To return to part 1 click here
Below are the 5 different types of connectors that we can modify the limits on for Exchange 2007 and the ways to do it using the Exchange Management Shell (EMS). The default settings are listed in the brackets.
Set-ForeignConnector –MaxMessageSize <Unlimited>
Set-ReceiveConnector -MaxHeaderSize <64KB> -MaxMessageSize <10MB> -MaxReceipientsPerMessage <200>
Set-SendConnector -MaxMessageSize <10MB>
Set-AdSiteLink -MaxMessageSize <Unlimited>
Set-RoutingGroupConnector -MaxMessageSize <Unlimited>
To modify the Receive connectors we can do this via the Exchange Management Console (EMC) as well.
And these are the results of using Get-ReceiveConnector
You can also set limits on the users as well. Below are the 5 different types that you can modify as well as their default settings in brackets. As you can see, by default, we don’t limit the send or receive size at all at the user scope.
Set-DistributionGroup -MaxReceiveSize, -MaxSendSize <Unlimited>
Set-DynamicDistributionGroup -MaxReceiveSize, -MaxSendSize <Unlimited>
Set-Mailbox -MaxReceiveSize, -MaxSendSize, -MaxRecipientPerMessage <Unlimited>
Set-MailPublicFolder -MaxReceiveSize, -MaxSendSize <Unlimited>
Set-MailUser -MaxReceiveSize, –MaxSendSize <Unlimited>
You can also view this configuration in the console. Isn’t it nice that we can do this without having to open up the ADU&C anymore?
Next: Part 8 - Setting Recipient Policies
In Exchange 2003, you would customize the message size restrictions for the organization, a specific connector, a specific virtual server, and an individual user.
For the organization, you would modify the size limits at the properties Message Delivery section under the Organization container in the Exchange System Manager (ESM). Below you see the defaults for the sending and receiving size limits and the recipient limits.
For a specific connector, you would use the ESM to view the properties on the connector. Below you can see the default for allowed message size is not set. This is usually a good idea.
At the server level this is set at the virtual server at the SMTP level. Again, below are the defaults.
And then you can also make limits at the user level as well. This could be done from the Active Directory Users and Computers (ADU&C).
Now lets talk about Exchange 2007…
In Exchange 2007, the size limits that are available for individual messages can be divided into the following basic categories:
These limits apply to the total size of all message header fields that are present in a message. The size of the message body or attachments is not considered. Because the header fields are plain text, the size of the header is determined by the number of characters in each header field, and by the total number of header fields. Each character of text consumes 1 byte.
Some third-party firewalls or proxy servers apply their own message header size limits. These third-party firewalls or proxy servers may have difficulty processing messages that contain attachment file names that are greater than 50 characters, or attachment file names that contain non-US-ASCII characters.
These limits apply to the total size of a message. This includes the message header, the message body, and any attachments. Message size limits may be imposed on incoming messages or outgoing messages. For internal message flow, Exchange 2007 uses the custom X-MS-Exchange-Organization-OriginalSize: message header to record the original message size of the message as it enters the Exchange 2007 organization. Whenever the message is checked against the specified message size limits, the lower value of either the current message size or the original message size header is used. The size of the message can change because of content conversion, encoding, and agent processing.
These limits apply to the maximum allowed size of a single attachment within a message. The message may contain many attachments that greatly increase the overall size of the message. However, an attachment size limit would apply to the size of an individual attachment only.
These limits apply to the total number of message recipients. When a message is first composed, the recipients exist in the To:, Cc:, and Bcc: header fields. When the message is submitted for delivery, the message recipients are converted into RCPT TO: entries in the message envelope. A distribution group is counted as a single recipient during message submission.
In Exchange 2007, the scope of the limits that are available for individual messages can be divided into the following basic categories:
These limits apply to all Hub Transport servers that exist in the organization.
These limits apply to all Exchange 2007 servers that exist in the organization. The specified message limits apply to all Exchange 2007 servers that have the Hub Transport server role installed. On an Edge Transport server, the specified limits apply to the specific server.
These limits apply to all Exchange 2007 and Exchange Server 2003 servers that exist in the organization. The global message limits are stored in the Active Directory directory service. In the release to manufacturing (RTM) version of Microsoft Exchange Server 2007, it is common for the organization limits and the global limits to conflict. When the organizational limits and the global message limits conflict, the lowest value takes precedence. In Exchange 2007 RTM, you must use Exchange System Manager on an Exchange 2003 server or the Active Directory Service Interfaces (ADSI) Edit tool to modify global message limits. For more information, see How to Modify Exchange 2003 Global Message Size Limits in Exchange 2007 RTM. In Microsoft Exchange Server 2007 Service Pack 1 (SP1), the condition that cause the organization limits and the global limits to conflict has been eliminated. Changes that you make to the organizational limits are automatically copied to the corresponding global limits. In Exchange 2007 SP1, you can modify the organizational limits by using the Set-TransportConfig cmdlet in the Exchange Management Shell, or by configuring the Hub Transport server organization configuration properties in the Exchange Management Console.
These limits apply to any messages that use the specified Send connector, Receive connector, or Foreign connector for message delivery. Connectors are defined on Hub Transport servers or Edge Transport servers. In Exchange 2007 SP1, you can also set message size limits on the following types of connections: AD Sitelinks and RGCs.
These limits apply to a specific Hub Transport server.
These limits apply to a specific Hub Transport server or Edge Transport server. The specified message limits are not stored in the Active Directory directory service. You can set the specified message limits independently on each Hub Transport server or Edge Transport server. Message size limits can also be apply to Microsoft Office Outlook Web Access on a Client Access server.
These limits apply to a specific user object, such as a mailbox, contact, distribution group, or public folder.
So let’s talk about setting the Organizational settings on Exchange 2007.
To set the configuration of the limits for the organization you can do this in the shell or the console
By default the settings for the Receive and Send limits are 10MB, the max recipient limit is 5000 and there is no limit on the attachment size.
Using Set-TransportConfig we see:
–-MaxReceiveSize <10MB>
–-MaxSendSize <10MB>
–-MaxRecipientEnvelopeLimit <5000>
–-AttachmentSizeOver <none>
Let see the Setting in the console. Notice that to do this we go to the global settings of the hub transport.
And here are the settings from the shell using Get-TransportConfig
As I said earlier, the distinction between the global and organizational settings are gone now in SP1, and I will show this to you.
Here I did a Set-TransportConfig and changed the max receive size to 20 MB.
Looking at the change in the console…
Now in order for this change to work in 2003 we need this to be written to the AD for the 2003 attribute as well. And here we see that it has.
And here it shows up in the 2003 ESM as well.
So, the Global and Organizational scope are now the same in Exchange 2007 SP1.
Next: Part 7 – Setting Connector Limits and User Limits.
Now that we have looked at how to configure Attachment filtering, lets look at how to configure Connection Filtering in Exchange 2007.
Using the Exchange Management Console (EMC) against a Edge server, we can enable or disable filters by looking at the Anti-spam tab on the server, and right clicking on the filter.
To do this via the Exchange Management Shell use Set-IPAllowListConfig.
Now it shows up in the EMC as disabled.
That is how you disable and enable the lists. To configure them you can do this by choosing properties after right clicking on the particular one you want to do it on.
To do this in EMS use Set-IPBlockListConfig, Set-IPAllowListConfig, etc.
You can install the anti-spam agents on the Hub Transport server role by using the Install-AntiSpamAgents.ps1 script and restarting the MSExchangeTransport Service. This script is located in the %system drive%/Program Files/Microsoft/Exchange Server/Scripts folder.
After you run this script, the following anti-spam agents are installed and enabled:
–Connection filtering
–Content filtering
–Sender ID
–Sender filtering
–Recipient filtering
–Sender reputation
Notice anything missing? Attachment Filtering is only available on Edge. But, Forefront can do this as well on a Hub Server.
Also, after running the script, the Anti-spam tab is available in the Exchange Management Console for Hub Transport servers. We recommend that you install the anti-spam agents if you select a topology that does not include an Edge Transport server so that the Hub Transport server can provide anti-spam protection for the Exchange organization.
More information can be found here: http://msexchangeteam.com/archive/2008/06/23/449070.aspx
Next: Part 6 - Message size restrictions.
In Exchange 2003 we had many tools provided to help eliminate spam. Some are Intelligent Message Filtering, Connection Filtering, and Sender ID. As you can see below they are all configurable in the ESM on the Message Delivery Properties.
In Exchange 2007 these tools are still there as well as new ones like Anti-Spam Stamps. These are viewable in Outlook 2007 by looking at the message options. The lien X-MS-Exchange-Organization-Antispam-Report is the line that you want.
Attachment filtering is something new in Exchange 2007. This is one of the few things that can not be managed via the Exchange Management Console (EMC) and can only be done via the Exchange Management Shell (EMS). It is enabled by default on servers that have the Edge role installed. You can determine this by using the Get-TransportAgent cmdlet.
In order to see the current settings you would use Get-AttachmentFilterEntry. You would use the Type and Name fields if you wanted to make a change to those as we will see later.
To add a new attachment filter that filters e-mail attachments that have a specific MIME content type, use the following command:
Add-AttachmentFilterEntry -Name <MIMEContentType> -Type ContentType
In the example below we are filtering all JPEG images.
In the next example we are filtering all files by File name (using type FILENAME) and blocking all files that have the extension “.mov”.
And in the 3rd example we are blocking a particular file by name. In this case a file named “virus.ppt”.
To remove the filters, we use Remove-AttachmentFilterEntry and the type:name. Here we are getting rid of the filter for “virus.ppt”.
Now what we do when we match the filter is called the action. Below we used Get-AttachmentFilterListConfig to see the settings. Our action here is to Reject the message and issue an NDR to the user with a reject message: “Message rejected due to unacceptable attachments.”
You could set an action to strip the attachment or to silently delete it.
Using the Set-AttachmentFilterListConfig command we are setting the action to strip the attachment.
Next: Part 5 – More Anti-Spam Configuration in 2007
In Part 2, we discussed how to synchronize the hierarchy or Public Folders. But, that does nothing for the content. Sometimes there may be a need to stop the or start the replication of Public Folder content. When? Well, hopefully, you won’t need to do it, but there are times when you might have what we call a Public Folder storm. That is when massive replication might be happening because of a client deleting a huge portion of your content or a large number of changes were made that would trigger this.
In Exchange 2003, to stop all replication of content in your organization, you would right click on the Organization container and choose the option you wanted.
This stops it… This starts it…
In Exchange 2007, this can only be done via the EMS. There is no way to do this from the GUI. To stop it you would use Suspend-PublicFolderReplication.
To Resume Public Folder Replication… Wait for it… You would use… Resume-PublicFolderReplication! Surprise!
Next: Part 4 - Anti-Spam Configuration in 2003 vs. 2007 (Fixed...)
In Exchange 2003 Service Pack 2 (SP2), you used the Synchronize Hierarchy command to synchronize the public folder hierarchy on an Exchange 2003 server with the other servers in your organization.
In the ESM you would right click on the Public Folders container and choose “Synchronize Hierarchy”.
Exchange 2007 uses the Update-PublicFolderHierarchy cmdlet to synchronize the public folder hierarchy.
Performing this procedure only allows the Exchange server to begin any outstanding replication actions. The process may take several hours to complete. Because factors not controlled by replication can prevent the hierarchy from becoming immediately synchronized, performing this procedure does not ensure that the public folder hierarchy will be completely synchronized.
This procedure only updates the public folder hierarchy. It does not update public folder content.
To do this from the GUI, in the EMC, open the Public Folder Management Console from the Toolbox:
Once that is open, right click on Public Folders and choose “Update Hierarchy”
Optionally, you can do this from the EMS. Update-PublicFolderHierarchy -Server <ServerIdParameter>
Next: Part 3 – Stop or stop Public Folder replication in 2003 vs. 2007
A while ago I ran across an article by Andrea Fowler on TechNet entitled: Then and Now: Comparing Management Tasks in Exchange Server 2003 and Exchange Server 2007.
This lead to me creating a presentation for my customer on this. Normally a lot of the work that I have done for my customers ends up here on this blog. I took a break from posting here because of the cool stuff that I wanted to post here was not public yet and required to much effort to decide what could and couldn’t be shared. But this is all public information so lets get started…
In Exchange 2003, you used the Exchange Administration Delegation wizard to grant administrative permissions to a user or group.
The old way from the ESM (Exchange System Manager):
You had 3 options (Exchange Full Administrator, Exchange Administrator, and Exchange View Only Administrator):
Exchange 2007 provides the ability for Exchange administrators to delegate administrative and management responsibility for a server to an individual or group of individuals when it operates in a distributed operations management scenario.
You can do it from the EMC (Exchange Management Console):
Or you can do it from the EMS (Exchange Management Shell) using Add-ExchangeAdministrator
-Identity <SecurityPrincipalIdParameter>
-Role <OrgAdmin | RecipientAdmin | ServerAdmin | ViewOnlyAdmin | PublicFolderAdmin>
[-Scope <String>]
This example below gives the user with the alias JSnake the role of Exchange Server Administrator on the server TestHub01.
Whoa… 5 choices for administrator roles? Cool. What do they mean?
Exchange Organization Administrators role have the highest level of permissions in the Exchange organization. All tasks that affect your whole Exchange organization will require membership in this group. Examples of tasks that require Exchange Organization Administrator permissions include creating or deleting connectors, changing server policies, and changing any global configuration settings.
Users who are members of the Exchange Recipient Administrators role will not have permissions to Domains where Setup /PrepareDomain has not been run. When you add a new Exchange domain, make sure that you run Setup /PrepareDomain in the new domain to grant permissions to the Exchange administrator roles in that domain.
The Exchange Server Administrators role has access to only local server Exchange configuration data, either in the Active Directory or on the physical computer on which Exchange 2007 is installed. Users who are members of the Exchange Server Administrators role have permissions to administer a particular server, but do not have permissions to perform operations that have global impact in the Exchange organization.
The Exchange View-Only Administrators role has read-only access to the whole Exchange organization tree in the Active Directory configuration container, and read-only access to all the Windows domain containers that have Exchange recipients.
The Exchange Public Folder Administrators role has administrative permissions to manage all the public folders. This administrator role is granted the "Create top level public folder" extended right. Members of this role can create and delete public folders, and manage public folder settings such as replicas, quotas, age limits, administrative permissions, and client permissions. This administrator role can mail-enable public folders, but it cannot modify mail recipient-related properties on public folders, such as proxy addresses. That capability requires membership in the Exchange Recipient Administrators role.
The table above tells you the different roles and the members of them as well as their permissions.
Next: Part 2 – Synchronizing Public Folder hierarchy replication in 2003 vs. 2007
I first saw this nearly a year ago? Almost every person I know who has seen this thinks that this should be one of our TV commercials. It shows how our products all work together and how this company is in people's life. I like it. Maybe you will as well.
