Sunday, February 24, 2008
Exchange2007: LCR--Storage Group and its databases
LCR supports direct-attached storage as well as storage connected by Fibre Channel or iSCSI.
Create a storage group: Kinko Storage Group
[PS] C:\>new-StorageGroup -Server 'W2008' -Name 'Kinko Storage Group' -LogFolderPath 'C:\Program Files\Microsoft\Exchange Server\Mailbox\Kinko Storage Group' -SystemFolderPath 'C:\Program Files\Microsoft\Exchange Server\Mailbox\Kinko Storage Group' -HasLocalCopy $true -CopyLogFolderPath 'G:\LocalCopies\Kinko Storage Group\Logs' -CopySystemFolderPath 'G:\LocalCopies\Kinko Storage Group\Systems'
[PS]C:\>new-mailboxdatabase -StorageGroup 'W2008\Kinko Storage Group' -Name 'Staff' -EdbFilePath 'C:\Program Files\Microsoft\Exchange Server\Mailbox\Kinko Storage Group\Staff.edb' -HasLocalCopy $true -CopyEdbFilePath 'G:\LocalCopies\Kinko Storage Group\Staff.edb'
[PS]C:\>mount-database -Identity 'Kinko Storage Group\Staff'
[PS] C:\>$password =Read-host "Enter password:" -AsSecureString
[PS] C:\>New-Mailbox -Name 'Kim Funny' -Alias 'KFunny' -OrganizationalUnit 'Itsyou.com/Users' -UserPrincipalName 'KFunny@Itsyou.com' -SamAccountName 'KFunny' -FirstName 'Kim' -Initials '' -LastName 'Funny' -Password $password -ResetPasswordOnNextLogon $false -Database 'W2008\Kinko Storage Group\Staff'
[PS] C:\>New-Mailbox -Name 'Albert Tonny' -Alias 'ATonny' -OrganizationalUnit 'Itsyou.com/Users' -UserPrincipalName 'ATonny@Itsyou.com' -SamAccountName 'ATonny' -FirstName 'Albert' -Initials '' -LastName 'Tonny' -Password $password -ResetPasswordOnNextLogon $false -Database 'W2008\Kinko Storage Group\staff'
=====
Suppose the Kinko Storage Group does not have the LCR enabled;
You enable the LCR for the database first and then the Kinko Storage Group.
[PS]C:\>enable-DatabaseCopy -Identity 'W2008\Kinko Storage Group\Staff' -CopyEdbFilePath 'G:\LocalCopies\Kinko Storage Group\Staff.edb'
[PS]C:\>enable-StorageGroupCopy -Identity 'W2008\Kinko Storage Group' -CopyLogFolderPath 'G:\LocalCopies\Kinko Storage Group\Logs' -CopySystemFolderPath 'G:\LocalCopies\Kinko Storage Group\Systems'
====
When you database cannot be mounted, the first defence is to run the Restore-StorageGroupCopy.
Suppose the Kinko Storage Group\Staff.edb cannot be mounted.
[PS] C:\>Dismount-Database -Identity 'Kinko Storage Group\Staff'
[PS] C:\>restore-StorageGroupCopy -Identity 'W2008\Juno Storage Group' -ReplaceLocations
[PS] C:\>Mount-Database -Identity 'Kinko Storage Group\staff'
=====
Seed
Seeding--copying the active mailbox database to the LCR location.
Automatic seeding only occurs during the creation of a new server, creation of a new storage group and database, or on a database that has never been backed up.
Because my default First Storage Group has not been backed up, the Enable-DatabaseCopy and Enable-StorageGroupCopy cmdlets will automatically seed the target LCR directories.
[PS]C:\>enable-DatabaseCopy -Identity 'W2008\First Storage Group\Mailbox Database' -CopyEdbFilePath 'G:\First Storage Group\Mailbox Database.edb'
[PS]C:\>enable-StorageGroupCopy -Identity 'W2008\First Storage Group' -CopyLogFolderPath 'G:\First Storage Group\Logs' -CopySystemFolderPath 'G:\First Storage Group\Systems'
====
How about you want to reseed or resynchronize the LCR copy (passive copy)?
