Jude's Blog

Archive for the ‘Exchange’ Category

Field Report: Cant Move/Delete emails with attachments

with one comment

Issue:


Users were complaining that they are unable to delete mails from outlook. The environment was Exchange Server 2010 with SP1. Users were on Outlook 2010. Strangely, the issue was not seen for all the users. However there were multiple complaints from a few users that they are getting an error message while trying to delete old emails.

Upon checking up with the users, here’s what was noticed:

  • While using outlook:
    • User cannot delete email with attachments.
    • User cannot move email with attachments.
    • Upon deleting and moving the below error message is thrown.
    • User can move/delete emails that does not have any attachments.
Some items cannot be deleted. They were either moved or already deleted, or
access was denied.

More Details>>

This error may be the result of trying to delete more than 4,000 messages at 
one time.  Outlook can delete no more than 4,000 messages when it is working 
with a server message store.
To avoid this error, delete fewer than 4,000 messages in a single operation.
It is also possible that you do not have the appropriate permissions to 
delete messages. If you need to delete content from a folder owned by someone 
else, contact the owner of the folder to obtain the necessary permissions, 
or have the owner delete the content for you.

das

Now this was quite strange. After looking up for a bit, I came up with a similar issue. However it was related to Exchange Server 2010 RU6 or SP3 environments. If you have such an environment, you might want to look over here: https://support.microsoft.com/en-us/kb/2822208

In our case, it was Exchange Server 2010 SP1. So it had to do with something else.

Cause:


One gotcha out of the symptoms was that it had to do with something related to attachments. So while going through message sizing parameters for user, rules, database, connectors and Transport Services, it was identified that the there was a change done to the Exchange Transport Settings on the Hub Transport Server.  The Maximum Send/Receive sizes was reduced. And that my friend, was the culprit! Here’s what has happened.

Initially, the Maximum Send/Receive sizes were at 10MB. Life was so good. People could send and receive attachments, they were able to delete, move and so much more. Suddenly the administration decided to reduce the sizes to 3MB. This seemed to be the main cause for our issue. Due to some reason (I’m yet to get deep into what relationship it has) mails that’s got attachments greater than the Maximum Send/Receive size (3MB) are not getting deleted.

Resolution:


  1. Open Exchange Management Console.
  2. Navigate to Organization Configuration, Hub Transport , Global Settings , Transport Settings , General tab.
  3. Change the below values to a reasonable value (in my case it was 10MB, the previous value)
    1. Maximum receive message size (MB)
    2. Maximum send message size (MB)
  4. Restart Microsoft Exchange Transport service.
  5. Ask your users to close Outlook and check if the mail items can be deleted now.

That was it. Things worked and they were able to delete the emails.

Bit more information regarding why this happens, I’ll look into more and post over here.

If you have any inputs do comment over here.

 

Advertisements

Written by judeperera

October 27, 2016 at 11:52 am

Ignite 2016 Session Viewer for O365/Exchange – Technet Gallery

leave a comment »

43

This is a small macro sheet I made to be used as a one-stop real time viewer for Office 365 and Exchange Server related sessions from the Microsoft Ignite 2016. Currently there are more than 170 Office 365 and 50 Exchange related sessions listed on the Microsoft Ignite site. This viewer is not fully updated, however the session list is getting updated and will post changelogs in whats news.

Download

Following sessions are available for viewing;

