Hi folks,
Today I got a weird issue that took me quite a long time to figure it out and I would like to share with you guys. Everything started when a brand new DAG was deployed and everything went just fine during the installation process however during the initial testing I noticed a RPC averaged latency performance counter really high.
In the figure below you can see how bad was it and I the server had just a few users that were part of my pre-pilot phase.
I’ve done a couple of tests, as follows:
- First, I ran the Get-MailboxDatabaseCopyStatus and everything was golden
- I moved the databases to a single node, and then noticed that the utilization kept the same
- I restarted the RPC Client access and the same issue were the performance counter didn’t change (expected)
- I restarted the Information Store and then the performance counter went to 0 but as soon as I moved any DB the number would increase again.
- I ran Test-ReplicationHealth and no issues at all
- I use PAL tool to analyse performance and the disks were just fine
- I ran netstat to see the connections and nothing was outstanding
- Exchange Best Practices Analyzer
In this environment that I was working they have a LTM (Local Traffic Manager) and then I noticed that I could access the Domain Controller (\\unc) however I couldn’t ping. I double check and there was a SNAT and a Virtual Server were in place, the missing piece was the ability to ping the Domain Controllers, so in a F5 we should go to System / Configuration / Local Traffic and change the default behaviour of the box to All traffic in the SNAT Packet Forwarding setting.
![image_thumb[1]](http://msmvps.com/cfs-file.ashx/__key/CommunityServer.Blogs.Components.WeblogFiles/andersonpatricio.metablogapi/2262.image_5F00_thumb1_5F00_thumb_5F00_0FF57427.png "image_thumb[1]")
After performing that change I moved the databases around and the RPC averaged latency came back to 0 
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Hi folks,
If you are using a load balancer and your design decision was to use Kerberos instead of NTLM for the CAS Array and you are a couple of good reasons for that you may want also to create a procedure to change the password for the Computer and then update the Client Access Server that use that account.
During the deployment probably you used a script like this one to set the password, right?
RollAlternateServiceAccountPassword.ps1 –ToArrayMembers ArrayName.domain.local –GenerateNewPasswordFor domain.fqdn\ASAAccount$
If you want to change that password every month for example we can run the following cmdlet:
RollAlternateServiceAccountPassword.ps1 -CreateScheduledTask "Exchange-ASA" –ToArrayMembers ArrayName.domain.local –GenerateNewPasswordFor domain.fqdn\ASAAccount$
The result of the cmdlet above is a creation of a new .cmd script file will be created on the Scripts folder and the name will be based on the parameter –CreateScheduleTask.
Another change introduced by the previous cmdlet is a new task entry on the server. I would recommend for the sake of simplicity and security to perform a couple of changes..
- First is to change the schedule to run in a monthly basis and we can select every first Sunday of the month and schedule the time for something like 1AM
- Second is to change the security options and use a specific account just for that task. This account must be member of the Exchange Organization group.
Now, we can run the task to make sure that everything works properly and in order to help the troubleshooting process, we can always check the results of the operation on the folder RollAlternateServiceAccountPassword that can be found on X:\Exchange-Installation-Folder\V14\Logging
For each run of the script a couple of log files will be generated and they will help you to identify what is going on in the process.
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Technorati Tags: Kerberos,Alternate,Service,Account,Load,Balance,NTLM,Exchange,Server
Windows Live Tags: Kerberos,Alternate,Service,Account,Load,Balance,NTLM,Exchange,Server
WordPress Tags: Kerberos,Alternate,Service,Account,Load,Balance,NTLM,Exchange,Server
Hi folks,
In Today’s post we are going over the process to allow a user to send message as a Distribution Group in Exchange Server 2010.
The first step is to find out which group we will be assigning the permission and it can be easily done through Get-DistributionGroup name* and using wildcard it’s easy to narrow down the results to get just the name that we are looking for.
Now, that we have the name we just need to assign the permission using the following cmdlet
Add-ADPermission<Group-Name> -ExtendedRights Send-as –User “DOMAIN\Username”
Time to do some testing.. Let’s open a new session in Outlook Web App and then create a new message, let’s click on Options and select the option Show From
Now we will have the From field available on the new message, click on it, and click on Other e-mail address.
In the new page select the group that we have just assigned the permission and click okay, in the new message page the results will be similar to the one shown below.
The results for the end-user can be seen on the figure below, where the user who received the message has the information that the message was sent by the group.
If you are using Outlook for testing, don’t worry, just click on Options and them select From button and you will be able to do the same testing.
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Technorati Tags: Send as,permission,Distribution,Group,Exchange,DistributionGroup,ADPermission,ExtendedRights,Outlook,Options,From
Windows Live Tags: Send as,permission,Distribution,Group,Exchange,DistributionGroup,ADPermission,ExtendedRights,Outlook,Options,From
WordPress Tags: Send as,permission,Distribution,Group,Exchange,DistributionGroup,ADPermission,ExtendedRights,Outlook,Options,From
Hello Folks,
Exchange Team released a new set of Rollup Updates for Exchange Server 2010 and 2007, as follows:
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Technorati Tags: Exchange,Server,Rollup,Updates,Hello,Folks,Team,Update,Service,Pack,Cheers,Anderson,Patricio,Portuguese,Twitter,andersonpatricio Windows Live Tags: Exchange,Server,Rollup,Updates,Hello,Folks,Team,Update,Service,Pack,Cheers,Anderson,Patricio,Portuguese,Twitter,andersonpatricio WordPress Tags: Exchange,Server,Rollup,Updates,Hello,Folks,Team,Update,Service,Pack,Cheers,Anderson,Patricio,Portuguese,Twitter,andersonpatricio
Hi folks,
In this post we are going over a couple of points that you should be aware when using extensions with Lync and I hope it can help you to solve some incoming calls issues when using Lync and extensions at user level when using a Media Gateway.
Lync and E.164 recomendation…
Microsoft recommendation is to use E.164 when assigning numbers on Lync which means a regular phone in Toronto 416-333-6666 would be something like tel:+14163336666 using E.164.
We can also take advantage of extensions using a single main number to all users and that can be done easily by adding ;ext=XXXX extensions where XXXX is your 4 digit extension and you can use as low as 1 digit if you want to. So an E.164 using extensions (in my case my extension will be 1234) would be like this:
tel:+14163336666;ext=1234
Just to make sure that we are on the same page, the string above you are going to configure in the user’s properties as shown in the figure below.
Scenario and the issue
Let’s say that we have a scenario where the PBX and Lync have a media gateway in the middle and in this scenario let’s say that is an AudioCodes.
Let’s also say that your audiocodes is passing the phone number with + and the full number +14163336661234 and if you look at the logs on the Lync Server the error message is that the user can’t be found which is totally true and there is nothing wrong there. We need to adjust the gateway and Lync to understand each other.
The issue here is that the gateway is sending the number with + and when Lync sees the magical +, then Lync assumes that is normalized and try to find the user right away and then you have the error on the logs and call is not completed. Usually is almost right away.
There are a few workarounds for that but since in our scenario we have a Audiocodes/MediaGateway an easy fix is to make sure that we remove the + when sending to Lync, this way the information sent would be something like 141633366661234 which has the 11 digits for the number and extra 4 for normalization.
Now the responsibility of this relationship is on Lync’s turf and what we have to do is to create a normalization rule, before getting there let’s do a recap what we have right now:
Coming from AudioCodes: 141633366661234
My user’s attribute: tel:+14163336666;ext=1234
Okay now we have an idea what we should do, first of all we need to add the +, also the first 11 numbers are going to be static since we have extensions for all users using the main phone number. The second step is to use the 4 digits extension and add the ;ext=1234 at the end of the static number.
Let’s open Lync Server Control Panel, click on Voice Routing, double click on the desired Dial Plan and click New on the the Associated Normalization Rules. In the new page, define a name and click on Edit button. You can use the syntax below to adapt to your environment.
Just in case type in the format that is coming from the MediaGateway on the Dialed number to test and make sure that the Lync expected format is being displayed.
Make a call from your PBX and if everything is fine your Lync client should be ringing right now.
Note: When using extensions make sure that the assigned main number is always used with extension. For example: don’t use +14163336666;ext=1234 for an user and then try to use +14163336666 for the UM or something like that. There are different ways and configuring the main number to route to a specific location at media gateway may be a good solution. I will cover this in a future post.
Troubleshooting Tips..
If you are not sure if the issue is the extension there is a really easy way to test it. Just assign a whole new E.164 number to an user in Lync and then test the call from your PBX through the media gateway, if that rings you are golden and it most likely that the problem is at the extension level.
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Hi Folks,
In some cases the administrator may want to delete content of a mailbox located in Exchange Server 2010. The first step is to create the search query that you want to use and you can use your own Outlook to get the string right. In the following example we are making sure that any message sent or received prior to 01-January-2012 and if the results are the expected you can save the query.
The second step is to use the Search-Mailbox and use the string that we tested above with the –SearchQuery attribute and –DeleteContent. The syntax is described below and also the cmdlet in action is shown in the figure below.
Search-mailbox –Identity <Mailbox> -SearchQuery "received:<01/01/2012 and sent:<01/01/2012" –DeleteContent
Note: If the Search-Mailbox is not available for your current user. Please, logged as Organization Management member run the following cmdlet New-ManagementRoleAssignment –Role “Mailbox Import Export” –User <Mailbox> and then close the Exchange Management Shell and open it again.
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Hi Folks,
Last week I blogged here about PowerShell v3 and a new feature that is going to do the content of topic automatically however if you don’t have Windows 8/PowerShell 3 and you want to configure a script that you created to run on Windows Server 2008 R2 these following steps can be used:
If your script is not digitally signed, you can run the Set-ExecutionPolicy –ExecutionPolicy Unrestricted as shown in the figure below.
Now, it’s time to create a new Windows Task and what really matters for us is the Start a Program section, and these following values must be entered:
- Program/Script field:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Add arguments (optional) field
-NoLogo -NonInteractive -File C:\path\yourscript.ps1
All pieces together are shown in the picture below.
That’s all my friends, from now your PowerShell scripts will work just fine. I do recommend to do a test and depending of the script you may want to configure a specific account to run on the Task and also to configure the script to
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Hi folks,
The MSExchange Team created a two article blog series about CAS Array object in Exchange Server 2010, as follows:
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Hi folks,
Windows 8 is coming with tons of new features however one of the most anticipated is the HVR which is key for the private cloud. In the following post the Hyper-v team shed some light on the topic and also some links to understand better the new feature.
Hyper-V Replica (HVR) is a new feature in Windows Server “8” Beta that provides asynchronous replication of Hyper-V virtual machines for BCDR (Business Continuity and Disaster Recovery) scenarios.
Watch this space for in depth blogs from the Hyper-V Replica team on how-to’s, tips & tricks, sample PS cmdlets, commentary on some of the engineering decisions (eg: why do we support server names in the product and not IP addresses, why did we design resync and scenarios where it would be used).
To know more about HVR, see Understand and Troubleshoot Hyper-V Replica. A quick summary which demonstrates the feature capabilities is available here.
Read more at source: http://blogs.technet.com/b/virtualization/archive/2012/03/09/windows-server-8-beta-hyper-v-replica.aspx
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Hi folks,
Do you have problems understanding Licensing? If yes, you are not alone however this post will help you out to better understand your options with new Microsoft Technologies, such as: Office 365, Azure, CRM online and so forth.
You may want to review this blog post that lays out licensing basics for any organization that needs to license software for more than 5 or less than 250 devices or users. It details the different ways you can buy a license and what choices are available for volume licensing, which can give you pricing advantages and provide flexible options for your business.
As technology evolves and more organizations move to online services such as Microsoft Office 365, Microsoft Dynamics CRM Online, Windows Azure Platform, Windows Intune and others, it’s important to understand how to purchase, activate and use online service subscriptions to get the most out of your investment. Once purchased through a volume licensing agreement or the Microsoft Online Subscription Program, these services can be managed through web portals:
Licensing Resources:
Additional Resources You May Find Useful:
- TechNet Evaluation Center
Try some of our latest Microsoft products For free, Like System Center 2012 Pre-Release Products, and evaluate them before you buy. - Springboard Series
Your destination for technical resources, free tools and expert guidance to ease the deployment and management of your Windows-based client infrastructure. - AlignIT Manager Tech Talk Series
A monthly streamed video series with a range of topics for both infrastructure and development managers. Ask questions and participate real-time or watch the on-demand recording.
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Hi Folks,
The PowerShell team explains a nice new feature of PowerShell 3.0 which allows the management of Jobs using PowerShell.
One of the most common phone calls that the support team gets for Windows PowerShell is "How do I use Task Scheduler to schedule Windows PowerShell scripts?". As an administrator, you need to have full control over when scripts run in your environment. Perhaps you need run a script only during a one-off maintenance window or maybe you want to schedule some routine maintenance on a server so that it runs at non-peak times. Although it was possible to use Task Scheduler to invoke scripts in Windows PowerShell 2.0, it was not trivial. What's more, you were responsible for writing code to store the detailed results of your script if you wanted to view them later.
Read more at source: http://blogs.msdn.com/b/powershell/archive/2012/03/19/scheduling-background-jobs-in-windows-powershell-3-0.aspx
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Provides a visual reference for understanding key Hyper-V technologies in Windows Server “8” Beta and focuses on Hyper-V Replica, networking, virtual machine mobility (live migration), storage, failover clustering, and scalability.
