Client Access Server handles all Client Requests

OWA , Outlook , Active Sync , Outlook anywhere , Everything Client request is handled by Client access server only

Will Learn Configuring these things one by one , migrating from Exchange 2003

———————–

Outlook Web App

————————

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Outlook Web App from the work pane, right click and select properties.

 

Now you can set Internal and External Url here

or

You can Use Exchange Management Shell

Set-OwaVirtualDirectory -Identity “EXCHANGE2010\owa (Default Web Site)” -ExternalUrl https://mail.careexchange.in/owa -InternalUrl https://Exchange2010.careexchange.in/owa

———————————————————————————————————————————–

If you are publishing your Outlook Web App through ISA server or TMG 2010 you need to enable additional logon methods.

Basic Authentication & Integrated Windows Authentication

or

You can use Exchange Management Shell

Set-OwaVirtualDirectory -Identity “EXCHANGE2010\owa (Default Web Site-BasicAuthentication:$True -WindowsAuthentication:$True

——————————–

Exchange Control Panel

———————————

Follow the Exact same process which was followed for Outlook web app

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Exchange Control Panel from the work pane, right click and select properties.

 

Configure your URL’s in the properties pane

or You can use Exchange Management Shell

Set-EcpVirtualDirectory -Identity “EXCHANGE2010\ecp (Default Web Site-BasicAuthentication:$True -WindowsAuthentication:$True

 

If you Enabled Basic Authentication & Integrated Windows Authentication in Outlook web app , have it configured the same for ECP (Exchange Control Panel ) virtual directory as well

 

———————————-

Configure Microsoft Server ActiveSync

————————————-

 

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Microsoft Server ActiveSync from the work pane, right click and select properties.

 

 

Configure your URL’s in the properties pane

Or You can use Exchange Management Shell

Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE2010\Microsoft-Server-ActiveSync (Default Web Site)” -InternalUrl https://Exchange2010.careexchange.in/Microsoft-Server-ActiveSync –ExternalUrl “https://mail.careexchange.in/Microsoft-Server-ActiveSync“

————————————————

Offline Address Book Distribution

————————————————

You can set Offline Address book distribution URL

 

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Offline Address Book Distribution from the work pane, right click and select properties.

 

 

Configure your URL’s in the properties pane

 

 

 

If you want to know about Polling Interval you refer this link -

http://careexchange.in/how-offline-address-books-works-in-exchange-2010/

 

or You can use Exchange Management Shell

Set-OabVirtualDirectory -Identity “EXCHANGE2010\OAB (Default Web Site)” -PollInterval 480 -InternalUrl http:// Exchange2010.careexchange.in/OAB -ExternalUrl https://mail.careexchange.in/OAB

 

—————————————-

Configure Outlook anywhere

——————————————–

 

or You can use Exchange Management Shell

Enable-OutlookAnywhere -Server ‘EXCHANGE2010′ -ExternalHostname ‘anywhere.careexchange.in’ -DefaultAuthenticationMethod ‘Basic’ -SSLOffloading $false

 

 

 

 

Great !!

 

You learnt to configure OWA , Exchange Control Panel (ECP), Active Sync , Outlook anywhere, Offline address book distribution

 

 

Regards

Satheshwaran Manoharan

Moving public folders is simple if your mail flow is fine between Exchange 2003 and Exchange 2010

Cause all the mails are replicated via Email from Exchange 2003 to Exchange 2010

To Add replica and remove Replica from PF folders you can Use

1 . ExFolders

2 . PFDAVadmin (Windows Server 2003 with .net 1.1)

3 . Scripts like AddReplicaToPFRecursive.ps1

4 . Exchange System Manager (Exchange 2003)

 

If your Public Folder Database Size is too Large I won’t recommend to use scripts because it will add replicas for all the mails

which might create a PF Storm and get your mail flow down . so use tools like Exfolders or Use Exchange System Manager and add replicas , Folder by Folder and Proceed further

 

Do some basic Checks , that your Email flow is fine between Exchange 2003 to Exchange 2010

If this works you are good to proceed

 

For Small PF Database you can go ahead and use Scripts

 

This will add replica of public folders on Exchange Server 2003 to Exchange Server 2010.

Open your Exchange Management Shell , Browse your prompt into the Scripts folder

and you can run this command

 

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\AddReplicaToPFRecursive.ps1 -TopPublicFolder “\” -ServerToAdd “Exchange2010″

 

Hold On,,,Wait for sometime. Because your PF emails are Less priority Emails it will take sometime to replicate

You can check the PF database size on both the ends and verify , It won’t be the exact same

cause the database structure is different

 

Once that completes . Dismount your PF database in your Exchange 2003 and Try to access data from your Exchange 2010 Mailbox

 

This verifies Your data has been replicated fine

 

Now you can run this script ,

CAUTION : Be cautious , Before doing this . make 100 % sure that your PF database is replicated fine to the Exchange 2010 , You can verify by turning off Exchange 2003 or Dismounting Exchange 2003 PF database

 

Once the replica is added and data has been replicated over to finish of the PF migration

we got to move the replica from Exchange 2003 to Exchange 2010.

Open your Exchange Management Shell , Browse your prompt into the Scripts folder

and you can run this command

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\MoveAllReplicas.ps1 -Server “Exchange2003″ -NewServer “Exchange2010″

 

Great !! your PF migration is done !!

One more Last Step

Moving Folder Hierarchies

You got to move this so that your Public Folders will be completely migrated to Exchange 2010

 

Open your Exchange System Manager

Right click on Exchange Administrative Group –> New –> Public Folders Container

 

Now you Can See Public Folders Container (Folders)

Expanding First Administrative Group you can see “Public Folders”

 

 

Now Click and Drag “Public Folders”  from

First Administrative Group (Folders) to Exchange Administrative Group (Folders) container

 

 

Great !!

Your PF Folders are completely migrated

 

Regards

Satheshwaran Manoharan

Refer the below link for the orginal script , and Customized it a little

http://blogs.msdn.com/b/akashb/archive/2011/07/23/creating-folder-using-ews-managed-api-1-1-from-powershell.aspx

And Please Test in your lab – Before proceeding into your live Environment

 

 

There is a a good script where we can use to create a Custom root Folder in all the Mailboxes in your environment.

 

Were we can create Custom Folders Like below for single mailbox and for all the mailboxes in Bulk

 

Prerequisites -

Download and Install in your Server

Exchange Web Services Managed API

http://www.microsoft.com/download/en/details.aspx?id=13480

——

Add the User to the “ApplicationImpersonation” Role assignment

New-managementroleassignment –Role “ApplicationImpersonation” –user administrator

 

 

 

Now you can go ahead and use the script—

Please Try for the One Mailbox – And Please Test in your lab – Before proceeding into your live Environment

 

[string]$info = “White”                # Color for informational messages
[string]$warning = “Yellow”            # Color for warning messages
[string]$error = “Red”                 # Color for error messages
[string]$LogFile = “C:\Temp\Log.txt”   # Path of the Log File

function CreateFolder($MailboxName)
{
Write-host “Creating Folder for Mailbox Name:” $MailboxName -foregroundcolor  $info
Add-Content $LogFile (“Creating Folder for Mailbox Name:” + $MailboxName)

#Change the user to Impersonate
$service.ImpersonatedUserId = new-object Microsoft.Exchange.WebServices.Data.ImpersonatedUserId([Microsoft.Exchange.WebServices.Data.ConnectingIdType]::SmtpAddress,$MailboxName);

#Create the folder object

$oFolder = new-object Microsoft.Exchange.WebServices.Data.Folder($service)
$oFolder.DisplayName = $FolderName

#Call Save to actually create the folder
$oFolder.Save([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::msgfolderroot)

Write-host “Folder Created for ” $MailboxName -foregroundcolor  $warning
Add-Content $LogFile (“Folder Created for ” + $MailboxName)

$service.ImpersonatedUserId = $null
}

#Change the name of the folder
$FolderName = “Customer Folder Name”
Import-Module -Name “C:\Program Files\Microsoft\Exchange\Web Services\1.1\Microsoft.Exchange.WebServices.dll”

$service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2010_SP1)

# Set the Credentials
$service.Credentials = new-object Microsoft.Exchange.WebServices.Data.WebCredentials(“Administrator”,”Type your Password Here”,”careexchange.in”)

# Change the URL to point to your cas server
$service.Url= new-object Uri(“https://localhost/EWS/Exchange.asmx”)

# Set $UseAutoDiscover to $true if you want to use AutoDiscover else it will use the URL set above
$UseAutoDiscover = $false
$a = get-mailbox

$a | foreach-object {
$WindowsEmailAddress = $_.WindowsEmailAddress.ToString()

