fake ray bans fake cheap oakleys nike jerseys cheap christian louboutin online fake oakleys store fake cheap oakleys cheap authentic jerseys red bottoms shoes fake oakleys cheap oakleys cheap oakleys michael kors store wholesale jerseys china wholesale nhl jerseys cheap michael kors handbags cheap ray bans wholesale cheap jerseys cheap fake oakleys fake oakleys cheap nike jerseys cheap ray bans wholesale oakleys jerseys wholesale christian louboutin outlet cheap mlb jerseys oakley sunglasses authentic jerseys christian louboutin outlet cheap replica oakleys cheap oakleys outlet wholesale mlb jerseys michael kors handbags cheap jerseys online shopping cheap nhl jerseys cheap replica oakleys cheap fake oakleys cheap jerseys from china cheap fake oakleys 2016 cheap fake oakleys WHOLESALE AUTHENTIC JERSEYS cheap discount ray bans fake cheap oakleys cheap jerseys free shopping cheap christian louboutin online cheap jerseys replica oakleys cheap jerseys from china cheap christian louboutin wholesale mlb jerseys replica oakleys store replica ray bans fake oakleys cheap mlb jerseys free shopping cheap wholesale nfl jerseys discount oakleys discount oakleys fake oakley sunglasses cheap fake ray bans cheap oakley sunglasses authentic jerseys cheap fake discount oakleys wholesale oakleys cheap wholesale jerseys wholesale cheap jerseys wholesale nfl jerseys fake oakleys online authentic jerseys wholesale ray bans fake cheap oakleys cheap oakley sunglasses replica ray bans wholesale sunglasses wholesale mlb jerseys cheap cheap nfl jerseys cheap oakleys cheap fake ray bans cheap oakleys sale cheap fake ray bans oakleys sunglasses wholesale authentic jerseys fake cheap oakleys fake cheap oakleys authentic wholesale jerseys nhl jerseys cheap nfl jerseys cheap oakleys online wholesale jerseys fake ray bans online store michael kors handbags outlet replica michael kors fake ray bans ray bans outlet cheap christian louboutin cheap nba jerseys cheap ray bans cheap ray bans michael kors outlet discount oakleys wholesale nfl jerseys fake ray bans sunglasses fake cheap oakleys wholesale jerseys china wholesale nhl jerseys michael kors on sale discount oakleys online cheap jerseys wholesale wholesale oakley sunglasses cheap replica oakleys cheap michael kors bags discount oakleys cheap sunglasses ray bans christian louboutin shoes discount nba jerseys cheap oakleys cheap fake oakleys fake ray bans sunglasses cheap michael kors handbags oakley sunglasses cheap authentic nfl jerseys michael kors on sale fake cheap oakleys cheap nfl jerseys replica oakleys replica michael kors cheap oakleys cheap authentic nfl jerseys paypal cheap fake oakley sunglasses cheap oakleys cheap michael kors outlet cheap fake ray bans fake ray bans cheap authentic jerseys fake cheap oakleys cheap michael kors replica oakleys fake oakleys fake oakley cheap cheap jerseys wholesale michael kors handbags on sale cheap michael kors outlet authentic jerseys cheap oakleys online replica michael kors replicas oakleys jerseys wholesale 2016 cheap oakleys for sale discount ray bans cheap michael kors store cheap michael kors outlet ray bans sunglasses ray bans sunglasses sale wholesale china jerseys cheap mlb jerseys cheap fake oakleys wholesale nba jerseys wholesale jerseys wholesale oakleys wholesale authentic jerseys christian louboutin outlet cheap michael kors outlet cheap jerseys cheap jerseys michael kors bags fake oakleys shop cheap jerseys cheap oakley sunglasses cheap michael kors michael kors bags sale wholesale jerseys fake ray bans online fake ray bans sunglasses cheap jerseys china wholesale nfl jerseys fake oakleys cheap nhl jerseys fake oakleys cheap oakleys official jerseys replica christian louboutin online cheap michael kors outlet cheap nba jerseys cheap authentic ncaa jerseys michael kors on sale discount oakley sunglasses cheap elite jerseys replica oakleys cheap replica oakleys cheap michael kors online replica oakleys fake ray bans oakleys outlet cheap wholesale jerseys cheap replica oakleys replica ray bans christian louboutin online cheap michael kors handbags cheap sunglasses jerseys wholesale wholesale christian louboutin fake oakleys cheap jerseys cheap michael kors outlet cheap oakley cheap jerseys replica oakleys michael kors bags replica oakleys fake oakleys cheap wholesale cheap jerseys cheap michael kors outlet wholesale nhl jerseys paypal replica christian louboutin fake sunglasses cheap jerseys replica christian louboutin fake cheap oakleys cheap jerseys from china cheap jerseys cheap michael kors handbags christian louboutin online wholesale jerseys wholesale jerseys from china

