PowerShell Script to copy Exchange GUID from Office 365 to Exchange On-prem User.

When users are been migrated from On-Prem to Office 365 using some third party tool then the on-prem user object’s Exchange GUID gets rested to “00000000-0000-0000-0000-000000000000" . This will cause problem when we need to move back the mailbox to on-prem for some reason.  Below is the code which helps to validate the On-prem users which Exchange GUID and copy back the Exchange GUID properties from Online mailbox to the Exchange On-prem user.

Set-ADServerSettings -ViewEntireForest 1
"Remotemailbox" > c:\temp\myremotemailbox.csv
get-remotemailbox  -resultsize unlimited  | %{
$upn = $_.UserPrincipalName
$proxy = $_.EmailAddresses.ProxyAddressString
$exchGuid = $_.ExchangeGuid

$mailboxlist = @()
$found = $false
    foreach($pro in $Proxy)
        If($pro -like "X500:/o=ExchangeLabs/*")
        $found = $true
    if($found -eq $true)
        $upn >> c:\temp\myremotemailbox.csv
    if($exchGuid -eq "00000000-0000-0000-0000-000000000000")
        $upn >> c:\temp\myremotemailbox.csv

$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session –allowclobber

$csvimport = Import-Csv C:\temp\myremotemailbox.csv
"userprincipalname,legacyExchangeDN,ExchangeGuid" > c:\temp\rmbresult.csv
Foreach($csv in $csvimport)
$rmaibox = $csv.remotemailbox
$mailbox = get-mailbox $rmaibox | select userprincipalname,legacyExchangeDN,ExchangeGuid
$mailbox.userprincipalname + "," + $mailbox.legacyExchangeDN + "," + $mailbox.ExchangeGuid >> c:\temp\rmbresult.csv

remove-PSSession $Session

$finalRM = Import-csv C:\temp\rmbresult.csv
foreach($final in $finalRM)
$upn = $final.userprincipalname
$eguid = $final.ExchangeGuid
$x = "X500:"  +  $final.legacyExchangeDN

if($upn -ne "")
get-remotemailbox $upn | Set-reMotemailbox -exchangeguid $eguid -CustomAttribute3 "Account Verified for X500-GUID" -EmailAddresses @{Add=$x}


Posted in Exchange 2010, Exchange 2013, Office 365, Exchange 2016, O365 | Leave a comment

Configuring LoadMaster Global Balancing for Exchange 2013 – Part 3

In Part 1 and Part 2 of the article series, we deployed Exchange 2013 servers in each AD site, deployed Kemp LoadMaster and configure it for Exchange services in each AD site.

In this final part of the article series, we will configure LoadMaster with Global Balancing, where if Dallas AD site goes down then client request (internal and external) will route to Exchange 2013 servers in the Pittsburg AD site and vice versa. Global Balancing provide redundancy for both Exchange and LoadMaster itself. Below is the figure 3.1 is the current diagram for the Exchange 2013 lab using Kemp Free LoadMaster


Figure 3.1 Exchange 2013 and Kemp LoadMaster LAB configuration.

Configure Static Routes on Kemp LoadMaster

From the above Figure 3.1, Dallas LoadMaster Eth0 interface is configured with network network and LAB router with DHCP have assigned DNS and Default gateway for this interface. Using DNS and default gateway, Eth0 interface can reach any external network including Pittsburg Eth0 interface.


Figure 3.2 DNS Name Server IP address

But, Dallas LoadMaster Eth1 interface is on and it does not configured with DNS and default gateway. Since, two network interface (NIC) on the same machine cannot be configured with two different DNS and Gateway. Hence Eth1 interface has no information on how to reach Eth1 network ( of Pittsburg LoadMaster or any other network internally. To archive this, we need to add manual static routes on the Dallas LoadMaster. Below is the steps to configure the same.

1. Connect to Dallas LoadMaster using Internet Explorer

2. Expand System Configuration -> Additional Routes

3. Add route to reach network using gateway (It is the default gateway for network to reach Pittsburg network). Below Figure 3.2 is the reference image.


Figure 3.3 Adding new Fixed Static Routes on Dallas LoadMaster

Similarly, Pittsburg LoadMaster Eth1 interface is on and it is not configured with DNS and default gateway. It has no information on how to reach Eth1 Dallas network or any other network. Hence we need to add static routes on the Pittsburg LoadMaster to reach Dallas Eth1. Below is the steps to configure the same.

1. Connect to Pittsburg Loadmaster using Internet Explorer

2. From the Left menu , expand System Configuration -> Additional Routes

3. Add route to reach network using gateway (It is the default gateway for network). Below is the reference image.


Figure 3.4 Adding new Fixed Static Routes on Pittsburg LoadMaster

Configuring LoadMaster to Synchronize Configuration each other:

Synchronization lets to replicate the configuration changes or additions done one LoadMaster to another. Below are the steps to synchronize two LoadMaster on Dallas and Pittsburg network.

1. Connect to Dallas LoadMaster from the browser using the IP Address

2. From the main menu ,expand System configuration -> remote Access

3. Under GEO Settings, specify GEO LoadMaster Partners IP Address and click on set Geo LoadMaster Partners. In our case it is Pittsburg LoadMaster Eth0 interface IP address –


Figure 3.5 Configuring GEO LoadMaster Partner Settings at Dallas

4. Now, connect to Pittsburg LoadMaster from the browser using the IP address

5. From the main menu ,expand System configuration -> remote Access

6. Under GEO Settings, specify GEO LoadMaster Partners IP Address – and click on Set Geo LoadMaster Partners. In our case it is Dallas LoadMaster Eth0 interface IP address


Figure 3.6 Configuring GEO LoadMaster Partner Settings at Pittsburg

7. Now we have configured the synchronization between Dallas and Pittsburg LoadMaster, we just make configuration on any one LoadMaster and it gets replicated to other.

