Exchange 2010: setup exhange on iphone

Similar Messages

• Exchange 2010 email access from iPhone 4

  Hi,
  We have Exchange 2010 in our network and we are publishing OWA & Outlook Anywhere using TMG 2010 with GoDaddy Public Certificate.
  Everything works well.
  I can access the OWA & Outlook Anywhere from Non Domain machines without any issues but when it comes to iPhone it just doesn't work.
  I followed the procedure to configure iPhone from this link and selected the manual configuration option but i get the 
  http://maketecheasier.com/connect-exchange-account-from-iphone/2011/02/14
  I get Server‘
  field added to the previous fields in the settings.
  Is there any configuration required on TMG for iPhone email access?
  Please suggest.
  Regards,
  Maqsood
  Maqsood Mohammed Senior Systems Engineer MCITP-Enterprise Admin & ITILv3 Foundation Certified

  Hi,
  We have Exchange 2010 in our network and we are publishing OWA & Outlook Anywhere using TMG 2010 with GoDaddy Public Certificate.
  Everything works well.
  I can access the OWA & Outlook Anywhere from Non Domain machines without any issues but when it comes to iPhone it just doesn't work.
  I followed the procedure to configure iPhone from this link and selected the manual configuration option but i get the 
  http://maketecheasier.com/connect-exchange-account-from-iphone/2011/02/14
  I get Server‘
  field added to the previous fields in the settings.
  Is there any configuration required on TMG for iPhone email access?
  Please suggest.
  Regards,
  Maqsood
  Maqsood Mohammed Senior Systems Engineer MCITP-Enterprise Admin & ITILv3 Foundation Certified
  Please can you give some info about the Godday certificate you bought.

