Friday, September 9, 2016

Troubleshooting/Logging Exchange 2010 SP3 RU6 issue

Troubleshooting Exchange 2010 SP3 RU6 issue
Run following from the command line

Exchange<2010>-<KB2936871>-x64-en.msp /lxv* <E>:\<RU6InstallLog.log>

Eg. 2936871 is the number
Exchange2010-KB2936871-x64-en.msp /lxv* E:\RU6InstallLog.log


Reference from
https://technet.microsoft.com/en-us/library/ff772434%28v=exchg.80%29.aspx?f=255&MSPPError=-2147217396

and
https://blogs.technet.microsoft.com/exchange/2008/07/08/exchange-2007-managed-services-might-time-out-during-certificate-revocation-checks/

Resolution: 
Tried running many times, revoke Security check from the IE and tried opening Microsoft website but site was not opening, it kept circling without any page response/error message.
Then ran command from the "Command Prompt"

c:\>Exchange2010-KB2936871-x64-en.msp /lxv* E:\RU6InstallLog.log

 /lxv* is a switch and file name can be change.
One thing you will notice that after adding swtich in the above RU6 Installation will go slow and finally i was able to resolve the issue


Event id pasted below were received in the Application Log




Event ID : Received in the Application Log



Log Name:      System
Source:        Microsoft-Windows-WAS
Date:          9/9/2016 3:20:24 PM
Event ID:      5002
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      MachineName
Description:
Application pool 'MSExchangePowerShellAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WAS" Guid="{524B5D04-133C-4A62-8362-64E8EDB9CE40}" EventSourceName="WAS" />
    <EventID Qualifiers="49152">5002</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-09-09T09:50:24.000000000Z" />
    <EventRecordID>5716</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>ComputerName</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="AppPoolID">MSExchangePowerShellAppPool</Data>
    <Binary>
    </Binary>
  </EventData>
</Event>



Log Name:      Application
Source:        MsiInstaller
Date:          9/9/2016 3:55:03 PM
Event ID:      1024
Task Category: None
Level:         Error
Keywords:      Classic
User:          domain\DomainAdmin
Computer:      MachineName
Description:
Product: Microsoft Exchange Server - Update 'Update Rollup 6 for Exchange Server 2010 Service Pack 3 (KB2936871) 14.3.195.1' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MsiInstaller" />
    <EventID Qualifiers="0">1024</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-09-09T10:25:03.000000000Z" />
    <EventRecordID>4119</EventRecordID>
    <Channel>Application</Channel>
    <Computer>MachineName</Computer>
    <Security UserID="S-1-5-21-2569593454-2199529718-41506070416-1109" />
  </System>
  <EventData>
    <Data>Microsoft Exchange Server</Data>
    <Data>Update Rollup 6 for Exchange Server 2010 Service Pack 3 (KB2936871) 14.3.195.1</Data>
    <Data>1603</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>
    </Data>
    <Binary>7B34393334443145412D424534362D343842312D383834372D4631414632304538393243317D207B33323533393433312D303236432D343637452D393841442D3939333243414334423330347D2031363033</Binary>
  </EventData>
</Event>












Resolution in the same series
event Id 2280 because, re-installed Exchange 2010 Hub role on a different Location so it while installing first time, it registers its custom modules with IIS and for this it makes entries in the IIS root config file i.e. applicationHost.config at this location 
C:\Windows\System32\inetsrv\config. 

These enties are made under the <globalmodules> section. 
You will see one such entry for kerbauth.dll.
  <add name="kerbauth" image="C:\Program Files\Microsoft\Exchange Server\V14\Bin\kerbauth.dll" />

so replace the location of the current installation file at "Kerbauth" and save the file.

Log Name:      Application


Source:        Microsoft-Windows-IIS-W3SVC-WP
Date:          9/9/2016 3:20:15 PM
Event ID:      2280
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      MachineName
Description:
The Module DLL D:\Microsoft\Bin\kerbauth.dll failed to load.  The data is the error.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-IIS-W3SVC-WP" Guid="{670080D9-742A-4187-8D16-41143D1290BD}" EventSourceName="W3SVC-WP" />
    <EventID Qualifiers="49152">2280</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-09-09T09:50:15.000000000Z" />
    <EventRecordID>3999</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer> MachineName</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="ModuleDll">D:\Microsoft\Bin\kerbauth.dll</Data>
    <Binary>7E000000</Binary>
  </EventData>
</Event>
Resolution : Change the path in the Application log from the location

