DNS useful sites

https://dnschecker.org/

Check propagation of DNS updates/Troubleshoot external DNS site/entries.

http://www.dnsqueries.com/en/dns_lookup.php

Another lookup site.

Using “Dig” command

Googles Toolbox – Dig 

Google’s Toolbox – MX

Google’s Flush DNS record

Microsoft Troubleshooting Remote Connectivity Checker

 

 

Advertisements

HOW TO TEST SMTP OPERATIONS USING TELNET

How to test SMTP operations using Telnet

  1. Telnet into Exchange server hosting IMS service using TCP port 25.
    Command is telnet <servername> 25
  2. Turn on local echo on your telnet client so that you can see what you are typing.
    On Win 9x and NT 3.5/4.0 Telnet client this done by selecting the “preferences” from the “terminal” pull down menu, and checking the local echo radio button.  For Windows 2000 telnet client, issue command “set local_echo”, from the telnet command prompt.
  3. Issue the following smtp command sequence

helo <your domain name><enter>
response should be as follows
250 OK

mail from: <your Email Address><enter>
response should be as follows
250 OK – mail from <your Email address>

rcpt to: <recipient address><enter>
response should be as follows
250 OK – Recipient <recipient address>

data<enter>
response should be as follows
354 Send data.  End with CRLF.CRLF

To: <recipient’s display name><enter>
From: <your display name><enter>
Subject: <Subject field of Email message><enter>
<Enter you body text><enter><enter> . <enter>
response should be as follows
250 OK

quit<enter>

Next Versions of Exchange, SharePoint Coming 2015

Next Versions of Exchange, SharePoint Coming 2015

The next releases of Microsoft’s Exchange Server and SharePoint Server products will not arrive until next year.

Jeff Teper, Microsoft’s corporate vice president of the Office Service and Servers group, made the announcement on Monday. Microsoft’s current server releases are Exchange Server 2013 and SharePoint Server 2013, both of which were updated with Service Pack 1 last week.

Teper said nothing about the next Office release. However, veteran Microsoft watcher Mary Jo Foley has speculated that the next Office product also will appear in 2015.

The expectation that new server products might be released in 2014 comes from Microsoft’s new accelerated release cycle. The company now tends to release new server and operating system software products on an annual basis, instead of once every three years. Typically, the releases are “cloud first,” which means that updates arrive faster to Office 365 hosted solutions (Exchange Online, Lync Online and SharePoint Online) than they do to Microsoft’s server products installed on premises.

Most organizations are still typically running servers on premises, rather than tapping Microsoft’s Office 365 cloud services. While Microsoft showed off some collaboration technology benefits for Office 365 services at its SharePoint Conference in Las Vegas on Monday, Teper admitted that users of SharePoint Server would see a lag in getting access to some of those features.

“We’ll also continue to support hybrid deployments spanning both cloud and on premises technologies including expanded search and line-of business access,” Teper wrote. “Our server releases will include some, but not all, of the experience you saw today due to the computational power and integrated aspects that only come with Office 365.”

Teper pointed to the addition of SP1 for SharePoint Server 2013 as enabling hybrid networks in organizations. The service pack enables OneDrive for Business or Yammer, which are applications hosted by Microsoft, to run alongside premises-based SharePoint Server 2013, he contended.

Microsoft early on positioned Yammer as the eventual replacement for SharePoint’s Newsfeed enterprise social networking feature. Jared Spataro, Microsoft’s general manager of Enterprise Social, reiterated that notion on Monday.

“My guidance has been clear and consistent: Go Yammer!,” Spataro wrote in a blog post. “While we’re committed to another on-premises release of SharePoint Server — and we’ll maintain its social capabilities — we don’t plan on adding new features. Our investments in social will be focused on Yammer and Office 365, so that we can innovate quickly and take advantage of the viral user adoption that is so important to the natural network effect that makes social so powerful.”

Spataro noted that there are large numbers of organizations still running premises-based SharePoint Server deployments. However, he claimed Microsoft would make it easy for them to run hybrid networks to tap cloud-based social networking capabilities.

Microsoft officials keep pointing to SP1 for SharePoint Server 2013 as facilitating such hybrid network approaches. The details seem yet to come.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Exchange 2010 Server – Clients constantly prompting to Authenticate (Repost)

Exchange 2010 Server – Clients constantly prompting to Authenticate

There are MANY different causes to this issue (especially troubleshooting client-side) but the main thing to check server side is on the IIS settings on the CAS servers.  I had to make sure Basic and Windows auth was enabled on each of the following Virtual Directories: Autodiscover, EWS, OAB, and RPC.

The strange thing was the Exchange Server reset the RPC folder Windows Auth to “disabled” after a few minutes. I found many posts that seem to point to an Exchange Managment Shell command that will prevent this from happening, and it worked for me (so far it hasn’t reset since I ran the command).  The command is this:

Get-OutlookAnywhere | Set-OutlookAnywhere -IISAuthenticationMethods:basic,ntlm

This is posted all over but it took a while to actually find references to this particular command would help prevent the RPC folder from resetting.  Makes sense when you think about it, as even if you change the settings in IIS Exchange didn’t really know that so you also need to tell Exchange that these auth settings are allowed on the folder.

Exchange 2010 Certificate errors

Exchange 2010 Certificate cant complete pending request

Open certificate store (certmgr.msc) – if you have tried to complete the pending certificate request then you should find the certificate from you CA is installed but doesn’t have an association with the private key generated by the request (hence the request is still considered to be pending). Open the the certificate from the CA and on the details tab find the thumbprint field and copy it to your clipboard (CTRL-C).

Now run the following command from a command prompt:
certutil -repairstore My “<thumbprint>”

Refresh your view of the certificate store and hopefully your cert is now associated with its private key! Likewise Exchange will now list the certificate and allow you to assign services to it.

Error message when Outlook tries to connect to a server by using an RPC connection or an HTTPS connection: “There is a problem with the proxy server’s security certificate”

Launching Outlook returns one of the following messages.

  • There is a problem with the proxy server’s security certificate, %s. Outlook is unable to connect to this server. (%s)
  • There is a problem with the proxy server’s security certificate, %s. The name on the security certificate is invalid or does not match the name of the site. Outlook is unable to connect to this server. (%s)
  • There is a problem with the proxy server’s security certificate, %s. The security certificate is not from a trusted certifying authority. Outlook is unabletoconnect tothis server.(%s)”
  • There is a problem with the proxy server’s security certificate. The name on the security certificate is invalid or does not match the name of the target site outlook.office365.com. Outlook is unable to connect to the proxy server (Error Code 0)

Refer to the following Microsoft KB article

KB923575

The articles resolution is directly from the KB article from Microsoft.

Method 1: Examine the certificate

Use this method if you receive either error message 1 or error message 2. Examine the certificate. Then, contact your system administrator to resolve this issue.

To examine the certificate, follow these steps:

  1. In Microsoft Internet Explorer, connect to the RPC server or to the secure server. For example, type https://www.server_name.com/rpc in the Address bar of the Web browser, and then press ENTER.

    Note The server_name placeholder references the RPC server name or the secure server name.

  2. Double-click the padlock icon that is located in the lower-right corner of the Web browser.
  3. Click the Details tab.
  4. Note the information in the following fields:
    • Valid to
      The Valid to field indicates the date until which the certificate is valid.
    • Subject
      The data in the Subject field should match the site name.

Method 2: Install the trusted root certificate

Use this method if you receive error message 3. To install the trusted root certificate, follow these steps:

  1. Click Install Certificate when you are prompted with the Certificate dialog box.
  2. Click Next.
  3. Click to select the Place all certificate in the following store check box.
  4. Click Browse.
  5. Click Trusted Root Certification Authorities, and then click OK.
  6. Click Next.
  7. Click Finish.
  8. Click OK.

Method 3: Disable the third-party add-in or the third-party browser add-in

Use this method to disable the third-party add-in or third-party browser add-in if you receive error message 4.

Disable third-party add-ins

  1. Start Outlook in safe mode to help isolate the issue. To do this, click Start, click Run, type outlook.exe /safe, and then click OK.

    If Outlook successfully starts in safe mode, the issue that you’re experiencing may be caused by a third-party add-in.

  2. Check for third-party COM add-ins and disable them. To do this, follow these steps:
  1. On the File menu, click Options, and then click Add-Ins.
  2. In the Manage box, click COM Add-ins, and then click Go.
  3. Click to clear the check box next to the third-party add-ins that you want to disable.
  4. Restart Outlook.

For more info, see the “Step 6: Start Outlook in safe mode” section of the following Microsoft Knowledge Base article:

2632425

(http://support.microsoft.com/kb/2632425)

How to troubleshoot crashes in Outlook 2010 and Outlook 2013

Disable third-party browser add-ins

Outlook uses Internet Explorer settings for HTTP requests. If a third-party browser add-in is causing this issue, disable it in Internet Explorer. For steps on how to do this, see the “Disable add-ons in Internet Explorer” section of the following Microsoft Knowledge Base article:

956196

(https://support.microsoft.com/kb/956196/ )

“Internet Explorer cannot display the webpage” error

Item Recovery in Exchange 2010

Author: Ross Smith IV

A while back, I blogged about the mechanics of the Single Item Recovery features included in Exchange 2010. In this post, I discuss how you can utilize this functionality to recover accidentally or maliciously deleted items.

Essentially there are two steps:

  1. Search – Determining the location of the missing items.
  2. Recovery – Retrieving the missing items.

Remember, in order to discover and recover the data, each mailbox needs to have Single Item Recovery enabled prior to the accidental purge event. Therefore, we recommend enabling Single Item Recovery for mailboxes as part of the Exchange 2010 upgrade process.

The Scenario

Ross sent his administrative assistant, Julie, a message regarding his upcoming trip to Seattle, specifically requesting Julie to book his itinerary. Unfortunately, before she could work on Ross’ request, Julie shift-deleted the message while cleaning out her mailbox. Like most users, Julie has done this before and is familiar with the Recover Deleted Items capability within Outlook. However, this time, Julie made the mistake of clicking the delete button for the message in question instead of clicking the recover button. Panicking, Julie calls Help Desk to request recovery of the item.

Step 1: Search

The help desk ticket results in a workflow process that is performed by an IT administrator who has necessary rights to perform searches (in this scenario, the Help Desk technician’s user account has been delegated the Discovery Management role).

Note: By default, no accounts have the ability to perform mailbox searches. You can either create a custom role group to allow an administrator to search only a subset of mailboxes, or add the administrator to the Discovery Management built-in role group (which allows them to search all mailboxes in the Exchange organization) by using the following command:
Add-RoleGroupMember “Discovery Management” -Member <user account>

The Help Desk technician has two choices for performing discovery, and the choice will depend on the target user’s client access license (CAL):

  1. If the users included in the search have Standard CALs, the Help Desk technician can only use the Search-Mailbox cmdlet.
  2. If the users included in the search have Enterprise CALs, the Help Desk technician can also use the New-MailboxSearch cmdlet, or the Multi-Mailbox Searchfeature in the Exchange Control Panel (ECP).

In Julie’s case, she provided the Help Desk technician with the following information:

  • The message was sent from her boss.
  • The message contains the word “Seattle”.

Searching messages by using Search-Mailbox

When a mailbox with a Standard CAL will be searched, the Search-Mailbox cmdlet will be used. The Search-Mailbox cmdlet requires the following information:

  • The mailbox to be searched
  • The search query criteria
  • The mailbox and folder where the results will be placed
  1. Knowing this information, the Help Desk technician executes the following command from the Shell:

    Search-Mailbox sec -SearchQuery “from:’boss’ AND seattle” -TargetMailbox “Discovery Search Mailbox” -TargetFolder “Secretary Recovery” -LogLevel Full

    Note: Search-Mailbox does not allow the target mailbox to be the same as the source mailbox. Search-Mailbox does allow you to be very specific in your search criteria. Besides scoping the search with the SearchQuery parameter using Advanced Query Syntax (AQS), in Exchange 2010 SP1 you can also use theSearchDumpsterOnly switch to search only items in the dumpster.

