Bug revealed in Dynamic Distribution Groups on Exchange 2007
I have been lately involved in a question on Experts-Exchange that turned into a very interesting adventure that led me to discover a bug in the Dynamic Distribution Groups on Exchange 2007.
I have tested the below on Exchange 2007 SP2 rollup 2 and the bug was still there, however I need to mention that tests also proved it was solved on Exchange 2010.
The Setup
First let me give you a very brief idea about the setup, for the lab I have setup an EBS server and created 2 mailboxes on it "John Doe" and "Jane Jackson".
Running Get-Recipient shows the 3 mailboxes in this organization
Taking a look at Active Directory Users and Computers also reveals that "John Doe" and "Jane Jackson" are located in the TestOu, the Administrator is located in the Users containter
The Plot
Allow relaying on Exchange 2007 & Exchange 2010 in 4 easy steps
I have this application/website that needs to send emails, I have it configured to use our exchange server as SMTP. It can send emails to internal users however external ones are failing with a "550 5.7.1 Unable to relay" error
I have been answering this question, under different forms, so often on Experts Exchange lately that I have it copied on a notepad and end up by pasting it again every now and then.
First a mail server should be configure to unconditionally (not talking about spam/viruses here) accept emails sent to users in the smtp domains it serves. However it should be careful about who gets to send emails to other smtp domains using its services, that's what is called relaying.
This should explain why, in the above scenario, emails sent to internal users but not to external one. So for your application to be able to send external emails you should allow it (or its IP address) to relay emails through your exchange server and here is how to do it in Exchange 2007 and Exchange 2010.
Installing your first Exchange 2010 CAS – Part 2
A few days back I have talked about Installing your first Exchange 2010 Client Access Server when migrating from Exchange 2003 to Exchange 2010. Today I will discuss the requirements of installing your first Exchange 2010 CAS if migrating from Exchange 2007.
First we have to agree that that an Exchange 2010 CAS cannot communicate directly with an Exchange 2007 mailbox servers, so Exchange 2007 CAS are still required.
We will need to differentiate 2 scenarios when mixing Exchange 2007 & Exchange 2010 CAS
Exchange 2010 CAS and Exchange 2007 CAS in the same Active Directory Site
The first Exchange 2010 CAS server should be installed in your internet facing site, and it should be the first server people are directed to when they try to access your organization from the internet using, say, https://webmail.yourdomain.com/owa
Since Exchange 2010 Client Access Server cannot proxy the requests to an Exchange 2007 CAS server in the same active directory site, when the request reaches the 2010 CAS it will query Active Directory for the mailbox server of the user, if that mailbox is located on an Exchange 2007 mailbox server in the same Active Directory site the CAS will look for the ExternalURL & InternalURL parameter of that CAS server.
Managing spaces in AddReplicaToPFRecursive.ps1 script
If you are familiar with Microsoft Exchange 2007 you already know about the AddReplicaToPFRecursive.ps1 script that can be found in the "X:\Program Files\Microsoft\Exchange Server\Scripts", however this script has a bug it doesn't look to support public folders which names contains spaces.
It is quite common to enclose parameters that contains spaces with "quotations" but that doesn't work here.
If you simply try to use the following it will fail.
AddReplicatoPFRecursive.ps1 -TopPublicFolder “\PublicFolder with space” -ServerToAdd “servername”
The solution turned out to be to use single quotes inside the double quotes so it should be something like
AddReplicatoPFRecursive.ps1 -TopPublicFolder “'\PublicFolder with space'” -ServerToAdd “servername”
That's really weird and not standard but it works !
Cannot move mailboxes: INSUFF_ACCESS_RIGHTS error
When moving mailboxes from Exchange 2003 to Exchange 2007 or Exchaneg 2010 either from Exchange Management Console or Powershell using the move-mailbox or new-moverequest cmdlets the move operation might fail with the following error.
Active Directory operation failed on server.domain.com. This error is not retriable. Additional information:
Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], ADOperationException
+ FullyQualifiedErrorId : 6C39B6E8,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest
At first sight it looks like the user initiating the move mailbox doesn't have enough rights to perform this operation, however that user can move other mailboxes just fine.
Here is how to solve the issue
Solved: Setup Exchange 2007 SP1 CCR passive node fails
When installing Exchange 2007 SP1 in Cluster Continuous Replication (CCR) configuration. The setup of the passive node fails with the following error:
"This is not a passive node. A clustered mailbox server represented by the cluster resource group [clustername] was found on this node."
I've found out that the reason for the problem is that upon finishing the Exchange Cluster installation on the active node the setup will ask you for a restart. Restarting the machine will cause the Windows cluster to failover to the passive node to be and thus causing the Exchange installation to fail on that node.
To solve this problem make sure to move back the cluster resources to the active node and re-run the Exchange 2007 SP1 installation on passive node.
This solution was tested on Microsoft Windows 2008 and Microsoft Exchange 2007 SP1