Archive for the ‘Exchange Server’ Category

2012 in review

Posted: December 30, 2012 in Exchange Server

The WordPress.com stats helper monkeys prepared a 2012 annual report for this blog.

Here’s an excerpt:

About 55,000 tourists visit Liechtenstein every year. This blog was viewed about 240,000 times in 2012. If it were Liechtenstein, it would take about 4 years for that many people to see it. Your blog had more visits than a small country in Europe!

Click here to see the complete report.

Advertisements

I’ve been meaning to write this post for a while now but somehow never found the time to do it.

When migrating from SBS2008 to SBS2011 I have come across this issue a number of times now and each time I seem to get caught up in the moment and try to find another way of resolving this issue.

Lot’s of posts about this being a 3rd party connector that has been setup for a photocopier or mail service of some sort etc etc.  None of which is correct.

It’s plain and simple, this is a foreign connector in SBS 2008, and contrary to other posts, it does seem to be there by default, I have checked vanilla SBS 2008 installs and those that have been migrated. I even installed a fresh SBS 2008 in to a virtual machine and it was there too.

This can be confirmed by launching the Exchange Management Shell and running Get-ForeignConnector and if you want more details run Get-ForeignConnector | fl

It’s also part of the Migration guide from SBS 2008 to SBS 2008.

It’s purpose…to receive email addressed to companyweb.  If you check the Exchange Management Console on an SBS 2008 server you will see it listed under Organisation Configuration > Hub Transport > Remote Domains you will see the Windows SBS Company Web Domain.  This is the matching address space.

The purpose…to drop any emails destined for companyweb to a folder ready for pickup by Sharepoint.  By Default this will be C:\Inetpub\mailroot\drop

This functionality is not available in SBS 2011 (or isn’t as far as I can tell) therefore before migration you will need to remove the foreign connector.

To do this, run the following command Remove-ForeignConnector –Identity “Windows SBS Company Web Connector SERVER2008” and then select Y at the confirmation prompt.

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

My third tip Migration Tip #3 – Preparing for Live Migration can be found here: https://demazter.wordpress.com/2011/06/15/migration-tip-3-preparing-for-live-migration/

My fourth top Migration Tip #4 – The Migration can be found here: https://demazter.wordpress.com/2011/06/16/migration-tip-4-the-migration/

My fifth tip is based around testing and clearing up after the migration.  You’ve done all the hardwork, it would be a real shame to get this far and to encounter problems when you start to remove the old system.

Check over your work, do some test shutdowns of the old system.  Making sure that all users, data and systems are all operational during the shutdown.  Even go as far as to turn the system off for a week before you actually remove it from the network.  Making sure you tell your users that you are doing this and that any glitches you want to know about.  Believe me, all too often they will put up with a glitch and won’t tell you about it, until it’s too late.  You need to make it very clear that no matter how small you need to know about it during this “down” time.  It’s easier to resolve when the system is available than it is when it’s no longer part of your network.

There may be additional tasks you will need to perform once the old system is decomissioned.  These could include (but are not limited to):

  • Backups, check you are backing up the data/system in it’s new location.
  • Data flow, check that any dataflow in, out and around your network/systems have been updated to accomodate the changes you have made.  for example if it’s an Exchange migration, make sure that the firewall rules that control mailflow have been updated.  If it’s a SQL Database, make sure that any scripts/log shipping/etc have been modified. 
  • Check any internal/external DNS entries have been modified if required.  If migrating to the cloud these will be external changes, if internal migrations then they will be internal changes.
  • Check that any systems that interact with what has been migrated are still functioning, MFD’s, Fax Machines, NAS  devices etc etc.  The list is endless and only you will know what devices/systems you have in place.  Check them all.
  • Check with your users that they are happy that all of what they need access to is working and functioning as they expect it to.
  • Update your network documentation, do this now, whilst it’s still fresh in your mind.

Finally, once all that has been completed and you are happy that everything is working, decomission the old system.  Making sure of course you take a final backup before you do so.  Make sure you follow the correct procedure for removing the system you are migrating away from.  Don’t just turn it off and take it away.  Not following the correct procedure, can and will effect your network and any future migrations.

This is my final migration tip, I hope you have found them useful.  Please watch out for my next migration guide which will be available in the next few weeks which is Migrating Small Business Server 2008 to Small Business Server 2011.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

My third tip Migration Tip #3 – Preparing for Live Migration can be found here: https://demazter.wordpress.com/2011/06/15/migration-tip-3-preparing-for-live-migration/

My fourth tip is about the actual migration itself, you’ve done all the preparation, you have practiced and you’ve spoken to everyone with a vested interest.  Now it’s time to do the deed.  The actual migration.

