Exchange 2013 Health Check Monitors and Journaling

Exchange 2013 includes built-in health monitors that monitor the health of system resources.  Microsoft calls this new process "Managed Availability".

The Exchange 2013 Server Health and Performance topic on TechNet says,

"Exchange 2013 introduces the concept of managed availability. Managed availability runs on every Exchange 2013 server. It's made up of two processes, the Exchange Health Manager Service (MSExchangeHMHost.exe) and the Exchange Health Manager Worker process (MSExchangeHMWorker.exe), and the following asynchronous components:

• Probe engine   The probe engine takes measurements on the server.

• Monitoring probe engine   The monitoring probe engine stores the business logic about what constitutes a healthy state. It functions like a pattern recognition engine, looking for patterns and measurements that differ from a healthy state, and then evaluating whether a component or feature is unhealthy.

• Responder engine   When the responder engine is alerted about an unhealthy component, its first action is to try to recover that component. Managed availability enables multi-stage recovery actions. The first attempt may be to restart the application pool, the second attempt may be to restart the corresponding service, and the third attempt may be to restart the server. And, the final attempt may be to put the server offline, so that it no longer accepts traffic. If all of these actions fail, an alert is sent to the help desk."

When you install Exchange 2013 it automatically creates several HealthMailbox<guid> objects in Active Directory used by the managed availability service.  There are two health mailboxes that are created for a single mailbox database, one for mailboxes, and one for Public Folders (if deployed).  These hidden mailbox objects can be viewed from EMS by running the following command:

Get-Mailbox -Monitoring

Exchange 2013 managed availability uses these HealthMailbox<guid> objects to send emails through Exchange to verify mail flow every 5 minutes.  This causes problems if you're doing organization-wide journaling in the RTM version of Exchange 2013.  The org-wide Journal Rule will journal all these health probe emails, polluting the journal with thousands of useless messages.

Examples of these journaled health monitor messages are:

Sender: HealthMailboxac09e6fd942f4b40aba364cf2bf34e6b@contoso.com

Subject: MBTSubmission/StoreDriverSubmission/00000047-0000-0000-0000-0000b7145037-MapiSubmitLAMProbe

Message-Id: <2f33c299d6594de9b2ade02dee24e0c9@EX1.contoso.com>

To: HealthMailboxac09e6fd942f4b40aba364cf2bf34e6b@contoso.com

Sender: HealthMailboxc8a6d67ca286431abdf771e24a58093e@contoso.com

Subject: Client submission probe

Message-Id: <70701396-16e9-49ed-9888-11e39257d03e@EX1.contoso.com>

Bcc: HealthMailboxc8a6d67ca286431abdf771e24a58093e@contoso.com

Sender: inboundproxy@inboundproxy.com

Subject: Inbound proxy probe

Message-Id: <20d4e3a7-34a4-4b59-9773-9e1b51328b5a@EX1.contoso.com>

Recipient: HealthMailboxc8a6d67ca286431abdf771e24a58093e@contoso.com

Exchange 2013 Journal Mailbox filled with HealthMailbox* reports

This issue is supposed to be fixed in the first half of 2013, but if you can't wait that long (who could blame you), here's a workaround:

• Add "Ignore" as the value of the ExtensionCustomAttribute1 attribute on each HealthMailbox* object in Active Directory using the following command from the Exchange Management Shell:

Get-Mailbox -Monitoring | Set-Mailbox -ExtensionCustomAttribute1 'Ignore'

• Use the Exchange Management Shell to create a new Dynamic Distribution Group using the following two commands:

New-DynamicDistributionGroup -Name 'Journaled Users' -Alias JournaledUsers -RecipientFilter {((((CustomAttribute1 -ne 'Ignore') -and (RecipientType -eq 'UserMailbox'))) -and (-not(Name -like 'SystemMailbox{*')) -and (-not(Name -like 'CAS_{*')) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')))}
Set-DynamicDistributionGroup -HiddenFromAddressListsEnabled $true

• The commands above create an Exchange Dynamic Distribution Group called Journaled Users that contains all email enabled objects where the ExtensionCustomAttribute1 doesn't equal Ignore.  It then hides the Dynamic Distribution Group from the Exchange address lists.  Note that users will not see this DDG in the list of groups they are members of.
• Create a new journal mailbox to hold the journal reports and hide it from Exchange address lists.  In this example, I call it Journal Mailbox.
• Lastly, create a new Journal Rule that journals all emails for the Journaled Users DDG to a journaling mailbox called Journal All using the following command from EMS:

New-JournalRule -Name 'Journal All' -JournalEmailAddress 'journalmailbox@domain.com' -Scope 'Global' -Enabled $true -Recipient 'JournaledUsers@domain.com'

It's important that you don't update the Dynamic Distribution Group using the Exchange Management Console.  Doing so will update the DDG to a "precanned" RecipientFilter and the HealthMailbox* mailboxes will be journaled.

Update 5/29/2013 - I have confirmed this is still an issue with Exchange 2013 RTM CU1.
Update 8/1/2013 - Still an issue with Exchange 2013 RTM CU2-V2.  Microsoft released the following KB article describing how to use the new Add-GlobalMonitoringOverride cmdlet to work around the problem.  See Managed Availability messages are journaled in Exchange Server 2013 (http://support.microsoft.com/kb/2823959).  I expect this will be the way to address this issue going forward.
 

Read more ...

Script to Force Download of the Lync 2013 Address Book

In a previous article I wrote a script that forces Lync 2010 clients to update the Lync Server 2010 address book.

The Lync 2013 client not only changes the location where the address book is stored on the local machine, but changes the address book file name for Lync Server 2013, as well.

The script below sets the GALDownloadInitialDelay key in the registry to force the Lync client to download the address book immediately after signing in.  It then enumerates all the SIP_* sub-folders in the C:\Users\%username%\AppData\Local\Microsoft\Office\15.0\Lync folder and deletes the ABS__sipdomain.cache file which makes up the local Lync 2013 address book and the GAL*.* files that make up the local Lync 2010 address book.

@echo off
echo.
rem Check if Lync is running, exit if it is...
tasklist /fi "IMAGENAME eq lync.exe" | find "lync.exe" >nul
If %errorlevel%==0 goto LyncIsRunningError
rem Add x86 GALDownloadInitialDelay registry entry
reg add HKCU\Software\Policies\Microsoft\Communicator /v GALDownloadInitialDelay /t REG_DWORD /d 0 /f >nul
If %errorlevel%==1 goto ElevationError
rem Add WOW64 GALDownloadInitialDelay registry entry if x64
If %PROCESSOR_ARCHITECTURE%==AMD64 reg add HKCU\Software\Wow6432Node\Policies\Microsoft\Communicator /v GALDownloadInitialDelay /t REG_DWORD /d 0 /f >nul
If "%LOCALAPPDATA%"=="" Set LOCALAPPDATA=%USERPROFILE%\Local Settings\Application Data
dir "%LOCALAPPDATA%\Microsoft\Office\15.0\Lync\sip_*" /b > list.txt
FOR /F "tokens=1" %%i in (list.txt) do (
rem Delete the Lync Server 2010 address book...
If Exist "%LOCALAPPDATA%\Microsoft\Office\15.0\Lync\%%i\gal*.*" del "%LOCALAPPDATA%\Microsoft\Office\15.0\Lync\%%i\gal*.*"
rem Delete the Lync Server 2013 address book...
If Exist "%LOCALAPPDATA%\Microsoft\Office\15.0\Lync\%%i\abs*.cache" del "%LOCALAPPDATA%\Microsoft\Office\15.0\Lync\%%i\abs*.cache"
)
del list.txt
echo Clearing Lync 2013 Address Books...  Done!
echo.
echo Sign back into Lync 2013 to download the current address book.
goto End
:ElevationError
echo ERROR: You must run this command from an elevated Command Prompt.
echo.
goto End
:LyncIsRunningError
echo ERROR: You must exit Lync 2013 before running this command. Right-click the Lync icon and choose Exit.
echo.
:End

Save the script above as UpdateLync2013AddressBook.bat.  Exit out of the Lync client and run the script from an elevated Command Prompt. Then sign back into Lync and the address book will download immediately.

Output from UpdateLync2013AddressBook.bat

Read more ...

Working with Hi-Res Photos in Exchange 2013 and Lync 2013

Exchange 2013 and Lync 2013 now have the ability to use high-resolution photos for users to view photos of their contacts and to make their own photos available to others.  Usually these photos were stored as part of the user's thumbnailPhoto attribute in Active Directory.  The recommended resolution for photos stored in the thumbnailPhoto attribute is 96 pixels by 96 pixels.  In addition, the thumbnailPhoto attribute has a physical limit of 10KB.

Lync 2013 now features a larger contact photo for meeting participants.  It scales those small 96x96 pixel thumbnailPhotos up to 278x278 pixels, which results in a blurry, but still usable, photo.

96x96 pixel photo displayed in Lync 2013

The new high-res photos used by the Wave 15 products (Exchange 2013, Lync 2013, SharePoint 2013, and Office 2013) are now stored in the user's Exchange 2013 mailbox and are accessed using Exchange Web Services (EWS).  This makes a lot of sense since Exchange is installed in almost all of these environments.  Lync 2013 now allows for photo sizes up to 648 pixels by 648 pixels - a 700% improvement!  Just look at that handsome devil!

648x648 pixel photo displayed in Lync 2013

The following script sample can be used to store a 648 by 648 pixel photo in Ken Myer's Exchange 2013 mailbox:

$photo = ([Byte[]] $(Get-Content -Path "C:\Photos\Ken Myer.jpg" -Encoding Byte -ReadCount 0))
Set-UserPhoto -Identity kenmyer -PictureData $photo -Confirm:$False
Set-UserPhoto -Identity kenmyer -Save -Confirm:$False

Exchange 2013 automatically scales this 648x648 photo for various applications. The following examples show the same hi-res photo in Office 2013 and Lync 2013 scaled to different sizes.

Outlook 2013 contact view

My Picture option in Lync 2013

Notice in the Lync 2013 example above that there's a button to allow users to edit or remove their picture.  That button only lights up in Lync 2013 if the user's mailbox is hosted on an Exchange 2013 server.  There is no "self-service" way to upload pictures with Exchange 2010, although it can be done from SharePoint 2010.

But before you go updating all the photos of employees in your company with new hi-res photos, you should know a few things about backward compatibility.  The Set-UserPhoto cmdlet, which only exists in Exchange 2013 and is used in the script above, not only stores the hi-res photo in the user's mailbox, it also stores a 48x48 pixel version in the thumbnailPhoto AD attribute.  That's half the resolution of the 96x96 recommended size and results in a terrible photo for users on Exchange 2010.

48x48 pixel thumbnailPhoto displayed in Lync 2013

It's interesting to note that Exchange 2010 users always use the 48x48 thumbnailPhoto attribute in AD.  Lync 2013 won't look for a hi-res photo in the Exchange 2013 user's mailbox if the Lync 2013 user is on Exchange 2010.  This gives a less than optimal view for the Exchange 2010 Lync user:

This is really only an issue for customers in an migration scenario, but it's worth noting.  The point is that update Exchange 2013 mailbox users with hi-res photos, you may still want to re-update the users' thumbnailPhoto attributes with better 96x96 pixel photos when you're done.

For more information about high resolution photos used in Lync 2013 see Configuring the Use of High-Resolution Photos in Microsoft Lync Server 2013, but please keep in mind that the script examples in that article have typos in them.  The script above corrects those errors.

You may also want to read GAL Photos in Exchange 2010 and Outlook 2010.

Read more ...