Azure AD Connect does not sync all users to Azure AD

Just configured a Azure AD Connect (AADConnect / AADSync) synchronisation between an on premise domain and Office 365. All users are synchronized without any problems except one user. Nothing special for this user, same OU, member of the same groups, no special rigths or anything visible different. Also no errors in AADConnect logs, event logs or whatever.

Also followed this helpful Microsoft document One or more objects don’t sync when the Azure Active Directory Sync tool is used, but none of the options described solved the problem. sAMAccountName, proxyAddresses, etc are all correctly filled.
Other strange thing is when you run IdFix as described in the same document, the result also does not show this specific “problem” user.

Solution:
Accidently I did an export of all mailboxes and properties and for this perticular user I saw that LinkedMasterAccount was filled with an SID and the IsLinked value was set to true.
To see if these values are set for this account run the following powershell command: get-mailbox username | select-object *link*

If the IsLinked is set to true the mailbox is a linked Mailbox and linked mailboxes are not synced to Azure AD, as described in this article: Understanding Users and Contacts in Azure Active Directory Sync

A disabled account will contribute userPrincipalName and sourceAnchor, unless it is a linked mailbox.

An account with a linked mailbox will never be used for userPrincipalName and sourceAnchor. It is assumed that an active account will be found later.

Disabled accounts are synchronized as well to Azure AD. Disabled accounts are common to represent resources in Exchange, for example conference rooms. The exception is users with a linked mailbox; as previously mentioned, these will never provision an account to Azure AD.

In this case the linked mailbox was probably a leftover from the past so we could convert the mailbox back to a normal user with this powershell command: Set-User -Identity kweku@fabrikam.com -LinkedMasterAccount $null and after that the account was directly synced to Azure AD at the next syncronization schedule.

Posted in Active Directory, Blog, Exchange 2010, Office 365 at February 3rd, 2016. No Comments.

No certificate visible in the Exchange manage hybrid configuration wizard

When you go through the Exchange 2010 manage hybrid configuration wizard, at the Mail Flow Security option the certificate list is empty. When you click on view certificate you get the error “No valid certificate exist for the Hub Transport server(s)”.

exchangehybrid1

When you take a look in the Exchange Management Console at server configuration your certificate is visible and also valid. When you run the following command in the Exchange Management Shell: Get-ExchangeCertificate | FL you will see the result RootCAType : Registry as result.

exchangehybrid2

The problem in this case was that the Root CA certificate (in this case the GoDaddy Root CA certificate) was only available in the Thrusted Root Certificate Authorities store and NOT in the Third-Party Root Certificate Authorities store.

Solution:

Open a mmc windows and add the Local Computer Certificates snap-in, browse to the Thrusted Root Certificate Authorities / Certificates store and export the Root CA certficate (when not avaiable at all, get the certificate from your provider).

Then browse to the Third-Party Root Certificate Authorities / Certificates store and right choose all tasks and choose Import. Follow the wizard and import the exported certificate in the selected store.

exchangehybrid3

You should now see the Root CA Certificate in the Third-Party Root Certificate Authorities / Certificates store.

When you run the following command in the Exchange Management Shell: Get-ExchangeCertificate | FL you will now see the result RootCAType : ThirdParty as result.

exchangehybrid4

When you now go through the Exchange manage hybrid configuration wizard you should be able to select the certificate and complete the wizard.

Posted in Exchange 2010, Office 365 at January 25th, 2016. No Comments.

Windows Management Framework 3.0 with Small Business Server and Exchange servers (Updated)

Last week microsoft released Windows Management Framework (WMF) 3.0 which includes Powershell 3.0 (KB2506146 for Windows 2008 SP2 and KB2506143 for Windows Server 2008 R2) as an optional Windows update. So everyone can approve and install the update via Windows update, WSUS or any other updating mechanism you are using.

But installing this update on a Small Business Server (SBS) 2008 and 2011 or on an Exchange Server 2007 and 2010 will give all kind of trouble.

Symptoms for an Exchange Server:
Installation of Exchange update rollups will fail one of the errors is: error code of 80070643.

The Exchange Team wrote this blog about this issue. It states: “Windows Management Framework 3.0 (specifically PowerShell 3.0) is not yet supported on any version of Exchange except Exchange Server 2013. If you install Windows Management Framework 3.0 on a server running Exchange 2007 or Exchange 2010, you will encounter problems, such as Rollups that will not install, or the Exchange Management Shell may not run properly.”

Symptoms for a Small Business Server:
When running some SBS wizards like the Fix My Network wizard it will end up with errors about access denied for the Exchange Management Shell.
Also other kind of problems may occur with the Exchange and / or SharePoint 2010 Management Shell and as written for Exchange Servers installation of Exchange update rollups may fail.

On the Small Business Server Blog there is a post on these issues.

Recommendation for both Exchange and Small Business Servers is to NOT install the Windows Management Framework 3.0 update at this time. If you already installed the update and encoutered the previously described problems, uninstall the update. Your server should be fine when it comes back online after a restart.

Update:
There is another problem reported in the Small Business Technet forum uninstallation of the also removes a registry key that gives problems to the event log. This is the key that is deleted: “HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ WINEVT \ Channels \ ForwardedEvents”

Anytime later in the same post there is a mention that the updates are removed from Microsoft Update:

As a result of these regressions and feedback from customers and experts like you, we have expired the WMF 3.0 Update for all platforms (Windows 7, Server 2008, and Server 2008 R2) as of 5:07 pm PDT.

2506143 Windows Management Framework 3.0 for Windows 7 (KB2506143)
Windows Management Framework 3.0 for Windows 7 for x64-based Systems (KB2506143)
Windows Management Framework 3.0 for Windows Server 2008 R2 for x64-based Systems (KB2506143)

2506146 Windows Management Framework 3.0 for Windows Server 2008 (KB2506146)
Windows Management Framework 3.0 for Windows Server 2008 for x64-based Systems (KB2506146)

We’re engaged in an internal post-mortem to identify and resolve the issuesthat led to these updates being released that resulted in the regressions.

We work hard to ensure updates always release with an exceptionally high quality bar. That bar was not met for these updates and we’re working to ensure we can prevent this from happening again. Thank you for your feedback through this and other channels – and please keep providing helpful feedback so we can continue to improve.

doug neal
Microsoft Update (MU)

Exchange 2003 Mailbox Database object not found when moving mailboxes to an Exchange 2010 server

During an Exchange 2003 – 2010 transition, when moving a mailbox you see the database gives an “Object not found” message.

If you continue the mailbox move will fail with the following error: “Mailbox database “Servername\First Storage Group\Mailbox Store (SERVERNAME)” doesn’t exist.”

Probably you would also see some Event ID 3113, MSExchangeIS errors in your Application log indicating the Mailbox of Public Folder Store was not found in the directory. The item may have been deleted.

Solution: The problem is caused because the “Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.” is not set on the Exchange 2003 server object.

Open Exchange System Manager, browse to Administrative Groups, first administrative group, Servers and choose properties on your Server. Select the Security tab and choose advanced. Place a check at “Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.” and select OK.

If you cannot see the security tab you need create the ShowSecurityPage registry key. Open regedit browse to HKEY_Current_user\Software\Microsoft\Exchange\EXAdmin and create a new DWORD value ShowSecurityPage and set the value data to 1. Now restart Exchange system manager and you should be able to see the security page.