Why do you do that?
You have a corrupt LCR copy and you want to invalidate the passive copy.
suspend-StorageGroupCopy -Identity 'W2008\First Storage Group' -SuspendComment 'Administrator initiated Update-StorageGroupCopy'
update-StorageGroupCopy -Identity 'W2008\First Storage Group' -DeleteExistingFiles
===
Verifying LCR copy
[PS] C:\Windows\System32>suspend-StorageGroupCopy -Identity 'W2008\First Storage Group' -SuspendComment 'Administrator initiated Update-StorageGroupCopy'
[PS] C:\Windows\System32>eseutil /k 'G:\First Storage Group\Mailbox Database.edb'
[PS] C:\Windows\System32>Resume-StorageGroupCopy -Identity 'W2008\First StorageGroup'
====
Exchange2007: Content Indexing
The Exchange Server storage engine automatically implements and manages the standard indexing. It is used every time that a user uses the FIND feature in Microsoft Outlook. The standard indexing searches for TO, FROM, CC, and Subject fields of mail. The standard indexing searches for FROM and Subject fields of a public folder.
To quickly search the message body and its attachment, you should start the MSExchangeSearch service (indexer).
Rebuild an index:
- Net Stop MsExchangeSearch
- Windows Explorer to delete the %SystemDrive%\Program Files\Microsoft\Exchange Server\Mailbox\First Storage Group\CatalogDat-
- Net Start MsExchangeSearch
Tuesday, February 19, 2008
Exchange2007: Messaging Record management
In the following diagram, Tom and John want to implement the automatic messaging content management.
Because it is the default folder: Junk E-mail, I define a new Managed Content Settings for the Junk E-mail.
[PS] C:\>New-ManagedContentSettings -name '1dayretention' -messageClass * -RetentionEnabled $True -AgeLimitForRetention 1 -RetentionAction MoveToDeletedItems -FolderName 'Junk E-mail'
[PS] C:\>New-ManagedFolderMailboxPolicy -Name JunkEmailFolder -ManagedFolderLinks 'Junk E-mail'
[PS] C:\>$password = Read-Host "Enter password" -AsSecureString
[PS] C:\>New-mailbox -UserPrincipalName Tom.Hicken@itsyou.com -alias THicken -database "First Storage Group\Mailbox Database" -Name Tom -OrganizationalUnit Users -password $password -FirstName 'tom' -LastName Hicken -DisplayName "Tom Hicken" -ResetPasswordOnNextLogon $false -ManagedFolderMailboxPolicy JunkEmailFolder -ManagedFolderMailboxPolicyAllowed
[PS] C:\>New-mailbox -UserPrincipalName John.Stephen@itsyou.com -alias JStephen -database "First Storage Group\Mailbox Database" -Name 'John Stephen' -OrganizationalUnit Users -password $password -FirstName John -LastName Stephen -DisplayName "John Stephen" -ResetPasswordOnNextLogon $false -ManagedFolderMailboxPolicy JunkEmailFolder -ManagedFolderMailboxPolicyAllowed
Outlook 2007 client--two profiles
The USN name should be used for the logon as shown below:
Open Outlook profile: Tom Hicken
Send an e-mail to both Tom.Hicken@itsyou.com and John.Stephen@itsyou.com;
Move the test mail from the Inbox to Junk E-mail folder;
Forward your computer clock 1 days + 10 minutes later;
[PS] C:\>Start-ManagedFolderAssistant
The test mail is automatically moved to Deleted Folder.
--------------
Remember to move your clock back.
--------------
How about Sam and Jim want to 2 day retention policy on their Junk E-mail folder?
