My colleague made me happy when he described an easy procedure how to import Exchange cmdlets into PowerShell ISE so let me share it here.
I have just noticed an issue with Exchange 2010 based hybrid and AADSync. On-prem AD account has assigned on-prem mailbox as well as remote mailbox (Exchange Online – O365). Yes, it seems to be possible, but only technically, because mailbox functionality is broken from end-user point of view at this point.
According my investigation it was caused by wrong procedure by mailbox creation. SD created remote mailbox , ran AADSync, disabled remote mailbox, forgot to run AADSync and created on-prem mailbox immediately.
So what to do then? We have to ensure only one mailbox either in Exchange Online or Exchange On-prem so based on our needs.
I decided to keep on-prem mailbox, because it was used by affected end-user.
Well, I exported all mailbox data from remote mailbox to PST file. There are a few possibilities how to do it e.g. via Outlook or eDiscovery search. I wanted to expert all available mailbox data including dumpster so I preferred eDiscovery approach (be aware to have mailbox still enabled during that time).
When I had the PST I quickly removed remote mailbox and account from Azure AD Recycle Bin. After that I imported the PST into on-prem mailbox and ran AADsync to ensure mail user object in O365.
Hi, I had to investigate issue at Citrix side without possibility to install troubleshooting tools like Fiddler or Wireshark and I had success to find NirSoft utilities so collection of small and freeware utilities in portable form, hm I would say really nice thing…
http://www.nirsoft.net/utils/index.html
Very easy procedure how to get string array from listed items from somewhere (e.g. txt file).
Well, run PS, declare a variable like $something=” paste your lines then close it by ” and convert it into the array $something=something.split(“`n”)
Of course there are a lot of other possibilities how to declare the same array e.g. $array = @(“10.10.10.26″,”10.10.10.35″,”10.10.10.44”), but anyway the paste option is useful thing ;).
Experience with Exchange 2010 based hybrid and the following remote migration failure (move requests/test cmdlet):
PS C:\> Test-MigrationServerAvailability -ExchangeRemoteMove -RemoteServer mail.ficility.net -Credentials $GetOnpremCred
RunspaceId : 4da526a1-2d3a-4ec7-b484-c39e436c4bcc
Result : Failed
Message : The connection to the server 'mail.ficility.net' could not be completed.
ConnectionSettings :
SupportsCutover : False
ErrorDetail : Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the serve
r 'mail.ficility.net' could not be completed. ---> Microsoft.Exchange.MailboxReplicationService.Remote
TransientException: The Mailbox Replication Service could not connect to the remote server because
the remote server encountered an internal error. The call to 'https://mail.ficility.net/EWS/mrsproxy.
svc' failed. Error details: The content type text/html of the response message does not match the
content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be s
ure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the re
sponse were: '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML dir=ltr><HEAD><TITLE>The page cannot be displayed</TITLE>
<STYLE id=L_defaultr_1>A:link {
FONT: 8pt/11pt verdana; COLOR: #ff0000
}
A:visited {
FONT: 8pt/11pt verdana; COLOR: #4e4e4e
}
</STYLE>
<META content=NOINDEX name=ROBOTS>
<META http-equiv=Content-Type content="text-html; charset=UTF-8">
<META content="MSHTML 5.50.4522.1800" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<TABLE cellSpacing=5 cellPadding=3 width=410>
<TBODY>
<TR>
<TD id=L_defaultr_0 valign=middle align=left width=360>
<H1 id=L_defaultr_2 style="FONT: 13pt/15pt verdana; COLOR: #000000"><ID id=L_defaultr_3><!--
Problem-->The page cannot be displayed
</ID></H1></TD></TR>
<TR>
<TD width=400 colSpan=2><FONT id=L_defaultr_4
style="FONT: 8pt/11pt verdana; COLOR: #000000"><ID id=L_defaultr_5><B>Explanation: </B>There
is a problem with the page you are trying to reach and it cannot be displayed.</ID></FONT></TD></
TR>
<TR>
'. --> The remote server returned an error: (500) Internal Server Error.. --> The content type
text/html of the response message does not match the content type of the binding (application/soap
+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is
implemented properly. The first 1024 bytes of the response were: '<!DOCTYPE HTML PUBLIC "-//W3C//
DTD HTML 4.0 Transitional//EN">
<HTML dir=ltr><HEAD><TITLE>The page cannot be displayed</TITLE>
<STYLE id=L_defaultr_1>A:link {
FONT: 8pt/11pt verdana; COLOR: #ff0000
}
A:visited {
FONT: 8pt/11pt verdana; COLOR: #4e4e4e
}
</STYLE>
<META content=NOINDEX name=ROBOTS>
<META http-equiv=Content-Type content="text-html; charset=UTF-8">
<META content="MSHTML 5.50.4522.1800" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<TABLE cellSpacing=5 cellPadding=3 width=410>
<TBODY>
<TR>
<TD id=L_defaultr_0 valign=middle align=left width=360>
<H1 id=L_defaultr_2 style="FONT: 13pt/15pt verdana; COLOR: #000000"><ID id=L_defaultr_3><!--
Problem-->The page cannot be displayed
</ID></H1></TD></TR>
<TR>
<TD width=400 colSpan=2><FONT id=L_defaultr_4
style="FONT: 8pt/11pt verdana; COLOR: #000000"><ID id=L_defaultr_5><B>Explanation: </B>There
is a problem with the page you are trying to reach and it cannot be displayed.</ID></FONT></TD></
TR>
<TR>
'. --> The remote server returned an error: (500) Internal Server Error. ---> Microsoft.Exchang
e.MailboxReplicationService.RemoteTransientException: The call to 'https://mail.ficility.net/EWS/mrspr
oxy.svc' failed. Error details: The content type text/html of the response message does not match
the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder,
be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of th
e response were: '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML dir=ltr><HEAD><TITLE>The page cannot be displayed</TITLE>
<STYLE id=L_defaultr_1>A:link {
FONT: 8pt/11pt verdana; COLOR: #ff0000
}
A:visited {
FONT: 8pt/11pt verdana; COLOR: #4e4e4e
}
</STYLE>
<META content=NOINDEX name=ROBOTS>
<META http-equiv=Content-Type content="text-html; charset=UTF-8">
<META content="MSHTML 5.50.4522.1800" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<TABLE cellSpacing=5 cellPadding=3 width=410>
<TBODY>
<TR>
<TD id=L_defaultr_0 valign=middle align=left width=360>
<H1 id=L_defaultr_2 style="FONT: 13pt/15pt verdana; COLOR: #000000"><ID id=L_defaultr_3><!--
Problem-->The page cannot be displayed
</ID></H1></TD></TR>
<TR>
<TD width=400 colSpan=2><FONT id=L_defaultr_4
style="FONT: 8pt/11pt verdana; COLOR: #000000"><ID id=L_defaultr_5><B>Explanation: </B>There
is a problem with the page you are trying to reach and it cannot be displayed.</ID></FONT></TD></
TR>
<TR>
'. --> The remote server returned an error: (500) Internal Server Error.. ---> Microsoft.Exchan
ge.MailboxReplicationService.RemotePermanentException: The content type text/html of the response
message does not match the content type of the binding (application/soap+xml; charset=utf-8). If u
sing a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The
first 1024 bytes of the response were: '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional/
/EN">
<HTML dir=ltr><HEAD><TITLE>The page cannot be displayed</TITLE>
<STYLE id=L_defaultr_1>A:link {
FONT: 8pt/11pt verdana; COLOR: #ff0000
}
A:visited {
FONT: 8pt/11pt verdana; COLOR: #4e4e4e
}
</STYLE>
<META content=NOINDEX name=ROBOTS>
<META http-equiv=Content-Type content="text-html; charset=UTF-8">
<META content="MSHTML 5.50.4522.1800" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<TABLE cellSpacing=5 cellPadding=3 width=410>
<TBODY>
<TR>
<TD id=L_defaultr_0 valign=middle align=left width=360>
<H1 id=L_defaultr_2 style="FONT: 13pt/15pt verdana; COLOR: #000000"><ID id=L_defaultr_3><!--
Problem-->The page cannot be displayed
</ID></H1></TD></TR>
<TR>
<TD width=400 colSpan=2><FONT id=L_defaultr_4
style="FONT: 8pt/11pt verdana; COLOR: #000000"><ID id=L_defaultr_5><B>Explanation: </B>There
is a problem with the page you are trying to reach and it cannot be displayed.</ID></FONT></TD></
TR>
<TR>
'. ---> Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: The remote serve
r returned an error: (500) Internal Server Error.
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
at Microsoft.Exchange.MailboxReplicationService.MailboxReplicationServiceFault.<>c__DisplayClas
s1.<ReconstructAndThrow>b__0()
at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(Action operation)
at Microsoft.Exchange.MailboxReplicationService.MailboxReplicationServiceFault.ReconstructAndTh
row(String serverName, VersionInformation serverVersion)
at Microsoft.Exchange.MailboxReplicationService.WcfClientWithFaultHandling`2.<>c__DisplayClass1
.<CallService>b__0()
at Microsoft.Exchange.Net.WcfClientBase`1.CallService(Action serviceCall, String context)
at Microsoft.Exchange.Migration.MigrationExchangeProxyRpcClient.CanConnectToMrsProxy(Fqdn serve
rName, Guid mbxGuid, NetworkCredential credentials, LocalizedException& error)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Migration.DataAccessLayer.ExchangeRemoteMoveEndpoint.VerifyConnectivity()
at Microsoft.Exchange.Management.Migration.TestMigrationServerAvailability.InternalProcessEndpo
int(Boolean fromAutoDiscover)
IsValid : True
Identity :
ObjectState : New
Reason:
Mail.ficility.net pointed to TMG with enabled custom web security filter.
