I have been quiet on this blog for a number of reasons. 

Check out the new site for all PFEs who want to blog at www.MrProactive.com.  This is a site that's has 4 main purposes:

• Tell more about what a Premier Field Engineer (PFE) is what we do
• Share with the community Proactive items and "Tips and Tricks"
• Announce new offerings
• Let the world know that we are hiring

There is another site where individual PFEs can blog at www.opsvault.com as well.  It has many of the same goals and has a different approach.

Variety is a good thing.

There is now a KB article that is available regarding this.  It answers questions about how to make the change with a Group Policy or using the Office Customization Tool.

982774  Direct Booking does not successfully book a resource in Outlook 2010

http://support.microsoft.com/default.aspx?scid=kb;EN-US;982774

Now that Office 2010 has RTM’ed, we’ve started to see a number of issues pop up where customers are finding that they are having problems reserving a conference room using it.  The reason is that Outlook 2010 by default has Direct Booking disabled.  This is by design since Direct Booking is the old Exchange 2003 way of doing things and Exchange 2007 and 2010 has automatic processing of resource mailboxes.

If you are still on Exchange 2003, however, you may have the need to enable Direct Booking for your clients.  In order to enable it in Outlook 2010 you will need to add the following DWord in the registry for the organizers client:

Key: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Options\Calendar

DWORD: EnableDirectBooking

Value: 1

Hope that helps some people out.

Looks like we can now get to http://www.kin.com/.  Looks nice.  First phone to ship with Zune…  Very cool.

It finally is here!

Sweet…

I have been messing around with the installation of Exchange 2010 RC on Windows 2008 R2.  I chose to go with Windows 2008 RC since it already has more of the things needed to install Exchange like the right version of PowerShell and the .NET framework.  To make my lab installs go faster I have been creating PowerShell scripts to automatic everything from the installation of the required roles and features to the installation of Exchange 2010 as well.  Below you will find some snippets from some of the scripts.  Of course the standard disclaimer applies.

The header:

The installation of the link above is so that the indexer can index certain files.

The following is needed for all Exchange installs since we are not using the old way (Windows 2008) of adding roles and features and are using PowerShell instead.

If this is the first time you have run Exchange 2010 setup, you will need to prepare the AD.  Before you can do that you will need to install the AD tools.  After running that a reboot may be necessary.  I have commented it out as I may want to see the results of the install.

The next part does the AD preparation.

If your forest and domain is all prepared then you are ready to install the Hub and CAS role.  Since I wanted to get a DAG up and running I put these two roles on their own machine and put the mailbox role on two other machines.  The following will install the Features and Roles needed.

Now that the server has what it needs, let’s install the Exchange portion for the Hub and CAS.

Now that we have a Hub and CAS role installed, let’s get some mailbox server installed on a different server.

Now we are ready to install the Exchange portion of the mailbox role install.

Hopefully this is useful to you. 

I mentioned in my last post that customers will be able to upgrade from the Release Candidate (RC) of Exchange Server 2010 to the final Release to Manufacturing (RTM) version.  This was taken from the Exchange team’s mention of this here.  Since then there has been some questions about what this means.  Does it mean that you can install the RC version in production and still be supported?

To answer that you need to look at the EULA included in the RC.  This is a legal document and I am not a lawyer.  Because of that I will only paste some of the key points that I found in it so that you can see the answer.  The English version of the EULA can be found at setup\serverroles\common\eula\en\license.htm.  There you will find the following in part:

So…  In short, please don’t run the RC in your production environment.  If you were to have any issues and needed support from Microsoft, you would be in a tough situation that you may not like.  We have programs such as the Technology Adoption Program (TAP) program where we support customers who run non-final code in their production environment, but those customers are early-adopters who have another agreement that permits the support of their environment.

Hopefully that answers your questions.  Now get back to playing with Exchange 2010 (in your lab)!

Today we announced that Exchange Server 2010 Release Candidate (RC) is available for download at:

http://www.microsoft.com/downloads/details.aspx?FamilyID=c6d27da1-ba2c-4570-a491-c0d7b39ede8b&displaylang=en 

(This link works...)

Some things to note:

· This version will coexist with Exchange 2003 and 2007.  In order to coexist with Exchange 2007 you will need the Exchange 2007 SP2 which will be released soon (later this month).

