In Exchange 2007 and previous versions, Exchange used the cluster resource management model to install, implement and manage the Mailbox server high availability solution, so we were completely reliant on the cluster manager. Historically, building a highly available Mailbox server involved first building a Windows Failover Cluster, and then running Exchange Setup in clustered mode on the top. In this mode, the Exchange cluster resource DLL, exres.dll, would be registered and allow the creation of a clustered mailbox server or CMS (called an Exchange Virtual Server in Exchange 2003).
Exchange 2010 now uses a new component called Active Manager that provides functionality replacing the resource model and failover management, features provided by integration with the Cluster service in previous versions of Exchange
All Exchange cluster resources provided by exres.dll no longer exist, including the construct known as a clustered mailbox server (CMS). A Windows Failover Cluster is still needed and used by Exchange, but there are no cluster groups for Exchange, and there are no storage resources in the cluster. So, if you examine the cluster using cluster management tools, you’ll see only the core cluster resources (IP Address and Network Name, and if needed, quorum resource). Cluster nodes and networks will also exist, but those are managed by Exchange (DAG Networks) and not the cluster or cluster tools.
Say Hello to PAM and SAM...
Active Manager runs on all Mailbox servers that are members of a database availability group (DAG). There are two Active Manager roles: Primary Active Manager (PAM) and Standby Active Manager (SAM). PAM is the Active Manager in a DAG that decides which database copies will be active and passive. PAM is responsible for getting topology change notifications and reacting to server failures. The DAG member that holds the PAM role is always the member that currently owns the cluster quorum resource (default cluster group). If the server that owns the cluster quorum resource fails, the PAM role automatically moves to a surviving server that takes ownership of the cluster quorum resource. The PAM controls all movement of the active designations between a database's copies. The PAM also performs the functions of the SAM role on the local system (detecting local database and local Information Store failures).
So, what’s SAM up to then?
The SAM provides information on which server hosts the active copy of a mailbox database to other components of Exchange that are running an Active Manager client component (for example, RPC Client Access service or Hub Transport server). The SAM detects failures of local databases and the local Information Store. It reacts to failures by asking the PAM to initiate a failover (if the database is replicated). A SAM does not determine the target of failover, nor does it update a database’s location state in the PAM.
Replication, Replication, Replication..
In Exchange 2010, the Microsoft Exchange Replication service periodically monitors the health of all mounted databases. In addition, it also monitors Extensible Storage Engine (ESE) for any I/O errors or failures. When the service detects a failure, it notifies Active Manager (PAM). Active Manager (PAM) then determines which database copy should be mounted and what it requires to mount that database. In addition, it tracks the active copy of a mailbox database (based on the last mounted copy of the database) and provides the tracking results information to the RPC Client Access component on the Client Access server to which the client is connected.
When the lights go out in database world..
When a failure occurs that affects a replicated mailbox database, the PAM initiates failover logic and selects the best available database copy for activation. PAM uses up to ten separate sets of criteria when locating the best copy to activate. Before using its selection criteria to locate the best copy to activate, a process called attempt copy last logs (ACLL) occurs. Exchange 2010 has been enhanced to deal with multiple database copies, and it recognizes which copy is the best source for copying log files. ACLL makes parallel remote procedure calls to each Mailbox server in the DAG that hosts a copy of the mailbox database to check whether the server is available and healthy, and to examine the value of LogInspectorGeneration for the database copy. The mailbox database copy with the highest value for LogInspectorGeneration is the best source for copying log files.
After the ACLL process has completed, if all missing log files were copied from the selected best source, the database mounts without any data loss. This is known as a lossless failure. If the ACLL process is unsuccessful, the configured value for AutoDatabaseMountDial is consulted. For more information about AutoDatabaseMountDial, see Set-MailboxServer. If the number of lost logs is within the configured value for AutoDatabaseMountDial, the database is mounted. If the number of lost logs is outside the configured value for AutoDatabaseMountDial, the database isn't mounted until either missing log files are recovered or until an administrator explicitly mounts the database and accepts the larger data loss.
Which of my 300 database copies are you going to mount up then?? - Active Manager Best Copy Selection Criteria
When a failure affecting the active database occurs, Active Manager calls several sets of selection criteria to determine which database copy should be activated. Active Manager attempts to locate a mailbox database copy that has a status of Healthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource, and that meets all of the following criteria:
If none of the database copies meet all of the preceding criteria, Active Manager tries to locate a database copy that meets the next set of criteria:
If none of the database copies meet all of the preceding criteria, Active Manager tries to activate any database copy with a status of Healthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource. If it can't find any database copies with this status, it isn't able to automatically activate a database copy.
In each of the preceding passes, if more than one database copy meets all of the preceding criteria, the configured value for ActivationPreference is consulted, and the database with the lowest value is activated and mounted.
One of the really cool new features of Exchange 2010 is the ability to provide high-availability for all 4 server roles by using just 2 actual machines. There are definitely some caveats, like the fact that you need a hardware load-balancer to distribute inbound request to the CAS and HT roles (NLB simply doesn’t play well with our replication tech at the moment) but I honestly think we’ll see a greater adoption of high-availability using a multi rolled CAS/HT/MBX in the smaller or midsize business space with this model. HA for the masses, that can only be good news for everyone.
The 2010 DAG feature is shares some similarities with 2007’s CCR. One area is that it also requires a file share witness to act as a voting mechanism. Since your two Exchange servers are part of the DAG, one of the limits is neither can actually host the witness share. In this case you’ll need a 3rd server to act as the file share witness which would normally if possible be another Exchange server. In my lab set up the only other server I had was a domain controller so I decided to use that as my FSW instead of standing up another server. When I ran through DAG wizard I received the following error;
Warning: Specified witness server ‘DC01.test.com’ is not an Exchange server, or part of the Exchange Servers security group.
Warning: Insufficient permissions to access file shares on witness server ‘DC01.test.com’ Until this problem is corrected, the database availability group may be more vulnerable to failures. You can use the Set-DatabaseAvailabilityGroup cmdlet to try the operation again. Error: Access is denied
The DAG is still created, but really doesn’t have the FSW ability at this point. The first warning is also a little confusing because the problem actually lies in the Exchange Trusted Sub system group permissions, not the Exchange Servers security group. You can follow the steps below to resolve this and get your DC to act as FSW:
· Add your domain controller’s computer account to Exchange Trusted Subsystem group in AD.
· Add the Exchange Trusted Subsystem group to the Builtin\Administrators group of the domain.
Obviously the second change isn’t ideal and if you’re going to use the DAG features I’d really recommend putting your FSW folder on something other than a DC, our best practise recommendation in this area has not changed from Exchange 2007 – Hub servers.
At this point this issue should be resolved and you should see the FSW folder and share created on DC01.
I also found that if I created the folder on the DC ahead of time and then ran the DAG wizard it would fail because the folder and share permissions were not correct. The best action here is to not create the FSW folder or share ahead of time and just let the cmd-let take care of the hard work.
Hope this helps, John
The announcement of Windows XP mode caused a lot of excitement, in this screen cast we have a look at how it is setup up, what users see and get an idea of what it can do. Download XP Mode for Windows 7
In response to customer feedback, the Exchange team has updated their testing matrix and has determined that Exchange Server 2010 will be supported on Single Label Domains (SLD), Disjoint Namespaces, and Discontiguous Namespaces. This post contains a brief description of each of these scenarios and special considerations. If you intend to install Exchange 2010 into one of these environments you need to read the documentation about the applicable subject.
In adding support for these types of topologies, there is an underlying requirement for DNS to be properly installed and configured. Before proceeding with any deployment defined here, clients and servers must be able to reliably resolve DNS queries for a given resource in the appropriate namespace.
Single Label Domains
Single-label DNS names are DNS names that do not contain a suffix such as .com, .corp, .net, or .org. For example contoso would be an SLD while contoso.com, contoso.net, or contoso.local would not be an SLD.
Not a recommended configuration
While Exchange 2010 is supported with SLDs, the Exchange product team's view is that SLDs are not a recommended configuration, and may not be supported by future Exchange versions. Other Microsoft or third party applications that you want to run in your environment may not be supported on an SLD. This could have an adverse effect on your environment. While we will allow installation of Exchange 2010 in an SLD, we strongly recommend that you take steps to move your organization out of this configuration.
Disjoint Namespaces
A disjoint namespace scenario is one in which the primary DNS suffix of a computer does not match the DNS domain name where that computer resides. The computer with the primary DNS suffix that does not match is said to be disjoint. Another disjoint namespace scenario occurs if the NetBIOS domain name of a domain controller does not match the DNS domain name.
Exchange 2010 and Disjoint Namespaces
In Microsoft Exchange 2010, there are three supported scenarios for deploying Exchange in a domain that has a disjoint namespace. The supported scenarios are as follows:
For more information on Exchange 2010 and disjoint namespaces see Understanding Disjoint Namespace Scenarios.
Special Considerations
Discontiguous Namespaces
A discontiguous namespace, also referred to as non-contiguous namespace, is one in which the domains in a forest are not defined hierarchically. If the domains in a forest have discontiguous DNS names, they form separate domain trees within the forest. An Active Directory forest can have one or more domain trees. An example of a multi-tree forest would be a forest containing the domains, contoso.com and fabrikam.net. Note: contoso.com and contoso.net in the same forest would be an invalid configuration. This is because they would both be using a NetBIOS name of contoso in their respective domains. In the case of discontiguous DNS namespaces, each domain must still register a unique legacy NetBIOS domain name.
For discontiguous namespaces, DNS must be configured such that Exchange servers are able to resolve all domain names in the environment. It is also a requirement that msds-allowedDNSSuffixes be configured within the Active Directory environment for all namespaces used within the forest. For instructions on configuring this, please see the Tech Net article "Understanding DNS Client Settings."
Exchange 2010 System Requirements
For more information on Exchange 2010 System Requirements please see the Tech Net article "Exchange 2010 System Requirements"
Server administrators be warned; if you’re looking at Windows Server 2008 R2 you need to be aware we (Microsoft) are not currently supporting Microsoft Exchange 2007 on this platform. Instead, you must upgrade to Exchange 2010.
This news was made public via the Microsoft Exchange Team blog when discussing rollup 9 for Exchange Server 2007 service pack 1.Specifically, the Exchange Team note that one of the fixes in the RU is “Support for Windows Server 2008 R2 Domain Controllers in the environment” adding the disclaimer “Note: Exchange Server 2007 itself is not supported to be installed on a Windows Server 2008 R2 system.”The blog permits reader comments and one reader, “Tony” asked “I have a Windows Server 2008 x64 server running Exchange Server 2007 x64. The Windows Server is also a Domain Controller. When Windows Server 2008 R2 comes out will I be able to upgrade the server to R2?”The Exchange Team respond, “Exchange Server 2007 will not be supported to run on Windows Server 2008R2. So for the system which is running Windows Server 2008 + Exchange Server 2007, you cannot upgrade the platform to Windows Server 2008R2.If you have a domain controller which does not run Exchange, you can upgrade it to Windows Server 2008R2 since it is a supported scenario to run against Windows Server 2008 R2.”This means companies who have been planning an early migration to Windows Server 2008R2 need to proceed with some caution. You should revise plans to recognise your Exchange Server 2007 system cannot have its operating system upgraded without simultaneously upgrading to Exchange Server 2010, so in reality a migration project will need to be scoped.This also means that companies contemplating an Exchange Server 2007 rollout should consider their plans and determine whether this information affects their proposed roadmap. Exchange Server 2010 is strongly expected to be Generally Available within a couple of months.
This is a GREAT post from the team over at EHLO about the dangers of a bad design decision;
We sometimes hear customers talking about putting Exchange 2007 or Exchange 2010 Client Access Servers (CAS) into the Perimeter network (sometimes referred to as the "DMZ" - Demilitarized Zone). A Perimeter network is a network zone many companies deploy between the Internet and their intranet as defense-in-depth. The idea behind a perimeter network is to add additional steps to what a hacker would have to do to get access to any intranet resources. To add as strong defense-in-depth as possible, you want to put only servers you trust to withstand Internet attacks in the perimeter, and then you should assume they can be broken into anyway.
With Exchange 2000/2003, it was supported and there was documentation explaining how to put an Exchange 2000/2003 Front-End (FE) server into the perimeter network, with a firewall between the FE and the Exchange Back-End (BE) servers it accessed. This leads some customers who upgrade from E2000/E2003 to expect the same deployment pattern with E2007/E2010.
As you start planning for deploying an E2007/E2010 CAS server in the perimeter network, you quickly notice that there is no documentation for how to do this though. You will probably even find the TechNet documentation which explains this is explicitly not supported by Microsoft. Microsoft doesn't test or support any topologies which put firewalls between a CAS and a Mailbox (MBX) server. The only Exchange 2007/2010 role which is supported for deployment in a perimeter network, and with a firewall server separating it from other Exchange server it talks to, is the Edge role. This is true for Exchange servers talking to one another within and between AD Sites.
The fact that there is no support for using firewalls between Exchange servers (except for the Edge role) sometimes causes confusion for how to use the Windows OS firewall on Exchange. It is supported to have the Windows OS firewall turned on for Exchange servers. In fact, we strongly recommend you leave the Windows OS firewall turned on as a defense-in-depth measure. Exchange 2010 setup is smart enough to configure the Windows OS firewall so it'll let through all Exchange traffic appropriately (for Exchange 2007 you need to run the Security Configuration Wizard and apply the Exchange 2007 role based template).
When discussing the fact that it is not supported to put CAS in the perimeter network, the next question is obviously "why?". If this was supported and documented for E2000/E2003 FE, why not for E2007/E2010 CAS?
The most important reason why customers wanted to install Exchange FE servers in the perimeter network was to block any unauthenticated traffic from reaching servers on the intranet. This is a good practice, but as you'll see below doing this with Exchange FE/CAS servers is no longer the best way to accomplish this goal.
It is important to understand that the CAS role in Exchange 2007 is significantly different from the FE server in E2000/E2003.
· The E2000/E2003 FE servers were there to authenticate users and proxy traffic to the BE server where the traffic was actually interpreted and responded to. For example, the FE servers in E2000/E2003 don't do any Outlook Web Access (OWA) rendering. That all takes place on the BE servers.
· The E2007/E2010 CAS role on the other hand contains all middle-tier logic and rendering code for processes like OWA, Exchange ActiveSync (EAS), Exchange Web Services (EWS), and more.
In the same timeframe as E2007 was available, enough customers had also started using reverse proxies (e.g. Internet Security and Acceleration server (ISA) 2000 FP1, 2004 or 2006) with functionality like pre-authentication. This meant there was now a good way to do authentication of Exchange traffic before the traffic reached the Exchange servers. The role the E2000/E2003 FE server had played for defense-in-depth by pre-authenticating traffic before it reached servers which included a lot of Exchange business logic could now be better handled by these new reverse proxies. The reasons a reverse proxy like this does a better job than an Exchange FE or CAS server for this defense-in-depth role are:
· Exchange CAS servers require full access to all mailboxes in an AD Site, and significant access rights to the AD. That's a level of access privileged which you should avoid having in the perimeter network.
· The Exchange FE executed a little bit of Exchange business logic, and the Exchange CAS executes a lot of Exchange business logic. The more business logic you expose in the perimeter network, the more risk you're taking that something in that logic can be hacked. For servers you put in the perimeter network, you want to minimize the logic/code surface area they run and which is exposed to attack from the outside. Reverse Proxies are built with the primary purpose of withstanding Internet attacks like that. Although Exchange servers are also hardened from a security perspective, they run much more logic than a reverse proxy, which increases the risk.
· Reverse Proxies are built to be put in the perimeter network or at the edge of the network. They include many security features and flexibility for customers to determine the level of defense-in-depth which is right in any particular environment. Some of these defense-in-depth features are easy to just turn on (e.g. using pre-authentication while your reverse proxy is an AD domain member; or avoiding AD domain membership and limiting pre-authentication capabilities) whereas other defense-in-depth features take more work (e.g. using pre-authentication without domain membership by using RADIUS). But the important distinction between the reverse proxies and the CAS is that the reverse proxies have many more defense-in-depth features and deployment models available than Exchange CAS.
In addition to these reasons why a reverse proxy does a better job in the perimeter network than an Exchange FE/CAS does, there is also a problem with FE/CAS in the perimeter which goes away when using a reverse proxy there instead:
· Deploying an E2000/E2003 FE server in the Perimeter network was difficult. The port settings and other internal firewall configuration required was complicated and many customers ran into problems setting this up correctly. Different types of internal firewalls required different configuration and the symptoms experienced by Internet clients when something was misconfigured weren't always easy to diagnose. This complexity and the errors it caused was a problem for Exchange customers. The internal firewall configuration required when using a reverse proxy in the perimeter is much simpler. This is why we don't offer "CAS in the perimeter network" as a supported solution even for customers who want to take the security risks listed above: people accidentally end up shooting themselves in the foot when trying to configure things for a FE/CAS to work in a perimeter network.If you are curious, the ports used between server roles by E2007 are listed in http://technet.microsoft.com/en-us/library/bb331973.aspx.
The best way to deploy Exchange CAS with respect to a perimeter network is to put a reverse proxy you trust in the perimeter, configure the firewall between the perimeter and the intranet to be as restrictive as possible and to host the CAS server on the intranet. This will get traffic inspection and other reverse proxy security filtering in place in the perimeter.As extra defense, you can also configure pre-authentication to be done on the reverse proxy. This might not be possible for all Exchange protocols if you want to expose some advanced functionality like E2010 Federated Free/Busy and Calendar Sharing to the Internet. But you can configure the pre-authentication for as many clients and protocols as is supported by the reverse proxy and the scenarios you want to enable.
The first Exchange 2010 exam has now gone live, also confirming the new Exchange 2010 track for the new product. Details here;
Audience Profile The typical candidate is a Messaging Generalist responsible for the maintenance and administration of the Exchange servers in an enterprise environment. Day to day, the candidate typically installs and manages Exchange Server 2010 and manages users, mailboxes, security, servers, and databases by using Exchange Server 2010. The candidate might also monitor and troubleshoot Exchange Server 2010.
Note This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format.
Get your exam booked today!
