|
So I'm really considering just forgetting about Single Sign on and ADFS for my users and just having them maintain separate credentials for their Office 365 email. Between the self signed certificate errors and the double logins and all that poo poo, they're going to be just as if not more confused by the process. It's less than 60 mailboxes, it's not any more of a pain in the rear end as active directory lockouts.
|
#
?
Jan 7, 2013 17:32
|
|
|
|
| # ? May 17, 2024 15:18 |
|
|
Don't use a self signed certificate? The whole point behind it is so there isnt any double logins. Sounds like you're doing it wrong.
|
|
#
?
Jan 7, 2013 18:37
|
|
|
Nitr0 posted:Don't use a self signed certificate? The whole point behind it is so there isnt any double logins. Everything I'm seeing on a few youtube tutorials shows when they go to the site portal and log in, they get redirected to a proxy and then have to log in again. Maybe they're just showing it wrong. I guess I should pick up a wildcard cert if the boss approves.
|
|
#
?
Jan 7, 2013 18:50
|
|
|
LmaoTheKid posted:Everything I'm seeing on a few youtube tutorials shows when they go to the site portal and log in, they get redirected to a proxy and then have to log in again. The double login may be a result of the browser not sending the Windows credentials. Internet Explorer might do it by default, but I think Firefox and Chrome can do it if you enable it. Other than that, how is the hosted exchange with o365? I've been looking into moving mail there for my small business clients, but comments in this thread have been scaring the poo poo out of me. I really want to ditch the on-premises Exchange for these clients. One of them already has ADFS (for the on-premises Dynamics CRM they insisted upon  ).
|
|
#
?
Jan 7, 2013 19:39
|
|
|
LmaoTheKid posted:Everything I'm seeing on a few youtube tutorials  http://technet.microsoft.com/library/dd727938(WS.10).aspx Stop watching youtube videos and going at things half-assed then blaming everyone else for your problems.
|
|
#
?
Jan 7, 2013 20:25
|
|
|
I loving HATE NETAPP SNAPMANAGER FOR EXCHANGE. That is all. Thank you. 
|
|
#
?
Jan 7, 2013 21:00
|
|
|
Nitr0 posted:
DEfinitely not blaming anyone but myself here. I wear a lot of hats and I had a migraine this morning so I got a bit frustrated. It's all coming together though. Now if I could only figure out why a bunch of mailboxes are failing on sync.  Briantist posted:You definitely do not want to be using a self-signed cert for SSO/ADFS. Save yourself the hassle and get a cheap wildcard or at least a SAN cert. I'm still in the preliminary stages of getting us on it. One I have more info I'll be sure to post a trip report.
|
|
#
?
Jan 7, 2013 21:22
|
|
|
Deleting the last PF database from my organization was at both incredibly frustrating (gently caress you non_ipm_subtree, why won't you delete?!) and satisfying.
|
|
#
?
Jan 8, 2013 16:08
|
|
|
LmaoTheKid posted:Everything I'm seeing on a few youtube tutorials shows when they go to the site portal and log in, they get redirected to a proxy and then have to log in again. So I actually had the chance to run through this myself today so I can give you a less snarky response. It wasn't that difficult to be honest. Took about 4 hours to setup with around 900 AD users We ended up paying for Office365 CRM because we're not sure if they're actually going to even use it in a year and it was cheaper than buying licenses for SQL and the licensing for an on-site solution. Follow the instructions carefully. Did you update your AD UPN's to your external domain? Did you get your users synced into Office365? Verified domain, no self signed certificates, did you setup a ADFS proxy server and put it in your domain then connect it to your ADFS server? Do you have split DNS so you can set your internal and external names to the right address? What exactly were you having problems with? e: follow this http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff652539.aspx Nitr0 fucked around with this message at 03:50 on Jan 9, 2013 |
|
#
?
Jan 9, 2013 03:46
|
|
|
Mierdaan posted:Deleting the last PF database from my organization was at both incredibly frustrating (gently caress you non_ipm_subtree, why won't you delete?!) and satisfying. I envy you. What are you using in place of Public Folders?
|
|
#
?
Jan 9, 2013 04:28
|
|
|
Nitr0 posted:So I actually had the chance to run through this myself today so I can give you a less snarky response. It wasn't that difficult to be honest. Took about 4 hours to setup with around 900 AD users Domains verified Dns split Mailboxes are still syncing. Thanks for the link. I'm slowly getting there. Nothing is giving me trouble yet, it just felt really overwhelming at first. But the more I read the better I feel about this. I WILL do this.
|
|
#
?
