451 4.4.0 dns query failed. the error was dns query failed with error ErrorRetry Exchange 2013

Issue : Exchange 2013, Email stuck in the Queue, error says " 451 4.4.0 dns query failed. the error was dns query failed with error"

Steps
======
get-queue -server "ExchangeHubServerFQDN" | FL Identity, Status, MessageCount, LastError 

Get-TransportServer –Identity 2007Server | FL

Get-TransportServer –Identity 2007Server | FL “External*”,”Internal*”

Resolution -------------------- Set-TransportServer –Identity 2007Server –ExternalDNSServers $null
et-TransportServer 2007Server –InternalDNSAdapterGuid 00000000-0000-0000-0000-000000000000


1. Once in EAC/ECP, navigate to Servers and open the server properties.
2. Click on DNS Lookups.
3. Make sure the Internal and External DNS lookups are set correctly.  The internal and External DNS settings need to match DNS setting on the network card IP configuration. Type the current DNS settings or leave it blank. Blank forces Exchange transport service to use network card DNS setting

 Use get-transportserver "ExchangeserverFQDN" | FL *DNS* to verify your settings.
2. You want to use the set-transportserver command to set it back to all network adapters or change the custom IP Range.

For Example:  You may wish to change the Internal DNS to use all network adapters and not custom by running:
set-transportserver "ExchangeserverFQDN" -InternalDNSProtocolOption Any

OR type the following to set it to Null

Set-transportserver "ExchangeserverFQDN" -InternalDNSServers $null

This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store "Exchange 2013"

Issue : When users is connected from Internal network, Browser show certificate prompt, but connecting from External Network, No certificate error in the browser.

Resolution: Check the certificate in the Server which his browser is hitting, found Certificate is not installed. Import certificate from the Legacy server to the new server or the new server, resolved the issue.

Email flow testing Script

Exchange 2013
===========
Email flow testing Script


from Exchange Management Shell
=========================
1..10 | % { Send-MailMessage -To recipient@destination.local -From fromuser@anydomain.com -SmtpServer CASservername -Subject "Test Message $_" -Body "This is the body of Message $_" ; write-host “Sending Message $_”}

Set public folder to accept NDR

1.      Locate user A’s distinguishedName

Get-User “User A” | Fl DistinguishedName

2.      Launch ADSI Editor, go to “CN=Microsoft Exchange System Objects”, right-click the PF1 object, and then go to “Properties”

Notes: PF1 must be mail-enabled

3.      In the “Attribute Editor” tab, locate “publicDelegates” attribute, and then copy user A’s DistinguishedName into it

from 

https://social.technet.microsoft.com/Forums/office/en-US/d341ff3f-9a8c-40c7-ab04-0a1655047041/public-folder-not-accepting-ndr?forum=exchangesvrgenerallegacy

Exchange 2010: Public folder GUID

One of the Event in the Application log in Exchange 2010 is showing the following event 

Event id : 2028
The Delivery of a Message sent by Public Folder E0FG2CADACE66846A98A6C130CA3ER97-0000FA965FG85
has failed.\r\n To:first name, Last name\r\nCc:\r\n The Non-Delivery report has been deleted


Steps
---------
Getting which public folder is in picture finding is difficult here. 
so if you had tried this then it will not work and through's error

c:\>Get-MailPublicFolder -id E0FG2CADACE66846A98A6C130CA3ER97-0000FA965FG85 

is not showing proper error and message shows it couldn't be found



so instead of running the command using the whole Hexa-Decimal value, use the value before dash ( - ) so here in this example "E0FG2CADACE66846A98A6C130CA3ER97-0000FA965FG85"  we are going to use E0FG2CADACE66846A98A6C130CA3ER97 and to convert this value into proper GUID use the following command from Exchange management shell



c:\>[system.Guid] 'E0FG2CADACE66846A98A6C130CA3ER97'
Guid
--------
E0FG2cad-ace6-6846-a98a-6c130CA3ER97

and finally the command for getting public folder is 
c:\Get-MailPublicFolder -identity E0FG2cad-ace6-6846-a98a-6c130CA3ER97

or 
c:\Get-MailPublicFolder | Where {$_.LegacyExchangeDN -Match "E0FG2cad-ace6-6846-a98a-6c130CA3ER97"}



or using with complete GUID then you can use below command

[PS] C:\Windows\system32>Get-MailPublicFolder -resultsize unlimited | where {$_.Externalemailaddress -match "0ED914CAB4DA1243948B9AD6B0B27FDE-000000000014"}


Or to reveal the name of the public folder use the below command
[PS] C:\Windows\system32>Get-MailPublicFolder -resultsize unlimited | where {$_.Externalemailaddress -match "0ED914CAB4DA1243948B9AD6B0B27FDE-000000000014"} | Get-PublicFolder 

PS: Guid used here is only for illustration purpose only.

THANKS RAVI

If you encounter low disk space issues, you can perform the following actions to correct the issue: Exchange 2010

If you encounter low disk space issues, you can perform the following actions to correct the issue:

• Delete content from mailboxes. Specifically, you can delete messages from the Deleted Items and Sent Items folders.
• Purge items from the Recoverable Items folder. For details, see Clean Up the Recoverable Items Folder.
• Run database maintenance. For details, see Maintain Mailbox Databases.
• Purge transaction logs. For details, see Understanding High Availability Factors.
• Enable circular logging. For details, see Configure Mailbox Database Properties.
• Change the database path to a hard disk drive that has more space. For details, see Move the Mailbox Database Path for a Mailbox Database Copy.

from : https://technet.microsoft.com/en-us/library/bb331958(v=exchg.141).aspx

Unable to send message with Attachment even though Proper Message size limits 15 MB has been set on Receive, Send and at Transport Level which also includes MIME overhead of 37% still not able to send/receive message

Exchange 2010, Unable to send message with Attachment even though Proper Message size limits 15 MB has been set on Receive, Send and at Transport Level which also includes MIME overhead of 37% still not able to send/receive message.

then try this command 

Set-TransportConfig -ExternalDsnMaxMessageAttachSize 15MB -InternalDsnMaxMessageAttachSize 15MB

In Exchange 2013
New-SystemMessage is a command used to set the DSN (Delivery status Notification)

for reference
https://technet.microsoft.com/en-us/library/aa998878%28v=exchg.150%29.aspx



some Additional Knowledge and default Series for configuring limit is

• Organizational Level # Is the Highest level in an organization
• Send Connector
• Receive Connector
• AD Site Links
• Routing Group Connectors
• Mailbox Level      # Is the lowest level and take precedence over all the settings

Shell Commands where Message Limit can be checked

Get-ForeignConnector | fl Name,MaxMessageSize
Get-SendConnector | fl Name,MaxMessageSize
Get-ReceiveConnector | fl Name,MaxMessageSize
Get-ADSiteLink | fl Name,MaxMessageSize
Get-RoutingGroupConnector | fl Name,MaxMessageSize
Get-TransportConfig | fl MaxSendSize,MaxReceiveSize
Get-DistributionGroup | fl name,MaxSendSize,MaxReceiveSize
Get-DynamicDistributionGroup | fl name,MaxSendSize,MaxReceiveSize
Get-Mailbox | fl name,MaxSendSize,MaxReceiveSize
Get-MailContact | fl name,MaxSendSize,MaxReceiveSize
Get-MailPublicFolder | fl name,MaxSendSize,MaxReceiveSize
Get-MailUser | fl name,MaxSendSize,MaxReceiveSize

Get-Mailbox -FIlter {MaxSendSize -ne $null -OR MaxReceiveSize -ne $null} | ft Name,MaxSendSize,MaxReceiveSize

After rebooting Exchange 2010 server is stuck on "Applying Group Policy settings"

After rebooting server, Users are unable to send and receive Email

We are able to
All of the Exchange related services are in stopped state and after rebooting Exchange server, stuck on "Applying Group Policy settings"

We replicated DC from "AD sites and services", added Exchange server "SVR13" into Exchange server

Group from "Exchange Security Group"and suggest to reboot he box. still same issue.

Customer is able to boot Exchange server into Networking with Safe mode


http://www.exchangewarrior.com/exchange-2007/exchange-server-stuck-on-applying-group-policy-settings/

Troubleshooting Steps : DAG suddently failover

Exchange 2010 Service pack 3 with Update Rollup 2.

Understand that one of the DAG member stopped responding for the clients hence the users were unable to access their mailbox.

