There is a bug in the creation process for Dynamic Distribution Groups (DDG) in Exchange 2010. When you use the Exchange Management Shell to create a DDG and specify the Organizational Unit (OU) where the DDG should reside in Active Directory, you must also specify the –RecipientContainer to search for that DDG. Otherwise the DDG Recipient Container defaults to the OU where the DDG was created.
This article is a quick checklist for preparing your environment for Exchange 2007 or 2010.
In order to enable users to join computers to the domain, grant the following permissions:
Being able to easily delegate access to domain systems is essential for administrators to enable necessary IT staff to manage their environments. The proper OU structure along with the deployment of Active Directory GPOs makes this a fairly simple task.
GPOs can be used to add users or groups to local admins or to replace the existing memberships. Using GPOs ensures access is granted uniformly and consistently for a specific group of systems, ideally separated by their OU placement.
When managing Exchange 2007, the recipient scope for Exchange Management Shell (EMS) and Exchange Management Console (EMC) defaults to the domain where the Exchange servers are located. Recipient scope refers to the specified portion of the Active Directory directory service hierarchy that the Exchange Management Console and the Exchange Management Shell uses for recipient management. When you set the recipient scope to a specific location within Active Directory, you can view and manage all recipients stored in that location and all of the containers under it. If your environment has multiple domains, then you may need to change the scope of recipients to find specific accounts. Read More →
Recently, the time on all of my domain computers was out of sync. Each computer in my domain had the same time, but it was about 10 minutes slow. Domain computers get their time from your domain controller(s), so I looked into syncing the time of my DC with an internet time server. The steps below can be used to sync your DC with an internet time server.
Windows Vista has the built-in ability to automatically reduce the potential of security breaches in the system. It does that by automatically enabling a feature called User Account Control (or UAC for short). The UAC forces users that are part of the local administrators group to run like they were regular users with no administrative privileges.
While running some reports on Exchange backup success I could not figure out why when I ran get-mailboxdatabase | fl Name,LastFullBackup it would return a blank LastFull Backup. In Exchange Management console I could look at the properties of the database and see the Last full backup and the Last incrementation backup times.
Activating Standby Continuous Replication Targets
- Standby Continuous Replication: Site Resilience with Standby Clustering
- Standby Continuous Replication: Database Portability
There are some really nice features coming in Exchange 2010 that will help in my current situation.