Configuring Global Balancing for FQDN – mail.happy.com

1. Connect to Dallas LoadMaster and from the main menu Expand Global Balancing -> Manage FQDNs

2. Input the new FQDN name – mail.happy.com and click on Add FQDN


Figure 3.7 Configure Mail.happy.com FQDN at LoadMaster

3. Enter the LoadMaster Dallas External Virtual IP Address – and click on Add Address


Figure 3.8 Configure Mail.happy.com FQDN with Dallas External Virtual IP Address

4. Similarly add Pittsburg Loadmaster External Virtual IP address – and click on Add Address


Figure 3.9 Configure Mail.happy.com FQDN with Pittsburg External Virtual IP Address

5. Then finally, add Dallas LoadMaster internal Virtual IP – and then Pittsburg LoadMaster Virtual IP –


Figure 3.10 Mail.happy.com FQDN updated with Dallas and Pittsburg External and Internal Virtual IP Address

6. To provide better health check for the HTTPS services, change the checker from ICPM Ping to TCP Connect for the Virtual IP Address on port 443 and then click on Set Addr


Figure 3.11 Configure Mail.happy.com FQDN with Health settings to determine the availability of the services.

7. We could now see that all the Servers are Available and healthy and ready to take connection for mail.happy.com

Configuring Global Balancing for FQDN – autodiscover.happy.com

Since, we have one Virtual IP for all the Exchange HTTPS services on each LoadMaster, we would need to create another FQDN name autodiscover.happy.com and follow the same instruction provided for same IP address and port number used for FQDN name mail.happy.com.


Figure 3.12 Configure autodiscover.happy.com FQDN with Pittsburg External and internal Virtual IP Address

Configuring Global Balancing for FQDN – smtp.happy.com

1. Connect to Dallas LoadMaster using Internet Explore

2. Expand Global Balancing -> Manage FQDN

3. Add a FQDN name smtp.happy.com’ and click Add FQDN


Figure 3.13 Creating new FQDN smtp.happy.com

4. Input each of the internal and external Virtual IP (VIP) address of both Dallas and Pittsburg LoadMaster and click Add Address. Then, make sure that checker is to set TCP connect for port 25.


Figure 3.14 Adding External VIPs for smtp.happy.com FQDN

Since Dallas and Pittsburg is configured to sync with each other, we should be able see the configuration synced from Dallas LoadMaster to Pittsburg LoadMaster in real-time. To validate the same, connect to Pittsburg LoadMaster and Navigate to Global Balancing -> Manage FQDNs.


Figure 3.15 Validation Global Balancing synchronization at Pittsburg LoadMaster.

DNS Configuration:

We are almost done with the LoadMaster configuration at both Dallas and Pittsburg AD site. Now we need to configure Internal and External DNS with delegated subdomain for mail.happy.com and autodiscover.happy.com pointing to LoadMaster Virtual IP Address defined in the below table.


To accept SMTP emails from internet for happy.com, configure MX records on the external DNS to point to the external DNS VIP of both Dallas and Pittsburg LoadMaster and below are the details.


Configure Exchange send connector with option ‘Route mail through smart host’ and specify the LoadMaster SMTP Internal VIP Address – and

This configuration will help clients to connect to all the HTTPS service and also mail flow between internal and internet.

Below is the final diagram with complete IP Address, DNS, LoadMaster and Exchange server details.


Figure 3.15: Final LAB diagram

Finally, we are at the end of the articles series, completely installed, configured Kemp Free LoadMaster in both the AD sites and also configured Global balancing between the sites. Same steps can be followed to implement LoadMaster in production environment, but we need public IP address NATed to the DMZ VIPs to communicate with other external domains.

Posted in Exchange 2013, Exchange 2016 | Tagged , , | Leave a comment

Configure LoadMaster for Exchange 2013 Services in LAB – Part 2

In part 1 of the article series, we got Exchange 2013 configured, Hyper-V networks configured and installed LoadMaster in both the AD site and finally configure with Two-Arm networks. In this part of the article series we will configure LoadMaster for Exchange HTTPS and SMTP services. Below Figure 2.1 is the current lab setup with IP address configuration.


Figure 2.1 Current lab setup with IP address configuration.

Importing Exchange Kemp Templates into the LoadMaster

Kemp offers free templates for Exchange 2013 with preconfigured settings. These preconfigured templates are based on the Microsoft best practice and helps us to keep our configuration simpler and quicker. These configurations can further tweaked to suites the complex environment and business requirements.

1. Download Exchange 2013 Core Services template from Kemp LoadMaster documentation page on the Hyper-v host machine



Figure 2.2 Downloading Exchange 2013 Core Services template.

2. Core services template helps administrator to configure all the Exchange 2013 HTTPS, SMTP and MAPI protocols easily with minimum configuration steps.

3. Connect to the Dallas LoadMaster from the host machine browser using the IP Address –

4. Click on Virtual services -> Manage Templates

5. Click on Browse button to select the template file ‘Exchange2013Core.tmpl’ from the local machine and click on Add New Template button to import the same.


Figure 2.3 Importing Exchange 2013 Template

6. Once imported, it will display the details of all the templates imported


Figure 2.4 Exchange 2013 Templates after importing the downloaded template file

Perform the above steps 1-5 to import the Exchange 2013 Core Services template on Pittsburg LoadMaster.

Creating and Configuring HTTPS Virtual Services

In this part, we will configure one Virtual IP for all the Exchange 2013 HTTPS virtual services. HTTPS virtual services include OWA, EAC, Active sync, Outlook anywhere and EWS. We can also configure one virtual IP for each Exchange services. It is complex to configure but provides better redundancy for each of the Exchange services.

Follow the below steps to configure Dallas LoadMaster with one Virtual IP address for all the Exchange HTTPS services.

1. Connect to the Dallas LoadMaster from the browser using the IP Address –

2. Expand Virtual Services -> click Add new

3. To allow external clients to connect to Exchange, sepcify VIP – on port 443, then select use template Exchange 2013 HTTPS and click on Add this virtual service.


Figure 2.5 Adding Virtual IP Address for Exchange 2013 HTTPS

4. It then redirects to the properties page of Virtual IP(VIP) address

5. Under Basic Properties, specify the Alternative Address as from which is from Dallas internal network segment.


Figure 2.6 Exchange 2013 HTTPS Basic properties configuration.

6. Keep the Standard Options, SSL Properties, Advanced Properties, and ESP Options as default.


Figure 2.7 Exchange 2013 HTTPS Standard Options, SSL Properties, Advanced Properties, and ESP configuration.

7. Under Real Servers properties, click on Add New button to add the Dallas Exchange 2013 server


Figure 2.8 Exchange 2013 Real Servers Properties

8. Specify the Dallas Exchange 2013 IP Address - and click Add This Real Servers


Figure 2.9 Specifying Exchange 2013 Server Address for Real Servers options.

9. Validate the addition of Exchange 2013 server under real servers.


Figure 2.10 Validating Addition of new Exchange 2013 Real Servers Properties

10. Finally, click on View/Modify services from the main menu to confirm the new HTTPS Virtual IP Addresses and services status is UP.


Figure 2.11 Validating HTTPS Virtual IP Addresses and services status

Perform the above operation from step 1 – 11 on Pittsburg LoadMaster to configure External Virtual IP Address and internal alternative Virtual IP as Make sure to add the internal Pittsburg Exchange 2013 server IP address under Real Servers.

Creating and Configuring SMTP Virtual Services

SMTP Virtual services help to route email between internal and external network. Internet MX records must be configured to these external Virtual Address so internet emails are delivered to it. LoadMaster process the Internet email and forwards to the internal Exchange servers. Similarly Internet email from internal are accepted by the LoadMaster and it will be process delivered to external. Below are the steps to configure the same:

1. Connect to the Dallas LoadMaster using browser –

2. From the main menu, expand Virtual Services -> select Add new

3. Input the Virtual Address , select use template Exchange 2013 SMTP and click on Add This Virtual Service


Figure 2.12 creating new Virtual IP Address for Exchange 2013 SMTP services.

4. It then redirects the advance properties page

5. Specify the Alternative Address – from Internal network subnet


Figure 2.13 Configuring Exchange 2013 SMTP basic properties.

6. Keep Standard Options, SSL Properties, Advanced Properties and ESP Options as default

7. Click on Add New button from Real Serves options to add the Dallas Exchange 2013 server.


Figure 2.14 Configuring Real Servers properties.

8. Specify the Exchange 2013 IP Address - and click on Add this Real Servers


Figure 2.15 Adding Exchange 2013 Server under Real Server.

11. Validate the Exchange 2013 server IP address and port under Real Servers.


Figure 2.16 Validating Exchange 2013 Server under Real Server.

12. Click on View/Modify Services to confirm the new SMTP Virtual IP Addresses and services status is UP


Figure 2.17 Validating new Exchange SMTP Virtual Service.

Perform the above operation from step 1 to 13 on Pittsburg LoadMaster to configure External SMTP Virtual IP Address and internal alternative Virtual IP as Finally, make sure to add internal Exchange server IP Address – under Real Servers and validate the same.

We have almost done with the configuration of LoadMaster in the lab and below Figure 2.18 is the final Exchange 2013 LAB using Kemp Free LoadMaster. It has all the necessary VIP address for client connection.


Figure 2.18 Exchange 2013 LAB using Kemp Free LoadMaster

Importing Exchange 2013 Certificate into the LoadMaster

Currently LoadMaster is not configured with SSL Offloading. SSL Offloading terminates the client SSL connection at the LoadMaster and generate the new connection to the Exchange server in the backend. This improve the security and performance for client connection. This is an optional settings and below are the steps to perform the same:

1. Export the SAN Certificate from the Exchange server 2013 with private key in PFX format and password.

2. Connect to the Dallas LoadMaster through internet Explorer

3. Click on Mail Menu -> Certificate -> SSL certificate and click on Import Certificate


Figure 2.19 SSL Certificate Import option on LoadMaster.

4. Specify the Exchange Certificate file path, Pass Phrase (password applied during the export) and Certificate Identifier. Click on Save to import the certificate into the LoadMaster


Figure 2.20 Importing SSL Certificate into the LoadMaster

5. Modify the Exchange HTTPS virtual Service and expand SSL Properties

6. Enable SSL Acceleration and Reencrypt option. Then set the available Exchange certificate and move it to assigned certificates. Lastly select Best Practices under Cipher set and click on Modify Cipher Set.


Figure 2.21 Configuring SSL Offloading and assigning Exchange certificate on the LoadMaster

Follow the above instruction from step 1-6 on the Pittsburg LoadMaster to import the Exchange certificates and configure SSL offloading.

We are almost at the end of the Part 2 article series and configured with LoadMaster for Exchange 2013 HTTPS and SMTP Services. In the next and final part of the article series, we will configure Geo Redundancy. Which allows clients to connect to the available Exchange servers, if any of the Exchange servers/services /AD sites goes down.

Posted in Exchange 2013, Exchange 2016 | Tagged , | Leave a comment

Deploying a Free LoadMaster at Your Exchange 2013 lab – Part 1

In this article series, we will understand the step by step instruction to deploy Kemp LoadMaster for Exchange Server 2013 services in multi- site (Dallas and Pittsburg) lab environment and also configure geo-redundancy between the two AD sites. Where the Kemp LoadMaster load balances the client requests( from internal and internet network) within the AD site and also routes the client request automatically to the available Exchange 2013 servers in other site when one AD site goes down.

Current LAB Setup

Current Lab is built on Microsoft Hyper-V and it is configured with two AD sites Dallas ( network) and Pittsburg ( network). It is also installed with domain controller on each site with the domain name happy.com. In each of the AD site, one Exchange Server 2013 (multirole) is installed and configured Database Availability Group (DAG01) between them. Below Figure 1.1 has the details of the AD sites, Domain Controller, Exchange nodes and DAG.


Figure 1.1 Exchange 2013 deployed in the lab environment.


LAB Hyper-V Virtual Network Configuration Requirement:

LoadMaster interfaces with both internal network and external/internet network. Hence, Hyper-V needs to configure with two Virtual networks: DMZ Network and Internal Network.

1. DMZ Network: Create a new DMZ Network virtual network of type External network, it should connect to the host Machine network interface card (NIC) and communicates with the external world. Make sure to select Allow management operation system to share this network adapter. The Figure 1.2 has the details of the same. Host machine NIC should be connected to the internet.


