Sysadminsblog.com Anything for sysadmins!

2Sep/101

Calendar sharing is not available

I had a user coming up to me saying that she couldn't send calendar requests anymore. The error was: "Calendar sharing is not available with the following entries because of permission settings on your network". As all mailboxes had just migrated to the Exchange 2010 server this could be anything. However a blog post from Nubby Admin saved me a lot of work.

The error was caused by an outdated entry in the user's autocomplete list. After using the GAL to select the recipient all went well. I also instructed her to clear her autocomplete list.

1Sep/100

Error sending e-mail to migrated mailbox

During our migration I ran into an error while sending e-mail to a mailbox that was just migrated.

#550 5.2.0 STOREDRV.Deliver: The Microsoft Exchange Information Store service reported an error. The following information should help identify the cause of this error: "MapiExceptionUnconfigured:16.18969:C4000000, 17.27161:0000000094000000000000000000000000000000, 255.23226:00000000, 255.27962:FE000000, 255.17082:1C010480, 0.26937:00000000, 4.21921:1C010480, 255.27962:FA000000, 255.1494:00000000, 255.26426:FE000000, 4.7588:0F010480, 4.6564:0F010480, 0.56333:0B004A66, 4.6372:05000780, 4.6276:05000780, 0.18684:02010480, 4.2199:78040000, 4.2770:05400080, 4.29385:1C010480, 4.8620:1C010480, 255.1750:0F010480, 0.26849:0F010480, 255.21817:1C010480, 0.26297:0F010480, 4.16585:1C010480, 0.32441:0F010480, 4.1706:1C010480, 0.24761:71040000, 4.20665:1C010480, 0.25785:0F010480, 4.29881:1C010480". ##

If the account hasn't properly replicated to all domain controllers, you might get this error. Forcing a replication using the Active Directory Sites and Services fixes the problem. This should trigger automatically, however replication issues might stop or slow this. Running a DCDiag and NETDiag will probably show you some problems.

26May/1033

Shared SMTP namespace during cross-forest migration

Exchange 2010 has been released quite some time ago, and I'm finally looking into it. As I'm also moving to a new domain which makes the transition a bit harder, but a name change of the domain is also necessary.

The mail flow will go from several SMTP servers to a mail proxy (Postfix) which has a couple of entries in the virtual file and also relays some domains to Forest B.

During the migration both forests will be used. Both forests will use @domain.com e-mail addresses. This is often referred to as a shared SMTP namespace. One of the problems with a shared SMTP namespace is that it introduces mail loops if you set both mail servers to non-authorative. Setting 1 server to Authorative will cause problems with the mail flow if that server is also the originating server. Resulting in DNRs being send. I'm my case it's not feasible to use multiple domains, which is an often mentioned solution. The image below shows my solution to this problem.

Using a custom header in the e-mail messages you can make sure the mails don't loop (which happens to unresolved recipients). In Forest A the HUB servers are set to add a header X-Loop with the value 1 using transport rules. If the mail is relayed to Forest B and the recipient can't be resolved there, it relays back to Forest A. The Hub servers there are also configured with a transport rule that drops the message if the header X-Loop is set to 1. Therefore it doesn't loop and gets dropped. I've chosen to drop the message instead of sending a DNR because of backscatter which might get you blacklisted. Same story goes for Forest B only then X-Loop is set to 2.

To make sure that the header is not overwritten between Forests, I've set an exclusion on the rule to not set X-Loop if it's already set.

How to configure the HUB servers

First add the following rule to all HUB servers in Forest A:

  • Go to Organization Configuration -> Hub Transport
  • Go to the Transport Rules tab
  • Add a new Transport Rule
  • Set a name and click next

  • Click next as this applies to all messages on this server. You'll get a message which lets you confirm that it's applied to all messages.

  • Check set header with value and set both blue fields to the desired values. In my case I've set header to X-Loop and value to 1 (the value of Forest A). Then click next

  • Check Except when the message header contains specific words and set the blue fields to the values defined above with the value of the other forest. In my case I've set message header to X-Loop and specific words to 2 (the value of Forest B). Then click next

  • Confirm all the values and click finish

This transport rule sets the header in the message. Now we have to make sure that the message gets dropped when it returns.

I'll make this a bit shorter as most of the steps are the same as the above one.

  • Create a new transport rule and set it to resemble the following image

 

You should do the same for the other forest, only then with different values in the headers.