How to Import PST into Public Folder Exchange 2013


Learn How to Import PST into Public Folder Exchange 2013

Simon | July 9th, 2016 | Forensics
A very common necessity for Exchange server users i.e. they want to import their Outlook PST into public folder of Exchange 2013 for accomplishing their task. Generally, IT admins want to perform such activity. Therefore, the blog illustrates users with technique to perform such importing tasks.

The procedure comprises of three main tasks and they are listed below:

  1. Generating a sharing folder for performing import task
  2. Enabling permission to perform import operation
  3. Import PST into public folder of Exchange 2013

Generating a Shared Folder

In Exchange 2013, we require a new folder, which supports Import process and can be used in multiple other processes. Such folders are known as Shared Folder, generally named as EXUtil$. Since Exchange 2013 has reduced the usage of console environment and has adopted web interface, therefore, we require such file that can be created anywhere over the network.
Create such folder for performing import procedure and for getting better performance add Exchange Trusted Subsystem at Share and Security level permissions of the EXUtil$ file.

Enabling Import Permissions

Exchange users must have permission enabled in their account for importing the PST files. Hence, before proceeding further go through the following steps to enable the import permission, which is by default disabled in Exchange 2013:
  1. Login into your Exchange 2013 admin account
  2. Click on the permissions option, from the menu appearing at left-hand side of screen import pst into public folder
  3. Click on Recipient Management and on the left window pane check the Assigned Roles list. From this list search for Mailbox Import Export option. If you find the option, then stop the procedure here and start importing procedure. Else, continue with Step (d) import pst into public folder
  4. Click on pencil icon from the middle pane of the window (as shown in screenshot) import pst into public folder
  5. Now a Role Group window for adding new roles will appear in front of you. From this window, click on + button to continue
    import pst into public folder
  6. From Select a Role window, select Mailbox Import/Export option and then click on add >> OK import pst into public folder
  7. Now again go to permissions option >> Recipient Management and you will find Mailbox Import Export option from Assigned Roles section import pst into public folder
  8. Now open PowerShell of Exchange 2013 on your machine and execute the following command:
    New-ManagementRoleAssignment -Role “Mailbox Import Export” -User (user_name)
    NOTE: Fill the bracket with relevant user name. import pst into public folder
  9. Now log-out from your Exchange account and then again log-in into it.

Steps to Import PST into Public Folder Exchange 2013

  1. Click on … icon and then select Import PST option from the dropped down list import pst into public folder
  2. From the import wizard, mention the location of PST file that was saved in shared folder and then click on Next button.
  3. Select the destination mailbox, where you want to archive the imported data and then click on Next.
  4. If you want that no email should be generated after completion of importing procedure, then click on Finishbutton; else go to step 5.
  5. Tick mark on the Send email option and select the mailboxes where you want to send the process completion mail. Now at the end, click on Finish button to import PST into public folder Exchange 2013.


In this blog, we covered complete steps for importing PST files into Public folder by making use of Exchange server 2013. One should have the knowledge to use Exchange Admin Center (EAC), which is the web interface of Exchange 2013 to import PST into public folder of Exchange 2013.

How to find NT Service\MSSQLSERVER and NT Service\SQLSERVERAGENT accounts?


You have installed SQL Server and it is up and running without any issue. Later, you need to change some permission given to either SQL Server engine or agent. You look for accounts, searched in local users, searched in local groups but you cannot find them.
Are you experiencing above issues? If yes, first understand the what are these accounts. These are called Virtual Accounts that are created during the installation of SQL Server. These accounts are managed by the Operating System itself, hence they are not visible when you browse Local Users and Groups window. Similarly, there is another type of accounts called Managed Service Accounts that are created at domain level and assigned to SQL Server services.
Now, for some reason, if you changed the service account of your SQL Server service to another account, and later you want to use the same Virtual Account, this is what you have to do.
1. Get the properties of the services.
2. Easiest way is, just type the account and leave the password blank. If the instance is default, type it as NT Service\MSSQLSERVER or if it is a named instance, type NT Service\MSSQL$.
3. Click on to get the service restarted. It will work as you expected.
4. Or, if you want to search the account, click on Browse to open Select User or Group window. Type nt service\ms in Enter the object name to select input box and click on Check Names. If you are setting the Agent Service, look for nt service\sql word.
5. You get Multiple Names Found window opened. Select the account from the list and continue. Do not enter a password, click on OK and get the service restarted.
Just like this, if you need to add these accounts to some other groups for granting more permissions, example, adding Agent Service Account to Administrators Group (not recommended), follow the same steps.

