Exchange 2010 Resource Forest - Autodiscover
Environment:
Account Forest (No Exchange server installed)
Resource Forest (Exchange 2010 SP3)
I understand that a SCP record can be created in the account forest using the following command: Export-AutoDiscoverConfig -DomainController <FQDN> -TargetForestDomainController <String> -TargetForestCredential $a -MultipleExchangeDeployments
$true
Questions:
1. Do I need to prep the schema in the Account Forest to create the relevant Exchange configuration before running Export-AutoDiscoverConfig?
2. Is the switch MultipleExchangeDeployments $true needed? Technet states that it's only needed if both forests contain Exchange but also states it's needed for
multiple accepted email domains? (which we do have)
http://technet.microsoft.com/en-us/library/aa998832(v=exchg.141).aspx3.
3. Can this change be backed out. i.e. can the SCP record be removed by using ADSI edit.
Thanks in advance
Hi,
Here are my answers you can refer to:
1. It depends.
If Exchange deployment has two or more trusted forests, you must update Active Directory so that Outlook users in one forest can access the CAS servers in the remote (or target) forest to use the Autodiscover service. To do this, we must extend the schema in
the user forest by running Exchange 2010 Setup with the /PrepareAD or /PrepareSchema switch, and then run the Export-AutodiscoverConfig cmdlet in the resource forest that contains the Client Access servers that provide the Autodiscover service against the
target forests.
If you do not want to extend the schema in the user forest, you can update DNS in the user forest with a host record that points to the internal IP address of the Client Access server in the resource forest where Autodiscover is hosted.
For more information, you can refer to the following article:
http://www.testlabs.se/blog/2010/11/06/configuring-the-autodiscover-service-for-multiple-forests/
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
2. It doesn’t need in your environment.
When the parameter MultipleExchangeDeployments is set to TRUE you will tell the forests that you have multiple Exchange forests. The parameter will also export the accepted domains which are defined in the Exchange environment.
3. SCP record can be removed by using ADSI edit:
On your account domain, open adsiedit.msc, locate the SCP records in
CN=Autodiscover,CN=Protocols,CN=<CAS_SERVER>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<ORG>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com
For more information, you can refer to the following thread:
http://social.technet.microsoft.com/Forums/exchange/en-US/a06686ec-f1dc-4738-b4c5-76c41088e145/configuring-autodiscover-in-resource-forest?forum=exchangesvrdeploylegacy
If you have any question, please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support
Similar Messages
-
Can't move Exchange 2003 mailbox to Exchange 2010 Resource forest (Linked Mailbox)
Problem Description:
Can’t move Exchange 2003 mailbox to Exchange 2010 resource forest
Error message:
Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials.
Source Environment Configuration:
Active Directory
FQDN: umfolozi.local
Domain name (pre-Windows 2000): UMFOLOZI
Domain Function Level: Windows Server 2003
Domain Controllers:
Hostname
OS
Operation Master
SRVUMVMDC01.umfolozi.local
Windows Server 2008 R2 Standard SP1
Schema Master, Domain Naming, RID, PDC
SRVUMVMDC01.umfolozi.local
Windows Server 2008 R2 Standard SP1
Infrastructure
Exchange
Version: Microsoft Exchange 2003 Standard SP2 Build 7638.2
Server Information:
Hostname
OS
TUSKUMFMAIL.umfolozi.local
Windows Server 2003 R2 SP2
DNS Zones
Zone Name
Zone Type
Domain Controllers
umfolozi.local
Active Directory-Integrated (Primary)
SRVUMVMDC01.umfolozi.local
SRVUMVMDC01.umfolozi.local
peermont.com
Secondary
SRVPGVMDC01.peermont.com
SRVPGVMDC02.peermont.com
Trusts
Domain Name
Trust Type
Transitive
Validated
peermont.com
Forest
Yes
Yes
Target Environment Configuration:
Active Directory
FQDN: peermont.com
Domain name (pre-Windows 2000): PG
Domain Functional Level: Windows Server 2008 R2
Domain Controllers:
Hostname
OS
Operation Master
SRVPGVMDC01.peermont.com
Windows Server 2008 R2 Std SP1
SRVPGVMDC02.peermont.com
Windows Server 2008 R2 Std SP1
Domain naming, RID, PDC, Infrastructure, Schema Master
Exchange
Resource Exchange Forest
Server Information:
Hostname
OS
Role
Version
Client Access Array
SRVPGVMEXCH01.peermont.com
Windows Server 2012 Std
HUB, CAS
Version 14.3 (Build 123.4)
exchange.peermont.com
SRVPGVMEXCH02.peermont.com
Windows Server 2012 Std
HUB, CAS
Version 14.3 (Build 123.4)
exchange.peermont.com
Hostname
OS
Role
Version
Database Availibility Group
SRVPGVMEXCH03.peermont.com
Windows Server 2012 Std
MBX
Version 14.3 (Build 123.4)
PeermontDAG
SRVPGVMEXCH04.peermont.com
Windows Server 2012 Std
MBX
Version 14.3 (Build 123.4)
PeermontDAG
DNS Zones
Zone Name
Zone Type
Domain Controllers
peermont.com
Active Directory-Integrated (Primary)
SRVPGVMDC01.peermont.com
SRVPGVMDC02.peermont.com
umfolozi.local
Secondary
SRVUMVMDC01.umfolozi.local
SRVUMVMDC01.umfolozi.local
Trusts
Domain Name
Trust Type
Transitive
Validated
umfolozi.local
Forest
Yes
Yes
Migration Process
Task
Description
Successful/Error
1
SYNC AD Domain account from source forest (umfolozi.local) to target forest (peermont.com) using BinaryTree SMART Directory Sync (ADMT can be used as alternative)
Successful
2
Create mailed enabled user
Successful
3
Run Prepare-MoveRepuest with –OverWriteLocalObject
Command Example:
.\Prepare-MoveRequest.ps1 -Identity [email protected] -RemoteForestDomainController SRVUMVMDC01.umfolozi.local
-RemoteForestCredential $RemoteCredentials -UseLocalObject -LocalForestDomainController SRVPGVMDC01.peermont.com -LocalForestCredential $LocalCredentials -OverWriteLocalObject
Successful
4
Submit mailbox request
Command Example:
New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeliveryDomain
"internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Credential "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True
Error
All the standard migration task works as expected until the mailbox migration move request is submitted. See move request verbose detail below:
[PS] C:\Windows\system32>New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeli
veryDomain "internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Crede
ntial "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True -Verbose
VERBOSE: [11:34:27.346 GMT] New-MoveRequest : Active Directory session settings for 'New-MoveRequest' are: View Entire
Forest: 'False', Default Scope: 'peermont.com', Configuration Domain Controller: 'SRVPGVMDC02.peermont.com', Preferred
Global Catalog: 'SRVPGVMDC02.peermont.com', Preferred Domain Controllers: '{ SRVPGVMDC02.peermont.com }'
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Runspace context: Executing user: peermont.com/Admin/Users/Admin
Accounts/Information Technology/SoarSoft/Johann Van Schalkwyk, Executing user organization: , Current organization: ,
RBAC-enabled: Enabled.
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Beginning processing &
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Instantiating handler with index 0 for cmdlet extension agent "Admin
Audit Log Agent".
WARNING: When an item can't be read from the source database or it can't be written to the destination database, it
will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting that Exchange not copy such
items to the destination mailbox. At move completion, these corrupted items won't be available in the destination
mailbox.
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Searching objects "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" of type
"MailboxDatabase" under the root "$null".
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient Write
Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient Scope(s):
{}, Exclusive Configuration Scope(s): {} }
VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Searching objects "0fa7d17e-3637-4708-a51b-f14eaae17968" of type "ADUser"
under the root "$null".
VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Processing object "$null".
VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] No RequestJob messages found.
VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MDB c5d6ea95-07b3-4a52-9868-e41e808a76fe found to belong to Site:
peermont.com/Configuration/Sites/Peermont
VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MRSClient: attempting to connect to 'SRVPGVMEXCH02.peermont.com'
VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] MRSClient: connected to 'SRVPGVMEXCH02.peermont.com', version
14.3.178.0 caps:07
VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] Loading source mailbox info
VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Failed to reconnect to Active Directory server
SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials. --> A
local error occurred.
VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Admin Audit Log: Entered Handler:OnComplete.
Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that
you have used the correct credentials.
+ CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemoteTransientException
+ FullyQualifiedErrorId : F48FD74B,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest
+ PSComputerName : srvpgvmexch02.peermont.com
VERBOSE: [11:34:28.859 GMT] New-MoveRequest : Ending processing &
Troubleshooting Performed
1. When submitting mailbox move request tried the following credential inputs:
1.1. DOMAIN\Username
1.2. FQDN\Username
1.3. userPrincipalName
2. Confirmed domain trust between source and target domain is in place and validated.
3. Confirmed name resolution in source and target domain is functioning as expected.
4. Confirmed network connectivity between source and target domain controllers as well as source and target exchange servers.
5. Tried to create new Linked Mailbox to account in source forest, can’t select Global Catologue via the wizard;
Tried to specify the credentials for the account forest and got the following error when tried to select Global Catalog from wizard:The error talk about the credential. Did you check the credential
Did you tried this command?
New-MoveRequest -Identity "Distinguished name of User in Target Forest" -RemoteLegacy -TargetDatabase "E2K10 Mailbox Database Name" -RemoteGlobalCatalog "FQDN of Source DC" -RemoteCredential $Remote -TargetDeliveryDomain "Target
domain name"
http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com Twitter:
LinkedIn:
Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
Exchange 2007 to Exchange 2010 cross forest simultaneous mailbox move limits
Hi All,
I am testing the throughput of mailbox moves from Exchange 2007 to Exchange 2010 cross forest. Single mailbox moves seem to be quite fast and I am not concerned about network, disk IO or server resource limitations, however I have not tested multiple simultaneous
mailbox moves to determine what the Exchange limitations are. If anyone could identify the limitations of the items below it would be much appreciated:
Limit of Exchange 2007 simultaneous mailbox moves per database
Limit of Exchange 2007 simultaneous mailbox moves per Mailbox server
Limit of Exchange 2007 simultaneous mailbox moves per CAS server
Limit of Exchange 2010 simultaneous mailbox moves per database
Limit of Exchange 2010 simultaneous mailbox moves per Mailbox server
Limit of Exchange 2010 simultaneous mailbox moves per CAS server
Any other Exchange 2007 or 2010 hard coded limits
Thanks in advance.
Michael.My usual answer to this question is that Microsoft set these limits for a reason. Increasing them may not offer you much in the way of benefits if you end up slamming the server. I generally recommend that you leave them alone.
I have had occasional opportunities to change these constraints, most notably back during a migration to Exchange 2003 and international mailbox moves (Asia to U.S.) where the limiting factor was network latency. I was able to increase the number of
concurrent threads to 16 from the default 2 and there was still available bandwidth because the process was limited by the latency.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
Exchange 2010 - Resource Mailbox won't send external notification email
Exchange 2010 with SP1. These mailboxes used to respond to outside booking requests, when we were running Exchange 2007. I've verified that -ProcessExternalMeetingMessages is set to $true. The mailbox responds to internal requests with an email.
All users are allowed to make "Resource In-Policy Requests".
I've tried booking from an email address that was setup as a Contact in Exchange - still no luck.
Any ideas?
Thanks.Martin
Agency
Could you share what settings did you use for SMTP connectors?
I have tried:
Authentication – Externally Secured
Permission Group – Exchange Servers
I can send emails via these connectors, but Room Mailbox still deletes requests from external sender.
Both organizations have Exch 2010 sp3 RU6, and AD forest 2008R2 level. -
Exchange 2007 to Exchange 2010 Cross Forest
Hi
We have a scenario where we have an Exchange 2007 organization (Org A - Source) and a separate Exchange 2010 organization (Org B - Target). Both the organizations (AD Forests) have two way trusts between them.
We want to have our Exchange 2007 users have their mailboxes hosted on Exchange 2010 organization. Meaning that the user (AD) accounts of Org A will remain in Forest A but there mailboxes will be available on Exchange 2010 servers in Org B. So we don’t need
a user / group migration stuff here and mailbox data on Exchange 2007 servers is also not critical (not required to be migrated) so we will be creating new disabled accounts and mailboxes in Org B for each user in Org A and connect the mailboxes. There will
be a brief period of co-existence between two Orgs (to enable mail-flow) until all the users have their mailboxes active in Org B. Need to figure out a way to achieve this.
We are planning to follow the steps below:
Setup name resolution between the forests (although basic connectivity is there and we can ping servers in one forest using IP Addresses from other forest) –
Please suggest if this is necessary or we can get away with it?
Setup SMTP namespace sharing for Exchange 2007 SMTP Domain name
Add Exchange 2007 SMTP domain as authoritative domain to E2K10
Create EAP for new SMTP Domain
SMTP Connector Creation for Direct E-mail Routing (Co-exist) Between Forests
Create disabled Mail Enabled (not Mailbox Enabled) User or Mail Enabled Contact in Org B.
Can we use Prepare-MoveRequest.ps1 script to create these?
Once a mail enabled user / contact is created in Org B for all the users, change incoming traffic from Internet for Org A SMTP domain to hit HT server in Org B
Make changes to Exchange 2010 certificate and install new certificate
Select a batch of users every day, create new mailbox for them using scripts in Org B and delete the corresponding contact in Org B
Can someone please confirm if this is correct and point out something I am missing?
Is there any other way to achieve the same goal?
Thanks
Taranjeet Singh
zamnHi Everyone
Thanks for the inputs so far. I need to confirm some steps to establish direct email flow unless all the mailboxes are created in target organization, can somebody have a look at the steps below and confirm if they are correct or add something that
I missed here:
Setup source Exchange organization:
a) Add unique SMTP domain for source organization, like @source.local. This domain will be added to all mail enabled objects in this organization and will be used for internal routing only
i) Add to Accepted Domains list
ii) Create EAP to add domain to existing objects
b) Use manual means to stamp SMTP domain to objects in source organization on objects that don’t have EmailAddressPolicyEnabled set to False
c) Create Send Connector to target forest. The target domain should also have a unique e-mail address, like @target.company.com (in our case 19 SMTP domains including JUBL.COM)
i) Include the valid SMTP domains and the unique one for internal routing
(source.local)
ii) Point to a smart host in the target forest
d) Set existing SMTP domain (JubilantRetail.com) as “Internal Relay Domain”. The target Exchange org will be authoritative for this domain
Setup target Exchange organization
a) Create Send Connector to unique SMTP domain in source forest. Includes shared name space (source.local) and @JubilantRetail.com
b) Set Default receiver connector, being used by source forest, to allow anonymous connections
c) Add shared SMTP domain (source.local) to Accepted Domains list as authoritative
d) Create EAPs to replicate the SMTP domains (e:g JubilantRetail.com and source.local) in the source environment
Thanks
Taranjeet Singh
zamn -
Best way to migrate Mailboxes with all permissions Exchange 2010 to Exchange 2010--cross forest
Hi,
Due to some Exchange and Active Directory issues (with remnants of old Ex 2003 server), we are going to migrate Exchange 2010 Mailboxes and public folders to a new Exchange 2010 Sp3 server, which is created in a new AD forest.
I would really appreciate if someone can direct us to the best way to migrate mailboxes and PFs with their permissions, to new Ex 2010 SP3 server. We have around 30 mailboxes, and 300 GB of mailboxes data, and 200 GB of PFdata.
Thanks in anticipation.
Regards, David JohnsonHello,
Firstly, you need to creat forest trust between two forests.
If you want to move AD user account and mailboxes, please use ADMT and PrepareMoveRequest script.
If you want to migrate public folder, please export data to PST file and then import pst file to new server.
Additional article for your reference.
http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
Cara Chen
TechNet Community Support -
Exchange 2003 migrate to Exchange 2010 - single forest multiple domain. Active Sync problem
Hi All,
I have AD single forest and multiple domain. for example, the forest domain is jakarta.co.id, and the other domain is bali.co.id.
Exchange 2003 deployed in jakarta.co.id, User mail enabled in domain jakarta.co.id and bali.co.id.
Then, I upgrade to Exchange 2010 (deploy in jakarta.co.id) and move mailbox from Exchange 2003 to Exchange 2010.
All users in bali.co.id are able to access email from Owa, BlackBerry (BIS), Outlook, but cannot access from Android, Windows Phone. (Active-Sync).
I got error information generated from https://testconnectivity.microsoft.com, as following:
Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.
Tell me more about this issue and how to resolve it
Additional Details
Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).
Active-Sync still not work even I check option "Include inheritable permissions from this object" in security tab.
any idea to fix this issue?
Thanks.
Endrik
Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread.Hi Sathish,
We are planning to migrate Exchange 2003 to Exchange 2013, all user already in Exchange 2010 and Exchange 2003 was decommissioned
Event Viewer log as following:
Log Name: Application
Source: MSExchange ActiveSync
Date: 1/17/2014 10:00:48 PM
Event ID: 1008
Task Category: Requests
Level: Warning
Keywords: Classic
User: N/A
Computer: EXC2010.jakarta.co.id
Description:
An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case,
Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization.
URL=/Microsoft-Server-ActiveSync/default.eas?Cmd=Sync&User=bali%5Csteveng&DeviceId=SAMSUNG123456789&DeviceType=SAMSUNGGTN7000
--- Exception start ---
Exception type: Microsoft.Exchange.AirSync.AirSyncPermanentException
Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevices,CN=Steven Gerrard,OU=IT,DC=bali,DC=co,DC=id.
Exception level: 0
HttpStatusCode: 500
AirSyncStatusCode: 110
XmlResponse:
This request does not contain a WBXML response.
Exception stack trace: at Microsoft.Exchange.AirSync.ADDeviceManager.SetActiveSyncDeviceContainerPermissions(ActiveSyncDevices container)
at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDeviceContainer(Boolean retryIfFailed)
at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime, Boolean retryIfFailed)
at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime)
at Microsoft.Exchange.AirSync.Command.UpdateADDevice(GlobalInfo globalInfo)
at Microsoft.Exchange.AirSync.Command.CompleteDeviceAccessProcessing()
at Microsoft.Exchange.AirSync.Command.WorkerThread()
--- Exception end ---.
I think KB817379 is not related because Exchange 2003 was decommissioned.
Regards,
Endrik
Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread. -
Exchange 2010, Outlook Anywhere, Autodiscover, SAN Certs and ISA 2004
Hi
Everything I have read says that SAN certs do not work with ISA 2004. However I have read through the "White Paper: Understanding the Exchange 2010 Autodiscover Service" document to understand my options (url below) and notice that the SAN
cert option in the "Summary of supported scenarios for connecting to the Autodiscover service from the Internet" section implies that ISA 2004 may be able to work:
"Requires additional configuration if used together with either ISA Server 2004 or ISA Server 2006"
http://technet.microsoft.com/en-us/library/jj591328(v=exchg.141).aspx
Does anyone know if there is a supported ISA 2004 scenario where SAN certs can work?
Thanks!It's highly doubtful, since ISA 2004 has been in extended support for two years. See
http://blogs.technet.com/b/isablog/archive/2009/10/05/mainstream-support-ending-for-isa-server-2004-standard-edition-sp3.aspx for details about ISA 2004 support - it goes totally out of support next year. -
Exchange 2010: Resource mailbox not sending conflict notification
Hi,
I configured meeting room mailbox on exchange 2010, and I configured it to not allow conflict reservation.
I tried to sent two meeting requests in same time and it accepted both.
please advice.I have the same issue as above "Resource mailbox not sending conflict notifications and ran the command as suggested but no luck.
Set-CalendarProcessing -Identity "Conf 212" -AutomateProcessing AutoAccept
Here are the mailroom settings:
AutomateProcessing : AutoAccept
AllowConflicts : False
BookingWindowInDays : 180
MaximumDurationInMinutes : 1440
AllowRecurringMeetings : True
EnforceSchedulingHorizon : True
ScheduleOnlyDuringWorkHours : False
ConflictPercentageAllowed : 0
MaximumConflictInstances : 0
ForwardRequestsToDelegates : True
DeleteAttachments : True
DeleteComments : True
RemovePrivateProperty : True
DeleteSubject : False
AddOrganizerToSubject : False
DeleteNonCalendarItems : True
TentativePendingApproval : True
EnableResponseDetails : True
OrganizerInfo : True
AllBookInPolicy : False
RequestInPolicy : {}
AllRequestInPolicy : True
AddAdditionalResponse : False
AdditionalResponse :
RemoveOldMeetingMessages : True
AddNewRequestsTentatively : True
ProcessExternalMeetingMessages : False
RemoveForwardedMeetingNotifications : False
Any help would be greatly appreciated.
Thai -
Exchange 2013 resource forest deployment, auth error with imap/pop3 clients.
Hello Everyone!
We have an issue with pop/imap clients trying to authenticate.
Users log on with credentials from Account Forest, security audit shows a succesful log on and impersonation from process Microsoft.Exchange.Pop3.exe, but fails to login to mailbox.
The following warning appears in the event log:
Log Name: Application
Source: MSExchangePOP3
Date: 22/01/2014 11:41:29
Event ID: 2005
Task Category: (1)
Level: Warning
Keywords: Classic
User: N/A
Computer: exchangeCAS
Description:
User [email protected] wasn't found in Active Directory.
Protocol logs show the same warning.
Seems that Microsoft.Exchange.Pop3.exe process is unable to determine the linked mailbox of the provided credentials.Thanks for your answer.
We can access this mailbox with any protocol but pop/imap.
Anyway, I think that I found something.
In an isolated enviroenment, with an Active directory trace (Performance Monitor tool) those are the LDAP querys with some tests:
Trying to log on with an account in the same forest as the mailbox:
User string: resource.forest\administrator\userA_linkedMB
LDAP Query: ( (mailNickname=userA_linkedMB) ( !(msExchCU=*) ) ....
Success, as expected.
Trying to log on with an account in the account forest:
User string: account.forest\userA\userA_linkedMB
LDAP Query: ( (sAMAccountName=userA) ( ! (msExchCU=*) ) ....
First, in this case the query seems incorrect, I expect it filtering by mailNickname and with the third part of the logon string. Of course it fails because there isnt any user with this SAM in the resource forests.
Same test, with resource.forest\userA, sAMAccountName = userA
User string: account.forest\userA
LDAP Query: ( (sAMAccountName=userA) ( ! (msExchCU=*) ) ....
This query returns 1 matching user, but seems that pop3 process checks if its from account.forest (it isn't of course, because query is sent to resource.forest DC) and fails.
I'm not sure, but seems a bug in the POP3/IMAP login code. -
Exchange 2010 resource mailbox automatically opening along with user email account
I've created a number of resource mailboxes for conference rooms, however one of them continuously opens in my Outlook profile. Deleting the profile doesn't seem to help, and it follows me around (it does it in my local Outlook 2010 profile, as well as my
Outlook 2013 profile in our Citrix environment).
Right-clicking the mailbox and selecting Close presents a box saying, "This group of folders is assicated with an email account. To remove the account, click the File Tab, and on the Info tab, click Account Settings. Select the e-mail account, and then
click Remove."
Unfortunately the profile is not configured to open this account, it's configured to only open my account (a domain admin). I've also gone into the settings of my account in Outlook and it is not set to open the resource mailbox as an additional mailbox
on the Advanced tab, so I'm not sure where it's getting this setting.
Since the issue seems to be unrelated to the actual Outlook profile, I looked at both mailbox objects within the Exchange Management Console and can find nothing in either object that would be instructing Outlook to open both mailboxes.
Any help is appreciated. Thanks.Seems like it's auto-mapped to the account. Run Remove-mailboxpermissions against it, hopefully it will 'refresh' the settings. If it still doesn't work, check the msExchDelegateListLink for the resource mailbox.
More info for example here:
http://technet.microsoft.com/en-us/library/hh529943(v=exchg.141).aspx -
Exchange 2010 resource mailbox double booking issue..
Hi,
I have moved the meeting room mailbox from exchange 2003 to 2010:
set-Mailbox -Identity:<resourcename> -Type:Room
but after that, the meeting room can be double booking in the same time.
I have tried folllowing command, but it's failded.
Set-CalendarProcessing -Identity <mailbox identity> -AllowConflicts:$false
Thanks.Hi Martina,
I appreciate this is an old post, however if you do pick up on this could you please advise on your statement from the above:
"Even if the room sends a Decline, as it should when a conflict is found, you will still see that meeting request in your own Calendar."
This is the exact behaviour happening at a customer of ours at the moment. However they don't want the meeting requests to appear/remain in the Calendar of the person trying to book the meeting room.
Do you know of a way to stop this behaviour?
Do you know if the meeting request is only populated in the Calendar of the user who tries to book an appointment in the resource calendar or does this appear in other perspective attendees Calendars?
Many Thanks,
Matt.
MEllis -
Hi Everyone
We are getting the below error on all 3 of our mailbox databases when the msexchange assistant runs, we do have retention policies in place but everything in EMC says that all databases are healthy but this event says otherwise.
Service MSExchangeMailboxAssistants. 'Managed Folder Mailbox Assistant' failed to process mailbox john smith(58d9d22a-8b87-45cf-9f77-9c009a675575). The following exception caused the failure: Microsoft.Exchange.Assistants.TransientMailboxException --->
Microsoft.Exchange.Data.Directory.ResourceHealth.ResourceUnhealthyException: Resource '(Mdb)MailboxDatabase001' is unhealthy and shouldn't be accessed.
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ELCHealthMonitor.InternalThrottleStoreCall(MdbResourceHealthMonitorKey optionalAlternateDatabase)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ElcSubAssistant.ThrottleStoreCallAndCheckForShutdown(ExchangePrincipal mailboxOwner, MdbResourceHealthMonitorKey archiveKey)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.MailboxExpirationEnforcer.ProcessFolderContents(StoreId folderId, ItemQueryType itemQueryType)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.MailboxExpirationEnforcer.CollectItemsToExpireInNonIpm()
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.SysCleanupEnforcerBase.CollectItemsToExpire()
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.MailboxExpirationEnforcer.Invoke()
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.SysCleanupEnforcerManager.Invoke(MailboxDataForTags mailboxDataForTags, ElcParameters parameters)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.SysCleanupSubAssistant.Invoke(MailboxSession mailboxSession, MailboxDataForTags& mailboxDataForTags, ElcParameters parameters)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ELCAssistant.<>c__DisplayClass6.<InvokeInternal>b__0()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ELCAssistant.InvokeInternal(InvokeArgs invokeArgs)
at Microsoft.Exchange.MailboxAssistants.Assistants.TimeBasedAssistant.Invoke(InvokeArgs invokeArgs)
at Microsoft.Exchange.Assistants.TimeBasedDatabaseJob.<>c__DisplayClass5.<ProcessMailboxUnderPoisonControl>b__3()
at Microsoft.Exchange.Assistants.Util.<>c__DisplayClass1.<CoreCatchMeIfYouCan>b__0()
--- End of inner exception stack trace ---
at Microsoft.Exchange.Assistants.Util.TraceAndThrow(CatchMe function, AIException aiException)
at Microsoft.Exchange.Assistants.Util.CatchMeIfYouCan(CatchMe function)
at Microsoft.Exchange.Assistants.Base.CatchMeIfYouCan(CatchMe function)
at Microsoft.Exchange.Assistants.TimeBasedDatabaseJob.ProcessMailboxUnderPoisonControl(MailboxData mailbox, EmergencyKit kit)
Please help...Hi,
From your description, I recommend you restart the Microsoft Exchange Mailbox Assistants service and check the result. If the issue persists, you need to re-configure the managed folder mailbox policy for the mailbox and then restart the Microsoft Exchange
Mailbox Assistants service.
Hope this can be helpful to you.
Best regards,
Amy Wang
TechNet Community Support -
Exchange 2010 resource mailbox delegate still getting attachments
I have a user that is set as a delegate on a resource mailbox, when an attachment is added to a meeting request the resource mailbox is deleting the attachment. However, the delegate of said resource mailbox is still receiving the attachment but my
user does not want the delegate to receive the attachment. Here are the resource settings:
AutomateProcessing : AutoAccept
AllowConflicts : False
BookingWindowInDays : 180
MaximumDurationInMinutes : 1440
AllowRecurringMeetings : True
EnforceSchedulingHorizon : True
ScheduleOnlyDuringWorkHours : False
ConflictPercentageAllowed : 0
MaximumConflictInstances : 0
ForwardRequestsToDelegates : True
DeleteAttachments : True
DeleteComments : True
RemovePrivateProperty : True
DeleteSubject : True
DisableReminders : True
AddOrganizerToSubject : True
DeleteNonCalendarItems : True
TentativePendingApproval : True
EnableResponseDetails : True
OrganizerInfo : True
ResourceDelegates : {}
RequestOutOfPolicy :
AllRequestOutOfPolicy : False
BookInPolicy :
AllBookInPolicy : True
RequestInPolicy :
AllRequestInPolicy : False
AddAdditionalResponse : False
AdditionalResponse : <DIV><FONT size=2 face=Tahoma></FONT></DI
V>
RemoveOldMeetingMessages : True
AddNewRequestsTentatively : True
ProcessExternalMeetingMessages : True
DefaultReminderTime : 15
RemoveForwardedMeetingNotifications : False
Is it possible to have the attachment deleted from this email that the delegate receives?Hi,
I would like to clarify the following thing:
Setting Delete Attachments means that the attachment information in a meeting request does not appear in the resource's calendar. But it would appear in the meeting email original content of Inbox.
I'm afraid there is no direct way to delete the attachments of meeting requests before they go into delegate's inbox. But there is a workaround, you can new rule on Outlook to delete all attachments that are sent to delegate. (Note: If you new this rule,
all attachments that are sent to the delegate will be deleted, not only meeting requests.)
Hope my clarification is helpful.
If there are any problems, please feel free to let me know.
Best regards,
Amy
Amy Wang
TechNet Community Support -
Moving Exchange 2003 mailboxes to Exchange 2010
Hello
I have a new domain with Exchange 2010 server. I plan to join users to this domain but would like to know the best plan in moving the existing Exchange 2003 mailboxes over. Can I just import the PST files into their new Exhaneg 2010 mailboxes or is there
a better easier solution?
Thank youHi,
You can export mailbox using ExMerge in Exchange 2003, but ExMerge only supports ANSI PST files which have a 2GB limit.
To migrate mailboxes across forests, Active Directory Migration Tool (ADMT) will be used.
Here is a blog which can help you to do cross forest migration from Exchange 2003 to Exchange 2010 for your reference.
Exchange 2010 Cross-Forest Migration Step by Step Guide – Part I
http://blogs.technet.com/b/meamcs/archive/2011/06/10/exchange-2010-cross-forest-migration-step-by-step-guide-part-i.aspx
Best regards,
Belinda
Belinda Ma
TechNet Community Support
Maybe you are looking for
-
Ipad not restoring to ios 6.1.3
Hey, I installed ios 7.0 beta 3 on my ipad 2 and now it is not restoring to ios 6.1.3. It is showing the error of (3194).. And i have tried copying hosts file and its still not working.. I need help!! Thanks in advance Tejvir Singh
-
Hi all, I developed a BDC. Client had asked for a requirement tat while uploading an excel for eg of 1000 records, and if ter is an error in the 600th record ,as of now it will throw error,but tey were telling BDC shud not stop ter,else it shud disc
-
How to check status of a particular port by using netstat command?
How to check status of a particular port by using netstat command? I want to check port 443 in my server is open or not, is there any other way to check port via commandline?
-
DAC: How to read channel Data
How can I read Values from Diadem-Datachannels to DAC? There is a control "Channel Data" ("Simulation Kanal" in german release). It can read data from channels with a clock-signal. How can I reset the read-pointer to the first channel-entry without
-
Why do I get Error -1967390704 when launching DSC?
After launching the Tag Engine, I get the following error message: "Error accessing historical database! Error Code -1967390704. Help> Explain Error lists this as a possible reason: "Socket has been disconnected by its peer". My program has been succ