exchange stuff may 2016

Hi all – it is traditional to start this with “it’s been a while”…

Contents:

Rollups and cumulative updates

Useful and interesting links

Blog articles

Interesting kb articles

Hot news…

FREE exchange 2016 online training course provided by Microsoft on edX, complete with exams and hands on labs (but no videos- it’s all reading, by the look). There are three pretty cheap ones there as well as the initial infrastructure course. It looks like about 20 hours of free stuff (they reckon…). Given the lack of 2016 material on MVA at the moment (all MVA exchange stuff), it’ll have to do, I guess. Give it a go. It’s free.


Rollups

First up – We appear to be falling behind a bit with our rollup rollouts, so it is likely there will be a new Exchange Stabilisation project shortly. For the avoidance of doubt, I’ll restate the Microsoft support policies:

Exchange 2013/2016 – you are supported by Microsoft on the latest and next latest CU only.

Exchange 2010 – if you are on service pack 3 you are in extended support until November 2020

Exchange 2007 – if you are on service pack 3 you are in extended support until November 2017

Exchange 2003 – you are unsupported. No, really.

With 2007/2010, while you may be supported on sp3 rollup1, it is my experience that unless the problem is a simple configuration issue you will be asked to update to the latest rollup as part of the troubleshooting process. They hate analysing old code.

the latest rollups were released March 15th, and are here:


Useful and interesting links

As part of an investigation last week, I came across a highly useful article that references loadbalancer settings for exchange 2013 – they are the same as for 2010, but it’s nice to have that stated explicitly – it also suggests a great list of other useful and exciting things to do to stave off ever having to log a support call. I know I sent it out earlier, but it bears repeating.

Our colleague Mark Bodley has hunted out a number of extremely useful links:

Database corruption and dirty shutdown decigeons* tree on Exchange server pro. There’s a picture. It’s great. print it out and stick it over your desk.

He emailed a reminder of how to upgrade the CU on Exchange 2013 and 2016, along with some extremely useful links to scripts written by our friend and colleague, Michael Van Hybrid (yes, he’s on the GAL!):

  Not sure if you are aware that the recommend steps for installing CU updates on E2013/2016 are a bit different to what we may have gotten used to with Exchange 2010 – assuming that your local hostile SDM ever agreed to an update!!

There’s an article on the steps required for Exchange 2013 SP2 2016 at http://exchangeserverpro.com/installing-cumulative-updates-on-exchange-server-2016/ with 2013 being quite similar. Confusingly though Exchange continues to ship with the StartDAGServerMaintenance.ps1 scripts, these appear really to be for 2010 and should not be used on 2013 or later.

Michael van Horenbeeck has written 2 scripts for starting and stopping maintenance mode on Exchange 2013 and as they support a multi-role deployment they should work for 2016. Certainly looking at the above article, the steps for 2016 are the same as for an E2013 Multi-role server.

The scripts are at :-

· Stop-ExchanegServerMaintenanceMode.ps1 : https://gallery.technet.microsoft.com/scriptcenter/Exchange-Server-2013-77a71eb2

· Start-ExchanegServerMaintenanceMode.ps1 : https://gallery.technet.microsoft.com/scriptcenter/Exchange-Server-2013-ff6c942f

The exchange 2010 search troubleshooting guide – invaluable. Note this is for exchange search, not instant search – outlook uses exchange search in online mode, and instant search in cached mode – instant search is based on windows search, and searches the .ost file, not the server. Shall I bore you with exchange store search…? No? ok. Be aware that exchange 2013 has a different search engine again – Microsoft search foundation. try this article.

Understanding the Outlook Connection Status window. Recently (slightly) updated.

How to troubleshoot free/busy issues in a hybrid deployment of on-premises Exchange Server and Exchange Online in Office 365

The latest guided walkthroughs for Office servers – lync, exchange online, office 365 etc – are here. Some of them are brand shiny and new, others are a little long in the tooth. PF repl for 2003? Wow.


Blog articles

Rhoderick Milne explains why Network Location Profiles are giving you neckache – I’ve come across this myself, it stops Exchange working properly, and is tricky to spot.

