MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.
Last updated: 2018-01-24

 

Exchange Server 2007 Exchange Server 2010 Description

This script will generate a report for Exchange 2007/2010 Public Folder Replication. It returns general information, such as total number of public folders, total items in all public folders, total size of all items, the top 20 largest folders, and more. Additionally, it lists each Public Folder and the replication status on each server.

By default, this script will scan the entire Exchange environment in the current domain and all public folders. This can be limited by using the -ComputerName and -FolderPath parameters.

NOTE:
This is an updated version of the Mike Walker (blog.mikewalker.me) to support non-ASCII environments.

Examples

Generate a public folder generation report for public folder \MYPUBLICFOLDER having replicas on servers MXSRV01, MXSRV02, MXSRV03

Get-PublicFolderReplicationReport.ps1 -ComputerName MXSRV01,MXSRV02,MXSRV03 -FolderPath "\MYPUBLICFOLDER" -Recurse -Subject "Public Folder Environment Report" -AsHTML -To postmaster@varunagroup.de -From postmaster@varunagroup.de -SmtpServer relay.mcsmemail.de -SendEmail

Example report

Example report

If you want to simplufy the report generation, create an addtional script: Run-PublicFolderReplicationReport.ps1

param(
    [string]$publicFolderPath = ''
)

# Variables

# Custom label for email subject
$label = 'Exchange 2007'
$recipients = 'pfreports@mcsmemail.de'
$sender = 'postmaster@mcsmemail.de'

# array of public folder servers to query
$publicFolderServers = @('EX2007-01','EX2010-01')

# SMTP server to relay mail
$smtpServer = 'relay.mcsmemail.de'

# Used to trigger a dedicated report for \GrFolder1\Folder1, \GrFolder1\Folder2
$granularRootFolder = @()  # @("\Folder01")
$subPath = ''

# Check for granular folders, Added 2016-01-19
if($granularRootFolder -contains $publicFolderPath) {
    $subPath = $publicFolderPath
    $publicFolderPath = ''
}

#
if($publicFolderPath -ne '') {
    Write-Host "Generating Public Folder reports for $($publicFolderPath)"
    # Generate report for a single public folder | Change COMPUTERNAME attribute for servers to analyse
    .\Get-PublicFolderReplicationReport.ps1 -ComputerName $publicFolderServers -FolderPath $publicFolderPath -Recurse -Subject "Public Folder Environment Report [$($publicFolderPath)] [$($label)]" -AsHTML -To $recipients -From $sender -SmtpServer $smtpServer -SendEmail
}
else {
    if($subPath -ne '') {
        $publicFolderPath = $subPath
    }
    else {
        $publicFolderPath = '\'
    }
    
    if($granularRootFolder.Count -ne 0) {
        Write-Host 'Following root folders will be excluded when using "\":'
        $($granularRootFolder)
    }
    
    Write-Host "Generating Public Folder reports for all folders in $($publicFolderPath)"
    
    $folders = Get-PublicFolder $publicFolderPath -GetChildren 

    # Generate a single report for each folder in root
    $folderCount = ($folders | Measure-Object).Count
    $pfCount = 1
    foreach($pf in $folders) {
        # Check, if folder is in list of granular folders
        if($granularRootFolder -notcontains $pf) {
            if($pf.ParentPath -eq '\') {
                $name = "$($pf.ParentPath)$($pf.Name)"
            }
            else {
                $name = "$($pf.ParentPath)\$($pf.Name)"
            }

            $activity = 'Generating Stats'
            $status = "Fetching $($name)"
            
            Write-Progress -Activity $activity -Status $status -PercentComplete (($pfCount/$folderCount)*100)
          
            .\Get-PublicFolderReplicationReport.ps1 -ComputerName $publicFolderServers -FolderPath $name -Recurse -Subject "Public Folder Environment Report [$($name)] [$($label)]" -AsHTML -To $recipients -From $sender -SmtpServer $smtpServer -SendEmail
            $pfCount++
        }
    }
}

Use the $granularRootFolder array to add root public folders which require a dedicated report for each sub-folder.

Version History

  • 1.0, Initial community release
  • 1.1, Replica status (green/red) depending on item count, not percentage
  • 1.2, Fixed: If 1st server has a lower item count a folder is not being added to the list of folders with incomplete replication
  • 1.3, Changes to number and size formatting, Exchange 2007 now returns MB or GB, as configured
  • 1.4, Handling of KB values with Exchange 2007 added
  • 1.5, Some PowerShelll hygiene and fixes
  • 1.6, Count of incomplete replicated public folders stated in table header (issue #1)

Links

Additional Credits

Additional credits go to Mike Walker (blog.mikewalker.me)

Follow

 

Additional Note

This Powershell script has been optimized using the ISESteroids™ add-on. Learn more about ISESteroids™ here.

 

 

Read More »

The community script to gather legacy public folder replication reports for Exchange Server 2010 and Exchange Server 2007 has been updated.

The replica status of a public folder is indicated by a green or red backgroud color for each folder and replica. The previous version of the script used the replica percentage to set the backgroud color. Escpecially folders holding a large number of items had an issue when Math::Round provided a 100% value.

The current version of the script compares the item count itself. This approach provides a more accurate result.

Enjoy.

Links

Read More »

Problem

You are not able to list public folders in a co-existence scenario with Exchange Server 2007 and Exchange Server 2010/2013 using the Exchange 2007 EMS or EMC.

When you try to execute Get-PublicFolder you receive the following error:

Get-PublicFolder " There is no existing PublicFolder that matches the following Identity: '\'. Please make sure that you specified the correct PublicFolder Identity and that you have the necessary permissions to view PublicFolder.

This might happen after you have removed the first Exchange 2007 mailbox server, but not the last Exchange 2007 mailbox server.

Exchange Server 2007 uses the Exchange System Attendant to access the public folder store and fails, if the System Attendant discovery in Active Directory does not provide a proper configuration.

KB 2621350 describes the discovery process:

  1. Exchange Server 2007 selects a mailbox database.
  2. Exchange Server 2007 obtains the LegacyExchangeDN attribute of the selected mailbox database. For example, Exchange Server 2007 obtains the following LegacyExchangeDN attribute value:
    /o=First Organization/ou=Exchange Administrative Group (group_name)/cn=Configuration/cn=Servers/cn=E14HUBCAS/cn=Microsoft Private MDB
  3. Exchange Server 2007 removes the "CN=Mailbox Database" part of the address. The address then resembles the following:
    /o=First Organization/ou=Exchange Administrative Group (group_name)/cn=Configuration/cn=Servers/cn=E14HUBCAS
  4. Exchange Server 2007 adds "CN=Microsoft System Attendant" to the LegacyExchangeDN value. After the value is appended, the LegacyExchangeDN attribute value resembles the following:
    /o=First Organization/ou=Exchange Administrative Group (group_name)/cn=Configuration/cn=Servers/cn=E14HUBCAS/CN=Microsoft System Attendant
  5. Exchange Server 2007 tries to log on to the public store by using the value in step 4.
  6. The store then tries to locate the System Attendant object.

There two annoying things about these steps

  1. Step 1:  Exchange Server 2007 selects a mailbox database

    There is no description available on how the database is being selected. But the co-existence scenario results in a mailbox database being selected that might be located on Exchange Server 2010 or Exchange Server 2013. Even thought that there still are Exchange Server 2007 mailbox database available. You still require to have a mailbox database hosted on an Exchange 2007 public folder server, due to the legacy public folder requirements with Exchange Server 2013.
     
  2. Steps 2-4: The LegacyExchangeDN example shows a E14HUBCAS name as a placeholder. In a situation where you have deployed dedicated mailbox servers this should read E14MBX.
     

Solution

The magic System Attendant mailbox has been removed from Exchange 2010. But the System Attendent configuration node does still exist in the Active Directory Configuration Partition for compatibility reasons. The configured attributes of the System Attendent entry vary depending on the version of the installed Exchange Server.

In regards of public folder issue, we need to focus on the following:

  • Exchange Server 2010 System Attendant
    • homeMDB: <not set>
    • homeMTA: <not set>
  • Exchange Server 2013 System Attendant
    • homeMDB: <not set>
    • homeMTA: CN=Microsoft MTA,CN=E15MBX,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]

To fix the public folder access issue for Exchange Server 2007, set the homeMDB and homeMTA attributes. Set the Exchange System Attendant attributes to appropriate values for your Exchange servers.

Exchange Server 2013

  1. Open ADSIEdit and connect to the Configuration context
  2. Open Databases node
    CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  3. Open the Properties of an Exchange 2013 database
  4. View the distinguishedName property and copy the value to clipboard
    Example: CN=E15MBXDB01,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  5. Close the Properties window and open the Servers node
    CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  6. Expand the first Exchange 2013 server and open the Properties of the Microsoft System Attendant node
    Ensure that the view is not filtered to Show only attributes that have values
  7. Edit the homeMDB attribute and paste the distinguished name of the mailbox database copied in step 4
  8. Apply the changes and close the properties window

Repeat steps 4 to 8 for each Exchange 2013 server in your environment.

Exchange Server 2010

  1. Open ADSIEdit and connect to the Configuration context
  2. Open Databases node
    CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  3. Open the Properties of an Exchange 2010 database
  4. View the distinguishedName property and copy the value to clipboard
    Example: CN=E14MBXDB01,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  5. Close the Properties window and open the Servers node
    CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  6. Expand the first Exchange 2010 server and open the Properties of the Microsoft System Attendant node
    Ensure that the view is not filtered to Show only attributes that have values
  7. Edit the homeMDB attribute and paste the distinguished name of the mailbox database copied in step 4
  8. Apply the changes and close the properties window
  9. Open the Properties windows of the Microsoft MTA of the same Exchange
  10. View the distinguishedName property and copy the value to clipboard
    Example: CN=Microsoft MTA,CN=E14MBXSRV01,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  11. Open the properties of the Microsoft System Attendant node for a second modification
    Ensure that the view is not filtered to Show only attributes that have values
  12. Edit the homeMTA attribute and paste the distinguished name of the mailbox database copied in step 10
  13. Apply the changes and close the properties window

Repeat steps 4 to 13 for each Exchange 2010 server in your environment.

Wait for Active Directory replication and retry to access the public folders using Get-PublicFolder in an Exchange Server 2007 Management Shell.

It might be required to restart the Exchange 2007 Information Store and System Attendant service of the Exchange 2007 server in question

Use an administrative PowerShell

Restart-Service MSExchangeIS 
Restart-Service MSExchangeSA 

I haven’t noticed any issues in production environments so far. If you encounter any issues in your environment, feel free to leave a comment.

Links


You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid? You are interested in what Exchange Server 2016 has to offer for your environment?

Contact me at thomas@mcsmemail.de
Follow at https://twitter.com/stensitzki

Read More »

When you run your Exchange Organization in hybrid mode with Office 365 and you migrate your on-premise Public Folders to Office 365, you are required to configure a remote Public Folder Mailbox in the Exchange Organization settings.

Organization Configs with Exchange 2013 Public Folders On-Premise

With Public Folders on-premise your Exchange Online Org looks like this:

Get-OrganizationConfig | fl *public*

DefaultPublicFolderAgeLimit             :
DefaultPublicFolderIssueWarningQuota    : 1.7 GB (1,825,361,920 bytes)
DefaultPublicFolderProhibitPostQuota    : 2 GB (2,147,483,648 bytes)
DefaultPublicFolderMaxItemSize          : Unlimited
DefaultPublicFolderDeletedItemRetention : 30.00:00:00
DefaultPublicFolderMovedItemRetention   : 7.00:00:00
PublicFoldersLockedForMigration         : False
PublicFolderMigrationComplete           : False
PublicFoldersEnabled                    : Remote
PublicComputersDetectionEnabled         : False
RootPublicFolderMailbox                 : 00000000-0000-0000-0000-000000000000
RemotePublicFolderMailboxes             : {PublicFolder-Mailbox001}

With Public Folders on-premise your On-Premise Exchange Org looks like this:

Get-OrganizationConfig | fl *public*

DefaultPublicFolderAgeLimit             :
DefaultPublicFolderIssueWarningQuota    : Unlimited
DefaultPublicFolderProhibitPostQuota    : Unlimited
DefaultPublicFolderMaxItemSize          : Unlimited
DefaultPublicFolderDeletedItemRetention : 30.00:00:00
DefaultPublicFolderMovedItemRetention   : 7.00:00:00
PublicFoldersLockedForMigration         : True
PublicFolderMigrationComplete           : True
PublicFoldersEnabled                    : Local
PublicComputersDetectionEnabled         : False
RootPublicFolderMailbox                 : ae0ef819-90d2-45d0-92b6-8b2062cf71a3
RemotePublicFolderMailboxes             : {}

Organization Configs with Exchange 2013 Public Folders in Exchange Online

With Public Folders in Exchange Online your Exchange Online Org looks like this:

Get-OrganizationConfig | fl *public*

DefaultPublicFolderAgeLimit             :
DefaultPublicFolderIssueWarningQuota    : 1.7 GB (1,825,361,920 bytes)
DefaultPublicFolderProhibitPostQuota    : 2 GB (2,147,483,648 bytes)
DefaultPublicFolderMaxItemSize          : Unlimited
DefaultPublicFolderDeletedItemRetention : 30.00:00:00
DefaultPublicFolderMovedItemRetention   : 7.00:00:00
PublicFoldersLockedForMigration         : False
PublicFolderMigrationComplete           : False
PublicFoldersEnabled                    : Local
PublicComputersDetectionEnabled         : False
RootPublicFolderMailbox                 : 5810bb30-cdda-4287-85a4-8a2547bb9b01
RemotePublicFolderMailboxes             : {}

With Public Folders in Exchange Online your Exchange On-Premise Org looks like this:

Get-OrganizationConfig | fl *public*

DefaultPublicFolderAgeLimit             :
DefaultPublicFolderIssueWarningQuota    : Unlimited
DefaultPublicFolderProhibitPostQuota    : Unlimited
DefaultPublicFolderMaxItemSize          : Unlimited
DefaultPublicFolderDeletedItemRetention : 30.00:00:00
DefaultPublicFolderMovedItemRetention   : 7.00:00:00
PublicFoldersLockedForMigration         : True
PublicFolderMigrationComplete           : True
PublicFoldersEnabled                    : Remote
PublicComputersDetectionEnabled         : False
RootPublicFolderMailbox                 : 00000000-0000-0000-0000-000000000000
RemotePublicFolderMailboxes             : {mcsmemail.de/Users/PF365-Mailbox-01-55e3d544-ed5a-4557-9008-d8c1b6f06d86}

The remote public folder mailbox has been added to the on-premise Exchange confguration by using:

Set-OrganizationConfig -RemotePublicFolderMailboxes PF365-Mailbox-001 -PublicFoldersEnabled Remote

To be able to add the remote public folder mailbox in a hybrid configuration you are required to add the public folder mailbox (or mailboxes, if you have more than one serving the hierarchy) as a mail user.

Microsoft provides a PowerShell script as part of a script collection here.

The issue with Import-PublicFolderMailboxes.ps1

When you run the Import-PublicFolderMailboxes.ps1 script you might run into the following error:

Cannot bind parameter 'Name' to the target. Exception setting "Name": "The length of the property is too long. The
maximum length is 64 and the length of the value provided is 65."
    + CategoryInfo          : WriteError: (:) [New-MailUser], ParameterBindingException
    + FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Exchange.Management.RecipientTasks.NewMailUser
    + PSComputerName        : ex2013.mcsmemail.de

The name attribute for a mail user is limited to 64 characters. But why are you exceeding the length when the mailbox name is only 17 characters long?

It turns out that the PowerSheel script adds a prefix name "" and ther mailbox GUID as a suffix. And voilá, the name exceeds the allowed length for the mail user name attribute.

Recommendation

Don't use more than 16 characters when naming the Public Folder mailboxes in Office 365.

Or modify the Import-PublicFolderMailboxes.ps1 script to fit your needs.

$hasPublicFolderServingHierarchy = $true;
$displayName = $publicFolderMailbox.Name.ToString().Trim();
# ORIG: $name = "RemotePfMbx-" + $displayName + "-" + [guid]::NewGuid();
$name = $displayName + "-" + [guid]::NewGuid();
$externalEmailAddress = $publicFolderMailbox.PrimarySmtpAddress.ToString();

 

 

Links

 


You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid? You are interested in what Exchange Server 2016 has to offer for your environment?
Contact me at thomas@mcsmemail.de
Follow at https://twitter.com/stensitzki

Read More »

Description

This script adds multiple public folder servers to all public folders below a TopPublicFolder.

The script has been developed as part of an on-premise legacy public folder migration from Exchange 2007 to Exchange Server 2010.

The script waits a given timespan in seconds to let public folder hierarchy replication and replica backfill requests kick in.

It is assumed that the script is being run in an Exchange 2007 or Exchange 2010 server.

Examples

# Add replicas for SERVER01,SERVER02 to all sub folders of \COMMUNICATIONS\PR

.\Add-PFReplica.ps1 -ServersToAdd SERVER01,SERVER02 -PublicFolderServer SERVER01 -TopPublicFolder "\COMMUNICATIONS\PR

Version History

  • 1.0, Initial community release
  • 1.1, Fixes to run properly with Exchange 2010

Links

Follow

Read More »