Update 1 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1

Microsoft released some days ago Forefront TMG Update 1:

SafeSearch Enforcement. Forefront TMG can enforce blocking adult text, images and videos from search results by popular search engines. SafeSearch can be enforced on specific groups or to the entire organization.
Including non-primary URL filtering categorizations. Forefront TMG uses an algorithm to select a URL’s “primary” category from among up to four categorizations provided by Microsoft Reputation Services (MRS). In Update 1 you can control access to sites that match any of the non-primary categorizations provided by MRS. For example, a URL with a primary categorization of News can now match a rule by any of its non-primary categorizations (such as Web Mail).
Support for Exchange 2010 SP1
Bug fixes and various other improvements. For details, see http://go.microsoft.com/fwlink/?LinkId=201151.

Download

MDT The task sequence has been suspended.

The error was: The task sequence has been suspended.
LiteTouch has encountered and Environment Error (Boot into WinPE)

I had a strange problem with MDT. When I booted the in WinPE.

Rebooting and again started the WinPE image did nothing same error again.

Solution is very simple.

You have to remove two directory’s C:\_SMSTaskSequence\nul  and C:\MININT

After that you can resume deploying the OS TaskSequence you want.

For sure I cleaned the Disk with Diskpart.

Rollup 1 for Exchange Server 2007 Service Pack 3

Microsoft had released some day’s ago Rollup 1 for Exchange Server 2007 Service Pack 3

In this release two important things are fixed when you have a CCR Cluster
– Log Truncation is failing on a CCR cluster after installing SP3
– Exchange Writer should return TRUE for retry able errors

The whole list with fixes can you find HERE

Download Rollup 1 for Exchange Server 2007 Service Pack 3 HERE

Storage Calculators for System Center Data Protection Manager 2010

Microsoft has released some new sizing calculators for DPM 2010.

DPM_2010_Storage_Calculator_for_Exchange_2010.xlsx

DPM_2010_Storage_Calculator_for_Hyper-V.xlsx

DPM_2010_Storage_Calculator_for_SharePoint.xlsx

Passed the 70-663 Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Exam

Last Friday I passed the 70-663 Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Exam with 981 points.

So I am very pleased with it. Last month’s I’m working a lot with Exchange 2010. I love the product. Last Friday evening I updated a customer DAG cluster to SP1. Next moth starting moving the 2000 mailboxes from Exchange 2007 tot Exchange 2010.
image_thumb

Exchange 2010 SP1 Prerequisites

Some day’s ago Microsoft Releases Exchange 2010 SP1. When you install Exchange 2010 SP1 you need to install some hotfixes. The Exchange Team have made a nice over view witch hotfixes you need for the OS.

Hotfix Download Windows Server 2008 Windows Server 2008 R2 Windows 7 & Windows Vista
979744
A .NET Framework 2.0-based Multi-AppDomain application stops responding when you run the application
MSDN
or Microsoft Connect
Windows6.0-KB979744-x64.msu (CBS: Vista/Win2K8) Windows6.1-KB979744-x64.msu (CBS: Win7/Win2K8 R2) N. A.
983440
An ASP.NET 2.0 hotfix rollup package is available for Windows 7 and for Windows Server 2008 R2
Request from CSS Yes Yes N.A.
977624
AD RMS clients do not authenticate federated identity providers in Windows Server 2008 or in Windows Vista. Without this update, Active Directory Rights Management Services (AD RMS) features may stop working
Request from CSS using the “View and request hotfix downloads” link in the KBA | US-English Select the download for Windows Vista for the x64 platform. N.A. N.A.
979917
Two issues occur when you deploy an ASP.NET 2.0-based application on a server that is running IIS 7.0 or IIS 7.5 in Integrated mode
Request from CSS using the Hotfix Request Web Submission Form or by phone (no charge) Yes N. A. N. A.
973136,
FIX: ArgumentNullException exception error message when a .NET Framework 2.0 SP2-based application tries to process a response with zero-length content to an asynchronous ASP.NET Web service request: “Value cannot be null”.
Microsoft Connect Windows6.0-KB973136-x64.msu N.A. N. A.
977592
RPC over HTTP clients cannot connect to the Windows Server 2008 RPC over HTTP servers that have RPC load balancing enabled.
Request from CSS Select the download for Windows Vista (x64) N.A. N. A.
979099
An update is available to remove the application manifest expiry feature from AD RMS clients.
Download Center N. A. Windows6.1-KB979099-x64.msu N. A.
982867

