Tuesday, 26 May 2015

Exchange 2010/2013 DAG Status validation script

This script will validate the mailbox database status, content index status, copy queue length and replay queue length of the databases from the DAG. It will trigger an email notification to administrator if any of the below condition is true,

1. Database is not mounted on the preferred server
2. Database status is not mounted
3. Database status is not healthy
4. Copy queue length is more than the threshold value
5. Reply queue length is more than the threshold value
6. Content index state is not healthy

We can use this script to validate both Exchange 2010 and 2013 DAG.

We have to schedule a task to run this script. I suggest to schedule this to run every 30 mins and it will trigger an email ONLY when the condition is true. In this way we can avoid spamming administrator mailbox.

Script Block

#######################Beginning of the Script#########################

##########################################################################
#      Check DAG Status and send email                                   # 
#                                                                        # 
# If you want to send the report as an email, please give $Mail = "True" #
##########################################################################

# Inputs for Email 

$Subject = "DAG Status Report" 
$FromAddress = "DAGStatusReport@testlab.com" 
$ToAddress = "admin@testlab.com" 
$Relay = "SMTP relay server FQDN" 
$SMTPClient = New-Object System.Net.Mail.smtpClient 
$MailMessage = New-Object System.Net.Mail.MailMessage 
$Mail = "False"

# Threshold

$CQL = 50
$RQL = 100


#Add-PSSnapin Microsoft.Exchange.Management.Powershell.Admin
Set-ADServerSettings -ViewEntireForest $True
$body = $null
$body += '<style>'
$body += '<!-- '
$body += 'body { font: Calibri } '
$body += 'table { font: 11pt Calibri; border: 1px} '
$body += 'td { border: 1px ridge white; padding-left: 1px; padding-right: 1px } '
$body += 'p.header { font: 11pt Verdana; color: DarkBlue }'
$body += 'p.normal { font: 8pt Calibri; color: CadetBlue }'
$body += '-->'
$body += '</style>'
$body += '</head>'
$body += '<body>'
$body += "<p class=`"header`" align='center'><strong>DAG Status Report: " + $(get-date).toshortdatestring() + " @ " + $(get-date).ToshorttimeString() + " [IST]"


$ExchServerName = Get-MailboxServer | ?{$_.Databaseavailabilitygroup} | sort name | %{ 
$ExchServerName = $_.name
write-host "Processing" $_.name
$ccs = $null
$CCS = Get-MailboxDatabaseCopyStatus -Server $ExchServerName  | Where {  ($_.Status -ne "Mounted") -and ($_.Status -ne "Healthy") -or ($_.ContentIndexState -ne "Healthy") -or ($_.replayqueuelength -gt $RQL) -or ($_.CopyQueueLength -gt $CQL) -or (( $_.Status -eq "Mounted") -and ((get-mailboxdatabase $_.databasename).activationpreference[0].key.name -ne $_.activedatabasecopy )) 


if ($CCS -ne $null)
{
        #Table Header

        $body += '<table width=80% align=center>'
        $body += '<td colspan=6 align=center style="background-color: #DCDCDC" border: 1 ; ><strong><font color= Black>' + ($exchservername).toupper()  + '</font></strong></td></tr>'
        $body += '<tr><td align="Center" style="background-color: #736F6E" width="13%" border: 1 Groove white;><p class="table" style="color:    white"><b>Database</b></p></td>'
        $body += '<td align="Center" style="background-color: #736F6E" width="10%" border: 1 Groove white;><p class="table" style="color:    white"><b>ActiveServer</b></p></td>'
        $body += '<td align="Center" style="background-color: #736F6E" width="12%" border: 1 Groove white;><p class="table" style="color:    white"><b>Status</b></p></td>'
        $body += '<td align="Center" style="background-color: #736F6E" width="7%" border: 1 Groove white;><p class="table" style="color:    white"><b>Copy QL</b></p></td>'
        $body += '<td align="Center" style="background-color: #736F6E" width="8%" border: 1 Groove white;><p class="table" style="color:    white"><b>Replay QL</b></p></td>'
        $body += '<td align="Center" style="background-color: #736F6E" width="10%" border: 1 Groove white;><p class="table" style="color:    white"><b>Content Index </b></p></td></tr>'

