Category: Microsoft

Categories
Exchange Server 2010

Exchange 2010 : Transport Server Pressure Script

Exchange 2010 : Transport Server Pressure Script

The below script will output the ResourceManager status of all transport servers, this can be useful when troubleshooting functions performed by Exchange 2010 transport servers.

{code lang:php lines:false hidden:false title:false}foreach ($srv in get-transportserver -identity "*") {
  [xml]$diag = Get-ExchangeDiagnosticInfo –Server $srv.identity –Process EdgeTransport –Component ResourceManager –Argument verbose
  $srv.name
  $diag.Diagnostics.Components.ResourceManager.CurrentComponentStates
  $diag.Diagnostics.Components.ResourceManager.ResourceMonitors.ResourceMonitor | ft –a Type, Resourc*,*Pressure* | out-string
  Get-counter -ComputerName $srv.name -Counter "\MSExchange RpcClientAccess\RPC Averaged Latency" –SampleInterval 5 -MaxSamples 2
}{/code}

To understand what pressure states mean, and the impact of each state take a look at the following TechNet article: http://technet.microsoft.com/en-us/library/bb201658.aspx

Categories
Exchange Server 2010

Exchange 2010 : High Item Count in Critical Path Folder

Exchange 2010 : High Item Count in Critical Path Folder

There is a significant performance impact of high item count in critical path folder on any version of Exchange. The script below can be used to help identify users in your environment with 20,000 or more items in any folder you specify. Change the folder in red to modify the scope of the script.

{code lang:php showtitle:false lines:false hidden:false}$data = @()
foreach($mbx in get-mailboxdatabase | get-mailbox) {
$data += get-mailboxfolderstatistics -Identity $mbx.identity -FolderScope ‘Inbox’| Where {($_.ItemsInFolder -ge 20000)} | select @{n=”Username”;e={$mbx.displayName}},FolderPath,ItemsInFolder }
# $data | ft
$data | Sort ItemsInfolder -Descending | export-csv InboxOver20k.csv {/code}

Categories
Exchange Server 2010

Exchange 2010 : Find Users with iOS 4.0 Devices (User Agent 801.29)

Exchange 2010 : Find Users with iOS 4.0 Devices (User Agent 801.29)

The following Exchange Shell Script will identify all users that have an iOS 4.0 device – these should be upgraded to 4.01+ ASAP. Save the code below into a .ps1 file and execute.

Continue reading “Exchange 2010 : Find Users with iOS 4.0 Devices (User Agent 801.29)”
Categories
Windows 2008

Windows 2008 : Command Line Configure Network Adapters

Windows 2008 : Command Line Configure Network Adapters

Use the following commands to configure IPv4 settings for a NIC. 

First identify the NIC you wish to configure – obtain the Idx number of the NIC: netsh int ipv4 show int

Now set the IP address, subnet and gateway address: netsh int ipv4 set address 11 static 192.168.1.100 255.255.255.0 gateway=192.168.1.254

Now configure the primary DNS for the NIC: netsh int ipv4 set dnsserver 11 static 192.168.1.1

Finally, the secondary DNS for the NIC: netsh int ipv4 add dnsserver 11 192.168.1.2

Categories
Windows 2008

Windows 2008 : Command Prompt Rename COmputer

Windows 2008 : Command Prompt Rename Computer

Use the following command to rename you the computer you are currently logged on to:

netdom renamecomputer %computername% /newname:<newhostname>

Categories
Exchange Server 2010

Exchange 2010 : Mailbox Size Report

Exchange 2010 : Mailbox Size Report

The following script will report on all mailbox sizes, from largest to smallest and generate  CSV file in the directory from which it is executed.

{code lang:php title:”Mailbox Size Report” lines:false hidden:false}$data = @()
foreach($mbx in Get-MailboxDatabase | Get-Mailbox)
{
$dispname = $mbx.displayName
$data += Get-MailboxStatistics $mbx.identity | select @{n=”Username”;e={$mbx.displayName}},@{e={$_.TotalItemSize.Value.ToMB()};n=”TotalItemsSize(MB)”}
}
$data | sort-object “TotalItemsSize(MB)” –Descending | export-csv MailboxSizes.csv{/code}

 

Categories
Exchange Server 2010

Exchange 2010 : Deleted Items Retention Size Report

Exchange 2010 : Deleted Items Retention Size Report

The following script will generate a CSV file that reports on per-user Deleted Items Retention (Dumpster 2.0) sizes.

{code lang:php title:”Mailbox Deleted Items Retention Report” lines:false hidden:false}$data = @()
foreach($mbx in get-mailboxdatabase | get-mailbox)
{
$data += Get-MailboxStatistics $mbx.identity | Select @{n=”DisplayName”;e={$_.DisplayName}},@{e={$_.TotalDeletedItemSize.Value.ToMB()};n=”TotalDeletedItemsSize(MB)”},DeletedItemCount
}
$data | export-csv retention.csv{/code}

Categories
Exchange Server 2010

Exchange 2010 : Deleted Items Folder Size Report

Exchange 2010 : Deleted Items Folder Size Report

The following script can be used to report on user mailbox “Deleted Items” folder sizes (and sub folders). It will create a CSV file in the directory from which the script is executed.

{code lang:php title:”Mailbox Deleted Items Folder Size Report” lines:false hidden:false}$data = @()
foreach($mbx in Get-MailboxDatabase | Get-Mailbox)
{
$dispname = $mbx.displayName
$data += Get-MailboxFolderStatistics $mbx.identity -FolderScope ‘DeletedItems’ | select @{n=”Username”;e={$mbx.displayName}},FolderPath,ItemsInFolder,@{n=”FolderSize(MB)”;e={$_.folderSize.toMB()}}
}
$data | sort-object “FolderSize(MB)” –Descending | export-csv DeletedItemsFolders.csv{/code}

 

Categories
Exchange Server 2010

Exchange 2010 : Create a Message Send Size Limit For A Subset Of Users Within an Exchange Organisation

Exchange 2010 : Create a Message Send Size Limit For A Subset Of Users Within an Exchange Organisation

We recently encountered a requirement to limit a subset of users to a maximum send size without imposing this organisation wide – this was achieved this using a transport rule, the steps are outlined below.

  1. Create a Distribution Group that contains all your Exchange Users that you wish to limit email size for. For this example this group has an email address of [email protected].
  2. Create a new Dsn Error message: New-SystemMessage -DsnCode 5.7.50 -Language En -Internal $True -Text ‘Your message has not been sent as it exceeds the maximum allowed message size of 20MB. Please contact the helpdesk for support on 123 or click here to raise a support ticket <a href=”http://helpdesk/riaseticket.html”>Open Support Ticket</a>.’
  3. Next create a new transport rule (change the [email protected] email address to reflect the group created in step 1) : New-TransportRule “Block Internal Email over 50MB” -FromMemberOf “[email protected]” -attachmentSizeOver 50MB -RejectMessageEnhancedStatusCode “5.7.50” -RejectMessageReasonText “Your message has not been sent as it exceeds the maximum allowed message size.” -SentToScope “InOrganisation”
  4. Verify the priority of any other transport rules configured in your Exchange Organisation.
You can now test this by attempting to send an email over 20MB, it will be rejected as long as you are a member of this distribution group.
Categories
Windows 2008

PKI : Publishing CRL to an IIS Website Automatically

PKI : Publishing CRL to an IIS Website Automatically

This article covers the required steps for configuring an Issuing CA to publish its CRL automatically to an IIS Website that is accessible externally.

1.       Deploy an IIS Web Server to host the AIA and CDP;

a.       Create a file share ‘PKI’ with Modify Permissions for “Cert Publishers” and the AD DS Computer accounts of the Issuing CA’s deployed in step 3.

b.      Create a new Website in IIS, use the PKI share created above as the home directory. Use port 80 and a host header to differentiate the site.

c.       Via IIS Manager ‘Allow Double Escaping’ under the web site > Request Filtering > Edit Feature Settings (in action pane).

d.      Ideally, publish this website using TMG/ISA Server.

2.       Next deploy the issuing CA (if you already have then skip this step); this is the front-line of your PKI. When deploying a CA I’d suggest the following as good practice:

a.       Don’t forget to use the CAPolicy.inf file. This should be created in advance of installing the AD CS role. This will reduce the impact of deployment in any production environment, especially the “LoadDefaultTemplates=False” option which will ensure the CA cannot issue any certificates until you configure it to do so. An example CAPolicy.inf file is below:

[Version]
Signature="$Windows NT$"

[certsrv_server]
RenewalKey length =2048 
RenewalValidityPeriodUnits=6
RenewalValidityPeriod=years 
LoadDefaultTemplates=False 
CRLPeriodUnits=3
CRLPeriod=days
CRLDeltaPeriodUnits=12
CRLDeltaPeriod=hours
CRLOverlapPeriod=Hours
CRLOverlapUnits=8
CRLDeltaOverlapPeriod=Hours
CRLDeltaOverlapUnits=8

[PolicyStatementExtension]
Policies = AllIssuancePolicy
Critical = FALSE

[AllIssuancePolicy]
OID = 2.5.29.32.0

 

3.       Configure CDP / AIA settings on the new CA:

a.       CDP; Remove http and file locations already listed and then add the following MANUALLY (do not copy paste!):

·         file://\\ <IIS server>\PKI\cdp\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl

·         http://<external DNS name> /cdp/<CaNAme><CRLNameSuffix><DeltaCRLAllowed>.crl

·   File point s should be set to ONLY: Publish CRL’s to this location, Publish Delta CRL’s to this location

·   HTTP point should be set to ONLY: Include in CRLs, Include in the CDP extension of issued certificate

·   LDAP point should be set for all other than IDP

 

b.      AIA; Remove http and file locations already listed and then add the following MANUALLY (do not copy paste!):

·         file://<IIS Server>\PKI\aia\<ServerDNSName>_<CaName><CertificateName>.crt

·         http://<external DNS name>/aia/<ServerDNSName>_<CaName><CertificateName>.crt

·         File point should be set to NOT include in AIA extension

·         HTTP point should be set to include in AIA         

·         LDAP point should be set to include in AIA         

 

You’ll need to manually copy the CRT file across from C:\Windows\system32\certsrv\CertEnroll. Make sure you do this every time the certificate is renewed.