· You can do an in place upgrade from the RC version to the final (RTM) version.

· To see what is new in Exchange 2010 you can go here: http://technet.microsoft.com/en-us/library/dd298136(EXCHG.140).aspx

· Exchange 2010 can be installed on Windows 2008 SP2 or Windows 2008 R2.

Finally.  Exchange 14 is now officially Exchange 2010.  Learn more at http://technet.microsoft.com/en-us/exchange/2010/default.aspx.

To return to part 1 click here

Transport

POP3 and IMAP4

In Exchange 2003, POP3 and IMAP4 were both receive-only protocols that enabled a client to receive e-mail. To send e-mail, these clients had to relay SMTP traffic through the Exchange organization.

Below you can see that the IMAP Virtual Server is disabled.

The default properties of the IMAP4 Virtual Server…

To enable the protocol on the users you would use the Exchange Task Wizard.

In Exchange 2007, every Hub Transport server has a default client Receive connector that allows authenticated POP3 and IMAP4 users to relay SMTP e-mail through the Hub Transport server. You must specifically enable POP3 or IMAP4 access for clients.

The protocols are listed on the CAS servers.

Here are some of the default properties on IMAP4.

You can enable IMAP4 and POP3 on the mailboxes from within the Exchange Messaging Console.

More information on configuration can be found at the links below:

How to Set Connection Limits for IMAP4

How to Configure Authentication for IMAP4

How to Set Connection Limits for POP3

How to Configure Authentication for POP3

Securing message transmission by using Transport Layer Security (TLS)

In Exchange 2003, if you required TLS for inbound connections you configured the authentication settings on a virtual server. You accessed the virtual server properties, and then selected a check box to require SSL/TLS on the Access and Authentication settings page.

In Exchange 2007, you configure TLS on a Receive connector by specifying TLS as an available authentication mechanism. However, you need to have an X.509 certificate installed on the Exchange server. For more information see Receive Connectors.

You could also set this using :

Set-ReceiveConnector -Identity ReceiveConnectorId -AuthMechanism Tls

Next:  I think that is it.  Hopefully you found this useful.  It took so long to do this, I could start on Exchange 14.  Hmmm.

To return to part 1 click here

Transport

Outbound SMTP connections to other messaging servers

In Exchange 2003, the routing group represented a communication boundary between Exchange servers that were part of the same organization. All Exchange servers that were in the same routing group were able to communicate directly with each other.

To create connections to the Internet you created a SMTP connector.

In Exchange 2007, Send Connectors control outbound SMTP traffic to remote domains. By default, a Send Connector is available to the entire organization. However, a Send Connector can be scoped so that it is available only to other Hub Transport servers in its local Active Directory site. For more information see Send Connectors.

When the Edge Subscription is created you will see the following:

As you can see, with the EdgeSync set up the properties allow all mail to flow out the new Send Connector.

And the source sever is the Edge server.

Journaling

In Exchange 2003, you configured journaling on the mailbox store that contained the mailboxes that you wanted to journal.

In Exchange 2007, if you have an Exchange Enterprise Client Access License for the mailboxes you want to journal then you can use journal rules that are configured organization wide on Hub Transport servers. The journal rules enable you to specify per-recipient journaling.  For more information see: Managing Journal Rules.

The following types of journaling are available in Exchange 2007:

Standard journaling -  Standard journaling enables the Journaling agent in Exchange 2007 to journal all messages sent to and from recipients and senders that are located on a specific mailbox database on a computer running the Mailbox server role. Standard journaling is also called per-mailbox database journaling.

Premium journaling  - Premium journaling enables the Journaling agent in Exchange 2007 to use rules that you can configure to match the specific needs of your organization. You can create journal rules for a single mailbox recipient or for entire groups within your organization. Premium journaling is also called per-recipient journaling.
Important: You must have an Exchange Enterprise Client Access License (CAL) to use premium journaling.

Lets look through how the wizard for per-recipient journaling:

Here I have set up a journaling rule for my mailbox only.

And here you can see the the cmdlet used is New-JournalRule.

I didn’t create this rule with it enabled, so to enable it you can right-click on it in the GUI.