    The Help Desk technician receives the following output:

    RunspaceId : fb25cadf-a63f-4e88-8567-cb4ae1b30ade
    Identity : corp.contoso.com/Users/Secretary
    TargetMailbox : corp.contoso.com/Users/DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7E09334BB852}
    TargetPSTFile :
    Success : True
    TargetFolder : Secretary RecoverySecretary-4/14/2010 6:28:33 AM
    ResultItemsCount : 1
    ResultItemsSize : 1.577 KB (1,615 bytes)

  2. The Help Desk technician then logs into OWA and opens the Discovery Search Mailbox via the Open Other Mailbox option:

    Note: The OWA and ECP screenshots are from Exchange 2010 SP1. These are preliminary screen shots from pre-Beta software that are subject to change before the final release of SP1.

  3. The Help Desk technician navigates the folder structure within the Discovery Search Mailbox and verifies that he has recovered the item in question:

Searching messages by using Multi-Mailbox Search

When a mailbox with an Enterprise CAL will be searched, the administrator can use the Multi-Mailbox Search feature in the Exchange Control Panel. The Help Desk technician takes the following steps:

  1. He launches the Exchange Control Panel via https://mail.contoso.com/ecp and logs on using his credentials.
  2. From the Options drop-down, he selects Manage My Organization.
  3. He clicks on Service Level and selects the Mailbox Searches applet.
  4. He clicks New to create a new search request which requires at least the following information:
    1. The search query criteria
    2. The mailbox to be searched
    3. The mailbox and folder where the results will be placed
  5. When the results are obtained, he can either click on the [Open] link in the Mailbox Searches Results pane, or open the Discovery Search Mailbox via the Open Other Mailbox option from within OWA.
  6. He navigates the folder structure within the Discovery Search Mailbox and verifies that he has recovered the item in question:

Step 2: Recovery

At this point the Search phase is complete and the Recovery phase begins. There are two options for how to recover and return the item back to the user and it depends on the version of Exchange 2010 you have deployed:

  1. If you are running Exchange 2010 RTM or later, you can utilize the Search-Mailbox cmdlet to restore the item back to the user.
  2. If you are running Exchange 2010 SP1, you can utilize the PST import and export cmdlets to restore the item back to the user.

Search-Mailbox Recovery Process

  1. The Help Desk technician executes the following command from the Shell:

    Search-Mailbox “Discovery Search Mailbox” -SearchQuery “from:’boss’ AND seattle” -TargetMailbox sec -TargetFolder “Recovered by HelpDesk” -LogLevel Full -DeleteContent

    He receives the following output:

    RunspaceId : fb25cadf-a63f-4e88-8567-cb4ae1b30ade
    Identity : corp.contoso.com/Users/DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7E09334BB852}
    TargetMailbox : corp.contoso.com/Users/Secretary
    TargetPSTFile :
    Success : True
    TargetFolder : Recovered by HelpDeskDiscovery Search Mailbox-4/14/2010 6:32:49 AM
    ResultItemsCount : 1
    ResultItemsSize : 1.577 KB (1,615 bytes)

  2. He notifies Julie that the item is recovered. Julie logs into her mailbox and verifies she has the correct item:

It’s important to note that due to the two-step process involved with Search-Mailbox (copying the results to the Discovery Mailbox and then copying the results back to the user’s mailbox) the hierarchy is same for the end user – the root of the Discovery Search Mailbox, as well as the folder target that was used to place the item in the Discovery Search Mailbox, are both visible.

PST Export/Import Recovery Process

Exchange 2010 SP1 includes infrastructure that allows administrators to perform bulk import and export of PST files without requiring the installation of the Outlook client. This infrastructure, supported by the cmdlets *-MailboxImportRequest and *-MailboxExportRequest, leverages the Mailbox Replication Service and the framework that exists for moving mailboxes between databases (see Understanding Move Requests for more information).