[PS] C:\>New-ManagedFolder -Name 'A Junk' -DefaultFolderType 'JunkEmail' -Comment 'Unsolicited Commercial Email'
[PS] C:\>New-ManagedContentSettings -Name '2dayretention' -messageClass * -RetentionEnabled $True -AgeLimitForRetention 2 -RetentionAction MoveToDeletedItems -FolderName 'A Junk'
[PS] C:\>New-ManagedFolderMailboxPolicy -Name AJunkFolderPolicy -ManagedFolderLinks 'A Junk'
[PS] C:\>$password = Read-Host "Enter password" -AsSecureString
[PS] C:\>New-mailbox -UserPrincipalName Sam.Lion@itsyou.com -alias Slion -database "W2008\First Storage Group\Mailbox Database" -Name 'Sam Lion' -OrganizationalUnit Users -password $password -FirstName Sam -LastName Lion -DisplayName "Sam Lion" -ResetPasswordOnNextLogon $false -ManagedFolderMailboxPolicy AjunkFolderPolicy -ManagedFolderMailboxPolicyAllowed
[PS] C:\>New-mailbox -UserPrincipalName Jim.Jones@itsyou.com -alias JJones -database "W2008\First Storage Group\Mailbox Database" -Name 'Jim Jones' -OrganizationalUnit Users -password $password -FirstName Jim -LastName Jones -DisplayName "Jim Jones" -ResetPasswordOnNextLogon $false -ManagedFolderMailboxPolicy AjunkFolderPolicy -ManagedFolderMailboxPolicyAllowed
Create outlook profiles as:
Open Administrator profile and send a mail to Jim.Jones@itsyou.com and Sam.Lion@itsyou.com; Close the outlook;
Open Jim.Jones profile and move the e-mail from inbox to Junk E-mail box;
Move the Exchange Server 2007 clock 2 days +10 minutes later;
Start the Managed Folder Assistant;
[PS] C:\>Start-ManagedFolderAssistant
===============
How about you want some users have a Pending Approval folder. The users cannot remove the folder and any messages within will be automatically moved to Deleted Folder.
[PS] C:\>New-ManagedFolder -Name 'PendingApproval' -FolderName 'Pending Approval' -Comment 'All proposals must put in this folder'
[PS] C:\>New-ManagedContentSettings -Name '20dayretention' -messageClass * -RetentionEnabled $True -AgeLimitForRetention 20 -RetentionAction MoveToDeletedItems -FolderName 'PendingApproval'
[PS] C:\>new-ManagedFolderMailboxPolicy -Name 'JunkAndPending' -ManagedFolderLinks 'Junk E-mail','PendingApproval'
[PS] C:\>set-mailbox -Identity 'Tom Hicken' -ManagedFolderMailboxPolicy JunkAndPending -ManagedFolderMailboxPolicyAllowed
[PS] C:\>Start-ManagedFolderAssistant
Open Outlook as Tom Hicken;
You will find the Pending Approval folder under Managed Folder.
========================Confusing parameter: FolderName
Used with New-ManagedFolder cmdLet
-FolderName parameter specifies the name of the folder as it will appear in users' mailboxes. You cannot set the FolderName value for managed default folders.
-Name parameter specifies a unique name for the folder.
Used with New-ManagedContentSettings cmdLet:
-FolderName parameter specifies the name or GUID of the managed folder to which the managed content settings apply --Unique ID of the folder
[PS] C:\>Get-ManagedFolder * Format-Table Name, FolderName
The Name column is the Unique ID of the managed folder. The following example shows that the value of FolderName parameter is 'Junk E-mail', which shows in the first column of the image. For the default managed folder, the Name and its FolderName are same. For the customized managed folder as shown above, the PendingApproval is the Unique ID and Pending Approval will show at Outlook client.
Vista: Ad-hoc vs. Infrastructure wireless connection
Infrastructure wireless configuration requires a wireless access point or router. It allows you sharing data among a group of computers and at same time all systems can access Internet.
