Tag Archives: outlook

exchange stuff may 2016

Hi all – it is traditional to start this with “it’s been a while”…

Contents:

Rollups and cumulative updates

Useful and interesting links

Blog articles

Interesting kb articles

Hot news…

FREE exchange 2016 online training course provided by Microsoft on edX, complete with exams and hands on labs (but no videos- it’s all reading, by the look). There are three pretty cheap ones there as well as the initial infrastructure course. It looks like about 20 hours of free stuff (they reckon…). Given the lack of 2016 material on MVA at the moment (all MVA exchange stuff), it’ll have to do, I guess. Give it a go. It’s free.


Rollups

First up – We appear to be falling behind a bit with our rollup rollouts, so it is likely there will be a new Exchange Stabilisation project shortly. For the avoidance of doubt, I’ll restate the Microsoft support policies:

Exchange 2013/2016 – you are supported by Microsoft on the latest and next latest CU only.

Exchange 2010 – if you are on service pack 3 you are in extended support until November 2020

Exchange 2007 – if you are on service pack 3 you are in extended support until November 2017

Exchange 2003 – you are unsupported. No, really.

With 2007/2010, while you may be supported on sp3 rollup1, it is my experience that unless the problem is a simple configuration issue you will be asked to update to the latest rollup as part of the troubleshooting process. They hate analysing old code.

the latest rollups were released March 15th, and are here:


Useful and interesting links

As part of an investigation last week, I came across a highly useful article that references loadbalancer settings for exchange 2013 – they are the same as for 2010, but it’s nice to have that stated explicitly – it also suggests a great list of other useful and exciting things to do to stave off ever having to log a support call. I know I sent it out earlier, but it bears repeating.

Our colleague Mark Bodley has hunted out a number of extremely useful links:

Database corruption and dirty shutdown decigeons* tree on Exchange server pro. There’s a picture. It’s great. print it out and stick it over your desk.

He emailed a reminder of how to upgrade the CU on Exchange 2013 and 2016, along with some extremely useful links to scripts written by our friend and colleague, Michael Van Hybrid (yes, he’s on the GAL!):

  Not sure if you are aware that the recommend steps for installing CU updates on E2013/2016 are a bit different to what we may have gotten used to with Exchange 2010 – assuming that your local hostile SDM ever agreed to an update!!

There’s an article on the steps required for Exchange 2013 SP2 2016 at http://exchangeserverpro.com/installing-cumulative-updates-on-exchange-server-2016/ with 2013 being quite similar. Confusingly though Exchange continues to ship with the StartDAGServerMaintenance.ps1 scripts, these appear really to be for 2010 and should not be used on 2013 or later.

Michael van Horenbeeck has written 2 scripts for starting and stopping maintenance mode on Exchange 2013 and as they support a multi-role deployment they should work for 2016. Certainly looking at the above article, the steps for 2016 are the same as for an E2013 Multi-role server.

The scripts are at :-

· Stop-ExchanegServerMaintenanceMode.ps1 : https://gallery.technet.microsoft.com/scriptcenter/Exchange-Server-2013-77a71eb2

· Start-ExchanegServerMaintenanceMode.ps1 : https://gallery.technet.microsoft.com/scriptcenter/Exchange-Server-2013-ff6c942f

The exchange 2010 search troubleshooting guide – invaluable. Note this is for exchange search, not instant search – outlook uses exchange search in online mode, and instant search in cached mode – instant search is based on windows search, and searches the .ost file, not the server. Shall I bore you with exchange store search…? No? ok. Be aware that exchange 2013 has a different search engine again – Microsoft search foundation. try this article.

Understanding the Outlook Connection Status window. Recently (slightly) updated.

How to troubleshoot free/busy issues in a hybrid deployment of on-premises Exchange Server and Exchange Online in Office 365

The latest guided walkthroughs for Office servers – lync, exchange online, office 365 etc – are here. Some of them are brand shiny and new, others are a little long in the tooth. PF repl for 2003? Wow.


Blog articles

Rhoderick Milne explains why Network Location Profiles are giving you neckache – I’ve come across this myself, it stops Exchange working properly, and is tricky to spot.

