Powered by Ed Buford and Coffee

Get your top 5 Errors out of your Event logs

So many times I want to know what Errors are filling up the logs on a server.
Here’s a quick PowerShell to show you the top 5 Errors in your Application or System Logs.
Use this one for Application Log Errors:

Get-EventLog -LogName Applicaiton -EntryType error | Group source,eventid | Sort count -Descending | select -First 5 | FT count,Name

And this one for System Log Errors:

Get-EventLog -LogName system -EntryType error | Group source,eventid | Sort count -Descending | select -First 5 | FT count,Name

Office 365 PowerShell

So you’ve setup Office 365 in the Cloud – Let me be the first to congratulate you!
Kudos!   Now that that’s over you need to connect your workstation to it using PowerShell, so let’s get started.
You need to download and install a couple of files the first one is the Microsoft Online Services Sign-In Assistant for IT Professionals, download it here.

Once that is installed you need to install the Windows Azure AD Module. Go here and choose your OS (32 or 64 bit). Download and install the Module and you’re ready to get started.

Now all you have to do is connect your workstation to Office 365. Open PowerShell and type these commands:

Import-module MSOnline

This will import the Module you’ll need to make a connection to the Office 365

$Cred = Get-Credential

This will pop up a credentials box for you to put your Administrator UPN for Office 365 in.


Next create a new session based on your credentials:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $Cred -Authentication Basic –AllowRedirection

You’ll get a warning to tell you that you’re being redirected


Now Import a new PSSession based on the session you just created in the cloud.

connect-msolservice -credential $cred

And finally connect to the MS Online Service:

connect-msolservice -credential $cred

So to see the commands available now type:

Get-Command -Module msonline


Import / Export PST files with Exchange 2010 and 2013

For many reasons we sometimes need to Import or Export all or part of a mailbox to or from a PST.  Before you can Import or Export you’ll need to have permission to actually SEE the commandlets in Exchange.

So start by getting the proper permissions you can give them to a user, in this case to ebuford:

New-ManagementRoleAssignment –Role "Mailbox Import Export" –User ebuford

If you’d rather give permissions to a security group like Administrators you can do that too:

New-ManagementRoleAssignment -Role "Mailbox Import Export" -SecurityGroup Administrators

Once you’ve given rights you’re going to need to log out and then log back in to see the commandlets.

If you’d like to know who has the role assigned to them:

Get-ManagementRoleAssignment -Role "mailbox import export"

Ok so now we have the role let’s get busy!

Let’s say you need to export a full mailbox to a PST here’s how we’ll tackle that. We will need to create an new export request using the New-MailboxExportRequest  commandlet.
Specify the username for the mailbox and then give a full UNC path for the PST file you’re exporting. You can’t use C:\PSTs\ebuford.pst it must be a full UNC path.  So if you’re trying to get to the PSTs folder on the C:\ drive of your exchange server named Exchange2013 then try this:  \\Exchange2013\C$\PSTs\ebuford.pst 

-Mailbox username -FilePath \\files\pstarchive

New-MailboxExportRequest -Mailbox ebuford –FilePath “\\FileServer\PSTs\ebuford.pst”

ok so you started the mailbox export and you want to see how it’s doing. You can get the stats for a single mailbox export like this:

Get-MailboxExportRequestStatistics ebuford\mailboxexport

But what if you have a few exports running at the same time?  Try this:

Get-MailboxExportRequest | Get-MailboxExportRequestStatistics

Ok what about Importing a PST?
Well it’s basically everything we just learned but we’re going to use the NewImportRequest Commandlet.

You can also use the Get-MailboxImportRequest and Get-MailboxImportRequestStatistics.

So far so good – now let’s talk a bit about some of the options for these commands.

