Category Archives: Exchange 2013

Exchange 2007, Exchange 2010, Exchange 2013, Exchange Online, Office 365, Powershell

Public Folder to Office 365 Groups Migration Script

December 18, 2017 Jos 1 Comment

Earlier, I wrote on a new technet article that details migration to Office 365 groups from on prem public folders. Actually walking through that I noticed some inconveniences I figured I could improve on with a script. The main one being that the endpoint in Office 365 only supports a single Public Folder, excluding child folders.

So I wrote up a script (with resume support) that will map your Public Folders to O365 Groups and migrate them in as many batches as are required, fully automated.

You’ll end up with a nice csv file with all the details. Note:

this script expects you to know what you’re doing!
only tested with Exchange 2010 as source
everything on prem is left untouched
groups are not mail enabled, and security settings are not copied
contacts are not copied
make sure you read the code/in-script instructions between line 1 and line 48, and then if you’re curious, from line 71720

https://gitlab.com/Lieben/assortedFunctions/blob/master/archivePublicFoldersToOffice365Groups.ps1

update 05/01: improved the connection status check + reconnect for remote ExO and fixed report file path auto generation

update 11/01: moved everything to start-job so exchange sessions are always isolated (no prompting after 1-2 days) and added total migration overview display

update 25/01: exported the remote exchange module and added it as inline code with a modification so it won’t prompt for credentials, nothing else seems to otherwise prevent such prompts. This means the module may not match Microsoft’s if they update Exchange Online. Let me know if that causes issues for you or re-create it yourself with export-pssession and replace.

Exchange 2007, Exchange 2010, Exchange 2013, Exchange Online, Office 365, Powershell

Migrating Public Folders to Office 365 Groups

October 26, 2017 Jos 1 Comment

Recently, I stumbled upon an article detailing how to migrate on-premises (or online) Public Folders to Office 365 Groups

Of course I had to try that out asap 🙂 I used an older script to make a report of my on prem public folders to pick one below 50GB.

It was mostly a breeze and the interface of Office 365 groups allows users to easily search and administer their old Public Folders. We purposely only use them for archive access, where the IM team manages access to the groups holding PF data. I can really recommend this strategy, especially if you can easily split them up in under 50GB sized groups.

I did have one slight error you may run into:

“MigrationTransientException: Couldn‎’t find a request that matches the information provided. Reason: No such request exists in the specified index. –> Couldn‎’t find a request that matches the information provided. Reason: No such request exists in the specified index. “

Reason for this: The source public folder path is incorrect, make sure your CSV is mapped correctly or your batch will spin forever (or at least longer than I had patience), never completing.

Exchange 2010, Exchange 2013

Exchange 2010 backend with 2013 frontend proxy something has gone wrong error

July 3, 2017 Jos Leave a comment

At a customer site users were experiencing “:-( Something went wrong” errors in OWA (2013). The RPC endpoint was also broken, blocking a migration to Office 365.

Initial checks showed a few errors on the 2013 frontend server:

</p>
<p>[Eas] Marking ClientAccess 2010 server NLEX01.domain.local (https://nlex01.domain.local/Microsoft-Server-ActiveSync) as unhealthy due to exception: System.Net.WebException: The remote server returned an error: (503) Server Unavailable.<br />
at System.Net.HttpWebRequest.GetResponse()<br />
at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)</p>
<p>[Autodiscover] Marking ClientAccess 2010 server NLEX01.domain.local (https://nlex01.domain.local/Autodiscover) as unhealthy due to exception: System.Net.WebException: The remote server returned an error: (503) Server Unavailable.<br />
at System.Net.HttpWebRequest.GetResponse()<br />
at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)</p>
<p>[RpcHttp] Marking ClientAccess 2010 server NLEX01.domain.local (https://nlex01.domain.local/rpc/rpcproxy.dll) as unhealthy due to exception: System.Net.WebException: The remote server returned an error: (503) Server Unavailable.<br />
at System.Net.HttpWebRequest.GetResponse()<br />
at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)</p>
<p>[Owa] Marking ClientAccess 2010 server NLEX01.domain.local (https://nlex01.domain.local/owa) as unhealthy due to exception: System.Net.WebException: The remote server returned an error: (503) Server Unavailable.<br />
at System.Net.HttpWebRequest.GetResponse()<br />
at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)</p>
<p>

The issue ended up being twofold;

somehow the SCCM client on the Exchange backend had replaced the local server certificate that IIS uses, this certificate wasn’t accepted by the frontend server
for some reason NTLM (Windows) Authentication was switched off on the Virtual Directories on the backend machine.

Exchange 2007, Exchange 2010, Exchange 2013, Powershell

Quick overview of all unique email domains in use under a certain OU

June 13, 2016 Jos Leave a comment

We wanted an overview of which domains our users were using in a certain country (Netherlands in this case). So, a simple Powershell snippet that counts all unique domains it encounters in the ProxyAddresses field of all users under a certain OU.