The PFE Exchange 2013 tips and tweaks post (also Mr Milne). The 2010 article was a standard. You need to read this if you look after 2013, or are about to. CSAs should read it also…

Anyone looking at moving from 2007 to 2013 should review the links from this 2013 upgrade workshop.

My friend Ingo has an update to his activesync user script here: Get-ActiveExchangeUsers 2.0

Released: March 2016 Quarterly Exchange Updates on the official “you had me at EHLO…” blog.

Deferred Lagged Copy playdown in Exchange 2016

Messing around with how powershell proxying works causes headaches. Read this to make sure you are aware of how cu11/cu12 will affect you.

Exmon is finally available for Exchange 2013 and 2016


Interesting KB articles

Outlook

May 3, 2016, update for Outlook 2016 (KB3115101)

Office 2016 Applications crash or cannot start

Lync 2013 (Skype for Business) or Outlook 2013 Crash after installing the april 2016 upates

Performance problems when you try to access folders in a secondary mailbox in Outlook –I know at least one account is struggling with this.

Exchange

“The remote server returned an Error 404” or "HTTP request has exceeded the allotted timeout" error when you move a mailbox from on-premises Exchange Server to Exchange Online

Intermittent "500" error occurs for EWS requests in an Exchange Server 2013/2007 coexistence scenario

"Cannot display the folder properties" or "could not be updated" error when Exchange hybrid deployment users open a room calendar in Outlook

Can’t open a shared folder in Outlook on the web in Exchange Server

Users in your Exchange 2013-based hybrid deployment experience mail issues after April 15, 2016

Incorrect output when you run the Get-CASMailbox cmdlet to view the HasActiveSyncDevicePartnership attribute

"Cannot display the folder properties" or "could not be updated" error when Exchange hybrid deployment users open a room calendar in Outlook

"Nullable object must have a value" error when you run the Hybrid Configuration wizard

"Execution of the Get-WebServicesVirtualDirectory cmdlet has thrown an exception" error when you run the Hybrid Configuration wizard

Exchange Online users cannot access free/busy information of users in a non-Internet-facing Active Directory site

"The user isn’t assigned to any management roles" error when you run the Hybrid Configuration wizard

"Secure Mail Certificate on server is not bound to the SMTP Service" error when you run the Hybrid Configuration wizard

"The SMTP address template is invalid" error when you run the Hybrid Configuration wizard

"The length of the property is too long. The maximum length is 64" error message when you run the Hybrid Configuration wizard

"RequiredTls flag should be set to true if TlsCertificateName is specified" error when you run the Hybrid Configuration wizard

"The remote server returned an error: (403) Forbidden" error when you try to move mailboxes from on-premises Exchange Server to Exchange Online

"The term ‘Get-HybridMailflowDatacenterIPs’ is not recognized" error when you run the Hybrid Configuration wizard

On-premises users in an Exchange hybrid deployment can see availability but not capacity or description information of a resource when they schedule a meeting

Can’t reserve a resource for a meeting after the resource mailbox is migrated to Exchange Online

"An error occurred while working on your domain" when you try to verify your domain in Office 365 in an Exchange hybrid deployment

Users in a hybrid deployment can’t access a shared mailbox that was created in Exchange Online

Out-of-office replies and voting options in email messages between on-premises users and Exchange Online users do not appear correctly in a hybrid deployment

Slow mail delivery in an Exchange environment that has transport rules configured – I’m particularly keen that you understand this article – I’ve been asked a few times lately about transport rules, so anyone thinking of implementing them needs to understand that they can have a performance impact.

Outlook Anywhere users prompted for credentials when they try to connect to Exchange Server 2013 or Exchange Server 2016

Information about the Calendar Checking Tool for Outlook (CalCheck)

Feedback is of course welcome.

 


Roderick, by John Sladek. Probably my favouritest book about robots ever.

clip_image001

My God, it’s full of RSTs…

mygod

I had a bit of a debate with a network engineer last week. We’d taken a trace from a load balancer to try and understand why outlook anywhere sessions were getting blocked and terminated randomly (short answer; port exhaustion because there were insufficient IP addresses in the NAT pool on the server facing side of the load balancer, but that’s not important right now). I pointed out the reset packets coming from the load balancer. He countered with “Well why are there so many resets coming from the CLIENT? EH? EH? yeah… you heard me…” etc etc. They do go on, network engineers. And he’s right. Outlook does pump out a bunch of RST packets. On purpose. Allow this trace to illustrate – this is me opening a colleague’s calendar in Outlook, and then closing it.

outlook session temrinating with RST

So why does it do that? First, we need to talk about how TCP sessions are *supposed* to be terminated. The machine that is done talking sends a FIN/ACK, and goes into the FIN_WAIT_1 state until it receives an ACK to it’s FIN/ACK, at which time it goes into FIN_WAIT_2. The receiving machine sends an ACK, goes to the CLOSE_WAIT state, and then sends it’s own FIN/ACK. It will stay in the CLOSE_WAIT state until the application sends a close(). The first machine ACKs that FIN/ACK, and goes into the TIME_WAIT state for about 4 minutes (according to RFC793). This is supposedly to wait for any stray packets, but it’s actually because they are lazy.

tcp_ladder_states

So it’s possible to have the socket open but useless for minutes – one side waiting for the application to notice the socket is ready to close, the other waiting for a period equal to twice the maximum segment lifetime to expire (this is all explained MUCH more clearly here: http://j2eedebug.blogspot.co.uk/2008/12/difference-between-closewait-and.html).

time_wait

This is wasteful, to say the least, so many applications choose not to use FIN/ACK, but to issue a RST/ACK instead, which has the huge benefit of closing the socket down on both sides immediately, with none of that messy waiting around. This allows server ports to get recycled much faster. On the downside, it grinds network engineers’ gears. (is that a downside? really?)

this is documented (although not explicitly for Outlook) here:

https://support.microsoft.com/en-us/kb/272933

There’s a good Microsoft article on TCP states here:

https://support.microsoft.com/en-us/kb/137984

and advice on what you can do if your application insists on sending FINs, and you’re suffering from port exhaustion (it’s for SQL server, but you can’t have everything, right?):

https://support.microsoft.com/en-us/kb/328476

My users don’t care what department their colleagues are in.

Or – how to hide columns from the GAL view in the outlook 2010 address book.

Just had an interesting call regarding the GAL in Exchange 2010 and Outlook 2010. I have a customer who doesn’t want users to know what department their colleagues are in. I don’t ask why. People baffle me sometimes. Can we do this? Yes we can. Have a look at this article in the knowledgebase. Yes, I know it’s for outlook 2007, but this sort of thing is so esoteric no-one can be bothered updating it for Outlook 2010. Will it work for outlook 2010? Yes it will.

First, open regedit and browse to HKCU\Software\Microsoft\Office\14.0\Outlook\Preferences, and create the ABHiddenColumns binary value key.


I’m not going through it, it’s exactly the same as in the KB article.

Right click the ABHiddenColumns key, select modify and type in the chosen value, as per the table in the KB article. So far, so much regurgitated content. The bit that is missing from the article is the value you need to remove the “Department” column. This can be found in the big book of MAPI stuff, volume eleventeen, “[MS-OXOAB]: Offline Address Book (OAB) Format and Schema Protocol Specification

02

Trouble is, that value is bigendian, and it needs to be little-endian. Or possibly the other way around. Whatever, you need to reverse the order of the octets and lose the leading 0x. so 0x3A18001F becomes 1F00183A. Add it to the 0#000000 that the article talks about (where # is the number of values you want to hide; in this case “1”) and you get 010000001F00183A. Just type that string in; no need to format it or add spaces or anything else, regedit takes care of all the magic.

03

Click “OK”, restart outlook and hey presto! this:

04

Becomes this:

05

“Department” is gone. This works in cached mode and online mode. So… what have I told you that’s new? not a lot. It works for outlook 2010, and there’s a way to get rid of a column that they strangely miss in the article. How do you apply it to 30,000 users? Group policy, my friend. How do you get rid of it in OWA? Custom html page, would be my guess. I’ve not done it, but that’s where I’d start.