Introduction of New OAB Architecture in Exchange 2013 and Some General Troubleshooting methods
Exchange 2013 is different from previous versions of Exchange server on architecture, some of the old features have been changed. In this FAQ, I will demonstrate the changes on OAB and list a common issue for your reference.
[Agenda]
1. Differences between Exchange 2007/2010 OAB and Exchange 2013 OAB
a. Generation
b. Distribution
c. Download
2. Common issue and troubleshooting
3. More information
[Difference between Exchange 2007/2010 and Exchange 2013 on OAB]
As we know, OAB in Exchange 2007/2010 has 3 points, OAB files generated from MBX server, distributed to CAS server and downloaded to Outlook client. However in Exchange 2013, these 3 points have a little different from previous servers. For example, the OAB
Distribution process doesn’t depend on Microsoft Exchange File Distribution service anymore. Now let me show you the changes of OAB in Exchange 2013.
[OAB Generation]
====================
Exchange 2007/2010:
1. OAB generation server is the specific MBX server which has –server property.
2. If MBX01 is down, OAB generation will be affected.
3. Previous Server using Microsoft Exchange System Attendant service for OAB generation.
4. OAB generation is a scheduled process. By default, OAB files generated at 5:00AM every day.
5. The OAB files which generated from MBX server are located in following path:
C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\OAB\GUID folder
Exchange 2013:
1. OAB generation server is the MBX server that hosts a special type of arbitration mailbox, called organization mailbox. Thus, the same OAB files could be generated from multiple
MBX servers.
2. If one of the MBX server down, other MBX server still have the ability to generate the specific OAB files.
3. Exchange 2013 server using OABGeneratorAssistant for OAB Generation.
4. OAB generation is a throttled process. It depend on the Server workload.
5. The OAB files which generated from MBX server are located in following path:
C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\OAB\GUID folder
[OAB Distribution]
====================
Exchange 2007/2010:
Previous Servers use Microsoft Exchange File Distribution service to distribute OAB files from MBX server to CAS server. The distributed oab files stored in CAS server.
Exchange 2013:
The OAB files doesn’t distributed to CAS server. The OAB files only stored in MBX server.
[OAB Download]
====================
Exchange 2007/2010:
If Autodiscover works fine, Outlook should use OAB URL to get the OAB files and download it.
If Autodiscvoer doesn’t work, authenticated users can also get the OAB from the CAS server local disk.
Exchange 2013:
Microsoft Exchange File Distribution service has been removed from Exchange 2013 and the OAB files stored in MBX server. CAS server will proxy all OAB download requests to the appropriate MBX server.
Outlook also use Autodiscover to get the OAB URL and download it.
[Common issue and Troubleshooting]
Issue: Outlook doesn’t download OAB files automatically. When I try to manually download OAB, get this error: Task xxx reported error (0x80190194): The operation failed.
Troubleshooting:
1. First, please run following command to check the information of OAB Generation Server.
Get-Mailbox -Arbitration | where {$_.PersistedCapabilities -like “*OAB*”} | ft Name, Servername, Database
Example result as below:
2. Please make sure the authentication settings and URLs are set properly.
3. Try to verify whether the OAB files generated from MBX server successfully. Path as below:
C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\OAB\GUID folder
4. If all of the settings above set correctly, please try to check Autodiscover. Run “Test E-mail Autoconfiguration” to check whether there is anything abnormal on OAB. If has, please search the error code on MS official documents.
5. If this issue is related to local cache, please try to delete the OAB caches from local PC and re-download OAB for testing. Path as below:
C:\Users\Administrator.CU1(different)\AppData\Local\Microsoft\Outlook\Offline Address Books
[More information]
http://blogs.technet.com/b/exchange/archive/2012/10/26/oab-in-exchange-server-2013.aspx
http://blogs.technet.com/b/exchange/archive/2013/01/14/managing-oab-in-exchange-server-2013.aspx
Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.
Hi Techy,
According to your description, I am still not quite sure about your environment. Could you please provide more information about it, such as:
1. How many Exchange servers in your coexistence environment? One Exchange 2010 with all roles and one Exchange 2013 with all roles? Or several Exchange 2010 and multiple Exchange 2013?
2. Are there two sites in your environment? What’s the Exchange deployment in different sites?
3. Please confirm if both Exchange 2010 and Exchange 2013 are Internet-facing.
Additionally, if you are using different namespaces for different services for internal access and external accessing, we need to include all service namespaces in your certificate with IIS service. Personal suggestion, we can follow ED Crowley’s suggestion
to use split-brain DNS in your environment and only use the same namespace for Exchange service URLs.
The following article described the details about how to configure different namespace for Exchange services by using Load Balance in Exchange 2013:
http://www.msexchange.org/articles-tutorials/exchange-server-2013/high-availability-recovery/introducing-load-balancing-exchange-server-2013-part2.html
Regards,
Winnie Liang
TechNet Community Support
Similar Messages
-
Exchange 2013 and Outlook 2007
Is there a new way to connect EX2013 to Outlook 2007 SP3?
MSBHi Baker,
According to the description, I notice that you want to migrate from Exchange 2010 to Exchange 2013 and want to know how to connect Exchange 2013 with Outlook Client 2007.
Following is an article about the migration, for your reference:
Upgrade from Exchange 2010 to Exchange 2013
http://technet.microsoft.com/en-us/library/jj898583(v=exchg.150).aspx
Outlook client uses Autodiscover and Outlook Anywhere to connect to Exchange server, please make sure services’ URLs configured correctly.
If you want to communicate with external users, you need to apply a certificate issued from a Public CA.
After configuring all the points above, please run “Get-Mailbox –Identity allen | FL *GUID*” in EMS to get mailbox GUID of allen’. Input the GUID into server name filed.
More details on “Manual configuration guide for Outlook 2010 (Exchange 2013)” for your reference:
http://support.sherweb.com/Faqs/show/manual-configuration-guide-for-outlook-2010-exchange-2013
Disclaimer:
Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure
that you completely understand the risk before retrieving any suggestions from the above link.
Best Regards,
Allen Wang -
Create failover cluster to host Windows 2012 DC, Exchange 2013 and SQL as VMs
One of our clients has running Windows Essential 2012, SQL and exchange 2007 as VM on VMware for 4 years without major issue. However, the physical server is getting old and have some hardware issues recently. They have budgets to buy two Dell servers, EqualLogic
SAN, Windows server 2012 Datacenter and Exchange 2013. Is it possible for them to create failover cluster to host Windows 2012 DC, Exchange 2013 and SQL as VMs?
Bob Lin, MCSE & CNE Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.howtonetworking.comWe will move all VMs from VMware to Hyper-V. Thank you.
Bob Lin, MCSE & CNE Networking, Internet, Routing, VPN Troubleshooting on <p><a href="http://www.chicagotech.net"><span style="color:#0033cc">http://www.ChicagoTech.net<br/> </span></a></p>
How to Setup Windows, Network, VPN & Remote Access on <p><a href="http://www.howtonetworking.com"><span style="color:#0033cc">http://www.howtonetworking.com<br/> </span></a></p> -
Exchange 2013 and Exchange 2010 coexistense
We have a and exchange 2010 organization with SP3 on most servers except for one 2010 CAS server that still requires SP1 for the purpose of legacy application compatibility. Can we introduce exchange 2013 in the org or will the setup detect
that there is an exchange 2010 server still with SP1 and fails to continue?Hi,
For Exchange 2013 coexistence with Exchange 2010, the mininum version of Exchange server is Exchange 2010 SP3 on all Exchange 2010 servers in the organization. For more information about it, please refer to the Coexistence of Exchange 2013 and earlier versions
of Exchange server part in the article below:
http://technet.microsoft.com/en-us/library/jj898583(v=exchg.150).aspx
Personal suggestion, please upgrade your legacy application to the latest version which is supported with Exchange 2010 SP3 or higher Exchange version.
Regards,
Winnie Liang
TechNet Community Support -
Certificate configuring for exchange 2013 and office 365 hybrid deployment
Please advise on what digital certificate requirements for hybrid deployment and to configure it.
Hi sphilip,
If you want to deploy AD FS with Single Sign-On(SSO), we need use certificate to establish secure trust between on-premises Exchange 2013 and Office online.
We can use and configure a trusted third-part CA within all on-premises Exchange 2013 Mailbox and Client Access servers to ensure secure mail transport, more details about
Office 365 Hybrid Configuration Certificate Planning, for your reference:
http://blogs.technet.com/b/neiljohn/archive/2011/08/25/office-365-hybrid-configuration-certificate-planning-adfs-exchange-web-services-owa-oa.aspx
Best Regards,
Allen Wang -
Exchange 2013 and exchange 2000
Hy guys...
I have this problem...i have a dommain controller x.com and i installed Exchange 2013 on it. I have another dommain controler
y.com with Exchange 2000. Thex.com dommain sends and receives mails from other Exchange 2013 servers but when it comes to
y.com dommaind i am only able to send emails to
[email protected] I cannot send emails from y.com
(Exchange 2000) tox.com (Exchange 2013).
Bothx.com dommain controller and y.com dommain controller are in the same network and i fave connectivity between them.
What might be the problem?
Than u,
M.SHi,
Firstly, it’s not supported to install Exchange 2013 and Exchange 2000 in the same organization and it’s not recommended to install Exchange server on Domain Controller.
http://technet.microsoft.com/en-us/library/ms.exch.setupreadiness.exchange2000or2003presentinorg(v=exchg.150).aspx
To understand more about the mail flow issue, I’d like to confirm your meaning that two DCs are in the same network.
If they are in the same forest, it’s by design that Exchange 2013 and Exchange 2000 cannot coexist.
For general mail flow troubleshooting , we can use telnet to check it.
For more information, you can refer to the following articles:
http://technet.microsoft.com/en-us/library/bb123686(v=exchg.150).aspx
http://msexchangeguru.com/2013/07/29/troubleshooting-mail-flow-issues/
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
If you have any question, please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support -
i cant generate oab get this error
EventID Qualifiers="49156">17004</EventID>
<EventData>
<Data>\OAB2013</Data>
<Data>CN=OAB2013,CN=Offline Address Lists,CN=Address Lists Container,CN=SU,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=fih,DC=co,DC=za</Data>
<Data>09f97c50-96c6-4485-bb20-af1ef960658c</Data>
<Data>S:OAB='\OAB2013';I64:Status=2147500037;Dt:StartTime=2015-04-13T11:57:56.9392215Z;Dt:EndTime=0001-01-01T00:00:00.0000000;S:DC=fidad;I32:Total.Records=9919;I32:Total.TempFiles=10;Ti:TimeWritingFiles=00:00:04.6784358;S:Org=fih.co;S:Wasted=False;S:HABEnabled=False;I32:Total.RecordsAddedChurn=3138;I32:Total.RecordsDeletedChurn=0;I32:Total.RecordsModifiedChurn=0;Ti:PrepareFilesForOABGeneration.DownloadFilesFromMailbox.StoreRpcLatency=00:00:00.1090000;I32:PrepareFilesForOABGeneration.DownloadFilesFromMailbox.StoreRpcCount=19;Ti:PrepareFilesForOABGeneration.DownloadFilesFromMailbox.CpuTime=00:00:00.0156250;Ti:PrepareFilesForOABGeneration.DownloadFilesFromMailbox.ElapsedTime=00:00:00.1262155;Ti:PrepareFilesForOABGeneration.CpuTime=00:00:00.0156250;Ti:PrepareFilesForOABGeneration.ElapsedTime=00:00:00.1271565;Ti:Total.CpuTime=00:00:25.2187500;Ti:Total.ElapsedTime=00:02:32.8408615;I32:GenerateOrLinkTemplateFiles.GenerateTemplateFiles.FS.BytesRead=1495370;I32:GenerateOrLinkTemplateFiles.GenerateTemplateFiles.FS.BytesWritten=2207390;Ti:GenerateOrLinkTemplateFiles.GenerateTemplateFiles.FS.Reading.ElapsedTime=00:00:00.0083627;Ti:GenerateOrLinkTemplateFiles.GenerateTemplateFiles.FS.Writing.ElapsedTime=00:00:00.0175338;Ti:GenerateOrLinkTemplateFiles.GenerateTemplateFiles.CpuTime=00:00:02.2187500;Ti:GenerateOrLinkTemplateFiles.GenerateTemplateFiles.ElapsedTime=00:00:03.4323082;Ti:GenerateOrLinkTemplateFiles.CpuTime=00:00:02.2187500;Ti:GenerateOrLinkTemplateFiles.ElapsedTime=00:00:03.4324294;Ti:BeginGeneratingAddressListFiles.CpuTime=00:00:00;Ti:BeginGeneratingAddressListFiles.ElapsedTime=00:00:00.0014747;Ti:ProcessOnePageOfADResults.ADQuery.LdapLatency=00:02:05.7890000;I32:ProcessOnePageOfADResults.ADQuery.LdapCount=10;Ti:ProcessOnePageOfADResults.ADQuery.CpuTime=00:00:07.6093750;Ti:ProcessOnePageOfADResults.ADQuery.ElapsedTime=00:02:10.4889408;Ti:ProcessOnePageOfADResults.SortADResults.CpuTime=00:00:00.1093750;Ti:ProcessOnePageOfADResults.SortADResults.ElapsedTime=00:00:00.1004092;I32:ProcessOnePageOfADResults.ResolveLinks.ActiveManager.CalculatePreferredHomeServer.Count=15;Ti:ProcessOnePageOfADResults.ResolveLinks.ActiveManager.CalculatePreferredHomeServer.Latency=00:00:01.3698742;Ti:ProcessOnePageOfADResults.ResolveLinks.LdapLatency=00:00:00.0110000;I32:ProcessOnePageOfADResults.ResolveLinks.LdapCount=3;Ti:ProcessOnePageOfADResults.ResolveLinks.CpuTime=00:00:00.1250000;Ti:ProcessOnePageOfADResults.ResolveLinks.ElapsedTime=00:00:01.4468424;I32:ProcessOnePageOfADResults.WriteTempFiles.FS.BytesRead=0;I32:ProcessOnePageOfADResults.WriteTempFiles.FS.BytesWritten=7714849;Ti:ProcessOnePageOfADResults.WriteTempFiles.FS.Reading.ElapsedTime=00:00:00;Ti:ProcessOnePageOfADResults.WriteTempFiles.FS.Writing.ElapsedTime=00:00:01.2014212;Ti:ProcessOnePageOfADResults.WriteTempFiles.CpuTime=00:00:04.2968750;Ti:ProcessOnePageOfADResults.WriteTempFiles.ElapsedTime=00:00:04.4889195;Ti:ProcessOnePageOfADResults.CpuTime=00:00:12.1406250;Ti:ProcessOnePageOfADResults.ElapsedTime=00:02:16.5321388;I32:ProduceSortedFlatFile.FS.BytesRead=7675173;I32:ProduceSortedFlatFile.FS.BytesWritten=7517076;Ti:ProduceSortedFlatFile.FS.Reading.ElapsedTime=00:00:00.0789523;Ti:ProduceSortedFlatFile.FS.Writing.ElapsedTime=00:00:00.0698900;Ti:ProduceSortedFlatFile.CpuTime=00:00:00.3750000;Ti:ProduceSortedFlatFile.ElapsedTime=00:00:00.3817713;I32:FinishGeneratingAddressListFiles.CompressGeneratedFiles.FS.BytesRead=7517064;I32:FinishGeneratingAddressListFiles.CompressGeneratedFiles.FS.BytesWritten=7517064;Ti:FinishGeneratingAddressListFiles.CompressGeneratedFiles.FS.Reading.ElapsedTime=00:00:00.0073195;Ti:FinishGeneratingAddressListFiles.CompressGeneratedFiles.FS.Writing.ElapsedTime=00:00:07.4784749;Ti:FinishGeneratingAddressListFiles.CompressGeneratedFiles.CpuTime=00:00:07.5625000;Ti:FinishGeneratingAddressListFiles.CompressGeneratedFiles.ElapsedTime=00:00:07.8286905;I32:FinishGeneratingAddressListFiles.GenerateDiffFiles.FS.BytesRead=2387580;I32:FinishGeneratingAddressListFiles.GenerateDiffFiles.FS.BytesWritten=422342;Ti:FinishGeneratingAddressListFiles.GenerateDiffFiles.FS.Reading.ElapsedTime=00:00:00.0210406;Ti:FinishGeneratingAddressListFiles.GenerateDiffFiles.FS.Writing.ElapsedTime=00:00:00.0016500;Ti:FinishGeneratingAddressListFiles.GenerateDiffFiles.CpuTime=00:00:02.8906250;
.CpuTime=00:00:10.4531250;Ti:FinishGeneratingAddressListFiles.ElapsedTime=00:00:12.3643417;;</Data>
<Data>S:Exp=System.ArgumentException: Byte array for GUID must be exactly 16 bytes long.
at System.Guid..ctor(Byte[] b)
at Microsoft.Exchange.MailboxAssistants.Assistants.OABGenerator.DiffFileGenerator.ReadNextRecord(Stream stream, Boolean isFromOldFile, UInt32& recordCount, Int64& fileBytesRemaining, Byte[]& recordBuffer, Int32&
recordBytesRemaining, Nullable`1& objectGuid, Byte[]& propertyDescriptorsBuffer, Int32& headerPropertyDescriptorsCount, Int32& detailPropertyDescriptorsCount)
at Microsoft.Exchange.MailboxAssistants.Assistants.OABGenerator.DiffFileGenerator.CreatePatch(Stream diffStream)
at Microsoft.Exchange.MailboxAssistants.Assistants.OABGenerator.DiffFileGenerator.GenerateDiffFile(FileSet fileSet)
at Microsoft.Exchange.MailboxAssistants.Assistants.OABGenerator.OABGenerator.GenerateDiffFile(OABFile addressListFile, OABFile oldFile)
at Microsoft.Exchange.MailboxAssistants.Assistants.OABGenerator.OABGenerator.FinishGeneratingAddressListFiles(AssistantTaskContext assistantTaskContext)
at Microsoft.Exchange.MailboxAssistants.Assistants.OABGenerator.OABGeneratorAssistant.<>c__DisplayClasse.<ProcessAssistantStep>b__a()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)</Data>
</EventData>
</Event>Did you try to generate a new OAB, as Microsoft suggested in the
other thread you posted to? Or, are you using FIPS as mentioned in this KB
https://support.microsoft.com/en-us/kb/2974339? Are you using
Exchange 2013 CU8?
Mike Crowley | MVP
My Blog --
Baseline Technologies -
What happend New-MailboxExportRequest cmdlet in exchange 2013 SP1 is missing?
Cmdlet New-MailboxExportRequest is not recognize cmdlet in Exchange 2013 SP1
How can i do export mailbox to pst file in exchange 2013 SP1?You might be facing this issue because of not having the rights to execute the New-MailboxExportRequest CMDLET.
Follow the steps given below in order to export the mailboxes into PST file
1. Open the Exchange Console and run:
New-ManagementRoleAssignment -Name "Import Export PST" -SecurityGroup "Organization Management" -Role “Mailbox Import Export"
This will generate a new role group called Import Export PST to the Oranization Management group with the role Mailbox Import Export.
You should Close and Restart the Exchange Management System again so that the changes made will get reflected in the settings, otherwise you will still get the same erroriIf not
restarted. Now move to the next steps.
2. Assign “Mailbox Import Export” role to it.
3. Add Desired Users to Role Group
4. Create Network Share ( Exchange Trusted Subsystem group has read/write permission to NTFS Permissions)
5. Run PS New-MailboxExportRequest
6. Monitor New-MailboxExportRequest
Verify PST File has been created on the network Share and you are done.
If you get the same error again, then there will be some hardware or software issues due to which you are not able to export mailboxes into PST files. In that case, you can make
use of any third party tool like Stellar Phoenix EDB To PST converter, which will help you to export your exchange database files to PST files easily and quickly. You can try this software by downloading its demo directly from their site http://www.stellarinfo.com/email-repair/edb-pst-converter.php -
Cannot edit/create new mailbox in ECP - Exchange 2013 CU6
Hello, I am currently running Exchange 2013 CU6. I cannot perform tasks related to recipients such as edit/create new mailbox. Additionally I cannot view the properties of the virtual directories.
I tried multiple browsers (Chrome, Firefox, IE) in different PCs and the result is the same
For example, I cannot click "Browse" in "new user mailbox" tab
"New local Mailbox move" page displays blank
I browsed through the event logs and found the following errors (Event 4 and Event 21):
Event 4
Current user: 'Unauthenticated'
Request for URL 'https://mailserver.address..com:444/ecp/15.0.995.28/scripts/js.axd?resources=NewMigrationBatch&v=15.0.995.28&c=en-US(https://mailserver.address..capcx.com/ecp/15.0.995.28/scripts/js.axd?resources=NewMigrationBatch&v=15.0.995.28&c=en-US)'
failed with the following error:
Microsoft.Exchange.Management.ControlPanel.BadRequestException:
The request sent by your browser was not valid. ---> Microsoft.Exchange.Management.ControlPanel.BadRequestException: The request sent by your browser was not valid. --->
System.Exception: 'ToolkitScriptManager' could not generate combined script resources file.
--- End of inner exception stack trace ---
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at
System.Web.HttpApplication.ExecuteStep(IExecutionStepstep, Boolean&
completedSynchronously)
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at
System.Web.HttpApplication.ExecuteStep(IExecutionStepstep, Boolean&
completedSynchronously)
Microsoft.Exchange.Management.ControlPanel.BadRequestException:
The request sent by your browser was not valid. ---> System.Exception: 'ToolkitScriptManager' could not generate combined script
resources file.
--- End of inner exception stack trace ---
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
System.Exception: 'ToolkitScriptManager'
could not generate combined script resources file.
Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance,
False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration,
True],[Eac.AllowRemoteOnboardingMovesOnly, False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging,
True],[Eac.CrossPremiseMigration, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch,
False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled,
False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups,
False],[Eac.Office365DIcon, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions,
False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy, False],[Eac.UnlistedServices,
False],], Flights:[], Constraints:[[MACHINE, SERVER-NAME],[MODE, ENTERPRISE],[PROCESS, W3WP],],
IsGlobalSnapshot: True
Event 21
Current user: 'Unauthenticated'
Script request for URL 'https://mailserver.address.com:444/ecp/15.0.995.28/scripts/js.axd?resources=NewMigrationBatch&v=15.0.995.28&c=en-US(https://mailserver.address.com/ecp/15.0.995.28/scripts/js.axd?resources=NewMigrationBatch&v=15.0.995.28&c=en-US)'
failed with the following error:
Microsoft.Exchange.Management.ControlPanel.BadRequestException:
The request sent by your browser was not valid. ---> System.Exception: 'ToolkitScriptManager' could not generate combined script
resources file.
--- End of inner exception stack trace ---
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
System.Exception: 'ToolkitScriptManager'
could not generate combined script resources file.
Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance,
False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration,
True],[Eac.AllowRemoteOnboardingMovesOnly, False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging,
True],[Eac.CrossPremiseMigration, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch,
False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled,
False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups,
False],[Eac.Office365DIcon, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions,
False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy, False],[Eac.UnlistedServices,
False],], Flights:[], Constraints:[[MACHINE, SERVER-NAME],[MODE, ENTERPRISE],[PROCESS, W3WP],],
IsGlobalSnapshot: True
Any help?Hello Amy,
I will try to follow your suggestions. I will update once I get access to the server.
Anyways, the whole thing was back to normal for 1 day on its own, but right now the issue is happening again. Permission-wise, the account I used is in listed Organization Management role
Update: I forgot to try the EMS, but after I recycle the
MSExchangeECPAppPool, everything works fine, except for viewing Groups and Permissions
An error in the event viewer is displayed:
Current user: 'Unauthenticated'
Script request for URL 'https://address.com:444/ecp/15.0.995.28/scripts/js.axd?resources=EditRoleAssignmentPolicy&v=15.0.995.28&c=en-US(https://address.com/ecp/15.0.995.28/scripts/js.axd?resources=EditRoleAssignmentPolicy&v=15.0.995.28&c=en-US)'
failed with the following error:
Microsoft.Exchange.Management.ControlPanel.BadRequestException: The request sent by your browser was not valid. ---> System.Exception: 'ToolkitScriptManager' could not generate combined script resources file.
--- End of inner exception stack trace ---
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
at Microsoft.Exchange.Management.ControlPanel.CombineScriptsHandler.ProcessRequest(HttpContext context)
System.Exception: 'ToolkitScriptManager' could not generate combined script resources file.
Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance, False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration, True],[Eac.AllowRemoteOnboardingMovesOnly,
False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging, True],[Eac.CrossPremiseMigration, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch, False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled,
False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups, False],[Eac.Office365DIcon, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions, False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy,
False],[Eac.UnlistedServices, False],], Flights:[], Constraints:[[MACHINE, SERVER-NAME],[MODE, ENTERPRISE],[PROCESS, W3WP],], IsGlobalSnapshot: True
However, after a while, things are back to normal... I don't understand what's happening.. -
Clean rebuild in new WSE Domain of Exchange 2013 from CU7
All,
I am finally building a new environment and AD structure where .local no longer exists. I want to be sure I have everything documented and correct before I down the existing Exchange server. Could someone review the steps below and let me know
if I am missing anything and I have it correct so that when I am finished I have an Exchange 2013 CU7 server that is running and integrated with Windows Server Exchange 2013.
Install Windows Server 2012 R2 Standard with Update
Join new server to WSE Domain using WSE tools provided
Next run the below commands on Windows power shell on Exchange 2013 server
Open the Windows power shell & run as an administrator
Run below command’s
=================================================
Install-WindowsFeature RSAT-ADDS
Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt,
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext,
Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation
=====================================================
Run through Window Update till everything is clean
Open a Command Prompt as Administrator
Navigate to the extracted CU7 files folder
Setup.exe /ps /IAcceptExchangeServerLicenseTerms
Setup.exe /preparead /IAcceptExchangeServerLicenseTerms
Setup.exe /preparealldomains /IAcceptExchangeServerLicenseTerms
Setup.exe /IAcceptExchangeServerLicenseTerms
After installation finishes, rekey and import my GoDaddy SSL Cert
Set all internal and external virtual directories to
https://mail.doxidaddy.net
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri
https://mail.doxidaddy.net/autodiscover/autodiscover.xml
Follow instructions to export cert and run ARRConfig on PDC
Open Dashboard on WSE 2012 R2 Server and run the Integragte on premise exchange wizard to tie them together
Add appaopriate DNS records to DNS Server domain doxidaddy.net
Move Mailbox store to a RAID 5 drive prepared just for this purpose (will have to find KB article for this and next step)
Move Public folder database to separate RAID 5 Drive
Reconnect user’s Outloook to new server and upload data saved to PST before shutdown of server
Enjoy
Have I missed anything or gotten anything wrong? Please advise,
Bob HessenauerHi,
Step 9. It’s OK if you have only one CAS server. If you have multiple CAS servers and have proxy and redirection settings, it’s recommended to set internal name to the local server
name, setting external name to https://mail.doxidaddy.net is always fine.
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
I can not add a new certificate to my exchange 2013
Hi, I'm trying to create a certificate for my exchange 2013, I do everything correctly, gender certificate in place of my domain certifying entity, downloaded to the exchange server, I go to the window of certificates in the web interface of exchange 2013,
I click enable the certificate you had created earlier, open the wizard will introduce the route where is located the certificate and click finish me off the wizard window and delete from the list the certificate that had previously created, any suggestions
or ideas that may be happening ??? Greetings and thanks in advance.Hi,
According to your description, I understand that there are some issues when install the certificate in EAC of Exchange 2013. How do you generate this certificate before you install it? Is it a self-signed certificate or third-party certificate?
Please run the following command to check your current certificate configuration:
Get-ExchangeCertificate | FL
If it is a third-party certificate but the installed certificate is not listed in the command result, we can try to install this certificate by using the following commands:
Import-exchangecertificate -path “C:\Certificates\GeneratedCert.pfx”
Enable-ExchangeCertificate -Thumbprint xxxxxxxxxxxxxxxxxxxxxxxx -Services POP,IMAP,IIS
If there is any error during the certificate importing, please share the error or events here for further analysis.
Regards,
Winnie Liang
TechNet Community Support -
Exchange 2013 and 2010 co-existance
We will have 2013 and 2010 exist together for a while...we plan to move away from using Unified Access Gateway for HTTP redirection to our Exchange services and implement Kemp
load balancers...two at our HQ site and two at our DR stie...
We plan to have a one arm configuration...from what I gathered...each load balancer will have a network connection and only one network connection and be on the same network as
our new Exchange 2013 servers. Can someone take a look at my config and give some input whether or not this will work and some suggestion on Ex13 urls, cert SAN names, etc.
HQKemp 2400 A
HQKemp 2400 B
DCKemp 2400 A DCKemp 2400 B
172.16.1.104
172.16.1.105
172.25.1.104
172.25.1.10
Virtual IP 172.16.1.106
Virtual IP
172.25.1.104
From the video I’ve watched for Kemp install…we’ll create the following internal DNS records for the Exchange services that will be configured on balancers.
OWA/ECP
mail.corp.local.com
172.16.1.107
EWS ews.corp.local.com
172.16.1.108
OAB oab.corp.local.com
172.16.1.109
ActiveSync mobile.corp.local.co
172.16.1.110
OA oa.corp.local.com
172.16.1.111
Autodiscover autodiscover.corp.local.com 172.16.1.112
Question:
We will configure the Exchange services with these ip addresses linked to each service on all four load balancers?
Or will DR site load balancers have different IPs configured for same Exchange services?
Exchange services are split between our two sites…meaning Outlook Anywhere is configured for our CAS servers at our DR site and ActiveSync comes to HQ CAS servers as an example…so
I want all Exchange services to come through the newly installed load balancers at HQ and if they don’t respond…the Exchange services get redirected to the load balancers at our DR site.
Can you give some insight on the config of load balancers as to how we can do that?
I have a question about the cert we will have.
Our Microsoft rep says we should get a new wildcard cert…currently we have a UCC cert with the following SANs attached.
Will this new cert have to be installed on load balancers?
If so…can you suggest some ideas as to what new SANs I need if any of the new cert with Exchange 2010 and 2013 co-existing for a while.
Below are the SANs on our current UCC cert.
Outside resolvable SANs
Webmail.corp.local.com
205.223.19.25 portal.corp.local.com 205.223.27.78
Portal2.corp.local.com
205.223.19.25
Autodiscover.corp.local.com
205.223.19.25
Internal SANs
Hqcas1.corp.local.com
Hqcas2.corp.local.com
Dccas1.corp.local.com
Dccas2.corp.local.com
Owamail.corp.local.com
(this CAS Array server name that HQ CAS servers create)
What do you suggest we use for the external urls on Exchange 2013 for these services?
Our firewall guy says we’ll use same names,
but I’m not sure if we try to use same name if we’ll get an error?
Active Directory may say name already in use?
We plan to have firewall to just redirect requests for external urls to load balancers…sound correct?
Meaning load balancer won’t have an external NIC defined…which makes it a one arm config…correct?Hi Techy,
According to your description, I am still not quite sure about your environment. Could you please provide more information about it, such as:
1. How many Exchange servers in your coexistence environment? One Exchange 2010 with all roles and one Exchange 2013 with all roles? Or several Exchange 2010 and multiple Exchange 2013?
2. Are there two sites in your environment? What’s the Exchange deployment in different sites?
3. Please confirm if both Exchange 2010 and Exchange 2013 are Internet-facing.
Additionally, if you are using different namespaces for different services for internal access and external accessing, we need to include all service namespaces in your certificate with IIS service. Personal suggestion, we can follow ED Crowley’s suggestion
to use split-brain DNS in your environment and only use the same namespace for Exchange service URLs.
The following article described the details about how to configure different namespace for Exchange services by using Load Balance in Exchange 2013:
http://www.msexchange.org/articles-tutorials/exchange-server-2013/high-availability-recovery/introducing-load-balancing-exchange-server-2013-part2.html
Regards,
Winnie Liang
TechNet Community Support -
Exchange 2013 Sp1 some users cant access owa
After I install new exchange 2013 with sp1 on windows 2012 R2 server one for mail boxes and the second Client Access, i move all mail boxes to it, then i uninstall the old server (exchange 213 with cu3).
All may exchange server’s virtual machines on hyper-v 2012R2
I install certificate and configure virtual directories
I notice some users can’t open there mail boxes from OWA they get a blank page after the enter username and password (from internal and external) (the same users can open outlook anywhere) at the same times many users can access owa.
After many restarts they can access OWA.
After some days some other users can’t access owa.
I remove ECP and OWA virtual directories, Then Recreate and configure it.
But the same problem some users cant access owa
I install a new client access server, configure it
But the same problemHI
YOu can check below things to resolve the problem
Disable SSL from Default Web Site if you have enabled them
Check if you have set any redirection in the Default Website if so remove redirection and see the results
Ensure that you have a valid certificate for owa VD
check correctly the authentication type - windows authentication is enabled or if you have form based authentication enabled
Below is an example for enabling WA
set-Owavirtualdirectory -identity "servername\owa (Exchange Back End)" -WindowsAuthentication $True -Basicauthentication $false -Formsauthentication $false
Set-EcpVirtualDirectory -Identity "servername\ecp (Exchange Back End)" -WindowsAuthentication $true -FormsAuthentication $false
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you -
Autodiscover exchange 2013 and 2007
hello,
i am in the process of setting up autodiscover properly for a coexistence environment of exchange 2007 and 2013.
currently, exchange 2007 has the active CAS server role. let's call it server1.contoso.com. Exchange 2013 is installed with the CAS and Mailbox role. let's call that server server2.contoso.com
Assuming all certificates have been installed, i assume that server2.contoso.com has to point to the autodiscover of server1.contoso.com until i have fully moved all mailboxes over to 2013 CAS, correct?
the powershell command i used to set autodiscover on server2 is as follows,
Set-ClientAccessServer -AutodiscoverServiceInternalUri https://server2.contoso.com/Autodiscover/Autodiscover.xml
it then asks for identity and i enter "server2.contoso.com".
Currently, when i type "get-clientaccess server | fl server,*uri I get the follow results,
AutoDiscoverServiceInternalUri : https://server1.contoso.com/autodiscover/autodiscover.xml
AutoDiscoverServiceInternalUri : https://server2.contoso.com/autodiscover/autodiscover.xml
Should they both be "AutoDiscoverServiceInternalUri : https://server1.contoso.com/autodiscover/autodiscover.xml" since server1 is the active CAS server?
Again, once everything has been migrate i will then change the CAS server to server2.contoso.com
Thanks!!Apologies if I have confused everyone here.
we need 2 urls for Owa and EWS in 2007 and 2013. My this blog should help
http://msexchangeguru.com/2013/12/31/e20132007-urlsauth/
Undying: Answers are in line.
1. What I understand from the post marked as Answer is there is no need for legacy namespace for Exchange2007/Exchange2013 co-existence, meaning after the installation of Exchange 2013 in the environment there is no need to modify the virtual dirs on exchange
2007 side. Both 2013 and 2007 will be using the mail.domain.com namespace for all the services and once the virtual directories have been configured on the Exchange 2013 CAS it will redirect the request to Exchange2007 CAS for the Exchange2007 mailboxes. And
since there's no need for legacy namespace, it should also mean that there would be no need for any additional publishing rule in the reverse proxy (ISA/TMG), just modifying the current one (mail.domain.com) to point to the Exchange 2013 CAS should do the
trick. Am I correct?
Just to summarize, all the redirection from Exchange 2013 to Exchange 2007 will be done without the need of legacy namespace and without modifying any URls on the Exchange 2007 side.
PN Answer:
You need 2 urls for OWA and EWS.
legacy.domain.com and mail.domain.com
Also need
autodiscover.domain.com
Basically you need to change these urls on 2007 side to legacy.domain.com
This means you need to get this url added into the cert.
On TMG side direct all the traffic to 2013 and it will redirect to 2007.
you would need a new public host record for the legacy url.
2. If all that is indeed correct then why the Technet article still make it sound like that the legacy host name is mandatory? http://technet.microsoft.com/en-us/library/jj898582(v=exchg.150).aspx
(Step 7)
PN Answer: Yes we need legacy url
Regards, Prabhat Nigam XHG and AD Architect and DR Expert Website: msexchangeguru.com VBC: https://www.mcpvirtualbusinesscard.com/VBCServer/wizkid/card -
MT Exchange 2013 and Public Folder Limits
So having some real trouble trying to digest this data from a multi-tenant perspective.
Total public folders in hierarchy
10,000
Although you can create more than 10,000 public folders, it isn’t supported. Create
a Public Folder
Sub-folders under the parent folder
10,000
Although you can create more than 10,000 sub-folders under a parent folder, it isn’t supported.FolderHierarchyChildrenCountReceiveQuota parameter on the Set-Mailbox cmdlet.
So if my hierarchy consists of root folders 0-9,A-Z. Then below those top levels I place tenant domain level folders. Then below that I actually have folders for tenant data. Which of the above category applies? Sub-folders under
the parent folder is somewhat misleading? Does that mean in my above scenario I would only have 36 "parent" folders then would be able to have a total of 10k subfolders under those parents?
Or does it effectively mean 10k folders, that is all. One parent folder and 9,999 sub-folders? Or some combination of the two?
I had very high expectations for the redesigned public folders with incorporation into the DAG, but this solution seems MUCH less scalable and flexible then the legacy design. Additionally the recommendation of 2k concurrent users per PF mailbox, with
a max number of PF mailboxes at 100 effectively sets an org limit of 200k total mailboxes.
I can't help but feel this is just another nail in the coffin of non O365 Exchange resellers.Hi,
Based on my research, the public folder size can be up to 100GB in the hosted Exchange 2013 environment:
http://www.wisnet.com/blog/hosted-exchange-2013-is-available-now/
As long as the total number is beyond the limit, we can at most have 100 public folder mailboxes ,10k public folders, 10k subfolders under one public folder and 200 concurrent users for one public folder mailboxes.
For more information about the public folders in Exchange 2013, you can refer to the following articles:
Public folders
http://technet.microsoft.com/en-us/library/jj150538(v=exchg.150).aspx
FAQ: Public Folders
http://technet.microsoft.com/en-us/library/jj552408.aspx
Public folders in the new Office
http://blogs.technet.com/b/exchange/archive/2012/11/08/public-folders-in-the-new-office.aspx
Exchange 2013 Modern Public Folders
http://windowsitpro.com/blog/exchange-2013-modern-public-folders
Public Folder Hierarchy and PF Mailboxes for Hosted setup
http://social.technet.microsoft.com/Forums/exchange/en-US/e9062abe-f484-462b-bc5e-ebdcb0862760/public-folder-hierarchy-and-pf-mailboxes-for-hosted-setup
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
If you have any question about Exchange server, please feel free to let me know.
thanks,
Angela Shi
TechNet Community Support
Maybe you are looking for
-
Blue screen of death with windows seven
Ok to begin, I understand that Im using a release candidate operating system but I would appreciate any help. When I'm watching a slow I get a blue screen of death. With the fallowing error details: Problem signature: Problem Event Name: BlueScreen
-
Desktop office integration : Creating and filling tables in a word document
Hi all, I want to create a table in a word document and then fill it with data. The word processor interface has only 'insert_table' methods which can download the data in an ABAP internal table to an already existing table in a word document, but in
-
Interested in AppleTV- question
Hello all- My finace and I love iTunes but we both have different tastes in music sometimes. That being said our Powerbook HD has 23gb of music (no tv shows/ music videos!) and it is quickly growing. I understand you can stream and we would be intere
-
How to disable 'esc' quitting full screen?
Hi. The title explains itself: I will be on anything such as Facebook, want to close a 'chat window', click 'esc' which should work but instead closes full screen. Quite annoying. Not a huge problem but if there was a way to stop this it would be ver
-
What is the easiest way to transfer everything from iTunes on my old Dell to my MacBook Pro?
I just bought a MacBook Pro and don't want to have to redo all my playlists and everything for my iPhone and iPad, what would be the easiest way to transfer all my music and everything from iTunes on my Dell to my MacBook?