Mailbox Limits
Backups
Common Enhanced Status Codes
More about understanding DSNs and NDRs
Enhanced Status Codes for Delivery
Request for Comments (RFC) 1893 provides an enhanced set of status codes for Delivery Status Notification (DSN) messages. This is an extension of the coding defined in RFC 821. The error codes in RFC 821 are designed to deal with messaging, and are not as useful for DSN messages. The code specified in the “More Information” section provides a more specific, flexible system of coding for DSN messages (non-delivery reports, read and delivery receipts, and so on). The Enhanced Status Codes provide a standard mechanism for reporting mail system errors, and provide more meaningful information than the standard error codes defined in the SMTP RFC (821).
2.X.X Success
4.X.X Persistent Transient Failure
5.X.X Permanent Failure
X.1.0 Other address status
X.1.1 Bad destination mailbox address
X.1.2 Bad destination system address
X.1.3 Bad destination mailbox address syntax
X.1.4 Destination mailbox address ambiguous
X.1.5 Destination mailbox address valid
X.1.6 Mailbox has moved
X.1.7 Bad sender’s mailbox address syntax
X.1.8 Bad sender’s system address
X.2.0 Other or undefined mailbox status
X.2.1 Mailbox disabled, not accepting messages
X.2.2 Mailbox full
X.2.3 Message length exceeds administrative limit
X.2.4 Mailing list expansion problem
X.3.0 Other or undefined mail system status
X.3.1 Mail system full
X.3.2 System not accepting network messages
X.3.3 System not capable of selected features
X.3.4 Message too big for system
X.4.0 Other or undefined network or routing status
X.4.1 No answer from host
X.4.2 Bad connection
X.4.3 Routing server failure
X.4.4 Unable to route
X.4.5 Network congestion
X.4.6 Routing loop detected
X.4.7 Delivery time expired
X.5.0 Other or undefined protocol status
X.5.1 Invalid command
X.5.2 Syntax error
X.5.3 Too many recipients
X.5.4 Invalid command arguments
X.5.5 Wrong protocol version
X.6.0 Other or undefined media error
X.6.1 Media not supported
X.6.2 Conversion required and prohibited
X.6.3 Conversion required but not supported
X.6.4 Conversion with loss performed
X.6.5 Conversion failed
X.7.0 Other or undefined security status
X.7.1 Delivery not authorized, message refused
X.7.2 Mailing list expansion prohibited
X.7.3 Security conversion required but not possible
X.7.4 Security features not supported
X.7.5 Cryptographic failure
X.7.6 Cryptographic algorithm not supported
X.7.7 Message integrity failure
I noticed OAB related issue after migration from Ex2007 to EX2010 in one AD site. Migrated users were not able to download Offline Address Book. Downloading process failed with error:
Task ‘test@ficility.net’ reported error (0x801901B8) : ‘The operation failed.’
Exchange related cmdlets:
Get-WebServicesVirtualDirectory Get-OabVirtualDirectory Get-OfflineAddressBook Set-WebServicesVirtualDirectory Set-OabVirtualDirectory Set-OfflineAddressBook
Outlook check (check from end-user point of view):
When I tried to open OAB xml (https://mail.ficility.net/OAB/f050e98b-46d4-46d5-a094-3d7b4f001b8f/oab.xml) in web browser by test account, the owa was opened instead of xml file. Due to this reason IIS configuration needed to be checked.
Problem was caused by enabled http redirect on the OAB virtual directory in IIS configuration.
Related article: Troubleshooting Offline Address Book Issues in Exchange 2010
Solution: To solve this problem simply clear the http redirect on CAS servers + iisreset /noforce (Use the /noforce parameter to help prevent data loss in case the IIS services cannot be stopped within the one minute time-out period. If you are certain that it is safe to force IIS to restart, you can omit the /noforce parameter. However, be aware that you could lose data if you do not include this parameter.).
Other useful links:
The fuction Get-ExchangeDatabaseInfo has been created due to missing cmdlet like MailboxDatabaseStatistics that could be useful for report or statisticspurpose. The fuction is aimed to get more database information from disk/statistic point of view. If you are interested just copy/import the function to PS session and create (use help Get-ExchangeDatabaseInfo) a report for your organization.
– Report purpose ONLY (only “get” cmdlets).