Download it from here: http://www.microsoft.com/download/en/details.aspx?id=29189
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Hi folks,
I would like to share with you guys a really nice summary about Cloud Computing using Microsoft Technologies. Enjoy it!
Public Cloud computing means that the infrastructure to run and manage the applications users are taking advantage of is run by someone else and not you. In other words, you do not buy the hardware or software to run your email or other services being used in your organization – that is done by someone else. Users simply connect to these services from their computers and you pay a monthly subscription fee for each user that is taking advantage of the service. Examples of Public Cloud services include Office 365, Windows Intune, Microsoft Dynamics CRM Online, Hotmail, and others.
Private Cloud computing generally means that the hardware and software to run services used by your organization is run on your premises, with the ability for business groups to self-provision the services they need based on rules established by the IT department. Generally, Private Cloud implementations today are found in larger organizations but they are also viable for small and medium-sized businesses since they generally allow an automation of services and reduction in IT workloads when properly implemented. Having the right management tools, like System Center 2012, to implement and operate Private Cloud is important in order to be successful.
So – how do you get started? The first step is to determine what makes the most sense to your organization. The nice thing is that you do not need to pick Public or Private Cloud – you can use elements of both where it makes sense for your business – the choice is yours. When you are ready to try and purchase Public Cloud technologies, the Microsoft Volume Licensing web site is a good place to find links to each of the online services. In particular, if you are interested in a trial for each service, you can visit the following pages: Office 365, CRM Online, Windows Intune, and Windows Azure.
For Private Cloud technologies, start with some of the courses on Microsoft Virtual Academy and then download and install the Microsoft Private Cloud technologies including Windows Server 2008 R2 Hyper-V and System Center 2012 in your own environment and take it for a spin. Also, keep up to date with the Canadian IT Pro blog to learn about events Microsoft is delivering such as the IT Virtualization Boot Camps and more to get you started with these technologies hands on.
Finally, I want to ask for your help to allow the team at Microsoft to continue to provide you what you need. Twice a year through something we call "The Global Relationship Study" – they reach out and contact you to see how they're doing and what Microsoft could do better. If you get an email from "Microsoft Feedback" with the subject line "Help Microsoft Focus on Customers and Partners" between March 5th and April 13th, please take a little time to tell them what you think
Cloud Computing Resources:
Additional Resources You May Find Useful:
- Springboard Series
Your destination for technical resources, free tools and expert guidance to ease the deployment and management of your Windows-based client infrastructure. - TechNet Evaluation Center
Try some of our latest Microsoft products for free, Like System Center 2012 Pre-Release Products, and evaluate them before you buy. - AlignIT Manager Tech Talk Series
A monthly streamed video series with a range of topics for both infrastructure and development managers. Ask questions and participate real-time or watch the on-demand recording. - Tech·Days Online
Discover what's next in technology and innovation with Tech·Days session recordings, hands-on labs and Tech·Days TV.
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Wanted to write a quick post about a tool that can help you find and catalogue various PowerShell scripts that are scattered on various online communities or – possibly – your internal company network shares.
The tool is called Microsoft Script Explorer for Windows PowerShell and has entered the public Beta 1 stage now.
Read more at source: http://blogs.technet.com/b/exchange/archive/2012/03/14/check-out-microsoft-script-explorer-for-windows-powershell-pre-release.aspx
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
Hi Folks,
In some organizations where the Active Directory domain is different from the public name, such as apatricio.local (Active Directory FQDN) and the external SMTP address is andersonpatricio.ca. Some organizations may want to authenticate users using user@domain.com format instead of DOMAIN\username or just username and that can be easily done using additional UPNs.
The entire process can be divided in a couple of tasks, such as manage UPN, manage the user and then finally configure Outlook Web App.
Managing UPN on Active Directory
First thing to do is to add the desired UPN to the Active Directory and that can be done using Active Directory Domain and Trusts. Let’s right-click on the first item and then Properties.
There is a single tab, let’s add our domain to the list, in our case andersonpatricio.ca and let’s click on Add and then Apply and Ok.
Note: Depending of your Active Directory size and replication topology it may take some time to replicate the information.
Managing the UPN at mailbox/user level
Our next step is to get properties of a mailbox using Exchange Management Console, and on Account tab we have a second option for user logon name (User Principal Name) field, let’s select our new domain (andersonpatricio.ca) and let’s click on Apply.
Managing Outlook Web App..
Time to configure Authentication at Outlook Web App level (open Exchange Management Console / Server Configuration / Client Access and then Outlook Web App) and ask Properties of the Outlook Web App and then let’s go to Authentication tab and let’s change it to user principal name (UPN) and let’s click on Apply and Ok in the new dialog box that will show up.
Final task is to run IISReset /noforce in the command prompt to refresh the settings.
Testing..
It’s time for testing! open Outlook Web app and type in the UPN and password and voilà the mailbox will be opened.
Note: You can also test that now you can’t use the regular username to authenticate.
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca (English)
Twitter: @apatricio
Facebook: http://facebook.com/AndersonPatricioCA
Hi folks,
Virtualization is a reality in the vast majority of the companies and in case you are using VMWare and you are trying to find a good reason to explain the change to your boss about the benefits of using Microsoft Virtualization, this post can be useful 
Microsoft released a document comparing VMWare vSphere 5 and Windows Server 2008 R2 however the Windows 8 (beta) just released will bring tons of new features for Microsoft customer.
Here is the PDF http://download.microsoft.com/download/E/F/A/EFA7E5D1-C8F9-40EA-8296-896CD42C1A20/Top_5_Reasons_to_choose_Microsoft_Hyper-V_R2_SP1_over_VMware_vSphere%205.pdf
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Hi folks,
If you are trying to convince your boss how the bandwidth benefits of moving those remote users to OWA specially in Exchange Server 2010 the Exchange Client Network Bandwidth calculator is your tool, in this release the team added support to Office 365 and they also said that next release will have support for Outlook 2011 for Mac.
Check it out some of the new features of this new release (Beta2) that I copied from the original post:
- Corrected Outlook 2003 network latency requirements
- Provided some Office 365 context help
- Added Office 365 icon against recommended Office 365 clients
- If Office 365 is selected on the input page
- Availability protocol is highlighted if configured incorrectly for Office 365
- OWA 2007 removed from client list
- Outlook 2003 removed from client list
- Non-Outlook Anywhere clients removed from list
Check the tool out: http://blogs.technet.com/b/exchange/archive/2012/03/09/exchange-client-network-bandwidth-calculator-beta2.aspx
Cheers,
Anderson Patricio http://www.andersonpatricio.ca http://www.andersonpatricio.org (Portuguese)
Twitter:
@apatricio
MSExchangeTeam announced Log Parser Studio (LPS) which helps a lot using a great user interface which helps a lot.
Anyone who regularly uses Log Parser 2.2 knows just how useful and powerful it can be for obtaining valuable information from IIS (Internet Information Server) and other logs. In addition, adding the power of SQL allows explicit searching of gigabytes of logs returning only the data that is needed while filtering out the noise. The only thing missing is a great graphical user interface (GUI) to function as a front-end to Log Parser and a ‘Query Library’ in order to manage all those great queries and scripts that one builds up over time.
Log Parser Studio was created to fulfill this need; by allowing those who use Log Parser 2.2 (and even those who don’t due to lack of an interface) to work faster and more efficiently to get to the data they need with less “fiddling” with scripts and folders full of queries.
With Log Parser Studio (LPS for short) we can house all of our queries in a central location. We can edit and create new queries in the ‘Query Editor’ and save them for later. We can search for queries using free text search as well as export and import both libraries and queries in different formats allowing for easy collaboration as well as storing multiple types of separate libraries for different protocols.
Read more at source: http://blogs.technet.com/b/exchange/archive/2012/03/07/introducing-log-parser-studio.aspx
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
Hi folks,
Nowadays, a lot of companies are looking at VDI as a solution and the collaboration where Lync plays a main role in this subject must be validated. This video can shed some light on the topics and the capabilities available with Citirx and Microsoft.
http://www.youtube.com/watch?v=OX3ERi0tNFY&feature=player_embedded#!
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca (English)
Twitter: @apatricio
Facebook: http://facebook.com/APatricioCA
Hi folks,
MSExchange Team blogged Today about OCAT (Outlook Configuration Analyzer Tool) the introduction and the link to continue reading can be found below.
OCAT was developed by two Microsoft support engineers with over 30 years of combined experience in Outlook, Exchange and Office support. Based on their support experience, they compiled a set of detection rules that look for Outlook configurations that have historically been potential sources of problems in Outlook. The tool looks and feels like Microsoft Exchange Best Practices Analyzer (ExBPA) - the same infrastructure used by ExBPA was chosen for the development and final implementation of OCAT.
Read more at source: http://blogs.technet.com/b/exchange/archive/2012/03/05/released-outlook-configuration-analyzer-tool-ocat.aspx
Cheers,
Anderson Patricio
http://www.andersonpatricio.ca
http://www.andersonpatricio.org (Portuguese)
Twitter: @apatricio
More Posts
Next page »