Category Archives: Exchange 2003

ADMT CrossForest 2003-2010 Part2 – Bulk Mail Enable MailUser

by

0

 

 

Part1 – ADMT Account & Group

Part2

1. Bulk Disable MailUser
image

image

2. Get-User

image

3. Get-User –OrganizationalUnit “Test_OU” –RecipientTypeDetails user

image

4.
[PS] C:\Windows\system32>Get-User -OrganizationalUnit "Tests_Import" -RecipientTypeDetails user | foreach ($_.SAMAccountName) {$Email = $_.SAMAccountName+"@Test.com.tw"; Enable-MailUser -Identity $_ -ExternalEmailAddress $Email -WhatIf}

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User5@Test.com.tw" 的郵件使用者 "Test.com.tw/Test_Import/JS.User5"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User6@Test.com.tw" 的郵件使用者 "Test.com.tw/Test_Import/JS.User6"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User7@Test.com.tw" 的郵件使用者 "Test.com.tw/Test_Import/JS.User7"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User8@Test.com.tw" 的郵件使用者 "Test.com.tw/Test_Import/JS.User8"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User9@Test.com.tw" 的郵件使用者 "Test.com.tw/Test_Import/JS.User9"。

P.S. 管線未執行,因為已經有個管線正在執行。管線不可並行執行。

http://help.outlook.com/zh-tw/140/cc875890.aspx 

image

image

image

5. [PS] C:\Windows\system32>Get-User -OrganizationalUnit "Tests_Import" -RecipientTypeDetails user | foreach ($_.SAMAccountName) {$Email = $_.SAMAccountName+"@Test.com.tw"; Enable-MailUser -Identity $_ -ExternalEmailAddress $Email }

Name                                     RecipientType
—-                                     ————-
JS.User4                                 MailUser
JS.User5                                 MailUser
JS.User6                                 MailUser
JS.User7                                 MailUser
JS.User8                                 MailUser
JS.User9                                 MailUser

image

=============*****============
[PS] C:\Windows\system32>$User = Get-User -OrganizationalUnit "Test_Import" -RecipientTypeDetails user

[PS] C:\Windows\system32>$User | foreach ($_.SAMAccountName) {$Email = $_.SAMAccountName+"@Test.com.tw"; Enable-MailUs
er -Identity $_ -ExternalEmailAddress $Email -WhatIf}
WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User10@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User10"

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User3@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User3"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User4@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User4"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User5@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User5"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User6@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User6"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User7@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User7"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User8@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User8"。

WhatIf: 正在啟用外部電子郵件地址為 "smtp:JS.User9@Test.com.tw" 的郵件使用者 "TestS.com.tw/Tests_Import/JS.User9"。

[PS] C:\Windows\system32>$User | foreach ($_.SAMAccountName) {$Email = $_.SAMAccountName+"@Test.com.tw"; Enable-MailUser -Identity $_ -ExternalEmailAddress $Email}

image

6.
[PS] C:\Windows\system32>Get-MailUser -OrganizationalUnit "Tests_Import"

Name                                     RecipientType
—-                                     ————-
JS.User4                                 MailUser
JS.User5                                 MailUser
JS.User6                                 MailUser
JS.User7                                 MailUser
JS.User8                                 MailUser
JS.User9                                 MailUser

 

image

Get-User & Get-MailUser

[PS] C:\Windows\system32>Get -User -Identity JS.User10  | fl

RunspaceId               : f76d0203-ca9e-4579-b578-23842539ffe1
IsSecurityPrincipal      : True
SamAccountName           : JS.User10
Sid                      : S-1-5-21-3280115619-3012524529-1380902707-1163
SidHistory               : {S-1-5-21-387562510-2723945668-297530758-1616}
UserPrincipalName        : JS.User10@TestS.com.tw
ResetPasswordOnNextLogon : False
CertificateSubject       : {}
RemotePowerShellEnabled  : True
WindowsLiveID            :
NetID                    :
UserAccountControl       : NormalAccount
OrganizationalUnit       : Tests.com.tw/Tests_Import
IsLinked                 : False
LinkedMasterAccount      :
AssistantName            :
City                     :
Company                  :
CountryOrRegion          :
Department               :
DirectReports            : {}
DisplayName              : JS.User10
Fax                      :
FirstName                :
HomePhone                :
Initials                 :
LastName                 :
Manager                  :
MobilePhone              :
Notes                    :
Office                   :
OtherFax                 : {}
OtherHomePhone           : {}
OtherTelephone           : {}
Pager                    :
Phone                    :
PhoneticDisplayName      :
PostalCode               :
PostOfficeBox            : {}
RecipientType            : User
RecipientTypeDetails     : User
SimpleDisplayName        :
StateOrProvince          :
StreetAddress            :
Title                    :
UMDialPlan               :
UMDtmfMap                : {}
AllowUMCallsFromNonUsers : SearchEnabled
WebPage                  :
TelephoneAssistant       :
WindowsEmailAddress      :
UMCallingLineIds         : {}
SeniorityIndex           :
VoiceMailSettings        : {}
IsValid                  : True
ExchangeVersion          : 0.0 (6.5.6500.0)
Name                     : JS.User10
DistinguishedName        : CN=JS.User10,OU=Tests_Import,DC=TestS,DC=com,
Identity                 : TestS.com.tw/Tests_Import/JS.User10
Guid                     : f6ece772-e9ad-4e0a-98dc-cc7e368b7374
ObjectCategory           : TestS.com.tw/Configuration/Schema/Person
ObjectClass              : {top, person, organizationalPerson, user}
WhenChanged              : 2011/10/12 下午 04:48:10
WhenCreated              : 2011/10/12 下午 02:24:17
WhenChangedUTC           : 2011/10/12 上午 08:48:10
WhenCreatedUTC           : 2011/10/12 上午 06:24:17
OrganizationId           :
OriginatingServer        : NewDC1.TestS.com.tw

