Sunday, June 25, 2017

Exchange 2013 Multi-Tenant setup

Create Tenant

 

# 1. create a OU for the first Tenant “Tenant A”

New-ADOrganizationalUnit -Name TenantA –Path “OU=Hosted,DC=mycloud,DC=local”

# 2. register the new UPN Suffix

Set-ADForest -Identity hosted.exchange -UPNSuffixes @{add=”tenanta.com”}

This is what need’s to be done in Active Directory. Now let’s continue using the Exchange Management Shell (EMS). We can “load” the EMS directly from this shell (assuming that you’re working with the Domain Administrator now)

# 3. connect to EMS

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://mycloudex01/PowerShell/ -Authentication Kerberos

Import-PSSession $Session

make sure you adjust the path according to your setup. PowerShell is now loading the Exchange cmd-lets

# 4. Add a new accepted Domain for the new Tenant

New-AcceptedDomain -Name “TenantA” -DomainName tenanta.com -DomainType:Authoritative

# 5. Create Global Address List for Tenant A

New-GlobalAddressList -Name “TenantA – GAL” -ConditionalCustomAttribute1 “TenantA” -IncludedRecipients MailboxUsers -RecipientContainer “hosted.exchange/Tenants/TenantA”

# 6. Create All Rooms Address List (Make sure to check the signs, i.e, paste to command to notepad and manually change to

New-AddressList -Name “TenantA – All Rooms” -RecipientFilter “(CustomAttribute1 -eq ‘TenantA’) -and (RecipientDisplayType -eq ‘ConferenceRoomMailbox’)” -RecipientContainer “hosted.exchange/Tenants/TenantA”

# 7. Create All Users Address List

New-AddressList -Name “TenantA – All Users” -RecipientFilter “(CustomAttribute1 -eq ‘TenantA’) -and (ObjectClass -eq ‘User’)” -RecipientContainer “hosted.exchange/Tenants/TenantA”

# 8. Create All Contacts Address List

New-AddressList -Name “TenantA – All Contacts” -RecipientFilter “(CustomAttribute1 -eq ‘TenantA’) -and (ObjectClass -eq ‘Contact’)” -RecipientContainer “hosted.exchange/Tenants/TenantA”

# 9. Create All Groups Address List

New-AddressList -Name “TenantA – All Groups” -RecipientFilter “(CustomAttribute1 -eq ‘TenantA’) -and (ObjectClass -eq ‘Group’)” -RecipientContainer “hosted.exchange/Tenants/TenantA”

# 10. Create Offline Address Book

New-OfflineAddressBook -Name “TenantA” -AddressLists “TenantA – GAL”

# 11. Create Email Address Policy

New-EmailAddressPolicy -Name “TenantA – EAP” -RecipientContainer “hosted.exchange/Tenants/TenantA” -IncludedRecipients “AllRecipients” -ConditionalCustomAttribute1 “TenantA” -EnabledEmailAddressTemplates “SMTP:%m@tenanta.com”,”smtp:%g.%s@tenanta.com”

You may want to play around with the parameter: -EnabledPrimarySMTPAddressTemplate “SMTP:%g.%s@tenanta.com” that will set Firstname.Lastname@domain.tld for the default Email Address Policy (EAP)

# 12. Create Address Book Policy

New-AddressBookPolicy -Name “TenantA” -AddressLists “TenantA – All Users”, “TenantA – All Contacts”, “TenantA – All Groups” -GlobalAddressList “TenantA – GAL” -OfflineAddressBook “TenantA” -RoomList “TenantA – All Rooms”

# 13. Create a Room Mailbox (optional)

New-Mailbox -Name ‘Tenant A Conference Room 1′ -Alias ‘TenantA_ConfRoom1′ -OrganizationalUnit ‘hosted.exchange/Tenants/TenantA’ -UserPrincipalName ‘confroom1@tenanta.com’ -SamAccountName ‘TenantA_ConfRoom1′ -FirstName ‘Conference’ -Initials ” -LastName ‘Room 1′ -AddressBookPolicy ‘TenantA’ -Room

Set-Mailbox TenantA_ConfRoom1 -CustomAttribute1 ‘TenantA’

It is important that Tenant-wide Objects do have the CustomAttribute1 Set to the according Tenant.

Now that we have all the address books and policies configured we can start with the first user mailbox. The new user will have the same password as the account you enter after the first command. You can adjust the New-Mailbox command to your needs.

