Public Folders not accessable on Outlook 2016

After a mailbox is moved from Exchange 2010 to Exchange 2013 or 2016 and the client is Outlook 2016 the Public Folder list on Exchange 2010 is not accessible. It seems to be fine for Outlook 2013 clients.

According to Microsoft documentation you need to take extra steps to proxy the Public Folders to Exchange 2016 mailboxes.

https://technet.microsoft.com/en-us/library/dn690134(v=exchg.150).aspx

https://support.microsoft.com/en-us/help/3177600/outlook-can-t-access-public-folders-hosted-on-legacy-exchange-servers

In have simplified these steps, this is based on a single Exchange 2010 server and a single Exchange 2016 server. I understand this is applicable for co-existence with Office365 too.

You will need to change the name to match your Exchange 2010 server and also amend your AD name space instead of domain.local in the example.


On the Exchange 2010 server
New-MailboxDatabase -Server EX2010 -Name NewMDBforPFs -IsExcludedFromProvisioning $true
New-Mailbox -Name PFMailbox1 -Database NewMDBforPFs -UserPrincipalName PFMailbox1@domain.local -Password
Set-Mailbox -Identity PFMailbox1 -HiddenFromAddressListsEnabled $true
Set-MailboxDatabase NewMDBforPFs -RPCClientAccessServer EX2010

On the Exchange 2016 server
Set-OrganizationConfig -PublicFoldersEnabled Remote -RemotePublicFolderMailboxes PFMailbox1

Even after taking these steps Public Folders are not accessible. We can see that the DefaultPublicFolderMailbox is empty, you can see this using the following PoSh command. 

Get-Mailbox | FL name, *public*

You can correct this for all users by executing the command below, make sure you change domain.local for you AD domain name.

Get-mailbox | Set-Mailbox -DefaultPublicFolderMailbox domain.local/UserAccounts/PFMailbox1

Now open Outlook 2016, open the folder view and the Public Folder list is there!

Further reading...

https://justaucguy.wordpress.com/2017/12/18/outlook-2016-and-exchange-2010-public-folder-woes/

http://terenceluk.blogspot.com/2017/04/unable-to-expand-exchange-2010-public_5.html

Active Directory is unavailable after disaster recovery fail-over

Active Directory is available after a fail-over.

Customer has two domain controllers that are replicated to a recovery site using Veeam Backup & Replication.

During a DR test fail-over, Active Directory on both DCs would be available for only a few minutes before stopping working.

Tests like NETDOM QUERY FSMO and NLTEST state the domain is unavailable. NET SHARE shows the SYSVOL and NETLOGON shares are missing.

After a restore or replication Active Directory detects this has happened and attempts to protect it's self and effectively goes into a 'safe mode' so to speak.

The steps below outline what needs to be done to recovery from this. These steps apply to domain controllers using the legacy NTFRS replication and not DCs using DFSR. You can use dfsrmig.exe /getglobalstate to see if you are using NTFRS or DFSR


Step 1 - Power on both DCs and wait for the automatic reboot. If not you can't log in "No domain controllers available"
Step 2 - On DC1 or the DC with the FMSO roles, type NET SHARE and confirm that the SYSVOL and NETLOGON confirm that they are missing. Also check that the domain is unavailable NETDOM QUERY FSMO.
Step 3 - On DC1, CMD "Start SYSVOL" Make a backup of C:\windows\sysvol\domain\policies & C:\windows\sysvol\domain\scripts
Step 4 - NET STOP NTFRS on both DCs
Step 5 - On DC1 Set D4 to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Culmulative Replicate Set\GUID
Step 6 - On DC1 NET START NTFRS
Step 7 - On DC1 Check Event viewer for event id 13516 in File replication stating that the server is a DC
Step 8 - On DC1 CMD "start SYSVOL" (Should be empty)
Step 9 - Copy the backup of the Scripts and Policy folder to c:\windows\sysvol\domain on DC1
Step 12 - On DC1 CMD "Start SYSVOL" and check that Scripts and Policies exists with recent time stamp.
Step 13 - On DC0 Check NTFRS is stopped
Step 14 - On DC0 Set D2 on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Culmulative Replicate Set\GUID
Step 15 - on DC0 NET START NTFRS
Step 16 - On DC0 Open Event Viewer or event id 13516 in File replication event log
Step 17 - Type NET SHARE on both DCs and check that SYSVOL and NETLOGON exist. Restart NETLOGON if the NETLOGON share is missing.

Step 18 - Type NETDOM QUERY FSMO and make sure that both DCs report the same FSMO role holders.

Note that these steps differ from the ones details in this Microsoft KB article, which details setting the BurFlags under the Backup/Restore key, in my steps the BurFlags are under Culmulative Replicate Set

https://support.microsoft.com/en-gb/help/290762/using-the-burflags-registry-key-to-reinitialize-file-replication-servi

Windows cannot find the Microsoft Software License Terms.When installing Windows 2012 on a Dell server

When trying to deploy Windows server onto a Dell server you see this error message....

Turns out that this is caused by iDRAC firmware version 2.52.52.52 you can work around this by selecting Core mode and adding the GUI features later or downgrading the iDRAC firmware.

Lifecycle Controller Release Notes: https://downloads.dell.com/FOLDER04830652M/1/iDRAC_2_52_52_52_Release_Notes_A00.pdf
Deployment of Windows Server operating systems (OS) using LC may fail with one of the following message:

• Windows installation cannot continue because a required driver could not be installed.
• Product key required.
• Windows cannot find the software license terms.

This happens when the Windows setup copies the driver to the scratch space (X: drive) and the scratch space becomes full. To resolve this issue, do any of the following:

• Remove all the installed add-on devices before starting the OS installation. After the OS installation is complete, connect the add-on devices and manually install the remaining drivers using Dell Update Packages (DUPs).
• To avoid physically removing the hardware, disable the PCle slots in the BIOS.

Increase scratch space size beyond 32 MB using DISM set-scratchspace command when creating customized deployment

VM slow after P2V conversion

A VM was running very slow after a P2V using DISK2VHD. I removed all the hidden devices, I even tried removing the AntiVirus solution.

I found out the the original physical server had 2 CPUs, but when I built the VM and attached the VHDX files I had only added 1x vCPU

Fix: Shutdown the VM and add another vCPU.

Virtual Exchange server become unresponsive after Hyper-V integration services update

I've seen the three times now, and this issue effects both Exchange 2013 and Exchange 2016 installations.

The long and short is that if you have a Windows 2012 R2 virtual machine with either Exchange 2013/2016 installed and you upgrade the Hyper-V integration services the VM gets stuck on the next reboot. After about 30 minutes the login window appears but after trying to login the VM runs like a dog.

The fix is simple but painfully slow.

1. Shutdown the VM, you might have to reset it.
2. Attach a Windows 2012 R2 ISO to the VM
3. Start the VM and press a key to boot from the ISO
4. Select the Repair Windows option and get to the CMD prompt
5. Next alter the boot configuration so you have the option to boot into safe mode.
6. At the CMD prompt type:
   bcdedit /set {bootmgr} timeout 15
7. Reboot the VM and remove the ISO
8. You might find Windows wants to back out the failed updates from the previous boot.
9. At the Windows Boot manager select Safe Mode.
10. Once windows boots you will need to login and disable the Exchange services.
11. Open a PowerShell prompt and enter this command.
    get-service -Name MSE* | ?{$_.Starttype -eq "Automatic"} | Set-Service -StartupType Disabled
12. Now reboot the VM, you can ignore the Boot menu.
13. After Windows starts and you have logged in you can insert the Integration Services disk again and apply the update. Note you might find Windows plays up a bit as Exchange isn't working now.
14. Reboot the server, this time it shouldn't get stuck at "Getting Windows Ready"
15. After you have restarted and logged in you can enable the Exchange services once more by entering this command.
    get-service -Name MSE* | ?{$_.Starttype -eq "Disabled"} | Set-Service -StartupType Automatic
16. One last reboot and everything should be back to normal.

Microsoft has a lot to answer for here, the first time you see this it's really scary stuff.