Jan 9, 2013 04:50
|
|
|
Gyshall posted:I envy you. What are you using in place of Public Folders? Nothing! Hurrah! Let me answer your question with a question: what are you using Public Folders for?
|
|
#
?
Jan 9, 2013 19:37
|
|
|
Mierdaan posted:Nothing! Hurrah! Depends on the client, but usually Public Calendars, Public Contacts, Public Tasks, etc. We're running on 2013 Exchange internally and use Shared Mailboxes, for what that is worth, but I'm not looking forward to investing the time and effort into teaching my clients how to use them instead of Public Folders (even though it is easy and straight forward as gently caress.)
|
|
#
?
Jan 9, 2013 20:21
|
|
|
Any reason why the mailbox migration tool in O365 will chew through all of my users but there is one where it's basically transferring as slow as loving molasses (like 900 bytes a second slow)? Exchange doesn't seem to be throwing any kind of errors and it prevents the drat sync from happening. Mailbox is reasonably small, and it looks like it's just the last part of the sync that it's slowing down on. Should I delete it from O365 and resync? EDIT: We've got a 20 meg line here in the office and we aren't experiencing any kind of routing issues. EDIT: now its fast again. What in the gently caress? Ok, disregard me on this one. Matt Zerella fucked around with this message at 20:36 on Jan 9, 2013 |
|
#
?
Jan 9, 2013 20:28
|
|
|
Gyshall posted:Depends on the client, but usually Public Calendars, Public Contacts, Public Tasks, etc. In order: SharePoint, don't use 'em, SharePoint. We've never used PFs here, all the way back to our first Exchange implementation on 2000, so getting rid of them was no big deal to us. Mostly it was our migration to 2010 and >=Outlook 2007 that let us ditch them.
|
|
#
?
Jan 9, 2013 20:51
|
|
|
LmaoTheKid posted:What in the gently caress? Welcome to Office 365 
|
|
#
?
Jan 9, 2013 23:26
|
|
|
LmaoTheKid posted:What in the gently caress? O365 does some throttling on mailbox migrations. Once you've transferred some amount of data that I can't remember they slow you down. It's meant to keep migrations from impacting the service, and it may be what you ran into here.
|
|
#
?
Jan 9, 2013 23:38
|
|
|
Powdered Toast Man posted:I loving HATE NETAPP SNAPMANAGER FOR EXCHANGE. Why is that? I have found doing SMBR restores to be the best thing since sliced bread. You just have to have your LUN and DB/Log layout set up and you're good to go.
|
|
#
?
Jan 10, 2013 00:03
|
|
|
skipdogg posted:Welcome to Office 365  Will Styles posted:O365 does some throttling on mailbox migrations. Once you've transferred some amount of data that I can't remember they slow you down. It's meant to keep migrations from impacting the service, and it may be what you ran into here. I think it has something to do with this mailbox specifically. I run the import with 3 threads, it'll work its way up to user L one of the threads stays on L and loving crawls, meanwhile one of the other threads moves on to user M and moves at 20 megs a minute (going by what the O365 migration box says) same for users N-Z. So loving odd. It's still going.
|
|
#
?
Jan 10, 2013 15:29
|
|
|
I've got a request from a Very Important Client, to back up and delete all the messages from a given folder, before a certain date, without actually looking at their email (so I can't just use Outlook). Backing up the messages is simple enough, since New-MailboxExportRequest takes the -ContentFilter switch (for the date request) as well as the -IncludeFolders switch (for the 'only this folder' part):code:This is Exchange 2010, so you can't request mail deletion as part of the export request. I want to believe that MS wouldn't omit such "obvious" functionality, but I know that's the road to disappointment. Any ideas? EDIT: fixed syntax in my search-mailbox command Weird Uncle Dave fucked around with this message at 17:03 on Jan 10, 2013 |
|
#
?
Jan 10, 2013 17:00
|
|
|
Saw this pop up reguarding exchange 2013. If you're discussing deploying this, have a loook http://theessentialexchange.com/blogs/michael/archive/2013/01/06/exchange-server-2013-gotchas.aspx
|
|
#
?
Jan 10, 2013 21:44
|
|
|
incoherent posted:Saw this pop up reguarding exchange 2013. If you're discussing deploying this, have a loook A lot of these are ridiculous. Outlook 2003 support gone? Good riddance. I'm sick of people complaining about support for ten plus year old technology. Stuff like this: quote:Other things are gone; don't waste too much time looking for them. Really? Bitching about IPV6, RPC over HTTP, etc. Embracing new/more efficient technology is not a bad thing.
|
|
#
?
Jan 11, 2013 15:45
|
|
|
madsushi posted:Why is that? I have found doing SMBR restores to be the best thing since sliced bread. You just have to have your LUN and DB/Log layout set up and you're good to go. It's great once you get it set up, yes. At the time I wrote that I was attempting to set it up on a new mail server that had over half a dozen LUNs and it got all pissy because I had the nerve to attempt to put my system files paths for each DB in the same place as the logs (logs are all on one LUN). I haven't been able to find this as a requirement anywhere in NetApp's documentation and the error it caused was truly bizarre (it's the same error you get if you move a DB to a different LUN after configuration and SME shits itself). I've always heard that putting the system files with the logs is perfectly acceptable and perhaps even a good practice. NetApp apparently thinks otherwise. This may have had to do with it being Exchange 2007. I really don't give a gently caress; it works now.
|
|
#
?
Jan 11, 2013 22:22
|
|
|
Quick question, when I start trying to connect my ADFS server to O365 and run these commands: Set-MsolAdfscontext -Computer <AD FS server FQDN> Convert-MsolDomainToFederated -DomainName <domain name> Will that disrupt my existing users at all using the on premises exchange server? I'm not ready to move them over to the O365 yet because I'm still having sync issues (that I think I've gotten around by exporting to PST and syncing up through a temp outlook profile).
|
|
#
?
Jan 14, 2013 20:50
|
|
|
no
|
|
#
?
Jan 14, 2013 20:57
|
|
|
Thanks. I'm almost there. Just need to set up this, then my proxy in our DR facility and the SSO portion will be over.
|
|
#
?
Jan 14, 2013 20:58
|
|
|
Is it really necessary to have scheduled maintenance run on every mailbox database every night? I ask because it's causing performance issues to have them all scheduled at the same time, although there seems to be some other stuff going on with that, as well. It doesn't really make sense to me for E2007 to suck down every bit of memory on a mailbox server as soon as scheduled maintenance starts, then gradually get worse over the next few hours until store.exe tanks when the server completely runs out of memory. Good times.
|
|
#
?
Jan 15, 2013 15:48
|
|
|
Powdered Toast Man posted:Is it really necessary to have scheduled maintenance run on every mailbox database every night? I ask because it's causing performance issues to have them all scheduled at the same time, although there seems to be some other stuff going on with that, as well. It doesn't really make sense to me for E2007 to suck down every bit of memory on a mailbox server as soon as scheduled maintenance starts, then gradually get worse over the next few hours until store.exe tanks when the server completely runs out of memory. Good times. So spread the maintenance windows out so it's not defragging all the databases at the same time? The maintenance process is a Good Thing, but you're just shooting yourself in the foot if you're running it against all the databases at once. You'll (probably) constrain yourself on disk IO and ensure that the maintenance processes never actually finish, and just end up restarting again the next day in a futile effort to complete. Check your event log for warnings about defrag processes not completing. Also, the maintenance process was moved to a continuous background process in Exchange 2010, which is one of the many good reasons to upgrade if you can.
|
|
#
?
Jan 15, 2013 16:11
|
|
|
Mierdaan posted:So spread the maintenance windows out so it's not defragging all the databases at the same time? I can't upgrade right now, sadly. No budget. Whatever, loving wankers... Anyway, staggering sounds good, although I'm unsure how long it will take to do each DB. They average about 30GB each and there are a dozen of them. Some are larger, some smaller. Looking at the current logging probably isn't helpful since, as you said, it's likely hitting an I/O ceiling and thus taking much longer than it should. For reference, this is a 8-vCPU ESXi VM with 16GB of memory allocated to it. Storage is on a NetApp FAS3240 via 10GbE. Should be pretty fast...
|
|
#
?
Jan 15, 2013 16:27
|
|
|
lmao. Why in the hell do you have 8 cores assigned to your exchange server? Do you understand how cpu's work on ESXi? You're most likely trashing the performance of your host with that in itself. I assume you have more vm's configured the same way?
|
|
#
?
Jan 15, 2013 17:49
|
|
|
Nitr0 posted:lmao. Why in the hell do you have 8 cores assigned to your exchange server? Do you understand how cpu's work on ESXi? You're most likely trashing the performance of your host with that in itself. I assume you have more vm's configured the same way? Not my loving decision. I think it went something like "HAY THESE PHYSICAL MAIL SERVERS WE ARE REPLACING HAVE 8 CORES SOOOOOO"
|
|
#
?
Jan 15, 2013 18:01
|
|
|
I honestly pity your organization and I would quit if I worked there. Have whoever manages your esxi read this http://blog.peacon.co.uk/understanding-the-vcpu/ It's a little out of date but the concepts are the same
|
|
#
?
Jan 15, 2013 18:20
|
|
|
Holy poo poo, after deleting a bunch of corrupted messages out of tha tusers mailbox, the O365 sync finally completed and it's ready to run every 24 hours. Boss is dragging his feet approving the certificate for ADFS but at least I've got some progress!
|
|
#
?
Jan 15, 2013 18:32
|
|
|
Ok, just a quick question... So we have multiple email domains like domain2.com, domain3.com, and domain4.com. Is there anything preventing me from doing a cutover on those MX/SPF records first before I cutover our main domain domain1.com (which is also our internal domain name, I didn't set it up!)? All domains are set up as federated. This would be great for me because I can bring our smaller companies onto office 365 first, reconfigure their blackberries, iphones, and outlook, and then move over our main company. Will this effect our daily sync that goes on from O365 to my on premises server?
|
|
#
?
Jan 28, 2013 18:40
|
|
|
Maybe I'm reading this wrong...I must be reading this wrong. If I understand correctly, I can install Exchange 2007 SP3 live on a production server without interrupting service, as long as I do it from the manual install package rather than Microsoft Update? Apparently it doesn't require a restart, although I would assume at some point it would have to restart Exchange services...which probably wouldn't take long. Has anyone ITT done this?
|
|
#
?
Jan 29, 2013 15:51
|
|
|
LmaoTheKid posted:Ok, just a quick question...
|
|
#
?
Jan 29, 2013 18:06
|
|
|
I've never seen that be the case - Exchange SPs usually want to shut down all Exchange related services (including IIS)
|
|
#
?
Jan 29, 2013 18:13
|
|
|
Gyshall posted:I've never seen that be the case - Exchange SPs usually want to shut down all Exchange related services (including IIS) Well, that's actually fine...I just wondered how long they would be DOWN. For example, is the upgrade going to take a long-rear end time on my mailbox server due to...I don't know, processing of the mailbox databases? I ran it on a virgin Exchange 2007 server and it only took 20 minutes.
|
|
#
?
Jan 29, 2013 18:30
|
|
|
Briantist posted:I don't know enough about the O365 process to say whether it would affect its intricacies (especially the daily sync and all that), but in general you shouldn't have a problem cutting over one of the domains, as long as the 365 side is ready to receive e-mails from the outside world. I've done that type of cutover moving between many different types of mail systems, but never exchange to hosted exchange (and never a system where the two were "aware" of each other like this). They're not really aware of each other besides O365 pulls nonsynced email from our onsite Exchange 2010 server, as far as I know, this isn't bidirectional. O365 is ready to receive emails for these accounts, I licensed them up and they have some downtime next week so I'm going to do it for them and see how it goes (only 2 users). They both have blackberries which will need to be wiped and then reactivated, which is probably going to be a bigger pain in the rear end than doing the actual cutover, but hey, here we go. I set the TTL for their MX records to an hour so when the cutover happens it should be pretty quick.
|
|
#
?
Jan 29, 2013 19:10
|
|
|
|
| # ? May 17, 2024 15:18 |
|
|
Powdered Toast Man posted:Well, that's actually fine...I just wondered how long they would be DOWN. For example, is the upgrade going to take a long-rear end time on my mailbox server due to...I don't know, processing of the mailbox databases? I ran it on a virgin Exchange 2007 server and it only took 20 minutes. Depends on your server speed, HD speed, etc. I have a bunch of HP ML350 G7's with 12k RPM drives and quad core processors, Exchange Service packs take about thirty to forty-five minutes, but YMMV.
|
|
#
?
Jan 29, 2013 19:34
|
|