Author: Ward

Configuring Forefront Protection 2010 for Exchange Server 2010

imageimage  
For the best performance for Forefront Protection 2010 download Microsoft Forefront Protection 2010 for Exchange Server Best Pratices Analyzer.

Want to check if you have enough Capacity. Read the Following blog post: Forefront Protection 2010 for Exchange Server (FPE) Capacity Planning Guidance v. 2

When you deploy  Forefront Protection 2010 for Exchange Server the next table is very handy

Maintain the Submission Queue Length at zero.

Apply the following script:
\MSExchangeTransport Queues(_total)\Submission Queue Length

Maintain CPU utilization at less than 75%.

Plan and conserve amount of resources required to maintain acceptable level of service.

Light-emitting diode (LED) light needs to be monitored for blinking.

The hard drive LED should maintain a blinking state. Any other state (light always on) indicates thrashing. It is important to maintain adequate disk input/output and utilize memory swapping to prevent thrashing.

FPE (or FSE) databases should be monitored and routinely maintained.

Clean/purge database to reduce size.

Enable retention policies.

Note: If you are expecting the incident database to grow soon, it is a good idea to allocate more free space for the database.

Apply service packs as required.

Perform update for all required service packs on a regular basis.

Note: Exchange Server fixes are distributed in service packs. Service packs keep the product current. Service packs include updates, system administration tools, drivers, and additional components. If you do not stay up to date on service packs, performance and product functionality are seriously compromised.

Synchronize time with external NTP server on Windows Server 2008 R2

Time synchronization is an important aspect for all computers on the network. By default, the clients computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source. I the servers from the NTP Pool Project website. Before you begin, don’t forget to open the default UDP 123 port (in- and outbound) on your firewall.

  1. First, locate your PDC Server. Open the command prompt and type: C:\>netdom /query fsmo
  2. Log in to your PDC Server and open the command prompt.
  3. Stop the W32Time service: C:\>net stop w32time
  4. Configure the external time sources, type: C:\> w32tm /config /syncfromflags:manual /manualpeerlist: “0.vmware.pool.ntp.org
  5. , 1.vmware.pool.ntp.org,2.vmware.pool.ntp.org”
  6. Make your PDC a reliable time source for the clients. Type: C:\>w32tm /config /reliable:yes
  7. Start the w32time service: C:\>net start w32time
  8. The windows time service should begin synchronizing the time. You can check the external NTP servers in the time configuration by typing: C:\>w32tm /query /configuration
  9. Check the Event Viewer for any errors.

Microsoft Assessment & Planning Toolkit

The Microsoft Assessment and Planning (MAP) Toolkit is an agentless toolkit that finds computers on a network and performs a detailed inventory of the computers using Windows Management Instrumentation (WMI) and the Remote Registry Service. The data and analysis provided by this toolkit can significantly simplify the planning process for migrating to Windows® 7, Windows Vista®, Microsoft Office 2007, Windows Server® 2008 R2, Windows Server 2008, Hyper-V, Microsoft Application Virtualization, Microsoft SQL Server 2008, and Forefront® Client Security and Network Access Protection. Assessments for Windows Server 2008 R2, Windows Server 2008, Windows 7, and Windows Vista include device driver availability as well as recommendations for hardware upgrades.

You can use MAP to inventory the following platforms:

  • Windows 7
  • Windows Vista
  • Windows XP® Professional
  • Windows Server 2008 or Windows Server 2008 R2
  • Windows Server 2003 or Windows Server 2003 R2
  • Windows 2000 Professional or Windows 2000 Server
  • VMware ESX
  • VMware ESXi
  • VMware Server

Reporting
– Identification of currently installed Windows client operating systems, their hardware, and recommendations for migration to Windows 7 and Windows Vista. The tool also reports if desktops have anti-virus and anti-malware programs installed and if the Windows Firewall is turned on.
– Identification of currently installed Windows Server operating systems, their hardware, and recommendations for migration to Windows Server 2008 R2 and Windows Server 2008.
– Identification of currently installed Microsoft Office software and recommendations for migration to Microsoft Office 2007.
– Detailed assessment and reporting of server utilization gathered using the Performance Metrics Wizard.
– Recommendations for server consolidation and virtual machine placement using Hyper-V
– Assessment of client machines, servers, and the technology environment for the implementation of Microsoft Application Virtualization (APP-V)
– Identification of machines where Microsoft SQL Server components are installed.
– Identification of virtual machines, their hosts, and details about each.
– Identification of Windows Server Roles

Hardware Requirements:
– Windows 2003 x86/x64 or Windows 2008 x86/x64
– 1,5 GB (2 GB 2008)

Software Requirements:
– NET Framework 3.5 SP1
– Windows Installer 4.5
– Microsoft Office Word 2007 or Word 2003 SP2
– MIcrosoft Office Excel 2007 or Excel 2003 SP2
– SQL Server 2008 Express Edition, SQL Server 2008, or SQL Server 2005

image image
image image

Download Microsoft Assessment and Planning (MAP) Toolkit HIER

Exchange Server 2010 SP1 is coming

Exchange Team announced that SP1 for Exchange 2010 is coming with a lot new features

I highlighted the things with I like from the coming update. It’s a whole list but i thing with this update is Exchange 2010 SP1 the best version ever!!! 😀

A list of al new things in Exchange 2010 SP1:

Archiving:
Personal Archive to a different mailbox database from their primary mailbox 😀
– You can import historical e-mail data from .PST files, directly into Exchange
– delegate access to a user’s Personal Archive
– SP1 updates the Exchange Management Console with new tools to create Retention Policy Tags
– support access to a user’s Personal Archive with Outlook 2007 Coming with A update

Outlook Web App
– Delete, mark as read, and categorize operations running asynchronously, these actions feel instantaneous to the user
– Attaching a very large file, will not block the rest of the OWA experience
– Sharing calendars to anonymous viewers via the web if you enable this.
– OWA themes back
– Reading pane can be placed on the bottom or the right side

Mobile:
– Support for send-as
– Support for notifying the user if their device has been placed on block or quarantine by their admin
– Full implementation of conversation view
– To sync only unique parts of messages.
– Setting up mobile device to access mail via POP/IMAP/SMTP, information is available in OWA.

New Management UI
– Create/configure Retention Tags + Retention Policies in EMC
– Configure Transport Rules in ECP
– Configure Journal Rules in ECP
– Configure MailTips in ECP
– Provision and configure the Personal Archive in ECP
– Configure Litigation Hold in ECP & EMC
– Configure Allow/Block/Quarantine mobile device policies in ECP
– RBAC role management in ECP
– Configure Database Availability Group (DAG) IP Addresses and Alternate Witness Server in EMC
– Recursive public folder settings management (including permissions) in EMC

Read the whole article at HERE.

Exchange 2007 The exchange server address list service failed to respond. After Upgrading Domain Controllers to 2008 R2

I want to creat a new mailbox for a new user. But i get the following error: The exchange server address list service failed to respond.
image

Solution:
Go to Organization Configuration in EMC. Right click it in EMC and select Modify Configuration Domain Controller. Point it to your DC hosting the PDC

image 

After that restart the Microsoft Exchange System Attendant services on the mailbox server.

The Microsoft Exchange System Attendant Service does the following thing:

Forwards directory lookups to a global catalog server for legacy Outlook clients, generates e-mail addresses and offline address books, updates free/busy information for legacy clients, and maintains permissions and group memberships for the server. If this service is disabled, any services that explicitly depend on it will fail to start.

Microsoft Enterprise Desktop Virtualization (MED-V) 1.0 SP1 – now available for Windows 7

There is a new version of MDOP: MDOP 2010 refresh. MDOP 2010 includes:
– Microsoft Enterprise Desktop Virtualization (MED-V) 1.0 SP1 – now available for production deployment on Windows 7
– Microsoft Application Virtualization (App-V) 4.6 – localized client versions and additional languages support

Existing MDOP customers can download the MDOP 2010 Refresh at the Volume Licensing Service Center (VLSC).  For evaluation, MDOP 2010 Refresh can be downloaded from MSDN and TechNet.

What’s new in MED-V 1.0 SP1?
– Support for Windows 7 hosts – 32-bit and 64-bit
– MED-V server support for Windows Server 2008 R2
– Support for Japanese Windows versions

dcdiag failed test NCSecDesc, Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn’t have Replicating Directory Changes In Filtered Set access rights for the naming context:

Error:

image

Starting test: NCSecDesc
        Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn’t have
           Replicating Directory Changes In Filtered Set
        access rights for the naming context:
        DC=ForestDnsZones,DC=ad,DC=local
        Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn’t have
           Replicating Directory Changes In Filtered Set
        access rights for the naming context:
        DC=DomainDnsZones,DC=ad,DC=local
        ……………………. DC2008-03 failed test NCSecDesc

Oplossing:

adprep /rodcprep draaien

Windows PowerShell Cookbook

Dean Tsaltas van het Microsoft Powershell Team een book geschreven over Windows Powershell 2.0 op verzoek van Lee Holmes van O’Reilly. Ik heb de index even doorgebladerd aangezien ik een fan van Powershell aan aan het worden ben. Ik ben er steeds meer mee  bezig en wil me hierin verder in  verdiepen. Aangezien ik de balle niet snap van Visual Basic en ook geen zin meer heb om daar nog tijd in te steken. Daarvoor is gelukkig google voor uit gevonden. Klik op het boek om naar de pagina te gaan.  
image

Translate »