Issue : The Content Index catalog on all Server copies shows as failed.

Server : Exchange 2013 RTM

Fix : Required AD group was missed while ADPrep ran, to setup all Groups "Content Submitters", 

1. Active Directory Users & Computer > Create a "Security Enabled Group" in Exchange Group

2. Properties of "Group" > Security Tab >Allow "Administrators" & "NetworkService" Accounts "Full Control"

or from Powershell

Add-ADPermission -Identity "ContentSubmitters" -User “Network Service” -Access Rights GenericAllAdd-ADPermission -Identity "ContentSubmitters" -User “Administrators” -Access Rights GenericAll

3. Force or wait Active directory Replication

4. Stop "Microsoft Exchange Search" & "Microsoft Exchange Search Host Controller" on Mbx Server

5. Delete "Content Index" wrt to the Database

6. Restart "Microsoft Exchange Search" & "Microsoft Exchange Search Host Controller" on Mbx Server

Reference : MS KB

Uneditted : Outlook Hangs after migration Office 365 (cloud)

Outlook hangs after Mailbox migrated to Microsoft Cloud (Office 365)


https://blogs.msdn.microsoft.com/modonovan/2015/04/30/outlook-profile-doesnt-resolve-via-autodiscover-for-user-mailbox-moved-to-office-365/


Troubleshooting Steps.
> How many users are facing this issue
 > Outlook Version and update to the latest patch, SP
> Outlook is connected to "Online Mode" or "Cached Mode"
 > Check the Target address of the users from Portal

> Check the "Test Email Auto-Configuration" from Outlook

> Check the  "Connection Status"

> Check the logs in the Outlook Sync folder
> If Outlook is
              been added as Another users Mailbox or using the Shared Calendar
              Cached Mode

> How to disable "Cache Mode"

1. On the File tab, click Account Settings in the Account Settings list.
2. In the Account Settings dialog box, click the E-mail tab and then double-click your Microsoft Exchange Server account.
3. In the Change Account dialog box, click More Settings.
4. In the Microsoft Exchange dialog box, click the Advanced tab.
5. Click to clear the Download shared folders check box.

> Then
Action >

> On the problematic machine, logging to check the if the issue is with the Office Portal like License
from this link https://portal.office.com/support/help.aspx?sid=sara#/

> how to check the Outlook Version

Start Outlook.

On the Help menu, click About Microsoft Office Outlook.

Verify the version information and the build number to determine the version of Outlook that is installed on your computer.

> Remove AutoMapping, use the MS Support article to AutoMap

> Download the OffCat software on the client Machine

> Enable outlook Troubleshooting Log

> Simple test would be, can the user, via their web browser, access these autodiscover end points?

> Perhaps their proxy server is preventing access to one of them e.g. *.outlook.com. 

>to disable SCP i.e. just add ExcludeScpLookup as Dword and set to 1

>Fiddler is a great friend.



Autodiscover
=============

Enable modern authentication for Office 2013 clients

Enable modern authentication for Office 2013 clients

REGISTRY KEY	TYPE	VALUE
HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL	REG_DWORD	1
HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\Version	REG_DWORD	1

Disable modern authentication on devices

REGISTRY KEY	TYPE	VALUE
HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL	REG_DWORD	0

IMPORTANT: Modern authentication is already enabled for Office 2016 clients, you do not need to set registry keys for Office 2016.

Article from:

https://support.office.com/en-us/article/Enable-Modern-Authentication-for-Office-2013-on-Windows-devices-7dc1c01a-090f-4971-9677-f1b192d6c910

Enable modern authentication in Exchange Online

1. Connect to Exchange Online PowerShell as shown here.
2. Run the following command in Exchange Online PowerShell:

   Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

3. To verify that the change was successful, run the following command in Exchange Online PowerShell:

   Get-OrganizationConfig | Format-Table -Auto Name,OAuth*

Scenario :
Error while running command O365 "Connect-ExchangeOnline.ps1"

