MS Exchange – Grant permission to Distribution Groups in the GAL

February 3, 2015

Certain users in the organization where not able to edit (add / remove ) users from a Distribution group in the GAL.

This was the error they say in the Outlook.

“Changes to the public group membership cannot be saved …”

image

Nevertheless the user itself had Ownership ?

image

After Googling a bit, it seems that this is a dafault behavior of Exchange 2010 and higher.

So you need to change the Roles & Policies that are connected to the users, using the web ECP.

In order to allow the editing of the a Distribution Group from within Outlook.

image

Also the Membership Approval settings must be correct.

image

Next check the security settings via the ADUC on this Distribution Group Object. Make sure that this user has sufficient control.

image

Some more interesting readings are over here :

http://support.microsoft.com/kb/2586832/en-us#R1

http://blogs.technet.com/b/exchange/archive/2009/11/18/how-to-manage-groups-that-i-already-own-in-exchange-2010.aspx

You can of course use PowerShell to manage the Distribution Groups

Using : Get-ManagementRole cmdlet

“get-managementrole MyDistributionGroupMembership | get-member”

image


AD User Password reset Tool

December 15, 2014

It has always been an issue to set up a self-service web facing Password Reset Tool.

Well if you have an Exchange server running let’s say 2010 SP1 or higher, you have all you need to make it work Smile

The only thing you need is to make an extra registry key entry in your CAS server. Which is in small organizations the same server as the Exchange backend server.

Solution :

  1. On the Client Access Server (CAS), click Start > Run and type regedit.exe and click OK.
  2. Navigate to HKLM\SYSTEM\CurrentControlSet\Services\MSExchange OWA
  3. Right click the MSExchange OWA key and click New > DWord (32-bit)
  4. The DWORD value name is ChangeExpiredPasswordEnabled and set the value to 1.
    Note: The values accepted are 1 (or any non-zero value) for “Enabled” or 0 or blank / not present for “Disabled”
  5. After you configure this DWORD value, you must reset IIS. The recommended method to reset IIS is to use IISReset /noforce from a command prompt.

Here is the result !

image

As of now your users can reset their passwords themselves Winking smile

PS : To check the Exchange version you can do this using the Outlook client.

Press CRTL + right click on the Outlook Icon in the system tray.

Select the Conntection status.

image

And read out the version column.

image

Or you can check the management console

image

Or you can use Powershell to do the job …

You can find the build numbers here :

http://technet.microsoft.com/en-us/library/hh135098(v=exchg.150).aspx

Enjoy !


hMailserver as Mail Relay Server to Exchange

August 18, 2014

Recently I had a need for a Mail Relay server to function as a mail forwarding server to our hosted mail infrastructure.

The reason was that one of our devices was able to send out mail notifications. But only on the local domain servers.

So the solution was to put a Mail Relay server in the middle.

hMailServer is a fantastic free solution that can be a full replacement of you MS Exchange if you want !

1. Download the application

https://www.hmailserver.com/

Once the application is downloaded and installed you can start the configuration.

2. configuration

First add your mail domain xxx@yourcompany.com to the server and the mail account to be used as sender.

The settings will appear in the General tab.

image

Next in the Delivery e-mail tab, fill in the SMTP Relayer IP address and Port.

image

3. Set some Advanced Settings

In here you can set for the hMailServer the upper and lower IP addresses that are allowed to be sending e-mails to.

image

Make sure in the Require SMTP authentication nothing is ticket of the sender does not need to authenticate.

4. Run Diagnostics

As a last step Test your configuration using the Diagnostics Utility.

 image

If everything turns GREEN then you are done.

As you can see the application supports as well MS SQL as well as PostgreSQL and MySQL. The hMailServer installation includes a minimal, built-in database server called Microsoft SQL Server Compact as a database server !

If you don’t specify a database it will use the MS SQL Compact edition. See here for some Tools

hMailServer Bonus

hMailServer comes with a COM library that can be used for integration with other software. Using the COM library, it’s possible to write scripts and full applications that utilize the features in hMailServer.

so you send mails using a script or download incoming mail attachments to a folder, or check the subject of an incoming mail and act upon it, or …

Here is an AutoIT script hMailServer Example.Smile

Enjoy!