Exchange 2007 - End of Life

March 6, 2017 at 9:08 AMSaso Erdeljanov

Just a reminder to everyone still using Exchange 2007 in production environment. We are approaching End of Live for Exchange 2007 on April 11, 2017. Please consider upgrading to newer version very very fast. :)

 

You can read more at Microsoft Support web site.

Exchange 2007 End of Life Roadmap

Posted in: Exchange | Microsoft | Unified Communications | EoL

Tags:

Blank ActiveSync ExternalUrl after Exchange 2013 CU3

December 4, 2013 at 11:05 PMSaso Erdeljanov

We experienced small issue upgrading to Exchange server 2013 CU3 (does not apply to clean install, only upgrade from previous Exchange 2013 builds).

Upgrading to CU3 blanks ExternalUrl parameter of ActiveSync virtual directories.

image 

Luckily existing ActiveSync devices will continue to work, new devices would require manual configuration if you will not configure value for ExternalUrl parameter. To set value of ExternalUrl parameter use cmdlet or via EAC.

To set all ActiveSync Virtual Directories to same value use following cmdlet:

Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory –ExternalUrl “https://mail.exchange.si/Microsoft-Server-ActiveSync”

Posted in:

Tags:

Lync Server 2013 Debugging Tools install issue

October 23, 2013 at 10:35 AMSaso Erdeljanov

If you are trying to install Lync Server 2013 Debugging Tools on a machine with never Visual C++ runtime (version newer than 11.0.50727) you receive a funky error:

Microsoft Lync Server 2013, Debugging Tools installation or uninstallation requires that Microsoft Visual C++ 2012 x64 Minimum Runtime -  11.0.50727 Package is already installed. Either use Setup.exe for installation or run Vcredist_x64.exe included with the product to install the redistributable.

image

Solution 1:

Uninstall current version of Microsoft Visual C++ 2012 x64 runtime. Install Microsoft Visual C++ 2012 x64 from Lync installation media.

Solution 2:

If you just need Snooper for example, you can extract Lync Server 2013 Debugging Tools.

Run: msiexec /a LyncDebugTools.msi /qb TARGETDIR=C:\tmp\LyncDebugToolsExtract

image

Posted in:

Tags:

Issue after installing MS13-061 security update on Exchange 2013

August 15, 2013 at 10:50 PMSaso Erdeljanov

Microsoft temporary removed MS13-061 security update for Exchange Server 2013 due to bug with content index. After installation you will notice Content Index for mailbox databases failed and service Microsoft Exchange Search Host Controller service is renamed.

For customers that already deployed updated, Microsoft provided KB article with steps to resolve issue.

Update 2874216 breaks the content index in Exchange Server 2013

After you install update 2874216, you experience the following issues in Microsoft Exchange Server 2013:

The content index (CI) for mailbox databases shows "Failed" on the affected server.
The Microsoft Exchange Search Host Controller service is missing.
You see a new service that is named "Host Controller service for Exchange."

 

Links:

Update 2874216 breaks the content index in Exchange Server 2013

Exchange 2013 Security Update MS13-061 Status Update

Updates for Exchange 2007, 2010 and 2013 (+security fixes!)

August 13, 2013 at 8:08 PMSaso Erdeljanov

Microsoft just released a bunch of updates for Microsoft Exchange Server 2007, Exchange Server 2010 and Exchange Server 2013. It’s important to deploy updates since they contain security fixes.

Update Rollup 11 for Exchange Server 2007 SP3
Update Rollup 7 for Exchange Server 2010 SP2
Update Rollup 2 for Exchange Server 2010 SP3
Exchange Server 2013 RTM CU1 MSRC Security bulletin MS13-061
Exchange Server 2013 RTM CU2 MSRC Security bulletin MS13-061

 

Microsoft Security Bulletin MS13-061 - Critical

image

 

Exchange 2007 Rollups

The Exchange 2007 SP3 RU11 update contains two fixes in addition to the changes for MS13-061. For more details, including a list of fixes included in this update, seeKB 2873746 and the MS13-061 security bulletin. We would like to specifically call out the following fixes which are included in this release:

  • 2688667 W3wp.exe consumes excessive CPU resources on Exchange Client Access servers when users open recurring calendar items in mailboxes by using OWA or EWS
  • 2852663 The last public folder database on Exchange 2007 cannot be removed after migrating to Exchange 2013

 

Exchange 2010 Rollups

The Exchange 2010 SP2 RU7 update contains the changes for MS13-061.  For more details, see the MS13-061 security bulletin.