Issue :
Following Error received

New-PSSession : [outlook.office365.com] Connecting to remote server outlook.office365.com failed
with the following error message: The WinRM client cannot process the request. Basic
authentication is currently disabled in the client configuration. Change the client
configuration and try the request again. For more information, see the
about_Remote_Troubleshooting Help topic.
At C:\Scripts\Connect-ExchangeOnline.ps1:2 char:12
+ $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri ht ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New
   -PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : -2144108321,PSSessionOpenFailed
Import-PSSession : Cannot validate argument on parameter 'Session'. The argument is null.
Provide a valid value for the argument, and then try running the command again.
At C:\Scripts\Connect-ExchangeOnline.ps1:3 char:18
+ Import-PSSession $Session
+                  ~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Import-PSSession], ParameterBindingValidationExc
   eption
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.ImportPSSessionCommand


Resolution :

1. Check the Service "Windows Remote Management (WS-Management)

Get-Service "Windows Remote Management (WS-Management)"
If this service is stop, Start "WinRM"

2. From Registry i.e RegEdit.exe

Locate the following
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client]

find the Dword, if it is set to "0", Enable it to 1
"AllowBasic"=dword:00000001

lync control panel 2013 "microsoft silverlight is not installed or is blocked by security settings"

Issue : On Server "Lync 2013", Lync Control panel is showing error "Lync control panel 2013 "Microsoft SilverLight is not installed or is blocked by security settings" on IE

Resolution :

Open IE
> Select "Tools" option from Menu
> "Internet Options"
> "Security" Tab
> Highlight "Internet" from "Select a zone to view or change your security Settings"
> Customer Level
> Select "ActiveX Controls and Plug-ins"
> "Run ActiveX Controls and Plug-ins"
> Select option "Enable"
> click "Ok"
> Apply

and refresh or reopen CSCP

Fileshare is accessible by IP address not by hostname on Windows server 2008 R2 machine

Fileshare is accessible by IP address not by hostname on Windows server 2008 R2 machine

1. On machine, shared folders are accessible on  the machine using self hostname
2. Shared folder was accessible from the same domain machine
3. Unable to accessible machine from another client/server using FQDN but was accessible through IP

Resoultion
On the machine where the folder was shared, checked the DNS Settings in the NIC card and removed the DNS suffix which was entered a wrong domain in "DNS Suffix for this Connection".

Troubleshooting/Logging Exchange 2010 SP3 RU6 issue

Troubleshooting Exchange 2010 SP3 RU6 issue
Run following from the command line

Exchange<2010>-<KB2936871>-x64-en.msp /lxv* <E>:\<RU6InstallLog.log>

Eg. 2936871 is the number
Exchange2010-KB2936871-x64-en.msp /lxv* E:\RU6InstallLog.log


Reference from
https://technet.microsoft.com/en-us/library/ff772434%28v=exchg.80%29.aspx?f=255&MSPPError=-2147217396

and
https://blogs.technet.microsoft.com/exchange/2008/07/08/exchange-2007-managed-services-might-time-out-during-certificate-revocation-checks/

Resolution: 
Tried running many times, revoke Security check from the IE and tried opening Microsoft website but site was not opening, it kept circling without any page response/error message.
Then ran command from the "Command Prompt"

c:\>Exchange2010-KB2936871-x64-en.msp /lxv* E:\RU6InstallLog.log

 /lxv* is a switch and file name can be change.
One thing you will notice that after adding swtich in the above RU6 Installation will go slow and finally i was able to resolve the issue


Event id pasted below were received in the Application Log




Event ID : Received in the Application Log



Log Name:      System
Source:        Microsoft-Windows-WAS
Date:          9/9/2016 3:20:24 PM
Event ID:      5002
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      MachineName
Description:
Application pool 'MSExchangePowerShellAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WAS" Guid="{524B5D04-133C-4A62-8362-64E8EDB9CE40}" EventSourceName="WAS" />
    <EventID Qualifiers="49152">5002</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-09-09T09:50:24.000000000Z" />
    <EventRecordID>5716</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>ComputerName</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="AppPoolID">MSExchangePowerShellAppPool</Data>
    <Binary>
    </Binary>
  </EventData>
</Event>



