Get-ExchangeServer |
?{$_.serverrole -eq 'HubTransport'} | Get-Queue | Where-Object {$_.MessageCount
-ne 0} |Select-Object Identity, DeliveryType, NextHopDomain, MessageCount |
Sort-Object MessageCount -Descending
Friday, December 4, 2015
Exchange Transport Queues at glance
Modified Exchange Transport queue powershell command: displays only queues that have emails in them:
Wednesday, December 2, 2015
Powershell Tip: how to analyze many text files in the folder
For example, IIS Logs of Exchange CAS servers:
Wednesday, November 4, 2015
"You've dialed out to a different phone" message on Lync client
Problem:
When you dial the Lync meeting using the option
"Call me at:" and choose pre-defined phone number from the drop-down
menu, you may get the following message "You've dialed out to a
different phone" on the Lync client and call does not go through.
Also, you may notice that the number that is
being prompted to dial is not normalized or normalized incorrectly. In my
case it was shown as +XXXXXXXXXX.
Cause:
Normalization rules for Lync Address Book do
not work properly. (You also see event id 21034 in the Lync event log on Lync
front end server:
"One or more phone numbers failed to
normalize.
998 total numbers failed to normalize. They are
listed in the text file: '\\your_lync_share\1-WebServices-11\ABFiles\00000000-0000-0000-0000-000000000000\00000000-0000-0000-0000-000000000000\Invalid_AD_Phone_Numbers.txt'
Resolution:
Correction of normalization rules file.
It can be found in all WebServices directories on your_lync_share.
In my case, I had 3 WebServices folders:
1-WebServices-1
1-WebServices-9
1-WebServices-11
File name:
Company_Phone_Number_Normalization_Rules.txt
In my case:
Following rule:
\+?[\s()\-\./]*1?[\s()\-\./]*\(?\s*(\d\d\d)\s*\)?[\s()\-\./]*(\d\d\d)[\s()\-\./]*(\d\d\d\d)[\s]*
+1$1$2$3
+1$1$2$3
Needed to be changed to following (we have a
leading “8” in our phone system):
\+?[\s()\-\./]*1?[\s()\-\./]*\(?\s*(\d\d\d)\s*\)?[\s()\-\./]*(\d\d\d)[\s()\-\./]*(\d\d\d\d)[\s]*
81$1$2$3
81$1$2$3
(Since I was on it I added one more rule:
(\d{4})[\s]*
$1
To accommodate AD records that have extension
instead of full phone number)
Monday, October 12, 2015
"Insufficient access rights to perform the operation." when running "Update-AddressList" or "New-AddressList"
We noticed that one of the Address Lists has outdated information.
When we try to manually update the list by running "Update-AddressList -Identity "\AddressListName", we get "Insufficient access rights to perform the operation." error.
Resolution:
1. Run ADSIEdit.
2. Connect to "Configuration".
3. Navigate to "Configuration/Services/Microsoft Exchange//Address Lists Container".
4. Right Click "All Address Lists"/Properties.
5. "Security/Advanced".
6. Check "Include inheritable permissions from this object's parent" (was not checked for me).
Wednesday, September 16, 2015
Enterprise Vault: useful query to find the date range of emails stored in the index
(... run against the Vault Store
database...)
SELECT MIN (recordcreationdate) AS 'Oldest Item Date'
, MAX (recordcreationdate) AS 'Youngest Item Date'
FROM JournalArchive
SELECT MIN (recordcreationdate) AS 'Oldest Item Date'
, MAX (recordcreationdate) AS 'Youngest Item Date'
FROM JournalArchive
WHERE IndexSeqNo BETWEEN 121649147 AND 126649435 '(numbers found in the
Enterprise Vault Admin Console for Index Volume)'
Friday, September 11, 2015
Lync: Get-CsManagementStoreReplicationStatus does not display information after CSManagementStore moved from Lync 2010 to Lync 2013
After successful move of CSManagementStore from Lync 2010 to Lync 2013, Get-CsManagementStoreReplicationStatus runs without any errors, but without results either.
Turns out that replication is broken after moving CSManagementStore due to the fact that "Lync Server Master Replicator Agent" service is not started on Lync 2013 Front End Server.
Starting "Lync Server Master Replicator Agent" takes care of the issue.
Turns out that replication is broken after moving CSManagementStore due to the fact that "Lync Server Master Replicator Agent" service is not started on Lync 2013 Front End Server.
Starting "Lync Server Master Replicator Agent" takes care of the issue.
Monday, August 31, 2015
Resolve-DNSName: useful addition to Powershell commands
Resolve-DNSName (available in Windows 2012 R2 version of Powershell) is very useful command to obtain various statistics about DNS zone.
For example, if zones.txt file consists of the zones to check following command will help to find SOA record for every zone in the file:
Get-Content zones.txt | Resolve-DnsName -Type SOA | Select-Object Name, PrimaryServer | Export-Csv zones.csv -notype
Good article about usage of the command: http://exchangeserverpro.com/use-powershell-to-quickly-check-multiple-mx-records/
For example, if zones.txt file consists of the zones to check following command will help to find SOA record for every zone in the file:
Get-Content zones.txt | Resolve-DnsName -Type SOA | Select-Object Name, PrimaryServer | Export-Csv zones.csv -notype
Good article about usage of the command: http://exchangeserverpro.com/use-powershell-to-quickly-check-multiple-mx-records/
GPO settings are not listed (as they should per Microsoft article)
You may notice that the settings to be configured by GPO are not listed in your configuration.
The reason of that: specific settings are issued with KB update that got installed on the domain controllers, but not into the SYSVOL location of domain controllers.
To fix the issue you have to manually move the new policy definitions files to the proper location:
The reason of that: specific settings are issued with KB update that got installed on the domain controllers, but not into the SYSVOL location of domain controllers.
To fix the issue you have to manually move the new policy definitions files to the proper location:
- Copy @.adml file from c:\windows\policydefinitions\en-us to your local sysvol location under sysvol\policydefinitions\en-us.
- Copy @.admx file from c:\windows\policydefinitions to your local sysvol location under sysvol\policydefinitions.
Thursday, May 28, 2015
Granular permissions to move Computer Objects out of Computers Container in Active Directory
To configure granular permissions to move computer objects out of Computers container in Active Directory follow the steps:
- Use ADSIEdit/open "Default naming context".
- Navigate to Computers container/Security/Advanced.
- Desired group along with obvious permissions ("Delete Computer Objects" for "This object only", "List contents", "List object" and "Read all properties" for "This object only") needs to have "Allow" permission for "Write all properties" for "Descendant Computer objects".
Friday, February 6, 2015
List of Users with expired password - Quest Powershell
Get-QADUser
-SearchRoot "OU=YourOU,DC=YourDomain,DC=com" -SearchScope
Subtree -Enabled -Size 0 | Where-Object {($_.PasswordIsExpired) -eq $True} | fl
displayname, *password*
Tuesday, February 3, 2015
Powershell command to see all Exchange Hub Transport Queues in Org in one place
Get-ExchangeServer | ?{$_.serverrole -eq 'HubTransport'} | Get-Queue
Thursday, January 29, 2015
Issue: Out-Of-Office (OOF) is not being sent
Issue:
Out-Of-Office (OOF) is not being sent.
(also you see
event id 3004 in the application log of Exchange mailbox Server:
The Rules quota
of mailbox XXX has been reached and the automatic reply rules can't be enabled
or updated. Delete some existing rules or increase the user's rule quota and
try to set the automatic reply again. You can use the Set-Mailbox cmdlet to
increase a user's rules quota.)
Resolution:
Increase the
user rules quota:
Get-mailbox XXX
| select rulesquota
Set-mailbox XXX
–RulesQuota 128KB
Subscribe to:
Posts (Atom)