Microsoft Exchange

“Assign Policy” option missing for Outlook users.

Posted on August 3, 2016 Updated on August 3, 2016

I have always wondered why I was the only one in my whole organization that has the option ‘Assign Policy’ in Outlook. I am the Exchange Engineer and administrator, but I don’t remember giving myself exclusive permissions. Searching online also did not give me what I was looking for.

Assign_Policy

If you are like me, who searched online and did not find any answers. Here is how I fixed this issue for regular users.

I am using Exchange 2013, to allow your users to assign their own policies, follow the steps below

Login to Exchange Admin Center (EAC)
Go to Permissions > User Roles and modify your default Role Assignment Policy, or whichever policy is assigned to your users.
Check the box for ‘MyRetentionPolicies’ and that should give users permissions they are missing.

MyRetentionPolicy

This entry was posted in Microsoft Exchange and tagged Assign Policy, Outlook, Policy, Retention, Retention Policy.

Remove public folder user with multiple access rights

Posted on April 8, 2015 Updated on April 8, 2015

I have come across an issue where users are assigned different permissions on public folders and I need to remove them fast.

Here is a link where I got the idea on how to go about doing it: http://blogs.technet.com/b/dblanch/archive/2013/12/03/managing-exchange-public-folder-permissions.aspx

And here is the final script that worked for me: Example entries for user can be “*lastname*”, “*NT USER:*” for deleted users

$test = Get-PublicFolder “\public folder\folder1” -Recurse | Get-PublicFolderClientPermission | ?{$_.User -like “*user*“} $test | ForEach {Remove-PublicFolderClientPermission -Identity $_.Identity -User $_.User -AccessRights $_.AccessRights -WhatIf}

I hope this script would help other users out there who are running into the same issue as I am. Please leave a comment if you have any questions.

This entry was posted in Microsoft Exchange and tagged access, access rights, Exchange, Exchange 2010, permissions, Public Folder, rights.

Exchange 2010 and MaxInbound ConnectionPerSource

Posted on November 20, 2014 Updated on November 25, 2014

The exchange receive connectors do have settings for Maximum Inbound connection which is set to 20 by default. If a server allowed to send emails reach this limit, you would see a log on the Exchange server.

Event 1021, MSExchangeTransport

Receive connector ‘name of connector’ rejected an incoming connection from IP address ‘server ip’. The maximum number of connections per source (20) for this connector has been reached by this source IP address.

To verify the status of the receive connector, run the following cmdlet:

Get-ReceiveConnector ‘name of connector’ | select name, maxinbound*

To adjust the limit of the receive connector, run the following cmdlet:

Set-ReceiveConnector ‘name of connector’ -maxinboundconnectionpersource <value>

This entry was posted in Microsoft Exchange and tagged Event 1021, MaxInbound ConnectionPerSource.

How to find users with ActiveSync and OWA enabled

Posted on September 11, 2014 Updated on September 11, 2014

We had an auditor come in and asked us to get a report on users that currently have ActiveSync and OWA enabled. And here is a powershell that allows you to get those information and save it to a file.

get-casmailbox -resultsize unlimited | ft DisplayName,ActiveSyncEnabled,OWAEnabled | Out-File c:\result.txt

I am still trying to find a way to set both ActiveSync and OWA to disabled for any new users. Please feel free to comment if you have anything in mind. I have seen a couple of examples for Powershell which work, but I am not necessarily the only one creating new users and they may have not access to powershell.

This entry was posted in Microsoft Exchange and tagged Activesync, Exchange ActiveSync, Outlook Web Access, Outlook Web App, OWA.

Event 2028, MSExchangeIS Public Store, how to troubleshoot?

Posted on August 25, 2014 Updated on August 25, 2014

Before I was able to figure out this issue, I have been receiving more than 100 of these alerts in Exchange.

The delivery of a message sent by public folder <publicfolder> has failed.

To: user@user.com

Cc:

The non-delivery report has been deleted.

The event ID does not give you a lot of information and it is hard to figure out where this is coming from.

By default, mail-enabled Public Folders are not able to receive NDRs that is why you are seeing these alerts in the logs.

Here are the steps I took to figure out where the emails are being generated:

1. Login to Exchange Management Console, open the Public Folder Management Console and drill down to the public folder mentioned in the event ID.

2. Right-click on the public folder, properties, Mail Flow Settings, Delivery Options and then add an email address where you want all NDRs to be sent (All other emails are also forwarded just an FYI). And DO NOT forget to check the box ‘Deliver message to both forwarding address and mailbox’ so that the regular emails are still being received on the mail-enabled public folder.

Once all settings above are setup, the NDRs will be forwarded to the email specified in the forwarding address field. And the NDRs will give you all info you need as with a regular NDR.

In my case, the emails are being generated externally by our vendor and I had to quarantine the emails on our SPAM firewall so they no longer reach the Exchange Server.

I hope this helps.

I also added this same comment to the forum in http://social.technet.microsoft.com/Forums/exchange/en-US/91d6b279-4090-467d-9880-d4894632e2f1/event-id-2028-the-delivery-of-a-message-sent-by-public-folder-has-failed?forum=exchange2010&prof=required.

This entry was posted in Microsoft Exchange and tagged Event 2028, MSExchangeIS, NDR, Public Folder, Public Store, The delivery of a message sent by public folder.

Exchange Logs filling up – what to do?

Posted on August 22, 2014 Updated on August 22, 2014

Today, I noticed that one of our logs drives are filling up rapidly. I was able to move the unused logs to a different drive but the logs continued to grow (check this link on how to move the unused logs https://wikipinoy.wordpress.com/2014/08/18/how-to-free-up-exchange-log-drive-space-when-it-fills-up/).

Here are some things you can do to figure out what is causing the logs to fill up:

1. I just migrated 3 iPhone users yesterday to the mailbox and I thought they may be causing issues. Confirmed with the users that they have not installed the latest IOS yet. Here is an article from Microsoft that talks about that.

Rapid growth in transaction logs

2. To confirm my suspicion, I downloaded EXMON (http://www.microsoft.com/en-us/download/details.aspx?id=11461) from Microsoft and installed it on my Exchange Server. And ran a trace to find out what user may be causing the issue. And bingo, the 3 users I migrated last night showed in the top 5 users with the highest CPU usage and Log bytes.

You can either ask the users to update to the latest version of IOS or follow Microsoft’s recommendation in the link in step 1.

Note: Also check the logs in your Exchange server for any errors. I noticed that large amounts of NDRs with Event ID 2028 (MSExchangeIS Public Store) causes the logs to fill up in my case.

If you are getting this error when trying to re-launch EXMON, make sure that there are no processes running for this app.

From the command prompt, run logman query -ets to find out if ‘Exchange Event Trace’ is running.

Run the commands logman stop “Exchange Event Trace” -ets to stop

This entry was posted in Microsoft Exchange and tagged Activesync, Exchange Logs, Exchange Monitor, exmon.

How to export a mailbox using Exchange PowerShell

Posted on August 20, 2014 Updated on August 20, 2014

Here I am going to show you how to archive mailboxes to PST and how to deal with errors along the way. When I first attempted the export in Exchange 2010, I ran across 2 error messages which prevented me from exporting a mailbox. Below are the steps I performed to correct the issue.

1. The very first step is to make sure the user running the export command have necessary permissions:

In Exchange 2010 ECP, go to Roles & Auditing and you may have to add a new Role called ‘Mailbox Import Export Role’ to the user. Under Role Groups, select New, Enter the Name of the Role and you can set the scope to default. Under Roles, add ‘Mailbox Import Export Role’ and under members, add the group or user who will be running the export command.

If the role is not setup before running the export, the process will have an error ‘Couldn’t find the Enterprise Organization container’.

2. Next step is to create a share, preferably on the Exchange server to where all the archive emails will be saved. Make sure to add FULL share and security permissions for Exchange Trusted Subsystem (normally found in your root domain – root\Exchange Trusted Subsystem) and SYSTEM. If you are running the Information Store with a specific service account, then you will have to add that account too.

If the permissions are not setup correctly, an error will be displayed after running the export command: ‘Unable to open PST file ‘\\location\name.pst’. Error details: Access to the path is denied.

Note: When I tried to google for an answer to this error message, I only came across articles suggesting to add the ‘Exchange Trusted Subsystem’ to the shared folder. And unfortunately, it did not fix my issue. I found the SYSTEM in all of my built-in Exchange shares and that is what lead me to the resolution.

3. Export the mailbox by running the command:

New-MailboxExportRequest -Mailbox name -Filepath \\UNC_path_from_step_#2\name.pst

4. After successfully running the export command, you can run the Get-MailboxExportRequest to see the status of the export.

I hope this article helps other users out there who are trying to export mailboxes for the first time.

This entry was posted in Microsoft Exchange and tagged Couldn't find the Enterprise Organizational Container, Enterprise Organization Container, Exchange, Export, Mailbox Export, New-MailboxExportRequest, Unable to open PST file.

How to free up Exchange log drive space when it fills up

Posted on August 18, 2014 Updated on August 18, 2014

There are a couple of instances where I had to free up the log drive on our Exchange server because the drive is full. This has happened to me multiple times even with alerting setup and do diligence. There are just some disasters you cannot prevent – like your Marketing or Ebusiness department decided to send 50,000 campaign emails in an hour filling up your Exchange outbound queue and ended up filling up your log drives too.

When the log drive fills up, Exchange will also automatically dismount your mailbox database associated to the log drive to prevent database corruption.

First thing to do when this happens is CALM DOWN and DON’T PANIC! You can be back up and working again in a matter of seconds. Tell your boss not to stay behind you and breath on your neck while you resolve the issue :).

Here are the things I normally do when this issue happens:

1. Login to the Exchange server and locate the checkpoint file in the log drive. The checkpoint file has an extension of .CHK and normally starts with E0x.

2. Run eseutil.exe /mk “path\name.chk” to find out what logs are still needed and what can be safely moved/deleted. In my example below, I ran the command eseutil.exe /mk e04.chk while I am inside the logs directory. The result will show you the checkpoint or last log that was committed.

3. Based on the result, all logs previous to the checkpoint can be safely moved/deleted (I don’t recommend deleting just in case you need them back or you overlooked what files are still needed).

If your checkpoint file is e04.chk then your log files will start with e04 followed by 000 and then the checkpoint HEX.

Example: e040001810F is the checkpoint log

All files starting with e040001810E and older can be safely moved to another location to free up space.

4. Once the old log files are moved, go back to the Exchange Management Console and mount the mailbox database. To save your users, you can immediately try to mount the database after freeing up a couple of megabytes on the log drive. I would already try to mount the database if I see more than 200MB of freed space. So your users can already login to their mailboxes while you are still freeing up more space. And that will make the boss happy.

Note: If you are unable to mount the mailbox database after the cleanup, make sure that the database is not corrupted. This issue almost never happens but if it does happen to you, you may have to restore from backup or repair the database.

To prevent future issues, first let your Marketing or eBusiness group send the emails by batch if possible. 🙂 Or enable circular logging for the mailbox database which is by default turned ON. Also, make sure that your Exchange backup is running successfully each night which will also truncate the logs for you.

This entry was posted in Microsoft Exchange and tagged Eseutil, Exchange, Log Clean Up, Log Drive, Logs.

How to check and disable Transport agents in Exchange

Posted on July 31, 2014

To get the list of Transport agents running on your Exchange server run the command:

Get-TransportAgent

And to disable a specific agent:

Disable-TransportAgent -identity “transport agent name”

This entry was posted in Microsoft Exchange and tagged Exchange, Powershell, Transport Agents.

How to find the owner of an alias in Exchange

Posted on July 31, 2014

To find out who the owner is for an alias or email address in Exchange. You should be able to run the following exchange powershell command:

get-recipient -results unlimited | where {$_.emailaddresses -match “emailaddresshere”} | select name,emailaddresses,recipienttype

This entry was posted in Microsoft Exchange and tagged Alias, Exchange, Powershell.

	Sqlcmd Backup - Secu… on [EASY] How to backup a SQL Exp…
	Sqlcmd Backup… on [EASY] How to backup a SQL Exp…
	Sqlcmd Backup… on [EASY] How to backup a SQL Exp…
	Ray on “Assign Policy” op…
	Paul on “Assign Policy” op…

WIKIPinoy

Exchange, SQL, Shoretel, Networks, NetBackup, collaboration, etc…