Category: MS Exchange

Exchange Management Console (EMC) Very Slow loading

I have been getting this issue multiple times in my working life and I always forgot to put this up in the blog for future reference. Since, I’m getting this once again while troubleshooting an issue for a client, I decided to put this up.

There are multiple reason why your EMC loading very slowing

Your server is having a performance issue

This may sound obvious but sometimes system admins tends to look at only CPU and memory not disk I/O. Check the resource monitor and see which resource are bottlenecked. You might be surprised that AV or backup is running in the background.

Solution: paused or stop those resource hogging or use EMS.

EMC tries to connect to the certificate revocation list (CRL) Web site.

Exchange examines the CRL list to verify the code signing certificate. Since its connecting to the internet, most probably it’s using some of the IE components which we can control.

Solution: Turn off (Uncheck) “Check for publisher’s certificate revocation” & “Check for server certificate revocation” options on the server/workstations you are starting the EMC (Exchange Management Console) on. (ref)

Note: Proceed with cautions This is a security option and unchecking this represent a risk unless the machine is in a secure environment, please be aware the of consciences of this change.

  1. In Windows Internet Explorer –> Tools –> Internet Options –> Advanced tab
  2. In the Security section, uncheck the below two options “Check for publisher’s certificate revocation” & “Check for server certificate revocationCapture111

 EnableTCPA is enabled

I haven’t had any situation which requires me to disable this setting. Richard Roddy in his Technet article, wrote that if you disable the TCPChimney and RSS, you will to also disbale TCPA. Here is the excerpt of this article.

After much troubleshooting by our Directory Services team, including debug tracing of the AD processes, etc., that showed that AD performance was just fine, it was finally found that the problem was due to the EnableTCPA setting under HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters. The value was set to 1, enabling the feature, while the other Scalable Networking Pack (SNP) features (EnableTCPChimney, EnableRSS) were disabled.

According to the Windows Networking team this combination can cause the TCP driver on that machine to think that the sender has reduced its sending capacity. The TCP driver then begins to perform regular jobs in response to the low sending capacity, rather than just immediately responding to the requests. This behavior causes the slow response/pauses that we could see in the network traces. However, the fact that the TCP driver is waiting to send the outgoing packets is something that cannot be seen.

The solution: disable the feature by setting EnableTCPA to 0.

You can read the whole article here

http://blogs.technet.com/b/richardroddy/archive/2011/02/16/exchange-2010-management-tools-are-very-slow-to-open-and-respond.aspx

Personal note: I’ve always prefer to use Exchange Management Shell (EMS) since it is faster and it provides more options whether for reporting, troubleshooting, configuring or day-to-day management. I think it’s worth for a new or existing Exchange admin to invest some of his/her time learning PowerShell 😉

Exchange 2013: Exchange Admin Center (EAC) blank

Recently we have extra servers in our environment idling for quite sometime and since I’m also have some extra time that I can squeeze out of my day, I decided to test Exchange 2013. Sadly, after almost 18 months it was released I’m able to test it fully.

The installation is a breeze since Microsoft have simplified the Exchange 2013 server roles as in Exchange 5.5 – 2003 with only 2 roles, CAS & Mailbox. Anyway, installation part will be in another post.

One of the major changes in Exchange 2013 is that there is no more EMC (Exchange Management Console) and that’s really a good news for me as I have always hated using EMC due to the time it takes to present the information and lack of filtering feature as well as details information. It has been replaced with Exchange Admin Center or EAC.

I believe the most common issue for someone who testing Exchange 2013 is, you don’t know how to access EAC and when you have the address you are getting a blank screen.

How to access EAC

Https://servername.fqdn/ecp

Capture

if you are getting a blank screen

open your Exchange Management Shell (EMS) and run this command

Get-EcpVirtualDirectory | FL *URL*

Capture

Look for the InternalURL and copy and paste into your browser. Viola! You will get the the interface as in the 1st screenshot!

Hope this helps people who have the same problem like mine.

-Lokman-

Exchange 2010: Check Exchange Service and Start/Stop Service

We had an issue yesterday where some of our exchange services was stopped. You can easily check this using these command from Exchange Management Shell (EMS)  for Exchange 2010.

Test-ServiceHealth

Screenshot of the command from CAS/Hub Transport servers
Capture-cashub-ems
Screenshot of the command from Mailbox servers
Capture-mbx-ems
Take note on the “ServicesNotRunning”.

Here is the command you need to start/stop any of the Exchange Services. If you want to properly restart Exchange Service without rebooting the servers, copy and paste this in Powershell console/Exchange Management Shell. Make sure you its in the same order of the one listed below.

Stop-Service MSExchangeAB
Stop-Service MSExchangeADTopology
Stop-Service MSExchangeAntispamUpdate
Stop-Service MSExchangeEdgeSync
Stop-Service MSExchangeFBA
Stop-Service MSExchangeFDS
Stop-Service MSExchangeIS
Stop-Service MSExchangeMailboxAssistants
Stop-Service MSExchangeMailboxReplication
Stop-Service MSExchangeMailSubmission
Stop-Service MSExchangeProtectedServiceHost
Stop-Service MSExchangeRepl
Stop-Service MSExchangeRPC
Stop-Service MSExchangeSA
Stop-Service MSExchangeSearch
Stop-Service MSExchangeServiceHost
Stop-Service MSExchangeThrottling
Stop-Service MSExchangeTransport
Stop-Service MSExchangeTransportLogSearch

Start-Service MSExchangeAB
Start-Service MSExchangeADTopology
Start-Service MSExchangeAntispamUpdate
Start-Service MSExchangeEdgeSync
Start-Service MSExchangeFBA
Start-Service MSExchangeFDS
Start-Service MSExchangeIS
Start-Service MSExchangeMailboxAssistants
Start-Service MSExchangeMailboxReplication
Start-Service MSExchangeMailSubmission
Start-Service MSExchangeProtectedServiceHost
Start-Service MSExchangeRepl
Start-Service MSExchangeRPC
Start-Service MSExchangeSA
Start-Service MSExchangeSearch
Start-Service MSExchangeServiceHost
Start-Service MSExchangeThrottling
Start-Service MSExchangeTransport
Start-Service MSExchangeTransportLogSearch

Hope this helps someone. Ping me

-Lokman-

Exchange 2010: Allow Anonymus Receive Connector for in-house application

If you are working or doing some migration work for a 40 years old company, chances are you bump into one or few legacy applications that don’t support SMTP authentication but it is still being used and will not be retired any soon. These application sends out email for notifcation.

To resolves this, we need to allow Exchange Receive Connector to allow relay without any form of authentication. Here’s how to do it form Exchange Management Shell(EMS).

Get-ReceiveConnector -Identity “Anonymous Relay Connector” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

As a best practice, make sure that you only allow connection from specific IP address. This can be done from Exchange Management Console (EMC) > Microsoft Exchange On-premises (your server name) > Server Configuration > Hub Transport > Receive Connectors

restricted

source: http://www.cgoosen.com/2012/01/exchange-2010-anonymous-relay-receive-connector/

3 Exchange Script that can save your time

Get Total Mailbox in each Mailbox Database

$Count = @{}
$Total = 0
Get-MailboxDatabase -Identity *<DB Prefix/Suffix>* |sort Name |ForEach-Object{
$MBs = Get-Mailbox -Database $_.Name
$Total = $Total + $MBs.count
$Count.Add($_,$MBs.count)
}

$Count | sort Name | Format-Table Name, Value
Write-Host "Total = " $Total

MailboxCount

Create an Exchange mailbox database + set all the standard settings + add copy of the DB to a DAG server

$DBName = "MYDB1"
$OriCopy = "ExchangeServer1"
$DAGcopy = "ExchangeServer2"

New-MailboxDatabase -Name $DBName -Server $OriCopy -Confirm -EdbFilePath "E:\Exchange_DB\$DBName\$DBName.edb" -LogFolderPath "E:\Exchange_DB\$DBName\TL" -OfflineAddressBook "\My-OAB" -PublicFolderDatabase "My Public Folder" -Verbose
Start-Sleep -Seconds 300
Set-MailboxDatabase -Identity $DBName -RecoverableItemsQuota 512MB -RecoverableItemsWarningQuota 400MB -IssueWarningQuota 230MB -ProhibitSendQuota 245MB -ProhibitSendReceiveQuota 256MB
Start-Sleep -Seconds 10
Mount-Database -Identity $DBName
Start-Sleep -Seconds 15
Add-MailboxDatabaseCopy -Identity $DBName -MailboxServer $DAGcopy
Start-Sleep -Seconds 10
Set-MailboxDatabase $DBName -CircularLoggingEnabled $true
Dismount-Database -Identity $DBName
Start-Sleep 20
Mount-Database -Identity $DBName

Move mailbox from a DB to another if Mailbox size and Mailbox Dumpster size is match the criteria

$SourceDB = "EDB01"
$TargetDB = "EDBT01"

$mbxs = Get-Mailbox -Database $SourceDB| Get-MailboxStatistics | where {($_.TotalItemSize -lt 256MB) -and ($_.TotalDeletedItemSize -lt 512MB)}


$mbxs | ForEach-Object{

	Get-Mailbox $_.DisplayName | New-MoveRequest -TargetDatabase $TargetDB

}


Change Scope in Exchange Management Shell (EMS)

If you are an Exchange admin in a large organization where you have multiple domain in a forest and you just want to see all the Exchange object in the forest, you can use the following cmdlet

Capture

Set-AdServerSettings -ViewEntireForest $True

to change back, just change from $true to $false
Set-AdServerSettings -ViewEntireForest $false

Note:

In this mode, be careful when you ran any cmdlet as it will display all the related object in the environment if you are not careful with it. Eg. Get-Mailbox will list out all the mailbox in the forest. Imaging 20,000 mailboxes.
And to top it, Get-Mailbox -Database DBNAME | New-MoveRequest -TargetDatabase TARGETDBNAME. If you are not careful, you might move some other domain mailbox to yours. ahaha!