More Coffee Anyone?

Notes from the lab and the field

Exchange 2010 Cross Forest Migration: The case of the missing User Account Attributes

Recently I encountered a situation where the client created a new active directory forest was created and all user objects were “migrated” to the new forest. The legacy forest was left intact as Exchange 2003 was not migrated. All applications and other services were migrated to the new forest while Exchange was the only service remaining in the legacy forest. The users accessed their mailboxes via an account in the legacy forest.

I was engaged by the client to design, deploy and migrate to Exchange 2010 SP1 in the new forest. Once this was all setup and configured, migrating the mailbox should be a walk in the park with the power of the Exchange Management Shell. However, in my initial review of the new and old forests, I should have checked the following with the client:

  • How were the user accounts migrated? i.e. was a tool used to migrate the accounts? If so, which tool?
  • If a tool was indeed employed, which user account attributes were migrated in the migration process?

These questions are very important especially if SIDHistory was not migrated as an attribute on the user account. Read more »

August 1, 2011 Posted by | Exchange 2010 RTM, Exchange 2010 SP1 | , | Leave a Comment

Exchange 2010 Cross-Forest (Cross-org) Client Migration Planning

After some absence, I’ve decided to get my blog running. I have a couple of ideas of what I would like to publish but that will have to wait for now. This week I’m performing a cross-forest migration for a client. After reviewing the assistance available for CLIENT – SIDE CONSIDERATIONS on the Internet, I thought I’d start publishing a list of issues I have encountered so far. It would be great if you could leave your comments so that I can update the list so that it captures a well-rounded list of scenarios and possible issues.

This is a WORK IN PROGRESS – Feel free to send me your comments.

This client has two active directory forests. Both forests have a mix of Windows 2003 and Windows 2008 R2 servers as DCs. The legacy Exchange organization has Exchange 2003 deployed, while the target organization has Exchange 2010 SP1 deployed. The client active directory accounts have already been migrated but are still accessing their mailboxes in the legacy forest / organization. The user accounts used to access the existing Exchange 2003 organization are still the old accounts in the legacy forest.

The Outlook clients deployed in this scenario are:

  • Outlook 2003
  • Outlook 2007

Here are the items I need to review: Read more »

August 1, 2011 Posted by | Exchange 2010 RTM, Exchange 2010 SP1 | 2 Comments

Vonage – Firewall

It’s been too long! This topic is slightly off the straight and narrow but I it’s worth a mention. Tonight I experienced some issues with my Vonage home telephone system. Turns out that Vonage relies on some Port Forwarding settings on the home network. My recently acquired Motorola SBG6580 had to be configured to support Vonage properly.

SYMPTOMS:

After dialing a number, the phone would not ring or make any audible sounds. The handset would show that the call is connected if the called party answers the call but they would be unable to hear the caller and the caller would be able to hear the called party.

RESOLUTION:

Here’s the port forwarding settings that allows Vonage to perform optimally:

Port 5061                                                 UDP

Port 10,000 to 20,000                      UDP

These settings instantly allowed me to make calls anywhere.

October 3, 2010 Posted by | Uncategorized | Leave a Comment

Exchange 2010 SP1 (Beta)

Exchange 2010 SP1 has gone to beta. Review the contents of Exchange SP1 at the Exchange Team’s Blog: http://msexchangeteam.com/archive/2010/04/05/454533.aspx or check the highlights at Chris and Robin’s blog: http://blog.chrislehr.com/2010/04/exchange-2010-sp1-announced.htm.

July 1, 2010 Posted by | Exchange 2010 SP1 | Leave a Comment

Exchange 2010 RTM: ActiveSync and the Personal Archive

I’ve been pretty lax lately but had an interesting question on whether or not a user can view a Personal Archive via ActiveSync. There aren’t any particular references as to whether or not this can be done. I posed the question to Jeff Guillet who was kind enough to test it immediately. The short answer: NO. See Jeff’s Post on this test here.

The official Microsoft Whitepaper on the Personal Archive (this one covers Exchange 2010 SP1) doesn’t mention any other way to access the personal archive via any other methods than Outlook Web App or Outlook 2010. See the new Personal Archive whitepaper here.

April 20, 2010 Posted by | Exchange 2010 RTM | | Leave a Comment

Exchange 2010 DAG Implementation

I was seriously considering writing a cool Exchange 2010 DAG implementation series but I just can’t justify the effort when a very good one already exists over at Shudnow’s Blog. Please see his 4 part series called “Exchange 2010 RTM DAG using Server 2008 R2″. You won’t regret it. I will update this post as I find issues with DAG that is not addressed in Shudnow’s post.

March 29, 2010 Posted by | DAG, Exchange 2010 RTM | | Leave a Comment

Upgrade Exchange 2003 Default Address Policy & Address Lists to Exchange 2010

So here’s the kicker. What are you doing with these commands and WHY? One of my pet peeves is to read information on the Internet and nobody can tell me why I need to do something in order to make it work. I don’t have the exact answer but I have a firm idea. Exchange 2007 and later uses OPATH filtering syntax as opposed to LDAP filtering syntax. This is not clearly explained here but it is a good reference and the code can be copied directly from this Technet page. These commands are for the DEFAULT address lists. Here is another link that explains custom Address Lsit conversion. I suspect that this is why the Office Filter Pack is required on Exchange 2010 servers.

I got most the guidance I need off Andy Grogan’s post over at TelnetPort25.

In order toedit an email address policy created by Exchange 2003 after installing Exchange 2010, a powershell command must be used to enable Exchange 2010 to manipulate this policy. In actuality, the Email Policies and Address Lists are converted.

[PS] C:\>Set-EmailAddressPolicy “Default Policy” -IncludedRecipients AllRecipients

In the command above, I am CONVERTING the Default Policy to Exchange 2010. It would be best to change this policy once the Exchange 2003 servers have been decommissioned or all the mail objects have been moved to Exchange 2010. Read more »

March 26, 2010 Posted by | Exchange 2010 RTM | , , | 8 Comments

External HA failover in multiple Internet facing Exchange 2010 sites

[Updated: 03/27/2010]

SCENARIO

Here’s the scenario faced at a client site. They wanted the configuration below (it was simplified to discuss failover options).

NOTE: This is a discussion around external connectivity without any form of VPN or other secure connection to the corporate network. It is purely an external client connection.

  Read more »

March 25, 2010 Posted by | DNS, Exchange 2010 RTM | , | Leave a Comment

Configuring IE Enhanced Security Configuration on Windows 2008 R2

What’s the most annoying “feature” that is enabled by default on a server? IE security. of course it’s Best Practice not to allow servers to acceess the Internet where possible. However, where servers need to access the Internet, a well – htought out strategy should be employed. I just deployed a few Windows 2008 R2 servers in my lab and thought I need to blog this as it was annoying me. Here’s a quick way to turn it off: Read more »

March 24, 2010 Posted by | Windows 2008 R2 | , | Leave a Comment

Building NLB Exchange 2010 RTM CAS / HT Servers (Hyper-V) – Part 3

NOTE: Before configuring anything after the deployment of the CAS server roles, remember that if any send or receive connectors are configured, these would supersede the configured Exchange 2003 connectors or they would take precedence over the default SMTP virtual server in Exchange 2003 if no connectors are configured at all. My recommendation would be to install the mailbox server roles and create mail databases before performing any CAS configuration tasks.

The following steps should be performed to specify the CAS Array. All this does is specify the connection point to the client. The virtual IP address of the NLB servers will be used as a connection point for MAPI clients. 

The CAS Array can be set by opening the Exchange Management Shell and typing the following command:

New-ClientAccessArray –Name “MAPI Client Connection Point” –Fqdn “Outlook.Morecoffeeany1.com” –Site “Default-First-Site-Name” Read more »

March 23, 2010 Posted by | Exchange 2010 RTM, NLB | , | 1 Comment

« Previous Entries    

Follow

Get every new post delivered to your Inbox.