MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.

Public folders are one solution to provide a team collaboration tool for companies. Legacy public folders utilized a proprietary multi master replication mechanism which was not planned to handle todays data volumes. Therefore, Exchange 2013 introduced modern public folders which utilize the robust DAG replication functionality. Due to the technology change between legacy public folders and modern public folders a migration is required.

You can migrate legacy public folders hosted on Exchange 2007 or Exchange 2010 to modern public folders hosted on Exchange 2013. Or you can migrate legacy public folders hosted on Exchange 2010 to modern public folders hosted on Exchange 2016. If a cloud migration is a viable option for your company, you are able to migrate legacy public folders hosted on Exchange 2007 or Exchange 2010 to modern public folders hosted in Exchange Online.

The requirements for legacy Exchange Servers are:

  • Exchange Server 2007 SP3 with Update Rollup 15 or later
  • Exchange Server 2010 SP3 with Update Rollup 8 or later
  • Windows Server hosting Exchange Server 2007 must be upgraded to Windows PowerShell 2.0 and WinRM 2.0 for Windows Server 2008 x64

Since Exchange Server 2013 RTM the public folder migration scripts and the migration guidance have quite often been updated. The information provided at TechNet is very detailed for each migration option and there is no need to repeat each step in this blog post. Please see the link section for all hyperlinks.

Notes

Preparing a legacy public folder migration is pretty straight forward. The main issue companies are facing is the required downtime for finalizing the public folder migration batch. The required downtime cannot be determined exactly (not as exactly as requested by upper management). Which means that you have to plan for a scheduled maintenance during off hours. In the past a single migration request has been used to migrate legacy public folders. The new batch approach migrates public folder content using multiple requests within a single batch.

Estimated Number Of Concurrent Users

The Create-PublicFolderMailboxesForMigration.ps1 script uses the parameter EstimatedNumberOfConcurrentUsers to determine the overall number of public folder mailboxes serving the hierarchy. The TechNet articles explain this parameter as follows:

The estimated number of simultaneous user connections browsing a public folder hierarchy is usually less than the total number of users in an organization.

Exchange Server 2013 and Exchange Server 2016 currently support 2.000 concurrent connections to a single mailbox. This limit (2.000) is used by the Create-PublicFolderMailboxesForMigration.ps1 in conjunction with EstimatedNumberOfConcurrentUsers to determine the number of public folder mailboxes required to serve the public folder hierarchy. The current version of the script uses a coded limit of max 100 public folder mailboxes. This means that you can only serve 100 x 2.000 = 200.000 concurrent users accessing the public folder hierarchy.

Legacy Public Folder Store

Finalizing the migration request and setting the PublicFolderMigrationComplete attribute requires the legacy public folder information store to be restarted. Otherwise the configuration change will not be picked up the information store in timely fashion. Remember to restart the information store service on all legacy public folder servers.

Interim Migration

If your current public folder infrastructure is based on Exchange 2007 and you want to get rid of that Exchange version, you might think of replicating all content to Exchange 2010. This is not the best approach. Due to known content conversion issues you might encounter data loss when replicating public folder content between Exchange 2007 and Exchange 2010.

The recommended approach is to migrate Exchange 2007 legacy public folders to Exchange 2013 modern public folders directly.

Recommended Reading

A recommended reading on legacy public folder migration from Exchange 2010 to Exchange 2016 is Butch Waller’s blog post “Migration to Modern Public Folders – Notes from the Field

The PowerShell script referenced in that blog post does not work with Exchange 2007. You can use my PowerShell script which utilizes UTF8 encoding and runs with Exchange 2007 and Exchange 2010: https://gallery.technet.microsoft.com/Exchange-2010-Public-315ea9aa

Remark
All limits mentioned in this post reflect the information available at the time of writing.

Links

 

 


You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid with Office 365? Contact us at office365@granikos.eu or visit our website https://www.granikos.eu.

