This website is originally written in the Czech language. Only part of the content is machine (AI) translated into English. The translation may not be exact and may contain errors.
Microsoft Exchange
Almost since the beginning of my practice, I have been involved in the administration of the Microsoft mail server, i.e. Exchange Server. I started with the 2003 version and worked my way up to Exchange Online. The articles cover many areas of management. Most since the migration to Exchange Server 2016 and its complete configuration. But also Exchange Hybrid and e-mail security.
Exchange 2007 - problem of messages getting stuck in Drafts
I was testing Exchange 2007 at the moment and in doing so I came across a problem that is quite common and not easily answered on the Internet. Usually this situation occurs during testing and not during live operation. I will try to describe the situation, the solution and the reasons why it happens.
25.08.2007 | Samuraj - Petr Bouška | Microsoft admin | 13 678x | Comments [0]
PowerShell - Exchange server
Unlike Active Directory, MS Exchange Server 2007 had to use PowerShell for a number of operations right from the start. Some operations have been added to the Exchange Management Console GUI over time, but some we can only perform via PowerShell. So again my little pull of useful PowerShell cmdlets for Exchange server (so far in 2007 and 2010 versions).
07.08.2013 | 19.11.2010 | Microsoft admin | 38 890x | Comments [10]
| Exchange Web Services and PowerShell
For working with the Exchange server we have a number of cmdlets in PowerShell and for some GUI functions. But sometimes a slightly different way can be useful. We can use the Exchange Web Services Managed API, which is a .NET interface to EWS that uses the Web Services SOAP protocol and Autodiscover. And like other .NET layouts, we can use it straight from PowerShell.
13.01.2011 | Microsoft admin | 15 405x | Comments [0]
| MS Outlook and configuration with Group Policy
The article discusses some options for how to centrally configure MS Office applications with a special focus on Outlook (primarily version 2010, but mostly not essential). We can start by modifying the installation (only a mention here), the main part will be done using Group Policy Administrative Templates for Office, some requirements will be solved by modifying registries and for a more complex practical example we will use PowerShell.
23.03.2011 | Microsoft admin | 31 556x | Comments [0]
| Exchange 2010 CAS Array and DAG between Sites
Microsoft Exchange Server 2010 introduces several new techniques for ensuring High Availability and Fault Tolerance. The two main ones seem simple at first glance, and if one creates a lab with two servers in one AD Site, they are easy and functional to set up. But if we go into practice, we find that everything is not so straightforward, functional and intuitive. Here we will look at setting up a Client Access Server Array (CAS Array) and a Database Availability Group (DAG) if we have three servers, where two are located in one Site and one is in another.
12.02.2012 | Microsoft admin | 12 985x | Comments [0]
| Exchange - receiving and sending mail using Receive Connectors
If we want to use the SMTP protocol and send a message to the Exchange server or somewhere else, we use a logical gateway on the Exchange side called the Receive Connector. These connectors handle incoming communication from the Internet, other mail servers and clients that do not use MAPI. The variations that we need to set up in practice are many, and not everything can be done with EMC.
14.10.2012 | Microsoft admin | 17 788x | Comments [1]
| Exchange server and messaging statistics
This article has been updated for Exchange 2016! I think Exchange Server is missing one crucial thing and that is various traffic statistics. It is common for competing products to display a range of information that Exchange does not directly include. For example, hourly, daily, weekly and monthly statistics on emails sent and received, both internally and from the Internet. Statistics for different connectors. Undeliverability data, most frequent recipients and senders, popular domains. And speaking of miscellaneous information, the Exchange could also clearly report on its health. This article is a small guide on how to get some information.
25.04.2019 | 19.10.2013 | Microsoft admin | 21 358x | Comments [5]
| Exchange Send As - sending emails from another address
We will look at situations where a user needs to have multiple email addresses, and send mail from them. Unfortunately this is not handled well on the Exchange server. A related situation is when we want to send for a foreign mailbox or distribution group. Additionally, I ran into what I consider to be a bug where the send doesn't work. As a client we take Microsoft Outlook.
15.08.2014 | 20.12.2013 | Microsoft admin | 22 705x | Comments [7]
| Shared mailboxes on an Exchange server
A Shared Mailbox is a mailbox used by multiple users to read and send messages. Public Folders or, with slightly different behavior, Distribution Groups serve a similar purpose.
16.08.2014 | Microsoft admin | 25 569x | Comments [5]
| Exchange and Outlook calendar - appointment requests
I have solved different behavior of scheduling appointments to Outlook calendar (with an account on Exchange server) in different environments. I haven't figured out what is causing the problem, but I have gathered various information regarding the operation of events and appointments and the use of the iCalendar format. I will list these notes here, which unfortunately are not comprehensive. I have not found detailed information about the functioning and processing of meetings on the Exchange server side anywhere.
30.10.2015 | Microsoft admin | 15 021x | Comments [4]
| Exchange Server 2016 Namespaces - service addresses
Before deploying an Exchange server, or migrating from an older version, it is a good idea to plan the internal and external addresses (names) for each service used. Today it is best to simplify and unify the addresses as much as possible, in the extreme to a single domain name. Similarly, we should plan at the outset how many Exchange servers we will deploy and how they will be distributed across sites.
07.03.2019 | Microsoft admin | 6 922x | Comments [2]
| Exchange Server 2016 installation and basic configuration
It doesn't matter whether we are performing a new Exchange Server deployment or migrating from an older version, we always perform a clean installation of the new server. We have to meet some prerequisites and requirements. The actual installation is then simple using a wizard. In Exchange 2016, everything has been simplified again, because we only have two roles (and the second one is the Edge server), so the installation is quite uniform.
13.03.2019 | Microsoft admin | 17 037x | Comments [6]
| Exchange Server 2016 Database Availability Group
Electronic mail has long been an important communication channel for companies. Therefore, we need to ensure high availability of this service. The solution is to deploy multiple servers and deal with their redundancy, i.e. actually create a cluster. The Database Availability Group technology that came with Exchange 2010 helps us to do this. This technology creates passive copies of the mailbox database, replicates its contents and allows you to switch activity to the copy.
17.03.2019 | Microsoft admin | 10 518x | Comments [0]
| Exchange Server 2016 Client Access
On Exchange Server 2016, the Client Access services is part of the Mailbox server (it is no longer a separate role). It provides authentication and proxy services for internal and external client connections. The client can connect to any Mailbox server, and the request is proxied to the server where the database for its mailbox is active. In some cases, it can redirect to another server. Access is possible in different ways and protocols, for example from Outlook, a mobile device or a web browser.
27.03.2019 | Microsoft admin | 14 085x | Comments [10]
| Exchange Server 2016 Mail Flow - Mail Routing and Connectors
Mail is transferred between servers within the organisation, but also externally across the Internet and to other organisations, using the Simple Mail Transfer Protocol (SMTP). The transfer and routing of mail is referred to as Mail Flow. Exchange uses the Transport Pipeline, which is a collection of services, connections, components and queues. The objects that we need to configure in order to transmit mail are primarily Receive Connectors and Send Connectors.
03.04.2019 | Microsoft admin | 13 989x | Comments [1]
| Exchange Server 2016 DSN, Message Tracking and Messaging Analytics
In practice, we often need to confirm that a message has been delivered, or look for problems as to why it has not been delivered. Last time we set up Protocol Logging and Message Tracking. Now let's see how to use these logs for tracking message delivery and Troubleshooting. Unfortunately we no longer have the Tracking Log Explorer so we have to use the Exchange Management Shell.
15.04.2019 | Microsoft admin | 16 850x | Comments [0]
| Exchange Server 2016 Public Folders coexistence
If we are migrating from Exchange 2010 to Exchange 2016 and we are using Public Folders (PF), we need to set up public folder coexistence before moving the first mailboxes. Otherwise the folders will not be available to the migrated users.
07.05.2019 | Microsoft admin | 6 525x | Comments [0]
| Exchange Server 2016 moving mailboxes and OAB
When migrating an Exchange server from an older version, one of the essential steps is to move (or migrate) mailboxes from the original server to the new one. We must have services running on both the original and the new Exchange server that are members of the same organization. Then we can move the mailbox group to the database on the new server.
12.05.2019 | Microsoft admin | 9 899x | Comments [0]
| Exchange Server 2016 Public Folders and their migration
Since Exchange 2013 we have Modern Public Folders, which are stored in special mailboxes inside the standard Mailbox Database. We will briefly describe the properties of these public folders and then we will look at migrating Legacy Public Folders from the old 2010 server to the new one.
24.05.2019 | Microsoft admin | 7 946x | Comments [0]
| Exchange Server 2016 removing version 2010 servers
The moment we have migrated mailboxes, public folders and services to new servers. All traffic is routed to Exchange 2016 and we have done sufficient testing that everything works. We can proceed to decommission the original Exchange 2010 servers. The servers must be removed correctly, i.e. Exchange must be uninstalled.
07.06.2019 | Microsoft admin | 6 000x | Comments [0]
| Exchange Server 2016 migration from version 2010
In previous articles we have discussed the different areas of migrating from an older version of Exchange Server to a new one. Now we will bring everything together for a comprehensive (but concise) migration procedure. The basic idea of migrating from Exchange Server 2010 to 2016 is pretty simple, but the more complex the environment, the more challenging the migration. We install new servers into an existing organization. On them we will create databases, configure services and move mailboxes. The migration can be done on the fly, when the coexistence of the old and new versions will work for some time.
10.06.2019 | Microsoft admin | 8 475x | Comments [2]
| Exchange Outlook on the web - password change, public folders, mobile devices
The web interface for accessing mail on the Exchange server used to be called Outlook Web App (OWA) and before that Outlook Web Access. Since Exchange Server 2016 it has been renamed to Outlook on the web, but the acronym OWA is still commonly used. It should be intuitive and identical to Outlook (I guess it depends on your point of view). A number of things have changed, and I don't know if for the better in any case.
24.06.2019 | Microsoft admin | 9 426x | Comments [1]
| Outlook calendar search for available meeting rooms
In Outlook, we can schedule meetings in rooms that we create as a special object (Resource). We can also use Room Finder to search for available rooms. We can prepare Room Lists on the Exchange server.
25.06.2019 | Microsoft admin | 7 346x | Comments [0]
| Exchange 2016 edit distribution group members in Outlook
Typically, distribution groups are managed by an administrator using Active Directory Users and Computers, PowerShell, or Exchange Admin Center. Distribution groups can be configured with an owner who can then add or remove members using MS Outlook. The whole thing is simple, but the first time we try it we may get an error. You then need to do an intervention (permission) on the Exchange server.
27.06.2019 | Microsoft admin | 7 546x | Comments [0]
| Exchange 2016 groups, rooms, Back Pressure, shared mailboxes
Miscellaneous Exchange Server 2016 trivia. How to add an email address to an existing group. The command to display mailbox statistics no longer displays the limit status. How to create and set up a scheduling calendar for a meeting room. Information about monitoring system resources. Using shared mailboxes and storing sent messages. Fixed problem with setting delegate to mailbox.
04.10.2019 | 03.07.2019 | Microsoft admin | 9 137x | Comments [0]
| Exchange 2016 and user photos
Many applications support the display of a user's photo, which can be stored in Active Directory Domain Services (AD DS) and since Exchange 2013 also on the mail server. Outlook or OWA, Skype for Business, SharePoint, or others will use the photo in the organization. Due to size requirements, only a small photo (preview, low-resolution photo) is stored in AD DS, whereas a larger photo (high-resolution photo) can be stored on Exchange. By default, users can upload/change the photo themselves using OWA. Let's look at the possibility of blocking this with a policy.
30.07.2019 | 19.07.2019 | Microsoft admin | 8 587x | Comments [0]
| Cisco Email Security - AntiSpam solution configuration
For many years I used Symantec Messaging Gateway (formerly Brightmail), unfortunately there was a problem that SMG stopped filtering Czech Spam (for example for a period of 3 months). Even a long solution with Symantec support did not lead to a better result. So I tested a competing spam filtering solution that Gartner ranks among the Leaders, Cisco Email Security (formerly Ironport). The result is very good. The article includes a brief description of setup and operation.
28.01.2020 | 16.10.2019 | Cisco admin | 7 855x | Comments [1]
| Cisco Email Security - Operational Management and Activities
Using Cisco Email Security (formerly Ironport) to filter spam. The article describes some of the activities and settings from normal operational management, i.e. what we do on an ongoing basis after the initial implementation. Primarily, it's about how to identify blocked messages and setting exceptions so that some messages are delivered even if they are identified as Spam.
14.01.2020 | 17.10.2019 | Cisco admin | 7 150x | Comments [0]
| SMTP over TLS encryption on MS Exchange and Cisco Email Security
The Simple Mail Transfer Protocol (SMTP) protocol transfers mail messages in plain text by default. If an attacker intercepts the communication, he can easily read the content of the messages and view the attachments. The solution is to use client-side email encryption (end-to-end encryption using S/MIME, PGP, etc.), but then you need to address the management and transmission of encryption keys/certificates. The other option is to encrypt SMTP communication in transit (this does not protect the messages on the server, however) and we will describe that here. We will look at the setup on Cisco Email Security (ESA) and Exchange Server 2016.
25.11.2019 | Microsoft admin | 7 686x | Comments [1]
| SMTP protocol and e-mail addresses
In the next article, we will look at methods for verifying the origin of mail messages (SPF, DKIM). To do this, it is important to understand how the SMTP protocol sends mail messages. In particular, how sender addresses are stored and how easy it is to spoof them. SMTP transactions, when SMTP commands are used, are referred to as SMTP Envelope. The actual email consists of the main parts, which are the header and the body of the message.
19.12.2019 | administration | 9 970x | Comments [0]
| Email verification using SPF - Sender Policy Framework
Methods for verifying the origin of mail messages are checked by the mail servers involved in sending (and possibly modifying) the email. The goal is to verify that the message was sent by an authorized sender (server). The sender's domain is checked, not the email address directly. One of the most widely used techniques is SPF (Sender Policy Framework). Its use is very simple. It verifies that the mail message came from an IP address that is listed in DNS as an allowed sender for that domain.
06.02.2020 | 09.01.2020 | administration | 14 256x | Comments [4]
| Email verification using DKIM - DomainKeys Identified Mail
Email Authentication methods check the mail servers involved in sending (and possibly modifying) an email. The goal is to verify that the message was sent by an authorized sender (server). The sender's domain is checked, not the email address directly. After SPF, the second widespread technique is DKIM. This involves signing messages with the private key for the domain. The public key for authentication is published in DNS. The signature is inserted as a header entry, so it does not affect normal traffic.
17.01.2020 | administration | 17 519x | Comments [2]
| Email verification using DMARC - Domain-based Message Authentication, Reporting and Confor
Email Authentication methods check the mail servers involved in sending (and possibly modifying) an email. The goal is to verify that the message was sent by an authorized sender (server). The sender's domain is checked, not the email address directly. SPF and DKIM perform domain-level authentication. DMARC adds behavioral policies for messages that fail the check and the ability to send feedback to the domain owner. It also compares the sender domain in the header.
07.02.2020 | 02.02.2020 | administration | 16 989x | Comments [3]
| Outlook connection issues on Exchange 2016 (ThrottlingPolicy)
After switching to Exchange 2016, I had a problem for a long time that sometimes MS Outlook 2016/2019 could not connect to Exchange Server 2016 on the same local network. If I let it run, it would connect after some time (estimated 10 minutes). This problem occurred if Outlook ran correctly, then closed and restarted repeatedly. Or if the user was switching between different networks (wired and wireless) with Outlook running. Eventually I found that this was probably caused by the RcaMaxConcurrency limit, which defaults to 40.
28.07.2020 | Microsoft admin | 7 301x | Comments [0]
| Exchange Hybrid - mail flow, connectors, domains
Before we get into the hybrid Exchange configuration, where we use servers in our company (On-Premises) together with Exchange Online (EXO) cloud servers, we need to know how it will affect routing (Transport Routing) and mail flow (Mail Flow). What, if any, adjustments do we need to make to avoid message delivery issues. Since there are two Exchange organizations that share the same domain, we need to determine where mail comes in from the Internet and how it leaves. Closely related to this are the receiving and sending Connectors in both environments. And the configuration of our public domains (Accepted Domains). We spend a lot of time on a special situation that Microsoft doesn't describe in the documentation. If we send a message from our internal servers to another organization that is hosted on the same EXO servers, our Tenant Exchange Online will process the message and forward it.
26.10.2020 | Microsoft admin | 10 313x | Comments [1]
| Exchange Hybrid Configuration Wizard
If we run Exchange Server on our network and we also use (or are about to use) Microsoft cloud services (Office 365), we probably need to get Exchange Hybrid up and running. This is when our On-Premises Exchange organization and Exchange Online communicate with each other. We can move some/all mailboxes to the cloud or just use the connection of MS Teams and other services to internal mailboxes. I ran into a number of problems in the test environment (it was better in production).
28.10.2020 | Microsoft admin | 12 730x | Comments [1]
| Exchange Hybrid - mailboxes and their locations, recipients, attributes and bug fixes
This article describes some important principles of hybrid Exchange configuration. What attributes must be synchronized to Azure AD for correct functionality. How mailboxes are handled in an On-Premises organization versus Exchange Online and how we can find out where a user has a mailbox. How to properly create and move a mailbox. Describes all the situations that can arise in practice, in terms of placing a mailbox for a single user. It deals with the repair of non-functional variants. The situation where one user has a mailbox on an internal server and a mailbox in the cloud (one of them is basically broken) is mostly discussed. Many things have to be done using PowerShell.
29.10.2020 | Microsoft admin | 8 091x | Comments [3]
| Exchange OWA login not working, OAuth certificate expired
This article is a brief reminder about the expiration of the Microsoft Exchange Server Auth Certificate. Which can cause users to not log into the Outlook on the web mail interface (formerly Outlook Web App - OWA). Probably when running Exchange Hybrid. An OAuthTokenRequestFailedException error is displayed. The solution is to create and set up a new certificate.
15.11.2022 | Microsoft admin | 3 245x | Comments [1]
|