The PFE Exchange 2013 tips and tweaks post (also Mr Milne). The 2010 article was a standard. You need to read this if you look after 2013, or are about to. CSAs should read it also…

Anyone looking at moving from 2007 to 2013 should review the links from this 2013 upgrade workshop.

My friend Ingo has an update to his activesync user script here: Get-ActiveExchangeUsers 2.0

Released: March 2016 Quarterly Exchange Updates on the official “you had me at EHLO…” blog.

Deferred Lagged Copy playdown in Exchange 2016

Messing around with how powershell proxying works causes headaches. Read this to make sure you are aware of how cu11/cu12 will affect you.

Exmon is finally available for Exchange 2013 and 2016


Interesting KB articles

Outlook

May 3, 2016, update for Outlook 2016 (KB3115101)

Office 2016 Applications crash or cannot start

Lync 2013 (Skype for Business) or Outlook 2013 Crash after installing the april 2016 upates

Performance problems when you try to access folders in a secondary mailbox in Outlook –I know at least one account is struggling with this.

Exchange

“The remote server returned an Error 404” or "HTTP request has exceeded the allotted timeout" error when you move a mailbox from on-premises Exchange Server to Exchange Online

Intermittent "500" error occurs for EWS requests in an Exchange Server 2013/2007 coexistence scenario

"Cannot display the folder properties" or "could not be updated" error when Exchange hybrid deployment users open a room calendar in Outlook

Can’t open a shared folder in Outlook on the web in Exchange Server

Users in your Exchange 2013-based hybrid deployment experience mail issues after April 15, 2016

Incorrect output when you run the Get-CASMailbox cmdlet to view the HasActiveSyncDevicePartnership attribute

"Cannot display the folder properties" or "could not be updated" error when Exchange hybrid deployment users open a room calendar in Outlook

"Nullable object must have a value" error when you run the Hybrid Configuration wizard

"Execution of the Get-WebServicesVirtualDirectory cmdlet has thrown an exception" error when you run the Hybrid Configuration wizard

Exchange Online users cannot access free/busy information of users in a non-Internet-facing Active Directory site

"The user isn’t assigned to any management roles" error when you run the Hybrid Configuration wizard

"Secure Mail Certificate on server is not bound to the SMTP Service" error when you run the Hybrid Configuration wizard

"The SMTP address template is invalid" error when you run the Hybrid Configuration wizard

"The length of the property is too long. The maximum length is 64" error message when you run the Hybrid Configuration wizard

"RequiredTls flag should be set to true if TlsCertificateName is specified" error when you run the Hybrid Configuration wizard

"The remote server returned an error: (403) Forbidden" error when you try to move mailboxes from on-premises Exchange Server to Exchange Online

"The term ‘Get-HybridMailflowDatacenterIPs’ is not recognized" error when you run the Hybrid Configuration wizard

On-premises users in an Exchange hybrid deployment can see availability but not capacity or description information of a resource when they schedule a meeting

Can’t reserve a resource for a meeting after the resource mailbox is migrated to Exchange Online

"An error occurred while working on your domain" when you try to verify your domain in Office 365 in an Exchange hybrid deployment

Users in a hybrid deployment can’t access a shared mailbox that was created in Exchange Online

Out-of-office replies and voting options in email messages between on-premises users and Exchange Online users do not appear correctly in a hybrid deployment

Slow mail delivery in an Exchange environment that has transport rules configured – I’m particularly keen that you understand this article – I’ve been asked a few times lately about transport rules, so anyone thinking of implementing them needs to understand that they can have a performance impact.

Outlook Anywhere users prompted for credentials when they try to connect to Exchange Server 2013 or Exchange Server 2016

Information about the Calendar Checking Tool for Outlook (CalCheck)

Feedback is of course welcome.

 


Roderick, by John Sladek. Probably my favouritest book about robots ever.

clip_image001

My God, it’s full of RSTs…

mygod

I had a bit of a debate with a network engineer last week. We’d taken a trace from a load balancer to try and understand why outlook anywhere sessions were getting blocked and terminated randomly (short answer; port exhaustion because there were insufficient IP addresses in the NAT pool on the server facing side of the load balancer, but that’s not important right now). I pointed out the reset packets coming from the load balancer. He countered with “Well why are there so many resets coming from the CLIENT? EH? EH? yeah… you heard me…” etc etc. They do go on, network engineers. And he’s right. Outlook does pump out a bunch of RST packets. On purpose. Allow this trace to illustrate – this is me opening a colleague’s calendar in Outlook, and then closing it.

outlook session temrinating with RST

So why does it do that? First, we need to talk about how TCP sessions are *supposed* to be terminated. The machine that is done talking sends a FIN/ACK, and goes into the FIN_WAIT_1 state until it receives an ACK to it’s FIN/ACK, at which time it goes into FIN_WAIT_2. The receiving machine sends an ACK, goes to the CLOSE_WAIT state, and then sends it’s own FIN/ACK. It will stay in the CLOSE_WAIT state until the application sends a close(). The first machine ACKs that FIN/ACK, and goes into the TIME_WAIT state for about 4 minutes (according to RFC793). This is supposedly to wait for any stray packets, but it’s actually because they are lazy.

tcp_ladder_states

So it’s possible to have the socket open but useless for minutes – one side waiting for the application to notice the socket is ready to close, the other waiting for a period equal to twice the maximum segment lifetime to expire (this is all explained MUCH more clearly here: http://j2eedebug.blogspot.co.uk/2008/12/difference-between-closewait-and.html).

time_wait

This is wasteful, to say the least, so many applications choose not to use FIN/ACK, but to issue a RST/ACK instead, which has the huge benefit of closing the socket down on both sides immediately, with none of that messy waiting around. This allows server ports to get recycled much faster. On the downside, it grinds network engineers’ gears. (is that a downside? really?)

this is documented (although not explicitly for Outlook) here:

https://support.microsoft.com/en-us/kb/272933

There’s a good Microsoft article on TCP states here:

https://support.microsoft.com/en-us/kb/137984

and advice on what you can do if your application insists on sending FINs, and you’re suffering from port exhaustion (it’s for SQL server, but you can’t have everything, right?):

https://support.microsoft.com/en-us/kb/328476

getting node.js npm to work behind a corporate proxy

I’ve recently been having fun with the Prince’s Trust, running a workshop for the Get into Tech programme, playing around with Arduinos and smart phones and stuff. My boss suggested for the next iteration, we look at maybe getting a light to tweet its state. this sounds like excellent fun, and i recalled watching a youtube video where Rodric Yates gets something similar running in five minutes… awesome.

so… i thought i’d install node-RED on my work desktop, and see if we could do something similar.

 

issue 1 – the standard install (once you have node.js installed, that is) uses npm, the node.js package manager. we’re behind a corporate firewall that requires authentication. to get npm to work through a proxy, find the .npmrc file somewhere in your profile folder:

image

open it up with notepad and add the line:

proxy=http://username:password@proxyaddress:port

eg

proxy = http://nickparlow:P4$$w0rd!@my.default.proxy.local:8080

yeah. that’s my password. i am sooooo 1337. (do the cool kids still say that?)

you may also struggle with https, even after you’ve added a line like:

https-proxy = http://nickparlow:P4$$w0rd!@my.default.proxy.local:8080

and:

strict-ssl = false

in which case, give up and use:

registry = http://registry.npmjs.org

which bypasses ssl altogether.

 

success!

image

A Jolly Trick

Sometimes in the course of my job it is necessary to sanitise evidence before passing it on to other parties for comment. The recent upgrade of wireshark, and change of file format, has made this a little tricky (basically i can’t get traceWrangler or BitTwiste to work with pcapng files), so I’ve had to go back to the old ways. a hex editor. Sigh.

EDIT: tracewrangler does work. i am, apparently, an idiot. Soz, bois.

So… how to sanitise a packet trace with a hex editor – take it away!

First – get yourself a hex editor – I’m using HxD

Make a note of the ip addresses you need to change – mostly i don’t need to lose the whole address, just the first few octets, which is nice.

Open your pcapng file in HxD

image

Open calc also, unless you can do dec to hex conversion in your head. i know a guy who can, but no-one talks to him much.