Setting up signature or disclaimer for all users in Office 365 Exchange online


In order to setup a signature for all office 365 Exchange Online users without manually going after each client and set it up, you can do so by using mail flow rules to append the signature along within each and every out going email.
To do so, you will have to go to Office 365 Exchange admin portal, then navigate to Mail flow –> choose Rules and click on the + sign

Click on “Apply disclaimers…”

When the new rules opens up, you will have to give it a name and apply condition for the rule. an empty form looks like this one


but here’s what mine looks like,
I choose the sender address includes “Specific domain” then in the append the disclaimer part, I have entered an HTML code which includes all user details

after applying the disclaimer I choose to wrap it up. and then in the exception part I added a rule that excludes adding the disclaimer and signature to any reply message by reading the “RE” word in the subject field.

Now the disclaimer code is as following and you may want to configure it or customize it according to your needs.


<div style=”font-size:9pt; font-family: ‘Calibri’,sans-serif;”>
<div><img alt=”Logo” src=”“><p><p><p>Tel: %%PhoneNumber%%</br>
Gsm: %%MobileNumber%%</br>
Fax: %%FaxNumber%%</br>
<span style=”font-size:12pt; font-family: ‘Cambria’,’times new roman’,’garamond’,serif; color:#100101;”>Disclaimer</span></br>
<p style=”font-size:8pt; line-height:10pt; font-family: ‘Cambria’,’times roman’,serif;”> ________________________________________
<span style=”padding-top:10px; font-weight:bold; color:#CC0000; font-size:10pt; font-family: ‘Calibri’,Arial,sans-serif; “><a href=””></a></span></br></div>

<span style=”font-size:10pt; font-family: ‘Cambria’,’times new roman’,’garamond’,serif; color:#928E8E;”>This e-mail and any information included within any attached document are private and confidential and intended solely for the addressee. Company name does not accept any legal responsibility for the contents of this message and any attached documents. If you are not the intended addressee, it is forbidden to disclose, use, copy, or forward any information within the message or engage in any activity regarding the contents of this message. In such case please notify the sender and delete the message from your system immediately. Company name also denounces any legal responsibility for any amendments made on the electronic message and the outcome of these amendments, as well as any error and/or defect, virus content and any damage that may be given to your system.</span>
<span style=”padding-top:10px; font-weight:bold; color:#CC0000; font-size:10pt; font-family: ‘Calibri’,Arial,sans-serif; “><a href=>Company Name </a></span></br></br>

I have highlighted the customizable part of the code in Yellow and red so you can change it or configure it according to how you want it to fit for you.
The Display name, Department, Email ….etc are all variables for users attributes and they are being pulled from the Microsoft Azure AD, so if your users don’t have any information filled in there then users will likely won’t show anything

Note for the red highlighted link you will have to import only “HTTP” link for the uploaded logo of your company. HTTPS won’t be acceptable or read.

If you’re an HTML noob , you can use the following links for testing and changing colors..etc
For color changing

Using the website, you can copy the code on the left pane and click on see results and it’ll show you the result on the right pane


Once you’re done with the code, you will have to copy and paste the link in the disclaimer part on the right pane. next click Save and probably this will take about 10 minutes to be applied or less.


To test if this is going to work, I will go on one of the users that I applied the rule for and fill out their details like display name, e-mail, street ..etc and try to send out an email with this user.


Mail is empty as you can see


Configure External and Internal URL in Exchange 2016


Posted on  by  in  with 10 Comments

After installing and configuring Exchange 2016, setting up URLs is another important step. Exchange 2016 use IIS web virtual directories to provide various Exchange services. These virtual directories have different URLs and can be same or different for internal and external users depending upon installation scenario. In this post, I will show steps to configure external and internal URL in Exchange 2016.

Configure External and Internal URL in Exchange 2016

Before you start URL configuration, you need to plan what domain names you will use to access Exchange services from inside the network and from the Internet. The diagram below shows very simple Exchange deployment. We have split-DNS where internal users hit internal DNS server and external (Internet) users hit external DNS (example GoDaddy DNS) servers. Here, internal domain is (root domain of AD forest). So, for internal users the domain name to access outlook on the web can be and we can use same domain name for Internet users as well. Add CNAME record for domain name in both internal and external DNS server. Similarly, add MX record for domain in external DNS server using control panel of hosting provider (example GoDaddy). You can perform NAT (Network Address Translation) on the router to translate required public IP and ports to MBG-EX01 host.

Configure External and Internal URL in Exchange 2016

Important virtual directories are, OWAactivesyncautodiscover, ECP and outlook anywhere. You can view all the virtual directories in Internet Information Services (IIS) as shown below.

virtual directories

Exchange 2016 consists of two roles, Mailbox and Edge Transport role. Mailbox role has three service, client access servicetransport serviceand mailbox service. Client access service is also called front end and transport and mailbox service is called back end. As you can see above, there are two websites, Default Web Site and Exchange Back End. Default Web Site corresponds to client access service (Front End) and Exchange Back End corresponds to mailbox service (Back End).

