Microsoft Exchange Server 2007 Shapes and Icons for Visio

April 15, 2008 — Julie

I was just diagramming an Exchange 2007 deployment and came across the Microsoft Office Visio Stencil Containing Shapes for Microsoft Exchange Server 2007, a free download from Microsoft.

This stencil and template provided enable you to create Visio drawings that contain Exchange Server 2007 objects. These shapes include icons for Exchange 2007 server roles, networking, telephony and Unified Messaging objects, Active Directory and directory service objects, client computers and devices, and other Exchange organization elements. 

To use this stencil, place these 2 files (MicrosoftExchangeServer2007_Icons.vst and MicrosoftExchangeServer2007_Icons.vss) in your local C:\Documents and Settings\yourname\My Documents\My Shapes folder.

In Visio, click File, click Open, and then go to your My Shapes folder. Open the MicrosoftExchangeServer2007_Icons.vst file. The shapes will appear in the Microsoft Exchange Server 2007 stencil in the Shapes pane.

This download requires Microsoft Office Visio 2003 or later.

 

Posted in exchange. Tags: , . Leave a Comment »

Troubleshooting Exchange 2007 ESE Event 491

March 31, 2008 — Julie

My Exchange 2007 SP1 server started reporting Event 491 in the Application Log.

Source: ESE Event ID: 491

edgetransport (3488) Transport Mail Database: An attempt to determine the minimum I/O block size for the volume “D:\” containing “D:\Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue\” failed with system error 5 (0×00000005): “Access is denied. “. The operation will fail with error -1032 (0xfffffbf8).

The Microsoft Exchange Transport service was not automatically starting as well. A few posts I found mentioned excluding the Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue directory from anti-virus scanning. I played around with all sorts of exceptions, but that didn’t resolve my problem. I even disabled the real-time A-V scanner and rebooted the server, but the problems persisted.

After hours of searching I came across this post, which pointed at permissions as the root of the problem. I had removed the default permissions on the Exchange installation drive, and Network Service was missing on the list of permissions. I tried to assign the fewest permissions as possible, but in the end here is what I assigned.

  • NETWORK SERVICE has all rights *except* Full Control and Modify on the TransportRoles folder, and inheritance is turned on. This full path is D:\Program Files\Microsoft\Exchange Server\TransportRoles\ on my server, yours may vary.
  • NETWORK SERVICE has Full Control on the D:\Program Files\Microsoft\Exchange Server\TransportRoles\data\ folder, and inheritance is turned on.
  • NETWORK SERVICE has Read & Execute, List Folder Contents, and Read on the D:\Program Files\Microsoft\Exchange Server\ folder.
  • NETWORK SERVICE has Read & Execute, List Folder Contents, and Read on the root installation folder, which is D:\ for me. I did everything I could to avoid this, but couldn’t make it work without assigning this permission.

After making these changes, reboot your server and you should find Event 491 gone and your Microsoft Exchange Transport service automatically starting once again.

Posted in exchange. Tags: , , , . Leave a Comment »

Troubleshooting Exchange Error 4.4.7 Delivery Delay and Failures

March 28, 2008 — Julie

 

One of our partners keeps receiving the following messages when trying to email certain domains:

This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.

user@domain.com

Where user@domain.com is the address he’s trying to send the message to.

Eventually he receives the following message

Your message did not reach some or all of the intended recipients.

The following recipient(s) could not be reached:

user@domain.com on 3/27/2008 9:11 AM

Could not deliver the message in the time limit specified. Please retry or contact your administrator.

<originating.mailserver.hostname #4.4.7>

He’s sending to addresses he’s previously sent to with no problems.

KB 284204 notes the following about the 4.4.7 error message:

Possible Cause: The message in the queue has expired. The sending server tried to relay or deliver the message, but the action was not completed before the message expiration time occurred. This NDR may also indicate that a message header limit has been reached on a remote server or that some other protocol timeout occurred during communication with the remote server.

Troubleshooting: This code typically indicates an issue on the receiving server. Verify the validity of the recipient address, and verify that the receiving server is configured to receive messages correctly. You may have to reduce the number of recipients in the header of the message for the host that you are receiving this NDR from. If you resend the message, it is placed in the queue again. If the receiving server is on line, the message is delivered.

You can see the problem is usually on the recipient’s server. Common causes are the recipients mail server is offline or otherwise unreachable, possibly due to DNS problems.

One thing you can try on the originator’s mail server is to increase the SMTP Virtual Server’s Delay Notification and Expiration Timeout settings.

To access these settings in Exchange 2003, open System Manager and navigate to Servers – Your Mail Server’s Name – Protocols – SMTP. Right click on your SMTP Virtual Server – Properties – Delivery tab.

SMTP Virtual Server Delivery Settings

I changed my Delay notification from 12 hours to 18 hours, and the Expiration timeout from 2 days to 4 days. You will need to tweak these settings to what is appropriate for your particular environment.

Another reason you may have these errors, especially with AOL email recipient may be you don’t have a DNS PTR record (Reverse DNS Record) for your mail server. AOL explains:

“AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.”

This means if your mail server doesn’t have a Reverse DNS record, your messages sent to AOL will fail.

AOL has a page where you can enter your mail server’s IP address to determine if AOL can find it’s corresponding Reverse DNS record. If you’re not sure what the IP address of your mail server is, you can look it up based on your domain name.

Also note that setting up a Reverse DNS record is not the same process you would perform while creating a host name or other record. With forward (regular) DNS you setup your name servers with your domain registrar, like Network Solutions. With reverse DNS you must contact your ISP to have them create and host the record. The reason why is because the ISP is who is ultimately responsible for your IP address, and only they can verify that your mail server does indeed reside at that particular IP address.

 

 

 

 

 

 

Posted in exchange. Tags: , , . Leave a Comment »

Howto: Force Outlook to Download Updated Exchange Offline Address Books

March 25, 2008 — Julie

I just created a new user on my Exchange 2003 server, and wanted to verify the new account was shown in the Global Address List (GAL). I’m using the Outlook 2007 client in cached mode, and I wanted to download the updated offline address book immediately, rather than waiting for it to perform it’s scheduled download.

KB 841273 explains that:

  1. Outlook in cached mode automatically updates the offline address book on the client every 24 hours. The 24-hour time period is measured from the time that the offline address book was last downloaded successfully. For example, if you complete an offline address book download at 09:00 today, Outlook will start the offline address book download the next day at approximately 09:00. Therefore, different people will receive updates at different, random times.
  2. Each day, the Exchange computer generates a full offline address book and a differential file from the previous day. The Exchange computer stores the differential file and the full file for the current day and stores only the differential files for the previous days.
  3. The default setting on the Exchange computer is to generate an offline address book differential file every morning at 04:00.
  4. By default, the Exchange computer generates the offline address book files every morning at 05:00.
  5. Unless you notice the last time that Outlook downloaded the offline address book, you may not know when Outlook is scheduled to try the next offline address book download. No indicator in the Outlook user interface advises you of the offline address book download schedule.

You can now see it’s virtually impossible to determine when my Outlook client would automatically receive the updated address list.

The steps I performed to force Exchange and Outlook to immediately synchronize the offline address books:

  1. One the server – Start Exchange System Manager, expand RecipientsOffline Address Lists. Right click on your address list and select Rebuild. You will be warned that it potentially could take a long time. Click Yes to proceed with the rebuild. Wait a few minutes, but if you have a small Exchange deployment this could finish in seconds.
  2. On the client – In Outlook click on the down arrow next to Send/Receive to open the menu. Click Download Address BookOK. Make sure that the Download changes since last Send/Receive check box is selected.
Posted in exchange, howto. Tags: , , . 4 Comments »

The correct order to stop and start BES services

March 5, 2008 — Julie

KB 13718 explains the correct order to stop and start Blackberry Enterprise Server (BES) services for Microsoft Exchange:

1. BlackBerry Router.
2. BlackBerry Dispatcher.
3. BlackBerry Controller.
4. All remaining BlackBerry services.

The BlackBerry Enterprise Server for Microsoft Exchange Disaster Recovery Guide explains the correct order is:

1. BlackBerry Controller
2. BlackBerry Router
3. BlackBerry Dispatcher
4. all remaining BlackBerry services

KB04293 explains the correct order for BES 4.0 or later with Exchange is:

1. BlackBerry Router
2. BlackBerry Dispatcher
3. BlackBerry Controller
4. all other BlackBerry Enterprise Server services

The BlackBerry Enterprise Server for IBM Lotus Domino Version 4.1.3 Upgrade Guide explains the correct order is:

1. BlackBerry Controller
2. BlackBerry Router
3. BlackBerry Dispatcher
4. all remaining services

I was unable to find any official Blackberry documentation regarding the proper order to stop and start the BES services for Groupwise, but this document on the Vodaphone support web site suggests the following order:

Start the Blackberry services in the following order:

1. Blackberry Dispatcher
2. Blackberry Router
3. Blackberry Controller
4. Blackberry Alert
5. Blackberry Attachment Service
6. Blackberry Mobile Data Service
7. Blackberry Policy Service
8. Blackberry Synchronization Service

Reverse the order of the services when you stop the services.

As you can see, the documentation does not consistently explain the order the BES services should be stopped and started.

Posted in Blackberry. Tags: , , , , , , . 1 Comment »

Clearing out Exchange SMTP queues using AQADMCLI

December 12, 2007 — Julie

I recently had to help a customer clean up their SBS 2003 server which had been used to send out spam. It seems that one of their user accounts had been compromised, and we were able to stop the spam by changing the user’s password. The server’s performance was horrible, even after a reboot, and we found messages stuck in over 500 SMTP queues. Rather than clear the queues one at a time, I used the Aqadmcli tool to delete all the stuck messages at once.

To clear all the SMTP queues at once, run the following from a command prompt on the Exchange server:

aqadmcli.exe

setserver [servername]

delmsg flags=all

quit

where [servername] is the name of the Exchange server containing the queues you want to clear.

You can also delete messages from a particular sender using the syntax

delmsg flags=SENDER,sender=user@domain.com

You can read more about this tool here [via the Wayback Machine]

KB 324958 describes an alternate way of cleaning up the SMTP queues. There is also a webcast that shows how to accomplish SMTP queue cleanup.

Posted in exchange. Tags: , , , , , . Leave a Comment »

Exchange 2003 Event 2000: “Verify that the Microsoft Exchange MTA service has started. Consecutive ma-open calls are failing with error 3051″

December 11, 2007 — Julie

One of the smaller networks I manage consists of a handful of users who connect to a SBS 2003 server. Their server keeps reporting the following in the Windows Application Log:

Event: 2000

Source: MSExchangeIS Mailbox

“Verify that the Microsoft Exchange MTA service has started. Consecutive ma-open calls are failing with error 3051″

This error would lead you to believe that the MTA Stack service wasn’t started when it should be. But if this is the only Exchange server in your organization and you aren’t connecting to an X.400 mail server, the MTA Stack service is not necessary. Previously I had even changed this service’s startup type to disabled, yet the server continued to report this error.

KB 810489 explains that stopping and disabling the Microsoft Exchange MTA Stack service is not sufficient to resolve this error. Two registry entries need to be created on the server for each public or private database on the server.

Open the following key in regedit:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ServerName

For each private or public database that is listed under this subkey, perform these steps

1) Right click on the database, select NewDWord Value. Name the value Gateway In Threads

2) Set the Gateway In Threads value to 0 (zero)

3) Right click on the database, select NewDWord Value. Name the value Gateway Out Threads

4) Set the Gateway Out Threads value to 0 (zero)

You must restart the Micrsoft Exchange Information Store service for the changes to take effect. The KB also explains:

“When you set the Gateway In Threads value and the Gateway Out Threads value to 0, Store and MTA connection failure events are not logged in the Application log after the MTA Stacks service has been disabled. If you create a new database on the server, you should set the Gateway In Threads value and the Gateway Out Threads value for the new database.”

Posted in SBS, exchange. Tags: , , , , , . 1 Comment »

Exchange 2007 server sizing resources

December 3, 2007 — Julie

I’m getting ready to consult on a fairly large size Exchange 2007 deployment. The customer wants some server specs so they can get their servers ordered. Here are some of the resources I use when calculating how many servers they should purchase and how large they should be.

Exchange 2007 Server Sizing Resources

Exchange 2007 Mailbox Server Role Storage Requirements Calculator spreadsheet

Exchange Server 2007: Platforms, Editions, and Versions

Exchange 2007 system requirements

Planning processor configurations for Exchange Server 2007

Planning memory configurations for Exchange Server 2007

Planning storage configurations for Exchange Server 2007 and storage validation

Planning Server Role Ratios for Exchange Server 2007

Determining the Number of Users an Exchange 2007 Unified Messaging Server Can Support

Planning for a Simple Exchange Organization

Planning for a Standard Exchange Organization

Planning for a Large Exchange Organization

Planning for a Complex Exchange Organization

Configuring, validating and monitoring your Exchange 2007 storage

TechNet Webcast: Storage Sizing and Testing for Exchange Server 2007 (Level 200)

Dell Exchange 2007 Advisor Tool

Data Collection Resources for Current Exchange Environments

Microsoft Exchange Server Profile Analyzer (32 bit)

Microsoft Exchange Server Profile Analyzer (64 bit)

Posted in exchange. Tags: , . 1 Comment »

Howto: Filter Message Tracking logs in Microsoft Exchange using Powershell

June 19, 2007 — Julie

Today I’ve been working with a vendor, trying to figure out why not all of my client’s users are receiving a certain notification email. I enabled message tracking in Exchange 2003, but it creates a log file that’s in a fairly unreadable format.

I found this post that describes using the Microsoft Log Parser utility to run SQL queries against the message tracking logs. Even after reading the documentation and unofficial Log Parser reference site, I was having difficulties constructing the queries; I just wanted to know who received the email and what date and time they got it.

WindowsITpro.com had an article on Log Parser, but since I don’t subscribe to their site, I only got the first few paragraphs of the article.

This batch file generator gave me too much information. It seemed like exporting this information was way more difficult than it should have been.

Then I came across this Powershell script Glen wrote that generates a form that allows you filter the message tracking log files based on your criteria. It took all of three minutes to download and run, and I was able to save the information into a .csv file. Brilliant!

One more thing… if you want to use message tracking on an Exchange 2000 cluster, see Microsoft KB327977. And if your inetinfo.exe utilization suddenly goes through the roof, check out Microsoft KB811409. Both of these issues appear to be resolved in KB813840.

[updated 06-29-2007]

I found another Exchange log search tool. It doesn’t use Powershell, and I haven’t used it personally, but I would love to hear if it works or not.

Posted in howto, script. Tags: , , . 4 Comments »