Lastly I've encountered an interesting PowerShell error after upgrading several servers running Exchange Server 2013 CU9 to Exchange Server 2013 CU11.
After a successful upgrade, the Exchange PowerShell script to redistribute the DAG databases failed with an error.
.\RedistributeActiveDatabases.ps1 -DagName DAG01 -BalanceDbsByActivationPreference -Confirm:$false
Cannot process argument transformation on parameter 'Identity'. Cannot convert value "MAILBOXDB01" to type "Microsoft.Exchange.Configuration.Tasks.DatabaseCopyIdParameter". Error: "Cannot convert hashtable to an object of the following type: Microsoft.Exchange.Configuration.Tasks.DatabaseCopyIdParameter. Hashtable-to-Object conversion is not supported in restricted language mode or a Data section." + CategoryInfo : InvalidData: (:) [Get-MailboxDatabaseCopyStatus], ParameterBindin...mationException + FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-MailboxDatabaseCopyStatus + PSComputerName : SERVER01.mcsmemail.de
The interesting part to note is conversion is not supported in restricted language mode
The supported language mode is configured in the application settings of the PowerShell virtual directory of the Exchange Back End website.
The application settings after Exchange Server 2013 CU11 update:
Running PSLanguageMode with value RestrictedLanguage is the default setting. You should change this setting only, if you encounter PowerShell issues.
Double-click PSLanguageMode and change the value to FullLanguage.
Currently I have not validation why a clean Exchange 2013 CU11 setup does not show this behaviour. A plain Exchange 2013 CU11 setup executes the script without any issues.
Public folders are one solution to provide a team collaboration tool for companies. Legacy public folders utilized a proprietary multi master replication mechanism which was not planned to handle todays data volumes. Therefore, Exchange 2013 introduced modern public folders which utilize the robust DAG replication functionality. Due to the technology change between legacy public folders and modern public folders a migration is required.
You can migrate legacy public folders hosted on Exchange 2007 or Exchange 2010 to modern public folders hosted on Exchange 2013. Or you can migrate legacy public folders hosted on Exchange 2010 to modern public folders hosted on Exchange 2016. If a cloud migration is a viable option for your company, you are able to migrate legacy public folders hosted on Exchange 2007 or Exchange 2010 to modern public folders hosted in Exchange Online.
The requirements for legacy Exchange Servers are:
Since Exchange Server 2013 RTM the public folder migration scripts and the migration guidance have quite often been updated. The information provided at TechNet is very detailed for each migration option and there is no need to repeat each step in this blog post. Please see the link section for all hyperlinks.
Preparing a legacy public folder migration is pretty straight forward. The main issue companies are facing is the required downtime for finalizing the public folder migration batch. The required downtime cannot be determined exactly (not as exactly as requested by upper management). Which means that you have to plan for a scheduled maintenance during off hours. In the past a single migration request has been used to migrate legacy public folders. The new batch approach migrates public folder content using multiple requests within a single batch.
The Create-PublicFolderMailboxesForMigration.ps1 script uses the parameter EstimatedNumberOfConcurrentUsers to determine the overall number of public folder mailboxes serving the hierarchy. The TechNet articles explain this parameter as follows:
The estimated number of simultaneous user connections browsing a public folder hierarchy is usually less than the total number of users in an organization.
Exchange Server 2013 and Exchange Server 2016 currently support 2.000 concurrent connections to a single mailbox. This limit (2.000) is used by the Create-PublicFolderMailboxesForMigration.ps1 in conjunction with EstimatedNumberOfConcurrentUsers to determine the number of public folder mailboxes required to serve the public folder hierarchy. The current version of the script uses a coded limit of max 100 public folder mailboxes. This means that you can only serve 100 x 2.000 = 200.000 concurrent users accessing the public folder hierarchy.
Finalizing the migration request and setting the PublicFolderMigrationComplete attribute requires the legacy public folder information store to be restarted. Otherwise the configuration change will not be picked up the information store in timely fashion. Remember to restart the information store service on all legacy public folder servers.
If your current public folder infrastructure is based on Exchange 2007 and you want to get rid of that Exchange version, you might think of replicating all content to Exchange 2010. This is not the best approach. Due to known content conversion issues you might encounter data loss when replicating public folder content between Exchange 2007 and Exchange 2010.
The recommended approach is to migrate Exchange 2007 legacy public folders to Exchange 2013 modern public folders directly.
A recommended reading on legacy public folder migration from Exchange 2010 to Exchange 2016 is Butch Waller’s blog post “Migration to Modern Public Folders – Notes from the Field”
The PowerShell script referenced in that blog post does not work with Exchange 2007. You can use my PowerShell script which utilizes UTF8 encoding and runs with Exchange 2007 and Exchange 2010: https://gallery.technet.microsoft.com/Exchange-2010-Public-315ea9aa
Remark All limits mentioned in this post reflect the information available at the time of writing.
You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid with Office 365? Contact us at office365@granikos.eu or visit our website https://www.granikos.eu.
Once upon a time at an Exchange Conference near you, a member of the Exchange Product Group (PG) announced that the very last Exchange Server will go away when having an active Exchange hybrid setup.
This was a hot topic for discussions at the Microsoft Exchange Conferences (MEC, @IamMEC) in 2012 and 2014, already. Since then the Exchange PG came up with a number of reasons why this is not possible. The question on when we will finally be able to remove the very last Exchange Server from the on-premises Exchange organization was asked every year at the Ignite Conference.
Currently, the supported scenario for hybrid configurations between your on-premises Exchange organization and Exchange Online requires that you keep the last Exchange Server for creating, and managing Exchange related objects, even if those objects are located in Exchange Online.
The following diagram illustrates the current requirements:
In the past, there was communication on certain interim solutions that were supposed to support you in removing the last Exchange Server from your Exchange organization. Such interim solutions were:
At Ignite those solutions even made it into the official session catalog:
All those interim solutions leave your on-premises Exchange organization and the Active Directory configuration in an uncomfortable twilight-zone. It was still something that worked somehow, but you knew it was officially not supported, and the secure and stable operation of the hybrid configuration was at risk.
But wait...
Removing the last Exchange Server is supported! (at least when all components are released)
The new approach for managing your Exchange Online tenancy after migrating your on-premises Exchange organization to Exchange Online does not require an on-premises Exchange Server.
The new mode of operation reduces your on-premises requirements to:
The following diagram illustrates the new modern Exchange Online Management experience:
Simply you remove the requirement to use on-premises Exchange Server to write to your on-premises Active Directory. Instead, Azure AD Connect uses a new synchronization capability to handle the new Exchange Management experience in the AAD Connect MetaVerse. The on-premises AD-connector writes the changes to Active Directory which keeps the Active Directory up-to-date for all other on-premises solutions that require identities to have a proper state.
You execute all Exchange-related actions using the new Exchange Online Management PowerShell module, or, if needed, the new Modern Exchange Admin Center (EAC, which was announced at Ignite 2019.
Before you uninstall the last Exchange Server from your on-premises Exchange organization, ensure that you
PS C:\> Get-WindowsFeature Display Name Name Install State ------------ ---- ------------- [ ] Active Directory Certificate Services AD-Certificate Available [ ] Certification Authority ADCS-Cert-Authority Available [ ] Certificate Enrollment Policy Web Service ADCS-Enroll-Web-Pol Available [ ] Certificate Enrollment Web Service ADCS-Enroll-Web-Svc Available [ ] Certification Authority Web Enrollment ADCS-Web-Enrollment Available [ ] Network Device Enrollment Service ADCS-Device-Enrollment Available [ ] Online Responder ADCS-Online-Cert Available [ ] Active Directory Domain Services AD-Domain-Services Available [ ] Active Directory Federation Services ADFS-Federation Available [ ] Active Directory Lightweight Directory Services ADLDS Available [ ] Active Directory Rights Management Services ADRMS Available [ ] Active Directory Rights Management Server ADRMS-Server Available [ ] Identity Federation Support ADRMS-Identity Available [ ] Device Health Attestation DeviceHealthAttestat... Available [ ] DHCP Server DHCP Available [ ] DNS Server DNS Available [ ] Exchange Online Remote Features EXORemote Available [ ] Fax Server Fax Available [X] File and Storage Services FileAndStorage-Services Installed [X] File and iSCSI Services File-Services Installed [X] File Server FS-FileServer Installed [ ] BranchCache for Network Files FS-BranchCache Available [...]
