Tiny Deathstars of Foulness

When working on mail flow issues, one of the first troubleshooting steps with any mail server is to try and telnet into port 25 of the server. Exchange has an error, 530, that says that the smtp connection wasn’t authenticated. If you’re trying to relay through an Exchange server, that’s a good thing, as you wouldn’t want an open relay. However, if you’re trying to relay to an Exchange server, that’s not such a good thing. So let’s look at what this symptom looks like. First we try and telnet into port 25 of the server: telnet 25 Which shows the following: 220 Then we say hi: Helo And because the laws of robotics tell it to do so, the server says hi back: 250 Hello Then we try and relay to it: mail And we get this error at some point in our smtp communication: 530 5.7.1 Client was not authenticated Now, at this point we should look at the receive connector for Exchange, part of Hub Transport. To do so, open Exchange System Manager or Exchange Management Console and select Hub Transport under the Server Configuration section. Screen Shot 2013-10-09 at 12.44.10 PM Here, locate your default receive connector (don’t do this on a send connector or you will create an open relay), right click it and then click on Properties. Screen Shot 2013-10-09 at 12.44.27 PM At the Properties dialog, check the box for Anonymous users. This allows for another mail server to communicate with yours over smtp since that other server is basically just running through the message dialog we worked through earlier while telneted into the host. Click Apply to save the changes and for giggles go ahead and stop (disable) and start (enable) the connector.

October 9th, 2013

Posted In: Microsoft Exchange Server, Windows Server

Tags: , , , , , , , ,

Exchange is becoming more and more command line oriented. This includes the powershell options for managing Exchange once installed, but can also include the initial installation. To install Exchange from the command line, one must first install Exchange prerequisites, which are broken down per role that is being installed on Exchange. This can be done using the Add-WindowsFeature commandlet. To install the Windows requirements for Exchange for the Client Access, Hub Transport and Mailbox roles, use the following command: Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy,Web-WMI -Restart For the Edge Transport role, use: Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Desktop-Experience -Restart For the Unified Messaging role, use: Add-WindowsFeature NET-Framework,RSAT-ADDS,ADLDS -Restart After the server restarts, also configure NetTcpPortSharing: Set-Service NetTcpPortSharing -StartupType Automatic Once the required features are installed, you can then run the installer and extend the Active Directory schema to prepare for the new attributes required for the version of Exchange you’re installing (2010 for this article btw). To do so, use the setup.exe command. In this example command we’ll use the setup.exe located in c:ExchangeInstallers: c:ExchangeInstallerssetup.exe /prepareschema Once the Schema is ready, then prepare AD: c:ExchangeInstallerssetup.exe /preparead Then, prep the domain: c:ExchangeInstallerssetup.exe /PrepareDomain Note: For a full listing of what happens at the above stages of the installation, see TechNet 125224: Once that’s done, I like to do a quick sync of AD from the control with my schema FSMO role: repadmin /syncall Then, for the easy part: install Exchange (in this case we’re installing Hub, CAS & Mailbox roles): c:ExchangeInstallerssetup.exe /m:install /r:h,c,m And voila, you’ve now got an Exchange Server. Since this is a Mailbox server, an empty information store is created and store.exe should be running. Use Get-Mailboxdatabase to verify: Get-Mailboxdatabase -status You can then move a database (e.g. to your SAN), since the default will be nested in the mdb folders in the Exchsrvr directory by using the move-DatabasePath cmdlet. Or use the move-storagegrouppath cmdlet to move the transaction logs. Once the information store is back online and any logs have been moved, check the connectors in Exchange. Use get-sendconnector to see any outgoing connectors and get-receiveconnector to see any incoming connector information. You can also use get-exchangecertificate to check any certs on the host and get-routinggroupconnector to see any information about routing group connectivity.

June 11th, 2013

Posted In: Mass Deployment, Microsoft Exchange Server, Windows Server

Tags: , , , , , , , , , , , , , , , , ,