Webcast: Exchange Server 2003 Tips, Tricks and Shortcuts - Q&A Log
Earlier today, I presented a webcast titled "Exchange Server 2003 Tips, Tricks and Shortcuts". My team mates, Matt Hester and Keith Combs helped out in the background answering the questions that were posted by attendees. [Thanks Matt and Keith!]
Below is the Question and Answer log from today's session. I have included a few of my own comments enclosed in brackets within the log. Please let me know if you have any questions from today or otherwise. Thanks!
Harold Wong
harold.wong@microsoft.com
Questions and Answers:
Question: Are all these Free Downloads?
Answer: Yes they are. You can get them all here: https://www.microsoft.com/technet/prodtechnol/exchange/downloads/2003/analyzers/default.mspx
Question: What kind of resource hit will servers take when this tool is run against them? (after hours type work, or safe enough for daytime usage?)
Answer: It really depends, on how much is on the server but the main issue is bandwidth and that is why you can throttle it, the footprint is fairly small, but we do recommend that you run this tool on a workstation so for the EXBPA. I would post a comment here: https://blogs.technet.com/exchange/archive/2005/11/01/413463.aspx, it is a great blog.
Question: Does this tool give status report about SMTP flow?
Answer: I do know that it has a connectivity test to help view those and make recommendations, and the performance tool he will show can help improve SMTP flow, here is a good article for troubleshooting SMTP that may provide additional information for you: https://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3TransnRouting/32e85e48-1a58-46c3-8f0d-f94df467ad41.mspx.
Question: How do you handle expired passwords with OWA?
Answer: I don't believe you can. See https://support.microsoft.com/kb/297121/en-us for information on the password change feature configuration.
Question: Why can't the OWA Admin Tool be used on a front-end server? The ExBPA would recommend that....
Answer: The OWA Admin tool is designed to administer OWA settings on remote servers. It is recommended that you install the OWA Admin tool on a separate workstation other than your Exchange server(s). This will help reduce the security risk to your Exchange network. It is also recommended that you do not install this tool on an Exchange front-end server that is placed within your company firewall DMZ zone. This is because the OWA Admin tool relies on the Windows Management Interface (WMI) ports to connect to and manage remote servers. These ports are normally not open on firewalls. See https://download.microsoft.com/download/7/9/a/79a3c251-2ca1-44e3-865b-44488f97ad55/readme.htm for more information.
Question: Can these tools be installed on a workstation and ran them from there or they have to be installed on the exchange server
Answer: Almost all of the exchange tools are designed to be run from an admin workstation.
Question: Does the exchange server user monitor run on the server or the client workstation?
Answer: It must be installed on an Exchange 2000 SP2 or later server.
Question: What MOM version/package should I buy if I simply want to just be able to download the Exchange module and use it on my one Exchange server?
Answer: For less than 10 servers, you can use MOM 2005 Workgroup Edition.
Question: Can you block MAPI access on per user basis?
Answer: I don't think you can do that with Exchange 2003. [Harold] However, with Exchange Server 2003 SP2, you can. This requires editing of the user’s AD Object.
Question: How can I configure Exchange 2003 to use more than 900MB of memory?
Answer: There are a number of KB articles on memory use. See https://support.microsoft.com/kb/328882/en-us for a starting point. [Harold] In Exchange 2003, there is a hard limit on how much memory it will use for caching. This limit is roughly 900 MB – 1.2 GB (can’t remember the exact value).
Question: We tried running the OWA Admin Tool from a workstation inside the firewall. We were running it against a front-end OWA server (also inside the firewall) and all the options were grayed out. It was not a firewall issue and the OWA Admin tool was not installed on a server. Why doesn't it work?
Answer: Are you using the latest version from https://www.microsoft.com/downloads/details.aspx?FamilyID=4BBE7065-A04E-43CA-8220-859212411E10&displaylang=en and have satisfied the prereqs listed there and in the release notes? If so, then I don't have any other ideas at the moment.
Question: How can you add entries to the Global Address List? EMail Address/Contacts that are not part of the Exchange Server.
Answer: You would add a custom recipient.
Question: If I had a Contacts folder that was in the Public Folders, would I also add it as a custom recipient to publish it in the GAL?
Answer: Yes
Question: I want to block incoming emails from outside, for a single user
Answer: for the user in question, set the delivery restrictions to authenticated users only
Question: How do I configure specific users or email enabled groups from receiving emails from the internet but still allow full access from the intranet?
Answer: set the delivery restriction to authenticated users only. [Harold] You can also use Recipient Filtering to filter that out or change their email address to a fake domain like I did in my demo.
Question: I do not know if this has been answered already, but is there a way to disable OWA for certain users?
Answer: Yes. It's on the Exchange Features tab when looking at the properties for the account in AD Users and Computers management tool
Question: How would you block access to the 'All Address Lists' lists to users when connecting via outlook 2003 within the domain? If it is not possible, can you filter the Lists by uPNSuffix ?
Answer: address book filters are described pretty well at https://support.microsoft.com/kb/319213/en-us
Question: Is there a way to restrict OWA access to only network/domain computers and not external computers for certain users?
Answer: you could do this easy with firewall rules. This is done very easily with ISA 2004.
Question: catch-all mailbox -> on entire org
Answer: today, you would have to write a transport or protocol sink so it would be fairly difficult to implement