ExMerge has been around for a long time, its used (as the name implies) to merge pst files into existing mailbox’s. However its also a great tool to export/backup users mail box’s if you’re doing a migration, or if you have got your “Disaster Recovery” hat on.
The following is a run through of how to export from a mail store to pst files – Note on a live system this can take some time, the example below was done in VMware on a test Exchange box that had 1000 users (as it was a test server the mailbox’s were tiny) If you need to do this on a production server plan in a LOT of time if your moving a large amount of data.
Solution
Note: I’ve mentioned it in the video, but just to reiterate, your mailbox’s need to be smaller than 2GB, if that can not be achieved, you can either;
1. Use ExMerge and export particular “date ranges” and produce multiple .pst files for the same mailbox (hopefully less than 2GB).
I’ve seen this a few times now, I’ve had users that will not sync from Active Directory to Azure Active Directory (Office 365). When you look to see why, you will see something like;
The Connector {Your-Domain}.onmicrosoft.com – AAD contains another object with the same DN which is already connected to the MV.
Note: For the uninitiated, DN is Distinguished Name, and MV is MetaVerse.
If you attempt to troubleshoot the sync, you may also see something like this;
Object {Distinguished-Name} is not found in AAD Connector Space.
Solution
First we need to temporarily halt the sync;
[box]
Set-ADSyncScheduler -SyncCycleEnabled $False
[/box]
Then launch Sycronization Service Manager > Connectors > Select your AAD Connector > Delete > Delete connector space only > Yes.
Note: Whoa! it says I’m going to lose data, what are we doing?
Well we are essentially removing all the ‘cached objects associated with this connector, I think about it like ‘flushing the cache’. I’ve never seen this operation break anything, and I’ve certainly never ‘lost’ anything.
While it’s still running, do the same with your local AD connector.
Start the sync scheduler again.
[box]
Set-ADSyncScheduler -SyncCycleEnabled $True
[/box]
Perform a Full Import on your AAD connector..
With the above still running you can repeat a Full Import on your AD Connector
Providing the full import has finished (i.e the connector says ‘idle’) perform an Export on the AAD Connector.
Providing the full import has finished (i.e, the connector says ‘idle’) perform an Export on the Local AD Connector.
Yesterday a client asked me how he could find out, which of his users were the “worst offenders” for mailbox size. Normally a simple Get-MailboxStatistics command would be fine, and we would sort the results in descending order.
Solution
On one of the Exchange servers, launch the Exchange Management Shell.
Issue the following command:
Note: That’s all one command, replace the name PNL-MAIL-2019 with your Exchange server name.
You want to import your mail from an older version of Outlook into your new Outlook mailbox, or you simply want to backup your mail.
Solution
Thankfully the process is the same for modern Outlook as it was for previous versions of Outlook.
1. In Outlook > Select the “File” Tab > Open > Open & Export > Import/Export
Note: On older versions of Outlook its simply Open > Import (you select Import even if your going to Export!)
2. Export to a file.
3. Outlook Data File (.pst).
4. Select your mailbox, select the ailbox – {username} > To back up everything (calendar contacts the lot), tick “Include sub folders” > Next.
Note: If using a POP mail account, here it may say Personal Folders.
5. Choose a location to save the .pst file.
6. If you want to password protect this (remember someone can import your .pst and read all your mail). I usually leave this option blank > OK.
7. After a few seconds the mailbox will export. (Note: if the mailbox is very small this might happen so quickly nothing is displayed on the screen). And there it is.
To “Import” your mailbox,
1. Launch thewWizard as above (Step 1) > Select “Import from another program or file” > Next.
2. Outlook Data File (.pst) >Next.
3. Browse to, and select your .pst file > Next.
4. Stop and think! where do you want to import the files to? Select as appropriate > Finish (Note at this point if the .pst is password protected you will be prompted for a password).
Related Articles, References, Credits, or External Links
I prefer to think of OVF Templates as “Zip” files for Virtual Machines and Virtual Appliances. Where as the OVA file is the complete appliance pre packaged. There are two things you will want to do with an OVF Template;
5. Select the disk format (Thick or Thin) you want the new VM to use.
What does Lazy Zeroed and Eager Zeroed Mean?
Data on disks is stored as a 1 (one) or a 0 (zero), so if all the blocks on the disk are set to zero, when you put data on the disk, it only has half the work to do (i.e. write the ones). Eager Zeroed, puts zeros on all the blocks on the disks straight away, LazyZeroed puts all zeroes in a block the first time the block is read.
6. Read the summary, and if you want to power on the VM on completion, tick the box > Finish.
7. Depending upon the amount of data this can take a while.
8. It will give you the following message when it’s finished.
9. And here is your VM, imported, powered up, and working.
Related Articles, References, Credits, or External Links
I do this a lot, (usually prior to big migrations), most organisations have no mechanism for removing old users and computers from Active Directory, some don’t even disable the accounts.
Note: This will output the users to a csv file, and requires you to have a C:\Temp directory.
Find Users Who Have Not Logged On In ‘x‘ Days
I’m going to use the value of 90 days (remember some staff might be on long term sick/maternity so check with HR!) Execute the following three commands;
I had to do this today and realised, it’s been so long since I did it last, I’d forgotten how to do it. Before we go forward, please be clear, I’m talking about MAIL CONTACTS, these are Active Directory Objects that have an Email address, but DO NOT have a mailbox in your Exchange Organisation, and DO NOT have an Active Directory User. I point this out because you can have MAIL USERS that have an Active Directory User Object and have an External Email address (i.e. a Gmail or Hotmail address) associated with the MAIL USER object.
Traditionally mail contacts are used for listing outside mail addresses in your global address list, (like mail users do) but are also used to forward mail to as well.
Solution
I was exporting from Exchange 2010, from the EMC run the following command;
You can see my exported CSV list in, DisplayName, Name, PrimarySmtpAddress format. You will need to do some work with it in Excel to get it in > Name, Firstname, Lastname, ExternalEmailAddress format.
Once you have you CSV file ready, import it into the Target Exchange Server with the following command;
You have probably tried to do this and found he option ‘greyed out’ because in the DHCP management console you can’t change the subnet mask of a scope.
I needed to change a clients DHCP scope because I was changing their subnet from /24 to /16. I could have simply deleted and recreated the scope, but they has a lot of custom settings for their phone system, and hundreds of reservations (which I know is unusual).
Solution
I wrote an article a long time ago about migrating DHCP scopes, this process uses the same method to take a backup of the scope, then you can edit the subnet mask, and ‘re-import’ the scope again.
I have a bunch of VM’s that I use with GNS3 that are in Virtualbox. I also run VMware Fusion, and since my upgrade to version 1.4.4 I need to run the GNS3 VM in VMware, (I could not get the Virtualbox version to work). So I decided to copy over the remainder of my VMs as well.
Solution
Within Virtualbox > File > Export Appliance.
Select the VM in question > Continue.
Important: Ensure you have selected OVF Version 1.0 (if you use version 2.0 it wont work) > Take a note of where the OVA file is going to be saved > Continue.
There’s no need to add anything else unless you want to > Export.
The VM will export (depending on the size this can take a few minutes).
When complete, open VMware Fusion > File Import.
Browse to, and select the OVA file you just exported > Continue.
Choose a name of the new VM > Save.
Don’t panic! This is normal, simply click retry.
The VM will import.
Finish.
When you first boot the VM it may be a little sluggish (it’s just had its underlying hardware changed after all). If it wants to try and install drivers, cancel the procedure and install the VMware tools.
Now you can remove the original VM from Virtualbox.
Delete all files.
Related Articles, References, Credits, or External Links
Now you may be thinking, “If you have your own CA/PKI solution why would you need to create a Wildcard Certificate”? If you can generate as many certificates as you want whats the point? Well today I need to setup ADFS, WAG (Web Application Gateway), and Remote Desktop Services Gateway Server. To make the whole thing wok on my test bench would be a lot less hassle if I could just use one certificate for everything!
Certificates > Personal > Right Click > All Tasks > Advanced Operations > Create Custom Request.
Proceed without enrolment policy > Next.
In nearly every case you can accept the default of ‘(No template) CNG Key’ However some applications (Particularly Active Directory Federation Services), need to user an older set of Cryptographic Service Providers (CSP’s). If that is the case change the option to ‘(No Template) Legacy Key’. > Next.
Details > Properties.
General Tab: Friendly Name > *.{your domain}.
Subject Tab: Ensure the Common Name (CN) is set to *.{your domain} > Enter the rest of your details as shown.
Extensions Tab: Add in Digital Signature and Key Encipherment.
Private Key: Key Size=4098 > Make private key exportable > Apply > OK.
Save the certificate request > Finish >Leave the Certificate console open, (you will need it later).
Locate the certificate request you just saved > Open it with Notepad > Select ALL the text and copy it to the clipboard.
Open the web enrolment portal of your certificate services server (https://server.domain.com/certsrv) > Request a certificate.
Advanced Certificate Request.
Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
Paste in the Text > Certificate Template = Web Server > Submit.
Base 64 encoded > Download certificate.
Save the certificate, and change its name from certnew > Save.
Back in the certificate console > Right Click ‘Persona’l > All Tasks > Import.
Next.
Navigate to the certificate you have just saved.
Next.
Finish.
Hopefully.
Now this may seem a little odd, but having just imported the certificate, to get it in PFX format you need to export it again. Right click the cert > All Tasks > Export.
Next
Yes, export the private key > Next.
Personal Information Exchange > Next.
Enter and re-type a password (You will need this to import the certificate so remember it) > Next.
Save it somewhere you can find it > Next.
Finish > OK.
Related Articles, References, Credits, or External Links