  • BRK1001 : Maximize your Office 365 administration: tips and tricks
  • BRK1003 : Explore accessibility in Office 365: plans and progress
  • BRK1016 : Address your CXO’s top five cloud security concerns
  • BRK1021 : Unplug with the Microsoft Outlook experts
  • BRK1033 : Build your intranet with Microsoft Office 365
  • BRK1044 : Dive deeper into what’s new and what’s coming in Outlook on the web
  • BRK2008 : Understand your users: what’s new in Office 365 Usage Reporting
  • BRK2009 : Manage Office 365 more effectively: what’s new in Office 365 administration
  • BRK2010 : Implement ExpressRoute for Microsoft Office 365 (step by step)
  • BRK2013 : Keep calm and automate: How we secure the Office 365 service
  • BRK2032 : Identify and illustrate insights with new Microsoft Excel Charts
  • BRK2033 : Discover Office 365 Groups – overview, what’s new and roadmap
  • BRK2035 : Learn about advancements in Office 365 Advanced Threat Protection
  • BRK2035 : Learn about advancements in Office 365 Advanced Threat Protection
  • BRK2044 : Discover what’s new and what’s coming for Office Delve
  • BRK2046 : Learn what to use when: Office 365 Groups, SharePoint Team Sites, Yammer, and OneDrive for Business
  • BRK2050 : Dive into Microsoft Office 365 and SharePoint Hybrid Scenarios
  • BRK2053 : Connect your business critical applications to Outlook and Groups
  • BRK2093 : Design your Exchange infrastructure right (or consider moving to Office 365)
  • BRK2097 : Drive Office 365 adoption: methodology, best practices, and resources from Microsoft
  • BRK2100 : Move to Office 365 and drive adoption – lessons learned from the Carlsberg Group
  • BRK2139 : Protect your business and empower your users with cloud Identity and Access Management
  • BRK2160 : Build business applications with Power Apps, Microsoft Flow, and Office 365
  • BRK2166 : Learn about Office 365 Secure Score: actionable security analytics
  • BRK2170 : Discover what’s new with Microsoft Exchange Public Folders
  • BRK2215 : Debate the top 10 reasons not to move your Exchange on-premises mailboxes to Exchange Online
  • BRK2216 : Unplug with the experts on Exchange Server and Exchange Online
  • BRK2216 : Unplug with the experts on Exchange Server and Exchange Online
  • BRK2217 : Discover modern support in Outlook for Exchange Online
  • BRK2218 : Move from Exchange 2007 to Modern Exchange
  • BRK2219 : Meet twin sons of different mothers – Exchange Engineers and Exchange MVPs
  • BRK2220 : Peer behind the curtain – how Microsoft runs Exchange Online
  • BRK2245 : Transform the way you manage Skype for Business
  • BRK2252 : Understand Microsoft’s Office 365 datacenter strategy and approach
  • BRK2275 : Improve Office 365 adoption: top 10 ways
  • BRK2298 : Plan to drive value and user adoption in Microsoft Office 365
  • BRK3000 : Unplug with the experts on Microsoft Exchange Top Issues
  • BRK3001 : Explore the ultimate field guide to Microsoft Office 365 Groups
  • BRK3003 : Collaborate outside the firewall with Microsoft Office 365
  • BRK3007 : Investigate tools and techniques for Exchange Performance Troubleshooting
  • BRK3015 : Reduce costs and challenges with Office 365 eDiscovery and Analytics
  • BRK3016 : Take control of your data with intelligent data governance in Office 365
  • BRK3017 : Own your data and service – monitor and investigate with Office 365 Auditing, Insights and alerts
  • BRK3018 : Take control of your security and compliance with Office 365
  • BRK3019 : Manage Microsoft Office 365 Groups
  • BRK3022 : Challenge cloud encryption myths and learn about Office 365 BYOK plans
  • BRK3023 : Understand how Microsoft protects you against Spoof, Phish, Malware, and Spam emails
  • BRK3024 : Building security and compliance solutions with the O365 Activity API – a Microsoft IT case study
  • BRK3040 : Own your data with next generation access control technology in Office 365
  • BRK3045 : Use Microsoft Graph to reach users on hybrid Exchange 2016
  • BRK3046 : Build intelligent line-of-business applications leveraging the Outlook REST APIs
  • BRK3074 : Discover what’s new in Active Directory Federation and domain services in Windows Server 2016
  • BRK3083 : Secure Office 365 like a cybersecurity pro—assessing risk and implementing controls
  • BRK3102 : Conduct a successful pilot deployment of Microsoft Intune
  • BRK3109 : Deliver management and security at scale to Office 365 with Azure Active Directory
  • BRK3215 : Dive into Modern Authentication – how it works and what to do when it doesn’t
  • BRK3216 : Plan performance and bandwidth for Microsoft Office 365
  • BRK3217 : Run Microsoft Exchange Hybrid for the long haul
  • BRK3219 : Migrate to Exchange Online via Exchange Hybrid
  • BRK3220 : Deploy Microsoft Exchange Server 2016
  • BRK3221 : Understand the Microsoft Exchange Server 2016 Architecture
  • BRK3222 : Implement Microsoft Exchange Online Protection
  • BRK3227 : Ask us anything about Microsoft Office 365 Groups
  • BRK3242 : Discover a new level of Service Health insights for Office 365
  • BRK3253 : Experience Scott Schnoll’s Exchange tips and tricks
  • BRK3254 : Cert Exam Prep: Exam 70-345: Designing and Deploying Microsoft Exchange Server 2016
  • BRK3281 : Deliver a BYOD program that employees and security teams will love with Microsoft Intune
  • BRK3298 : Secure your Active Directory to mitigate risk in the cloud
  • BRK4000 : Review ExpressRoute for Office 365 configuration (routing, proxy and network security)
  • BRK4015 : Build client-side web parts for Microsoft SharePoint
  • BRK4031 : Overcome network performance blockers for Office 365 Deployments
  • BRK4032 : Dive deep into Microsoft Exchange Server High Availability
  • THR1003R : Take control of your security and compliance with Office 365
  • THR1004R : Empower employees with Microsoft Delve Analytics
  • THR1005R : Dive deeper into what’s new and what’s coming in Microsoft Outlook 2016 for Windows
  • THR1011R : Dive deeper into what’s new and what’s coming in Outlook mobile
  • THR2004R : Manage Microsoft Office 365 from anywhere
  • THR2006R : Get an edge over attackers – what you need to know about email threats
  • THR2007R : Fight back with advancements in Office 365 Advanced Threat Protection
  • THR2009R2 : Roll out Microsoft Office in one of the most demanding environments
  • THR2020R : Deploy successfully : top 10 Office 365 ProPlus installation/activation tips
  • THR2022 : Migrate your data to Microsoft Office 365 – why?
  • THR2190R : Secure your sensitive email with Office 365 message encryption
  • THR2207 : Modernize your clients with Office 365, Windows 10 and Enterprise mobility – the admin experience
  • THR3001R : Migrate DL to Microsoft Office 365 Groups
  • THR3007 : Protect your sensitive information with Office 365 Data Loss Prevention
  • THR3008R : Gain visibility and control with Office 365 Advanced Security Management
  • THR3010 : Help your users collaborate better with Office 365 Groups