Next: Part 21 – Transport: POP3, IMAP4, and Transport Layer Security (TLS)

To return to part 1 click here

Transport

Disclaimer messages

In Exchange 2003, you needed to create a custom event sink to apply disclaimers to messages or purchase a third part application that would do this for you.

In Exchange 2007, disclaimers are defined by Transport Rules (or you can use Exchange Hosted Services also).  You can create transport rules that will add disclaimers to messages if those messages meet conditions that you have specified. Overview of Disclaimers.

To use the Exchange Management Console to configure a disclaimer on a Hub Transport server open the Exchange Management Console on the Hub Transport server.  In the console tree, click Organization Configuration, and then click Hub Transport.

In the result pane, click the Transport Rules tab, and then, in the action pane, click New Transport Rule… .

In the “Name” field, enter the name of the disclaimer.  If you have notes for this disclaimer, enter them in the “Comment” field.  If you want the disclaimer to be created in a disabled state, clear the Enabled check box. Otherwise, leave the Enabled check box selected.  Click Next.

In the “Select Condition(s)” box, select all the conditions that you want to apply to this disclaimer. If you want this disclaimer to be applied to all e-mail messages, do not select any conditions in this step.

If you selected conditions in the previous step, “Edit the rule description by click an underlined value” box, click each blue underlined word.

When you click a blue underlined word, a new window opens to prompt you for the values to apply to the condition. Select the values that you want to apply, or type the values manually. If the window requires that you manually add values to a list, type a value. Then click Add. Repeat this process until you have entered all the values, and then click OK to close the window.

Repeat the previous step for each condition that you selected. After you configure all the conditions, click Next.

In the “Select Action(s”) box, click “append disclaimer text using font, size, color,…”  and “wrap messages if unable to comply”.

In the “Edit the rule description by clicking an underlined value” box, click each blue underlined word. Each word, except disclaimer text, is the default value for each field. For more information about these action properties, see "Disclaimer Action Properties" in Transport Rule Actions. The fields are Location, Disclaimer Text, Font, Font Size, Font Color, Separator, and Fallback Action.

When you click a blue underlined word, a new window opens to prompt you to select the items that you want to add or to type values manually. When you are finished, click OK to close the window.

Repeat the previous step for each action that you selected. After you configure all the actions, click Next.

In the “Select exception(s) box”, select all the exceptions that you want to apply to this rule. You are not required to select any exceptions.

Note: If you don't apply an exception to this transport rule and all the transport rule conditions are met, a disclaimer is added to every message. This includes messages to which this disclaimer has already been added. To avoid having disclaimer text added repeatedly to messages that meet the conditions of this transport rule, add the except when the text specific words appears in the subject or body of the message transport rule exception with a value that is unique to the disclaimer text in this transport rule.

If you selected exceptions in the previous step, in the “Edit the rule description by clicking an underlined value” box, click each blue underlined word.

When you click a blue underlined word, a new window opens to prompt you to select the items that you want to add or to type the values manually. When you are finished, click OK to close the window.

Repeat the previous step for each exception that you selected. After you configure all the exceptions, click Next.

Review the Configuration Summary. If you are happy with the configuration of the new rule, click New, and then click Finish.

And there is part of the PowerShell Command.  The cmdlet used is New-TransportRule.

Inbound SMTP connections from other messaging servers

In Exchange 2003, SMTP virtual servers controlled the inbound mail settings.

The default SMTP virtual server accepted anonymous connections. If you required a particular authentication method or message size restriction for a specific remote domain, you would create additional virtual servers.  To do that in Exchange 2003, you would often need to have another IP address on the server for the new virtual server.

Then you would select the scope of the servers that could connect to the new virtual server.

In this case we only have one IP address.  This could be a case where we had a smart host forwarding email to this server.

In Exchange 2007, Receive Connectors control how mail is received. The Receive connector listens for SMTP connections. Every Hub Transport server has two default Receive connectors. One connector is configured to receive authenticated SMTP connections, the second connector is configured to receive SMTP connections from clients such as POP3 and IMAP4.

We already discussed earlier how to create an anonymous Receive Connector so lets talk about how to create an Edge subscription.

On the Edge Transport server, run the following command:

New-EdgeSubscription -FileName "C:\<EdgeSubscriptionInfo>.xml"

For detailed information about this step, see How to Export an Edge Subscription File.

