Tuesday, June 28, 2011

Enable & Disable ActiveSync For Exchange 2007 and 2010 Users

Issue:  Your company asked Default behavior for new user mailbox creation , ActiveSync future to be disabled. You find out by default every MB user has ActiveSync future turned on. If you have some of your users wished to use ActiveSync while majority of the users are disabled the out the box Exchange configuration nor GUI will come into rescue but PowerShell.

See fallowing KB articles for disabling ActiveSync ,

This topic describes how to disable Microsoft Exchange ActiveSync. When you disable Exchange ActiveSync on a computer that is running Microsoft Exchange Server 2007 that has the Client Access server role installed, you disable the application pool that Exchange ActiveSync uses. An application pool is a group of processes that Internet Information Services (IIS) uses to perform a task.

To see ActiveSync Enabled users run fallowing PS (  Get is harmless, as the PS does not make any changes, you need to watch out for set function (-: )

Get-CASMailbox -resultSize unlimited -filter {activeSyncEnabled -eq $true}

image

Disable Active Sync for All Users

get-Mailbox | set-CASMailbox -ActiveSyncEnabled:$False

 

image

Enable ActiveSync for All Users

get-Mailbox | set-CASMailbox -ActiveSyncEnabled:$True

 

Now we will disable it for Everyone but for some selected users with fallowing Script

Get-Mailbox | set-CASMailbox -ActiveSyncEnabled:$True | Get-content C:\ActiveSyncEnabledUsers.txt

 

image

On the C drive of my server I have created simple TXT file for the output

clip_image001

image

 last one

Get-Mailbox | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity} | ft DeviceFriendlyName, Devicetype, DeviceUserAgent

image

Respectfully,
Oz Casey, Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

Monday, June 13, 2011

Considering Domain Controllers on Virtual Environment.

Planning Considerations for Virtualized Domain Controllers most concerns and pointers have been discussed on the fallowing KB#888794. I have decided to post some of the highlights  from fallowing article.

IMO if passible at the least implementing one Physical DC make sense. Sizing the Domain controller correctly makes difference. The correct among of CPU, Memory and sufficient HD space need to be provided. Considering Proper AD excusing from AV scanning is also important.

Remember healthy  Dc will translate as healthy applications. Exchange Server is one of the most famous application utilize Active Directory heavy.  One thing I have witnessed over years , having issues with AD will cause all other applications to suffer this includes slowness and poor performance and translates as bad user experience.

Main pointer with Virtualization

  • Lingering objects,
  • DNS Considerations,
  • Backup Issues,
  • USN Rollback issues.

An effort to boot with the latest zone contents, the Microsoft DNS Server service waits 15 or more minutes for Active Directory to inbound replicate before loading an AD-integrated DNS zone.

Virtual host computers should not point to virtualized DNS Server running on the local virtual host compute

use System state backup for Active directory , do not use “snapshot”

USN Issues

When a USN rollback occurs, modifications to objects and attributes that occur on one domain controller do not replicate to other domain controllers in the forest. Because replication partners believe that they have an up-to-date copy of the Active Directory database, monitoring and troubleshooting tools such as Repadmin.exe do not report any replication errors

Things to consider when you host Active Directory domain controllers in virtual hosting environments
http://support.microsoft.com/kb/888794

USN issues
http://support.microsoft.com/?id=875495

Deployment Considerations for Virtualized Domain Controllers
http://technet.microsoft.com/en-us/library/dd348449%28WS.10%29.aspx

Respectfully,
Oz Casey, Dedeal

MVP Exchange Server
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)