Verify you COM+ rights for the DPM agent. It could be that there is a missmatch in the rights.
Click START / Administrative Tools / Component Services
Expand Component Services / Computers / My Computer / DCOM Config
Right click on the "DPM RA Services" and choose properties. Verify that under the Security tab / Launch and Activation Permissions you got Customize marked, click the Edit... button in the ACL you should see the computer account for your DPM server. If it's not present add it and mark all allow boxes and try to start the service again.
6 Dec 2011
15 Nov 2011
Troubleshooting Offline Address Book Generation on Exchange 2010
http://blogs.catapultsystems.com/IT/archive/2010/03/11/troubleshooting-offline-address-book-generation-on-exchange-2010.aspx
23 Oct 2011
Không còn PST nữa...haha....còn lâu...huhu
Mất hơn 2 tuần migrate Exchange 2003 sang 2010 xong và háo hức setup các hot features của Exchange 2010 để giới thiệu với bà con gần xa. Một trong số đó là Online Archive. Không còn pst file nữa, quá đã...haha.
Cho dù phải bấm bụng order thêm Enterprise CAL thì feature này cũng đáng đồng tiền bát gạo. Tạo riêng một mailbox db, enable online archive, vô OWA test thử, NOKIA..:-)...uống 1 ly cafe cho tỉnh táo cái đã để chuẩn bị document và email cho các users thì..... phát hiện nó chưa hề xuất hiện trong Outlook 2010 của mình, bộ Office 2010 Std mới implemented vài tháng trước....hmm
Đào bới các website về licensing thì té ngửa ra rằng feature này chỉ xuất hiện khi sử dụng Office 2010 phiên bản Pro Plus mà chỉ có em Volume Licensing mới có thoi nhehoặc phải sử dụng Outlook OEM or retail...:-(.
Má ơi đúng là lừa đảo kiểu Bill Gates cho dù ....Bill đã nghỉ hưu lâu rồi.
Nếu bạn là dân hay sử dụng đồ chùa thì không nói làm gì nhưng đã là dân sành điệu đã bỏ tiền ra mua chịu hàng hiệu :-) mà còn bị lừa thì đúng là đau còn hơn bò đá :-(. Đúng là không thể trách được tại sao người ta hay dùng crack...
Chính sách licence của Bill đã đủ phức tạp lắm lắm rồi mà còn cố ý cheat các khách hàng của mình nữa...bó tay thật...
Cho dù phải bấm bụng order thêm Enterprise CAL thì feature này cũng đáng đồng tiền bát gạo. Tạo riêng một mailbox db, enable online archive, vô OWA test thử, NOKIA..:-)...uống 1 ly cafe cho tỉnh táo cái đã để chuẩn bị document và email cho các users thì..... phát hiện nó chưa hề xuất hiện trong Outlook 2010 của mình, bộ Office 2010 Std mới implemented vài tháng trước....hmm
Đào bới các website về licensing thì té ngửa ra rằng feature này chỉ xuất hiện khi sử dụng Office 2010 phiên bản Pro Plus mà chỉ có em Volume Licensing mới có thoi nhehoặc phải sử dụng Outlook OEM or retail...:-(.
Má ơi đúng là lừa đảo kiểu Bill Gates cho dù ....Bill đã nghỉ hưu lâu rồi.
Nếu bạn là dân hay sử dụng đồ chùa thì không nói làm gì nhưng đã là dân sành điệu đã bỏ tiền ra mua chịu hàng hiệu :-) mà còn bị lừa thì đúng là đau còn hơn bò đá :-(. Đúng là không thể trách được tại sao người ta hay dùng crack...
Chính sách licence của Bill đã đủ phức tạp lắm lắm rồi mà còn cố ý cheat các khách hàng của mình nữa...bó tay thật...
18 Oct 2011
Exchange 2010 mailboxes can not send to 2003 mailboxes
PROBLEM
Now we installed a new Exchange 2010 server in the same domain as the exchange 2003 server and installed the CAS, Mailbox and Hub roles. Next we about to move 70 mailboxes to the new Exchange 2010 server. Everything looks fine, users with mailboxed on the Exchange 2003 server can send mail to users on Exchange 2010 server. But the users with mailboxes on Exchange 2010 server can't send mail to mailboxes on exchange 2003. These messages stay in the 'SmtpRelayToTiRg' queue with error : 451 4.4.0 Primary Target IP address responded with: "451 5.7.3 Cannot Achieve Exchange Server authentication"
~~~~~
SOLUTION 2
http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=1087732&SiteID=17
Integrated Windows Authentication was not turned on, on my Default SMTP Virtual Server.....WORKED FOR ME
~~~~
Now we installed a new Exchange 2010 server in the same domain as the exchange 2003 server and installed the CAS, Mailbox and Hub roles. Next we about to move 70 mailboxes to the new Exchange 2010 server. Everything looks fine, users with mailboxed on the Exchange 2003 server can send mail to users on Exchange 2010 server. But the users with mailboxes on Exchange 2010 server can't send mail to mailboxes on exchange 2003. These messages stay in the 'SmtpRelayToTiRg' queue with error : 451 4.4.0 Primary Target IP address responded with: "451 5.7.3 Cannot Achieve Exchange Server authentication"
~~~~~
SOLUTION 1
I installed a Windows 2007 Exchange server in to my 2003 environment this week. All went well apart from that the mail sending from the 2007 test mailboxes ended up in a queue called smtprelaytotirg. The error message given being 451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled).
This queue is basically where 2007 is failing to deliver because it can’t route correctly.
The resolution in this case for me was easy. All the connectors were in place as they should be, but the transport for SMTP on the original master 2003 Exchange server had limited access to certain IP addresses.
I added the IP address for the new Exchange 2007 server and bang, 20 mins later the queue is empty.
Just a minor hurdle :) Oh, the other one to watch out for is making sure it can resolve either by IP or FQDN for the SMTP server, it’ll fail on netbios or just a single name. Anyone still relying on WINS needs shot in the face with a screw driver.
~~~~~I installed a Windows 2007 Exchange server in to my 2003 environment this week. All went well apart from that the mail sending from the 2007 test mailboxes ended up in a queue called smtprelaytotirg. The error message given being 451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled).
This queue is basically where 2007 is failing to deliver because it can’t route correctly.
The resolution in this case for me was easy. All the connectors were in place as they should be, but the transport for SMTP on the original master 2003 Exchange server had limited access to certain IP addresses.
I added the IP address for the new Exchange 2007 server and bang, 20 mins later the queue is empty.
Just a minor hurdle :) Oh, the other one to watch out for is making sure it can resolve either by IP or FQDN for the SMTP server, it’ll fail on netbios or just a single name. Anyone still relying on WINS needs shot in the face with a screw driver.
SOLUTION 2
http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=1087732&SiteID=17
Integrated Windows Authentication was not turned on, on my Default SMTP Virtual Server.....WORKED FOR ME
~~~~
Unable to assign "Send As" rights to Organization Units in Microsoft Exchange Server 2010
http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB21225
Configuring the Microsoft Exchange Server 2010 permissions for the administrator account fails with insufficient permissions for the Users container, or any Organization Unit, even when logged in as a domain administrator. Assigning Send As rights to specific users, or groups, works successfully.
PowerShell Command: Add-ADPermission -InheritedObjectType User -InheritanceType Descendents -ExtendedRights Send-As -User "BESAdmin" -Identity "CN=Users,DC=example,DC=com"
Active Directory operation failed on example.com. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo : WriteError: (0:Int32) [Add-ADPermission], ADOperationException
+ FullyQualifiedErrorId : DA172DD1,Microsoft.Exchange.Management.RecipientTa sks.AddADPermission
PowerShell Command: Add-ADPermission -InheritedObjectType User -InheritanceType Descendents -ExtendedRights Send-As -User "BESAdmin" -Identity "CN=Users,DC=example,DC=com"
Active Directory operation failed on example.com. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo : WriteError: (0:Int32) [Add-ADPermission], ADOperationException
+ FullyQualifiedErrorId : DA172DD1,Microsoft.Exchange.Management.RecipientTa sks.AddADPermission
~~~~~~~
~~~~~~~
Blackberry offers an alternative for running that powershell command
1. Open Active Directory Users and Computers.
2. Select the View menu and ensure Advanced Features is checked.
3. Right-click the Domain Name or Organizational Unit where Send As permissions are needed and select Properties.
4. Click the Security tab.
5. Click Advanced at the bottom on the Security tab.
6. Select Add and enter your Blackberry Service Account name (for example, BESadmin) and select OK.
7. When the permissions screen appears, change Apply onto: to User Objects (or Descendant User Objects on Microsoft Windows Server 2008).
8. In the permissions box, scroll down and check the Allow box beside Send As and press OK.
9. Press Apply and OK to exit.
it worked for me...
1. Open Active Directory Users and Computers.
2. Select the View menu and ensure Advanced Features is checked.
3. Right-click the Domain Name or Organizational Unit where Send As permissions are needed and select Properties.
4. Click the Security tab.
5. Click Advanced at the bottom on the Security tab.
6. Select Add and enter your Blackberry Service Account name (for example, BESadmin) and select OK.
7. When the permissions screen appears, change Apply onto: to User Objects (or Descendant User Objects on Microsoft Windows Server 2008).
8. In the permissions box, scroll down and check the Allow box beside Send As and press OK.
9. Press Apply and OK to exit.
it worked for me...
~~~~~~~~
17 Oct 2011
Adjusting Exchange 2003 mail flow settings for Exchange 2010
Adjusting Exchange 2003 mail flow settings for Exchange 2010
When bringing Exchange 2010 server into an existing Exchange 2003 environment, you can't initially send and receive Internet mail via the hub transport server. This is because Microsoft recommends that you place an edge transport server between the Internet and your back-end Exchange server.
An edge transport server is actually a hardened Exchange server that sits on the network perimeter. It maintains message hygiene as SMTP mail flows in and out of an Exchange organization. The edge transport server also shields back-end Exchange servers from direct Internet exposure.
Using an edge transport server is a good idea, but it's not a requirement. Given the current economic climate, I expect that a lot of organizations implementing Exchange 2010 will initially forgo the edge transport server to save money. If you decide to do this, you'll have to configure your hub transport server to send and receive Internet mail.
Note: If you decide not to use an edge transport server, I recommend that you place your mailbox server role on a different Exchange Server, if possible.
To prepare your hub transport server to send and receive Internet mail, create a send connector. The send connector allows the hub transport server to send mail directly to the Internet.
To create a send connector, follow these four steps:
- Open the Exchange Management Console and navigate to Organization Configuration -> Hub Transport.
-
- Go to the Actions pane and click on the New Send Connector link.
-
- When the New Send Connector Wizard opens, set the connector's use to Internet.
-
- Click Next and set the address to *.
Exchange Server 2010 also uses a default receive connector to receive Internet mail. The hub transport server expects to receive mail from an edge transport server, not directly from the Internet. Because of this, the receive connector is configured to block all unauthenticated inbound SMTP traffic.
Since most Internet mail is not authenticated, you must configure the receive connector to allow anonymous SMTP connections. To do so:
- Open the Exchange Management Console and navigate to Server Configuration -> Hub Transport Server.
-
- Right-click on the receive connector and select Properties. Windows will display the receive connector's properties sheet.
-
- Go to the Permission Groups tab and select the Anonymous Users check box.
-
- Click OK.
Typically, the MX record for your domain will point to a firewall, which will reroute inbound SMTP traffic to an internal server. Therefore, you must reconfigure the firewall port forwarding to send SMTP traffic to the edge transport server or to the newly configured hub transport server.
Converting recipient policies to Exchange 2010 email address policies
Most Exchange organizations' internal domain names are different than the external domain names. For example, my primary external domain name is brienposey.com, but my Exchange servers reside on an internal domain named production.com. In this case, you must use recipient policies to define the appropriate external email addresses for your users.
Microsoft has replaced recipient policies with email address policies in Exchange Server 2007 and Exchange 2010. This means that when migrating from Exchange 2003, you'll need to convert your recipient policies into email address policies.
Doing so is quite simple. Open the Exchange Management Shell and enter the following command:
Get-EmailAddressPolicy | where {$_.RecipientFilterType –eq "Legacy"} | Set-EmailAddressPolicy –IncludeRecipients AllRecipients
This EMS command compiles a list of all mailboxes that use a legacy recipient policy. The command then converts the recipient policy into an email address policy.
http://searchexchange.techtarget.com/Adjusting-Exchange-2003-mail-flow-settings-for-Exchange-2010
Subscribe to:
Posts (Atom)