Use calc to convert the octets you need to bowdlerize:  172.16.1.8 becomes ac.10.1.8. write this down. Hopefully, you’ll not have too many subnets in your trace, eh?

Open search and replace in the hex editor:

image

Type in the octets you need to replace as character pairs, with spaces between – e.g. AC 10 01 08. Put in something obvious, like 65 65 65 01. Set the type to Hex-values – text won’t work – and hit replace. Oh wow. Look how lovely that is:

image

 

Truly, a thing of beauty. The other truly beautiful thing is that this method edits ALL references, not just the headers.

image

“Oi, Admin! you’re not as clever as you think you are!”, or, the importance of doing simple things right.

just had a call from a customer who was having terrible trouble exporting discovery search data to pst from Exchange 2013. The search was apparently running fine, but the download failed with a long error message.

clip_image001

i asked for problem steps recorder output to see what they were doing… (this is from my repro):

clip_image001[4]

if you can spot what they’re doing wrong without reading the error message, well done. have a muttley medal.

this throws the error message:

PLATFORM VERSION INFO Windows : 6.2.9200.0 (Win32NT) Common Language Runtime : 4.0.30319.34209 System.Deployment.dll : 4.0.30319.34274 built by: FX452RTMGDR clr.dll : 4.0.30319.34209 built by: FX452RTMGDR dfdll.dll : 4.0.30319.34274 built by: FX452RTMGDR dfshim.dll : 6.3.9600.16384 (winblue_rtm.130821-1623) SOURCES Deployment url : /microsoft.exchange.ediscovery.exporttool.application?name=ce66od_1&ews=https%3A%2F%2Flocalhost%2Fews%2FExchange.asmx">https://localhost/ecp/15.0.1076.9/exporttool/<servername>/microsoft.exchange.ediscovery.exporttool.application?name=ce66od_1&ews=https%3A%2F%2Flocalhost%2Fews%2FExchange.asmx ERROR SUMMARY Below is a summary of the errors, details of these errors are listed later in the log. * Activation of /microsoft.exchange.ediscovery.exporttool.application?name=ce66od_1&ews=https%3A%2F%2Flocalhost%2Fews%2FExchange.asmx">https://localhost/ecp/15.0.1076.9/exporttool/<servername>/microsoft.exchange.ediscovery.exporttool.application?name=ce66od_1&ews=https%3A%2F%2Flocalhost%2Fews%2FExchange.asmx resulted in exception. Following failure messages were detected: + Downloading /microsoft.exchange.ediscovery.exporttool.application?name=ce66od_1&ews=https://localhost/ews/Exchange.asmx">https://localhost/ecp/15.0.1076.9/exporttool/<servername>/microsoft.exchange.ediscovery.exporttool.application?name=ce66od_1&ews=https://localhost/ews/Exchange.asmx did not succeed. + The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. + The remote certificate is invalid according to the validation procedure.

so… what’s wrong there? well, the remote certificate is invalid. fine… but it’s the local machine… the url says “localhost”…. oh… sigh.

they’ve done the standard admin shortcut of going to localhost because they can’t be bothered to type out the unfeasibly long servername, and the client then throws an error, because “localhost” isn’t a subject alternative name on the cert, unsurprisingly. the little red address bar in the screenshot above is a clue, there.

sure enough, when they use the servername instead of the url, everything works like a charm:

clip_image001[6]

 

the lesson there is “do things right”. localhost will throw errors with https other than just needing to click through a cert warning, so don’t use it. if you are using it, and you get weird behaviour, try attaching to the site with a url that is actually on the SSL certificate.

also, a post script: when it says “if you experience problems, try clearing cookies and signing in again”, why not try clearing the cookies and signing in again, before you ring me up and tell me it doesn’t work?😀

Archiving Stuff to .PST

it’s the time of year when we grow up, put away childish things. childish things like the email we sent and received in 2014, so we can focus on the far more serious email we received in 2015 (Nynke, i promise i’ll reply to the mail you sent me in January). i was asked to help out one of my senior colleagues in this task, so i put together a little guide for him. you might find it useful too. He needed to move a years worth of items out of his general purpose PST file and into a archive archive.

i expect there’s a better way of doing it. feel free to call me an idiot.

Part 1 – getting stuff out.

1. Go to the file tab in outlook:

clip_image002[4]

2. Select “Open and Export”, and select “Import/Export”

clip_image004[4]

3. select “Export to a file” and click next:

clip_image006[4]

4. Select “outlook data file (.pst)” and click next:

clip_image008[4]

5. Select the archive pst file you want to export from, in my case it’s “Archive Folders”, and click “filter” (NOT “next”). Make sure “Include subfolders” is ticked:

clip_image009[8]

6. Select the “Advanced” tab, and click the “field” drop-down, then click “received”:

clip_image010

7. Select the “between” condition, and put the dates in – it will export all the items from the first date, but not the ones from the second, so to get all the items received in 2014, set a filter like the one below, and click “add to list”:

clip_image012

8. Create the same rule for sent items:

clip_image014[4]

9. You may well wish to save appointments as well. In the “field” chooser, select “All Appointment fields” and “Start”:

clip_image016[4]

Sorry about the picture of Mr Hayward. You should now have a set of rules that looks like this:

clip_image017

10. Click “OK” which will return you to the “Export Outlook Data File” dialog and click “next”:

clip_image018

11. Give the export file a name – in my case, I’m calling it “2014”, and click “Finish”:

clip_image020

12. You can put a password in if you like, or click “OK” with the fields blank to proceed. If you click “Cancel” it will dump the whole lot, and you’ll have to start again.

Outlook will now be unresponsive for a bit, while it chews things over. This may be a few seconds, or ten minutes or more depending on how modern your machine is:

clip_image022

After a while, though, you will see it start to process items:

clip_image024

13. Go and get a cup of coffee, it may be some time.

14. Once it is complete, open the new archive file; Go back to the Open and Export page, and select “open outlook Data File”:

clip_image026

15. Browse to the file you just created, and click “OK”:

clip_image028

16. It will open in Outlook as “Outlook Data File” – this is a rubbish name, so right click it, select “Data File Properties”, then “Advanced”, and change the name to something more suitable:

clip_image029

clip_image031[4]

17. Click “OK” and “bingo”.

clip_image032[4]

Your data is now sitting in a new archive PST file. Don’t put it on a network drive, eh?

Part 2 – deleting the stuff you’ve exported.

Now, that’s all very well, but it hasn’t shrunk the original archive file any. So…

1. Click on the archive you want to shrink in the left hand folder pane in Outlook, and click to select “subfolders” in the quick search bar:

clip_image034[4]

2. In the search tab, click “More” and select “Received”:

clip_image035[4]

3. Type the year you want to delete items for:

clip_image036

And marvel at the items listed. By default, it won’t show you everything, you’ll need to click “More” at the bottom until you get back to the 1st of Jan:

clip_image037

clip_image038[4]

4. Then you can simply use ctrl+a to select all the items in the column, and shift-delete them. Don’t soft delete them, as they’ll just get moved into the deleted items folder in the archive, achieving nothing.

5. Repeat the process for sent items – most will probably have gone already, but it’s as well to be sure.

Has it worked?

This is what it was:

clip_image039[4]

This is what it is:

clip_image040[4]

Hooray.

 

I wish you all a peaceful and prosperous new year.

Android Studio 1.4, Gradle, and bloody proxies.

Today, children, we’ll be buggering about with Android studio 1.4. AND we’ll be swearing a lot. Why will we be swearing a lot? because it means we have to play with gradle, from behind our corporate firewall. when you install Android Studio, you have to set it up to play with your proxy. you do this here:

image

 

but gradle doesn’t pick them up from here. Gradle needs them in the gradle.properties file in your project:

image

and save, and restart android studio…

or you can alter this file here:

image

oh, and don’t be trying to do this:

systemProp.http.proxyUser=Domain\User

it will error. you need to escape your slash like so:

systemProp.http.proxyUser=Domain\\User

 

for the avoidance of doubt – you need “\\” not “\”.

Herts BCS meeting, October 2015; Ada Lovelace Day

adanewseventsimages Me and Megan (daughter, 17, got A* for maths and further maths at GCSE… just saying… :D) went to the BCS lecture on Tuesday night at the Lindop Building, University of Herts. I particularly wanted Meg to go as it was the Ada Lovelace Commemorative Lecture to celebrate Ada Lovelace Day, and I’m always keen that she gets to hear about great role models. She never believes a dam’ thing i tell her, so it’s best she hears this stuff from someone else.

The main lecture was delivered by Professor Dr Kersten Dautenhahn, of the Adaptive Systems Research Group at UH. It was a (too) brief overview of “social” robotics – that is, robots in society, rather than a twitterbot. She discussed two particular areas of interest – robots that we care for, such as Aibo (RIP) and Pleo, and robots that provide care for us. The lecture focussed largely on the work being done at UH in the latter field. In particular, three projects – the Care-o-bot and the robot house, which explore systems for the care of the elderly, and KASPAR, article-1364585-0D852328000005DC-103_468x315a “minimally expressive” robot, were discussed. I found the work being done with KASPAR and autistic children fascinating. Autistic children may find the unpredictability of human behaviour confusing and frightening. The minimal expressions and predictable behaviour of KASPAR, whether acting in a semiautonomous mode or under the remote control of a parent, teacher or even another child are reassuring and allow for enjoyable interaction. I’d urge you to watch the video here.There are now 32 KASPARs, including twenty of the latest model, working with two hundred children, and the University is looking for new partners in their research. 

Like’say, i really enjoyed Professor Dautenhahn’s lecture. I wasn’t so keen on the short eulogy to Ada Lovelace; don’t get me wrong,  i am extremely keen on Ada, ever since reading her (fictional) adventures in “the difference engine” by Gibson and Sterling twenty years ago, then discovering her life was actually far more interesting. However this short talk was not great. i don’t think it would have done much to inspire any young ladies present. luckily, the only young lady* present in need of inspiration was Meg, and i can lend her my copy of the fantastic book by Sydney Padua, The Thrilling Adventures of Lovelace and Babbage. despite much of the book being fictional steampunk, the first part is a well researched, brilliantly written and fantastically illustrated biography of Ada, Countess of Lovelace. There are copious footnotes, fitting for a subject who is mostly famous for producing a work where the notes were by far the most substantial part. It doesn’t even dwell on the opium addiction, the inveterate gambling, the unhealthy interest in mesmerism or any of the other peccadilloes that make her so fascinating.

adamodel

*this is a bit of a shame. Most Herts BCS lectures i go to are heavily attended by men nearing retirement, and male UH computing students. An Ada Lovelace Day lecture delivered to year 9 would be something far more useful… or possibly even year 6.

 

illustrations copyright Sydney Padua. hopefully, seeing as I’m plugging her excellent book, she won’t mind…

 

Technorati Tags: ,,

so, how was UCDayUK for you?

Cos it was brilliant for me. _44279618_fastshowbrilliant270[1]Everything about the day was spot on, and Andrew Price deserves hearty thanks and congratulations for organizing such a seamless, enjoyable and *useful* day.

The venue was spot on for this sort of thing – the National Motorcycle Museum near Birmingham. it was really plush, the staff were friendly and well organised, the food at lunchtime was great and there was gallons of free coffee, which was just as well.

The speakers were asked to be there early – 7:30am. i thought this was going to be quite a struggle, but it turns out i was so nervous i was awake from 5am – sigh. I was surprised by how big the venue was, and how many people were cramming into the room – Andrew said in the end there were about 300 people. i was expecting maybe 30…

The keynote was given by Ian Woolner of Microsoft, who is Senior Product Marketing Manager in charge of Skype for Business. it was a good presentation of upcoming features, some of which are extremely impressive, but the most interesting thing for me was his emphasis on partners and their value to Microsoft – it seemed that our main value was onboarding customers to O365…

After the keynote i watched Steve Goodman deliver a session on Exchange 2016 hybrid, which was great. i made a conscious decision to watch presentations from people that i “know” from their exchange community work, rather than technical stuff that was new to me, because i wanted to learn more about presenting, rather than product. This paid off in my opinion – if you want to learn how to do something, spend time with people who do it well. the only trouble is, i was so nervous i was struggling to concentrate.

No trouble with the second session, mind – Brian Reid did his usual fantastic job of delivering difficult technical content in a clear and engaging fashion, with a demo of using Powershell Desired State Configuration with Exchange.  The only problem was it meant i had to miss Gary Steere’s lecture on troubleshooting AutoDiscover. Gary is an MCT (and  MCM, and MVP), so i probably would have learnt a lot from watching him, but a Brian Reid session is too good an opportunity to miss.

time for lunch. it was tiptop. good buffet food, including some hot options, nice cakes that i didn’t have, because i’m not eating cake at the moment and more coffee. i had a chance to whizz round the exhibition, and would like to say a big thank you to IR software (and their Prognosis tool, which looks great) for saving the day with a moby powerbank, after idiot-boy here forgot to bring a usb cable to keep his phone charged. doh.

In the afternoon i went to watch Justin Harris’ talk on getting active directory ready for an office 365 migration. he had plenty of interesting stuff to say about directory hygiene, and the section on SIDHistory was good. After that i attended Dave Stork’s session on Exchange Tools, which was really interesting, but was plagued by tech glitches, which got me all worried again, so i spent the next hour going back over my slides rather than listening to Michael Van Hybrid’s session. i rocked up about 10 minutes before i was due to present, connected my laptop, went to put my glasses on and… disaster. they’ve gone. no glasses, and therefore no notes. I had to do the entire session from memory. I was told i appeared “slightly nervous”. Really? it’s only sheer terror stopped me breaking down and crying. still, i got through it without anyone throwing stuff at me, so i’m going to count it as a win. hopefully i wasn’t so awful i’ll not get the chance to improve next year.

All the slides from the day are available here: http://www.ucday.co.uk/ under the “past slides” link. i’ll put up my slides along with the audio when i get round to it. i can’t bring myself to listen back just yet, though.

I had a great time meeting up with a bunch of people I’ve not seen in ages, including a whole bunch of people off my MCM rotation – see below. there is absolutely nothing like an evening with that bunch for making me realise I’m actually thick as mince.

I cannot recommend this event highly enough. if you’re at all interested in unified comms, and the Microsoft UC technologies, then there is literally nothing better in the UK.

I’m really grateful for the chance to present, and I’m really grateful to Andrew Price and the rest of the UCDay team for putting on such a fab day. Thank you to to my various bosses who allowed me out for the day, and to Jon Wrennall for saying it was ok for me to represent Fujitsu. It’s a real pity that Mark Wilson couldn’t be there, not only cos he’s a great bloke, but because he is responsible for most of the actual work that went into what we did. A big thank you to Rob Awofadeju (not shown) an all, not only is he an ace Exchange consultant, but he’s got a great car, too

So… content indexing the passive node. Whassat all about, ‘en?

I surprised an architect at one of my customers, today. i told him that in a DAG, the search service on a server indexes the active copy of the database. he didn’t believe me. i asked him how he thought it worked, and he said “replication”. uh-uh.

it’s pretty easy to get that impression. after all, it’s sort of what the official documentation says is going on:

during the seeding process, DAG members with a passive mailbox database copy replicate the content index catalog from the DAG member that has the active mailbox database copy

but that’s during the *seeding* process. what about during normal operations?

After initial seeding, the server with the passive database copy gets message data from the server with the active database and performs content indexing locally.

What does that even mean? I’ll tell you… it means the server with the passive database makes a connection over the network to the *active* database, because the database has to be *mounted* for any MAPI activities to take place. That’s right, it makes a MAPI connection. This also has ramifications for your network, because a MAPI connection is a… anybody? That’s right; it’s a *client* connection, so the traffic is carried over the CLIENT network, not the REPL network.

 

But it isn’t going to be much traffic is it? I mean, it’s just a bunch of indexing, right?

 

Hmmm. You’da thunk, but no. Microsoft claim in their documentation for 2016 that indexing the local copy of a database, as opposed to the active copy, will save approximately 40% traffic. The ever-awesome Rhoderick Milne says in this thread it’s about equivalent to the total of REPL traffic.

 

The official documentation does carry a community contribution at the bottom stating in plain English how things work, and there’s a bunch more detail here. That last article while awesome, is most impressive for its tone of surprise.