Category: Microsoft

Rollup 7 for Exchange Server 2007 SP3

The Exchange CXP team released Update Rollup 7 for Exchange Server 2007 SP3

This update contains a number of customer-reported and internally found issues since the release of SP3 RU6. See KB2655203: Description of Update Rollup 7 for Exchange Server 2007 Service Pack 3 for more details.

Note: Some of the following KB articles may not be available at the time of publishing this post.

The most important fixes:

  • KB2617514 Include updated version of Portuguese-Brazil speller.
  • KB2696649 Exchange 2007sp3/2010 OWA CSRF via Cookie Tossing.
  • KB2696628 Read Receipt is still duplicated when connecting IMAP.

Note that this fix will resolve the CAS to CAS OWA proxying incompatibility with Exchange 2010 SP2 RU1 as discussed here.

Support lifecycle statement: This is the final release under standard support for Exchange 2007, as the Exchange 2007 Mainstream Support has now ended. Extended Support for Exchange 2007 SP3 will end on 4/11/2017

Note for Forefront Protection for Exchange users:

Before installing the update, disable ForeFront by using this command: fscutility /disable. After installing the update, re-enable ForeFront by running fscutility /enable.

Update Rollup 2 for Exchange Server 2010 SP2

The Exchange CXP team released Update Rollup 2 for Exchange Server 2010 SP2.

This update contains a number of customer-reported and internally found issues since the release of SP2 RU1. See KB2661854: Description of Update Rollup 2 for Exchange Server 2010 Service Pack 2 for more details.

Note: Some of the following KB articles may not be available at the time of publishing this post.

The most important fixes:

  • KB2696913 You cannot log on to Outlook Web App when a proxy is set up in an Exchange Server 2010 environment
  • KB2688667 High CPU in W3WP when processing recurrence items who fall on DST cutover
  • KB2592398 PR_INTERNET_MESSAGE_ID is the same on messages resent by Outlook
  • KB2630808 EwsAllowMacOutlook Setting Not Honored
  • KB2661277 Android/Iphones stuck with 451 during Cross forest proxy in datacenter
  • KB2678414 Contact name doesn’t display company if name fields are left blank

Note that this fix will not cause the CAS to CAS OWA proxying incompatibility with Exchange 2007 as discussed here. No additional updates are required on Exchange 2007 for proxying to work once Exchange 2010 SP2 RU2 is installed.

Note for Forefront Protection for Exchange users:

Before installing the update, disable ForeFront by using this command: fscutility /disable. After installing the update, re-enable ForeFront by running fscutility /enable.

Microsoft Deployment Toolkit (MDT) 2012 – RTM

A couple of hours ago, Microsoft released MDT 2012

In contains numerous bug fixes as well as support for SCCM 2007 and SCCM 2012.

Improvements for All MDT Technologies

The MDT improvements that affect all MDT technologies, which are discussed in a subsequent section, are as follows:

  • Support for upgrading from previous versions of MDT
  • Integration with security and compliance templates generated by Microsoft Security Compliance Manager (SCM) version 2.0
  • Run Windows PowerShell™ scripts within an MDT task sequence
  • Create partitions to support best practice recommendations for deployment of BitLocker® Drive Encryption
  • Automatically configure participation in the Windows Customer Experience Improvement Program (CEIP) and Windows Error Reporting (WER)
  • Guidance that describes how to use Microsoft SQL Server® 2008 R2 with Service Pack 1 (SP1) for all database needs within MDT
Improvements for LTI Deployments

MDT includes the following improvements for LTI deployments:

  • Support for Windows 8 Consumer Preview and Windows Server 8 Beta. Note: The deployment of Windows Server 8 Beta roles and features using the Install Roles and Features task sequence action is not supported.
  • Support for the Windows Assessment and Deployment Kit (Windows ADK). Note: Currently, the Windows ADK is only supported for deploying Windows 8 Consumer Preview or Windows 7 in lab environments, not in production environments.

Windows ADK requires the Microsoft .NET Framework version 4.0. If not already installed, the Windows ADK installation installs the Microsoft .NET Framework version 4.0. For more information, see Introduction to the Windows Assessment and Deployment Kit.

