Unable to issue Exchange certificate with Denied By Policy Module 0×80094801.

I was recently renewing an SSL certificate for Exchange services with an internal certificate authority, when issuing the certificate request the following error was received:

Denied By Policy Module 0×80094801, The Request does not contain a certificate template extension or the certificate template request attribute

In order to issue the certificate request I was required to invoke the certreq utility as below agaisnt the certificate request generated, in the below example this is named certrequest.req.

certreq -submit -attrib "CertificateTemplate:WebServer" certrequest.req
Advertisements

Preview recipients that are members of a dynamic distribution list

From the Exchange Management Console you may preview the recipients  returned from the recipient filter applied to the dynamic distribution group.

It is also possible to do this from the Exchange Management Shell by invoking the Get-Recipient cmdlet  agaisnt the recipient filter of the dynamic distribution group as below:

Get-Recipient -RecipientPreviewFilter (Get-DynamicDistributionGroup -Identity "<Dynamic Distrubution Group>").RecipientFilter | Select Name

For Example, to return the names of recipients that match the filter for the dynamic distribution group Sales:

Get-Recipient -RecipientPreviewFilter (Get-DynamicDistributionGroup -Identity "Sales").RecipientFilter | Select Name

Exchange 2010: Search-Mailbox fails with Event ID 3003

I was recently looking to perform a search of a mailbox containing keyword items, on performing this using the Search-Mailbox cmdlet, this would immediately fail with the following application error for the source MSExchange Mid-Tier Storage, with the  Event ID 3003:

Search 'SearchStatus\e21eb91d-050a-4a5d-be1f-a10349672425' has following error:
An error occurred when searching *****. The message is 'Try using fewer keywords at the same time, reducing the number of users in the From, To, Cc, and Bcc fields, and reducing the number of mailboxes that are searched at the same time. When you use wildcards, make search queries as specific as possible. For example, if the search query used short words with one or more wildcards (for example, pat*), a large number of words or phrases may be returned because all words that start with "pat" are searched. Search failed on mailbox '*****\*****\bd0b6335-1f83-42c9-9c2c-949092d6515e'.

My initial search filter was for a single mailbox with a single keyword, so this would not apply to using either fewer keywords of users!

I found an article on the how to rebuild the Full-Text Index Catalog at http://technet.microsoft.com/en-us/library/aa995966%28EXCHG.80%29.aspx.

By invoking the below, this allows you to rebuild the Full-Text Index Catalog Using the ResetSearchIndex.ps1 script, for all mailbox databases:

%ProgramFiles%\Microsoft\Exchange Server\v14\Scripts\ResetSearchIndex.ps1 -Force -All

Or to rebuild the Full-Text Index Catalog for a single mailbox database:

%ProgramFiles%\Microsoft\Exchange Server\v14\Scripts\ResetSearchIndex.ps1 -Force %Mailbox Database Name%

You may also perform this step manually, by stopping the Microsoft Exchange Search Service and deleting the full-text index catalog directory for the mailbox database.  You can determine the catalog directory for all mailbox databases by invoking the following:

%ProgramFiles%\Microsoft\Exchange Server\v14\Scripts\GetSearchIndexForDatabase -All

The Exchange Search Indexer will now create a new search index and perform a full crawl of the database, which will create an information message for the Event ID 109:

Exchange Search Indexer has created a new search index and will perform a full crawl for the Mailbox Database  ********** (GUID = d06d1893-f282-4443-a0f3-bedac80c7cd6). Reason for full crawl: Catalog doesn't exist.

On completion, this will create an information message with the Event ID 110, to which you should be allowed to run the Search-Mailbox cmdlet against multiple mailboxes and keywords

Exchange Search Indexer completed a full crawl (indexing) of Mailbox Database ********* (GUID = d06d1893-f282-4443-a0f3-bedac80c7cd6).

Unable to connect to a reconnected mailbox in Exchange

I recently reconnected a number of mailboxes in Microsoft Exchange 2010 Service Pack 3 and following Active Directory replication I was unable to connect to those mailboxes either with the Exchange Management Shell or OWA with the following error messages:

Couldn't connect to the source mailbox 
Your account is disabled

In order to resolve this issue, I had to run the Clean-MailboxDatabase cmdlet agaisnt the mailbox databases to update the status of those mailboxes.

Get-MailboxDatabase | Clean-MailboxDatabase

Retrieve all mailboxes where forwarding address is enabled

I was recently looking at retrieving all mailboxes where the forwarding address was enabled as part of the delivery options and to return the mailbox name, forwarding address and if the option to deliver message to both the forwarding address and mailbox is enabled and export this information to an output file.

I was able to do this by running the below in the Microsoft Exchange Management Shell:, by retrieving all mailboxes where the object ‘ForwardingAddress’ is not equal to null and by selecting the Name, ForwardingAddress and DeliverToMailboxAndForward objects and exporting to a CSV file.

Get-Mailbox | Where-Object {$_.ForwardingAddress -ne $null} | Select Name, ForwardingAddress, DeliverToMailboxAndForward | Export-CSV D:\Output\ForwardingAddresses.csv -NoTypeInformation

Using a Content Filter in Mailbox Export Requests

I recently wrote about performing a bulk export of mailboxes to PST from a collection (https://deangrant.wordpress.com/2013/10/08/bulk-export-of-exchange-mailboxes-from-a-collection/), in this script the entire contents of the mailbox was exported.

However, in instances where you only require to export a particular date range, you can use the Content Filter switch as part of the New-MailboxExportRequest cmdlet in Microsoft Exchange.

For Example, if I was looking to export mail items for the previous calendar month, I could run the following:

New-MailboxExportRequest -Mailbox <Mailbox Name> -ContentFilter {(Received -le '30/09/2013') -and (Received -ge '01/09/2013')} -FilePath \\Server\Share\Mailbox.pst

This would export all mail items which are greater than or equal to 01/09/2013 and less than or equal to 30/09/2013.

This can be particular useful, if performing a large mailbox export where the approach could be to perform an initial export of all the data and then run incremental style exports by using the content filter.

Bulk Disable Mailboxes in Exchange 2010

In a recent post, I wrote about performing a bulk export of mailboxes from a collection (https://deangrant.wordpress.com/2013/10/08/bulk-export-of-exchange-mailboxes-from-a-collection/), now that I have performed the bulk export I am looking to disable to the mailboxes using the same collection list.

I will load the collection of mailboxes from a CSV file using the get-content cmdlet to get the content of the file (\\Server\Share\Mailboxes.csv) which contains the alias name of the mailbox.

$Mailboxes = Get-Content "\\Server\Share\Mailboxes.csv"

Now that we have loaded a collection of mailboxes, we will run a script block to disable each mailbox.

ForEach ($Mailbox in $Mailboxes)
{ 
Disable-Mailbox -Identity $Mailbox -Confirm:$false
}