Correct way to remove smtp services from certificate

June 19, 2015, 2:39 am

≫ Next: Audit Mailbox Access

≪ Previous: Address Lists Intermittently Slow to Appear in Outlook 2010 Clients

$

0

0

Hi

We have a Exchange 2013 Std single server environment. We have an external godaddy certificate already assigned to IIS & smtp services. However the server is failing a PCI scan for the reason that a selfsigned certificate is also assigned to the smtp service and this certificate is being returned in favour of the real certificate. In the Exchange web console the services for the self signed certificate are greyed out and cannot be unticked. What is the correct way for removing these services. The self signed certificates that have these services bound are:

Microsoft Exchange

Microsoft Exchange Server Auth Certificate.

I'm assuming that these certificates need to be retained for other aspects of exchange 2013 to work.

Thanks

---

Audit Mailbox Access

June 22, 2015, 7:21 am

≫ Next: I want to reject message from a DG's email ID but allow messages from its members

≪ Previous: Correct way to remove smtp services from certificate

$

0

0

Hi,

Exchange 2010/2013

I need to know how to enable event log to track mailbox access success/failure by not owner user.

I don't need if delegated user send mail, delete mail and soon but only butonlywhether or not acceess to other mailboxes.

I know the command set-mailbox -auditenabled $true and search-mailboxAuditLog but I need an event ID item.

Thanks a lot.

Mauro

I want to reject message from a DG's email ID but allow messages from its members

June 28, 2015, 8:20 am

≫ Next: outlook disconnected from exchange 2013 several times

≪ Previous: Audit Mailbox Access

$

0

0

Hi 

I have a situation to configure my company owner's mailbox to reject message from a HR dept Distribution group.For that I configuredReject message from under mailflow settings and added the Distribution group alias and saved. It was working fine but the problem is none of that  DG's member can send email to this particular recipient. So I am in trouble and need to reject message from the DG's email ID but allow messages from its members

Please help me to fix it

Thanks

---

Technical Support Samaco Group

outlook disconnected from exchange 2013 several times

June 28, 2015, 4:58 am

≫ Next: Remove Public Folder with heading \ as name

≪ Previous: I want to reject message from a DG's email ID but allow messages from its members

$

0

0

Hi 

we have Exchange server 2013 and suddenly found the outlook disconnected and going to < trying to connect to Microsoft exchange> 

i check all databases its mounted and fine , after this I monitor mail server IP using ping  and found there are 2 request time out in less than an hour 

is this may cause the problem ?

incise if i want to check all services its working fine what shall i check 

---

Mahmoud

Remove Public Folder with heading \ as name

July 1, 2015, 6:50 am

≫ Next: Error on Event Viewer "Event ID 12014"

≪ Previous: outlook disconnected from exchange 2013 several times

$

0

0

A Public Folder was accedently created as \bad folder\name and now can't do anything with it.

Get-PublicFolder -GetChildren|?{$_.Name -Like '\*'}

PowerShell line above works to find it, but trying to delete with Remove-PublicFolder or rename with Set-PublicFolder to get rid of the bad folder result in error about incorrect format of PublicFolderIdParameter. I've tried to use Exchange Online tenant as OrganizationName without effect.
If trying to use Outlook as client to do anything with it gives the behavior as not being owner of folder (grayed out delete/rename option, missing tabs in properties).

Get-PublicFolder -GetChildren | Remove-PublicFolder
Get-PublicFolder -GetChildren|?{$_.name -like '\*'} | % {Set-PublicFolder $_.identity -Name 'crap'}

Cannot process argument transformation on parameter 'Identity'. Cannot convert value "?\bad folder\name" to type "Microsoft.Exchange.Configuration.Tasks.PublicFolderIdParameter". Error: "The value provided for parameter"?\bad folder\name" isn't in the correct format. The correct format is "<OrganizationName>\\<FolderPath>"."
                                + CategoryInfo          : InvalidData: (:) [Set-PublicFolder], ParameterBindin...mationException
                                + FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-PublicFolder
                                + PSComputerName        : outlook.office365.com

Error on Event Viewer "Event ID 12014"

July 2, 2015, 12:24 pm

≫ Next: EAC Timeout Value

≪ Previous: Remove Public Folder with heading \ as name

$

0

0

Hi folks!

How Are you?

Today, looking the event viewer i saw the following error: Microsoft Exchange could not find a certificate that contains the domain name mail.tjmsp.jus.br in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Externo with a FQDN parameter of mail.tjmsp.jus.br. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

How can I solve this error??