Monday, September 5, 2016

DataBase Portability

Exchange 2010
-------------------
Moving Mailboxes between DAG (between DAG havn't tested Yet)

1.  Mailboxes will be offline, since we have to dismount the Database

Sequence of tasks that need to take place:
  • Dismount mailbox database on old server
  • Run eseutil /MH NAME.edb to confirm you have a clean shutdown.
  • Create new mailbox store on New Exchange server and mount it.
  • Dismount the new mailbox store
  • Manually copy the old database to the new mailbox store database location (make sure it is the same name)
  • Run the following command on new server Set-MailboxDatabase DBNAME -AllowFileRestore:$true
  • Delete the transaction log files and checkpoint files for that database.
  • Mount the store.
  • Finally modify user account settings so user access points to the new mailbox server
    Get-Mailbox -Database OLD_DB | where {$_ObjectClass -NotMatch '(SystemAttendantMailbox|ExOleDbSystemMailbox)'} | Set-Mailbox -Database NEW_DB
Referenced from
http://serverfault.com/questions/463104/fastest-way-to-migrate-exchange-2010-mailboxes-to-another-exchange-2010-server-i

2.Create the databases on the new exchange server and issue mailbox moves to the new database. You can batch it up pretty quickly though in powershell.


Friday, July 8, 2016

Exchange 2016 setup fail at "Setup\ServerRoles\Common\tr\Microsoft.Exchange.AirSync.Resources.dll"

Issue : On Exchange 2016, setup fails with error with "Setup\ServerRoles\Common\tr\Microsoft.Exchange.AirSync.Resources.dll"



Resolution : 

Re-Extract the Binaries from the Exchange setup and run the setup again

Thursday, October 8, 2015

451 4.4.0 dns query failed. the error was dns query failed with error ErrorRetry Exchange 2013

Issue : Exchange 2013, Email stuck in the Queue, error says " 451 4.4.0 dns query failed. the error was dns query failed with error"

Steps
======
get-queue -server "ExchangeHubServerFQDN" | FL Identity, Status, MessageCount, LastError 

Get-TransportServer –Identity 2007Server | FL

Get-TransportServer –Identity 2007Server | FL “External*”,”Internal*”

Resolution -------------------- Set-TransportServer –Identity 2007Server –ExternalDNSServers $null
et-TransportServer 2007Server –InternalDNSAdapterGuid 00000000-0000-0000-0000-000000000000


1. Once in EAC/ECP, navigate to Servers and open the server properties.
2. Click on DNS Lookups.
3. Make sure the Internal and External DNS lookups are set correctly.  The internal and External DNS settings need to match DNS setting on the network card IP configuration. Type the current DNS settings or leave it blank. Blank forces Exchange transport service to use network card DNS setting


 Use get-transportserver "ExchangeserverFQDN" | FL *DNS* to verify your settings.
2. You want to use the set-transportserver command to set it back to all network adapters or change the custom IP Range.
For Example:  You may wish to change the Internal DNS to use all network adapters and not custom by running:
set-transportserver "ExchangeserverFQDN" -InternalDNSProtocolOption Any

OR type the following to set it to Null

Set-transportserver "ExchangeserverFQDN" -InternalDNSServers $null

Friday, August 14, 2015

This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store "Exchange 2013"

Issue : When users is connected from Internal network, Browser show certificate prompt, but connecting from External Network, No certificate error in the browser.

Resolution: Check the certificate in the Server which his browser is hitting, found Certificate is not installed. Import certificate from the Legacy server to the new server or the new server, resolved the issue.

Friday, July 24, 2015

Email flow testing Script

Exchange 2013
===========
Email flow testing Script


from Exchange Management Shell
=========================
1..10 | % { Send-MailMessage -To recipient@destination.local -From fromuser@anydomain.com -SmtpServer CASservername -Subject "Test Message $_" -Body "This is the body of Message $_" ; write-host “Sending Message $_”}

Thursday, July 23, 2015

Set public folder to accept NDR

1.      Locate user A’s distinguishedName
Get-User “User A” | Fl DistinguishedName
2.      Launch ADSI Editor, go to “CN=Microsoft Exchange System Objects”, right-click the PF1 object, and then go to “Properties”
Notes: PF1 must be mail-enabled
3.      In the “Attribute Editor” tab, locate “publicDelegates” attribute, and then copy user A’s DistinguishedName into it


from 
https://social.technet.microsoft.com/Forums/office/en-US/d341ff3f-9a8c-40c7-ab04-0a1655047041/public-folder-not-accepting-ndr?forum=exchangesvrgenerallegacy