How Anonymous Relay works in Exchange 2013

How Anonymous Relay works in Exchange 2013

• http://www.shudnow.net/2013/06/04/how-anonymous-relay-works-in-exchange-2013/

Summary of commands:

$server = "LAB-EX2013"
$ReceiveConnector = "MyRelay"

New-ReceiveConnector -Name $ReceiveConnector -Usage 'Custom' -Bindings '0.0.0.0:25' -RemoteIPRanges '10.10.10.7' -Server $server -TransportRole FrontendTransport

Get-ReceiveConnector $ReceiveConnector | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

Get-RecieveConnector $ReceiveConnector | select Tarp*,Conn*,Max*

Get-ReceiveConnector -Identity $ReceiveConnector | Set-ReceiveConnector -TarpitInterval 00:00:00 -ConnectionTimeout 00:30:00 -ConnectionInactivityTimeout 00:20:00 -MaxAcknowledgementDelay 00:00:00 -MaxInboundConnection 10000 -MaxInboundConnectionPercentagePerSource 100 -MaxInboundConnectionPerSource unlimited

Also see:

• Incorrectly Adding New Receive Connector Breaks Exchange 2013 Transport
  https://exchangemaster.wordpress.com/2014/01/24/incorrectly-adding-new-receive-connector-breaks-exchange-2013-transport/
• How to Add Remote IP Addresses to Existing Receive Connectors
  http://exchangeserverpro.com/how-to-add-remote-ip-addresses-to-existing-receive-connectors/
  
• 
  

Installing Exchange 2013 CU's in a MultiSite,MultiServer environment

Installing Exchange 2013 CU's in a MultiSite,MultiServer environment.

I recently attempted to install Exchange 2013 CU7 in an environment with 4 Exchange servers spread across 2 Sites.  The servers were at Exchange 2013 SP1 (CU5?).

It did not start out well until I found this set of instructions from Paul Cunningham.
http://exchangeserverpro.com/exchange-2013-installing-cumulative-updates/

In summary, perform the following:

1. Choose a server in the site that contains the AD FSMO Roles.
   (This may only apply to Exch2013 SP1, since there is a bug that CU7 fixes, in which you cannot launch ECP on a server that is in a remote site to the user's Mailbox.  I suspect this also applies to the FSMO role of PDC.
   The install initially failed the pre-requisite check with a bunch of nonsensical errors saying that the user ID was not a member of the required groups, etc.)
   
2. Perform the following to prepare the Exchange Server for upgrade:
   $server = "ThisServer"
   Set-ServerComponentState $server -Component Hubtransport -state draining -Requester maintenance
   Set-ServerComponentState $server -Component ServerWideOffLine -state inactive -Requester maintenance
   Suspend-ClusterNode -name $server
   Set-MailboxServer $server -DatabaseCopyActivationDisabledAndMoveNow $true
   Get-MailboxServer $server | select databasec*
   Set-MailboxServer $server -DatabaseCopyAutoActivationPolicy blocked
   Set-ServerComponentState $server -Component ServerWideOffLine -state inactive -Requester maintenance
   
3. Install the Cumulative update
   
4. Perform the following to return the Exchange Server to service:
   Set-ServerComponentState $server -Component ServerWideOffLine -state active -Requester maintenance
   Resume-ClusterNode -name $server
   Set-MailboxServer $server -DatabaseCopyAutoActivationPolicy unrestricted
   Set-MailboxServer $server -DatabaseCopyActivationDisabledAndMoveNow $false
   Set-ServerComponentState $server -Component Hubtransport -state active -Requester maintenance