WCF services that are hosted by computers together with a NLB fail in .NET Framework 3.5 SP1

MSDN N. A. Windows6.1-KB982867-v2-x64.msu (Win7) X86: Windows6.1-KB982867-v2-x86.msu (Win7)
x64: Windows6.1-KB982867-v2-x64.msu (Win7)
977020
FIX: An application that is based on the Microsoft .NET Framework 2.0 Service Pack 2 and that invokes a Web service call asynchronously throws an exception on a computer that is running Windows 7.
Microsoft Connect N. A. N. A. x64: Windows6.1-KB977020-v2-x64.msu

X86: Windows6.1-KB977020-v2-x86.msu

Some of the hotfixes would have been rolled up in a Windows update or service pack. Given that the Exchange team released SP1 earlier than what was planned and announced earlier, it did not align with some of the work with the Windows platform. As a result, some hotfixes are available from MSDN/Connect, and some require that you request them online using the links in the corresponding KBs. All these updates may become available on the Download Center, and also through Windows Update.

These hotfixes have been tested extensively as part of Exchange 2010 SP1 deployments within Microsoft and by our TAP customers. They are fully supported by Microsoft.

The TechNet article Exchange 2010 Prerequisites is updated with the hotfixes and install the prerequisites required for your server version (the hotfixes are linked to in the above table).

You can use the Install the Windows Server 2008 SP2 operating system prerequisites on a Windows 2008 R2 server. Only you have to run the following powershell command: Import-Module ServerManager

Installed Exchange 2010 SP1 on a Windows 2008 R2 Server with problems. I feels that the MMC is faster. Tomorrow upgrading a DAG/NLB cluster to Exchange 2010 SP1.

Microsoft Exchange Server 2010 Service Pack 1 has been released

Microsoft has released Exchange SP1 Open-mouthed smile.

So What’s New in Exchange SP1:

New Deployment Functionality

During an Exchange 2010 SP1 installation, you can now select a new option to install the required Windows roles and features for each selected Exchange 2010 SP1 server role. For more information, see New Deployment Functionality in Exchange 2010 SP1.

Exchange ActiveSync

In Exchange 2010 SP1, you can manage Exchange ActiveSync devices using the Exchange Control Panel (ECP). Administrators can perform the following tasks:

  • Manage the default access level for all mobile phones and devices.
  • Set up e-mail alerts when a mobile phone or device is quarantined.
  • Personalize the message that users receive when their mobile phone or device is either recognized or quarantined.
  • Provide a list of quarantined mobile phones or devices.
  • Create and manage Exchange ActiveSync device access rules.
  • Allow or block a specific mobile phone or device for a specific user.

For every user, the administrator can perform the following tasks from the user’s property pages:

  • List the mobile phones or devices for a specific user.
  • Initiate remote wipes on mobile phones or devices.
  • Remove old mobile phone or device partnerships.
  • Create a rule for all users of a specific mobile phone or device or mobile phone type.
  • Allow or block a specific mobile phone or device for the specific user.

SMS Sync

SMS Sync is a new feature in Exchange ActiveSync that works with Windows Mobile 6.1 with the Outlook Mobile Update and with Windows Mobile 6.5. SMS Sync is the ability to synchronize messages between a mobile phone or device and an Exchange 2010 Inbox. When synchronizing a Windows Mobile phone with an Exchange 2010 mailbox, users can choose to synchronize their text messages in addition to their Inbox, Calendar, Contacts, Tasks, and Notes. When synchronizing text messages, users will be able to send and receive text messages from their Inbox. This feature is dependent on the user’s mobile phones or devices supporting this feature

Reset Virtual Directory

In Exchange 2010 SP1, you can use the new Reset Client Access Virtual Directory wizard to reset one or more Client Access server virtual directories. The new wizard makes it easier to reset a Client Access server virtual directory. One reason that you might want to reset a Client Access server virtual directory is to resolve an issue related to a damaged file on a virtual directory. In addition to resetting virtual directories, the wizard creates a log file that includes the settings for each virtual directory that you choose to reset. For more information, see Reset Client Access Virtual Directories.

Exchange Store and Mailbox Database Functionality

The following is a list of new store and mailbox database functionality in Exchange 2010 SP1:

  • With the New-MailboxRepairRequest cmdlet, you can detect and repair mailbox and database corruption issues.
  • Store limits were increased for administrative access.
  • The Database Log Growth Troubleshooter (Troubleshoot-DatabaseSpace.ps1) is a new script that allows you to control excessive log growth of mailbox databases.
  • Public Folders client permissions support was added to the Exchange Management Console (EMC).

Mailbox and Recipients Functionality

The following is a list of new mailbox and recipient functionality included in Exchange 2010 SP1:

  • Calendar Repair Assistant supports more scenarios than were available in Exchange 2010 RTM.
  • Mailbox Assistants are now all throttle-based (changed from time-based in Exchange 2010 RTM).
  • Internet calendar publishing allows users in your Exchange organization to share their Outlook calendars with a broad Internet audience.
  • Importing and exporting .pst files now uses the Mailbox Replication service and doesn’t require Outlook.
  • Hierarchical address book support allows you to create and configure your address lists and offline address books in a hierarchical view.
  • Distribution group naming policies allow you to configure string text that will be appended or prepended to a distribution group’s name when it’s created.
  • Soft-delete of mailboxes after move completion

High Availability and Site Resilience Functionality

The following is a list of new high availability and site resilience functionality included in Exchange 2010 SP1:

  • Continuous replication – block mode
  • Active mailbox database redistribution
  • Enhanced datacenter activation coordination mode support
  • New and enhanced management and monitoring scripts
  • Exchange Management Console user interface enhancements
  • Improvements in failover performance

Messaging Policy and Compliance Functionality

The following is a list of new messaging policy and compliance functionality included in Exchange 2010 SP1:

  • Provision personal archive on a different mailbox database
  • Import historical mailbox data to personal archive
  • Delegate access to personal archive
  • New retention policy user interface
  • Support for creating retention policy tags for Calendar and Tasks default folders
  • Opt-in personal tags
  • Multi-Mailbox Search preview
  • Annotations in Multi-Mailbox Search
  • Multi-Mailbox Search data de-duplication
  • WebReady Document Viewing of IRM-protected messages in Outlook Web App
  • IRM in Exchange ActiveSync for protocol-level IRM
  • IRM logging
  • Mailbox audit logging

Technet Exchange 2010 SP1 info
Release Notes for Exchange Server 2010 SP1
What’s New in Exchange 2010 SP1
Downloads:
Microsoft Exchange Server 2010 Service Pack 1
Microsoft Exchange Server 2010 SP1 Language Pack Bundle
Exchange Server 2010 SP1 UM Language Packs
Exchange Server 2010 SP1 Help

Your account in Microsoft Exchange Server does not have have permissions to synchronize with your current settings 0x85010004 or Eventid 1053 Exchange ActiveSync doesn’t have sufficient permissions to create the user container under Active Directory user "Active Directory operation failed on domain controller.

Error: Your account in Microsoft Exchange Server does not have have permissions to synchronize with your current settings.

Afb0021

Eventlog:
image

Exchange ActiveSync doesn’t have sufficient permissions to create the "CN=ward,OU=Users,DC=wardvissers,DC=local" container under Active Directory user "Active Directory operation failed on DC2008-03.ad.local. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".
Make sure the user has inherited permission granted to domain\Exchange Servers to allow List, Create child, Delete child of object type "msExchangeActiveSyncDevices" and doesn’t have any deny permissions that block such operations.

Because my account has domain admins rights the security settings will be reset every hour by
AdminSDHolder

Each Active Directory domain has an object called AdminSDHolder, which resides in the System container of the domain. The Admin-SDHolder object has a unique Access Control List (ACL), which is used to control the permissions of security principals that are members of built-in privileged Active Directory groups (what I like to call “protected” groups). Every hour, a background process called SDPROP runs on the domain controller that holds the PDC Emulator operations master role. It compares the ACL on all security principals (users, groups and computer accounts) that belong to protected groups against the ACL on the AdminSDHolder object. If the ACL lists aren’t the same, the ACL on the security principal is overwritten with the ACL from the Admin–SDHolder object. In addition, inheritance is disabled on the security principal.

