Archive for the ‘ADSI Edit's’ Category

Email Size Limits in Exchange 2007

August 4, 2009 Leave a comment

There are four places where Message size is set in Exchange – in 2003, these were all in the gui, in 2007 three are powershell (although MS supposedly are adding it back in) and one has no admin tool at all – you get to use ADSI Edit to set it in the "raw" Active Directory. You must however set the parameters in all four places to the same value – the *lowest* of all four is used, as each is applied to the message in turn to decide if it should be rejected.

So, from the top:

Global setting:


The system wide default is held in Active Directory and is set to 10MB by default (this is 10240 K, the setting is just a number but is in K)

Using ADSI Edit, navigate to:

CN=Configuration, CN=Services, CN=Microsoft Exchange,CN=Domain Name,CN=Global Settings,CN=Message Delivery.

Hit the properties on the Message Delivery object and the attributes you want are:

msExchRecipLimit (default 5000)

submissionContLength (default 10240)

delivContLength (default 10240)

However in SP1 these are not set, and you must use PowerShell to set them;


Transport Setting


Site Default is set in powershell; use Get-TransportConfig to get current settings, then:

Set-TransportConfig -MaxRecipientEnvelopeLimit <nn> -MaxReceiveSize <nn>MB -MaxSendSize <nn>MB

current setting:

Set-TransportConfig -MaxRecipientEnvelopeLimit 5000 -MaxReceiveSize 20MB -MaxSendSize 20MB

Receive and Send Connectors


Again, we use Powershell. First to list the connectors, you can use the two following commands:



you can get detailed information (including the current settings) by using the Format-List pipe:

Get-ReceiveConnector | Format-List

Get-SendConnector | Format-List

Now, for EACH connector you need to modify, use the following:

Set-ReceiveConnector "<connector name>" -MaxMessageSize <nn>MB


Set-SendConnector "<connector name>" -MaxMessageSize <nn>MB


get-recieveconnector | set-recieveconnector –MaxMessageSize <nn>MB


Exchange 2007 DDL’s and EMC

September 23, 2008 Leave a comment


If you read through my blog, you will find I have had great fun creating DDL’s via PowerShell before.

Well, the fun continues.

If you create a DDL via the PowerShell, it automatically sets the RecipientFilter to DOMAIN/USERS. However, when you preview it in EMC it finds all users across your entire domain;


Whether this is a “bug” or Exchange EMC not being “clear” about what its previewing I don’t know.

However, its simple enough to fix.

If you don’t mind doing so, you can re-create the DDL via PS, appending the

-RecipientContainer [OU]

to the command. [OU] can be any valid OU (even the full domain).

If you don’t want to recreate, dig out ADSI edit and find the msExchDynamicDLBaseDN string as required.

Refresh your DD’s, and check the “Filter” tab again. It should now display the correct container, and the correct users will get email 🙂

Categories: ADSI Edit's, Exchange 2007

2003 SBS, New Users, and Recovery Storage Groups.

September 17, 2008 Leave a comment

Come across a semi-interesting “bug” / “feature” this morning in Server 2003 SBS. Old product, I know, but meh who cares.

If you create a new user with the SBS Wizard, whilst you have a Recovery Storage Group configured (even if it is offline), it will default to creating (or attempting to as you will see) the users Exchange box on that SG.

As you try to login as the new user, you will obviously get “unable to access mail folder”, as the SG is (or should) be offline. Viewing the User properties will also show that they are in fact stored in the RSG rather than your First Storage Group.

Fix is easy enough, and comes in two flavours. Hardcore or Wussy.

Wussy Fix

Remove the user you just created. Remove the RSG. Re-create the user. Check s/he is on the FSG. Voila.

Hardcore Fix

Open up ADSI Edit.
Locate the user object, then locate the homeMDB string. Edit, and replace;

Recovery Storage Group


First Storage Group

Save, exit, and re-login as user. (Then go delete your RSG).

Personally I prefer the latter, as I always like to ADSI M$’s “features”

Later all.

Why oh Why?

September 16, 2008 Leave a comment

Well it seems like any OPATH-based filter in Exchange 2007 has the same issues as my previously posted DDL.

Tried creating a new Addresslist policy today using a OPATH filter –> Guess what, it converted it to LDAP format again.

Quick ADSI edit later and I was good to go 🙂

Come on MS!!

Categories: ADSI Edit's, Exchange 2007

Exchange 2007, DDL’s and OPATH Filters

September 15, 2008 Leave a comment

Well well well.

MS Have done another Grand job implementing Dynamic Distribution Lists. I mean OK, I can cope with having to use the PS to create “fancy” one’s. I mean that’s what the PS is for, doing more “hardcore” admin. But for Jeebus sake, make it work.

My task? Customer wants to create a DDL for each Storage Group (and/or Database) he has, so he can send email out to the list when he has any Database Maintenance to do. Simple enough surely?

get-mailboxdatabase -StorageGroup “First Storage Group” | %{ New-DynamicDistributionGroup “DDG-$($_.Name)” -RecipientFilter “Database -eq ‘$($_.Identity.DistinguishedName)'” }

Fabulous. Creates a DDL from the Database in the Storage Group, and adds all users to it.


Preview it in EMC.

Cannot convert value “EXCHTEST\First Storage Group\Mailbox Database” to type “Microsoft.Exchange.Data.Directory.ADObjectId”. Error: “The string “EXCHTEST\First Storage Group\Mailbox Database” does not represent a valid distinguished name.”

But wait, I told Exchange to use the “Identity.DistinguishedName”. Why is it now talking “shortened” language to me?

Looks like Exchange translates this, as its not able to store the OPATH filter directly. Well we can fix that.

Dig out ADSI edit. Locate your DDL you just created (Users typically). Modify it. Find the “msExchQueryFilter” attribute.

(Database -eq ‘EXCHTEST\First Storage Group\Mailbox Database’ -and -not(Name -like ‘SystemMailbox{*’) -and -not(Name -like ‘CAS_{*’))

Thats not right.

Fire up a powershell, get-mailboxdatabase | fl.

Copy (and clean up with notepad or something similar) the Distinguished name, it should look something like this;

CN=Mailbox Database,CN=First Storage Group,CN=InformationStore,CN=EXCHTEST,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exchangetest,DC=local

Now copy it, flip back into ADSI edit, and change mcExchQueryFilter like so;

(Database -eq ‘CN=Mailbox Database,CN=First Storage Group,CN=InformationStore,CN=EXCHTEST,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exchangetest,DC=local‘ -and -not(Name -like ‘SystemMailbox{*’) -and -not(Name -like ‘CAS_{*’))

Preview it (again) and voila! 🙂

Categories: ADSI Edit's, Exchange 2007