=====================================================

[PS] C:\Windows\system32>Get-User -Identity JS.User6 | fl

RunspaceId               : f76d0203-ca9e-4579-b578-23842539ffe1
IsSecurityPrincipal      : True
SamAccountName           : JS.User6
Sid                      : S-1-5-21-3280115619-3012524529-1380902707-1167
SidHistory               : {S-1-5-21-387562510-2723945668-297530758-1612}
UserPrincipalName        : JS.User6@TestS.com.tw
ResetPasswordOnNextLogon : True
CertificateSubject       : {}
RemotePowerShellEnabled  : True
WindowsLiveID            :
NetID                    :
UserAccountControl       : NormalAccount
OrganizationalUnit       : Tests.com.tw/Tests_Import
IsLinked                 : False
LinkedMasterAccount      :
AssistantName            :
City                     :
Company                  :
CountryOrRegion          :
Department               :
DirectReports            : {}
DisplayName              : JS.User6
Fax                      :
FirstName                :
HomePhone                :
Initials                 :
LastName                 :
Manager                  :
MobilePhone              :
Notes                    :
Office                   :
OtherFax                 : {}
OtherHomePhone           : {}
OtherTelephone           : {}
Pager                    :
Phone                    :
PhoneticDisplayName      :
PostalCode               :
PostOfficeBox            : {}
RecipientType            : MailUser
RecipientTypeDetails     : MailUser
SimpleDisplayName        :
StateOrProvince          :
StreetAddress            :
Title                    :
UMDialPlan               :
UMDtmfMap                : {emailAddress:5787376, lastNameFirstName:5787376, firstNameLastName:5787376}
AllowUMCallsFromNonUsers : SearchEnabled
WebPage                  :
TelephoneAssistant       :
WindowsEmailAddress      : JS.User6@Test.com.tw
UMCallingLineIds         : {}
SeniorityIndex           :
VoiceMailSettings        : {}
IsValid                  : True
ExchangeVersion          : 0.10 (14.0.100.0)
Name                     : JS.User6
DistinguishedName        : CN=JS.User6,OU=Tests_Import,DC=TestS,DC=com,DC=tw
Identity                 : TestS.com.tw/Tests_Import/JS.User6
Guid                     : 5b85dbcd-59d5-4cfd-9077-8f1ee0eca2e4
ObjectCategory           : TestS.com.tw/Configuration/Schema/Person
ObjectClass              : {top, person, organizationalPerson, user}
WhenChanged              : 2011/10/12 下午 04:43:45
WhenCreated              : 2011/10/12 下午 02:25:29
WhenChangedUTC           : 2011/10/12 上午 08:43:45
WhenCreatedUTC           : 2011/10/12 上午 06:25:29
OrganizationId           :
OriginatingServer        : NewDC1.TestS.com.tw

