Category Archives: Exchange Server

A special Rpc error occurs on server xxxxx These certificates are tagged with following Send Connectors

So our SAN SSL certificate was coming up for renewal and I really wanted to expand what was covered by it to include more devices. In general anything internal was using a self signed certificate and anything external used the SAN SSL. That worked fine but when it came time for renewal I figured why not just get a wildcard SSL and assign it to anything I could. Also would keep me from having to update subject names when there was a change.

So I bought a Wildcard SSL from GoDaddy and started assigning it to everything. Switched out the certificate on our firewall and VPN clients, mail server, web server, etc. Everything seemed to work fine. Then it came time to remove the old one once things were tested. Removing from IIS was fine, removing from the firewalls likewise fine, but removing from Exchange Control Panel gave the error in the title.

Now we do have a Exchange Online Hybrid deployment setup with centralized mail transport. We use a cloud based Barracuda spam/malware filter so all email in and out of the company goes through them then to our internal mail server. Any mailbox on Exchange Online then goes from our mail server to it and back. Well apparently when I set this up it made a send connector to route mail to Exchange Online and since it uses TLS attached the certificate that was currently being used which I was now trying to delete.

Unfortunately you can’t just go into the Send Connector in the ECP and reassign the certificate but you can do it by following some steps based on the Microsoft Set-SendConnector page. First get the list of your send connectors and the list of your certificates:

Get-SendConnector
Get-ExchangeCertificate

Copy the send connector that was in the error message and also the thumbprint for your new certificate. Next we will use that certificate to pull out the information needed to assign to the send connector and assign it:

$cert = Get-ExchangeCertificate -Thumbprint (your thumbprint)
$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"
Set-SendConnector "Outbound to Office 365" -TlsCertificateName $tlscertificatename

Once your send connectors are updated you should be able to remove the old certificate. Also if you are using TLS on your receive connectors you will want to do the exact same thing but using the Set-ReceiveConnector command.

Exchange Console Commands

I have been managing a Exchange server since Exchange 2003. Current on 2010 and planning on upgrading to 2013 in the next month or so. Over the years I’ve been collecting snippets of useful commands which have served me well so here is my go to list. In almost all examples anything being exported/imported is using a directory called c:\ExFiles and in my examples the server is EXServer. Replace (alias) in all examples with the actual mailbox alias:

Export out Mailboxes as PST

Export list of all mailboxes by alias
Get-Mailbox| Select Alias | Export-CSV C:\ExFiles\Alias.csv

Export mailboxes based on a csv list:
foreach ($i in (Import-Csv C:\ExFiles\Alias.csv)) { New-MailboxExportRequest -Mailbox $i.Alias -FilePath "\\EXServer\c$\ExFiles\$($i.Alias).pst" }

Export individual mailboxes:
New-MailboxExportRequest -Mailbox (alias) -FilePath "\\EXServer\c$\ExFiles\(alias).pst"

Export out only Calendar items from a mailbox then import them into another mailbox

Export calendar items from a mailbox:
New-MailboxExportRequest -Mailbox (alias) -FilePath \\EXServer\c$\ExFiles\TempPSTFile.pst -IncludeFolders "#Calendar#"

Import calendar items to a mailbox:
New-MailboxImportRequest -Mailbox (alias) -FilePath \\EXServer\c$\ExFiles\TempPSTFile.pst -IncludeFolders "#Calendar#"

Check Import/Export commands and clear then

Check import status:
Get-MailboxImportRequest

Check export status:
Get-MailboxExportRequest

Clear completed import requests:
Get-MailboxImportRequest -Status Completed | Remove-MailboxImportRequest

Clear completed export requests:
Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest

Retention Policy Commands

Get all user mailboxes without a retention policy
Get-Mailbox -ResultSize unlimited -RecipientTypeDetails "UserMailbox" | Where-Object {$_.RetentionPolicy -eq $null}

Assign the default retention policy to all mailboxes without one
Get-Mailbox -ResultSize unlimited -RecipientTypeDetails "UserMailbox" | Where-Object {$_.RetentionPolicy -eq $null} | Set-Mailbox -RetentionPolicy "Default Archive and Retention Policy"

User Permissions

Export out a list of users who have access to other mailboxes other then their own
Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-Csv -NoTypeInformation c:\ExFiles\mailboxpermissions.csv

Remove a users permission from all mailboxes
Get-Mailbox | Remove-MailboxPermission -User (UserID) -AccessRights FullAccess -InheritanceType All

Remove a users permission to a single mailbox
Remove-MailboxPermission -Identity (alias) -User (UserID) -AccessRights ReadPermissions -InheritanceType All

Mailbox and Database Information

Get the overall status of each database:
Get-MailboxDatabase -Status | ft name,databasesize,availablenewmailboxspace -auto

Export out the size of each mailbox in a database:
Get-MailboxStatistics -Database "Mailbox Database 1" | Select DisplayName, ItemCount, TotalItemSize | Sort-Object TotalItemSize -Descending | Export-CSV C:\ExFiles\MBSizes1.csv

Get size of a single mailbox
Get-MailboxStatistics -identity alias | Select DisplayName, ItemCount, TotalItemSize

Deleting Items

Delete all disabled mailboxes:
Get-MailboxStatistics -Database "Mailbox Database 1" | where {$_.DisconnectReason -eq "Disabled"} | foreach {Remove-StoreMailbox -Database $_.database -Identity $_.mailboxguid -MailboxState Disabled}

Delete a individual disabled mailbox:
Remove-StoreMailbox -Database "Mailbox Database 1" -Identity (alias) -MailboxState SoftDeleted

Delete recoverable deleted items based on a alias list
foreach ($i in (Import-Csv C:\ExFiles\alias.csv)) { Search-Mailbox -Identity $i.alias -SearchDumpsterOnly -DeleteContent }

Delete all recoverable deleted items
Search-Mailbox –identity (alias) –SearchDumpsterOnly –DeleteContent

Hopefully these help someone out as much as they have me.