Posted in Blog, Exchange 2010 at June 14th, 2012. 4 Comments.

Exchange 2010 Can’t remove the domain ‘yourdomain.com’ because it’s referenced in an e-mail address policy

When you try to remove an Accepted domain within Exchange 2010 you get the following error:

“Can’t remove the domain ‘yourdomain.com’ because it’s referenced in an e-mail address policy by the proxy address template ‘smtp:@yourdomain.com’.”

But when you go to your e-mail address policies and view the properties this domain is listed in none of your e-mail address policies.

Solution: The domain was still set as a disabledGatewayProxy address on one of your e-mail address policies. Probably this is a leftover from a transition from exchange 2003.

You can remove this by using Adsiedit, open Configuration naming context, Services, Microsoft Exchange, Organization Name, Recipient Policies, do properties on a Policy and find disabledGatewayProxy. Remove the address you would like to delete, repeat this for all policies. After removing the address from all policies you should be able to remove the accepted domain.

Posted in Blog, Exchange 2010 at June 12th, 2012. 3 Comments.

How to: disable or change the 4 digit pin code that is enabled after mobile device connects to the Exchange 2010 within SBS 2011

After you have configured your mobile device to receive its business e-mail via ActiveSync from your SBS 2011 Exchange 2010 server, it is asking for a 4 digit pin code. This is because the default configuration on the SBS 2011 Exchange Server is to require a password for ActiveSync devices when they are going to synchronize with your server.

To disable or change this feature open Exchange Management Console, go to Organization Configuration, Client Access and choose the Exchange ActiveSync Mailbox Policies. Do properties on the Default policy and select the Passwords tab.

To completely disable the password remove the check at Require password. Of course you can also change the settings to your own requirements.

You can also create separate Mailbox policies with different settings, so you can set other policies for different users. When you create a new policy and want to attach it to a user, go to Recipient Configuration, Mailbox, do properties for the Mailbox user you want to change the policy.

Select the Mailbox Features tab, select Exchange ActiveSync and choose properties, now you can browse to select the other policy you have created.

Some additional information about what settings you can control with the ActiveSync policy are listed over here: Understanding Exchange ActiveSync Mailbox Policies

Please note not all features are supported with all kinds of mobile clients, so before you configure the settings make sure the settings are supported with your type of mobile devices.

Posted in Blog, Exchange 2010, Howto, SBS 2011 at October 11th, 2011. 7 Comments.

How to send from an email address alias?

Most people have multiple aliases on their mailbox, with aliases on the same email domain or even with multiple domain names. But when you try to send from (send as) one of these aliases you get the following undeliverable error message returned:

“You can’t send a message on behalf of this user unless you have permission to do so. Please make sure you’re sending on behalf of the correct sender, or request the necessary permission. If the problem continues, please contact your helpdesk.”

The answer to this problem is relatively easy, by default and design this isn’t possible, but there are a couple of workarounds available:

  • Create a separate mailbox and put the alias on the mailbox and configure it with send as permissions.
  • Create a distribution group and put the alias on the distribution group and configure it with send as permissions.
  • Create a dummy pop account in outlook and configure the alias as email address.
  • There are some third party tools available that create a workaround.



Workaround 1:
Create a separate mailbox and put the alias on the mailbox and configure it with send as permissions.

First we start with removing the alias we want to send as from the original mailbox.

Now we create a new mailbox, give it a logical name, etc. and give the alias as email address.

After the account has been created we need to set Send As permissions for the newly created account. We do this via the Exchange management console by right clicking on the newly created mailbox and choose Manage Send As permissions…

Add the original user (user@domain.com) to grant Send As permission for the alias@seconddomain.com

Now you are able to send as user@domain.com also with the alias@seconddomain.com address.

We do this by using the From… field in outlook, add the alias in the from field when you want to send from the alias. When you don’t see the from field go to the options menu and choose Show From.

Best thing to do is click the From… button and select the alias mailbox from the address list.

Of course when email is send to the alias@seconddomain.com it now will be delivered to this newly created mailbox. If you would like to receive the email just as before in the same mailbox (user@domain.com), then go to the properties of the newly created alias mailbox and choose the Mail Flow Settings tab, select Delivery Options… and choose properties.

Add the original mailbox at the Forward to: field, via the Browse… button. Now all mail is forwarded to your original mailbox and all mail will be in same mailbox as before removing the alias.




Workaround 2:
Create a distribution group and put the alias on the distribution group and configure it with send as permissions.

First we start with removing the alias we want to send as from the original mailbox.

Now we create a new distribution group, give it a logical name, I always give it the name of the email alias and set the alias as email address.

Then we add the original mailbox as only member.

Now we need to set the Send As permissions for the original mailbox (user@domain.com) on the newly created distribution list. This cannot be done via the exchange management console, we have to use the exchange management shell.

This is the command syntax: Add-ADPermission “public folder name ” -ExtendedRights Send-As -user “Domain\Username”

Now you are able to send as user@domain.com also with the alias@seconddomain.com address.

We do this by using the From… field in outlook, add the alias in the from field when you want to send from the alias. When you don’t see the from field go to the options menu and choose Show From.

Best thing to do is click the From… button and select the alias distribution group from the address list.




Workaround 3:
Create a dummy pop account in outlook and configure the alias as email address.

WARNING: This option is the least recommended, because setting up this will create the posibillity to open a security hole for smtp virusses.

With this workaround we leave the email aliases as they are on the mailbox. We are going to configure a dummy / fake pop account in outlook, so no server configuration needed.
Open outlook and go to Account Settings, choose for New…, choose the email services that include Pop3, choose for manual configure server settings and choose Internet E-mail (Pop).

At Your Name: we give your name (this is the name the receiver will see), at E-mail Address we give alias@seconddomain.com, at incoming mail server, just give in something it doesn’t matter, at outgoing mail server give in your Exchange server and at username and password give in your logon credentials (the users domain account credentials).

Choose More Settings…

Make sure that you enable “My outgoing server (SMTP) requires authentication” on the Outgoing Server tab. This is needed to let you send via your exchange server, then finish the wizard.

Now you are able to send as user@domain.com also with the alias@seconddomain.com address.

We do this by using the Account button that is created after creating the dummy pop account. You just choose the email address you would like to send your email from.



Conclusion:
So you see there are a couple of workarounds available, which one is the best, there isn’t it all depends on your needs and wishes.



Exchange 2010 MSExchangeTransport (edgetransport process) keeps crashing and replaying logfiles

On an Exchange 2010 server with the Cas / Hub transport role installed the edgetransport process keeps crashing and replaying log files and again crashing with the following evened error:

Event ID 4999:
Watson report about to be sent for process id: 1240, with parameters: E12, c-RTL-AMD64, 14.01.0270.001, edgetransport, mscorlib, S.I.__Error.WinIOError, System.TypeInitializationException, c11a, 02.00.50727.4959.
ErrorReportingEnabled: False

After these messages it comes with the follwing messages:

edgetransport (1240) Transport Mail Database: The database engine (14.01.0270.0001) is starting a new instance (0).
edgetransport (1240) Transport Mail Database: The database engine is initiating recovery steps.
A configuration update for Microsoft.Exchange.Transport.TransportServerConfiguration has successfully completed.
A configuration update for Microsoft.Exchange.Transport.RemoteDomainTable has successfully completed.
A configuration update for Microsoft.Exchange.Transport.X400AuthoritativeDomainTable has successfully completed.
A configuration update for Microsoft.Exchange.Transport.AcceptedDomainTable has successfully completed.
A configuration update for Microsoft.Exchange.Transport.ReceiveConnectorConfiguration has successfully completed.
A configuration update for Microsoft.Exchange.Transport.TransportSettingsConfiguration has successfully completed.
edgetransport (1240) Transport Mail Database: The database engine has begun replaying logfile C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\Queue\trn.log.
edgetransport (1240) Transport Mail Database: The database engine has successfully completed recovery steps.
edgetransport (1240) Transport Mail Database: The database engine started a new instance (0). (Time=2 seconds)
edgetransport (1240) Transport Mail Database: The database engine attached a database (0, C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\Queue\mail.que). (Time=0 seconds)
edgetransport (1240) IP Filtering Database: The database engine (14.01.0270.0001) is starting a new instance (1).
edgetransport (1240) IP Filtering Database: The database engine is initiating recovery steps.
edgetransport (1240) IP Filtering Database: The database engine has begun replaying logfile C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\IpFilter\trn.log.
edgetransport (1240) IP Filtering Database: The database engine has successfully completed recovery steps.
edgetransport (1240) IP Filtering Database: The database engine started a new instance (1). (Time=1 seconds)
edgetransport (1240) IP Filtering Database: The database engine attached a database (2, C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\IpFilter\IpFiltering.edb). (Time=0 seconds)


And after that the edgetransport crashes again and the loop continues every 30 to 60 seconds.

Upgrading Exchange 2010 to SP1 and later rollup 2 didn’t resolve anything.

Solution: After having had contact with Microsoft support on this issue, the problem was caused by a third party exchange virusscanner. But you can perform the following steps to throubleshoot if you have a similar issue:

Open Exchange Management Shell,
Do a Get-TransportAgent it gives a list of all transport agents, you will see which additional programs have plugged into the sequense.

Do a Get-TransportAgent | Disable-TransportAgent , now all transport agents are disabled

Restart the Microsoft Exchange Transport service.

View the eventlog to see if the error returns , in my case the transport services was stable now (wait some time to be sure it won’t return it could take about 5 till 10 minutes till it cames back).

Allright after you have seen everything is stable now we can enable the transport agents one by one to see when it will crash again.

Use Enable-TransportAgent -Identity “transportagent name” (you can copy the exact name from the Get-TransportAgent list you did before) note some programs have more than one transport agent enable those together. After enabling a transport agent you have to restart the Microsoft Exchange Transport service again and see if the process keeps to be stable (Keep in mind to give it some time).

If you have found the problematic transport agent you can use Disable-TransportAgent -identity “transportagentname” to disable on this transport agent again.

In my case I have removed the problematic software and downloaded the latest version of the product and installed it the problem haven’t come back.

Posted in Blog, Exchange 2010 at May 13th, 2011. No Comments.

Cannot close Exchange 2010 management console after the installation of IE9

UPDATE: the interm fixes are not needed anymore as the fix is now included within the official 13 december 2011 update

The last days I have seen many people who are reporting they get an error message when they try to close the Exchange 2010 Management Console: “You must close all dialog boxes before you can close Exchange Management Console”.

Some research found there are many people with the same issue and that it all started after the installation of IE9. Because there is no solution yet, simply removing IE9 will help for now.

Update: Finally there has been posted a resolution by the Exchange team for fixing this problem.

First step would be installing the MS11-081 (2586448) cumulative IE security update.
Second install KB 2624899, this is a hotfix only available for this issue and should be requested by microsoft support.

Update 2: The KB 2624899 could be downloaded direct from this link here.

Posted in Blog, Exchange 2010, SBS 2011 at May 9th, 2011. 4 Comments.

Event ID 2937 MSExchange ADAccess warning after installing Exchange 2010 SP1

After you have installed Service Pack 1 for Exchange 2010 you find multiple event id 2937, source MSExchange ADAccess warnings.

“Process Microsoft.Exchange.AddressBook.Service.exe (PID=960). Object [CN=Username,OU=OU name,DC=domain,DC=local]. Property [HomeMTA] is set to value [domain.local/Configuration/Deleted Objects/Microsoft MTA
DEL:5e53dca2-cd75-4b28-a0cc-7f87392e1869], it is pointing to the Deleted Objects container in Active Directory. This property should be fixed as soon as possible.”

The process and username may vary.

Solution: When you run the “update-recipient recipientname” command from exchange management shell it will update the HomeMTA value to a good value. If you would like to run the setting for all your user account in one mailbox database use the following command: “get-mailbox -database “Mailbox Database” | update-recipient

Source: Microsoft technet forum

Posted in Blog, Exchange 2010 at May 9th, 2011. No Comments.
Sharing Buttons by Linksku