Microsoft TechNet provides detailed documentation on Exchange Server 2016 mail flow and the transport pipeline. That article helps you to
The detailed diagram showing the Exchange Server 2016 transport pipeline in the TechNet documentation does not show the TCP ports being used by the Exchange Server 2016 components.
The following diagram is an updated version of the original diagram showing the TCP ports being used by
By default Exchange Server 2016 implements the following receive connectors
Cross server SMTP communication occurs on either TCP 2525 or TCP 475.
Enjoy Exchange Server!
It might happen that a mobile device running an Android operating system is not being redirected properly by the on-premises AutoDiscover service, when the mailbox has been migrated to Office 365.
If your device is not redirected, the device prefix is not recognized by Exchange Server and therefore not being redirected properly. The new device redirect feature for Android devices was introduced in Exchange Server 2010 SP3 RU9, Exchange Server 2013 CU8, and Exchange Server 2016.
The following device prefixes are known to Exchange by default:
If the device prefix of your device is not part of the default list, you can add the prefix to the AutoDiscover web.config file.
Add the device prefix to the MobileSyncRedirectBypassClientPrefixes key in the appSettings node.
<appSettings> <add key="LiveIdBasicAuthModule.AllowLiveIDOnlyAuth" value="true" /> <add key="LiveIdBasicAuthModule.ApplicationName" value="Microsoft.Exchange.Autodiscover" /> <add key="LiveIdBasicAuthModule.RecoverableErrorStatus" value="456" /> <add key="LiveIdBasicAuthModule.PasswordExpiredErrorStatus" value="457" /> <add key="ActiveManagerCacheExpirationIntervalSecs" value="5" /> <add key="ProxyRequestTimeOutInMilliSeconds" value="30000" /> <add key="LiveIdNegotiateAuxiliaryModule.AllowLiveIDOnlyAuth" value="true" /> <add key="TrustedClientsForInstanceBasedPerfCounters" value="bes" /> <add key="InstanceBasedPerfCounterTimeWindowInterval" value="900000" /> <add key="MobileSyncRedirectBypassEnabled" value="true" /> <add key="MobileSyncRedirectBypassClientPrefixes" value="Acer,ADR9,Ally,Amazon,Android,ASUS,EasClient,FUJITSU,HTC,HUAWEI,LG,LS,Moto,Mozilla,NEC,Nokia,Palm,PANASONIC,PANTECH,Remoba,Samsung,SEMC,SHARP,SONY-,TOSHIBA,Vortex,VS,ZTE" /> </appSettings>
File location
%ExchangeInstallPath%\ClientAccess\Autodiscover\web.config
Notes
As always: Be careful when modifying application settings. Test such changes in a test environment first, if possible.
You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid? You are interested in what Exchange Server 2016 has to offer for your environment?
Contact me at thomas@mcsmemail.de Follow at https://twitter.com/stensitzki
I came across an interesting issue when setting up a new Exchange 2013 server in an Exchange organization having the cmdlet extension agent enabled.
As mentioned in my last post Exchange setup checks for the existence of the ScriptingAgentConfig.xml file when agent extenstion is enabled in the Exchange organization. It turned out that this ist not only true when you install an Exchange update using /mode:update, but as well when installing a new Exchange server using /mode:install.
The following error occurs when Exchange Management Tools are provisioned.
Configuring Microsoft Exchange Server Preparing Setup COMPLETED Stopping Services COMPLETED Copying Exchange Files COMPLETED Language Files COMPLETED Restoring Services COMPLETED Language Configuration COMPLETED Exchange Management Tools FAILED The following error was generated when "$error.Clear(); Set-WERRegistryMarkers; " was run: "Microsoft.Exchange.Provisioning.ProvisioningBrokerException: Provisioning layer initialization failed: '"Scripting Agent initialization failed: "File is not found: 'C:\Program File s\Microsoft\Exchange Server\V15\Bin\CmdletExtensionAgents\ScriptingAgentConfig.xml'.""' ---> Microso ft.Exchange.Provisioning.ProvisioningException: "Scripting Agent initialization failed: "File is not found: 'C:\Program Files\Microsoft\Exchange Server\V15\Bin\CmdletExtensionAgents\ScriptingAgentConf ig.xml'."" ---> System.IO.FileNotFoundException: "File is not found: 'C:\Program Files\Microsoft\Exc hange Server\V15\Bin\CmdletExtensionAgents\ScriptingAgentConfig.xml'." at Microsoft.Exchange.ProvisioningAgent.ScriptingAgentConfiguration.Initialize(String xmlConfigPa th) at Microsoft.Exchange.ProvisioningAgent.ScriptingAgentConfiguration..ctor(String xmlConfigPath) --- End of inner exception stack trace --- at Microsoft.Exchange.ProvisioningAgent.ScriptingAgentConfiguration..ctor(String xmlConfigPath) at Microsoft.Exchange.ProvisioningAgent.ScriptingAgentClassFactory.get_Configuration() at Microsoft.Exchange.ProvisioningAgent.ScriptingAgentClassFactory.GetSupportedCmdlets() at Microsoft.Exchange.Provisioning.ProvisioningBroker.BuildHandlerLookupTable(CmdletExtensionAgen t[] enabledAgents, Exception& ex) --- End of inner exception stack trace --- at Microsoft.Exchange.Provisioning.ProvisioningLayer.GetProvisioningHandlersImpl(Task task) at Microsoft.Exchange.Provisioning.ProvisioningLayer.GetProvisioningHandlers(Task task) at Microsoft.Exchange.Configuration.Tasks.Task.<BeginProcessing>b__4() at Microsoft.Exchange.Configuration.Tasks.Task.InvokeNonRetryableFunc(Action func, Boolean termin atePipelineIfFailed)".
As expected a fresh Exchange install contains the sample file only. The following screenshot shows the Exchange Management Shell and the releated folder in the background.
The only solution currently known to me is to disable the cmdlet extension agent until the setup of the new Exchange server has finished.
Disable-CmdletExtensionAgent "Scripting Agent"
Having the cmdlet extension agent disabled the setup finishes without any issues. Don't forget to copy the cmdlet extension Xml file to the newly built server and to enable the cmdlet extension agent again.
Enable-CmdletExtensionAgent "Scripting Agent"
When you've enabled the Exchange scripting agent extension agents, it is required to copy the configuration file to each Exchange server. Paul Cunningham's script helps you to achive this goal pretty easily.
But if you have installed the Exchange 2013 Management Tools on additonal servers, these servers are not fetched using the Get-ExchangeServer cmdlet. But when you install a Cumulative Update the existence of the extension agent config file is checked. And this even on a server having only the Exchange Management Tools installed.
Therefore the following PowerShell code provides an easy and simple way to add additonal server having the Exchange 2013+ Management Tools installed (aka Admin Servers, Monitoring Servers, Job Servers, etc.). The script uses a filter to select Exchange 2013 servers only, as the script has been extended in an environment having still active Exchange 2007 servers.
The following PowerShell snippet displays only the changes, which need to be added to Paul's original script starting row 68.
# Original PowerShell code # $exchangeservers = Get-ExchangeServer # Select all Exchange 2013 servers only, restrict properties to Name and AdminDisplayName $exchangeservers = Get-ExchangeServer | ?{$_.AdminDisplayVersion -like "Version 15.0*"} | Select Name, AdminDisplayVersion # Add additional servers as needed $manualServers = @() # Copy and modify as needed $manualServers += (New-Object PSObject -Property @{Name="EXSRV2010";AdminDisplayVersion="Version 14"}) $manualServers += (New-Object PSObject -Property @{Name="EXSRV2013-01";AdminDisplayVersion="Version 15"}) $manualServers += (New-Object PSObject -Property @{Name="EXSRV2013-02";AdminDisplayVersion="Version 15"}) # Combine arrays $exchangeservers = $exchangeservers + $manualServers # End Modification $report = @() [string]$date = Get-Date -F yyyyMMdd-HHmmss
Enjoy extending the Exchange PowerShell cmdlets.
Questions? Just leave a comment.
This scripts creates a new shared mailbox (aka team mailbox) and security groups for full access and and send-as delegation. The security groups are created using a naming convention. If required by your Active Directory team, you can add group prefixes or department abbreviations as well.
