To return to part 1 click here
To enable anonymous relay in Exchange 2003 this was done in the properties of the Virtual server.
You went to the access tab and clicked on “Relay…”
Then you would click on “Add”.
And added the IP address of the computer or computers you wanted.
In 2007 since the transport is moved to the Hub role you would do this there or on the edge server. You create a new SMTP receive connector. Lets walk through the wizard. Choose Custom for the intended use.
This page is where you select the IP address of the local machine that this will apply to.
Click on Add… And put in the local IP address (in this case).
For the Remote Network, You choose the ip address of the server that can send to this server anonymously.
The configuration summary.
And here is the PowerShell command that completed..
There it is.
Here are the properties.
Make sure that the permissions are set right.
So far, we have a receive connector that allows anonymous submission from a particular IP, but not able to relay to any recipient. So in order to fix this we have to give it an ad permission.
We do that with the following:
Get-ReceiveConnector "Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
In Exchange 2003, routing group connectors enabled message transfer between two routing groups. Routing groups represented a routing boundary for Exchange 2003 and Exchange 2000.
Exchange 2007 uses Active Directory site-based routing. You cannot use the Exchange 2003 Exchange System Manager to create or manage any routing group connector that specifies an Exchange 2007 server as a source or target server. You must use the New-RoutingGroupConnector and Set-RoutingGroupConnector cmdlets in the Exchange Management Shell.
Understanding Active Directory Site-Based Routing
How to Create Routing Group Connectors from Exchange 2007 to Exchange Server 2003
You will need to create a RGC in order for the Exchange 2007 environment to talk to the 2003 environment. But, you can’t do this via the 2003 ESM.
So we can create one using New-RoutingGroupConnector.
New-RoutingGroupConnector -Name "Interop RGC" -SourceTransportServers "Ex2007Hub1.contoso.com" -TargetTransportServers "Ex2003BH1.contoso.com" -Cost 100 -Bidirectional $true -PublicFolderReferralsEnabled $true
Next: Part 19 – Transport: Disclaimer messages and Inbound SMTP connections from other messaging servers
In Exchange 2003, you used Active Directory Users and Computers to manage mailbox permissions for users.
In Exchange 2007, you use the Exchange Management Console or the Exchange Management Shell to configure mailbox permissions. Using the MEC we just right click on the mailbox and choose “Manage Full Access Permission”.
Add…
I’ll give Carl Sagan access to my mailbox.
And there is the cmdlet you would run from the shell
But, what if I didn’t want to give full mailbox permissions. What if I just wanted to give Send As permissions? In that case you would just click on “Manage Send As Permission”.
As you can see by default, only I (Self) have the right to send as myself. I click on “Add”.
I choose Carl again.
Now Carl can send as me.
And there is the cmdlet you would run from the shell.
In Exchange 2003, you created Lightweight Directory Access Protocol (LDAP) queries to filter recipients using the Active Directory Users and Computers (ADU&C).
When finished creating a QBDG you can see the LDAP query.
The name has changed in Exchange 2007 as well as the tool that you use to create it. It is now called a Dynamic Distribution Group and you create it using the Exchange Management Console at the Recipient Configuration level.
Lets walk through the wizard… Here we put in the standard details.
You have the option to set the scope to an OU here if you would like.
Here you can set more conditions like Company name.
Here is the summary.
And the final part of the wizard shows the cmdlet to run again.
But, what if the wizard doesn’t have all of the options that you want to filter on? In that case you would need to us OPATH syntax for a custom filter. What is OPATH? It is the basis for the filtering syntax used by PowerShell. It has been around for some time and was actually used before Exchange 2007, but it looks like we are the heaviest users of it now. You can find more about it at http://msexchangeteam.com/archive/2007/01/10/432143.aspx.
OPATH allows you to use –and, –or, –not, –eq (Equals), –ne (Not Equals), –lt (Less Than), –gt (Greater Than), like, and –notlike in your filters. In some cases you can also use wildcards.
If you have an LDAP filter that you would like to try to convert to an OPATH filter for Exchange 2007, you may find that the script found at this blog may be helpful.
Next: Part 16 – Administrative Tasks: Resource Scheduling
In Exchange 2003, Exchange ActiveSync would be configured to synchronize your mobile device with your Exchange server mailbox at intervals as frequent as every five minutes.
You set the settings in ADU&C or in the ESM.
By default, in Exchange 2007, Direct Push is enabled, and it is designed to keep a mobile device up to date over a cellular network connection. Setting this is also found in the Console or you can use PowerShell.
Front End access in Exchange 2003 was enabled on the server properties with a check box.
In Exchange 2007, the Client Access server role handles all of the processing for client access and provides access to mailbox data for all external clients.
You can create multiple Exchange ActiveSync policies using New-ActiveSyncMailboxPolicy or by using the “New Exchange ActiveSync Mailbox Policy Wizard” found at Organization Configuration / Client Access.
For OWA, you don’t connect to the /exchange virtual directory any more. You use /owa (https://FQDN/owa).
To look at the settings you can use Get-OwaVirtualDirectory.
Get-OwaVirtualDirectory –id “ServerNAME\owa (Default Web Site)” |fl would give you a lot of information. If you would like to see how many you can go to http://technet.microsoft.com/en-us/library/bb123515.aspx to see how to set them using Set-OwaVirtualDirectory.
The good news is that a lot of those are available in the console as well.
In Exchange 2003 there was no Auto-configuration service, so you had to usually manually create profiles. When you created a profile, as long as you know the name of a server that was up you were good to go. However this was part of the problem. This was a high support call generator since very few knew the server name. Move mailboxes updated the profile usually as well.
Now with AutoDiscover, the client can get configured correctly automatically in Exchange 2007.
Use Set-AutodiscoverVirtualDirectory to configure it.
With Exchange 2003 we had to enable RPC over HTTP(S) on both the front end and back end servers and make sure that your firewalls allowed port 443 traffic to your Front End servers.
In Exchange 2007 you enable Outlook Anywhere on the CAS server using Enable-OutlookAnywhere, Set-OutlookAnywhere, and Get-OutlookAnywhere.
Or you can use the EMC for some of this.
Next: Part 18 – Transport: Allowing Anonymous Relay and Creating \ Managing Routing Group Connectors
In Exchange 2003, setting up a resource involved many steps:
We will not go into who this done in Exchange 2003, but will instead focus on the changes in Exchange 2007.
In Exchange 2007, the management of resource scheduling is much easier and includes creating and managing your conference room and equipment, and scheduling resources.
Lets walk through this.
We will create a Room Mailbox.
Filling out the information.
Choose the database
And there is the shell command.
Now that it is created, we can look at the properties. He we can put the capacity as well.
But you can also create custom configurations as well. Here we added to the Room schema 16 seats and 8 seats, and added to Equipment Projectors and Whiteboards.
Now when I click Add, you see custom properties. I choose one.
Now we have a room with a capacity of 20 and only 16 seats. I guess 4 people are standing or sitting on the floor.
Here are the properties of some Equipment. So I added the custom Property – Projector.
To convert a mailbox from Exchange 2003 to Exchange 2007:
Other options for types are Regular, Equipment, or Shared.
If the mailbox was a former Auto Accept Agent Mailbox you must uninstall the agent from the server and then move the mailbox to 2007. After that you use Set-MailboxCalendarSettings to choose how you want the processing of meeting requests to be handled.
Set-MailboxCalendarSettings <Identity> -AutomateProcessing:AutoAccept
There are a lot of different settings here. Here is a good starting place to get a better idea of the options: (Taken from here)
To control who can schedule a resource, use the following parameters with the Set-MailboxCalendarSettings command:
To control when a resource can be scheduled, use the following parameters with the Set-MailboxCalendarSettings command:
To control what meeting information will be visible on the resource's calendar, use the following parameters with the Set-MailboxCalendarSettings command:
To customize the response message that meeting organizers will receive, use the following parameters in the Set-MailboxCalendarSettings command:
Next: Part 17 – Managing Client Access
I recently upgraded my main machine to Windows 7[1,2] and I tried opening up Windows Live Writer to update my blog and found that it seemed to be in a constant hung state. I then right clicked on the shortcut for the program and chose the “Troubleshoot compatibility” option. It then gave me the following screen.
It now works. YAY!
[1] I am not telling what build. [2] I’m trying these square brackets. I saw that KC Lemson was doing it. I tend to use lots of Parentheses and I think that this might be better?
Every so often I like to head over to http://www.microspotting.com/ to see some of the stories about some of my co-workers. And yes, I want an “I am the empire” t-shirt!