Search This Blog

Showing posts with label Exchange 2003. Show all posts
Showing posts with label Exchange 2003. Show all posts

Sunday, October 9, 2011

When do you require a Global Catalog?

There are certain time when you would need Global Catalog role available instead of just Domain Controller role.

The following events require a global catalog server:
  • Forest-wide searches. The global catalog provides a resource for searching an AD DS forest. Forest-wide searches are identified by the LDAP port that they use. If the search query uses port 3268, the query is sent to a global catalog server.
  • User logon. In a forest that has more than one domain (multidomain), two conditions require the global catalog during user authentication:
    • In a domain that operates at the Windows 2000 native domain functional level or higher, domain controllers must request universal group membership enumeration from a global catalog server.
    • When a user principal name (UPN) is used at logon and the forest has more than one domain, a global catalog server is required to resolve the name.
  • Universal Group Membership Caching: In a forest that has more than one domain, in sites that have domain users but no global catalog server, Universal Group Membership Caching can be used to enable caching of logon credentials so that the global catalog does not have to be contacted for subsequent user logons. This feature eliminates the need to retrieve universal group memberships across a WAN link from a global catalog server in a different site.
    noteNote
    Universal groups are available only in a domain that operates at the Windows 2000 native domain functional level or higher.
  • Exchange Address Book lookups. Servers running Microsoft Exchange Server rely on access to the global catalog for address information. Users use global catalog servers to access the global address list (GAL).

Monday, May 18, 2009

Event ID 9325 logged when running Exchange Offline Address Book (OAB) generator

Description:
You notice that there are a couple of event ids 9325 being logged at your exchange server. All function seems to run normally. The error message shown something like “OALGen will skip user entry person name in address list '\Global Address List' because the SMTP address is invalid”.

Resolution:
Using Adsiedit.msc console, go to the SMTP proxy address attribute and proxyaddresses attribute. Check the value and correct or remove any invalid SMTP address. You can refer to the Microsoft KB 926206 (http://support.microsoft.com/?id=926206) for detail info for how to resolve these errors.

Event ID 9321 logged when running Exchange Offline Address Book (OAB) generator

Description:
You notice that there are a couple of event ids 9321 being logged at your exchange server. All function seems to run normally. The error message shown something likes “OALGen could not generate full details for entry person name in address list '\Global Address List' because the total size of the details information is greater than 64 kilobytes.”

Resolution:
The most common cause for this is a large number of certificates published for the user, causing their details to be over the 64kb limitation for the details in the OAB. There is no way to increase this limit, so the solution is to remove any unneeded certificates from the users so that we get the details under 64kb.
To clean out the certificates:
- In ADUC, make sure View, Advanced Features is checked.
- Go to the properties of the user.
- Published Certificates tab.
- Remove any unneeded/expire certificates.

Exchange Server - Cannot Generate Offline Address Book (OAB) error 8004010e

Description:
Exchange server cannot generate offline address book. Newly created email address doesn’t appear at the Global Address List. At the event viewer you see error logged with event id 9338, 9330, and 9126. You’ve try changing the server generating OAB to other, but the same error occurs.

Resolution:
The most common reason for failure to generate the OAB with error 8004010e is a mangled attribute in Active Directory.
Use Nspitool.exe to identify which user has the mangled attribute.

1. Save and unzip the attachment to your Exchange server.
2. Click Start, click Run, type in cmd and click Ok.
3. Navigate the directory which you save the nspitool.exe in and run the following command: nspitool -WalkAddressList >c:\nspioutput.txt
You should see something like “QueryRows failed 0x8004010e on entry personname, WalkAddressList ended with 0x8004010e” on the output text.
Next step is to use adsiedit.msc to connect to GC partition to check the attribute value. Go to the user properties and check the manager attribute value. Is it the same with the Active Directory User and Computer (ADUC) version? If not, change the value at ADUC to something else, wait for the replication to occur, and change it back to the correct value.

The attribute value shown through ADUC and through adsiedit.msc should have the same result.
Run the nspitool.exe again and do the necessary fix until there’s no “queryrows” error anymore.

Monday, April 27, 2009

Exchange SMTP Internet Connector frequently down

Description:
You have Exchange 2003 Front-End server configure to route emails to third party appliance smart host. One day the Exchange Internet connector frequently converted to down state causing mail queue when sending to external address. No issue when the connector is configures to use DNS instead of smart host to dispatch email. You have check for possible Antivirus or SMTP Protocol issue using Winroute and Regtrace but everything looks ok.
On the Netmon trace result, you can see that Exchange didn’t receive ACK for certain packet from the smart host and it terminates the connection after some times.

