Sunday, December 20, 2009

Exchange 2010 Migration - Part 6

To uninstall the existing Exchange 2007 mailbox role, the public folder database of it has to be removed

Part 6 - Exchange 2007 Public Folder Removal

1 x Exchange 2007 SP2 (Mailbox)
1 x Exchange 2010 (CAS, Hub and UM)
1 x Exchange 2010 (Mailbox)

Move all the replica from the 2007 to 2010. From the Mailbox server of 2007, run this command:

[PS] MoveAllReplicas.ps1 -server -NewServer

Then try to remove the Public Folder database from the Exchange 2007. You might get the following error:

Object is read only because it was created by a future version of Exchange ...

If you do, you need to run the following PS from the Exchange 2010:

[PS] C:\>Remove-PublicFolderDatabase -Identity "\Second Storage Group\Public Folder Database"

If the removal is done, you can start deleting the Storage Group and uninstall the Exchange 2007 Mailbox role

Thursday, December 17, 2009

Exchange 2010 Migration - Part 5

Exchange 2010 has a built in support for MWI and I am using a Cisco Phone which has MWI feature

Part 5 - Exchange 2010 MWI (Message Waiting Indicator)

Existing Environment:
1 x Exchange 2007 SP2 (Mailbox)
1 x Exchange 2010 (CAS, Hub and UM)
1 x Exchange 2010 (Mailbox)

If you do not enable the MWI of your SIP trunk between your Exchange UM and CUCM, you will get this event log warning:

The Unified Messaging server failed to deliver the MWI notification '1/7 (unread/read)' for the UM-enabled mailbox '(3037b9d1-3554-45af-8a68-077e54104120)' associated with UM extension 'xxxxx'. Additional information: Microsoft.Exchange.UM.UMCommon.MwiNoTargetsAvailableException: There are no more targets available to send an MWI message for user .

To get it working, you need to do the following:
  • Login to CUCM, go to System - Security Profile - SIP Trunk Security Profile
  • Find the SIP Trunk Security Profile that is being used by the SIP trunk between Exchange UM and CUCM
  • Edit it and make sure the option Accept Unsolicited Notification is enable and reset the trunk

Exchange 2010 Migration - Part 4

Since my mailbox been migrated to the Exchange 2010 mailbox, I wasn't been able to receive my voicemail through my Outlook

Existing Environment:
1 x Exchange 2007 SP2 (Mailbox)
1 x Exchange 2010 (CAS, Hub and UM)
1 x Exchange 2010 (Mailbox)

Part 4 - UM and Hub Transport Issue

The following error occurred on my UM/Hub Transport server:

The Unified Messaging server failed to submit a message to Hub Transport server 'Hub01' due to the following error: Unexpected SMTP server response. Expected: 220, actual: 500, whole response: 500 5.3.3 Unrecognized command

According to some forums, this occurs because the communication between the UM and Hub Transport server is using TLS and I don't have a valid SSL certificate.

To fix this, either buy a valid certificate and assign it to the UM and SMTP service or do the following:
  • Find the Receive Connector (within Server Configuration - Hub Transport) that most likely to be used by the UM to communicate with the Hub Transport. Usually it will use the more specific network addresses from the network tab of its properties
  • On the Authentication tab, untick all TLS related options. Make sure Exchange Server authentication is selected
  • On the Permission Groups tab, make sure Exchange servers is selected
  • Restart Transport and UM Exchange services

Sunday, December 13, 2009

Exchange 2010 Migration - Part 3

Since my user account has been migrated to Exchange 2010, my iPhone ActiveSync is broken.

Existing Environment:
1 x Exchange 2007 SP2 (Mailbox)
1 x Exchange 2010 (CAS, Hub and UM)
1 x Exchange 2010 (Mailbox)

Part 3 - ActiveSync Issue

The following event log will be seen on the CAS server:

Exchange ActiveSync doesn't have sufficient permissions to create the "CN=User,OU=Users,DC=domain,DC=local" container under Active Directory user "Active Directory operation failed on dc.domain.local. This error is not retriable. Additional information: Access is denied.Active directory response: 00000005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0".Make sure the user has inherited permission granted to domain\Exchange Servers to allow List, Create child, Delete child of object type "msExchangeActiveSyncDevices" and doesn't have any deny permissions that block such operations.

It turns out that the AD user account is a member of the protective group (e.g. Domain Admins).
To fix this, remove the user from the protective group, go to the user's properties - security - Advanced and tick "Include inheritable permissions from this object's parent"

I had to remove my exchange account from my iPhone and re-add it back to make it work.

Tuesday, December 01, 2009

Exchange 2010 Migration - Part 2

Existing Environment:
1 x Exchange 2007 SP2 (CAS,Hub and UM)
1 x Exchange 2007 SP2 (Mailbox)
1 x Exchange 2010 (CAS, Hub and UM)
1 x Exchange 2010 (Mailbox)

Part 2 - Migrate Users

From Exchange Management Console - Add a local move request to move user mailbox

I have CUCM that was setup with SIP trunk to the 2007 UM, so I need to re-point it to the 2010 UM - Change CUCM SIP Trunk to 2010 UM's IP Address

Generate SSL Cert for 2010 CAS - Go to IIS 7 of the CAS and generate CSR. Replace the self-signed SSL cert with the new one

I am using ISA 2006 to publish Outlook Web App and ActiveSync - Change owa and ecp authentication to Basic. Do this from EMC - Server Configuration - Client Access

Change ISA OWA publishing rule to point to the new 2010 CAS
Change ISA OWA publishing rule to add /ecp/* to the paths of the publishing rule