Friday, June 2, 2017

Outlook 2010 - Error While Preparing to Send Sharing Message

We recently satarted to see an eror when users try to send a calender sharing invitation to users from their Outlook 2010 client. the error prenented reads as follows "Error While Preparing to Send Sharing Message" Our orginzation at the time of writing this is runing Exchange 2016 CU4 and Outlook 2010 SP2 April 2017 Updates and Outlook is configured to use MAPI over HTTP. the issue looks to be tied to the permissions on the calendar and permisisons being present for users who nolong are with the orginization and their mailboxes have been disabled.
to ressolve this issue review the permission list on the calendar and remove any users who nolonger have a mailbox within Exchange. 
You can as workaround, use Outlook on the Web to share the calendar and that will work just fine

Thursday, December 29, 2016

Outlook On The Web Error when Saving Calendar Appearance / Reminders Options

I have been meaning to post this for a while now and well life and work sometimes get in the way of sharing the nuggets of info from my job.
So here is the scenario we were running into:
upon migrating an Exchange 2013 Mailbox to Exchange 2016 CU1 some users when adjusting their calendar appearance or setting the option to send a daily agenda email would get an error when saving their settings. The user would get an error that "There was a problem saving your changes. Please try again." you would then see a correlating error in the event viewer with Event ID: 4999 on the server the user was connected to. After working for several days with support, we found that within the mailbox calendar configuration the weather location bookmark was set to a -1 rather than a 0. This setting is currently only used in the O365 and we are not sure as why when migrating a user this bit gets flipped for some users.
you can see this property value by running a Get-MailboxCalendarConfiguration -Identity |FT ID*,Weather* we found that the only way to reset that value was to use MFC Mapi and delete the IPM.Configuration.OWA.useroptions from the users mailbox.

To find all Mailboxes affected you can run:
Get-Mailbox -Server <ServerName> -ResultSize unlimited | Get-MailboxCalendarConfiguration | Where {$_.WeatherLocationBookmark -ne "0"}| FL Id*,WeatherLocationBookmark

to Resolve:
1. Download the latest version of MFC Mapi
2. Grant yourself Full access to the effected users mailbox (Add-mailboxPermission -Identity -User -AccessRights FullAccess)
3. Ensure the user has MAPI access enabled
4. Open MFC Mapi

a. Click Session > Logon
b. Locate the mailbox on the right hand side and double-click it
c. Right-Click the Root Container and chose Open Associated Contents Table
d. In the new window that opened scroll to the right till you see the Message Class Column
e. Scroll down till you locate the IPM.Configuration.OWA.UserOptions Message
f. Right-Click IPM.Configuration.OWA.useroptions and chose Delete Message
g. In the Delete Item Window click OK
h. Close all MFC windows
5. Verify issue is resolved by running Get-MailboxCalendarConfiguration -Identity <username>  | FT WeatherLocationBookmark

 

Thursday, December 8, 2016

Mailbox Export Request and MapiExceptionUnknownUser: Unable to make connection to the server. (hr=0x80004005, ec=1003)

As I was preparing to export several mailboxes to PST for a Cross Forest Exchange 2010 to 2016 Migration as a part of an acquisition, I ran in to an issue that when I would run a New-MailboxExportRequest and get an error "Couldn't connect to the source mailbox" When running the cmdlet with a -Verbose, would see the error "MapiExceptionUnknownUser: Unable to make connection to the server. (hr=0x80004005, ec=1003)" After going through some troubleshooting steps:
-Verifying MAPI is enabled on the accounts.
-Verifying that the Exchange Trusted SubSystems group had R/W Share Permissions.
-tried a different users.

After nothing fixed my issue, I called support. One troubleshooting step that they had me do that never crossed my mind was to create a new mailbox database. after doing that I moved a user successfully to that database and was able to export it with no issues. upon comparing the mailbox database settings Get-MailboxDatabase -Identity I noticed that the new database did not have a Public folder configured and the other database did but it looked as if someone had deleted it. Using ADSI we removed the Public folder path from the database and were able to export mailboxes without any issues.

Removing Public Folder path from Mailbox Database:
1. Launch ADSI and enter the configuration Node.
2. Navigate to :
Services > Microsoft Exchange > Exchange OrgID > Administrative Groups > Exchange Administrative Groups (FYDIBOHF23SPDLT) > Databases
3. Right-Click the Database with the public folder you want to remove and click Properties
4. From the Attribute Editor tab select the attribute msExchHomePublicMDB
5. Click Edit
6. Copy that value to a text file as a backup. :)
7. Click Clear
8. Click OK
9. Click OK to close the attribute editor
10. Close ADSI Edit

Wednesday, September 7, 2016

Outlook Opens Minimized

Ran in to this strange issue today. a User was complaining that outlook would start minimized. We were able only able to have it reappear by using task manager to maximize the application. I was able to open Outlook without any issues starting it in safe mode (Outlook.exe /Safe). Upon ruling out that shortcut was not set to start minimized and that no COM add-ins were causing the issue , I did a quick search and found in an MSFT TechNet post from Rob Kubben to remove the Frame registry key located in the [HKEY_CURRENT_USER\Software\Microsoft\Office\\Outlook\Office Explorer].
Upon restarting Outlook it opened maximized and would remember its last window size properly.

Wednesday, August 10, 2016

Outlook on The Web Prompting for Credentials from my Web Proxy

Recently we begain moved about our users to our new Exchange 2016 infrastructure. We begain to get a few calls from some users that they were being prompted for credentials whenever they would open an email in Outlook on The Web that contained external embedded content. In our eviroment a lot of our generic workstations and if you want to go out to the internet, you must provide you AD username and password. upon further digging, we found that Outlook on the Web will send multiple GET requests prior to being prompted for credentials. The only way to work around this issue is to open a website and go to site such as cnn.com to get authenticated. Once authenticated you will be able to open an email with embedded content.

Tuesday, July 5, 2016

Powershell Preview of a Dynamic Distribution List

Here is how in a single line to preview a dynamic distribution group using PowerShell.



Wednesday, June 29, 2016

Exchange Scripting Agent

In this post I will be sharing some of my findings with Exchange's Cmdlet Scripting agent.



Back in Exchange 2010 Microsoft Introduced the Cmdlet Extension agents. These agents perform various task such as User Mailbox distribution when a mailbox is provisioned. to see a list of the Extension agents, run the following Get-CmdletExtensionAgent |FT Name,Priority,Enabled .
This will output the agents there priority and if they are enabled or not. In the rest of this post I will be covering the Scripting Agent. the scripting Agent allow you to run Exchange cmdlets as a mailbox (user, shared, or resource) or Distribution list are created or enabled via the Shell or EAC.





The Scripting Agent utilizes an XML document named ScriptingAgentConfig.xml located on Each Exchange Servers (C:\Program Files\Microsoft\Exchange Server\v15\Bin\CmdletExtensionAgents) to preform the exchange related tasks you desire. Microsoft provides a sample file name ScriptingAgentConfig.xml.sample which I recommend that you review.

The XML contains several sections or nodes allowing you to define what cmdlets you want to trigger on and within what API.
the following API calls are exposed: (https://technet.microsoft.com/en-us/library/dd335054(v=exchg.80).aspx)
  • ProvisionDefaultProperties -  This API can be used to set values of properties on objects when they're created. When you set a value, that value is returned to the cmdlet and the cmdlet sets the value on the property. You can fill in values on properties if the user didn't specify a value, or you can override the value specified by the user. This API respects the values set by higher priority agents. The Scripting agent cmdlet extension agent won't overwrite the values set by higher priority agents.
  • UpdateAffectedIConfigurable -   This API can be used to set values of properties on objects after all other processing has been completed, but the Validate API hasn't yet been invoked. This API respects the values set by higher priority agents. The Scripting agent cmdlet extension agent won't overwrite the values set by higher priority agents.
  • Validate -  This API can be used to validate the values on an object's properties that are about to be set by the cmdlet. This API is called just before a cmdlet writes any data. You can configure validation checks that allow a cmdlet to either succeed or fail. If a cmdlet passes the validation checks in this API, the cmdlet is allowed to write the data. If the cmdlet fails the validation checks, it returns any errors defined in this API.
  • OnComplete - This API is used after all cmdlet processing is complete. It can be used to perform post-processing tasks, such as writing data to an external database.
Global Variables- These hold information provided either via the EAC or Shell.
  • $readOnlyIConfigurable.
  • $provisioningHandler.UserSpecifiedParameters["ParameterName"]
Deploying the xml File:
When it comes time to deploy your Completed script, you will need to deploy it to each exchange server. the file must be copied to C:\Program Files\Microsoft\Exchange Server\v15\Bin\CmdletExtensionAgents. I would recommend if you have more then 2 exchange server you download Paul Cunninghams PushScriptingAgentConfig.ps1 it can be found here


once you have deployed your custom ScriptingAgentConfig.xml file you need to enable the scripting agent. to do so run the following Cmdlet:
Enable-CmdletExtensionAgent -Identity "Scripting Agent"
If you need to disable the scripting agent run the following
Disable-CmdletExtensionAgent -Identity "Scripting Agent"


A Few Gotchas
1. I have seen that during upgrades such as CU or rollups that setup will complain if the scripting agent is enabled. So I would recommend that during maintenance or when introducing a new version of exchange that you disable the scripting agent.


2. If you have multiple domain controllers that you know what DC Exchange is using. I have found that using the following : $DC = [string]($readOnlyIConfigurable.OriginatingServer) is the best way to get this.


Below is an example ScriptingAgentConfig.xml I created to setup a user mailbox once its been created using either new-mailbox or the enable-mailbox cmdlets .