========================================

[PS] C:\Windows\system32>Get-MailUser -Identity js.user6 | fl

RunspaceId                             : f76d0203-ca9e-4579-b578-23842539ffe1
DeliverToMailboxAndForward             : False
ExchangeGuid                           : 00000000-0000-0000-0000-000000000000
ArchiveGuid                            : 00000000-0000-0000-0000-000000000000
ArchiveName                            : {}
ArchiveQuota                           : unlimited
ArchiveWarningQuota                    : unlimited
ForwardingAddress                      :
ArchiveDatabase                        :
ArchiveStatus                          : None
DisabledArchiveDatabase                :
DisabledArchiveGuid                    : 00000000-0000-0000-0000-000000000000
ExchangeUserAccountControl             : None
ExternalEmailAddress                   : SMTP:JS.User6@JSFund.com.tw
UsePreferMessageFormat                 : False
MessageFormat                          : Mime
MessageBodyFormat                      : TextAndHtml
MacAttachmentFormat                    : BinHex
ProtocolSettings                       : {}
RecipientLimits                        : unlimited
SamAccountName                         : JS.User6
UseMapiRichTextFormat                  : UseDefaultSettings
UserPrincipalName                      : JS.User6@JSFUNDS.com.tw
WindowsLiveID                          :
MailboxMoveTargetMDB                   :
MailboxMoveSourceMDB                   :
MailboxMoveFlags                       : None
MailboxMoveRemoteHostName              :
MailboxMoveBatchName                   :
MailboxMoveStatus                      : None
ImmutableId                            :
PersistedCapabilities                  : {}
SKUAssigned                            : False
WhenMailboxCreated                     :
LitigationHoldEnabled                  : False
SingleItemRecoveryEnabled              : False
RetentionHoldEnabled                   : False
EndDateForRetentionHold                :
StartDateForRetentionHold              :
RetentionComment                       :
RetentionUrl                           :
LitigationHoldDate                     :
LitigationHoldOwner                    :
RetainDeletedItemsFor                  : 14.00:00:00
CalendarVersionStoreDisabled           : False
UsageLocation                          :
Extensions                             : {}
HasPicture                             : False
HasSpokenName                          : False
AcceptMessagesOnlyFrom                 : {}
AcceptMessagesOnlyFromDLMembers        : {}
AcceptMessagesOnlyFromSendersOrMembers : {}
AddressListMembership                  : {\All Mail Users(VLV), \All Recipients(VLV), \預設全域通訊清單, \所有使用者}
Alias                                  : JS.User6
ArbitrationMailbox                     :
BypassModerationFromSendersOrMembers   : {}
OrganizationalUnit                     : jsfunds.com.tw/JSFunds_Import
CustomAttribute1                       :
CustomAttribute10                      :
CustomAttribute11                      :
CustomAttribute12                      :
CustomAttribute13                      :
CustomAttribute14                      :
CustomAttribute15                      :
CustomAttribute2                       :
CustomAttribute3                       :
CustomAttribute4                       :
CustomAttribute5                       :
CustomAttribute6                       :
CustomAttribute7                       :
CustomAttribute8                       :
CustomAttribute9                       :
DisplayName                            : JS.User6
EmailAddresses                         : {SMTP:JS.User6@JSFund.com.tw}
GrantSendOnBehalfTo                    : {}
ExternalDirectoryObjectId              :
HiddenFromAddressListsEnabled          : False
LastExchangeChangedTime                :
LegacyExchangeDN                       : /o=JSFunds/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/
                                         =JS.User6f9d
MaxSendSize                            : unlimited
MaxReceiveSize                         : unlimited
ModeratedBy                            : {}
ModerationEnabled                      : False
PoliciesIncluded                       : {4ee72cd0-e122-4c85-a5a3-40cbd5ab2bf3, {26491cfc-9e50-4857-861b-0cb8df22b5d7
PoliciesExcluded                       : {}
EmailAddressPolicyEnabled              : True
PrimarySmtpAddress                     : JS.User6@JSFund.com.tw
RecipientType                          : MailUser
RecipientTypeDetails                   : MailUser
RejectMessagesFrom                     : {}
RejectMessagesFromDLMembers            : {}
RejectMessagesFromSendersOrMembers     : {}
RequireSenderAuthenticationEnabled     : False
SimpleDisplayName                      :
SendModerationNotifications            : Always
UMDtmfMap                              : {emailAddress:5787376, lastNameFirstName:5787376, firstNameLastName:5787376}
WindowsEmailAddress                    : JS.User6@JSFund.com.tw
MailTip                                :
MailTipTranslations                    : {}
PartnerObjectId                        : 00000000-0000-0000-0000-000000000000
IsValid                                : True
ExchangeVersion                        : 0.10 (14.0.100.0)
Name                                   : JS.User6
DistinguishedName                      : CN=JS.User6,OU=JSFunds_Import,DC=JSFUNDS,DC=com,DC=tw
Identity                               : JSFUNDS.com.tw/JSFunds_Import/JS.User6
Guid                                   : 5b85dbcd-59d5-4cfd-9077-8f1ee0eca2e4
ObjectCategory                         : JSFUNDS.com.tw/Configuration/Schema/Person
ObjectClass                            : {top, person, organizationalPerson, user}
WhenChanged                            : 2011/10/12 下午 04:43:45
WhenCreated                            : 2011/10/12 下午 02:25:29
WhenChangedUTC                         : 2011/10/12 上午 08:43:45
WhenCreatedUTC                         : 2011/10/12 上午 06:25:29
OrganizationId                         :
OriginatingServer                      : NewDC1.JSFUNDS.com.tw

Ticket: Public Folder Replication Fails Due To Empty Legacy Administrative Group

by

0

 

