Monday, December 15, 2014

PowerShell + Exchange : Checkbox of Doom

Many of the Exchange Admins might already be familiar with the dreaded checkbox of doom, which causes issues with move request and Mobile devices. Post by MVP Tony Redmond here explains this in detail.

Scenario & the Problem at hand :

When a User connects to the Exchange Server using his Mobile device, then after the authentication the Exchange Trusted Subsystem creates msExchActiveSyncDevices Objects for the User. This will be evident from the below screenshot for one of the User in ADSI edit.



Now what if the Exchange Trusted Subsystem doesn't have permissions on the AD User to create those Objects , all hell is let loose. This was the case I was tackling recently and searching each User in the Directory which had this checkbox of doom unchecked manually is not feasible (am lazy).

Monday, December 01, 2014

PowerShell + Azure + Exchange : Connect Mobile devices

As already mentioned in my previous post , I now have a test Exchange 2010 Server running on Azure. Now working in Mobile Device & Email Management space, my mobile devices needed to eventually connect to my Email Infrastructure to try out few scenarios.

Initially I thought that opening the https endpoint and enabling ActiveSync (for the Mailbox User) would suffice, but I was wrong. Needed to make few changes to the SSL bindings on the IIS and trust the certificate used for the same.

Let's get to it then.

When we create a new VM on Azure it gets the Certificate for the cloud service added to the machine's personal Cert store.

Below is a screenshot showing the same :





Now as mentioned in my previous post Exchange by default will create a self signed Certificate and bind it to the CAS Server for https communication.