Tuesday, 17 June 2014

Cross Forest migrate legacy Public Folder data to Exchange 2013 on-premise


Modern Public Folders are a hot topic at the moment. The revised limits for supportability are a talking point for many businesses – especially around the current 10,000 folder limit (which should be raised to 100,000 and beyond in CU6).

It means many admins are having to fully understand their legacy Public Folder estate prior to moving them to Modern Public Folders, or simply leaving them on legacy platforms (with caveats) if their Public Folder estate is simply too large for Exchange 2013 to reliably handle.

Adding to this frustration is the fact that you can only move Public Folders in a 'cross forest' scenario to Office 365 at this time. Native support for cross forest moves of Public Folders simply isn't there.

So, providing you fall within the supportability metrics for Modern Public Folders, and you need to migrate cross forest, how do you do this at this time?

One product I have tested with great success is Mail Attender by Sherpa Software.


In my example below I am going to move Public Folder content from Forest A, running Exchange 2007 SP3 to Forest B, with Exchange 2013 CU5.

  •   For the actual migration server I am using a Windows 7 x64 virtualised desktop with Office 2013 installed. The Desktop is domain joined and in Forest B.
  • I have used PfDavAdmin/exfolders to give a mailbox in Forest A account OWNER permissions across the entire Public Folder tree in Forest A.
     
  • A Modern Public Folder has been created with a single empty folder, I have given a mailbox in Forest B OWNER permissions on this folder.
     
  • A forest trust exists between Forest A and Forest B


Run setup.exe and select a complete installation



It will ask you for a service account to run under. I selected an Exchange Administrator account in Forest B (the same Forest this desktop is domain joined).


It will then automatically grant the relevant log on as a service rights.


Ensure you start the service


Once installation is completed, restart the desktop and then open the Mail Attender console and confirm the service has started


Open Outlook 2013 (Office/Outlook 2007/2010 is also supported) and create two new profiles.

One should be to the mailbox in Forest A – connecting to the legacy Public Folders that the account has OWNER permissions over.

The other connect to Forest B and Exchange 2013.

I have called the profiles E12_PF and E15_PF:


In Exchange 2013 – ensure the account has OWNER permissions on the tree



Now we're ready to start setting the Source and Target profiles up in Mail Attender. Within Mail Attender itself go to:

Email Store | Public Folders | Add Public Folders from Global Addres List | Select your source profile (in my case E12_PF)



You will now have this listed under 'All Known Public Folders'

We will now do the same for the Target Profile, selecting the E15_PF mailbox.

I now have both my Source and Target profiles in Mail Attender:


We must now ensure that the service account running the Mail Attender service has full mailbox access to the Exchange 2013 mailbox in Forest B as well as the mailbox in Forest A.

As this is 'cross forest' where the service account is in Forest B and the Exchange 2007 Source mailbox is in Forest A we need to add the permission via powershell. I am also assuming you have a Forest Trust in place between both Forests as noted in the pre-requisites.

Using the Exchange 2007 EMS:

Add-MailboxPermission –Identity 'CN of Mailbox' –User 'ForestB\Administrator' –AccessRights 'FullAccess'


We now add the service account to the Exchange 2013 mailbox also. You can do this in the EAC or again via powershell.

Once full mailbox access has been granted, we can run statistic collections in Mail Attender. These will tell us we can connect to both the Source and Target Public Folders. Simply right click each known public folder store and select 'Collect Statistics Now'.



Providing there are no issues when collecting the statistics this means the Mail Attender console can log in to both Outlook profiles and see the public folder tree.

We are now ready to start creating some migration rules.

 In Mail Attender under:  Management | Rules | we will create a new standard rule.


The process is fairly straight forward. Give it a name:



Add the Source Exchange 2007 endpoint in the 'Email Store' tab


Now select the 'Folders' tab. Select for 'this rule applies to' "ONLY those Folders Listed below" additionally select the 'Explicit Folder Path and Name' and put in your folder Entry. For examples "\All Public Folders\E12 Migration Top level folder". Ensure you include all sub folders.


You can do cool additional things like take data from the Dumpster.


Moving on to the 'Conditions' tab – I haven't selected anything here, but you can add some pretty powerful conditions here. For example maybe you only want to take the last 5 months worth of Public Folder data? Or you want to delete any attachments? Or you just want to migrate certain types of data? Well you can add rules like that here.


Moving on to the 'Actions' tab this is where you select how the data is transferred. I am selecting here 'Copy Message to Public Folder'


Within the action is where we specify the Target Outlook profile – this is pretty confusing at first as it isn't very intuitive!



Note: You have to put "[FOLDER_PATH_FROM(3)]" in, this is how it copies the child folders from the source to the target. Again this isn't intuitive, I recieved this information from a support call.. If you don't do this you'll only copy over the top level folder.


Once you press OK that's the migration rule created.

You will now see this show up as standard rule under the Mail Attender Rule set.



You can add a schedule having the data move multiple times a day if you want. Something that I used to rely on when using the InterOrg Replication tool For Exchange 2003 to Exchange 2003/2007 and 2010 cross forest public folder migrations.

You can additionally configure two way synchronisation, if you are going to be in a long period of co-existence.

Now run the rule and it will copy and migrate your Public Folder data. This may take some time depending on the amount of data and number of Public Folders. I again urge you to be aware of the current revised limits for supportability for Exchange 2013 up to CU5.

For those that need something to perform cross forest public folder migrations to Exchange 2013 on-premises right now, this tool provides that. It is unknown if and when Microsoft will update Exchange 2013 to finally support on-premise cross forest Public Folder moves.

There are simpler, less autonomous ways of moving the data, but these typically include PST digestion and Exchange 2013 doesn't currently support PST imports or exports to modern public folder mailboxes – so the whole affair will be wholly Outlook driven – which isn't ideal.

If you want the solution to be automated, run on schedules, support bi-directional replication, and include some powerful technology to  autonomously clean up your data when migrating to Exchange 2013, Mail Attender is a pretty good product.

Watch out for Part 2 where I'll show you how to script your permissions and configure your mail enabled Public Folders.


Oliver Moazzezi - MVP Exchange Server


Friday, 30 May 2014

A phone number has not been configured for you. Please contact your support team with this information.

01/07/2014 #UPDATE!

I recieved some great information from a few Lync MVP friends. We can override this error when the user does not have Enterprise Voice just by assigning a LineURI. This means you will have to synchronise the LineURI with their AD telephone number to ensure the validity of the data. There are two great blog posts that provide scripts to do this.

1. Lync MCM Shawn KirkPatrick
2. Another great one on Next Hop

You may have to modify them to suit your needs, and it is a bit of an inconvience to have to do this, but at least there's another solution to get around the problem for now.

#UPDATE END

 Lync provides dial in conferencing capabilities and allows the organisers of conferences to dial in to their meeting over the PSTN – supported with a pin code to authorise themselves as the presenter of the meetings.

This is a great feature but currently it appears there are some limitations when setting your pin through Lync web services - namely through https://dialin.yourdomain.com/dialin

If you are a Lync user that is assigned to a conferencing policy that supports dial in conferencing, but you are not an Enterprise Voice user with a LineURI, you cannot set your pin.


Here I am as a conferencing enabled user without Enterprise Voice – after signing into dialin I get:



If I log in as an Enterprise Voice enabled using with a LineURI (a phone number in E164 format) I can successfully set my pin:


If I am an Enterprise Voice user that does not have a LineURI – meaning within Lync I can make outbound calls only, I get the same issue as a conferencing only enabled user:



There appears to be no solution for this at present. This behaviour is in Lync 2010 and Lync 2013, both the Standard and Enterprise versions of the product as well as the Hosting Pack variants (LHPv1 and LHPv2) up to the present available CU updates.

The solution is to set the users pin through Powershell – which works and sets the user a pin successfully, however this is less than ideal as the helpdesk or admin that has just performed the powershell task now knows the users pin – a potential security breach.

To fix this issue you must use the Set-CsClientPin powershell cmdlet.

Use "Set-CsClientPin –Identity user1@somedomain.com" to create an auto assigned pin – which will be displayed to you in the PS window.


Alternatively use "Set-CsClientPin –Identity user1@somedomain.com –Pin 12345" to assign a pin of "12345" to the user.


I myself consider this 'feature' to be a bug – as you don't need enterprise voice capability to have a conferencing policy assigned to you that allows dial in conferencing – meaning you need your pin! 

And it has been raised to Microsoft for assessment as such.



Oliver Moazzezi - MVP Exchange Server




Friday, 25 April 2014

Lync Hosting Pack version 2 now officially supports Lync 2013 CU4

Great news to all LHPv2 hosters, Microsoft have confirmed with me that Lync 2013 CU4 is now officially supported for Lync 2013 LHPv2.

There appears to be no official page up yet on the announcement, and it is possible they may never be, but I have confirmed it is now supported by Microsoft and I am including their test upgrade document.

Grab CU4 here  and finally approve it for your WSUS patching teams without fear or rebuilding an entire LHPv2 platform :-)

Grab the CU4 test document here.


Enjoy!


Oliver Moazzezi - MVP Exchange Server




Thursday, 24 April 2014

Disk Monitoring override changes and improvements in Exchange 2013 SP1 Managed Availability

Many will question their love affair with Managed Availability and whether they find it a worthwhile feature set or a hinderence to their daily Exchange 2013 tasks. However in principle it is a sound investment in the evolution of Exchange and will only improve with time.

One of the many monitoring probes in Managed Availability is the ability to monitor the free space on drives that house Exchange databases.

By default the free space threshold is 200GB. Because many people regularly went under this metric on free space many administrators simply set an override on the monitoring probe to turn it off altogether. Effectively removing the probe altogether and not report on free space at all.

Pre-SP1 the command to override the monitoring probe was:

Add-ServerMonitoringOverride -Identity "MailboxSpace\StorageLogicalDriveSpaceEscalate" -Server 'server' –ItemType "Responder" -PropertyName Enabled -PropertyValue 0

 However in Exchange 2013 SP1 this command has changed and is now based on the 'Add-GlobalMonitoringOverride' cmdlet. So many administrators found with new SP1 deployments they could no longer turn the probe off. 

The new command for SP1 is:


Add-GlobalMonitoringOverride -Identity "MailboxSpace\StorageLogicalDriveSpaceEscalate" -ItemType "Responder" -PropertyName Enabled -PropertyValue 0 -ApplyVersion "15.0.847.32"

Note: you must always use -ApplyVersion which applies an unlimited duration to the server version that matches the output, otherwise you need to specify -Duration which has a maximum application of 90 days.
 

 A fantastic inclusion in SP1 is also the ability to change the default 200GB free space setting. You can now customize this to a size of your choosing by adding the following reg key:


HKLM\Software\Microsoft\Exchange\v15\ActiveMonitoring\Parameters\SpaceMonitorLowSpaceThresholdInMB

This will allow you to set a more 'real world' value for your environment and taylor the metric to your environments needs. As an example if you are using 500GB disks and you manage your Exchange organisaton well, you may very well want the setting well below the default 200GB threshold. Allowing you to keep the monitoring probe enabled and in use.


Take care,


Oliver Moazzezi - MVP Exchange Server