Exchange 2007 Event 8207 MSExchangeFBPublish Finally Fixed

Error updating public folder with free/busy information on virtual machine claexc01. The error number is 0x80004005

Hi Michael, I’m not sure whether to be impressed or shocked that my site is blocked in China. Here’s a new URL to try (http://blog.stealthpuppy.com/exchange/exchange-server-2007-and-public-folder-replicas), otherwise here’s a copy of the text:

During a migration from Exchange Server 2003 to Exchange Server 2007 you need to add the Exchange 2007 server to replicas for each of the Public Folders (as you would need with any Exchange server migration) and this includes the System folders as well.
In our case I missed the SCHEDULE+ FREE BUSY folder. This resulted in Outlook 2003 clients unable to see Free/Busy information when creating a meeting request. The user would see this error in Outlook when attempting to see another users schedule:
    no free/busy information could be retrieved
In addition to this, the following error was logged on the Exchange Server:
    Event Type: Error
    Event Source: MSExchangeFBPublish
    Event Category: General
    Event ID: 8207
    Date: 8/05/2007
    Time: 3:16:17 PM
    User: N/A
    Computer: EXCHSVR
    Description:
    Error updating public folder with free/busy information on virtual machine exchsrvr. The error number is 0×80004005.
After a bit of digging around, it occurred to me that I’d missed adding the new server to the Public Folder replicas. To add the replicas you will need to get the list of the sub-folders of the SCHEDULE+ FREE BUSY folder. You can see this list with this command (replace exchsrvr with the name of your server):
[PS] C:\>Get-PublicFolder -server exchsvr “\non_ipm_subtree\SCHEDULE+ FREE BUSY” -recurse | Format-List

Then to add the replicas run these commands (you’ll have to add your own server and organisation names):
[PS] C:\>Set-PublicFolder –Identity “\NON_IPM_SUBTREE\SCHEDULE+ FREE BUSY\EX:/o=Company/ou=First Administrative Group” –Replicas “exchsrvr\Public Folder Database”

[PS] C:\>Set-PublicFolder –Identity “\NON_IPM_SUBTREE\SCHEDULE+ FREE BUSY\EX:/o=Company/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)” –Replicas “exchsrvr\Public Folder Database”
Once I did this and ran OUTLOOK.EXE /cleanfreebusy, so I didn’t have to wait for the free/busy data to be published, all was well.

 

Public Folder Replication Fails Due To Empty Legacy Administrative Group
A missing free/busy folder

Removing a legacy admin group does not typically cause a problem. However, there is a possible situation to be aware of.

Every admin group has a siteFolderServer attribute. This attribute points to the public folder store that is responsible for the free/busy folder for that admin group. Most of the time, that public folder store doesn’t have to do anything, but it is responsible for making sure that the free/busy folder exists. If the free/busy folder for that admin group is missing, it’s up to that public folder store to create it.

You can’t delete the free/busy folder through any admin tool (ESM, the cmdlets, etc, won’t let you), or even through something like ADSI Edit – it’s an object in the store, not in the Active Directory. However, it is theoretically possible that somehow, that folder could go missing. If you deleted all your public folder databases and started over with clean ones, or something else unusual happened, you could end up in a situation where there is no free/busy folder for a particular legacy admin group. If that legacy admin group no longer exists in the directory, and thus has no siteFolderServer specified, then the free/busy folder will not get recreated, and you’ll see items backing up in the System Attendant.

Even in this situation, there’s a fairly easy way to fix the problem. If you still have Exchange System Manager, you can use it to recreate the legacy admin group. Alternately, you can use ADSI Edit to do the same. The important thing is to make sure the legacyExchangeDN is correct – make sure it matches the legacyExchangeDN on the users that were created in that old admin group. On the new admin group object, make sure you have a siteFolderServer that points to an existing public store in some other admin group. Within 24 hours, the free/busy folder for that admin group will get recreated.

If you don’t want to recreate the admin group, then your other option at this point is to change the legacyExchangeDN on the users from that admin group. The steps for this are still documented in TechNet.

Our recommendation

We recommend you leave the old admin groups around, simply because there’s no reason to remove them. Also, it’s possible your free/busy folder could go missing at some point, and then you either have to recreate the admin group or change the legacyExchangeDN on the users.

If you decide to remove an admin group anyway, you should always do it through Exchange System Manager, which will prevent you from deleting it if it still contains objects you need – like the public folder hierarchy object. Deleting the admin group while it still contains the hierarchy object will completely break public folder replication and your ability to administer the folders, among other things.

For these reasons, our recommended workaround for the public folder replication issue is to delete the empty Servers container using ADSI Edit. But technically, yes, you could delete the admin group – gracefully from ESM – to achieve the same end. This doesn’t usually cause a problem, and situations where you have to change the legacyExchangeDN of the users should be pretty rare.

