|
Walked posted:Does anyone know if you can disable hyperlink filtering/blocking in OWA 2007? Are you referring to this issue?
|
#
¿
Oct 3, 2011 20:46
|
|
|
|
| # ¿ May 21, 2024 05:38 |
|
|
Walked posted:Yes, that's the exact one. Behavior by design, corrected in 2010 obviously, but when you see the "Workaround" worded that way consider it a big ol' WONTFIX. It isn't a bug, so much as a poor design decision. But then again, Exchange 2007 was full of poor design decisions, the awkward pubescence between 2003 and 2010. Your correction is likely going to be change the way the HTML is generating the links, or ~*~update~*~.
|
|
#
¿
Oct 4, 2011 19:15
|
|
|
sanchez posted:I have seen a change from backup exec towards backups at a vmware or SAN level. It's nice. You don't get granular recovery anymore but the deleted item retention in exchange can be tweaked to get around that. If someone wants an email back they deleted 6 months ago they're out of luck but whatever. As long as you have a copy of the database you can mount it as a recovery database and get whatever you want out of it.
|
|
#
¿
Oct 6, 2011 03:50
|
|
|
angry armadillo posted:Our Exchange server died a while ago, so we restored it and then bought a new server to move everything over to (exchange 2003 on both boxes). The new server is up and running happily and all the mailboxes are moved over etc. So in the RUS (DOMAIN) and RUS (Enterprise) you've removed the exchange server you are wanting to remove as the default mailbox creation location?
|
|
#
¿
Oct 11, 2011 13:37
|
|
|
angry armadillo posted:Well, they were never pointing at the exchange server I was trying to remove which seems to contradict the information I'm googling(?!) I'm a little confused. Yes you need to make sure that the DC is valid, but I'm specifically talking about the Exchange server property in that same window. Make sure both have an exchange server that you are keeping selected. e: oops nm I re-read the first line of the response. Looks like it isn't selected. You may want to check the administrative group in adsiedit to make sure that you don't have something lingering in there referencing the previous server. If you have to force the old exchagne server out, then it isn't a huge deal. Blame Pyrrhus fucked around with this message at 16:04 on Oct 11, 2011 |
|
#
¿
Oct 11, 2011 16:00
|
|
|
babies havin rabies posted:One of our users is unable to add a connection to the Exchange server on her iPhone. Her Exchange mailbox has ActiveSync enabled, all that good stuff, but the iPhone just returns "The connection to the server failed" (very informative, thank you Apple That is a strange one. There is a known issue with iOS devices and activesync on 2010 SP1 due to, of all things, a space in the label of an accepted domain. It manifests itself differently, in that you get a "could not download the message" in place of the actual mail message. I've run across it a couple of times where it only effects one specific mailbox on any iOS device the user tries. Other users are perfectly fine. I'm not saying this is the solution, but it's an easy thing to identify and correcting it has no organizational impact, since you are literally just changing the label you have given to an accepted domain. http://blogs.technet.com/b/exchange/archive/2010/09/01/3410888.aspx control-F and type "iPhone, OWA Premium and POP3 & IMAP4 issues due to invalid accepted domain". Probably isn't the cause, but it's the only known issue that jumps to mind that could be related. =/
|
|
#
¿
Oct 11, 2011 22:10
|
|
). Literally any other Exchange account on our domain works on the same phone with the same settings and will marry the mobile device to that mailbox's Mobile Phone Manager dialog just fine. I've tried disabling and re-enabling ActiveSync on the mailbox. I'm kind of at a loss but am guessing there are some permissions that have gone screwy somewhere. We migrated our Exchange server off an SBS box to a new '08 R2 server last weekend, although this user has never been able to connect succesfully.
|
Nitr0 posted:Hey, I've just skimmed this thread but didn't see anything mentioned. I don't have a wealth of experience with retention tags, but afaik this is exactly what they are designed to address. String the "delete and allow recovery" tag together with discovery roles to keep things tidy, but recoverable. You could move to E-Vault (and in a GFI vs. Symantec debate I would definitely go with the symantec product for a larger deployment), but you should be able to accomplish what you are trying to do with online archives, retention tags, and a discovery mailbox. Mierdaan posted:We use GFI MailArchiver - it's not bad. It'll definitely be an assload cheaper than Enterprise Vault, and as an extra bonus it's not a Symantec product! Mail archiver has it's own problems. As fair as it is to sell it on the basis of being "not symantec" you could easily counter that with "is GFI". GFI has gone in the shitter over the last few years, and their mail archiver has never been able to live happily on anything beyond a medium deployment. Their Mail AV product is about the only thing worth a poo poo past ~50 users. Also GFI easily has the worst support of just about any vendor I ever have to deal with. Opening a ticket with them is like tossing an entire day's time into a vast hole. Ever since 2010 was released I had to start phasing out their MailEssentials product and just start configuring IMF for even my smaller deployments, otherwise I get calls at random times of the day from clients complaining that they don't think their mail is going out. Why? Because when GFI is installed onto an Exchange 2010 box, there's about a 50/50 chance that it will randomly lock up the transport service and I end up having to manually restart it to get things flowing again. I wouldn't even bother with GFI at all if my bosses didn't have such a hard-on for their horrible products. I hate pushing garbage onto my clients.
|
|
#
¿
Oct 13, 2011 16:25
|
|
|
Mierdaan posted:Yeah we're definitely not a large deployment (250 users), but I haven't had any of the issues you've had with MailArchiver. The UI could certainly use some updating (a slide-bar for page selection? really?) but their tech support's always been better than I expected for a cheap product, and I haven't yet hit any really terrible bugs like services locking up or anything. GFI's tech support is fine if you just need help configuring the product, but the second you need their help diagnosing their own products then you are basically put on a call-back list and hear from them once a day (usually around 7PM). My biggest issue with Mail Archiver is that compared to dumping messages into an online archive, it seems to utilize a lot more space. The SQL database at my largest deployment for it (~65 mailboxes) grows about 12GB each quarter. This means that you have to include SQL licensing as part of the cost of deployment unless you want to play housekeeping with SQL Express. With retention tags you won't have the message duplicity, or the headache of managing SQL databases, which isn't a huge deal, but Exchange 2010 database management is so nice and easy comparatively.
|
|
#
¿
Oct 13, 2011 17:24
|
|
|
GigaFuzz posted:I probably didn't explain it properly. I was meaning to continue using the SBS, just make the MX record point to it (rather than the webhost's email servers) and use it for outgoing mail directly, as opposed to using the POP and SMTP connectors like we are at the moment. I was just looking for any caveats that might make it a bad idea for such a small shop. We still have a client that does this and it is awful. Where they are using Exchange 2003 in place of using PST files, but all of the outlook clients are using pop to get their messages from their hosting. No, I didn't configure it this way. Yes you could fix it and yes it would be pretty easy (change the MX record, configure all of the clients for plain ol' MAPI), but honestly you should be moving away from any 2003 deployments at this point rather than towards it. I would absolutely try and sell an office of 10 people on an office 365 solution.
|
|
#
¿
Oct 14, 2011 17:05
|
|
|
Trinitrotoluene posted:I have lost track of the amount of times multiple clients have phoned up while running the latest GFI ME, telling me that either their outgoing mail has locked up or GFI is letting in spam all together. Licensing is awful to, they give you a few "extra" per user licenses but you go one over and the organisation is going to be flooded with spam. It became really hard for me to justify continuing using 3rd party mail filtering when the built-in IMF works pretty well when properly configured. At least in 2010 / 2007.
|
|
#
¿
Oct 19, 2011 02:18
|
|
|
shablamoid posted:I have a remote user that is getting let go today and my boss wants me to make sure that he is unable to send emails out after he's fired. Does anyone know an EMS command to view and close connected Outlook clients? He's connecting with HTTP over RPC. That's a good question. Using set-casmailbox to disable their access might cut them off, but I've never tried. code:
|
|
#
¿
Oct 27, 2011 19:27
|
|
|
You should absolutely disable the AD account while you transition him. I was recommending the set-casmailbox cmdlet as a technical answer for cutting off a user while he is connected. It's an interesting question. I can't think of any reason not to disable a user's account while you transition him. You can reset the password / re-enable the account and such after-the-fact so you still have access. In the interim you can assign his e-mail address to another mailbox until you settle the position.
|
|
#
¿
Oct 27, 2011 21:08
|
|
|
babies havin rabies posted:Anybody know of any potential complications of running Exchange 2010 w/ OWA and Remote Desktop Web Access on the same server? It currently hosts our TS Gateway and functions without a hitch, but I want to get that RD Web interface up and running because making customized RDP files for every staff member is somewhat cumbersome. You should be fine. I tend to avoid mixing roles on my exchange servers these days, but I do have a couple of clients that run the pre-R2 TS Gateway role on Exchange 2007 boxes without issue.
|
|
#
¿
Nov 3, 2011 13:34
|
|
|
Furnok Dorn posted:Urgh, exchange's virtual directories in IIS for web access ate poo poo on me yesterday, so I followed the guide from microsoft to delete them/have exchange re-create them In exchange 2003 or 2007/2010? e: If it's 2003 then I've used this method (method 1) more times than I can count. Blame Pyrrhus fucked around with this message at 20:07 on Nov 9, 2011 |
|
#
¿
Nov 9, 2011 19:59
|
|
|
babies havin rabies posted:I need to add a user to a distribution group for a one-time 48 hour window. Is there a way for me to automate that? Google's no help. Set a scheduled task to run a Remove-DistributionGroupMember ps1 script  Be sure to set the powershell execution policy to something appropriate prior to doing this, and to add the -confirm switch since you won't be at the console to answer "yes".
|
|
#
¿
Nov 9, 2011 20:03
|
|
|
Furnok Dorn posted:I tried all those methods, they didn't work. Ha. Was it SBS by chance? For some reason I've found that I need to re-install exchange 2003 SP2 on SBS servers for various other reasons, to get things like the ESM opening again, and even once to get the public mailstore to re-mount after a patch and reboot.
|
|
#
¿
Nov 10, 2011 14:27
|
|
|
vyst posted:Just a quick question. I need to migrate my Exchange 2003 database store and log files to a new hard drive (running out of disk space). The new hard drive is installed on the same box as the old one and works fine is there anything else i need to do other than the following? In 2003 it isn't even this complicated. Go to the Mailbox Store Properties, and in the database tab browse to the target location for the database and streaming database. When you hit apply it will disconnect / move / reconnect for you. I've never had to change registry settings afterwards. Do the same general thing in the storage group properties to adjust the transaction log locations.
|
|
#
¿
Nov 11, 2011 17:38
|
|
|
wwb posted:Our generally reliabile Exchange 2010 server seems to have grown a "once every few weeks I lock up the MailStore hard and refuse to process poo poo" problem. Working on running down the cause, but nothing obvious pops out of the server logs. Any advices on where to look? Are you running GFI mailessentials?
|
|
#
¿
Nov 17, 2011 17:33
|
|
|
COCKMOUTH.GIF posted:Who the hell knows if my boss even did that to begin with. He likes to leave everyone in the dark when it comes to the details of any "upgrades" he's completed. This is a guy who in a production environment is running only one DC on RAID 1 and kept one disk from the array on the side untouched as a "backup" in case the upgrade went south. I'll poke around on the DC tomorrow morning. It's easy for a novice to miss a lot of steps when migrating away from 2003. Fire up ADSIEdit and if you dig down to the administrative groups, I bet you see the old 2003 admin group still in there. If everything is properly migrated, then it should be completely safe to eliminate that entire subtree in AD, but I wouldn't in this case. If I had to guess, I would say that when the migration to 2007 was done, a migration to a new DC was also done and likely not done correctly. Besides all of the AD-integrated brouhaha that comes with later versions of Exchange, there's probably stale DNS records still left over, improperly configured or missing replication partners, things like this can play hell with authentication. Windows 7 is a lot more tolerant w/r/t authentication problems, and there are a lot of core differences in how Outlook 2003 and 2010 utilize the MAPI. Your issue could be stemming from any number of these. I'll tell you the same thing I tell some of the guys at the office when little oddities like this crop up: Make sure AD is healthy, check everything. Do not expect anything to "work" until it is. In this case, check the NTFRS and Directory Services event logs on the DC, I bet there are a slew of errors and warnings barking at you in there. Blame Pyrrhus fucked around with this message at 19:49 on Dec 13, 2011 |
|
#
¿
Dec 13, 2011 19:42
|
|
|
I'm having a strange issue of my own. I'm going through the simple task of building out a DAG for one of my clients, and adding the second DAG member server keeps bombing out on me. What happens is, I can create the DAG, and add the first server fine. When I add the second, it brings the server into the cluster as a node (I can watch it do so in the failover cluster manager), but then that server fails to issue a heartbeat, and after a couple of minutes, is evicted from the cluster. The 2 systems have 1 NIC each, on the 192.168.0.x network. If I configure a second NIC on a physically separate 10.10.10.x network, use the set-dagnetwork command to only allow replication on that network, everything works just dandy. But I cannot ever utilize the 192.168.0.x network in the cluster in any capacity, so it is effectively useless for me to only use the 10.10.10.x network. I've looked high and low for probably causes, and have ruled out permission issues, problems with the CNO, and all of that jazz. The likely cause is that the client uses a sonicwall NSA device and basically just turned on all of the security features, so I'm pretty sure that some UDP filtering is blocking the cluster heartbeats, but I'm unsure how to work around this. I've turned off anything obvious on the NSA, but it's still happening. The 10.10.10.x network does not interact with the Sonicwall NSA device at all, and clustering works perfectly fine on that network. My question is: Can I make adjustments to how the failover clustering heartbeat behaves so that maybe it doesn't piss off the security appliance? I've used cluster.exe to look at the cluster properties, but am unsure what properties are the best ones to adjust. I've got carte blanche to do as I please on these VMs, and have even tried to completely remove and re-build them from scratch. I'm basically tearing my hair out here. edit: Traced it down to a definite issue with either the NSA or the switch, using network monitor I could see UDP/3343 drop for exactly 60 seconds at a stretch, causing the introduction to the cluster to fail. Giving sonicwall a call in the morning. Ugh. Blame Pyrrhus fucked around with this message at 23:30 on Dec 13, 2011 |
|
#
¿
Dec 13, 2011 20:53
|
|
|
Moey posted:This thread doesn't get much action, but I figured this is worth a shot. Not really possible. You have 2 "options" 1. The outlook client provides side-by-side views that accomplishes a similar effect. This is really how it should be handled, I imagine the unified calendar would be an unreadable mess by itself. Hell, you can nest all of the 20 shared calendars under the same shared mailbox (or *gag* public folder) if you want to ease access to it. 2. Create a single resource calendar and include it as a recipient for all calendar requests. If you actually do this, you need to re-evaluate your life choices.
|
|
#
¿
Jan 6, 2012 20:34
|
|
|
Furnok Dorn posted:Not sure if this is the right thread for this but I'll post it anyway and you guys can tell me to gently caress off if it isn't. The traps that report to blacklists have latency, so if you remove yourself very shortly after being nailed, some traps may still have a report for your IP queued from earlier, and then it re-submits you. You may be completely clean, but still get re-listed for a couple of days. Stay on top of it. Some antispam products cache results rather than re-submit. So joebob.com may still be using a previously checked result rather than performing a new check. Also some spam software perform checks on RBL providers that reference and cache other providers. This is why you always configure proper firewall and NAT policies for your mail services. quote:Shortly after I got re-blacklisted, and this time it is because we have two different domains that people send email from on the same exchange server, and apparently when they are doing a reverse lookup, they see a different domain name and blacklist us. People often conflate rDNS and sender domain validation, but they aren't the same thing. rDNS is a connection heuristic, to validate the connection, not the submitter's mail domain(s). rDNS checks against the incoming FQDN response, so you only require 1 record. For instance, let's say you run 2 mail domains on your server, - @bigdicks.com - @littledicks.com @bigdicks.com is your primary, so you define your FQDN on your send connector as "mail.bigdicks.com", which has the appropriate A and rDNS records in order. When your server submits "EHLO mail.bigdicks.com" the rDNS checks against that domain. The rDNS check only validates the connection, it is completely unrelated to the mail domain you are submitting for, that's what SPF records are for. The fact that you are submitting a mail for the domain @littledicks.com does not matter. Just make sure your SPF record for that domain is in order. For instance, my mail domain for my personal account is @pipefl.com Since I use hosted Exchange, the sending server(s) are going to use something like "serverfarm-02341.bigshit.outlook.com". Which has a proper rDNS PTR configured. Office365 doesn't define an entire send connector and unique IP for my 1 account on my personal domain, it sends mail for all of it's hosted domains out the same framework. So my SPF record for @pipefl.com reads: "v=spf1 include:outlook.com ~all" Blame Pyrrhus fucked around with this message at 19:26 on Jan 9, 2012 |
|
#
¿
Jan 9, 2012 19:24
|
|
|
LmaoTheKid posted:If I add another smtp address to a user in ESM (EX2010) and set it as the reply address, shouldn't it automatically switch over when a user reopens outlook? Is the change correctly applied in webmail?
|
|
#
¿
Jan 9, 2012 22:51
|
|
|
LmaoTheKid posted:Yep. Emails from her are still coming from the other domain (which I left there so email doesn't bounce). The new domain is set as the default. Basically if webmail reflects the change correctly then it's a client-side or caching issue. Try rebuilding her outlook profile if you haven't already. If webmail is not reflecting the change then double check her mailbox.
|
|
#
¿
Jan 10, 2012 14:38
|
|
|
LmaoTheKid posted:Thanks, it looks like it just took a while to replicate to hwer outlook. She's in LA and our server is here in NY. I'm getting replies from the new domain now. Guess I panicked. Remember this is all integrated into AD now, so you have to wait on replication out to other sites, which depending on your configuration could be hours.
|
|
#
¿
Jan 10, 2012 18:56
|
|
|
Drumstick posted:Question, If he removed his mailbox and re-created it, then users may still have the previous object in their autocomplete cache. This is separate from the Outlook Cached mode, I'm talking about the nickname cache (.nk2 file for Outlook 2007 and earlier). I'm talking internal users here, external users will have their messages delivered without issue, assuming his e-mail address is the same. The issue is that the outlook client caches the old account's no-longer-valid x400 information (I believe it's the x400 that causes the problem, somebody feel free to correct me) as part of the cached autocomplete. If replying to a message, it just replies to the correct object. And if you open outlook and manually select [TO:] then it also probably delivers. Solution: Have one of the affected users type his name into the To: field. As it drops down the autocomplete listings, arrow down to it and hit delete. Then try to send a message to the mailbox normally.
|
|
#
¿
Jan 10, 2012 19:08
|
|
|
Alfajor posted:I'm far from an expert in Exchange, but this seems unnecessarily complicated. I was asked to give a list of all emails under a distribution list. Only about 1/3rd of all users in AD are members of this distribution group, and the scripts I'm finding are not working for me. Exchange 2007 / 2010? get-distributiongroupmember -identity {groupname} |fl name,primarysmtpaddress Exchange 2003, no idea.
|
|
#
¿
Jan 12, 2012 20:12
|
|
|
Exchange 2003 gievs no fuks about CALs. You never actually install licensing for it. Sounds to be like the problem you are running into is a common problem with SBS 2003 and the licstr.cpa file. I bet if you simply google "licstr.cpa" you will see a slew of posts about problems just like your own. It's very common. The correction I normally take (you know, besides ridding yourself of SBS 2003) is to re-install your licensing, and then use the SBS server manager utility to perform a backup of the licensing. Sometimes I have to perform a restore soon after the correction, but it would normally stop after that. It's been forever ago since I had to dick with SBS 2003, but I remember there being a few KB articles about dealing with this specific problem. SBS 2003 is trash. Maybe point out the whole "tyool 2012" thing to the decision makers and put a bug up their rear end to upgrade. Newer versions of SBS are also trash and should be avoided.
|
|
#
¿
Jan 18, 2012 19:03
|
|
|
It's a little sloppy, but it really isn't anything to move mailboxes to a new database if you start experiencing performance issues with the current one. The "limit" is 2TB, but I never allow any of mine to grow past the 400GB mark. Mostly I would want to make sure that you have proper limits defined, that the database is redundant, that the storage that houses the database is properly configured. Things of that nature.
|
|
#
¿
Jan 19, 2012 15:33
|
|
|
LmaoTheKid posted:Is there any way I can modify the login page of OWA so users don't have to type "DOMAIN\" before their username? I tell them over and over again and they just cant be hosed to remember. I'm sick of getting emails about it, and we only have one domain. Set-OwaVirtualDirectory -identity "owa (Default Web Site)" -DefaultDomain bigdongs.local With a little planning, a more graceful solution for the whole user and domain problem is to add a UPN suffix for their mail domain, and set that suffix as the user's login suffix. So if your mail domain is bigdongs.com, add that as a domain suffix and then set all of your mail users to use it. Then they can use their e-mail address to log into webmail, their workstation, smartphones etc. You can add a suffix at any time, but the planning comes in the form of matching up their login credentials with what their e-mail prefix is. So if users login as bsmith, but their e-mail address is bob.smith@bigdongs.com, then simply adding the suffix won't work at that point, a little more retro work is involved, but easily scripted.
|
|
#
¿
Jan 24, 2012 16:30
|
|
|
LmaoTheKid posted:Thanks for the info, I'm going to go with the first option but ill look into UPN suffixes. The previous admin set up the domain as "domain.com" and we have a few users with separate domain names for their email, bu tthey still log into the same domain. So I have no clue how that applies to UPN. Off to readin' I go! If your internal domain and mail domain are the same, then you don't need to add a UPN suffix. The internal domain is the default suffix. In your case, if your e-mail addresses match your login name, then users can already just use their e-mail address to sign into things. So if you have a user named bob smith and his login name is bsmith, and his e-mail address is bsmith@domain.com, then he can be told to just log into OWA with his email address without any changes. For people with other mail domains, you can pipe a simply query to identify those users, something like: code:
|
|
#
¿
Jan 24, 2012 17:01
|
|
|
Spamtron7000 posted:I'm getting ready to plan out an Exchange 2003 to 2010 upgrade and I've got a question about address books. Back in Exchange 5.5 we used to be able to create custom address books based on attribute filters and then deny permissions to view the default address book, causing the custom address book to be the default. In Exchange 2003, doing this caused Outlook clients to have all kinds of issues. Escalating to Microsoft was fruitless so for the past 7 years I've had a ton of people who can see each other in the GAL that definitely shouldn't be able to. What a strange question. I don't think you can outright rid yourself of the default GAL, but you could certainly adjust the RecipientFilter properties so nothing is populated, it would just remain empty. e: Actually yeah, you can create multiple GALs, and define them however you like. There's a flag for "IsDefaultGlobalAddressList" you set for True on whichever list populates to your liking. Blame Pyrrhus fucked around with this message at 22:54 on Jan 26, 2012 |
|
#
¿
Jan 26, 2012 22:50
|
|
|
Bitch Stewie posted:Because you can't use Windows NWLB needed for a CAS array on a server that has the Microsoft Clustering Services needed to do a DAG, and I don't want two additional servers just to load balance the CAS array. Keep in mind that the NLB really doesn't have anything to do with the CAS array, the CAS array is strictly defined for MAPI connectivity, and is built out separately. CAS array members are advertised as available for RPC connections, and the client connects to whichever one is available. The FQDN doesn't even have to match what you designate for the NLB. If you use a hardware balancer you are likely going to have to configure static ports for the RPC CA services. For exchange purposes, NLB really only addresses HTTP(S) and SMTP connections. (to elaborate, if you have MAPI connections also coming in a hardware balancer, you will need to configure static ports for the RPC connections so that the balancer can make sense of it, by default the MAPI services will select a random port to use, and this normally works because of how the CAS array functions. That is: not like a NLB cluster, but a client determined direct connection among the available CAS array members.) How I do it, is I normally run 2 NLB member CAS/HT VMs in front of my DAG member servers. The VMs don't need to have much in the way of resources, and configuration really doesn't take anything. Microsoft NLB clustering works perfectly fine for both HT and CAS fail-over / balancing, with no extra configuration required. The VMs I end up building barely require managing, since they are essentially utility boxes. poo poo, I could probably restore them from a 6 month old backup. Blame Pyrrhus fucked around with this message at 01:11 on Jan 30, 2012 |
|
#
¿
Jan 29, 2012 23:37
|
|
|
Bitch Stewie posted:It's just a box + license count thing though, purely IMO. IIRC there's a problem with public folder connections and static RPC ports, but if you are moving to a DAG you can no longer utilize public folders anyways. This is also why you do not have to worry about Outlook 2003, it requires public folders to operate, and public folders cannot be made highly available, or be included in a DAG. So you will be removing any Outlook 2003 clients prior to building it out. Honestly the way you are going about it is actually less simple, building out 2 VMs and installing Exchange with the required roles would take maybe 5 hours total, and can be accomplished in a production environment with no impact until you've got everything configured and are ready to make the cut-over. It certainly won't cost as much as a hardware balancer. Remember, you get (with some restrictions) 4 VM installs per Server 2008 Enterprise license. So you may have some licenses available for the guest VMs already.
|
|
#
¿
Jan 30, 2012 23:56
|
|
|
madsushi posted:You can have Public Folders and have a DAG, your PFs just won't fail over (which may or may not be acceptable). Well yeah, I just never would consider a configuration with it as highly available. Basically it's tyool 2012, rid yourself of Outlook 2003 and all public folders at the earliest opportunity.
|
|
#
¿
Jan 31, 2012 02:24
|
|
|
Bitch Stewie posted:The Public Folder point is something I'd appreciate any info on. I know you can't DAG Public Folders like a mailbox database but you just have replicas for that AIUI don't you? Outlook 2003 works with MAPI CAS arrays, but when you are planning high availability in Exchange 2010 you phase out Outlook 2003 in preparation for the clustered DAG. In 2010, your mailbox database is a singular database lives on multiple DAG member servers, so let's say that mailbox database is named "MailDB01" and lives on 2 DAG member mailbox servers, "EXMB01" and "EXMB02". Now let's say you have a Public folder database, which is required for Outlook 2003. That database is named "PubDB01" and since it cannot be included in a DAG, it simply lives by itself on "EXMB01". You realize you need to make this data redundant, so you replicate the public folders to a new public folder database on "EXMB02" named "PubDB02". But... you need to assign a single public folder database to the single mailbox database. Which one do you assign? It can't be both. If you assign PubDB01 to the mailbox database, and then the server housing it dies, it cuts off Outlook 2003 users. You cannot assign PubDB01 to a copy of the mailbox database on EXMB01 and then PubDB02 to the copy that resides on EXMB02. quote:As much as I'm not trying to be a cock and disregard good advice, I really just don't want two servers to front a CAS array - sorry but I think that's just one of the retarded things Microsoft did with Exchange 2010 - doubtless it works but 4 servers, just.. no When you start dealing with scalability and availability, you really need to stop thinking in terms of "number of servers". "4 servers" for a basic fault tolerant exchange environment is nothing. If you are looking to avoid management headaches, it's going to be a lot easier to wrap your head around than 2 servers and an ill-fitting load balancing scheme. I mean I just don't see the difference in 1 VM with mailbox, ht, and cas roles installed, vs 2 VMs with 1 mailbox role holder and 1 ht / cas role holder.
|
|
#
¿
Jan 31, 2012 19:35
|
|
|
Bitch Stewie posted:Thanks, that makes a little more sense. Outlook 2003 is a non-issue as we have about 3 Outlook 2003 machines left in the business, and in the event of an outage that takes out a server, they're irrelevant basically. As it was explained to me by our Synnex guy, you need 1 exchange server license per role per instance of exchange per site. So 1 license will cover 1 HT, 1 CAS, and 1 mailbox role. If you split this between 2 VMs, one with a mailbox role, and one with a HT and CAS role, this is covered with 1 license if they are all within the same AD site. The mailbox role for the DAG is just configured as a usual cluster configuration, a front-end and back-end network. Set aside the IP you are going to use for the DAG, and make sure DNS is populated with all of the correct information blah blah blah. For the HT/CAS machines, I generally install a thin VM with 2 interfaces each. 1 for general utilization and 1 for the NLB membership. Typically these systems don't have anything larger than a 30GB HDD defined, and like I said, they are pretty static. If you are using Hyper-V you need to make sure that MAC spoofing is enabled on the VM's NLB NICs. If you are using VMWare you don't have to make any special considerations. Typically you just build a new NLB cluster using the NLB manager, and then build out the CAS array. Define all of the URLs appropriately (using the FQDN you assign to the NLB cluster) There's nothing you need to do to tie the mailbox servers in with the CAS or HT VMs, it's all AD integrated. When you are ready to cut over you will want to populate the send connectors appropriately. Issue a SSL cert with all of the correct SAN information to either of the CAS servers, does not matter which. Once it's configured just export that cert and import it into the other CAS server. When you configure the DAG it will automatically select a HT system as a quorum. You can add the other as a secondary quorum if you like.
|
|
#
¿
Jan 31, 2012 22:41
|
|
|
Also I wouldn't worry about "VM sprawl", just make sure everything is clearly identifiable and monitored. You need what you need, it can't be helped.
|
|
#
¿
Jan 31, 2012 22:43
|
|
|
LmaoTheKid posted:Now I need to slap another 12 gigs of RAM into the server because 12 isn't enough for about 45 mailboxes. Sheesh. You don't require 12GB for 45 mailboxes. If you don't manage your ESE Database cache limits then it will eat literally every byte of RAM available. There's nothing in the UI for this, and AFAIK no cmdlets facilitate this. You have to use ADSIEdit to set the min and max size. Read this: http://technet.microsoft.com/en-us/library/ee832793.aspx Do some math, set an appropriate limit, and watch the disk I/O performance. Typically I limit it to about 30MB to 50MB per active copy mailbox and never run into performance problems on dedicated boxes. My only advice to people that are going through the 2003 -> 2010 migration for the first time, is to eliminate public folder databases entirely, and use adsiedit to remove the 2003 administrative group once you are done. Graceful uninstalls of 2003 have never cleaned up AD properly, I'm not even sure it's supposed to. Blame Pyrrhus fucked around with this message at 01:41 on Mar 3, 2012 |
|
#
¿
Mar 3, 2012 01:32
|
|
|
|
| # ¿ May 21, 2024 05:38 |
|
|
psylent posted:Running Exch2010 - after I add an email address to an already existing mailbox - how quickly should that mailbox be able to receive external mail to that address? Immediately, unless you have really latent AD replication or other outstanding issues.
|
|
#
¿
Mar 6, 2012 01:34
|
|