I run "Get-ExchangeCertificate |FL" CMDLet and i got the following result:

---

Atenciosamente Julio Araujo

EAC Timeout Value

June 29, 2015, 7:03 am

≫ Next: Exchnge Server 2007 Rule creation for all users

≪ Previous: Error on Event Viewer "Event ID 12014"

$

0

0

We have set our public timeout value for the OWA virtual directory to 15 minutes. We were wondering if there is a separate place to create a timeout value for only the EAC page so it was longer.

Thanks.

Exchnge Server 2007 Rule creation for all users

June 29, 2015, 12:33 am

≫ Next: Troubleshooting NDR's to inboundproxy@contoso.com

≪ Previous: EAC Timeout Value

$

0

0

Dear all,

We are in process of changing email ID's of all users in our organization.

Any one can help us to set auto email rule on exchange server for all users  for respond to sender.

for example:-my email id is niraj.dave@xyz.com  and my new email id is niraj.dave@abc.com  I want set rule on exchange server if any one send me the email it should auto replay that my emails address is change and new email address is this. I required to configure same configuration for all mailboxes in exchanges server.

Regards

Niraj Dave

---

Troubleshooting NDR's to inboundproxy@contoso.com

June 26, 2015, 2:48 am

≫ Next: The name on the security certificate is invalid.

≪ Previous: Exchnge Server 2007 Rule creation for all users

$

0

0

Exchange server is sending NDR's to inboundproxy@contoso.com so I was troubleshooting this issue and found out that probe definition is using wrong domain name to send probe e-mails to health mailboxes.

<ExtensionAttributes><WorkContext><SmtpServer>127.0.0.1</SmtpServer><Port>25</Port><HeloD
                              omain>InboundProxyProbe</HeloDomain><MailFrom Username="inboundproxy@contoso.com"
                              /><MailTo Select="All"
                              Username="HealthMailboxXXXXXXXXXX@something.something.com" /><Data
                              AddAttributions="false">X-Exchange-Probe-Drop-Message:FrontEnd-CAT-250
                              Subject:Inbound proxy probe</Data><ExpectedConnectionLostPoint>None</ExpectedConnectionLo
                              stPoint></WorkContext></ExtensionAttributes>

So in my case extension attribute uses wrong recipient/username Username="HealthMailboxXXXXXXXXXX@something.something.com"

This had to do with some domain changes we had in the past.
So I could create global override but as we have like 10 mailboxes I would have to create global override 10 times.
I could also add additional smtp address for every health mailbox but I do not want to do that as maybe I will have to recreate those mailboxes again.

Name                                                            ItemType
----                                                            --------
OnPremisesInboundProxy_10                                          Probe
OnPremisesInboundProxy_9                                           Probe
OnPremisesInboundProxy_8                                           Probe
OnPremisesInboundProxy_7                                           Probe
OnPremisesInboundProxy_6                                           Probe
OnPremisesInboundProxy_5                                           Probe
OnPremisesInboundProxy_4                                           Probe
OnPremisesInboundProxy_3                                           Probe
OnPremisesInboundProxy_2                                           Probe
OnPremisesInboundProxy                                             Probe

Is there a way to recreate the probe definitions as I am hoping that after re-creation of the probes the correct e-mail with correct domain would be generated?

If possible, how to do that?

The name on the security certificate is invalid.

June 27, 2015, 2:10 pm

≫ Next: WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network

≪ Previous: Troubleshooting NDR's to inboundproxy@contoso.com

$

0

0

I'm getting errors in the Outlook 2010 and 2013 client stating

"The name on the security certificate is invalid or does not match the name of the site.

The SSL certificate was created by GoDaddy and it appears to be correct.  remote.xxxx.org.  I have been reading posts for hours and still have not found one with the resolution that I understand.

In virtual directories should the Internal and external URL be the same?

Can someone point me in the right direction?  Where should I be looking?  I have other 2013 Exchange servers with SSL certificates that are not having this issue.  I appreciate any help!

---

Bonnie Whalon

WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network

December 15, 2014, 4:45 pm

≫ Next: Room Mailbox Permissions

≪ Previous: The name on the security certificate is invalid.

$

0

0

The Exchange Management Shell fails to connect in Exchange 2013 environment, this is a DAG environment and previously it indicates another error message, which is in my another thread. We fixed that error by delete the retired proxy entry in the server registry, after that the error is gone but changed to below one, anyway the EMS still fails to connect to all servers:

VERBOSE: Connecting to NSWVIP999WTMBX.air.abc.au.
New-PSSession : [NSWVIP999WTMBX.air.abc.au] Connecting to remote server NSWVIP999WTMBX.air.abc.au failed with the
following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that
the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows
access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote
computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : WinRMOperationTimeout,PSSessionOpenFailed
Failed to connect to an Exchange server in the current site.
Enter the server FQDN where you want to connect.:

Then it just show can't connect to all the exchange servers, from the wording it seems pointing to the Windows firewall settings for winRM, but when I look at the windows firewall found it's turned off. We use Sophos enterprise for the security, but all other 3 exchange servers didn't have the same issue.

Room Mailbox Permissions

June 30, 2015, 8:46 am

≫ Next: Prevent Exchange Administrators from viewing Mailbox Contents

≪ Previous: WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network

$

0

0

I have setup a new room mailbox and had a couple questions I was hoping someone could answer.

1. Is it possible to temporarily only give access to one user? Ex. A manager needs to enter all their meetings in advance before everyone else has access to the calendar.

2. Is it possible to stop taking reservations after a certain date?

Thanks

Prevent Exchange Administrators from viewing Mailbox Contents

June 26, 2015, 3:38 am

≫ Next: M.E.I.Imap4Mailbox.DetectUidCorruption

≪ Previous: Room Mailbox Permissions

$

0

0

Hi,

Is there anyway to prevent Exchange Administrators from viewing the contents of the Mailboxes?

Thanks.

M.E.I.Imap4Mailbox.DetectUidCorruption

June 4, 2015, 11:00 am

≫ Next: Is there any possibility to check who sent as from another mailbox for which this user has sand as permissions?

≪ Previous: Prevent Exchange Administrators from viewing Mailbox Contents

$

0

0

In my event log,  I see the following Error, ~ ever 30 minutes:

Watson report about to be sent for process id: 38844, with parameters: E12IIS, c-RTL-AMD64, 15.00.1044.025, M.Exchange.Imap4, M.Exchange.Imap4, M.E.I.Imap4Mailbox.DetectUidCorruption, System.NullReferenceException, 3bd8, 15.00.1044.021.

ErrorReportingEnabled: True 

It looks to me that maybe an issue with an Imap4 Client and the UID.   I've looked to either side of the message in question but I haven;t seen any indication as to which client may have the corrupted UID.

Any suggestions on how to track this error down ?

Is there any possibility to check who sent as from another mailbox for which this user has sand as permissions?

July 6, 2015, 3:52 am

≫ Next: How to restore mailbox from old exchange 2003 system(exchange 2003 server all retired)

≪ Previous: M.E.I.Imap4Mailbox.DetectUidCorruption

$

0

0

We have a few shared mailboxes with many users who can send as on them :) Is there any possibility to create a report and to see who and then send as emails as these mailboxes?

---

How to restore mailbox from old exchange 2003 system(exchange 2003 server all retired)

May 11, 2015, 7:24 pm

≫ Next: Searching for Mailbox

≪ Previous: Is there any possibility to check who sent as from another mailbox for which this user has sand as permissions?

$

0

0

Hi Exchange experts

we use exchange 2010 over 2 years, exchange 2003 servers were retired over 1 year, but now we got a request to recover a disabled mailbox in old exchange 2003 system, how to do that?

should we need build a exchange 2003 environment? 

Thanks

Bruce

Searching for Mailbox

June 29, 2015, 7:24 am

≫ Next: removing sendas permission on a mailbox for user builtin\administrators

≪ Previous: How to restore mailbox from old exchange 2003 system(exchange 2003 server all retired)

$

0

0

We have recently migrated over from 2007 to 2013. We were having problems with it asking for user credentials so we changed some certificate info and now whenever we try to setup a mailbox it says that Exchange is offline. The server is up and the store is running.   

removing sendas permission on a mailbox for user builtin\administrators

June 29, 2015, 11:17 pm

≫ Next: Exchange 2013 - EMC 2013 - View Mailbox Size With Column In EMC - How To View Mailbox Size Exchange 2013?

≪ Previous: Searching for Mailbox

$

0

0

Hi all, 

the following group builtin\administrators  has send as permission on nearly 100 user mailboxes in my org. 

i would like to revoke this 

i ran the following command to view the existing delegation permissions on the mailbox

[PS] C:\Windows\system32>Get-Mailbox  samir0884 | Get-ADPermission | Where-Object { ($_.ExtendedRights -like “*send-as*”) -and -not ($_.User -like“nt authorityself”) }

Identity             User                 Deny  Inherited
--------             ----                 ----  ---------
ho.ae.enoc.com/DU... BUILTIN\Administr... False False
ho.ae.enoc.com/DU... S-1-5-32-548         False False
ho.ae.enoc.com/DU... ENOCHO\sayed1157     False False
ho.ae.enoc.com/DU... ENOCHO\samir0884     False False

To Revoke the sendas permission for builtin\administrators i ran the below command 

[PS] C:\Windows\system32>Remove-MailboxPermission -Identity samir0884 -User builtin\administrators -AccessRights sendas -InheritanceType all

Confirm
Are you sure you want to perform this action?
Removing mailbox permission "samir0884" for user "builtin\administrators" with access rights "'SendAs'".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): y
WARNING: Can't remove the access control entry on the object "CN=DADA\, Mr. SAMIR SHIRAZ,OU=09 I&E
Maint.,OU=DUGAS,DC=ho,DC=ae,DC=enoc,DC=com" for account "BUILTIN\Administrators" because the ACE doesn't exist on the
object.
[PS] C:\Windows\system32>Remove-MailboxPermission -Identity samir0884 -User builtin\administrators -AccessRights sendas
-InheritanceType all -Deny:$True

Confirm
Are you sure you want to perform this action?
Removing mailbox permission "samir0884" for user "builtin\administrators" with access rights "'SendAs'".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): y
WARNING: Can't remove the access control entry on the object "CN=DADA\, Mr. SAMIR SHIRAZ,OU=09 I&E
Maint.,OU=DUGAS,DC=ho,DC=ae,DC=enoc,DC=com" for account "BUILTIN\Administrators" because the ACE doesn't exist on the
object.
[PS] C:\Windows\system32>Remove-MailboxPermission -Identity samir0884 -User builtin\administrators -AccessRights sendas
-InheritanceType all -Deny:$false

Confirm
Are you sure you want to perform this action?
Removing mailbox permission "samir0884" for user "builtin\administrators" with access rights "'SendAs'".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): y
WARNING: Can't remove the access control entry on the object "CN=DADA\, Mr. SAMIR SHIRAZ,OU=09 I&E
Maint.,OU=DUGAS,DC=ho,DC=ae,DC=enoc,DC=com" for account "BUILTIN\Administrators" because the ACE doesn't exist on the object.

I'm getting the samer error "ACE does not exist" despite adding -Deny$true and -Deny$false switch

I tried finding the send as permission attribute on ADSIEDIT  - cannot find this attribute

I also tried to open the EAC and check delegation feature for the mailbox = Page shows me error while trying to open this object

this happens for all the users which have builtin\administrators delegation as -sendas

Please advise who to remove this sendas permission for builtin\administrators group on 100 mailboxes that i have. 

---

tfernandes

Exchange 2013 - EMC 2013 - View Mailbox Size With Column In EMC - How To View Mailbox Size Exchange 2013?

May 28, 2014, 1:27 am

≫ Next: Microsoft.Exchange.Data.Storage.UserHasNoMailboxException

≪ Previous: removing sendas permission on a mailbox for user builtin\administrators

$

0

0

Is there a way to add a column to show each users mailbox size in the EMC for Exchange 2013 under recipients > mailboxes?

Such a simple tool would be so much easier for administrative purposes.

Microsoft.Exchange.Data.Storage.UserHasNoMailboxException

July 8, 2015, 6:33 am

≫ Next: Unable to delete user object

≪ Previous: Exchange 2013 - EMC 2013 - View Mailbox Size With Column In EMC - How To View Mailbox Size Exchange 2013?

$

0

0

I have Exchange 2013 and I have a user who cant access her mail, when she tries with a client(Outlook 2007) it keeps asking for a password and when I try to access it via the OWA I get the following error.

:-(

something went wrong

A mailbox couldn't be found for Domain\User. If the problem continues, contact your helpdesk.

X-ClientId: DJZH - YPFU - SQDP - CXRBDQ
X-OWA-Error: Microsoft.Exchange.Data.Storage.UserHasNoMailboxException
X-OWA-Version: 15.0.1044.29
X-FEServer: EXCH01
X-BEServer: EXCH02
Date: 07/08/2015 1:23:30 PM

I have search forums and cant find a solution, Any thoughts or solutions?

---

Devin Berard I.T Support Renfrew Victoria Hospital, Renfrew ON berardd@renfrewhosp.com