#if ($UseAutoDiscover -eq $true) {
# Write-host “Autodiscovering..” -foregroundcolor $info
#$UseAutoDiscover = $false
$service.AutodiscoverUrl($WindowsEmailAddress)
#Write-host “Autodiscovering Done!” -foregroundcolor $info
# Write-host “EWS URL set to :” $service.Url -foregroundcolor $info

# }
#To catch the Exceptions generated
# trap [System.Exception]
# {
#    Write-host (“Error: ” + $_.Exception.Message) -foregroundcolor $error;
#     Add-Content $LogFile (“Error: ” + $_.Exception.Message);
#     continue;
# }
CreateFolder($WindowsEmailAddress)
}

 

 

 

 

Do the Edits Required in the Script –

****

msgfolderroot denotes the Root of the Mailbox , If you specify inbox for example it creates the folder below the inbox

****

Change your

User name – Password – Domain Name -

****

$a = get-mailbox  denotes all the mailbox

To Run for a single mailbox (use the alias)

$a = get-mailbox  “User1”

 

 

Save it a Notepad and Rename it to .ps1 file

 

And Open Power shell locate your powershell into the folder you saved the script

.\create.ps1 for example

 

Download Script -

CustomRootFolder.ps1

Great !!

You learnt how to create Custom root folders in all the mailboxes

 

Regards

Satheshwaran Manoharan

Exchange 2010 creates a self-signed SAN certificate and assigns it to the services like IMAP, POP, IIS, and SMTP.

The only drawback of this self-signed certificate is that it contains the server’s FQDN and NetBIOS names only. 

Where we get certificate errors on all the Clients where we need to install the Certificates manually on all the clients , which is a hassle and no one likes it in fact . Cause installing Certificate in mobile devices becomes more complex .

To avoid any certificate related errors and use it over the internet without any problems it is highly recommended that you request and assign a certificate from a Certification Authority that can be contacted from anywhere like VeriSign , Go Daddy etc.. .

 
To request a new certificate from a trusted CA use following format:

Step 1:

 

Requesting a Certificate , you can use shell or GUI

GUI is much user friendly

You can refer the link below to use GUI and Export the Certificate

http://careexchange.in/how-to-use-a-self-signed-certificate-in-exchange-2010/

 

 

Or

You can use Shell to Export the Request file – My Servers FQDN is Exchange2010.careexchange.in

Replace the values as per your requirement

 

Generate a Request $Data = New-ExchangeCertificate -FriendlyName ‘Exchange Cert’ -GenerateRequest -PrivateKeyExportable $true -KeySize ’2048′ -SubjectName ‘C=IN,S=”MH”,L=”PN”,O=”Exchange Messaging”,OU=”Enterprise Messaging”,CN=mail.Careexchange.in’ –DomainName ‘Exchange2010.Careexchange.in’,'mail.careexchange.in’,'careexchange.in’,'autodiscover.careexchange.in,’anywhere.careexchange.in’ -Server ‘EXCHANGE2010′

 

You need to enter this command below in order to get the request file

Export the data into a certificate request file

Set-Content -Path C:\Certreq.req -Value $Data

 

Step 2:

Use this request file for submission to the CA and download the certificate. Save the certificate to a convenient location.

 

Step 3:

Import the certificate, Give the Correct location in the command

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path “C:\Exchangecert.pfx” -Encoding byte -ReadCount 0)) -Password:(Get-Credential).password

 

You can refer the link below to use GUI to import the Certificate using “Step 22”

Use Step 23 to Assign Services like IMAP, POP, IIS, and SMTP.

http://careexchange.in/how-to-use-a-self-signed-certificate-in-exchange-2010/

 

 

Great !!

 

You learnt how to Export and Import and Configure Certificates in Exchange 2010

 

 

Regards

Satheshwaran Manoharan

Article Updated : Using a internal windows CA certificate with Exchange 2010

 

Using a Self Sign Certificate can Manage Owa alone, But Issuing a Internal Windows CA Certificate can serve all type of Clients

So will learn how to do it.

We can use a internal windows CA certificate with Exchange 2010 to avoid Cert Errors

Something which you need to know is , Using a Internal Windows CA Certificate you need to install the certificates on every machine you use and Mobile devices other wise you will end up in a certificate error in the IE

So that’s why people prefer going for a 3rd party certificate to overcome it.

In this article We Will Learn issuing a Internal Windows CA Certificate , for this to be used Externally you need to have a CNAME record in your public DNS pointing to your Public IP NAT to your CAS

First we will learn how to Export a Certificate request file from Exchange 2010 ,

Step 1:

 

Type a Friendly Name :

 

 

 

Wild Card is used if you are going to manage more URLs .For Example : *.Domain.com

 Step 2:

Assign the required Services for your Exchange , Give a Tick Mark

 

You will opt for it if you are planning for Coexistence in OWA in Exchange 2003 and Exchange 2010

 

Step 3:

You will see the collection for URL’s

 Step 4:

Fill out the Form – And set the location for the Cert Request file

 

Step 5:

Your request file would look like this

 

Open it via Notepad , because we need this content to generate a Certificate

 Step 6:

You need to have this role installed to have a  Certificate Authority , It can be DC or Exchange it self

I have done this in the Exchange itself (No Harm)

 

Step 7:

Choose : Certification authority , Certification Authority Web Enrollment

Step 8:

Choose Enterprise

 Step 9:

Choose Root CA

 

 

Step 10:

Create a new Private key

 

Step 11:

Have this Default with 2048 key Character length

Step 12:

Click Next

 

Step 13:

By Default Certificate is valid for 5 years , Don’t make any changes on it , Click next

 

Step 14:

 

Step 15: 

Now if you Open IIS manager , you will see “CertSrv”  a Virtual Directory Created ,

Use the right side column “Browse *.443(https)

 

Step 16: 

You would see a page like this , Choose Request a Certificate

Step 17:

Click on Advanced Certificate Request

 

Step 18:

Choose the Second one

Submit a certificate request by using a base-64-Encoded CMC

 Step 19:

Now Copy the  Note pad  -

Choose Template : WebServer

Step 20:

 

Choose “Base 64 encoded”

 Step 21:

Save the Certificate

 

Step 22:

Now go to your EMC

Server Configuration – Complete Pending request

 

Choose the Certificate :

 

 

Step 23:

Now Assign Services to the Certificate

 

 

Now the Server Part is ready

 

Step 24:

 

Now will learn how to install the Certificate in the Client End

 

Double Click on the Certificate

Click Install Certificate – Click Next –

 

 

Choose Personal -

 

 

 

Click Next And Import will be Successful

Now Do the Same Process

Double Click on the Certificate

Click Install Certificate – Click Next – Choose Trusted Root Certification Authorities

 

Double Click on the Certificate

Click Install Certificate – Click Next – Choose Intermediate Certification Authorities

 

Step 25:

 

Before

 

After installing the Certificate in the Client

 

 

 

Great !!

Now you learnt how to Use a internal windows CA certificate with Exchange 2010

 

 

Regards

Satheshwaran Manoharan

Default receive connector needs to be configured to receive emails from internet.

To Pretty simple to do it

Open Exchange Management Console – Server Configuration – Hub Transport

Right click on Default connector and select Properties.

 

 

Select Permissions Groups tab and check Anonymous users permissions group

Great !!

Your Server Will receive mails from Internet now (If your Firewall Points to Exchange 2010 Server)

Regards

Satheshwaran Manoharan

Moving Mailboxes are much easier. Unless we don’t get any errors (Just kidding)

so Lets start on How to do it.

Just before that. if your Mailbox size is more than 2 GB it won’t allow you to move to Exchange 2010

So for the time being you can Set Database Limits to Unlimited in Exchange 2010 Database as below

Go to Organizational  Configuration > Mailbox >  Database Management > Right click on the Database > Database Properties >Uncheck the Storage Limits as below

And Click on Apply and OK

 

You can See the mailboxes of Exchange 2003 in “Brown Color” . They are Legacy mailboxes (Exchange 2003)

or

You can See Recipient Type Details “Legacy Mailbox”

You can do in bulk , You can do a Local Move request

Browse for the Exchange 2010 Database

By Default “Skip the Mailbox” will be checked

But mostly we will have some corrupted items in Exchange 2003 mailboxes. 1 corrupted item may have the  move request failed

Caution : “Those corrupted items are not recoverable”

Now Choose “Skip the Corrupted messages”  and have value 50

If you don’t want to loose not even 1 corrupted items . you can have the default options checked

Now Move Requests have been Created

 

Now its not completed – They are Just requests

Now to See your Move Requests

You can see it Here

or You can run the Command in Exchange Management Shell

Get-Moverequest | Get-MoverequestStatistics

 

Now,

You got to Clear these move requests.

 

Unless you clear them You can’t move those mailboxes again

 

 

Now you can the Recipient Type Details and Color Changed

 

 

Great !!

Now you learnt how to move to move mailboxes from Exchange 2003 to Exchange 2010