The script uses a Xml configuration file to simplify changes for variables unique for your environment.
High level steps executes by the script:
<?xml version="1.0"?> <Settings> <GroupSettings> <Prefix>pre_</Prefix> <SendAsSuffix>_SA</SendAsSuffix> <FullAccessSuffix>_FA</FullAccessSuffix> <CalendarBookingSuffix>_CB</CalendarBookingSuffix> <TargetOU>mcsmemail.de/IT/Groups/Mail</TargetOU> <Domain>mcsmemail.de</Domain> </GroupSettings> <AccountSettings> <TargetOU>mcsmemail.de/IT/SharedMailboxes</TargetOU> </AccountSettings> <GeneralSettings> <Sleep>10</Sleep> </GeneralSettings> </Settings>
The following example creates an empty shared mailbox for an internal Exchange Admin team with empty security groups.
.\New-TeamMailbox.ps1 -TeamMailboxName "TM-Exchange Admins" ` -TeamMailboxDisplayName "Exchange Admins" ` -TeamMailboxAlias "TM-ExchangeAdmins" ` -TeamMailboxSmtpAddress "ExchangeAdmins@mcsmemail.de" ` -DepartmentPrefix "IT"
The following Create-TeamMailbox.ps1 script simplifies the process of creating a team mailbox even more.
$teamMailboxName = 'TM-Exchange Admin' $teamMailboxDisplayName = 'Exchange Admins' $teamMailboxAlias = 'TM-ExchangeAdmin' $teamMailboxSmtpAddress = 'ExchangeAdmins@mcsmemails.de' $departmentPrefix = 'IT' $groupFullAccessMembers = @('exAdmin1','exAdmin2') $groupSendAsMember = @('exAdmin1','exAdmin2') .\New-TeamMailbox.ps1 -TeamMailboxName $teamMailboxName ` -TeamMailboxDisplayName $teamMailboxDisplayName ` -TeamMailboxAlias $teamMailboxAlias ` -TeamMailboxSmtpAddress $teamMailboxSmtpAddress ` -DepartmentPrefix $departmentPrefix ` -GroupFullAccessMembers $groupFullAccessMembers ` -GroupSendAsMember $groupSendAsMember -Verbose
This script helps you to monitor message flow in a NoSpamProxy environment using a PRTG custom PowerShell sensor.
This custom sensor contains the following five channels:
The default interval is five minutes. But you might want to change the interval as needed for your environment.
These channels can easily be modified and additional channels can be added as well.
NoSpamProxy is a powerful anti-spam gateway solution providing additonal functionality like centralized S/MIME and PGP encryption for on-premises and Exchange Online deployments.
PRTG is a industry standard system monitoring solution.
The script itself does not take any additional attributes and is called by PRTG probe.
To verify your setup, you easily execute the PowerShell script. It returns a Xml result.
PS C:\Scripts> .\Get-NoSpamProxyPrtgData.ps1 <prtg> <result> <channel>In/Out Success</channel> <value>0</value> <unit>Count</unit> </result> <result> <channel>Inbound Success</channel> <value>0</value> <unit>Count</unit> </result> <result> <channel>Outbound Success</channel> <value>0</value> <unit>Count</unit> </result> <result> <channel>Inbound PermanentlyBlocked</channel> <value>0</value> <unit>Count</unit> </result> <result> <channel>Inbound DeliveryPending</channel> <value>0</value> <unit>Count</unit> <limitmaxwarning>10</limitmaxwarning> <limitmode>1</limitmode> </result> </prtg>
The PRTG channel configuration
The following screenshot shows PRTG example graphs.
The custom PowerShell script must be saved to the following location of the PRTG probe:
[INSTALLPATH]\PRTG Network Monitor\Custom Sensors\EXEXML
Ensure to have the PowerShell execution policy set correctly. Otherwise the PRTG service won't be able to execute the PowerShell script.
Ensure that the service account used by the PRTG probe has access to the script and is a member of the NoSpamProxy Monitoring Administrators security group.
Additional credits go to Brian Addicks, https://github.com/brianaddicks/prtgshell
This script imports multiple PST files located in a single directory into a user mailbox or a user mailbox archive.
Due to some filename limitations of the New-MailboxImportRequest cmdlet in reagards to the UNC path, the PST filenames are sanitized. Any unsupported (unwanted) character is removed. You can modify the replacement function as needed. This might be necessary as the PST filenames can be used as target folder names during import.
Original filenames:
Renamed filenames:
When using the FilenameAsTargetFolder switch each PST file is imported into a separate target folder.
NOTE: This script utilizes the GlobalFunctions PowerShell module for logging. Please prepare your system for the use of the GlobalFunctions module first.
Steps performed:
Example PowerShell Output
.\Start-MailboxImport.ps1 -Identity JohnDoe -Archive -FilePath "\\ROBERTKWEISS\e$\PSTImport\JohnDoe" -FilenameAsTargetFolder -BadItemLimit 10 -ContinueOnError -SecondsToWait 90 Note: Script will wait 90s between each status check! Create New-MailboxImportRequest for user: JohnDoe and file: \\ROBERTKWEISS\e$\PSTImport\JohnDoe\Myoldarchive.pst into the archive. Targetfolder:"Myoldarchive". Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Import request JohnDoe-Myoldarchive.pst completed successfully. Import request JohnDoe-Myoldarchive.pst deleted. Create New-MailboxImportRequest for user: JohnDoe and file: \\ROBERTKWEISS\e$\PSTImport\JohnDoe\Myoldarchive1.pst into the archive. Targetfolder:"Myoldarchive1". Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Import request JohnDoe-Myoldarchive1.pst completed successfully. Import request JohnDoe-Myoldarchive1.pst deleted. Script finished.
This Powershell script has been optimized using the ISESteroids™ add-on. Learn more about ISESteroids™ here.
When a SharePoint list is being email enabled the Central Administration service accounts creates a new contact object in Active Directory. The object attributes configured by SharePoint are fully sufficient for the Exchange transport routing engine when addressed directly. Which means that a new email sent to the email address of the email enabled list is routed to SharePoint.
However, when the contact has been added to an Exchange distribution list, the Exchange routing engine will not resolve the contact object. You won't see any information on this situation in the Exchange message tracking log.
The solution is pretty simple but require the intervention of an Exchange administrator. Execute the following on the mail contact object:
Get-Contact CONTACTNAME | Set-Contact
The use of Set-Contact without any additonal parameters forces Exchange to validate the currently exisiting attributes and the follow four attributes:
Now the mail contact object is a fully routable member or the Exchange organization.
Blame it on SharePoint, not Exchange.
Enjoy Exchange.
This script fetches the disk volume (Win32_Volume) information via WMI and shows the results in the PowerShell command line window. Optionally, you can have the report sent as an Html email to a recipient of your choice.
The switch -AllExchangeServer simplifies gathering the disk volume information across all Exchange servers in your environment.
The following screenshot shows the command line output when using
.\Get-Diskpace.ps1 -ComputerName MYSERVER
The following screenshot shows an example of the html email output when using
.\Get-Diskpace.ps1 -ComputerName MYSERVER -SendMail -MailFrom postmaster@sedna-inc.com -MailTo exchangeadmin@sedna-inc.com -MailServer mail.sedna-inc.com
# EXAMPLE 1 # Get disk information from computer MYSERVER in MB Get-Diskpace.ps1 -ComputerName MYSERVER -Unit MB # EXAMPLE 2 # Get disk information from all Exchange servers and send html email Get-Diskpace.ps1 -AllExchangeServer -SendMail -MailFrom postmaster@sedna-inc.com -MailTo exchangeadmin@sedna-inc.com -MailServer mail.sedna-inc.com
Troubleshooting Outlook connectivity issues with Office 365 is tricky. Administrators can use two valuable tools provided by Microsoft to identify and even fix client related connectivity issues.
Start with the Outlook account problems test page in the Office 365 portal. You need to log on as the Office 365 user having issues.
The site tests for the following:
If no issues are identified after you've logged on to Office 365, move to the next step.
The Microsoft Support and Recovery Assistant (SARA) for Office 365 is click to run tool that is installed and executed locally.
These two tools fix most of the Outlook connectivity issues you are facing as an Office 365 administrator.
Enjoy Office 365