List Users With Forwarding Enabled Exchange 2003

List Users With Forwarding Enabled Exchange 2003

To find all users in AD that have forwarding turned and enabled for their account and mailbox create a new saved query in AD Users and Computers and use the following LDAP query.

(&(mailNickname=*)(altRecipient=*))





This is very useful obviously if there a many accounts and you need to find all users that have had forwarding turned on for their account. The alternative to this is to select the properties of each user account one at a time and look at the delivery options configuration.

A Browser Active Sync Test URL

Technical issues with IIS, OWA, other web based email services and even email clients such as Outlook can be resolved remotely. Software for Online Computer support can help resolve problems remotely. More often than not, user experience is increased by enabling your support team to have on-demand remote access to desktop computers and server. The more methods there are to test, the more likely the problem you're working on can be resolved with certainty and assuredness.  

https://owa.{yourdomain.gr}/Microsoft-Server-ActiveSync/

The URL could even be http if SSL is not configured on the server to be required.

Testing active sync using a browser returns as an error in the browser window of Error 501/505 - Not implemented or not supported.

For Exchange 2007 and Outlook Web Access 2007, the error 501 and 505 seen on the page displayed is actually normal and should be the response the browser receives from the web server. After all, it's not a mobile phone it's a browser.

Although the error massage has changes slightly in windows server 2008 and windows server 2008 R2, it is very similar. The URL for testing ActiveSync is still in new versions of Exchange. Microsoft Exchange 2007 and Microsoft Exchange 2010 still use the same service point with the IIS web server structure and virtual directories.

To the remote user and to the smartphone it's still the same. underneath, server side, there have been many changes to Internet Information Services. In Windows server 2008 and 2008 R2, IIS has undergone many functional and interface changes for server administrators. When trying to setup a smartphone or mobile device, iPad or iPhone for ActiveSync to get email from an Exchange server, the URL is still the same. The URL that can be used to test active sync access and connectivity is the same and can be tested bot internally and externally. The difference being of course what name is entered into the browser and support for internal and external access is the same as well.

Since the writing of the above article Exchange and email hosting has changed dramatically. There are fewer installations of Exchange servers on-premises, and the use of hosted email or online exchange has increased tremendously.  I'm personally not a huge proponent of hosted everything. Once hosted, the hosting company essentially has a key control of your destiny and future. I do understand the need, convenient use, and the economics of hosting. The use of hosting services is invaluable. The are still those who have their own servers in their server rooms and data closets. In addition, there are companies that have their servers hosted in a cloud whereby the server is still theirs essentially, it's not just a service but a windows server that's accessible as if it was present in their own server room. A convenient method for accessing those servers has still remained to be RDP (remote desktop protocol).

Managing RDP Connections

RDP access is used extensively by network and server administrators all across the world. Small and large IT departments benefit from using RDP. Initially part of Microsoft's NT Terminal server which was a separate independent edition of Microsoft Windows server. RDP was then implemented as an add-on service feature of windows server. The RDP was added to desktops such as the pro editions of Windows, RDP is widely used to access servers in their own closest or hosted in a cloud. RDP provides benefits that on the surface assist in accessing and managing servers remotely. RDP protocol helps with troubleshooting issues with file servers, email servers, or other enterprise servers such as domain controller servers for Active Directory and more.  RDP clients have been developed for macOS and Linux systems. There are even RDP protocol clients for android and tablets. Managing RDP connections can be achieved by using installable desktop software or a better method for accessing RDP connections is online using a browser.  Managing RDP connection is beneficial to all administrators and also could be useful for standard general users of desktop. Since the RDP protocol has been implemented into the pro editions of the windows desktop operating system, RDP connectivity has bee made available for general purpose productivity and application use by users. Managing RDP connection can be centralized with the proper software tool. An RDP manager can provide access in a centralized manor to RDP connection made available to administrator and user. https://4RemoteSupport.com software for managing RDP connections centrally is 100% online and compatible with macOS, Linux and MS Windows and virtually any device can manager RDP connections. 

RDP Connection Manager

Microsoft has since initial inception of RDP and terminal server RDS gateway. remote desktop Gateway is a method for network and server administrators to provide a centralized location for users to access to connect to RDS (Remote desktop Service) servers or their own desktops. Independant of RDS gateway are RDP connection manager software tools that enable administrators and server admins to give access for themselves and for users An RDP connection manager software centralizes connections.  RDP connection manager software that's completely online further simplifies access to RDP connections for administrators and general users by offering a single point of connectivity and predefined connections 4RemoteSupport has a RDP Connection manager software tool that enable A centralized RDP manager, that also simplifies managing and connecting to desktops and services through a simple UI. Administrators can add new connections in seconds and are available to other administrators or users immediately. RDP connection manager software tool by 4RemoteSupport creates RDP files "on the fly". When a connection attempt is made using one of the saved RDP connections, a file is created and downloaded through the browser's standard file download interface. There's no need to save RDP files on servers, or on web sites. there's no way for a hacker to get all connections because they are automatically crated and downloaded each time the RDP connections are accessed by an administrator or user. RDP connection manager software that saves files requires exporting. managing RDP connections using an RDP connection manager that's online instead of installed on a desktop provides faster easier access to RDP connections with a centralized easy t use interface that benefits administrators and general users of RDP. https://4RemoteSupport.com RDP Connection manager is a software tool that doesn't require installation for centralized RDP connection management with a simple browser UI securely. 

Microsoft HMC 4.5 Deployment Walkthrough - Does it Work

Microsoft's HMC 4.5 Deployment Walkthrough is an excellent document and I could say that it does work.

http://technet.microsoft.com/en-us/library/cc501367.aspx

I found some minor little errors in the doc but none that were significant enough for a person with a good level of experience with the various Microsoft products to be able to recognize and get past.

There are doubters of course as to whether or not the deployment walkthrough actually will guide someone through installing their hosted Exchange 2007 environment. I did not build hosted communications or hosted sharepoint, only hosted Exchange.

My deployment did not match the deployment walkthrough exactly. And this fact is a testament to how well Microsoft has put together this iteration and release of the hosted messaging and collaboration. I build the infrastructure with the following servers, and believe me more will be added, but at this moment after just completing the install and applying my real SAN cert (not the SSL certs I generated on my own internal root certificate CA server).

Particularly in the domain controller department, I sped through the deployment by using only one domain controller. I'll be adding another this week and preparing for our first customers. I have 9 servers in total with a build out expected in the near future to include more servers to expand and increase performance and redundancy. Very soon and firstly, within a day or so I will have reached 10 servers for this HMC 4.5 deployment by simply adding another domain controller which is an absolute must and critical that it's deployed as soon as possible. Running with one DC is a recipe for a disaster (as we all know). When that server is added to the environment, the number of servers will be a consolidated 10 (ten) servers for this hosted Exchange HMC 4.5 solution deployment.

This is a consolidated hosted messaging and collaboration HMC 4.5. It was an accident that I created it as such and did start my work building the HMC 4.5 deployment from the consolidated HMC 4.0 deployment guide (an unofficial guide). I have for servers the following (names and roles to be added later):

There have been some grunting and groaning about Microsoft's deployment walkthrough document but I have to say it worked. The deployment walkthrough and in a consolodated design worked. This is my first install of the messaging and collaboration solution of any version. My HMC 4.5 deployment works with a minimum of servers (that will be scaled out to accommodate real production use). Overall, except for some minor issues the document does what's expected; provide a guide and example of a hosted solution installation and deployment. They cannot in a single document explain SQL, Exchange inner workings, or even the provisioning system in detail. This also make handy use of weeding out those who should not yet be deploying. A very experienced person with Microsoft products will find many of the steps easy to accomplish but a not so seasoned person will find the document and steps to accomplish the tasks not so helpful because every step of let's say, making changes or additions in active directory, are not explained or spelled out.

I saw that as I was working through the doc. I could see points that would make people give up because they can take a left turn during the walkthrough deployment and it will cost them dearly. I had one of those nearly deathly turns with the deployment of SQL report server. This is an area that I am familiar with but don't work with this particular product everyday and it showed as I worked through the deployment steps I had to verify to myself several times before taking action that it was the right thing to execute or do. My report server component of SQL installed without the databases it needed. Who knows why? Before this deployment I had another going that I scrapped for other reasons but the report server databases installed. In this round, they did not. I kept the abandoned deployment and used the datebase from that installation by exporting it and importing it. Although I believed I did the same thing as the first install and I was reading and working from the same Microsoft walkthrough deployment guide document, the install was different. I managed to get myself through the problem but several days were certainly lost.

Perhaps in another post I can mention my experience with the SAN (Subject Alternate Name) Unified Communications cert.

Hosted Exchange 4.5 Walkthrough Does it Work

This deployment is not for everyone and everyone should not be deploying it. The document for the walkthrough deployment from Microsoft is excellent. Sure, there could have been more detail but the document is not meant to provide every step along the way. Microsoft has to assume and expect there will be some level of expertise and knowledge induced into the installation by the installer, Microsoft can't and should not put it into one single document. I wish I had noted the minor errors I found in the doc so I could send them to Microsoft for document correction. Again, without enough or the right amount of knowledge, those little errors could be devastating. For the smokey room conspirator theory folks who may be reading this post, who think Microsoft is evil, here's something to think about; perhaps Microsoft put those little errors in the document by design, ...hmmm... , purposefully weed out companies from the hosted game ... a selective or survival of the fittest process.