There are a number of switches that can be used for getting the Active Directory ready for the installation of Exchange 2007. The switches for preparing the AD can be found at http://technet.microsoft.com/en-us/library/bb125224.aspx
As you can see they are:
/PrepareLegacyExchangePermissions or /pl
/PrepareSchema or /ps
/PrepareAD or /p
/PrepareDomain or /pd
/PrepareAllDomains or /pad
Why would you care about all of these switches?
Well if your Exchange organization is in simple and only has one AD site, Domain, and Forest and your account is a member of the Schema Admins group and the Enterprise Admin group, and has the Exchange Full Administrator role assigned to it, then you may not need to know the switches. But if you have multiple domains, administrators and sites, then knowing the switches may be helpful for you.
/PrepareLegacyExchangePermissions
When would I run /PrepareLegacyExchangePermissions?
This is a necessity if you are currently running Exchange 2003 or 2000. With Exchange 2007 there is a new role called “Exchange Recipient Administrators”. Accounts that have this role can now modify Exchange attributes on user accounts. The Recipient Update Service in Exchange 2000/2003 however runs under the Exchange localSystem account that the server and we need to give the right amount of permissions to those accounts in order for the RUS to be able to still do its job. Since the Exchange 200X servers run under an account that is a member of the Exchange Enterprise Servers group we make the modifications there. That is the reason for this switch.
What are the permissions necessary to run this?
The account running this must have Enterprise Admins permissions so that it can contact every domain in the Forest. It makes the modifications forest wide.
If you run /PrepareAD or /PrepareSchema we do all of the actions included in /PrepareLegacyExchangePermissions so it may not be necessary to run /PrepareLegacyExchangePermissions in some cases.
/PrepareSchema
What does /PrepareSchema do?
This command will import the schema changes for Exchange 2007, 2003, and 2000. Manually importing the ldf files is not supported and this has to be done via setup. This will also do the actions included in /PrepareLegacyExchangePermissions. If you run /PrepareAD the actions in /PrepareSchema are done as well.
/PrepareAD
What does /PrepareAD do?
This is the big one. This is the one switch that does all of the steps so far described and more. This one also creates containers in the AD, verifies schema updates, assigns needed permissions, creates Security Groups, the FYDIBOHF23SPDLT Administrative Group, the DWBGZMFD01QNBJR Routing Group, and prepares the local domain (/PrepareDomain).
What permissions are needed to run /PrepareAD?
You must run this as the member of the Enterprise Admins Group.
Where should this be run?
It must be run from a machine that is in the same Domain and Site as the Schema Master. That machine must also have LDAP access (port 389) to all domains in the forest.
/PrepareDomain and /PrepareAllDomains
What does /PrepareDomain and /PrepareAllDomains do?
Do you remember what /DomainPrep did in Exchange 2003? This is very similar to what that did in that it handles the things that need to be done at the Domain level. This includes granting permissions, creating containers, and creating Groups. This needs to be done in each domain that will host Exchange servers or mail-enabled objects. Domain Admins will need to run this in each of those domains. If you are running this as Enterprise Admin however, you can run the /PrepareAllDomains and do all of the domains in one shot.
Ok, that is a lot of information. Can you give me a quick rundown of what I need to do?
Sure. Do you have a single forest, domain, site? OK, run the setup from the GUI and you should be fine. Do you have multiple Domains? Ok, then run /PrepareAD for the forest and /PrepareDomain for any other domains (or /PrepareAllDomains).
Sources:
White Paper: Preparing Active Directory for Exchange 2007
http://technet.microsoft.com/en-us/library/bb288907.aspx
Preparing Legacy Exchange Permissions
http://technet.microsoft.com/en-us/library/aa997914.aspx
How to Prepare Active Directory and Domains
http://technet.microsoft.com/en-us/library/bb125224.aspx
After spending some time thinking about the question regarding whether you should deploy Exchange 2007 SP1 on Windows Server 2003 or Windows Server 2008, I decided to do some more research on it.
I came up with the table below and I am including the public sources of my information as well. In short, using Windows 2008 could provide a faster migration experience as well as performance improvements. I am actually preferring Windows 2008 now. Hopefully this will help you in your decision.
This is not by any means a complete list of all of the benefits of going to Windows 2008. This is only what I have found publicly so far as Exchange 2007 SP1 goes. As I spend more and more time with Windows 2008 I am really liking it. I like the new interface for managing roles and features a lot.
Sources of material:
I wanted to test out the installation of Exchange 2007 SP1 on a Windows 2008 server. Since you can get the RC0 version of Windows 2008 as well as the Exchange 2007 SP1 bits from Microsoft, it couldn’t hurt to try them out now. You can get the Release Candidate of Windows 2008 from here and the full install of Exchange 2007 SP1 from here.
I did all of this via Virtual Server 2005. Oh yeah, you can download that as well here. Because of that I wanted to see if I could do a 32 bit install of Windows 2008 and then install the 32 bit version of Exchange 2007 SP1. I am happy to say that it works.
For the installation of Windows Server 2008 you will need to install the Full version (not the core). Once that is installed into a domain, you can then install the necessary Windows components for Exchange 2007 SP1 by creating an XML file and using the ServerManagerCmd to install them. Paul Bowden wrote about this at “Running Exchange with Windows Server 2008” and I have to say that this is so much easier than doing the mind numbing “Add or Remove Programs”, “Add/Remove Windows Components”, install IIS, install Powershell, get your CD for SP2, etc. The contents of the .XML file can be found here:
After restarting the server I extracted the E2K7SP1EN32.exe to c:\Exchange and from a command prompt ran “C:\exchange\setup.com /m:install /r:m”. After a few minutes I had a working Exchange 2007 mailbox server running. Do you remember how quickly you could install Exchange 5.5? This reminded me a lot of that. If you want to learn about the setup.com switches you can run “setup.com /help” or you can read more here.
Now it did go faster since I already had Exchange 2007 SP1 installed in my lab, so that means I had the schema already modified. Also, I only did the Mailbox role install with no clustering or anything else. Oh, and let’s be clear that everything I did up above is not supported in a production environment. This is only for testing.
Whew! You finally got Exchange 5.5 out of the picture and are now are focused on getting Exchange 2007 into your environment. You have taken a good hard look at How to Prepare Active Directory and Domains and are sure that you are ready to prepare the AD for Exchange. But... You don't have a single Windows machine running x64. You have read all of the warnings on running the 32-bit version Exchange 2007 in production. You aren't looking to install Exchange, just prepare the schema. Can you use the 32-bit version for that?
Yes, you can. There are two instances in which you can use the 32-bit code in production and this is one of them. Specifically, at Exchange Server 2007- Platforms, Editions, and Versions you will find:
"You can use the 32-bit version in production to extend your Active Directory directory service schema."
Interestingly, Scott Schnoll's mentions more about this on his blog: Exchange 2007: Platforms, Editions, Product Keys and Versions. If you notice the similarities between the two articles with the similar titles, that might be because Scott is a Technical Writer for the Exchange team. :)
A customer of mine mentioned that they were told by a vendor that Microsoft recommends that Exchange databases should not be more than 200 GB. I was not aware of this being a recommendation by us. Then I found the following link:
Planning Disk Storage
There we do say the following: "Because the maximum recommended database size in a CCR environment is 200 GB, the server should host no more than 180 mailboxes per database."
That 200 GB recommended limit is only on servers that are doing CCR. The 180 mailboxes limit was based on each mailbox having 1 GB limits. We actually recommend that you not have database larger then 50 GB. In fact, if you run one of the Microsoft Exchange Server Analyzer tools we will may throw a warning if the server has databases that are 100 GB in size:
The Exchange Database exceeds 100 GB in size
We still have a 16 TB limit on the size of an Exchange database, but we don't recommend that you have databases that large if you need to backup and recover them in a timely manner. Maybe a company's SLA, hardware and architecture allows you to run larger databases. We however have found that most companies prefer to be able to get there databases recovered in a timely manner, so 50 GB might be the largest that they can handle.
Be sure to consider how long it would take to backup, restore, or run maintenance on your databases before letting them grow to an unmanageable size.
I changed the title of this blog. It used to be "A day in the life of an Advisory Support Engineer", but that didn't fit. First of all, my job title changes so often, that I shouldn't even keep that in the title of a blog. The other problem is that there is no way that I could post every day, since it isn't my job to do that. So... I decided to change the title to what my wife says when she gets asked what I do for work: "He keeps large company's email running." It seems more fitting.
My title actually is now Dedicated Support Engineer (DSE). I also am now part of the Premier Field Engineering (PFE) group.
First of all, let me state the obvious. I work for Microsoft. Being that is the case, you can assume right away that I have a somewhat positive opinion about the company. And you would be correct. I like this company and its products. Maybe that isn't as resoundingly positive as Steve Ballmer and his statement: "I LOVE THIS COMPANY!!!", but love is such a strong feeling. For me, I can say I like this company. That still is pretty good. It is not my religion and my family comes before my job. Microsoft fits in there somewhere after those two on my list of things I love or like.
So when I you read a review from me about a competitor, you might assume right away that I am going to eventually come out on the side of Microsoft. But you would be wrong. There are many competitor’s products that I think are top-notch. I speak with my money. If I owned a company and needed a product, I would not automatically buy all Microsoft products. I would buy the best product for my company. I am not zealot or fanatic. And that is sort of what my whole experience with Apple taught me.
Years ago when the iMac G5 came out with the 20 inch flat screen, my wife was needing a new computer. She primarily uses the computer for iTunes, Web browsing, IM and Spider Solitaire.
I was traveling at the time that the new iMac came out and I was really impressed with the design. So partially as a way to get a good look at the machine myself, I went ahead and got one for my wife.
Of course, as any good geek would do, the first thing I did was open the case. What a thing of beauty this was. I have built my share of computers before and I was very impressed with the thought that went into this. Even unpacking it was a delight. The list of things that really impressed me have been lost in the mire of my mind over time, but I remember some of them like the screws were really small and yet could not be lost. Or, the way that the cable went through the hole in the stand. Or, the way that the batteries for the keyboard were very easy to find when you opened the box they came in. I mean, there were a lot of good ideas in the design of the machine and although I can’t remember them all, I do remember thinking how great a deal I felt I had made in purchasing it. Those who know me at work, or even my customers, were bound to hear me tell them about the beauty of the iMac. I really liked it.
When my wife got the computer she was amazed that I did this because of who I am, but she liked the computer. It fit nice on her desk. I bought her the Bluetooth Apple mouse and keyboard and the wireless NIC that was built-in to the motherboard. It had 1 wire coming out the back. Very smooth and pretty.
The first thing that I had to do (so that I would not feel too guilty about buying this as a Microsoft employee) was to get Virtual PC running with Windows XP on it for her. That way she could run certain programs that only ran in Windows. Over the next couple of years I had to reinstall this probably 3-4 more times since the virtual hard disk (VHD) would get corrupt somehow. It probably was my fault because of virus scanning software on the iMac or something like that, but it really did not matter that much anyways because the extra steps it took to get to Windows, were extra steps that my wife did not have to take when she was on her old computer. It rarely got used. That should have been the first sign, but there were other issues as well.
My wife’s main complaints were:
I fixed complaint number 1 by buying a Microsoft mouse. I tried to fix number 2 by showing her how to play Spider Solitaire in Virtual PC, but that wasn't successful since that took too long to start up and get to the game. Number 3 - Well, that was just going to take some time...
Overall she seemed happy for a while.
Then the hardware failed on us. It started off with the mouse not working unless we rebooted the iMac. We tried other mice. We tried reducing the number of USB devices. Nothing seemed to work.
Then the screen stopped working. It looked like I was going to have to go to the Apple store. Now, the only Apple store in the town I live in is also in the only Mall that I can't afford to shop at. This should have been a big warning sign, but it wasn't. I pull up in my mini-van and lug this 20 inch iMac around the mall until I get to the store. I got a decent number of stares.
This was my first trip to the "Genius Bar." I've talked about arrogance before on this blog. But let me tell you something... I'm smart, but I would feel really silly working at a place called the "Genius Bar". So after spending some time standing there with this large monitor, a "Genius" walks up to me and asks if I have signed in. "No", I told him. "Well if you want to get some help tonight you should." He shows me the tiny laptop on a table and I finally figure out what is needed to get signed in. My name pops up on a big screen for the whole store to see and he says: "Are you Gerod?"... Brilliant.
Turns out that the whole motherboard needed to be replaced. No charge. We'll call you when it is available. A week later, I get to lug the 20 inch computer back through the mall to my mini-van.
A little time passes and the thing wont boot at all. "Uh oh... Sounds like a power supply," I think. I know that this is not my fault since no other devices that were plugged into my UPS are experiencing any issues. Dreading the walk back through the mall, I do what any self respecting geek does when a power supply on his computer goes bad: I look on-line for a place to buy one. Tough luck there pal.
So I load the iMac back in the minivan, walk through the mall and sign in on the tiny laptop again. Soon a “Genius” comes up to me and asks if he can assist. “I think that the power supply is bad on this,” I tell him. “We’ll see about that,” the “Genius” kindly replies. He takes that back off of the computer and smells the power supply. “It doesn’t smell like it is bad…” He plugs the cord in. Nothing happens. About 5-10 minutes passes and he agrees with me. The power supply is bad. He checks their inventory and tells me that I am in luck since they have one left. He plugs the new one in. We wait. Now we smell something. After fiddling with the power supply some more, it turns out that the new one was bad as well. Oh well, it happens. I leave it there knowing the drill by now.
I come back later after everything is working again. When I leave the “Genius” tells me that there will be no charge this time, but I better get it on a surge protector. I explain to him that I purchased a brand new UPS for this machine, because of how expensive it was, when I bought it and that I don’t believe that the UPS is the problem. He tells me he understands, but that next time this happens Apple will probably have to charge me. He then mentions that if I had bought the AppleCare plan when I bought the iMac then they would continue to replace the bad parts. I tell him that I would be happy to buy AppleCare and that he should sign me up. He then tells me that you have to buy it when you buy the computer. Hmm… Well, that would have been nice to know. I leave less than a happy customer.
Just in case this happened again, I decided to buy another brand new UPS for the iMac. In my house there are never enough UPSes, you know? Turns out that it made no difference. The iMac stops working again. Knowing better than to do anything else, I drag the iMac to the “Genius Bar” again. This time my wife has had it. I mean, I had enough when I couldn’t fix it myself, but now she is tired of having the thing in the shop, plus I’m sure she is also tired of hearing me complain about having to go to the Apple store all the time.
I load the thing in the minivan again, walk though the overpriced mall, sign into the tiny laptop and wait for the next “Genius”. I then ask to speak to the manager. A nice lady asks me what the problem is. I ask her if I can get my money back. No. I ask her if there is a trade in program. No. I ask her what options I have. I am ready to sell the thing and I can’t sell it in its current condition. She tells me that they will fix it this one last time. I mention to her that she would be better off not asking me if I have AppleCare. She doesn’t. They replace the power supply again on the thing and I take it home one last time.
In the end, I sold the iMac to a college student who needed it for a Graphic Arts class. I took the money from that sale and bought a brand new Dell for my wife with a 19 inch monitor. The price that I sold the 2 year old iMac for was the same price that I bought the Dell for, so I broke even. I can’t imagine what I would get for a 2 year old Dell, and I suppose something has to be said for its resell value. But I suppose the same could be said for any high priced item as well.
It was then that I realized what I didn’t like about the whole “Apple” experience. It has an air about it that doesn’t fit with me. Now, I appreciate good service. I try my best to not go to one of the largest retail chains in the US, not because I consider myself too good for it, but because I hate waiting in line to give my money away. So I pay a little more to get better service. But, I can still get what I want there without paying too much for it. Dell computers are well built. They get deals with their partners to load a lot of software on them and I spend 2 hours uninstalling everything once I buy a computer from them, but that is my choice. If I wanted to, I could pay a little more and get a clean machine without the discounts as well. In the end I would still pay less for a machine and I would be happy with it.
This my opinion: Dell and Microsoft are like the large retail chains. (I am purposely not mentioning names here.) They deliver good products at very reasonable prices. Apple is like those stores in the mall I don’t visit. The products might be exactly the same, but you just seem to pay more.
Some zealots will say: “You get what you pay for”. But do you really? Or are you just paying more? The large thick line that used to separate the Apple PCs and the others has gotten a lot thinner now that they are on Intel hardware, now that you can load Windows on them, now that you can use Microsoft mice on them. Will you continue to pay more when the “Apple-ness” is gone? Maybe. There is a reason why the malls I don’t go to are still in business. Some people really like to shop there.
OK, I have digressed. In the end all ended well. My wife is playing Spider Solitaire again. She has her “Start” button back. Her mouse works the way she likes. She is enjoying Internet Explorer 7 and all its new features.
And someday… She will have Vista. When she asks for it J
Now if only I could get her iTunes to stop crashing. Perhaps she could use a Zune?
There has been a decent amount of chatter externally about this, so I was very glad that we finally got this article written:
932599 You can no longer mount any of the Exchange databases after you apply hotfix 926666 to a computer that is running Exchange Server 2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;932599
Since this issue has to do with permissions that are added to the Organization level and to the Administrative Group level, I recommend that you test the install of the 926666 patch on one machine in your Organization prior to rolling it out across all machines. After that you can test on one machine in the other AGs as well. If no problems occur after that testing, you will probably be safe from this issue on the other servers as well.
There are two possible reasons for this happening: BUILTIN accounts incorrectly added to permissions or duplicate accounts showing up. We have workarounds currently to resolve both of these issues as well as a hotfix in the works (for the duplicate accounts) that is not yet released. The issue with the BUILTIN accounts being added to the permissions is “by design” and will require you to follow the workaround.
You will know you have this issue if you see the following events after the databases don't mount:
Event Source: MSExchangeIS Event ID: 9519 Description: Error 0x89a ...
-and-
Event Source: MSExchangeIS Event ID: 9518 Description: Error 0x89a ...
I am recommending to my customers that they not install the Windows patches for DST 2007 available at http://support.microsoft.com/kb/928388 until later. If you read http://office.microsoft.com/en-us/outlook/HA102086071033.aspx you will see the following:
"Microsoft has incorporated a new feature into Microsoft Office Outlook 2007 to help adjust calendar items affected by time zone changes. For other releases of Outlook, Microsoft will release an Outlook Data Update tool. This tool is tentatively scheduled for release in January 2007; this content will be updated when it is available."
That tool (Outlook Data Update) is not out yet (1/19/2007). If you deploy the Windows DST 2007 patches and don't have the tool to update your appointments you may see appointments that seem to be incorrect. For now, I would wait until that tool is out. Also, we will have more information available at that time.
More information in general about DST 2007 can be found at:
http://www.microsoft.com/windows/timezone/dst2007.mspx
http://support.microsoft.com/gp/dst
http://support.microsoft.com/kb/928388
What functionality would you lose if you ran Outlook 2003 against an Exchange 2007 server instead of running Outlook 2007?http://www.microsoft.com/exchange/evaluation/featurecomparison.mspxIt looks like you would not have the following (listed in my order of preference):
Some of the features above are available via OWA 2007 however.
Today, Microsoft posted some much awaited information about the steps that will be necessary for Exchange Server, the Operating System, Windows Mobile, and Outlook clients. You can find it here:http://www.microsoft.com/windows/timezone/dst2007.mspx
The good news is that Windows Vista, Outlook 2007, and Exchange 2007 have the fixes in them.The bad news is that chances are that you are not running any of those...
The good news is that if you are running Exchange 2003 SP2 you can get a fix... Soon.The bad news is that if you are running Exchange 2003 SP1... you will need to go to SP2. Ok, that probably is good news.But... If you have been holding off on installing some fixes because of the "Send As" changes, well... We updated the store.exe on this fix and it includes the "Send As" fix, so you are going to want to get your users configured correctly if you haven't yet already. See http://support.microsoft.com/kb/912918/en-us for more information.
I kid about this because it is going to probably hurt. I know that this will be somewhat painful for some of our larger customers. Fortunately, it looks like the product groups have done some good work in getting this information together. Please take a look at the first article for steps on how to make this as smooth as possible.
In the interest of being open about it... I am submitting this blog post right now using a Microsoft provided laptop and it is running Vista. There, I said it. Whew! I feel so much better now that I have it off my chest.
Some other things I should probably point out:
I found this funny. http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3TechRef/b8aafeb4-8883-482b-8cf8-77b3975336b3.mspx
There you will read: "By default, an SMTP virtual server can accept virtually an unlimited number of incoming network connections (although the actual physical limit is much less than this)."Huh? What number is much less than virtually unlimited? That is like saying: "I'll give you much less than an infinite amount of money."
Turns out that "much less than unlimited" used to be 2000, but now is the default of 5000.
I thought I would start off with a picture of Cliff Chao with some people on the Expo Hall floor. Cliff is the one with the small head. :)
Here is another picture of Boston from the Convention Center.
One thing I like about going to Tech-Ed is seeing what we tell the public. A lot of the stuff they talk about has been internal knowledge and I like to tell others about it, but can’t. Once the beans are spilled at Tech-Ed, its fair game though.
Some things overheard that are just a little funny:
· “Do more with more” – This was a line that Mary Lynn Rajskub from “24” fame said. She was there Sunday night. She did a good job.
· “How many of your users are asking for less mailbox space?” – Steve Tramack (HP)
· “IT jokes are stooped.” – a note that was passed around during one of the sessions. It kept getting brought up when lame jokes were presented.
· “It is just so hard to find good Speedos anymore.” – Don’t ask.
ESRP session:
I went to a presentation where Matt Gossage spoke. I knew him as the Exchange performance “go to” guy. If you wanted to know anything about how to speed up Exchange, he was most likely the guy you wanted to talk about since he was a tester. Now he is a PM for the CXP group. CXP stands for Customer eXPerience. Matt was talking about ESRP (Exchange Solution Reviewed Program). This was the first time I had heard of it even though it was announced late 2005.
ESRP is a program where partners test their solutions for SANs and they then submit it to the Microsoft Product Group for review. It gets checked for completeness and then they submit the results for you to view. Why is this so cool? Because configuring and testing a SAN with Exchange can be very difficult.
Take a look at the solutions listed there. There are solutions for 2000, 4000, 6000, and even 40,000 mailbox environments that have been tested. Can you imagine how much work you would have to do to test a 40,000 mailbox setup? And the great thing is that a lot of these solutions are designed to be “bricks”. If you have a 12,000 mailbox environment you could use 2 of the 6000 mailbox solutions together.
A beta build of Jetstress 2007 will be released in July of 2006. It will be 64 bit.
For testing you can use these tools:
Documentation on Storage performance:
More to come...
It’s been 3 days since I got here and I finally have gotten around to writing an update.
Sunday:
It took no less than an hour to get from the hotel to the convention center. I am not kidding. SUNDAY!!! It’s not even a work day. Why is traffic so bad here?
I got registered. Here is a picture of the bag, since I know you are wondering...
What swag is in it? The usual stuff: magazines, CDs, a few DVDs. What DVDs? Beta 2 versions of Office System 2007, Office SharePoint Server 2007, Office Groove Server 2007, Office Project Server 2007, Windows Vista (x86 and x64) and Windows Server Code Name “Longhorn”.
After checking in, I went to dinner only to look at the schedule and realize that the Keynotes were that night from 7:00 to 9:30. That was not what I expected.
Some things that I picked up from the Keynotes:
MaaS – This was a new acronym for me. It means “Management as a Service” Not sure how common that acronym is since I only saw it was listed 4 times together on Google. I’m proud to say that Live.com found it more often than that. It also contained more recent blog entries on it. Way to go guys!!! Back to MaaS – Exchange Hosted Services and the newly announced Forefront Client Security Services are examples of this.
The next version of Microsoft Operations Manager will be called System Center Operations Manager. MOM just sounds better than SCOM, don’t you think? “MOM takes care of my Enterprise” has a nice ring to it. I’ll stop there.
Bob Muglia spoke of 4 Promises –
1) Manage Complexity, Achieve Agility – Bingo! (kidding)
2) Protect Information, Control Access
3) Advance the Business with IT Solutions
4) Amplify the impact of your People
Well that is it for Sunday. I’ll add some more later.
Just a note to let everyone know that I'll be at Tech-Ed 2006 in Boston. I'll be there with one of my favorite customers from Healthcare and Life Sciences. Go ahead and email me if you would like to meet up for lunch or something. The more the merrier. As Starsky says: "No, seriously, come on, do it. Do it. "