Blog Archives

Configuring Client Access Server Role migrating from Exchange 2003 to Exchange 2010

Client Access Server handles all Client Requests

OWA , Outlook , Active Sync , Outlook anywhere , Everything Client request is handled by Client access server only

Will Learn Configuring these things one by one , migrating from Exchange 2003

———————–

Outlook Web App

————————

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Outlook Web App from the work pane, right click and select properties.

image

 

Now you can set Internal and External Url here

image

or

You can Use Exchange Management Shell

Set-OwaVirtualDirectory -Identity “EXCHANGE2010\owa (Default Web Site)” -ExternalUrl https://mail.careexchange.in/owa -InternalUrl https://Exchange2010.careexchange.in/owa

———————————————————————————————————————————–

If you are publishing your Outlook Web App through ISA server or TMG 2010 you need to enable additional logon methods.

Basic Authentication & Integrated Windows Authentication

image

or

You can use Exchange Management Shell

Set-OwaVirtualDirectory -Identity “EXCHANGE2010\owa (Default Web Site-BasicAuthentication:$True -WindowsAuthentication:$True

——————————–

Exchange Control Panel

———————————

Follow the Exact same process which was followed for Outlook web app

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Exchange Control Panel from the work pane, right click and select properties.

image

 

Configure your URL’s in the properties pane

image

or You can use Exchange Management Shell

Set-EcpVirtualDirectory -Identity “EXCHANGE2010\ecp (Default Web Site-BasicAuthentication:$True -WindowsAuthentication:$True

 

If you Enabled Basic Authentication & Integrated Windows Authentication in Outlook web app , have it configured the same for ECP (Exchange Control Panel ) virtual directory as well

image

 

———————————-

Configure Microsoft Server ActiveSync

————————————-

 

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Microsoft Server ActiveSync from the work pane, right click and select properties.

 

image

 

Configure your URL’s in the properties pane

image

Or You can use Exchange Management Shell

Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE2010\Microsoft-Server-ActiveSync (Default Web Site)” -InternalUrl https://Exchange2010.careexchange.in/Microsoft-Server-ActiveSync –ExternalUrl “https://mail.careexchange.in/Microsoft-Server-ActiveSync

————————————————

Offline Address Book Distribution

————————————————

You can set Offline Address book distribution URL

 

Open EMC, locate and expand Server Configuration in navigation pane.
? Select Client Access from the list.
? In the result pane select the Exchange 2010 server name.
? Select Offline Address Book Distribution from the work pane, right click and select properties.

 

image

 

Configure your URL’s in the properties pane

 

image 

 

If you want to know about Polling Interval you refer this link -

http://careexchange.in/how-offline-address-books-works-in-exchange-2010/

 

or You can use Exchange Management Shell

Set-OabVirtualDirectory -Identity “EXCHANGE2010\OAB (Default Web Site)” -PollInterval 480 -InternalUrl http:// Exchange2010.careexchange.in/OAB -ExternalUrl https://mail.careexchange.in/OAB

 

—————————————-

Configure Outlook anywhere

——————————————–

image

image

 

or You can use Exchange Management Shell

Enable-OutlookAnywhere -Server ‘EXCHANGE2010′ -ExternalHostname ‘anywhere.careexchange.in’ -DefaultAuthenticationMethod ‘Basic’ -SSLOffloading $false

 

 

 

 

Great !!

 

You learnt to configure OWA , Exchange Control Panel (ECP), Active Sync , Outlook anywhere, Offline address book distribution

 

 

Regards

Satheshwaran Manoharan

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

LinkedIn Google+ Skype 

Moving Public Folders from Exchange 2003 to Exchange 2010

Moving public folders is simple if your mail flow is fine between Exchange 2003 and Exchange 2010

Cause all the mails are replicated via Email from Exchange 2003 to Exchange 2010

To Add replica and remove Replica from PF folders you can Use

1 . ExFolders

2 . PFDAVadmin (Windows Server 2003 with .net 1.1)

3 . Scripts like AddReplicaToPFRecursive.ps1

4 . Exchange System Manager (Exchange 2003)

 

If your Public Folder Database Size is too Large I won’t recommend to use scripts because it will add replicas for all the mails

which might create a PF Storm and get your mail flow down . so use tools like Exfolders or Use Exchange System Manager and add replicas , Folder by Folder and Proceed further

 

Do some basic Checks , that your Email flow is fine between Exchange 2003 to Exchange 2010

If this works you are good to proceed

 

For Small PF Database you can go ahead and use Scripts

 

This will add replica of public folders on Exchange Server 2003 to Exchange Server 2010.

Open your Exchange Management Shell , Browse your prompt into the Scripts folder

and you can run this command

 

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\AddReplicaToPFRecursive.ps1 -TopPublicFolder “\” -ServerToAdd “Exchange2010″

 

Hold On,,,Wait for sometime. Because your PF emails are Less priority Emails it will take sometime to replicate

You can check the PF database size on both the ends and verify , It won’t be the exact same

cause the database structure is different

 

Once that completes . Dismount your PF database in your Exchange 2003 and Try to access data from your Exchange 2010 Mailbox

 

This verifies Your data has been replicated fine

 

Now you can run this script ,

CAUTION : Be cautious , Before doing this . make 100 % sure that your PF database is replicated fine to the Exchange 2010 , You can verify by turning off Exchange 2003 or Dismounting Exchange 2003 PF database

 

Once the replica is added and data has been replicated over to finish of the PF migration

we got to move the replica from Exchange 2003 to Exchange 2010.

Open your Exchange Management Shell , Browse your prompt into the Scripts folder

and you can run this command

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\MoveAllReplicas.ps1 -Server “Exchange2003″ -NewServer “Exchange2010″

 

Great !! your PF migration is done !!

One more Last Step

Moving Folder Hierarchies

You got to move this so that your Public Folders will be completely migrated to Exchange 2010

 

Open your Exchange System Manager

Right click on Exchange Administrative Group –> New –> Public Folders Container

image

 

Now you Can See Public Folders Container (Folders)

Expanding First Administrative Group you can see “Public Folders”

 

image

 

Now Click and Drag “Public Folders”  from

First Administrative Group (Folders) to Exchange Administrative Group (Folders) container

 

image

 

Great !!

Your PF Folders are completely migrated

 

Regards

Satheshwaran Manoharan

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

LinkedIn Google+ Skype 

Create a Custom root Folder in all the Mailboxes (Bulk) in Exchange 2010

Refer the below link for the orginal script , and Customized it a little

http://blogs.msdn.com/b/akashb/archive/2011/07/23/creating-folder-using-ews-managed-api-1-1-from-powershell.aspx

And Please Test in your lab – Before proceeding into your live Environment

 

 

There is a a good script where we can use to create a Custom root Folder in all the Mailboxes in your environment.

 

Were we can create Custom Folders Like below for single mailbox and for all the mailboxes in Bulk

image

 

Prerequisites -

Download and Install in your Server

Exchange Web Services Managed API

http://www.microsoft.com/download/en/details.aspx?id=13480

——

Add the User to the “ApplicationImpersonation” Role assignment

New-managementroleassignment –Role “ApplicationImpersonation” –user administrator

 

image

 

 

Now you can go ahead and use the script—

Please Try for the One Mailbox – And Please Test in your lab – Before proceeding into your live Environment

 

[string]$info = “White”                # Color for informational messages
[string]$warning = “Yellow”            # Color for warning messages
[string]$error = “Red”                 # Color for error messages
[string]$LogFile = “C:\Temp\Log.txt”   # Path of the Log File

function CreateFolder($MailboxName)
{
Write-host “Creating Folder for Mailbox Name:” $MailboxName -foregroundcolor  $info
Add-Content $LogFile (“Creating Folder for Mailbox Name:” + $MailboxName)

#Change the user to Impersonate
$service.ImpersonatedUserId = new-object Microsoft.Exchange.WebServices.Data.ImpersonatedUserId([Microsoft.Exchange.WebServices.Data.ConnectingIdType]::SmtpAddress,$MailboxName);

#Create the folder object

$oFolder = new-object Microsoft.Exchange.WebServices.Data.Folder($service)
$oFolder.DisplayName = $FolderName

#Call Save to actually create the folder
$oFolder.Save([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::msgfolderroot)

Write-host “Folder Created for ” $MailboxName -foregroundcolor  $warning
Add-Content $LogFile (“Folder Created for ” + $MailboxName)

$service.ImpersonatedUserId = $null
}

#Change the name of the folder
$FolderName = “Customer Folder Name
Import-Module -Name “C:\Program Files\Microsoft\Exchange\Web Services\1.1\Microsoft.Exchange.WebServices.dll”

$service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2010_SP1)

# Set the Credentials
$service.Credentials = new-object Microsoft.Exchange.WebServices.Data.WebCredentials(“Administrator”,”Type your Password Here”,”careexchange.in”)

# Change the URL to point to your cas server
$service.Url= new-object Uri(“https://localhost/EWS/Exchange.asmx”)

# Set $UseAutoDiscover to $true if you want to use AutoDiscover else it will use the URL set above
$UseAutoDiscover = $false
$a = get-mailbox

$a | foreach-object {
$WindowsEmailAddress = $_.WindowsEmailAddress.ToString()

#if ($UseAutoDiscover -eq $true) {
# Write-host “Autodiscovering..” -foregroundcolor $info
#$UseAutoDiscover = $false
$service.AutodiscoverUrl($WindowsEmailAddress)
#Write-host “Autodiscovering Done!” -foregroundcolor $info
# Write-host “EWS URL set to :” $service.Url -foregroundcolor $info

# }
#To catch the Exceptions generated
# trap [System.Exception]
# {
#    Write-host (“Error: ” + $_.Exception.Message) -foregroundcolor $error;
#     Add-Content $LogFile (“Error: ” + $_.Exception.Message);
#     continue;
# }
CreateFolder($WindowsEmailAddress)
}

 

 

 

 

Do the Edits Required in the Script –

****

msgfolderroot denotes the Root of the Mailbox , If you specify inbox for example it creates the folder below the inbox

****

Change your

User name – Password – Domain Name -

****

$a = get-mailbox  denotes all the mailbox

To Run for a single mailbox (use the alias)

$a = get-mailbox  “User1”

 

 

Save it a Notepad and Rename it to .ps1 file

 

And Open Power shell locate your powershell into the folder you saved the script

.\create.ps1 for example

image

 

Download Script -

CustomRootFolder.ps1

Great !!

You learnt how to create Custom root folders in all the mailboxes

 

Regards

Satheshwaran Manoharan

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

LinkedIn Google+ Skype 

Configuring 3rd Party Exchange Certificate in Exchange 2010

Exchange 2010 creates a self-signed SAN certificate and assigns it to the services like IMAP, POP, IIS, and SMTP.

The only drawback of this self-signed certificate is that it contains the server’s FQDN and NetBIOS names only. 

Where we get certificate errors on all the Clients where we need to install the Certificates manually on all the clients , which is a hassle and no one likes it in fact . Cause installing Certificate in mobile devices becomes more complex .

To avoid any certificate related errors and use it over the internet without any problems it is highly recommended that you request and assign a certificate from a Certification Authority that can be contacted from anywhere like VeriSign , Go Daddy etc.. .

 
To request a new certificate from a trusted CA use following format:

Step 1:

 

Requesting a Certificate , you can use shell or GUI

GUI is much user friendly

You can refer the link below to use GUI and Export the Certificate

http://careexchange.in/how-to-use-a-self-signed-certificate-in-exchange-2010/

 

 

Or

You can use Shell to Export the Request file – My Servers FQDN is Exchange2010.careexchange.in

Replace the values as per your requirement

 

Generate a Request $Data = New-ExchangeCertificate -FriendlyName ‘Exchange Cert’ -GenerateRequest -PrivateKeyExportable $true -KeySize ’2048′ -SubjectName ‘C=IN,S=”MH”,L=”PN”,O=”Exchange Messaging”,OU=”Enterprise Messaging”,CN=mail.Careexchange.in’ –DomainName ‘Exchange2010.Careexchange.in’,'mail.careexchange.in’,'careexchange.in’,'autodiscover.careexchange.in,’anywhere.careexchange.in’ -Server ‘EXCHANGE2010′

 

You need to enter this command below in order to get the request file

Export the data into a certificate request file

Set-Content -Path C:\Certreq.req -Value $Data

 

Step 2:

Use this request file for submission to the CA and download the certificate. Save the certificate to a convenient location.

 

Step 3:

Import the certificate, Give the Correct location in the command

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path “C:\Exchangecert.pfx” -Encoding byte -ReadCount 0)) -Password:(Get-Credential).password

 

You can refer the link below to use GUI to import the Certificate using “Step 22”

Use Step 23 to Assign Services like IMAP, POP, IIS, and SMTP.

http://careexchange.in/how-to-use-a-self-signed-certificate-in-exchange-2010/

 

 

Great !!

 

You learnt how to Export and Import and Configure Certificates in Exchange 2010

 

 

Regards

Satheshwaran Manoharan

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

LinkedIn Google+ Skype 

How to Use a Self Signed Certificate in Exchange 2010

Article Updated : Using a internal windows CA certificate with Exchange 2010

 

Using a Self Sign Certificate can Manage Owa alone, But Issuing a Internal Windows CA Certificate can serve all type of Clients

So will learn how to do it.

We can use a internal windows CA certificate with Exchange 2010 to avoid Cert Errors

Something which you need to know is , Using a Internal Windows CA Certificate you need to install the certificates on every machine you use and Mobile devices other wise you will end up in a certificate error in the IE

So that’s why people prefer going for a 3rd party certificate to overcome it.

In this article We Will Learn issuing a Internal Windows CA Certificate , for this to be used Externally you need to have a CNAME record in your public DNS pointing to your Public IP NAT to your CAS

First we will learn how to Export a Certificate request file from Exchange 2010 ,

Step 1:

image

 

Type a Friendly Name :

 

image

 

 

Wild Card is used if you are going to manage more URLs .For Example : *.Domain.com

image

Step 2:

Assign the required Services for your Exchange , Give a Tick Mark

image

 

You will opt for it if you are planning for Coexistence in OWA in Exchange 2003 and Exchange 2010

image

Step 3:

You will see the collection for URL’s

image

Step 4:

Fill out the Form – And set the location for the Cert Request file

image

 

image

Step 5:

Your request file would look like this

 

image

Open it via Notepad , because we need this content to generate a Certificate

image

Step 6:

You need to have this role installed to have a  Certificate Authority , It can be DC or Exchange it self

I have done this in the Exchange itself (No Harm)

image

 

Step 7:

Choose : Certification authority , Certification Authority Web Enrollment

image

Step 8:

Choose Enterprise

image

Step 9:

Choose Root CA

image

 

 

Step 10:

Create a new Private key

image

 

Step 11:

Have this Default with 2048 key Character length

image

Step 12:

Click Next

image

 

Step 13:

By Default Certificate is valid for 5 years , Don’t make any changes on it , Click next

image

 

Step 14:

 

image

Step 15:

Now if you Open IIS manager , you will see “CertSrv”  a Virtual Directory Created ,

Use the right side column “Browse *.443(https)

image

 

Step 16:

You would see a page like this , Choose Request a Certificate

image

Step 17:

Click on Advanced Certificate Request

image

 

Step 18:

Choose the Second one

Submit a certificate request by using a base-64-Encoded CMC

image

Step 19:

Now Copy the  Note pad  -

Choose Template : WebServer

NOTE _ BELOW SCREEN SHOT _ CHOOSE TEMPLATE _ WEB SERVER

image

Step 20:

Choose “Base 64 encoded”

image

Step 21:

Save the Certificate

image image

Step 22:

Now go to your EMC

Server Configuration – Complete Pending request

image

 

Choose the Certificate :

 

image

 

Step 23:

Now Assign Services to the Certificate

image

 

 

image

Now the Server Part is ready

Step 24:

Now will learn how to install the Certificate in the Client End

Double Click on the Certificate

Click Install Certificate – Click Next –

image

 

Choose Personal -

 

image

 

Click Next And Import will be Successful

Now Do the Same Process

Double Click on the Certificate

Click Install Certificate – Click Next – Choose Trusted Root Certification Authorities

image

Double Click on the Certificate

Click Install Certificate – Click Next – Choose Intermediate Certification Authorities

image

 

Step 25:

Before

image

 

After installing the Certificate in the Client

image

 

 

 

Great !!

Now you learnt how to Use a internal windows CA certificate with Exchange 2010

 

 

Regards

Satheshwaran Manoharan

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

LinkedIn Google+ Skype 

Configure Receive Connector in Exchange 2010

Default receive connector needs to be configured to receive emails from internet.

To Pretty simple to do it

Open Exchange Management Console – Server Configuration – Hub Transport

Right click on Default connector and select Properties.

 

 

Select Permissions Groups tab and check Anonymous users permissions group

Great !!

Your Server Will receive mails from Internet now (If your Firewall Points to Exchange 2010 Server)

Regards

Satheshwaran Manoharan

Satheshwaran Manoharan

Exchange MVP , Publisher of CareExchange.in
I have been supporting/Deploying/Designing Microsoft Exchange for some years . If you any Questions ?. Please share you thoughts via Comments.

LinkedIn Google+ Skype