By default, when you require an SSL certificate in IIS on an Exchange server, if users hit the page without providing an https:// in front they will get an error. Rather than require certificates, it’s better in most cases to redirect unsecured traffic to a secured login page. In order to do so, first configure the redirect. To do so, open IIS Manager and click on the Default Web Site. At the bottom of the pane for the Default Web Site, click Features View if not already selected. Then open HTTP Redirect. Here, check the box for “Redirect requests to this destination” and provide the path to the owa virtual directory (e.g.…
-
-
Bulk Exporting of PST Files Using Exmerge
To automate the process of exporting Exchange mailboxes to .pst files, we’re going to use the exmerge tool using a Windows batch file. We can use a MAILBOXES.TXT file to choose which mailboxes we’ll be using and possibly a SUBJECTS.TXT or ATTACHMENTS.TXT to constrain our searches. To run the exmerge, run as a typical GUI based merge but save the search. Once saved, you’ll be able to select a path, which we’ll call c:\tmpexmerge. In here, you should see an EXMERGE.INI as well as a MAILBOXES.TXT (and possibly a few other files. In the MAILBOXES.TXT file you’ll see the CN information for the mailboxes selected in the previous: /O=FIRST ORGANIZATION/OU=FIRST…
-
What Exchange NDR Codes Mean
One of the things that hasn’t changed in all these years with Exchange is Non-Delivery Reports. An NDR is an email that is sent when a message you send fails to go out. Exchange has had a consistent set of NDR status codes since version 5, just adding some here or there with changing technology (e.g. routing connectors, smarthosts, etc). Exchange has a lot of NDR codes at this point. I keep a little list running in my collection of files I spotlight to find the answer to recurring questions (which happens to always be 42). When an email bounces in Exchange, these codes explain why without having to be…
-
iPhone + Locked Down Exchange
Some iPhones can have a problem with some Exchange servers due to the fact that they are not fully manageable using ActiveSync Policies. The New-ActiveSyncMailboxPolicy commandlet is can be used with the -Name parameter to assign a name to the new ActiveSyncMailboxPolicy, which we’ll call iPhone. To allow devices that are not fully manageable to use ActiveSync, an ActiveSyncMailboxPolicy needs to be created where -AllowNonProvisionableDevices is set it to $true. For example, if we were to create such a policy and call it iPhone we would use the following command: New-ActiveSyncMailboxPolicy -Name iPhone -AllowNonProvisionableDevices $true
-
Bypassing Exchange 2007's Content Filter
Exchange 2007 is often set to filter all spam and reject mail that is classified as spam. If you configure Exchange 2007 to do so then you still need an email address that does not get filtered. The reason is that in the body of your rejection emails, you need to provide a valid user with a means to contact you in order to get their mail through. To bypass the content filter for an email address can be done using a commandlet, Set-ContentFilterConfig. When using the Set-ContentFilterConfig you can use the -BypassedRecipients option to specify email addresses that the filter will not be applied to, which would then be…
-
Entourage Web Services Edition Available
For those who have been waiting for a time when Entourage uses less bandwidth, has enhanced support for EWS features and well, works better, the time has come. The beta came and went and we waiting. And the wait is now over. Entourage Web Services Edition is now available for download. You only really need this if you have an Exchange Server 2007 environment and can support EWS.
-
Design Considerations: Exchange 2007 and the Mac
In Exchange 2007, the Client Access Server (CAS) role accepts connections from clients in order to allow them access to the Exchange Server infrastructure (mailboxes, public folders, GAL, etc). CAS accepts connections from: POP3 and/or IMAP4 clients Outlook Web Access (OWA) and/or OWA Light clients Exchange ActiveSync (EAS) clients Entourage falls into this category, and so when you are deploying Exchange 2007 alongside Entourage you will point your clients at your host running CAS. This is a change from previous versions, where you could enable IIS on any host and point clients there; however, it is similar in that CAS is very similar to the front end functionality that this…
-
Exchange 2007: Change Default Domain with PowerShell
Your users sick of typing in their domain name in the OWA auth screen? Well, here’s the PowerShell command to make it where they don’t have to any more: Set-OWAVirtualDirectory -Identity “owa (default web site)” -LogonFormat username -DefaultDomain krypted.com Since you’re not using https://krypted.com/ as your mail domain swap that out with your domain name of course. And if you want to use it for the other virtual directories of OWA, such as Exadmin then run it again swapping out the owa with the VD you’re using. Oh, you can do it through the Exchange Management Console too, but the GUI isn’t as much fun. But if you do decide…
-
Exchange 2007: Find Hidden Users using PowerShell
Find hidden users in the GAL using this powershell command: Get-Mailbox | Where {$_.HiddenFromAddressListsEnabled -eq $True} | Select Name, HiddenFromAddressListsEnabled
-
Exchange 2007: Send-As
Find all mailboxes with Send As permissions for someone other than yourself with Exchange PowerShell using this command: Get-Mailbox | Get-ADPermission | where {($_.ExtendedRights -like “*Send-As*â€) -and -not ($_.User -like “NT AUTHORITYSELFâ€)} | FT -Wrap