• Exchange 2010 setup problems

  I am having some issues and I am need some help please. I tried to setup exchange on a local server yesterday (2010) and 1/2 way through it throught a ton of errors where I could not find some items. So ok I said it would not even uninstall without giving
  me grief. I then did a manual uninstall of 2010 since I couldnt get 2010 to even install on the new server without doing so.  I then setup a new virtual server today and tried to reinstall it. but am still getting an error and here is the logs.
  [04/27/2014 07:48:55.0235] [2] Active Directory session settings for 'initialize-ExchangeUniversalGroups' are: View Entire Forest: 'True', Configuration Domain Controller: '69-64-71-40.ketelaaraccounting.com', Preferred Global Catalog: '69-64-71-40.ketelaaraccounting.com',
  Preferred Domain Controllers: '{ 69-64-71-40.ketelaaraccounting.com }'
  [04/27/2014 07:48:55.0235] [2] Beginning processing initialize-ExchangeUniversalGroups -DomainController:'69-64-71-40.ketelaaraccounting.com' -ActiveDirectorySplitPermissions:$null
  [04/27/2014 07:48:55.0267] [2] Used domain controller 69-64-71-40.ketelaaraccounting.com to read object DC=ketelaaraccounting,DC=com.
  [04/27/2014 07:48:55.0282] [2] Used domain controller 69-64-71-40.ketelaaraccounting.com to read object CN=Configuration,DC=ketelaaraccounting,DC=com.
  [04/27/2014 07:48:55.0282] [2] Used domain controller 69-64-71-40.ketelaaraccounting.com to read object CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ketelaaraccounting,DC=com.
  [04/27/2014 07:48:56.0031] [2] Used domain controller 69-64-71-40.ketelaaraccounting.com to read object OU=Microsoft Exchange Security Groups,DC=ketelaaraccounting,DC=com.
  [04/27/2014 07:48:56.0125] [2] [ERROR] Unexpected Error
  [04/27/2014 07:48:56.0125] [2] [ERROR] The well-known object entry B:32:C262A929D691B74A9E068728F8F842EA:CN=Organization Management\0ADEL:ed5aa0f9-643b-43d8-bdeb-5e6c0f327703,CN=Deleted Objects,DC=ketelaaraccounting,DC=com on the otherWellKnownObjects attribute
  in the container object CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ketelaaraccounting,DC=com points to an invalid DN or a deleted object.  Remove the entry, and then rerun the task.
  [04/27/2014 07:48:56.0156] [2] Ending processing initialize-ExchangeUniversalGroups
  [04/27/2014 07:48:56.0156] [1] The following 1 error(s) occurred during task execution:
  [04/27/2014 07:48:56.0156] [1] 0.  ErrorRecord: The well-known object entry B:32:C262A929D691B74A9E068728F8F842EA:CN=Organization Management\0ADEL:ed5aa0f9-643b-43d8-bdeb-5e6c0f327703,CN=Deleted Objects,DC=ketelaaraccounting,DC=com on the otherWellKnownObjects
  attribute in the container object CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ketelaaraccounting,DC=com points to an invalid DN or a deleted object.  Remove the entry, and then rerun the task.
  [04/27/2014 07:48:56.0156] [1] 0.  ErrorRecord: Microsoft.Exchange.Management.Tasks.InvalidWKObjectException: The well-known object entry B:32:C262A929D691B74A9E068728F8F842EA:CN=Organization Management\0ADEL:ed5aa0f9-643b-43d8-bdeb-5e6c0f327703,CN=Deleted
  Objects,DC=ketelaaraccounting,DC=com on the otherWellKnownObjects attribute in the container object CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ketelaaraccounting,DC=com points to an invalid DN or a deleted object.  Remove the entry, and then
  rerun the task.
  [04/27/2014 07:48:56.0156] [1] [ERROR] The following error was generated when "$error.Clear();
      initialize-ExchangeUniversalGroups -DomainController $RoleDomainController -ActiveDirectorySplitPermissions $RoleActiveDirectorySplitPermissions
  " was run: "The well-known object entry B:32:C262A929D691B74A9E068728F8F842EA:CN=Organization Management\0ADEL:ed5aa0f9-643b-43d8-bdeb-5e6c0f327703,CN=Deleted Objects,DC=ketelaaraccounting,DC=com on the otherWellKnownObjects attribute in the container
  object CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ketelaaraccounting,DC=com points to an invalid DN or a deleted object.  Remove the entry, and then rerun the task.".
  [04/27/2014 07:48:56.0156] [1] [ERROR] The well-known object entry B:32:C262A929D691B74A9E068728F8F842EA:CN=Organization Management\0ADEL:ed5aa0f9-643b-43d8-bdeb-5e6c0f327703,CN=Deleted Objects,DC=ketelaaraccounting,DC=com on the otherWellKnownObjects attribute
  in the container object CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ketelaaraccounting,DC=com points to an invalid DN or a deleted object.  Remove the entry, and then rerun the task.
  [04/27/2014 07:48:56.0156] [1] [ERROR-REFERENCE] Id=443949901 Component=
  [04/27/2014 07:48:56.0156] [1] Setup is stopping now because of one or more critical errors.
  [04/27/2014 07:48:56.0156] [1] Finished executing component tasks.
  [04/27/2014 07:48:56.0187] [1] Ending processing Install-ExchangeOrganization
  [04/27/2014 07:48:56.0187] [0] The Exchange Server setup operation didn't complete.  More details can be found in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.
  [04/27/2014 07:48:56.0203] [0] End of Setup
  [04/27/2014 07:48:56.0203] [0] **********************************************
  Im really lost I can not find the entry it is complaining about no matter how hard I look. I really need help I would rather not scrap all my hard work.
  Ted

  Hi,
  Based on my research, we can try to firstly check the otherWellKnownObjects attribute in order to resolve the issue:
  1.) Go to Start -> Run -Type LDP.exe -> click OK
  2.) Click Connection -> Connect and then click OK
  3.) Click Connection -> Bind and then click OK
  4.) Click View -> Tree and for the BaseDN select CN=Configuration,DC=DomainName,DC=local and click OK
  5.) In the left-pane expand the Configuration partition -> Services -> Microsoft Exchange
  6.) Right-click the object Microsoft Exchange and then click Modify
  7.) In the Attribute box type otherWellKnownObjects
  8.) In the Values box type B:32:9C5B963F67F14A4B936CB8EFB19C4784:CN=ExchangeLegacyInterop\0ADEL:90d1a283-ed42-4ddf-8402- f0dbef0290b2,CN=Deleted Objects,DC=CAO,DC=local (The invalid DN reference you
  want to delete)
  9.) Select the Delete radio button
  10.) Click the Enter button
  11.) The Entry List text box will populate with [Delete] and the selected attribute and its value in steps 7 & 8.
  12.) Click on the Run button
  And here are some references:
  http://blogs.technet.com/b/winde76/archive/2012/06/10/prepare-ad-creates-duplicate-security-groups.aspx
  http://social.technet.microsoft.com/Forums/exchange/en-US/2fd295db-f84e-4c7b-a1cb-03fa0433d95f/exchange-2010-install-setup-preparead-fail?forum=exchangesvrdeploylegacy
  http://social.technet.microsoft.com/Forums/exchange/en-US/7f0f2ea5-73f0-4a61-8f9f-728f11eea98b/exchange-2010-install-fails-preparead
  Thanks,
  Angela Shi
  TechNet Community Support

• Forefront for exchange 2010 setup wizard preinstall update request

  I'm trying to install FPE, but even before I install and after the extraction of the files im getting the following error message on both my CAS servers.
  I have the following roles installed on this Client Access Server im using for the initial install of Forefront.
  Do I need to install active directory domain services before I continue.

  Hi,
  Firstly, please refer to the similar thread below:
  FSEMachinePrep.exe
  fails saying Server Unavailable
  Based on my research,
  Microsoft Forefront Protection 2010 for Exchange Server (FPE) can be deployed on Exchange Edge Transport, Hub Transport, Mailbox server, or combined
  Hub/Mailbox roles.
  Exchange 2010 requires Active Directory to be in place except for the Exchange 2010 Edge role (for DMZ) which can be deployed in a workgroup with Active Directory Lightweight
  Directory Services. Both Exchange (Mailbox, HUB and CAS role) and therefore FPE requires an Active Directory on site.
  Did you set up a domain environment for exchange server? If yes, please check the group membership of the user and make sure that it is a member of the Organization
  Management role group. In addition, please also make sure that you can connect to the primary domain controller on the CAS servers.
  More information:
  Microsoft Exchange Server 2010: Exchange Server and Active Directory
  Best regards,
  Susie

• I'm trying to have existing Exchange accounts setup on my new iMac and can't get it to work.

  I have existing Exchange accounts setup on my iPhone and iPad to access my work email.  I'm trying to do the same on my new iMac and can't get it to work.  I have it setup the same as my iPad and it asks me for my password over and over...any suggestions?
  <Re-Titled By Host>

  Hi mwatts18,
  As a preliminary troubleshooting step, you should reference the information in the following article:
  OS X Mail: Troubleshooting sending and receiving email messages
  http://support.apple.com/kb/TS3276
  I would especially suggest that you delete the account and re-add it, making sure that you are entering the correct password when you add the account. Thanks for being a part of the Apple Support Communities!
  Regards,
  Braden

• Exchange 2010 - Outlook Anywhere trying to connect to internal server name first before connecting to proxy server

  Hello,
  I have an Exchange 2010 question which I will post in the Exchange 2013 section since the Ask a question button in the legacy Exchange Servers section of technet takes me back to the part of Technet where I can only ask questions regarding Exchange 2013.
  If someone can point me to a part where I can place a question in an Exchange 2010 forum please let me know.
  We have Exchange 2010 setup with a CAS array listening to outlook.internaldomain.com
  We have TMG 2010 setup with a rule for Outlook Anywhere, the rule listens to mail.externaldomain.com and traffic that meets this rule is let through to outlook.internaldomain.com.
  When I fire up my laptop, which is connected to the internet, and start Outlook and let it configure my profile through autodiscover it sets it up correct and fills the Outlook profile with a servername stating outlook.internaldomain.com and a proxyserver
  to be used stating mail.externaldomain.com. After initial setup when my Outlook starts it almost immediatly prompts me for a username and a password so this is working fine.
  At the office we have an internal network segment where DHCP is servicing the connecting clients and giving them our internal DNS servers because they need connection to some other network segments which are not available to the internet. This network segment
  does not have access to our internal Exchange environment but has full access to the internet. Clients in this network segment do want to use Outlook so using Outlook Anywhere for them is the logical way to go. When I connect my laptop to this network segment
  I get handed an IP address and our internal DNS servers, when I start Outlook it takes about two minutes before a the credential prompt pops up and another 2 to 6 minutes after entering credentials before it says all folders are in sync. This is quite long
  and our clients find this unacceptable.
  I started testing what might be going on here and I have found that when I manually enter external DNS servers the Outlook password prompt will popup in seconds and all is working as expected so it seems Outlook is trying to connect to the internal servername
  when using our internal DNS servers (which can resolve outlook.internalnetwork.com) instead of directly going to the proxy server which is to be used for Outlook Anywhere.
  When I start a network monitor trace my thoughts are confirmed because when I am connected to the internal network segment OUTLOOK.EXE first tries to connect to outlook.internaldomain.com, it almost immediately gets a response stating that this route is
  inaccessible but OUTLOOK.EXE keeps on trying to connect untill some sort of time out is reached (somewhere around two minutes) after which it connects to mail.externaldomain.com and Outlook shows the credential prompt.
  So to round it up, when connected to DNS servers that can resolve the internal servername Outlook tries to connect to the internal servername in stead of the external name, Outlook does not reckognize the answer from the network that the internal route is
  not acessible (or it does but does nothing with this information).
  Has anybody experienced this behaviour in Outlook?
  Does anyone have a solution in where I can force Outlook to connect to it's proxyserver and disregard the internal servername?