In order to overcome this situation, customer has moved all the resources to another node and rebooted the problem node


Diagnosis Given : Network issue, Network connectivity lost between FSW and Exchange

Exchange 2013 Installation on Windows 2012 Std R2

Installing only CAS role

In powershell (Run as Administrator) 

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

Reboot will be required

2. Install Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

3. Exchange setup




Installing MBX role or Mixed mode

In powershell (Run as Administrator) 

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

reboot will be required

Need to install after Windows feature 

Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

Microsoft Office 2010 Filter Pack 64 bit

Microsoft Office 2010 Filter Pack SP1 64 bit

and finally run Exchange setup

Exchange 2013 SP1 There are 3-4 users getting dual archive mailbox

Issue :

1. Users are in Outlook 2013/Outlook 2010 and OWA, few users are getting dual Archive mailbox

2. For the same user, Inbox is visible in Archive Mailbox, both from Outlook and OWA

Resolution :

1. Test-E-mail Autoconfiguration" from Outlook shows that the Outlook is connecting to another users Mailbox and Full mailbox permission is added for another user's Mailbox in the user mailbox


Removing full Mailbox permission for another user mailbox from the original user's Mailbox resolves the issue


2. When Archive Mailbox is enabled for user, Exchange will copy the frame like inbox, sent and delete Item etc but will not publish until data is moved to Archive mailbox via Retention Policy

Exchange 2013 New-MailboxRestoreRequest :: The term 'New-MaiboxRestoreRequest' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Issue : From Exchange management Shell, Running command is providing this error

New-MailboxRestoreRequest –SourceDatabase <Source-Database> -SourceStoreMailbox <Disconnected-Mailbox> -TargetMailbox <Destination-Mailbox> -TargetRootFolder <Folder-in-Destination-Mailbox> -AllowLegacyDNMismatch

New-MaiboxRestoreRequest : The term 'New-MaiboxRestoreRequest' is not recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is
correct and try again.
At line:1 char:1
+ New-MaiboxRestoreRequest -SourceDatabase "recovery" -SourceStoreMailbox "dd ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~
   + CategoryInfo          : ObjectNotFound: (New-MaiboxRestoreRequest:String) [], CommandNotFoundException
   + FullyQualifiedErrorId : CommandNotFoundException 


Resolution: Open EMS in Administrator mode and run the command again

 -AllowLegacyDNMismatch : this switch will allow to restore Database into different location from the original

To receive GUID for the user

Get-MailboxStatistics –Database recoveryDatabase | ft DisplayName,MailboxGUID,DisconnectReason –AutoSize

Get-MailboxRestoreRequest //This command can helpus to check with restore status

Create Recovery Database

New-MailboxDatabase -Recovery -Name RDB1 -Server MBX2

New-MailboxDatabase -Recovery -Name RDB2 -Server MBX1 -EdbFilePath "C:\Recovery\RDB2\RDB2.EDB" -LogFolderPath "C:\Recovery\RDB2"

Get-MailboxDatabase <RecoveryDatabaseName> | Format-List
New-MailboxRestoreRequest -SourceDatabase DB1 -SourceStoreMailbox 1d20855f-fd54-4681-98e6-e249f7326ddd -TargetMailbox Morris

Get-MailboxRestoreRequest -Status Completed | Remove-MailboxRestoreRequest

LDP from Exchange Command Prompt

Get-Mailbox mb1 | % { dsquery * $($_.DistinguishedName) - attr * }

Eg:
get-mailbox "zena.james" | % {dsquery * $($_.distinguishedName) -attr *} 

Where MB1 is the alias of the Mailbox user

LDP > Connection "FQDN of DC" >> Bind > Tree "Ok" > Search the Object >> Goto the Connection > Click new >> and then click again on the Object > Output is on the right side

Exchange 2010/ Outlook 2010 "One or more users cannot be added to the folder access list. Non-local users cannot be given rights on this server"

Environment
Exchange 2010
Outlook 2010

Issue:
Users has been migrated from Exchange 2003 to Exchange 2010 and now few users are reporting that they are unable to share Calendar with the other users. 

While Adding users from GAL it shows RED Mark on the user and 
they are receiving following error

 "One or more users cannot be added to the folder access list. Non-local users cannot be given rights on this server"

Resolution : 

Convert the Mailbox Type to Regular, 

Set-Mailbox Useralias -type Regular

You can check the status from the following command

Get-Mailbox UserAlias | FL *type*

Still not resolved, then opend ASIEDIT.msc, > Domain Configuration > User Properties and find Attribute 

MxchRecipientDisplayType : 1073741824

MxchRecipientTypeDetail  : 1

In my Case MxchRecipientDisplayType value was set to '0' and changing to 1073741824 resolves the issue.

More information from the blog:

http://blogs.technet.com/b/benw/archive/2007/04/05/exchange-2007-and-recipient-type-details.aspx

Outlook Calendar checking tool version 2.4

"Calendar sharing is not available with the following entries because of permission settings on your network' Exchange 2010

Environment: 

Exchange 2010, Outlook 2010

Issue: 

Users are unable to share the Calendar and receiving the message from Outlook and OWA

Resolution : This could be due to the Cached User name, Try renaming the .PK2 file and restart outlook or Use GAL to select the contact and then share the Calendar.