Wednesday, August 08, 2007

Robbery goes wrong when robber shoots self

Opherro G. Jones of Honolulu needs to give up his life of crime. He is just not very good at it. Recently, while pistol whipping one of his victims for more money, he accidentally shot himself.

Unfortunately for the human race and our gene pool, he survived.

Saturday, August 04, 2007

Restricting RAM usage in Exchange 2007

I have seen a number of discussions over the past couple of weeks about how much RAM the Exchange 2007 store.exe uses. On a server with 8GB of RAM, it may well be consuming over 7GB. This is a feature, not a bug. In order to achieve the improvements in disk I/O performance, store.exe (which runs the ESE database engine) consumes as much RAM as it possibly can.

This is great on a production Exchange 2007 Mailbox server with hundreds or thousands of mailboxes. But it can be an annoyance on a server in a classroom, lab, or where you have a small Exchange 2007 combined function server sharing a number of applications. I figured there was not a way to restrict the amount of RAM that Exchange 2007 was consuming, but fellow MVP Henrik Walther pointed out to me that you could restrict the amount of cache just like you could adjust it in Exchange 2003.

Before I proceed with instructions, please take note of this disclaimer: The performance gains you might get by providing Exchange 2007 with sufficient memory may be lost if you restrict the memory to the point that Exchange cannot cache mail data effectively.

To restrict the amount of RAM that Exchange is using, you need to use ADSIEdit (from the Windows 2003 Support Tools) and you need to logon as someone that has permissions to edit the Exchange configuration. Navigate down through the Configuration container as follows, the organization name is Somorita and the server name is HNLEX04:
Configuration -> Services -> Microsoft Exchange -> Somorita -> Administrative Groups -> Exchange Administrative Group (FYDIBHOHF23SPDLT) -> Servers -> HNLEX01 -> Information Store.

Right click on CN=Information Store and choose Properties; locate the msExchESEParamCacheSizeMax property.

I have experimented with a couple of different values. If I set the pages to 73728, then the RAM used is about 656MB, but if I set it to 147456 then the RAM used is about 1,260MB. Please read Microsoft KB article How to optimize memory usage in Exchange Server 2003 for more information on this process, but keep in mind that the page size is 8192 rather than 4096 (which is what it was for E2K3).


The Closer - Serving the King

During the season finale of the second season of The Closer, Brenda recited pieces of a speech she had heard while at the CIA. I found this dialog really interesting and captured it here.

SGT Gabriel says: "You know something is bothering me a little. This whole CIA thing. I don't know how much I trust them. You know how I feel about the people that work there."

Brenda responds: "I know, it is a 'gray area'. I remember once hearing a speech about what it meant to be an officer of the CIA. And the man who gave this speech talked about the struggle to control civilization and how we are always fighting the same fight. And he used the dark ages as an example.

He talked about how one side you had the pragmatic King who was greedy and power hungry and basically took advatange of people whenever he could. On the other side you had the idealistic church forcing everyone to follow the same rules and believe the same things.

Neither the King nor the Church was ever completely right. Both sides ended up doing terrible things to get what they wanted. Really terrible things.

The point of the story was this, that this struggle from the dark ages had been going on forever. That the church and the King might take on different forms and philosophies, but they would always fight each other. Pragmatists and Idealists. And that most times, you are better off standing on the sidelines and letting them duke it out.

But every once and a while, one side or the other decides it might be better to just blow up the whole world just to get its own way. And when that happens, you can't stand on the sidelines anymore. You have to pick a team.

And so for tonight, anyway, we are serving the King.

Thursday, August 02, 2007

SSL tunneling is not passed through the transmogrifiers.

One of my mailbox is getting a massive amount of spam lately; it is making its way all the to my Inbox. It is all almost obviously spam at first glance, but I love the subjects of some of these, though. Todays was the best (with shades of Calvin and Hobbs).

SSL tunneling is not passed through the transmogrifiers.

Exchange 2007, legacyExchangeDN and mail-enabled user conversions

This was an interesting topic that just recently came up in the TechNet forums. The original poster came up with a good solution.

Essentially, during his migration, he is converting mail-enabled users to mailbox-enabled users, but their legacyExchangeDN attribute is changing. This causes problems when users reply to messages that person originally sent or if they have his/her name in their Outlook nickname (NK2) file. Essentially, the legacyExchangeDN no longer exists in the directory so existing messages and NK2 entries don't work anymore.

The solution is to document the account's legacyExchangeDN before removing the mail attributes from the mail-enabled user and then adding that legacyExchangeDN address to the new mailbox-enabled user as an X500 address. The person that was looking for a solution (Jim Mulvey) wrote a nice PowerShell / EMS script to handle this.

$SourceRecipient = Get-Recipient $emailaddress
If ($SourceRecipient.RecipientType -eq "MailUser" {
$OldLegacyExchangeDN = [string]$SourceRecipient.LegacyExchangeDN
$DistinguishedName = [string]$SourceRecipient.Identity.ToCanonicalName()
$EmailAddresses = $SourceRecipient.EmailAddresses
Disable-MailUser $DistinguishedName -confirm:$false

#An inexplicable 5 minute delay here would ensure the Mailbox object gets the
#same LegacyExchangeDN as the old MailUser object. But we really shouldn't have
#the user's email bounce for 5 minutes before we welcome them to Exchange.

$TargetRecipient = Enable-Mailbox -identity $DistinguishedName -database 'Server01/SG01/DB01'
Set-Mailbox $TargetRecipient -EmailAddresses $EmailAddresses

#Check to see if the New LegacyExchangeDN is the same as the old one
#If not, add the old LegacyExchangeDN as an additional Proxy Address

If ([string]$TargetRecipient.LegacyExchangeDN -ne $OldLegacyExchangeDN) {
$EmailAddresses += [Microsoft.Exchange.Data.CustomProxyAddress]("X500:" + $OldLegacyExchangeDN)
Set-Mailbox $TargetRecipient -EmailAddresses $EmailAddresses

"Conversion of user from MailUser to Mailbox complete."
} Else { throw "This script only converts MailUser objects to Mailbox objects" }