Display Name: All users
Status: Completed
Target Database: The Server I'm trying to migrate away from (that I previously migrated to)
Posts made by Mr. Jones
-
RE: Mailbox Migration Issues (EXCH 2016) On-Premposted in IT Discussion
-
Mailbox Migration Issues (EXCH 2016) On-Premposted in IT Discussion
So one of our on-prem 2016 Exchange Servers (VM) was hit by NLBrute pre-Network Firewall installation (early 2020), and we only recently were affected by it/noticed it when trying to upgrade to CU20. After cleaning the infection, and scanning the mailbox databases for infection, I migrated all mailbox databases to the other on-prem Exchange Server (VM) and nuked the old server.
My issue now is I can't migrate back. Mailbox Migration is failing saying that there is a UserAlreadyBeingMigratedException.
I've checked and clearedRemove-MigrationBatch "Batch Name" -Forceand refreshed ECP to verify as well asGet-MigrationBatch -Endpoint mail.contoso.com. There doesn't appear to be residuals.Some additional details:
Exchange logs (Program Files>Microsoft>Exchange Server>V15>Mailbox>Mailbox Database XXXXXX>) Appear to be nonsense. Just random webdings looking stuff. I assume aftermath of NLBrute or something is corrupted.
I tried to use eseutil to repair because of this, but it unmounts the database and then throws error 1811 and it's impossible to mount again.
I eventually restored from snapshot, and am looking at trying again with another approach.
Since 99.9% of our staff are using Outlook software, and have cached local .ost's, I'm thinking it would just be best to backup a copy of their .ost's to the NAS, and erase everyone's mailboxes from the server, make new ones, and restore the ost.
Any better ideas?
-
RE: SAMIT: The Roles of Web Hostingposted in Self Promotion
@scottalanmiller I don't know how new any of this is, but I'm really digging the transitions and logo stuff you got going on. It's got the RGB feel to it, but not over the top.
-
Organizational Securityposted in IT Discussion
How do you guys handle the broad spectrum of phishing, whaling, scam, etc. attempts?
Had a user get a scam email recently. Thankfully they forwarded it to my dept, and promptly deleted it. I was reflecting on what we do in our department to educate users and I don't feel like it's enough.
Do you all ever screenshot the email and send out a warning of basically "this is what a phishing attempt looks like", with added notes on how and why?
Do you all ever create mock phishing attempts to send out to your organization that when clicked take them to basically a "oops, you did a bad thing, now take this training"? If so, what's a good site/program for that?
Do you ever report any of the attempts, or is it a simple blacklisting of that domain you deploy? If you do report them, to whom?
Would love some thoughts and input to see what everyone else is doing or some best practices.
-
RE: Exchange 2016 Environment DNS entries helpposted in IT Discussion
So either a firewall issue or your isp may be blocking port 25. Is this business internet with a static ip?
Yes. Time to look at the Firewall.
-
RE: Exchange 2016 Environment DNS entries helpposted in IT Discussion
@syko24 said in Exchange 2016 Environment DNS entries help:
@Mr-Jones - on mxtoolbox just type in the search line:
tcp:mail.mydomain.com:25
Press enter and see if it says the port is open.
Thanks. It throws an "unable to connect" and then lists the GoDaddy IPv4 address that's associated with the A record of mail.mydoamin.com
-
RE: Exchange 2016 Environment DNS entries helpposted in IT Discussion
check your firewall and make sure port 25 is forwarding to your Exchange server.
Going to look into that for sure. Thank you!
-
RE: Exchange 2016 Environment DNS entries helpposted in IT Discussion
@nadnerB yea. I've been using that, but I'm guessing I need to sign up for something, because it's not telling me much. Definitely less descriptive that nslookup unless I just don't know how to use it which is a great possibility.
-
RE: Exchange 2016 Environment DNS entries helpposted in IT Discussion
@syko24 That's not going to help me atm, as I'm tunneled in, but it's a good resource and I appreciate that.
-
Exchange 2016 Environment DNS entries helpposted in IT Discussion
I'm trying to troubleshoot my exchange environment not being able to receive inbound emails. Emails work within the domain, and they send out, we just can't receive outside communications. We host with GoDaddy so there's DNS entries there to worry about, but they haven't been touched, so let's assume they are good. lol
Using
nslookup -querytype=mx mydomain.comreturns:Server: PDC.mydomain.com
Address: <PDC IPv4 address>mydomain.com MX preference = 10, mail exchanger = mail.mydomain.comSo I feel like my MX is at least functional, but I'm not great with DNS yet.
Furthermore, using
nslookup -querytype=a mail.mydomain.comreturns:Server: PDC.mydomain.com
Address: PDC IPv4 addressName: EXCHSERV.mydomain.com
Address: <EXCHANGESERVER IPv4 Address>
Aliases: mail.mydomain.comI have a feeling I'm missing a DNS entry. My DNS entries are as follows:
CNAME=autodiscover - mail.mydomain.com
CNAME=mail - EXCHSERV.mydomain.com
A=EXCHSERV - EXCHSERV IPv4 Address
MX=(same as parent folder) - [10] mail.mydomain.comAnything stick out to you guys? What would be your next move?
EDIT: nuked a server earlier and am picking up the pieces. I think there was only ever one IP exemption for SMTP 25 and it was the server I nuked (running dual exchange environment). I'll have to wait until tomorrow to do anything with the firewall as I don't have the password memorized and I'm working from home atm. Will update with resolution when I sort it out.
EDIT #2: Issue is resolved. The firewall was set to allow traffic to only the server I nuked.