Outlook 2007 , Exchange 2003 & Autodiscover

by

0

Outlook 2007 feature matrix based on Exchange Server version

Autodiscover

The Autodiscover service is automatically installed and configured when the Client Access Server role is added to any Exchange 2007 server. During the configuration, an Autodiscover virtual directory is created under the default Web site and a Service Connection Point (SCP) object is created in Active Directory. The virtual directory and SCP object are essential elements of your Exchange environment as they allow Outlook 2007 clients to quickly find and communicate with the Client Access Server.

Depending on your client location, Outlook uses one of the following methods for communicating with the Client Access Server.

  • SCP object – If you are logged into the domain, Outlook 2007 searches Active Directory for the SCP information. The SCP contains the URL to the Autodiscover service, which is then used by Outlook to contact the Client Access Server.
  • DNS – If you are not logged into the domain, or Outlook cannot locate an SCP object in Active Directory, Outlook tries to locate the Autodiscover service via DNS. Based on the suffix of your SMTP address, Outlook performs several connection attempts to the following hard-coded URLs:

http(s)://domain.com/autodiscover/autodiscover.xml

http(s)://autodiscover.domain.com/autodiscover/autodiscover.xml

Assuming Outlook is able to connect using either of the above methods, the Client Access Server configures Outlook clients by automatically pushing down settings for the following items.

  • Mailbox server
  • UM server URL
  • OAB download location
  • Availability service URL
  • OOF URL
  • Outlook Anywhere configuration details
  • Authentication method

All of this information can easily be seen via the Test E-mail AutoConfiguration tool in Outlook 2007 (press CTRL and right-click the Outlook icon in the System tray).

To learn how the Outlook discovery mechanisms work and how to modify an XML file to configure Autodiscover, please click the following link to the Outlook Automatic Account Configuration whitepaper:

http://office.microsoft.com/search/redir.aspx?AssetID=AM102105061033

NOTE: Autodiscover is not used by Outlook Web Access or versions of Outlook earlier than 2007. If you are connecting with an Exchange 2007 mailbox with an Outlook 2003 client (for example), the process is identical to connecting with an Exchange 2003 mailbox.

Automatic configuration with older Exchange servers

In an Exchange environment that does not include Microsoft Exchange Server 2007 or later, Outlook still attempts to locate Exchange mailboxes. Active Directory includes a mailbox server property that can be set for each user. If standard Autodiscover attempts fail, Outlook tries to configure simple Exchange connections to an earlier version of Exchange server by using the Exchange mailbox server property. For a simple server topology with one domain and all Outlook computers joined to the domain, Outlook queries Active Directory for the Exchange server defined for the user logged in to the computer.

E14 – Enable-AddressListPaging

by

0

重要事項:

Exchange 2010 現在會在新容器中建立系統通訊清單。使用 Exchange 2003 或 Exchange 2007 管理工具所建立或修改的收件者,不會與這些系統通訊清單一起加註戳記。因此,他們不會被 Get-Recipient 指令程式看到。
若要修正這個問題,您必須啟用 Active Directory 虛擬清單檢視 (VLV)。當您完成將現有 Exchange 2003 組織升級到 Exchange 2010,並解除委任 Exchange 2003 伺服器之後,必須啟用 Active Directory VLV。若要啟用 Exchange 2010 的 VLV,請執行 Enable-AddressListPaging 指令程式。如需相關資訊,請參閱Enable-AddressListPaging

Ticket: Exchange 2003 – Deleting this mailbox store may result in the loss of system messages used by Exchange

by

0

 

 

When does the System Attendant mailbox get created? Can it be moved or re-created?

The System Attendant mailbox is created when the system attendant is created on a server. It is associated with the first mailbox store created on a server.
If an attempt is made to delete the mailbox store containing the System Attendant mailbox, the following warning will appear:

Deleting this mailbox store may result in the loss of system messages used by Exchange, such as Free/Busy or Key Management Security. If you choose to continue, you need to restart the system attendant service after the store is deleted.

image

If the store is then deleted, the System Attendant mailbox will be moved automatically into another mailbox store on the server, that is, the HomeMDB value on the directory object will be updated.

The system attendant service must be restarted to reconfigure MSExchangeFBPublish to use the new mailbox location, and the mailbox object may not reappear under the Mailboxes node of Exchange System Manager until it is used in the future.
If there is a System Attendant directory object but no mailbox object, the mailbox store object will be re-created automatically in the mailbox store referenced by the HomeMDB attribute as soon as it is needed. Note that one cause of this is using a blank store for troubleshooting.

image

步驟:

1. 您可以移除First  Storage Group 的 mailbox store

2. 當出現下列訊息時繼續刪除

Deleting this mailbox store may result in the loss of system messages used by Exchange, such as Free/Busy or Key Management Security. If you choose to continue, you need to restart the system attendant service after the store is deleted.

