PowerShell

Exchange – Start Transcript

Posted by robd on December 07, 2015
exchange, exchange 2010 / No Comments

Want to record exactly what happens when you’re using the Exchange Management Shell? Use the Start-Transcript cmdlet. Anything that you do after you run this cmdlet will be recorded to a text file that you specify. To stop recording your session, use the Stop-Transcript cmdlet.

Notice that the Start-Transcript cmdlet overwrites the destination text file by default. If you want to append your session to an existing file, use the Append parameter:

Tags: , , ,

How to add a vlan on VMWare (in my case to use with Citrix):

Posted by robd on December 19, 2014
Citrix, vmware / No Comments

My current Citrix XenDesktop environment has out grown its original IP scope and I wanted to move it to a new dedicated VLAN with scope to grow even more. Below is brief guide in the steps taken.
Stage 1 – Creating the DHCP Scope
•    Logged onto your DC and open DHCP, drill down on IPv4, right click and select New Scope.
1
•    Give the Scope a name “Citrix Guest VM’s” and description.
2
•    Enter the IP range you would like addresses DHCP to give out (it always a could idea to leave some spare at the end for static IPs)
3
•    Add any exclusions you wish
•    Lease duration I left default of 8 days
•    Proceed to “Yes, I want to configure these options now”
•    Default Gateway is the IP address you will assign your Core Switch / Router in your network when creating the VLAN in the next stage. 192.168.25.254
4
•    Next select/enter your DNS servers
•    WINS Server if any
•    Active Scope – Select “Yes, I want to activate this scope now”
•    Finish

Stage 2 – Creating a new VLAN
In my environment we use HP Procurve Switches, so the following config are HP cmds.
•    Log on to your Core Switch / Router and use the follow config.

Config Break down
1 Enter configuration mode
2. Created VLAN 3025
3. Naming the VLAN
4. Creating the default gateway ip address for the VLAN
5 & 6. DHCP Servers
7. Tagging – You need to tagged any ports you would like to traffic to run through, see below.
8. Exit VLAN config
9. Save
Tagging
You need to proceed to create the VLAN and tagged the ports through your network you intend the traffic to run through. In my situation I stated by creating the VLAN on both core switches and had to tagged ports through to my server rack switches and then uplinks to my ESXi Hosts.
5
Testing
Once all the tagging was done I wanted to do some testing before I moved onto VMware VCentre.
From my core switch I untagged a port on VLAN 3025 (untagged assigns an the device connected to that port the IP in that specified VLAN). Plugged in my laptop and check the address assigned. It was a success I received a address from the 192.168.25.0/24 range, I could double check this by looking at the address leased on the DHCP server.
If you was not successful at this point please go back and review as the stage will not work

Stage 3 – VMware VCentre
•    Adding the Virtual Machine Port Group  (VLAN) onto a vSwitch (virtual switch) in VMware
Open up VMware Client, navigate to the your Cluster
– Select your host (if you have mulitple you will need to do this to all of them)- Select the Configuration tab
– Select Networking from the left side menu
– Click ” Add Networking at the top”
6
Add Virtual Machine, click next
7
Select the vSwitch you are currently using, for exmaple mine is “vSwitch0″
8
Give the Port Group a name, i suggest using the same as the VLAN on the physical switches.
Enter the VLAN ID – 3025
9
View Summery and Click Finish.

You have now added a new VLAN (port Group) into VMware ESXi and can now been given to VMs, in our case our VDI solution.
To check this, edit any VM which is sitting on any of the host you have just configured, select the NIC and you should be able to drop now the menu to select “Citrix Guest VMs” network.

10

Now this is great, you are able to change the VM to a new network…… but I have 200 VMs!
It is not feasible to sit there and manually reconfigure and 200 machines and reboot them, plus you would be taking down your environment for a long time.
Stage 4 – VMware vSphere PowerCLI
How to automate the NIC change for multiple VMs
1. Download VMware vSphere PowerCLI

2. Install and connect to you Vcentre Server

11
Once Successfully connected you can start issuing powershell commands. Use get-vicommand to see a list of all PowerCLI commands.
To complete this task we just need:
– The list of machines from the XenDesktop machine catalog.
Commands used:

Scenario:
– Machine Catalog Name: “Admin Desktop”
– Machine names: “monvdiad##”
-Current Network: “Server Network”
-New Network: “Citrix Guest VMs”
** Make sure the account you are using have elevated rights in vSphere
PowerCLI Commands to change VLAN
To obtain a list of all XenDekstop VMs in that catalog issue following command use the wildcard display all machines that start with “MONVDIAD*”

If the above query returns the list of the correct VM’s then proceed to change the NIC with the code below.

Press “A” to accept the changes and watch the magic begin.
Once complete I personally would give the affected VM’s a reboot with the following cmd

Again press “A” to accept
You can check your work by manually check a VM or issue the following cmd which will query and display any VM using “Citrix Guest VMs” Port Group as a selected network.

Jobs a good un!

Tags: , , , , ,

Terminal Server Security

Posted by robd on December 01, 2014
powershell / 1 Comment

Today a client noticed several thousand failed secuity attempts on their Terminal Server:

 

So after filtering the Event 4625 in event viewer I found I couldnt export the Source Network Address. So came up with this handy powershell script to export the IP to a csv:

 

Tags: , , ,

Find AD users using Profile Paths (roaming profiles)

Posted by robd on May 08, 2014
powershell / No Comments

So today due to a server migration I needed a list of all the users who have roaming profiles, found this useful Powershell script:

Please note you need to ammed this line of code to suite your site: “OU=VI2,OU=Students,OU=Users,OU=Monmouth School,DC=Monmouth,DC=local”

Tags: , , , , , , ,

Service Pack 3 for Exchange 2010

Service Pack 3 for Exchange 2010

So I only recently got around to installing SP3 for Exchange 2010 (I’ve been on holiday for a few weeks and what not) and thought I’d share my experience around the experience!

Now you may or may not know this service pack updates the Active Directory Scheme which basically means when you install this update you must be a Schema or Enterprise Admin to run the installation!!

Now if like me your Exchange Server sits on a completely separate domain to your Root Active Directory servers you’ll need to do a little planning.

For example I have a domain, let’s call it BohemianGrove.co.uk and a sub domain called Corp.BohemianGrove.co.uk.  BohemianGrove.co.uk is where my root Active Directory Domain Controllers are installed which means that’s where the Schema settings are stored for Exchange, these settings then filter down to sub domains which in my case is where my Exchange servers are installed i.e Corp.BohemianGrove.co.uk.

All this means in regards to this update is I’ll need to run Setup.com /prepareAD from BohemianGrove.co.uk as an Enterprise Admin before I run the update from the actual Exchange servers.

Exchange_Adprepare

So from the above you can see that all went very smoothly luckily for me (I won’t write about how I tried to run the SP2 update two or three times which produced soooo many errors)!  From here I waited 20 mins for the Schema update to replicate down, although you can force a update via Active Directory Sites and Services.

 

Next came the update for the servers but please note, install the update on the roles in this order:

Client Access servers,

Hub Transport (My HT and CAS roles are on the same server),

Edge Transport servers,

Mailbox servers,

Unified Messaging servers (I don’t have any, does anyone?),

 

Before I start talking about the install I should mention that you should only install the update on nodes or DAG servers that arnt active i.e. you need to fail an active server to a passive server and run the update, then fail back.  Here’s a very quick how to do this:

 

CAS/Hub Transport –

–  Stop the active node in the cluster via Network Load Balancing Manager by right clicking a node and click Clicking Control Host then Stop (or DrainStop if your worried users are connected still),

– In Network Load Balancing Manager right click the same node and choose properties and set the Default state to STOPPED, this will stop the node auto joining the cluser when once it reboots,

– Finally run the update, reboot the server and re-start the Default state.

– Do the above to the next node.

 

Mailbox Server  with a DAG –

–  Find the active database plus where the PAM role is and make a note:

–          Check the cluster group:

–          The above is just an initial check to ensure that the environment is in a situation where it is ready for manual failover.  The next set of instructions will fail the DB over to the passive server, prevent DB automounts, and reconfigure the cluster.

–          Run DAG Maintenance script (run from C:\Program Files\Microsoft\Exchange Server\V14\Scripts):

(please note overrideMinimumTwoCopies, this is because I only have two servers in my DAG).

–          This fails the active DB over to MB02. A quick check of the Management Console will show this is correct.

–          Rerunning the PAM holder and Cluster owner commands will show the second server as the master,

–          You can now conduct your tasks on this server with no Exchange downtime,

–          Once your tasks are complete, it’s time to fail the services back,

–          From Exchange Powershell, run; (From C:\Program Files\Microsoft\Exchange Server\V14\Scripts)

–          There is no output from this script as it simply allows us to now make changes. Fail databases back

–          Switch Cluster Master cluster group

–          Finally run both the PAM and Cluster query commands to ensure both roles are back with the active server,

 

So run the install:

Extract_Binary

 

Upgrade

Exchang Start

 

The install will check if you’ve updated the schema and if your servers, click Upgrade and the install will start, be warned it can take a while to install, mine took about 30 mins which seemed to be mostly the language pack:

Readiness

Install

Fortunately for me the install went smoothly on all my servers but just be careful to only run the update on servers that are not active.  Also note that once you update a server with a database on you cant fail that database to a none updated server.

Finally make sure you run Exchange 2010 SP3 Rollup 3 as this will fix a heap of issues with Exchange 2010 SP3.

Tags: , , , , ,

MAPI Connections to Exchange 2010

Posted by robd on August 19, 2013
exchange 2010, Office 2010, powershell / 5 Comments

So had a bunch of errors on my Exchange 2010 server today, namely:

Event ID 9646 MSExchangeIS

The error doesn’t give much away but basically what its saying is:

A user with GUID “ccd83bc42-1bff-459e-9db2-558cc68478b9” has more than 500 open folders in a single session, because exchange only allows 500 open folder connections (for a cached mailed) at a time its going to screw with the user and in our case not automatically update the users folders in Outlook 2010.  Please note this is different from open MAPI connections to the mailbox.

Note this has been edited with help from Mark Daley who stated:

the objtfolder is an ‘Open Item Limit’ ie the limit of the number of folders that are being opened in a single session, not the number of connections being made to the mailbox which is a session limit See (http://technet.microsoft.com/en-us/library/ff477612(v=exchg.141).aspx). This limit is the total for the session so if a user has 250 folders in their own mailbox and say 300 in a shared mailbox then the limit will be breached. The other thing that should be explained in that this is only likely to occur when the mailboxes are cached (shared and non-shared) as it is the consequence of caching that is causing the limit to be breached because each folder is opened / counted during the mailbox sync process. Therefore turning off caching mode for either the primary mailbox or just the shared mailbox is another fix for this issue.

 

You may be wondering how a user could have more than 500 connections, well in our case the user had two mailboxes attached to their own mailbox and all the folders (inbox, outbox etc) together added up to more than 500 folders.

You can scan a mailbox with Power Shell to determine the number of folders:

So lets say you see the errors on your Exchange 2010 server but don’t know who’s having the issue, you find Users MAPI GUID’s by running the following Power Shell command:

Once you know who the user is what can you do, well there’s four options in my mind:

1) Tell the user to re-organise the folder structure,

2) Remove some of the extra Mailboxes from a users mail profile if possible (you could add a extra profiles to Outlook, making Outlook prompt on start up),

3) Do not cache the mailbox in Outlook or simply do not cache the additional mailbox in Outlook.

4) Change Exchange 2010 to allow more than 500 folder to be open at a single time for cached mailboxes!

 

To proceed with 4) you’d need to do the below but be warned if large quantities of users connected with plus of 500 folders your server performance will suffer drastically:

Log onto all your mailbox servers and create the following registry key:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Expand the following registry subkey:
    \\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
  3. Right-click ParametersSystem, point to New, and then click Key.
  4. Type MaxObjsPerMapiSession, and then press ENTER to name the new sub key.
  5. Right-click MaxObjsPerMapiSession, click New, and then click DWORD Value.
  6. Enter the object type as specified in the event description, and then press ENTER.
  7. Right-click the object type that you entered, and then click Modify.
  8. In the Value data box, type the number of objects to which you want to limit this entry, and then click OK.

 

Tags: , , , , , , , , , ,

Exchange 2010 – Health Report

Posted by robd on February 14, 2013
exchange 2010, powershell / No Comments

So the other day I wanted to run a health report on Exchange servers to show management that our Exchange environment is happily chugging away and their email problems are likely be down to inferior laptops or iPads or what ever!

Tha’ts when I found a brilliant PowerShell script written by Paul Cunningham that runs a health report on all the Exchange servers in your environment and emails you a report.

You’ll need to setup the email bit in the script, for example:

SMTP
Then just run it, for example:

The it produces a very useful report:
report

 

Tags: , , , ,

Exchange 2010 – transaction log files & iOS 6.1

Posted by robd on February 11, 2013
Apple, exchange, exchange 2010, iOS / No Comments

So anyone who looks after Exchange 2010 and allows users to connect their iPhones and or iPads will know the fun and games of mail going missing, calendars loosing invites or not matching their outlook calendars (most the above can be fixed by recreating the users mail profile on the ipad or in Outlook)….

Well to top this off iOS 6.1 seems to cause a sync loop on the Exchange mailbox server causing excessive transaction logs (thousands of logs in 15 minutes) which can lead to a very dead exchange server.

To combat this you’ll need to find the device and then turn off active sync for that user, or another route would be to block all iOS 6.1 devices from establishing a connection.  Edit: some people say removing the exchange mail profile from the iOS device and re-adding it solves the issue!!

To find the users, I’d first run a report of who has and hasn’t updated their devices by running a script that I’ve previous mentioned:

http://bohemiangrove.co.uk/exchange-2010-with-apple-ios-6/

Output:

All_iOS_Devices_on_Exchange_2010

Alternatively if you’re scared of PowerShell or maybe a admin has blocked you for using it because you’ve been a naughty boy or girl you could use Log Parser Studio which is like a plugin for Log Parser!!  So install Log Parser on a CAS server and run Log Parser Studio, then point the tool at the IIS logs.  Finally use one of the built in search tools such as ActiveSync Report [Top 20] to find the which device has produced large amounts of hits and hence caused all the transaction logs!

Log_Parser_Studio

So know you have a list of users who have iOS 6.1 you could disable active sync for each user via the Exchange control panel.

Or if you’d rather block all the iOS 6.1 and any future 6.1 devices you could run this the following PowerShell command that will create an Active Sync rule.

Note, if you don’t warn users they may complain about their devices not accepting passwords or similar!!

Tags: , , , , , ,

Exchange 2010 with Apple iOS 6

Posted by robd on January 15, 2013
exchange 2010 / 1 Comment

Since Apple update iOS to version 6 earlier this year I’ve had nothing but problems with calendar being mismatched between Apple devices and Outlook and users claiming mail has completely disappeared off the planet!!

Urggghh is my initial answer…..Now I try and tell users I really don’t think its Exchange as we patch like crazy and other devices such as Android and Microsoft work like a charm… But some fan boys don’t care what I have to say and blame me or MS anyhow!

The truth as far as I know it is its down to Apples adaptation of Active Sync that as far as I can tell must work totally different and seems to have been a bit of a after thought to the Apple product line.  Just for a info a quick and temporary solution is to remove the Exchange account from the iOS device and re-add it!

Interestingly MS don’t want ownership of these issues:

http://blogs.technet.com/b/exchange/archive/2012/10/23/ios6-devices-erroneously-take-ownership-of-meetings.aspx

Quote:

Tell users not to take action on calendars on iOS We’re not seeing this particular issue if users don’t take action on their calendar items (for example, accept, delete or change meetings).

Block iOS 6 devices Exchange server comes with the Allow/Block/Quarantine functionality that enables admins to block any device or user.

Also here’s a list of some issues:

http://support.microsoft.com/kb/2563324

Anyhow, to try and get a hold on the situation and find out all the iOS devices connecting to the Exchange environment (so I know whos going to moan at me at some point) I found a brilliant power-shell script by Steve Goodman, here:

http://gallery.technet.microsoft.com/Exporting-iOS-6-and-3d4ac87b

 

The Script:

Tags: , , , ,

When Exchange 2010 Breaks

Posted by robd on January 11, 2013
ESX, exchange 2010, powershell, WAN / No Comments

Part 1

So recently a client had some WAN issues where the WAN kept dropping packets on the primary link, meaning some network traffic would work fine and other network traffic would fall off the face of the planet!!

 

Unfortunately the system affected the most was Exchange 2010!!  The site had Exchange 2010 DAG set-up between two sites.  One on Site A and another on another site B with the File share witness on Site A.  So because some traffic was flowing nicely and some wasn’t some of the cluster services were up and some went down meaning the DAG got in a pickle!

 

Site B ended up taking ownership of the DAG and wouldn’t let go because he file share witness wasn’t available.  So as people could still get mail, I patiently waited for the WAN to be fixed (in the end someone pulled the primary link which forced the secondary to take over and everything became hunky dory).

 

So now the WAN was back and happy but still the cluster service wouldn’t appear, so after digging the arp entries were missing (no idea why), so ended up creating another IP for the cluster service….Done.  It’s up, time to reseed!

 

Update: Well shit me, MS know about this:

http://support.microsoft.com/kb/2743761

 

Well anyway I wish the reseed was that easy! During the issues, the mail store was un-mounted and now it won’t mount!! Booo, so another admin decided to run eseutil and recover the DB which worked but then decided to seed the wrong way meaning site B now has an old mail store with no mail from that day!!  BUGGER!

 

Part 2

 

So I need to rerun all the mail and then import and luckily all the missing mail logs are still on Site B!

I know what you’re thinking:

 

Restore the EDM file from a backup,

Rerun the Logs via ESEUTIL,

Mount the recovery DB,

Merge users,

Bam.

 

Well the business was very panicky now and didn’t want anyone touching anything on Exchange till things settled down, fair enough a day’s worth of mail is missing at the moment so people are touchy.

 

So I decide to make use of the most excellent Veeam feature SureBackup, which will allow me to restore the entire exchange live setup including a DC in lab environment without touching the live environment!!  Brilliant!

 

So I set it up, add a host, some storage, make sure I have a good backup of Exchange and it runs, great!!  Be careful though as it uses snap shots heavily so every change adds to a delta file meaning storage gets eaten!!  So here I am with the live environment in a lab environment, there some issues as I cant restore site B, so I have to remove the DAG and the other site which I do via ADSI edit (quick and easy but dangerous)!

 

So I copy over the recovered DB I restored with file level restore on veeam (copied by creating a HD in ESX and mounting it on veeam and copying file to it then mounting in my lab),

Create a recovery DB:

 

Checked the logs:

 

Replayed:

 

(May of run ESEUTIL /p too, cant remember)

 

Mounted!

 

Emails are all there but in the disconnected items section, reconnect to a test db and GREAT the emails are there!!

 

So connect all the mailboxes (manually unfortunately), then export them to pst (to my mounted HD):

 

Un-mounted the HD, added the HD to the live environment and imported the PSTS:

Tags: , , , , ,

Copy Protected by Chetan's WP-Copyprotect.