So, here I will configure single domain to access various Exchange services. For example, to access outlook on the web from internal and external network. Similarly, to access Exchange Admin Center from internal and external network. We will use same domain name for other Exchange services as well, like EWS, ActiveSync, etc.

Logon to Exchange Admin Center(EAC). Click servers in the features pane. Select virtual directories tab. Here you can configure URL of various virtual directories.

edit virtual directories

Step 1: Outlook Web Access

Outlook web access virtual directory is used to access outlook on the web service of Exchange 2016. To configure URL of OWA double-click owa (Default Web Site).


In the general page, type for both Internal and External URL as shown above. Click save. Users will now have to type in their browsers to access outlook on the web.

Step 2: Exchange Control Panel

Exchange Control Panel virtual directory is used to access Exchange Admin Center to manage Exchange server. Double-click ecp(Default Web Site).


Configure internal and external URL. Administrators now need to type to access Exchange Admin Center.

Step 3: ActiveSync

ActiveSync is used by mobile phones to send and receive emails, calendar info, etc. Double-click Microsoft-Server-ActiveSync(Default Web Site).

active sync

Type for both internal and external URL. Click save.

Step 4: Offline Address Book (OAB)

OAB virtual directory is used by outlook clients in cache mode to download address lists so that they can browse address lists even when they are not connected to Exchange server. Double-click OAB (Default Web Site).

OAB directory

Configure external and internal URLs. Type for both URLs. Click save.

Step 5: Exchange Web Services (EWS)

EWS virtual directory provides many services like service availability, calendar sharing, automatic reply, mail tips etc. Double-click EWS (Default Web Site).


Type for both external and internal URL. Click save.

Step 6: Outlook Anywhere

Exchange 2016 uses MAPI over HTTP protocol by default. Outlook Anywhere (RPC over HTTP) is now fallback method and is used if clients doesn’t support MAPI over HTTP. Outlook anywhere is used by office outlook to connect to Exchange server directly from Internet. Click servers tab. Double-click server from the list. Click Outlook Anywhere from the page.

outlook anywhere directory

Type for both internal and external. Click save.

Step 7: MAPI over HTTP

MAPI over HTTP was introduced in Exchange 2013 SP1. It is now default protocol and enabled by default in Exchange 2016. You can configure URL for MAPI over HTTP using Exchange Management Shell (EMS) only. Open EMS and type following cmdlet to set external and internal URL for MAPI virtual directory.

[PS] C:\> Set-MapiVirtualDirectory -Identity "MBG-EX01\mapi (Default Web Site)" -InternalUrl -ExternalUrl -IISAuthenticationMethods Negotiate

To verify MAPI URLs type following cmdlet in EMS as shown below,

[PS] C:\>Get-MapiVirtualDirectory -Identity "MBG-EX01\mapi (Default Web Site)" | fl server, internalurl, externalurl

verify map directory

To verify if MAPI is actually enabled. Type, Get-OrganizationConfig | fl *mapi*

mapi enabled

Step 8: Auto Discover

Auto Discover virtual directory lets Outlook application to discover mailbox settings automatically so that users don’t have to deal with manual configuration of advanced settings of Outlook. Auto Discover feature automatically discovers mailbox settings and setup Outlook. This feature also works for mobile phones. In Exchange 2016, you can configure SCP for AutoDiscover virtual directory from Exchange Management Shell (EMS). The command below will update SCP (Service Connection Point) object. SCP is active directory object and is used by internal domain-joined clients to retrieve autodiscover URL.

[PS] C:\Windows\system32>Set-ClientAccessService -Identity MBG-EX01 -AutoDiscoverServiceInternalUri

To verify the URL type following command in Exchange Management Shell.

[PS] C:\Windows\system32>Get-ClientAccessService | fl AutoDiscoverServiceInternalUri

AutoDiscoverServiceInternalUri :

For external clients you don’t have to configure autodiscover URL as they will try different autodiscover URLs based on combination of user’s email address. In this way you can configure URL for various virtual directories. You can now configure digital certificate and setup HTTP to HTTPS redirection.

PID 4 Using Port 80 – IIS Unable To Bind


IIS su Windows Server 2016, porta 80 impegnata da PID 4 System!!!

eseguendo un: netstat -o -n -a |findstr 0.0:80


TCP                 LISTENING       4

La soluzione è:

fermare è disabilitare il servizio “Windows Sync share” in italiano “Condivisione di sincronizzazione Windows”

Su Windows Server 2012 R2  Essentials ho risolto con:

netsh http add iplisten ipaddress=:: vedi anche:

How To Activate Windows 10 / Server 2016 Through Command Line

If you are having problems activating Windows 10, Server 2016, Windows 8, or Server 2012 one of these three solutions below should get you through:

This is handy if the GUI won’t start and you want to skip some steps to get it to work.

  1. click START (gets you to the tiles)4-no-change-product-key-link-missing-dns-error-0x8007232b-dns-error-activate
  2. type RUN
  3. type slui 3 and press ENTER
    1. yes, SLUI: which stands for SOFTWARE LICENSING USER INTERFACE
      1. SLUI 1 brings up the activation status window
      2. SLUI 2 brings up the activation window
      3. SLUI 3 brings up the CHANGE PRODUCT KEY window
      4. SLUI 4 brings up the CALL MICROSOFT & MANUALLY ACTIVATE window
  4. Type in your product key
  5. Have a nice day.

  1. Launch a CMD as an Administratorcommand-line-to-activate-windows-slmgr-slui
  2. Type: slmgr.vbs /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
  3. Press Enter

If your key is valid and you are connected to the internet, it should activate within a second or two.

In Canada and the US, call the support line directly at 1 800-936-4900, otherwise, use this table of Microsoft Activation Phone Numbers to do the deed.

You also might find some of our previous posts on activation problems to be helpful:

Non è stato possibile recapitare il messaggio in una cartella pubblica perché il recapito a questo indirizzo è limitato ai mittenti autenticati

The message could not be delivered to a public folder because the delivery to this address is limited to authenticated senders

In Exchange 2013 e Exchange 2016 occorre abilitare i permessi per gli utenti anonimi nelle Public Folder

controllare gli attuale permessi con:

Get-PublicFolder “\” -Recurse | Get-PublicFolderClientPermission | Out-File -FilePath “c:\Temp\PFPerms.txt”

Assegnare i permessi all’utente anonimo:

Get-PublicFolder “\” –Recurse | Add-PublicFolderClientPermission -User Anonymous -AccessRights “CreateItems”


vedi anche:




With Microsoft Exchange Server 2016 CU4, OWA in Exchange 2016 could not be opened with Mozilla Firefox or Google Chrome browser, but it will work with IE and Microsoft Edge. Using Firefox or Chrome browser the error *NS_ERROR_NET_INADEQUATE_SECURITY’ will be displayed in the browser. The reason for this for this error is the integration of the HTTP/2-Standard in the Windows Server IIS components by Microsoft.

To fix the problem download the tool ‘IISCrypto” on your Exchange Server 2016 CU4. Both Exchange installations, on Windows Server 2012 R2 and Windows Server 2016, could be fixed with that tool by NARTAC SOFTWARE.
Download IISCrypto

Afterwards run the downloaded ‘IISCrypto.exe*’ file on your Exchage Server 2016. Maximize the appliacation window and choose thr button “Best Practices”. To start the changes press “Apply”.


The programm will give you the hint to reboot the Exchage Server.


After the reboot of the related Exchange Server, Outlook on the web (OWA) will be reachable by any supported browser vendor.

Le mail rimangono bloccate nella cartella bozze in Exchange 2010/2013


Potrebbe capitare nell’uso di Exchange 2010/2013 che i messaggi di posta elettronica rimangano bloccati nella cartella bozze della cassetta postale mentre in osta inviata non ve n’è traccia.

Quando l’utente manda il comando di invio della mail lo “store driver” la processa e la gira al servizio di trasporto ma se questo processo non avviene (il servizio non è disponibile oppure non è in grado di processare la posta in uscita) la mail rimane nelle bozze.


L’inconveniente potrebbe essere dato da una non corretta configurazione nei DNS quindi basta collegarsi alla Exchange Admin Center, selezionare “server” sulla sinistra e modificare il server in oggetto. Nella voce “Ricerche DNS” selezionare “impostazioni personalizzate” e compilate sia la sezione “ricerche nel dns esterno” sia “ricerche nel dns interno”. Riavviate il servizio di trasporto di exchange e vedrete la posta inviata senza problemi.

Windows Server 2016 Download Maps Manager Delayed Start


Windows Server 2016 Download Maps Manager Delayed Start Red in Server Manager Dashboard

Its kind of annoying to find that after a fresh install of Windows 2016 Server you have a service that fails to behave correctly.

Download Maps Manager Delayed Start

When you click on the service, you will see something like this.

Screenshot 2017 08 02 22 40 27

Even if you attempt to force a start, it does not resolve this issue.

The good news is that this service is really not something you want anyway if you have a windows server doing actual server functions.

The Fix

The simple fix is to disable this service. The easy way to do this is to:

Open Windows Powershell

Windows 2016 Server Power Shell

Windows Powershell

Type this command:

Get-Service -Name MapsBroker | Set-Service -StartupType Disabled -Confirm:$false


Disable MapsBroker in Powershell

Problem is now fixed, and this annoying service is off and will not bother you again.