3. 刪除後直接重新啟動Exchange System Attendant Service 即可

4. Event ID 會有警告資訊提醒您要重啟service, 以重新配置 System Attendant 這個信箱的mailbox store

Microsoft Exchange System Attendant has detected that the system attendant object in the DS has been modified. System Attendant needs to restart the Microsoft Exchange Free Busy Publishing Service.

 

Blog Extended Reading

More Information & Reference
Overview of Exchange 2000 Server and Exchange Server 2003 Special Mailboxes

image

Ticket: Exchange 2003 Public Folder Assistant

by

0

 


1. 用具有folder owner 權限的使用者登入Outlook

image

2. 按右鍵properties, 開啟 Folder Assistant

 image

3. 設定 Rules

image
4. 指定 From , Send To , Forward

指定特定的寄件者
image

指定特定網域的寄件者

image 

避免此郵件在去執行其他轉寄規則, 請勾選 Do Not Process Subsequent rules

image

5. 選擇轉寄的形式

image 

6. 轉寄後的結果

image 

7. 建立第二條規則, 用於所有人的轉寄規則

image

 

 

Blog Extended Reading

More Information & Reference

image

REF: Exchange 2003 POP3 效能

by

0

 

POP3 前後端效能影響說明如下

網路使用量

磁碟使用量
處理器
記憶體

POP3 前端伺服器

記憶體

POP3 前端伺服器幾乎不需要記憶體即可有效的操作。POP3 前端伺服器上同時 POP3 工作階段數目增加時,記憶體使用量不會有顯著增加。因為 POP3 用戶端不會持續長時間連線到前端伺服器 (這會讓記憶體使用量相對較小),所以記憶體不會顯著增加。可以在 POP3 前端伺服器上停用 MSExchangeIS (Store.exe) 服務,進而節省額外的記憶體。如果停用此服務,則 POP3 前端伺服器可以 256 MB 的 RAM 有效執行。

磁碟使用量

當判定專用 POP3 前端伺服器的硬體需求時,請考量您需要的磁碟空間。POP3 前端伺服器極少使用硬碟,因為它充當 Proxy 伺服器,將每個通訊協定工作階段傳遞給適當的後端伺服器。如果為 POP3 虛擬伺服器在 Exchange 系統管理員中啟用通訊協定記錄,則會在前端伺服器上使用硬碟來儲存所需的通訊協定記錄。Windows Server 2003 中的快取管理員也使用磁碟,來將資訊分頁到分頁檔案上,以及自分頁檔案中分頁資訊。作用中系統處理程序需要額外記憶體時,快取管理員使用分頁檔案以暫時從最近未存取的 RAM 儲存資訊。您可以增加伺服器上的 RAM,來讓分頁活動降至最小。

有 256 MB 或更多實際記憶體的 POP3 前端伺服器極少分頁。一個磁碟轉軸用於 POP3 伺服器對於大部份應用程式而言已足夠。如果您執行啟用了通訊協定記錄的大型伺服器,請考量新增第二個轉軸。

網路使用量

在 POP3 前端伺服器上,當您嘗試判定所需的硬體類型時,必須考量網路流量。因為 POP3 前端伺服器可以為多個後端伺服器提供服務,所以發生在前端伺服器上的網路流量經常相當高。任何高階前端伺服器的最小網路需求,是以全雙工模式 (表示資料可以同時傳輸及接收) 執行的單一 100-Mbp 網路介面卡。使用 1:4 的前端伺服器與後端伺服器比例,雙處理器 2.6-GHz 前端伺服器可以將大約 13 Mbps 的資料傳輸給後端伺服器,但是需要一個 GB 網路卡或多個 100 Mbps 網路卡。因為 100-Mbp 全雙工網路連線的飽和點一般認定是大約 7 到 8 Mbps,所以此範例會形成相當大的網路流量。

在有二個或更多個 2.6-GHz 或更快處理器的高階前端伺服器上,建議您使用兩個 100-Mbps 全雙工網路連線,或者一個 GB 乙太網路連線。此類別的伺服器可以輕易超過單一 100-Mbps 全雙工連線的容量。

若要平衡多個 POP3 前端伺服器之間的用戶端負載,您可以使用網路負載平衡。網路負載平衡可讓傳入連線在可用的前端伺服器集區間靈活分散,因而使多個前端伺服器看起來像是一個伺服器。

POP3 後端信箱伺服器

記憶體

POP3 用戶端不會持續長時間登入伺服器。一般操作方式是登入、擷取所有電子郵件、刪除所有電子郵件,然後登出伺服器。具有 4 個處理器的 POP3 後端伺服器至少需要 500 MB 的 RAM;否則,您會面臨高度延遲且您的佇列可能會大幅增加。Inetinfo 及 Store.exe 處理程序在測試期間消耗的總記憶體為 350 MB。Exchange 最多會使用 3 GB 記憶體。若要藉由降低對磁碟分頁來增加效能,請將記憶體增加到 3 GB。

