Category Archives: Exchange

Bulk Mail Users Creation Exchange 2010

There will always be the need to create multiple e-mail account for many users using exchange 2010. below is a simple poweshell command that will import a CSV file called exchange and create according to the data inside the file the users specified.



Import-Csv C:\exchange.csv | % {
$name = $_.first + ” ” + $_.last;

New-Mailbox -Name $name -Alias $_.Alias -FirstName $_.first -LastName $_.last -UserPrincipalName $_.upn -database $_.database -org $_.OU -password (ConvertTo-SecureString $_.password -AsPlainText -Force)


note that all the variables in the command above are also presented in the below example CSV file.



Exchange 2010 Group Related Error

You might encounter the error stating ” The name reference is invalid.This may be caused by replication latency between Active Directory domain controllers” while trying to customize some of the attributes related to one or more group using EMC or exchange management console. Well the first thing that will come to your mind is that you have replication problem related to your domain controllers specially if you have huge Directory Service Topology with so many domain controllers replicating. that said, fortunately the root of the problem is much simpler and related to EMC only. The solution is as following, remove the following two files from the below locations and your good to go.


C:\Users\xxxxxx\AppData\Roaming\Microsoft\MMC\Exchange Management Console

C:\Users\xxxxxx\AppData\Roaming\Microsoft\MMC\Exchange Queue Viewer

Spotting the five most common iPhone and Exchange ActiveSync problems

Although the iPhone is designed to connect to Exchange Server with ActiveSync, administrators and users have reported a number of issues. Before you allow your users to connect their iPhones to Exchange, take a look at the five most pervasive iPhone and Exchange 2010 connectivity problems and their solutions.

1. Coexistence challenges
The most widely reported issue is an Autodiscover compatibility problem that prevents an iPhone from connecting to Exchange. It occurs if the iPhone user’s mailbox resides on Exchange Server 2007 in a mixed Exchange 2007 and Exchange 2010 environment.

In this setup, mobile devices that run ActiveSync version 12.0 or lower connect to the Exchange 2010 client access server (CAS) and are then proxied to the Exchange 2007 CAS. Newer versions of ActiveSync use the Autodiscover service to determine which CAS that devices connect to.

The iPhone 4 uses a version of ActiveSync that should be able to use the Autodiscover service. Unfortunately, it does not work correctly. Users that have difficulty connecting an iPhone to an Exchange 2007 mailbox server in a mixed environment have three options:

  1. Wait for Apple to fix the problem.
  2. Move the mailbox to an Exchange 2010 mailbox server.
  3. Force the CAS to proxy the connection. This is done with the following Exchange Management Shell (EMS) command:

Get-ActiveSyncVirtualDirectory –Server <Exchange 2007 CAS server name> | Set-ActiveSyncVirtualDirectory –ExternalURL:$Null

You can read more about coexistence at Microsoft’s TechNet site.


The Exchange ActiveSync Mailbox Policy contains a setting called Allow Non Provisionable Devices. This setting — which is disabled by default — controls which mobile devices are allowed to establish ActiveSync connections with Exchange. If the setting is enabled, any ActiveSync-enabled device can connect to Exchange. If the setting is disabled, devices will only connect if they can be automatically provisioned with all of your ActiveSync policy settings.

The iPhone technically qualifies as a non-provisionable device because a number of ActiveSync policy settings cannot be applied to it. If you’re having difficulty connecting an iPhone to Exchange, or if you find that some ActiveSync policy settings are being ignored, compare your company’s ActiveSync policy settings with the ActiveSync settings the iPhone supports.

3. Heartbeat intervals
ActiveSync is based on Direct Push technology. Direct Push uses heartbeats to keep an HTTPS session open even when data is not actively sent or received.

Mobile devices send requests to the CAS, asking to be notified when new items arrive. Requests are valid for a set length of time. The request validity period is also known as the heartbeat. If data is not received from the server within the request period, the device issues another request and another heartbeat occurs, keeping the session alive.

Exchange Server 2010 uses dynamic heartbeats. Exchange 2010 also defines both minimum and maximum heartbeat intervals. The mobile device usually starts with a short heartbeat interval and gradually works up to a longer interval once the session proves stable.

Normally, there’s no reason to change the minimum and maximum heartbeat interval values; Microsoft actually discourages altering the default values. According to Apple however, if an iPhone has difficulty with the existing heartbeat settings, you should set the maximum heartbeat to 59 minutes.

You can find more information on how heartbeats work at TechNet. Additionally, TechNet has instructions on adjusting heartbeat values if you need to do so.

4. Firewall timeouts
An iPhone may experience ActiveSync timeout issues unless all of the firewalls between the iPhone and the CAS are configured with a timeout period of 30 minutes or longer. The method to adjust the timeout depends on your firewall.

5. IP address settings
Some iPhone users find that their devices works well when connected to ActiveSync over the Internet, but that mail flow stops when connecting over corporate networks. This problem is usually traced to a domain name system (DNS) setting.

Your CAS must use a consistent IP address and a fully qualified domain name regardless of how the iPhone connects. If your internal DNS server provides a different IP address for the CAS than the one listed by external DNS servers, mail flow may cease until the device is no longer connected to the corporate network.

The iPhone is generally a solid ActiveSync client. However, every network is different and it’s possible that settings unique to your network may cause problems for iPhone users. If this happens, you can probably trace the problem to one of the causes described here.

Brien Posey
is an eight-time Microsoft MVP with two decades of IT experience. Before becoming a freelance technical writer, Brien worked as a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network administrator for some of the nation’s largest insurance companies and for the Department of Defense at Fort Knox.

Send on behalf and send as


Send on Behalf and Send As are similar in fashion. Send on Behalf will allow a user to send as another user while showing the recipient that it was sent from a specific user on behalf of another user. What this means, is that the recipient is cognitive of who actually initiated the sending message, regardless of who it was sent on behalf of. This may not be what you are looking to accomplish. In many cases, you may want to send as another person and you do not want the recipient to be cognitive about who initiated the message. Of course, a possible downside to this, is that if the recipient replies, it may go to a user who did not initiate the sent message and might be confused depending on the circumstances. Send As can be useful in a scenario where you are sending as a mail-enabled distribution group. If someone replies, it will go to that distribution group which ultimately gets sent to every user who is a part of that distribution group. This article will explains how to use both methods.

Send on Behalf

There are three ways to configure Send on Behalf. The first method is by using Outlook Delegates which allows a user to grant another user to Send on Behalf of their mailbox. The second method is having an Exchange Administrator go into the Exchange Management Shell (EMS) and grant a specific user to Send on Behalf of another user. The third and final method is using the Exchange Management Console (EMC).

Outlook Delegates

There are major steps in order to use Outlook Delegates. The first is to select the user and add him as a delegate. You then must share your mailbox to that user.

  1. Go to Tools and choose Options
  2. Go to the Delegates Tab and click Add
  3. Select the user who wish to grant access to and click Add and then Ok

Note: There are more options you can choose from once you select OK after adding that user. Nothing in the next window is necessary to grant send on behalf.

  1. When back at the main Outlook window, in the Folder List, choose your mailbox at the root level. This will appear as Mailbox – Full Name
  2. Right-click and choose Change Sharing Permissions
  3. Click the Add button
  4. Select the user who wish to grant access to and click Add and then Ok
  5. In the permissions section, you must grant the user at minimum, Non-editing Author.

Exchange Management Shell (EMS)

This is a fairly simple process to complete. It consists of running only the following command and you are finished. The command is as follows:

Set-Mailbox UserMailbox -GrantSendOnBehalfTo UserWhoSends

Exchange Management Console (EMC)

  1. Go to Recipient Management and choose Mailbox
  2. Choose the mailbox and choose Properties in Action Pane
  3. Go to the Mail Flow Settings Tab and choose Delivery Options
  4. Click the Add button
  5. Select the user who wish to grant access to and click Add and then Ok


Send As

As of Exchange 2007 SP1, there are two ways to configure SendAs. The first method is having an Exchange Administrator go into the Exchange Management Shell (EMS) and grant a specific user to SendAs of another user. The second and final method (added in SP1) is using the Exchange Management Console (EMC).

Exchange Management Shell (EMS)

The first method is to grant a specific user the ability to SendAs as another user. It consists of running only the following command and you are finished. The command is as follows:

Add-ADPermission UserMailbox -ExtendedRights Send-As -user UserWhoSends

Exchange Management Console (EMC)

  1. Go to Recipient Management and choose Mailbox
  2. Choose the mailbox and choose Manage Send As Permissions in Action Pane
  3. Select the user who wish to grant access to and click Add and then Ok


Miscellaneous Information

No “From:” Button

In order for a user to Send on Behalf or Send As another user, their Outlook profile must be configured to show a From: button. By default, Outlook does not show the From: button. In order to configure a user’s Outlook profile to show the From: button:




If you are sending as another user, the recipient user might reply. By default, Outlook is configured to set the reply address to whoever is configured as the sending address. So if I am user A sending on behalf of user B, the reply address will be set to user B. If you are the user initiating the sending message, you can configure your Outlook profile to manually configure the reply address.


Conflicting Methods

If you are configuring Send on Behalf permissions on the Exchange Server, ensure that the user is not trying to use the Outlook delegates at the same time. Recently, at a client, I was given the task to configure Send As as well as Send on Behalf. As I was configuring Send As on the server, I found out that the client was attempting to use Outlook Delegates at the same time. Send As would not work. Once the user removed the user from Outlook Delegates and removed permissions for that user at the root level of your mailbox that appears as Mailbox – Full Name, Send As began to work. So keep in mind, if you are configuring Send As or Send on Behalf, use only one method for a specific user.