TMG:
The filter disabled and then:
PS C:\> Test-MigrationServerAvailability -ExchangeRemoteMove -RemoteServer mail.ficility.net -Credentials $GetOnpremCred RunspaceId : 0e75133c-e53f-4dec-86cb-f87eb68bbf5c Result : Success Message : ConnectionSettings : <ExchangeConnectionSettings HasAdminPrivilege="True" HasAutodiscovery="False" HasMrsProxy="True" A utodiscoverUrl="" IncomingEmailAddress="" IncomingRPCProxyServer="mail.ficility.net" IncomingExchangeS erver="mail.ficility.net" IncomingNSPIServer="" IncomingDomain="europe" IncomingUserName="x98490" Encr yptedIncomingPassword="AAAAAQXEWAAEEC2a321JsEZNpm0sI75meOsGCWCGSAFlAwQCAQYJYIZIAWUDBAIBBglghkgBZQM EAQIEIH0n3HnypPK+ASyxgq4uJEXHwgGP7SSaO0gnsudrdL+wBBCEzLR+aCScgC21Yo5AUc3eIEBhgAiNca5RquKktuEWNqZZc 4oJHPOZXfz6RRUrYMZaWd5M/XPUawKeIdj10bPj/W0xvzt5R2hsHyYsj1wd4dLq" IncomingAuthentication="Basic" Se rverVersion="" TargetDomainName="" SourceMailboxLegDn="" PublicFolderDatabaseServerLegacyDN="" /> SupportsCutover : False ErrorDetail : IsValid : True Identity : ObjectState : New
An ExRAAP scanning detected this issue “The read I/O operations latency is greater than expected for an Exchange database” with an advice I started to monitor related performance counters according to post Analysing Exchange Server 2010 Jetstress BLG Files By Hand which contains also the following table:
Time to time I needed to check read I/O operations without a Data Collector Set, but I did not want to have the counter list/settings dependent on particular server (i.e. the server below hosts mailbox database MDB01 or MDB05 but not MDB02 and I want to have counters for all of them and I do not mind that some counter will not work).
Well, I saved the settings from the server into HTML file and modify its content for 18 databases.
After that I could check the latency by pasting the same counter list on any server.
You can use administrator audit logging in Microsoft Exchange Server to record actions taken by a user or administrator that make changes in your organization. By keeping a log of the changes, you can trace a change to the person who made it. You can also augment your change logs with detailed records of the change as it was implemented, use the records to comply with regulatory requirements and requests for discovery, and so on…. [source].
Yes, yes, the auditing is very useful. But I wanted to show you how could look a cmdlet statistic for a month:
PS C:\> Search-AdminAuditLog -StartDate $(get-date).addMonths(-1) -ResultSize 100000 -IsSuccess $true|select CmdletName| group CmdletName|sort count -Descending|ft count,name -a Count Name ----- ---- 12318 Set-MailboxFolderPermission 12307 Set-CalendarProcessing 8752 Set-MailboxAutoReplyConfiguration 5860 Set-Mailbox 678 Add-MailboxFolderPermission 645 Set-User 174 Add-DistributionGroupMember 163 Add-MailboxPermission 126 Remove-DistributionGroupMember 98 Remove-MailboxFolderPermission 89 Add-ADPermission 84 Remove-MailboxPermission 71 Enable-Mailbox 26 Set-InboxRule 24 Set-DistributionGroup 18 Clean-MailboxDatabase 16 Remove-ADPermission 16 Remove-Mailbox 16 Set-CASMailbox 8 New-MailContact 6 Remove-ActiveSyncDevice 6 Disable-Mailbox 5 Remove-MailContact 4 New-DistributionGroup 3 New-InboxRule 2 Remove-AcceptedDomain 2 Enable-DistributionGroup 2 Set-SendConnector 1 Update-Recipient 1 New-MoveRequest 1 Update-MovedMailbox 1 Add-PublicFolderClientPermission 1 New-SendConnector 1 Remove-DistributionGroup 1 New-MailboxSearch 1 Disable-InboxRule 1 Remove-InboxRule
Note: Cmdlets that begin with the verb Test, Get and Search aren’t logged by default.
