Archives for category: Uncategorized

Ran into an issue migrating from Exchange 2010 to Exchange 2016 on premise. Two mailboxes got to 95% and stopped TransientFailureSource. Looking at the logs I found the error “Transient error MapiExceptionNotFound has occurred. The system will retry”.

RESOLUTION

I found that the Content Index Databases on the Destination Exchange 2016 DAG were failed and suspended. I got them healthy again and was able to repair the mailboxes on the Exchange 2010 MBX server by running this command in EMS

New-MailboxRepairRequest -Mailbox userID -CorruptionType SearchFolder, AggregateCounts, ProvisionedFolder, FolderView

To verify the repair had finished I created a new view on the Exchange 2010 Event Viewer with the following settings. Event ID 10048 confirmed it was complete

Event-Viewer-Exchange-Health

I then restarted the mailbox migration and everything completed successfully.

 

Advertisements

Today I setup two brand new Exchange 2016 Servers running CU6. Created IP-Less DAG and multiple databases. I noticed that the databases Content Index State was Failed. I tried the usual

Get-MailboxDatabaseCopyStatus * | where {$_.ContentIndexState -eq “Failed”}

Get-MailboxDatabaseCopyStatus * | where {$_.ContentIndexState -eq “Failedandsuspended”}

Get-MailboxDatabaseCopyStatus * | where {$_.ContentIndexState -eq “Failed”} | Update-MailboxDatabaseCopy -CatalogOnly

Get-MailboxDatabaseCopyStatus * | where {$_.ContentIndexState -eq “Failedandsuspended”} | Update-MailboxDatabaseCopy -CatalogOnly

NONE of those worked.

RESOLUTION:

I changed the databases activation preferences from 1 to 2 on each of the hosting servers. Shortly after the databases began to crawl and then showed healthy.

Configuring Remote Desktop Passthrough Authentication

  1. Create a new GPO named RDP-Passthrough
  2. Edit the policy and navigate to “Computer Configuration->Policies->Administrative Templates->Windows Components->Remote Desktop Services->Remote Desktop Session Host->Security
  3. Set the “Require Use of specific security layer for remote connections” to enabled and choose “Negotiate” as the security layer
  4. In that same policy navigate to “Computer Configuration->Policies->Administrative Templates->System->Credentials Delegation
  5. Enable the setting “Allow delegating default credentials” and add your servers to the list. Examples below
    1. TERMSRV/192.168.1.100
    2. TERMSRV/*.domain.com
    3. TERMSRV/*
  6. Next select “Allow delegating default credentials with NTLM-only server authentication and list the same items you listed in Step 5
    1. TERMSRV/192.168.1.100
    2. TERMSRV/*.domain.com
    3. TERMSRV/*
  7. Save the policy and link it to any OU that has the servers in which you want Passthrough authentication configured.

Used this script to take ownership of profile folders and restore users access so it doesn’t break the roaming profile

takeown /F E:\Share\Profiles\USER /R /D Y
icacls “E:\Share\Profiles\USER” /reset /T
icacls “E:\Share\Profiles\USER” /grant:r “DOMAINNAME\Domain Admins”:(OI)(CI)F
icacls “E:\Share\Profiles\USER” /grant:r “System”:(OI)(CI)F
icacls “E:\Share\Profiles\USER” /grant:r “DomainName\User”:(OI)(CI)F
icacls “E:\Share\Profiles\USER” /setowner “DomainName\User” /T

Migrating users from an Exchange 2010 SBS server to Exchange 2016 I noticed that after one mailbox had completed the user was prompted to quit and restart outlook. But after the user did that nothing happened and their profile was still connected to the Exchange 2010 server. I tried to create a new profile but it wouldn’t complete giving me the infamous message

“Action cannot be completed. The connection to microsoft exchange is unavailable”

After double and triple checking my URL’s SCPs etc… I found that recycling the “MSExchangeAutodiscoverAppPool” service on the Exchange 2016 Server resolved the problem.

