setup /PrepareAD
Creates MS Exchange Security Group in the Root Domain...and the OU contains below USGs:
Exchange Organization Administrators
Exchange Recipient Administrators
Exchange View-Only Administrators
Exchange Servers
Exchange Public Folder Administrators (new in Exchange 2007 Service Pack 1)
ExchangeLegacyInterop
This command configures global Exchange objects in Active Directory, creates the Exchange Universal Security Groups (USGs) in the root domain, sets permissions on the Exchange configuration objects, and prepares the current domain. The global objects reside under the Exchange organization container. If no Exchange organization container exists, you must specify an organization name by using the /OrganizationName parameter. The organization container will be created with the name that you specify.
This command creates the Unified Messaging Voice Originator contact in the Microsoft Exchange System Objects container of the root domain.
This command prepares the local domain for Exchange 2007.
To run this command, you must be a member of the Enterprise Admins group.
If you have Exchange Server 2003 servers in your organization, you must be an Exchange Full Administrator to run this command.
To verify that this step completed successfully, make sure that there is a new organizational unit (OU) in the root domain called Microsoft Exchange Security Groups. This OU should contain the following new Exchange USGs:
Exchange Organization Administrators
Exchange Recipient Administrators
Exchange View-Only Administrators
Exchange Servers
ExchangeLegacyInterop
PREPAREDOMAIN:
Sets permissions on the Domain container for the Exchange Servers, Exchange Organization Administrators, Authenticated Users, and Exchange Mailbox Administrators.
Creates the Microsoft Exchange System Objects container if it does not exist, and sets permissions on this container for the Exchange Servers, Exchange Organization Administrators, and Authenticated Users.
Creates a new domain global group in the current domain called Exchange Install Domain Servers. It also adds the Exchange Install Domain Servers group to the Exchange Servers USG in the root domain.
To verify that this step completed successfully, confirm that You have a new global group in the Microsoft Exchange System Objects container called Exchange Install Domain Servers.
Where to run prepareLegacy Again??
You have a domain that contains Exchange Server 2003 or Exchange 2000 Server servers, and you have not run DomainPrep
You add a new domain to your forest and you want to install Exchange Server 2003 or Exchange 2000 Server in this domain
In a new or existing domain, you mailbox-enable users who will log on to mailboxes on Exchange Server 2003 or Exchange 2000 Server servers in domains in which you have not run DomainPrep.
=========================
Provisioning a server allows Exchange to be installed later by using delegated setup. This procedure allows a delegated account to install single Exchange servers in your domain, without being a member of the Exchange Organization Administrators group.
You can use Setup.com /NewProvisionedServer
Saturday, July 24, 2010
Mailflow & Queues Troubleshooting
Submissions: Used by the categorizer to gather all messages that have to be resolved, routed, and processed by Transport agents.
Poison Message: The poison message queue is a special queue that is used to isolate messages that are detected to be potentially harmful to the Exchange 2007 system after a server failure.
Remote Delivery: Remote delivery queues hold messages that are being delivered to a remote server by using SMTP.
Mailbox Delivery: The mailbox delivery queues hold messages that are being delivered to a mailbox server by using encrypted Exchange RPC.
Unreachable Destination: Each transport server can have only one Unreachable queue. The Unreachable queue contains messages that cannot be routed to their destinations.
==============================
Troubleshooting Mail Flow Issues due to Mailbox Logon Failure:
Event ID 1009:The Microsoft Exchange Mail Submission service is currently unable to contact any Hub Transport servers in the local Active Directory site. The servers may be too busy to accept new connections at this time.
Reason: This issue occurs when the Microsoft Exchange Transport service is configured to log on using another account, instead of the Network Service account. For example, the Microsoft Exchange Transport service is configured to log on using the Administrator account.
=======================================================
Incoming Messages to Edge Server Fail with 550 5.7.1 NDR
This issue commonly occurs when the Edge Transport server role is deployed in a perimeter network configuration and the Internet Protocol (IP) address of the internal firewall is blocked by the Edge Transport server. This issue can also occur in a non-perimeter network scenario if one or more Hub Transport server IP addresses are blocked by the Edge Transport server.
