New-ReceiveConnector fails

When creating a new Receive Connector on Exchange Server 2007 SP3 (Update Rollup 2) the creation failed with a non-retriabele error and a “the requested attribute does not exist” error:

Active Directory operation failed on DC02.labs.local. This error is not retriable. Additional information: The parameter is incorrect.
Active directory response: 00000057: LdapErr: DSID-0C090C3E, comment: Error in attribute conversion operation, data 0, v1db1
The requested attribute does not exist.
Exchange Management Shell command attempted:
new-ReceiveConnector -Name ‘Relay X2007SP3’ -Usage ‘Custom’ -Bindings ‘10.0.0.217:25’ -RemoteIPRanges ‘10.0.0.213-255.255.255.255’ -Server ‘X2007SP3’

According to this article on the Microsoft Exchange Team site more people are facing this issue (scroll through the comments). It looks like something specific to UR1 and UR2 for Exchange Server 2007 SP3: http://msexchangeteam.com/archive/2010/09/09/456198.aspx

Microsoft is aware of this issue and it is currently being investigated. It looks like the schema upgrade during SP3 is not performed properly sometimes, resulting in an incorrect schema for Service Pack 3. Unfortunately the setup application of SP3 continues, resulting in these kind of errors.

That being said, you can solve it by running the Exchange 2007 SP3 schema upgrade again:

Setup.com /PrepareSchema

After this creation of a new Receive Connector is successful.

When this issue is fully investigated by Microsoft and a solution is available an official Microsoft knowledgebase article will be available as well.

Change SMTP Header Information

Every message that is sent (over the Internet) has header information. This header contains all kinds of information regarding the message, where it comes from, sent to, time, message identifier etc. All mail servers use this information to process the messages.

But when you take a closer look you’ll see information in the header of a message about your internal network. For example, I’ve sent a message from my Hub Transport Server, throught my Edge Transport Server to an external recipient and this is what I seen in the header information: Continue reading Change SMTP Header Information

Custom Address List for Equipment Mailboxes

In Exchange 2010 there are multiple default address lists available, like All Users, All Groups, All Contacts, and there’s an All Rooms Address list for all Room Resource Mailboxes:

clip_image002[4]

When opening the All Rooms address list, you can see it uses a custom filter to get all the room mailboxes from the Exchange organization: Continue reading Custom Address List for Equipment Mailboxes

LUN Design and Hardware VSS

This posting is written by Michel de Rooij, thanks for posting it here as well…

I had a question why you need to design seperate LUNs for Exchange database and log files when using a hardware based Volume Shadow Copy Service (VSS) backup solution, as mentioned in this TechNet article: Understanding Exchange 2010 LUN architecture

To deploy a LUN architecture that only uses a single LUN per database, you must have a database availability group (DAG) that has two or more copies, and not be using a hardware-based Volume Shadow Copy Service (VSS) solution.”

The reason for this requirement is that hardware VSS solutions operate at the hardware level, i.e. the complete LUN. Therefor, if you put the Exchange database and log files on a single LUN, it will always create a snapshot of the whole LUN. This restricts your recovery options, since you can by definition only restore that complete LUN, overwriting log files created after taking the snapshot. So, changes (log files) made after the snapshot are lost and you have no point-in-time recovery options.

For example, with the database and log files on a single LUN, suppose you create a full backup on Saturday 6:00. Then, disaster strikes on Monday. By definition, you can now only restore the database and log files as they were on Saturday 6:00; log files which were created after Saturday 6:00 are lost.

With the database and log files on separate LUNs, you can restore the database LUN, which leaves the LUN with the log files intact. Then, after restoring the database, you can start replaying log files.

So, keep this in mind when planning your Exchange LUNs in conjunction with the backup solution to be used. Note that the Mailbox Role Calculator supports this decision by letting you specify Hardware or Software VSS Backup/Restore as the Backup Methodology to be used.

If you’re interested in more background information on how VSS works, I suggest you check out this TechNet article: Volume Shadow Copy Service

Configure Domain Controller in Exchange 2010

10 years ago it was a best practice to use an ’empty root’ Active Directory model. Lately I see this model quite often in Exchange 2003 environment that need to be upgraded to Exchange 2010.

A customer has an empty root AD with 2 domain controllers in this empty root. Outlook’s autodiscover sometimes returns one of these domain controllers, but in this specific scenario these domain controllers are behind a firewall. Therefore they cannot be used for authentication purposes by (desktop) clients.

Exchange has a service (MSExchange ADAccess) that uses the topology discover to retrieve a list of available domain controllers. You can check the properties of the Exchange Server in the Exchange Management Console or you can check the eventlog for Event ID 2080.

Log Name: Application

Source: MSExchange ADAccess

Date: 15-11-2010 12:46:57

Event ID: 2080

Task Category: Topology

Level: Information

Keywords: Classic

User: N/A

Computer: cashub01.infra.root.local

Description:

Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1576). Exchange Active Directory Provider has discovered the following servers with the following characteristics:

(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)

In-site:

AD001.root.local CD- 1 6 6 0 0 1 1 6 1

AD005.infra.root.local CD- 1 6 6 0 0 1 1 6 1

AD013.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD014.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD002.root.local CDG 1 7 7 1 0 1 1 7 1

AD004.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD006.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD003.infra.root.local CD- 1 6 6 0 0 1 1 6 1

Out-of-site:

To exclude a particular domain controller the Set-ExchangeServer cmdlet can be used in the Exchange Management Shell. In this example the AD001 domain controller is excluded for Exchange Server CASHUB01:

Set-ExchangeServer Identity “CASHUB01” –StaticExcludedDomainControllers AD001.root.local

Is is also possible to create a list of domain controllers and global catalog servers that are allowed by the Exchange Server:

Set-ExchangeServer Identity “CASHUB01” –StaticDomainControllers AD005.infra.root.local,AD003.infra.root.local

Set-ExchangeServer Identity “CASHUB01” –StaticGlobalCatalogs AD013.infra.root.local,AD014.infra.root.local

After configuring the Exchange Server you’ll see the results in the event log:

Log Name: Application

Source: MSExchange ADAccess

Date: 15-11-2010 22:05:18

Event ID: 2080

Task Category: Topology

Level: Information

Keywords: Classic

User: N/A

Computer: cashub01.infra.root.local

Description:

Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1576). Exchange Active Directory Provider has discovered the following servers with the following characteristics:

(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)

In-site:

AD001.root.local CD- 0 0 0 0 0 0 0 0 0

AD005.infra.root.local CD- 1 6 6 0 0 1 1 6 1

AD013.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD014.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD002.root.local CDG 0 0 0 1 0 0 0 0 0

AD004.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD006.infra.root.local CDG 1 7 7 1 0 1 1 7 1

AD003.infra.root.local CD- 1 6 6 0 0 1 1 6 1

Out-of-site:

Microsoft UC Specialist