by butsch
26. May 2016 21:59
Here are some steps and scripts we used for Exchange 2007 > 2013 Transition (Migration > It's the same ;-)
Exchange 2007 side, Get Size and items in each box to migrate |
[PS] D:\edv>Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft D
isplayName,@{label="TotalItemSize(KB)";expression={$_.TotalItemSize.Value.ToKB()
}},ItemCount
|
MOVE of Exchange Mailboxes (If you move one DO not forget to REMOVE the Move-request (Esp. if you want to move back to 2007 in worst case for a user) |
Get-MoveRequest
Get-MoveRequest | Get-MoveRequestStatistics
Remove-MoveRequest 2007ch
Get-MoveRequest -movestatus completed | remove-moverequest
----------------------------------------------------------
Auf 2007 zurueck:
new-moverequest -identity 2007ch -targetdatabase "exchange2007\sg1\mb1"
----------------------------------------------------------
Von 2007 auf 2013:
new-moverequest -identity user1 -targetdatabase "mdb01ch"
new-moverequest –identity user2 -targetdatabase "mdb01ch"
Check Health and read about theat before you start the MIGRATION (maybe you will not start then at all and stop and move to 2010)
Check if the 2013/2016 is running?
Get-HealthReport -Server exchange2013| where { $_.alertvalue -ne "Healthy" }
Get-MonitoringItemIdentity -Identity HubTransport -Server exchange2013 | ft Identity,ItemType,Target Resource -autosize
Get-ServerHealth -Identity munexc1 -HealthSet "HubTransport" | where { $_.alertvalue -ne "Healthy" } | fl Name
Get-ServerComponentState -Identity exchange2013
---------------------------------------------------------- |
Problem large growing DIAG / Health Logfiles are migration of 50 users and 3 day runtime
(IF you are new to Exchange DO NOT Delete Any Transaction Logfiles like below yellow)
The Diag Below YOU COULD delete carefully. Start with LARGE.
Don't start reading about Exchange 2013/2016 Health sets or you stop using Exchange 2013… ;-)
Here are some batch scripts to do that automatic:
https://gallery.technet.microsoft.com/Task-Scheduler-to-cleanup-25047622#content
Clean DIAG Logs |
@echo off
:: Diagnostic Logfiles Remove
if Exist "D:\Program Files\Microsoft\Exchange Server\V15\Logging" forfiles.exe /p "D:\Program Files\Microsoft\Exchange Server\V15\Logging" /s /m *.log /d -2 /c "cmd /c del @file"
ping 1.1.1.1 -n 1 -w 60000 > nul
if Exist "D:\Program Files\Microsoft\Exchange Server\V15\Logging\Diagnostics\DailyPerformanceLogs" forfiles.exe /p "D:\Program Files\Microsoft\Exchange Server\V15\Logging\Diagnostics\DailyPerformanceLogs" /s /m *.* /d -2 /c "cmd /c del @file"
ping 1.1.1.1 -n 1 -w 60000 > nul
:: forfiles.exe /p "c:\inetpub\logs\LogFiles" /s /m *.log /d -2 /c "cmd /c del @file"
:: ping 1.1.1.1 -n 1 -w 60000 > nul
Exit |
Exchange Activesync Recycle
Do this for all users who were migrated and use Activesync
Also check ADMINSHOLDER ( ADMOINCOUNT) FLAG!
http://www.butsch.ch/post/Migrated-NT42000-users-are-unable-to-ActiveSync-with-Exchange-Code-0x85010014.aspx
http://www.butsch.ch/post/Activesync-with-Exchange-2013-does-not-work-ADMINSHOLDER-Flag-(an-old-bad-friend).aspx
|
#Use this script to recycle IIS Application Pools to overcome Exchange 2013 SP1 ActiveSync bug for migrated users
$CASServers = Get-ClientAccessServer | where {$_.WorkloadManagementPolicy -ne $null}
#Loop through each CAS2013 and recycle the IIS App Pools
foreach ($CAS in $CASServers) {
Write-Host "Recycling App Pools on $CAS..."
$appPool = Get-WmiObject -Authentication PacketPrivacy -Impersonation Impersonate -ComputerName $CAS -namespace "root/MicrosoftIISv2" -class IIsApplicationPool | Where-Object {$_.Name -eq "W3SVC/AppPools/MSExchangeAutodiscoverAppPool" }
$appPool.Recycle()
$appPool = Get-WmiObject -Authentication PacketPrivacy -Impersonation Impersonate -ComputerName $CAS -namespace "root/MicrosoftIISv2" -class IIsApplicationPool | Where-Object {$_.Name -eq "W3SVC/AppPools/MSExchangeSyncAppPool" }
$appPool.Recycle()
}
OR MANUAL:
Do an IISRESET (Thats is not the same as above!!!!) Just a base step!
If that does not work > Also recycle the IIS folders and Reboot the Exchange.
Open IIS Konsole
Go to "Application Pools"
|
Dump all permission of the Exchange Virtual Directory (iis). This will help to get an overview of the permission set on IIS and within Exchange.
http://www.butsch.ch/post/Exchange-20132016.aspx |
The Russian blog has an excellent description of this script:
http://sysmagazine.com/posts/204454/
http://msbro.ru/index.php/archives/4705
get-website | ForEach-Object -Process {
$xSite="IIS:\sites\"+$_.Name
cd $xSite
$xSite
$myWebApp=get-webApplication
$myWebApp | Format-Table -AutoSize Path ,
@{Label= "anonim:" ; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/authentication/anonymousAuthentication -Name Enabled -PSPath $xSite -location $_.Path).value }},
@{Label= "Basic:"; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/authentication/basicAuthentication -Name Enabled -PSPath $xSite -location $_.Path).value }},
@{Label= "ClientCert:"; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/authentication/clientCertificateMappingAuthentication -Name Enabled -PSPath $xSite -location $_.Path).value }},
@{Label= "Digest:"; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/authentication/digestAuthentication -Name Enabled -PSPath $xSite -location $_.Path).value }},
@{Label= "IIS client Cert:"; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/authentication/iisClientCertificateMappingAuthentication -Name Enabled -PSPath $xSite -location $_.Path).value }},
@{Label= "Windows"; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/authentication/windowsAuthentication -Name Enabled -PSPath $xSite -location $_.Path).value }},
@{Label= "SSL Flags"; Expression = {(Get-WebConfigurationProperty -Filter /system.webServer/security/access -Name * -PSPath $xSite -location $_.Path).SSLflags }}
}
|