Monthly Archives: April 2009

Change Mailbox Display Name to Format “Lastname, Firstname”

Posted by on April 17, 2009 1 comment

Applies to: Exchange Server 2007

By default the Display Name of Exchange Mailboxes is in the format of “Firstname Lastname”. To change this for an existing mailbox to “Lastname, Firstname”, use the Exchange Management Shell command below.

Get-Mailbox “User Name” | Get-User | ?{ $_.Lastname -ne $null } | %{ $dispName=$_.LastName + “, ” + $_.FirstName ; set-mailbox $_.SamAccountName -Displayname $dispName }

In case you want to revert back to the format “Firstname Lastname”, here’s the command for that.

Get-Mailbox “User Name” | Get-User | ?{ $_.Lastname -ne $null } | %{ $dispName=$_.FirstName + ” ” + $_.LastName ; set-mailbox $_.SamAccountName -Displayname $dispName }

Changing Mailbox Type of an existing Mailbox

Posted by on April 16, 2009 No comments

Applies to: Exchange Server 2007

You might have encountered the case where you (or someone else) created a regular mailbox, that should have been a shared mailbox? There is help.

The type of mailbox can easily be changed by using the appropriate Exchange Management Shell command from below.

Regular Mailbox
Set-Mailbox -Identity {Mailbox Name} -Type Regular

Room Mailbox
Set-Mailbox -Identity {Mailbox Name} -Type Room

Equipment Mailbox
Set-Mailbox -Identity {Mailbox Name} -Type Equipment

Shared Mailbox
Set-Mailbox -Identity {Mailbox Name} -Type Shared

Note: There might be further setting changes required in addition to above commands, i.e. for a shared mailbox: granting people access, for room mailboxes: setup of auto-accept features etc.

Repair Corrupted Outlook PST File

Posted by on April 16, 2009 No comments

Applies to: Outlook (2003 and 2007)

If you can’t open your Personal Folders file (.pst) or you suspect that your .pst data file is corrupt, you can use the Inbox Repair tool (Scanpst.exe), to diagnose and repair errors in the file. Instructions for both Outlook 2003 and Outlook 2007 are given below.

Outlook 2003

  • Close Outlook if it’s running
  • Open folder “drive:Program FilesCommon FilesSystemMSMAPILocaleID”
    (drive is normally the C drive, and LocaleID is the locale identifier (LCID) for the installation of Microsoft Office. The LCID for English – United States is 1033)
  • Double-click Scanpst.exe
  • Select the PST file to scan by using the “Browse” button
  • Click Start
    When the scanning is completed, and if errors were found, you will be prompted to start the repair process
  • If required, change the location of the backup file in the Backup File Box
  • Click Repair
  • Start Outlook using the profile that contains the .pst file that you tried to repair
  • The Lost and Found folder contains folders and items that the Inbox Repair tool recovered

Outlook 2007

  • Close Outlook if it’s running
  • Open folder “drive:Program FilesMicrosoft OfficeOffice12″
    (drive is normally the C drive)
  • Double-click Scanpst.exe
  • Select the PST file to scan by using the “Browse” button
  • Click Start
    When the process is completed, the results will be displayed
  • If required, change the location of the backup file in the Backup File Box
  • Click Repair
  • Start Outlook using the profile that contains the .pst file that you tried to repair
  • The Lost and Found folder contains folders and items that the Inbox Repair tool recovered

Recreate Exchange IIS Virtual Directories

Posted by on April 16, 2009 No comments

Applies to: IIS, Exchange Server 2007

If you’re in need to recreate the IIS virtual directories of Exchange Server, below commands will do exactly that. Launch the Exchange Management Shell on the CAS server and enter below commands as needed.

  • “Exchange (Default Web Site)”
    Remove-OwaVirtualDirectory “exchange (Default Web Site)”

    New-OwaVirtualDirectory “exchange” -OwaVersion Exchange2003or2000 -VirtualDirectoryType Mailboxes -WebSiteName “Default Web Site”

  • “Exchweb (Default Web Site)”
    Remove-OwaVirtualDirectory “exchweb (default web site)”

    New-OwaVirtualDirectory “exchweb” -OwaVersion Exchange2003or2000 -VirtualDirectoryType Exchweb -WebSiteName “Default Web Site”

  • “OWA (Default Web Site)”
    Remove-OwaVirtualDirectory “owa (default web site)”

    New-OwaVirtualDirectory -name “owa” -OwaVersion Exchange2007 -WebSiteName”Default Web Site”

  • “Public (Default Web Site)”
    Remove-OwaVirtualDirectory “public (default web site)”

    New-OwaVirtualDirectory “public” -OwaVersion Exchange2003or2000 -VirtualDirectoryType PublicFolders -WebSiteName “Default Web Site”

Final step: Restart the IIS service and WWW Publishing service on the server.

Display or Export the Members of Exchange Distribution Groups

Posted by on April 15, 2009 5 comments

Applies to: Exchange Server 2007

The members of Distribution Groups can be viewed and modified through the Outlook Address Book. However, Outlook doesn’t offer a way to export a list of all the members.

Administrators can run the following Exchange Management Shell commands to display/export the memberlist, sorted by DisplayName.

Single Distribution Group

  • Display Memberlist
    Get-DistributionGroupMember {Name of Group} | Sort -Property DisplayName | Select DisplayName, Alias, Department
  • Export Memberlist to TXT file
    Get-DistributionGroupMember {Name of Group} | Sort -Property DisplayName | Select DisplayName, Alias, Department > C:DGmemberlist.txt
  • Export Memberlist to CSV file
    Get-DistributionGroupMember {Name of Group} | Sort -Property DisplayName | Select DisplayName, Alias, Department | Export-CSV C:DGmemberlist.csv

All Distribution Groups in the Exchange Organization

  • Display Memberlist (create a script file called something like C:scriptsGet-DGmembers.ps1, paste below commands into it, and run the file in the Exchange Management Shell)
    get-distributiongroup | Sort -Property DisplayName | foreach {
    $name = $_.displayname
    $output = ‘Group Name: ‘ + $Name
    write-output $output
    Get-DistributionGroupMember $name | Sort -Property DisplayName | Select DisplayName, Alias, Department
    write-output “” “”
    }
  • Export Memberlist to TXT file (create a script file called something like C:scriptsExport-DGmembers.ps1, paste below commands into it, and run the file in the Exchange Management Shell)
    write-output “” > C:outputDGmembers.txt
    get-distributiongroup | Sort -Property DisplayName | foreach {
    $name = $_.displayname
    $output = ‘Group Name: ‘ + $Name
    write-output $output >> C:outputDGmembers.txt
    Get-DistributionGroupMember $name | Sort -Property DisplayName | Select DisplayName, Alias, Department >> C:outputDGmembers.txt
    write-output “” “” >> C:outputDGmembers.txt
    }

Create Mailbox Size and Item Count Report

Posted by on April 6, 2009 No comments

Applies to: Exchange Server 2007

Here’s an Exchange Management Shell command that generates a report with mailbox sizes and item counts of all mailboxes within the Exchange Organization, sorted by mailbox size:

Get-MailboxStatistics | Sort -Property TotalItemSize | ft DisplayName, @{expression={$_.totalitemsize.value.ToMB()};label=”Mailbox Size (MB)”}, itemcount

If you require to have this report exported to a text file, the command below will do the trick.

Get-MailboxStatistics | Sort -Property TotalItemSize | ft DisplayName, @{expression={$_.totalitemsize.value.ToMB()};label=”Mailbox Size (MB)”}, itemcount > C:MailboxSizeReport.txt

Enable or Disable PING Replies on Windows Server 2008

Posted by on April 6, 2009 No comments

For the new operating systems, such as Windows Server 2008 or Vista, Microsoft features a different security concept than for the previous versions. Server 2008 and Vista are looked down by default. This means network services, such as PING replies, have to be enabled before they are available.

PING is usually being used for the inital troubleshooting of network-related issues. If a server is down, it’ll most likely not respond to a PING request.

On the other hand, not receiving a PING reply does not necessarily mean that there is a cabling or IP Addressing problem, simply because PING could be blocked either on the receiving end, on the sending side, or on various network devices between those two points. In any case, it’s still better to enable PING replies, than having it not.

Enable Ping Replies via local Command Prompt

netsh firewall set icmpsetting 8

Disable Ping Replies via local Command Prompt

netsh firewall set icmpsetting 8 disable

Note: PING replies can also be enabled/disabled by using the ”Windows Firewall with Advanced Security”, which is found under Administrative Tools.

Setup U-Turn (Hairpinning) on Cisco ASA

Posted by on April 6, 2009 2 comments

Applies to: Cisco ASA firewalls
IOS requirement: ASA Version 7.2(1)

U-Turn (Hairpinning with static NAT) is used for making the outside interface (the one that points to the Internet) of an ASA device available to inside users. Let’s say you have enabled inbound http traffic on the outside interface, such as Static NAT to an inside Web server. By default, inside users wouldn’t be able to connect to that port on the outside interface, the ASA device wouldn’t have a path to route the traffic properly.

This is  a when the U-Turn feature comes into play. It enables the ASA device to route traffic from inside users the same way as if the traffic would come from outside.

Caution: Carefully consider the expected amount of traffic and the capabilities of your ASA device before you implement this solution, because it involves sending all traffic between the client and the Web server through the ASA device.

Step 1: Enabling traffic of same security level to pass

  • same-security-traffic permit intra-interface
    This command enables traffic of the same security level to transit the ASA device. The permit intra-interface keyword allows that same-security-traffic to enter and leave the same interface, thus hairpinning is enabled.

Step 2: Enabling hairpinned client access through ASA device

  • global (inside) 1 interface
    All traffic that crosses the security appliance must undergo NAT. This command uses the inside interface address of the security appliance in order to enable traffic that enters the inside interface to undergo PAT as it is hairpinned back out the inside interface.

Step 3: Create static NAT entry

  • static (inside,inside) {IP address of outside interface} {IP address of Web server} netmask 255.255.255.255
    This static NAT entry creates a second mapping for the public IP address of the WWW server. However, unlike the first static NAT entry that you have already in place, this time the internal address of the Web server is mapped to the inside interface of the ASA device. This allows the ASA to respond to requests that it sees for this address on the inside interface. Then, it redirects those requests to the real address of the Web server through itself.

Step 1 and 2 need to be done only once, as they are global statements. If you require U-Turn setup for multiple services, repeat step 3 for each of them.

500 – Internal Server Error when using OWA with /exchange

Posted by on April 3, 2009 No comments

Applies to: Exchange Server 2007

The 500 – Internal Server Error is displayed when you access Outlook Web Access from https://CASServer/exchange while https://CASServer/owa works fine.

This happens when you have separate Exchange 2007 Mailbox and CAS servers. Ideally the request should be redirected to /owa but you get the 500 – Internal Server Error right after typing in your credentials in the forms login page.

The redirection is not working because ISAPI Extensions are not installed on the Mailbox Server. ISAPI extensions handle specific incoming requests to the IIS server. The extensions are loaded when they are first needed and kept in memory until the host process shuts down.

To fix this issue, install the ISAPI Extensions on the mailbox server. This can be done by using the following command:

ServerManagerCmd -i Web-ISAPI-Ext

When the install is complete, restart IIS.

Preventing all-day meeting room bookings

Posted by on April 2, 2009 No comments

Applies to: Exchange Server 2007

Reducing the allowed maximum meeting duration on meeting rooms to a number lower than 1440 minutes (24 hours) will prevent users from booking all-day/multiple-day meetings in the specified meeting room.

  • Enter this command into the Exchange Management Shell
    set-mailboxcalendarsettings {meetingroom name} -maximumdurationinminutes 1380