Quantcast
Channel: Exchange Server 2010 forum
Viewing all 19572 articles
Browse latest View live

Exchange 2010 New Address List insufficient access rights

August 11, 2014, 7:32 am
$
0
0

Hi,

I have tried to perform two actions within our new Exchange 2010 system and they fail with the same error.

The first was to convert an existing Address Lists using LDAP to OPATH

I used the following command:

set-addresslist "Exchange 2010 Test" -recipientfilter {(recipienttype -eq "MailUniversalSecurityGroup") -or (recipienttype -eq "MailUniversalDistributionGroup") -and (name -like "exchange2010.*")}

I get the error Access is Denied Active Directory response 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

I also get the same error when I use the Exchange 2010 EMC to try and create a new address list.  Note I have no problems managing address lists from Exchange 2003.

I have seen plenty of articles about the making sure that the user performing the action has the "Include inheritable permissions from this objects parent". 

I did check my Exchange admin user and this was not ticked.  Turns out that because I was also a domain admin so my account was in a protected group (Domain admins) the tick box was continually being removed.

I created a new Exchange user that was in the Exchange Organization Administrators security group, made sure the above box was ticked on the account but this did not fix the problem.

I have however noticed in Adsiedit that the "CN=All Address Lists" container does not have the "Include inheritable permissions from this objects parent" ticked.  I suspect that this might be the issue but I don't want to tick it in case it breaks my address lists.

Should the inherit box be ticked on the "CN=All Address Lists" container?.  It is ticked on all the containers under the "CN=All Address Lists" container. 

At present the only Exchange permissions on the container are:

Exchange Admins: Full Control

Exchange Domain Servers: Read

Exchange Services: Full Control

I think that crucially the "Exchange Trusted Subsytem" security group is not listed

I have added my new Exchange account with Full control permissions but this has not made a difference

Your hopefully

Matt


Search

Public Folder Replicas & Folder Removal

January 19, 2017, 6:26 am
$
0
0

I have a Exchange 2010 SP1 site which is being decommissioned but hosts a small number of public folders which also have replica's set-up with our Central site.

My questions are -

1. Before deleting the public folders should I remove the central site replica partner or by doing this will the central site not know the Public Folder has been deleted so continue to exist within the central site?

2. When you delete a public folder does it cause any mail storms informing other replica's it has been removed, I know when you set-up replica's or restore public folder contents it can cause mail storms that fill up queues sending public folder replica info so wondered if the same happens during deletion?

Thanks in advance for any replies.

Kind Regards,

Mark

 

Trying to add permission to user via shell

January 13, 2017, 11:36 am
$
0
0

So I have a user here in which I need to grant PublishingEditor permissions on two specific public folders but when I enter the command in the shell, I get the error below. Can anyone help? I can see the list of users that have permissions but it won't let me add this user.

[PS] C:\Windows\system32>Add-PublicFolderClientPermission -Identity "\closings" -user Lisa Houston -AccessRights Publish
ignEditor

Cannot process argument transformation on parameter 'AccessRights'. Cannot convert value "PublishignEditor" to type "Mi
crosoft.Exchange.Data.MultiValuedProperty`1[Microsoft.Exchange.Management.MapiTasks.PublicFolderAccessRight]". Error: "
Failed to convert PublishignEditor from System.String to Microsoft.Exchange.Management.MapiTasks.PublicFolderAccessRigh
t. Error: Requested value 'PublishignEditor' was not found."
    + CategoryInfo          : InvalidData: (:) [Add-PublicFolderClientPermission], ParameterBindin...mationException
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,Add-PublicFolderClientPermission


Stale delegates in exchange 2010

January 13, 2017, 2:42 am
$
0
0

Hello,

Could you please let me know how do I find and export stale delegates for mailboxes which users have not removed .

Is there a script to find list of stale delegates alongwith the mailboxes for which they are delegate.

This is applicable for exchange 2010 server.

Regards

Ajit

Regards, Ajit


MSExchangeIS EventID 9646 - a user account that does not exist is causing an error

January 19, 2017, 2:23 pm
$
0
0

I'm getting the following error in my Exchange server's Application log:

Mapi session "d65af298-c248-48ca-ac98-c896e95f3904: /o=domainname/ou=First Administrative Group/cn=Recipients/cn=wtayler" exceeded the maximum of 250 objects of type "objtMessage".

Problem is wtayler does not exist and can't see that it has ever existed!  How do I go about looking for the user account and removing it??

Thanks,

George

Non-Domain Windows 10 Client trying to use Outlook 2016 to connect to Exchange 2010 while connected to Secure VPN

January 19, 2017, 4:15 pm
$
0
0

New Year, New stuff...

I am trying to connect a Windows 10, AD domain computer running Outlook 2016, to Exchange 2010.  So far, it has not completed the autodiscover. 

Has anyone done this and if so, how did you solve it.  Thank you, as always!

Riptide

DEFAULT - PUBLIC FOLDER PERMISSIONS

February 28, 2012, 5:47 am
$
0
0

Hi all, im not sure what the "default" user in exchange 2010 public folder permissions means.

i need to change some permissions for users but not sure where to apply the changes to.

Any suggestions would be much appreciated

The Default.imgrated User where from ?

January 19, 2017, 8:57 pm
$
0
0

Where the Default.migrated User was from? A different OS or User's or different account  , when it can come into ?

The public and Guest accounts are not always visible under the c:\User ...\ , why is it please ?

Default.imgrated user from where

Search

Failed to Migrate Mailbox from Exchange 2010 to Exchange 2013 Mailbox Databse

January 10, 2017, 12:20 am
$
0
0

Hi,

Try to moving mailbox from Exch2010 mailbox database to exchange 2013 Mailbox database. Use power shell command : New-Moverequest on Exchange Shell on  new exchange 2013 server and getting below message

The Powershell command say its already move but originally the mailbox is not moved to new database.

any clue?

Delete personal archive of a non existent user

January 20, 2017, 3:35 am
$
0
0

Hi,

I have an Exchange 2010 environment. Four months ago, we deleted a mailbox and its user from Active Directory, and he had archive enabled.

The retention policy is 30 days. Today we have launch a Get-MailboxStatistics command and in the results, the Personal archive of that user appears, and it is occupying 10 GB. 

Is there any way to delete thar personal archive and reclaim that space?

Should not have been deleted 30 days after the deletion of the mailbox, according with the retention period?

Thanks

Error when installing exchange 2010 sp3

January 20, 2017, 5:24 am
$
0
0

Cannot find at least one domain controller running Windows Server 2003 Service Pack 1 or later in domain 'DC=domain,DC=gr'. This could be the result of moving domain controller objects in Active Directory. Check that at least one domain controller running Windows Server 2003 Service Pack 1 or later is located in the 'Domain Controllers' organizational unit (OU) and rerun setup.

The domain used to have a Exchange 2003 installation on a windows 2003 server. Both are now decommissioned

the exchange 2010 server is running on windows 2008 r2 server.

One Domain - two AD sites with single Exch2010 box - 2 CAS - plan to move to just one AS URL

January 20, 2017, 6:52 am
$
0
0

Hi folks

Hope everyone is having a splendid Friday! This is more of how would you tackle this situation rather than a fault type query if you can help thanks!

I have a simple Exchange STD Edition 2010 world which I need to grow out of and hoped someone could sanity check my thoughts before I push any buttons please. I have 2 Std Exchange boxes, one in AD site 1 and 1 in AD site 2 - both have mailbox roles but also roles for IIS (Active Sync, ECP and even UM) . I have a separate ISP at each site with a public IP plan associated with my external DNS domain records for our ActiveSync server nameS. I have a physical Firewall on each site and behind a TMG 2010 proxy web publishing mail.domain.com for site 1 and at site 2 the same but receiving traffic against the domain site2mail.domain.com. My internal exchange servers have ActiveSync URL(external) set on each server simply as the relevant name public DNS name. My users currently enter mail.domain.com when setting up their AS mobiles...and if they are on site2mail.domain.com it automatically updates them to that value and they logon via the second site. The reason historically we did this was redundancy and to make full use of the TMG security (I know).

For example - if site A ISP was down then the TMG proxy web server at site A hosting mail.macroberts.com we could either update external DNS to redirect that traffic in via site B's ISP to then route internally over our WAN to the relevant internal Exchange server or if TMG at A was down we could again update the DNS records externally and point to site B TMG ((which has a web publishing rule to support the site A Exchange server as well)...maybe overkill and certainly in many years never had to invoke.  We didn't do a CAS Array ( I cant recall why now) and thus each separate Exchange server has a different public URL.

The MISSION GOAL is remove the TMGs (now no longer supported by M$ anyway for Web Filtering and AV) and to simply use our Firewalls to NAT the traffic in to land on our internal world (? where though to ..an IP address which points at Exchange server 1 or Exchange 2 or a new THING in the middle) (I doubt I can afford to buy a load balancer - even a well known virtual one or get to clever with IIS to get a load balancer ...I think (or fear). HOWEVER, I also need to do this change without rocking the boat load of many users who have Active Sync working fine on their mobiles pointing at either site A or site B URL (mail or siteBmail.domain.com) ((our users are physically located at two different sites and I have kept their mailbox local to them as they are usually LAN based users on Outlook rather than on the road mobile AS types.

Exchange 2010 AS users land as I say first on our firewall by merit of what URL they have setup on their mobile for our AS server name which NATS on the FW the traffic to our internal TMG web listener. The whole thing uses public CERTS of course which luckily is a wildcard cert for our *.domain.com. So we have options a plenty to play with ... 

Longer term of course we want to move up to latest Exchange release and support DAGS. Currently our Exchange world internally is 2010 Sp3 Update 16 we do not have 0365 as the next plan just yet but it is a thought for further further down the line. I did wonder about the merits of a new side by side Exchange 2016 build running side by side with my current Excahnge 2010 world and migrate users to it once its built as a pain free option - drill a new hole in our Firewall to land on that new topology (we would still want a server in each site but would we have a single CAS role or do both \ same URL?)  - create a new email.domain.com URL A record ( a third one essentially for AS)  in public DNS ((we also have free public IPs at both site A and site B !! : so as I say lots of options but the desire is not to affect currently working users...build new 2016 migrate users and bin TMG shut down 2010 world when fully migrated ..or ....I guess am looking for safe but easy way to do this job without touching users AS mobiles wherever possible. Anyone got any cool or cunning plans?

All thoughts welcome how to approach - kind regards!

Robert Crichton

error when trying to open Outlook

January 20, 2017, 11:16 am
$
0
0
the connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action.

User sends email and CC himself gets NDR rcipient not found

January 20, 2017, 12:21 pm
$
0
0

Windows 7

Outlook 2007

Exchange 2013

user sends email to someone and puts himself into CC, gets NDR

Delivery has failed to these recipients or groups:

 

User Name
The email address you entered couldn't be found. Please check the recipient's email address and try to resend the message. If the problem continues, please contact your helpdesk.

 

 

 

 

 

 

 

Diagnostic information for administrators:

 

Generating server: EXCH.company.com

 

IMCEAEX-_O=XXXX_OU=XXXXX_CN=RECIPIENTS_CN=XXX@company.com
Remote Server returned '550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found'

 

Original message headers:

 

Received: from EXCH.company.com (192.1.1.150) by
 EXCH.company.com (192.1.1.150) with Microsoft SMTP Server (TLS)
 id 15.0.1236.3; Fri, 20 Jan 2017 14:50:52 -0500
Received: from EXCH.company.com ([192.1.1.150]) by
 EXCH.company.com ([192.1.1.150]) with mapi id 15.00.1236.000;
 Fri, 20 Jan 2017 14:50:52 -0500
Content-Type: application/ms-tnef; name="winmail.dat"
Content-Transfer-Encoding: binary
From: User Name <xxx@company.com>
To: Someone <someone@internet.net>
CC: User Name<xxx@company.com>
Subject: RE: Trips
Thread-Topic: Trips
Thread-Index: AdJzRdA8ZJEDYA+rSD+ohTNbd6wEHgACdOlg
Date: Fri, 20 Jan 2017 14:50:52 -0500
Message-ID: <eb8b1376eba340ef92a6d7013abf255d@EXCH.hunterambulance.com>
References: <32a05921d6114929ac6eef556c071801@internet.net>
In-Reply-To: <32a05921d6114929ac6eef556c071801@internet.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: <eb8b1376eba340ef92a6d7013abf255d@EXCH.company.com>
MIME-Version: 1.0
X-MS-Exchange-Transport-FromEntityHeader: Hosted
X-Originating-IP: [2002:c001:184::c001:184]
Return-Path: xxx@company.com

 

Anyone with idea why user CC himself but sometimes gets NDR?

Event ID 9519 for a non-existant public folder

March 7, 2012, 2:37 pm
$
0
0

Hello.  9519, 3154, 231

I keep getting the following 3 errors in my Event Log every 1 minute 58 seconds.

Event ID 9519
While starting database 3c62bb5e-d1a5-404d-8a0a-b375d0cb369c, the following error occurred: 0x972.  

Look up of DB Info failed. 

Event ID 3154
Active Manager failed to mount database Public Folder Database 1098834581 on server EXCHGSVR.main.westernrockies.local. Error: An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error occurred during a database operation. Error: MapiExceptionADPropertyError: Unable to mount database. (hr=0x80004005, ec=2418)

Event ID 231
At '3/7/2012 3:26:48 PM', the copy of database 'Public Folder Database 1098834581' on this server encountered an error during the mount operation. For more information, consult the Event log on the server for "ExchangeStoreDb" or "MSExchangeRepl" events. The mount operation will be tried again automatically.

I deleted all the files in the AD folder called Microsoft Exchange System Objects.  Through ADSI Edit I was able to see that the majority of those objects were pointing to my old 2003 servers cluster called "first administrative group".

I'm also having a problem where all my 2003 and 2007 Outlooks that connect to my 2010 Exchange Server will not download the OAB.  My 2010 Outlook's will though with no problem.

I have done EXTENSIVE research on the 2003/2007 Outlook not connecting to 2010 but I believe that these problems are related.

I didn't exactly do the migration as I was supposed to and i'm guessing this is why all these problems are coming about.  It just seems that somewhere there are pointers to my old 2003 servers (even though both are gone now) and that is what is causing these problems.

I have a PUBLIC FOLDERS DB mounted no problem in exchange 2010 (and I have no folders in it because we don't use public folders) but the mistake I made was the 2003 exchange servers used PF's to distribute the OAB.  I didn't migrate the PF's to the new server.  I could probably recover them, but honestly it doesn't matter because we don't need or use them.  The problem is that I can't figure out how to tell my 2003/2007 outlooks to stop looking for the old public folder shares and start looking for the new OAB in the new public folder share, or however they can.

I am not down, or broken, and these problems are pretty minor because they do not affect my ability to send/receive mail.  I just want the errors to stop and i want it to stop looking for the old exchange servers and just use its own DB's that are online and functioning properly.

Any help or assistance would be greatly appreciated.

I can provide anymore information that is needed also.

Thank you,
Derek of Colorado

Search

msftefd.exe consuming max cpu Exchange 2010 SP3

November 17, 2016, 6:13 pm
$
0
0

Hello everyone,

We have 12 MBX Servers hosting active/passive copies. Exchange server version is Exch 2010 SP3, RU14.

Search service (msftefd.exe) is consuming max CPU which makes server goes 100% utilization. It is on almost every server, irrespective of server having active DBs or all passive dbs. Please find the screenshot from one of the server.

What could be the possible reason behind it? any idea?

Thanks, Vik

Major dilemna with upgrade / migration from Exch 07 to 2010

January 21, 2017, 6:44 am
$
0
0

So, I have a dilemma.
Client was running SBS2003 (demoted), Server2008 std (Is a DC) with Exchange 2007 sp3. Am in the process of upgrading / migrating to server 2008 r2 and Exchange 2010. 2008 r2 server has all fsmo roles (Is Master of all) but when I go to install Ex2010, it fails because domain/forest functionality stuck at server 2008 std (Not r2). Is it possible to do an OS in place upgrade from std to r2 on the exchange 2007 box in order to completely raise the domain functionality to 2008 r2? Will exchange 2007 break if I manually change functionality with adsiedit?

Other options?

Auto Reply in Outlook based on Calendar

August 22, 2011, 11:58 am
$
0
0

How do you create a rule for an auto reply when your calendar is busy?

Stale delegates in exchange 2010

January 13, 2017, 2:42 am
$
0
0

Hello,

Could you please let me know how do I find and export stale delegates for mailboxes which users have not removed .

Is there a script to find list of stale delegates alongwith the mailboxes for which they are delegate.

This is applicable for exchange 2010 server.

Regards

Ajit

Regards, Ajit


Transport Rules - BCC to Distribution List

January 15, 2017, 5:31 pm
$
0
0

Hi,

I am trying to implement a transport rule on Exchange 2010 SP3 RU14 that would block messages sent from addresses not present on the predifined list (some of those addresses are from outside Exchange organization).

I was able to create rule which works as intended if the distribution list's address is in the To or CC fields but I cannot make it work with messages where address is specified in BCC field.

Is there any transport rule condition to match the distribution list address in BCC field ?

Viewing all 19572 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>