If you have a mailbox move that’s showing as StalledDueToTarget_Processor, that’s quite common (I see that a lot).
Solution: StalledDueToTarget_Processor
Firstly how long have you waited? I see this when I’m moving a LOT of mailboxes, and most of the time this problem resolves itself – if you are patient enough, (and your users will be unaffected while this is going on).
If you have waited and there’s still no movement, you can try the following, locate the MSExchangeMailboxReplicaiton.exe.config file (it will be in your exchange/bin folder).
Edit the file, locate ‘MaxMRSConnections’ value and change it to 20, then save the file.
Note: I change these values on the source and destination Exchange servers, But documentation says you only need to do it on the sourse server.
Then restart the Microsodt Exchange Replication service on BOTH Exchange servers
Update Feb 2023: I was moving about 1000 mialboxes, and roughly a third were stuck in StalledDueToTarget_Processor. So ‘after working hours‘ I rebooted both Exchange servers, and the status changed to failed. I cancelled the move requests, and restarted the migration, this time thay all completed sucessfully.(PL)
Related Articles, References, Credits, or External Links
A couple of weeks ago I wrote an article about getting free certificates for IIS with ‘Let’s Encrypt’. Last week the renewal for my ‘test’ Exchange server’s certificate came though. So I thought “Why don’t I try and get a ‘Free Exchange Certificate’?”
Free Exchange Certificate
Before we start let’s take a moment to take a look at our existing Exchange Certificate, as you can see it’s a publicly signed and trusted certificate, the only thing wrong with it, is it’s going to expire in a couple of weeks, yours may have already expired, or you may be running a self signed SSL certificate, (horror!)
To do all the heavy lifting you need a peice of software, the easiest (I’ve seen) is win-acme (at time of writing the latest version is 2.1.14.996) you simply download it as a zip file.
Extract the contents of that zip file to a folder on your hard drive.
WARNING: Some other run throughs I’ve read, have different option numbers, (wacs.exe has obviously been updated). So instead of just posting the Number to select I’ll post the Option, then put the number, (or letter) of that option in brackets, (in case they change the option numbers again!)
Create a new certificate (full options) {m} > Manual Input {2}.
Manual Input {2} > Enter the public filly qualified domain name(s) of your exchange server (spectated by commas) > Press Enter to accept the default friendly name (unless you want to specify your own).
No, (or it will open the terms and conditions in another window) > Yes (your soul now belongs to Let’s Encrypt!) > Type in an email address > Quit {q}
Now reconnect to either OWA or the Exchange Admin Center > And you should see you have a new certificate.
It only lasts three months! That’s correct but;
Let’s Encrypt Free Exchange Certificate Auto Renewal
As well as getting your certificate, win-acme also created a scheduled task to check your certificate validity and renew it before it expires. Cool eh?
Where Does Win-ACME Store its information
Good question, it took me a little while to find that out, essentially once ran it creates a new folder in %programdata% (That’s a hidden folder on the C drive usually) called win-acme all your settings are in there, so if you make a mistake like enter the wrong email address, you can delete this folder and start again.
How To Remove Let’s Encrypt Exchange Free Certificate & Settings
Remove the certificate from Exchange Admin Center.
Remove the win-acme folder from %Programdata%.
Delete the scheduled update task from ‘Task Sheduler‘.
Related Articles, References, Credits, or External Links
While replacing an Exchange Server on my test network last week, I needed to get all the mailboxes moved across to the new one. Exchange gets upset if you try and delete a mailbox database that has data in it.
Solution
1. Launch the Exchange Management Shell > Firstly lets get the names of my Databases, then I can simply copy and paste them into the move mailbox command.
[box]
Get-MailboxDatabase
Get-Mailbox -Database Source Database Name -ResultSize Unlimited | New-MoveRequest -TargetDatabase Target Database Name
[/box]
2. The Mailbox moves should then be queued, depending on how many there are, this can take some time to complete.
3. To check on progress issue the following command;
[box]
Get-MoveRequestStatistics -MoveRequestQueue Target Database Name
[/box]
4. When complete you should remove the movement requests like so;
[box]
Get-MoveRequest | where {$_.status -eq “Completed”} | Remove-MoveRequest
[/box]
5. That’s all the ‘user’ mailboxes, but your source database server may have system mailboxes in it. These will be either Arbitration mailboxes, or Archive Mailboxes (or both). I don’t have any archive mailboxes, but I do have Arbitration mailboxes. To find out for your databases, use the following commands;
[box]
Get-Mailbox -Database Source Database Name -Arbitration
[/box]
6. To move Arbitration and Archive mailboxes, use the following commands;
[box]
Get-Mailbox -Database Source Database Name -Arbitration | New-MoveRequest -TargetDatabase Target Database Name
Get-Mailbox -Database Source Database Name -Archive | New-MoveRequest -TargetDatabase Target Database Name
[/box]
7. You can monitor progress with the same command you used in step 3, and remove the move requests with the same command you used in step 4.
8. In addition you may also have some Auditlogmailboxes like so;
[box]
Get-Mailbox -Database Source Database Name -Auditlog | New-MoveRequest -TargetDatabase Target Database Name
[/box]
9. Also you may have Monitoring Mailboxes, (In the screenshot below you can see I don’t have any archive mailboxes, as the command returns no results)
[box]
Get-Mailbox -Database Source Database Name -Monitoring | New-MoveRequest -TargetDatabase Target Database Name
Yesterday a client asked me how he could find out, which of his users were the “worst offenders” for mailbox size. Normally a simple Get-MailboxStatistics command would be fine, and we would sort the results in descending order.
Solution
On one of the Exchange servers, launch the Exchange Management Shell.
Issue the following command:
Note: That’s all one command, replace the name PNL-MAIL-2019 with your Exchange server name.
Exchange 2013, has changed the way Offline Address Books are handled, with previous versions only one server (the first server holding the mailbox role) was responsible for generating the OAB. With 2013 however multiple servers generate the OAB, In fact every server that has a special arbitration mailbox called an organization mailbox will create a copy. This is better for fault tolerance and resilience, and you will find the OAB files located at %ExchangeInstallPath%ClientAccessOAB. Another change is the way the OAB is distributed, now it can only be distributed via the web (no public folder distribution any more).
With the new Exchange Admin Center (https://localhost/ecp) there are no options to mange the OAB, so you will need to do that via PowerShell.
Solution
Pre-Requisites
If your AD environment contains more than one forest, you need to change the parameters that the management shell is going to use first, (or you will get no results). To do that execute the following command;
Applicable To: This procedure works on all versions of Exchange Newer than Exchange 2010 SP1 (update rollup 8). If your Exchange server is OLDER than that you will need to use the following link;
The following procedure exports a user mailbox to a PST file on a network share.
Solution
Note: Not Even ‘Exchange Organisation Administrators” have the right to import / export mailboxes, you need to grant those rights to your user object, (or a better approach would be to create an admin account just for this purpose, then delete it when you are finished).
Create a file share on a drive with plenty of space, ensure the Exchange Trusted Subsystem has read / write access. And ensure the SYSTEM account has full control.
Note: Add “-IsArchive” to the end of the command for Archive Mailboxes. Note2: If the export repeatedly fails, add -BadItemLimit 200 to the end and try again, you can also use the -AcceptLargeDataLoss in exceptional circumstances
To view progress;
[box]
Get-MailboxExportRequest OR Get-MailboxExportRequest | Get-MailboxExportRequestStatistics
[/box]
When complete, you need to remove the move request(s);
[box]Get-MailboxExportRequest | Remove-MailboxExportRequest OR (If you still have movement requests running)
Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest[/box]
Using Content Filters
You can specify a content filter to only export emails after a certain date all mail received after 01/01/17 e.g.
Or to export emails between two dates;[box]New-MailboxExportRequest -ContentFilter {(Received -lt ’31/12/2018‘) -and (Received -gt ’31/12/2017′)} -Mailbox {mailbox-alias} -FilePath {server-name}\{folder}\{file-name}.pst[/box]
Using IncludeFolders (and Exclude Folders)
You can specify IncludeFolders (or ExcludeFolders) to only export emails from certain folders, e.g.
Only export Inbox (and sub-folders) and Sent Items;
I was doing a migration from Exchange 2007 (on prem) to Exchange 2013 (on prem), this week. I had a number of mailboxes that were ‘StalledDueToMailboxLock‘.
Solution
Nice easy fix, on the Source and Destination Exchange severs, restart the ‘Microsoft Exchange Mailbox Replication Service‘.
Wont this break my Mailboxes! No, it will interrupt the migration process, (which is already stalled). But the actual ‘Live‘ mailbox, remains on the ‘Source Server‘, until the process is successfully completed anyway.
It can take a few minutes, (time for a coffee) but check and the process should now have resumed ‘CopyingMessages‘.
Related Articles, References, Credits, or External Links
This is pretty much PART TWO, of presenting ‘Exchange Web Services’ using Web Application Proxy. Back in PART ONE we looked at publishing OWA and ECP, and that required having an ADFS server. To present the other web services, e.g Outlook Anywhere, Exchange Active Sync, Offline address book etc. You don’t needADFS, you simply use ‘pass through‘ authentication with your WAP Server, directly to Exchange.
Solution
Before you start, you need to make sure in addition to the DNS records we used for OWA and ECP, you also need to be able to publicly resolve your Autodiscover record. I prefer doing this with public SRV records, see the following article for clarification;
Make sure your internal URLS are resolvable inside and your external/public URL’s are resolvable outside, (To the public IP address of your WAP Server).
Exchange URLS To Publish with WAP
As with the URLs we published previously remember to publish them with a trailing ‘slash’. You need to publish and ‘Reverse Proxy‘ the following URLs;
Outlook Anywhere: https://mail.ubique.com/rpc/ Offline Address Book: https://mail.ubique.com/oab/ Active-Sync: https://mail.ubique.com/Microsoft-Server-ActiveSync/ Exchange Web Services: https://mail.ubique.com/EWS/ MAPI: https://mail.ubique.com/MAPI/ Autodiscover: https://mail.ubique.com/Autodiscover/
Note: Obviously your domain will have a different name!
Publish Outlook Anywhere with WAP
From the ‘Remote Access Management Console’ > Publish > Next.
Select ‘Pass-Through’ > Next.
Give the Published rule a sensible name like “Outlook Anywhere” > Enter the URL’s, and select your public certificate > Next.
Publish.
Close
Publish Active Sync with WAP
Active Sync is required for phones and mobile devices that cannot use Outlook Anywhere. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Offline Address Book with WAP
Offline Address Book is required by devices to download a cached copy of the global address list. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Exchange Web Services with WAP
Exchange Web Services allow clients to access calendars, contacts and scheduling information remotely. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Exchange MAPI with WAP
Mail Application Programming Interface (over HTTPS) if the default connection protocol in modern Exchange deployments. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Exchange Web Services with WAP
If you’ve used Exchange since version 2007, you will know how important Autodiscover is, (probably because of the headaches caused when it’s not setup correctly!) To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Final Sanity Check
When complete, your WAP settings should look like this, (this is for all the pass-through, AND ADFS published settings).
Once setup correctly, Outlook should work fine externally, like so;
Related Articles, References, Credits, or External Links
Sometimes this happens after applying updates to Exchange! Firstly make sure all your services a running! From an administrative Powershell window run the following command;
[box]
Get-Service *Exchange* | Start-Service
[/box]
After making some certificate changes in Exchange 2016 this week, I found that the Outlook Web Access and Exchange Management websites would not work? I was presented with the normal login dialog, but after a successful authentication this happened.
ECP Blank Page: Solution
This happens because the website that runs the ‘Exchange Backend’ has lost the certificate for its https binding.
Open the Internet Information Services Management snap-in > Server-name > Sites > Exchange Back End > Edit Bindings > https (444) > Edit > Select the correct certificate for Exchange.
Then restart the site, or run ‘iisreset’, or simply reboot the server.
Related Articles, References, Credits, or External Links
Since Exchange 2013 we have been able to manage Exchange remotely through the Exchange Admin Center, but what if you want to use the Exchange Management Shell remotely?
Install Exchange Management Tools
This is not just the Management Shell, this will also install the Toolbox and additional help.
There are few prerequisites, but to install from a normal PowerShell prompt;
Once Installed, You can launch the Shell itself, or you can add the Exchange PowerShell commandlets to a normal Powershell session, with the following command;