Decommission an Exchange 2010 Server

This article will explain the steps required to safely decommission an Exchange 2010 server.

I have recently configured 2 new Exchange 2010 CAS servers in an CAS Array and 2 new Exchange Mailbox servers in a DAG, and am left with my original standalone Exchange 2010 CAS,HUB,MX server, so its time for it to go.

First i want to make sure there are no mailboxes left on it.

[PS] >Get-Mailbox -Server EX-01

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
Adctfn Sn926              adctfn.sn926         EX-01        unlimited
Adctfn Sn398              adctfn.sn398         EX-01        unlimited

You can see here that i have two mailboxes still on this server.  In my case they are both test accounts and i no longer need them, so i will remove them using the command below.  You may want to move these to a new mailbox on a new server using the New-MoveRequest command.

Get-Mailbox -Server EX-01 | Remove-Mailbox

Now i need to check there are no arbitration mailboxes left on the server, these are internally used system mailboxes.  I have already moved them using the New-MoveRequest command to a new mailbox on a new server, so as you can see below, i have no arbitration mailboxes left on this server.

Get-Mailbox -Server EX-01 -Arbitration

Now i need to check if i have any databases left on the server.

[PS] >Get-MailboxDatabase -Server EX-01

Name                           Server          Recovery        ReplicationType
----                           ------          --------        ---------------
Mailbox Database 1982746264    EX-01       False           None
DB-ExecutiveStaff              EX-01       False           None

I have two listed here, one is the default mailbox created at install, and the other i can now safely delete, as it holds no more mailboxes.  Why? because i have already moved all mailboxes from this database off to another mailbox on my new MB servers.  So what i will do is remove the 2 databases, by simply piping the above command to Remove-MailboxDatabase.

Some of you may prefer to Dismount-Database first.  Remember to make sure you have backed up your databases and mailboxes before removing anything!

Now you need to move your Public Folder databases and replicas to new servers.

Now it should just be a matter of uninstalling Exchange 2010 from the control panel, as you would another program.

I had to stop our Backup Exec services on the server which had open files, before i could successfully uninstall.

Update Microsoft Lync LineUri

Hey, today started with a meeting to discuss workflow for new user account creation.  It was quite interesting to properly think out the complete process with all the potential workflow snags, however in saying that our process is quite simply compared to some other organisations.

Following this meeting, i moved onto some work to update the “LineUri” property for our Lync enabled users.  When Lync was first deployed some of the lines were set incorrectly, and it was now time to update them as we begin to implement and deploy Lync to our users.  I achieved this with the following script.  This script is very specific to my organisation, but if you would like help adapting this script to your requirements let me know.

pseudo code: Get all Lync enabled users with phone numbers starting with “+61″.  For each user in the result, create some variables, and extract out the phone number and extension. Depending on the first number of the extension, build the $LineUri property, and then update the user.

$enabledUsers = Get-CsAdUser -Filter {Enabled -eq $true -and Phone -like '+612*'} foreach ($user in $enabledUsers) { $LineUri = $null

$phoneNumber = $user.Phone $phoneNumber = $phoneNumber -replace "[^0-9]" $tel = "TEL:+612" $ext = ";EXT=" $extension = $user.phone.substring($user.phone.length - 4,4) $extensiongroup = $user.phone.substring($user.phone.length - 4,1) Switch ($extensiongroup){ 5{$LineUri = $tel + "8853" + $extension + $ext + $extension} 4{$LineUri = $tel + "8846" + $extension + $ext + $extension} 3{$LineUri = $tel + "9775" + $extension + $ext + $extension} } try {

$user.DisplayName,$LineUri Set-CsUser -Identity $user.Identity -LineURI $LineUri } catch { Write-Warning $_.Exception.Message } }

Fuji Xerox Image Gateway Document Management

Today we went to see a demo of Fuji Xerox Image Gateway Document Management Solution 2.6 (http://www.fujixerox.com.au/products/image-gateway-for-apeos/igwapeos2) at Australia Technology Park in Sydney.  We implemented IGA 2 years ago now and have been mostly happy with the system.

Our users can all use a single print queue no matter where geographically they are located, across any of our sites, and retrieve their print documents from any printer.  They can choose which IGA enabled printer to retrieve their documents from by simply approaching one, swiping a printer ID authentication card, or manually enter an ID at the printer and dispatch their job.  One great outcome from the IGA system is the amount of paper we have saved, and that means $$$ saved.  Paper is saved as if a print job is sent to the IGA queue and the user does not go and dispatch it, it will automatically be deleted from the queue after x hours. It also allows us to monitor and report department print spending and charge accordingly.

Today we went to see some new features in the newest release, namely the ability to print from mobile devices, iPhones and iPads etc.  A user simply needs to email a picture or document from their device to a configured email address and the document will be spooled and queued, waiting their authentication.  Documents can be stored on the device, or your corporate document library.

Another great feature was the ability to design work flows from scanned documents.  For example, a paper form could be designed using OCR searchable regions.  When a user fills in a form, it can be scanned and OCR will pick up the special regions, and activate a work flow based on the field input.  Maybe it will be emailed to a manager for approval for example.

Other note worthy features are the ability to ingest or scan documents straight into your corporate document library.  Locations can be setup based on user classifications etc etc..   You get the idea.

Ps, the provided lunch was also quite nice, thanks guys.

Joys of a corrupt DC

The other day some upgrades were done to some of our core switching, and during the process, one of my domain controllers blue sreend.

My task for the day was to resolve this issue.  When the server blue screend, my network guy put the server into Directory Services Recovery Mode, disabled the network, and moved the IP address to another DC, and updated DNS, and left it there for me to continue.

I tried to demote the machine using dcpromo, i then tried dcpromo /forceremoval, both failed with errors i wont go into right now.  I tried scf /scannow, System Update Readiness Tool, and this also did not produce any decisive solutions.  I then tried to restore a system state backup, however the backup server could not establish a trust with the remote agent this wasn’t going to work either.

At this point i was all out of ideas, i had followed a few articles of similar scenarios and error codes, however none match my situation enough to produce any resolution.  So in the end i decided to manually remove the dead domain controller using TechNet article http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx.

Now half a day had passed, and so as we work in a virtualised environment, i quickly created a new virtual machine, allocated drives, and wound up a new Windows Server 2008R2, Promoted it to a domain controller, and moved on.

Migrate DHCP from Server 2003 to Server 2008/2012

You have a 2003 source DHCP server and want to migrate DHCP over to your new target Windows Server 2012.

There are a few methods to achieve this, however i like the simplest and definitely the fastest method, which is pretty much identical to a Microsoft KB article which i have cited below.

I am aware of Server Migration Tools in server 2008 and 2012, however for a quick migration of DHCP the method i use below works best for me.

Firstly from your 2003 server, open a command prompt and type;

netsh dhcp server export c:\dhcp.txt all

Now move this file (dhcp.txt) over to your new server 2008/12 machine, the C:\ drive is fine.

RDP/Connect to your new server, first stop (if started) the DHCP server service.  Navigate into C:\Windows\System32\Dhcp and rename/delete dhcp.mdb.  In some cases you will need to give yourself explicit modify or higher rights to the file to be able to delete it.  Once deleted you can now start the service back up.  Note this will recreate a new dhcp.mdb file.  Now open a command prompt windows and run this command to import your DHCP configuration into this new database.

netsh dhcp server import c:\dhcp.txt

You should see a success notification.  If successful, start up DHCP manager and verify that your configuration has copied over, looks for scopes, dhcp options and dhcp leases (ip addresses).

Source: http://support.microsoft.com/kb/962355

Load balancing Exchange 2010 CAS array

I have been working on a project to build and configure a 2x Exchange 2010 CAS array, along with a 2x Exchange 2010 MB DAG, and load balance the CAS array with our Riverbed Stingray Traffic Manager.  The purpose is to migrate our existing organization off a failing standalone server and onto the above mentioned environment.

Riverbed have provided a great .pdf document outlining the steps involved to configuring your Sting Ray Traffic Manager. https://splash.riverbed.com/docs/DOC-1313

This will step you through setting static ports on the CAS and MB servers.  SSL offloading, configuring all of your traffic ip groups, virtual servers, pools and traffic scripts.

What is not covered in the doco is how to handle SSL on your CAS servers, if you offload it to STM.  If you have offloaded SSL to the STM, then unless you are going to encrypt traffic between STM and the CAS servers you will need to turn it off in IIS on your exchange virtual dirs.

To do this open up IIS manager from each of your Exchange 2010 CAS servers.  For each virtual dir turn off SSL, including the top level default website.

Another issue i came across was as soon as a client hit the LB the connection was dropped.  After much fiddling around i contacted Stingray support and was told to make the following changes in the Traffic Script provided in the above mentioned PDF document.  Down the bottom of the Exchange2010 Single TrafficIP and Virtual Server for All HTTP Applications Traffic Script you will see this code.

if( $sessiondata != "none" ) {
if( $sessiondata ) {
connection.setPersistence( $universal_session_persistence );
connection.setPersistenceKey( $sessiondata );
} else {
connection.setPersistence( $transparent_session_persistence );
}
}
pool.use( $pool );

You will need to move the “pool.use($pool); line up above the “connection.setPersistence() line, so you end up with this.

pool.use( $pool )

;if( $sessiondata != "none" ) {
if( $sessiondata ) {
connection.setPersistence( $universal_session_persistence );
connection.setPersistenceKey( $sessiondata );
} else {
connection.setPersistence( $transparent_session_persistence );
}
}

After making this change, everything began to magically work.