To use this functionality, two prerequisites must be met:

  1. The person performing the import or export must have the appropriate permissions within Exchange. By default, no RBAC role group provides this functionality. To grant the ability for a help desk administrator, compliance officer, or Exchange administrator to perform bulk import/export capabilities against all mailboxes, the following commands must be executed:

    New-RoleGroup “Mailbox Import-Export Management” -Roles “Mailbox Import Export”
    Add-RoleGroupMember “Mailbox Import-Export Management” -Member <user account>

    The first command creates a new role group that grants access to the *-MailboxImportRequest and *-MailboxExportRequest cmdlets. The second command adds a user to the role group.

  2. The Exchange Trusted Subsystem security group must have Full Control/Owner permissions on the file share that will be used to temporarily store the PST files.

In this scenario, the Help Desk technician is a member of the Mailbox Import-Export Management role group and thus can utilize the Import and Export cmdlets. The Help Desk technician:

  1. Runs the following command from the Shell to export the recovered data from the Discovery Search Mailbox to a PST file:

    New-MailboxExportRequest -Mailbox “Discovery Search Mailbox” -FilePath “exchsvrHelpDeskPstSecretaryRecovery.pst” -ContentFilter {Subject -eq “april travel plans”} -SourceRootFolder “Secretary Recovery”

  2. Runs the following command from the Shell to import the recovered data into Julie’s mailbox:

    New-MailboxImportRequest -Mailbox sec -FilePath “exchsvrHelpDeskPstSecretaryRecovery.pst” -TargetRootFolder “Recovered By HelpDesk”

  3. Notifies Julie that the item is recovered.

At this point, Julie logs into her mailbox and verifies she has the correct item:

Conclusion

Exchange 2010 provides you the means to ensure data is not deleted from the system prior to the expiration of its deleted item retention. In the event that a message is accidentally or maliciously purged from the user’s dumpster, it can be easily recovered and restored using built-in tools.

Ross Smith IV

Exchange Powershell commands that I use

Exchange PShell

Basic Cmdlets
Get-Mailbox
Lists mailboxes

Get-MailboxStatistics <Mailbox>
Details statistics of a particular mailbox

Get-Mailbox -OrganizationalUnit <OU name>

Get-Mailbox | Set-Mailbox -prohibitsendquota 500MB
String together 2 cmdlets sets prohibitsendquota to 500MB in all mailboxes

get-mailbox -OrganizationalUnit MIS | Set-mailbox -prohibitSendQuota 500MB

Get-MailboxDatabaseCopyStatus
This command gives the status of all databases on all mailbox servers.

Test-ReplicationHealth
This command run set of tests to test the replication health

Update-Recipient -Identity “Madeleine lastname”
Issue with move request

get-messagetrackinglog -start “02/14/2012 12:01 AM” -end “02/14/2012 11:59 PM” -recipients

Export DL group membership
Get-DistributionGroupMember -identity “testdl” | Export-Csv C:MyFile.Csv

Export inbox to .pst file for archiving – AD membership to domainnameMailbox Support required
New-MailboxExportRequest –Mailbox EXAMPLE –FilePath exchangeserverPSTFilesexample.pst
Get-MailboxExportRequest

Remove-MailboxExportRequest

Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest

To allow user to send on a the behalf of distribution group,
Set-DistributionGroup “Wellness Team” -GrantSendOnBehalfTo cleffler, jporto
You must specify all users IDs that need the rights in one command Example: cleffer, jporto with that command.

New-DynamicDistributionGroup -Name GI_Staff -OrganizationalUnit domainname/domainname -RecipientFilter { ((RecipientType -eq ‘UserMailbox’) -and(Office -eq ‘St. Louis Gastroenterology’) -and (-not(title -eq ‘Physician’))) }

New-DynamicDistributionGroup -Name GI_Doctors -OrganizationalUnit domainname/name -RecipientFilter { ((RecipientType -eq ‘UserMailbox’) -and(Office -eq ‘St. Louis Gastroenterology’) -and(title -eq ‘Physician’)) }

Change location of Dynamic group to the proper OU in users and computers.