Category Archives: Exchange 2010

Manage Exchange 2010 Calendar Permissions Using Powershell

You can add  Calendar Permissions Using Powershell for users using the following command:

if user2 needs to access user1’s calendar

Add-MailboxFolderPermission -identity “user1:\calendar” –user “user2” -AccessRights Reviewer

the same can be done to give permission to a security group

Add-MailboxFolderPermission -identity “user1:\calendar” –user “DomainName\securitygroup” -AccessRights Reviewer

Below is the list of access rights and explanation

None                                                   FolderVisible
Owner                                                CreateItems, ReadItems, CreateSubfolders, FolderOwner, FolderContact, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
PublishingEditor                       CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
Editor                                                 CreateItems, ReadItems, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
PublishingAuthor                    CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, DeleteOwnedItems
Author                                              CreateItems, ReadItems, FolderVisible, EditOwnedItems, DeleteOwnedItems
NonEditingAuthor                   CreateItems, ReadItems, FolderVisible
Reviewer                                          ReadItems, FolderVisible
Contributor                                   CreateItems, FolderVisible

Redirect Exchange OWA to default site and force SSL in Exchange 2010

OWA redirect to default site forcing SSL

is useful If you have those one or two users who cant seem to remember to add the https or the OWA to the exchange OWA url.

To do this via IIS manger can be time consuming and tricky, below is the script which I came across (Mark Smith) which does it for you, just create a batch file with the script and run it once. The only thing you need to modify is

cd \Windows\System32\inetsrv

appcmd.exe ADD Backup “OWA REDIRECT BACKUP 01”

appcmd set config “default web site” -section:httpRedirect /childonly:true /enabled:true
appcmd set config “default web site” -section:system.webServer/httpRedirect -destination:””

appcmd set config “default web site/Aspnet_Client” -section:httpRedirect /enabled:false
appcmd set config “default web site/Autodiscover” -section:httpRedirect /enabled:false
appcmd set config “default web site/ECP” -section:httpRedirect /enabled:false
appcmd set config “default web site/EWS” -section:httpRedirect /enabled:false
appcmd set config “default web site/Exchange” -section:httpRedirect -commit:apphost /enabled:false
appcmd set config “default web site/Exchweb” -section:httpRedirect -commit:apphost /enabled:false
appcmd set config “default web site/Microsoft-Server-ActiveSync” -section:httpRedirect -commit:apphost /enabled:false
appcmd set config “default web site/OAB” -section:httpRedirect /enabled:false
appcmd set config “default web site/OWA” -section:httpRedirect -commit:apphost /enabled:false
appcmd set config “default web site/PowerShell” -section:httpRedirect -commit:apphost /enabled:false
appcmd set config “default web site/Public” -section:httpRedirect -commit:apphost /enabled:false
appcmd set config “default web site/Rpc” -section:httpRedirect /enabled:false
appcmd set config “default web site/RpcWithCert” -section:httpRedirect /enabled:false

appcmd set config “default web site” -section:access -sslflags:”” -commit:apphost

appcmd set config “Default Web Site/Aspnet_Client” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/Autodiscover” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/EWS” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/ECP” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/Exchange” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/Exchweb” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/Microsoft-Server-ActiveSync” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/OWA” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “default web site/PowerShell” -section:access -sslflags:”” -commit:apphost
appcmd set config “default web site/OAB” -section:access -sslflags:”” -commit:apphost
appcmd set config “Default Web Site/Public” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost
appcmd set config “Default Web Site/Rpc” -section:access -sslFlags:Ssl -commit:apphost
appcmd set config “Default Web Site/RpcWithCert” -section:access -sslFlags:Ssl,Ssl128 -commit:apphost

cacls “C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\OAB\web.config” /E /P “NT Authority\authenticated Users”:R


Insufficient System resources in Exchange 2010, disable back pressure/resource monitoring

Starting from Exchange 2007,  the edge transport service uses the system resource monitoring feauture to determine vital resources such as hard drive space and memory and take action in an attempt to prevent service outages. This can be a pain as the whole thing is calculated on a formula,

100 * (hard disk size – fixed constant) / hard disk size

this feature is called Backup pressure, more info on and how this formula works

Now simply put, you have this error from other smtp servers trying to contact yours : Insufficient System resources, to get around this you will need to increase the hard drive space or memory, until then you could temporarly disable this monitoring feature so that you can start recieving important emails. WARNING: this is not a recommended permanent solution, do this until youve figured what resource needs looking at i.e hard drive space, RAM etc.

Make a backup copy of the edgetransport.exe.config file before you start.

  1. Open the EdgeTransport.exe.config file from \Exchange Server\bin directory using notepad
  2. Add the following key+value pair:
    <add key=”EnableResourceMonitoring” value=”false” />
  3. Save file
  4. Restart the Microsoft Exchange Transport Service (MSExchangeTransport):
    Restart-Service MSExchangeTransport
  5. and you’ve got mail

Other options are to

configure the edgetransport.exe config file to reflect your server configuration and resources (not recommended by MS)


move the queue database to another volume which has lots of space, add the following key to change the path of the queudb.

  1. Open the following file by using Notepad: C:\Program Files\Microsoft\Exchange Server\V14\Bin\EdgeTransport.exe.config.
  2. Modify the following line in the <appSettings> section.
    <add key="QueueDatabasePath" value="<LocalPath>" />

    This example creates a queue database at the location C:\Queue\QueueDB.

    <add key="QueueDatabasePath" value="C:\Queue\QueueDB" />
  3. Save and close the EdgeTransport.exe.config file.
  4. Restart the Microsoft Exchange Transport service.
  5. Verify that the new Mail.que and Trn.chk files are created at the new location.
  6. Remove the unused Mail.que and Trn.chk files from the original location.

The following event logs will be logged:

  • Event ID 15004: Increase in the utilization level for any resource (eg from Normal to Medium)
  • Event ID 15005: Decrease in the utilization level for any resource (eg from High to Medium)
  • Event ID 15006: High utilization for disk space (ie critically low free disk space)
  • Event ID 15007: High utilization for memory (ie critically low available memory)

Have look out for the Event id which will help you in diagnose what resource needs to be looked at.


Deleted Mailbox missing in Disconnected Mailbox under Recepient configuration in Exchange 2010

This is because the clean up agent hasnt run yet, to run it use PS:

Clean-MailboxDatabase databasename