Mailbox Permissions in Bulk

Let me start off with a BIG warning. The tool I am about to discuss is a Strategic Nuclear Weapon in the I.T. Buki arsenal. Please use with caution and make sure you understand what’s going to happen BEFORE you press OK.

There is a very powerful tool for managing MS Exchange mailbox permissions. It is called PFDAVAdmin and is free to download from the MS site here.

You can recursively list out the permissions for all folders in the Exchange environment to a text file. You can also use this utility to import changes into Exchange. Make the wrong change here and you can suddenly delete all permissions or block everyones permissions.  Good safety rule here is to do a complete permissions export first and then make a read only copy of that before you start doing ANY editing.  In a nuclear holocaust situation, you could use the backup of the file to reimport the permissions as they were before you started.

This is a mind boggling simple and powerful tool.  I keep it in my digital toolbox and fortunately don’t have to use it very often, but I’m glad it’s there when I need it.

The Humble Ping

Sometimes the very simple tools can really help to identify an issue. The humble ‘ping’ command is one such tool. Let’s take a look at it.

1. Ping your own IP. If this fails, the problem lies in your local system.
2. Ping the default gateway. If this fails, start looking at network connectivity, net masks, cables, switches, hubs, etc.
3. Ping Google or Apple or some other name you know responds. Now we look for a couple of things. Does the name (www.google.com for example) resolve to a real Internet IP like 74.125.113.103? If it doesn’t then you have to start looking at DNS resolution. If it does resolve to a real Internet IP, but you get no ping response, you can look past DNS and start looking at network devices such as switches, hubs, routers, firewalls, etc.
4. One that often gets overlooked when troubleshooting internally, try to ping from both sides. Ping source to target and then try pinging target to source. If one works and the other doesn’t you could have local firewall rule issues, or you could have routing issues where the ping takes a different route back to than it took to get to the destination.

I often find that people miss some of these in their troubleshooting and it has helped me on numerous occasions. Feel free to add comments on your own tips and experiences with Ping.

The Basics

Look in the log files.

One of the first questions I ask people when they call me about problems with their servers is if they have looked at the Windows Application Log (or System Log). There really is an incredible amount of useful information that can be found there.
I understand the reluctance we old admins have about doing this. Once upon a time, the logs would be filled with code references and little information that was directly useful to the server admin trying to troubleshoot an issue. Those days are gone. Today, most programs (especially Microsoft products) provide critical information that can help you resolve issues quickly.