PS C:\> Install-WindowsFeature -Name EXORemote Display Name Name Install State ------------ ---- ------------- [ ] Active Directory Certificate Services AD-Certificate Available [ ] Certification Authority ADCS-Cert-Authority Available [ ] Certificate Enrollment Policy Web Service ADCS-Enroll-Web-Pol Available [ ] Certificate Enrollment Web Service ADCS-Enroll-Web-Svc Available [ ] Certification Authority Web Enrollment ADCS-Web-Enrollment Available [ ] Network Device Enrollment Service ADCS-Device-Enrollment Available [ ] Online Responder ADCS-Online-Cert Available [ ] Active Directory Domain Services AD-Domain-Services Available [ ] Active Directory Federation Services ADFS-Federation Available [ ] Active Directory Lightweight Directory Services ADLDS Available [ ] Active Directory Rights Management Services ADRMS Available [ ] Active Directory Rights Management Server ADRMS-Server Available [ ] Identity Federation Support ADRMS-Identity Available [ ] Device Health Attestation DeviceHealthAttestat... Available [ ] DHCP Server DHCP Available [ ] DNS Server DNS Available [X] Exchange Online Remote Features EXORemote Installed [ ] Fax Server Fax Available [X] File and Storage Services FileAndStorage-Services Installed [X] File and iSCSI Services File-Services Installed [X] File Server FS-FileServer Installed [ ] BranchCache for Network Files FS-BranchCache Available [...]
Even though not explicitly stated, you should restart the server after installing the Windows feature.
As part of the next AAD Connect synchronization cycle, the magic happens.
Verify that you can edit the Exchange related attributes of synchronized Active Directory objects in Exchange Online or Azure AD before you remove your last Exchange Server.
Whey ready to uninstall the last Exchange Server you must use the following command line parameters to remove the server as intended. Otherwise, you'll leave the Exchange organization in an inchoate state. Ensure that you use an administrative PowerShell session.
./Setup.exe /mode:uninstall /SwitchToMEMA /IAcceptExchangeOnlineLicenseTerms
Normally, you do not have to accept license terms when uninstalling Exchange Server, but in this case, you have to accept the Exchange Online license terms.
Enjoy the modern experience and management options of Exchange Online!
Exchange Conferences
My guest post about Modern Attachments with OneDrive for Business was published in the ENow Exchange & Office 365 Solutions Engine Blog (ESE) yesterday.
Enjoy reading here: http://blog.enowsoftware.com/solutions-engine/modern-attachments-with-onedrive-for-business
On Saturday, May 11th, the SharePoint Saturday Cologne will take place at Microsoft Office.
My session covers the migration of legacy public folders to modern public folders in the cloud.
Migrating from legacy public folders to modern public folders in Exchange Online is an error-prone process. Especially for Exchange organizations using legacy public folders since the early days. Real world examples from the field will show you how to determine the right migration approach. Additional information will help you to avoid the most common errors when migrating to modern public folders to the cloud. But what about after migrating to the? There is more. Prepare for decommissioning Public Folders by moving content to Microsoft Teams.
See you in Cologne.
In Legacy Public Folder World with Exchange Server 2010 it was pretty easy to find the parent path of email enabled public folder:
(Get-MailPublicFolder MAILADRESS | Get-PublicFolder).ParentPath
When you try the same approach with modern public folders using Exchange Server 2013+ EMS, you receive an error.
Get-MailPublicFolder MSTeamsPF@varunagroup.de | Get-PublicFolder Cannot process argument transformation on parameter 'Identity'. Cannot convert the "varunagroup.de/Microsoft Exchange System Objects/MSTeamsPF" value of type "Microsoft.Exchange.Data.Directory.ADObjectId" to type "Microsoft.Exchange.Configuration.Tasks.PublicFolderIdParameter". + CategoryInfo : InvalidData: (MSTEamsPF:PSObject) [Get-PublicFolder], ParameterBindinmationException + FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-PublicFolder + PSComputerName : P01.varunagroup.de
You need to use the EntryId paramater of the Get-MailPublicFolder result.
$pf = Get-MailPublicFolder MSTeamsPF@varunagroup.de Get-PublicFolder -Identity $pf.EntryId Name Parent Path ---- --------- MSTeamsPF \Modern Collaboration
Get-PublicFolder does not take pipeline inputs.
Enjoy modern public folders :-)
When you want to migrate your legacy public folders from Exchange 2010 to modern public folders in Exchange Online you must prepare the public folder names for migration.
Public folder names are not allowd to contain the following:
The script Fix-PublicFolderNames.ps1 fixes the public folder names in preparation for migration to modern public folders.
# EXAMPLE # Rename and trim public folders found on Server MYPFSERVER .\Fix-PublicFolderNames -PublicFolderServer MYPFSERVER