The Exchange 2010 SP3 RU2 update contains fixes for a number of customer-reported and internally found issues, as well as, the changes for MS13-061. For more details, including a list of fixes included in this update, see KB 2866475 and the MS13-061 security bulletin. We would like to specifically call out the following fixes which are included in this release:

  • 2861118 W3wp.exe process for the MSExchangeSyncAppPool application pool crashes in an Exchange Server 2010 SP2 or SP3 environment
  • 2851419 Slow performance in some databases after Exchange Server 2010 is running continuously for at least 23 days
  • 2859596 Event ID 4999 when you use a disclaimer transport rule in an environment that has Update Rollup 1 for Exchange Server 2010 SP3 installed
  • 2873477 All messages are stamped by MRM if a deletion tag in a retention policy is configured in an Exchange Server 2010 environment
  • 2860037 iOS devices cannot synchronize mailboxes in an Exchange Server 2010 environment
  • 2854564 Messaging Records Management 2.0 policy can't be applied in an Exchange Server 2010 environment

 

Exchange Server 2013

MS13-061 is the first security update released for Exchange Server 2013 utilizing the new servicing model.  MS13-061 is available as a security update for:

Important: If you have previously deployed CU2, you must ensure you are running build 712.24 in order to apply the security update. For more information about build 712.24, please see Now Available: Updated Release of Exchange 2013 RTM CU2.

 

External links & downloads:

Update Rollup 11 for Exchange Server 2007 Service Pack 3 (KB2873746)

Update Rollup 7 for Exchange Server 2010 Service Pack 2 (KB2874216)

Update Rollup 2 For Exchange 2010 SP3 (KB2866475)

Security Update For Exchange Server 2013 CU1 (KB2874216)

Security Update For Exchange Server 2013 CU2 (KB2874216)

Released: Update Rollups for Exchange 2007 & Exchange 2010 and Security Updates for Exchange 2013

Updated Release of Exchange 2013 RTM CU2

July 31, 2013 at 2:41 PMSaso Erdeljanov

Due to issue with the loss of public folder permissions Microsoft updated Exchange Server 2013 CU2 update (build number 15.0.712.24).

If you have already deployed original CU2 (build number 15.0.712.22), you should upgrade to 15.0.712.24 (potential security updates released for CU2 will be dependent on this build).

You can upgrade to CU2 (.24) via GUI interface or execute setup.exe /m:upgrade /IAcceptExchangeServerLicenseTerms from command line.

Download: Cumulative Update 2 for Exchange Server 2013 (KB2859928) – Build Number 15.0.712.24

Released: Exchange Server 2013 RTM Cumulative Update 1

April 2, 2013 at 7:53 PMSaso Erdeljanov

It’s time to start transition to Exchange Server 2013. Today Exchange Team released CU1 which we were all waiting for some time!

 

Released: Exchange Server 2013 RTM Cumulative Update 1

Download: Cumulative update 1 for Exchange Server 2013 (KB2816900)

Posted in: Exchange | Microsoft

Tags:

Bye, bye Community Server!

December 6, 2012 at 11:06 PMSaso Erdeljanov

I finally have some time and nerves to successfully migrate my blog from Community Server 2007 to BlogEngine.NET. It was a bit painful because of superb options in CS2007.

Thanks to everyone helped developing BlogML converter for Community Server!

 

Here is a screenshot of old blog. Smile

 

CS_Blog

Posted in:

Tags:

POW #14 - Exchange Server 2010 & Event ID 106

January 26, 2011 at 10:54 AMSaso Erdeljanov

POW_Blue_S

You might experience some errors in Application log after Microsoft Exchange RPC Client Access service is started. I saw this issue on servers with only Mailbox Role installed. Although CAS role has also service named Microsoft Exchange RPC Client Access I did not see this issue if CAS Role is installed on server without Mailbox  Role.

image

All errors are from Performance counter category name MSExchange RpcClientAccess.

Event ID 106, Source MSExchange Common, Level Error:

Log Name:      Application
Source:        MSExchange Common
Date:          24.1.2011 21:25:17
Event ID:      106
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      ServerName.fqdn.local
Description:
Performance counter updating error. Counter name is RPC Requests, category name is MSExchange RpcClientAccess. Optional code: 3. Exception: The exception thrown is : System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.
   at System.Diagnostics.PerformanceCounter.Initialize()
   at System.Diagnostics.PerformanceCounter.set_RawValue(Int64 value)
   at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.set_RawValue(Int64 value)
Last worker process info : System.UnauthorizedAccessException: Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ExchangeServer\v14\Transport' is denied.
   at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)
   at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck permissionCheck, RegistrySecurity registrySecurity)
   at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.GetLastWorkerProcessInfo()

There is nothing to worry about this error. Microsoft published article KB982679 - Event ID 106 is logged when you start the RPC Client Access service on Exchange Server 2010.

This problem occurs because the performance counters of the RPC Client Access service are not installed when you install only the Mailbox role on an Exchange Server 2010 server. However, this does not affect the functionality of the Exchange Server 2010 server.

It’s not so pretty to see many errors in Event Viewer after  restarting Microsoft Exchange RPC Client Access service. Let’s try to manually add RPC Client Access performance counters.

