Exchange 2010 setup problems

Similar Messages

• Exchange 2010: setup exhange on iphone

  hi all,
  I setup the exchange 2010 with self sign certificate & I opened port 25 & port 443.  When I tried to setup the account on iphone, it said that "Failed to verify identity"  Is there anything else that I need to setup on Exchange
  for it to support mobile device?  I couldn't figure out how to fix it
  Thanks

  When using sing self-signed certificate or certificate from local CA, by default, devices don't trust that issuer so you need to export that certificate (self signed or CA root) and import it to all devices so it will be trusted.
  Example: http://www.petenetlive.com/KB/Article/0000242.htm
  The best practice and most recommended way is to buy a certificate from third party CA (Go Daddy for example), that way, no special configuration on devices is needed. 
  Please take a moment to Vote as Helpful and/or Mark as Answer where applicable. Thanks.

• Exchange 2010 synchronisation problem

  Hi All
  My Exchange mailbox has been updated from 2007 to 2010. Since this has happened my N900 refuses to synch using MfE. Luckily I am still able to check my emails via OWA otherwise my phone would be useless.
  I have been trawling through the logs using both my Exchange 2010 account and with a test Exchange 2007 account and what I have found is that the error occurs right after the N900 issues the command HTTP REQUEST: OPTIONS https://"server"/Microsoft-Server-ActiveSync. With Exchange 2007 the certificate is found and downloaded. However with Exchange 2010 the connection is cancelled and no certificate is found or downloaded. An error 901 is recorded in the logs. My Exchange tech contact has confirmed that some changes have been made in how 2010 deals with OPTIONS compared to 2007.
  Can anyone advise what if anything can be done so that my MfE client will connect correctly to Exchange 2010? If not will Nokia update the MfE client to work correctly with 2010 like they did with 2003? Should this not be the case then I suppose quite a number of N900 users could find themselves with a useless brick if their mailboxes get updated to 2010.
  Many thanks
  Chris

  Hi Chris,
  I am having the same problem after the switch from Exchange 2007 to Exchange 2010 server.
  I am really disappointed in the support from Nokia in its own devices, especially the N900. I searched the internet, but no solution yet, and I don't believe it will ever be. I give up and switch phones.
  So, I think it was my last Nokia device.
  Regards!
  Peter

• Outlook 2010 to Exchange 2010 connectivity problem

  We have a single Exchange 2010 server running DB, CAS, and HT this lives at our Corp HQ. We have 12 offices connected across MPLS and 2 offices connected across a Metro-e 100mb connection. We have had this environment in place for almost 2 years with no
  issues. 
  Today in the office connected across the 100mb metro-e connection had a momentary network hiccup where all uses lost data momentarily.   Connectivity to data and network resources restore immediately, but after that time, none of those users could
  connect to Outlook 2010.   When they try to connect outlook times out with an error that it cannot connect to the server.
  I can ping the exchange server by name and ip.   Response times are less than 7ms.  Utilization on that connection is less than 10%.  DNS is resolving.
  Users can connect to OWA and get access to email.
  The problem is only happening in only the one office.  All other remote sites are functioning fine. 
  Users can access all other network resources with no issues, including OWA and Intranet/Internet sites both HTTP and HTTPS.  
  I believe that it may be something is blocking the RPC connection.   If I try to run the Connection which also fails to connect. 
  I have rebooted the Exchange server
  I have rebooted the local DC in the remote office with the problem.  Also reset DNS.   And on clients tried flush/register DNS. 
  No server changes have been made on any of the servers involved. 
  Only changes taken place prior to the network "hiccup" happening was network admins implemented QOS on the routers to give priority to SIP/voice traffic.  According to them, this will have no impact on other data. 
  Any ideas or suggestions on next steps for troubleshooting?

  Hi
  Did you they not make any routing changes? Can you ask them to check that all ports for exchange are open and also ask them if they made any other changes?
  Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Exchange 2010 DL problem.