I saw this posting on techradar news and thought it was worth sharing. They provide a nice summary of 18 cool things in Windows 7 that are not in Vista. It’s a great highlight of what’s new – go check it out!
http://www.techradar.com/news/computing/pc/18-cool-things-windows-7-does-that-vista-doesn-t-628892?artc_pg=1
A number of customers have been enquiring about the current situation of our Scalable Networking Pack in relation to Windows 2008 and thanks to Jane Lewis of the UK PFE team for running the ground work on this. So, Info and recommendations are as follows;
With Windows 2003 SP2 this setting was enabled by default. Many customers experienced issues post deployment and http://support.microsoft.com/kb/948496/jp. This was related to the fact that certain NIC cards especially Broadcom had some major compatibility issues. Network cards using Broadcom 5708 chipsets are known to have compatibility issues with the TCP Chimney Offload feature set and many a blog has been written around these issues;
http://blogs.msdn.com/sqlprogrammability/archive/2008/05/27/sql-server-intermittent-connectivity-issue.aspx & http://blogs.technet.com/networking/archive/2008/11/14/the-effect-of-tcp-chimney-offload-on-viewing-network-traffic.aspx and http://support.microsoft.com/kb/942861
It was therefore advisable to “Switch off” the SNP via this registry key.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
EnableTCPA REG_DWORD 0x0 ßOK
EnableRSS REG_DWORD 0x0 ßOK
EnableTCPChimney REG_DWORD 0x0 ßOK
0 = disabled
1 = enabled default
With the release of 2008 I have been asked by many of my customers whether this remains an issue.
Well the answer is that IT COULD WELL BE!, however to mitigate the issue ensure that you have the LATEST NIC card drivers included as part of your server build, and checkout their comptibility with TCP Chimney Offload feature with the NIC Vendors
Windows 2008 specific reference to Scalable Networking Pack.
http://support.microsoft.com/kb/951037
As always - feedback welcome from the field
As there is currently a masssive interest in Windows 7 I thought I would share this helpful learning "snack" on Search. Windows 7 provides the concept of Libraries, an improved Search functionality and Federated Search.
In just 15 minutes you can:
With Federated Search, users can search corporate Intranet sites and their desktops from one familiar interface: Windows Explorer. This is out-of-the-box functionality to search beyond the user's computer. Developers and IT professionals can enable search engines, document repositories, web applications and proprietary data stores to be searched from Windows Explorer without writing and deploying client-side code.
Enterprise Search Scopes allow IT administrators to populate links on the Start menu and in Windows Explorer. These links simplify access to the most appropriate, complete and authoritative data sources on the network. As a result, content is more discoverable.
A “Learning Snack” is an interactive presentation delivered via Microsoft Silverlight. Watch this snack:
Accessing Information in Windows 7 (15 minutes)
http://www.microsoft.com/learning/_silverlight/learningsnacks/win7/snack10/default.html
For additional Windows 7 snacks, please visit:
http://www.microsoft.com/learning/en/us/training/format-learning-snacks.aspx#win7
Thanks to Julie White for confirming some really GREAT early Exchange 2010 launch info:
Exchange 2010 – Revving the Engines for Launch
Two weeks ago we announced that Exchange 2010 was code complete and, as we get ready for launch, we’re seeing some amazing results from our early adopter customers. They are so good, that I can’t help sharing some of these early highlights – just a sneak peek of what is to come.
One server, many solutions
One of the things I’m most excited to see is the evolution of Exchange from an e-mail server to a multi-workload communications backbone. Some organizations are now bringing in Exchange to do the job once managed by four or five different systems, and the results are really impressive. With Exchange 2010, you’ve got a full e-mail, calendar and contacts solution, built-in information protection, built-in mobile e-mail and mobile device management, a full voice mail replacement, and a brand new archiving, retention and discovery solution. Exchange administrators have seen their roles grow from simply providing great e-mail to providing an end-to-end communications solutions. Customers are seeing impressive results in each of these workloads.
It does e-mail
It always has, but in 2010, it does it better. With the new high availability, disaster recovery and back up capabilities combined with the significant IO reduction a few very cool things become possible. First, what used to take multiple applications to achieve mailbox resiliency becomes possible using just Exchange. Second, a very large mailbox – even 10 gigs+ becomes very affordable and supportable. With Exchange 2010, a major government agency increased mailbox sizes by 10x, reduced failover times by four hours, decreased IT admin and storage costs and expects cost savings of up to $1 million per year with Exchange 2010.
It makes everyone mobile
Let’s face it – people want access to e-mail, calendar and contact information from everywhere. Outlook Web App, Outlook Mobile and Exchange Active Sync have long been the leading solutions for web e-mail and mobile phone access for businesses. But, we didn’t rest on our laurels with 2010, and it shows in the positive user feedback– from the improved OWA UI with integrated IM/presence, to conversation view in mobile, to EAS device management – every user can now have a rich mobile experience, while you don’t have to pay anything more since it’s all ‘in the box’.
It replaces voice mail (and gives a text preview!)
A mid-size innovative manufacturing company deployed Exchange 2010 voice mail avoiding a $43,000 annual maintenance contract for their legacy voice mail and reduced IT support required by more than 1000 hours – providing an additional $28,000 savings. And, with the new text preview, a national auto dealer has improved their sales rep response time to voice mails by 50%, which means a better sales experience for customers.
It archives and discovers
At a regional healthcare group, they are able to use the integrated archiving, retention and discovery capabilities of 2010 saving them the cost and maintenance of using third party solutions that resulted in $250,000 they didn’t have to spend – and that was just the first year savings.
It protects people
Using the combination of Exchange 2010 and Forefront Protection 2010 for Exchange Server, a global electronics firm has seen a 90% reduction in unwanted e-mail, meaning less time deleting and more time making new gadgets for you and me. And, that’s just the tip of the iceberg -- there’s a lot more around information protection we’ll showcase at launch.
When you think about the full value of Exchange together it’s an impressive package! And, I’m really pleased that many of you clearly agree -- a recent customer survey we did showed that 40% of Exchange customers are planning to move to 2010 within the next 6 months. This certainly validates the feedback I’ve gotten from our customers and partners about the value delivered by Exchange 2010.
Since I know many of you are underway with deployment planning, I wanted to take this opportunity to make sure everyone knows the licensing options, so you can plan accordingly. Just like 2007, Exchange 2010 will offer a Standard CAL and an Enterprise CAL. Standard CAL includes all e-mail, calendar and contacts capabilities, mobile messaging with Exchange ActiveSync, plus the new over-the-air updates of Outlook Mobile on Windows Mobile 6.1+, and Outlook Web App. The Exchange Enterprise CAL adds e-mail archiving, discovery and retention functionality, integrated voice mail (i.e. unified messaging) and Forefront Protection for Exchange.
On the server side, Exchange Server Standard will now support high availability, so all customers can take full advantage of the new database availability group capabilities. Exchange Server Enterprise enables configurations with up to 100 databases per server.
All of the specifics around pricing and licensing will be available when we launch, but just to give you an idea, a customer buying a new license will pay about $55 for Standard CAL and about $35 for Enterprise CAL. Existing customers with Software Assurance, of course, only pay for the renewal of Software Assurance, so this price is much lower. And for the servers, a typical customer can expect to pay about $550 for Standard Server and $3200 for Enterprise Server. As you know, pricing depends on the license type you choose, and if you buy via one of the CAL suites further discounts apply, so definitely take this as a ballpark vs absolute. As always, your reseller partner or Microsoft rep can get you the specifics on pricing once Exchange 2010 is available.
I can’t wait to share more of the incredible results our Exchange 2010 customers are seeing and talk with you about your Exchange 2010 plans. I hope you can join us at TechEd Europe in Berlin, Exchange Connections in Las Vegas or online at www.thenewefficiency.com as we launch Exchange 2010. It’s going to be a great time!
Julia WhiteDirector of Exchange MarketingMicrosoft
Introducing Windows Server 2008 R2 eBook
Introducing Windows Server 2008 R2 is a deep-dive work, that'll get you up to speed on how R2's new features and capabilities work fast, including Hyper-V and RDS virtualization, management, IIS and the new Web application platform and, of course, all the synergistic goodness between Windows Server and Windows 7. Free for a click and worth the download, so don't miss out.
Download
Remote Server Administration Tools for Windows 7
Remote Server Administration Tools for Windows® 7 enables IT administrators to manage roles and features that are installed on computers that are running Windows Server® 2008 R2, Windows Server® 2008, or Windows Server® 2003, from a remote computer that is running Windows 7.
Windows 7 Product Guide
The Windows 7 Product Guide provides a detailed look at the many new and improved features in Windows 7. The guide is designed as an accurate source of information that can help you to understand how Windows 7 Simplifies Everyday Tasks, Works the Way You Want, and Makes New Things Possible. The guide is also designed to provide IT Professionals with information about how to Make People Productive Anywhere, Manage Risk Through Enhanced Security and Control, and Reduce Costs by Streamlining PC Management. This is not a help and how to guide. Rather, it provides an overview of the many exciting features in Windows 7 and pointers to more information. The Windows 7 Product Guide is available in both XPS and PDF formats.
Deploying Windows® 7 Essential Guidance
Microsoft’s eBook Deploying Windows® 7 Essential Guidance from the Windows 7 Resource Kit and TechNet Magazine combine selected chapters written by industry experts Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the Windows 7 Team with select Windows 7 articles from TechNet Magazine. Sample topics include: Deployment Platform, Planning Deployment, Testing Application Compatability, and 8 Common Issues in Windows 7 Migrations.
How to Build a Windows 7 Image
This step-by-step guide explains how to install a custom image by using an operating system image that includes your customizations and applications. The guidance is designed specifically for small and medium business that may not have prior experience with Windows deployment or do not have an enterprise deployment infrastructure.
Deploying Windows 7 with MDT 2010
Aidan Finn, a Dublin based Virtualization MVP who presented with us on the Windows 7 Community Launch Tour has released a white paper on deploying Windows 7 using MDT for business environments.
Microsoft Application Compatibility Toolkit 5.5
The Microsoft Application Compatibility Toolkit (ACT) 5.5 helps customers understand their application compatibility situation by identifying which applications are compatible with the Windows 7 RC and Windows Vista® operating system and which require further testing. ACT helps customers lower their costs for application compatibility testing, prioritize their applications, and deploy Windows more quickly. You can use the ACT features to:
Windows 7 Walkthrough: BitLocker and BitLocker to Go
In Windows 7, core BitLocker Drive Encryption functionality is enhanced to deliver an improved experience for IT professionals and end users—from simple enhancements such as the ability to right-click on a drive to enable BitLocker protection to the automatic creation of the required hidden boot partition. Learn about these enhancements and the new BitLocker To Go, which gives system administrators control over how removable storage devices can be used and the strength of protection required.
Windows 7 Walkthrough: AppLocker
AppLocker is a flexible, easily administered mechanism that enables IT professionals to specify exactly what is allowed to run on user desktops. It provides the flexibility to allow users to run the applications, installation programs, and scripts they need to be productive. Learn how you can realize the security, operational, and compliance benefits of application standardization by using AppLocker.
Implementing an End-User Data Centralization Solution
The objective of this white paper is to show through a case study how to use different Microsoft products and technologies to put in place a comprehensive solution satisfying the needs of a mid-sized organization around users’ file data management. The study was conducted by the Quality Assurance group of the Storage Solutions Division (SSD) at Microsoft, a division that focuses on enabling customers of all sizes to store, manage, and reliably access their file data."
For October's patch Tuesday we are releasing 13 bulletins (eight critical and five important), addressing 34 vulnerabilities, affecting Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server. Most of these updates require a restart so please factor that into your deployment planning. For more information visit the Advanced Notification page on the MSRC blog
Also, for customers who have some questions, there will be a live webcast on Wednesday Oct. 14 at 11:00 a.m. PST and get answers to any questions and concerns you might have. To register, just follow this link.
Free for a very limited time, this Microsoft Press eBook provides selected chapters with guidance from the Windows 7 Resource Kit and TechNet Magazine on deployment platforms, planning, testing application compatibility and more. As an added bonus, you'll also get six new articles on Windows 7 from industry experts on migration, running Windows 7 in mixed environments, certification and more.
Download the free eBook here.
I have been asked by a few people now to consolidate a list of public webcasts regard the new functionality of Exchange 2010. Luckly the Exchange team have saved me the hard work by publishing the following great topic list on thier blog;
MsEvents featured an eleven-part webcast series on Exchange 2010 during June and July of 2009. These webcasts are now available for on-demand viewing. Simply select the webcast you would like to view from the list below, register for the webcast, and then select how you would like to download the file. NEW! TechNet webcast: Storage in Exchange 2010Exchange 2010 carries on the tradition begun in Exchange Server 2007 of dramatically reducing mailbox storage costs. View this webcast and learn how we've enabled new levels of storage flexibility in Exchange 2010 and find out the technical details that will help you select the right storage for your Exchange 2010 environment. https://www.livemeeting.com/cc/mseventsbmo/view?id=1032418920&role=attend&pw=6064172E Exchange 2010 High Availability Welcome to the future! The future of Exchange high availability, that is. In this webcast, we reveal the changes and improvements to the built-in high availability platform in Exchange Server 2010. Exchange 2010 includes a unified framework for high availability and disaster recovery that is quick to deploy and easy to manage. Learn about all of the new features in Exchange 2010 that make it the most resilient, highly available version of Exchange ever. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416676&Culture=en-US TechNet Webcast: Exchange 2010 Overview This webcast will introduce you to Exchange Server 2010, reviewing the major areas of investment for this release and highlighting marquee features. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416679&Culture=en-US TechNet Webcast: Exchange 2010 Management Tools Exchange 2010 includes new capabilities that make the operation of your Exchange environment more efficient. Learn how we've made the Exchange Management Console more powerful, extended the reach of PowerShell, and made it easier to delegate management tasks. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416687&Culture=en-US TechNet Webcast: Exchange 2010 Archiving and Retention This webcast will introduce new ways to address archiving and retention with Exchange Server 2010. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416694&Culture=en-US TechNet Webcast: Exchange 2010 Architecture This webcast describes the overall architecture of Exchange 2010 and key considerations for the scalability and performance of each server role. This webcast will provide the background and framework for the other Exchange 2010 webcasts, serving as a bridge between the overview session and drill-downs in each product area. This webcast is a recommended pre-requisite for the Exchange 2010 transition and deployment webcast. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416706&Culture=en-US TechNet Webcast: Federation in Exchange 2010 Federation is a key part of the architecture of Exchange 2010, powering new organization-to-organization sharing scenarios. Learn how federation enhances the capabilities of Exchange 2010 and enables advanced coexistence between Exchange Server and Exchange Online. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416724&Culture=en-US TechNet Webcast: Exchange 2010 Voice Mail enabled by Unified Messaging Exchange 2010 Unified Messaging is Microsoft's second generation unified messaging and voice mail solution. In this webcast, learn about the features, benefits, and architecture of Unified Messaging in Exchange 2010. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416726&Culture=en-US TechNet Webcast: Exchange 2010 Information Protection and Control This webcast will introduce you to new ways to address information protection and control with Exchange Server 2010. A discussion of the use of encryption and rights management in parallel with Exchange will be included as well as an introduction to new functionality in Exchange that supports information protection scenarios. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416728&Culture=en-US TechNet Webcast: Exchange 2010 Transition and Deployment In this session we will cover the migration planning and deployment path to move an organization from Exchange 2003 or Exchange 2007 to Exchange 2010. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416708&Culture=en-US As always - feedback welcome :)
NEW! TechNet webcast: Storage in Exchange 2010Exchange 2010 carries on the tradition begun in Exchange Server 2007 of dramatically reducing mailbox storage costs. View this webcast and learn how we've enabled new levels of storage flexibility in Exchange 2010 and find out the technical details that will help you select the right storage for your Exchange 2010 environment. https://www.livemeeting.com/cc/mseventsbmo/view?id=1032418920&role=attend&pw=6064172E
Exchange 2010 High Availability Welcome to the future! The future of Exchange high availability, that is. In this webcast, we reveal the changes and improvements to the built-in high availability platform in Exchange Server 2010. Exchange 2010 includes a unified framework for high availability and disaster recovery that is quick to deploy and easy to manage. Learn about all of the new features in Exchange 2010 that make it the most resilient, highly available version of Exchange ever. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416676&Culture=en-US
TechNet Webcast: Exchange 2010 Overview This webcast will introduce you to Exchange Server 2010, reviewing the major areas of investment for this release and highlighting marquee features. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416679&Culture=en-US
TechNet Webcast: Exchange 2010 Management Tools Exchange 2010 includes new capabilities that make the operation of your Exchange environment more efficient. Learn how we've made the Exchange Management Console more powerful, extended the reach of PowerShell, and made it easier to delegate management tasks. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416687&Culture=en-US
TechNet Webcast: Exchange 2010 Archiving and Retention This webcast will introduce new ways to address archiving and retention with Exchange Server 2010. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416694&Culture=en-US
TechNet Webcast: Exchange 2010 Architecture This webcast describes the overall architecture of Exchange 2010 and key considerations for the scalability and performance of each server role. This webcast will provide the background and framework for the other Exchange 2010 webcasts, serving as a bridge between the overview session and drill-downs in each product area. This webcast is a recommended pre-requisite for the Exchange 2010 transition and deployment webcast. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416706&Culture=en-US
TechNet Webcast: Federation in Exchange 2010 Federation is a key part of the architecture of Exchange 2010, powering new organization-to-organization sharing scenarios. Learn how federation enhances the capabilities of Exchange 2010 and enables advanced coexistence between Exchange Server and Exchange Online. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416724&Culture=en-US
TechNet Webcast: Exchange 2010 Voice Mail enabled by Unified Messaging Exchange 2010 Unified Messaging is Microsoft's second generation unified messaging and voice mail solution. In this webcast, learn about the features, benefits, and architecture of Unified Messaging in Exchange 2010. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416726&Culture=en-US
TechNet Webcast: Exchange 2010 Information Protection and Control This webcast will introduce you to new ways to address information protection and control with Exchange Server 2010. A discussion of the use of encryption and rights management in parallel with Exchange will be included as well as an introduction to new functionality in Exchange that supports information protection scenarios. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416728&Culture=en-US
TechNet Webcast: Exchange 2010 Transition and Deployment In this session we will cover the migration planning and deployment path to move an organization from Exchange 2003 or Exchange 2007 to Exchange 2010. http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416708&Culture=en-US
As always - feedback welcome :)
The Exchange team have announced a good webcast coming up next week to discuss recommendations for virtualizing Exchange server and the benefits of choosing Hyper-V + System Center as your virtualization solution. Heres hoping they talk about Exchnage 2010!
TechNet Webcast: Microsoft Virtualization Best Practices for Exchange Server (Level 300)
Wednesday, Nov. 4 at 10am Pacific time - Expect an offline download to be available shortly afterwards
Virtualizing business critical applications will deliver significant customer benefits including cost savings, enhanced business continuity and an agile and efficient management solution. This session will focus on virtualizing Exchange using Microsoft solutions, and guidance for virtualizing Exchange for various Production scenarios. We will go into technical details with best practices.
Burger King have put the massive Windows 7 Whopper onsale in Japan to celebrate the launch of our latest OS. Not sure what to really make of this, not sure I could eat a whole one :)
http://www.burgerkingjapan.co.jp/news/win7.php
Feedback always welcome !
This is it! Windows 7 is generally available today. We have waited and waited, and it is finally here. For all you IT Professional out there, let me highlight the 3 focuses and key innovations introduced in Windows 7 and make these links readily available for you here:
Making people productive anywhere
Making people productive is not that hard. In your office plugging company’s network with a laptop loaded with apps, you can be productive. Making people productive “anywhere” on the other hand is a very challenging effort for IT, facing the mass amount of mobile devices and increasingly complex network computing environment today. The growing numbers of mobile workforce and branch offices are at the same time demanding corporate resources seamlessly available regardless the required infrastructure and organizational boundaries. Two Windows 7 solutions to facilitate remote access are BranchCache and DirectAccess.
Managing risks through enhanced security and control
Security is nothing we need to much justify the need in today’s network computing environment. It is critical, imperative, and all too often costly. From Windows Vista, Windows Vista SP1, to Windows 7, BitLocker has been expanded from a single drive, multiple drives, now to portable media. Windows 7 offers security enhancements enabling a user to secure data from unauthorized access very easily with BitLocker-to-Go, for example. In Windows 7 Explorer, highlight a portable drive, right-click to turn on BitLocker-to-Go. It is that readily available, easy to do, and readable with Windows XP. There is really no reason not to do it since it is so little to do, yet with so much control and so strong protection on data. As a memory stick is now with 32 GB and beyond capacity, BitLocker-to-Go is one very cost-effective way to protect data from unauthorized access. For a large company, BitLocker technology with group policies offers a software based enterprise solution of hard disk encryption. You don’t need to look for a solution and end up a second-best solution. It is in Microsoft Vista and it is much enhanced in Microsoft Windows 7.
In an enterprise environment, software restriction is some of the most difficult enforcements. Not only it needs a mature infrastructure to provide software inventories, metering, and on-going monitoring, but the required an integrated skill sets to develop, test, and manage those software restriction policies are hoard to find, take years to develop, and come with very high costs. Windows 7 and Windows Server 2008 R2 together provide a vehicle that a system administrator can provision policies to deny/allow execution, installation, or usage of target software based on rules defined and enforced by group policies without programming. A complex requirement, for instance allowing task workers to access Office 2007 and later, but not PowerPoint when accessed by contractors, can be done with AppLocker in a few mouse clicking's without any scripting.
Reduce cost by streamlining PC management
Many thought without a direct migration path, i.e. in-place upgrade, from Windows XP to Windows 7, the deployment of Windows 7 may be tedious and tricky process. In fact, Windows 7 offers a number of vehicles making the migration an intuitive and straightforward process. For consumers and small businesses, Easy Transfer makes migrating from Windows XP to Windows 7 absolutely “easy” and, in my view, fun actually. Scanstate and Loadstate, two key utilities in USMT (User State Migration Tools) make a migration process very logical and easy to understand. Hard-Link Migration leaves and remaps data in place and significantly reduces the time needed to place large amount of user data in a typical migration scenario.
In the past two years, with Microsoft’s introduction of virtualization strategies and solutions, there are many options in resolving compatibility issues at an application or OS level while reducing TCO and increasing flexibilities in deploying and managing IT resources in the long run. Specific to Windows XP compatibility issues, Windows 7 Professional and above offer Windows XP Mode (via a free download) with a local virtualization of Windows XP SP3 machine. So those applications developed specific to Windows XP can now essentially run in a Windows 7 environment with a few steps to set up a Windows XP SP3 run-time environment. And Windows XP Mode is designed for small businesses. For large scale deployment, MED-V or Microsoft Enterprise Desktop Virtualization part of MDOP (or Microsoft Desktop Optimization Pack available through Software Assurance program) is the solution to manage local desktop virtualization with the abilities to standardize user experience, virtual machine settings, access control, etc. with policies.
Thanks to Neil Johnson over at MSUKUCC for this cool snippet of PowerShell goodness;
Everyone knows its a good idea to automate your installations of Exchange. It provides a solid, repeatable process by which to deploy your infrastructure – and it takes less time to complete the process – a real win/win!.
One area that I have witnessed repeatedly over the last 12 months or so is organisations automating their OS build and Exchange build, but deploying the Exchange pre-requisites manually. This obviously leads to inconsistencies in the built out environment.
Since Windows Server 2008 we have been able to automate the pre-requisites deployment with “servermanagercmd” and appropriate xml files for each role. However, in Windows Server 2008 R2 this method is deprecated.
Instead of “servermanagercmd” in Server 2008 R2 and SP2 we use a powershell cmdlet “add-windowsfeature”
As a quick example, if you are installing the Client Access, Hub Transport and Mailbox roles onto a single server (and i expect this to be the common 2010 deployment) the following PowerShell commands will take care of the pre-requisites for you…
This is discussed in more detail, including the features required for each specific role here : http://technet.microsoft.com/en-us/library/bb691354(EXCHG.140).aspx#WS08R2
Windows Server 2008 R2 introduces a new command-line utility, DISM, the Deployment Image Servicing and Management tool. One of DISM’s many useful features is the ability to use its edition-servicing commands to upgrade an R2 installation without requiring install media. This is functionally equivalent to Windows Anytime Upgrade in a Windows 7 client install, and can be performed on both an online or offline image, and on both full Server and Server Core installations.
Upgrades using the edition servicing method are quick, and don’t require a full reinstall of the operating system. Deployed roles and features, and other characteristics (machine name, user and admin accounts, etc) are persisted forward. Because the target editions are staged within the image, only the updates necessary to move from edition to the next are applied.
The upgrade options are limited to edition families, and are irreversible – you can’t downgrade once you’ve gone up an edition. Additionally, you can’t move from full Server to Server Core (or vice versa).
