Tag Archives: Exchange 2013


A blue screen on your Windows box, is there anyone that has never seen it? One place you don’t want to see this is on your Exchange server.

While upgrading 3 Exchange 2013 CU12 servers for a customer to Exchange 2013 CU15 I experienced a blue screen while updating the UM components, resulting in the following screen:


A quick search on Google (search on “swin1.sys”) revealed that McAfee was the culprit. I’m not a fan of installing (file level) anti-virus software on an Exchange server, and IMHO it’s not needed when you have a properly secured environment.

I was successful installing CU15 on the Edge Transport servers earlier, but it turned out that these servers were not running McAfee software.

Uninstalling the McAfee agent is not a big deal, just a matter of deselecting the server in the EPO console. The McAfee Solidifier didn’t want to uninstall, not via the EPO console nor via Add/Remove Programs.

According to the McAfee knowledgebase article KB75902 you can uninstall this software using a command line with the following commands:

sc stop scsrvc
sc delete scsrvc
sc delete swin
"\Program Files (x86)\McAfee\Common Framework\Mctray.exe" unloadplugin=scormcpl.dll
del /Q "C:\WINDOWS\system32\drivers\swin.sys"
rmdir /S /Q C:\Solidcore
rmdir /S /Q "C:\Program Files\McAfee\Solidcore"
rmdir /S /Q "C:\ProgramData\McAfee\Solidcore"
reg delete "HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Application Plugins\SOLIDCOR5000_WIN" /f
reg delete "HKLM\SOFTWARE\Classes\Installer\Features\4E9BD2348836F234A9BD168E87F25439" /f
reg delete "HKLM\SOFTWARE\Classes\Installer\Products\4E9BD2348836F234A9BD168E87F25439" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{432DB9E4-6388-432F-9ADB-61E8782F4593}" /f

After running these commands and a reboot I was able to finalize the installation of Exchange 2013 CU15.

Updated Exchange Server Role Requirements Calculator

The Exchange Server Role Requirements Calculator which you need for designing a proper Exchange 2013 or Exchange 2016 on-premises environment has been updates, currently the calculator is at version 8.4.

Some new functionality is added to this version:

  • Added support for ReplayLagMaxDelay
  • Added support for SafetyNetHoldTime in CreateDAG.ps1

And seven bug fixes in this version:

  • Improved the DAG auto-calculation results display to highlight deployment configuration in both datacenters
  • Fixed an issue that prevented DAG auto-calculation in single site DAG deployments
  • Fixed a SPECInt2006 validation issue with DAG auto-calculation
  • Fixed a bug with the DAG auto-calculation with Active/Passive deployments
  • Fixed conditional formatting issues with the transaction log table
  • Removed data validation from certain unused cells on the Input tab
  • Fixed bug in calcNumActiveDBsSF formula

The requirements calculator can be downloaded here: https://gallery.technet.microsoft.com/Exchange-2013-Server-Role-f8a61780

More information:

POP3, IMAP4, Get-Service and Startup Type

When installing lots of Exchange servers, automation with PowerShell scripting can be very useful. This will ensure you get a consistent platform, and it reduces the chance of errors and misconfiguration.

For a customer I had to deploy 38 Exchange 2013 servers, and they were using POP3 and IMAP4 as well, so these services need to be installed on all Exchange 2013 servers.

By default, POP3 and IMAP4 are not running on an Exchange 2013 server, and the service Startup Type is set to Manual.

You can change the startup type to automatic using the Services MMC snap-in, but for 38 Exchange 2013 servers this isn’t funny anymore.

You can use the Get-Service cmdlet in Windows to retrieve information regarding Windows services, for example:

Get-Service –ServiceName MSExchangePOP3

Or add the Format-List option to get more detailed information:


You can use the –ComputerName option to retrieve similar information from another server:


There’s all kind of interesting information here, but the most important thing, the Startup Type information is missing here.

To retrieve the Startup Type information you can use the Get-WmiObjectcmdlet and filter on the service name, for example:

Get-WmiObject -Class Win32_Service -Property StartMode -Filter "Name='MSExchangePOP3'"

Please note the single and double quotes in the Filter option!


Again, you can use the –ComputerName option to retrieve this information from another server.


Note. On an Exchange 2013 (and Exchange 2016) server POP3 and IMAP4 are actually two services. There’s the CAS component (MSExchangePOP3) and the Mailbox server component (MSExchangePOP3BE). These services need to changed independently. The same is true for the IMAP4 service.

You can write a small script to create an overview of all Exchange servers with the Startup Type of all POP3 service, this will look something like:

$Servers = Get-ExchangeServer
ForEach ($Server in $Servers){
$Computer = $Server.Name
$Object = Get-WmiObject –Class Win32_Service –Property StartMode –Filter “Name=’MSExchangePOP3’”
Write-Host $Computer,$Object.StartMode

You can change the Startup Type of the POP3 service using the Set-Service command:

Set-Service –ServiceName MSExchangePOP3 –StartupType Automatic

And you can use the-ComputerName to change the Startup Type of a service running on another Server:

Set-Service –ServiceName MSExchangePOP3 –StartupType Automatic –ComputerName EXCH02

More information:

Use PowerShell to Find Non-Starting Automatic Services – https://blogs.technet.microsoft.com/heyscriptingguy/2012/12/18/use-powershell-to-find-non-starting-automatic-services/

Get-Service – https://technet.microsoft.com/en-us/library/hh849804.aspx

Set-Service – https://technet.microsoft.com/en-us/library/hh849849.aspx

Exchange 2013 Cumulative Update 11 – Install it or not?

On December 15, 2015 Microsoft has released Cumulative Update 11 (CU11) for Exchange Server 2013. Okay, I’m a little late with this one, but I wanted to wait some time to see what would happen with this CU….

Note. You can download Exchange 2013 CU11 at https://www.microsoft.com/en-us/download/details.aspx?id=50366, the accompanying UM Language Pack files can be downloaded from https://www.microsoft.com/en-us/download/details.aspx?id=50365 and this is the office Microsoft announcement: https://support.microsoft.com/en-us/kb/3099522. But please, read on before starting to download and install Exchange 2013 CU11.

Now, about this CU….. Microsoft introduced a new feature in CU11 called Mailbox Anchoring. This means that an Exchange Management Shell will no longer connect to the Exchange 2013 server you’re logged on to, but it will be proxied to the Exchange server hosting your current Mailbox. This can be challenging in a mixed environment.

Continue reading Exchange 2013 Cumulative Update 11 – Install it or not?

Autodiscover in a hybrid scenario

In the previous articles I showed you how to implement DirSync, create an Exchange hybrid environment with a migration endpoint and how to migrate Mailboxes from Exchange on-premises to Exchange Online. Not a single word on autodiscover though, and even when autodiscover is pointing to your on-premises Exchange environment, it continues to work for Mailboxes that have been migrated to Exchange Online. This is one of the advantages of an Exchange hybrid scenario.

This is what happens: when you move a Mailbox from Exchange on-premises to Exchange Online, the Mailbox on-premises is converted to a Mail-Enabled User (Remote Mailbox) and a target address is set to Exchange Online (i.e. user@tenantname.mail.onmicrosoft.com).

When an Outlook client does an Autodiscover request to the Exchange environment it detects the user is a Mail-Enabled User, and that a target address is set. Based on this target address a new Autodiscover request is initiated. So, Outlook does a request for a user called kim@exchangelabs.nl, Autodiscover returns a Mail-Enabled User with target address kima@exchangelabsnl.mail.onmicrosoft.com. Next, Outlook wil try an Autodiscover request for this SMTP address.

Continue reading Autodiscover in a hybrid scenario