 

 

Read More »
Last updated: 2017-11-11

Description

This script exports all mailbox folder permissions for mailboxes of the type UserMailbox. This is useful for documentation purposes prior to migration.

The permissions are exported to a local CSV file.

The script is intended to run from within an active Exchange 2013/2016 Management Shell session.

Note

Gather mailbox folder permission data for a large number of mailboxes takes some time.

Example

# Export mailbox permissions to export.csv

.\Get-MailboxPermissionsReport-ps1 -CsvFileName export.csv

Version History

  • 1.0, Initial community release
  • 1.1, Minor PowerShell fixes
  • 1.2, Minor PowerShell fixes

Links

Additional Credits

The script is based on Mr Tony Redmonds blog post http://thoughtsofanidlemind.com/2014/09/05/reporting-delegate-access-to-exchange-mailboxes/

Follow

Read More »
Last updated: 2018-01-24

 

Exchange Server 2007 Exchange Server 2010 Description

This script will generate a report for Exchange 2007/2010 Public Folder Replication. It returns general information, such as total number of public folders, total items in all public folders, total size of all items, the top 20 largest folders, and more. Additionally, it lists each Public Folder and the replication status on each server.

By default, this script will scan the entire Exchange environment in the current domain and all public folders. This can be limited by using the -ComputerName and -FolderPath parameters.

NOTE:
This is an updated version of the Mike Walker (blog.mikewalker.me) to support non-ASCII environments.

Examples

Generate a public folder generation report for public folder \MYPUBLICFOLDER having replicas on servers MXSRV01, MXSRV02, MXSRV03

Get-PublicFolderReplicationReport.ps1 -ComputerName MXSRV01,MXSRV02,MXSRV03 -FolderPath "\MYPUBLICFOLDER" -Recurse -Subject "Public Folder Environment Report" -AsHTML -To postmaster@varunagroup.de -From postmaster@varunagroup.de -SmtpServer relay.mcsmemail.de -SendEmail

Example report

Example report

If you want to simplufy the report generation, create an addtional script: Run-PublicFolderReplicationReport.ps1

param(
    [string]$publicFolderPath = ''
)

# Variables

# Custom label for email subject
$label = 'Exchange 2007'
$recipients = 'pfreports@mcsmemail.de'
$sender = 'postmaster@mcsmemail.de'

# array of public folder servers to query
$publicFolderServers = @('EX2007-01','EX2010-01')

# SMTP server to relay mail
$smtpServer = 'relay.mcsmemail.de'

# Used to trigger a dedicated report for \GrFolder1\Folder1, \GrFolder1\Folder2
$granularRootFolder = @()  # @("\Folder01")
$subPath = ''

# Check for granular folders, Added 2016-01-19
if($granularRootFolder -contains $publicFolderPath) {
    $subPath = $publicFolderPath
    $publicFolderPath = ''
}

#
if($publicFolderPath -ne '') {
    Write-Host "Generating Public Folder reports for $($publicFolderPath)"
    # Generate report for a single public folder | Change COMPUTERNAME attribute for servers to analyse
    .\Get-PublicFolderReplicationReport.ps1 -ComputerName $publicFolderServers -FolderPath $publicFolderPath -Recurse -Subject "Public Folder Environment Report [$($publicFolderPath)] [$($label)]" -AsHTML -To $recipients -From $sender -SmtpServer $smtpServer -SendEmail
}
else {
    if($subPath -ne '') {
        $publicFolderPath = $subPath
    }
    else {
        $publicFolderPath = '\'
    }
    
    if($granularRootFolder.Count -ne 0) {
        Write-Host 'Following root folders will be excluded when using "\":'
        $($granularRootFolder)
    }
    
    Write-Host "Generating Public Folder reports for all folders in $($publicFolderPath)"
    