Temporally Solution:

1. Active Directory Users and Computers

image
2. Enable Advanced Features
image
3. Search the User and go to the Security tab.

image
4. Advanced
image

5. Include Inheritable permissions from the Object’s parent
image

Source: Blog

Remote Desktop Services Component Architecture Poster

This poster provides a visual reference for understanding key Remote Desktop Services technologies in Windows Server 2008 R2. It explains the functions and roles of Remote Desktop Session Host, Remote Desktop Virtualization Host, Remote Desktop Connection Broker, Remote Desktop Web Access, Remote Desktop Gateway, RemoteFX and Remote Desktop Licensing.

To Download: Click on the picture.

image

Exchange 2010 Configuring Mail Tips

MailTips is a one of the new features of Exchange Server 2010. When a user sends a message, MailTips gives the some status information of the recipient and that helps to reduces unnecessary and undeliverable e-mails, as well as reduce some embarrassing things done by senders. MailTips are hosted as an Exchange Web Services on the Client Access Server.

MailTips are work with the Scenarios given below.

  1. If one of the recipients is out of office.
  2. When the recipient’s mailbox is full
  3. Message size exceeds sender’s send limit.
  4. If The Message quota exceeds of the recipient.
  5. When Sending email to a large number of recipients.
  6. When trying to send email to restricted recipients.
  7. When a booking a room with exceeded invitees.
  8. When sending to External and invalid domains.
  9. When trying to send to moderated recipients.
  10. Attaching more attachments than allowed.

Configuring MailTips

Gather Organization wide configuration MailTips settings.

Get-OrganizationConfig | fl *mailtips*

clip_image001

Enable or Disable MailTips.

You must use “Set-OrganizationConfig” CmdLet to enable or disable mailTips. Mailtips are enabled by default.

Set-OrganizationConfig -MailTipsAllTipsEnabled $true

clip_image002

Configure the large audience size for MailTips.

You must use “Set-OrganizationConfig” Cmdlet to configure large audience size. With a fresh Exchange Server 2010 installation it would be 25 by default. If we decrease it to 15, then Mailtip would be display to sender if sender add more than 15 recipients. See figure 3.

Set-OrganizationConfig -MailTipsLargeAudienceThreshold 15

Large Audience Threshold MailTip will display after adding more than 15 recipients . See figure 4.

 image

Enable or disable the External Recipients MailTips

We have some embarrassing experiences of sending some internal information to external parties. However company doesn’t want to restrict sending emails to outside domains. With MailTips  at least we can give a alert to the sender before click send button. See figure 5.

Set-OrganizationConfig –MailTipsExternalRecipientsTipsEnabled $True

image

External Recipients MailTips displays when trying to send to an external domains. See figure 6.

image

Enable or disable MailTips that rely on mailbox data

Mailbox based MailTips are rely on the mailbox data. There are two Mailbox based Mailtips, The Recipient Out of Office and Mailbox Full MailTips, rely on the mailbox data.

Set-OrganizationConfig -MailTipsMailboxSourcedTipsEnabled $true

image

The Recipient Out of Office. You can get to know if whether the recipient is out of the office before you send the email. See figure 8.

image

Mailbox Full. If recipient’s Mailbox is full, you can know that before sending the email. See figure 9.

image

Configure Group Metrics

MailTIps relies on Group Metrics data to provide information on the the size of distribution groups and dynamic distribution groups. Exchange  server normally query a lot of LDAP requests to the Active Directory to get group membership information for each message.This could affect the the performance experienced by the users. To eliminate these issues Exchange server uses the Group Metric data. Group Metric data can be scheduled to run during office hours. You should use Set-MailboxServer CmdLet to configure Group metric Data. See figure 10.

Set-MailboxServer DAGEK10-01 GroupMetricsGenerationEnabled $true

image

Used this article as Source for my article.

Translate »