  1. Open IIS on the Exchange 2016 Server
  2. Click on Application Pools
  3. Right Click on “MSExchangeAutodiscoverAppPool”
  4. Choose Recycle

You can either recycle the app pool each time you migrate a mailbox or check out the MS KB that guides you through setting it up to recycle every minute.

https://www.iis.net/configreference/system.applicationhost/applicationpools/add/recycling

 

To remove Exchange from an SBS server during the process of decommissioning make sure all your mailboxes are moved to another server or Office365.

Open an Elevated EMS and perform the following
#Remove default Public folders
Get-PublicFolder “\” -Recurse -ResultSize:Unlimited | Remove-PublicFolder -Recurse -ErrorAction:SilentlyContinue

#Remove system Public folders
Get-PublicFolder “\Non_Ipm_Subtree” -Recurse -ResultSize:Unlimited | Remove-PublicFolder -Recurse -ErrorAction:SilentlyContinue

#Remove Offline Address Book
Get-OfflineAddressBook | Remove-OfflineAddressBook

#Remove send connectors
Get-SendConnector | Remove-SendConnector

#Remove Public Folder database (SBS 2011/Exchange 2010 Only)
Get-PublicFolderDatabase | Remove-PublicFolderDatabase

#Remove arbitration mailboxes (SBS 2011/Exchange 2010 Only)
Get-Mailbox -Arbitration | Disable-Mailbox -Arbitration DisableLastArbitrationMailboxAllowed

#Remove mailboxes
Get-Mailbox | Disable-Mailbox

Once that is complete you should be able to uninstall Exchange either through Add Remove Programs or opening an elevated command prompt and changing the directory to the Exchange installation folder (i.e. “C:\Program Files\Microsoft\Exchange Server\v14\Bin). Then running “setup.com /uninstall”

Once that is complete you can proceed with removing AD, and decommissioning the rest of the SBS.

Hard Match Multiple Office 365 Accounts

1. Save the following as a Get-ImmutableID.PS1 script

###########################################################################################################StartScript###############################################################################################################
[System.Console]::ForegroundColor = [System.ConsoleColor]::White
clear-host
Import-module activedirectory

write-host
write-host This Script will Get the ObjectGUID for a user and convert
write-host it to the Immutuable ID for use in Office 365
Write-Host
write-host Please choose one of the following:
write-host
write-host ‘1) Get ID for a Single User’
write-host ‘2) Get IDs for all Users’
write-host ‘3) Cancel’ -ForegroundColor Red
write-host
$option = Read-Host “Select an option [1-3]”

switch ($option)
{
‘1’{
write-verbose “Option 1 selected”
$GetUser = Read-Host -Prompt ‘Enter UserName’
$Users = get-aduser $GetUser | select userprincipalname,@{label=”ImmutableID”;expression={[System.Convert]::ToBase64String($_.objectguid.ToByteArray())}}
$Users
}

‘2’{
Write-host
Write-host Type the Path location to Export the results: i.e. c:\service\IMID.csv

$Path = Read-Host -Prompt ‘Enter Path’

$Users = get-aduser -filter * | select userprincipalname,@{label=”ImmutableID”;expression={[System.Convert]::ToBase64String($_.objectguid.ToByteArray())}}
$users
$users | export-csv $Path

}
‘3’{
write-verbose “Option 3 selected”
break
}
}

###########################################################################################################EndScript################################################################################################################
2. Select your option

3. Save the CSV file to a directory i.e. C:\Service\IMID.csv

4. Open the CSV file and remove whatever UPN’s and IMID’s that you don’t want to change. Also replace all the “@domain.local” with “@domain.onmicrosoft.com” and save the file

5. Save the following as Set-IMID.ps1

###########################################################################################################StartScript###############################################################################################################

$users = import-csv “C:\Service\IMID.csv”
ForEach ($item in $users)

{
$UPN = $item.(“UserPrincipalName”)

$IMID = $item.(“ImmutableID”)

“Set-MsolUser -UserPrincipalName $UPN -ImmutableId $IMID”
}

###########################################################################################################EndScript################################################################################################################

6. Connect to Office 365 via Powershell

7. Change directory to the location of set-IMID.PS1

8. Type .\Set-IMID.PS1

9. It will print out all the results for you. Copy and and paste them back into the powershell