I am trying to restrict owa access from internet for group of users using ARR.
please suggest
↧
Restricting owa 2013 from internet for group users using ARR
↧
Maximum concurrent users that can connect to a single mailbox
Good day,
I have been researching this for a couple hours now and can't seem to find an answer. I have a client that wants a SINGLE mailbox to be connected to by 40 users.
I have been up and down the Throttling question and it appears that there are two different opinions on this:
1 Throttling is a PER MAILBOX setting
2 Throttling is a PER USER setting
So my question starts with, "Which is it?" Everything I read leads me to believe that it is PER USER, but several articles seem to blur that line.
If the answer is #2, then the question still remains, "How many discrete users can connect to a single mailbox?"
In advance I thank you for taking the time to even read this post amongst the thousands.
Have a lovely weekend.
David Radunsky International Data Consultants
↧
↧
Unable to open EMC : Initialization failed in Ex2010
Dear Expert
I have the problem in below.
but I follow this technet reference but it does not work, http://blogs.technet.com/b/whats_on_scotts_mind_today/archive/2012/12/07/exchange-2010-unable-to-open-exchange-management-console-initialization-failed.aspx#pi47623=3
please suggest.
↧
Exchange 2013 CU1 Outlook Web App LogOff with Basic or Windows Integrated Authentication
Hi all,
Exchange 2013 CU1 has a new OWA LogOff behaviour when Basic or Windows Integrated Authentication is configured. When clicking the LogOff Button you receive the message "Close All your Browser Windows.." but OWA does not sign out. This is not the case when using Formbased Authentication...
The problem in our case is the OWA publishing over the Internet via TMG. When publishing via TMG, only Basic and NTLM authentication is supported. This means you have to change the Authentication for the OWA Virtual Directory to basic or Windows Integrated. OK so far, now we can use the TMG Authentication Form. but... TMG is not able to Catch the OWA LogOff. So we will still receive "Close all your Browser Settings.." and no log out from OWA.
It is a known issue that TMG cannot catch the OWA Logoff with the Exchange 2013 CU1 Release..So my Question:Does anyone get that "Real LogOut" fixed via TMG or directly on the CAS Server for Exchange 2013 CU1?
I know another possibility is to activate Form Based Authentication on the CAS Servers and external users directly authenticate against the CAS Server without pre-authentication at TMG Level, but this of course does not provide the highest security we can have.
↧
Missing the "Microsoft Exchange Server Auth Certificate"
Hi Everyone,
I have a single Exchange box.
Was integrating my Lync and Exchange and noticed some issues after configuring my Lync pre-reqs: http://technet.microsoft.com/en-us/library/jj721919.aspx
Following the line of communication and event logs, I quickly saw that the error was not on my Lync Server, but on my Exchange. The "Microsoft Exchange Server Auth Certificate" that is created during Ex2013 install was missing. It was not there to give out tokens for the Server to Server authentication required to integrate Lync, Exchange, and Sharepoint.
Running Get-AuthConfig: http://technet.microsoft.com/en-us/library/jj215766(v=exchg.150).aspx pointed to a thumbprint that did not exist anymore.
I confirmed this by checking the local cert store (local computer>personal>certificates), looking in the ECP (servers>certificates), and also running Get-ExchangeCertificate
In my Exchange Server event log, I found the following errors:
Log Name: Application
Source: MSExchange Certificate Deployment
Date: 6/8/2014 4:00:50 AM
Event ID: 2005
Task Category: General
Level: Warning
Keywords: Classic
User: N/A
Computer: server.domain.com
Description:
Federation or Auth certificate not found: ED2C3E86EBE821AAC2C0DEA85CAB5787E2CAC5F3. Unable to find the certificate in the local or neighboring sites. Confirm that the certificate is available in your topology and if necessary, reset the certificate on the Federation Trust to a valid certificate using Set-FederationTrust or Set-AuthConfig. The certificate may take time to propagate to the local or neighboring sites.
Event Xml:
2005
3
1
0x80000000000000
2391484
Application
server.domain.com
ED2C3E86EBE821AAC2C0DEA85CAB5787E2CAC5F3
-----------------------------------------------------------------------------------------------------------------
AND
Log Name: Application
Source: MSExchange OAuth
Date: 6/8/2014 1:25:41 PM
Event ID: 2004
Task Category: Configuration
Level: Warning
Keywords: Classic
User: N/A
Computer: server.domain.com
Description:
Unable to find the certificate with thumbprint ED2C3E86EBE821AAC2C0DEA85CAB5787E2CAC5F3 in the current computer or the certificate is missing private key. The certificate is needed to sign the outgoing token.
Event Xml:
2004
3
2
0x80000000000000
2397430
Application
server.domain.com
ED2C3E86EBE821AAC2C0DEA85CAB5787E2CAC5F3
---------------------------------------------------------------------------------------------------
Googling has only produced one article that is about another issue that I would have found further down the line if I wasn't testing within the pre-reqs. The solution is the same, but the article is somewhat poorly written and does not respond to all the comments enough to leave one feeling it's 100% correct.
The broad strokes are clear:
The fix is to create a new "Microsoft Exchange Server Auth Certificate" by using the following sequence of cmdlets In EMS on the MBX server:
1. New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn= Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -Services smtp
Do not accept to replace the SMTP certificate when prompted
2. Note the thumbprint of the new certificate. Let us assume it is 7A39541F8DF58D4821967DD8F899B27410F7C081
3. $a=get-date
4. Set-AuthConfig -NewCertificateThumbprint 7A39541F8DF58D4821967DD8F899B27410F7C081 –NewCertificateEffectiveDate $a
Accept to continue despite the fact that the certificate effective date is not 48 hours into the future
5. Set-AuthConfig –PublishCertificate
6. Make sure to remove any potential reference to the previous certificate (which might not exist anymore) by doing Set-AuthConfig -ClearPreviousCertificate.
Remember to do iisreset on both CAS and MBX servers. Then finally, you can try to re-issue the New-CsPartnerApplication cmdlet.
65 Million Dollar question:
Is the syntax in part 1 correct? Two people says to add the domain? Jens responds, but it's vague. What would the correct command look like? I do not know where to add the -DomainName within the command and which name I should add? The FQDN of the CAS?
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn= Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName server.domain.com -Services smtp
Thank you everyone
↧
↧
Distribution group open with warning
In the existing environment have two AD 2012 and two Exchange 2013. Recently deploy Lync 2013.
Warning message is on Exchange Distribution Group.
Please suggest.
↧
Tasks preview gone after move BACK to 2010 environment
Let's clarify what I'm talking about first. I am TOTALLY not a client guy so please help. Open outlook 2010, see the right pane that has the calendar, tasks, maybe frequent contacts? Tasks is just empty for this user. Now if I go to the bottom left menu, select tasks, everything is there.
here's how I can re-create the issue
Move User to my New 2013 environment
Move user back to Old 2010 environment
Tasks preview is gone.
A wise man is a fool, with a good memory.
↧
Exchange 2013 SP1 DLP fingerprinting
Hello!
This page http://technet.microsoft.com/library/dn635176%28v=exchg.150%29.aspx depicts a DLP template as a document that contains some definite word pattern (The patent template contains the blank fields “Patent title,” “Inventors,” and “Description” and descriptions for each of those fields—that’s the word pattern.), and any information ADDED to this pattern will be treated as "sensitive information".
"The patent template contains the blank fields “Patent title,” “Inventors,” and “Description” and descriptions for each of those fields—that’s the word pattern. When you upload the original patent template, it’s in one of the supported file types
and in plain text. The DLP agent uses an algorithm to convert this word pattern into a document fingerprint, which is a small Unicode XML file containing a unique hash value representing the original text, and the fingerprint is saved as a data classification
in Active Directory."
For the testing purposes I uploaded this template to my Exchange (Sensitive.docx):
-----------------------------------------------------------------------------------------------
Test MAIL
From:
To:
Subject:
-----------------------------------------------------------------------------------------------
Now I can't send ANY docx file in an attachment, not only the documents derived from this template - why?
Thank you in advance,
Michael
↧
Exchange 2013 CU3 monitoring
Hello,
I'm getting several times per day the following alert in the Event Viewer of both my Mailbox Role servers which then raise an alert in SCOM 2012:
Log Name: Microsoft-Exchange-ManagedAvailability/Monitoring
Source: ManagedAvailability
Event ID: 4
Mean Scan Time has been greater than 60 seconds for the last 15 mins. Please investigate.
I'm not able to find information about what is being monitored and how to get rid of this events.
Any help appreciated.
Thank you in advance.
Raffaele Zamuner
↧
↧
mx record
i have windows server 2008 r2 ,tmg server 2010,exchange server 2010 ...all r install difrnt 2 machine my exchange server not received external emails ......................how to find where is problem nd how to check mx record if he give error how to resolve
↧
get-publicfolderstatistics in bytes
how totalitemsize can be converted into kb or byes?
SMF
↧
Exchange server 2013 showing some error on event Log ( "DCOM" and "MSExchangeMapiMailboxAppPool" )
Error : DCOM was unable to communicate with the computer ADCB.ABCD.net using any of the configured protocols; requested by PID 2bec (c:\windows\system32\inetsrv\w3wp.exe).
Error: A process serving application pool 'MSExchangeMapiMailboxAppPool' suffered a fatal communication error with the Windows Process Activation Service. The process id was '2412'. The data field contains the error number.
Please suggest
↧
Exchange "instllation account"
Hello!
After install or upgrade exchange 2013 ACL on some containers has changed accourding "Exchange 2013 Deployment Permissions Reference" (http://technet.microsoft.com/en-us/library/ee681663(v=exchg.150).aspx)
How to safety delete "installation account" without destroying exchange organization? Is it safe to delete "installation account" from ACL on Exchange containers?
I want to delete "installation accounts" and don't want to leave orphaned SID on new mailboxes.
Truly, Valery Tyurin
↧
↧
Exchange 2013's Antispam
Hi All
I have Exchange Server 2013 which has Mailbox role and Client Access role installed.
I have enabled Antispam but users still received lots of spam mails.
I checked the Quarantine mailbox and noticed that only Content Filter agent able to quarantine the mails. Other agents seems like not working well.
Is there any way to improve the Exchange's Antispam?
Thanks.
↧
Exchange 2013 - How to count number of connection to server
Hi all,
In my environment, I have 2 Exchange Server 2013 : ex01(Mailbox + Client Access Roles) , ex02(Mailbox + Client Access Roles). Database Availability Group : DAG01 including 2 members ex01 & ex02. I have 3 mailbox databases : mb01, mb02, mb03
ex01
ex02
mb01 mounted healthy
mb02 healthy mounted
mb02 healthy mounted
We have about 400 mailboxes , 300+ users online simultaneously, my users access to their mailbox by using MS Outlook, OWA, Smart phone ... How can I count number of client connection to each Exchange server ?
Each server has 16GB RAM, they always use 95%+ capacity of physical memory, we will have more users in tomorrow so I want to know if we need to extend memory.
Thanks.
↧
monitoring outlook, autodiscover, owa connection on win2012
Hello,
is there way to monitor OWA, outlook or autodiscover attempts on exchange 2013 on windows 2012 server like it was on exchnage 2010?
Regards
↧
No suitable shadow servers
Greetings,
We currently have an issue with Exchange 2013. We already looked about solution almost everywhere but we didn't found it. The problem still exist and we need your help.
Problem :
We have single installation of the Exchange 2013 (single server).
Name AdminDisplayVersion ExchangeVersion
---- ------------------- ---------------
EXCH001 Version 15.0 (Build 847.32) 0.1 (8.0.535.0)
We found that a lot of e-mails never got to the users. They are not shown at end-user so we think they get deleted. There is no information provided to the sender or receiver aswell. We did analyse the problem and we got to the problem which we don't know how to resolve. For example :
29.5.2014 13:56:40, "No suitable shadow servers","SMTP","HAREDIRECTFAIL","RE: Gratisi HR","mailbox1@domain.com","mailbox2@domain.com mailbox3@domain mailbox4@domain.com"
29.5.2014 13:56:40, "08D141CF6A90C09C 2014-05-29T11:56:40.534Z 0","SMTP","RECEIVE","RE: Gratisi HR","mailbox1@domain.com","mailbox2@domain.com mailbox3@domain.com mailbox4@domain.com"
Any help and information would be more than appreciated.
↧
↧
Unauthorized Access Logs
The CEO of my company firmly believes that someone has accessed his email account on our Exchange server. How would I go about finding out the details of this?
↧
Mailbox permission issue
Hi All,
I have Exchange 2010 and Exchange 2007 mixed environment, My colleague's Mailbox is hosted on Exchange 2010 while mine is sitting on Exchange 2007, I have taken the full permission on his mailbox but still cant send any email from his outlook as it says don,t
have permission to send email on behalf of the user..any help would be highly appreciated..
Thanks!
↧
DISTRIBUTION LIST WITH EXTERNAL EMAIL SEND FROM OUTSIDE
Hello to all,
I'm new in the foruum.
i have the following problem with Distribution Lists.
I have create one Distribution List which include email address from our company and external email address.
When i send from inside all works fine.
But when i send from outside the email received from inside users(email addresses of my domain) but never received from outside email addresses.
How can resolve this issue?
Pls help
↧