Microsoft did a great job with the HMC 4.5 document. Using it I was able to deploy a hosted Exchange 2007 server environment. I absolutely do not claim to be an expert in the multi-tenant Exchange environment but I surely have more than a foot in the door of learning and experiencing much more about it.


I just recently finished testing Outlook Anywhere functionality with the 4.5 HMC Exchange environment using a fictitious organization but a real domain using real DNS servers. The functionality works pretty darn good. Once again, Microsoft did an excellent job with the document and deployment guide walkthrough. The clients find the autodiscover redirect site then get sent to the autodiscover site within the hosted solution. Once there, they get their configuration data, logon, and up come the mailbox. It's fantastic the way Microsoft has put this together.

If during the testing phase of the deployment you have issued certificates to the autodiscover web site and internally to your Exchange servers using a root CA authority you built and is not a public root CA. A tip I could give to people who might be at this part of their deployment walkthrough and testing their Outlook Anywhere capabilities is to be sure to import the root CA certificate into the trusted root store for the user at the remote computer looking to connect with Outlook Anywhere. The symptoms are that Outlook finds the autodiscover web site, the user logs on, all seems well but the mailbox for the user does not load. A message similar to the following. "the profile is not configured" or " be sure you can connect to your exchange mailbox" .

The deployment guide actually states that Outlook Anywhere will not work without certs installed and applied to the web sites involved, and this I proved but a temp work around that will only be good for testing is to import the root certificate of the certificate authority server into the users root certificate store. It does not have to be the computer certificate store. This will allow the mail box to load into Outlook for the remote test user but until the real certificate is used (a public SAN UC SSL certificate), the user will be constantly prompted for a password. So Microsoft is right, without certificates the solution will not work for a real deployment of Hosted Exchange HMC 4.5.

Link to this site and/or post please if you've found it at all useful. Use the following URLs, thank you.

http://remotesupportpc.blogspot.com/

http://remotesupportpc.blogspot.com/2008/12/microsoft-hmc-45-deployment-walkthrough.html

You do not have permission to send to this recipient. Relay access denied.

You do not have permission to send to this recipient.

You do not have permission to send to this recipient. Relay access denied

I had this message come up in NDR reports for every account that was trying to send email out of a local domain to an Internet email recipient (basically everyone not in your company). There are indeed many sites that present a reason and solution for this but not many at all present the obvious that may have occurred on the Exchange server that's causing this problem.

If there are many hands in the pot at an office you support and suddenly you have an Microsoft Exchange server that's acting up and now on can send email and the message is similar to the following:

You do not have permission to send to this recipient. For assistance, contact your system administrator. : Relay access denied

The relay access is denied is the key to solving this email sending problem with Exchange. This doesn't mean that the server is blacklisted or is an open relay or somehow has been compromised and this message is in fact coming from your email server. the email never makes out of the Exchange box itself. You could waste time in logs trying to determine why it's bouncing but the simple solution is that the domain users have been denied, or stated differently, have been prevented from sending email.

The solution for this is not as complicated although there could be some other problems that led someone to tamper with these settings in the first place and maybe set them improperly. In Exchange 2003, if your getting "You do not have permission to send to this recipient" "Relay access denied", check that your users have permission to send. This setting can be found in Exchange System Manager under Default SMTP virtual server. Right click the virtual server and choose properties. The click the Access tab at the top.

Then Click the Authentication button.

Then click the Users button.

Make sure you enable Relay Permission for your users. In the case where I was getting these NDRs, the Authenticated users group was displayed with the Relay Permission enabled but that wasn't enough. I added the Domain Users group and enabled relay for the group. Save your changes and give it a try.

Unable to open the free/busy information.

Outlook, and more so when combined with Microsoft Exchange, can surprise even a veteran administrator with the number of messages and things that could happen. A new message displayed to an average user can trigger instant change to what might be another ordinary day as a chase ensues for answers to uncommon problems.

My last post about a strange error coming from either Outlook or Exchange server was back aways here - http://remotesupportpc.blogspot.com/2007/05/calendaring-agent-failed-in-message.html . Although that was my last post, it was not a last error message displayed.


I did want to post this open a recently displayed one however. Just so it's available to any followers of my postings and maybe just to add another resource to the web for anyone searching an answer to the problem. An answer which I used myself and I know it works. It's not a re-iterated answer found in a forum where the support forum poster just copied and pasted it from another forum or site without haven actually tried the solution they are recommending themselves.

What solved this problem for me was just running outlook /cleanfreebusy. So simply, on the users computer for which you would like to chare the calendar, and have completed the steps to do so, close Outlook if it is running then start it again using the command line switch /cleanfreebusy.

This will, in almost all cases, solve the problem. Don't waste too much time checking on the Exchange server for the cause to this problem, you won't find an aswner there untill you run the simple command line option for Microsoft Outlook. I almost all cases this is a user side problem and should first be delt with on the local computer on which MS Outlook is running on.

Outlook creates some local files for the calendar and they can get "dirty" the information in the files stored ont he computer and the Exchange server are not lined up right. The calandar information needs to be refreshed. The solution for the message "unable to open the free/busy information" applies to Outlook 2000, 2002, and 2003.

In some case, for Outlook 2003, Microsoft Office service pack 1 needs to be installed.

Remember the service pack will need to be applied on the on the computer of the user for whom the calendar is being viewed or an entry is being created/modified, not for the user receiving the error.

If using Outlook 2003, take a look to see if Service Pack 1 (SP1) or Service Pack 2 (SP2) is installed for Outlook.

To determine if either SP1 or SP2 is installed on the computer:

• Start MS Outlook then click Help in the menu bar.
• From the dropdown menu, choose About Microsoft Office Outlook.
• On the top line of the About Microsoft Office Outlook window, look for SP1 or SP2.

If neither Service Pack 1 nor Service Pack 2 appears on the first line in the about window that's displayed, install SP1.

Multiple Calendars On BlackBerry Handhelds

Blackberry handhelds at least the ones I've seen that operate with a Blackberry Enterprise server and run with on Java platform (4.x), do not and cannot display multiple user's calendars. I'm holding one of the blackberry handhelds in my hand right now that wasn't able to nor could it currently display any calendar but my own (there is a hack method from what BB support told me be it doesn't work 100% right, it is not smooth to update, and they do not support it).




It's a very useful feature to have on a PDA, the ability to view several different shared calendars. I've seen the setup at attorney's offices. The calendars are made up of not a persons own calendar but those of various court calendars. Since many attorneys, at least in my neck of the woods, don't present their cases in just one court or in one location, they often go to several different court houses. Having the calendar for each of the various court houses and having them update automatically through the wireless network ti the PDA, like Verizon, Cingular, Sprint, etc., let's them be more productive and efficient.

I've both seen and setup multiple calendars through the use of public folders on Exchange where each court is a folder of calendar type. One attorney's office had their lawyers on 5 separate calendars. The girls in the office could update their schedules and they would get them almost instantly. This was done with PDA' that had a windows operating system on them.

Another attorney office which I support wanted to do the same but they had already purchased Blackberry handhelds as their PDAs. Well, when asked to setup exchange in their office and a blackberry enterprise server with the goal of setting up multiple calendars, I found out that it can;t be done. So the bottom line is currently blackberry handhelds even with a blackberry enterprise server cannot display multiple calendars on the handhelds. It was stressed by blackberry support that this feature may be added in the future but as of right now, BB Enterprise server version 4.1, it can't be done.


Tags:
calendar,
blackberry,
pda,
exchange

Send As and Send on Behalf of Using Outlook and Exchange 2003

Configure Exchange 2003 / 2000 to allow Send As User or Send on Behalf of
To give a user rights to Send As perform the following steps:

This is a common scenario. There's a manager or other employee like a top sales rep that needs to have others send email on their behalf or for them. Rather than having the person who is going to send the email go to their desktop and compose the email to send, they could send email for the other user right from their own desktop.
The surprise here is that although you may have configured full mailbox access in Exchange settings and the user can open the other users mailbox in Outlook on their desktop, the email sent still bounce back with the message stating the user is not allowed to send.That's because it there is another checkbox that needs to be checked to send for another user in the user security tab.

1. 
   Open Active Directory Users. This doesn't have to be from your Exchange server
   
2. 
   Enable viewing of Advanced Features in AD users and computers by licking View --> Advanced Features
   
3. 
   Find the user that you would like to have other users have rights to allow someone to send email as them (boss / manager)


4. 
   Double-click on the user name or id and select the Security Tab which is Typically top right box
   
5. 
   Add user that needs to "Send As" and grant them "Send As" permission. Permission change can take up to 15 minutes to go into effect.
   
   The user may now select "Sent From" in Outlook and the recipient will not be able to tell the email was not really sent on behalf of someone.
   
   exchange-send-as-send-on-behalf

Remote Support

outlook send as,
send as,
outlook,
exchange