DB fails to activate on another node in an Exchange 2013 DAG

gearIt has been a while since I blogged about Exchange! Last year actually! Time runs by quick ..

Anyways, I wanted to talk about a problem you might face (certainly I have faced recently) in a situation when your DAG members are online but the database fails to activate to a particular node! Back in the days that used to happen if one of your Exchange vital services has stopped, but in this scenario all services were running as normal.

Based on Activation preference on each DB, I wanted to redistribute DB’s between all nodes after a restart. MS has kindly written a beautiful script that could take care of that for you based on a specific DAG. RedistributeActiveDatabases.ps1 which is located under Exchange install directory inside a ‘Script’ folder. This script can take your DAG and assess DB distributions, based on their activation preferences it starts to move the active DB’s to their intended servers.

In my case it failed to move due to some error on the server regarding ‘HighAvailability’ state, Exchange 2013 has introduced a new concept of server component state, which gives a granular control over server components that make up the Exchange server.

Running Get-ServerComponentState -Id ServerName on an Exchange server would show each of the component running and their state, this is very useful in troubleshooting problems with Exchange before even digging deep into configuration.

In order to bring server components online you could run the following PowerShell command:

Set-ServerComponentState -id ServerName -Component ComponentName -State StateName -Requester FunctionName

Note, if components were brought online by multiple requesters then you would need to issue the ‘Active’ command state under both these requesters in order for the component to turn to active.

There is a great article written by the Exchange team which goes in great depth explaining the principle behind it and the advantages gained by the administrator.


Leave a comment

InTune or not to InTune … is it a Question?

I am currently working for a client designing a solution for MDM (Mobile Device Management). Most customers look for an easy to use solution so it could be picked up and managed appropriately by their internal IT staff.

There are many solutions on the market, like AirWatch, Good and InTune plus many more that I didn’t mention, each have their advantages and disadvantages. Anyways, I am not writing a product feature review so I won’t dive into a comparison between the vendors.

For this customer we have settled for InTune due to cost and integration with existing systems like Microsoft SCCM 2012 R2.

InTune does provide good MDM solution in the cloud for those who want to migrate away from their on-premis private cloud or create a hybrid cloud. Either way it’s a good step forward in the cloud which would open up more possibilities inside MS Office 365 hosting.

If you have implemented MS SCCM 2012 R2 on-premis, it is recommended to integrate SCCM to manage your mobile devices with InTune. Combined they could provide a very powerful solution to manage settings on the phone down to the application level.

Microsoft has a very good article on application control using SCCM and InTune http://technet.microsoft.com/en-us/library/dn771706.aspx

If you have InTune and want to integrate SCCM to your solution then it’s achievable even though you have switched on InTune as your MDM Management Authority. A call to Microsoft support could start the process in that transition, this process is disruptive and it would impact all phones enrolled on InTune during that transition. Having SCCM as MDM Management Authority is one way road, so you won’t be able to flip back to having InTune as your MDM Management Authority.

, ,

Leave a comment

Report on Exchange 2010 Server RU level

I found a nice script written to gather your environment Exchange environment RU level.



Leave a comment

Couldn’t open backup file handle while performing Exchange DB seed via Powershell


The error above is the outcome of running Udate-MailboxDatabaseCopyStatus -Identity DB_NAME -DeleteExistingFiles and the DB status went to Failed and Suspended. The reason is that the backup was kicked off and the handle for the DB was no longer available.

You could check the status of the backup on the DB by running Get-MailboxDatabaseCopyStatus -Identity DB_NAME | fl *backup*



Two ways to get over this, either to wait for the backup to finish or to reboot the server and stop the backup and that should fix the issue, the seeding process needs to start from scratch.

, ,

1 Comment

Network has no associated network protocol profile

vMA-error Cannot initialize property ‘vami.netmask0.vSphere_Management_Assistant_(vMA)’ Network has no associated network protocol.

This is a message we have received while powering up our vMA template. The reason for this is that there isn’t an IP pool defined for the network adapter where vMA was plugged in to.

The solution is simple, click on your Cluster node within your vSphere client – click on IP Pools tab and then create an IP pool associating it with your physical NIC. This would assign an identity to your network adapter.

After creating the IP pool, you should be able to power on your appliance.

1 Comment

Move database between two DAG’s

Ever wondered how to move a whole database from one DAG to another without going through mailbox by mailbox migrations? For what reason? (you might ask)

We had to split two remote sites to two separate DAG’s to limit DAG dependability on link between them due to some reliability issues. This has caused us problems in the past and lots of headaches to keep users happy.

The original setup consisted of two multi-role Exchange 2010 servers in a stretched DAG with File Share Witness (FSW) being in Site A. If the link goes down or becomes intermittent then all DB’s would fail over to Site A and Site B will have no or very limited access to their mailboxes (See figure below).


What we needed to achieve is to have both sites working even during link failures, which isn’t possible with one DAG, hence the proposal of two DAG’s. Using the current design above we have managed to split users according to site into their own DB’s and activated those DB’s on their respective sites.

In order to create a second DAG and migrate DB’s across to new DAG, we followed following steps:

1. Make sure all DB’s are in sync (healthy)

2. Ensure all required DB’s for second DAG are activated on the swing server (i.e. in our diagram MBX2).

3. Remove any DB copies that tie that server with MBX1 before attempting to evict it off DAG1.


5. Evict MBX2 from DAG1 ( Under Organization Configuration – Mailbox – Database Availability Group – right click on the DAG you want to evict MBX2 from and click on Manage Database Availability Group Membership).

6. Select MBX2 (in our case) and click on X to remove it.

7. Now, now right click on the DAG that you want to join and follow the same steps above to add MBX2 to the DAG.

8. Setup your DB copies.

This process should be seamless to end users with no interruptions to service, just make sure AD topology is updated at each step to avoid any DB downtime.

I hope this article will help you to save some time and effort in regard to DB re-allocation rather than mailbox-by-mailbox migrations. Of course mailbox-by-mailbox replications has it’s benefits, if you have lots of white space which you want to recover rather than dismounting the DB and running an offline defrag which is time consuming and it requires downtime depending on the size of the database.

, ,


Soft Deleted Mailbox in Exchange 2010 (Continued)

In my previous post I have talked about what happens behind the scenes when you disconnect a mailbox via EMC. Soft deleted mailboxes stay on the system for the whole retention period (by default 30 days) hence they still utilise space within Exchange DB, if you are running on low disk space then this might become an issue.

Luckily there is a solution to this issue, using Remove-StoreMailbox command in Powershell, follow the solution in this MS article http://technet.microsoft.com/en-us/library/gg181092(v=exchg.141).aspx


Leave a comment

Soft Deleted Mailbox in Exchange 2010

Have you ever wondered why there are so many disconnected mailboxes? That has flagged a big security alert in our firm, especially after finding out how IT staff used to disable user accounts! By disabling a mailbox, you are actually detaching that mailbox form it’s AD object, this orphaned mailbox is prone to deletion according to your Exchange mailbox retention policy (by default 30 days!).

We have also found few other mailboxes for active users but they are sitting in Disconnected Mailbox, by running the command:

Get-MailboxStatistics -Server ServerName | where {$_.DisconnectReason -eq ‘SoftDeleted’}

The result would show user display name for those mailboxes that had moved from one DB to another. Exchange would mark the source mailbox as SoftDeleted rather than the default Disabled – a mailbox gets flagged as Disabled when disabling mailboxes using the Disable command within the MS Exchange GUI or Disable-Mailbox via Powershell.


1 Comment

Offline seed of Exchange 2010 DB in DAG environment

imagesAdding a member server to the DAG is an easy and worthy process, as it could provide protection against server failures and for remote sites it could save on bandwidth in regard to RPC (Outlook client) traffic to mail server.

In our situation, we have a stretched cluster which extends the DAG over a microwave link. copying a database over that link could take days, or weeks especially if we are talking about several databases with over 300 GB in size. This article will take you over offline seeding, this process proved successful in our case and very effective, but in order to get a successful result each of the steps outlined below have to be covered in that order.

Steps to offline seed Exchange 2010 DB

1. Before you even start, you should stop backing up the databases. Backups could truncate your logs files and cause the database to fail at the other end if any of the logs are missing.

2. Using DISKSHADOW.EXE tool, this tool is part of Windows 2008/2008 R2. With this tool we will be able to create a read only copy of the database volume before copying it to an external or network media.

3. At the command prompt, type DISKSHADOW.EXE

4. You can query available disk shadows by running: list shadows all

5. Set the snapshot as crash consistent type : Set Context Persistent

6. Add your volume ready for a snapshot (in our case the K drive): add volume K: alias kdrive

8. To create the VSS snapshot type: create

9. To expose the snapshot as a read only, type: expose %kdrive% Z:

10. Now at that point you should be able to see a Z drive available, it will give you a read only access which allows you to copy the content to a USB drive or directly to the target if the bandwidth permits. In our case we shipped it on a USB drive to our other remote site where we loaded it onto a temp drive on the target Exchange server. After copying the database, you can remove the volume and snapshot by running the following command using the Diskshadow.exe utility:

unexpose Z:

delete shadows volume K:

11. At this point we can create another database copy by running this Exchange PS command: (Make sure to use the -seedingpostponed key)

Add-MailboxDatabaseCopy -Identity DatabaseName -MailboxServer TargetExchangeServerName –SeedingPostponed

12. Place the database .db file in its corresponding directory

13. Then run PS:  Resume-MailboxDatabaseCopy “DatabaseName\TargetExchangeServerName

Now Exchange would validate the database and copy the required and missing log files form the source Exchange server.

, ,


Dynamic Distribution Group – Excluding Security Group


It has been a while since I have posted anything on my blog, due to change of responsibilities and the new job. Now I am mainly focused on VMware and Exchange.

Most people know that Dynamic Distribution Groups are great in offering flexible and automatic management of user membership in addition to all the features offered by normal distribution groups. By the way, I won’t be detailing how to use Set-DynamicDistributionGroup cmdlet in setting a dynamic group up (please refer to powershell help by typing help Set-DynamicDistributionGroup -Examples to see some examples of how to use -RecipientFilter property).

If you image that you have all your users in one OU (which is possible) , Dynamic Distribution Group look at a specific recipient container. In some cases you want to exclude a single user from the list, now that is easy, make sure (-not(Name -like ‘name‘) is entered into your recipient filter.

Excluding one name is easy, but you don’t want to keep adding a name at a time. You could bind all of your members who you want to exclude from your dynamic group in a security group and add this line to your recipient filter (-not(MemberofGroup -eq ‘Security_Group_FQDN‘)).

Whoever is added to that Security group won’t be a member of the dynamic distribution group.

To get members of a dynamic distribution group

$group = get-DynamicDistributionGroup “Group_Name

$members = get-recipient -RecipientPreviewFilter $group.RecipientFilter



Leave a comment