Monday, May 7, 2018

Outlook SSL Security Alert Certificate Name is Invalid

Our Exchange Certificate expired and we had to renew the SSL. after deploying the new SSL, some users started getting SSL security Alert on their outlook’s
image
No all users but some, after seeing the screenshot we narrowed it down to that the SSL is ok but the Security alert is about One of the DAG Server Name not included into the SSL. so I knew that this has to do with Autodiscover URL.
I logged into Exchange Server and executed the following command
Get-ClientAccessService -Identity EX04SERVER | Select AutodiscoverServiceInternalUri
Output I received was as below

AutoDiscoverServiceInternalUri
------------------------------
https://EX04SERVER.my.localADdomain.com/Autodiscover/Autodiscover.xml
This clarifies that the Autodiscover is accessing internal Server name URL therefore it had to be changed to Global URL
Executed following command
Set-ClientAccessService -Identity EX04SERVER -AutoDiscoverServiceInternalUri
https://mail.mymaildomain.com/Autodiscover/Autodiscover.xml

and the issues is no longer reported by any users
Here in this scenario
My server name is : EX04SERVER
My external mail domin is : mail.mymaildomain.com
My SSL certificate name is : mail.mymaildomain.com
My Activedirectory Domain is: my.localADdomain.com

Thursday, May 3, 2018

OWA ERROR Something Went Wrong, Your Account is disabled


OWA_Disabled_MailBox

Today one of our user faced an issue when he was trying to access his account from OWA. he was greeted with Error as shown in above screenshot.

His Outlook & Mobile devices were working fine.

so I had to do following to clear the Issue

from Exchange Management Shell EMS

Ran the Following command to check if OWA was Disabled for the user

Get-CASMailbox affecteduser | fl Name,OWAEnabled

and got back reply

OWAenabled: Disabled

SO I executed following command to enable it

Set-CASMailbox administrator -OWAEnabled:$true


The same can be done from ECP too

1) Log into ECP
2) Go to Recipients
3) Select the affected user and click Edit
4) Click on “Mailbox Features” Option
5) Under Mobile Devices Click to “Enable OWA for devices”.

Close our Browser and now relogin as affected user and OWA should be working fine now.


OWA_Disabled_MailBox_ECP

Friday, April 27, 2018

SharePoint 2016 Cross domain and Trusted domain users access & rights

Today, one of my client approached me and requested me to make provision in his SharePoint environment for providing access to the users which are in their trusted domains.

so, here is the scenario and the solution…

There is a Domain One.Domain.net and a second domain as Two.Domain.com, it has a two-way trust enabled amongst them.

SharePoint is in One.Domain.net and the name of server is SP2016

Central Admin site URL is : http://SP2016.one.domain.net:9515

The Intranet URL is : http://SP2016.one.domain.net

To enable People picker to browse to trusted domain, I ran the following commands in elevated SharePoint Shell.


STSADM.exe -o setapppassword -password Paswd@12$Sp

stsadm -o setproperty -pn peoplepicker-searchadforests -pv "forest:One.Domain.net,One\ReadonlyAdminOne,ReadOnlyAdminOne_Password;forest:Two.Domain.com,two\ReadonlyAdminTwo,ReadOnlyAdminTwo_Password" -url http://SP2016.one.domain.net:9515

stsadm -o setproperty -pn peoplepicker-searchadforests -pv "forest:One.Domain.net,One\ReadonlyAdminOne,ReadOnlyAdminOne_Password;forest:Two.Domain.com,two\ReadonlyAdminTwo,ReadOnlyAdminTwo_Password" -url http://SP2016.one.domain.net

After 5 min, the people picker was able to identify and add users from trusted domain Two.Domain.com


Tuesday, April 17, 2018

Lenovo Laptop Brightness Issue

Today I faced a very peculiar issue, we had a display driver update for our Lenovo Laptops Z500 and suddenly the brightness went to 0 no matter what we did, nor even the reboot resolved the issue.

finally this registry setting did the trick.


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000]

"FeatureTestControl"=dword:0000f048


Changed the dword from f048 to ffff

or whatever the value just change it to ffff

rebooted the laptop and all was fine and functional again. lot of Lenovo laptops of even different models are facing this brightness issue.

just open regedit and find FeatureTestControl

take the backup of the registry settings before making these changes. always do a backup. one day you will thank for this advice.

maybe this helps someone somewhere.

Monday, April 16, 2018

Outlook keeps prompting for password Exchange 2013 / 2016

Like any Exchange admin I too came accross connectivity issues from Outlook client to Exchange

The issues which I faced with both Exchange 2013 & 2016, with Outlook 2013 & 2016, it kept on asking the users for password, no matter what I did, the issue could not be resolved.

Finally the following steps resolved this issue and all users are now happy.

lets us assume we have mail domain as mymaildomain, your External hostname &  Certificate name is mail.mydomain.com

open exchange management shell and run the following commands

first we set Outlook certificate name

Set-outlookprovider expr -certprincipalname: "msstd:mail.mymaildomain.com"
Set-outlookprovider exch -certprincipalname: "msstd:mail.mymaildomain.com"

then we set outlook authentication & the way outlook should treat the connection settings

Set-outlookanywhere -InternalHostname mail.mymaildomain.com -ExternalHostname mail.mymaildomain.com -identity "EXCSrv\Rpc (Default Web Site)" -InternalClientAuthenticationMethod ntlm -ExternalClientAuthenticationMethod ntlm -internalclientsrequiressl $true -Externalclientsrequiressl $true -IISAuthenticationMethods basic,ntlm,negotiate

Dont forget to change the mymaildomain name to reflect your mail domain.

FileZilla Error 425 Can't open data connection Failed to retrieve directory list

I was configuring a FileZilla FTP server on Azure windows VM, the client was able to connect & authorize but got error

Command: LIST
Response: 425 Can't open data connection.
Error: Failed to retrieve directory list

so to resolve this issue I did following

Open FileZilla settings

1) Select Passive mode settings
2) Select Use custom ports and enter range of ports what ever you like, I used 60800-60900
3) Select use following IP and Enter your Azure VM external IP Click save
4) Go to your Azure Portal under Network>> Firewall, Add the ports used in Step 3 in Allow range
5) Now connect with your FTP client and it will connect without any issues.

Worked like charm….

Tuesday, July 26, 2016

Exchange 2013 DAG Database SEED ERROR / ADD ERROR

Hi,

For some reason My DAG database copies started to FAIL,

Error: Failed to open a log truncation context to source server ‘Ex2013_01.Mail.Com’. Hresult: 0xc7ff1004. Error: Error returned from an ESE function call (-1305).

Resolution:

Source Server : Ex2013_01.Mail.Com
Target/failing server :  Ex2013_02.Mail.Com
Database name: DB2
DB location :  D:/Database
Logs Location: D:/Database/Logs

on the target Server where the Database is Failing/ or being Added to...

1) Delete the Failing Database
2) Add the database copy : Add-MailboxDatabaseCopy -Identity DB2 -MailboxServer Ex2013_02 -ActivationPreference 2
3) You will see same ERROR: no worries
4) Go to the Database Folder location :  D:/Database/Logs
5) Move all the log files to another location
6) Open Exchange Management shell and run: Update-MailboxDatabaseCopy "DB2\Ex2013_02" -SourceServer Ex2013_01  -Verbose

and your database will start seeding...

Remember not to Logoff or Close the Shell else it will stop seeding...

Thanks


Outlook SSL Security Alert Certificate Name is Invalid

Our Exchange Certificate expired and we had to renew the SSL. after deploying the new SSL, some users started getting SSL security Alert on...