Exchange Massive Search and Destroy & Quota control

 Users are always asking for extra mailbox quota, where their mailbox is full of unneeded/none-important emails such as: 

• Internal announcements
• Systems notifications
• Service desk emails
• Etc…………..

 As a proactive measure, you will need to set a policy for this kind of emails retention, and schedule a massive search and destroy PowerShell script to do the job,

Syntax:

Search a specific mailbox and delete all emails with the subject “delete me”

Search-Mailbox -Identity "Hany Donia" -SearchQuery "Subject:delete me" -DeleteContent –Force

Search a specific mailbox and delete all email from specific address

Search-Mailbox -Identity "Hany Donia" -SearchQuery "from:spam@spamorg.com" -DeleteContent –Force

Search a specific mailbox and delete all emails sent in a specific date

Search-Mailbox -Identity "Hany Donia" -SearchQuery "sent:1/12/2012" -DeleteContent –Force

Search a specific mailbox and delete all emails send in a specific date range

Search-Mailbox -Identity "Hany Donia" -SearchQuery "sent:1/1/2012..1/15/2013" -DeleteContent –Force

Search a specific mailbox and delete all emails sent from a specific address and within a specific date range

Search-Mailbox -Identity "Hany Donia" -SearchQuery '(from:spam@spamorg.com) AND (sent:1/1/2008..11/22/2012)' -DeleteContent –Force

Search all mailboxes in an organization and delete all emails sent from a specific address and within a specific date range

Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery '(from:spam@spamorg.com) AND (sent:1/1/2008..11/22/2012)' -DeleteContent –Force

LORGs expected issue:

For large organizations you will receive the below error when you try to run the Search-Mailbox for all mailboxes in your organization.

(Sending data to a remote command failed with the following error message: The total data received from the remote client exceeded allowed maximum. Allowed maximum is 524288000. For more information, see the bout_Remote_Troubleshooting Help topic.

    + CategoryInfo          : OperationStopped: (System.Manageme...pressionSyncJob:PSInvokeExpressionSyncJob) [], PSRemotingTransportException

    + FullyQualifiedErrorId : JobFailure

Invoke-Command : Cannot write input as there are no more running pipelines At C:\Users\AppData\Roaming\Microsoft\Exchange\RemotePowerShell\.psm1:43187 char:29 +             $scriptCmd = { & <<<<  $script:InvokeCommand `     + CategoryInfo          : InvalidOperation: (:) [Invoke-Command], PSInvalidOperationException     + FullyQualifiedErrorId : NoMoreInputWrite,Microsoft.PowerShell.Commands.InvokeCommandCommand)

This is not an issue of the Search-Mailbox command but a pipe-lining limitation for performance concerns,

You can work around this by one of two ways:

• Limit your Get-Mailbox command for instance by specifying a specific database –Database such as

Get-Mailbox –Database  databasename | Search-Mailbox -SearchQuery '(from:spam@spamorg.com) AND (sent:1/1/2008..11/22/2012)' -DeleteContent –Force

•  Create a loop such as 

$allmbxinyourorg = Get-Mailbox -ResultSize unlimited

Foreach ($mbx in $allmbxinyourorg) {

    Search-Mailbox -identity $mbx -SearchQuery '(from:spam@spamorg.com) AND (sent:1/1/2008..11/22/2012)' -DeleteContent –Force

}

Recommendations:

• Test your command in a test environment before applying it into production to make sure it is only doing what it is supposed to and not more,
• Run your command against your own mailbox first and count items before and after to make sure it is working fine
• Use the -EstimateResultOnly to get information about the items you are about to delete when you execute your command such as

Search-Mailbox -Identity "Hany Donia" -SearchQuery "sent:1/12/2012" -EstimateResultOnly

Real world results:

Searching around 30,000 Mailbox for email from a specific sender and within a specific date range: 

• It took around 56 hours to complete,
• It deleted around 17 million items
• It saved around 8 TB

Resources:

• Search-Mailbox                                           
• Multi-MailboxSearches
• Search AllMailboxes with Windows PowerShell

see you soon, Hany Donia

Speed Up you Exchange Management Console & Shell Start Up

Symptoms:

Microsoft Exchange Management Console and shell is taking too long time to open and sometimes it takes forever.

