Exchange – IslandEarth

Increasing attachment limits in Office 365/Exchange Online

The default limit for messages in Microsofts online mailboxes is 35MB. You can change this limit from powershell commands.

If you don’t know how to get started with Powershell admin then look at my previous posting: Send As From a different email domain in Office 365 Exchange Online.

There are 2 limit parameters: MaxReceiveSize and MaxSendSize.

The command for changing the mailbox limit parameters is:

Set-Mailbox John.Doe -MaxReceiveSize 55MB -MaxSendSize 55MB

Substitute John.Doe for the mailbox you want to change.

To change all mailboxes use this:

Get-Mailbox -Resultsize Unlimited | Set-Mailbox -MaxReceiveSize 55MB -MaxSendSize 55MB

And to set the limits for all new mailboxes use this:

Firstly find out which mailbox plan is the default:

Get-MailboxPlan | fl name,maxsendsize,maxreceivesize,isdefault

You will see a list of mailbox plans (name followed by a GUID) only one of which is marked as the default and they will also show the current limits.

To change the default mailbox plan use this command:

Set-MailboxPlan <em>ExchangeMailboxPlan-GUID</em> -MaxSendSize 55MB -MaxReceiveSize 55MB

Replace ExchangeMailboxPlan-GUID with the default plan listed previously.

Always remember to close your session with:

Remove-PSSession $Session

Send As From a different email domain in Office 365 Exchange Online

I get this requested quite often so I thought I should post how to do it.

The scenario is that you have your main email account with Microsoft on Office 365/Exchange Online, say Fred@Bloggs.com, and we connect to that mailbox via Outlook and/or Outlook Web Access. We also have email accounts setup elsewhere – on Google’s Gmail for instance say Fred@Jacks.com – and you are forwarding those emails to your main Office 365 account so that you know when new mail arrives.

Usually you would have to logon to the other service to reply to the Fred@Jacks.com emails – wouldn’t it be nice if you could reply from your Fred@bloggs.com account instead? Well, you can, and it’s really easy to setup:

Firstly, I can’t verify if this works with all email providers – it does work with Gmail accounts though.

To begin with you need to setup a contact in Office 365 for the other email address – Fred@Jacks.com:

Logon as the admin user to Office 365/Exchange Online.

Goto to the Admin Centres, choose Users, select Contacts and add the email:

You will also need to add the domain to the verified domains list:

Goto Admin center, Settings, Domains.

Follow the instructions on adding a domain – you do not need to add the email DNS records in order for the domain to be used in your account. You just need to verify you own the account by adding the TXT DNS record and verifying via this portal.

Note: the adding of a domain can take up to 4 hours to complete – took only an hour in my case.

Next you need to connect to the Exchange online server using Powershell:

This article explains how to do that: https://technet.microsoft.com/en-us/library/jj984289%28v=exchg.150%29.aspx

Open Powershell

Make sure you have issued the command to allow scripts to run:

Set-ExecutionPolicy RemoteSigned

Select ‘Y when prompted to turn scripting on.

Type in the credentials command:

$UserCredential = Get-Credential

You will be prompted for a username and password – enter you admin username and password for Office 365/Exchange Online.

Type in the session variable creation command:

$Session = New-PSSession -ConfigurationName
Microsoft.Exchange
-ConnectionUri https://outlook.office365.com/powershell-liveid/
-Credential $UserCredential -Authentication Basic -AllowRedirection

And then issue the session import command:

Import-PSSession $Session

Here’s a screen shot after issuing all 3 commands:

You will then see a bunch of stuff being downloaded and will eventually return to the command prompt.

You are now connected and can start issuing commands. For a list of commands available this is a good article:

http://o365info.com/mailbox-permissions-powershell-commands/

You can use a command like:

Get-MailboxPermission Fred

To test connectivity – this will list the permissions for user Fred (Fred@Bloggs.com).

The command:

Get-RecipientPermission "Fred Bloggs"

Will list the permissions on the contact we created above – there shouldn’t be any at this stage.

To give Send As permission to the contact issue this command:

Add-RecipientPermission "Fred Bloggs" -AccessRights SendAs -Trustee "Fred"

This gives the user Fred (Fred@Bloggs.com) permission to Send As the contact “Fred Bloggs” (Fred@Jacks.com).

You may receive an error at this point along these lines:

You can't use the domain  because it's not an accepted domain for your organization.

This means the domain verification and adding process has not completed yet – can take up to 4 hours for this to complete. If you continue to get this error after 4 hours then something must have gpne wrong with the domain adding process.

If all is ok you should be prompted for confirmation – select ‘Y’ to add the permission.

That’s it!

You should close the session properly – otherwise it will stay open – by issuing:

Remove-PSSession $Session

You can now close Powershell.

In Outlook or Outlook Web Access create a new email, make sure you can see the From: option (In Outlook if it’s not there go to the Options menu and click the From button), type in the email address you want to Send As – Fred@Jacks.com – you only need to do this once, outlook will remember it from then on and you can select it from the pull down list (however, at time of writing it was not saving it in outlook web access). Compose your message and send – if you have forwarding setup as described above you should then receive the message and note that the from address is indeed as expected: Fred@Jacks.com.

When you reply to messages received you will need to choose the from address from the pulldown – it defaults to the main mailbox from address – Fred@Bloggs.com – there is no way of changing this behaviour that I know of.

Exchange 2010 migration – contacts all have additional email addresses in company domain

After migrating to Exchange 2010 from 2003 we discovered that all the external contacts from the Global Address List (GAL) migrated ok but they all had an extra email assigned with our servers domain.

For example: trevor@citycorp.com would have an extra smtp address attached of trevor@mydomain.com

In addition any new contacts also had the additional email attached.

Which isn’t ideal so we looked into changing it and came up with a powershell script that would delete the extra emails and prevent them being added again:

####
# Input variables
####
$domains = @(“*@mydomain.com“)
$ou = “myactivedirectorydomain”

####
# Removing internal domains from contacts
####
$domains | foreach {
$domain = $_;
write-host “Preparing for removal of addresses with domain name:” $domain
$Contacts = Get-MailContact -OrganizationalUnit $ou -Filter {
                EmailAddresses -like $domain -and name -notlike “ExchangeUM*”
            } -ResultSize unlimited -IgnoreDefaultScope
$Contacts | foreach {
    $contact = $_;
    $email = $contact.emailaddresses;
    #write-host “1. ” $contact
    #write-host “2. ” $contact.name
    #write-host “3. ” $email
    #write-host “4. ” $contact.identity
    $email | foreach {
        if ($_.smtpaddress -like $domain)
            {
                $address = $_.smtpaddress;
                write-host “[*] Removing address” $address “from Contact” $contact.name;
                Set-Mailcontact -Identity $contact.identity -EmailAddresses @{Remove=$address};

}

    }
}
}
####
# Setting up email address policy to disabled for all contacts
####
write-host “Preparing all contacts for disabling email address policy”
$Contacts = Get-MailContact -OrganizationalUnit $ou -Filter {
                EmailAddresses -like $domain -and name -notlike “ExchangeUM*”
            } -ResultSize unlimited -IgnoreDefaultScope | Where {$_.EmailAddressPolicyEnabled -eq $true}
$Contacts | foreach {
    $contact = $_;
    write-host “[*] Setting up email address policy to disabled for” $contact.name
    $contact | set-mailcontact -emailaddresspolicyenabled $false
}

The first part of the script cycles through the contacts deleting the emails with the domain set in the $domains variable – replace ‘mydomain.com’ with your own domain and change the $ou to the correct active directory domain and out e.g. adroot.mydomain.com

The second part changes the default email policy which is what causes the extra smtp addresses to be added.

If you add new contacts via console then you do not need to run this again as you would not apply the default email policy but if you are adding contacts using an older script you may experience this problem and would therefore have to run again – perhaps on a scheduled basis.

Nice one Microsoft {:-|

No outgoing email after Exchange 2010 Service Pack 3 Rollup 1 installed

We like to keep our servers up to date so after testing in our VM environment we went ahead and installed the latest update rollup for Exchange server 2010 from Microsoft.

Everything went smoothly but afterwards we soon realised that no email was going out – no bounceback no message nothing, it just dissappeard!

It turned out to be a problem with out Disclaimer. Like most companies we add a disclaimer to every email sent outside the organisation. Because of this additional step on the server all these outgoing emails were seen as ‘poisoned’ and were dropped.

Obviously, this is something rather difficult to test for and after looking on a number of forums many Microsoft customers had suffered a similar fate.

Microsoft were looking into it and would be providing an update but in the meantime we had to turn off our disclaimer adding and ask out users to add them manually for now.

After opening a support call with Microsoft it transpired that a Hotfix was available. We downloaded, tested and rolled it out and disclaimers are now working. Please bear in mind that if you need to install a rollup in the future this Hotfix has to be uninstalled before proceeding.

In other words Microsoft won’t release a new update intil the next rollup despite the severity and will only supply a hotfix on request. Not very impressive.

Here is the relevant article and details of hwo to obtain the hotfix: http://support.microsoft.com/kb/2859596/en-gb

Error synchronizing outlook to exchange server

Getting the following error email in the sync log folder within Outlook connected to an Exchange 2003 server:

12:27:02 Synchronizer Version 11.0.8200

12:27:02 Synchronizing Mailbox ‘mailbox name‘

12:27:03 Synchronizing server changes in folder ‘Inbox‘

12:27:03 Downloading from server ‘exchange server name‘

12:27:04 17 item(s) added to offline folder

12:27:04 11 view(s)/form(s) added to offline folder

12:27:04 Error synchronizing folder

12:27:04 [8004010F-501-8004010F-0]

12:27:04 The client operation failed.

12:27:04 Microsoft Exchange Server Information Store

12:27:04 For more information on this failure, click the URL below:

12:27:04 http://www.microsoft.com/support/prodredirect/outlook2000_us.asp?err=8004010f-501-8004010f-0

12:27:04 Done

The only way around this was to redo the outlook profile – delete your email settings under Account Settings and add a new profile.

If neccessary delete the local OST file as well. This can be found at:

For Windows XP:

C:Documents and Settingsuser nameApplication DataMicrosoftOutlook

For Windows 7:

C:Usersuser nameAppDataLocalMicrosoftOutlook

Exchange 2003 services erratic or stopped after FSMO role transfer and DC demotion

We had problems with Exchange 2003 server after transferring FSMO roles from the DC server to a different DC server and demoting the original server to a basic file server (Exchange server was completely separate i.e. not a DC).

The process of transferring FSMO roles and demotion as described in these MS articles:
http://support.microsoft.com/kb/324801

http://support.microsoft.com/kb/238369

went through without any problems but later in the day we had reports from Exchange users that they could not get email – Exchange server was acting erratically and eventually services stopped altogether.

It transpired that the Recipient Update Server (RSU) was at fault. The RUS needs to use a Global Catalog server (typically there is only one per domain). It was looking at the old server for the Global Catalog. I tried to change it to the correct server but ran into an error when trying to select the DC stating ‘The operation failed. ID no 80004005 Exchange System Manager’.

I checked there were no rogue records in AD of old DC servers using Petri’s excellent article: http://www.petri.co.il/delete_failed_dcs_from_ad.htm, but no old servers were listed.

As I could not change the RUS settings through the system manager I looked for another way to change them and found this solved the problem:

Open ADSI Edit and navigate to ConfigurationServicesMicrosoft Exchange<Organization Name>Address Lists ContainerRecipient Update Services.

On the right side, you will see the RUS links listed.

Right click on the relevant RUS and select Properties.

Where you see “Select a property to view:” select msExchServer1NetworkAddress.

You should see the current Domain Controller listed.

Click on the Clear button

Change to correct server and click Set and OK

Restart the Microsoft Exchange System Attendant Service