Outlook 2010 Nickname Cache – An insider Story

Name cache in Outlook is a great feature, we all know. I personally find it extremely very useful since it saves a lot of time while selecting recipients. It has also helped adding few of those recipients who were likely to get missed on an email.

Outlook 2003 and 2007 both used locally stored .NK2 files to hold these name cache. These NK2 files could be found at %APPDATA%\Microsoft\Outlook. It was easy to backup these files or import them back if there were any issues observed. That was pretty simple business there. But a pain of keeping a bakup of these files was always there. In most the cases when user changed their computer these files were most likely to get skipped and they would lose their nickname cache.

When Outlook 2010 was launched it also changed the way the name cache is used by outlook. Instead of using a local NK2 file, outlook 2010 stores the name cache directly in the mail account’s delivery store (in simple words – “Mailbox”).

This post does not provide any troubleshooting information but a little more insight of this changed method of storing nick name cache directly into mailbox. Although it does not outline any troubleshooting steps, the information in this post should be helpful enough if you are troubleshooting a problem related to nickname cache.

The way nickname cache is stored in one of the portions of extremely complex structure in an exchange server 2010 mailbox is in the form of an attribute on a mailbox rule. To understand and to see the way this thing works; you require the very famous geeky tool, MFCMAPI. I must say Stephen Griffin has done an extra ordinary job by developing this utility and keeping it all the way updated over so many year. Thanks Steve :-)

Let us take a look at how does this thing look like and how to see it.

1. Download MFCMAPI from http://mfcmapi.codeplex.com . Latest the better.

2. If you do not wish to do all configurations for running MFCMAPI without outlook, use it on a computer where outlook is installed. I would prefer outlook 2010 on the computer where I am going to use MFCMAPI.

3. Once you have the utility downloaded, open your mailbox by logging on to the profile you wish to explore.

Logon Screen

4. Select the profile that is already configured on the computer.

image

5. After you select the profile, you would see your mailbox, archives and public folder store in the window. In my case I do not have any PST files and PF store on my exchange server. Now, right click on your mailbox and select Open Store

image

6. That brings up another window, which is an invisible view of the mailbox using any known MAPI, NON-MAPI client. Expand Root – Mailbox –> IPM_SUBTREE in this newly opened window and you would see the similar folder structure that you see using outlook. If you are connected to exchange server in online mode the structure would look a very little different and IPM_SUBTREE is replaced with another folder named Top of Information Store.

A few more folders are made visible by MFCMAPI. I strongly recommend you do not play around them unless you really understand why they are there.

7. Select your Inbox folder, right click, and select Open associated contents table from the context menu.

8. Above action brings up another window of MFCMAPI, which shows hidden, visible rules in your mailbox.

image

You may not see the similar screen as above since I have adjusted the columns as per my convenience. Yet, the key bit here is the rule that stores your nickname cache information. By expanding columns and scrolling horizontally in the rules pane; you should be able to figure out a rule that’s message class is IPM.Configuration.Autocomplete. Yes, that is the one which manages your nickname cache.

Question is, where is the actual information? Why is it not visible in above screen shot if the message class IPM.Configuration.Autocomplete holds all my nickname cache data? Well, do  you see that red mark in the properties pane?

The nickname cache is stored in a property of the rule IPM.Configuration.Autocomplete named PR_ROAMING_BINARYSTREAM. That is correct. It is a binary stream that is stored in your mailbox as a property of the rule mentioned / highlighted above.

I think the data you are interested in is still not visible to you. This is the real trick. The property PR_ROAMING_BINARYSTREAM is the property of type PT_BINARY. Since it holds a binary stream of information it may not be displayed directly when you are on the screen shown above.

9. To see what is inside the scoop; right click on the property 0x7C09000A and select Smart View.

image

10. In Structure Picker window, select structure to interpret as Nickname Cache

11. A new window that will show up on your screen is the information you perhaps did not know. :-)

image

Whoa! What is that information?

Looks weird first time but if you take a closer look at the information that is displayed, it looks like some structured information represented in a plain text format. This binary stream is nothing but a structure that is similar to a database consisting of rows and properties on each row which has further properties again. Lets dive a little deeper into this information

Nickname Cache
Metadata1 = cb: 4 lpb: 0DF0ADBA
Major Version = 12
Minor Version = 0
Row Count = 11

Row Count tells you about how many records are stored in your nickname cache.

 

Below is a dump of single record that appears in your nickname cache when you start typing a name in outlook To, CC, BCC fields (Names and Email Addresses changed by me)

  • A closer analysis of below dump would make you understand that each row is represented by an unique number starting from 0. Each name that appears after you start typing a recipient’s name is equal to a Row in the below information. If you have 100 names stored, the first row would be Row 0 and the last would be Row 99
  • Each row represents a unique record itself.
  • Each row has few more properties represented by Property[0], Property[1], and so on. These properties have their own properties again. Just like what you see in below dump.
  • Each of these properties represent a specific block of information about the cached nickname by outlook.

For Example:

Property[0] – Property Name
Property = 0x6001001F – Property Identifier
Exact Matches: PR_NICK_NAME_W – Property Name
Partial Matches: PR_NICK_NAME, PR_NICK_NAME_A, PR_DOTSTUFF_STATE – Other properties with similar structure to PR_NICK_NAME_W
PropString = Exchange.Geek@GEEKLABS.COM AltPropString = cb: 40 lpb: – Self Explanatory. This is the string value of the property [0] which is PR_NICK_NAME_W

    Row 0
    cValues = 0×00000017 = 23
    Property[0]
    Property = 0x6001001F
    Exact Matches: PR_NICK_NAME_W
    Partial Matches: PR_NICK_NAME, PR_NICK_NAME_A, PR_DOTSTUFF_STATE
    PropString = Exchange.Geek@GEEKLABS.COM AltPropString = cb: 40 lpb: 4F004D002E004900540046004D005300400067006D007200670072006F00750070002E0069006E00
    Property[1]
    Property = 0x39FE001F
    Exact Matches: PR_SMTP_ADDRESS_W, PidTagSmtpAddress
    Partial Matches: PR_SMTP_ADDRESS, PR_SMTP_ADDRESS_A, ptagPrimarySMTPAddress
    PropString = Exchange.Geek@GEEKLABS.COM AltPropString = cb: 40 lpb: 4F004D002E004900540046004D005300400067006D007200670072006F00750070002E0069006E00
    Property[2]
    Property = 0x3A00000A
    Partial Matches: PR_ACCOUNT, PR_ACCOUNT_A, PR_ACCOUNT_W, PidTagAccount
    PropString = Err:0x8004010F=MAPI_E_NOT_FOUND AltPropString =
    Property[3]
    Property = 0x0C150003
    Exact Matches: PR_RECIPIENT_TYPE, PidTagRecipientType, ptagRecipientType
    PropString = 2 AltPropString = 0×2
    Smart View: Flags: MAPI_CC
    Property[4]
    Property = 0x3001001F
    Exact Matches: PR_DISPLAY_NAME_W, PidTagDisplayName
    Partial Matches: PR_DISPLAY_NAME, PR_DISPLAY_NAME_A, ptagDisplayName
    PropString = Exchange Geek AltPropString = cb: 54 lpb: 530075006E0069006C0020004F007000650072006100740069006F006E0020004D0061006E006100670065007200200042004C005200
    Property[5]
    Property = 0x3002001F
    Exact Matches: PR_ADDRTYPE_W, PidTagAddressType
    Partial Matches: PR_ADDRTYPE, PR_ADDRTYPE_A, ptagAddrType
    PropString = EX AltPropString = cb: 4 lpb: 45005800
    Property[6]
    Property = 0x0FFF0102
    Exact Matches: PR_ENTRYID, PR_MEMBER_ENTRYID, PidTagEntryId, PidTagMemberEntryId, ptagEntryId
    PropString = cb: 116 lpb: 00000000DCA740C8C042101AB4B908002B2FE18201000000000000002F6F3D474D5247726F75702F6F753D45786368616E67652041646D696E6973747261746976652047726F7570202846594449424F484632335350444C54292F636E3D526563697069656E74732F636E3D434E4C5432363300 AltPropString = ….ܧ@ÈÀB..´¹..+/á?……../o=GEEKLABS/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=ExchangeGeek.
    Smart View: Exchange Address Entry ID:
    abFlags = 0×00000000
    Provider GUID = {C840A7DC-42C0-1A10-B4B9-08002B2FE182} = muidEMSAB
    Version = 0×00000001 = EMS_VERSION
    Type = 0×00000000 = DT_MAILUSER
    X500DN = /o=GEEKLABS/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=ExchangeGeek
    Property[7]
    Property = 0x3003001F
    Exact Matches: PR_EMAIL_ADDRESS_W, PidTagEmailAddress
    Partial Matches: PR_EMAIL_ADDRESS, PR_EMAIL_ADDRESS_A
    PropString = /O=GEEKLABS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=ExchangeGeek AltPropString = cb: 174 lpb: 2F004F003D0047004D005200470052004F00550050002F004F0055003D00450058004300480041004E00470045002000410044004D0049004E004900530054005200410054004900560045002000470052004F005500500020002800460059004400490042004F0048004600320033005300500044004C00540029002F0043004E003D0052004500430049005000490045004E00540053002F0043004E003D0043004E004C005400320036003300
    Property[8]
    Property = 0x300B0102
    Exact Matches: PR_SEARCH_KEY, PidTagSearchKey, ptagSearchKey
    PropString = cb: 91 lpb: 45583A2F4F3D474D5247524F55502F4F553D45584348414E47452041444D494E4953545241544956452047524F5550202846594449424F484632335350444C54292F434E3D524543495049454E54532F434E3D434E4C5432363300 AltPropString = EX:/O=GEEKLABS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=ExchangeGeek.
    Property[9]
    Property = 0x3D010102
    Exact Matches: PR_AB_PROVIDERS, PidTagAbProviders
    PropString = cb: 16 lpb: 64089B1A0053EC4995777ED6B1F7232A AltPropString = d.?..SìI?w~Ö±÷#*
    Property[10]
    Property = 0x5FFF0003
    Exact Matches: PR_RECIPIENT_TRACKSTATUS, PidTagRecipientTrackStatus, ptagRecipientTrackStatus
    PropString = 0 AltPropString = 0×0
    Smart View: Flags: respNone
    Property[11]
    Property = 0x5FDE0003
    Exact Matches: PR_RECIPIENT_RESOURCESTATE, PidTagRecipientResourceState
    PropString = 0 AltPropString = 0×0
    Property[12]
    Property = 0x5FFD0003
    Exact Matches: PR_RECIPIENT_FLAGS, PidTagRecipientFlags
    PropString = 1 AltPropString = 0×1
    Smart View: Flags: RECIP_SENDABLE
    Property[13]
    Property = 0x5FF6001F
    Exact Matches: PR_RECIPIENT_DISPLAY_NAME_W, PidTagRecipientDisplayName
    Partial Matches: PR_RECIPIENT_DISPLAY_NAME
    PropString = Exchange Geek AltPropString = cb: 54 lpb: 530075006E0069006C0020004F007000650072006100740069006F006E0020004D0061006E006100670065007200200042004C005200
    Property[14]
    Property = 0x5FF70102
    Exact Matches: PR_RECIPIENT_ENTRYID, PidTagRecipientEntryId, ptagRecipientEntryId
    PropString = cb: 116 lpb: 00000000DCA740C8C042101AB4B908002B2FE18201000000000000002F4F3D474D5247524F55502F4F553D45584348414E47452041444D494E4953545241544956452047524F5550202846594449424F484632335350444C54292F434E3D524543495049454E54532F434E3D434E4C5432363300 AltPropString = ….ܧ@ÈÀB..´¹..+/á?……../O=GEEKLABS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=ExchangeGeek.
    Smart View: Exchange Address Entry ID:
    abFlags = 0×00000000
    Provider GUID = {C840A7DC-42C0-1A10-B4B9-08002B2FE182} = muidEMSAB
    Version = 0×00000001 = EMS_VERSION
    Type = 0×00000000 = DT_MAILUSER
    X500DN = /O=GEEKLABS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=ExchangeGeek
    Property[15]
    Property = 0x5FF20003
    PropString = 0 AltPropString = 0×0
    Property[16]
    Property = 0x5FEF0003
    PropString = 0 AltPropString = 0×0
    Property[17]
    Property = 0x5FF50003
    PropString = 0 AltPropString = 0×0
    Property[18]
    Property = 0x5FEB0003
    PropString = 0 AltPropString = 0×0
    Property[19]
    Property = 0x5FDF0003
    Exact Matches: PR_RECIPIENT_ORDER, PidTagRecipientOrder, ptagRecipientOrder
    PropString = 8 AltPropString = 0×8
    Property[20]
    Property = 0x6002000B
    PropString = False AltPropString =
    Property[21]
    Property = 0x6003001F
    Exact Matches: PR_DROPDOWN_DISPLAY_NAME_W
    Partial Matches: PR_DROPDOWN_DISPLAY_NAME, PR_DROPDOWN_DISPLAY_NAME_A
    PropString = Exchange Geek <Exchange.Geek@GEEKLABS.COM> AltPropString = cb: 100 lpb: 530075006E0069006C0020004F007000650072006100740069006F006E0020004D0061006E006100670065007200200042004C00520020003C004F004D002E004900540046004D005300400067006D007200670072006F00750070002E0069006E003E00
    Property[22]
    Property = 0×60040003
    Exact Matches: PR_NICK_NAME_WEIGHT
    PropString = 16384 AltPropString = 0×4000

    Again, another question would start bothering you. Do I mean that outlook queries exchange server over MAPI all the times when someone start typing a name in To, CC or BCC fields?

    Answer is No!

    Unless your outlook profile is not configured in Online mode; outlook would not really go and ask for the information to the exchange server. Instead, it maintains a local replica of the nickname cache which is stored on the client computer at location %USERPROFILE%\AppData\Local\Microsoft\Outlook\RoamCache in one or more .dat files.

    This behavior makes it faster to access the information instead of making a MAPI call to the store every time someone types a name. This locally stored information stays in read only format though. Outlook can read from these files but cannot write back into them. Even if you manage to write something back to these files the updated information would not get written back in your mailbox on the server.

    Another aspect of the way nickname cache information is displayed in Exchange 2010 Outlook Web App. Since OWA works as a persistent session to CAS server / CAS Array from the client computer this information should ideally be streamed online every time someone tries to type a name in To, CC or BCC fields. But, interestingly, the way this information is handled by OWA is little different that you can imagine. Exchange 2010 OWA (premium mode only) also caches this binary stream stored in the prop PR_ROAMING_BINARYSTREAM locally to the client computer. That is why you may still see name cache available in OWA new message window, even after losing network connection to the server.

     

    image

     

    Well, that is all about it. I will keep few more things posted as and when get time. For now, enjoy this post and let me know if you find any documentation bugs :-) . Feel free to leave your feedback in case you like / disliked this post.

    .

    January 7, 2012   Posted in: Exchange 2010, Outlook  5 Comments

    How To Renew Exchange Server 2010 Certificates

    Back in April 2009 I wrote something about How to renew a self signed certificate in Exchange Server 2007 and then later Exchange 2010 EMC and Certificates Management Part – 1 and Exchange 2010 EMC and Certificates Management Part – 2

    I am sure a lot of you have found these posts helpful. All of these posts however did not talk about the certificates issued by public CAs. I thought it would be even more helpful to put up a separate post that would talk more about the certificate renewal process in Exchange 2010 which indeed would cover few steps for Exchange 2007 certificate renewals as well.

    If you run through the Exchange 2010 EMC and Certificate Management posts you would know how it really works when you are preparing, requesting and assigning a new certificate to your Exchange 2010 CAS and HT servers but these posts do not talk about renewal of the certificates once you assign them and they are just about to expire :-O

    A little bit of stuff that you may or you may not know:

    Whenever you work with certificates on an exchange server role installed on any OS, you are dealing with the local computer certificate stores on the at OS which is easily accessible by using Start—> Run –> MMC –> Add/Remove Snap In –> Certificates –> Local Computer. Just take a look at the local computer’s Personal certificate store and you wouldn’t be surprised to see these certificates in there. The only reason I wanted to bring this point here in this post because you may really need to run through this sometimes if you experience something that was mentioned in one of previous posts Missing Private Key on Exchange Certificate

    So let’s have a look at what is it and how to do it!

    GUI:

    Just like above linked two posts talking about how to manage the exchange certificates using GUI, you need to locate the certificate that you need to renew in EMC. Right click on the certificate and select Renew

     

    Provide the path in the wizard that appears which will save you a .req file. Once you have completed the wizard you are ready to use this .req file to be supplied to any certification authority that supports  your request. The reason I said ‘any CA that supports your request’ is because, some CAs do not support SAN extensions supplied in the request.

    Once you supply the contents of the file generated above your CA will provide you a certificate that can be imported here. To import a certificate using GUI follow steps mentioned in Exchange 2010 EMC and Certificates Management Part – 2

    Powershell:

    We have a lot of powershell lovers by now and they feel powershell is much easier than GUI sometimes. For all of those

    Find the certificate you need to renew using Get-ExchangeCertificate

    Copy the certificate thumbprint and run following command to generate the CSR

    Get-ExchangeCertfiicate -Thumbprint <Thumbprint> | Renew-ExchangeCertificate -GenerateRequest:$True -PrivateKeyExportable:$True

    The above command displays the CSR that you need to be supplied to the CA. Copy the CSR and paste it to the CA interface.

    Once you have downloaded the certificate issued by the CA use below command to import it. You need to make sure that you have not removed the certificate request generated by your last operation using EMC or powershell. This will lead you to another situation where you wouldn’t be able to import the certificate.

    Import-ExchangeCertificate  -FileData ([Byte[]]$(Get-Content -Path C:\Users\Milind\Documents\Certificate.cer -Encoding Byte -ReadCount 0))

    If you have recieved your certificate in .pfx format then use

    Import-ExchangeCertificate  -FileData ([Byte[]]$(Get-Content -Path C:\Users\Milind\Documents\Certificate.pfx -Encoding Byte -ReadCount 0)) -Password:(Get-Credential).Password

    And the final stage is to enable it for the services

    Enable-ExchangeCertificate -Thumprint <Thumbprint> -Services IIS,IMAP,POP

    Same procedure applies to Hub Transport Server Role certificate renewal as well but the Edge Transport Server Role. To manage certificates on the Edge Transport Server Role  you must be logged on the server and use powershell.

    After you have renewed certificate on an edge transport server, you need to resubscribe it to the site since the subscription contains the certificate information in it too. Read more about Edge Transport here

    December 20, 2011   Posted in: Uncategorized  2 Comments

    Listing Exchange ActiveSync Users and Device Details

    As an IT administrator you must have come across a requirement from information security teams that they want to review the number of users who use emails on their mobile phones. Some companies require this data so that they can allow access only for selected users. Although listing users is not a big deal when you can use Get-CASMailbox -ResultSize Unlimited | ? {$_.HasActiveSyncDevicePartnerShip = $True} it is a bit of challenge for a novice powershell user to find out their device information too.

    Below scriptlet is quite handy when it comes to finding EAS users and their handheld device details.

    $ResultArr =@()
    $CASMailboxes = Get-CASMailbox -ResultSize Unlimited | ? {$_.HasActiveSyncDevicePartnership -eq $true}
    foreach ($CASMailbox in $CASMailboxes)
    {

    $ResultArr += Get-ActiveSyncDeviceStatistics -Mailbox $CASMailbox.Identity | Select @{Name=”User”;Expression={($CASMailbox.Name).ToString()}},DeviceType,DeviceModel,FirstSyncTime,LastSuccessSync,IsRemoteWipeSupported
    }

    $ResultArr | Export-Csv C:\Reports\EASDeviceStats.csv -NoTypeInformation

    If you are lazy like me then you may want to send this information directly to someone using a bit of automation

    Send-MailMessage -From “Support@company.com” -To “security@company.com” -Subject “ActiveSync User Stats” -Attachments C:\Reports\EASDeviceStats.csv ” -Body ” This is an autogenerated Email. Please do not respond to this email” -SmtpServer “ServerName”

    I hope you find this useful!

     

    December 14, 2011   Posted in: Exchange 2007, Exchange 2010  Comments Closed

    Exchange Server 2010 SP2 Installation – Few Must Knows

    It is more than a week since Microsoft made the Exchange Server 2010 SP2 installation bits available for public download. Over a week’s time there are a lot of articles explaining the installation procedure of Exchange Server 2010 SP2. In this post, I am highlighting few things that you should know before installing Exchange Server 2010 SP2 in your production.

    First things first, Test it in lab environment before installing in production environment.

    You must know – SP2 includes schema changes

    With certain new features, Exchange 2010 SP2 needs to write to schema partition. A bunch of new attributes / classes are added and a lot of them are modified. To understand what changes happen when you run Exchange 2010 SP2 read the Exchange Server Active Directory Schema Changes Reference, November 2011

    Since, the installer will be requiring modifications to Schema, user account used for installation of SP2 must be a member of Schema Admins group in active directory. As a best practice, make sure that this user account is removed from the group once the schema extension is complete.

    You must know – New Windows Server Features are required for CAS Role

    In Exchange Server 2010 CAS is the primary entry point for clients to any Exchange Server 2010 Environment. With this release, a few more features are added in the CAS server role which makes on premise and Office 365 integration a better experience and also an improvement that makes the silent redirection better within cross site CAS roles. A new feature called Mini Outlook Web  App now exists that works on no cookies, no scripts model.

    Address Book Policies aka GAL Segmentation is another new and long awaited feature that is now available with SP2. Essentially, ABPs are nothing but a logic provided by CAS server role the clients that will segregate their access to the Address Lists and Offline Address Books. Although I am not very sure yet whether all these new features require any additional  Windows Server Features to be installed but logically, all these things together demand installation of the new features those are required to be installed on CAS Servers.

    Below are some new Windows Server Role Features that you need to install before installing SP2 on CAS Role.

    • IIS 6 WMI Compatibility
    • ASP.NET
    • ISAPI Filters
    • Client Certificate Mapping Authentication
    • Directory Browsing
    • HTTP Errors
    • HTTP Logging
    • HTTP Redirection
    • Tracing
    • Request Monitor
    • Static Content

     

    Or Easier way to do the nasty stuff is to just use the setup.com switches :-) simply run

    Setup /Mode:Upgrade /InstallWindowsComponents

     

    You must know – Installing Updates on DAG is not a normal exercise

    Many of us run DAG because of its proven reliability and ability to make a highly available mailbox database system. Installing updates on a member of a DAG is not a regular installation though. In June last year I posted Installing Exchange 2010 SP1 (beta) on DAG members . Procedure does not really change except some included hotfixes in my previous post. If you are running SP1 then you do not need those hotfixes anymore.

    You did not like that procedure? No worries, Mike has another and simpler one posted here Performing Maintenance on DAG Members in Exchange 2010 SP1

     

    Remaining is HT and UM roles. Well, there is nothing specific that you need to take care of there, you can install SP2 in a normal way there.

    To summarize,

    • Exchange 2010 SP2 installation package modifies schema. You must be a member of Schema Admins with other necessary  RBAC permissions
    • Exchange 2010 SP2 installation package requires few additional Windows Server Role features to be added on CAS role before you can complete installation.
    • DAG members require a special procedure to install any updates.

    December 12, 2011   Posted in: Exchange 2010  5 Comments

    Exchange Server 2010 Checklist

    Few months ago someone in our discussion group had a requierment of an automated way to make sure that exchange servers health state should be checked automatically and a report should be sent to support team.During the discussion, we recieved a lot of ideas and many sample codes to do so. The largest piece of code was written for Exchange 2007. I perosnally used this script at many customers to automate the daily / hourly checklist part of their operations team but since a lot of them have already upgraded to Exchange 2010 the old script become almost useless due to changes in architecture of components of Exchange Server 2010. With said that, quite a considerable number of modifications were needed in the origional code.

    I recently posted the latest version of the script that was customized by me to meet some of exclusive requirements. You can download the script from Microsoft Technet Gallery – Exchange Server 2010 Checklist

    Yet, I really wanted to thank the person who wrote this entire stuff. That was really so cool.

    Features:

    • Provides a detailed report of your Exchange Server 2010 Critical components in an HTML email.
    • Provides color coded statuses so that faulty components can be identified easily.
    • Emails can be sent to multiple people.
    • Script can be scheduled to run using scheduled task.

    PARAMETERS:
            -ServerName (required)
                    Must be an Exchange 2010 server. This script should be run locally on the mentioned server.

            -Path (required)
                    This is the folder identity where the generated report will be saved.

            -CompanyName (required)
                    Name of your company E.g. “Contoso Inc.”

            -SMTPServer (required)
                    Hub Transport Server name or IP address. Any SMTP relay that can accept the email will also work.

            -From (required)
                    Sender’s email address.

            -To (required)
                    List of recipient(s). You can pass a comma seperated values here. For more than one recipients use {user1@domain.com, user2@domain.com}

            -JournalMailbox (optional)
                    The mailbox identity to get mailbox statistics.
    For many mailboxes use user1@domain.com,user2@domain.com

    Please do provide your feedback in case you liked / disliked it or you would like to see some new features added into it. Download and Enjoy ;-)

    December 7, 2011   Posted in: Exchange 2010  5 Comments

    Exchange Server 2010 Service Pack 2 is available for Download

    Microsoft has released SP2 for Microsoft Exchange Server 2010 today. The service pack is available for download at http://www.microsoft.com/download/en/details.aspx?id=28190

    With release of SP2 a long awaited feature of Address List Segregation will now be available instead of using Exchange in Hosting Mode. A lot of other fixes are included in this release.

    Download your copy and Enjoy! ;-)

    December 5, 2011   Posted in: Exchange 2010  3 Comments

    Changing From Display Name of Full Mailbox Notifications

    I am sure almost everyone of us have seen this at least once in the lifetime :-)

    One of our old days techies had this requirement of changing the From display name that is used by agents sending notifications about your mailbox size when it reaches the quota. Although you cannot edit the sender email address in this case you can indeed change the Display Name of this notification sender.

    CAUTION: Steps involved in this post include using ADSIEDIT, wrong modifications to attributes can cause service stoppage. You should also check Microsoft’s supportability for this change.

    Changing this includes changing the display name of the object in your transport configuration.

    1. Open ADSIEDIT
    2.  Navigate to CN=Transport Settings,CN=<Org Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=int
    3. In the right hand side pane locate the object named CN=MicrosoftExchange329e71ec88ae4615bbc36ab6ce41109e
    4. Right click on the object and select properties.
    5. In properties dialog box of MicrosoftExchange329e71ec88ae4615bbc36ab6ce41109e locate the attribute displayName
    6. Select displayName, click Edit button and enter the Display Name of your wish in the Edit Dialog box.

    That is all you need to do. Users will see the name that you entered in the dialog box after you modify this and the AD replication completes.

    November 29, 2011   Posted in: Exchange 2007, Exchange 2010  2 Comments

    How to generate a report of full mailbox access

     

    If you have gone through an ExRAP lately and have encountered this as an observation during operational interview you are definitely going to need this very small piece of powershell command.

    $CreateStamp = Get-Date -UFormat %d_%m_%Y
    Get-Mailbox -ResultSize Unlimited | Get-MailboxPermission | Where {$_.User.ToString() -ne “NT AUTHORITYSELF” -and $_.IsInherited -eq $false} | Select Identity,User,@{Name=’Access Rights’;Expression={[String]::Join(‘, ‘, $_.AccessRights)}} | Export-Csv -NoTypeInformation -Path “C:tempFull_Mailbox_Access_Report_$CreateStamp.csv”

     

    .

    November 14, 2011   Posted in: Exchange 2010, Exchange Server 2007  2 Comments

    Script to create new mailbox and set mailbox feature

    Edit: This script can be downloaded from Microsoft Technet Gallery as well. Download is available at

    Create Mailbox and Set-CASMailbox Features GUI Script

     

    I wrote this script for one of our L1 support team where they create mailboxes manually. Lately, the customer where this team works wanted to the POP/IMAP services to be enabled and have the POP/IMAP access disabled on mailbox level.

    Although doing so is not a big task, EMC / EMS put few limitations on you while performing both tasks together. As a result, you have to create a mailbox first and then set the mailbox features on it using EMC. If your L1 teams are well educated about how to use EMS then it might be a little easier for them. Unfortunately, mine one at this customer is not so well aware of powershell and its CLI :-)

    To help them out I decided to help them with a GUI that can handle these two tasks right at the time of mailbox creation itself. This is an initial version of this script and I am still working on adding few more features, and validations in it.

    This is how the script window looks like:

    image

    Your feedback on this one will help improving it. So, please feel free to leave a comment or write to me.

    Download this script from here 

    PS:

    Since WordPress does not allow more than specific file extensions the file is renamed to Create-Mailbox.pdf. After you download the file rename it to Create-Mailbox.ps1

    This script will work only with Exchange 2010 and has to be executed from Exchange Management Shell only.

    November 13, 2011   Posted in: Exchange 2010  One Comment

    How to Recover a Mailbox Server that is a part of a DAG

    A day before yesterday, I was asked if an Exchange Server 2010 mailbox server which is a part of a DAG can be recovered using disaster recovery setup options.

    Due to considerable changes in the ways Exchange 2010 handles the clustering components it is little tricky to recover a crashed server that was a part of some DAG in an exchange organization. In Exchange 2007 you could run setup.com /m:recovercms to recover a clustered mailbox server node. But, in exchange server 2010 you have to do it a little different way. Let us take a look at how to do this. It is highly recommended that you make a note of your database copy deployment layout before you go ahead.

    For example:

    Let us say you have a 2 member DAG with a database:

    DAG Name: DAG01

    Node1: E2K10SP101

    Node2: E2K10SP102

    Database: Mailbox Database

    In my case the server E2K10SP102 crashed and the OS could not be recovered at all.

    1. Remove Database Copies Configuration

    When you add a member into DAG and deploy database copies across the members, this information is stored in active directory. Since this information is not removed automatically when either of the members a DAG crash or encounter an irrecoverable problem we need to clean this information first. During the cleanup process you essentially remove the information of the database copy that was configured to be peer of the server that is no longer available.

    To perform the cleanup of the database copy run below command using EMS

    Remove-MailboxDatabaseCopy –Identity “Mailbox DatabaseE2K10SP102

    Right after you hit enter you will be prompted to confirm your action and you might also see your Management Shell screen filled up with warning messages. This is totally okay. In ideal situations, the server will try to clean up this information from another member’s local configurations as well. Since your other server is no longer available the local configuration data from other node will not be cleaned up. This will delete the database copy information from AD though. You need to repeat this for every database copy if you have more than one.

    2. Remove DAG Member

    Next step is to remove the crashed DAG member from the configuration.

    Remove-DatabaseAvailabilityGroupServer –Identity DAG01 –MailboxServer E2K10SP102 -ConfigurationOnly

    ConfigurationOnly is very important here. If you miss this parameter in the command the server will try to contact the other node to remove the cluster service configuration and will fail since the other server is already gone. Keep in mind that we are removing all of this information from AD and not the other node so this parameter should not be missed.

    3. Remove Cluster Service Configurations

    As we all know, although DAG do not use failover clustering mechanism; it still uses MSCS failover clustering components. With said that there are some cluster service configurations in service control database and quorum needing cleanup before the crashed server could be brought back into the DAG. To clean up cluster service configurations open command prompt as a privileged user if you have UAC enabled on the server and simply type below command:

    cluster.exe DAG01 /Node E2K10SP102 /Evict

    Once you have completed the cleanup. Next steps are to rebuild the server, add it back to DAG and configure database copies.

    4. Rebuild the Server- If you have completed fixing your hardware issues (If at all the server had any  :) ), it is time to install the OS similar to what patch levels  and drivers what you have on the currently working node.

    5. Reset the computer account – After your server OS is built correctly and you have made sure the path level is matching to the currently working box, reset the computer account of this server in AD and join the computer with same name in the domain.

    6. Install Software Prerequisites for Exchange 2010 -If you had more than one server roles installed on the server you should install all applicable prerequisites for each server role.

    7. Recover the Server – Insert Exchange 2010 RTM / SP1 disk (depending upon what release of Exchange you are running) and install exchange server binaries using command line setup. Run setup.com /m:recoverserver from command prompt.

    8. Add the server to DAG – After the installation completes, reboot the server once and add the server in DAG using below cmdlet

    Add-DatabaseAvailabilityGroupServer –Identity DAG01 –MailboxServer E2K10SP102

    This will initiate the cluster service configuration on local as well as remote computer.

    9. Add Mailbox Database Copies – If you have reached this step that means you are almost done and need to execute following command to database copy configuration completed.

    Add-MailboxDatabaseCopy –Identity “Mailbox Database” –MailboxServer E2K10SP102 –ActivationPreference :2

    Done! You just need to monitor how the replication of this copy is going; using Get-MailboxDatabaseCopyStatus –Identity “Mailbox Database”

    Hope this information helps!

    October 13, 2011   Posted in: Exchange 2010, MBX  4 Comments