Johnny Yao WorkSpace

  AutoDatabaseMountDial a. 嘗試切換node 上線 b. Resume-StorageGruopCopy c. 在passive node 執行 Update-StorageGroupCopy "bqt-ccr1\First Storage Gr oup" -DeleteExistingFiles   1. CCR\FSG 失敗下線   2. StorageGroupCopy 顯示suspend   3. 裝載資料庫失敗 -------------------------------------------------------- Microsoft Exchange 錯誤 -------------------------------------------------------- 無法裝載資料庫 'Mailbox Database'。 Mailbox Database 失敗 錯誤: 因為目前的 AutoDatabaseMountDial 設定而發生遺失容錯移轉之後，無法裝載資料庫 'BQT-CCR1\First Storage Group\Mailbox Database'。您必須先執行 Restore-StorageGroupCopy，才能裝載資料庫。 -------------------------------------------------------- 確定 -------------------------------------------------------- 摘要: 2 個項目。1 個成功，1 個失敗。 經過時間: 00:00:02 擱置 BQT-CCR1\First Storage Group 已完成 已完成的 Exchange 管理命令介面命令: suspend-StorageGroupCopy -Identity 'BQT-CCR1\First Storage Group' -SuspendComment '系統管理員已初始化 Update-StorageGroupCopy'

  Get-MailboxDatabaseCopyStatus Update-MailboxDatabaseCopy Resume-MailboxDatabaseCopy Summary: 1 item(s). 0 succeeded, 1 failed. Elapsed time: 00:00:03 Mailbox Database 0842341759 Failed Error: A server-side seed operation has failed. Error: An error occurred while running prerequisite checks. Error: A server-side seed operation has failed. Error: An error occurred while running prerequisite checks. Error: Service 'Microsoft Exchange Search' doesn't appear to be running on server 'BQT-E14CAS1'. Please verify that the server is operating, and that services can be queried remotely. [Database: Mailbox Database 0842341759, Server: BQT-E14MBS1.MSFT.corp.com] A server-side seed operation has failed. Error: An error occurred while running prerequisite checks. Error: Service 'Microsoft Exchange Search' doesn't appear to be running on server 'BQT-E14CAS1'. Please verify that the server is operating, and that service

    Auto Complete Mailbox Moves MoveMailbox.ps1 provides a synchronous mailbox move management experience similar to the Move-Mailbox cmdlet provided in Exchange 2007. By default, scripts are installed at C:\Program Files\Microsoft\Exchange Server\V14\Scripts. For more information, see Move Mailboxes by Using the MoveMailbox.ps1 Script in the Shell . Archive Mailboxes If archive exists, then the archive gets moved with the primary mailbox because the archive and the primary mailbox must reside on the same mailbox database. You will need to factor in the size of the archive before moving the mailbox, not only for database size, but for how long the move will take to complete. If you are moving from an Exchange 2010 server to Exchange 2003 or Exchange 2007 server, you will need to disable the archive before you can move the mailbox. For more information, see Disable a Personal Archive for a Mailbox . Shared Mailboxes and Resource Mailboxes In addition to the default use

  1. [PS] C:\Windows\system32> get-mailbox -Identity bqt.e14user1 | fl -Property, database Database : Mailbox Database 1671221825 2. [PS] C:\Windows\system32> New-MoveRequest -Identity bqt.e14user1@msft.com -TargetDatabase "Mailbox Database 0842341759" DisplayName     Status        TotalMailboxSize          TotalArchiveSize      PercentComplete -----------        ------       ----------------             -------------             - -------------BQT.E14User1    Queued   231.2 KB (236,704 bytes)                           0 3. [PS] C:\Windows\system32> Get-MoveRequest DisplayName                                    Status                    TargetDatabase -----------                                    ------                    -------------- BQT.E14User1                           InProgress                Mailbox Database 0842341759 4. [PS] C:\Windows\system32> Get-MoveRequest | fl RunspaceId       

1. New-MoveRequest 會存在AD & target DB’s system mailbox 2. Offline Move 是讓user 無法存取, Online Move 則於搬完後才lock source mailbox 3. MRS Instance check 每個DB’s system mailbox 是否有move request 4. MRS 應該 只負責所屬AD site 的move request 5. New-MoveRequest -Identity Ayla@contoso.com -TargetDatabase "DB02" The cmdlet updates active directory and then places a special message to the system mailbox within that Active directory site that a move request has been initiated and the move is set to a status of Queued . Information about the move request is stored in two places: the target database's system mailbox and in Active Directory . If the move is an offline move, the mailbox is locked and can't be accessed until the move is in Completed status. For more information about scenarios in which offline moves are created, see Moving Mailboxes Between Exchange 2010 and Previous Versions of Exchange section previously in this topic. All instances of MRS periodically check the system mailbo

  1. 信箱搬移由Exchange 2007 CMDlet 改為Exchange 2010 MRS Service 2. MRS 可控制各AD site 的move request, 避免重複的move request 3. MSExchangeMailboxReplication.exe.config . 負責控制move request 設定 4. 可調整一次的信箱搬移數量, 預設為5, Exchange 2003 為4 5.  by default, MRSProxy is disabled 6. MRSProxy 負責remote forest 的跨樹系信箱遷移工作 Mailbox Replication Service When you use the Move Request cmdlets to perform the mailbox move the move will be conducted by MRS. As stated previously, MRS resides on an Exchange 2010 Client Access server and is the service that moves mailboxes from the source database to the target database . In Exchange 2007, the mailbox move was performed by the actual Move-Mailbox cmdlet. Using a service as the agent of the move allows you to move mailboxes asynchronously while they remain accessible to the user. During the move, you maintain the ability to view, cancel, and manage the move request from any Exchange 2010 server in your organization. You can start and stop the Microsof

    Reasons for Moving Mailboxes The following scenarios list the reasons for moving mailboxes: Transition    When you transition an existing Exchange 2007 or Exchange Server 2003 organization to Exchange 2010, you will move mailboxes from the existing Exchange servers to an Exchange 2010 server that has the Mailbox server role installed. Realignment    You can move mailboxes to realign based on specific values. For example, you may want to move a mailbox from one database to a database that has a larger mailbox size limit. Investigating an issue    If you need to investigate an issue with a mailbox, you can move that mailbox to a different server. For example, you can move all mailboxes that have high activity to another server. Corrupted Mailboxes    If you encounter corrupted mailboxes, you can move the mailboxes to a different server or database to leave the corruption behind. The corrupt messages will not move. Physical location changes    You can move m

  1. 提供跨 forest 的信箱遷移功能 2. 信箱資料是非同步搬移 3. 線上搬移不影響使用者存取 4. 信箱遷移記錄不存在於server 上, 而記錄於信箱上 5. Microsoft Exchange Mailbox Replication Service (MRS) - CAS   負責信箱遷移 6. 透過CAS 的MRS, 可以於ORG外進行move mailbox request 7. local mailbox move & remote mailbox move 8. 另一個文章未提到的重點, CAS role 的Loading 又加重很多   Cautions and Prerequisites to Moving Mailboxes You can't use the Exchange System Manager or Active Directory Users and Computers to move mailboxes from Exchange 2003 to Exchange 2010. You can't use the Move-Mailbox cmdlets in Exchange 2007 to move mailboxes from Exchange 2007 to Exchange 2010. When you move mailboxes, the user will lose the ability to view their message tracking information. Advantages to move requests Move requests are a new feature in Exchange 2010 . Creating a move request consists of running a series of cmdlets that perform the move request. There are multiple advantages to using move requests to perform the move:

  for Exchange 2007 OWA 透過Smart Card 存取, 請參考下列步驟, 不過調整此步驟會影響到預設的IIS 驗證權限, 請先確認下列是否以執行過下列設定, 若要測試請複製IIS Virtual Site 或用非production 的CAS server 1.  智慧卡驗證需要安全通訊端層 (SSL) 加密。根據預設，Outlook OWA 使用 SSL。 2.  使用 IIS 管理員 6.0 設定 Outlook Web Access 虛擬目錄以使用憑證驗證 在 IIS 管理員中的 [網站] 上按一下滑鼠右鍵，然後按一下 [內容]。 在 [目錄安全性] 索引標籤上，確認已選取 [啟用 Windows 目錄服務對應程式] 核取方塊。 按一下 [確定]，關閉 [網站內容]。 展開您用來主控 Outlook Web App 虛擬目錄的網站。這通常是 [預設網站]。在您要設定使用憑證驗證的 Outlook Web App 虛擬目錄上按一下滑鼠右鍵，然後按一下 [內容]。 在 [目錄安全設定] 索引標籤的 [安全通訊] 中，按一下 [編輯]。 在 [安全通訊] 區段中，選取 [需要安全通道 (SSL)] (若尚未選取)。 附註： 如果您使用的是 Microsoft Exchange 安裝期間所建立的 SSL 憑證，則會顯示一則錯誤訊息，通知您該憑證不是受信任的憑證。請確定您信任發出憑證的憑證授權單位 (CA) 或使用 CA 所信任的 SSL 憑證。 在 [用戶端憑證] 區段中，選取 [需要用戶端憑證]。 選取 [啟用用戶端憑證對應]。 按一下 [確定] 以儲存變更。 在設定 IIS 管理員使用憑證驗證之後，您必須在 Exchange 中停用 Outlook Web App 虛擬目錄上的所有驗證方法。您可以使用 Exchange 管理主控台或 Exchange 管理命令介面執行此程序。   使用 Exchange 管理主控台將 Out

    [PS] C:\Documents and Settings\Exchadm\Desktop> Get-PublicFolderStatistics -Serve r bqt-mb07 | fl -Property totalitemsize,folderpath   [PS] C:\Documents and Settings\Exchadm\Desktop> Get-PublicFolderStatistics -Serve r bqt-mb07 Name                                     ItemCount               LastAccessTime ----                                     ---------               -------------- EX:/o=MSFT/ou=Exchange Administrative Gr   1                 12/8/2009 1:00:07 AM oup (FYDIBOHF23SPDLT)   Blog Extended Reading More Information & Reference

  附註 如果您在您的環境中使用 Exchange 前端伺服器，SSL 只應在這些伺服器上啟用。 在單一伺服器的環境中需要 Exchange 伺服器上啟用 SSL。 下列值是 [PasswordChangeFlags 設定選項： 0： 需要 SSL 的密碼變更 1: 允許非安全連接埠的密碼變更 2： 停用密碼變更 若要進行 IISADMPWD 虛擬目錄執行下列動作： 按一下 [開始，指向 [程式集]，指向 [系統管理工具，然後按一下 [Internet 服務管理員]。 用滑鼠右鍵按一下預設的網站]，指向 [新增]，然後再按一下虛擬目錄]。 在 [虛擬目錄建立] 精靈輸入 [[別名] 方塊中的 [ IISADMPWD ]，然後按一下 [下一步]。 在 [目錄] 方塊中，鍵入 < 硬碟機 >: \winnt\system32\inetsrv\iisadmpwd 或位置，其中您的硬碟是預設硬碟磁碟，而然後按一下 [ 下一步 。 檢查只在讀取和 [執行指令碼核取方塊已選取，例如 ASP] 核取方塊，按一下 [ 下一步 ，再按 完成 。 請確認 [IISADMPWD 虛擬目錄只是基本驗證設定，然後如果您使用 [Windows 2003/IIS 6.0 確認應用程式集區設定為 ExchangeApplicationPool ]。   啟用並隱藏 Outlook Web Access 中的 [變更密碼] 按鈕 重要 此區段、 方法或任務包含，告訴您如何修改登錄的步驟。 然而，如果您不當修改登錄，可能會發生嚴重的問題。 因此，執行這些步驟時請務必小心。 為加強保護，修改登錄之前，請務必將它備份起來。 以後您就可以在發生問題時還原登錄。 如需有關如何備份和還原登錄的詳細資訊，請按一下下面的文件編號，檢視「Microsoft 知識庫」中的文件： 322756 如何備份和還原在 Windows 登錄 附註 此登錄值必須在前端和後端伺服器上啟用。 Exchange 2000 Server 和 Exchange Server 2003，您可以使用登錄，若要顯示或隱藏 [ 變更密碼 ] 按鈕。 要

  1. Outlook Anywhere 因為NTLM 驗證的關係, 確定是無法支援,  2. 啟用 Smar Card 驗證for Exchange 2007 OWA, 將會改變 CAS 驗證方式從 form-based authentication 改為 整合驗證方式. 在此調整確定會改變OWA 的驗證方式, 由form-based 換成pop up 驗證視窗, 若要不影響現有的存取方式, 則必須新起CAS server 讓smar card reader 使用 3. 一般而言，表格式驗證無法在啟用了智慧卡的 OWA 中使用。表格式驗證表示使用者會透過標準 Outlook 表格，提交使用者名稱和密碼。然而，有了智慧卡的雙重關卡驗證，使用者只會有智慧卡，沒有密碼。因此表格式驗證將無法接受或提交只具有認證的驗證。在鏈結中任一處使用表格式驗證 (例如在 ISA Server 後方的前端伺服器)，都會破壞啟用了智慧卡的 OWA 組態。若您啟用表格式驗證，Exchange 虛擬目錄會強制設定為基本驗證，因此 IIS Metabase 也會同時設定為基本驗證。 4. 如果在您的使用者群組中，有些會用使用者名稱/密碼，有些則用智慧卡，那麼您就可以啟用 ISA Web 接聽程式的後援驗證，當使用者在出現認證提示後按下 ESC 鍵，電腦就會提示使用者輸入標準使用者名稱/密碼認證 ，即使 Exchange Server 的 ISA Server 已啟用整合式驗證。此外，ISA Server 可以讓 SSL 工作階段逾時，方法和表格式驗證功能大同小異。 步驟 : Exchange Server 2007 CAS Configuration You must enable integrated authentication on /OWA virtual directory. When you do this it will disable Forms Based Authentication. This can be done either trough the management console or the management shell. Configure Integrated Windows Server Authenti