Written by judeperera

October 5, 2016 at 9:59 am

POP Connectivity Fails for Outlook Users on Exchange Server

with one comment

Issue: So basically the scenario was, due to a power failure all the servers were restarted. Once they were all back, things were running smoothly until we noticed that there were connection problems with POP users.

Here are the symptoms;

  • Outlook users who are connecting through POP is able to connect, but unable to send or receive mails.
  • Microsoft Exchange POP3 Backend service is in the Running state.

 

 

 

  • On the Microsoft Connectivity Analyzer page, the POP connectivity test fails with the following error.

The POP service is being tested.
There was an error testing the POP service.
Additional Details
S:
C: CAPA
S:
Microsoft.Exchange.Tools.ExRca.Tests.ImapPop.MailProtocolException
at Microsoft.Exchange.Tools.ExRca.Tests.ImapPop.Pop3ProtocolTester.SendCommand(String command,StringlogString)
at Microsoft.Exchange.Tools.ExRca.Tests.ImapPop.MailProtocolTester.SecureConnection()
at Microsoft.Exchange.Tools.ExRca.Tests.lmappop.BaseProtocolTest.PerformTestReally()

Elapsed Time: 125 ms.

 

 

 

 

 

 

So basically, something clearly wasn’t right on the Exchange Server. If you are getting the above error here’s the fix.

  1. Log on to the Exchange Server
  2. Open Exchange PowerShell
  3. Run the following command

    Get-ServerComponentState -Identity <ServerName>

    042016_1050_POPConnecti3.png

  4. Note the PopProxy component state is “Inactive”

    2

  5. On the Exchange PowerShell module, run the following command to activate the PopProxy component.

    Set-ServerComponentState -Identity <ServerName> -Component PopProxy -State Active -Requester HealthAPI

    3

  6. Run the Get-ServerComponentState command again to verify that the service state is up.

    4

  7. To verify POP service is working for users, go to the Microsoft Connectivity Analyzer and perform a POP test. The connection should be successful.

    5

Written by judeperera

April 22, 2016 at 6:12 am

Step by Step Guide for Installing Exchange Server 2016

with 26 comments

Download Exchange Server 2016

The following section describes a step-by-step guide for the installation of Microsoft® Exchange Server 2016. The installation considers a single server deployment of Exchange Server 2016 with the Mailbox role. Additional details of the topology and architecture of the lab environment which was used in the installation is described here;

Domain Controller
Operating System Windows Server 2012 R2
Forest Functional Level Windows Server 2012 R2
Domain Functional Level Windows Server 2012 R2
Exchange Server 2016
Operating System Windows Server 2012 R2
Installed Role Mailbox Role

1. Operating System Support for Exchange Server 2016

The following operating systems are supported;

Component Operating System
Mailbox and Edge Server Role Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 Standard or Datacenter
Windows Server vNext
Management Tools Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 Standard or Datacenter
64-bit edition of Windows 8.1

2. Active Directory Preparation

The first task in the installation of any version of Exchange is to prepare the Active Directory environment where the Exchange Server will be placed.

However, prior to the preparation, it should be checked against the following Network and Directory Server requirements;

Component Operating System
Domain controllers Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 R2 Standard or Datacenter
Windows Server 2008 R2 Standard/Enterprise/Datacenter
Windows Server 2008 Standard/Enterprise/Datacenter
Active Directory forest Windows Server 2008 or higher

Once the above requirements are verified for consistency, proceed with the following preparation tasks on the server/computer which will be used to prepare the Active Directory using the Exchange Server 2016 Active Directory Prepare module.

  1. Open Windows PowerShell and run the following command to install the Remote Tools Administration Pack.

Install-WindowsFeature RSAT-ADDS

3 Server role prerequisite installation

The prerequisites for Exchange 2016 varies on the server role which will be associated with it. The section describes the installation of Exchange 2016 on a server containing Windows Server 2012 R2 Operating System.

3.1 Prerequisites for Mailbox Server Role

The following section instructs the prerequisite installation that should be performed in a server running a standalone Exchange 2016 server with the Mailbox Server Role.

  1. Open a Windows PowerShell session by navigating to Start > All Programs > Accessories > Windows
    PowerShell.
  2. Run the following command to install the required Windows components.

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

  1. After installing the features, Download and Install;
    1. Microsoft .Net Framework 4.5
    2. Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

3.2 Prerequisites for Edge Server Role

The following section instructs the prerequisite installation that should be performed in a server running a standalone Exchange 2016 server with the Mailbox Server Role.

  1. Open a Windows PowerShell session by navigating to Start > All Programs > Accessories > Windows
    PowerShell.
  2. Run the following command to install the required Windows components.

Install-WindowsFeature ADLDS

3. After installing the features, Download and Install Microsoft .Net Framework 4.5

4 Prepare Active Directory and domains

To prepare the active Directory and the Domains for Exchange 2016, follow the following steps. To execute the commands, the commands should be run using the Schema Admins group and the Enterprise Admins group membership.

4.1 Extend Active Directory Schema

  1. Mount the Exchange Server 2016 installation Media
  2. Open up a Command Prompt session and navigate to the setup files from the command prompt
  3. Type the following command followed by an Enter

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

4.2 Prepare Active Directory

  1. On the command prompt, run the following;

Setup.exe /PrepareAD /OrganizationName:”<organization name>” /IAcceptExchangeServerLicenseTerms

4.3 Prepare Domains

  1. On the command prompt, run the following;

Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms

5 Installing Exchange Server 2016

The below section describes the installation of the Mailbox Server role for Exchange Server 2016.

If you’re installing the first Exchange 2016 server in the organization, and the Active Directory preparation steps have not been performed, the account you use must have membership in the Enterprise Administrators group. If you haven’t previously prepared the Active Directory Schema, the account must also be a member of the Schema Admins group.

  1. Log on to the server that will be used as the Mailbox server.
  2. Ensure that the above prerequisites are completed.
  3. Mount and navigate to the Exchange Server 2016 installation Media.
  4. Start Exchange 2016 Setup by double-clicking Setup.exe.
  5. On the Check for Updates page, select whether you want Setup to connect to the Internet and download product and security updates for Exchange 2016 and click Next.

  1. Once the setup is finished copying files on the Copying Files page, click Next.

  1. The Introduction page gives additional guidance for the installation procedure. Review the content and Click next to continue.

  1. On the License Agreement page, review the terms. If you agree to the terms, select I accept the terms in the license agreement, and then click next.

  1. On the Recommended Settings page, select whether you want to enable or disable the Exchange Error resolution and feedback feature. The option will either enable or disable automatically check for resolutions for any errors that occurs while the setup is running and sends Microsoft feedback. Click Next to proceed.

  1. On the Server Role Selection page, choose what server role you want to install. Whether to install the Mailbox role, Management Tools or Edge Server role on the server. For this lab Mailbox server role will be selected. Note that Edge and Mailbox cannot collocate on the same server and Management Tools will be installed by default when you chose the Mailbox role. If any Windows prerequisites are needed for the setup, select the Automatically install Windows Server roles and features that are required to install Exchange Server. Click Next to proceed.

  1. On the Installation Space and Location page, either accept the default installation location or click Browse to choose a new location with adequate storage space.

  1. If installing the Mailbox role, a Malware Protection Settings page will appear. Choose whether to enable or disable malware scanning and click Next.

  1. On the Readiness Checks page, view the status to determine if the organization and server role prerequisite checks completed successfully. If unsuccessful, perform the required tasks and click Back, and Next to run the Readiness check again. If successful, click Install to proceed.

  1. The installation will be performed.

  1. Once the setup completes installing all the components, the Setup Completed page will be displayed. Select Finish.

  1. As a best practice, restart the server which you performed the installation.

5 Review Exchange Installation

Once all the above tasks are performed, proceed with the below steps to verify the installation using the Exchange 2016 Administrative Center and PowerShell. Like its predecessor, Exchange Server 2016 management is handled by the Exchange Admin Center. The browser based management console, EAC can be used to manage your organizations on-premises as well as Office 365 and hybrid deployment scenarios.

To Navigate to the Exchange Admin Center;

  1. Open the web browser.
  2. On the URL section, type the below

    https://<FQDN_of_the_Exchange_Server>/ECP

  1. Enter your username and password in Domain\user name and Password and then click sign in.
  2. Review the tabs and sections the new Admin Center.

3 Step Guide – Add and Enable Bulk Users for Active Directory and Exchange

leave a comment »

So we have implemented our Active Directory and Exchange Servers. May be created some test users and mail flow is working perfectly and everything’s good to go! Is it? Not really.The next painstaking task is about to hit you!

It’s time to create users, modify properties from AD perspective and enable all the former users and bind them with the proper Databases etc.

Unfortunately, Microsoft has not been the nice to us admins when it comes to getting all the company users on board. Why I’m telling this is you is, if we have 10-20 users, creating them one by one wouldn’t be a huge problem. But what if you have to add 500, 1000 or may be 5000+ users for the environment? Well, Microsoft’s way is to use powershell scripts. Where as you may find couple of 3rd party tools that will give you some level of Graphical User Interface (GUI) to ease up the task.

Let’s see how we can go ‘The Microsoft Way’

There are many ways to play with powershell. Importing the all the information of users in form of a CSV file is the easiest way here. By just using Excel, we create a small database of users and related attributes. Once we have completed it. It’s all the matter of running a single line of a PowerShell command. Let’s go through an example to see things step by step!

Let’s take Contoso Corp! I have implemented a fully functioning Microsoft environment with an Active Directory and Exchange Server 2013. Assuming that the environment is ready for production and only requires users to be enabled.

Step 1 – Add Users in Bulk

Read the rest of this entry »

Written by judeperera

August 8, 2014 at 6:40 am

Can I Add Remove Exchange Server 2013 Roles ? Watch out!

leave a comment »

With the all new architecture, Exchange Server 2013 RTM now only has 2 Primary Server Roles; Client Access and Mailbox. This however took a slight change of path with the Messaging team finally deciding to add Edge Transport role to the stack as well. Still, comparing to the previous Exchange Server versions, this is a totally different architecture in terms of almost everything.

One major thing that someone should very well focus on is the design. You should be pretty much sure on what roles that you are going to assign for your servers with the options of;

  • Install Standalone Server Roles*
  • Combine Server Roles

*Edge role cannot be collocated/combined with any other server role.

Now even with the above option, there is a tricky point for you when it comes to installing and uninstallation of the roles.

  1. You CAN install one exchange server role (MBX/CAS), and later add the other  role(CAS/MBX) to the existing server.

add

BUT

  1. You CANNOT remove a server role  in a multi-role server with both CAS and MBX installed.

remove

This scenario should be taken quite seriously since there should be no room for any changes once you install both roles. So let’s say what if you came across in a situation like this? Well, the only option is to remove/uninstall the server completely and re-deploy. Which! is going to be a pain for sure!

 

The above is valid for the following Exchange Server 2013 versions as mentioned here;

  • Exchange Server 2013 RTM
  • Exchange Server 2013 CU 1
  • Exchange Server 2013 CU 2

If it’s still the same for CU 3 and SP1? Well, I shall post ASAP and if you were able to check it out, let me know.

Cheers!!!

 

Written by judeperera

May 6, 2014 at 12:13 pm

Split DNS! Something to consider when designing your Domain Environment

leave a comment »

Hello everyone, so today there was a situation where i had some issues with my newly deployed test environment where some users are having troubles when connecting to their email. My Lab scenario here is the organization, lets call it Contoso went through a new infra deployment where a new domain (contoso.com) was configured. The deployment of the DC’s were done just a day before and was in the fine-tuning stage.

Here’s the scenario:

  • Internal domain – contoso.com
  • External domain – contoso.com
  • E-mail domain – contoso.com
  • E-mail Provider – 3rd Party Hosted with POP
  • E-mail Client – Microsoft Outlook

The symptoms here were,  client mail connection is lost. However, some clients were able to communicate. Some experienced send receive issues most according to the clients.

So, let’s go through what has happened here by checking the two scenarios;

Users Who Cannot Connect

On the users who cannot connect, Outlook client reported that it cant find the server to connect. Send Receive status showed the Inbound/Outbound Servers were unable to connect to. However, when trying to resolve the MX record using NSLOOKUP, it was noted that no entry is returned except the SOA.

So I looked on their Network settings and noticed that their Primary DNS is set for the internal DNS server and the Secondary to an External.

Users Who Could Connect

Noticing the above, did the same thing and the nslookup was able to resolve the MX record lookup and returned the correct values. Upon checking the Network IP settings, it was identified that the Primary DNS IP was given an External.

 

So the conclusion was, the Internal DNS was unable to resolve the MX record as well as any mail related DNS records even though they were properly set up in the Public DNS Registrar.

Now let’s look at what has happened

For users who can connect, things happened like this. When the connection initiates from the outlook, it will try to resolve the records(fqdns) to connect. For that,

  1. It will look for the DNS cache first inside the client computer.
  2. It will look for the Primary DNS server assigned to get an authoritative reply.
  3. Look for the Secondary DNS server assigned for an authoratative reply.

Now since the client has given 8.8.8.8 (Google DNS) as primary, all queries were sent to that address and resolved successfully with a happy Client.

Now for the users who had the internal DNS server for Primary, the request was sent to the local DNS Server and the DNS server didn’t respond with a proper response that would connect outlook.

The reason had to do with the scenario with both the Internal and External Domain Names’ being the SAME!

Now if someone asks why, when the client looks for a query for mail.contoso.com it looks for the matching name in the local DNS server. The local DNS server receives the query and sees that the server itself is authoritative for the contoso.com Zone. However, in this new environment, NO mail.contoso.com Nor any mail based records were present. Due to this fact, the DNS server replies with nothing. Making the client not to connect.

So we call our situation is in a SPLIT DNS scenario. Now how to make things work?

The only thing you need to do is to create the pointers which are sitting on the Internet World on your local DNS Server. In my case, I created an records with the hostnames/IPs pointing to the internet. So now when a request comes for mail.contoso.com, the local DNS server see’s that there is an entry present pointing to an internet IP address and the client will use this to connect to the relevant service accordingly.

So what’s the catch here?

If your Internal Domain Name = External Domain Name in your environment, You are in a Split DNS environment. And you need to provide pointers for all your external domain based services on your local server.

dns query - split dns

If you have any such scenarios or suggestions to improve this article, please let us know 🙂

 

Written by judeperera

February 21, 2014 at 9:48 am