$c = Get-Credential

New-Mailbox -Name ‘Tenant User 1′ -Alias ‘TenantA_user1′ -OrganizationalUnit ‘hosted.exchange/Tenants/Tenant A’ -UserPrincipalName ‘User1@tenanta.com’ -SamAccountName ‘tenanta_user1′ -FirstName ‘Tenant’ -Initials ’1′ -LastName ‘User’ -Password $c.password -ResetPasswordOnNextLogon $false -AddressBookPolicy ‘TenantA

Set-Mailbox user1@tenanta.com -CustomAttribute1 “TenantA”

After you’re done, you want to close the Session to the EMS

Remove-PSSession $Session

 

 

You can now log on to owa with the user you just created and check the configuration. You will find all the Tenant related Address Lists. You can create another user for this Tenant and find him in your address book. They can share calendars and book conference rooms. You can repeat the steps above to create another Tenant, with its own accepted domainname, address lists and policies.

Posted by at No comments:
Labels:

Microsoft DPM 2010 MMC crashed when client join to protection group

Microsoft DPM 2010 MMC crashed when client join to protection group

 

Problem Details:

 

 


<FatalServiceError><__System><ID>19</ID><Seq>0</Seq><TimeCreated>22.12.2010 08:35:36</TimeCreated><Source>DpmThreadPool.cs</Source><Line>163</Line><HasError>True</HasError></__System><ExceptionType>DlsException</ExceptionType><ExceptionMessage>Eine Ausnahme vom Typ "Microsoft.Internal.EnterpriseStorage.Dls.Utils.DlsException" wurde ausgelöst.</ExceptionMessage><ExceptionDetails>Microsoft.Internal.EnterpriseStorage.Dls.Utils.DlsException: Eine Ausnahme vom Typ "Microsoft.Internal.EnterpriseStorage.Dls.Utils.DlsException" wurde ausgelöst.
   bei Microsoft.Internal.EnterpriseStorage.Dls.UI.UICommon.CmdLetWrapper.HandleError(Pipeline pipeline)
   bei Microsoft.Internal.EnterpriseStorage.Dls.UI.UICommon.CmdLetWrapper.Invoke()
   bei Microsoft.Internal.EnterpriseStorage.Dls.UI.Dpw.ProtectionGroupProgressPage.FinishWizard()
   bei Microsoft.Internal.EnterpriseStorage.Dls.UI.Dpw.ProtectionGroupProgressPage.OnEnteredPage(EventArgs e)
   bei Microsoft.Internal.EnterpriseStorage.UI.WizardFramework.WizardForm.InternalNavigateToPage(WizardPage targetPage, NavigateEventArgs e)
   bei Microsoft.Internal.EnterpriseStorage.UI.WizardFramework.WizardForm.NextPage()
   bei System.Windows.Forms.Control.OnClick(EventArgs e)
   bei System.Windows.Forms.Button.WndProc(Message&amp; m)
   bei System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message&amp; m)
   bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
*** Mojito error was: InsufficientSpaceOnReplica; 0; None</ExceptionDetails></FatalServiceError>

 

 

 

 

 

 

Resolution

This is a known bug in DPM 2010 and a fix is in progress, however, in the meantime you can use the following power shell script to add the client to the secondary DPM servers protection group.

***************** Start Script here ***************
# Change variables as per need
$PGName = "Protection Group 1"
$primaryDPMName = "PrimaryDPM.corp.contoso.com"
$clientName = "laptop123.corp.contoso.com"

$dpmservername = &"hostname"
$dpmservername = $dpmservername.Substring(0, [Math]::Min(15, $dpmservername.Length))

# Get the modifiable PG object
$pg = Get-ProtectionGroup -DPMServerName $dpmservername | where { $_.FriendlyName -eq $PGName }
$mpg = Get-ModifiableProtectionGroup -ProtectionGroup $pg

# Run datasource inquiry on Primary DPM
$ps = Get-ProductionServer -DPMServerName $dpmservername | where {$_.Name -eq $primaryDPMName }
$clientToAdd = Get-Datasource -ProductionServer $ps -Inquire | where { ($_.Type.Id -eq "7b2e4c3d-876f-4535-b5c9-b344d4f05120") -and ($_.LogicalPath -like ($clientName + "\*")) }

if ($clientToAdd)
{
    # Add client to PG
    Add-ChildDatasource -ProtectionGroup $mpg -ChildDatasource $clientToAdd

    # Set disk allocation
    Set-DatasourceDiskAllocation -ProtectionGroup $mpg -ExpectedDataSizePerClientInMB ($mpg.ClientPGDetailsField.ExpectedDataSizePerClient/(1024*1024))

    # Set the IR method for newly added client. (Uncomment to start immediate IR)
    #Set-ReplicaCreationMethod -ProtectionGroup $mpg -Now

    # Commit the changes
    Set-ProtectionGroup -ProtectionGroup $mpg
}

***************  End script here *****

Posted by at No comments:
Subscribe to: Posts (Atom)