Copy the resulting XML file to the Hub Transport server. On the Hub Transport server, run the following command:

New-EdgeSubscription -filename "C:\EdgeSubscriptionInfo.xml" -CreateInternetSendConnector $true -CreateInboundSendConnector $true -site "Default-First-Site-Name"

Note: By default, the value of the CreateInternetSendConnector parameter and CreateInboundSendConnector parameter is $True. You do not have to provide these parameters if you want to use the default configuration. They are shown here for illustration only.

For detailed information about this step, see How to Import the Edge Subscription File.

On the Hub Transport server, run the following command:

Start-EdgeSynchronization

For detailed syntax and parameter information, see EdgeSync Cmdlets.

You don't have to create Receive connectors for this scenario. The default Receive connector on the Edge Transport server is the only Receive connector that is required. However, you may want to modify the configuration of the default Receive connector to bind it to only the external network address. Then, you can create an additional Receive connector that is bound to only the internal network address and configure it to receive connections from the Exchange organization. For more information, see Configuring Edge Transport Server Connectors and EdgeSync and Send Connectors.

To test the success of the synchronization, run Test-EdgeSynchronization.

.

Next: Part 20 – Transport: Outbound SMTP connections to other messaging servers and Journaling

To return to part 1 click here

Transport

Allowing anonymous relay

To enable anonymous relay in Exchange 2003 this was done in the properties of the Virtual server.

You went to the access tab and clicked on “Relay…”

Then you would click on “Add”.

And added the IP address of the computer or computers you wanted.

In 2007 since the transport is moved to the Hub role you would do this there or on the edge server.  You create a new SMTP receive connector. Lets walk through the wizard.  Choose Custom for the intended use.

This page is where you select the IP address of the local machine that this will apply to.

Click on Add…  And put in the local IP address (in this case).

For the Remote Network, You choose the ip address of the server that can send to this server anonymously.

The configuration summary.

And here is the PowerShell command that completed..

There it is.

Here are the properties.

Make sure that the permissions are set right.

So far, we have a receive connector that allows anonymous submission from a particular IP, but not able to relay to any recipient.  So in order to fix this we have to give it an ad permission.

We do that with the following:

Get-ReceiveConnector "Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

Creating or managing Routing Group Connectors

In Exchange 2003, routing group connectors enabled message transfer between two routing groups.  Routing groups represented a routing boundary for Exchange 2003 and Exchange 2000.

Exchange 2007 uses Active Directory site-based routing. You cannot use the Exchange 2003 Exchange System Manager to create or manage any routing group connector that specifies an Exchange 2007 server as a source or target server. You must use the New-RoutingGroupConnector and Set-RoutingGroupConnector cmdlets in the Exchange Management Shell.

Understanding Active Directory Site-Based Routing

How to Create Routing Group Connectors from Exchange 2007 to Exchange Server 2003

You will need to create a RGC in order for the Exchange 2007 environment to talk to the 2003 environment.  But, you can’t do this via the 2003 ESM.

So we can create one using New-RoutingGroupConnector.

New-RoutingGroupConnector -Name "Interop RGC" -SourceTransportServers "Ex2007Hub1.contoso.com" -TargetTransportServers "Ex2003BH1.contoso.com" -Cost 100 -Bidirectional $true -PublicFolderReferralsEnabled $true

Next: Part 19 – Transport: Disclaimer messages and Inbound SMTP connections from other messaging servers

I recently upgraded my main machine to Windows 7[1,2] and I tried opening up Windows Live Writer to update my blog and found that it seemed to be in a constant hung state.  I then right clicked on the shortcut for the program and chose the “Troubleshoot compatibility” option.  It then gave me the following screen.

It now works.  YAY!

[1] I am not telling what build.
[2] I’m trying these square brackets.  I saw that KC Lemson was doing it.  I tend to use lots of Parentheses and I think that this might be better?

Every so often I like to head over to http://www.microspotting.com/ to see some of the stories about some of my co-workers.  And yes, I want an “I am the empire” t-shirt!

To return to part 1 click here

Managing Client Access

Always Up to Date \ Direct Push

In Exchange 2003, Exchange ActiveSync would be configured to synchronize your mobile device with your Exchange server mailbox at intervals as frequent as every five minutes.

You set the settings in ADU&C or in the ESM.

By default, in Exchange 2007, Direct Push is enabled, and it is designed to keep a mobile device up to date over a cellular network connection. Setting this is also found in the Console or you can use PowerShell.

Front End / CAS

Front End access in Exchange 2003 was enabled on the server properties with a check box.

In Exchange 2007, the Client Access server role handles all of the processing for client access and provides access to mailbox data for all external clients.

You can create multiple Exchange ActiveSync policies using New-ActiveSyncMailboxPolicy or by using the “New Exchange ActiveSync Mailbox Policy Wizard” found at Organization Configuration / Client Access.

For OWA, you don’t connect to the /exchange virtual directory any more. You use /owa (https://FQDN/owa).

To look at the settings you can use Get-OwaVirtualDirectory.  

Get-OwaVirtualDirectory –id “ServerNAME\owa (Default Web Site)” |fl would give you a lot of information.  If you would like to see how many you can go to http://technet.microsoft.com/en-us/library/bb123515.aspx to see how to set them using Set-OwaVirtualDirectory.

The good news is that a lot of those are available in the console as well.

Client Configuration

In Exchange 2003 there was no Auto-configuration service, so you had to usually manually create profiles.  When you created a profile, as long as you know the name of a server that was up you were good to go.  However this was part of the problem.  This was a high support call generator since very few knew the server name.  Move mailboxes updated the profile usually as well.

Now with AutoDiscover, the client can get configured correctly automatically in Exchange 2007.

Use Set-AutodiscoverVirtualDirectory to configure it.

RPC over HTTP / Outlook Anywhere

With Exchange 2003 we had to enable RPC over HTTP(S) on both the front end and back end servers and make sure that your firewalls allowed port 443 traffic to your Front End servers.

In Exchange 2007 you enable Outlook Anywhere on the CAS server using Enable-OutlookAnywhere, Set-OutlookAnywhere, and Get-OutlookAnywhere.

Or you can use the EMC for some of this.

Next: Part 18 – Transport: Allowing Anonymous Relay and Creating \ Managing Routing Group Connectors

To return to part 1 click here

Administrative Tasks: Resource Scheduling

Resource Scheduling in Exchange 2003

In Exchange 2003, setting up a resource involved many steps:

• Create a mailbox using ADU&C
• Give permissions to the mailbox
• Setup Auto Accept Agent or use Outlook Direct Booking for mailboxes

We will not go into who this done in Exchange 2003, but will instead focus on the changes in Exchange 2007.

Resource Scheduling in Exchange 2007

In Exchange 2007, the management of resource scheduling is much easier and includes creating and managing your conference room and equipment, and scheduling resources.

• You can now create mailboxes specifically for rooms or equipment like AV equipment
• You can specify custom properties like TV, Whiteboards, as well as room capacity
• You can convert former Exchange 2003 Resource mailboxes to a different type
• You can upgrade former Auto Accept Agent based Resource mailboxes as well

Lets walk through this.

We will create a Room Mailbox.

Filling out the information.

Choose the database

And there is the shell command.

Now that it is created, we can look at the properties. He we can put the capacity as well.

But you can also create custom configurations as well. Here we added to the Room schema 16 seats and 8 seats, and added to Equipment Projectors and Whiteboards.

Now when I click Add, you see custom properties. I choose one.

Now we have a room with a capacity of 20 and only 16 seats.  I guess 4 people are standing or sitting on the floor.

Here are the properties of some Equipment. So I added the custom Property – Projector.

Converting mailboxes in Exchange 2007

To convert a mailbox from Exchange 2003 to Exchange 2007:

• Move the mailbox from Exchange 2003 to 2007
• Run the cmdlet Set-Mailbox Alias –Type Room

Other options for types are Regular, Equipment, or Shared.

Enabling Automatic Booking on a Resource Mailbox

If the mailbox was a former Auto Accept Agent Mailbox you must uninstall the agent from the server and then move the mailbox to 2007.  After that you use Set-MailboxCalendarSettings to choose how you want the processing of meeting requests to be handled.

Set-MailboxCalendarSettings <Identity> -AutomateProcessing:AutoAccept

There are a lot of different settings here.  Here is a good starting place to get a better idea of the options:  (Taken from here)