Category: 2013
-
Exchange Transport Rules Corrupt On Installing New Exchange Server Version
When you install Exchange Server into an existing Exchange organization, your existing configuration typically remains intact and associated with the previous servers and some configuration, that is global in nature, also works across both versions. I can across a scenario where this does not work the other day. The scenario was the installation of Exchange…
-
bin/ExSMIME.dll Copy Error During Exchange Patching
I have seen a lot of this, and there are some documents online but none that described what I was seeing. I was getting the following on an upgrade of Exchange 2013 CU10 to CU22 (yes, a big difference in versions): The following error was generated when “$error.Clear(); $dllFile = join-path $RoleInstallPath “bin\ExSMIME.dll”; $regsvr…
-
Exchange Server Object ID Error With Windows Server 2016 Domain Controllers
Saw this error the other day: When you open Exchange Control Panel and view the Mailbox Delegation tab of any user account you get the following: The object <name> has been corrupted, and it’s in an inconsistent state. The following validation errors happened: The access control entry defines the ObjectType ‘9b026da6-0d3c-465c-8bee-5199d7165cba’ that can’t be resolved..…
-
Exchange Edge Server and Common Attachment Blocking In Exchange Online Protection
Both Exchange Server Edge role and Exchange Online Protection have an attachment filtering policy. The default in Edge Server is quite long, and the default in EOP is quite short. There is also a few values that are common to both. So, how do you merge the lists so that your Edge Server attachment filtering…
-
Photos, Exchange, And The File System
On an Exchange 2013 and later server this is a folder called photos that gets created after installation and can contain a couple of user photos for some of your users. How does it get there and what does it contain? The photos folder appears (on 2016 anyway) when the user uploads a photo (via…
-
Exchange Server and Missing Root Certificates
I came across an issue with a clients Exchange Server deployment today that is not well documented – or rather it is, but you need to know where to look. So I thought I would document the troubleshooting steps and the fix here. We specifically came across this error when testing Free/Busy for an Office…
-
Qualifications in Exchange Signatures
In a recent project I was working with iQ.Suite from GBS and specifically the component of this software that add signatures to emails. The client are an international organization with users in different geographies and we needed to accommodate the users qualifications in their email signature. The problem with this is that in Germany qualifications…
-
DSC for Exchange Server
At DevConnections 2015 and at UCDay I delivered talks on DSC for Exchange Server 2013. The sample files are available from my OneDrive
-
Unable To Send Exchange Quota Message
In Exchange 2013 you can sometimes see the following event log error (MSExchange Store Driver Submission, ID 1012): The store driver failed to submit event <id> mailbox <guid> MDB <database guid> and couldn’t generate an NDR due to exception Microsoft.Exchange.MailboxTransport.StoreDriverCommon.InvalidSenderException at Microsoft.Exchange.MailboxTransport.Shared.SubmissionItem.SubmissionItemUtils.CopySenderTo(SubmissionItemBase submissionItem, TransportMailItem message) at Microsoft.Exchange.MailboxTransport.Submission.StoreDriverSubmission.MailItemSubmitter.GenerateNdrMailItem() at Microsoft.Exchange.MailboxTransport.Submission.StoreDriverSubmission.MailItemSubmitter.<>c__DisplayClass1.<FailedSubmissionNdrWorker>b__0() at Microsoft.Exchange.MailboxTransport.StoreDriverCommon.StorageExceptionHandler.RunUnderTableBasedExceptionHandler(IMessageConverter converter, StoreDriverDelegate workerFunction). And…
-
Exchange OWA and Multi-Factor Authentication
This article is now out of date Multi-factor authentication (MFA), that is the need to have a username, password and something else to pass authentication is possible with on-premises servers using a service from Windows Azure and the Multi-Factor Authentication Server (an on-premises piece of software). The Multi-Factor Authentication Server intercepts login request to OWA,…
-
SSL and Exchange Server
In October 2014 or thereabouts it became known that the SSL protocol (specifically SSL v3) was broken and decryption of the encrypted data was possible. This blog post sets out the steps to protect your Exchange Server organization regardless of whether you have one server or many, or whether or not you use a load…
-
The Case of the Disappearing Folders
Here is a issue I have come across at one of my current clients – you create a folder in Outlook 2013 when in the “Mail” view (showing only mail folders – your typical default view) and the folder does not get created. For example, in the below picture the user is in the middle…
-
Group Policy Import To Fix Google Chrome v37 Issues With Exchange Server and Microsoft CRM
A recent update to Google Chrome (37.0.2062.120) removed the ability to support modal dialog boxes. This are dialogs that require your attention and stop you going back to the previous page until you have completed the info required – these are very useful in workflow type scenarios. Google claim that as 0.004% of web sites…
-
Exchange Online Free/Busy Issues with OAuth Authentication
Update: 10 Dec 2014: It is reported that this issue is fixed in CU7 for Exchange Server 2013 OAuth authentication is a new server to server authentication model available in Exchange 2013 SP1 and later and Exchange Online (Office 365). With OAuth enabled and Exchange hybrid in place and where you have multiple endpoints of…
-
Office 365 ProPlus XML Config Files Are Case Sensitive
The XML file used for the configuration of Office 365 ProPlus is case sensitive. In a client I have been working with the UpdatePath value in the install XML file was accidently specified using “Updatepath” and not “UpdatePath” (case sensitive). This resulted in the UpdateUrl in the registry (HKLM\Software\Microsoft\Office\15.0\ClickToRun\Scenario\INSTALL\UpdateUrl) not being set correctly, and even…
-
Creating Mailboxes in Office 365 When Using DirSync
This blog post describes the process to create a new user in Active Directory on-premises when email is held in Office 365 and DirSync is in use. With DirSync in use the editable copy of the user object is on-premises and most attributes cannot be modified in the cloud. Creating the User Open Active Directory…
-
Continuing Adventures in AD FS Claims Rules
Updated 20th April 2017 There is an excellent article at http://blogs.technet.com/b/askds/archive/2012/06/26/an-adfs-claims-rules-adventure.aspx which discusses the use of Claims Rules in AD FS to limit some of the functionality of Office 365 to specific network locations, such as being only allowed to use Outlook when on the company LAN or VPN or to selected groups of users.…
-
Intermittent Error 8004789A with AD FS and WAP 3.0 (Windows Server 2012 R2)
This error appears when you attempt to authenticate with Office 365 using AD FS 3.0 – but only sometimes, and often it was working fine and then it starts! I’ve found this error is due to two things, though there are other reasons. The full list of issues is at http://blogs.technet.com/b/applicationproxyblog/archive/2014/05/28/understanding-and-fixing-proxy-trust-ctl-issues-with-ad-fs-2012-r2-and-web-application-proxy.aspx. I found that this…
-
Exchange Web Services (EWS) and 501 Error
As is common with a lot that I write in this blog, it is based on noting down the answers to stuff I could not find online. For this issue, I did find something online by Michael Van “Hybrid”, but finding it was the challenge. So rather than detailing the issue and the reason (you…
-
Configuring Exchange On-Premises to Use Azure Rights Management
This article is the fifth in a series of posts looking at Microsoft’s new Rights Management product set. In an earlier previous post we looked at turning on the feature in Office 365 and in this post we will look at enabling on-premises Exchange Servers to use this cloud based RMS server. This means your…
-
Updating Exchange 2013 Anti-Malware Agent From A Non-Internet Connected Server
In Forefront Protection for Exchange (now discontinued) for Exchange 2010 it was possible to run the script at http://support.microsoft.com/kb/2292741 to download the signatures and scan engines when the server did not have a direct connection to the download site at forefrontdl.microsoft.com. To achieve the same with Exchange 2013 and the built-in anti-malware transport agent you…