磁碟使用量

建議您在記錄磁碟機和資料庫檔案各至少使用兩個轉軸。每新增額外 100 個磁碟 I/O 作業,最好新增一個轉軸。

在服務 POP3 要求的 Exchange 2003 生產後端伺服器 (具有 4 個處理器) 上,建議您除了作業系統要求之外最少擁有 10 顆硬碟,以獲得正確的效能:

  • 兩個用於記錄檔鏡像的磁碟
  • 兩個用於 SMTP 佇列的鏡像磁碟
  • 至少六個在 RAID0+1 組態中等量分割的磁碟,用於 Exchange 資料庫檔案

每個轉軸每秒大約可以處理 100 個隨機磁碟 I/O 作業。磁碟變得飽和時,請在資料庫中新增更多的轉軸。

網路使用量

單一 100-Mbps 全雙工網路連線足以用於幾乎所有 POP3 後端伺服器應用程式。

4. 效能參考指標
POP3 前端效能

後端伺服器 1

Front-End Processor %

13.0

Context Switches/sec

11,423

POP3 DELE/sec

48

POP3 STAT/sec

124

Network Usage (in Kbps)

4,245

Inetinfo Working Set

127 MB
POP3 後端效能

1000 POP3 使用者

% Processor Time

28.8%

Context Switches/sec

16,201

SMTP Messages Del/sec

23.5

SMTP Local Queue

3.2

POP3 STAT/sec

173

POP3 DELE/sec

23.3

Disk Transfers/sec

631

Network Usage (in Kbps)

1,926

步驟:

1. 為監控POP3 運作效能, 您可以啟動下列指標的效能計數器, 主要影響效能的指標如下, 您可需要進行一段離巔峰時間的觀察

% Processor Time

Context Switches/sec – EDB & STM 內容轉換

SMTP Messages Del/sec – 每秒傳遞到本機使用者的郵件數

SMTP Local Queue – 本機佇列中正在等待傳遞到本機使用者的郵件數。

POP3 STAT/sec – 每秒 STAT 命令的數目。每個使用者連線一次,就發出一次 STAT 命令

POP3 DELE/sec – 每秒郵件刪除命令的數目。

Disk Transfers/sec – 對 Microsoft Exchange 資料庫磁碟區 (.edb 及 .stm 檔案) 之所有隨機讀取/寫入輸入/輸出 (I/O) 作業的平均總計

Network Usage (in Kbps) – 測量伺服器之網路介面卡上傳送及接收的網路流量。

2. 執行performance counter 的方式

於Exchange server 2003 上開啟系統管理工具 – 開啟效能 – 依序新增下列計數器

Processor – % Processor Time
System – Context Switches/sec
LogicalDisk – Disk Transfers/sec

3. 其他指標需透過下列工具來執行

Exchange Server Stress and Performance 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=773AE7FD-860F-4755-B04D-1972E38FA4DB&displaylang=en

您可以使用 Exchange Server Stress and Performance (ESP) 2003,來模擬同時存取一或多部 Exchange 2003 伺服器的任意幾個用戶端工作階段。

ESP 提供數種模組,用以模擬透過下列網際網路通訊協定及 API 的用戶端工作階段:

  • WebDAV (用於 Microsoft Office Outlook® Web Access)
  • 網際網路訊息存取通訊協定版本 4rev1 (IMAP4)
  • 輕量型目錄存取通訊協定 (LDAP)
  • OLE DB
  • 網路 NEWS 傳輸通訊協定 (NNTP)
  • 郵局通訊協定,第 3 版 (POP3)
  • 簡易郵件傳送通訊協定 (SMTP)
  • Exchange ActiveSync®
  • Outlook Mobile Access

 

Blog Extended Reading

More Information & Reference
1. Exchange 2003 POP3 的基準效能
2. Exchange 2003 效能計數器定義
3. Exchange Server 2003 效能工具

image

LAB: Exchange 2003 OWA change password

by

0

 

附註 如果您在您的環境中使用 Exchange 前端伺服器,SSL 只應在這些伺服器上啟用。 在單一伺服器的環境中需要 Exchange 伺服器上啟用 SSL。
下列值是 [PasswordChangeFlags 設定選項:

  • 0: 需要 SSL 的密碼變更
  • 1: 允許非安全連接埠的密碼變更
  • 2: 停用密碼變更

image

若要進行 IISADMPWD 虛擬目錄執行下列動作:

  1. 按一下 [開始,指向 [程式集],指向 [系統管理工具,然後按一下 [Internet 服務管理員]。
  2. 用滑鼠右鍵按一下預設的網站],指向 [新增],然後再按一下虛擬目錄]。
  3. 在 [虛擬目錄建立] 精靈輸入 [[別名] 方塊中的 [ IISADMPWD ],然後按一下 [下一步]。
  4. 在 [目錄] 方塊中,鍵入 < 硬碟機 >: \winnt\system32\inetsrv\iisadmpwd 或位置,其中您的硬碟是預設硬碟磁碟,而然後按一下 [ 下一步
  5. 檢查只在讀取和 [執行指令碼核取方塊已選取,例如 ASP] 核取方塊,按一下 [ 下一步 ,再按完成
  6. 請確認 [IISADMPWD 虛擬目錄只是基本驗證設定,然後如果您使用 [Windows 2003/IIS 6.0 確認應用程式集區設定為 ExchangeApplicationPool ]。

image

image
image
image

image

 

啟用並隱藏 Outlook Web Access 中的 [變更密碼] 按鈕

重要 此區段、 方法或任務包含,告訴您如何修改登錄的步驟。 然而,如果您不當修改登錄,可能會發生嚴重的問題。 因此,執行這些步驟時請務必小心。 為加強保護,修改登錄之前,請務必將它備份起來。 以後您就可以在發生問題時還原登錄。 如需有關如何備份和還原登錄的詳細資訊,請按一下下面的文件編號,檢視「Microsoft 知識庫」中的文件:

322756 如何備份和還原在 Windows 登錄

附註 此登錄值必須在前端和後端伺服器上啟用。
Exchange 2000 Server 和 Exchange Server 2003,您可以使用登錄,若要顯示或隱藏 [ 變更密碼 ] 按鈕。 要這麼做,請您執行下列步驟。

  1. 啟動 「 登錄編輯程式 」,然後再找出下列登錄機碼: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWeb
  2. 如果 MSExchangeWeb 下沒有 OWA 鍵請在按一下 [ 編輯 ] 功能表,按一下 [ 新增 ],再按新增名為 OWA 的新機碼的 金鑰
  3. 找出 DisablePassword 值,並將資料變更為"0"。 如果沒有這個值按一下 [ 編輯 ] 功能表,按一下 [ 新增] ,按一下 DWORD_Value 若要將下列值加到 OWA 登錄子機碼,如果您想要顯示的 [ 變更密碼 ] 按鈕: 
    Value name:  DisablePassword
    Value type:  REG_DWORD
    Data: 0

    若想隱藏 [ 變更密碼 ] 按鈕將 DisablePassword 數值資料變更為"1"。

    image

  4. 停止並重新啟動 Exchange 資訊儲存庫服務IIS 管理服務。 這會停止並重新啟動全球資訊網發行服務 (W3SVC)。 重新在 Exchange 2000 伺服器的環境中重新啟動 IIS 管理服務啟動 Microsoft Exchange 系統服務員和 Microsoft Exchange 資訊儲存庫。
  5. 請確定重新您需要的所有相依服務的啟動,例如 IMAP4]、 [POP3]、 [Microsoft Exchange 路由引擎]、 [W3SVC]、 [MTA 堆疊。

Blog Extended Reading

More Information & Reference

1. Implementing the Change Password feature with Outlook Web Access

2. FIX: You experience various problems when you use the Password Change pages in IIS 6.0

image

REF: GAL 讀取權限限制

by

0

 

1. Exchange 2003 GAL 讀取權限限制

http://blog.xuite.net/jammylo/Exchange/4592684

http://www.msexchange.org/tutorials/Shared-Hosting-Exchange-2003-Part2.html

2. Exchange 2007 GAL讀取權限限制

http://technet.microsoft.com/en-us/library/bb936719(printer).aspx

Configure Microsoft Exchange Server 2007 with multiple address lists so different groups of users can have their own address list and secure those address lists so that groups of users can only see their specific address list.

Supported

Companies that want to totally segregate their address lists can do so by removing access to the Default Global Address List and creating two or more address lists or virtual organizations. You can also set up additional functionality to restrict searching via Outlook Web Access to particular organizational units (OUs) or specific address lists using the msExchQueryBaseDN attribute.

Unsupported

This configuration is one where companies may want to totally segregate their address lists and still have access to the Default Global Address List, or try to split the Global Address List (GAL) into two separate address lists. An example of this configuration would be a company with two groups of 500 users that belong to the Sales and Finance departments. Both groups are in the GAL, however the desire is to have everyone access the GAL except one group. If you are going to segregate your address lists, then they will be segregated. Attempting this configuration will cause problems with the check names functionality which will prevent users from creating Outlook profiles, and can also break the OAB Generation Process. This also allows Outlook users to see all of the Address Lists from within Outlook, which cannot be changed.

 

Blog Extended Reading

More Information & Reference

image