Figure 1.2 DMZ Network configuration

2. Internal Network: Create new Internal Network virtual network of type Internal Network. Internal network is isolated network which can communicate within themselves. We will configure all Exchange Servers 2013 guest machines NICs to use internal network.


Figure 1.3 Hyper-V Internal Network Configuration.

A Windows VM is configured as Router with two NICs pointing to internal network. This windows Router will route traffic between two network segment Dallas (10.10.10.x) and Pittsburg (20.20.20.x) within the internal network.

Configuring Kemp LoadMaster in the Exchange 2013 lab

In this part , we will Install and configure LoadMaster on both the AD site in Two-Arm Deployment as defined in the below Figure 1.4. With one NIC pointing the DMZ network and other NIC pointing to the internal network.


Figure 1.4 Kemp LoadMaster deployment and IP address configuration plan

Configuring LoadMaster for Dallas Network

1. Register a new Kemp ID at http://freeloadbalancer.com and download the latest version of Free Kemp loadmaster for Hyper-V


Figure 1.5 Free Kemp LoadMaster Website

2. Extract the KEMP LoadMaster Virtual Machine (VM) file on the Hyper-V server.

3. Start Hyper-V Manager and click on Import VM from the Actions menu then click on Next at the Welcome Screen.


Figure 1.6 Importing LoadMaster Virtual Machine into Hyper-V

4. At Local Folder page, Click on Browse button to specify the Kemp LoadMaster virtual machine and click Next and on Select Virtual Machine page keep the settings as default and click on Next


Figure 1.7 Specify the Folder containing virtual machine to import

5. Choose the option Copy the Virtual Machine (create a unique ID) to make of copy of the VM with the new unique ID and click Next. (This will help us to create multiple copy of the downloaded LoadMaster image)


Figure 1.8 Choose the virtual machine Import type

6. Choose folders paths to store the new copy of the LoadMaster VM and click Next.


Figure 1.9 Choose Virtual Machines files path

7. Then Choose Storage folders path for the new VM and click Next

8. Validate the Summary page and click on Finish to import the Virtual Machine (VM) into Hyper-V console.


Figure 1.10 Completing Import Wizard.

9. To identify the Dallas Load Master in the Hyper-V, rename the newly imported LoadMaster VM to DalKemp.


Figure 1.11 Renaming LoadMaster VM in Hyper-V Manager

10. To configure the virtual network on the DalKemp VM, right click on LoadMaster VM and select Settings. Select DMZ Network for the first VM-Bus network Adapter and Internal Network for the second VM-Bus network adapter and click on Apply. Below Figure 1.12 has the reference details.


Figure 1.12 Configure Network Adapter on DalKemp VM

Connecting to LoadMaster and Activating Free License

1. Boot the DalKemp LoadMaster VM from Hyper-V console

2. Post booting it displays IP Address of the Appliance (in our case it is It is been assigned by the LAB router via External DMZ network. Since, this network is sharing the host NIC and also connected to the Lab router with DHCP Configured.

Note: The Default Username/Password: bal /1fourall


Figure 1.13 DalKemp LoadMaster connection information.

3. To configure the DalKemp LoadMaster, start Internet Explorer and connect to it using the IP address assigned –

4. Provide the Default credentials Username/Password: bal /1fourall

5. Click on Agree to accept the End User Agreement


Figure 1.14 Accepting EULA

6. Select License Type as Free LoadMaster and click on Allow to connect back to KEMP home for license activation.


Figure 1.15 Selecting License Type

7. Use the registered KEMP ID and activate free LoadMaster license.


Figure 1.16 Activating Free LoadMaster License

8. Once activated, it will prompt to reset the default user (bal) password. Once password is changed then re-login back to the VM using new password.

Configuring LoadMaster Network Interface

1. Login to Kemp LoadMaster from Internet Explorer and under Main menu expand system configuration -> interface

2. Select eth0 (Network Interface 0) and validate IP Address – It is been assigned by DHCP and we could use the same on the interface and change it if required. Make sure Use for GEO Responses and Request is checked and this interface will be used to communicate with Pittsburg LoadMaster for geo redundancy.


Figure 1.17 Configuring LoadMaster eth0 Interface

3. Select eth1 (network Interface 1) and assign the IP address from the Dallas internal network segment and click on Set Address. This interface will be used to communicate with internal Exchange 2013 servers in the Dallas and Pittsburg AD sites.


Figure 1.18 Configuring LoadMaster eth1 Interface

Follow the above Instructions: Configuring LoadMaster for Dallas Network, Connecting to LoadMaster and Activating Free License, Configuring LoadMaster Network Interface to import and configure Pittsburg LoadMaster. Configure interface Eth0 with IP address (Pittsburg DMZ network) and Eth1 with (Pittsburg internal network) on it.

With this we are at the end of the part 1 of the article service with Exchange server 2013 installed and configured, Hyper-V networks configured and finally installed and configured LoadMaster in both the AD site. In the next part we will configure the LoadMaster for the Exchange HTTPS/ SMTP Services and validate the same.

Posted in Exchange 2010, Exchange 2013, Exchange 2016 | Tagged , | Leave a comment

MS Outlook Issues and Their Solutions Applicable

While working with Outlook, one may have to face many troubles knowingly or unknowingly. An account holder has authority to customize and program various security features in Outlook. The processing of Outlook PST file is necessary if it is not working properly and recovery should be applied in extreme cases where the data file has completely failed to open. There are various reasons that compel users to recover the PST file; some of them are discussed below with their possible solutions:

Need for Recovery of PST Files:

§ Data File Corruption: The PST file may be corrupted due to some kind of hardware failure such as Storage Device Failure, Faulty Networking Device, or Power Failure while accessing PST file. In addition, some software issues may also become the reason for PST file corruptions such as unexpected Outlook Termination, Deficiencies in Outlook Program, etc.

§ Security posing As a Restriction: To prevent the PST files from an unauthorized user, it is necessary to set a password on them. For example, an employee has set a password to his PST files but if the administrator needs to access those password-protected files in his absence. In this situation, the administrator needs to remove the password from those PST files, which is not possible without applying various specified methodologies.

