Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.

Exchange Server 2007When you are dealing with legacy public folders and you are still using Exchange Server 2007 you might be interested in the overall size of the data hosting in your public folder hierarchy.

The following script calculates the public folder size based on the public folder statistics output provided by Exchange Server 2007.

# Server name hosting legacy public folders

# Fetch legacy public folder statistics
$Folders = Get-PublicFolderStatistics -server $Server | Where-Object {($_.TotalItemSize -ne "0B")}  

$TotalBytes = 0

# Let's do some string manipulation stuff
ForEach ($Item in $Folders) {
  $TotalItemSize = $Item.TotalItemSize
  $TotalItemSize = [string]$TotalItemSize
  if ( ($TotalItemSize.contains('KB')) ) {
      $TotalItemSize = $TotalItemSize -Replace ('KB','')
      $TotalItemSize = [int]$TotalItemSize * 1024
  $TotalItemSize = $TotalItemSize -Replace ('B','')
  $TotalBytes = [long]$TotalItemSize + [long]$TotalBytes

# Output as GB 
[math]::round($TotalBytes/1Gb, 2)





Read More »
On January 6, 2017
0 Comment

You might encounter a situation where you log on to your Windows 10 client and the Start menu is unresponsive and the taskbar remains empty.

The following two actions help to recover from the situation.

Step 1

Open an administrative PowerShell window and execute the following command

DISM /Online /Cleanup-Image /RestoreHealth

Restart Windows and check if the issue has been fixed.


Step 2

Reinstall (fix) all Windows apps. This step requires internet access, as all sources are downloaded using the local app manifest information

Open an administrative PowerShell window and execute the following command

Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

Be patient and wait until the app download and installation process has been completed. Just ignore any error message and restart Windows.


The first step might fix the issue already. if this is the case, do not execute the PowerShell cmdlet described in step 2.





Read More »

Exchange Server 2013Exchange Server 2016Description

This scripts helps to suspend all messages in an Exchange transport queue and to export all suspended messages to a given target folder.

The script uses the AssembleMessage cmdlet to properly export queued messages as .eml files.

Optionally, all exported messages can be removed from the transport queue. 


This script requires the GlobalFunctions module for logging.


# Export messages from queue MCMEP01\45534 to D:\ExportedMessages and do not delete messages after export
.\Export-MessageQueue -Queue MCMEP01\45534 -Path D:\ExportedMessages

# Export messages from queue MCMEP01\45534 to D:\ExportedMessages and delete messages after export
.\Export-MessageQueue -Queue MCMEP01\45534 -Path D:\ExportedMessages -DeleteAfterExport

Version History

  • 1.0, Initial community release
  • 1.1, Some PowerShell hygiene 


As always: Test and familiarize yourself with the script in a test or development environment.




Read More »
On January 2, 2017
0 Comment

The other day I came across the famous "Windows Installer reconfigured the product X" error. I am going to name it an error even if the event log entry is catagorized as informational.

Windows Installer reconfigured the product. 
Product Name: [PRODUCT NAME]. 
Product Version: [VERSION]. 
Product Language: [LOCALE ID]. 
Manufacturer: [MANUFACTURER]. 
Reconfiguration success or error status: 0.

In preparation for an Exchange Server 2013 setup I was wondering that Event Id 1035 was logged every 4 hours. The MsiInstaller itself got triggered by the Systems Account, which is pretty normal. By using Windows Performance Recorder (WPR) and Windows Performance Analyzer (WPA) I was able to identify that the MsiInstaller was triggered when a PowerShell script got executed.

Screenshot Windows Performance Recorder (WPR) and Windows Performance Analyzer (WPA)

Note: WPR and WPA are part of the Windowas ADK (see Links section)

It turned out that the PowerShell script itself was part of a Nagios-style monitoring solution and was executed as part of a plug-in. The system monitoring was part of the base template of the virtual machine.

But why would a PowerShell script trigger MsiInstaller?

The script was using a Get-WmiObject query to fetch an inventory of installed software on the server.

To quote Ed Wilson (The Scripting Guy):

"This would not a terrible thing to do in your dev or test environment. However, I would not recommend querying Win32_Product in your production environment unless you are in a maintenance window."

Think of running such a query on an Exchange Server 2013 in production environment (which I did just for the sake of it) triggers the "reconfiguration" of all installed software on the server. The number of generated event log entries will drive you (as an Administrator) crazy.

If you are in need to get an inventory of the installed software on server, do not use the Win32_Product class.

Instead follow the advice given by Ed Wilson to query the Windows Registry and fetch the data provided under


PowerShell Query:

Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize 




Note: This post was published oroginally on 2015-02-25 on my retired blog SF-Tools.



Read More »
On December 23, 2016
0 Comment

Exchange Server 2007 Exchange Server 2010 Exchange Server 2013 Exchange Server 2016Exchange email adress policies are used to generate addresses since the early days of Exchange. Email address policies are used to automatically generate addresses for various protocols (SMTP, FAX, CCMAIL, MSMAIL). These overall use of address policies is well documented, but there is still some odd behaviour of the policies when it comes to language specific character handling.

The following list describes the common parameters:

  • %s = Surname (Last Name)
  • %g = Given Name (First Name)
  • %i = Middle Initial
  • %d = Display Name
  • %m = Exchange Alias
  • %rxy = Replace all subsequent characters x with character y
  • %rxx = Remove all subsequent characters x

All language specific characters and other non RFC 821/822 compliant characters are either translated or removed.

Source character Target character in SMTP address
 Space  Hypen
 A - Z | a -z  A - Z | a - z
 Ä, Ö, Ü | ä, ö, ü  Ae, Oe, Ue | ae, oe, ue
 ß  ss
 áàâ | ÁÀÂ  a | A
 éèê | ÉÈÊ  e | E
 íìî | ÍÌÎ  i | I
 óòô | ÓÒÔ  o | O
 úùû | ÚÙÛ  u | U
 §  S
 µ  M
 " ( ) ´ [ ] : . < > , ;  Omitted


Example 1

User without any language specific characters

Given Name: John
Last Name : Doe
Alias     : JohnDoe

Email address policy results  =     = =


Example 2

User with German language specific characters

Given Name: Michael
Last Name : Müller
Alias     : Michael Mueller

Email address policy results  =     =  =


Example 3

User with Scottish language specific characters

Given Name: Ian
Last Name : O'Connell
Alias     : IanOConnell

Email address policy results  = Ian.O'     = = IanO'



As you might have noticed, the apostrophe is not handled as a special character but an RFC compliant character. The address policy is applied without any issues at all.

But a SMTP address containing an apostrophe leads to email transport errors and must be removed.



You can use the replacement parameter to strip all apostrophes from the surname by using the following email address policy.

%g.%r'' =

This example will only remove apostrophes from the surname (%s) as the replacement parameter is placed in front of the surname parameter.





Read More »