Get-IPBlockListEntry
Start-EdgeSynchronization
Remove-IPBlockListEntry
=====================================================
You Cannot Send or Receive E-Mail Messages Behind a Cisco PIX Firewall:
The Exchange server is located behind a Cisco PIX firewall device that has the Mailguard feature enabled.
The Auth and Auth login Extended Simple Mail Transfer Protocol (ESMTP) commands are removed by the firewall.
=======================================================
NDR when sending email to Public Folders:
The access rights for the Anonymous account for that public folder have been set to None. To ensure that users can send e-mail to a mail-enabled public folder, the public folder must have at least the CreateItems access right granted to the Anonymous account.
=====================================================
Enable Pipeline Tracing in E2k7 for troubleshooting Transport Agent Problems
C:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\PipelineTracing is created.
Set-TransportServer -PipelineTracingSenderAddress
Pipeline tracing is a diagnostic feature in Microsoft Exchange Server 2007 that enables you to capture diagnostic information about e-mail messages as they encounter transport agents registered on Simple Mail Transfer Protocol (SMTP) events in the transport pipeline. Exchange captures verbose information about the changes that each transport agent applies to messages in the transport pipeline in message snapshot files. If transport rules are configured, Exchange Server also records any actions that each transport rule takes on these messages.
Poison Message: The poison message queue is a special queue that is used to isolate messages that are detected to be potentially harmful to the Exchange 2007 system after a server failure.
Remote Delivery: Remote delivery queues hold messages that are being delivered to a remote server by using SMTP.
Mailbox Delivery: The mailbox delivery queues hold messages that are being delivered to a mailbox server by using encrypted Exchange RPC.
Unreachable Destination: Each transport server can have only one Unreachable queue. The Unreachable queue contains messages that cannot be routed to their destinations.
==============================
Troubleshooting Mail Flow Issues due to Mailbox Logon Failure:
Event ID 1009:The Microsoft Exchange Mail Submission service is currently unable to contact any Hub Transport servers in the local Active Directory site. The servers may be too busy to accept new connections at this time.
Reason: This issue occurs when the Microsoft Exchange Transport service is configured to log on using another account, instead of the Network Service account. For example, the Microsoft Exchange Transport service is configured to log on using the Administrator account.
=======================================================
Incoming Messages to Edge Server Fail with 550 5.7.1 NDR
This issue commonly occurs when the Edge Transport server role is deployed in a perimeter network configuration and the Internet Protocol (IP) address of the internal firewall is blocked by the Edge Transport server. This issue can also occur in a non-perimeter network scenario if one or more Hub Transport server IP addresses are blocked by the Edge Transport server.
Get-IPBlockListEntry
Start-EdgeSynchronization
Remove-IPBlockListEntry
=====================================================
You Cannot Send or Receive E-Mail Messages Behind a Cisco PIX Firewall:
The Exchange server is located behind a Cisco PIX firewall device that has the Mailguard feature enabled.
The Auth and Auth login Extended Simple Mail Transfer Protocol (ESMTP) commands are removed by the firewall.
=======================================================
NDR when sending email to Public Folders:
The access rights for the Anonymous account for that public folder have been set to None. To ensure that users can send e-mail to a mail-enabled public folder, the public folder must have at least the CreateItems access right granted to the Anonymous account.
=====================================================
Enable Pipeline Tracing in E2k7 for troubleshooting Transport Agent Problems
C:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\PipelineTracing is created.
Set-TransportServer
Pipeline tracing is a diagnostic feature in Microsoft Exchange Server 2007 that enables you to capture diagnostic information about e-mail messages as they encounter transport agents registered on Simple Mail Transfer Protocol (SMTP) events in the transport pipeline. Exchange captures verbose information about the changes that each transport agent applies to messages in the transport pipeline in message snapshot files. If transport rules are configured, Exchange Server also records any actions that each transport rule takes on these messages.
Subscribe to:
Posts (Atom)
