Exchange permissions

Most times it’s not a good idea to make everybody full administrator, but what can the different administrators do in Exchange 2007? In Exchange 2003 we had the Exchange Full Administrator, Exchange Administrator and theExchange View Only Administrator in Exchange 2007 we have the Exchange Organization Administrator, Exchange Server Administrator, Exchange Recipient Administrator and Exchange View-Only Administrator. Microsoft has published a really usefull Technet article on this which describes which administrator can do what and what he don’t can do .

OWA and ActiveSync won’t work anymore

Today I discovered a strange issue in my Exchange 2007 test environment both OWA and ActiveSync didn’t work anymore. A strange .NET error was displayed that if I wanted more info I needed to change a XML file. As I didn’t had changed many on the system I first looked if all services were running, this was the case. The next step was checking the event logs also there was nothing strange to find. The last step was IIS on first sight everything appeared to be OK but after investigating the .NET tab of the virtual folder OWA I discovered that it was set to 1.1 instead of 2.0. After changing this everything worked OK.

Messaging Records Management

In Exchange 2007 there are a lot of new features which are designed for message retention:</p>

  • Managed Default Folders
  • Managed Custom Folders
  • Managed Folder Mailbox Policies

Not all features will work in all Outlook versions, some features will only work in Outlook 2003 SP2 or higher and there are a few that only work in Outlook 2007. For a complete overview have a look at the following site.

First the tab Managed Default Folders, in the first sight you may say he this are the default folders a user will get in his mailbox. In this case this isn't true, this are the parameters which are used to specify the settings you would like to apply on the standard Outlook folders (inbox, outbox, sent items, etc.). For example it's possible to add a second mailbox to the Managed Default Folders with a longer retention time.

In previous versions of Exchange you could arrange the automatic delection of deleted items by using  Recipient Policies. With all the new laws (especially in the USA) it may be needed to keep mails for a longer time. But doing this manually is a lot of work so why don't let Exchange do it for you. With the Managed Content Settings you can setup things like:

  • move items to deleted items after a specified period
  • move items to an other folder which is created by Managed Custom Folders
  • delete items but keep the possibility to recover them
  • permanent delete items
  • mark items when the retention time has expired

But how do we configure this, it's not really hard to do this. You click with your right mouse button on the folder or you choose the option entire mailbox to create one setting that will be applied to the complete mailbox. Next we select the option New Managed Content Settings, you will get the following screen:

I think all field descriptions are clear enough but here's a short overview:

  • name, name of the Managed Content setting
  • message type, on which items does this setting need to be applied.
  • length of retention period, this field needs to be enabled to specify the other settings. When you only would to enable journaling we don't have to enable this option. In the field after this field we can specify the amount of days an item need to be kept.
  • retention period starts, when Exhange checks the items if their retention time is expired what is the start date. This can be the date the item arrives at the mailbox or the date that the item is placed in a specific folder.
  • action to take at the end of the retention period, what needs to be done after the retention time expires.
  • move to the following managed custom folder, this field can only be filled in when the option in the previous version is set to move to a managed custom folder

When all fields are filled in we click on next and we get the option to enable journaling

With journaling we can arrange that from each item in the folder a copy is forwarded to an apart email address. With this we have the option to still have a copy of the message when it is deleted from the original mailbox. This mailbox is in most times not accesible for standard users but for example only accessible for managers.

By placing a checkmark before Forward copies to and select a mailbox which the messages need to be forwarded to we can configure journaling. Besides these two options we can fill in which file-type the original message should have when attached to the journaling message. 

When all settings are the way you like click on new

When all settings are applied with success you will get the following screen:

As you can see all settings are applied succesfully and we get a short overview of which Powershell command is used to do this.

When we look at the overview of folders we will see a + in front of the folder we just created the Managed Content Setting for. When clicking on it you will see the name of it.

As said earlier all the names on this tab are just parameters and not the folders itself. Lets create an other folder with a longer retention time for example for the mailbox for the management.

We could do this by creating a new Managed Default Folder. This can be done via the menu and selecting the option New Managed Default Folder or right click somewhere in the white space of the tab.

In the screenshot above we can specify the following:

  • name, name of the parameter
  • default folder type, which type need this parameter  to be
  • display the following comment when the folder is viewed in Outlook, with this option we will display a message.warning to a user. For example we can display the retention time that is active on this folder.
  • do not allow the users to minimize this comment in Outlook, with this option we can prevent that users minimize this message/warning

When ready click on the next button to create the new parameter, when this has successfully been completed you will see the following screen:

When we now have a look at the overview if the tab Managed Default Folders we see the new parameter between the other parameters:

The next tab that we discuss is the Managed Custom Folders with this we can create an extra folder that we want to add to a users mailbox.  This folder will not be created in each mailbox but only to mailboxes from users where the policy has been applied to.

A new folder can be created by:

  • right click in a white part of the tab and select New Managed Custom Folders
  • in the menu in the right side of the screen select New Managed Customer Folder

When we select this option we will get the following screen:

Below a description of the fields:

  • name, name of the new folder
  • displayed the following name when the folder is viewed in Office Outlook, the name that is displayed in Outlook
  • storage limit (in KB) for this folders and its subfolders, the maximum size of the folder and it's sub-folders.

Enable-AntispamUpdates

Strange mails in the queue

Maybe you have seen a mail queue with a lot of mails to strange domains. After further investigation most times you will find out that it will be NDR’s. When you zoom in to the messages you can recognize them because they have the following properties:

Empty the Outlook calender

I found a nice question on the MSExchange forum which I thought it may be interesting. It may happen that during an import there goes something wrong with the calender,  how can you clear all items from the calender ? The answer is via the Powershell with the following command:

E-mail address policy

E-mail address policies are always nice to play with, but when you don’t use them often you sometimes forget the variables which you can provide to build an e-mail address. I made a short list of available variables:

Mailbox-database cleanup

In Exchange 2003 you could use the Cleanup database to check the mailboxdatabase for mailboxes who were not assigned to users anymore. In Exchange 2007 you can do this via the Exchange Management Shell. The command that you need to use for this is clean-mailboxdatabase. This command will scan the Active Directory for mailboxes who are not assigned to users anymore but are not marked as this in the AD. When the status is not correct it will update the status directly.

Mail queue

Exchange 2007 contains a few nice tools. One of them is the queue viewer_,_ with this tool you can get an overview of all mails who are still in the queue of Exchange 2007. You can do this also via the Powershell command get-queue, with this command all mail queues are displayed with the ammount of messages in it.

Strange issues with Out of Office

Normally the Out of Office functionality isn’t really hard and you won’t have a lot of issues with it. But when you have issues they can be quite complicated. For example, if Out of Office is enabled but it doesn’t send the message to the sender. There are a few things you should check in this case. The problem is most times caused by the rule entry in the users mailbox. To clean this up you should start Outlook with the /cleanrules option. When this doesn’t solve the issue you will have to do some Exchange “hacking”, this can be done with two tools: