mardi 6 mars 2012

Error When Installing the SP1 for Exchange 2010

After you install the SP1 for Exchange 2010, you try to open the Exchange PowerShell, you receive this error:

La chaîne commençant par :
Au niveau de ligne : 1 Caractère : 5
+ « . <<<< 'C:\Program Files\Microsoft\Exchange Server\V14\\bin\RemoteExchange.ps1´; Connect-ExchangeServer -auto »
n'a pas de terminateur : '.
Au niveau de ligne : 1 Caractère : 109
+ « . 'C:\Program Files\Microsoft\Exchange Server\V14\\bin\RemoteExchange.ps1´; Connect-ExchangeServer -auto » <<<<
+ CategoryInfo : ParserError: (C:\Program File...eServer -auto »:String) [], ParentContainsErrorRecordExc
eption
+ FullyQualifiedErrorId : TerminatorExpectedAtEndOfString

To troubleshoot this issue, proceed by:

-  Open the command prompt and execute the following command line:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit -command ". 'C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer <var><target server></var>"

where <target server> is the name of your Exchange server.

If this command line doesn’t function do the following:

- Install the Rollup Update 4 for Exchange 2010 SP1

Good luck

Publié par à Aucun commentaire:

lundi 20 février 2012

Exchange 2010 SP2 Update Rollup 1 released

Microsoft released the Update Rollup 1 for Exchange 2010 SP2. For more information about the description of this RU1, you can visit this link .

To download RU1 For Exchange 2010 SP2.

Best Regards.

Publié par à Aucun commentaire:

mercredi 11 janvier 2012

How to integrate AD RMS with Exchange 2010 SP2(Part 3)

In this third part, we will configure AD RMS and Exchange 2010 server to communicate with each others. Let see how to do that:

1- This is the console of AD RMS. You can open it by accessing the administrative tools.

image

2- You have in this step to grant at least read and execute permission to “Exchange servers group” and the RMS service account in the “servercertification.asmx” file. You will find this file under “C:\inetpub\wwwroot\_wmcs\certification”

image

3- In the AD RMS console, enable the super user and specify a security distribution group that have an email address that match his name

image

4- In Exchange server, run the PowerShell. After that, type the following Cmdlet. Test-IRMConfiguration –Sender administrator@contoso.local

image

You will find only some warning with the last test. If you have have any other other errors or warning in the steps before, you have to troubleshoot them.

5- Now, we have to enable IRM for internal recipients by running the following PowerShell Cmdlet: Set-IRMConfiguration –InternalLicensingEnabled $True

image

6- To verify if IRM is enabled with OWA, we have to make a test with this PowerShell Cmdlet: Get-OWAVirtualDirectory |FL *RM*

image

All is OK. Exchange 2010 SP2 and AD RMS interact correctly with each others. In the next part, we will deploy a policy and use it with an Outlook 2010 user.

Publié par à Aucun commentaire:

How to integrate AD RMS with Exchange 2010 SP2(Part 2)

In the part 1, we spoke about IRM. Now we will focus on the deployment process. First of all, we begin with AD RMS:

1- Add the“AD RMS” role

image

2- AD RMS rely on database to store its configuration, you have to choose between the Microsoft internal database or a remote SQL server instance.

image

3-  Specify the service account, if AD RMS is also a domain controller “Not recommended”, you have to add the account to the “domain admins group”

image

4- Specify the location of the AD RMS cluster key

image

5- Specify a strong password for the AD RMS cluster key

SNAGHTML69c6e3f

6- Select the website in IIS where you want to store the virtual directory of the certification

image

7- Specify the AD RMS cluster address, you have to specify the FQDN and don’t forget to validate it. If the name you specified is different from the server name hosting the AD RMS, you have to add a CNAME record in DNS. In fact, client will request for license from that URL.

image

8- Choose the certificate. This step is so important, because the certificate must contain the name provided in the previous step. In my scenario I used a self signed certificate

image

9- Specify the licensor certificate name

image

10- You have now to register the Service Connection Point (SCP) of AD RMS in Active Directory

image

11- Now, install

image

We have finished the installation of AD RMS. In the next part of this article, we will configure AD RMS and Exchange 2010 to communicate with each others.

Publié par à Aucun commentaire:

ADRMS: The remote certificate is invalid according to the validation procedure

Trying to put in place IRM functionality to cooperate with Exchange 2010, I have to install AD RMS and test the IRM configuration with the Exchange PowerShell. Moreover, I encountered the following error:

error

When I added the ADRMS role, I have chosen a self signed certificate. After that, I took a look at the IIS, I found my certificate bind with the “Default Web site”. I tried this ADRMS URL, “https://dc.contoso.local/_wmcs/licensing/server.asmx” , and I got a certificate error. I guessed then that my certificate must be in the container of my “Trusted root certification authorities” and the problem is solved.

certificate

Good luck Smile

Publié par à Aucun commentaire:

mardi 10 janvier 2012

How to integrate AD RMS with Exchange 2010 SP2(Part 1)

Exchange 2010 provides some kind of security features like TLS in order to secure the communication in a network by a mean of encryption and Email encryption by using the S/MIME to encrypt the messages.

Unfortunately, the traditional features have some limitations. Besides, the company deals with critical data that may contain business information or financial reports… And users rely on their Mailboxes to send this data to each other. So, Exchange server provide a new feature known as IRM.

What’s IRM?

Information Right Management “IRM”, apply persistent protection  to messages and attachments ( MS office or enabled IRM applications) in Exchange server. With IRM you can :

  • User can’t forward, modify, print, fax, save, or cut and paste the content of a message or an attachment.
  • User can’t view an IRM protected message or attachment after a specified period.
  • User can’t use a windows snipping tool to copy the content of an IRM protected message.

With IRM you can’t:

  • Prevent users from using a third party tools to capture screen
  • Prevent users from using imaging devices to photograph an IRM protected message.
  • Prevent users from remembering and then typing the content of an IRM protected message.

IRM rely on Active Directory Right Management Server, a role in windows server 2008. In the next article, we will begin the deployment of IRM and we will start by implementing AD RMS.

Publié par à 1 commentaire:

mercredi 14 décembre 2011

High availability for Exchange 2010: CAS Array

With Exchange 2010, the client access server is now a major component responsible for managing all connection to the Mailbox servers. This component manage all internal and external client traffic. To improve the performance and the availability of the client access server in an Exchange server organization, we have to think about a high availability solution for this important role.

In fact, in order to make this role high available, we have to deal with CAS Array. It’s a group of CAS servers configured in Network load balancing scenario.

Besides, you can make a CAS Array with HNLB ( Hardware Network Load Balancer ) or WNLB ( Windows Network Load Balancer ). Moreover, Microsoft recommend that we have to use HNLB to configure CAS array. In fact, with WNLB we load balance only MAPI traffic. Further more, HNLB or another third party NLB is able to load balance MAPI, ActiveSync, autodiscover and availability service…

In this LAB, we have to configure WNLB to make a CAS Array.

  1. First, we Install two CAS servers named ‘HUBCAS’ and ‘HUBCAS2’
  2. Create a host record in the DNS for the name of your CAS Array
    • My A record FQDN is: CASArray.contoso.local
    • My A record @IP is : 192.168.125.10 (Virtual IP of CAS Array)
  3. Install the WNLB feature in ‘HUBCAS’ server. You have to
    • Open the “server Manager”
    • Right Click “Features”, The click “Add new Features”
    • Select “Network load balancing”nlb1
    • Finish the installation process
  4. From the “Administrative tools”
    • Open “Network load balancing”
    • Create a new cluster
    • Add you first member to the cluster.(‘HUBCAS’ server)nlb2
    • Set the priority of this member.
    • Set the IP address and the mask of the clusternlb4 
    • The cluster IP address is configured. We have now to set the “Internet name of the cluster” and to set the cluster operation mode as “Multicast”nlb5
    • For “Port rules”, you can use the default settings.nlb6
  5. Now, you have to go to the other partner, in our case “HUBCAS2”:
    • Install NLB feature
    • Add the second server to NLB clusternlb7
    • Add the second member
  6. The WNLB is configured. But, you have to redirect you MAPI client request to our CASArray. In fact, our resort is the famous PowerShell to achieve this goal:
    • Get-ClientAccessArray: To show if there are some CAS Array configured in your Exchange organization
    • You have to run this CMDLET to create the new client access server array: New-ClientAccessArray –fqdn “CASArray.contoso.local” –site “MainSite” –name “CASArray”nlb11
    • Our CAS Array is now configured as shown in the picture
    • Finally, you have to specify the CAS used to make a connection with a specific Mailbox Database. You have to run this CMDLET: Set-MailboxDatabase MBXDag –RPCclientAccessServer “CASArray.contoso.local”nlb12
  7. Finally, we check our client configuration in outlooknlb13
       
      Good luck !
       
Publié par à Aucun commentaire:
Inscription à : Articles (Atom)

Qui êtes-vous ?

Ma photo
MCC | MCT | MCITP Exchange 2010 | MCITP Exchange 2007 | MCITP Server Administrator