Note that if you have set contacts / forwarders, some domains that appear may not actually be accepted domains in your exchange organization.

</p>
<p>#Author: Jos Lieben (OGD)<br />
#Date: 13-06-2016<br />
#Script help: www.liebensraum.nl<br />
#Purpose: retrieve all unique domains in use under a specific OU and count them<br />
#Requirements:<br />
#active directory PS module<br />
########</p>
<p>ipmo activedirectory</p>
<p>$users = get-aduser -Filter * -Properties * -SearchBase &quot;OU=Netherlands,OU=Countries,DC=lieben,DC=nu&quot; -SearchScope SubTree</p>
<p>$domains = @{}<br />
foreach($user in $users){</p>
<p>$emails = $user.ProxyAddresses<br />
foreach($email in $emails){<br />
$domain = $email.Split(&quot;@&quot;)[1]<br />
if($domain){<br />
$domains[$domain] += 1<br />
}<br />
}</p>
<p>}</p>
<p>Write-Output $domains

Exchange 2007, Exchange 2010, Exchange 2013, Powershell

Exporting shared mailbox permissions to a CSV

June 8, 2016 Jos 5 Comments

A demonstration of one way to get shared mailbox permissions exported to a CSV file. We needed both users, groups and users in groups (so, a recursive search). Only Shared mailboxes had to be included, we could identity these by a simple rule:

the first portion of the primary email address does not contain a dot

See line 126 and 127 for this rule if you need a different method.

Edit: make sure you replace CED\ with your own domain! Sorry bout that…

This export excludes Deny permissions and looks for users in groups up to 2 levels deep. Credits to Piotrek for his Get-ADNestedGroupMember function.

Script source: Continue reading Exporting shared mailbox permissions to a CSV →

Exchange 2007, Exchange 2010, Exchange 2013, Exchange Online, Powershell

Exchange Forwarding Report

April 1, 2016 Jos Leave a comment

This powershell snippet will tell you which mailbox is actively forwarding email, in what method (dual delivery or pure forwarding), to which email address and if the corresponding contact still exists and is active.

<br />
#Module name: findForwarderDetails<br />
#Author: Jos Lieben (OGD)<br />
#Date: 01-04-2016<br />
#Description: this snippet will discover all active forwarders in your organization, and will print the original mailbox, target contact and target address and forwarding method</p>
<p>$output = @()<br />
$mailboxes = Get-Mailbox -ResultSize Unlimited | Where {$_.ForwardingAddress -ne $Null}</p>
<p>foreach ($mailbox in $mailboxes){</p>
<p>    $obj = New-Object PSObject<br />
    $obj | Add-Member NoteProperty mailboxName($mailbox.DisplayName)<br />
    if($mailbox.DeliverToMailboxAndForward){<br />
        $obj | Add-Member NoteProperty forwardingMode(&quot;Dual delivery&quot;)<br />
    }else{<br />
        $obj | Add-Member NoteProperty forwardingMode(&quot;Forward Only&quot;)<br />
    }<br />
    try{<br />
        $contact = Get-MailContact -Identity $mailbox.ForwardingAddress.DistinguishedName -ErrorAction Stop<br />
        $obj | Add-Member NoteProperty forwardingToName($contact.DisplayName)<br />
        $obj | Add-Member NoteProperty forwardingToEmail($contact.ExternalEmailAddress)<br />
    }catch{<br />
        $obj | Add-Member NoteProperty forwardingToName(&quot;CONTACT DOES NOT EXIST OR IS DISABLED&quot;)<br />
        $obj | Add-Member NoteProperty forwardingToEmail(&quot;CONTACT DOES NOT EXIST OR IS DISABLED&quot;)<br />
    }<br />
    $output += $obj<br />
}</p>
<p>Write-Output $output<br />

Exchange 2010, Exchange 2013, Powershell

Finding unused accepted domains in Exchange 2013

March 17, 2016 Jos 10 Comments

If, for some reason, you want to see which domains in your exchange organisation are not being used (not registered in the ProxyAddresses fields of your users), use below snippet in the Exchange Powershell Module.

Note: this does NOT (yet) check for domains used in Public Folders or Mail Contacts.

</p>
<p>$mailboxes = get-mailbox -Resultsize Unlimited<br />
$groups = get-distributiongroup -Resultsize Unlimited<br />
$domains = Get-AcceptedDomain<br />
$output = @()</p>
<p>foreach ($domain in $domains){</p>
<p> $obj = New-Object PSObject<br />
 $obj | Add-Member NoteProperty domainName($domain.DomainName)<br />
 $obj | Add-Member NoteProperty domainType($domain.DomainType)<br />
 $res = $mailboxes | where-object {$_.EmailAddresses -Match $domain.DomainName}<br />
 if(-not $res){<br />
 $res = $groups | where-object {$_.EmailAddresses -Match $domain.DomainName}<br />
 }<br />
 if($res){<br />
 $obj | Add-Member NoteProperty inUse(&quot;YES&quot;)<br />
 }else{<br />
 $obj | Add-Member NoteProperty inUse(&quot;NO&quot;)<br />
 }<br />
 $output += $obj<br />
}</p>
<p>Write-Output $output<br />

Automation, Exchange 2010, Exchange 2013, Exchange Online, Office 365, Powershell, Skype Online

Automating remote mailbox creation in an Exchange 2010/2013 and Office 365 hybrid setup

December 8, 2015 Jos 2 Comments

In organisations that have moved to Office 365, or are moving to Office 365 while using a hybrid setup with an on-premises Exchange 2010, 2013 or 2016 server and/or Lync/Skype, your helpdesk tools and scripts need to be adjusted.

While previously, you would provision your account in Active Directory, the mailbox on the onpremises Exchange Server and voip functionality on the Lync/Skype server, after your migration, you no longer need to provision mailboxes or lync accounts on premises. After a user has been migrated to Office 365, his ‘user type’ in the Exchange on premises server is ‘Remote Mailbox’. But for new users, this is not set automatically.

If you’re using scripting or tools like ADManager, you can use some simple Powershell commands to set the correct properties on a newly created user.

Configure and run below script Continue reading Automating remote mailbox creation in an Exchange 2010/2013 and Office 365 hybrid setup →

Exchange 2007, Exchange 2013, Office 365

Exchange 2007 Hybrid Migration to Office 365 with Exchange 2013 Coexistence

June 9, 2015 Jos 2 Comments

During a migration for a customer from an Exchange 2007 environment, to Office 365, I ran into some issues that I’d like to share, as I could not find any material on this subject elsewhere.

Our plan was easy, update the Exchange 2007 servers to the latest Servicepack and CU to allow coexistence with an Exchange 2013 server as detailed on technet. I’d then build up the Hybrid relationship on the 2013 machine, move the mailboxes and phase out the 2007 machines. The 2013 machine would remain for on-premises Lync connectivity, which needs a CAS to talk to.

Once the Exchange 2013 server was installed, I prepared the machine for Hybrid connectivity, added the relevant domains to Office 365 and started the Hybrid setup wizard from the Exchange 2013 ECP.

I received the following error:

[PS] C:\Windows\system32&gt;Get-WebServicesVirtualDirectory
An IIS directory entry couldn't be created. The error message is Access is denied.
. HResult = -2147024891
    + CategoryInfo          : NotInstalled: (EXCH2007-1\EWS (Default Web Site):ADObjectId) [Get-WebServicesVirtualDirect
   ory], IISGeneralCOMException
    + FullyQualifiedErrorId : [Server=EXCH2013,RequestId=f962a8dd-2d39-4b36-85c3-a16a15fc3252,TimeStamp=9-6-201
   5 07:50:59] [FailureCategory=Cmdlet-IISGeneralCOMException] 18EA544C,Microsoft.Exchange.Management.SystemConfigura
  tionTasks.GetWebServicesVirtualDirectory
    + PSComputerName        : exch2013.fqdn

An IIS directory entry couldn't be created. The error message is Access is denied.
. HResult = -2147024891
    + CategoryInfo          : NotInstalled: (EXCH2007-2\EWS (Default Web Site):ADObjectId) [Get-WebServicesVirtualDirect
   ory], IISGeneralCOMException
    + FullyQualifiedErrorId : [Server=EXCH2013,RequestId=f962a8dd-2d39-4b36-85c3-a16a15fc3252,TimeStamp=9-6-201
   5 07:50:59] [FailureCategory=Cmdlet-IISGeneralCOMException] 18EA544C,Microsoft.Exchange.Management.SystemConfigura
  tionTasks.GetWebServicesVirtualDirectory
    + PSComputerName        : exch2013.fqdn

The hybrid wizard aborted, and could not continue.
The Get-WebServicesVirtualDirectory command checks all Continue reading Exchange 2007 Hybrid Migration to Office 365 with Exchange 2013 Coexistence →

Exchange 2010, Exchange 2013, Office 365

Sync disabled users (shared mailboxes) to Office 365 with Azure Active Directory Sync

May 7, 2015 Jos 3 Comments

I often hear customers who run an onpremises Exchange 2010 or 2013 environment in Hybrid mode with Office 365 complain about their Shared Mailboxes not appearing in Office 365 when using AADSync (or AADConnect).

This is important for mail routing if they don’t exist as contacts, or if you are using Exchange Online Protection for these mailboxes.

So, two quick steps to configure AADSync to also sync disabled users to Office 365. Continue reading Sync disabled users (shared mailboxes) to Office 365 with Azure Active Directory Sync →

Liebensraum