Exchange

How to renew a self signed certificate in Exchange Server 2007

http://www.ncol.net/how-to-renew-a-self-signed-certificate-in-exchange-server-2007/

How to renew a self signed certificate in Exchange Server 2007

The Exchange 2007 self signs a certificate when the server role is first added for all the Exchange services that run in unison with IIS (smtp & owa etc). The  certificate expires after one  year from the date the server was first installed or the date the certificate was assigned manually.

First, check the status of the certificate by opening the Exchange Management Shell and executing the commandGet-ExchangeCertificate |FL’ – this displays all information about the currently assigned certificates and the status of each certificate.

It is common that they may be more than one certificate listed in the display – if that is the case, find the certificate that shows an expired date in the field ‘NotAfter‘ – as this defines when each certificate becomes invalid/expired. An expired certificate may cause problems such as connectivity to web services, SMTP transport and Outlook prompting certificate security warnings.

Use the following steps to generate a new certificate and enable it to run IIS services:

1. Type ‘Get-ExchangeCertificate |FL’ – This only lists details of certificates that are assigned to Exchange Services. Then note down the Thumbprint of the expired certificate.

2. Then type ‘Get-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63” | New-ExchangeCertificate’ . This generates a new certificate, and you will then be prompted to confirm if you want to overwrite the expired certificate and use the new one for the SMTP service.

3. If you run the cmdlet in step 1 you will notice the new certificate is not used to secure IIS services anymore. Make a note of the new thumbprint and run the following command typing the new thumbprint between the quotation marks: ‘Enable-ExchangeCertificate – Thumbprint “7A843B04EA2865CA9E6C34B42329AEE4456F9013” –Services IIS’

4. Be sure to verify all the services are working correctly after renewing and enabling the certificate – test Outlook clients by closing and opening Outlook to esnure there are no security certificate warnings.

6. Finally, Remove the old certificate by typing the following cmdlet into the management shell: Remove-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63″.

Advertisements

List Exchange OWA Users

Outlook Web Access (OWA) and ActiveSync reporting using IIS logs

 

Outlook Web Access (OWA) and ActiveSync reporting using IIS logs

I was asked to report on how many people were still accessing a legacy Exchange server via Outlook Web Access for the purposes of retiring it permanently.  Here is a step by step walk through. Pasted commands may not work.  Please type directly into the cmd window!

  1. Locate your IIS logs on your exchange server.  Mine were stored in C:\inetpub\logs\LogFiles\W3SVC1.  For more help refer to this article.
  2. For this example we will be copying the logs we need locally to the C:\log directory.  This method could easily be adapted to use UNC paths but was not needed for my purposes.  IIS should create one log per day so copy the number of days you would like to report on to c:\log on your local machine.
  3. Download Log Parser 2.2 from the Microsoft website and install it to the default directory.
  4. Next we will use log parser to combine all of these logs into a single file.  Create a subdirectory under c:\log called mergedlog.  From the command line navigate to the log parser directory “C:\Program Files (x86)\Log Parser 2.2” and run the following command “logparser.exe -i:iisw3c “select * into c:\log\mergedlog\merge.log from c:\log\*” -o:csv”  This will create a single log file named merge.log and convert the data from iisw3c to csv format.
  5. Next we will need to run a command that will pull the information we are looking for out of the log.  Here are three examples that list User Name, Date, Time, IP, page accessed, and user agent. Each will output the results into a file named output.csv in the c:\log directory.

The first command looks for OWA access

LogParser -i:csv “SELECT cs-username, date, time, c-ip, cs-uri-stem, cs(User-Agent) FROM C:\log\mergedlog\merge.log TO C:\log\Output.csv WHERE cs-method LIKE ‘%get%’ and cs-uri-stem LIKE ‘%owa%’

This next command lists ActiveSync users

LogParser -i:csv “SELECT cs-username, date, time, c-ip, cs-uri-stem, cs(User-Agent) FROM C:\log\mergedlog\merge.log TO C:\log\Output.csv WHERE cs-method LIKE ‘%post%’ and cs-uri-stem LIKE ‘%Microsoft-Server-ActiveSync%’

Finally as a Bonus This one looks for Mac Office Users

LogParser -i:csv “SELECT cs-username, date, time, c-ip, cs-uri-stem, cs(User-Agent) FROM C:\log\mergedlog\merge.log TO C:\log\Output.csv WHERE cs-method LIKE ‘%post%’ and cs(user-agent) LIKE ’%Macoutlook%’

There is a good book you can get on Amazon called Microsoft Log Parser Toolkit that has a goldmine of knowledge on how to use this tool.