As shown above, when you use the Windows Meeting Space to create a new meeting, its option includes the Ad-hoc wireless connection. If your network does not have a wireless router or access point, you should choose this option. Otherwise, you must not check this option.
Vista: Public Folder
If you want the user2 can see the schedule of user1, you tell the user1 to publish its calendar to the public folder. User2 can open the Windows Calendar.
Monday, February 18, 2008
Exchange2007:Error: Service 'MSExchangeTransport' failed to start. Check the event log for possible reasons for the service start failure.
============
When Installing Exchange 2007 SP1 into Windows 2008, the "Error: Service 'MSExchangeTransport' failed to start. Check the event log for possible reasons for the service start failure." pops up.
I did two things:
First, I set the IPv6 address for my NIC according to the online help. Restart the setup and fail again.
Second, according to Microsoft Technet, I access the registry and set the permission as follows:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
Add the computerName to the permission list and assign READ permission.
run the setup again and it works.
The transport role is installed during the permission modification because I start the setup procedure first and access the Registry a little bit later. Anyway, it works.
======
On HP DC5100 computer, I install Exchange 2007 SP1 32bit on Windows 2008 32bit without error.
I deselected the IPv6 on my NIC card properties.
======
Friday, February 15, 2008
Export messages from Windows Mail into EXCHANGE
When you access the mailbox from OUTLOOK, all old messages were gone. In this case, you can use the EXPORT Wizard of Windows Mail or Outlook Express, which has the option to export all the messages downloaded onto Exchange Server.
The best way is to configure the POP3 with option "LEAVE a Copy of messages on the server".
Wednesday, February 13, 2008
Vista: Publishing Windows Calendar and IIS
For Windows 2008, you need to download the WebDav extension.
However, I cannot publish Windows Calendar to Vista IIS, even though I install the WebDav module. After I install the WebDav extension for IIS 7.0, there is no WebDav authoring icon in IIS manager console. It exists in the module section.
Configuring the Vista IIS 7.0 to support WebDav
Modify the configuration file %systemroot\system32\inetsrv\config\applicationHost.config
IIS 7.0 WebDav supports Windows Authentication and HTTPS.
Run as Administrator to open the Command prompt, and
NET USE * http://localhost/
The above command will map a drive.
Even though you set the Vista IIS 7.o to support WebDav, you still cannot publish the Windows Calendar to the web site. To publish it, you must attach a SSL certificate to the Web Site. You must use the HTTPS:// to publish the Windows Calendar.
Friday, February 8, 2008
Windows Meeting Space
Make sure that Windows Firewall allows the Windows Meeting Space traffic pass through.
"Join a meeting near me" applies only to computers in the same network. For computers in different networks, you need to send an invitation.
Make sure that Distributed File Sytem Replication service is running.
Membership difference between Universal Group and Domain Local Group
You cannot add a user from VAN.COM domain even though the Enterprise Admins has the Universal scope.
However, you can add the VAN\Administrator to the built-in group VANSTUDENTS\Administrators, which has the local scope. You can add VAN\administrator user to administrators group of VANSTUDENTS domain's XP computers.
Thursday, February 7, 2008
CSVDE exports and import user accounts
OU: Students
Inside the Students Organizational Unit, I have many user accounts. I want to recreate them in my VANSTUDENTS.COM domain.
First, run:
C:\>csvde -d "ou=students,dc=van,dc=com" -f c:\out.csv
Second, open the out.csv with MS Excel and modify it by keeping only the following columns:
DN
objectClass
ou
distinguishedName
name
cn
sn
givenName
displayName
sAMAccountName
userPrincipalName
===
Replace the VAN with VANSTUDENTS
Save it
===
Import it to VANSTUDENTS.COM domain
C:\>csvde -i -f C:\out.csv
All users and organizational Unit will be created. All users have the disabled status and no password.
