Exchange Server 2010

Using PowerShell to Remove Phishing Emails from User Mailboxes on an Exchange Server

You’ve all seen those phishing emails that occasionally get past your spam filters and you all also know that no matter how many times you tell users not to open those suspicious emails and click on links contained in them, users are ultimately gullible so sometimes you have to take matters into your own hands and protect them from themselves. Here’s an example of a recent phishing email that I’ve seen:

Insane PowerShell One-Liner to Return the Name of Users with Quarantined Mailboxes in Exchange 2010

Have you ever had any mailboxes on your Exchange 2010 server marked as being quarantined? According to this TechNet article, Exchange will isolate or quarantine any mailboxes that it detects as being poisoned. That TechNet article goes on to tell you how you can drill down in the registry on the Exchange Server to locate the GUID of the quarantined mailboxes. I don’t know about you but using the GUI to dig around in the registry is not what I call fun so I decided to use PowerShell to accomplish that task.

How to Install the Exchange 2010 Management Tools on Windows 8 RTM

This is definitely unsupported so be sure to read the disclaimer on the right side of this blog before continuing. Read this blog article completely before attempting this process. You’ve just reloaded your work computer with Windows 8 RTM that you downloaded from MSDN or TechNet and you need to install the Exchange Server 2010 Management Tools so you can manage your Exchange server without having to log into it whether it be with the GUI orwith PowerShell.

Unable to Grant Domain Local Groups Full Access Permission to a Exchange 2010 Mailbox using the GUI

John Doe is a user in your Active Directory environment (Windows Server 2008 R2 Forest Function Level) with a mailbox on the email server (Exchange Server 2010 with SP2): You want to grant a domain local group named “Test Group” the full access permission to John Doe’s mailbox: You attempt to grant this permission by selecting “Manage Full Access Permission” from the Exchange 2010 Management Console: When you click add and search for the group, it doesn’t appear:

PowerShell Script to Return a List of Mailbox Size for All Users

On several occasions, I’ve been asked to provide a report of mailbox sizes and number of items in a mailbox to a few of my customers who are running either Exchange Server 2007 or 2010. Like most of my blogs, this blog is as much documentation for myself as anything else. That way when I need to provide another one of these reports again in a few months, I’m not trying to figure out how I previously accomplished the task.

Typical Installation of Exchange Server 2010

This blog will walk you through the steps of a typical Exchange Server 2010 Installation. Be sure to follow the instructions in my Installation of Exchange Server 2010 Prerequisites blog. By having completed the steps in that previous blog article, you can jump right into Step 3: Select the appropriate option. In the example below, I chose “Install only languages from the DVD”: Click on the link for Step 4:

Installation of Exchange Server 2010 Prerequisites

It has been about six months since I transitioned one of my customers from Exchange Server 2007 to 2010 and I’ve found myself saying “How did I do that?” so I decided to write a blog about the process this time since I’m transitioning another customer. In the following example, a server named email which is running the Windows Server 2008 R2 operating system has been added to the Active Directory domain and all of the available windows updates have already been installed.

Communication Issues between Exchange Servers

Recently while transitioning one of my customers from Exchange 2007 to Exchange 2010, I experienced issues trying to replicate public folders between the servers. This was due to a larger mail flow communications problem between the two servers where mail between them was queuing up and never being delivered. To determine if you are experiencing this particular issue or not, use the Queue Viewer which is located in the toolbox section of the “Exchange Management Console”.

Exchange 2010 Implementation Tip for Antivirus

Prior to implementing Exchange Server 2010, check with your current Antivirus vendor to validate their product is supported on Exchange 2010. The messaging agent component of Trend Micro Worry-Free Business Security Advanced 6.0 will not install and is not supported on a server running Exchange 2010. WFBS Advanced 7.0 will fully support Exchange 2010 and is scheduled to be released in the fourth quarter of 2010. Trend Micro is current providing their WFBS Advanced customers with a temporary license for their SMEX 10.

Exchange 2010 Implementation Tip for Backup Exec 2010 Users

You should plan to move your Backup Exec 2010 Media Server to 64bit before implementing Exchange Server 2010. A Backup Exec 2010 Media Server that is running a 32bit operating system is unable to backup an Exchange 2010 Information Store. This is because Microsoft does not support 32bit Exchange Management Tools for Exchange 2010. Here’s the error message you’ll receive if you attempt to backup an Exchange 2010 Information Store with a 32bit Backup Exec 2010 Media Server:

Mailbox Move Failure on Exchange 2010

You’ve attempted to move mailboxes to your new Exchange 2010 server and you receive the following error: _Active Directory operation failed on This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 The user has insufficient access rights. Exchange Management Shell command attempted: ' user' | New-MoveRequest-TargetDatabase 'Mailbox Database 1' Subsequent attempts to move the mailbox result in the following error: _The queue in ‘Mailbox Database 1’ database already contains a move request for ‘Test User’, while AD reports the mailbox as not being moved.

Change OWA Logon Format to UPN on Exchange 2007/2010

To change the logon screen of your OWA website to ask for the user principal name (UPN) or email address instead of “Domainuser name”, change the following to “User principal name (UPN)”. To access this screen, from within Exchange Management Console, go to “Server Configuration>Client Access”, right click the OWA website listed under the “Outlook Web App” tab, select properties, and click the “Authentication” tab: Before: After: µ

Get-OWAVirtualDirectory Access is Denied on Exchange 2010

When attempting to open “Server Configuration>Client Access” from the Exchange Management Console, you receive the following error: _An IIS directory entry couldn’t be created. The error message is Access is denied. HResult = -2147024891 It was running the command ‘Get-OwaVirtualDirectory’. _ Running the command listed in the error in the Exchange Management Shell gives you some additional information: To resolve this issue, add the “domainExchange Trusted Subsystem” group to the local administrators group of all of your exchange servers_.