My advice here, is to take your time, nobody will actually get affected by the migration until you move data.  If you are following a guide, then do so religiously.  I made the mistake on my very first migration of skipping a few steps because I thought I knew better.  Even if you think they don’t need doing, do them.  There is a reason these steps are in the guide.

Test each step as you go along, read it, read it again, then perform the step, then double check it.  Make sure you are happy with that the step is completed before you move on to the next one.

If you come across a problem or something you are not sure of, stop.  Don’t continue and think “it’s OK, I will sort that out later”.  Fix it now.  If you can’t fix it find someone who can help you before you move on.  There are some great Q&A sites out there where volunteer experts will help you. http://www.experts-exchange.com being my favourite and where I tend to hang out.  But it’s easier for the experts to help you if you haven’t continued past the problem.  Often continuing will cause you to create a bigger problem which will be more costly in terms of time and possibly money to resolve.

More importantly, if you encounter a problem that means you have to stop the migration then communicate this to the people using the system.  Make sure they know that what was your final deadline may now shift.  This makes sure you are not under any unnecessary pressure, and again, manages their expectation.

Performing a migration can be a stressful tasks, and lots of blue line watching.  So make sure you get away from the system whilst the installations are being performed.  The blue lines will still move if you don’t watch them.  And watching them will make the migration seem like it’s taking all that much longer.

Watch out for tip Migration Tip #5 – The Aftermath

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

So, we now have a healthy source server and you have practice until the match sticks snap what next?

My third tip is about making sure you are prepared for the task ahead. Any type of migration needs to be taken seriously, it is a business critical operation you are about to embark on. If you are in any doubt about it at all, now is the time to say so, and if necessary call in help.

If you are happy with the process and confident you are able to complete the steps to achieve your goal then the next thing we need to do is plan a time to do it.

Most migrations are not time limited other than SBS to SBS migrations that have a limit of 21 days where both SBS servers can co-exist at the same time.

Make people aware of what you are doing, involve them, explain that you are expecting to have teething problems but would prefer if they collated them and then passed them to you when you ask for them. The last thing you want is to try trouble shooting whilst trying to complete a migration.

Find out if there is anything business critical happening (a big bid/contract etc that needs to be out just when you take the mail system offline) that could be delayed by the work you are carrying out, and if so, delay your migration. Talk to absolutely every member of staff. Manage Expectation.

In reality, if you get it bang on, the end users shouldn’t even notice and I would say 99% of the migrations I have done this has been the case. But there is always the odd one.

Have a recovery plan, know how to back out of what you are doing if it does go pear shaped. If you need to lock and migrate huge amounts of data then make sure you plan this stage of the migration for when people aren’t going to be using the system as heavily.

Document what you are doing, make notes of which stage you have got to and what action you have just taken.  This might seem like a waste of time, but take it from someone who has picked up a few failed migrations from people just like yourself, it’s not.  Knowing exactly what stage you are at will help a consultant very quickly get to grips with the situation and this means a faster resolution.

And, most importantly of all, make sure you have backups! Take more than one, take one off-site, and do it different ways. I like to have a backup on either removable storage so I can access it quickly but also on tape just to be sure.

Watch out for tip Migration Tip #4 – The Migration

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip is about making sure you are familiar with the technology you are migrating to.

For many people, migrating to a new technology will be the first and only time they perform this task. So, it’s always a good idea to familiarise yourself with the setup process before you do it for real.  With the use of virtualisation technologies we can install and test new products without the need for new hardware and without the possible impact on our live environment.

There are a number of virtualisation products that will allow you to do this on your desktop/laptop computer. You need to consider that most new products (if not all) will be based on x64 bit architecture. This does limit the virtualisation technologies that you can use on the desktop. Some of my favourites are listed below.

VMWare Workstation, this is a paid product but worth its weight in gold: http://store.vmware.com/store/vmwde/en_IE/pd/productID.166452200/Currency.GBP/?src=PaidSearch_Google_PersonalDesktop_WKSN_EMEA_UK_EN_Brand
VMWare Server, this is free for use and technically should only be used on a Server Operating System, but it does work on Desktop OS for testing purposes: http://www.vmware.com/products/server/overview.html
Virtual Box: http://www.sun.com/software/products/virtualbox/get.jsp

Whichever technology you use, virtualisation will allow you to install the new software in a test environment, and keep installing it until you are happy with the process. Run through it 2, 3 even 4 times. Make sure you are familiar with the screens and what answers you are going to provide to the wizards. Take notes, even write a step-by-step of what you encountered and when you encountered it. Remember, the more you do now when you are in a safe “sandbox” environment, the easier and less pressurised the real thing will be. Don’t pay too much attention to the actual data you are entering as some of this will change when you do a migration as opposed to a new installation.

For the actual Migration Pick a migration guide for your technologies, it’s always best to use one that’s recommended by others and they have had good success with.  You will find my migration guides here: https://demazter.wordpress.com/category/migration-guides/ I use my guides in my own migrations and update them with any changes as often as possible.  Read the guide thoroughly before you start the migration.   It’s easier to get answers when you are not under pressure to fix things.

If you have the time and the inclination I would also suggest that you convert your physical source server to a virtual one. This will allow you to do a test migration with your actual source server. There are many tools for performing the capture and they depend on the virtualisation technology you are using and whether you want a free or paid product. Some examples of methods that can be used to convert physical machines to virtual ones can be found here: http://4sysops.com/archives/p2v-for-vmware-six-ways-to-convert-physical-to-virtual/

Doing a virtual migration with a virtual copy of your actual source server is a great way to identify any problems you may encounter during the real live migration. You then have the opportunity to rectify these issues and then try the migration again. Once you are happy the migration has worked you are then in a position to do the live backup. I would be doing 3 to 4 virtual migrations just to be absolutely sure.

Watch out for tip Migration Tip #3 – Preparing for Live Migration in the next day or two.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip is around source server preparation.

No migration is an easy migration, there is always potential for something to go wrong. All we can do is try to minimize this risk.

The biggest risk comes from the system we already have in place, the integrity of this system is paramount in ensuring a successful migration.

Making sure your source system is healthy and configured correctly will go a long way to ensuring you have a smooth migration.

Use analyzers and health check tools that are available from the vendor. Microsoft, for example, have a number of best practice analyzer tools. These can be used to identify any problems the system may have and provide advice on how to resolve them. Some of the ones I use regularly are listed below:

Small Business Server 2003 BPA: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3874527a-de19-49bb-800f-352f3b6f2922&displaylang=en
Small Business Server 2008 BPA: http://www.microsoft.com/downloads/en/details.aspx?familyid=86a1aa32-9814-484e-bd43-3e42aec7f731&displaylang=en
Exchange Server BPA (not for Exchange 2007 or 2010, the built in BPA should be used): http://www.microsoft.com/downloads/en/details.aspx?familyid=dbab201f-4bee-4943-ac22-e2ddbd258df3&displaylang=en
Internet Security and Acceleration Server BPA: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=d22ec2b9-4cd3-4bb6-91ec-0829e5f84063
SQL Server 2005 BPA: http://www.microsoft.com/downloads/en/details.aspx?familyid=da0531e4-e94c-4991-82fa-f0e3fbd05e63&displaylang=en

In a Microsoft migration I will use tools like DCDIAG, NETDIAG, REPLMON and REPADMIN to check for errors, even if it’s a single server. You would be surprised how easy it is to misconfigure a single server. Further details on the usage of these tools can be found here:

DCDIAG: http://technet.microsoft.com/en-us/library/cc773199(WS.10).aspx
NETDIAG: http://technet.microsoft.com/en-us/library/cc782085(WS.10).aspx
REPLMON: http://technet.microsoft.com/en-us/library/cc772954(WS.10).aspx
REPADMIN: http://technet.microsoft.com/en-us/library/cc755360(WS.10).aspx

Make sure the source system is up-to-date. All updates, service packs etc need to be applied. This may seem like a waste of time on a system that you are soon to be migrating out of your network but really it isn’t. New products from the same vendor normally rely on the source system being up-to-date. I have been known to spend hours installing service packs and updates on a source server.

It’s worth spending the time getting this part of the migration perfect. There are no timescales in play here you can take your time, once you start migrating there are pressures at play that will make the slightest hiccup seem like your whole world is imploding. I would consider this part of the migration process the most important, and therefore if you are not comfortable with this process, hire someone who is. Buying in consulting services to make sure the server is health can save you a lot of money.

Watch out for tip Migration Tip #2 – The Practice Run in the next day or two.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Introduction

Domain Names are a critical part of your Windows Environment.  The DNS (Domain Name System) is a foundation upon which Active Directories and Resources rely upon.  It can be a real problem if you need to go back and change your Domain Name.

So, before building your Windows domain it is important to choose the “correct” domain name.  Wherever possible you need to try and plan ahead, of course you cannot plan for company name changes or, a take over in years to come, because you simply don’t know about them. But….we can plan to be flexible, and we must consider technical and ownership issues at the same time.

Choosing your domain name

Whilst most people believe that the internal windows domain name needs to be something.local this isn’t strictly true.  While it is often easier if the suffix is .local, strictly speaking, it doesn’t have to be.  Let’s consider that point…

Some of the largest enterprises in the world use their external domain name on their internal network.  The most important consideration is that if you use domainname.com that you actually own domainname.com.

Why is this important? One of the main reasons that this is becoming a problem in recent days is because of 3rd Party SSL Certificates that are used to secure Small Business Server and/or Exchange 2007/2010. One of the default requirements for these systems is using the internal fully qualified domain name of your Exchange Server.

So by way of example let’s say you have an internal domain name of virtualdomain.com and your external domain name is abc.com.

When setting up an Exchange 2007/2010 server you would need to request an SSL Certificate that contained the following names:

  • Autodiscover.abc.com
  • owa.abc.com
  • exchangeserver.virtualdomain.com

When you request a certificate with these names in the first thing the Certificate Authority (CA) will do is perform a WHOIS lookup on the names you have requested. Anything .abc.com will show as your company owning the registration.

However when the CA performs a WHOIS lookup on exchangserver.virtualdomain.com they find that the registrant of this domain is a different company and therefore send them a request to authorise the name. Worse, if they don’t find a registrant for the domain then it is removed from the certificate request.

Can you see the problem?  If you own virtualdomain.com then by all means use it in your internal domain name.  If you don’t own it then don’t use it.

This is why most consultants will opt to use the .local suffix on internal domains.  Because when the CA receives a request .local they know it’s not an internet suffix and they will authorise it.

Now what about the dreaded company rename?…..Another common misconception is that when setting up a Windows Domain you must use the domain name for which you want to receive email for.  This is completely untrue.

You can configure Small Business Server and all versions of Microsoft Exchange Server to receive emails for any domain name, regardless of your internal domain name.  So let us now consider calling your internal domain name mydomain.local?

  • It is not linked to a specific company name
  • it will allow you to receive emails for your abc.com email domain
  • if you change your company name you don’t need to worry about trying to change the domain name so the new owner (or existing one) doesn’t have to see the old company name day in day out?
  • because it has a .local suffix you will never run in to problems in the future with SSL Certificates

Conclusion

With wider use of SSL certificates and a few common misconceptions created by the industry, it is important to deliberate over your internal domain name selection.  It’s also important to think ahead.

What might be a good idea or even a bit of a laugh now, could come back to bite you in the rear in a few year’s time.  So, be careful and conservative when choosing your name.

I personally like to give my domains something non-descript, because I do a lot of work for small businesses which can and often do get taken over.  I had one company that was bought out twice within the space of 3 years. I also had one company that split in to 2 companies and then both renamed themselves.

It can get messy and especially with Small Business Server where the internal domain name cannot be renamed, it can be impractical to use company specific domain names.

Of course there is always the case where the owner wants this but it’s our job as consultants to advise them why this isn’t a good idea.  And if they still want it then get it in writing 🙂

2010 in review

Posted: January 2, 2011 in Exchange Server

The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:

Healthy blog!

The Blog-Health-o-Meter™ reads Wow.

Crunchy numbers

Featured image

About 3 million people visit the Taj Mahal every year. This blog was viewed about 39,000 times in 2010. If it were the Taj Mahal, it would take about 5 days for that many people to see it.

In 2010, there were 38 new posts, not bad for the first year! There were 190 pictures uploaded, taking up a total of 13mb. That’s about 4 pictures per week.

The busiest day of the year was October 5th with 376 views. The most popular post that day was About.

Where did they come from?

The top referring sites in 2010 were experts-exchange.com, forums.msexchange.org, uksbsguy.com, google.com, and gfi.com.

Some visitors came searching, mostly for exchange 2010 offline defrag, import pst exchange 2010, exchange 2010 import pst, import pst in exchange 2010, and exchange 2010 cannot receive email.

Attractions in 2010

These are the posts and pages that got the most views in 2010.

1

About March 2010
4 comments

2

Outlook continually prompting for username and password February 2010
10 comments

3

Exchange DNS Configuration February 2010
5 comments and 1 Like on WordPress.com,

4

Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2 April 2010
7 comments and 1 Like on WordPress.com,

5

Importing PST files in to Exchange 2010 March 2010
1 comment

Since Exchange 2010 Service Pack 1 we have been promised an update for Microsoft Outlook 2007 that will provide support for the Personal Archive feature of Exchange 2010.

Previously this was only available using Outlook Web App or Microsoft Outlook 2010.

The update to allow this support in Microsoft Outlook 2007 is now available.

See here for further details: http://msexchangeteam.com/archive/2010/12/20/457238.aspx