  • Monitoring of LTI deployment process. MDT includes the new LTI monitoring feature that allows you to perform centralized monitoring of LTI deployments in the Monitoring node in the Deployment Workbench.
  • Deployment of Windows Recovery Environment (Windows RE). Windows RE helps users troubleshoot and recover from startup-related problems on their computers.
  • Deployment of Microsoft Diagnostics and Recovery Toolkit (DaRT).
  • Deployment to computers that use the Unified Extensible Firmware Interface (UEFI).
  • Deployment to computers that require the new globally unique identifier (GUID) Partition Table (GPT) format.
  • Deployment to virtual hard disks (VHDs) for native boot.
  • Support for Windows Thin PC.
  • Support for Windows Embedded POSReady 7.
  • Add local administrator accounts.
  • Deployment Wizard user experience improvements.
Improvements for Configuration Manager Deployments

MDT includes the following improvements for MDT deployments with Configuration Manager 2012 or Configuration Manager 2007 R3:

  • Support for System Center 2012 Configuration Manager. MDT includes support for System Center 2012 Configuration Manager for ZTI and UDI deployments
  • Support for new application model in Configuration Manager 2012.
  • Support for the user device affinity feature in Configuration Manager 2012.
  • Support for prestart command files.
  • Support for automatically starting a specific task sequence.
  • UDI Wizard user experience improvements.
  • The UDI Wizard has been completely revised to improve user experience.
  • UDI Wizard Designer user experience improvements.
  • The UDI Wizard Designer UI has been improved to make configuring the UDI Wizard even easier than previous versions.
  • Support for enabling BitLocker in UDI.
  • Support for MDT Replace Computer deployment scenario.
  • Localization of UDI Wizard.
  • Guidance for customizing UDI.
  • Upgrade tasks sequences created in Configuration Manager 2007 to Configuration Manager 2012.
  • Guidance for Configuration Manager 2007 R3.

Read more and download it from here 

Special thanks to Mikael Nystrom

What is the best way to migrate PDA’s or Tablets from a legacy version of Exchange to Exchange 2010.

Microsoft released November 2010 a great document: Publishing Exchange Server 2010 with Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010.

One thing that I misted in that document: What is the best way to migrate PDA’s or Tablets from a legacy version of Exchange to Exchange 2010.

In most cases you wil use TMG als a firewall. Between the Internet and your internal Network.

Some weeks ago I did a Exchange 2010 migration en I don’t wanted a big bang scenario.

But I had the all the sort of phone’s that are on the marked today (Iphone, Android, Windows Phone 7.5 and some Windows Mobile phones and all so Ipad’s)

The First thing what is asked my self when design the new infrastructure.

Domain Joining Forefront TMG or Leaving in a Workgroup

In most organizations, the decision whether to domain join the server hosting Forefront TMG your production domain may be one of the most important parts of the deployment.

Forefront TMG deployments are more complex to discuss because Forefront TMG is considered a firewall and can protect the network edge. Domain joining Forefront TMG offers many advantages: it allows certificate based authentication to be used at Forefront TMG, using Kerberos Constrained Delegation to communicate to Exchange; it allows easy use of Active Directory groups and user objects in publishing rules to restrict access; and it provides other benefits. If your are not sure to domain join Forefront TMG, see Debunking the Myth that the ISA Firewall Should Not be a Domain Member.

I thinks that the best practice is to domain join TMG. Because is makes your live a lot easier.

First I created a Exchange 2010 group in the Active Directory.

Second you make the Exchange 2010 group available in TMG

Third you make four rules 2 for Exchange 2010 (OWA & ActiveSync) and 2 for your legacy server of servers (OWA & ActiveSync)

Fourth makes sure that the Exchange 2010 rules are above the legacy rules.

Fith: You change on the Exchange 2010 rules the all authenticated users to Exchange 2010. (After the migration you delete the legacy rules and change on the 2010 rules the Exchange 2010 back to all authenticated users).

pdasync2010pic2

Sixth: When you do a mailbox move you puth the user in de Exchange 2010 group.
Why you thing. When the user is in the Exchange 2010 group the PDA wil use the Exchange 2010 rule. When there user is not in the Exchange 2010 group the legacy rule will do the trick.

I migrated at this way about 300 users with random pda’s and tablets with no downtime at all Knipogende emoticon

Screenshot from the TMG rules.
 pdasync2010pic1

Load Balancing Exchange 2010 Client Access Servers using an Hardware Load Balancer Solution (Kemp)

At first you need to create a casarray on Exchange 2010 Server or Servers.

Configuring Client Access Array for Exchange 2010

If you want more info about Casarray and how it works read: Exploring Exchange 2010 RPC Client Access service & Demystifying the CAS Array Object – Part 1 & Demystifying the CAS Array Object – Part 2

Second: Configure Virtual Directories
Set Exchange 2010 Virtual Directories

Third: You set static RPC ports on your Client Access Server
Exchange 2010: Setting Static RPC ports when using a Kemp LoadMaster

Fourth: you register in DNS your casarray name and autodiscover name on a new “virtual” IP address.

Fifth: You configure the Kemp loadbalacers as descriptind in: LoadMaster Deployment Guide for MS Exchange 2010 with the new “virtual” IP address.

When you are done you have 6 Virtual Services
kemp1

When a hardware load balancer based CAS array has been properly configured, all servers in the array are represented by a single virtual IP (VIP) address and a fully qualified domain name (FQDN). When a client request comes in, it will be sent to an Exchange 2010 CAS server in the CAS array using DNS round robin distribution method.

Set Exchange 2010 Virtual Directories

With the following following powershell commands you set al the Exchange 2010 virtual directories

Set-ClientAccessServer -Identity ward-ex2010 -AutoDiscoverServiceInternalUri https://casarray.hyperv.local/Autodiscover/Autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "ward-ex2010\EWS (Default Web Site)"-ExternalUrl "https://webmail.wardvissers.nl/ews/exchange.asmx" -InternalUrl "https://casarray.hyperv.local/ews/exchange.asmx"

Set-OABVirtualDirectory -Identity "ward-ex2010\oab (Default Web Site)" -InternalUrl http://casarray.hyperv.local/oab -ExternalUrl https://webmail.wardvissers.nl/oab

Enable-OutlookAnywhere -Server ward-ex2010 -ExternalHostname "webmail.wardvissers.nl" -ClientAuthenticationMethod "Basic" -SSLOffloading:$False

Set-ActiveSyncVirtualDirectory -Identity "ward-ex2010\Microsoft-Server-ActiveSync (Default Web Site)" -InternalURL https://casarray.hyperv.local/Microsoft-Server-Activesync -ExternalURL https://webmail.wardvissers.nl/Microsoft-Server-Activesync

Set-ECPVirtualDirectory –Identity "ward-ex2010\ecp (default web site)" -InternalURL https://casarray.hyperv.local/ECP -ExternalURL https://webmail.wardvissers.nl/ECP

Set-AutodiscoverVirtualDirectory "ward-ex2010\Autodiscover (Default Web Site)" -InternalUrl http:/casarray.hyperv.local -ExternalUrl https://autodiscover.nifv.nl

HP takes the next step and provides ready-made driver packages for MDT and SCCM

HP takes the next step and provides ready-made driver packages for MDT and SCCM for the business models of notebooks, desktops and workstations. The packages can be obtained via SoftPaq Download Manager (SDM) or from the HP support website. It appears they are primarily for the current generation of products.
To get the download manager, navigate to the HP manageability website: www.hp.com/go/easydeploy or directly to www.hp.com/go/sdm

Here are screenshots from the new packages in SoftPaq Download Manager and from the HP support website.


Special Thanks to: Deploymentresearch

MDT 2012 Feature: Item Sorting

There is a new feature in MDT 2012 RC1. It will keep the list of items (applications, drivers OS packages, task sequences) in alphabetical order.

Now when you first install MDT 2012 RC1, you might notice that the items aren’t sorted right away – you have to change something in the folder first. As soon as you do (e.g. add an item, rename an item), the items in that folder will be sorted.

Keeping the list of folders sorted is a much bigger challenge, so at this point they will still show up in the order that they were added.

Automatically Create Archive Mailbox when user is on specified Mailbox Database

With de following PowerShell command you create automatically archive mailbox for a user in a specified mailbox database

Get-Mailbox -Database MB1 | Enable-Mailbox -Archive  -ArchiveDatabase MB3

This is very when you want to create a lot of archive mailboxes in one time

Set al mailboxes to Mailbox Database Default Quota’s

In Exchange Server 2010 the Exchange Management Console doesn’t provide a way to visually locate mailboxes that have no storage quota, or mailboxes that have a non-standard storage quota configured.  However you can find mailbox storage quota settings quickly using the Exchange Management Shell.
 
To list all Exchange Server 2010 mailboxes that are exempt from the mailbox database storage quota settings use this command in the Exchange Management Shell.

get-mailbox | where {$_.UseDatabaseQuotaDefaults -eq $False}

Exchange Mailbox Quato's

To Set al mailbox to Mailbox Database Default:

get-mailbox | where {$_.UseDatabaseQuotaDefaults -eq $False} | set-mailbox -UseDatabaseQuotaDefaults $true

Translate »