Let’s say I’m exporting a pst but I don’t want objects from the deleted items folder. I can use the –ExcludeFolders parameter like this:
New-MailboxExportRequest -Mailbox ebuford  – ExcludeFolders #DeletedItems# –FilePath “\\FileServer\PSTs\ebuford.pst 

Make sure you place ## around the folder

Another option might be to only get the Inbox from a mailbox you can do this just as easily using the –IncludeFolders parameter like this:

New-MailboxExportRequest -Mailbox ebuford  – IncludeFolders #Inbox# –FilePath “\\FileServer\PSTs\ebuford.pst 

Here is a list of well- know folders:

  • Inbox
  • SentItems
  • DeletedItems
  • Calendar
  • Contacts
  • Drafts
  • Journal
  • Tasks
  • Notes
  • JunkEmail
  • CommunicationHistory
  • Voicemail
  • Fax
  • Conflicts
  • SyncIssues
  • LocalFailures
  • ServerFailures

Exchange Server Message Tracking

This morning an engineer came to me with some questions about message tracking in Exchange. I did 2 things for him I logged onto a server showed him how to get started with message tracking in PowerShell.  Then I sent him over to Paul Cunningham’s blog ExchangeServerPro to download the “Become a Message Tracking Master book”. Yes you have to register to become a member, but it’s free and if you’re reading this you will want to that anyway.

The free book is invaluable, Go get it!


Book Review: Microsoft Exchange Server 2013 High Availability

I just finished the Microsoft Exchange Server 2013 High Availability book from Nuno Mota.
I highly recommend it as the definitive resource for HA. But, I also recommend this book as the perfect reference for how many components of Exchange actually work. From Database Availability Groups  to the inner workings of the  Client Access Server.  Although the book is only 266 pages long it’s packed full of great information!
I highly recommend it.



Pin-Point DNS (Split- DNS Alternative)

Frequently you’re faced creating DNS records for internal objects that we don’t have a Zone for. If you create a Forward Lookup Zone for them then you need maintain it for ALL the external records to. just imagine the issues that come with that, but thankfully we can create a Pin-Point record that will solve this for us with very little effort.

First take a look at this internal DNS Server:


You can see here that I have an ExchangeNerd.Local zone but no
So if I wanted to create a record for you might think the first step is create a Zone for but instead we’re going to create a Zone for which is the External Name of my mail server.

Right Click Forward lookup Zone and Choose New Zone:


This will launch the New Zone Wizard – click next
Choose Primary Zone and Make sure the Checkbox is checked for Store In Active Directory.
Click Next


If you’re dealing with just a domain then Choose Zone Replication for Domain.
If you’re dealing with a Forest then choose Forest – If you don’t know then choose Domain ;-)


Now Name the Zone the FQDN of the External Record – in my case it’s


Choose Allow on Secure dynamic updates for this zone – then click next and finished to create the Zone.


Now you have a Pin- Point zone all you need to do now is point requests to you internal host.
Expand your new Zone and in the right hand pane right click and choose New Host Record:


Notice that if you leave the Host Name blank it uses the name of the zone which we just created – so leave that field blank and add the IP address of the internal resource:


Wait for AD replication to work and you’re done!


IIS Default Website connection logs taking a lot of space

While working on an Exchange server last week I notice the 120GB drive was almost full.  I had a guess what the issue was and I was right. The IIS connection logs were taking up 65GB of space.  Now I could have just deleted all the files but someday I would have to come back and do it again. So instead I broke out a great little command to delete these log files every Sunday if the logs are older than 30 days.  I’ve had this command archived for years now so I apologize that I can’t give credit to person who put it together originally – anyway here it is:

Open an command prompt as Administrator and type this in:

at 12:00 /EVERY:Su Forfiles.exe -p C:\InetPub\Logs\LogFiles\W3SVC1 -m *.log -d -30 -c \"Cmd.exe /C del @path\"

Take note of the Path as this can be in different place for you. Also if 30 days isn’t long enough you can change that by changing the –30 to –60 or –90 or whatever you like.

