
Maximize My SendSize

Someone asked me the other day, “How could I go about using Security Groups, to control users’ send size limits?” He basically had a limit of 2mb for all users, and wanted to allow users in a specific Security Group to send up to 50mb messages. Here is a basic breakdown of the process I suggested: Firstly, you need to confirm that the global transport limit is raised to 50mb.

You can view and set these limits using get-transportconfig and set-transportconfig respectively:
Get-TransportConfig | select MaxSendSize  
The next step would involve setting the send connector to allow 50mb messages. You can use get-sendconnector to get a list of all send connectors, and their respective limits.
Get-SendConnector | Select Name, MaxMessageSize   
And then use set-sendconnector to set the MaxSendSize Set-SendConnector “Connector Name” –MaxSendSize 50mb Finally, you need to control the individual users’ send limits. If you have to control it via groups, you can use the following command to first enumerate the users in the group, and then pipe that to the set-mailbox command. Replace testsizegroup with the group you need to control the size limits for.
((get-group "testsizegroup").members) | foreach {set-mailbox -identity $_.Name -maxsendsize 52428800}
This will set the MaxSendSize for all users in that group to 50 mb. This command will have to be rerun every time to add users to the group, so it would be advisable to schedule this command to run hourly / daily etc.
Read more

The OWA saga continues...

After solving the msExchVersion mystery, it has become apparent that even more of our Exchange 2007 users were unable to access OWA.

After logging onto the site, a very similar error is displayed: Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException Exception message: There was a problem accessing Active Directory. My first step was obviously to verify the msExchVersion.

After ensuring that this was correct, and that the users were still unable to use OWA, I had to do more digging. Deeper delving into this issue, yielded the following KB from Microsoft:

To use OWA the Exchange Servers group must have write permissions to the msExchUserCulture attribute. Easy to resolve, just allow inheritable permissions from the parent to filter to the faulty object / objects, as per the KB article.

Easy enough on one account, but if you had to change this setting manually on multiple accounts, you could use Set-QADObjectSecurity –UnlockInheritance to accomplish the task. For more information see Dimitri’s blog
Read more

Legacy mailboxes on Exchange 2007

One of our users had a problem logging onto OWA today, and I noticed that the icon for his mailbox in the GUI displayed as a legacy mailbox, although he was located on an Exchange 2007 mailbox server.

After countless searches, I came across this article: It explains that the msExchVersion property on the AD object is not set correctly, and that using set-mailbox –ApplyMandatoryProperties would resolve the problem. Looking at the help information on set-mailbox this could also be caused by users being created on Exchange 2007 server using the Exchange 2003 tools, although these users were migrated from Exchange 2003.

So, how to correct this? First get a list of all mailboxes on the Exchange 2007 server with the incorrect version. Using get-mailbox, the incorrect Exchange version displays as 0.0 (6.5.6500.0) The following command returns a list of these mailboxes by server (where SERVER1 is your Exchange 2007 server):

get-mailbox -server SERVER1 -resultsize unlimited | where {$_.ExchangeVersion -like "*0.0*"} | select Name, ExchangeVersion

Once you verify the list, pipe them to set-mailbox.

get-mailbox -server SERVER1 -resultsize unlimited | where {$_.ExchangeVersion -like "*0.0*"} | Set-Mailbox –ApplyMandatoryProperties  

This resolved the problem for me, easily, on multiple Exchange mailboxes. Running the get-mailbox command again, returned no results after applying set-mailbox to the problematic mailboxes.
Read more