Resolution:
Make sure that the network speed and duplex setting at the smart host is the same with the connection setting at core switch. Running manual setup might be required to eliminate the issue.

Thursday, October 2, 2008

Email stuck at "Messages awaiting directory lookup" SMTP queue in Exchange Server 2003 or in Exchange 2000 Server

Description

Have you ever had an issue where all your mails get stuck at "Messages awaiting directory lookup" SMTP queue in Exchange? However this issue seems to be happening locally to certain storage group only. Other storage groups have no issue with email flow.
You have configured message journaling / archiving on the Exchange server.

Resolution

Make sure that the message archive location is a valid mailbox. If you had move the user account to another OU or container, please move it back again to the original location.
Restart the IIS Admin Service.

Monday, June 30, 2008

"Messages awaiting directory lookup" SMTP queue in Exchange 2003

Description
Suddenly you see an error "Messages awaiting directory lookup" on one of your Exchange Server 2003. Email cannot be send to/from those Exchange Server. They just stuck on your SMTP queue. Your other email server is working normally.

Resolution
One area that you might want to check when you see this error message in your Exchange Server is whether your storage group configured for Journalling or not.
If the answer is yes, you might want to check about the account that you use for Journalling.
In my case the account was move to other OU and simply return it back to the original OU resolve the issue.

There is a Microsoft Knowledge Base 884996 that you might want to check for further Information regarding this matter.

Saturday, April 12, 2008

Outlook RPC over HTTP doesn't work with 3G or fast connection

When you are out of the office and using Outlook with RPC over HTTP to connect to your Corporate email, you may have to enable the “on fast network, connect using HTTP first, then connect using TCP/IP” on the Microsoft Exchange Proxy Settings.

Example:
You are using 3G USB modem that have speed up to 7.5 MB.(This is most likely not the true internet speed you get, but this what windows detected). Outlook will consider it as fast network. If the above option is not selected, outlook will automatically go with TCP/IP for connection. Your outlook would not be able to connect to the mail server.

However if you put the check mark on, Outlook will go for HTTP and it should be able to connect to the mail server.


Of course the consequence is that you will be prompt to enter your Windows account authentication all the time when you open Outlook whether inside or outside Petrosea Office.


Note:
Outlook determines a user's connection speed by checking the network adapter speed on the user's computer, as supplied by the operating system. Reported network adapter speeds of 128 KB or lower are defined as slow connections. There may be circumstances when the network adapter speed does not accurately reflect data throughput for users.


Thursday, February 7, 2008

Receiving unwanted meeting related information in Outlook Inbox

Description
A user complains that he is receiving unwanted meeting related information in his Inbox. You examine the meeting details and found out that it doesn’t contain the user email address in the required, optional, or resources field. The meeting invitations were addresses to other email address.
Resolution
Most likely that one of the mailbox in the required, optional, or resources field of a meeting invitation has delegation setting to that user. On each mailbox, check the Delegate setting on Microsoft Outlook.
On Outlook, click Tools > Options > Delegates. See whether delegates are setup. Check on the permission details. Clear the ‘Delegates receive meeting related information send to me’.

Saturday, February 2, 2008

Error when rebuilding Offline Address Book in Exchange 2003

Description
The other day when I try to update the Offline Address Book in my Exchange Server, I get an error like this:
Exchange System Manager Error. The information store could not be opened.
The logon to the Microsoft Exchange server computer failed.
MAPI 1.0 ID no: 80040111-0286-00000000
ID no: C1050000 Exchange System Manager

Resolution
Make sure that the DNS and Active Directory are function correctly in your domain. Run DCdiag and Netdiag to make sure everything is ok.
Restart the Domain Controller and then restart the Exchange Server.

Error message 0x86000108 when trying to sync Windows Mobile 5.0 device with Exchange 2003

Description
If your organization uses Exchange 2003 as mail server and windows mobile 5.0 as the push email client, it's more likely that once a while u will receive the error message 0x86000108 when you sync email message.

Resolution
Look for the corrupted item in inbox, contact, task, or calendar. Move the corrupted item away to other place. Sync the device. After it works, you can move back the item again.

Search Google