Admins Handbook

Error:
Microsoft Exchange Information Store Database [DB-Name] copy on this server experienced a corrupted search catalog

Fix with this command:
Update-MailboxDatabaseCopy -Identity “[type in your DB]\[Your Exchange server]” -CatalogOnly

Mailbox:
set-mailboxfolderpermission -Identity testuser:\calender -User cl -AccessRights editor

Resource Calender:
Add-MailboxPermission –Identity testresource -User all-usersgroup -AccessRights FullAccess -InheritanceType All

Public folders:
Get-PublicFolderClientPermission -Identity “\firm1\firm1 calender”

Add-PublicFolderClientPermission -Identity “\firm1\firm1 calender” -AccessRights PublishingEditor -User testuser

Get-SendConnector | fl fqdn
Get-ExchangeCertificate | fl CertificateDomains
Get-ExchangeCertificate | fl thumbprint, services
Enable-ExchangeCertificate -Thumbprint A2AB2228777CE4539xxxxDF3F7D22A2E94326A99 -Services IMAP, POP, IIS, SMTP -DoNotRequireSSL

Rename the default role:
Set-RoleAssignmentPolicy “Default Role Assignment Policy” -Name “Unrestricted Role Assignment Policy”

Create new
New-RoleAssignmentPolicy -Name “Restricted Role Assignment Policy” -Description “Only base options.” -Roles MyBaseOptions -IsDefault:$True

If created grafical, you need to set it default this way:
Set-RoleAssignmentPolicy -identity “Restricted Role Assignment Policy” -IsDefault:$True

All new users get the new policy, but you need to run this command on everyone else:
set-mailbox usertest -RoleAssignmentPolicy “Restricted Role Assignment Policy”

more info

Add global address list:
New-GlobalAddressList -Name “Firm 4 – GAL” -IncludedRecipients MailboxUsers -ConditionalCompany Firm4
Creates the global address list based on “company” in the user object.

Remove global address list: remove-GlobalAddressList -identity “Firm 4 – GAL”

Show global address list: get-globaladdresslist

[PS] C:\Users\Administrator\Desktop>enable-exchangecertificate -thumbprint 2baade861687416c03a099430228b345679999d8 -ser
vices iis, imap, smtp, pop, um, none -DoNotRequireSSL

Get-ExchangeCertificate |FL

C:\>nslookup
Standardserver:   domc.mydom.dk
Address:  192.168.0.9

> set type=all
> _autodiscover._tcp.internetdom.dk
Server:   domc.mydom.dk
Address:  192.168.0.9

Ikke-autoritativt svar:
_autodiscover._tcp.internetdom.dk        SRV service location:
priority       = 0
weight         = 0
port           = 443
svr hostname   = server01.exchangeserver.dk
>

Test here: www.testexchangeconnectivity.com

Import-Module ServerManager
Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -Restart

Set-Service NetTcpPortSharing -StartupType Automatic

Install:

http://www.microsoft.com/downloads/da-dk/details.aspx?displaylang=da&FamilyID=60c92a37-719c-4077-b5c6-cac34f4227cc

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5cd4dcd7-d3e6-4970-875e-aba93459fbee&displaylang=en

Get-OabVirtualDirectory -server EXCH | Set-OabVirtualDirectory -InternalUrl https://exch.DOM.local/OAB -ExternalUrl https://webmail.Mydom.dk/OAB

Get-WebServicesVirtualDirectory -server EXCH | Set-WebServicesVirtualDirectory -InternalUrl https://exch.DOM.local/EWS/Exchange.asmx -ExternalUrl https://webmail.Mydom.dk/EWS/Exchange.asmx

Get-OwaVirtualDirectory -server EXCH | Set-OwaVirtualDirectory -InternalUrl https://exch.DOM.local/owa -ExternalUrl https://webmail.Mydom.dk/owa

Get-EcpVirtualDirectory -server EXCH | Set-EcpVirtualDirectory -InternalUrl https://exch.DOM.local/ecp -ExternalUrl https://webmail.Mydom.dk/ecp

Get-ActiveSyncVirtualDirectory -server EXCH | Set-ActiveSyncVirtualDirectory -InternalUrl https://exch.DOM.local/Microsoft-Server-ActiveSync -ExternalUrl https://webmail.Mydom.dk/Microsoft-Server-ActiveSync

Get-ClientAccessServer EXCH | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://exch.DOM.local/Autodiscover/Autodiscover.xml

enable-OutlookAnywhere -Server ‘EXCH’ -ExternalHostname ‘webmail.Mydom.dk’ -DefaultAuthenticationMethod ‘Basic’ -SSLOffloading $false

Remember to use a SSL SAN Certificate.
(With alternative names)
exch
exch.dom.local
autodiscover.Mydom.dk

If you have alot of domains you can setup a SRV record on every domain: _autodiscover._tcp.info-Mydom.dk exch01.hostingprovider.dk

Set external EWS url:
Set-WebServicesVirtualDirectory -identity “CAS1\EWS (Default Web Site)” -externalurl https://outlook.dom.com/EWS/Exchange.asmx
Set-WebServicesVirtualDirectory -identity “CAS2\EWS (Default Web Site)” -externalurl https://outlook.dom.com/EWS/Exchange.asmx
Get-WebServicesVirtualDirectory | select name, *url* |fl

https://outlook.dom.com/EWS/Exchange.asmx

Greylisting is an anti-spam measure.
When a new server connects for the first time, the greylisting server sends a SMTP protocol message that says: “Graylistet in 5 min please try again later”.
The wait time can be different, but usually 5 min.

The problem is exchange 2003 (with SP2) by deafult only waits for 1 min.
That has to be changed.

HKLM\System\CurrentControlSet\Services\SMTPSvc
Create a new DWORD value GlitchRetrySeconds

Change the Base to Decimal
Set 360 for 6 min.

Restart the SMTP service.

It is possible to have a catch-all mailbox in exchange. I works like a *.domain.com into a specific mailbox. It does not have an impact on all the normal users/emails on the system.

It can be done with a script by Michael B. Smith.

Get it here, instructions inside.