Changing the scope so you can view the entire domain in Powershell

The requested search root domain.local/Users’ is not within the scope of this operation. Cannot perform searches outside the scope ‘child.domain.local’.


2007 = $AdminSessionADSettings.ViewEntireForest = $true

2010 = Set-AdServerSettings -ViewEntireForest $True

or use –ignonreDefaultScope on the command if applicable, i.e. get-mailbox –ignonreDefaultScope

Cannot remove a mailbox database in exchange 2010

Are you trying to remove a mailbox database and you have removed all the users mailboxes but you cant because it says: “mailbox database contains one or more mailboxes or arbitration mailboxes


  • Move the mailboxes (if you have a database to move to)
    • Set-AdServerSettings -ViewEntireForest $True
    • get-mailbox –arbitration –database | new-MoveRequest –targetdatabase
    • get-moverequest  = Look for compleation
    • get-moverequest | remove-moverequest
    • Remove-mailboxdatabase –id


  • Disable the mailboxes (no other database to move to, but don’t want to delete the ID)
    • Set-AdServerSettings -ViewEntireForest $True
    • get-mailbox –arbitration –database <databasename> | disable-mailbox
    • Remove-mailboxdatabase –id


  • Remove the mailboxes (Completely removing Exchange 2010)
    • Set-AdServerSettings -ViewEntireForest $True
    • get-mailbox –arbitration –database <databasename> | remove-mailbox
    • Remove-mailboxdatabase –id

Note: Only do option 2 or 3 if you are removing exchange entirely, if you intend to keep exchange in your environment you should do a move, if for some reason that doesn’t work and you disable or remove it you need to create a new arbitration mailbox “new-mailbox -arbitration”

Error Installing Exchange 2010 Mailbox Role


Couldn’t mount the database that you specified. Specified database: Mailbox Database XYZ; Error code: An Active Manager operation failed. Error: The database action failed. Error: Operation failed with message: MapiExceptionNotFound: Unable to mount database. (hr=0x8004010f, ec=-2147221233)
[Database: Mailbox Database XYZ, Server: server.domain.local].

An Active Manager operation failed. Error: The database action failed. Error: Operation failed with message: MapiExceptionNotFound: Unable to mount database. (hr=0x8004010f, ec=-2147221233)
[Database: Mailbox Database XYZ, Server: server.domain.local]

An Active Manager operation failed. Error: Operation failed with message: MapiExceptionNotFound: Unable to mount database. (hr=0x8004010f, ec=-2147221233)
[Server: server.domain.local]

MapiExceptionNotFound: Unable to mount database. (hr=0x8004010f, ec=-2147221233)


    1. Uninstall Mailbox role
    2. Run Setup /prepareAD
    3. Reinstall mailbox role
      • If you have problem uninstalling the role you may have to remove the Mailbox and Public Folder database using ADSI (not recommended if there is any data in your databases!!)image

Recover Exchange

Have you ever had have a situation where you need to just start over with your exchange server but don’t want to lose data? (OS corruption\ Hardware Failure\ too many undocumented changes that caused an outage)

Here are the “quick and easy steps to recover”

  1. Stop the “Microsoft Exchange Information Store” service
  2. Note the OS service pack level\patches\hotfixes
  3. Copy or backup all your database files *.edb (if they are on a drive other than C you may not even have to do that)
  4. Format the C: (that’s right format it, so if you have something else on it back it up)
  5. Reinstall the OS and re-service pack it
  6. Rejoin the domain using the same server name as before (this is critical)
  7. install the exchange prerequisites.
    1. 2003
    2. 2007
    3. 2010
  8. Reinstall using exchange media
    1. 2003 = setup /disasterrecovery
    2. 2007\2010 = setup /m:recoverserver
  9. Copy or restore the exchange databases back to the original location
  10. mount the databases
  11. DONE! exchange should be back up and running!

Understanding the Self-Signed Certificate in Exchange 2007


Understanding the Self-Signed Certificate in Exchange 2007: Exchange 2007 Help

I have been saying for a long time now that you need to use a well known 3rd party multiname cert if you want to use ActiveSync or outlook anywhere.

MS now agrees with me 🙂



When you create a certificate request you want to include the following:

  • (mail = your external name)
  • host.domain.local

Here is an example of a cert request

New-ExchangeCertificate -GenerateRequest -SubjectName "C=US, O=Company," -domainname,,hostname,hostname.domain.local -FriendlyName -privatekeyexportable:$true -path c:\cert_myserver.txt

And the import after you get the cert back

Import-ExchangeCertificate –Path “C:\CertificateFile.cer” | Enable-ExchangeCertificate -Services pop, smtp, iis, imap

Re-Creating a Linked Mailbox

Ran into this situation recently

Restored a mailbox to a user that was originally a “Linked Mailbox”, So we had a situation where we needed to convert the mailbox to a linked mailbox again.

  1. Here are the steps to take
  2. Disable-Mailbox -Identity User1
  3. Disable the user account in AD where the mailbox resides (this is the one that is missing in the MS KB
  4. Now link with the following

$cred = Get-Credential

Connect-Mailbox -Identity User1 -Database "Mailbox Database" -LinkedDomainController FabrikamDC01 -LinkedMasterAccount -LinkedCredential $cred

MS KB Reference

New user takes a long time to show up in the GAL

Add these all together and you can have quite a lag in seeing new users in your GAL.

  1. GAL generation (should happen at time of user creation but may be delayed by DC replication)
  2. Offline address book generation (every 24 hrs)
  3. OAB replicated to the CAS (can take up to 8 hours)
  4. Outlook download of OAB (24 hours from last download)

Things you can do to reduce lag.

  • Increase the OAB generation schedule (default is once a day @ 5:00 am)
    • EMC –> Organization Configuration –> Mail Box –> Offline address Book <tab> –> Properties of OAB –> Click Customize next to Update schedule –> modify to fit your needs (be careful to not make it often)
    • Sample script to set it to 4 times a day for every OAB (use caution as this could cause undue load on the server\client)
      • get-offlineaddressbook | set-offlineaddressbook -schedule “Sun.5:00 AM-Sun.6:00 AM, Sun.10:00 AM-Sun.11:00 AM, Sun.3:00 PM-Sun.4:00 PM, Sun.8:00 PM-Sun.9:00 PM, Mon.5:00 AM-Mon.6:00 AM, Mon.10:00 AM-Mon.11:00 AM, Mon.3:00 PM-Mon.4:00 PM, Mon.8:00 PM-Mon.9:00 PM, Tue.5:00 AM-Tue.6:00 AM, Tue.10:00 AM-Tue.11:00 AM, Tue.3:00 PM-Tue.4:00 PM, Tue.8:00 PM-Tue.9:00 PM, Wed.5:00 AM-Wed.6:00 AM, Wed.10:00 AM-Wed.11:00 AM, Wed.3:00 PM-Wed.4:00 PM, Wed.8:00 PM-Wed.9:00 PM”
  • Change OAB download interval in outlook (From MSKB# 841273)
    1. On the Tools menu, point to Send/Receive, point to Send/Receive Settings, and then click Define Send/Receive Groups.
    2. Click New.
    3. Type a name for the custom group.
    4. Click your Exchange account, and then click to select the Include the selected account in this group check box.
    5. Under Select the options you want for the selected account group, make sure that the only check box that is selected is Download offline address book, and then click OK.
    6. In the Send/Receive Groups dialog box, click your new group.
    7. Under Setting for group Group_name, click to select only the Schedule an automatic send/receive every check box, and then enter the number of minutes.
    8. Under When Outlook is offline, click to clear the check boxes.
    9. Click Close.

Forcing update

  1. Get-GlobalAddressList | Update-GlobalAddressList
  2. Get-OfflineAddressBook | Update-OfflineAddressBook
  3. Get-ClientAccessServer | Update-FileDistributionService
  4. Download Full OAB in outlook
    1. On the Tools menu, point to Send/Receive, and then click Download Address Book.
    2. In the Offline Address Book dialog box, make sure that the Download changes since last Send/Receive check box is checked.
    3. Click OK.