§ Data Deletion Permanently: Another possible case for recovery is for Deleted Items. If there is a need of previously deleted items for investigation process or any item from the PST file is deleted unintentionally, then we can recover it by using some methods. Since Outlook removes the index of deleted item instead of the actual item so there is a possibility to get back that item.

Possible Solution for Recovery

For the above three situations, a possible recovery solution is scanpst.exe, inbuilt with MS Outlook. It resets the structure of data file and rebuilds the headers of each Outlook item. Another additional file is pst19upg.exe is also necessary to remove the password from PST file that is to be installed from some other sources. Make sure that Outlook application must not be running while working with this procedure. This repair procedure creates a separate backup file for original PST file with the extension .bak. This method allows you to save the repaired .pst file into various formats such as EML, DBX, MBOX, PST, MSG, or save as archive.

Steps to Perform the Manual Solution

1. Initially, close your Outlook application and copy your PST files from its default location to any other location for the safety point of view.

2. Run scanPST.exe, a dialogue box is opened. Add here the path of your copied PST files by clicking on browse button and click on the start button.

After scanning, it will ask you to make a backup copy of your repaired files, check the box if you want to make a backup copy otherwise uncheck it.

3. Click on repair button. The files will be repaired.

4. Now, open Command Prompt, type the path of your PST19up.exe, and give your PST file name. For ex. – “C:\Users\admin\Downloads\ PST19upg.exe” – r outlook.PST and hit enter.

This will make a copy of your PST with the same file name with extension .psx.

5. Now rename the original PST file.

6. Type the path of file C:\Users\admin\Downloads \PST19upg.exe – i filename.psx at the command prompt and press enter.

This will create a password free PST file form this PSX file.

7. The next step you need to follow is to run scanPST.exe to repair this PST file.

Now, you have successfully repaired your PST file. You can open this file in Outlook to view it.

By performing the above steps, you can successfully remove the passwords from PST file, repair the corrupted PST file or recover the permanently deleted files. However, this manual method has some disadvantages given below.

Limitations of Recovering Manually

· Scanpst method is not suitable to recover the data of password – protected files completely. Since it works on a copy of .pst file and it deletes the corrupt pages from a data file completely as part of recovery, it isn’t a suggested solution due to the risk of loss involved.

· This procedure works only on older ANSI PST files; clearly, it is not compatible with MS Outlook 2007 and earlier versions and does not guarantee for 100% recovery.

· This method is a little bit complicated and cannot be performed by a non-technical person since some commands needs to be written.

· Scanpst.exe is not capable to fix the PST files larger than 2 GB that leads to the big failure of this method.

· This method is suitable for low-level corruptions only and is useless if trying to repair highly corrupted PST files.

Overcoming the Limitations: In order to overcome the limitations of such manual methods, one needs to use a third party Outlook PST Recovery Tool. A program that provides the accessibility of deleted, corrupted or password-protected data from PST files. A tool sharing the same name provides effective solution by performing some simple steps with 100% guarantee to recover all the items within the PST file. This utility is designed to work with soft / hard deletion without any loss of data. It can repair minor as well as majorly damaged files of any size. It is a complete solution to repair emails, contacts, tasks, calendars, journals, etc. Other than that, many other features are applicable during the whole process.

Posted in Exchange 2007, Outlook, Exchange 2010, Exchange 2013, Exchange 2016 | Leave a comment

New features in Exchange Server 2016


Microsoft Exchange Server 2016 is new latest version of Exchange server and it is been enhanced from Exchange 2013 and it is built on proven Office 365 model. It provides the same look and feel of Exchange 2013 but it offers more stability,reliability, better fault tolerance and self-healing capabilities.

Exchange 2016 can co-exists only with Exchange 2010 SP3 RU11 and above, Exchange 2013 CU10 and above. But it cannot co-exist with Exchange 2007 or any previous versions of Exchange.

Exchange 2016 inherits most of the features from Exchange 2013 and below are some of the new features in addition to the existing feature of Exchange 2013

Architecture enhancements

Microsoft simplified the architecture by consolidating the Client access role and Mailbox role of Exchange 2013 into one mailbox server role and Edge transport server role. This integration of roles reduces hardware, implementation, and management efforts and in some usage scenarios lower licensing costs.

Mailbox Server Feature

o Mailbox server contains mailbox database which stores and process emails.

o Transport service performs routing of emails within internal and to the external.

o Client access service accepts all the client connection and connect them to the mailbox database

o Unified messaging service provide voice mail and other telephony service

Edge Server Feature

o Edge Server is located in perimeter /DMZ network and it is to interface between external to internal and vice versa.

o It offers anti-spam, content, connection filtering service for the internet emails.

Mailbox Server enhancements

· Database divergence detection keeping looking for the database which is out of sync. It automatically reseeds to bring it into a healthy state.

· Exchange 2016 supports much faster database failover and failback, and also provides a faster site resilience than previous version of Exchange.

· MAPI over HTTP is the default protocol for outlook client’s connection to the Exchange servers.

· The content/search index are built from the local copy rather than from the active copy. It reduces the network utilization across the WAN in multi-site environment.

· Disk IOPs utilization has been reduced by 22% from Exchange 2013.

Hybrid enhancements

· Downloadable Hybrid deployment wizard for Exchange 2016 made the hybrid configuration and deployment troubleshooting easier.

· Exchange 2016 on-premises users can make use Office 365 services such as archiving, data loss prevention, rights management, advanced thread protection, mobile device management, spam/virus filtering protection etc.

Client features

· Outlook Web Access (OWA) is now called as ‘Outlook on the Web’. It can work together with SharePoint 2016 or OneDrive for Business to share and edit documents. Recipients are automatically provided permission to edit the document. This allows recipients to manage and edit a document without going to SharePoint.

· Search has been significantly enhanced in Exchange 2016. Outlook 2016 and Outlook on the Web provide the same search results. Search speed has also been significantly increased and calendar items can now be searched from Outlook on the Web.

· Outlook 2016 introduces a new Clutter folder that store low priority messages. Outlook itself can assign a low priority to emails based on the past user actions on the emails.

· The Smarter Inbox features helps to increases emails and document search efficiency and productivity.

· The “Tell me what you want to do” box helps users to easily find specific outlook functions or search the web.

· Some great enhancement in Outlook on the Web are one click archiving, common typos/suggestion, the ability to import contacts from CSV files, better formatting features, better attachment views, inline replies, inline previews of URLs and videos and many more.

Mobile enhancements

· Mobile users are new getting rich user experience on phones and tablets. Search on mobile devices has been improved to provide better search results. Two new tabs in the mobile clients: Focused and Others. Where the ‘Focused’ tab will contains all the important email and the ‘Other’ tab is supposed to contain relatively unimportant emails such as newsletters, notifications, subscriptions, etc.

· Mobile version of Outlook provides ‘Send Availability’ Option. It allows users to send availability time slots to external recipients.

· The mobile calendar view has been greatly improved and it provides more detailed information of invites and other necessary information.

Security and compliance features

· Data Loss Prevention (DLP) has been enhanced and now it can identify, monitor, and protect 80 different types of sensitive information.

· Auditing has been enhanced and updated with a new architecture. Audit logs are no longer stored in individual mailboxes but they are now stored in the centralized audit report mailbox of the organization. This is helpful for long term retention and adds the ability generate various reports easily.

· eDiscovery search has been improved significantly to provide more accurate , faster and reliable results.

· eDiscovery Compliance Search can be used to search on very large numbers of mailboxes. Multile searches can be performed at the same time.

· Public folder content can be on placed on In-place hold and public folder contents can be searched using the eDiscovery.

Exchange 2016 has discontinued Client Access Server and RPC over HTTP protocol for client connection from Exchange 2013. Exchange Server 2016 is great new release of Microsoft’s mail server. It simplifies administration, improves the integration with Office 365 and together with Outlook 2016 and OWA 2016 it helps improve productivity of end users.

Posted in Exchange 2016 | Tagged | Leave a comment

“The MS Exchange Administrator has made a change….” – After Effects of Exchange Server Upgrade!

While dealing with upgrade of Exchange server from one platform version to another like from Exchange 2007 to Exchange 2013, there are many consequences, which apparently can be troublesome. Once the previous version (2007, in this case) is discharged, Exchange 2013 users start getting this error prompt “The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook”. This error is prompted while accessing the mailbox in Outlook and the root cause is allied to Exchange server. It has been also noticed that the problem only comes in Outlook 2013 and later versions. Let us see the occurrences in sequence;

· When an instance of Microsoft Outlook 2013 application is running, configured with MS Exchange 2007 mailbox using Cached Exchange Mode error is prompted.

· As the server is been upgraded, the mailbox is now moved to Microsoft Exchange Server 2013.

· Outlook fails to connect to upgraded Exchange server, and status bar of Outlook shows “Disconnected” status.

· Problem does not arise in old versions of Outlook and occurs only in Outlook 2013 and later versions.

· Once the mailbox is moved, Outlook prompts the error “The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook.” As per the message, when user quits and restarts the Outlook application, Outlook still does not connect to Exchange.


Expected Conditions to Follow The Error Prompt

Thankfully, there are very few scenarios, which can prompt the above-mentioned error. The prompt can be result of following reasons;

Condition 1: If RPCCLientAccessServer Property is Changed:

This can be considered as the most common reason to end up with the error prompts while accessing Outlook configured with Exchange.

è When the mailbox of Cross AD site is moved, this error can be triggered as different AD site can have different RPC Client Access Array.

è If CAS Array is not used, and the RPC endpoint is changed after moving mailbox it can give room to such situation. For instance, the source mailbox belonging to previous version has a particular CAS as its RPC endpoint and the destination mailbox after moving has different CAS as its RPC endpoint.

Resolution: Changes done in RPC Endpoint in the Server Name field in MS Outlook application can resolve the error if this is the problem.

Condition 2: Hierarchy of Public Folder is Changed:

Changes in the hierarchy or properties of the Public Folder after server upgrade can also create issues in the mailbox access in Outlook. In case the publicfolderdatabase, get-mailboxdatabase|fl identity, differ between source and target databases, this issue can occur.

In certain scenarios, Administrator might find that the “PublicFolderDatabase” attribute on all the databases of Exchange 2013 was set to specific value. This can occur when the discharge or decommissioning of Exchange 2007 along with its Legacy Public Folders were not detached correctly. These Public Folders can also be shown as deleted in AD. When MS Outlook application tried to access these folders information, it prompted errors.

Resolution: Properties of Mailbox Database can be edited in ADSIEDIT setting the value of “msExchHomePublicMDB” to be blank. Once done, restart Information Store Service.

Condition 3: Changes in RPC Client Access Cross-site Connectivity:

In case an additional mailbox is opened in the Outlook application where these opened mailboxes does not fulfill the specified conditions after being moved. Changes in the RPC endpoint of CASARRAY before and after moving can cause this error.

Condition 4: Unavailability of Necessary Fixes In Outlook:

For Outlook 2013 users, it is highly important to keep the Outlook application updated. When mailboxes are migrated or upgraded from Exchange 2007 to 2013, all the hotfixes must be available in MS Outlook.

Condition 5: Problems with CAS/Mailbox Server:

When Public Folder is available on multirole server and is part of Exchange Server 2010 CAS array. The probable cause of this error in this condition is that the VIP of CAS array is reverted to client and not to hosting server.

Condition 6: DoNotPreserveMailboxSignature Parameter:

It has also been experienced by many Network Administrators that when DoNotPreserveMailboxSignature parameter is used with New-MoveRequest cmdlet, this error is prompted.

How to Remove the Pop-Up Error Message?

There is a workaround using which this error prompt "The Microsoft Exchange administrator has made a change that requires you quit and restart Outlook" can be removed partially. You can uncheck the option “Show Microsoft Exchange Messages” from Outlook icon available on the taskbar and check if the error still pops up.

This setting is managed by the below mentioned registry value:



Evade Outlook Connectivity Issues After Exchange Server Upgrade

Exchange server upgrade or migration from one Exchange server 2007 to Exchange server 2013 can have several issues. This includes Outlook synchronization, Public Folder access issues, and much more. Administrators have to pay attention on every aspect to make a complete migration of mailboxes and other data after such major upgrade. This error prompt is one of the issues, which is caused after making inappropriate upgrade. Many commercial tools like SysTools Exchange Recovery come forward to ease these hectic directions involved in upgradation of Exchange server. Such tools do not take time and needs minimal settings to perform migration of mailboxes and public folders from source server database to destination server. It also does not show any issues like Outlook connectivity, sizing, performance, etc. once the migration of data is made after upgradation. However, if you have already fallen for it and experiencing this error issue, you can try the resolutions mentioned.

Posted in Exchange 2007, Exchange 2010, Exchange 2013 | Tagged , , , | Leave a comment

Access Exchange Mailbox Data In MS Outlook Via Powershell


An Exchange Administrator,many a times may require exporting Exchange mailbox database to other platforms like Outlook. Since Outlook works with PST files, the actual destination of the exported database will be PST file.Export of Exchange mailbox data could be a result of an organization’s migration to a new hosted service or for archiving the Exchange data for future preference. Moreover, exportation of Exchange data plays a crucial role in the legal discovery processes of Exchange server. The Exchange data can be exported in a PST file and then later on the evidence can be extracted from it. Thus, preventing the organization workflow from being hampered.

To export the Exchange mailbox data to PST file, deployment of New-MailboxExportRequest cmdlet in the Exchange Management Shell is the first choice of the administrators.With the assistance of this cmdlet, the users as well as admin can export the Exchange data to PST file.

Pre-Requisites For New-MailboxExportRequest cmdlet

· In order to export Exchange data to PST file, a shared folder (in which the concerned PST file is stored) over the network that is accessible by Exchange server, must be created. Moreover, read/write permissions should also be granted to the shared folder so that the Exchange Trusted Subsystem group can access it.

· For mailboxes larger than 50 GB in size, multiple PST files can be created by exporting specified folders of Exchange mailbox or by exporting content after filtering.

· MRS performs the export operation to the PST file. Moreover, al the requests are queued and also throttled by the MRS.

· The overall time consumes during the export for mailbox data, depends on the mailbox size, the throttling speed andthe network bandwidth

· Exchange data cannot be imported to a PST file in the public folder.

This cmdlet facilitates the conversion of multiple Exchange mailboxes to PST file. However, only a single request or command is written and executed at a time.

List Of Options For Exporting Exchange Mailbox Data

There are a number of parameters which can be specified when Exchange data is exported to PST. They are specified as below:

1) IsArchive: The personal archive data can be exported using this parameter.

2) ContentFilter: The messages can be filtered while exporting them with this parameter. The messages can be filtered on based on the message content, senders, recipients, message type, date of sent message, received message and so on.

3) IncludeFolders: This parameter can be used for including the specified folders that have to be exported to PST.

4) ExclueFolders: This parameter is used for excluding some of the Exchange folders from being exported to PST.

5) AssociatedMessagesCopyOption: This is used for exporting the associated messages. The associated messages are those, which store hidden data like views and rules.

Methodology To Export Exchange Data To PST Using New-MailboxExportRequest

Step 1:Open the Exchange Powershell in your machine.

In this export process, the first step is to run Add-PSSnapincommand. This command is used to assemble all the add-ins of Exchange in the Windows PowerShell.


Step 2: if you want to export the entire mailbox content to the PST file, then you can use the following command to export it.

In this the mailbox from which the data is to be exported id named Aria and the shared folder in which the output PST file will be saved is PSTShare. The name of the resultant PST file can be selected by the user. In this case, we have named it as aria.pst.


Once executed successfully, the entire data will be exported to aria.pst file.

The yellow script, which you can see in the next image,means that the command has been generated successfully.


You can see the resultant aria.pst file in the folder PST Share.


Step 3: You can create an archive PST file by exporting Exchange mailbox data by the following command.

In this, the PST file is named as aria_archive.pst.


Step 4: as illustrated before, the ContentFilter command can be used for selective exporting of Exchange data.

For example, if you want to export the Exchange messages, which contain terms test and data in them, you can export them by using this command. Here the output PST file is named as aria_filter.pst.


Step 5:The next command which we can use to exclude say Sent Items folder from being exported to PST file, is ExcludeFolder.

The name of the output PST file is aria_excludesent.pst.


Limitations of New-MailboxExportRequest

As discussed earlier, this methodology cannot be implemented to export data to public folders. Therefore, this method does not prove to be useful in case the user needs to export and save the data in public folders. Thus, in order to eliminate these limitations, commercial tools like EDB to PST Converter can be deployed. This utility exports the entire Exchange mailbox data to PST file belonging to public folder.Moreover, it comes embedded with advance features that enable the user to filter out the required data and exclude the unnecessary data.The software imposes no size limitation on Exchange mailbox and hence can be used for exporting Exchange mailbox data without any size issue. This utility proves to be helpful in scenarios, when the MailboxExportRequest fails to export the Exchange data to PST file.

Posted in Powershell, Exchange 2010, Exchange 2013 | Tagged , , | Leave a comment

Publishing Exchange and ADFS Server for Office 365 using IIS ARR Server

I found this article series extremely helpful where you want to publish Exchange and also want to publish ADFS servers for Office 365 SSO using  free IIS Application Request Routing proxy server.


Part 1 : Reverse Proxy for Exchange Server 2013 using IIS ARR
Part 2: Reverse Proxy for Exchange Server 2013 using IIS ARR
Part 3: Reverse Proxy for Exchange Server 2013 using IIS ARR
Part 4: IIS ARR as a Reverse Proxy and Load balancing solution for O365 Exchange Online in a Hybrid Configuration


Happy Reverse proxy

Posted in Application Request Routing, Exchange 2013, Office 365 | Tagged , , | Leave a comment

Exchange 2013 Designing Factor

Exchange 2013 designing plays a major role in the successful deployment and long running Exchange without any issues. The main objective before designing the solution is to understand the technical and business requirement. These requirements has be understood, reviewed and documented thoroughly. Given below are the business and technical requirements which need to be considered before designing a new solution. These requirements vary from customer to customer depending on their type of business, country regulation, infrastructure, budget etc.

Business requirement

Total Cost of Ownership

It is both the direct and indirect cost and benefits with the implementation of the new solution. It includes purchase of the hardware, license, power, maintenance, engineers, hidden cost, etc.

Reduction in Implementation Time

There are tons of works required to implement Exchange and management, always looks for the automated process to deploy the new solution. Projects allow bounded by tight time lines and automated deployment, configuration and versions are the only to meet the tight deadlines. Automated process reduces human efforts, time and errors.

Service Uptime

Uptime of the server and uptime of the service are two different things. Server can be up but the services can be down. It has no meaning when the servers are up and services are down. Service uptime is measure in percentage and business expects to have very minimal down time. To provide 99.999 percent of uptime, it comes with the huge cost.

No or Minimum user impact

Migration of users to the new environment should have minimum or no impact. Users should be able to continue to send and receive emails with continue access calendars, shared mailboxes, and delegate mailbox during the migration.

Compliance and Legal requirement

New solution comply with compliance and legal requirement of the organization. It should support legal hold, eDiscovery, Role based access control etc. to meet the needs.

Supportable and expandable

There are tons of dependent applications which integrate with exchange. New version of exchange should be fully supported by both in house and vendor applications. It should also be scalable to accommodate the expansion of the organization growth.


It should offer strong encryption and security from any kind of security threats and breaches. Security threats or breaches can be like spoofing, phishing or spamming, which can be very unhealthy to the organization and cause damage in terms of reputation and money. Mobile devises are easy sources of security threats, implementing encrypting thought Active sync policy would secure it. Other comment

Data Retention and Recovery

Companies have different retention polices for different types of emails. Some needs to retain the email forever and some would need to retain them for 7 years and some may be for just a year. One the other side, these retained email should be available for recovery depending on the requirement. These recoveries can be for the accidental deletion of email or recovery of email of several years back for the legal dispute.

Exchange Recovery time Objective (RTO) and Recovery point object (RPO)

RTO is defined as part of the disaster recovery and business continuity plan. Exchange Recovery time object is the acceptable account of time taken to restore after a disaster or service distribution occurs. Depending on the criticality of the service, RTO time varies and exchange being one of the most critical applications, which would need to have the RTO time as low as possible. It can be specified in seconds, minutes, hours or days. For example, if the RTO time is around 4 hours then you need to invest huge amount of money to provide redundant infrastructure but If RTO time is about day or two, then it would give some time to restore the service at the reduced infrastructure investment

RPO is also defined as part of the business continuity and disaster recovery plan. It is the maximum acceptable level of data loss after any disaster or catastrophe. It represents the point in time data to be recovered to resume the normal operation. It is calculated in Seconds, minutes, hours or days. If the RPO is 5 hours, then exchange data must be backed up once in 5 hours. Lower the RPO, higher the infrastructure investment cost and vice versa.

Technical Requirement

Easy Administration and implementation

It should be easy to manage, implement and the interface should be easy to use and provide remote PowerShell management. It should also provide the scope for automation to reduce the management and administration efforts.

Bigger Mailbox size

Users never want to delete anything from their mailbox; they want to keep everything. To address this issue, new Exchange solution should support bigger mailboxes

Bigger Database

Bigger database support reduces the number of databases in the organization. It also reduces the maintenance and management efforts. Newer disk provides larger storage space and accommodate bigger Database.

Client Support

It should support rich clients like Outlook, Outlook Web access, various mobile devices like blackberry, Active sync and Mobile device management solution.

High Availability and Disaster recovery

High Availability (HA) and Disaster recovery (DR) are very important for a business. Loss or unavailability of emails can be huge loss to the business; thus, HA and DR can help in reducing the complexity of delivering business continuity.


It should be able to integrate with another application and systems in the organization. Some of other applications like Lync, SharePoint, office application, some in house and other third party application. Organization will have many in-house built or third party application like SAP, HR etc. and this needs to be supported by the exchange server.

Virtual or Physical

Exchange is resource intensive application and depending on the organization policy some may want to implement physical and other want to go for virtual. Over the years, virtualization has proved to provide better performance with CPU and Memory. Microsoft also supports Exchange 2013 on virtualization technology like HyperV and Vmware, they also have provided some guidelines and best practice when Exchange is been implemented on vitalization. It’s totally a technical requirement from the Exchange team on the path they wanted to take to implement exchange.

Understanding Current Environment

Understanding current environment plays a major rules in designing the solution. It is very important to understand every component of the exchange and its depending tools which works in collaboration of exchange. Without understanding current environment, it would be impossible for anyone to design the new solution.

To start with need:

1. Exchange Architecture diagram

2. Exchange designing document

3. Exchange Configuration Information document

4. Exchange Server CPU Utilization and specifications

5. Exchange server Memory utilization and specifications

6. Exchange Mailbox Database configuration and Size

7. Exchange server Storage utilization type and design

8. Network diagram

9. Current High Availability and Disaster recovery model

10. Vendor support documents and support number.

11. Active directory diagram with server details

12. Blackberry and Mobile device Management (MDM) software and server details

13. SharePoint solution

14. Instant Messaging and Unified Messaging solution

15. Backup Solution

16. Fax solution

17. Archiving solution

18. Journaling

19. Antivirus Software

20. Gateway and Spam filtering solution

21. Email Encryption

22. Business Custom Application

23. Monitoring and reporting solution

24. Custom Outlook plugins

25. Signature Software

26. Server Patching Solution etc.

There are various native and exchange built-in tool available to pull the necessary information on the current environment and they play the vital role in designing.

1. Exchange profile Analyzer

2. Exchange Environment Report

3. Microsoft Exchange Server User Monitor (ExMON)

4. ExIISLogParser

5. Exchange Best Practice Analyzer

With these information, we get some good idea on the all the business and technical requirement and also help to get the complete knowledge on the existing environment. It helps provide solution which is ideal for the requirement and to accommodate the business growth. I hope this article helps you to considers all the factors before designing a messaging solution for your organization.

Posted in Exchange 2013 | Tagged , , , | Leave a comment