mostly IT related ramblings
I’ve just bumped into Chad Solarz’s “The Exchange toolkit” blog entry. it’s quite dated… but nonetheless has great links and a great “one stop shop” here.
For your usage..
http://blogs.technet.com/b/csolarz/archive/2013/05/13/the-exchange-toolkit.aspx
Hi,
Quick note from the field, if you are moving to Exchange Online / Office 365 you should double check your current office group-policy settings and registry for Outlook.
You should make sure that you did not enable the Closest GC setting, or configured a specific global catalog server with the DS Server registry entries under HKEY_CURRENT_USER\Software\Microsoft\Exchange\Exchange Provider
Both registry values, errors and methods for resolution are located at:
http://support.microsoft.com/kb/2507626 – Error in Outlook: “The action cannot be completed. The Bookmark is not valid”
http://support.microsoft.com/kb/319206 – How to configure Outlook to a specific global catalog server or to the closest global catalog server
And if we are on the subject, it’s also a good practice to make sure the following when moving to Office 365:
ilantz
Update June 21th, 2016 – following feedback and a (true golden) blog post by the Exchange Team – Checklist for troubleshooting Outlook connectivity in Exchange 2013 and 2016 (on-premises) I’ve updated the recommended values for the timeout settings, and shortened the article overall for better reading. Do read the post in general, and in topic – check the CAS & Load Balancer configuration paragraphs.
Hi Again,
This post will spotlight networking considerations that are mostly overlooked. I’ve gathered a few of these issues that might brought you here searching for an answer:
The mentioned issues or symptoms could take place in any network environment, thus more common in complex network setups where multiple devices are protecting / route network traffic. Some typical configurations examples could be one of the following:
If you’ve read this post up until here and got disappointed because the above does not fit your issue, I’d like to suggest reviewing other RPC troubleshooting topics that might help Troubleshooting Outlook RPC dialog boxes – revisited or Outlook RPC Dialog Box Troubleshooting
Exchange Server traditionally (2000 to 2010) used MAPI over RPC to communicate “natively”, RPC is known to be “sensitive” and that’s why Exchange Server 2013 and beyond allows only Outlook Anywhere (RPC over HTTP) connections from clients which in my opinion is a great change that will simplify future deployments.
Client<>Server connections in general remains active while data “flows” , mails are sent/received etc. but when the connection is Idle, we might have a situation that it will be terminated. Here comes the term KeepAlive – a “dummy” packet that makes sure the connection remain active while no data is flowing and idle.
Here’s my “how-to” suggestion:
reg add "HKLM\Software\Policies\Microsoft\Windows NT\RPC" -v "MinimumConnectionTimeout" -t REG_DWORD -d 120The trick for success here is that timeout settings should be configured without overlapping one another while following the client access “path” – for example – Client > FW > Load Balancer > Server:
If additional network devices are placed between the server and your clients, make sure that session timeout settings continue to be configured accordingly.
With today’s security measures, network security has become much more complex. A typical corporate network will implement many different network appliances or software based solutions to secure data, restrict access, prevent attacks and unwanted traffic.
Bottom line – don’t think you are done with network considerations just because “ping works” or an email comes with a statement like “your port is now open”.
I hope this post will benefit others as this issue was and will probably remain common with Exchange and other client / server services.
Don’t get timed out 🙂
Ilantz
Additional useful links and sources of data:
Hello Everyone,
A huge release by Microsoft, all client and server office products are out ! Login to your Technet / MSDN Subscriptions and start downloading 🙂
Lync Server 2013
Exchange Server 2013
Office Web Apps 2013
Office Professional Plus 2013 (x64 and x86)
SharePoint Server 2013
Visio Professional (x64 and x86)
Project Professional 2013 (x64 and x86)
Enjoy !
ilantz
Update
The current “Best Practice” is to upgrade your Exchange Server to Service Pack 2 and apply Update Rollup 3 for Exchange Server 2010 Service Pack 2 (KB2685289), as this issue has been permanently solved.
See Synchronization of an organizational forms library fails when you use Outlook in Cache mode in an Exchange Server 2010 for additional information.
Hello Everyone,
Since the first migrations of Exchange 2003 to Exchange 2010 we’ve seen a really annoying error within Outlook 2003, 2007 and Outlook 2010 when trying to De-commission legacy servers, specifically when moving all public folders replicas including the EFORMS REGISTRY system folder and it’s children folders. once the organizational forms ( respectively you might see a different folder name within your organizatino ) is replicated only to the Exchange 2010 – a log / error message will be created in the Sync Issues upon an Outlook Send/Receive operation:
11:56:54 Synchronizing Forms
11:56:54 Downloading from server ‘public folder server‘
11:56:54 Error synchronizing folder
11:56:54 [80004005-501-4B9-560]
11:56:54 The client operation failed.
11:56:54 Microsoft Exchange Information Store
Notice: Use this method at your own risk ! This method is for organizations that do not use Forms !
Many posts and different resolutions were recommended, my original “fix” for this issue was to not replicate the organizational forms folder to the new Exchange 2010 public folder when starting to De-commission the Exchange 2003 server, practically “leaving it behind”.
I recently handled a situation where the Exchange 2003 server was already removed, and the forms folder was already replicated to Exchange 2010, and the error was already in place. I could not use Exchange 2003 System Manager to remove the replica, Exchange Management Shell or EXFolders. You cannot really leave an empty replica list within the tools.
MFCMapi to the rescue 🙂
Use this method at your own risk ! and again – this method is for organizations that do not use Forms !
Some references for you usage:
Troubleshooting: Error synchronizing folder Synchronizing Forms 80004005-501-4B9-560
Outlook synchronization error [80004005-501-4B9-560] with a Microsoft Exchange Server 2010 mailbox
Hey again,
I tend to always spend some time looking up the latest Office / Outlook updates, and found this following link from the office center on TechNet to be much useful.
It has a nice table of the latest Service Pack, Latest Public Update and Latest Cumulative Update for Office 2003 / Office 2007 / Office 2010
http://technet.microsoft.com/en-us/office/ee748587 – Update Center.
Enjoy !
To follow my previous blog “Watch out from latest outlook updates !”
the Exchange team has announced that the Office 2007 Cumulative Update for February 2011 is now available.
The update adds Personal Archives support in Outlook 2007.
For more details about the hotfix, see KBA 2475891: Description of the Office Outlook 2007 hotfix package (Outlook-x-none.msp): February 22, 2011. and also fixes quite a lot of issues that were presented from the original outlook December hotfix, Autodiscover issues, POP3 Authentication issues and few more..
As always ! test your hotfix !
Happy Archiving 🙂
Hi again,
This issue has came up too much, so I wanted to blog something short about this.
Prerequisites:
So, you’ve got it all configured, you enabled Outlook Anywhere, configured ISA 2006 / TMG / UAG to publish the Outlook Anywhere (or not), you published Autodiscover records an all is working great !
BUT ! you have this annoying user credentials pop ups, and users are going nuts ! and so do you !@ ( enough sarcasm ) it may work for a while, and then you are prompted again for user and password, or even worse – it might not work at all…
Here’s what can go wrong in bullets because we have a few different issues that might cause troubles..
So what’s that MSSTD or Certificate Principle Name ? well it’s a method Outlook can verify that the server you are connecting to indeed holds the correct SSL certificate subject name before sending credentials to.. well yeah it ain’t that secure.
This setting is actually being configured automatically since Exchange 2007 and continue to be with Exchange 2010.
So here’s what you can do with it – all examples follow the Set Outlook Provider cmdlet syntax:CertPrincipalName
Set-OutlookProvider EXPR -CertPrincipalName msstd:*.company.com
Set-OutlookProvider EXPR -CertPrincipalName msstd:correctsubject.company.com
Set-OutlookProvider EXPR -CertPrincipalName none
New feature with Exchange 2010 – The Set-OutlookProvider cmdlet now allows Outlook 2010 clients to connect exclusively through RPC over HTTP (Outlook Anywhere) before trying RPC over TCP connections when connecting over the Internet. !
This means you can control the check box “On fast network, connect using HTTP first, then connect using TCP/IP”, here’s the two options:
Set-OutlookProvider EXPR -OutlookProviderFlags:ServerExclusiveConnect
Set-OutlookProvider EXPR -OutlookProviderFlags:None
This should cover it, no more pop ups and hopefully Outlook Anywhere and you will be friends again !
ilantz
Credits (or links) :
When, if and how do you modify Outlook Providers?
Publishing Outlook Anywhere Using NTLM Authentication With Forefront TMG or Forefront UAG
Hey everyone,
There has been a growing concern about the issues from latest Outlook 2007 / 2010 updates:
Microsoft has released the updated http://support.microsoft.com/kb/2412171 KB, but seems not all trouble were solved, mainly the AutoDiscover issue, since http://support.microsoft.com/kb/2479671 was released followed by the “original” 2412171KB numerous issues have been identified with outlook features.
I’d advice to stay away from these updates until all is clear.
Update – Office 2007 Cumulative Update for February 2011 is now released
Ilantz
Every year at December, we at Israel ( and at some other points of the year, over the world.. ) have to rebase some calendar appointments..
This entry is not about daylight saving bashing 😉 but just a note to anyone that will use the Exchange Calendar Update Tool against Exchange 2010 mailboxes and servers.
I did not had enough time to actually find out why and what is the appropriate fix for this, but here’s a workaround for the error and the empty result when extracting the mailboxes from the servers..
If you will examine the logs in the msextmz extract log, when trying to search for the mailboxes on the required servers, you will notice that the output will be empty, and zero mailboxes will be reported.
needless to say that this obviously eliminates the possibility for extracting timezones from the mailboxes – i will not cover this issue, because in Israel we need to rebase the appointments just to reflect the current daylight saving durations..
Any way here’s the error:
[20-Dec-2010 12:51:56][3684]:HrProcessMailboxTable:Please log on to a profile with administrator privileges.
[20-Dec-2010 12:51:56][3684]:HrProcessMailboxTable:Unable open mailbox table for server /o=Contoso/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX-2010. Error 0x80004005.
[20-Dec-2010 12:51:56][3684]:HrProcessMailboxTable:Returning Error 0x80004005
You can easily report the mailboxes from powershell using:
Get-mailbox -ResultSize:unlimited -RecipientTypeDetails usermailbox | select ServerLegacyDN, LegacyExchangeDN | Export-Csv mailboxes.csv
Then use excel to export the data and match it with the format for the update tool which should be like this:
ServerLegacyDN <TAB> LegacyExchangeDN <TAB> TimeZone
Save that to a TXT, watch the formatting and tabs ! remove all the csv hyphens,commas etc..
Hope this will be fixed anytime soon, or a clarification will be published..
until then, good luck !
and Happy Holidays !
ilantz
Some Links:
Using the Exchange Calendar Update Tool to address daylight saving time changes for Exchange Server
December 2010 DST Cumulative Update for Windows operating systems