Tuesday, 30 July 2013

Important Update for Exchange 2013 RTM CU2!

If you have already applied Exchange 2013 RTM CU2 (build 712.22) then you should read this post from Ross Smith.  Basically you need to upgrade to new version of CU2 (build 712.24).

An issue was identified in public folder permissions being lost if the public folder mailbox is moved between databases on servers running build 712.22 so a new build has been released to include a fix for this.

Unfortunately any security updates for CU2 will depend on build 712.24 so you will need to apply this update even if you are not using public folders.

Direct link to the update: KB2859928

Tuesday, 16 July 2013

OWA for iOS Now Available!

The Exchange Team have just announced the release of an OWA app for iPhone and iPad.  I guess it is the app that you didn't know you needed brining a Windows Phone and  Exchange 2013 experience to iOS-based gadgets.

If you like the Exchange 2013 OWA experience then this will probably be a good replacement for the built-in mail client - the only catch is that it currently only supports Office 365 mailboxes but on-premise support is promised.

Available for free from the Apple App Store: iPhone iPad

Thursday, 30 May 2013

Exchange 2010 SP3 RU1 Released

Microsoft has just released the first update rollup for Exchange 2010 SP3.

Direct link to download: Update Rollup 1 for Exchange Server 2010 Service Pack 3 (KB2803727)

The list of fixes in this update is available from this link (KB2803727).

Wednesday, 15 May 2013

Quest Resource Update Manager: A security package specific error occurred

When using Quest Resource Update Manager (RUM) to perform a Discovery task, the task fails with: "A security package specific error occurred"

The article from Quest indicates a couple of possible solutions: https://support.quest.com/SolutionDetail.aspx?id=SOL92584

A better solution would be remove the computer from the RUM collection and re-add it using its FQDN instead.  Failing that use the computers IP address.

Tuesday, 23 April 2013

Exchange 2013 Deployment Assistant Updated

The excellent tool that is the Exchange 2013 Deployment Assistant has just been updated to include details for coexistence with Exchange 2007 and Exchange 2010 organisations.

If you haven't used the deployment assistant previously it is a web based tool that provides checklist based step-by-step instructions for Exchange installation, coexistence and migration scenarios for on premises organisations and hybrid configuration steps for working with Office 365.

The tool in its previous guise also provided this information for coexisting with and migrating to Exchange 2010 from Exchange 2003/2007 and the landing page with links to both tools can be found here: Microsoft Exchange Server Deployment Assistant

Friday, 19 April 2013

Get Internal and External URLs for all Exchange Virtual Directories

I've just had to check all the virtual directory URLs for a large Exchange implementation.  Due to the geographical locations of some of the servers the Get-*VirtualDirectory takes a while to execute so a quick script was required:
 $virtds = "ECP,OWA,OAB,WebServices,Activesync"  
 $array = $virtds.split(",")  
 foreach ($i in $array) {  
 $j = "Get-"+$i+"VirtualDirectory"+" | fl name,server,internalurl,externalurl"  
 iex $j   
The space between the " and | is intentional as you could add -Server in there if you wanted to list all the virtual directories on a particular server.

iex is the alias for Invoke-Expression which I have never found a use for until now.

Wednesday, 17 April 2013

"You must be assigned a delegating role assignment" Error

When you attempt to add a role to a user or group in Exchange 2010 or 2013 the following error is displayed:

You don't have access to create, change, or remove the "<Role>" management role assignment. You must be assigned a delegating role assignment to the management role or its parent in the hierarchy without a scope restriction.

Run these commands in the Exchange Management Shell:
 Add-pssnapin Microsoft*  

Relaunch Exchange Management Shell

Wednesday, 10 April 2013

Exchange 2013 IRM Configuration

These are the initial steps to configure AD RMS to support Information Rights Management in Exchange 2013 which I've collected here as TechNet has this information but it is spread over multiple articles.


Exchange 2013 is installed and operational (the steps will also work with Exchange 2010)
AD RMS is already configured and a valid certificate is installed on that server which includes the FQDN used in the Certification and Publishing URIs.  The AD RMS server is running Windows Server 2012 but Windows 2008 R2 is also supported.


1. Create a distribution group with the Federation mailbox as its only member
 New-DistributionGroup AdRmsSuperUsers  
 Add-DistributionGroupMember AdRmsSuperUsers -Member FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042  

2. Enable Super Users in AD RMS
2.1 In Active Directory Rights Management Services console, expand the AD RMS cluster.
2.2 Expand Security Policies then click Super Users.
2.3 Click Enable Super Users in the action pane
2.4 Click Change Super User Group
2.5 Type the email address of the AdRmsSuperUsers distribution group or click Browse to search for it.

3. Add Permissions to the AD RMS Server Certification Pipeline File
On the AD RMS server change the security of ServerCertification.asmx, located by default in C:\inetpub\wwwroot\_wmcs\certification\.  Both the Exchange Servers and AD RMS Service Group groups need Read & execute permissions to this file.

The default permissions are System:Full Control so these steps will be required:  On the Security Tab | Advanced | Continue | Add | Select a principal | Exchange Servers | OK.  Do the same for the AD RMS Service Group.

4. Enable Internal Licensing

Finally run this command in the Exchange Management Shell to enable IRM Internal Licensing:
 Set-IRMConfiguration -InternalLicensingEnabled $True  


Run this command in the Exchange Management Shell:
 Test-IRMConfiguration -Sender you@yourdomain.com  

If successful the output will look like this:
Now in Outlook you will see Set Permissions as an option when composing a mail.  This is what is displayed in OWA after the "Do not forward" permission is set on a new message:

More information on IRM can be found here: Information Rights Management in Exchange 2013

Tuesday, 2 April 2013

Exchange 2013 CU1 Released - 2007/2010 Coexistence Now Supported!

Microsoft has released the first quarterly cumulative update for Exchange 2013 and it can be downloaded from this link.

For the installation details and link to the release notes take a look at the Exchange Team Blog.

Tuesday, 19 February 2013

iOS 6.1.2 released to fix Exchange bug

Apple has released iOS update 6.1.2 to fix the bug which causes excessive activity on Exchange 2010 SP1+.

See the Microsoft KB here: KB2814847

The update is available over the air or via iTunes, more information from Apple here: DL1639

Wednesday, 13 February 2013

Exchange 2010 SP3 Released!

Microsoft has released Exchange 2010 SP3 today and co-existence support for 2013 is included, however in a last minute announcement you will need to use Exchange 2013 CU1 (that's Cumulative Update 1) media to do the install.  CU1 is also scheduled for release in Q1 2013l

Also supported is installing Exchange 2010 on a Windows Server 2012 platform, installing the management tools on Windows 8 and although it was possible before this update running 2010 in a forest at Server 2012 Functional level is also supported.  Installation will need to be done from the SP3 media and as with previous versions you cannot upgrade the server OS while Exchange us installed.

As with any previous Exchange service pack I would strongly recommend installing this update in your test lab and keep an eye on the TechNet forums for any issues that others have discovered.

Direct link to the download: Exchange 2010 SP3

Take a look at what's new in SP3 and the all-important release notes, especially if you are upgrading from 2010 RTM: What's New and Release Notes

Tuesday, 12 February 2013

UPDATED: Surprise Updates for Exchange Server

Microsoft has released Exchange 2010 SP2 RU6 and Exchange 2007 SP3 RU10 today neither of which gets any closer to supporting Exchange 2013.

Direct links to downloads:

2010 SP2 RU6 - KB2746164
2007 SP3 RU10 - KB2788321

As always it is a good idea to test these updates in a lab before applying them.

UPDATE: Although not mentioned on the download or information pages Exchange 2007 SP3 RU10 does allow for Exchange 2013 coexistence although you need to wait for 2013 CU1 as per this blog post: Exchange Team Blog

Tuesday, 29 January 2013

Windows Server 2012 AD Support for Exchange 2007/2010

The Exchange Server Supportability Matrix has been updated to include official support for Exchange 2007 SP3 and the yet to be released Exchange 2010 SP3.  There is no indication that the Update Rollup required to add Exchange 2013 co-existence support to Exchange 2007 SP3 is a prerequisite for Server 2012 AD.

The Supportability Matrix can be found here: http://technet.microsoft.com/en-us/library/ff728623.aspx