Error when Creating an Recovery Storage Group in 2007


You may get an error similar to this when you are trying to create a RSG in 2007

Error encountered while trying to add database (Mailbox Database) into recovery storage group (Recovery Storage Group). Error message is: The mailbox database that you specified is already associated with a recovery mailbox database. Specified mailbox database: DATA-BASE-GUID.

 

This may be caused by an existing RSG, this includes on your 2003 exchange server.

Remove any RSGs on all exchange servers and re-run the RSG creation on 2007

More TMG and Exchange Goodness?


I have recieved several questions and comments on the TMG posts, I just wanted to say that they were initaly designed to be a easy “get it working” process.

If you would like more detail or a specific post please let me know and I’ll do more TMG\Exchange goodness.
Usefull sugestions = Tell me how to publish Sharepoint through TMG, or how do I configure OA publishing with integrated auth.
Not so usefull = Yeah man give me more TMG!

Exchange 2007/2010 certificates and new Go Daddy


I found recently a situation where the Godaddy cert chain wasn’t installed and some phone clients had issues, the following is a proven request\import process to install the cert and chain.

 So I gave this process to a friend and found out that I should either rename or subtitle this post, “Getting SBS 2008 to recognige your 2048 bit certificate” – great side effect!

  1. First make your cert request in powershell, it should look something like this:
    • New-ExchangeCertificate -GenerateRequest -SubjectName “C=US, O=Company, CN=mail.domain.com” -domainname mail.domain.com,autodiscover.domain.com,hostname,hostname.domain.local -FriendlyName mail.domain.com -privatekeyexportable:$true -path c:\cert_myserver.txt
    • IMPORTANT: don’t do any new cert requests or run any wizards until the cert is imported
  2. Send the cert request to Godaddy as a UCC certificate
  3. Import the Certificate to complete the request
    • Import-ExchangeCertificate –Path “C:\CertificateFile.cer” | Enable-ExchangeCertificate -Services pop, smtp, iis, imap
  4. Export the certificate
    1. Start –> Run –> MMC –> Add Snap-in –> certificates –> Local computer
    2. Right click certificate –> all tasks –> export
      1. Include the certificate chain and private key
      2. Enter a password
  5. Re-Import certificate including chain (this imports the chain certs also)
    1. Right click in a blank area of the certificate MMC –> all tasks –> import
    2. Select the certificate you exported –> import –> include the certificate chain.

 

And yes there are other was to get to the same result, this is just a simple easy to explain way

Add users to a distribution group from a .csv file in exchange 2007\2010 Powershell


  1. First make a CSV with 1 column called “PrimarySmtpAddress” populate with all the SMTP address of the users your adding to the distro (example below)
  2. Copy to the system that the command will be run on.
  3. Now run the following command in Exchange 2007 Powershell

import-csv C:\Distro1.csv | foreach {add-distributiongroupmember -id Distro1-member $_.PrimarySmtpAddress }

  1. Highlighted locations need to be modified to match the file and group names as this is just an example.
  2. Note: you can get the members with the following

                Get-DistributionGroupMember Distro1.csv | Export-Csv C:\Distro1.csv

 

#TYPE Microsoft.Exchange.Data.Directory.Management.ReducedRecipient      
PrimarySmtpAddress      
2007user@domain.net      
2003user@domain.net      
2010user@domain.net      

 

 

To do this on a new group you can follow this article at exchangeteam.com

Publish Exchange 2010 with TMG (cont)


Walkthrough on publishing all roles through TMG. (Part 4/4 SMTP)

This assumes:

  1. you have a MX record pointed to a name that points to the external IP of your TMG
  2. You have already configure your exchange to allow anonymous access on the receive connector

Configure SMTP rule on TMG

  1. Open Forefront TMG
  2. Click on  image_thumb51_thumb1[1]
  3. In the Action Pane under Task click image
  4. image
  5. image
  6. Enter your Transport Server internal IP
  7. image
  8. image
  9. image
  10. You should now be able to send mail through your TMG to your Exchange.

Publish Exchange 2010 with TMG (Forefront Threat Management Gateway) Series:

1. OWA
2. EWS\Outlook anywhere
3. Active sync
4. SMTP

Publish Exchange 2010 with TMG (cont)


Walkthrough on publishing all roles through TMG with AD pre-auth on TMG. (Part 3/4 active sync)

Configure Active sync rule on TMG

  1. Open Forefront TMG
  2. Click on image_thumb5[1]
  3. In the Action Pane under Task click  image_thumb6[2]
  4. Give the rule a Name ill name mine “2010 Activesync”
  5. image
  6. Next –> Next
  7. image
  8. Internal Site Name should be your CAS server FQDN (needs to be on the cert)
  9. image
  10. The external name is what you use to access active sync(Also needs to be on the cert)
  11. image
  12. Select the Listener OA listener created on Part 2.
  13. image_thumb24[1]
  14. image
  15. image
  16. Finish
  17. Now Outlook anywhere is published!
  • Go Back To OWA
  • Go Back to Outlook anywhere

  • Move on to SMTP

    Publish Exchange 2010 with TMG (Forefront Threat Management Gateway) Series:

    1. OWA
    2. EWS\Outlook anywhere
    3. Active sync
    4. SMTP

  • Publish Exchange 2010 with TMG (cont)


    Walkthrough on publishing all roles through TMG with AD pre-auth on TMG. (Part 2/4 EWS\Outlook anywhere)

    Configure Outlook anywhere rule on TMG

    1. Open Forefront TMG
    2. Click on image_thumb5[1]
    3. In the Action Pane under Task click  image_thumb6[1]
    4. Give the rule a Name ill name mine “2010 OA”
    5. image
    6. Next –> Next
    7. image_thumb8[1]
    8. Internal Site Name should be your CAS server FQDN (needs to be on the cert)
    9.  image_thumb9[1]
    10. The external name is what you use to access OA (Also needs to be on the cert)
    11. image
    12. Click new to make a new Listener
    13. image_thumb11[1]
    14. Name it whatever you want, I named mine “Basic Auth” because I am going to use it for Basic auth for OA\EWS.
    15. image_thumb12[1]
    16. Select one of the External IPs listed (not all IP addresses or you cant do multiple auth methods)
    17. image
    18. Select the certificate you imported earlier
    19. image_thumb14[1]
    20. Use HTTP Authentication
    21. image 
    22. Click –> Next –> Finish –> Select the Listener.
    23. image
    24. image 
    25. image_thumb19[1]
    26. Finish
    27. Now Outlook anywhere is published!

    Publish Exchange 2010 with TMG (Forefront Threat Management Gateway) Series:

    1. OWA
    2. EWS\Outlook anywhere
    3. Active sync
    4. SMTP