So that created the task but it has yet to run it, unless you have some time to kill to wait until Sunday for this to run you’ll want to kick it off on your own. So open your Task Scheduler and locate the command you just created, right click and choose Run.
If all went well when it completes it will say The operation completed successfully, (0x0)



Setting Mailbox Database Limits with PowerShell

While doing an install or migration of Exchange to a new server one of the things I often need to do is configure all the mailbox databases at once to unlimited.
Now this is something you can certainly in the GUI but if you have more than 1 database to change then the GUI gets old fast.
You can do this easily in the Exchange Management Shell.

First you might want to record the current settings. I would run this Command to view the current settings:
*in each of these examples change SERVERNAME to the name of your server.

Get-MailboxDatabase -Server SERVERNAME | FL name,issuewarningquota,prohibitsendquota,prohibitsendrecievequota

To set the Issue Warning Quota:

Get-MailboxDatabase -Server SERVERNAME | Set-MailboxDatabase -IssueWarningQuota unlimited


To Set the Prohibit Send Quota:

Get-MailboxDatabase -Server SERVERNAME | Set-MailboxDatabase -ProhibitSendQuota unlimited


To Set the Prohibit Send / Receive Quota:

Get-MailboxDatabase -Server SERVERNAME | Set-MailboxDatabase -ProhibitSendReceiveQuota unlimited


IF you want to set all at the same time:

Get-MailboxDatabase -Server SERVERNAME | Set-MailboxDatabase -IssueWarningQuota unlimited  -ProhibitSendReceiveQuota unlimited -ProhibitSendQuota unlimited


PacktPub BOGO

If you’re reading this blog you must be Technology Geek which means you collect technology books as well. With that in mind I want to point you to PacktPub.
They are currently running a Buy one Get one Free from now until March 26th 2014

You won’t want to miss this one ;-)



Configuring an Onsite Relay for Office 365

Moving to the cloud comes with a lot of things no one ever thinks about.  One of those things is SMTP traffic from Printers, Network Monitors and Line of Business apps that have been sending mail straight to an Exchange server for the past decade (or longer). SO what do you do with that SMTP traffic to get it up to Office 365?

Well, the best and most reliable way to do this by setting up an IIS SMTP Relay. To do this from the Windows world your choice is to use an IIS 6 SMTP configuration.  A good server to do this from would be your DirSync Server.
Here’s what you need to know to do it:

First in Office 365 you’ll need to configure a connection to your On-Premise connection.  So log into your Office 365 Admin Portal and choose Exchange. From the list on the left choose Mail Flow and then choose Connectors from the options and create a new Inbound Connector:
Be certain to add the IP that your server purports to be an easy way to see that is 

Make the connector an On-Premises connector and then add your Domain and make certain you set it to Opportunistic TLS.


Once you’ve created the connector you’ll need to setup IIS 6.

In Server Manager Add a new Feature. In the list check the box for SMTP. It will pop up a box with everything you need for SMTP.


Once this installs go to the Administrative tools and Launch IIS 6.0 Manager.


If you click on Domains you’ll see the domain will become the FQDN of the server itself. I recommend that you right click on this and change to an for good measures.  Now add a new REMOTE Domain by right clicking Domains and selecting New.  Now choose your new domain from the list and right click for Properties.

Check the box to allow Incoming mail to be relayed

And then click OK


Now right click the SMTP Server name and choose properties from the list.  Click the Connection button and from there select the Radio button for Only the list below and add IP addresses for each device you want to relay email for.


The Default IIS Outbound connection is Port 25 so you don’t have to do anything there.
It is best practice to use TLS as a connection so under the Delivery Tab choose Outbound Security make sure Anonymous Access and TLS are both selected


After you make any changes to an SMTP Virtual server you need to stop and restart it.
Do this by right clicking the SMTP Virtual Server in the Navigation pane and choosing stop.
Once it’s stopped right click and start it.

Now test it you should be able to see mail going into and out of the Mailroot Queue: