Skip to main content

Posts

Showing posts from 2008

Exchange 2007 SP1 Rollup 5 released

Rollup 5 for Exchange 2007 SP1 fixes plenty of issues: 925371 (http://support.microsoft.com/kb/925371/ ) Domino users cannot find meeting request attachments that are sent from Exchange 2007 users 939037 (http://support.microsoft.com/kb/939037/ ) By default, managed content settings apply to the root folder and all subfolders in an Exchange 2007 environment 949722 (http://support.microsoft.com/kb/949722/ ) Event ID 800 does not include the user name of users who ran the Get-MessageTrackingLog command in an Exchange 2007 environment 949893 (http://support.microsoft.com/kb/949893/ ) You cannot create a new mailbox or enable a mailbox in an Exchange Server 2007 environment on February 29, 2008 949895 (http://support.microsoft.com/kb/949895/ ) Exchange Management Shell crashes (stops responding), and Event ID 1000 is logged when you perform a cross-forest migration from Exchange Server 2003 to Exchange Server 2007 S949895 949901 (http://support.mic

Disable POP3 for ALL users

To disable POP3 for all users with mailboxes on exchange 2007 (only this was executed this time; probably it works in a mixed environment too) you need to execute following command: Get-CASMailbox | Set-CASMailbox -PopEnabled $False In the same way the script can be executed to enable/disable: OWA Get-CASMailbox | Set-CASMailbox -OWAEnabled $False ActiveSync Get-CASMailbox | Set-CASMailbox -ActiveSyncEnabled $False IMAP Get-CASMailbox | Set-CASMailbox -IMAPEnabled $False MAPI Get-CASMailbox | Set-CASMailbox -MAPIEnabled $False

Linked or any other mailbox has insufficient rights on OWA

After the migration from Exchange 2003 to Exchange 2007, some users could not access their mailbox through OWA. On your first login to OWA 2007 you need to select the language OWA will be displayed in. After the language selection and hitting Next button, you get following screen: The solution to the problem lies in Allow permissions inheritance for Authenticated users under permissions for the account that has the problem. Open the Properties of the user under Active Directory Users and computers Go to Security tab (if you don’t see security tab, be sure you have View –> Advanced features selected) Click Advanced Check if Allow Inheritable permissions is checked

Outlook Web Access Loading... in mixed Exchange 2003 and 2007 environment

There are plenty of web sites that can help you resolve now already well known problem in OWA when your browser does not display any pictures in it and hangs with Loading... text. Use Google to find other resolution if it is not the one described below. You setup Exchange 2007 into the existing Exchange 2003 environment. You reroute Internet users to use your new Client Access Server (CAS) for OWA. CAS server includes a mechanism that redirects user to the correct Exchange server, being that Exchange 2003 or 2007. It depends on which server the mailbox resides. In the case that you changed Authentication type on your CAS server such that users don't need to provide domain\username but only username , your Exchange 2003 users could get following screen in their browser... The resolution to the problem is in the authentication type on your CAS server. Not only that you need to change authentication type on your /Exchange folder but also on your /owa and /Exchweb folders.

Exchange Intelligent Message Filter (IMF) and GFI MailEssentials on the same machine

I found a strange problem on Exchange 2003 with Intelligent Message Filter (IMF) disabled on SMTP virtual server. Despite the fact that GFI's MailEssentials was installed on the machine and that IMF was disabled, IMF was still doing most of the antispam job. If I for example changed the default action on Intelligent Message Filter tab to Archive then I found lots of spam in the default IMF archive location \exchsrvr\mailroot\vsi 1. When I opened MailEssential's Monitor tool it was obvious that only "clean" messages were passed to the MailEssentials. So what went wrong? Somehow IMF enabled itself despite that checkbox on SMTP virtual server was not selected at all. To resolve the issue just open the SMTP virtual server instance, enable IMF by checking the Enable Intelligent Message Filter, restart the SMTP service and then uncheck Enable Intelligent Message Filter to really disable it. Now if you check MailEssential's monitor you'll see that spam and

Keyloggers and Outlook Web Access

There are lots of questions on the Internet about possibility of keyloggers being installed on the public computers and the use of Outlook Web Access (OWA) on such machines. Let's presume that you are using public computer in an Internet Café anywhere in the world. You want to connect to your company's e-mail by means of Outlook Web Access interface. Since you are not the administrator of the machine or have higher privileges on that same computer, you are not able to install programs on it. It means you have to use the computer AS IS. You can't prevent keylogger from collecting your data, since you lack the privileges to do so, but your e-mail system can use two-factor authentication as a form of letting the users in. Two factor-authentication is a system wherein two different methods are used to authenticate. Using two factors as opposed to one delivers a higher level of authentication assurance. Using more than one factor is sometimes called strong authenticat

February 29th 2008 - the day you spent with your Exchange server

A lot of Exchange administrators that restarted their Exchange servers on 29th February this year, ended in endless research of discovering why they can't create mailboxes, enable mailboxes or even start Exchange setup. The problem was not in network or any other service but in Exchange 2007 server's bug. Nino Bilic from Exchange's team wrote on the team's blog: After investigation of this problem we have learned that this problem would occur only if you have started or restarted the Microsoft Exchange System Attendant service between 12:00AM UTC , Feb 29, 2008 and 12:00AM UTC, Mar 1, 2008. It is important to note that the times  involved are UTC , not local server time. You can sleep in peace for at least 4 years :))))