 
Cause:

I’ve been investigating what is happening during the Exchange Management Console or shell startup that is causing this delay,

Thus I run the Microsoft Network Monitor  to sniff the traffic and see what is going on,

I noticed a traffic going to a public IP Address 79.140.95.131 whenever I open the Exchange Management Console or Shell,

At the END of the request you will see as circled below .crl which is an acronym for  Certificate Revocation List

 

 

Seems the feature of checking the certificate revocation list is the one causing the delay as the console will wait till the server access the RL and check the status

More information about CRL can be found below 

1. Revocation list – Wikipedia
2. How Certificate Revocation Works – Microsoft

Resolution:

I removed the check mark on both check for “Check for publisher’s certificate revocation” & “Check for server certificate revocation” from Internet Explorer –> Tools –> Internet Options –> Advanced tab,

 

 
The result is an average of 70 % improvement in the startup time

1. For the Exchange Management Console it improved from an Average of 12  seconds to 4,
2. For the Exchange Management Shell it improved from an Average of 14 seconds to 3.

Note: this is a security feature and you should disable it only the machine where you are using Exchange Consoles and not on the Exchange Servers themselves ! so Be Careful

 see you soon, Hany Donia

 

Mailbox could not be created. Verify that OU ( Users ) exists and that password meets complexity requirements.

Symptoms:

 You might face an issue during creating the test account that is going to be used by the Microsoft System Center Operation Manager SCOM as below for more information click here

 

 

CreateTestUser : Mailbox could not be created. Verify that OU ( Users ) exists and that password meets complexity requi

rements.

At D:\Program Files\Microsoft\Exchange Server\V14\Scripts\new-TestCasConnectivityUser.ps1:267 char:31
+       $result = CreateTestUser <<<<  $exchangeServer $mailboxServer $securePassword $OrganizationalUnit $UMDialPlan $
UMExtension $Prompt
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,CreateTestUser

Resolution:

Add the -OU  parameter the creating script and you should be fine

 .\new-TestCasConnectivityUser.ps1 -ou "Your Desired OU"

 

see you soon, Hany Donia

Setup previously failed while performing the action "BuildToBuildUpgrade". You cannot resume setup by performing the action "Uninstall".

Recently I’ve encountered an issue while phasing-out Exchange 2007 SCC Mailbox Servers after an upgrade to Exchange 2010
 
Symptoms:

1-      Uninstallation failed as per the below screen shot.

 

2-      Even ID 1002 is logged in the even viewer with the error “Setup previously failed while performing the action "BuildToBuildUpgrade".  You cannot resume setup by performing the action "Uninstall".”

 

Cause:

                Exchange keeps tracks of failed through a registry key called “watermarks” so it can continue where it left over in case of setup failure more info can be found here,

                The same key is the cause of this issue as sometimes the setup succeed where the key is saying it failed

Resolution:

You will need to open the regedit and browse to the following location “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\v8.0\ClusteredMailboxServer”

 

Delete the Action and Watermark keys

Now retry the uninstallation and see the magic


see you soon, Hany Donia

Learn Exchange Server 2010 High Availability from Scott Schnoll

 

Can’t tell how many times I’ve listen to whom supposed to be experts discussing Exchange DAG and it was all misconnects & Whenever I see such discussions I refer all to Scott Schnoll sessions in TechEd about Exchange High Availability,

Don’t read about DAG from any blog , as there are a lot of misconnects there, learn it from the expert

 

Scott have done two sessions about DAG & you need to watch them respectively as below; it is not a one-time study, they are your reference to DAG and believe me you will need to watch them more than once.

1. Exchange Server 2010: High Availability Concepts where the latest session was delivered at Tech·Ed Australia 2011 and here is the download link
2. Microsoft Exchange Server 2010 High Availability Deep Dive where the latest session was delivered at TechEd Europe 2012 and here is the download link

 

see you soon, Hany Donia

Exchange Server 2013 at TechEd

New Exchange Server 2013 Sessions from TechEd 2012 are available at Channel 9 , have fun :)

 

1. TechEd New Zealand 2012
2. TechEd Australia 2012

 

see you soon, Hany Donia

Keep it Simple !

I was recently engaged in a huge messaging upgrade project and here are the lessons learned:

 

1. Think service; when you design a messaging environment don’t let the technology geek in you take over & always think from a service point of view,
2. Envisioning and planning are the most important steps in any successful project, always take your time to envision and plan and don’t rush things up, the more you invest in these two areas the more likely you will have a successful project,
3. High availability is an end to end and not a product oriented, make sure the your messaging dependencies are all high available,
4. Capacity planning , capacity planning , capacity planning,
5. As Einstein once said everything should be made as simple as possible, but not simpler; always keep your design as simple as possible, as the design is not a place to show people you know some sophisticated scenarios.
6. Build yourself a task list for each server and make sure that there is a junior engineer whom is reviewing your configuration against that list,
7. Make sure all involved parties are aware about the whole picture and every step you are doing,
8. Educate your service customers about what to expect during each step.
9. ~ 80 % of any messaging project issues are from the network side; make sure to be in total sync with the network team before each and every project phase.

see you soon, Hany Donia