Exchange 2013 – Page 19

X-OWA-Error: Microsoft.Exchange.Security.Authentication.TokenMungingException

Scenario: When a user tries to access OWA, the receive the following error:

something went wrong

Sorry, we can’t get that information right now. Please try again later. If the problem continues, contact your helpdesk.

X-OWA-Error: Microsoft.Exchange.Security.Authentication.TokenMungingException

Resolution: This is the result of the mailbox being a ‘linked mailbox’ and having a value in the ‘linked master account’.

Run the following to view the value:
get-user batman15 | select linkedmasteraccount

Run the following to remove the value:
set-user batman15 -linkedmasteraccount $null

Exchange Health Manager has restarted a server even though a Global Monitor Override was in place.

Scenario: You have a GlobalMonitoringOverride configured to prevent the reboot of an Exchange Server for a specific Exchange Health Monitor responder, but MSExchangeHMWo still rebooted the server anyways. In our example below, we have an existing global monitor override that should prevent reboots for the responder “ActiveDirectoryConnectivityConfigDCServerReboot”.

Cause: The globalmonitoringoverride had an expiration date for 60 days after it was set.

Resolution: Remove the existing GlobalMonitoringOverride and replace it.

step 1 – View the current globalmonitoringoverride

get-globalmonitoringoverride

step 2 – View the log file associated with the reboot for the Repsonder

(Get-WinEvent -LogName Microsoft-Exchange-ActiveMonitoring/responderdefinition | % {[XML]$_.toXml()}).event.userData.eventXml | ?{$_.Name -like “ActiveDirectoryConnectivityConfigDCServerReboot”} | ft name,enabled

step 3 (only if you have override setup already)

remove-GlobalMonitoringOverride -Identity ExchangeActiveDirectoryConnectivityConfigDCServerReboot -ItemType Responder -PropertyName Enabled

Step 4 – Apply Either of the options below.

Apply based on duration of 60 days

Add-GlobalMonitoringOverride -Identity ExchangeActiveDirectoryConnectivityConfigDCServerReboot -ItemType Responder -PropertyName Enabled -PropertyValue 0 -Duration 60.00:00:00

Apply based on Exchange version

Add-GlobalMonitoringOverride -Identity ADActiveDirectoryConnectivityConfigDCServerReboot -ItemType Responder -PropertyName Enabled -PropertyValue 0 –ApplyVersion “15.00.0847.32”

Step 5 – Restart the “Microsoft Exchange Health Manager” service

Working with Mailbox Rules in Powershell

1. Get all forwarding rules in an organization:

foreach ($i in (Get-Mailbox -ResultSize unlimited)) { Get-InboxRule -Mailbox $i.DistinguishedName | where {$_.ForwardTo} | fl MailboxOwnerID,Name,ForwardTo >> C:AllForwardRules.txt }

2. To get inbox rules for a mailbox:

Get-Inboxrule. You can also do get-inboxrule | Fl to see details of the rule

3. Type Get-command *inboxrule* to see list of commands for inbox rules

4. To remove a rule, type get-inboxrule | remove-inboxrule

5. Create inbox rule called Junk for a set of users in a particular OU called Test. this will rule will move messages with subject ‘spam” to a folder called

Junk email

$mailboxes = Get-mailbox -organizationalUnit test

$mailboxes | % { }

$mailboxes | % { New-inboxrule -Name Junk -mailbox $_.alias -subjectcontainswords “[spam]” -movetofolder “$($_.alias):Junk Email” }

Scenario: Customer is running Exchange 2010 and Exchange 2013 servers in coexistence. The servers have the latest rollups and patches. Users using Outlook 2013 with mailbox on Exchange 2013 are not able to edit calendar of an Exchange 2010 mailbox user.

Note that customer is running Windows 7(sp1) and Outlook 2013 sp1

Resolution: Run windows update and ensure Outlook and Office 2013 are all patched to this version: 15.0.4615.1000

Script for converting Bounce Back LegacyExchangeDN to the X500 format

Scenario: You have to convert the LegacyExchangeDN that is being provided to you in bounce back emails with the special charter formatting into an X500 address. This may need to be done if mailboxes are disabled and recreated as new mailboxes or when performing migrations.

From the bounce back message, copy and paste the address into the $Addr variable below and then execute this script:

#Edit the $Addr Variable
$Addr = "IMCEAEX-_O=TEST+20ENTERPRISE+20EXCHANGE_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT+29_CN=RECIPIENTS_CN=4bd8a35a90e2441a4587635898d62f9f-s@domain.com"

#Run the following against the variable
$Addr = $Addr -replace "IMCEAEX-",""
$Addr = $Addr -replace "@.*$",""
$Addr = $Addr -replace "_","/"
$Addr = $Addr -replace "+20"," "
$Addr = $Addr -replace "+28","("
$Addr = $Addr -replace "+29",")"
$Addr = $Addr -replace "+2C",","
$Addr = $Addr -replace "+5F","_"
$Addr = $Addr -replace "+40","@"
$Addr = $Addr -replace "+2E","."
$Addr= “X500:$Addr”
Write-Host $Addr

#Add the Email Address to the Mailbox
set-mailbox usera -emailaddresses @{Add=$Addr}

Script to see ActiveSync Device Statistics from a filtered Mailbox List.

Scenario: Customer wants to a list of all users with active mobile devices so they can see lastsuccesssync, devicepolicyapplied, etc of the devices

$Mailboxes = Get-CasMailbox -Filter {HasActiveSyncDevicePartnership -eq $True -and -not displayname -like “CAS_{*” -and -not displayname -like “Extest_*”} –ResultSize Unlimited

$Devices = $Mailboxes | %{Get-ActiveSyncDeviceStatistics –Mailbox $_.Identity}

$Devices | Export-CSV -Path C:scriptstest.csv

Accessing a shared Calendar of a Exchange 2010 mailbox from an Exchange 2013 mailbox via OWA

Scenario: A mailbox on Exchange 2013 SP1 cannot open or edit calendar entries of an Exchange 2010 SP3 mailbox using OWA (Outlook Web App). Attempting to open the calendar entry does not appear to do anything. The user has explicit rights to this shared calendar.

Cause: Per Microsoft, this is an unsupported configuration for OWA. This is by Microsoft design.

Work Arounds:
1. Use an Outlook client to view calendar information between the 2013 and 2010 mailboxes.
OR
2. Move the Exchange 2010 mailbox to Exchange 2013.

Reseed Exchange Database Copy via Exchange Powershell

Below are the steps to reseed a Database Copy via Exchange PowerShell. The database copy that needs to be reseeded is DB01 on the mailbox Server MBX04. We will use the server MBX03 that has a healthy database copy to perform the reseed.

1. Check to see if the problematic database copy has a failed and/or suspended status:
get-mailboxdatabasecopystatus DB01

2. If the database copy is already failed and/or suspended, you can skip this step. If the database copy you wish to reseed has a status of healthy, you must suspend the database copy:
suspend-mailboxdatabasecopy DB01MBX04

3. To reseed the mailbox database copy, run the following:
update-mailboxdatabasecopy DB01MBX04 -sourceserver MBX03 -DeleteExistingFiles

Set accepted IP ranges to a receive connector with powershell

Task: Set accepted IP ranges to a receive connector with powershell

Set-ReceiveConnector -RemoteIPRanges ‘19.168.7.26’,’10.1.1.28′,’172.123.3.0′ -Identity ‘serverDefault server’

Configure message throttling for your organization with recipient rate limit of 5000 and message rate limit of 20

Task: Configure message throttling for your organization with recipient rate limit of 5000 and message rate limit of 20

Use this command:

New-ThrottlingPolicy -Name fightspam -RecipientRateLimit 5000 -MessageRateLimit 20

Now Apply policy to particular mailbox:

Set-Mailbox -Identity user_alias -ThrottlingPolicy fightspam

Use this command to apply to an Organizational Unit:

get-mailbox -OrganizationalUnit ‘domain/OU’ -resultsize unlimited | set-mailbox -Throttling

Policy fightspam