  Thank you for your reply.
  The client computers that are experiencing the issues are not domain joined, the only reason I can think of why this is occurring is because the DNS servers are able to resolve the internal hostname of the server, but I would expect Outlook to always use
  the proxy server that has been set in the configuration of the Outlook profile. Or at least acknowledging the answer that the initially tried route is inaccessible and immediately continue to the proxy server.
  For setting the same hostname for internal and external use, we use different namespaces internally and externally, do you mean setting the external hostname on the CAS array for internal use ? Wouldn't that push all internal communication to the internet
  and to the outside interface of the TMG where the server is published with that hostname ?

• Exchange 2010/2013 coexistence published in TMG 2010

  Environment:
  Two Windows 2008 R2, Exchange 2010 SP3 servers, currently holding all mailboxes
  Two Windows 2012 R2, Exchange 2013 SP1 servers, setup in progress
  Two Windows 2008 R2, TMG 2010, V7.0.9193.540 publishing both Exchange 2010 servers.
  Scenario:
  I need to continue having Exchange 2010 setup in TMG as is as the mailbox migration to 2013 will take weeks if not months and I have a project requirement to have Exchange Database Availability Group (DAG) functionality for all mailboxes throughout the project,
  so 4 servers are an absolute must. So I need to add Exchange 2013 in TMG and not just replace the 2010 setup with the 2013 setup and I cannot run one 2010 and one 2013 server. 
  Questions:
  1. I currently only have 2 public IP addresses available to SMTP, mapped to the external interfaces of TMG, to allow my environment to be able receive emails on 4 Exchange servers (two 2010 and two 2013) I need to have 4 public IP addresses, is that correct?
  2. Does anyone have a good general guide/blog for doing this (setting up Exchange 2013 in TMG in a coexistance scenario)? 
  This is nice, but doesn't really approach it from a coexistance scenario:
  http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx
  Thanks!

  Hi Trana,
  In TMG you can use single IP address to publish multiple Web address and below are the options which you can explore.
  Hope your OWA ECP etc are Https
  You need a SSL certificate which has all the URL SAN entry of both old and new Exchange server.
  Create a listener and select the IP address (Say public IP address 195.219.x.x)
  Link the SSL certificate
  Public DNS entry
   A record , Single IP
  195.219.x.x 
  Point to           
  Owa1.exchange1.com   - Old Server
  195.219.x.x 
  Point to           
  ECP1.exchange1.com     - Old Server
  195.219.x.x 
  Point to           
  ECP2.exchange2.com      - New Server
  195.219.x.x 
  Point to           
  Owa2.exchange2.com     - New Server
  Create a Web publishing rule as below
  Old server Exchange 1
  Owa1.exchange1.com  
  ECP1.exchange1.com    
  One Web publishing Rule with all the URL added on it and link the Rule with the listener we created
  Point the Web publishing to Exchange1.com server which is old
  New server Exchange 2
   Web publishing Rule with all the URL added on it and link the Rule with the listener we created
  Point the Web publishing to Exchange2.com server which is New
  ECP2.exchange2.com     
  Owa2.exchange2.com    

• Error Code 8224 Ldifde Exchange 2010 installation failure

  Hi, here is a problem I have been bashing my head with for about a week. I am transitioning to Exchange 2010 from 2003. I have two DC's running Windows Server 2003 Sp2, one of which is the Exchange 2003 server. I have just brought online a windows 2008R2
  member server, which I am attempting to install exchange 2010 on. I get the following error message during installation.
  Organization Preparation
  Failed
  Error:
  The following error was generated when "$error.Clear(); install-ExchangeSchema -LdapFileName ($roleInstallPath + "Setup\Data\"+$RoleSchemaPrefix + "schema1.ldf")" was run: "There was an error while running 'ldifde.exe' to
  import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema1.ldf'. The error code is: 8224. More details can be found in the error file: 'C:\Users\administrator.CFN\AppData\Local\Temp\2\ldif.err'".
  There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema1.ldf'. The error code is: 8224. More details can be found in the error file: 'C:\Users\administrator.CFN\AppData\Local\Temp\2\ldif.err'
  Elapsed Time: 00:00:22
  And from the ldif.err:
  The connection cannot be established
  The error code is 8224
  Now I have checked dns, all is good. I can resolve the DC without issue.
  I have done dcdiag and netdiag and passes all tests. I have even written a hosts file, all this to no avail.
  Any help would be appreciated.
  Thanks
  B

  I had a same and I fixed this........
  Solution
  1. The error is happening at the "Organization Preparation" stage, so let's go 'old school' and do that manually.
  2. Locate the server on your network that is the schema master (Locate FSMO Servers).
  3. Put the Exchange 2010 DVD in the schema master (Or share it over the network and connect to it from the schema master server).
  4. Drop to command line and change to the DVD Drive/Directory with the Exchange 2010 setup files in it.
  5. ONLY do this if you have Exchange 2003 already! Run the following command, (If no Exchange 2003 present, skip to the next step).
  X:\Setup /PrepareLegacyExchangePermissions (Where "X" is CD ROM derive letter)
  6. Run the following command:
  X:\Setup /PrepareSchema
  7.
  Run the following command:
  X:\Setup /PrepareAD
  Note: At this point it may fail, and say it requires an organization name, (it will do this if it finds no existing container in Active Directory).
  Error
  Exchange organization name is required for this mode.  To specify an organization name, use the /organizationName parameter.
  If that is the case, then run the following command:
  X:\Setup /PrepareAD /OrganizationName:"Your required org name"
  Reboot your server and try to install exchange 2010.
  Jotiba Patil

• Exchange 2010 DAG Failover does not works

  Hi Experts,
  I have a Exchange 2010 setup in  a DAG environment. We have 2 MBX servers in the main site and 1 MBX server in the DR site , all part of one DAG. We have 2 HUB/CAS servers in the main site and 1 HUB/CAS server in the DR site.
  Recently we had to do our BCP test for audit purpose. We had issues in doing failover to the DR site and below is the error faced.
  Please advise urgently on the possible causes and resolution steps for it as we need to do this test again on the coming weekend.
  "EvictDagClusterNode got exception Microsoft.Exchange.Cluster.Replay.AmClusterEvictWithoutCleanupException: An Active Manager operation failed. Error An error
  occurred while attempting a cluster operation. Error: Evict node 'sme-ho-mbx01' returned without the node being fully cleaned up. Please run cluster.exe node <NodeName> /forcecleanup to complete clean up for this node.. ---> System.ComponentModel.Win32Exception:
  The wait operation timed out"
  So, basically one of the MBX server was not evicting from the Cluster due to which failover did not work.
  Would appreciate some urgent thoughts for the possible resolution.
  regards
  abubakar
  Md.Abubakar Noorani IT Systems Engineer Serco Ltd.

  Hi,
  Yes, you can run the Stop-DatabaseAvailabilityGroup without shutting down the Mailbox server. During the process of DAG failover to DR site, the Stop-DatabaseAvailabilityGroup cmdlet should be run against all servers in the primary datacenter. If the Mailbox
  server is unavailable but Active Directory is operating in the primary datacenter, the Stop-DatabaseAvailabilityGroup command with the ConfigurationOnly parameter must be run against all servers in this state in the primary datacenter.
  And please note that the Stop-DatabaseAvailabilityGroup cmdlet can be run against a DAG only when the DAG is configured with a DatacenterActivationMode value of DagOnly. 
  Based on the error message, it seems that you should run the cluster node nodename /forcecleanup cmdlet against the specified node in the main site. Have you tried this to check the result?
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• Exchange 2010 3 node DAG and split datacenters

  Hi all,
  I have a Exchange 2010 setup with 3 DAG nodes, 2 servers in Primary site & one in DR site, 2 active directory Sites, one domain controller per site. All roles on each server.
  Each server has a single NIC, with the following configs:
  Primary Site:
  MBX1 IP = 192.168.1.11 - Network Name MAPI-Primary
  MBX2 IP = 192.168.1.12 - Network Name MAPI-Primary
  Cluster IP = 192.168.1.10
  DR Site:
  DRMBX1 IP = 192.168.100.11  - Network Name MAPI-DR
  Cluster IP = 192.168.100.10
  Dag name = DAG1
  Under the DAG Networks, I see 3 Networks
  DAG1_MAP1-Primary with the 192.168.1.0/24 subnet and the 2 MBX Network IP's in it.
  DAG1_MAP1-DR with the 192.168.100.0/24 subnet and the 1 DR MBX Network IP in it.
  and one called DAG1_Replication, which has a 10.1.1.0/24 subnet and NO NIC's in it. I think this was an original replication subnet used when there was only 2 nodes in the DAG and a cross over cable was used.
  Can I delete the DAG_Replication network from the config?
  Should I consolidate the 2 DAG1_MAPI-Primary and DAG1-MAPI-DR networks under one simply called DAG1-MAPI?
  Secondly,
  When I look at cluster manager on each of the 2 Nodes MBX1/2, I can see the 3 Nodes. Trying to run cluster manager on the DR node, and I can't connect to the DAG1 cluster, get an error saying not ready. Am I right in thinking this should not be
  happening? I have a managed firewall, but don't have access too logs, any idea what ports could be dropped from DRMBX1?
  Finally,
  Cluster manager on the 2 working nodes shows an error:
  Cluster Network Name is not online, and the Cluster Core resources panel shows cluster name DAG1 Offline, with ONLY 1 IP address, the DAG VIP (192.168.1.10) being online. Should I see the other 192.168.100.10 DAG VIP as well? Is this also a manifestation
  of the firewall?
  I have inherited this config, so I am not fully sure what a correct working condition should report look like. Any help on a clearer understanding would be greatly appreciated.
  Thanks in advance !!

  In answer to your first question, yes, if no server is listed with an IP address in that replication network, you can delete it without affecting the DAG operations.
  As for your second question, if your servers are in different subnets, you need at least two networks defined in your DAG.  And since your servers are in different Windows sites, I have to assume they are in different subnets.  I believe that if
  you check them in the EMC, you will only see IP addresses for the local servers in each network.  So no consolidation is possible.
  On your question about Cluster Manager, don't do anything in Cluster Manager - my personal experience has been that the Exchange toolset is sufficient for all management tasks related to an Exchange DAG.  What are you trying to determine?  Also,
  Microsoft doesn't support a DAG installed across a firewall - either you open all ports between these servers (and all domain controllers in your forest), or you will have an unsupported configuration.
  For your final question, I assume DAG1 is your DAG's network name, and those two IPs are the ones for the two datacenters.  If this is the case, only one IP address will be active at a time.

• Outlook client in different subnet unable to connect to Exchange 2010 CAS using Windows 2008 R2 NLB multicast mode

  Hi all,
  need urgent assistance on the following issue
  this is my Exchange 2010 setup
  2 x CAS/Hub servers with HP network teaming, and load balanced using Windows NLB multicast mode. There are 2 VIPs on the NLB, one for outlook anywhere, one for autodiscover
  2 DNS records were created for the 2 VIPs
  Clients use Outlook Anywhere (HTTPS) to connect to the CAS servers from external segment via a Palo Alto firewall, which also acts as a layer 3 router
  static arp was set on the Palo Alto firewall, with both virtual MACs pointing to the primary virtual MAC used by the NLB. 
  Observations
  1. within same segment - no issue accessing Exchange servers, even when one CAS node is offline
  2. external segment (via firewall)
  a. when both nodes are up
  outlook client able to connect to Exchange CAS VIP on 443, but will disconnect after around 30 seconds. Client will retry and the pattern will repeat
  Exchange CAS RPC logs shows client connections and disconnections to the outlook anywhere VIP address
  Firewall logs shows allowed traffic from client to the VIPs
  unable to complete profile creation
  b. with only CAS2 (CAS1 stopped/deleted from NLB cluster)
  no issues accessing Exchange servers, creating profiles etc
  c. with only CAS1
  same behaviour as (a)
  reinstalled NLB, but doesn't resolve
  deleted CAS1 from NLB cluster, and re-add. issue remain
  Q1. is teaming supported? Teaming is currently set to automatic mode, instead of specified Fault Tolerant
  Q2. are there additional settings we need to set or verify on the Palo Alto firewall, since the issue only happen to external segment? Thanks!

  Yes - I've been scarred with this for many years :(
  If it is just CAS 1 that is causing issues, then focus in on that.  The support statement for Win 2008 R2 is that NLB is still a 3rd party component and support may ask for it to be disabled.
  http://support.microsoft.com/kb/278431 
  Does CAS1 and CAS2 have the same NICs (firmware as well), driver, teaming software, and teaming config? 
  I also want to ask what the network team did for configuring the switch ports on the servers?  This will vary from vendor to vendor  - did they do the same config on both?
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
  Thanks Rhoderick, issue still persists
  can you also help clarify what you meant by "configuring the switch ports on the servers"?
  thanks again

• Out of office sending out old messages - Exchange 2010 - Outlook 2007

  Tracking down an issue of a user (I think it's only one) having their Out of Office Message always being a previous message from a year or two back.  Doesn't matter if it's changed in Outlook 2007 or in OWA.
  I've read some older post on this, but didn't find a clear answer.
  This current Exchange 2010 setup is a migration from 2003.  Could this be a leftover migration issue?
  Anybody have this happen recently?

  Hi,
  How do you know this is an old reoccurring message? Based on the content or time?
  Since the MailboxAutoReplyConfiguration is correct, I suspect the issue can occur by certain client machine. At this stage, I suggest you disable OOF and re-enable
  OOF on the problematic machine. If the issue persists, please refer to the following article to clean the problematic client’s Outlook rules. (run Outlook.exe /cleanrules in Run console.)
  http://www.tech-recipes.com/rx/2161/outlook_2007_clean_up_command_line_switches/
  Thanks.
  Novak Wu
  TechNet Subscriber Support in forum
  If you have any feedback on our support, please contact
  [email protected]  
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Mail For Exchange 2010: folders view

  For some reason I cant receive mails that are delived in Folders, under Inbox, in my exchange 2010 setup through activesync.
  According to logs, folders are checked but I receive only mails from my Inbox....
  16/01/2011 19:40:56 Connected to connection method named WIND Internet with type Packet Data
  16/01/2011 19:40:57 PING Command Requested
  16/01/2011 19:41:03 start E-mail sync
  16/01/2011 19:41:04 client->server adds=0 changes=1 deletes=0 fails=0
  16/01/2011 19:41:04 end E-mail sync
  16/01/2011 19:41:04 start Calendar sync
  16/01/2011 19:41:04 end Calendar sync
  16/01/2011 19:41:04 start Drafts sync
  16/01/2011 19:41:04 end Drafts sync
  16/01/2011 19:41:04 start Folder1 sync
  16/01/2011 19:41:05 end Folder1 sync
  16/01/2011 19:41:05 start Folder2 sync
  16/01/2011 19:41:05 end Folder2 sync
  16/01/2011 19:41:11 Sending a Ping to the server
  16/01/2011 19:41:11 Heartbeat interval is 11 minutes.
  16/01/2011 19:52:16 Ping response received, no updates. Re-issuing ping.
  16/01/2011 19:52:17 Sending a Ping to the server
  16/01/2011 19:52:17 Heartbeat interval is 13 minutes.
  16/01/2011 19:52:26 HTTP error code=302
  16/01/2011 19:52:26 Exception during Ping.
  Any ideas?

  Problem solved; I should check "inherit permissions" to security options , inside Active Directory Security

• Exchange 2010 Resource Forest - Autodiscover

  Environment:
  Account Forest (No Exchange server installed)
  Resource Forest (Exchange 2010 SP3)
  I understand that a SCP record can be created in the account forest using the following command:  Export-AutoDiscoverConfig -DomainController <FQDN> -TargetForestDomainController <String> -TargetForestCredential $a -MultipleExchangeDeployments
  $true
  Questions:
  1.  Do I need to prep the schema in the Account Forest to create the relevant Exchange configuration before running Export-AutoDiscoverConfig?
  2.  Is the switch MultipleExchangeDeployments $true needed?  Technet states that it's only needed if both forests contain Exchange but also states it's needed for
  multiple accepted email domains? (which we do have) 
  http://technet.microsoft.com/en-us/library/aa998832(v=exchg.141).aspx3. 
  3. Can this change be backed out.  i.e. can the SCP record be removed by using ADSI edit.
  Thanks in advance

  Hi,
  Here are my answers you can refer to:
  1. It depends.
  If Exchange deployment has two or more trusted forests, you must update Active Directory so that Outlook users in one forest can access the CAS servers in the remote (or target) forest to use the Autodiscover service. To do this, we must extend the schema in
  the user forest by running Exchange 2010 Setup with the /PrepareAD or /PrepareSchema switch, and then run the Export-AutodiscoverConfig cmdlet in the resource forest that contains the Client Access servers that provide the Autodiscover service against the
  target forests.
  If you do not want to extend the schema in the user forest, you can update DNS in the user forest with a host record that points to the internal IP address of the Client Access server in the resource forest where Autodiscover is hosted.
  For more information, you can refer to the following article:
  http://www.testlabs.se/blog/2010/11/06/configuring-the-autodiscover-service-for-multiple-forests/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
  sure that you completely understand the risk before retrieving any suggestions from the above link.
  2. It doesn’t need in your environment.
  When the parameter MultipleExchangeDeployments is set to TRUE you will tell the forests that you have multiple Exchange forests. The parameter will also export the accepted domains which are defined in the Exchange environment.
  3. SCP record can be removed by using ADSI edit:
  On your account domain, open adsiedit.msc, locate the SCP records in 
  CN=Autodiscover,CN=Protocols,CN=<CAS_SERVER>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<ORG>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com
  For more information, you can refer to the following thread:
  http://social.technet.microsoft.com/Forums/exchange/en-US/a06686ec-f1dc-4738-b4c5-76c41088e145/configuring-autodiscover-in-resource-forest?forum=exchangesvrdeploylegacy
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support

• Console Tree not Visible in Exchange 2010

  Hello. When I log into our Exchange 2010 server's EMC the only pane that is visible is the Results pane (which takes up the entire screen). The only option I have are File and Help. File only has the option of Disk Cleanup.
  When I log on as a different user, I get the standard view.
  How do I restore the standard view of the EMC?
   Any help would be greatly appreciated. 
  Thank you,
  Mike

  You don;t have proper permission on your account.
  These are the default permissions for Exchange Admins
  Delegated Setup - This management role group gives members the ability to run the Exchange 2010 setup program and therefore deploy, but not administer, a new Exchange 2010 server. Deployment can
  only be performed on servers that have already been provisioned by an administrator with additional permissions.
  Discovery Management - A member of the Discovery Management role group has the ability to perform searches of all mailboxes within the Exchange organization as well as implement the Legal Hold
  feature of Exchange 2010. We shall be looking at this management role group in detail later in this article series.
  Help Desk - The Help Desk management role group gives members permissions that are typically required by members of a help desk, such as modifying users’ details such as their address and phone
  number.
  Hygiene Management - This management role group is used to provide permissions associated with managing and configuring both the antivirus and anti-spam elements found in Exchange 2010. 
  Organization Management - The Organization Management role group is synonymous with the Exchange Full Administrator role in Exchange 2003 and the Exchange Organization Administrators role in Exchange
  2007. Essentially, membership of this management role group gives the user the ability to perform pretty much any task in Exchange 2010, with the main missing task being the ability to perform mailbox searches; that itself is achieved via the Discovery Management
  role group. 
  Public Folder Management - This management role group naturally gives members the ability to manage the public folder environment.
  Recipient Management - A member of this management role group can create and modify Exchange recipients.
  Records Management - The Records Management role group gives the ability for members to control and configure the compliance features of Exchange 2010. Examples of such features include transport
  rules configured on a Hub Transport server as well as message classifications in Outlook. 
  Server Management - This management role group gives the ability to manage all Exchange servers within the organization. Permissions granted as membership of this management role group therefore
  work at the server configuration level found in the Exchange Management Console and do not work at, say, the organization level found in the Exchange Management Console.
  UM Management - As its name suggests, membership of this management role group grants permissions to manage all aspects of the Unified Messaging environment.
  View-Only Organization Management - This management role group allows members to view the configuration of any element found within the Exchange organization.
  http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/exchange-2010-role-based-access-control-part1.html
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.