    $folders = Get-PublicFolder $publicFolderPath -GetChildren 

    # Generate a single report for each folder in root
    $folderCount = ($folders | Measure-Object).Count
    $pfCount = 1
    foreach($pf in $folders) {
        # Check, if folder is in list of granular folders
        if($granularRootFolder -notcontains $pf) {
            if($pf.ParentPath -eq '\') {
                $name = "$($pf.ParentPath)$($pf.Name)"
            }
            else {
                $name = "$($pf.ParentPath)\$($pf.Name)"
            }

            $activity = 'Generating Stats'
            $status = "Fetching $($name)"
            
            Write-Progress -Activity $activity -Status $status -PercentComplete (($pfCount/$folderCount)*100)
          
            .\Get-PublicFolderReplicationReport.ps1 -ComputerName $publicFolderServers -FolderPath $name -Recurse -Subject "Public Folder Environment Report [$($name)] [$($label)]" -AsHTML -To $recipients -From $sender -SmtpServer $smtpServer -SendEmail
            $pfCount++
        }
    }
}

Use the $granularRootFolder array to add root public folders which require a dedicated report for each sub-folder.

Version History

  • 1.0, Initial community release
  • 1.1, Replica status (green/red) depending on item count, not percentage
  • 1.2, Fixed: If 1st server has a lower item count a folder is not being added to the list of folders with incomplete replication
  • 1.3, Changes to number and size formatting, Exchange 2007 now returns MB or GB, as configured
  • 1.4, Handling of KB values with Exchange 2007 added
  • 1.5, Some PowerShelll hygiene and fixes
  • 1.6, Count of incomplete replicated public folders stated in table header (issue #1)

Links

Additional Credits

Additional credits go to Mike Walker (blog.mikewalker.me)

Follow

 

Additional Note

This Powershell script has been optimized using the ISESteroids™ add-on. Learn more about ISESteroids™ here.

 

 

Read More »

The community script to gather legacy public folder replication reports for Exchange Server 2010 and Exchange Server 2007 has been updated.

The replica status of a public folder is indicated by a green or red backgroud color for each folder and replica. The previous version of the script used the replica percentage to set the backgroud color. Escpecially folders holding a large number of items had an issue when Math::Round provided a 100% value.

The current version of the script compares the item count itself. This approach provides a more accurate result.

Enjoy.

Links

Read More »

Problem

You are not able to list public folders in a co-existence scenario with Exchange Server 2007 and Exchange Server 2010/2013 using the Exchange 2007 EMS or EMC.

When you try to execute Get-PublicFolder you receive the following error:

Get-PublicFolder " There is no existing PublicFolder that matches the following Identity: '\'. Please make sure that you specified the correct PublicFolder Identity and that you have the necessary permissions to view PublicFolder.

This might happen after you have removed the first Exchange 2007 mailbox server, but not the last Exchange 2007 mailbox server.

Exchange Server 2007 uses the Exchange System Attendant to access the public folder store and fails, if the System Attendant discovery in Active Directory does not provide a proper configuration.

KB 2621350 describes the discovery process:

  1. Exchange Server 2007 selects a mailbox database.
  2. Exchange Server 2007 obtains the LegacyExchangeDN attribute of the selected mailbox database. For example, Exchange Server 2007 obtains the following LegacyExchangeDN attribute value:
    /o=First Organization/ou=Exchange Administrative Group (group_name)/cn=Configuration/cn=Servers/cn=E14HUBCAS/cn=Microsoft Private MDB
  3. Exchange Server 2007 removes the "CN=Mailbox Database" part of the address. The address then resembles the following:
    /o=First Organization/ou=Exchange Administrative Group (group_name)/cn=Configuration/cn=Servers/cn=E14HUBCAS
  4. Exchange Server 2007 adds "CN=Microsoft System Attendant" to the LegacyExchangeDN value. After the value is appended, the LegacyExchangeDN attribute value resembles the following:
    /o=First Organization/ou=Exchange Administrative Group (group_name)/cn=Configuration/cn=Servers/cn=E14HUBCAS/CN=Microsoft System Attendant
  5. Exchange Server 2007 tries to log on to the public store by using the value in step 4.
  6. The store then tries to locate the System Attendant object.

There two annoying things about these steps

  1. Step 1:  Exchange Server 2007 selects a mailbox database

    There is no description available on how the database is being selected. But the co-existence scenario results in a mailbox database being selected that might be located on Exchange Server 2010 or Exchange Server 2013. Even thought that there still are Exchange Server 2007 mailbox database available. You still require to have a mailbox database hosted on an Exchange 2007 public folder server, due to the legacy public folder requirements with Exchange Server 2013.
     
  2. Steps 2-4: The LegacyExchangeDN example shows a E14HUBCAS name as a placeholder. In a situation where you have deployed dedicated mailbox servers this should read E14MBX.
     

Solution

The magic System Attendant mailbox has been removed from Exchange 2010. But the System Attendent configuration node does still exist in the Active Directory Configuration Partition for compatibility reasons. The configured attributes of the System Attendent entry vary depending on the version of the installed Exchange Server.

In regards of public folder issue, we need to focus on the following:

  • Exchange Server 2010 System Attendant
    • homeMDB: <not set>
    • homeMTA: <not set>
  • Exchange Server 2013 System Attendant
    • homeMDB: <not set>
    • homeMTA: CN=Microsoft MTA,CN=E15MBX,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]

To fix the public folder access issue for Exchange Server 2007, set the homeMDB and homeMTA attributes. Set the Exchange System Attendant attributes to appropriate values for your Exchange servers.

Exchange Server 2013

  1. Open ADSIEdit and connect to the Configuration context
  2. Open Databases node
    CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  3. Open the Properties of an Exchange 2013 database
  4. View the distinguishedName property and copy the value to clipboard
    Example: CN=E15MBXDB01,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  5. Close the Properties window and open the Servers node
    CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  6. Expand the first Exchange 2013 server and open the Properties of the Microsoft System Attendant node
    Ensure that the view is not filtered to Show only attributes that have values
  7. Edit the homeMDB attribute and paste the distinguished name of the mailbox database copied in step 4
  8. Apply the changes and close the properties window

Repeat steps 4 to 8 for each Exchange 2013 server in your environment.

Exchange Server 2010

  1. Open ADSIEdit and connect to the Configuration context
  2. Open Databases node
    CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  3. Open the Properties of an Exchange 2010 database
  4. View the distinguishedName property and copy the value to clipboard
    Example: CN=E14MBXDB01,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  5. Close the Properties window and open the Servers node
    CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  6. Expand the first Exchange 2010 server and open the Properties of the Microsoft System Attendant node
    Ensure that the view is not filtered to Show only attributes that have values
  7. Edit the homeMDB attribute and paste the distinguished name of the mailbox database copied in step 4
  8. Apply the changes and close the properties window
  9. Open the Properties windows of the Microsoft MTA of the same Exchange
  10. View the distinguishedName property and copy the value to clipboard
    Example: CN=Microsoft MTA,CN=E14MBXSRV01,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[ORG],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[DOMAIN],DC=[TLD]
  11. Open the properties of the Microsoft System Attendant node for a second modification
    Ensure that the view is not filtered to Show only attributes that have values
  12. Edit the homeMTA attribute and paste the distinguished name of the mailbox database copied in step 10
  13. Apply the changes and close the properties window

Repeat steps 4 to 13 for each Exchange 2010 server in your environment.

Wait for Active Directory replication and retry to access the public folders using Get-PublicFolder in an Exchange Server 2007 Management Shell.

It might be required to restart the Exchange 2007 Information Store and System Attendant service of the Exchange 2007 server in question

Use an administrative PowerShell

Restart-Service MSExchangeIS 
Restart-Service MSExchangeSA 

I haven’t noticed any issues in production environments so far. If you encounter any issues in your environment, feel free to leave a comment.

Links


You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid? You are interested in what Exchange Server 2016 has to offer for your environment?

Contact me at thomas@mcsmemail.de
Follow at https://twitter.com/stensitzki

Read More »