Wednesday, January 14, 2015

Exchange 2010/ Outlook 2010 "One or more users cannot be added to the folder access list. Non-local users cannot be given rights on this server"

Environment
Exchange 2010
Outlook 2010

Issue:
Users has been migrated from Exchange 2003 to Exchange 2010 and now few users are reporting that they are unable to share Calendar with the other users. 

While Adding users from GAL it shows RED Mark on the user and 
they are receiving following error

 "One or more users cannot be added to the folder access list. Non-local users cannot be given rights on this server"





Resolution : 

Convert the Mailbox Type to Regular, 

Set-Mailbox Useralias -type Regular

You can check the status from the following command
Get-Mailbox UserAlias | FL *type*

Still not resolved, then opend ASIEDIT.msc, > Domain Configuration > User Properties and find Attribute 

MxchRecipientDisplayType : 1073741824
MxchRecipientTypeDetail  : 1

In my Case MxchRecipientDisplayType value was set to '0' and changing to 1073741824 resolves the issue.


More information from the blog:

http://blogs.technet.com/b/benw/archive/2007/04/05/exchange-2007-and-recipient-type-details.aspx








Tuesday, January 13, 2015

"Calendar sharing is not available with the following entries because of permission settings on your network' Exchange 2010

Environment: 
Exchange 2010, Outlook 2010

Issue: 
Users are unable to share the Calendar and receiving the message from Outlook and OWA

Resolution : This could be due to the Cached User name, Try renaming the .PK2 file and restart outlook or Use GAL to select the contact and then share the Calendar.



Wednesday, December 24, 2014

Outlook Credentials Management

Outlook Credential Manager from Command Prompt

rundll32.exe keymgr.dll, KRShowKeyMgr


Alternatively Go to control panel, User Accounts, manage your credentials, and delete any outlook entries under "Generic Credentials"

Close outlook and reopen. That solved our problem


Wednesday, December 10, 2014

In Lab, Windows server 2008 R2 are unable to communicate with each other

Issue : 
In my Hyper-v Lab, two machines are unable to communicate with each other.
Ping to destination IP show "Request timed Out" and when reboots ping shows "Destination host unreachable", which indicates the connection is being refused from the destination server.

Resolution : 
Properties of "Windows Firewall with Advanced Security on Local Computer" > Domain Profile Tab > Firewall State "On" and changed the Options "Inbound Connections" Block (default) to Allow.

this option is useful when you don't want to disable the firewall, alternatively you can make rules to enable the Inbound traffic from other server






Tuesday, December 9, 2014

VSSAdmin DNPublish


for System 
C:\>vssadmin list shadowstorage
vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001-2005 Microsoft Corp.

Shadow Copy Storage association
  For volume: (C:)\\?\Volume{1f579c24-a50d-11dd-83df-xxxxxxxxxxxxx}\
  Shadow Copy Storage volume: (C:)\\?\Volume{1f579c24-a50d-11dd-83df-xxxxxxxxxxxxx}\
  Used Shadow Copy Storage space: 47.256 GB
  Allocated Shadow Copy Storage space: 49.405 GB
  Maximum Shadow Copy Storage space: 50 GB


c:\>vssadmin list shadows 
This will provide more information about what program is using the shadow storage

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
For Exchange 
Issue: Backup is taking long time to complete or Inconsistent

1. Troubleshooting steps
vssadmin list writers

2. In Application Log, Related Event with Backup 
Event Id : 3156 

3. Increase the Diagnostic logging for "Exchange Writer"

Set-EventLogLevel "MSExchangeIS\9002 System\Exchange Writer" -Level Expert
To revert the Changes 
Set-EventLogLevel "MSExchangeIS\9002 System\Exchange Writer" -Level Lowest

and 
Set-EventLogLevel "MSExchangeIS\9002 System\Backup Restore" -level Expert
Set-EventLogLevel "MSExchange Repl\Service" -level Expert

4. Restart the "Microsoft Exchange Server Extension for Windows Server Backup" service


Tuesday, November 18, 2014

Event id 225 : Exchange 2007 and Exchange 2013

Issue : Database on Exchange 2013 are dismounting automatically after installing CU6 and Exchange 2007 is co-existing MBX

Error
ExchangeStoreDB 225
Database recovery
At 'date and Time' the copy of database 'Mailbox Database Random ' on this server was unexpectedly dismounted. The error returned by failover was "There is only one copy of this mailbox database (Mailbox Database Random). Automatic recovery is not available.".  For more specific information about the failures, consult the event log on the server for other "ExchangeStoreDb" events.



Resolution : Issue happens only when Exchange 2007 is installed along with Exchange 2013, Databases on Exchange 2013 automatically dismount

Install "Interim update" provided from Microsoft or wait for next CU/SP.

To receive IU, you need to open a case with Microsoft.

Update @ 10th Dec, 2014: Same IU is available at https://support.microsoft.com/kb/2986485



More info from KB
https://support.microsoft.com/kb/2997209
=============
The problem occurs when a user whose mailbox is located in Exchange Server 2007 tries to access a delegated mailbox that is located on a server that is running Exchange Server 2013 CU6.

When the updated server that is running Exchange Server 2013 tries to authenticate the user, it uses a mechanism that is not understood by Exchange Server 2007. This causes the Exchange Server 2013 Store process to crash and fail over the database to a different server. Co-existence with Microsoft Exchange Server 2010 is not affected by this problem.
===============







Mailbox migrating from Exchange 2007 to Exchange 2013 " Active Directory property ‎’homeMDB‎’ is not writeable on recipient"

Issue while moving mailbox from Exchange 2007 sp3 to Exchange 2013

Command ran was
New-MoveRequest -Id "Mailboxname" -TargetDatabase "E2k13dBName" -domaincontroller "fqdn.dc.com" 

// I found -DomainController switch usefull in case if Exchange is installed in the Parent child domain

Issue : Active Directory property ‎’homeMDB‎’ is not writeable on recipient

Resolution : 
Open ADSIEDIT >
 >  and goto User Account or you can also use the "find" to directly jump to the user
> and the right click > Switch to the “Security” tab 
“Advanced”  
 enable the “Include inheritable permissions from this object’s parent” check box.
> Click OK to confirm

and still, if you are getting the same message, go again the properties of the User and also open another user properties and compare and try to match Inheritance and Access/Deny permission, if they own the same OU or Group.

Make sure you have proper backup of Mailbox, in case if you messed with the account.

Another possibility is to disconnect the account and create and merge with a new account