Log Name:      Application
Source:        MsiInstaller
Date:          9/9/2016 3:55:03 PM
Event ID:      1024
Task Category: None
Level:         Error
Keywords:      Classic
User:          domain\DomainAdmin
Computer:      MachineName
Description:
Product: Microsoft Exchange Server - Update 'Update Rollup 6 for Exchange Server 2010 Service Pack 3 (KB2936871) 14.3.195.1' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MsiInstaller" />
    <EventID Qualifiers="0">1024</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-09-09T10:25:03.000000000Z" />
    <EventRecordID>4119</EventRecordID>
    <Channel>Application</Channel>
    <Computer>MachineName</Computer>
    <Security UserID="S-1-5-21-2569593454-2199529718-41506070416-1109" />
  </System>
  <EventData>
    <Data>Microsoft Exchange Server</Data>
    <Data>Update Rollup 6 for Exchange Server 2010 Service Pack 3 (KB2936871) 14.3.195.1</Data>
    <Data>1603</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>
    </Data>
    <Binary>7B34393334443145412D424534362D343842312D383834372D4631414632304538393243317D207B33323533393433312D303236432D343637452D393841442D3939333243414334423330347D2031363033</Binary>
  </EventData>
</Event>












Resolution in the same series
event Id 2280 because, re-installed Exchange 2010 Hub role on a different Location so it while installing first time, it registers its custom modules with IIS and for this it makes entries in the IIS root config file i.e. applicationHost.config at this location 
C:\Windows\System32\inetsrv\config. 

These enties are made under the <globalmodules> section. 
You will see one such entry for kerbauth.dll.

  <add name="kerbauth" image="C:\Program Files\Microsoft\Exchange Server\V14\Bin\kerbauth.dll" />

so replace the location of the current installation file at "Kerbauth" and save the file.

Log Name:      Application


Source:        Microsoft-Windows-IIS-W3SVC-WP
Date:          9/9/2016 3:20:15 PM
Event ID:      2280
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      MachineName
Description:
The Module DLL D:\Microsoft\Bin\kerbauth.dll failed to load.  The data is the error.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-IIS-W3SVC-WP" Guid="{670080D9-742A-4187-8D16-41143D1290BD}" EventSourceName="W3SVC-WP" />
    <EventID Qualifiers="49152">2280</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-09-09T09:50:15.000000000Z" />
    <EventRecordID>3999</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer> MachineName</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="ModuleDll">D:\Microsoft\Bin\kerbauth.dll</Data>
    <Binary>7E000000</Binary>
  </EventData>
</Event>
Resolution : Change the path in the Application log from the location

DataBase Portability

Exchange 2010
-------------------
Moving Mailboxes between DAG (between DAG havn't tested Yet)

1.  Mailboxes will be offline, since we have to dismount the Database

Sequence of tasks that need to take place:

• Dismount mailbox database on old server
• Run eseutil /MH NAME.edb to confirm you have a clean shutdown.
• Create new mailbox store on New Exchange server and mount it.
• Dismount the new mailbox store
• Manually copy the old database to the new mailbox store database location (make sure it is the same name)
• Run the following command on new server Set-MailboxDatabase DBNAME -AllowFileRestore:$true
• Delete the transaction log files and checkpoint files for that database.
• Mount the store.
• Finally modify user account settings so user access points to the new mailbox server
  Get-Mailbox -Database OLD_DB | where {$_ObjectClass -NotMatch '(SystemAttendantMailbox|ExOleDbSystemMailbox)'} | Set-Mailbox -Database NEW_DB

Referenced from
http://serverfault.com/questions/463104/fastest-way-to-migrate-exchange-2010-mailboxes-to-another-exchange-2010-server-i

2.Create the databases on the new exchange server and issue mailbox moves to the new database. You can batch it up pretty quickly though in powershell.

Exchange 2016 setup fail at "Setup\ServerRoles\Common\tr\Microsoft.Exchange.AirSync.Resources.dll"

Issue : On Exchange 2016, setup fails with error with "Setup\ServerRoles\Common\tr\Microsoft.Exchange.AirSync.Resources.dll"

Resolution : 

Re-Extract the Binaries from the Exchange setup and run the setup again

451 4.4.0 dns query failed. the error was dns query failed with error ErrorRetry Exchange 2013

Issue : Exchange 2013, Email stuck in the Queue, error says " 451 4.4.0 dns query failed. the error was dns query failed with error"

Steps
======
get-queue -server "ExchangeHubServerFQDN" | FL Identity, Status, MessageCount, LastError 

Get-TransportServer –Identity 2007Server | FL

Get-TransportServer –Identity 2007Server | FL “External*”,”Internal*”

Resolution -------------------- Set-TransportServer –Identity 2007Server –ExternalDNSServers $null
et-TransportServer 2007Server –InternalDNSAdapterGuid 00000000-0000-0000-0000-000000000000


1. Once in EAC/ECP, navigate to Servers and open the server properties.
2. Click on DNS Lookups.
3. Make sure the Internal and External DNS lookups are set correctly.  The internal and External DNS settings need to match DNS setting on the network card IP configuration. Type the current DNS settings or leave it blank. Blank forces Exchange transport service to use network card DNS setting

 Use get-transportserver "ExchangeserverFQDN" | FL *DNS* to verify your settings.
2. You want to use the set-transportserver command to set it back to all network adapters or change the custom IP Range.

For Example:  You may wish to change the Internal DNS to use all network adapters and not custom by running:
set-transportserver "ExchangeserverFQDN" -InternalDNSProtocolOption Any

OR type the following to set it to Null

Set-transportserver "ExchangeserverFQDN" -InternalDNSServers $null

This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store "Exchange 2013"

Issue : When users is connected from Internal network, Browser show certificate prompt, but connecting from External Network, No certificate error in the browser.

Resolution: Check the certificate in the Server which his browser is hitting, found Certificate is not installed. Import certificate from the Legacy server to the new server or the new server, resolved the issue.

Email flow testing Script

Exchange 2013
===========
Email flow testing Script


from Exchange Management Shell
=========================
1..10 | % { Send-MailMessage -To recipient@destination.local -From fromuser@anydomain.com -SmtpServer CASservername -Subject "Test Message $_" -Body "This is the body of Message $_" ; write-host “Sending Message $_”}

Set public folder to accept NDR

1.      Locate user A’s distinguishedName

Get-User “User A” | Fl DistinguishedName

2.      Launch ADSI Editor, go to “CN=Microsoft Exchange System Objects”, right-click the PF1 object, and then go to “Properties”

Notes: PF1 must be mail-enabled

3.      In the “Attribute Editor” tab, locate “publicDelegates” attribute, and then copy user A’s DistinguishedName into it

from 

https://social.technet.microsoft.com/Forums/office/en-US/d341ff3f-9a8c-40c7-ab04-0a1655047041/public-folder-not-accepting-ndr?forum=exchangesvrgenerallegacy

Exchange 2010: Public folder GUID

One of the Event in the Application log in Exchange 2010 is showing the following event 

Event id : 2028
The Delivery of a Message sent by Public Folder E0FG2CADACE66846A98A6C130CA3ER97-0000FA965FG85
has failed.\r\n To:first name, Last name\r\nCc:\r\n The Non-Delivery report has been deleted


Steps
---------
Getting which public folder is in picture finding is difficult here. 
so if you had tried this then it will not work and through's error

c:\>Get-MailPublicFolder -id E0FG2CADACE66846A98A6C130CA3ER97-0000FA965FG85 

is not showing proper error and message shows it couldn't be found



so instead of running the command using the whole Hexa-Decimal value, use the value before dash ( - ) so here in this example "E0FG2CADACE66846A98A6C130CA3ER97-0000FA965FG85"  we are going to use E0FG2CADACE66846A98A6C130CA3ER97 and to convert this value into proper GUID use the following command from Exchange management shell



c:\>[system.Guid] 'E0FG2CADACE66846A98A6C130CA3ER97'
Guid
--------
E0FG2cad-ace6-6846-a98a-6c130CA3ER97

and finally the command for getting public folder is 
c:\Get-MailPublicFolder -identity E0FG2cad-ace6-6846-a98a-6c130CA3ER97

or 
c:\Get-MailPublicFolder | Where {$_.LegacyExchangeDN -Match "E0FG2cad-ace6-6846-a98a-6c130CA3ER97"}



or using with complete GUID then you can use below command

[PS] C:\Windows\system32>Get-MailPublicFolder -resultsize unlimited | where {$_.Externalemailaddress -match "0ED914CAB4DA1243948B9AD6B0B27FDE-000000000014"}


Or to reveal the name of the public folder use the below command
[PS] C:\Windows\system32>Get-MailPublicFolder -resultsize unlimited | where {$_.Externalemailaddress -match "0ED914CAB4DA1243948B9AD6B0B27FDE-000000000014"} | Get-PublicFolder 

PS: Guid used here is only for illustration purpose only.

THANKS RAVI

If you encounter low disk space issues, you can perform the following actions to correct the issue: Exchange 2010

If you encounter low disk space issues, you can perform the following actions to correct the issue:

• Delete content from mailboxes. Specifically, you can delete messages from the Deleted Items and Sent Items folders.
• Purge items from the Recoverable Items folder. For details, see Clean Up the Recoverable Items Folder.
• Run database maintenance. For details, see Maintain Mailbox Databases.
• Purge transaction logs. For details, see Understanding High Availability Factors.
• Enable circular logging. For details, see Configure Mailbox Database Properties.
• Change the database path to a hard disk drive that has more space. For details, see Move the Mailbox Database Path for a Mailbox Database Copy.

from : https://technet.microsoft.com/en-us/library/bb331958(v=exchg.141).aspx

Unable to send message with Attachment even though Proper Message size limits 15 MB has been set on Receive, Send and at Transport Level which also includes MIME overhead of 37% still not able to send/receive message

Exchange 2010, Unable to send message with Attachment even though Proper Message size limits 15 MB has been set on Receive, Send and at Transport Level which also includes MIME overhead of 37% still not able to send/receive message.

then try this command 

Set-TransportConfig -ExternalDsnMaxMessageAttachSize 15MB -InternalDsnMaxMessageAttachSize 15MB

In Exchange 2013
New-SystemMessage is a command used to set the DSN (Delivery status Notification)

for reference
https://technet.microsoft.com/en-us/library/aa998878%28v=exchg.150%29.aspx



some Additional Knowledge and default Series for configuring limit is

• Organizational Level # Is the Highest level in an organization
• Send Connector
• Receive Connector
• AD Site Links
• Routing Group Connectors
• Mailbox Level      # Is the lowest level and take precedence over all the settings

Shell Commands where Message Limit can be checked

Get-ForeignConnector | fl Name,MaxMessageSize
Get-SendConnector | fl Name,MaxMessageSize
Get-ReceiveConnector | fl Name,MaxMessageSize
Get-ADSiteLink | fl Name,MaxMessageSize
Get-RoutingGroupConnector | fl Name,MaxMessageSize
Get-TransportConfig | fl MaxSendSize,MaxReceiveSize
Get-DistributionGroup | fl name,MaxSendSize,MaxReceiveSize
Get-DynamicDistributionGroup | fl name,MaxSendSize,MaxReceiveSize
Get-Mailbox | fl name,MaxSendSize,MaxReceiveSize
Get-MailContact | fl name,MaxSendSize,MaxReceiveSize
Get-MailPublicFolder | fl name,MaxSendSize,MaxReceiveSize
Get-MailUser | fl name,MaxSendSize,MaxReceiveSize

Get-Mailbox -FIlter {MaxSendSize -ne $null -OR MaxReceiveSize -ne $null} | ft Name,MaxSendSize,MaxReceiveSize