Manually add RPC Client Access performance counters

  • Start Exchange Management Shell
  • Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Setup
  • New-PerfCounters -DefinitionFileName "C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\RpcClientAccessPerformanceCounters.xml"

    image
  • Restart server or Microsoft Exchange RPC Client Access service.
  • No errors, happy administrators… Winking smile

Links:

Posted in: Exchange | Microsoft | POW

Tags:

POW #9 – Exchange Server 2007 Edge & DNS Server

September 2, 2009 at 6:50 PMSaso Erdeljanov

POW_Blue_S

 

I noticed that some of the users are running Exchange Server 2007 Edge and public DNS Server on the same server.

Problem

There are some issues with services failing at start up if following is true:

  • Exchange Server 2007, Exchange Server 2007 SP1, Exchange Server 2010 (Edge Role).
  • Windows Server 2003, Windows Server 2008, Windows Server 2008 R2.
  • DNS Server role is installed.
  • Hotfix KB951746 is installed.

You receive following error and all Exchange services are stopped.

pow9_error1

Log Name:      System
Source:        Service Control Manager
Date:          14.7.2009 10:19:36
Event ID:      7023
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EDGE.exchange.pri
Description:
The Microsoft Exchange ADAM service terminated with the following error:
An attempt was made to access a socket in a way forbidden by its
access permissions.

So let’s start troubleshooting… ;-)

If we take a look with netstat we can see that DNS Service (dns.exe) is using 50636 port.

pow9_error2

Exchange Server uses Active Directory Lightweight Directory Services (AD LDS), previous known as Active Directory Application Mode (ADAM), for storing Exchange (Organization)configuration. By default, the Edge Transport server uses the non-standard port 50636 for EdgeSync (Secure LDAP). We can check that with dsdbutil.

  • Open cmd.exe, type dsdbutil and press Enter.
  • Type list instances and press Enter.

pow9_error3

Issue is with hotfix KB951746 (MS08-037: Description of the security update for DNS in Windows Server 2008, in Windows Server 2003, and in Windows 2000 Server (DNS server-side): July 8, 2008).

After security update KB951746 is installed on Windows Server 2008 (RTM/SP2), this issue occurs because the DNS server’s method of port allocation changes, and this change could prevent AD LDS from obtaining the port that it requires to function correctly.

By default, after security update KB951746 is installed, the DNS server randomly allocates 2,500 UDP ports in the ephemeral port range. This is new behavior that is introduced by this update. A conflict may occur if one of these randomly allocated ports is a port that an AD LDS instance has to use.

We can check the size of socket pool with dnscmd:

pow9_error5

 

Background information

To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535.

We can check ephemeral port range in Windows Server 2008 witch netsh.

pow9_error4

This is a change from the configuration of earlier versions of Microsoft Windows that used a default port range of 1025 through 5000.

In Windows Server 2003 or in Windows 2000 Server, the value of the MaxUserPort registry entry defines the ephemeral port range. The range is from 1024 to the value that is defined by the MaxUserPort registry entry.
After you install security update 953230 on Windows Server 2003 and down-level platforms, the following conditions are true:

  • If the value of the MaxUserPort registry entry is set, the ports are allocated randomly from the [1024, MaxUserPort] range.
  • If the value of the MaxUserPort registry entry is not set, the ports are allocated randomly from the [49152, 65535] range.

In Windows Server 2008:

  • Ephemeral port allocation and the MaxUserPort registry entry:
    In Windows Server 2008 or in Windows Vista, the value of the MaxUserPort registry entry signifies the number of ephemeral ports. The range is from the [start port, start range + MaxUserPort]. The default start port is port 49152.
  • Effective ephemeral port range:
    Ephemeral port allocation occurs in the [49152-65535] port range before you install security update 953230 on Windows Server 2008. This port allocation behavior does not change after you install security update 953230.

Solution for Windows Server 2003

We need to reserve Ephemeral port range for Exchange Server 2007 Edge AD LDS instance. We need to specify reserved ports in registry.

  • Start regedit.exe
  • Locate following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  • Create New Multi-String Value with name ReservedPorts
  • Enter following values for EDGE Ports that we want to exclude:
    50389-50389
    50636-50636 


      pow9_error6 

     pow9_error7
  • Reboot server

Solution for Windows Server 2008

Although we can change port range in Windows Server 2008 there is simple trick that does the job. We can change DNS Server service startup type to Automatic (Delayed Start).

pow9_error10

Solution for Windows Server 2008 R2

Windows Server 2008 R2 DNS Server provides SocketPoolPortExclusionList that would allow us to exclude certain ports from DNS Server.

Dnscmd /Config /SocketPoolPortExclusionList

Exchange Server 2007 & Windows Server 2008 R2?

I was warned that mentioning Windows Server 2008 R2 in post of Exchange Server 2007 could be misleading (Thanks to Miha Pihler!). Some quick facts about Exchange Server 2007 and Windows Server 2008 R2:

  • Exchange Server 2007 is NOT supported on Windows Server 2008 R2
  • You need to deploy Update Rollup 9 for Exchange Server 2007 SP1 or SP2 for Exchange Server 2007 if you intend to run DC/GC servers on Windows Server 2008 R2

Links

Posted in: DNS | Exchange | Microsoft | POW | Windows

Tags: