Tag Archives: Exchange 2016

create Shared Mailbox in Exchange Hybrid

Every now and then I get a question regarding creation of Room- or Shared Mailboxes in Office 365 when Exchange Hybrid is in place.There are multiple solutions available, but at the same time there are some restrictions as well. In this blog post I’ll discuss Room Mailboxes, Equipment Mailboxes and Shared Mailboxes.

Room Mailbox

To create a room Mailbox in your hybrid environment create a user account for this room mailbox first. In this example I’m going to create a Room Mailbox called ‘conference room 1st floor’ and have it created directly in Office 365 (for your information, I’ve tested this with Exchange 2010 hybrid as well as Exchange 2016 hybrid).

image

To create the Mailbox in Exchange Online, you can use the Enable-RemoteMailbox cmdlet in Exchange PowerShell. This will mail-enable the account in your on-premises environment and will automatically create a mailbox in Exchange Online the next time Azure AD Connect runs. For the Enable-RemoteMailbox cmdlet you need to use the -RemoteRoutingAddress (which should point to the Mailbox in Exchange Online) and for a Room Mailbox you have to use the -Room option. If you want to create a Shared Mailbox you can use the -Shared option, the result will be the same.

To create the Room Mailbox in Exchange Online we can use the following command:

Get-User -Identity Conference1 | Enable-RemoteMailbox -Room -RemoteRoutingAddress conference1@inframan.mail.onmicrosoft.com

image

When Azure AD Connect has run, the account has been provisioned in Azure AD and the Room Mailbox has been created. It is visible in Exchange Online EAC and permissions can be granted to other users can manage the Room Mailbox.

image

Resource (Equipment) Mailbox

To create a Resource (aka Equipment) Mailbox the process is very similar. First create a user account for the Equipment Mailbox in Active Directory and fill the appropriate attributes, like this:

av

To create the Equipment Mailbox directly in Exchange Online, execute the following in PowerShell (on your on-premises Exchange server):

Get-User -Identity AVEquipment | Enable-RemoteMailbox -Equipment
-RemoteRoutingAddress avequipment@inframan.mail.onmicrosoft.com

equipment

Again, when Azure AD Connect has run, the account is provisioned in Azure AD and the Mailbox is created in Exchange Online:

mbx

Shared Mailboxes

Createing Shared Mailboxes is a bit problematic, after all these years there’s still no option like -Shared when using the Enable-RemoteMailbox cmdlet in Exchange PowerShell so we have to figure out another way to create a Shared Mailbox in Exchange Online when using Azure AD Connect and a Hybrid environment.

<more to come soon>

 

Setting Calendar permissions right after mailbox creation

Customer is running Exchange 2013 with approx. 2500 mailboxes. When looking at calendars and sharing information through the availability service only the availability (free, busy or tentative) is shown. No details are shown by default.

Customer now request to publish more information so that users that want to schedule a meeting can see the details of other user’s appointments. This should not only be configured for existing users, but new users should receive this setting directly when provisioned.

For example, when configuring this for a user called Kim Akers (kima@exchangelabs.nl) for all users you can use the following Exchange PowerShell command:

Set-MailboxFolderPermission kima:\Calendar -User Default -AccessRights Reviewer

When scheduling a meeting with Kim Akers I can now see her appointment details in Outlook, and I can open the appointment to see all details (read-only) of this appointment as shown in the following two screenshots:

image

image

Note. Check the Set-MailboxFolderPermission article on Microsoft TechNet for all details regarding the permissions that can be assigned.

Continue reading Setting Calendar permissions right after mailbox creation

Cisco IronPort and Exchange 2016

If you have been following my blogs over the years you should be aware that I’ve always been using Exchange Edge Transport servers in front of my Mailbox servers for message hygiene purposes. My last (well known) environment looked like this:

image

There are two Mailbox servers (Exchange 2013 and Exchange 2016) and two Edge Transport servers (also Exchange 2013 and Exchange 2016). MX records point to both Edge Transport servers and there are two Edge Synchronizations. And the Edge Transport servers were capable for DKIM signing (as posted in a previous blogpost), but lacked DKIM verification and DMARC validation.

The most important part in the Edge Transport server is the Real Time Blocklist, configured to use Spamhaus for connection filtering. While this works pretty well (there still is quite some spam that gets delivered into mailboxes) there is always room for improvement. I have been looking at cloud solution, but they didn’t always deliver what was expected.

A couple of my customers are using Cisco Email Security Appliance (previously known as IronPort) solutions on-premises and are happy with it, so time to start testing a Cisco Email Security Appliance (ESA) in my own environment. Continue reading Cisco IronPort and Exchange 2016

Exchange 2016, backup and recovery databases

Last week I got a request from a customer. A long time ago I posted a blogpost on Exchange 2010 recovery databases, but after the customer migrated to Exchange 2016 his procedure around recovery databases didn’t work anymore. His request was basically to rewrite my blogpost.

For this blogpost I have a pretty simple Exchange 2016 Mailbox server, configured with one Mailbox database which is stored on a dedicated disk, and I’m using Windows Server Backup to backup the entire Mailbox database disk (VSS full backup).

Don’t pay too much attention to the naming of my Exchange server and the Mailbox database I’m using here. In fact, this is an Exchange 2016 hybrid server I’m misusing for the purpose of this blog Smile

Recovery database

You can restore a mailbox database to its original location and mount again, but you can also use a Recovery Database to restore and recover your data. A recovery database is a mailbox database that can be mounted on your Exchange server, but it is not visible for regular users but only for the Exchange administrator. The Exchange administrator can access this recovery database and recover data, for example create a PST of a particular mailbox in this database.

When restoring a database from backup, select the restore option and follow the wizard. When you reach the Select Recovery Type window select Applications as shown in the following screenshot.

image

Continue reading Exchange 2016, backup and recovery databases

Updated Exchange Server Role Requirements Calculator

The Exchange Server Role Requirements Calculator which you need for designing a proper Exchange 2013 or Exchange 2016 on-premises environment has been updates, currently the calculator is at version 8.4.

Some new functionality is added to this version:

  • Added support for ReplayLagMaxDelay
  • Added support for SafetyNetHoldTime in CreateDAG.ps1

And seven bug fixes in this version:

  • Improved the DAG auto-calculation results display to highlight deployment configuration in both datacenters
  • Fixed an issue that prevented DAG auto-calculation in single site DAG deployments
  • Fixed a SPECInt2006 validation issue with DAG auto-calculation
  • Fixed a bug with the DAG auto-calculation with Active/Passive deployments
  • Fixed conditional formatting issues with the transaction log table
  • Removed data validation from certain unused cells on the Input tab
  • Fixed bug in calcNumActiveDBsSF formula

The requirements calculator can be downloaded here: https://gallery.technet.microsoft.com/Exchange-2013-Server-Role-f8a61780

More information: