Troubleshooting through comparison

Ever run into an issue where one user or server works but another doesn’t and you wonder “what’s different”? Powershell to the rescue!! using compare-object and get content against the output of a get- command.

I am working on a script that all you have to do is answer the questions, and another to pull all the pertinent data for an environment and provide a comparison.

But for now here are some examples to get you started:

Compare user settings

• get-casmailbox UserA| fl > c:\a.txt
• get-casmailbox userB| fl > c:\b.txt
• or
• get-mailbox UserA| fl > c:\a.txt
• get-mailbox userB| fl > c:\b.txt

Compare CAS server settings

• get-ClientAccessServer ServerA | fl > c:\a.txt
• get-ClientAccessServer ServerB | fl > c:\b.txt

Compare Exchange Servers

get-EXchangeServer ServerA | fl > c:\a.txt
get-EXchangeServer ServerB | fl > c:\b.txt

Run

Compare-Object $(Get-Content c:\a.txt) $(Get-Content c:\b.txt) -includeequal

 

Here is the draft of the script, you will notice that there are several slots open for additional comparison please let me know if you would like me to add something to it or if you have any issues.

EDIT – I have added Service state and fixed 2 bugs I found in the script.

****************Start Of Script***************************************************

CLS
write-host
write-host
write-host Script provided by http://ExchangeMaster.wordpress.com -ForegroundColor green
write-host Exchange Server 2010\2007 – comparison script
write-host Please, select which comparison you are going to run..
write-host
write-host ’1) Compare Exchange servers’
write-host ’2) Compare 2010 CAS servers’
write-host ’3) Compare Mailbox servers’
write-host ’4) Compare Transport servers’
write-host ’5) Compare 2007 CAS servers’
write-host ’6) Compare Mail Enabled users’
write-host ’7) Compare Service State’
write-host ’8) ’
write-host ’9) ’
write-host ’10)’
write-host
write-host “Select an option.. [1-10]? “
$opt = read-host

switch ($opt)
    {
        1 { $serverA = read-host "Enter the name of the fisrt server"
    $ServerB = read-host "Enter the name of the second server"
    get-exchangeserver $ServerA | fl >  $env:temp\$ServerA.txt        
    get-exchangeserver $ServerB | fl >  $env:temp\$serverb.txt
    Get-Service -ComputerName $ServerA |Ft  name, status -a >>  $env:temp\$ServerA.txt
    Get-Service -ComputerName $ServerB |Ft  name, status -a >>  $env:temp\$serverb.txt
    Compare-Object $(Get-Content  $env:temp\$ServerA.txt) $(Get-Content  $env:temp\$serverb.txt) -includeequal > $env:temp\Compare_2010_EXchange.txt
    Invoke-Item $env:temp\Compare_2010_Exchange.txt}

        2 { $serverA = read-host "Enter the name of the fisrt server"
    $ServerB = read-host "Enter the name of the second server"
    Get-ClientAccessServer $ServerA | fl >  $env:temp\$ServerA.txt
    Get-OwaVirtualDirectory -Identity $servera\* | fl name, server, *url*, *auth*, *enabled, *version >> $env:temp\$ServerA.txt
    Get-ecpVirtualDirectory -Identity $servera\* | fl name, server, *url*, *auth*, *enabled, *version >> $env:temp\$ServerA.txt   
    Get-webservicesVirtualDirectory -Identity $servera\* | fl server, name, internalurl, externalurl >> $env:temp\$ServerA.txt
    Get-oabVirtualDirectory -Identity $servera\* | fl server, name, internalurl, externalurl >> $env:temp\$servera.txt
    Get-ClientAccessServer $Serverb | fl >  $env:temp\$ServerB.txt
    Get-OwaVirtualDirectory -Identity $serverb\* | fl name, server, *url*, *auth*, *enabled, *version >> $env:temp\$serverb.txt
    Get-ecpVirtualDirectory -Identity $serverb\* | fl name, server, *url*, *auth*, *enabled, *version >> $env:temp\$serverb.txt
    Get-webservicesVirtualDirectory -Identity $serverb\* | fl server, name, internalurl, externalurl >> $env:temp\$serverb.txt
    Compare-Object $(Get-Content  $env:temp\$ServerA.txt) $(Get-Content  $env:temp\$serverb.txt) -includeequal > $env:temp\Compare_2010_Cas.txt
    Invoke-Item $env:temp\Compare_2010_Cas.txt}

        3 { $serverA = read-host "Enter the name of the fisrt server"
    $ServerB = read-host "Enter the name of the second server"
    get-mailboxServer $ServerA | fl >  $env:temp\$servera.txt
    get-mailboxServer $ServerB | fl >  $env:temp\$ServerB.txt
    Compare-Object $(Get-Content  $env:temp\$ServerA.txt) $(Get-Content  $env:temp\$serverb.txt) -includeequal > $env:temp\Compare_2010_MAilbox.txt
    Invoke-Item $env:temp\Compare_2010_mailbox.txt}

        4 {$serverA = read-host "Enter the name of the fisrt server"
    $ServerB = read-host "Enter the name of the second server"
    get-TRansportServer $ServerA | fl >  $env:temp\$servera.txt
    get-transportServer $ServerB | fl >  $env:temp\$ServerB.txt
    Compare-Object $(Get-Content  $env:temp\$ServerA.txt) $(Get-Content  $env:temp\$serverb.txt) -includeequal > $env:temp\Compare_2010_Transport.txt
    Invoke-Item $env:temp\Compare_2010_Transport.txt}

        5 { $serverA = read-host "Enter the name of the fisrt server"
    $ServerB = read-host "Enter the name of the second server"
    Get-ClientAccessServer $ServerA | fl >  $env:temp\$ServerA.txt
    Get-OwaVirtualDirectory -Identity $servera\owa* | fl name, server, *url*, *auth*, *enabled, *version >> $env:temp\$ServerA.txt
    Get-webservicesVirtualDirectory -Identity $servera\* | fl server, name, internalurl, externalurl >> $env:temp\$ServerA.txt
    Get-oabVirtualDirectory -Identity $servera\* | fl server, name, internalurl, externalurl >> $env:temp\$servera.txt
    Get-ClientAccessServer $Serverb | fl >  $env:temp\$ServerB.txt
    Get-OwaVirtualDirectory -Identity $serverb\owa* | fl name, server, *url*, *auth*, *enabled, *version >> $env:temp\$serverb.txt
    Get-webservicesVirtualDirectory -Identity $serverb\* | fl server, name, internalurl, externalurl >> $env:temp\$serverb.txt
    Get-oabVirtualDirectory -Identity $serverb\* | fl server, name, internalurl, externalurl >> $env:temp\$serverb.txt   
    Compare-Object $(Get-Content  $env:temp\$ServerA.txt) $(Get-Content  $env:temp\$serverb.txt) -includeequal > $env:temp\Compare_2007_Cas.txt
    Invoke-Item $env:temp\Compare_2007_Cas.txt}

        6 { $userA = read-host "Enter the name of the First user"
    $userB = read-host "Enter the name of the second user"
    get-mailbox $userA | fl >  $env:temp\$usera.txt
    get-casmailbox $userA | fl >>  $env:temp\$usera.txt
    get-Mailboxpermission $userA | fl >>  $env:temp\$usera.txt
    get-mailbox $userB | fl >  $env:temp\$UserB.txt
    get-casmailbox $userB | fl >>  $env:temp\$UserB.txt
    get-Mailboxpermission $userB | fl >>  $env:temp\$USerB.txt
    Compare-Object $(Get-Content  $env:temp\$userA.txt) $(Get-Content  $env:temp\$userb.txt) -includeequal > $env:temp\Compare_user.txt
    Invoke-Item $env:temp\Compare_user.txt}

        7 { $serverA = read-host "Enter the name of the fisrt server"
    $ServerB = read-host "Enter the name of the second server"
    Get-Service -ComputerName $ServerA |Ft  name, status -a >  $env:temp\$ServerA.txt
    Get-Service -ComputerName $ServerB |Ft  name, status -a >  $env:temp\$serverb.txt
    Compare-Object $(Get-Content  $env:temp\$ServerA.txt) $(Get-Content  $env:temp\$serverb.txt) -includeequal > $env:temp\Compare_SErvices.txt
    Invoke-Item $env:temp\Compare_SErvices.txt}
    8 { }
        9 { }
        10 { }
        default {write-host “You haven’t selected any of the available options. “}
    }

*****************End of Script***********************************************************

Multi-domain Autodiscover with a shared name spaces

We had a situation where we needed to get autodiscover to go to a totally different url from the root domain, AND not modify the DNS records for the Root domain where the primary SMTP domain exists.

I want to STRESS that these solutions are for very specific cases and not for the purpose of replacing the primary AutoDutodiscover mechanisms.

 

Details of the environment:

• Exchange 2010 Domain for child company = Parent.child.com (not a typo)
• Exchange 2007 Domain for parent company = parent.com
• smtp email address for all clients = user@parent.com
• all mail is sent to parent.com and then if not resolved on parent.com and if unresolved forwarded to parent.child.com
• Mail Flow works fine
• Issue is with AutoD connecting to parent.com and unable to get parent.child.com AutoDiscover urls.

2 Solutions

1. If it’s a 2007\2010 server you can use a contact with the child domain as the target
• in the parent domain create a contact for user@parent.com with a target address of user@parent.child.com
2. Use a local autodiscover.xml file (highlighted values indicate values that may need changing)

Outlook 2007 checks for a Local Autodiscover file based on a registry setting. You can check by using the following information:

1. Open regedit, and browse to(or use one of the reg files below):
• Outlook 2007 Key: HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Autodiscover
• Outlook 2010 Key: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Autodiscover
2. Add the Dword: PreferLocalXML
• Value = 1
3. Add the STRING: parent.com
• Value: %programfiles%\Microsoft Office\Office\parent.xml

1. MODIFY the xml below with your servern names and URLS
2. Save the text below as %programfiles%\Microsoft Office\Office\parent.xml

 

****************************************Copy Below  and save as parent.xml************************************************************

<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
  <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
    <Account>
      <AccountType>email</AccountType>
      <Action>settings</Action>
      <Protocol>
        <Type>EXCH</Type>
        <Server>internalhost.Parent.child.com</Server>
        <ServerDN>/o=Parent/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=ExServer</ServerDN>
        <ServerVersion>720280FE</ServerVersion>
        <MdbDN>/o=Parent/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=ExServer/cn=Microsoft Private MDB</MdbDN>
        <PublicFolderServer>internalhost.Parent.child.com</PublicFolderServer>
        <AD>internalhost.amer.Parent.child.com</AD>
        <ASUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</ASUrl>
        <EwsUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</EwsUrl>
        <OOFUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</OOFUrl>
        <UMUrl>https://mail.Parent.child.com/UnifiedMessaging/Service.asmx</UMUrl>
        <OABUrl>https://mail.parent.com/oab</OABUrl>
      </Protocol>
      <Protocol>
        <Type>EXPR</Type>
        <Server>mail.Parent.child.com</Server>
        <SSL>On</SSL>
        <AuthPackage>Basic</AuthPackage>
        <OABUrl>Public Folder</OABUrl>
      </Protocol>
      <Protocol>
        <Type>WEB</Type>
        <External>
          <OWAUrl AuthenticationMethod="Fba">https://mail.Parent.child.com/owa</OWAUrl>
          <OWAUrl AuthenticationMethod="Fba">https://mymail.Parent.child.com/owa</OWAUrl>
        </External>
        <Internal>
          <OWAUrl AuthenticationMethod="Basic, Fba">https://internalhost.Parent.child.com/owa</OWAUrl>
          <Protocol>
            <Type>EXCH</Type>
            <ASUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</ASUrl>
          </Protocol>
        </Internal>
      </Protocol>
    </Account>
  </Response>
</Autodiscover>

**************************************************************************** Copy above******************************************************

 

****Outlook 2010 Autodiscover.Reg********************************************************************************************

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]
"PreferLocalXML"=dword:00000001
"parent.com"="%programfiles%\\Microsoft Office\\Office\\parent.xml"

***************************************************************************************************************************

 

****Outlook 2007 Autodiscover.Reg********************************************************************************************

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"PreferLocalXML"=dword:00000001
"parent.com"="%programfiles%\\Microsoft Office\\Office\\parent.xml"

***************************************************************************************************************************

 

 

Reference locations

http://technet.microsoft.com/en-us/library/cc837949(office.12).aspx

http://www.exchange-genie.com/2007/07/exchange-2007-autodiscover-service-part-1/

http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx

MSExchange ADAccess Event ID’s 2601, 2604, 2501

MSExchange ADAccess Event ID’s 2601, 2604, 2501

After a reboot of of Exchange 2010 server that resides on a Windows 2008 R2 server, the following events are logged in the Application Log

Log Name: Application
Source: MSExchange ADAccess
Level: Warning
Event ID: 2601

Log Name: Application
Source: MSExchange ADAccess
Event ID: 2604
Level: Error

Log Name: Application
Source: MSExchange ADAccess
Event ID: 2501
Level: Error

A NetLogon error of 5719 might also be seen in the Application Log.

 

While this article points out that this can be a normal occurrence it doesn’t explain why this is:

Today’s switches and NICs have advanced protocols that enable allot of really great functionality as well as stability, unfortunately many times that comes at the cost of negotiation time.

Here are some things you can do to remedy the issue

1. Enable functions like “port Fast” on your switch
2. Disable advanced functions on the switch (such as spanning tree)
3. Disable advanced functions on the NICs.
4. Delay the service startup (properties of the service –> startup type)
5. Configure Recovery options on the properties of the service to force it to restart the service.
6. In extreme cases you can make a service dependant on another service.http://support.microsoft.com/kb/193888

NOTE: disabling some services on a switch can put you at risk for things like network loops, so document your changes and weigh the pros and cons.