Create users with a script and dsadd command
Organizational Unit: Students
I will use the MS Excel spreadsheet to create the script.
Before you input the option such as -upn, format the cell as TEXT.
ROW one
CELL A1:
dsadd user
CELL B1:
="CN=" & D1 & " " & F1 & ",OU=Students,DC=VAN,DC=COM"
CELL C1:
-fn
CELL D1:
CELL E1:
-ln
CELL F1:
CELL G1:
-display
CELL H1:
=D1 & "," & F1
CELL I1:
-samid
CELL J1:
=LEFT(D1,1) & F1
CELL K1:
-upn
CELL L1:
=D1 & "." & F1 & "@van.com"
CELL M1:
-pwd
CELL N1:
=LOWER(D1)
=====
Copy the row 1 to row 2, 3, ...
input some names: D1, F1; D2,F2;D3,F3
====
Save the worksheet as a MS-DOS Text format with .bat extension.
Copy the batch file to domain controller and run it. All users will be created.
===
Tuesday, February 5, 2008
USMT: Moving the user settings and MS outlook from domain VANSTUDENTS to domain VAN
join a newXP machine to VAN.COM.
Source Computer: VANSTUDENTS domain and XP machine
C:\Program Files\USMT301>scanstate z:\Misc\order /ue:*\* /ui:vanstudents\order /i:miguser.xml /i:migapp.xml
Log messages are being sent to 'C:\Program Files\USMT301\ScanState.log'
Scanning the computer for files and settings...
Collecting files and settings for:
This Computer 'VANSTUDENTS\order' (user 1 of 1)
Saving files and settings - 2 minute(s) remaining...
ScanState has successfully collected the files and settings.
Target Computer: VAN domain and XP machine
C:\Program Files\USMT301>loadstate z:\Misc\order /ue:*\* /ui:vanstudents\order /mu:vanstudents\order:van\order /i:miguser.xml /i:migapp.xml
Log messages are being sent to 'C:\Program Files\USMT301\LoadState.log'
Scanning the computer for files and settings...
Applying files and settings -
LoadState has successfully restored the files and settings.
=====
Pay attention to the option match in both scanstate and loadstate.
When you use the /mu option with loadstate, loadstate will fail if there is a /i:migsys.xml option. That means we cannot transfer the settings of outlook express to the new XP machine in the new domain. Outlook express settings are defined in migsys.xml file.
Saturday, February 2, 2008
Exchange: mail-enabled user and mail-enabled contact
- an exchange alias
- an external e-mail address,
- but does not have a mailbox in Exchange organization.
- can log on to Active Directory and access the resources
An mail-enabled contact attributes:
- an exchange alias
- an external email address
- no mailbox in Exchange organization
- cannot log on to Active Directory
Mail-enabled Contact: Gordan Grey
Mail--enabled User: Kevin Smith
Both the mail-enabled contact and mail-enabled user share the similar E-Mail Address attribute. They have the internal email address (@itsme.com, which is my domain suffix) and an primary External email address, even though they can have many mail addresses.
Usually, mail-enabled user and contact are used for the convenience of sending email to external users from within your Exchange Organization. Your exchange organization cannot receive email for them.
By combining the mailbox and mail-enabled contact, your exchange organization can accept email and deliver it to offsite address.
[PS] E:\>New-MailContact -Name "Rommey Mitt" -ExternalEmailAddress "Rommey.Mitt@gmail.com" -Alias rMitt
[PS] E:\>New-Mailbox -Name "John McCain" -Alias JMcCain -FirstName John -LastName McCain -SamAccountName jMcCain -UserPrincipalName "John.McCain@itsme.com" -database "kmlserver\First Storage Group\Mailbox database"
Open Active Directory Users and Computers utility and locate the "John McCain" and Disable the user account;
Open Exchange Management Console and modify the John McCain mailbox's property;
When external users send email to John.McCain@itsme.com, it will be forwarded to Rommey.Mitt@gmail.com.