– It supports only MS Exchange 2010 environment (AdminDisplayVersion 14*) and its Exchange Management Shell runspace.
– Processing time depends on Exchnage organization size (could spend couple of minutes). Procesing time is INCREASED by using parametr “Properties”.
Example – How to use the function:
Get-MailboxDatabaseInfo -LocalHost -Properties Get-MailboxDatabaseInfo -AllMailboxServers -Properties | Export-Csv -path C:\DbReport.csv $a = Get-MailboxDatabaseInfo -LocalHost -MailboxServer ExTest01 $a | ft reportedserver,dbname,*free* -autosize $a | ft reportedserver,log* -autosize
Example – Output for an one database:
Example – Tips for output:
More datails soon… sorry
Download: Get-ExchangeDatabaseInfo.ps1
Please use right-click and “Save as” for downloading ps1 file otherwise the link shows source code in the same window.
We can use 2 ways of DAG management in Exchange 2013. Powershell and Exchange Administration Center (Exchange Management Console is not present anymore in Exchange 2013
DAG is simple to be configured, however there are several things to consider before actual configuration:
New-DatabaseAvailabilityGroup -Name E13DAG -WitnessServer DC1 -WitnessDirectory C:FSWE13DAG1 -DatabaseAvailabilityGroupIPAddress 192.168.1.55
Add-DatabaseAvailabilityGroupServer -Identity E13DAG -MailboxServer FrontEnd1
DAG is set to automatic network configuration as default option. This means that we are not able to change any network settings for the DAG. To set DAG to manual mode we will use the following command:
Set-DatabaseAvailabilityGroup E13DAG -ManualDAGNetworkConfiguration $true
After DAG Network configuration is set to manual mode, we can create new DAG networks, assign subnets to them and then remove automatically configured networks from DAG assignment. We can specify which network to use efor clients and which for replication or keep it as default (both enabled for clients and replication)
New-DatabaseAvailabilityGroupNetwork E13DAG -Name Production Set-DatabaseAvailabilityGroupNetwork E13DAGProd -Name Production -Description Production -ReplicationEnabled $false -Subnets 192.168.1.0/24
New-DatabaseAvailabilityGroupNetwork E13DAG -Name Replication Set-DatabaseAvailabilityGroupNetwork E13DAGRepl -Name Replication -Description Replication -ReplicationEnabled $true -Subnets 192.168.10.0/24
Get-DatabaseAvailabilityGroupNetwork E13DAG* | fl
This also stays the same as it was in Exchange 2010. To activate DAC mode DAG must have more than 2 nodes! Note: The directories on WitnessServer and AlternateWitnessServer must be the same (Path, name, share)
Get-DatabaseAvailabilityGroup E13DAG | Set-DatabaseAvailabilityGroup -DatacenterActivationMode DAGOnly -AlternateWitnessDirectory c:FSWE13DAG -AlternateWitnessServer DC2
Gathering Active Manager status works as same way as in Exchange 2010: Article is https://exkb.wordpress.com/2012/09/02/exchange-2010-dag-active-manager-determinemove/
This is regular command but it is very important. There are a list of active nodes, nodes under maintenance etc. To gather this info we need to use parameter -Status.
Get-DatabaseAvailabilityGroup E13DAG -Status | fl
In next article I will describe Store differences btween Exchange 2010 and Exchange 2013
EmailFunctions module contains functions for emailing through PowerShell. Functions are
Get-OutlookRecipient, New-Email, New-HtmlBody, Send-Email (more below). The module is supported forPS 2.0, Office 2010 (Otlook, Word).
Functions are pipelined in order:
Get-Outlookrecipient | New-Email -Body (New-HtmlBody) | Send-Email
Download module: EmailFunctions.zip
Download Video: Video_EmailFunctions.rar
New-HtmlBody
Function New-HtmlBody returns string that contains data in HTML syntax. The data are generated by Word document.
The function runs Word application installed on source system (supported Office 2010).
New document ensures to compose a rich text and data via Word.
The data in HTML code are saved by pressing a button in PowerShell window from the document to temporary file.
The file is loaded and data returned to PS window with possibility to save the file on drive.
It does not support all Word functionality (able to generate HTML code only from something).
New-HtmlBody $htmlcode = New-HtmlBody New-HtmlBody -SaveFileTo "c:\temp\BodyTemp01.html"
Get-OutlookRecipient
The function (Get-OutlookRecipients) returns email addresses from Outlook application.
The purpose is simple: Get email adresses (recipients) from Outlook application (supported 2010).
Required data is possible to get from two locations: Inbox and Contacts folder.
Filters for better selection are:
– Domain (domain part of email address) – available for location Inbox and Contacts
– Company (company attribute) – available for location Contacts
– MessagesFromDate – available for location Inbox
– MessagesToDate – available for location Inbox
Get-OutlookRecipients -Location Contacts Get-OutlookRecipients -Location Contacts -Domain "com" Get-OutlookRecipients -Location Contacts -Domain "gmail.com" -Company "MS" -ExportToCsv C:\ExportContacts.Csv Get-OutlookRecipients -Location Inbox Get-OutlookRecipients -Location inbox -MessagesToDate (get-date) Get-OutlookRecipients -Location inbox -MessagesFromDate "2/5/2012 11:00:00" -MessagesToDate "2/20/2012 12:00:00" -ExportToCsv C:\ExportSenders.Csv
New-Email
The fuction New-Email can create a object of email message including also request for SMTP server based on GUI or specified parameters.
The fuction New-Email can create a object of email message. The object can be defined by GUI or parameters. You can for example specified:
– CcFromTxtFile
– BodyIsHtml
– Port
– CredentilPassword
New-Email -Gui New-Email -Recipient "ficility@gmail.com" -Subject "Hello" -body (New-HtmlBody) -BodyIsHtml -Server "smtp.gmail.com" -Port 587 -CredentilName "ficilityTest@gmail.com" -CredentilPassword "password" New-Email -Recipient "ficilityTest@gmail.com" -CcFromCsvFile "C:\EmailAddresesCsv.csv" -Subject "Hello" -Body "It is test!" -Server "smtp.gmail.com" -Port 465 -CredentilName "ficility@gmail.com" -CredentilPassword "password" | Send-Email -WebMail -ReportAsTxtToFile New-Email -Gui | Send-Email -Outlook
Send-Email
The fuction Send-Email can send a object (from New-Email) by three methods: System.Net.Mail, System.Web.Mail, Outlook.application (COM object).The fuction Send-Email can send a object (from New-Email)by following methods/switches:
– AutoDetection (automatic process – 465 means webmail namespace, port 587 means netmail namespace, no SMTP server means Outlook (with configured profile))
– Other switches mean namespaces: System.Net.Mail, System.Web.Mail, Outlook.application.
– Useful could be ReportAsTxtToFolder (automatic naming), ReportAsTxtToFile.
New-Email -Gui | Send-Email -Outlook Send-Email -NetMail -ReportAsTxtToFolder "C:\Temp" New-Email -Gui | Send-Email -AutoDetection -ReportAsTxtToFile C:\Temp\Report1.txt New-Email -Recipient "ficility@gmail.com" -Subject "Hello" -body (New-HtmlBody) -BodyIsHtml -Server "smtp.gmail.com" -Port 587 -CredentilName "ficilityTest@gmail.com" -CredentilPassword "password" | Send-Email -AutoDetection
21.1.2013
I had to change storage for one database in DAG (two nodes). I wanted to also keep the path for database file and log folder same like before.
I got a new storage available as mounted point F:\DB1 on both nodes (it needs to be on both nodes because of DAG) and had following configuration:
Get-MailboxDatabase | ft Name,LogFolderPath, EdbFilePath Name LogFolderPath EdbFilePath ---- ------------- ----------- DB01 F:\DB01 F:\DB01\DB01.edb
We can change/move database quite simple via EMC or EMS. I like PowerShell so I used Exchange Management Shell and build-in cmdlet Move-DatabasePath:
Well, I performed following steps:
Get-MailboxDatabase DB01 | fl name, ActivationPreference Name : DB01 ActivationPreference : {[ServerA, 1], [ServerB, 2]} Move-ActiveMailboxDatabase DB01 -ActivateOnServer ServerA –MountDialOverride lossless
Remove-MailboxDatabaseCopy -Identity DB01\ServerB
Move-DatabasePath -Identity DB01 -EdbFilePath F:\DB1\DB01.edb -LogFolderPath F:\DB1
Move-DatabasePath -Identity DB01 -EdbFilePath F:\DB01\DB01.edb -LogFolderPath F:\DB01 -ConfigurationOnly:$true
Add-MailboxDatabaseCopy -Identity DB01 -MailboxServer ServerB -ActivationPreference 2
Get-Service MSExchangeSearch | Stop-Service Get-Service MSExchangeSearch | Start-Service
get-mailboxserver|Get-MailboxDatabaseCopyStatus| ft -a Name Status CopyQueueLength ReplayQueueLength LastInspectedLogTime ContentIndexState ---- ------ --------------- ----------------- -------------------- ----------------- DB01\ServerA Mounted 0 0 Crawling DB03\ServerB Mounted 0 0 Crawling
Technet.microsoft.com: Move the Database Path
Social.technet.microsoft.com: Edb.irs.raw file
Cannot Activate Database Copy: Content Index Catalog Files in Failed State
Mailbox limits can be checked through cmdlet Get-MailboxStatistics
We can also calculate mailbox sizes based on a database as can be seen in article: How to Calculate Exchange 2010 Mailbox Sizes with PowerShell
Get-Mailbox -Database DB01 | Get-MailboxStatistics | ft displayname,totaldeleteditemsize,totalitemsize
Get-Mailbox -Database DB01 | Get-MailboxStatistics | %{$_.TotalItemSize.Value.ToMB()} | Measure-Object -sum -average -max -min
Quotas on mailbox/database can be checked:
Get-MailboxDatabase DB01 | fl *quota*
Get-Mailbox "TestUser" | fl *quota*
Be careful: Items in the “dumpster/recover deleted items” do not count against database limits.
Exchange Server Forums: Dumpster count towards the mailbox Quota/Size
Understanding Recoverable Items
The Recoverable Items folder contains the following subfolders:
XADM: Understanding Deleted Item Retention and Message DeletionProcess
STATUS & CLUSTER
Database status
PS C:\> Get-DatabaseAvailabilityGroup
PS C:\> Get-MailboxDatabase -Status | select Identity,MountedOnServer,ActivationPreference,MasterServerOrAvailabilityGroup,MaintenanceSchedule
Quorum check/move
PS C:\> Cluster DAG1 group
PS C:\> Cluster group "cluster group" /status
PS C:\> Cluster group "cluster group" /move
Database status through organization
PS C:\> Get-MailboxServer | Get-MailboxDatabaseCopyStatus
PS C:\> (Get-MailboxDatabase | Get-MailboxDatabaseCopyStatus | where {$_.Status -eq "Mounted"}).Count
FAILOVER & MAITENANCE
Managing Database Availability Groups
Before performing any type of software or hardware maintenance on a DAG member, you should first remove the DAG member from service by using the StartDagServerMaintenance.ps1 script (just find Exchange Scripts directory for example“D:\Exchange Server\Scripts”). This script moves all the active databases off the server and blocks active databases from moving to that server. The script also ensures that all critical DAG support functionality that may be on the server (for example, the Primary Active Manager (PAM) role) is moved to another server and blocked from moving back to the server. Specifically, the StartDagServerMaintenance.ps1 script performs the following tasks:
After the maintenance is complete and the DAG member is ready to return to service, you can use the StopDagServerMaintenance.ps1 script to take the DAG member out of maintenance mode and put it back into production. Specifically, the StopDagServerMaintenance.ps1 script performs the following tasks:
Installing Update Rollups on DAG Members:
1. PS C:\>.\StartDagServerMaintenance.ps1 –serverName MbxServer01
2. PS C:\> Restart-Computer
3. PS C:\>.\StopDagServerMaintenance.ps1 –serverName MbxServer01
4. PS C:\>.\RedistributeActiveDatabases.ps1 -DagName DAG01 –BalanceDbsByActivationPreferenc
Switchover Server
PS C:\> Move-ActiveMailboxDatabase -Server MbxServer01
PS C:\> Move-ActiveMailboxDatabase -Server MbxServer01 -ActivateOnServer MbxServer02 -MountDialOverride lossless
Switchover Active Database
PS C:\> Move-ActiveMailboxDatabase DB01 -ActivateOnServer MbxServer02 -MountDialOverride lossless
Cannot Activate Database Copy – Content Index Catalog Files in Failed State:
PS C:\> Update-MailboxDatabaseCopy "DB01\MbxServer01" –CatalogOnly
How to Reseed a Failed Mailbox Database Copy in Exchange Server 2010:
PS C:\> Suspend-MailboxDatabaseCopy -Identity "DB01\MbxServer01"
PS C:\> Update-MailboxDatabaseCopy -Identity "DB01\ MbxServer01" -DeleteExistingFiles
TEST & CHECK
MBX
PS C:\> Test-ServiceHealth
PS C:\> Test-Mailflow -TargetDatabase MbxServer02
PS C:\> Test-ReplicationHealth
CAS
You can use built-in test account or an account $cred=Get-Credential fici\admin:
You must create a test account before you can diagnose Availability service issues using the Test-OutlookWebServices cmdlet. To create the test mailbox, log on to the Exchange Server 2007 or Exchange 2010 Mailbox server. Open the Shell, and then locate the Scripts directory under the installation path on the Exchange server. For Exchange 2007, the folder is located at C:\Program Files\Microsoft\Exchange Server\Scripts, where C:\ is the directory to which you installed Exchange. For Exchange 2010, the folder is located at C:\Program Files\Microsoft\ExchangeServer\V14\Scripts, where C:\ is the directory to which you installed Exchange 2010. Run the script New-TestCasConnectivityUser.ps1. Repeat this process on each Exchange 2007 or Exchange 2010 Mailbox server that is to be tested.
Related issue solved here: Mailbox could not be created. Verify that OU (Users) exists and that password meets complexity requirements…
PS C:\> Test-ServiceHealth
PS C:\> Test-WebServicesConnectivity -MailboxCredential $cred OR Test-WebServicesConnectivity
PS C:\> Test-OwaConnectivity -MailboxCredential $cred -url "https://outlook.fici.net/owa"
PS C:\> Test-ActiveSyncConnectivity -MailboxCredential $cred -URL https://outlook.fici.net/Microsoft-Server-ActiveSync
PS C:\> Test-MAPIConnectivity
HUB
PS C:\> Test-ServiceHealth
PS C:\> Get-TransportServer|Get-Queue|fl Identity,Status,MessageCount
CHECK & REPORT
ExchangeServerPro.com provides us two great scripts for health check/report.
The feature called the Allow/Block/Quarantine list (or ABQ for short) was designed to help control of the growing number of Exchange ActiveSync-enabled devices are allowed to connect to Exchange Servers. With this feature, organizations can choose which devices (or families of devices) can connect using Exchange ActiveSync (and conversely, which are blocked or quarantined): Set-ActiveSyncOrganizationSetting
Controlling Exchange ActiveSync device access using the Allow/Block/Quarantine list
Set-ActiveSyncOrganizationSettings -DefaultAccessLevel Quarantine -AdminMailRecipients facility@gmail.com -UserMailInsert "Facility Service"
QUARANTINE MODE
Environment could have enabled Default Access Level as Quarantine. It prevents to access of all devices through the Exchange ActiveSync service before explicitly approved by the administrator.
The Device ID needs to be associated to CAS mailbox, it is the real condition for syncing. It could be achieved through Exchange Management Shell and cmdlet Set-CASmailbox.
How to allow two device IDs for a user?
Set-CASMailbox –Identity atest -ActiveSyncAllowedDeviceIDs ("Appl8801647U3NP","IMEI351996046976019") Set-CASMailbox –Identity atest -ActiveSyncAllowedDeviceIDs @{Add="Appl8801647U3NP","IMEI351996046976019"}
How to allow another device IDs and also remove old one?
Set-CASMailbox –Identity atest -ActiveSyncAllowedDeviceIDs @{Remove="Appl8801647U3NP",Add="IMEI35134667777809"}
Remove devices which last successfull sync date older than 60 days: Remove-ActiveSyncDevices.ps1
Script for granting already synced device as allowed.
When we have configured the default access level as quarantine, it means that we created new restriction and all ActiveSync users will not be able to sync their device till we allow them. PowerShell script Lock-EAS-profiles will pass through already existing ActiveSync users and allow their devices.
Please use right-click and “Save as” for downloading ps1 file otherwise the link shows source code in the same window.
But be careful: HasActivesyncDevicePartnership doesn’t reflect actually having device partnership?