The supported upgrade paths are:
· Windows Server 2008 R2 Standard -> Windows Server 2008 R2 Enterprise -> Windows Server 2008 R2 Datacenter
· Windows Server 2008 R2 Standard Server Core -> Windows Server 2008 R2 Enterprise Server Core -> Windows Server 2008 R2 Datacenter Server Core
· Windows Server 2008 R2 Foundation -> Windows Server 2008 R2 Standard
The tool essential for this process, DISM.exe, is included in every installation of Windows Server 2008 R2, and the general usage for online and offline use is documented on TechNet here: http://technet.microsoft.com/en-us/library/dd744380(WS.10).aspx
One scenario that we sometimes use internally is the online upgrading of Hyper-V hosts. If you decide that you want to move from Enterprise’s 4 VM limit to Datacenter’s support for an unlimited number of VMs, you can migrate the VMs to another host, upgrade the old host in less than thirty minutes, and then immediately migrate the VMs back once the process is complete. There’s no need to take the whole server offline or rebuild from scratch.
The syntax for DISM is fairly straightforward. From an elevated command prompt, you can query for the current edition, for possible target editions, and initiate the upgrade. To upgrade, you need to provide a valid 25-character product key for the edition to which you’re upgrading.
To determine the installed edition, run:
DISM /online /Get-CurrentEdition
To check the possible target editions, run:
DISM /online /Get-TargetEditions
Finally, to initiate an upgrade, run:
DISM /online /Set-Edition:<edition ID> /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
So, for example, to upgrade to Windows Server 2008 R2 Datacenter from a downlevel edition, you would run:
DISM /online /Set-Edition:ServerDatacenter /productkey:ABCDE-ABCDE-ABCDE-ABCDE-ABCDE
After running the /Set-Edition command, DISM will prepare the operating system for the edition servicing operation, then reboot twice while it applies the changes to the operating system. After the final reboot, you’ll be running the new edition!
It seems currently there are so many different versions of Windows/Active Directory we can all easily get confused to what Exchange Server version is supported on which OS/Active Directory.Luckily there is a support matrix that explains this very clearly!
Below is a screenshot of the Active Directory Support Matrix (Double click below to see the full matrix)
On this page there is information for Support Matrix:
Exchange Server Supportability Matrix: http://technet.microsoft.com/en-us/library/ee338574.aspx
Mitch Irsfeld posted a blog entry talking about a new tool called Disk2vhd from Sysinternals which sounds like it could prove to be a really useful tool.
From the Disk2vhd page:
Disk2vhd is a utility that creates VHD (Virtual Hard Disk - Microsoft’s Virtual Machine disk format) versions of physical disks for use in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs). The difference between Disk2vhd and other physical-to-virtual tools is that you can run Disk2vhd on a system that’s online. Disk2vhd uses Windows’ Volume Snapshot capability, introduced in Windows XP, to create consistent point-in-time snapshots of the volumes you want to include in a conversion. You can even have Disk2vhd create the VHDs on local volumes, even ones being converted (though performance is better when the VHD is on a disk different than ones being converted).
Somehow, in all the other activities of the last couple of weeks I missed the release of Microsoft Security Essentials which is our FREE* anti-virus / anti-malware product aimed at home users. (We have the more business oriented Forefront Client Security as well). My experience with it has been too limited to date to offer much commentary on it: however – since this blog is read mostly by people who work around computers the reason for writing about it is to say this: we all have a friend or family member who doesn’t protect their PC. The availability of software from Microsoft which plugs the gap and is FREE* gives you a chance help them.
Over on the Malware protection center blog Joe has posted an analysis of what it unearthed in its first live week. We’ve had 1.5million downloads, and found 4 million infections on 0.5 million computers. That’s right the average infected computer has eight different infections. I’ve seen numbers like that before and find it a bit unnerving , because there is a long tail effect: lots of machines are clean, some have one or two infections, the average for an infected machine is 8 and beyond that – there are some out there with dozens upon dozens.
Joe breaks down the reports by country: US has the most reports at 25%, then Brazil and China at 17% each the UK only has 2% of the reports. I don’t know if it is because we have fewer installations here or if our PCs are better protected. Unfortunately it is only infection reports which are broken down by country, not downloads or installations. But Joe does break installations down by OS. 44% is Windows 7, 23% Vista and 33% XP. We haven’t even launched 7 properly and it is 44% of the downloads. My guess is that people who are trying out a new OS are keener than the population at large to try new anti-malware from the same source. The final chart Joe has put up shows the ratio of infections per OS – when he says normalized, I’m assuming that means Vista numbers are scaled up and Windows 7 scaled down so they both represent infection rates on a equal number of computers. XP is more than 3 times more likely to have an infection than 7. This isn’t entirely because 7 is better – it will be a newer installation so XP will have had more chances to get infected. XP infections rates are 60% higher than Vista’s. But 7 is running at about half Vista’s rate. As time passes it will be interesting to see how close 7 and Vista end up and how far behind XP lags. I’ve got a hunch that the numbers will change as they move away from people installing the software because they think their PC might be infected and finding something on the first run.
*As it says on the web site Your PC must run genuine Windows to install Microsoft Security Essentials or put another way, if you stole the OS, you’re going to have to figure out how to steal software to protect it.
Let me know what you think!
With the excitement around the public release of Windows 7 this week, I’m getting lots of questions about the best way to upgrade systems from Windows XP to Windows 7. Here are the best options:
Easy Transfer – a great tool for end users to migrate their data, settings, preferences, favorites, etc. Note that there is a new version of Easy Transfer for Windows 7. It is much faster than the first version, written for Windows Vista. Easy Transfer is included on the Windows 7 DVD, but you may also download it from this web site - http://windows.microsoft.com/en-us/windows7/products/features/windows-easy-transfer
USMT – User State Migration Tool – this tool is recommended for an IT Pro to use for migrating other users. USMT is part of the Microsoft Deployment Toolkit (MDT)
http://technet.microsoft.com/en-us/windows/dd671583.aspx
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=2274c6c3-bc26-45d5-a32c-f6f44f980518 – (download the video here)
http://edge.technet.com/Media/User-State-Migration-with-Windows-7/
MDT – Microsoft Deployment Toolkit –
MDT is the recommended process and set of tools for automating desktop and server deployment. You can do an automated “Light Touch” installation by using MDT and the tools included in Windows Server 2008. If you add System Center Configuration Manager to the mix, you can do a totally automated “Zero Touch” installation of Windows 7 – or any software application.
http://www.microsoft.com/downloads/details.aspx?DisplayLang=en&FamilyID=3bd8561f-77ac-4400-a0c1-fe871c461a89
Hope this helps