Outlook Mass Attachment Removal

Have you ever come across an Exchange mailbox that was so large it was busting at the seams of your database drive and was found to be jam packed with large attachments?  You could go through each email and remove the attachments one by one, or you could download Nirsoft’s free OutlookAttachView:

http://www.nirsoft.net/utils/outlook_attachment.html

This came in very handy to me when a sales user at our company had sent out a 23MB file hundreds of times, when it really could have been a 500k graphic if it was properly sized.  This tool worked like a charm to rip them out of the mailbox leaving each email intact.

When you open it you’ll choose your settings for the Mailbox Scan and I found that only “Use the default Outlook profile” worked, so I just set the mailbox I was working on as the default profile in Windows/Control Panel/Mail/Profiles.

OutlookAttachmentSS

Exchange 2016 Defaults

Anytime you upgrade Exchange, your new servers will have some default settings that you may need to root out.  The most immediate one to address is the default Mailbox size limits that are listed when you create a new mailbox database – they are pretty stingy so increase these on the Limits tab or set to unlimited.

Another one that caught me off guard recently on Exchange 2016 is a message rate limit imposed on certain receive connectors, namely the Client Frontend and the Client Proxy. A developer saw this error in some app logs as a symptom:

java.lang.Thread.run(Thread.java:745)Caused by: com.sun.mail.smtp.SMTPSendFailedException: 421 4.4.2 Message submission rate for this client has exceeded the configured limit

.

To find the rate limits of your connectors, enter the following command into an Exchange shell:

get-receiveconnector | ft name,messageratelimit

.

You’ll see a list of all connectors and their messageratelimit.  Some of mine said 5 which was a default setting.  Since I have other protections in our enterprise such as Anti-virus with mail worm protection and outbound filtering, I want all of my rates to be unlimited.  I wrote this simple command to make that happen:

.

get-receiveconnector | set-receiveconnector -MessageRateLimit Unlimited

.

Once you make that change, be sure to restart your transport service on each Exchange server that previously had a limit of 5 and you’ll be free of these limitations.

.

Another annoying setting is the default MAPI limit, and with the preferred connection method being MAPI with Exchange 2016 you’ll want to increase yours from the default which I believe is 50:

Log into each Exchange server

Open the registry editor

Goto the following key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem

Right click on ParameterSystem and select new, then select key

Rename the new key to MaxObjsPerMapiSession

Right click on MaxObjsPerMapiSession and select new, then select DWORD (32-bit) Value

Rename the new DWORD value to objtMessage

Change the value to a higher number (I set mine to 1500)

Restart the Information Store service

.

And finally, the content filter.  If you already have an enterprise-grade upper-Gartner-quadrant spam filter, you do not need Exchange inspecting your emails because it will block completely valid emails.  To turn that off you’ll need to run Get-ContentFilterConfig and take a look at each feature that’s turned on.  Then run Set-ContentFilterConfig -<servicename> $false and don’t forget to run this separately on each EDGE server since they will not sync these settings and will continue to block as I learned the hard way.

Women in STEM

As an alumni of the Texas Academy of Math and Science and a female technology engineer, I am occasionally asked to speak to Women in STEM for various conventions and publications.  I have been pondering what to say to young women who are excelling in math and science and might consider a STEM career.

In the past I hosted a booth at the Sally Ride Science Festival at SMU that was geared towards 1st to 5th grade girls.  This festival arose because there is a drastic drop-off during that range where young girls list math and science as their favorite subjects, and suddenly that changes as they get into middle school and higher grades.  Why is this?  What is turning these young girls off to careers in STEM despite their interest?  In my experience from a small rural town in Southern Illinois, I was taught that those types of jobs were for men and that women should go into teaching, marketing, nursing, or becoming a housewife.  Those are all admirable careers, but I knew that I loved math and science and I wanted to figure out complicated problems in some way.  IT gave me a taste of it and I never looked back.

IT wasn’t my first choice, I actually wanted to be an astronomer.  I never went to school for IT but I was given the chance to try it when I was a poor student barely scraping by.  The entry-level helpdesk salary I was offered was gigantic at the time so I jumped in.  I learned quickly and jumped ahead of the pack at each IT job with the help of some amazing companies who gave me a chance to work above my station.  Sometimes you have to break things in order to fully understand how they work and I created my fair share of problems along the way.

I’ve had many amazing managers but my success is because of the ‘mean boss’ I had a few jobs ago.  His words stung at times and for a while I resented him, but he pushed me and helped me set higher standards for myself and those around me.  He taught me not to take no for an answer, to fight for things that I knew were right, and to demand a higher level of service from our vendors.  If I had only ever worked for nice people who were supportive and reassuring no matter what, I wouldn’t be where I am today.

For the first 10 years of my IT career, I never stayed at a job for long.  I would dig in, learn everything about the environment and ask questions even though you’re supposed to act like you know everything, and then jump ship for higher pay and higher learning.  I fluffed up my resume at times to get to the next level and always volunteered to support new products.  I didn’t coast along anywhere because I wasn’t happy at a job that I could do with my eyes closed.  IT does a great job of constantly challenging you with new problems, but I wanted more responsibility and more authority and didn’t stop until I had it.

So my advice to women who want to grow in their STEM field is don’t be deterred, fluff your resume when necessary, break things, and learn from the mean boss.

 

Exchange 2016 OWA error Unrecognized attribute ‘maxUrlLength’

I completed my Exchange 2013 to 2016 on-premise upgrade recently.  I was installing one last component on a mail server for Nintex workflows which allow SharePoint to automatically generate email accounts for new employees.  It required the installation of .Net 2.0.  No big deal other than the path to source files and required reboot.  After configuring a new app pool and URL for Nintex, I noticed OWA had stopped working for users on that server.  The event log displayed the error:

Log Name: Application
Source: ASP.NET 2.0.50727.0
Date: 7/20/2016 9:17:37 AM
Event ID: 1310
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: [omitted]
Description:
Event code: 3008 Event message: A configuration error has occurred. Event time: 7/20/2016 9:17:37 AM Event time (UTC): 7/20/2016 2:17:37 PM Event ID: 5feea16bb6e64349967b7d8396f6821a Event sequence: 1 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/1/ROOT/owa-39-131134978579008397 Trust level: Full Application Virtual Path: /owa Application Path: C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\ Machine name: [omitted] Process information: Process ID: 15100 Process name: w3wp.exe Account name: NT AUTHORITY\SYSTEM Exception information: Exception type: ConfigurationErrorsException Exception message: Unrecognized attribute ‘maxUrlLength’. Note that attribute names are case-sensitive. (C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\web.config line 85) Request information: Request URL: https://localhost:443/owa/ Request path: /owa/ User host address: 127.0.0.1 User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\SYSTEM Thread information: Thread ID: 10 Thread account name: NT AUTHORITY\SYSTEM Is impersonating

I didn’t notice it right away, but after digging around I found that OWA was suddenly using .Net 2.0 and that’s why it didn’t recognize all of the attributes.  So my fix was to open IIS management, right-click Application Pools, right-click MSExchangeOWAAppPool and go to Basic Settings, and choose .Net 4.0 from the drop-down for .Net CLR Version.

exchange2016

Not sure why it reverted, but since I didn’t find this solution anywhere on the web I’m just throwing it out there.  Other than that, I haven’t hit any snags with Exchange 2016.  Changing the organization to use MAPI was the only major change and we had no issues with Outlook clients.

 

vSphere 6.0 -Deprecated VMFS volumes

After adding some SAN storage to my UCS Blades, they displayed an error in vSPhere that said “Deprecated VMFS volume(s) found on the host.  Please consider upgrading volume(s) to the latest version.

My volumes were already the latest and greatest at VMFS5 so I turned to trusty google.  Apparently this is a known issue affecting vCenter Server 6.0.  It said to restart the management agents on each host to clear up the issue, sweet.  I logged onto each host using the DCUI and proceeded to restart the management agents…the error never disappeared.  Grr.  Digging a little deeper I found that some people who fixed it were doing it through the command line.  Both methods should do the same thing but I gave it a shot.  Sure enough, connecting to each host via putty (ssh) and running the “services.sh restart” command did the trick.  It may throw some alerts but you shouldn’t lose connectivity to anything and the alert will promptly disappear.

For more information on this error see vmWare’s support:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2109735

 

Cisco UCS – Unable to boot to SAN

During the configuration of my UCS B-Series I ran into some issues with booting to SAN that required me to open a TAC case after exhausting the Internet.  The answer was so counter-intuitive that I wanted to post it here in case anyone else can use it.  Here are the steps I took and where I hit a roadblock.

First I created host profiles in the UCS for each blade and applied WWNs from the SAN pool.  Each blade has a side A and side B WWN which I zoned to different node pairs on our 3par to distribute the load.  Next I cabled the UCS to our fabric switches and set up the boot policy on each blade to boot to one of the WWNs from each side of the fabric, one for the primary and one secondary.  I created boot volumes on the 3par for each blade and powered up the blades.  I set them to boot to a locally mapped ISO and when the prompt came to scan for storage to use for the install, they all found their proper disks immediately.  After rebooting the blades could not find their boot disks.

ucs-boot

The catch is that there are 4 storage WWNs mapped on each side, so you can’t just pick any WWN.  To find out what one you need to use, you will have to get onto the command line of the controller on each side of the UCS and run these commands.

You’ll need to ssh using putty (or any ssh client) to each controller of the UCS and log in as an admin.

Type: Connect Adapter 1/1/1
This command is used to identify each blade, just change the middle number to correspond to each blade you need to pull up.  Blade 2 would be 1/2/1 and so on.

Type: Connect

Type: attach-fls

Type: vnic
Here you will see two listings, and you choose the one you want to view in the next command.  Choose the top if you’re on side A, choose the bottom if you’re on side B.

ucs-cmd

Type: lunlist xx
Where xx is the number of the vnic you want to list, choose the top one if you’re on side A, the bottom if you’re on side B.

What you’ll see listed here is a list of all of the WWN paths currently zoned.  The top number is the one you need to enter on the first graphic above for the boot order SAN targets.  These are the only ones that will work!

Hope this helps!  If you have any questions please feel free to drop me a comment.

Veracity Coldstore Review

coldstore-3u-side-240x86-large
My company has utilized Veracity Coldstores for about 4 years at a large public event space exclusively for archiving security camera footage for around 300 cameras.  These storage devices are specialized, less expensive than standard enterprise storage and extremely durable.  Part of their design allows them to shut down hard drives that are not in use, greatly extending their lifetimes.  We actually haven’t had a single drive fail in my tenure.

Our first products in 2012 were the dark blue Arcus 4U models.  We loaded them up with 15 Purple WD 4TB drives that are made specifically for surveillance per Veracity’s recommendation.  Using a centralized security camera management software (Genetec Security Desk) we use a local Windows drive for dumping the video footage temporarily.  Veracity’s Video Mover app continuously scans the drive and picks up files to move over to its own storage.  At about 50 cameras per Windows server, with 6 servers sharing 3 Coldstores on 4gb fibre it keeps up with the load just fine.  Our cameras are on continuous record so there’s never any downtime.

We’ve also used them in conjunction with Avigilon camera software, but only as an extended archive.  Avigilon uses local storage as a best practice, and when we tried backing up footage from an Avigilon VM to any other drive, we lose most of the advanced browsing/zooming functionality so our security department asked for it to be kept locally.  We ended up doing backups of footage older than 30 days to the Coldstores with Video Mover and it works great in that capacity.

We are currently setting up a new facility of a similar size with their new Coldstore 3U devices and 6TB purple drives.  They look sharp with a brushed aluminum finish and smaller size.  We received service above and beyond the line of duty from Veracity as we needed to get the cameras going before the datacenter was completed.  Their installers were required to undergo security training and work in dusty and dangerous conditions but still managed to get our Coldstores racked and stacked ahead of schedule.  Great company to work with and their product works so well you never have to think about it.