will be removed
  from exchange but not from a third party system that has a list of addresses to send notifications out to or home grown scripts. In order to keep the email pipeline clean and follow best practices I would like to catch these NDRs and remove them from the relevant
  systems.
  Is there anyway I can do this with powershell, my environment Exchange 2010 SP2 and all the roles are on a single server.

  Hi Niko,
  I have just performed the following test:
  sent an email to an internal recipient were the address does not exist, example
  [email protected]
  The NDR does not come from [email protected]
  The headers for the NDR I got as listed below:
  MIME-Version: 1.0
  From: Microsoft Outlook
   <[email protected]>
  To: <[email protected]>
  Date: Thu, 11 Dec 2014 08:55:54 +0000
  Content-Type: multipart/report; report-type=delivery-status;
   boundary="129b7383-6632-4979-ab4a-e5742a33ae6b"
  X-MS-Exchange-Organization-SCL: -1
  Content-Language: en-GB
  Message-ID: <[email protected]>
  In-Reply-To: <[email protected]com>
  References: <[email protected]com>
  Thread-Topic: test
  Thread-Index: AdAVIEZfXlpAxeICRk2Dg71q+Amr/wAAADyf
  Subject: Undeliverable: test
  X-MS-Exchange-Organization-AuthSource: exchangeserver.mydomain.com
  X-MS-Exchange-Organization-AuthAs: Internal
  X-MS-Exchange-Organization-AuthMechanism: 05

• Exchange 2010 logon statistics with powershell

  I am trying to get some logon statistics from a Exchange server 2010, I am using the following command, 
  Get-MailboxServer | Get-LogonStatistics | Select UserName,ClientVersion,LastAccessTime,ServerName, but it returns this, 3587.0.32963.1, as a version
  number.
  I have read that it is af bug in Exchange 2010. Does anyone have a workaround?

  Right, I guess along with IP address Outlook doesn't send version information either back via Get-LogonStatistics...
  The client IP address for an Outlook 2010 client is not logged in Exchange when you use the Get-LogonStatistics command -
  http://support.microsoft.com/kb/2292750
  However you can get Version information from RPC Client Access Logs located in below folder...
  \Program Files\Microsoft\Exchange Server\v14\Logging\RPC Client Access

• Exchange 2010 health-checks with encryption and ntlm auth

  Hi everybody,
  I will be forced to implement extended health-ckecks for Exchange 2010 CAS Servers. So the cisco design guide does not help
  Exchange2010 CAS Service needs ntlm auth for many services by default. http://technet.microsoft.com/en-us/library/bb331973.aspx
  Now with SP1 also for pop3 and imap4. I have not found any option to use ntlm by default.
  The next problem is encryption.
  Health-checks with encryption are not integrated in cisco ace 4710 by default.
  As an alternative to try a scripted health-check with tcl script is an option but needs more investigation and is timeconsuming.
  I watched for other vendors solution, they use e.g. external imported shell scripts with curl (curl -s --ntlm -k -X POST ...) to do a health-check with ntlm. That would be fine at the moment to beat the requirement of extendet health-checks.
  But maybe it is only ntlm verion 1, I do not know what happens if it comes to ntlm version 2.
  Kerberos authentication is a much bigger problem, but at the moment not a requirement.
  Does anybody has some hints or also a tcl script for exchange health-checks ?
  Best Regards
  Alois

  Hi everybody,
  I will be forced to implement extended health-ckecks for Exchange 2010 CAS Servers. So the cisco design guide does not help
  Exchange2010 CAS Service needs ntlm auth for many services by default. http://technet.microsoft.com/en-us/library/bb331973.aspx
  Now with SP1 also for pop3 and imap4. I have not found any option to use ntlm by default.
  The next problem is encryption.
  Health-checks with encryption are not integrated in cisco ace 4710 by default.
  As an alternative to try a scripted health-check with tcl script is an option but needs more investigation and is timeconsuming.
  I watched for other vendors solution, they use e.g. external imported shell scripts with curl (curl -s --ntlm -k -X POST ...) to do a health-check with ntlm. That would be fine at the moment to beat the requirement of extendet health-checks.
  But maybe it is only ntlm verion 1, I do not know what happens if it comes to ntlm version 2.
  Kerberos authentication is a much bigger problem, but at the moment not a requirement.
  Does anybody has some hints or also a tcl script for exchange health-checks ?
  Best Regards
  Alois

• External emails not received after shutdown of Exchange 2010 in coexistence with Exchange 2013

  I have exchange 2013 and exchange 2010 in coexistence mode. All mailboxes have been moved to Exchange 2013 and firewall/spamfilters already pointed to Exchange 2013 CAS server. I can receive/send from and to external addresses, however when I shutted down
  the Exchange 2010 all incoming external mails were not received. What could be the cause?

  Start by re-checking how the device that takes the traffic from the external MX IP to internal is configured.
  Sniff the traffic to ensure that it is hitting 2013 directly.
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• IOS 4.3.1 + Exchange 2010 "was" fine with the mailbox on Ex2007 server

  Hi,
  i had used my iphone with ios 4.3.1 and active sync.
  The mailbox was hosted on the old exchange 2007 server.
  A new exchange 2010 server was running the last 4 weeks and the iphone was connection with activesync against the new exchange 2010 through local wlan and over internet.
  After i moved my profile to the new server i can´t connect anymore to the new server!
  Any idea what happend?

  It was working fine the last weeks with my mail account sitting on exchange 2007.
  Today i moved several mailboxes from exchange 2007 to 2010 SP1.
  I have some domain accounts that are created new and had their mailbox created on the exchange 2010 sp1 system.
  With these accounts i can connect and retrieve mails.
  But with my account (moved from 2007 to 2010) i can´t.
  All i get is a blank mailbox on my iphone.
  I even removed the mail account from my iphone and recreated the account.
  But it won´t retrieve mails.
  I refresh the offline addressbook at the exchange 2010 but nothing will help.
  Message was edited by: juergenb52

• EXCHANGE 2010 - Edge server with forefront FULL OF SPAM

  Hi there.
  We have recieved on Exchange 2010 EDGE server a lot of spam 200k messages in queue.
  We have stoped inboud SMTP traffic on firewall to stop the attack.
  Any suggestion how to empty the queue? I've heard there is a way to rename the "Exchange queue folder" but forget the procedure.
  How to stop the attacker?
  bostjanc

  Hi There,
  Use the KB below to find the Queue DB, then stop the service listed In the KB, rename the old DB and create a new one with the same name, than start the Service.
  http://www.ntweekly.com/?p=653
  Exchange Blog:
  www.ntweekly.com
  MCSA, MCSE, MCITP:SA, MCITP:EA, MCITP:Enterprise Messaging Administrator 2010,MCTS:Virtualization