Author: Steve Man

Chrome browsers slow in loading OWA 2010 behind TMG

We have noticed that Chrome browsers have significant delay in loading websites through a reverse proxy server like TMG. Issue: There is a new feature in Chrome called SSL False Start which is supposed to speed up your SSL connections. Unfortunately, the end result against sites published by TMG is they don’t ever load unless the user manually refreshes the page a 2nd time. Keep in mind this applies to any SSL website published by TMG and accessed by a user with Chrome, not just Lync Web App or Outlook Web App. There is also an issue open on Google Code about this problem, http://code.google.com/p/chromium/issues/detail?id=67617, but there is no server-side fix. At this time the only solution is to modify the Google Chrome shortcut to disable the SSL False Start feature. Just modify your shortcut to be “chrome.exe -disable-ssl-false-start” and all is well. Reference: http://www.confusedamused.com/tags/tmg/ Lync Web App and TMG Hangs January 24, 2011

Balancing Active Databases

Server reboots, Domain Controller issues and other interruptions can cause databases to fail-over to another healthy database in the DAG. Since our DAG was designed to keep roughly half of the mailboxes in the Mount Washington Datacenter and the remainder in the East Baltimore Data Center it is important to be sure that the active databases are balanced and on the copy with an activation preference of 1.
To help with this, Exchange 2010 SP1 includes the script RedistributeActiveDatabases.ps1.
To use this script logon on to a Mailbox server in the DAG and go to the scripts directory by entering the following in the Exchange Management Shell:

cd ‘E:Program FilesMicrosoftExchange ServerScripts’
To determine which copy each database is active, run the RedistributeActiveDatabases.ps1 script with the following syntax:
.RedistributeActiveDatabases.ps1 -ShowDatabaseCurrentActives >C:db.txt
This will output a list detailing the activation preference of each active database to file on the root of C: called db.txt.
After reviewing this file, you may find that some of the databases are active on lower preference copies. To rebalance them run the RedistributeActiveDatabases.ps1 script with the following syntax:
.RedistributeActiveDatabases.ps1 -dagname <dagname> -BalanceDbsByActivationPreference -ShowFinalDatabaseDistribution -Confirm:$false
This will attempt to balance the number of active databases on each server by moving them to the copy with an activation preference of 1. Depending on how unbalanced the databases are, this may have to be run more than once.

could not establish TLS/SSL session to IMAP4/POP3

Issue/Error message: A certificate for the hostname “imap.domain.com” could not be found. SSL or TLS encryption cannot be made to the IMAP service.
Synopsis: The certificate was there in the cert store for the computer account, and nothing else had any trouble recognizing it. Even the Exchange console recognized it just fine, but the service just would not take it on start.
Resolution: Figured out that imap/pop services required smtp as part of the services when assigning services to the certificate. Re-Enabled the exchange
certificate with imap and pop, which automatically added the S. Restarted IMAP and POP3 service and all started working