One of the new features of Exchange 2010 is the ability to setup a remote connection to an Exchange 2010 organization without having to install the management tools. However you do have to install the Windows Management Framework Core unless you're on Windows 7 or Windows 2008 R2 where it comes preinstalled. Click here to go to the download page for Windows Management Framework Core.
- Windows Vista SP1 and higher or Windows 2008 SP1 and higher
Windows Management Framework Core which includes:
- Windows Powershell 2.0
- WinRM 2.0
- Permissions to make remote Powershell sessions
- Exchange 2007 Powershell snapin must be unloaded
To grant remote Powershell session permissions you have to run the following command:
Set-User -Identity <username> -RemotePowershellEnable $True
To unload the Exchange 2007 Powershell snapin run the following command:
Establishing the connection
Let's make a remote connection to our Exchange 2010 organization!
Store the credential in a variable:
$User = Get-Credential
- Store a Powershell session in a variable:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "http://<servername>/powershell" -Credential $User
Import the server-side Powershell session to the client side one:
During this step you'll see a progress bar while the Exchange cmdlets are being imported
You now have a working remote Powershell session with your Exchange 2010 organization!
Closing the connection
When you're done with the session you'll have to remove it. To do so, you can run the following command:
As you can see, the session has been closed. Don't forget to either exit your local Powershell session or remove the $User variable, as this still has the account stored. If you want to remove the variable, use the following command:
While testing the cross-forest migration of a mailbox, I ran into an error.
Microsoft.Exchange.MailboxReplicationService encoutered an exception. Error: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80004005, ec=24r23)
This seems to happen when the server is not able to reach the server by using its NetBIOS name. After resolving the DNS issues I was able to run the New-MoveRequest command without any errors.
All Exchange administrators will eventually come to a point where they have to forcefully update the Exchange offline address book (OAB). However this is not as straight forward as one would hope. The following steps have to be taken to force an update.
- In the Exchange Management Console go to Organization Configuration and select Mailbox.
- Go to the Offline Address Book tab
- Right-click the address book that you want to update and select Update
That much was quite straight forward. Now to have the OAB be available right away you'll have to restart the Microsoft Exchange File Distribution service.
All of this can also be done in powershell by running the following commands.
Get-OfflineAddressBook | Update-OfflineAddressBook
net stop MSExchangeFDS && net start MSExchangeFDS
I recently had to uninstall an Exchange 2010 server and take it out of a DAG setup. This didn't go as flawless one might expect. During the installation of Update Rollup 3 for Exchange 2010 the installation process crashed. This caused all kinds of problems, but the most obvious one was that the Outlook Web App was returning 404 errors.
In all my hurry to solve the problem I didn't make any screenshots. The CAS, and MBX roles were uninstalled successfully, but the HUB Transport role was returning the error:
The following error was generated when "$error.Clear(); uninstall-MsiPackage -PackagePath ($RoleInstallPath + "Mailbox\MSFTE.MSI") -LogFile ($RoleSetupLoggingPath + "\InstallSearch.msilog")" was run: "Couldn't open package 'C:\Program Files\Microsoft\Exchange Server\V14\Mailbox\MSFTE.MSI'. Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Error code is 1638.".
Couldn't open package 'C:\Program Files\Microsoft\Exchange Server\V14\Mailbox\MSFTE.MSI'. Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Error code is 1638.
After a bit of searching I found this article which indicated that I should reinstall Update Rollup 3 and then it should all work again. I reinstalled Update Rollup 3 twice after which I was able to uninstall the HUB Transport role and completing the uninstall of Exchange 2010.
Exchange 2010 has been released quite some time ago, and I'm finally looking into it. As I'm also moving to a new domain which makes the transition a bit harder, but a name change of the domain is also necessary.
The mail flow will go from several SMTP servers to a mail proxy (Postfix) which has a couple of entries in the virtual file and also relays some domains to Forest B.
During the migration both forests will be used. Both forests will use @domain.com e-mail addresses. This is often referred to as a shared SMTP namespace. One of the problems with a shared SMTP namespace is that it introduces mail loops if you set both mail servers to non-authorative. Setting 1 server to Authorative will cause problems with the mail flow if that server is also the originating server. Resulting in DNRs being send. I'm my case it's not feasible to use multiple domains, which is an often mentioned solution. The image below shows my solution to this problem.
Using a custom header in the e-mail messages you can make sure the mails don't loop (which happens to unresolved recipients). In Forest A the HUB servers are set to add a header X-Loop with the value 1 using transport rules. If the mail is relayed to Forest B and the recipient can't be resolved there, it relays back to Forest A. The Hub servers there are also configured with a transport rule that drops the message if the header X-Loop is set to 1. Therefore it doesn't loop and gets dropped. I've chosen to drop the message instead of sending a DNR because of backscatter which might get you blacklisted. Same story goes for Forest B only then X-Loop is set to 2.
To make sure that the header is not overwritten between Forests, I've set an exclusion on the rule to not set X-Loop if it's already set.
How to configure the HUB servers
First add the following rule to all HUB servers in Forest A:
- Go to Organization Configuration -> Hub Transport
- Go to the Transport Rules tab
- Add a new Transport Rule
- Set a name and click next
- Click next as this applies to all messages on this server. You'll get a message which lets you confirm that it's applied to all messages.
- Check set header with value and set both blue fields to the desired values. In my case I've set header to X-Loop and value to 1 (the value of Forest A). Then click next
- Check Except when the message header contains specific words and set the blue fields to the values defined above with the value of the other forest. In my case I've set message header to X-Loop and specific words to 2 (the value of Forest B). Then click next
- Confirm all the values and click finish
This transport rule sets the header in the message. Now we have to make sure that the message gets dropped when it returns.
I'll make this a bit shorter as most of the steps are the same as the above one.
Create a new transport rule and set it to resemble the following image
You should do the same for the other forest, only then with different values in the headers.
When installing a typical Exchange 2010 setup (CAL, HUB and MBX roles) there are a couple of pre-requisites.
- Install the Microsoft Filter Pack (x64):
- Install the needed features in Windows:
Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart
- Set the "Net.TCP Port Sharing Service" to start automatically:
Set-Service NetTcpPortSharing -StartupType Automatic
If you skip any of these you'll get warnings or errors during the pre-requisites check.