Quantcast
Channel: Exchange Server 2013 - Administration, Monitoring, and Performance forum
Viewing all 9032 articles
Browse latest View live

Lots of error messages in Security Log

August 6, 2013, 8:55 am
$
0
0

We have installed a fresh install of Exchange 2013 on Server 2012.

We see Event ID: 4625 in the Security Logs and see thousands a day.

I have a read a few articles on this but I cannot put my finger on the cause so would welcome comment or solution.


A typical error reads as follows:

 
An account failed to log on.
 
Subject:
                Security ID:                         SYSTEM
                Account Name:                 SERVER$
                Account Domain:                             SERVER0
                Logon ID:                             0x3E7
 
Logon Type:                                       3
 
Account For Which Logon Failed:
                Security ID:                         NULL SID
                Account Name:                 
                Account Domain:                             
 
Failure Information:
                Failure Reason:                 Unknown user name or bad password.
                Status:                                  0xC000006D
                Sub Status:                         0xC0000064
 
Process Information:
                Caller Process ID:             0xfc8
                Caller Process Name:     C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeHMWorker.exe
 
Network Information:
                Workstation Name:        SERVER
                Source Network Address:            -
                Source Port:                       -
 
Detailed Authentication Information:
                Logon Process:                  C
                Authentication Package:               Kerberos
                Transited Services:          -
                Package Name (NTLM only):       -
                Key Length:                        0
 
This event is generated when a logon request fails. It is generated on the computer where access was attempted.
 
The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
 
The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
 
The Process Information fields indicate which account and process on the system requested the logon.
 
The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
 
The authentication information fields provide detailed information about this specific logon request.
                - Transited services indicate which intermediate services have participated in this logon request.
                - Package name indicates which sub-protocol was used among the NTLM protocols.
                - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.


Search

Exchange 2013: Open online achive in outlook 2013 without internet connection

August 9, 2013, 9:37 am
$
0
0

Dear All,

    In outlook 2013 have enable online archiving but it can open when I still on internal network or I still on internet.

    Could you please advise, have anyway I can open online archive on outlook 2013 in offline mode. 

Exchange 2013 MSExchange ADAccess event 2153 after upgrade from 2007

August 9, 2013, 9:46 am
$
0
0

Hi,

i keep getting these event error MSExchange ADAccess:

Processus MSExchangeHMWorker.exe (ExHMWorker) (PID=14456). Échec d'une opération Ajouter LDAP (LDAP Add operation error)- Server=serveur03.domain.local Code d'erreur(error code)=32 (Informations supplémentaires (additional infomations) : Objet de l’annuaire non trouvé (directory object not found).

Réponse d'Active Directory : 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:

'CN=Microsoft Exchange System Objects,DC=domain,DC=local'

). DN objet=CN=HealthMailboxaceb86d742f84db58e7f9f7e17cff972,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=domain,DC=local. 

Sorry it is in french i added 'my translation :)

This is a single consolidated Mailbox Cas server with one database.

Get-mailbox -Monitoring returns nothing. The Objects are not present in AD. The default user creation OU was changed in AD. I moved it back to Uesrs OU. I even tried creating a new mailboxdatabase but still the health Mailboxs did not get created. I chnaged domain controller by removing the original DC.

Any idea on how to solve this ??

Best,

RZ

exchnage 2010 1 user 2 mail

August 9, 2013, 10:13 am
$
0
0
helloeveryoneI havethe following difficulty
example:
I havea userantonio.manuelwith the email antonio.manuel@contoso.com
and I needto change the emailto am@contoso.com
Istillneedthe all email lsent toantonio.manuel@contoso.comissent to theam@contoso.com
butthat returnsa warning toindicate to send send the mailto the new addressam@contoso.com

RPC Client Access Service failing many times per day

April 16, 2013, 9:11 pm
$
0
0

My system log has numerous 7031 errors (up to 50 a day) indicating that the Exchange RPC Client Access service terminate unexpectedly.  Each time it happens all extenral (for sure) Outlook users lose contact and have to reconnect.

I also see WAS 5009 showing a process service one of the App Pools in IIS terminating unexpectedly.  Often it i the MSExchangeRpcProxyAppPool, but they also appear for ny of them.

I don't see any other interesting erros in the system logs or application logs during that time.

Any ideas on how to stabilize the RPC service so clients aren't forced to keep reconnecting?

Eric.

Requesting a SSL Certificate from my certificate authority.

August 9, 2013, 1:28 pm
$
0
0
I am running Small Business Server 2011.  We are setting up Microsoft Exchange Server 2010.  We are at the point where we created our certificate file.  We opened up the web browser, typed in https website certsrv info, requested the certificate, submitted the request using a base 64 encrypted file, and received an internet explorer error.  Upon receiving this error, we can no longer log on to the certsv site and was not successful with obtaining the certificate.  Should we delete the certificate and start all over again?

Exchange 2013 - Onpremises server MS 2012, installation successful, worked for 1 month. Can't access EAC HTTP 500 error.

August 9, 2013, 5:40 am
$
0
0

The EAC worked fine for about a month.  Mailboxes have been configured, mobile devices have been configured.  The EAC just quit working.  HTTP 500 error when attempting to access via the web. When running the commandGet-OwaVirtualDirectory | select Server, name, *site*, *URL* it shows an internal url.  Please see below configuration.  There is something I ammissing, but I can't figure it out.  Ran Test-EcpConnectivity | fl
WARNING: The test couldn't test the internal URL of this virtual directory, because the InternalURL property isn't set.

Please help!

Errors for today.
Ems is working fine.
Can't get to EAC
    Error: This error (HTTP 500 Internal Server Error) means that the website you are visiting had a server problem
which prevented the webpage from displaying.

test-OwaConnectivity | fl
Error:The Service Endpoint "ExchangeLoginUrl" was not found. This Endpoint gets created during setup, but it has been
deleted.

Performed
Remove-OwaVirtualDirectory -Identity 'Server01\owa (Default Web Site)'

[PS] C:\Windows\system32>Remove-OwaVirtualDirectory -Identity 'mail1\owa (Default Web Site)'

Confirm
Are you sure you want to perform this action?
Outlook Web App virtual directory "mail1\owa (Default Web Site)" is being removed.
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): Y

Error:
The test couldn't test the internal URL of this virtual directory, because the
InternalURL property isn't set.

No fix yet

Next Error:
The Service Endpoint "ExchangeLoginUrl" was not found. This Endpoint gets created during setup, but it has been
deleted.

[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl


RunspaceId                      : 6dc60a36-2235-4217-a42c-942185d81160
Name                            : Autodiscover (Default Web Site)
InternalAuthenticationMethods   : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods   : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication   : False
WSSecurityAuthentication        : True
LiveIdBasicAuthentication       : False
BasicAuthentication             : True
DigestAuthentication            : False
WindowsAuthentication           : True
OAuthAuthentication             : True
AdfsAuthentication              : False
MetabasePath                    : IIS://MAIL1.dorothy.local/W3SVC/1/ROOT/Autodiscover
Path                            : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\Autodiscover
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags         : {}
ExtendedProtectionSPNList       : {}
AdminDisplayVersion             : Version 15.0 (Build 516.32)
Server                          : MAIL1
InternalUrl                     :
ExternalUrl                     :
AdminDisplayName                :
ExchangeVersion                 : 0.10 (14.0.100.0)
DistinguishedName               : CN=Autodiscover (Default Web
                                  Site),CN=HTTP,CN=Protocols,CN=MAIL1,CN=Servers,CN=Exchange Administrative Group
                                  (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=ammscorp,CN=Microsoft
                                  Exchange,CN=Services,CN=Configuration,DC=dorothy,DC=local
Identity                        : MAIL1\Autodiscover (Default Web Site)
Guid                            : e02484ec-e6f8-4a79-ba2f-ecd5ce9b007a
ObjectCategory                  : dorothy.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Directory
ObjectClass                     : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
WhenChanged                     : 6/21/2013 3:18:43 PM
WhenCreated                     : 6/21/2013 3:18:35 PM
WhenChangedUTC                  : 6/21/2013 7:18:43 PM
WhenCreatedUTC                  : 6/21/2013 7:18:35 PM
OrganizationId                  :
OriginatingServer               : tinman.dorothy.local
IsValid                         : True
ObjectState                     : Changed

[PS] C:\Windows\system32>Test-EcpConnectivity | fl
WARNING: The test couldn't test the internal URL of this virtual directory, because the InternalURL property isn't set.


RunspaceId                  : 6dc60a36-2235-4217-a42c-942185d81160
LocalSite                   : Default-First-Site-Name
SecureAccess                : True
VirtualDirectoryName        : ecp (Exchange Back End)
Url                         :
UrlType                     : Internal
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : MAIL1
LocalSiteShortName          : Default-First-Site-Name
ClientAccessServer          : MAIL1.dorothy.local
Scenario                    : Logon
ScenarioDescription         : Sign in to Exchange Control Panel and verify the response page.
PerformanceCounterName      :
Result                      : Skipped
Error                       : The test couldn't test the internal URL of this virtual directory, because the
                              InternalURL property isn't set.
UserName                    : extest_dd84512225004
StartTime                   : 8/9/2013 8:32:29 AM
Latency                     : -00:00:00.0010000
EventType                   : Warning
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New

WARNING: No Client Access servers were tested.

[PS] C:\Windows\system32>Get-OwaVirtualDirectory | select Server, name, *site*, *URL*


Server          : MAIL1
Name            : owa (Default Web Site)
WebSite         : Default Web Site
Url             : {}
SetPhotoURL     :
Exchange2003Url :
FailbackUrl     :
InternalUrl     : https://mail1.dorothy.local/owa
ExternalUrl     :

Randy Cheek

Public Folder permission on "Organization form library"

August 10, 2013, 1:04 am
$
0
0

Hi All

I have Create an Organizational Forms Library in Exchange 2010, when I go to public folder management to give the permission on EFORM_REGISTRY.. its producing the error:

Modification of the '\NON_IPM_SUBTREE\EFORMS REGISTRY' folder isn't allowed.

I am logged in with domain administrator...

please help

Search

Removing Legacy Exchange 2003 from ADSI

August 10, 2013, 6:45 am
$
0
0

This is my situation...I created a second domain in an existing domain environment. I want Exchange 2010 to manage email for both domains, domainA and domainB. When creating an email policy for the new domain, it complains about detecting a legacy exchange server. My predecessor upgraded from 2003 to 2010. Exchange 2003 was installed with DC, DHCP, DNS, thus, the physical server is still online, but mailboxes were moved to 2010.

My question is, how can I verify it is safe for me to delete the legacy server from adsi? if an error is made, what is the best way to back up what I'm going to edit/remove?

Thanks in advance!

Not possible to add Security or Access group to shared mailbox in Exchange 2013?

July 28, 2013, 11:58 am
$
0
0

With Coexistent of Exchange 2010 and 2013 it doesn't seem to work to its fully.

If i try to add existing AD group (Access,security or Distribution) access to a shared mailbox that was created in exchange 2010 the only option is to add users.

Off course i could use following commands from shell:

Add-MailboxPermission -id ALIAS -User "Group Name" -AccessRights Fullaccess
Or
Add-ADPermission ALIAS -User "Group Name" -ExtendedRights Send-As

But if i create new AD group (SG,AG or DL) from newly Exchange 2013 i am possible to add these group permissions.Is this by design or is it a bug that causes Exchange 2013 not to read from AD?

Thanks in advanced

Problem with cd software located in my tranining kit book

August 10, 2013, 3:22 pm
$
0
0

Dear, friends

My pc is not opening the cd software located in my tranining kit book(Configuring Microsoft Exchange Server 2010)

Can somone help me how to unpacked cd that I have bought with the exchange 2010 hard copy book traning kit?

Best Regards,

Bero

Can't Connect to Outlook With My Client Access Server

August 10, 2013, 7:59 am
$
0
0

My problem is i can't connect to outlook from the PCS that out of my domain in another word the the auto discovery working correctly but I can't connect to outlook for my mailbox from a pc that isn't a domain joined and also the outlook anywhere isn't working correctly for my external DNS zone and here u are the exchange 2013 deployment scenario :

1- I have 3 exchange 2013 servers (CAS and two CAS/Mail servers working with DAG ) for my domain called citc.com

2-The CAS has a certificate that have SANS of CAS.citc.com and CAS.citc.local (the citc.local will work as external DNS zone for my external internet clients and already i hold that zone on my internal DNS )

3- 2  primary dns zones one for my domain(citc.com) and the other(citc.local) for my external dns zone for connecting the external clients to outlook

4-2 Databases belongs to the DAG

5-modified the virtual directories for my CAS exchange server AS follow:

Set-OwaVirtualDirectory -Identity "cas\owa (Default Web Site)" -InternalUrl https://cas.citc.com/owa -ExternalUrl https://cas.citc.local/owa 
Set-EcpVirtualDIrectory -identity "ecp (Default Web Site)" -InternalUrl https://cas.citc.com/ecp -ExternalUrl https://cas.citc.local/ecp 
Set-ActiveSyncVirtualDirectory -Identity "cas\Microsoft-Server-ActiveSync (Default Web Site)" -InternalUrl https://cas.citc.com/Microsoft-Server-ActiveSync -ExternalUrl  https://cas.citc.local/Microsoft-Server-ActiveSync
Set-OabVirtualDirectory -Identity "cas\OAB (Default Web Site)" -InternalUrl https://cas.citc.com/oab -ExternalUrl https://cas.citc.local/oab
Set-ClientAccessServer -Identity cas -AutodiscoverServiceInternalUri https://cas.citc.com/Autodiscover/Autodiscover.xml
Set-WebServicesVirtualDirectory -Identity "cas\EWS (Default Web Site)" -InternalUrl https://cas.citc.com/EWS/Exchange.asmx -ExternalUrl https://cas.citc.local/EWS/Exchange.asmx

and the outlook anywhere for external host name as cas.citc.local and internal host name cas.citc.com

I repeat ( this an experential scenario) and i can connect correctly to my mailbox using OWA and even using outlook from a domain joined pc but i can't from a non-domain joined pc or an external client using outlook anywhere

 

How to delegate Exchange recipient Admin Role on specific OU

August 11, 2013, 6:44 am
$
0
0

Hi,

I have a single Multi-role Exchange server 2013 installed in and working.

I need to delegate "Recipient Management" Admin Role to one Delegate (he will be responsible of a specific OU) ,

he should not see Users/Mailboxes located in other OUs.

I assigned the following permission through (EAC) to the delegate :


- Mail Recipient Creation
- Mail Recipients

- Reset Password

Actually i can restrict "Write Scope" to the appropriate OU , but when the delegate Log in to Exchange Admin Center , he can see all Users / Mailboxes in the organization. He cannot edit ... but i want him to see only his own OU and hide the others.

Is there a way to achieve this ?

Thanks .


Hamdi Msalhi| System Engineer MCSE, MCITP (Exch2k7) ,VMware VCP


Problem after reboot File Witness Server

August 11, 2013, 9:37 pm
$
0
0

Hi

We have a 2 node DAG Exchange 2010 and a file server witness (not on a DC)

Those 3 servers are running on Windows 2008R2.

Until we were running Active Directory 2003, everything worked fine.

Since we upgraded AD to 2012 we have experienced an issue when the File Witness server is rebooted:

Everything seems to work fine, but trying to access the Management Console on one of the node fails with a kerberos error.

On further troubleshooting, we found that the Cluster cannot longer bring the cluster online or offline with errors 1205, 1069, 1564 and 1562.

The 2 node status are up but somehow it is not quite right.

The Cluster Quorum is configure with 'Node and File Share Majority"

If we browse the file witness server we can access the share.

2 hours later, it is still the same problem

If we run the following command:

[PS] C:\Windows\system32>Get-DatabaseAvailabilityGroup -Identity DAG1 -Status | fl

We get the following message:

WARNING: The witness server and directory currently in use by database availability group 'DAG1' doesn't match the
configured primary or alternate witness server. This may be due to Active Directory replication latency. If this
condition persists, please use the Set-DatabaseAvailabilityGroup cmdlet to correct the configuration.

and the "WitnessShareInUse" value is 'Invalid Configuration'

Would someone know what we need to do to troubleshoot this issue and solve it?

Thanks in advance


exchange 2010 + policy patrol anti spam.edgetransport high cpu

August 11, 2013, 10:30 pm
$
0
0

hi

i user exchange 2010 server 2008 r2 16gb + policy patrol anti spam.

policy patrol anti spam has "heavy" tools to keep my company from spam,

the only problem i have is the process edge transport become 100% high cpu 4 time a day.

how can i fix it? i spend alot of time to solve it.i even disable the kaspersky anti virus for exchange  as part of policy patrol package.

can you help me?

thank you

kobi

Search

Exchange user's inherited rights

August 12, 2013, 2:23 am
$
0
0

Hi,

We have Exchange 2010 and I've created two useful script for my scenarious:

1) Get-Mailbox -ResultSize Unlimited | Get-AdPermission | ?{($_.user -like "*user*") -and ($_.IsInherited -eq $false)} | select Identity, ExtendedRights, User | ft –wrap
That script shows me AD level (SendAs) for my selected user account and on which other users that selected user has rights, and which level of rights.

2) Get-Mailbox -ResultSize Unlimited | Get-mailboxPermission | ?{($_.user -like "*user*") -and ($_.IsInherited -eq $false)} | select Identity, AccessRights, User | ft –wrap
That script shows me which other mailboxes could be opened by selected users.

Now, I need two more scripts.

a) similar like to 1), but show on opposite way - select target user account and show which other users has SendAs rights and which level

b) similar like to 2), but show on opposite way - select target user account and show which other users can open his/her mailbox?

Can you please advise how to prepare these scripts?

Thank you in advance!

Transaction logs doesn't get purged after full backup in Exchange 2013 when protected by DPM 2012

August 12, 2013, 5:05 am
$
0
0

Hi!

I have Exchange 2013 that is protected by DPM 2012. I do a full backup each night, if I look in ECP it says that a full backup has been successfully taken. But the log files isn't purged and they are buildning up fast.

Why?

AD Help for newbe

August 12, 2013, 7:56 am
$
0
0

ALCON,

I'm in desperate need of some help with AD.  I'll try to explain my situation the best I can. I was provided 3 CAC cards by the DoD, along with a ROOT cert, to use within my AD test environment for software development and APL certification. My developers have asked me to create a AD environment in which I can use the CAC's provided to log into the domain via a win7 system. With that being said; thus far I have created a single tier PKI Hierarchy via instructions found on this web site and youtube. I think I was successful importing the Root cer file and publishing it across my domain (I say this because it can be found within my "trusted certs" folder within the cert manager). I have created a user matching the unique name presented when inserting the smart card in the laptop (I'm not sure if that was needed but it made sense so I did it). I'm all out of fresh ideas, and have tried numerous things but when I try to login using the CAC I get the infamous "credentials could not be verified" response.

All, please be aware that my experience with AD is about 4 weeks now... And I am considered the SME at my company. Any help will be appreciated.  

Event ID 106 Exchange Common Errors

August 12, 2013, 9:19 am
$
0
0

Variants of this have been asked before but our Exchange 2010 CAS/HUB servers are producing lots of Error 106 errors in the event logs:

Performance counter updating error. Counter name is <var>xyz</var>: Foreground RPCs Failed, category name is MSExchange RpcClientAccess. Optional code: 3. Exception: The exception thrown is : System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.

There are various counters being reported. I noticed there is a KB article about this for an RPC service and it says it can be ignored but just wanted to check about the rest.

- Will there be any functionality issues or is it purely counter/perfmon related?

- Can they just be ignored?

- Any fix?

I noticed that it is often a case of the counters being for a different role to what is installed so this may well be the case?

Cryptic entry in event viewer

July 30, 2013, 2:51 pm
$
0
0

Good afternoon,

By any chance does anyone have any clues as to what this error is referring to specifically? I looked through the permissions section in admin center, but nothing seems out of place. The error is being generated quite often so I would like to see if I can get it corrected.

Viewing all 9032 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>