  Hi,
  We have exchange 2010 server setup with office 365 in hybrid mode. We moved some users mailboxes from exchange server to office365. Now we have some DL on exchange server that have some users (mailboxes on prem.) and some users (mailboxes on office365).
  When we send the mail to that DL, we received error "Your message can't be delivered because delivery to this address is restricted."
  How can we resolve this issue? Please help me.
  Thanks & Regards,

  Hi   shrigiriraj
  Thank you for your question.
  Did you migrate DL to Exchange 2010？In order to make sure correct setting after you migrate, you can refer to the following steps:
  1. Click the Distribution Group name as you want to set
  2.  Click the “Properties“
  3.  Click the “Mail Flow Settings” Tab
   4. Click the “Message Delivery Restrictions” item
   5. Click the “Properties…” button
   6 .Uncheck the “Require that all senders are authenticated” check-box
   7. Click “OK” button
   8. Click “OK” button again
  If there are any questions, please let me know.
  Best Regard,
  Jim

• Forefront for exchange 2010 setup wizard preinstall update request

  I'm trying to install FPE, but even before I install and after the extraction of the files im getting the following error message on both my CAS servers.
  I have the following roles installed on this Client Access Server im using for the initial install of Forefront.
  Do I need to install active directory domain services before I continue.

  Hi,
  Firstly, please refer to the similar thread below:
  FSEMachinePrep.exe
  fails saying Server Unavailable
  Based on my research,
  Microsoft Forefront Protection 2010 for Exchange Server (FPE) can be deployed on Exchange Edge Transport, Hub Transport, Mailbox server, or combined
  Hub/Mailbox roles.
  Exchange 2010 requires Active Directory to be in place except for the Exchange 2010 Edge role (for DMZ) which can be deployed in a workgroup with Active Directory Lightweight
  Directory Services. Both Exchange (Mailbox, HUB and CAS role) and therefore FPE requires an Active Directory on site.
  Did you set up a domain environment for exchange server? If yes, please check the group membership of the user and make sure that it is a member of the Organization
  Management role group. In addition, please also make sure that you can connect to the primary domain controller on the CAS servers.
  More information:
  Microsoft Exchange Server 2010: Exchange Server and Active Directory
  Best regards,
  Susie

• Disabling SSLv2 with Exchange 2010 - potential problems

  This question is not about how to disable SSLv2, that's very simple.  The question is whether there is anything to consider before doing it.  Is it likely to break anything in Exchange 2010 - Outlook Anywhere, CAS communications, OWA?

  While this is probably something that has not been explicitly tested, chances are that it should not negatively impact Exchange. That said I will ask you to test and validate in your lab!
  You are going to have to ensure that all devices, applications and services that connect all support the changed cipher suites.  Some old phones may not (I don't have a list to share), so that is why validation with your specific kit is critical.
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Surface + Outlook 2013 + Exchange 2010 + VPN Problem

  Ok so the Surface with Outlook 2013 works fine with our Exchange setup when the machine is attached to the network directly. Once it is on an external network and attached via a VPN connection it ceases to operate, and attempting to run Outlook simply results
  in a box asking for credentials, which even when typed in correctly are not accepted.
  We use many other laptops that are running Windows 7, and a couple that are running Windows 8.1 in the exact same manner, and they operate without issue.
  Any ideas?

  Hi,
  May I first know your Surface version?
  If you are not using Surface RT, I suggest you try this:
  In Outlook, go to FILE -> Account Settings -> Account Settings -> Double click on the account name -> More Settings -> Connection -> Exchange Proxy Settings -> We can find under "Proxy authentication settings", there are "Basic
  Authentication", "NTLM Authentication" and "Negotiate Authentication", I suggest you try "Basic Authentication", then click "OK". Other two authentications can also be tried if the "Basic Authentication"
  doesn't work.
  I hope the information is helpful.
  Regards,
  Melon Chen
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.

• Outlook 2010, Exchange 2010 - Searching Problems

  Anyone out there able to help with some searching problems some of our users have been seeing?
  Searching in OWA works fine but some people have problems when searching for older emails in Outlook. We've rebuilt Outlook profiles, rebuilt the windows index's (which seems to work but only temporarily). If there's a way to schedule the Windows index to
  rebuild every night or once  week, I'd be very happy to test that out but haven't been able to figure out how to do that.
  Anyone have any other ideas?

  Hi,
  It seems something keeps corrupting the index... Run Anti-virus program and Malicious Software Removal Tool to scan your system, check if there's any virus or malware that may cause the index issue.
  If this issue persists, please also go to File tab ->
  Options -> Search -> Indexing Options
  -> Advanced -> Click Troubleshoot search and indexing, to do some troubleshooting steps to find the possible cause.
  I hope this helps.
  Regards,
  Melon Chen
  TechNet Community Support

• Error Code 8224 Ldifde Exchange 2010 installation failure

  Hi, here is a problem I have been bashing my head with for about a week. I am transitioning to Exchange 2010 from 2003. I have two DC's running Windows Server 2003 Sp2, one of which is the Exchange 2003 server. I have just brought online a windows 2008R2
  member server, which I am attempting to install exchange 2010 on. I get the following error message during installation.
  Organization Preparation
  Failed
  Error:
  The following error was generated when "$error.Clear(); install-ExchangeSchema -LdapFileName ($roleInstallPath + "Setup\Data\"+$RoleSchemaPrefix + "schema1.ldf")" was run: "There was an error while running 'ldifde.exe' to
  import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema1.ldf'. The error code is: 8224. More details can be found in the error file: 'C:\Users\administrator.CFN\AppData\Local\Temp\2\ldif.err'".
  There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema1.ldf'. The error code is: 8224. More details can be found in the error file: 'C:\Users\administrator.CFN\AppData\Local\Temp\2\ldif.err'
  Elapsed Time: 00:00:22
  And from the ldif.err:
  The connection cannot be established
  The error code is 8224
  Now I have checked dns, all is good. I can resolve the DC without issue.
  I have done dcdiag and netdiag and passes all tests. I have even written a hosts file, all this to no avail.
  Any help would be appreciated.
  Thanks
  B

  I had a same and I fixed this........
  Solution
  1. The error is happening at the "Organization Preparation" stage, so let's go 'old school' and do that manually.
  2. Locate the server on your network that is the schema master (Locate FSMO Servers).
  3. Put the Exchange 2010 DVD in the schema master (Or share it over the network and connect to it from the schema master server).
  4. Drop to command line and change to the DVD Drive/Directory with the Exchange 2010 setup files in it.
  5. ONLY do this if you have Exchange 2003 already! Run the following command, (If no Exchange 2003 present, skip to the next step).
  X:\Setup /PrepareLegacyExchangePermissions (Where "X" is CD ROM derive letter)
  6. Run the following command:
  X:\Setup /PrepareSchema
  7.
  Run the following command:
  X:\Setup /PrepareAD
  Note: At this point it may fail, and say it requires an organization name, (it will do this if it finds no existing container in Active Directory).
  Error
  Exchange organization name is required for this mode.  To specify an organization name, use the /organizationName parameter.
  If that is the case, then run the following command:
  X:\Setup /PrepareAD /OrganizationName:"Your required org name"
  Reboot your server and try to install exchange 2010.
  Jotiba Patil

• Mail For Exchange 2010: folders view

  For some reason I cant receive mails that are delived in Folders, under Inbox, in my exchange 2010 setup through activesync.
  According to logs, folders are checked but I receive only mails from my Inbox....
  16/01/2011 19:40:56 Connected to connection method named WIND Internet with type Packet Data
  16/01/2011 19:40:57 PING Command Requested
  16/01/2011 19:41:03 start E-mail sync
  16/01/2011 19:41:04 client->server adds=0 changes=1 deletes=0 fails=0
  16/01/2011 19:41:04 end E-mail sync
  16/01/2011 19:41:04 start Calendar sync
  16/01/2011 19:41:04 end Calendar sync
  16/01/2011 19:41:04 start Drafts sync
  16/01/2011 19:41:04 end Drafts sync
  16/01/2011 19:41:04 start Folder1 sync
  16/01/2011 19:41:05 end Folder1 sync
  16/01/2011 19:41:05 start Folder2 sync
  16/01/2011 19:41:05 end Folder2 sync
  16/01/2011 19:41:11 Sending a Ping to the server
  16/01/2011 19:41:11 Heartbeat interval is 11 minutes.
  16/01/2011 19:52:16 Ping response received, no updates. Re-issuing ping.
  16/01/2011 19:52:17 Sending a Ping to the server
  16/01/2011 19:52:17 Heartbeat interval is 13 minutes.
  16/01/2011 19:52:26 HTTP error code=302
  16/01/2011 19:52:26 Exception during Ping.
  Any ideas?

  Problem solved; I should check "inherit permissions" to security options , inside Active Directory Security

• Exchange 2010 - Outlook Anywhere trying to connect to internal server name first before connecting to proxy server

  Hello,
  I have an Exchange 2010 question which I will post in the Exchange 2013 section since the Ask a question button in the legacy Exchange Servers section of technet takes me back to the part of Technet where I can only ask questions regarding Exchange 2013.
  If someone can point me to a part where I can place a question in an Exchange 2010 forum please let me know.
  We have Exchange 2010 setup with a CAS array listening to outlook.internaldomain.com
  We have TMG 2010 setup with a rule for Outlook Anywhere, the rule listens to mail.externaldomain.com and traffic that meets this rule is let through to outlook.internaldomain.com.
  When I fire up my laptop, which is connected to the internet, and start Outlook and let it configure my profile through autodiscover it sets it up correct and fills the Outlook profile with a servername stating outlook.internaldomain.com and a proxyserver
  to be used stating mail.externaldomain.com. After initial setup when my Outlook starts it almost immediatly prompts me for a username and a password so this is working fine.
  At the office we have an internal network segment where DHCP is servicing the connecting clients and giving them our internal DNS servers because they need connection to some other network segments which are not available to the internet. This network segment
  does not have access to our internal Exchange environment but has full access to the internet. Clients in this network segment do want to use Outlook so using Outlook Anywhere for them is the logical way to go. When I connect my laptop to this network segment
  I get handed an IP address and our internal DNS servers, when I start Outlook it takes about two minutes before a the credential prompt pops up and another 2 to 6 minutes after entering credentials before it says all folders are in sync. This is quite long
  and our clients find this unacceptable.
  I started testing what might be going on here and I have found that when I manually enter external DNS servers the Outlook password prompt will popup in seconds and all is working as expected so it seems Outlook is trying to connect to the internal servername
  when using our internal DNS servers (which can resolve outlook.internalnetwork.com) instead of directly going to the proxy server which is to be used for Outlook Anywhere.
  When I start a network monitor trace my thoughts are confirmed because when I am connected to the internal network segment OUTLOOK.EXE first tries to connect to outlook.internaldomain.com, it almost immediately gets a response stating that this route is
  inaccessible but OUTLOOK.EXE keeps on trying to connect untill some sort of time out is reached (somewhere around two minutes) after which it connects to mail.externaldomain.com and Outlook shows the credential prompt.
  So to round it up, when connected to DNS servers that can resolve the internal servername Outlook tries to connect to the internal servername in stead of the external name, Outlook does not reckognize the answer from the network that the internal route is
  not acessible (or it does but does nothing with this information).
  Has anybody experienced this behaviour in Outlook?
  Does anyone have a solution in where I can force Outlook to connect to it's proxyserver and disregard the internal servername?

  Thank you for your reply.
  The client computers that are experiencing the issues are not domain joined, the only reason I can think of why this is occurring is because the DNS servers are able to resolve the internal hostname of the server, but I would expect Outlook to always use
  the proxy server that has been set in the configuration of the Outlook profile. Or at least acknowledging the answer that the initially tried route is inaccessible and immediately continue to the proxy server.
  For setting the same hostname for internal and external use, we use different namespaces internally and externally, do you mean setting the external hostname on the CAS array for internal use ? Wouldn't that push all internal communication to the internet
  and to the outside interface of the TMG where the server is published with that hostname ?

• Exchange 2010/2013 coexistence published in TMG 2010

  Environment:
  Two Windows 2008 R2, Exchange 2010 SP3 servers, currently holding all mailboxes
  Two Windows 2012 R2, Exchange 2013 SP1 servers, setup in progress
  Two Windows 2008 R2, TMG 2010, V7.0.9193.540 publishing both Exchange 2010 servers.
  Scenario:
  I need to continue having Exchange 2010 setup in TMG as is as the mailbox migration to 2013 will take weeks if not months and I have a project requirement to have Exchange Database Availability Group (DAG) functionality for all mailboxes throughout the project,
  so 4 servers are an absolute must. So I need to add Exchange 2013 in TMG and not just replace the 2010 setup with the 2013 setup and I cannot run one 2010 and one 2013 server. 
  Questions:
  1. I currently only have 2 public IP addresses available to SMTP, mapped to the external interfaces of TMG, to allow my environment to be able receive emails on 4 Exchange servers (two 2010 and two 2013) I need to have 4 public IP addresses, is that correct?
  2. Does anyone have a good general guide/blog for doing this (setting up Exchange 2013 in TMG in a coexistance scenario)? 
  This is nice, but doesn't really approach it from a coexistance scenario:
  http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx
  Thanks!

  Hi Trana,
  In TMG you can use single IP address to publish multiple Web address and below are the options which you can explore.
  Hope your OWA ECP etc are Https
  You need a SSL certificate which has all the URL SAN entry of both old and new Exchange server.
  Create a listener and select the IP address (Say public IP address 195.219.x.x)
  Link the SSL certificate
  Public DNS entry
   A record , Single IP
  195.219.x.x 
  Point to           
  Owa1.exchange1.com   - Old Server
  195.219.x.x 
  Point to           
  ECP1.exchange1.com     - Old Server
  195.219.x.x 
  Point to           
  ECP2.exchange2.com      - New Server
  195.219.x.x 
  Point to           
  Owa2.exchange2.com     - New Server
  Create a Web publishing rule as below
  Old server Exchange 1
  Owa1.exchange1.com  
  ECP1.exchange1.com    
  One Web publishing Rule with all the URL added on it and link the Rule with the listener we created
  Point the Web publishing to Exchange1.com server which is old
  New server Exchange 2
   Web publishing Rule with all the URL added on it and link the Rule with the listener we created
  Point the Web publishing to Exchange2.com server which is New
  ECP2.exchange2.com     
  Owa2.exchange2.com    

• Exchange 2010 DAG Failover does not works

  Hi Experts,
  I have a Exchange 2010 setup in  a DAG environment. We have 2 MBX servers in the main site and 1 MBX server in the DR site , all part of one DAG. We have 2 HUB/CAS servers in the main site and 1 HUB/CAS server in the DR site.
  Recently we had to do our BCP test for audit purpose. We had issues in doing failover to the DR site and below is the error faced.
  Please advise urgently on the possible causes and resolution steps for it as we need to do this test again on the coming weekend.
  "EvictDagClusterNode got exception Microsoft.Exchange.Cluster.Replay.AmClusterEvictWithoutCleanupException: An Active Manager operation failed. Error An error
  occurred while attempting a cluster operation. Error: Evict node 'sme-ho-mbx01' returned without the node being fully cleaned up. Please run cluster.exe node <NodeName> /forcecleanup to complete clean up for this node.. ---> System.ComponentModel.Win32Exception:
  The wait operation timed out"
  So, basically one of the MBX server was not evicting from the Cluster due to which failover did not work.
  Would appreciate some urgent thoughts for the possible resolution.
  regards
  abubakar
  Md.Abubakar Noorani IT Systems Engineer Serco Ltd.

  Hi,
  Yes, you can run the Stop-DatabaseAvailabilityGroup without shutting down the Mailbox server. During the process of DAG failover to DR site, the Stop-DatabaseAvailabilityGroup cmdlet should be run against all servers in the primary datacenter. If the Mailbox
  server is unavailable but Active Directory is operating in the primary datacenter, the Stop-DatabaseAvailabilityGroup command with the ConfigurationOnly parameter must be run against all servers in this state in the primary datacenter.
  And please note that the Stop-DatabaseAvailabilityGroup cmdlet can be run against a DAG only when the DAG is configured with a DatacenterActivationMode value of DagOnly. 
  Based on the error message, it seems that you should run the cluster node nodename /forcecleanup cmdlet against the specified node in the main site. Have you tried this to check the result?
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• Exchange 2010 3 node DAG and split datacenters

  Hi all,
  I have a Exchange 2010 setup with 3 DAG nodes, 2 servers in Primary site & one in DR site, 2 active directory Sites, one domain controller per site. All roles on each server.
  Each server has a single NIC, with the following configs:
  Primary Site:
  MBX1 IP = 192.168.1.11 - Network Name MAPI-Primary
  MBX2 IP = 192.168.1.12 - Network Name MAPI-Primary
  Cluster IP = 192.168.1.10
  DR Site:
  DRMBX1 IP = 192.168.100.11  - Network Name MAPI-DR
  Cluster IP = 192.168.100.10
  Dag name = DAG1
  Under the DAG Networks, I see 3 Networks
  DAG1_MAP1-Primary with the 192.168.1.0/24 subnet and the 2 MBX Network IP's in it.
  DAG1_MAP1-DR with the 192.168.100.0/24 subnet and the 1 DR MBX Network IP in it.
  and one called DAG1_Replication, which has a 10.1.1.0/24 subnet and NO NIC's in it. I think this was an original replication subnet used when there was only 2 nodes in the DAG and a cross over cable was used.
  Can I delete the DAG_Replication network from the config?
  Should I consolidate the 2 DAG1_MAPI-Primary and DAG1-MAPI-DR networks under one simply called DAG1-MAPI?
  Secondly,
  When I look at cluster manager on each of the 2 Nodes MBX1/2, I can see the 3 Nodes. Trying to run cluster manager on the DR node, and I can't connect to the DAG1 cluster, get an error saying not ready. Am I right in thinking this should not be
  happening? I have a managed firewall, but don't have access too logs, any idea what ports could be dropped from DRMBX1?
  Finally,
  Cluster manager on the 2 working nodes shows an error:
  Cluster Network Name is not online, and the Cluster Core resources panel shows cluster name DAG1 Offline, with ONLY 1 IP address, the DAG VIP (192.168.1.10) being online. Should I see the other 192.168.100.10 DAG VIP as well? Is this also a manifestation
  of the firewall?
  I have inherited this config, so I am not fully sure what a correct working condition should report look like. Any help on a clearer understanding would be greatly appreciated.
  Thanks in advance !!

  In answer to your first question, yes, if no server is listed with an IP address in that replication network, you can delete it without affecting the DAG operations.
  As for your second question, if your servers are in different subnets, you need at least two networks defined in your DAG.  And since your servers are in different Windows sites, I have to assume they are in different subnets.  I believe that if
  you check them in the EMC, you will only see IP addresses for the local servers in each network.  So no consolidation is possible.
  On your question about Cluster Manager, don't do anything in Cluster Manager - my personal experience has been that the Exchange toolset is sufficient for all management tasks related to an Exchange DAG.  What are you trying to determine?  Also,
  Microsoft doesn't support a DAG installed across a firewall - either you open all ports between these servers (and all domain controllers in your forest), or you will have an unsupported configuration.
  For your final question, I assume DAG1 is your DAG's network name, and those two IPs are the ones for the two datacenters.  If this is the case, only one IP address will be active at a time.