Exchange/O365/Active Directory: Some Basics to Remember
Recently I have seen few great Exchange speakers and experts forgetting the basics of Exchange so I thought of rest of the world and decided to write this blog for a quick reference of Exchange Basics.
2 or more server which you are willing to add to an Exchange cluster should be running on same OS and same Patching level of OS. Then they should be at same Exchange version and same patching level.
This means you can’t install one exchange 2013 node and other exchange 2010 in DAG. Similarly you can’t have windows 2012 R2 on one node and windows 2012 on other node.
Exchange and legacy
In any coexistence of exchange, once you uninstall the last exchange of legacy then you can’t install legacy version again. As an example, if you have exchange 2010 and 2013 in your coexistence infrastructure and you remove last exchange 2010 then you can’t install exchange 2010 back in the same production infrastructure.
Same algorithm applies in new installation which means if you have just build a new Exchange org with any version, the previous version of the exchange will not be possible to deploy in the org. As an example, if you have installed new Exchange 2013 ORG then you cannot install Exchange 2010 or 2007 in the same exchange org.
Exchange 2013 Public Folders
Exchange 2013 innovated a new way of using Public folders which gets replicated with the mailbox database in the DAG. At the same the most important thing is to remember that you have to migrate all the mailboxes from exchange 2010 or 2007 to Exchange 2013 before migrating Public Folders to Exchange 2013.
Any Exchange update should be tested for a while in the lab before deploying in the production.
Exchange and LegacyExchangeDN
Outlook uses legacyexchangeDN for sending emails internally within exchange org and cache it. So it is highly important to add legacyExchangeDN as x500 address in the email addresses while migrating else migrated users email will start bouncing. The other workaround is to clear AutoComplete Cache of outlook. At the same time if you had create x500 addresses earlier then companywide clear the autocomplete cache then don’t forget to remove x500 addresses.
CAS Role and AD Site
You need CAS role in every AD site where you have planned to install mailbox server.
Edge Transport and AD Domain
Edge Transport server should be a standalone windows workstation and not part of any domain. If you deploy updates from AD then you need to add these standalone server in your update deployment separately.
DAG and FSW
It is recommend to keep File share witness on a server but when it comes to keeping file share witness on a domain controller then make sure your security policy allow adding “exchange trusted subsystem” group in the domain administrators group. In many organizations like IBM where we have separate exchange and AD teams, it will not be possible on domain controllers. Moreover they have highly secure security policy driven by non-AD expert and in this scenario it will be hard to use File Share Witness on Domain Controller so plan to keep FSW on a server.
IPLess DAG and Networks
Post Exchange 2013 SP1 we started building clusters (DAG) without IP which was a great innovation. Basic things is to remember is if you have 2 networks 1 for Mapi and other for Replication then it will work in the same way.
IPLess DAG cluster and Management
IPLess DAG cluster can only be managed from Exchange management shell. Failover Cluster Management would not be able to connect to the cluster anymore.
Exchange 2013 Edge Transport Role.
Exchange 2013 Edge Transport Role started after Service Pack 1.
Exchange 2013 DAG File Share Witness.
If you have 2 node DAG Expanded between 2/3 AD sites then you need to enable DAC mode to get File Share Witness created and use. The following command will enable the DAC mode.
Set-DatabaseAvailabilityGroup -id dagname -DatacenterActivationMode DAGONLY
OAB before New Version
Ensure OAB is configured in every database properties before introducing new version of Exchange in the co-existence, otherwise all mailbox will start downloading new OAB and network will choke up
Microsoft recommends only 2 datacenters expanded DAG with the 3rd datacenter/Azure for File Share Witness.
Autodiscoverserviceinternaluri url should be following:
One of the experience MVP asked this so I decided to post here because if this person does not know being an MVP then many of us might have the same question.
If the passive copy is on storage that is not properly sized for said copy, what happens when the passive copy gets activated and your clients hit it?
Passive copy will not be healthy and you can’t activate this database copy. So size the disk properly, make sure database copy is healthy then activate the database.
Deployment of Exchange Update.
Consider every update for PrepareSchema, PrepareAD and PrepareDomain.
Disable AD replication on the Schema Master before updating Schema.
Active Directory Recycle Bin
Do not enable recycle bin if you need to restore any previously deleted object which has not passed tombstone time. IF you do it then Enabling Recycle bin will flush the existing objects in the deleted objects OU. Microsoft has confirm here. https://technet.microsoft.com/en-us/library/dd379542(v=ws.10).aspx
When Active Directory Recycle Bin is enabled, all objects that were deleted before Active Directory Recycle Bin was enabled (that is, all tombstone objects) become recycled objects. These objects are no longer visible in the Deleted Objects container, and they cannot be recovered with Active Directory Recycle Bin. The only way to restore these objects is through an authoritative restore from a backup of AD DS that was taken of the environment before Active Directory Recycle Bin was enabled.
How can we find version of the Exchange Server in the Office 365?
Run this URL and type the login id and password when authentication prompt comes.
Rename Exchange Database
You need to run the following command even if you dismount the database then change the database name, DB path, log path, system path and edb file name.
Move-DatabasePath –Identity “NewDBName” –EdbFilePath “<path>\NewDBName.edb
But if you change the database name without dismounting the database then dismount the DB and change DB path, log path, system path and edb file name. Then there is no need of this command.
Cumulative Update on Edge Transport Server
Every time we deploy the Cumulative update we need to redo the Edge Subscription so plan for an outage if you have only one Edge Transport. We would recommend 2 Edge Transport servers.
How to push mailbox retention management policy to one user?
-Create Retention Tag
-Create Retention policy and add the above tag
-Apply this mailbox retention management policy to the particular user
-Run the below-mentioned command
Start-ManagedFolderAssistant -Identity emailidoftheuser
We will keep on updating this blog.
Microsoft MVP | Exchange Server