        $ccs | foreach {
      
            
            $body += '<tr><td align="Center" border: 1 Groove white;>' + $_.Databasename + "</td>"
            $body += '<td align="Center" border: 1 Groove white; bgcolor=#FEEC80 >' + $_.activedatabasecopy.toupper() + "</td>"
            if (($_.Status -eq "Healthy") -or ($_.Status -eq "Mounted"))
            {
                $body += '<td align="Center" border: 1 Groove white;>' + $_.Status + "</td>"}
            Else 
            {
                $body += '<td align="Center" border: 1 Groove white; bgcolor=#FEEC80 >' + $_.Status + "</td>" 
            }
            if ($_.CopyQueueLength -ge $CQL) 
            {
                $body += '<td align="Center" border: 1 Groove white; bgcolor=#FEEC80>' + $_.CopyQueueLength + "</td>" 
            }
            Else 
            {
                $body += '<td align="Center" border: 1 Groove white;>' + $_.CopyQueueLength + "</td>" 
            }
            if ($_.ReplayQueueLength -ge $RQL) 
            {
                $body += '<td align="Center" border: 1 Groove white; bgcolor=#FEEC80>' + $_.ReplayQueueLength  + "</td>" 
            }
            Else 
            { 
                $body += '<td align="Center" border: 1 Groove white;>' + $_.ReplayQueueLength  + "</td>" 
            }
                
            if ($_.ContentIndexState -eq "Healthy")
            {
                $body += '<td align="Center" border: 1 Groove white;>' + $_.ContentIndexState + "</td></tr>"
            }
            Else 
            {
                $body += '<td align="Center" border: 1 Groove white; bgcolor=#FEEC80 >' + $_.ContentIndexState + "</td></tr>" 
            }
            
        }
        
                $body += '</table><br>'
               
}
}


if ($Mail -eq "True")
{
    $body += "Report Completed"
    ##############################################################################
    $MailMessage.Subject = "$Subject"
    $MailMessage.Body = $body
    $MailMessage.sender = "$FromAddress"
    $MailMessage.From = "$FromAddress"
    $MailMessage.To.add("$ToAddress")
    #$MailMessage.CC.add("$CCAddress")
    #$MailMessage.CC.add("$CCAddress2")
    $MailMessage.Priority = [System.Net.Mail.MailPriority]::High
    $MailMessage.IsBodyHTML = $True
    $smtpclient.host = "$Relay"
    $smtpclient.send($MailMessage)
    #############################################################################
}
else
{
    $Date = get-date
    $FileName = 'DAG_Status_Report'
    $FileName += $Date.year.tostring()
    $FileName += $Date.month.tostring()
    $FileName += $Date.day.tostring()
    $FileName += '.html'
    $body += "Report Completed"    
    set-content $FileName -value $body

}

#######################End of the Script##############################

Sample HTML Output


Sample Email




Wednesday, 6 May 2015

Step-by-Step Skype for Business Server 2015 install instructions


Microsoft announced the general availability of its Skype for Business Server 2015 product this week, along with other improvements to its unified communications services.

Skype for Business Server 2015 is the successor product to Lync Server 2013. Microsoft claims that it's possible to perform an "in-place upgrade" of Lync Server 2013 to its new Skype for Business Server 2015 product using existing hardware. The new server was scheduled to be available and on the product list on May 1.

For step-by-step Skype for Business Server 2015 install instructions, check out this post by Microsoft MVP Christophe Boucetta.

CAS Proxying and Redirection

CAS Proxying and Redirection

Proxying

Proxying occurs when one Client Access server sends traffic to another Client Access server. Proxying requests between two Exchange 2010 Client Access servers enables organizations that have multiple Active Directory sites to designate one Client Access server as an Internet-facing server and have that server proxy requests to Client Access servers in sites that have no Internet. The Internet-facing Client Access server then proxies the request to the Client Access server closest to the user's mailbox. 





In the previous figure, the mailbox of User 1 is located on Mailbox server 1. The mailbox of User 2 is located on Mailbox server 2, and the mailbox of User 3 is located on Mailbox server 3. Each Mailbox server is in a different Active Directory site. User 1 can access their mailbox through Client Access server 1 without using proxying, and User 2 can access their mailbox through Client Access server 2. If User 3 tries to access their mailbox through Client Access server 1 or 2, either server will proxy their request to Client Access server 3. Client Access server 3 isn't Internet facing but can receive requests from other servers inside the firewall. Proxying isn't visible to the user.

Redirection

Outlook Web App users who access an Internet-facing Client Access server in a different Active Directory site than the site that contains their mailbox can be redirected to the Client Access server in the same site as their Mailbox server if that Client Access server is Internet facing. When an Outlook Web App user tries to connect to a Client Access server outside the Active Directory site that contains their Mailbox server, they'll see a Web page that contains a link to the correct Client Access server for their mailbox. This is known as manual redirection. In Exchange 2010 SP2, administrators can configure cross-site silent redirection to enable this redirection process to happen without the user’s knowledge.





In the previous figure, User 1 usually accesses their mailbox in Active Directory site 1 using their mobile phone. The administrator then moves their mailbox to Mailbox server 2 in Active Directory site 2. The next time the device tries to synchronize, the server responds with an HTTP 451 status error. This contains the URL the device should now use for that user. In step 3 of the sequence, the device reconfigures itself and connects to the specified URL. User 2, whose mailbox is in Active Directory site 2, tries to open their mailbox using Outlook Web App by connecting to Client Access server 1 over the Internet. With manual redirection, as soon as the user authenticates, Client Access server 1 presents a page to the user, with a link to the Outlook Web App URL for the Client Access server in Active Directory site 2. The user clicks the link, is taken to Active Directory site 2, and signs in again to access their mailbox.With silent redirection, when the user authenticates, they’re silently redirected to the Outlook Web App URL for the Client Access server in Active Directory site 2. 

Example

we have exchange 2003,2007 and 2010 in our organization and our 2010 CAS server (E2K10-CAS01) is internet facing

1. E2K10-CAS01 queries AD to determine the location of the user’s mailbox and the version of exchange installed on the mailbox server.
2. If the user’s mailbox is on 2003 server and the user is tries to access OWA using https://domain/owa, they'll receive an error because an Exchange 2010 Client Access server can't directly provide Outlook Web App access to an Exchange 2003 mailbox. 

Note:

However, if the administrator configured redirection from Exchange 2010 to Exchange 2003, which would be usual during a migration from Exchange 2003 to Exchange 2010, the Exchange2003URL property of the Outlook Web App virtual directory was set to the value of an Exchange 2003 server facing the Internet. 

3. If the user’s mailbox is on 2007 server and both E2K10-CAS01 and user’s mailbox server are on the same AD site, one of the below four possible actions will occur

a. E2K10-CAS01 will look for an Exchange 2007 ExternalURL property that has an ExternalAuthenticationMethods setting that's identical to the InternalAuthenticationMethods setting on the Exchange 2010 Client Access server. If the settings match, E2K10-CAS01 will redirect to this external URL. If source and target CAS have Forms Based Authentication (FBA) enabled, the source CAS issues a hidden form back to the browser that contains the user’s credentials and FBA settings, along with the redirect URL. This is transparent to the user.

b. If a matching ExternalURL setting isn't found, E2K10-CAS01 will look for an Exchange 2007 Client Access server that has the ExternalURL property configured, regardless of matching. If one is found, E2K10-CAS01 will redirect to this external URL. This will result in the user being prompted for authentication.

c. If no matching ExternalURL setting is found, E2K10-CAS01 will look for an Exchange 2007 Client Access server with an InternalURL property that has an InternalAuthenticationMethods setting identical to the InternalAuthenticationMethods setting on the Exchange 2010 Client Access server. If one is found, E2K10-CAS01 will redirect to this InternalURL. If forms-based authentication is enabled, this will result in a single sign-on redirection.

d. If no matching InternalURL is found, E2K10-CAS01 will look for an Exchange 2007 Client Access server with an InternalURL configured, regardless of matching. If one is found, E2K10-CAS01 will redirect to this InternalURL. This will result in the user being prompted for authentication.

4. If 2007 mailbox server is in different AD site, E2K10-CAS01 determines whether the ExternalURL property is set in that Active Directory site. If it is, and cross-site silent redirection is not enabled, the CrossSiteRedirectType value is set to Manual, and a manual redirect is issued. In this scenario, the user is provided with a clickable link that redirects them to the specified URL.

5. If the user's mailbox is on an Exchange 2010 Mailbox server in the same Active Directory site as E2K10-CAS01, E2K10-CAS01 provides access to the mailbox. If the user's mailbox is on an Exchange 2010 Mailbox server in a different Active Directory site, E2K10-CAS01 locates a Client Access server in the same Active Directory site as the user's Mailbox server. When one is found, Exchange 2010 determines whether the Client Access server has the ExternalURL property set in that Active Directory site. If it is, and cross-site silent redirection hasn’t been enabled, the user is provided with a clickable link that redirects them to the specified URL. If cross-site silent redirection has been enabled, the user will be automatically redirected to the specified URL. If the ExternalURL isn't set and the authentication method on the virtual directory is set to Integrated Windows authentication, E2K10-CAS01 will proxy the user's request to the Client Access server that's specified by the InternalURL property. 






Call Via Work in Skype for Business Server 2015



What is Call Via Work 

Call Via Work is a new feature in SfB Server which enables you to integrate your SfB solution with your existing PBX phone systems. A user enabled for Call Via Work can click in SfB to call another user, either within your organization or an external user. The call is completed using the user's PBX phone. This enables a user with a PBX phone to include rich audio in their SfB conversations. 

How it works 

It uses Unified Communications Web API (UCWA) as the agent between the PBX system and SfB server, so that no special gateway is needed to connect SfB with your PBX system. 

Workflow 

1. The user selects a user in their Skype for Business client, and clicks the phone icon to call them. Or, during an IM conversation, the user clicks to call the user they are having the session with. 
2. The PBX phone of the user who placed the call starts to ring. The caller ID for this phone shows a global phone number which you have set up to show in the caller ID of all users placing Call Via Work calls. This global phone number is not an actual phone number that corresponds to any one person's phone. Instead, it is a visual signal to let a user know that this is their own outgoing call, and not an incoming call happening at the same time. When you deploy Call Via Work, you should educate those users about this global phone number and what it means. 
3. The user who placed the call picks up their PBX phone. Skype for Business then initiates the voice call to the callee.
4. When the callee answers, the voice call begins. If the two users already had an IM session going, it can continue. 

Joining a conference with Call Via Work 

A Call Via Work user can join a scheduled meeting by clicking the meeting URL. Skype for Business then shows a Dialing out to message until the meeting service dials the user's PBX phone. The Call Via Work user then picks up the PBX phone and joins the meeting. 

A Call Via Work user can also use the Meet Now option in Skype for Business to create Meet Now meetings. The user then sees the Dialing out to message, and the PBX phone rings. 

A Call Via Work user can also dial in to a meeting by calling the Conference Bridge number from within Skype for Business. If a conference PIN is required, the user must use their PBX phone to input the PIN. 

Incoming Calls 

When a user enabled for Call Via Work receives a Skype for Business call, the PBX phone and the user's Skype for Business clients all ring simultaneously (if the user has set up simultaneous ring). The user can accept the call either by picking up the PBX phone or clicking Accept on the Skype for Business notification. If the user accepts the call using Skype for Business, the Skype for Business window for the call stays open. But if the user accepts the call by picking up the PBX phone, then the Skype for Business notification window closes and there is no Skype for Business session, only the voice call over the PBX phone. 

Note: 

When a user enabled for Call Via Work receives a PBX call, only the PBX phone rings. 

Tuesday, 5 May 2015

Exchange Server 2016 Architecture




To improve the product’s capabilities and simplify the architecture and its deployment, MS have removed the Client Access server (CAS) role and added the client access services to the Mailbox role. 

The Mailbox server role now:

1. Knows the logic to route emails
2. Hosts all the components/protocols for exchange services

No clients connect directly to the back-end endpoints on the Mailbox server; instead, clients connect client access services and are routed (via local or remote proxy) to the Mailbox server that hosts the active database that contains the user’s mailbox.

We still have DAG for high availability with the below improvements

1. By default, the failover cluster will be created without an administrative access point,
2. Replay Lag Manager is enabled by default.
3. Database failovers times are reduced by 33% when compared to Exchange Server 2013.

How outlook connects to the Mailbox server

1. A client resolves the namespace to a load balanced virtual IP address.
2. The load balancer assigns the session to a Mailbox server in the load balanced pool.
3. The Mailbox server authenticates the request and performs a service discovery by accessing Active Directory to retrieve the following information:

a. Mailbox version (for this discussion, we will assume an Exchange 2016 mailbox)
b. Mailbox location information (e.g., database information, ExternalURL values, etc.)

4. The Mailbox server makes the decision to proxy the request or redirect the request to another Mailbox server in the infrastructure (within the same forest).
5. The Mailbox server queries an Active Manager instance that is responsible for the database to determine which Mailbox server is hosting the active copy.
6. The Mailbox server proxies the request to the Mailbox server hosting the active copy.


Coexistence with Exchange Server 2013

In Exchange Server 2013, the Client Access server role is simply an intelligent proxy that performs no processing/rendering of the content. That architectural tenet paid off in terms of forward coexistence. When you introduce Exchange Server 2016, you do not need to move the namespace. That’s right, the Exchange Server 2013 Client Access infrastructure can proxy the mailbox requests to the Exchange 2016 servers hosting the active database copy! For the first time ever, you get to decide when you move the namespace over to the new version. And not only that, you can even have load balancer pools contain a mix of Exchange Server 2013 and Exchange Server 2016. This means you can do a one-for-one swap in the load balancer pool – as you add Exchange 2016 servers, you can remove Exchange 2013 servers.

Topology Requirements

Exchange Server 2016 will only be supported on Windows Server 2012, Windows Server 2012 R2 and Windows Server “10” operating systems.
From an Active Directory perspective, Exchange Server 2016 will require:

  • Windows Server 2008 or later Active Directory servers.
  • Windows Server 2008 or higher Forest Functional Mode and Domain Functional Mode.
Exchange Server 2016 will only support coexistence with Exchange Server 2010 SP3 RU11* and Exchange Server 2013 CU11* (*subject to change).


Permanently Clear Previous Mailbox Info for EXO Exchange GUID sync issues

Microsoft is introducing a new parameter that can be called by using the Set-User cmdlet in Exchange Online PowerShell. The new para...