Exchange Team released Update Rollup 15 for Exchange Server 2007 SP3
Update Rollup 15 for Exchange Server 2007 SP3 resolves security issues that are described in December 2014 security update for Exchange Server 2007 and Exchange Server 2010.
Additionally, this update resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:
Microsoft keeps a list of problems: Current issues with Microsoft Exchange ActiveSync and third-party devices
After some problems at a customer i looked deeper at these problems.
Most problems come’s with iOS devices (iPhone and iPad)
Sow I made a list of al iOS versions (6,7 and 8) and there problems.
To keep this simple i created a powershell script: Block-IOS-Devices.ps1 or you can download it from the Technet Script Libary: Block iOS devices with Block-IOS-Devices.ps1 Script
Yesterday i was at customer who had problem dat transaction logs Rapid growl.
It was on a Exchange 2013 Server with CU5.
For Exchange 2010 there was released a KB http://support.microsoft.com/kb/2814847
This is still a issue for Exchange 2010, Exchange 2013 and Office 365.
Microsoft has al ready blocked IOS 6.1 – 6.1.1 devices at Office 365.
Server was OK…. But When i run Get-EASDeviceReport.ps1 i saw some IOS 6.1 devices. Sow we going to block this IOS versions.
Powershell:
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B141” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B142” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B143” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1 10B144” -characteristic DeviceOS -accesslevel block
New-ActiveSyncDeviceAccessRule -querystring “iOS 6.1.1 10B145” -characteristic DeviceOS -accesslevel block
When i visit a lot of company’s i see many times that the home folder directory have not the right rights. To fix this that’s al lot of work. Sow it time to write about it. I wrote a nice powershell script to fix it and save me and you a lot of time.
Three steps :
1. Set Share Permissions for the Everyone group to Full Control.
2. Use the following settings for NTFS Permissions (http://support.microsoft.com/kb/274443):
Pay attention when configuring the home directory or folder redirection policies. If you enable the setting to give the user exclusive access to the folder, you will override the inherited permissions and need to reset the ACL 
3. Run the Following script Repair-HomeFolderPermissions.ps1
________________________________________________________________________
#########################################################################
# Script: Repair-HomeFolderPermissions.ps1
# Author: Ward Vissers http://www.wardvissers.nl
# Date: 20/11/2014
# Keywords:
# Comments:
# Pre-Requisites: Full Control over destination folder.
#
# +————+—–+———————————————————+
# | Date | Usr | Description |
# +————+—–+———————————————————+
# | 20/11/2014 | WV | Initial Script |
# | | | |
# +————+—–+———————————————————+
#
# 1. http://support.microsoft.com/kb/274443
#
# 2. Set Share Permissions for the Everyone group to Full Control.
#
# 3. Use the following settings for NTFS Permissions:
#
# CREATOR OWNER – Full Control (Apply onto: Subfolders and Files Only)
# System – Full Control (Apply onto: This Folder, Subfolders and Files)
# Domain Admins – Full Control (Apply onto: This Folder, Subfolders and Files)
# Everyone – Create Folder/Append Data (Apply onto: This Folder Only)
# Everyone – List Folder/Read Data (Apply onto: This Folder Only)
# Everyone – Read Attributes (Apply onto: This Folder Only)
# Everyone – Traverse Folder/Execute File (Apply onto: This Folder Only)
#
#
# DISCLAIMER
# ==========
# THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
# RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#############################################################################
$dirpath = “D:\Data\user”
# get list of all child directories, in the current directory
$directories = dir $dirpath | where {$_.PsIsContainer}
# iterate over the directories
foreach ($dir in $directories)
{
# echo out what the full directory is that we’re working on now
write-host Working on $dir.fullname using $dir.name
# setup the inheritance and propagation as we want it
$inheritance = [system.security.accesscontrol.InheritanceFlags]“ContainerInherit, ObjectInherit”
$propagation = [system.security.accesscontrol.PropagationFlags]“None”
$allowdeny=[System.Security.AccessControl.AccessControlType]::Allow
# get the existing ACLs for the directory
$acl = get-acl $dir.fullname
# add our user (with the same name as the directory) to have modify perms
$aclrule = new-object System.Security.AccessControl.FileSystemAccessRule($dir.name, “FullControl”, $inheritance, $propagation, “$allowdeny”)
# check if given user is Valid
$sid = $aclrule.IdentityReference.Translate([System.Security.Principal.securityidentifier])
# add the ACL to the ACL rules
$acl.AddAccessRule($aclrule)
# set the acls
set-acl -aclobject $acl -path $dir.fullname
}
__________________________________________________________________________
Microsoft has published a new course on Office 365 Performance Management at the Microsoft Virtual Academy, which contains 11 modules across planning and troubleshooting areas including:
Windows 10 ADK supports Windows 7, Windows 8.1 and Windows 10 deployments.
Windows Image Configuration Designer (WICD), pronounced Wicked ? 🙂 Is supposed to be able to build a customized mobile or desktop image, and also create provisioning packages that allow you to customize a Windows device, without re-imaging.
New upcoming version of MDT is in development, not much info presented yet, but a few items were mentioned in the session:
Windows 10 Deployment and Upgrade Support, as well as updated Task Sequence binaries
Removed deprecated components from Deployment Workbench, and making OSD more accessibility compliant.
MDT documentation will be on TechNet (removed legacy help file and DOCX)
When you create a reference Image it will in most cases it will be updated with patches. That will make the image bigger and bigger and there fore the deployment of that image will take longer and consume more network resources & unneeded disk space. That can be corrected by getting rid of superseded patches, junk, temp files and much more.
Since MDT is the preferred method to create reference images you can download the script, import it as an application and then run the application just before the Sysprep and Capture step. The Script works for the following versions of Windows:
To make this work in Windows 7 and Windows Server 2008 R2 you need to add a hotfix to Packages in MDT. http://support.microsoft.com/kb/2852386
Download the script from here: Mirror Mirror 2
Action-CleanupBeforeSysprep Application
Task Sequence
Created a Group Clean.
Add install a application –> Action-CleanUpBeforeSysprep
Restart Computer (Very Important) without it will not work
1. Mount boot.wim file
Dism /Mount-Image /ImageFile:”D:\DeploymentShare\Operating Systems\Windows Server Technical Preview\sources\boot.wim” /index:1 /MountDir:D:\offline
2. Copy the dism.exe and DISM folder from the Windows 10 Technical Preview boot.wim file to your deployment share, in my case D:\DeploymentShare\Tools\x64.
The dism.exe file and DISM folder are found in the X:\Windows\System32 on your boot image (once booted), or D:\Offline\Windows\System32 if you just mounted the boot.wim.
3. Unmount the image|
Dism /Unmount-Image /MountDir:”D:\Offline” /Discard
4. Edit the Task Sequence
After copying the files, add two run command line actions to your Windows 10 Technical Preview and Server vNext Preview task sequence after Preinstall – Enable Bitlocker (Offline)
Copy WTP dism.exe
cmd /c copy %deployroot%\tools\%architecture%\dism.exe x:\windows\system32\ /y
Copy WTP DISM subsystem
cmd /c copy %deployroot%\tools\%architecture%\dism\* x:\windows\system32\dism /y
5. Deploy Machines
If you try to PXE boot a Windows 10 or Server vNext Technical Preview VM running on Hyper-V in Windows Server 2012 R2, you are greeted by a nice error message: Boot Failed. EFI Network. Failed Secure Boot Verification.
Until there is an update available turn off secure boot for the Gen 2 VM.
New Features in Microsoft Virtual Machine Converter 3.0
The 3.0 release of MVMC adds the ability to convert a physical computer running Windows Server 2008 or above server operating systems or Windows Vista or above client operating systems to a virtual machine running on Hyper-V host.
Standard stuff is: