Tuesday, January 27, 2009

Non-Windows Mobile Issue relating to ActiveSync with Exchange 2007 SP1

Ehlo All,

If you attended the October 08 meeting of the NY Exchange Server User group (NYExUG), you would have learned that ActiveSync is a different beast for Windows Mobile (e.g. HTC Touch, iPAW Hwxxx, etc) & licensed ActiveSync devices (e.g. iPhone, Palm Treo, etc). So, when I recently upgraded from Exchange 2003 to Exchange 2007 SP1 (on Windows 2008 - I like pain), I was hoping ActiveSync would just work. Nope, I was out of luck. End user Palm 700p error of AirSAMStateMachine.c 1913 4628. But the fix was pretty easy IF you know the PowerShell command. IF is the key word there.

So, as always, first step of troubleshooting, is to Google the error and see what comes up. I quickly found that ActiveSync's default security policy was probably the cause of the issue. And I crossed my fingers and ran the following command (bold italics on 1 line) below. Also, don't just run commands like I recklessly did, but find out what exactly it's doing and how to reverse it in case all hell breaks loose. This is a mission critical application.

Start --> Programs --> Microsoft Exchange Server 2007 --> Exchange Management Shell
Remove-ActiveSyncMailboxPolicy -Identity "Default"

Then magically, ActiveSync started working. Just so you know, below is the Microsoft TechNet article that explains the various options available in ActiveSync policies. There are many more settings that can be controlled in Exchange 2007. I'm not sure which setting caused the issue, but at least I have 1 less screaming user which makes exploring and research the options more enjoyable.



Monday, January 19, 2009

OWA Light Comparison from Exchange 2003 to 2007

Ehlo All,

So, I upgraded to Exchange 2007 this past week. The primary focus of this blog post is OWA Light difference between 2003 and 2007. Reason is, I frequently use OWA on non-IE browser to access Public Folders and was surprised to see existing features in OWA 2003 removed. So, I wondered what else was missing in action (or added) from OWA Light on 2007. Here is the list. [-] means feature is missing from new version. [+] means feature is added in 2007.

If you have a lot of OWA Light users, I would seriously consider staying on Exchange 2003 or leaving OWA users on Exchange 2003 while having other users on Exchange 2007.

What others talked about....
Exchange Product Team Discussing OWA Light 2007 - it seems OWA Light only gained feature according to the Exchange Team.

Figured I would share since OWA is discussed...
Exchange Product Team Discussing Exchange 14 (aka E14). Not much detail except talk about the 3.5 million beta testers and "empowering" end users with distribution list & GAL control. Not very sexy.

OWA 2007 OWA Light - to summarize, is the bare essential in webmail. So, that's email, calendar, & contacts. Nada mas.
[-] Calendar (Daily View Only)
[-] NO Public Folders Access
[-] NO Tasks
[+] Quickly jump to a subfolder (via drop-down)
[+] Easily rename/move/delete folders
[+] Ability to search in Address Book
[+] Ability to change AD password
[+] View a partnered Windows Mobile device

OWA 2003 OWA Light
[+] Calendar (Daily & Weekly)
[+] Public Folders
[+] Tasks

To say I'm disappointed would be an understatement. Come on Microsoft, add features, don't remove otherwise folks will jump to other web based email products like GMa... you know what I'm talking about. :-)

I'll blog more about differences in the future and the migration in general.


Monday, January 5, 2009

Handy Free Tool to Test Connections to other Mail Servers - Time Saver Tip

Ehlo All,

When you need to test another mail server connection, to make sure it's accepting emails, I normally do the following: RDP to mail server, open telnet, open some ip:25 and then enter in smtp commands and make sure the other mail server accepts the email. I recently heard about a tool that expedites this process by handling DNS lookups, smtp commands, etc. It's called TestMX.

About TestMX. It's a very small free Windows application (command line, but don't be afraid, it's very easy). All you need to do is enter the domain to test, and it handles everything for you. The download is 2 files, help file and the .exe program. Below is what I did. I downloaded TestMX, and ran it against my domain (testmx -dreefsolutions.com). See, so easy. So, let's see what happens.

Play by Play
1) it performs a DNS lookup. It shows my local PC's DNS is and
2) it shows the MX records for reefsolutions.com, which are 3 servers.
3) attempts to connect to the lowest preference number (lower is priority connection). If it fails, the tool is suppose to attempt to connect to next preference number.
4) creates a connection to the MX record it found and is successful since the servers responds with "Spam Be Afraid" which indicates my server would be willing to accept more commands to send an email. This does NOT guarantee an email will be accepted though. It simply is testing that the other server is alive and responding.
5) quits connection.

D:\>testmx -dreefsolutions.com
Testing MX connection with domain reefsolutions.com
Using nameserver

MX for reefsolutions.com is spamcopcluster1.reefsolutions.com []
MX for reefsolutions.com is b.reefsolutions.com []
MX for reefsolutions.com is spamcopcluster2.reefsolutions.com []
Connecting with spamcopcluster1.reefsolutions.com []
Connection established with spamcopcluster1.reefsolutions.com []
< 220 Spam Be Afraid
> HELO BlackThunder
< 250 spamcopcluster1.reefsolutions.com Hello static-xx-xx-xx-xx.nycmny.fios.ve
rizon.net [xx.xx.xx.xx], pleased to meet you
< 221 Bye
Connection closed with spamcopcluster1.reefsolutions.com []


Or, if you want to actually test sending of email you'll need to use an email client or perform the smtp commands by telnet. I recently found a better smtp command site than my old favorite (Microsoft's KB article on the process). Like I said before, the TestMX is only to insure the other mail server responds.

Old School way to test smtp (command by command). Favorite site to explain smtp command sending and is more accurate than the one below.

Old Favorite for testing via smtp commands (XFOR: Telnet to Port 25 to Test SMTP Communication)


Thursday, January 1, 2009

A free gift for BES admins. Do you know about a "knife-edge cutover"? You now do!

Ehlo All,

I've been involved (meaning supporting) BlackBerry Exchange Servers (BES) for 5 years or so, and I just found out about the failover process of BES 4.0 & 4.1. RIM calls it "knife-edge cutover". This is a pretty cool capability that's not too difficult to implement.

I'm a big believer in reading documentation, and didn't know about this until another IT tech casually mentioned this in passing while we discussed virtualization. To summarize, it allows you to quickly failover to a new BES without the need to reactivate BlackBerry devices for end users. So, it allows you to upgrade server hardware, replace a virtual machine (which we recently did and used this approach), or test fail-overs. It worked flawlessly. BlackBerry users didn't even know we failed over to a new vm (virtual machine) since it took only a few minutes. A client's BES vm was having issues, so we used a base vm image and setup BES capability, and then perform a knife-edge cutover. Problem solved, and I'm sure we won't be touching that image for many more years.

Enjoy this gift.... RIM's KB10278 instructions about knife-edge cutover for BES 4.0 & 4.1