User Profile
A-CAST
Brass Contributor
Joined 7 years ago
User Widgets
Recent Discussions
Re: Managing Outlook AutoArchive Feature
VasilMichev, yes I'm looking to delete the old mail items and found the article that you mentioned and created a retention policy, so monitoring and testing to make sure this is working but glad your reply was on-point with what I needed to know1.6KViews0likes0CommentsManaging Outlook AutoArchive Feature
I'm wanting to use a tool/method that will delete old emails from a mailbox on an on-going scheduled basis, removing any manual intervention. Our environment is currently configured in a hybrid configuration with on-premise AD and Exchange Online mailboxes. The mailboxes that I want this solution for are shared mailboxes which I've recently found cannot use AutoArchive feature being that it's a solution that can only be used with the Outlook desktop client. I created a rule temporarily on these mailboxes using Outlook on the web in order to clean up the mailboxes, but to use AutoArchive feature for deleting emails, it requires an account with credentials, so I started to convert shared mailboxes both online and those created during our initial migration to Exchange Online to user mailboxes. What I mean is that when you look at Active Users in Microsoft 365 Admin Center the sync status is either represented by the building icon for on-premise or the cloud icon for online only. This applies for the anchor user account that's created/used by the shared mailboxes so how I reset the password is determined by this...either on-premise using AD or using MS365 Admin Center. As I did this successfully with a few mailboxes, I wondered what happens after I've configured AutoArchive using Outlook desktop client and then that profile on the computer I'm using gets deleted...is this feature still active on the mailbox to work unattended and automatic on its scheduled that I configured? Because if the answer is no...then here is my follow up question: Would I need to enable the Archive feature on these mailboxes that would then allow me to manage these online similar to how I'm doing on the desktop? Right now, we don't use the Archive feature on our mailboxes, but since we're only doing this with specific ones, it won't be an issue enabling this and using it only on what we need. Thanks!Solved1.7KViews0likes2CommentsRe: Move RDS Roles to Another Server
One more thing, when removing the RD session host from existing RD Farm, I believe I did it wrong the first time but figured out how to get back so I'm asking to be sure for next time. When using Server Manager, you can remove a server from the pool but I did this before removing that session host from the actual Deployment Overview/Collection section, so that's what I want to confirm...I should be removing it from Deployment Overview/Collection first correct?5.8KViews1like2CommentsRe: Move RDS Roles to Another Server
Awesome, I had that feeling but always rather get confirmation. After my last post, I was able to get past the PowerShell hurdles and just for experience...I'm testing this method too but for when I make my next attempt at moving RD session host to new RDS Farm, I'm definitely going to just recreate the collection...I'll keep you posted on how that goes...thanks a million!5.8KViews1like4CommentsRe: Move RDS Roles to Another Server
Harm_Veenstra I attempted to make the move to the new RDS Farm and ran into one problem. I thought that removing the RD session host from old RDS Farm into the new one would bring with it the Collection but it did not. I did some more investigating and found that the only two choices is to migrate Collection using PowerShell (only found one article talking about this) or recreating the Collection on the new RD Farm on the Connection Broker server. My question now is, does creating a new collection cause any problems to the application already configured on that session host? or is the Collection simply a profile that just points to it to use the parameters we need such as user permissions to access RemoteApp published in collection, etc.? I'm thinking if the answer is yes, then recreating the Collection seems to be an easier option than the troubles I'm running into trying to use PowerShell, but I'm willing to try both if needed. What do you think?5.7KViews0likes6CommentsRe: Move RDS Roles to Another Server
Haven't started that project yet, but I did manage to get a one-on-one session with someone who's worked on this similar scenario before and gave me the info that I needed. I'm going to work up a plan for this and present it and start the beginning stages of it, such as building the new server that will hold the licensing as well as the roles we discussed but full deployment won't happen until the second week of Oct. at the earliest.5.8KViews1like8CommentsRe: Move RDS Roles to Another Server
I was hoping that since the existing host session server is fine as is and it's already located in our cloud infrastructure and configured with the apps that we publish using RemoteApp collection that I could just move the old licensing server along with its various roles over to a new server in the cloud I didn't think I would be required to have to recreate/rebuild the collection...I guess I might of missed the info regarding one of these roles handling that aspect of it? I did find plenty of new articles about moving 2012R2 to 2016, 2019, or newer so I guess I need to read up on this more to future proof what I'm trying to accomplish5.9KViews0likes11CommentsRe: Move RDS Roles to Another Server
Yes, I found this article as well, but it focused on two of the roles, not the Connection Broker one, so I was hoping to gather as much info as I could for all three roles needed to be moved to a new licensing server. I found some Microsoft articles that although for older versions of RDS, seems to be the only info that I'm seeing being somewhat relevant. I may just have to keep searching if I don't find what I'm looking for or follow one of these older articles.5.9KViews0likes13CommentsRe: Move RDS Roles to Another Server
Yes, I have the certificate covered and our people access a RemoteApp collection that's published. This is a temporary workaround to move it off-premise and into the cloud along with the other host session server. We're planning an upgrade eventually to newest version of Windows Server, new CALs, etc. but for now I'm wondering about the other roles on this server...is there any info you could provide regarding these?6.3KViews0likes15CommentsMove RDS Roles to Another Server
I'm in the process of planning for the moving of our RDS Licensing Server to a new server. I'm currently on Windows Server 2012 and moving to 2012R2. The information I've found on how to do this is pretty clear, but now I need to confirm how to handle the other roles. When I first set this up is was a Standard deployment with all roles on one server with the exception of the RDSH role which is currently on its own server and all is good with it. I just need to build a new Licensing Server along with the other roles of: RD Connection Broker RD Web Access RD Gateway I don't have anything custom as I mentioned before, it's a default Quick Setup/Standard deployment, so if I can just install the same roles and configure them on the new server rather than migrate anything that would be preferred method. Looking to get confirmation or anything that might of changed over the years since it's been a while that I had this configured. Any and all input is appreciated it, thanks in advance!6.9KViews0likes17CommentsRe: Exchange 2016 On-premise Hybrid Configuration for Management & Federation Certificate
I've figured out how to handle my scenario with this and here is what I did to resolve it: * I found that I had to delete the trust and recreate it due to the expired certificate, but couldn't do it from the UI, so I used PowerShell to remove each federated domain, then the primary one, then finally the trust itself * Although, I didn't have to recreate the trust, I had to again use PowerShell to create a new certificate for the "Microsoft Exchange Server Auth Certificate" which came up via the Health Check script for the Exchange upgrade procedures as being needed * I also had to renew the certificate for "WMSVC" but this one wasn't expired, so I was able to renew it using the UI. The Health Check script identified it as having SHA1 instead of SHA2, so that's why I renewed it * Deleted all old certs via MMC console...That pretty much summarizes everything, glad that's over with 😉1.7KViews0likes0CommentsRe: Exchange 2016 On-premise Hybrid Configuration for Management & Federation Certificate
It seems that the only Thumbprint I see via the Exchange Management Shell is the one for the invalid/expired certificate. I don't see one for the valid ones, so how would I be able to add the services to it?1.8KViews0likes1CommentExchange 2016 On-premise Hybrid Configuration for Management & Federation Certificate
I have an Exchange Server 2016 on-premise for Exchange Admin Center Management of Exchange attributes only as we've migrated to Office 365 years ago. I got notification that self-signed certificates were expiring or had expired, so I used the EAC to renew them, but for some reason the Exchange Delegation Federation certificate was created multiple times. I now have one that's invalid and 3 valid ones. I'm not sure what I did to create multiple certificates, but here is what I want to do: On the invalid one, it shows the services using the certificate were both SMTP, Federation. On one of the renewed certificates it shows SMTP but no Federation and the other two that are left shows "NONE" for services. I want to add Federation to the one that already has SMTP and delete the others. I also noticed that all the certificates when looking at them from the Certificates MMC show that they are not a trusted CA root certificate and to be trusted they need to be installed in the Trusted Root Certification Authorities store. Currently when I go into the EAC it shows the alert about the invalid/expired certificate and it's just annoying me and I want to correct this. Any help would be greatly appreciated...thanks!1.9KViews0likes3CommentsRe: SSPI handshake failed with error code 0x80090311
Dave, just wanted to follow-up and let you know that I was able to resolve the SSPI handshake error along with the RPC errors from two of my domain controllers. First, did some more digging and found that these RPC errors are common when trying to query a server remotely while running the dcdiag command, so the quick fix was to temporarily disable the firewall and dcdiag ran fine with all tests passing. The articles I found said to add inbound rules for RPC, there is like 3 of them if I really wanted to but that they were harmless, just makes the dcdiag not report the errors, so being that I don't use this much and only to troubleshoot specific errors like this, I decided to just re-enable the firewall and only disable it if I need to run the tests or simply ignore them. For the domain controller issue that caused this error to begin with...I shutdown the domain controller to see if this would happen and it did, so it was very repeatable. I then started to investigate on the application and noticed that I was getting LDAP authentication errors. This lead me to find that the entry for this in DNS was an alias CNAME record that was pointing to that same domain controller. I then changed the entry to point to the new domain controller and forced replication, etc. waiting for DNS to update and show things correctly on all domain controllers and was then able to sign into the application even after shutting down the old domain controller that I'll be removing. Other applications from different servers that were generating the same error also continued to work, so no SSPI handshake failed errors happened after this fix. Now, I can demote this 2008 R2 domain controller once and for all and thanks again for all your help with this7.7KViews0likes1CommentRe: SSPI handshake failed with error code 0x80090311
Ok, makes sense I'll do that as I work through errors today. That reminds me that I'm not sure why there were RPC related errors when RPC is available on the DC's in question. I'm going to clear out the event logs prior to rebooting them but also prior to me making corrections to make sure it truly is a problem. Once I'm done I'll let you know how it goes even if it all works out, but if not glad to have you helping me where you can.7.6KViews0likes3CommentsRe: SSPI handshake failed with error code 0x80090311
The DHCP on DC7 is the way servers are configured on AWS, but it still uses the same static IP assigned to it, this is how all of our servers operate as EC2 instances on AWS which we have configured using a VPC back to our on-premise domain. DC4 is the same thing...both on AWS but this is the server I'm trying to get rid of once all is clear with errors, etc. I'll look through the rest of them and see what I can do to clear those RPC and 5012 errors. I'll definitely mark this as helpful/best response but the main question I had hasn't been answered, but I guess it can't until all is cleared and then I guess I have no choice but to demote DC4 again and see what happens...I guess deal with the errors from there if any and resolve them rather than trying to add it back as a DC.23KViews0likes7Comments
Recent Blog Articles
No content to show