I dint find this well documented anywhere hence I put together this Blog post on the required hotfixes for Exchange 2010 sp1 on Windows 2008 R2.
As you may already know a total of 6 Hotfixes are required.
Kb 979099
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=87f72529-d316-42e8-bf77-a46951f66dda&displaylang=en
OR
http://support.microsoft.com/kb/979099
Kb 979744
http://connect.microsoft.com/VisualStudio/Downloads/DownloadDetails.aspx?DownloadID=27109
Kb 977020
http://connect.microsoft.com/VisualStudio/Downloads/DownloadDetails.aspx?DownloadID=27977
Kb 982867
http://code.msdn.microsoft.com/KB982867/Release/ProjectReleases.aspx?ReleaseId=4520
FilterPack64bit
Private build\983440
https://connect.microsoft.com/VisualStudio/Downloads/DownloadDetails.aspx?DownloadID=29092
http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=983440
<<Disclaimer: This is meant to be a quick rough list of links to the hotfixes to help me as well as others in the field. I presume the links to the Hotfixes might change in the future when the teams are finished testing >>
You may have heard of an Outlook feature to publish a calendar to the internet. ( link available in the Further Reading Section )
This works well, however there was a limitation. You need outlook to be opened regularly to push the details onto the website + internet access.
Recently I came across a nice calendar publishing features of Exchange Server 2010. This feature will Publish the calendar from the CAS server itself, without involving outlook in anyway. In fact you can even use OWA managing the publishing. The Person downloading the published calendar gets the calendar updates dynamically.
Oh ! This feature is not turned on by default & requires a couple of steps to be done on the server to get it running.
I could not find any official documentation nor can I see it work on my account as MSIT has not enabled this feature. I will document the steps required to enable this feature & update this blog post sometime in the near future.
Further Reading.
Outlook Publishing
"http://office.microsoft.com/en-us/outlook-help/introduction-to-publishing-internet-calendars-HA010174355.aspx"
"http://office.microsoft.com/en-us/outlook-help/manage-and-preview-calendars-published-with-the-outlook-calendar-publishing-service-HA010388759.aspx"
Two incidents in a month prompted me to write this blog; Incidents where I spent so much time in troubleshooting why a certain product was not working the way it should. The culprit eventually turned out to be "Server hardening".
Modern Operating systems like Windows 2008 have significantly tightened permissions throughout the system. Therefore, extensive changes to default permissions is not necessary to secure the system. Server hardening (especially without testing ) can result in increased management effort (cost ) due to unexpected & undocumented behavior which may be observed.
Additionally ACL changes may invalidate all or most of the in-depth & lengthy compatibility testing that is performed by Microsoft prior to shipping the product & change the fundamental behavior. You many never know it until you hit an issue where something stops working. Then spend a lot of time figuring out what broke.
If you do need to implement some custom changes, its should be tested thoroughly ( which is tough & lengthy )
In my opinion securing your server would start by not disabling the features which are enabled by default. It may be irritating but its there for a reason. ( IE Enhanced security, Firewall profiles, etc )
Further Reading,
have a look at the below book co-authored by the Steve Riley, where he covers all this kind of 'tweaks' which are so true in the field. Personally, I have seen these myths believed as the gospel truth so many times. ( 2 last month )
http://technet.microsoft.com/en-us/library/cc512582.aspx
Some real world examples of broken services caused by un-tested server hardening.
http://blogs.technet.com/askperf/archive/2008/11/18/disabling-unnecessary-services-a-word-to-the-wise.aspx
http://blogs.technet.com/networking/archive/2008/09/11/don-t-be-that-guy-assault-by-security-template.aspx
The issue I observed was that exchange services on a freshly installed server were not starting.
Turned out that we were missing the database files, which was caused because the service did not have permissions to create the database file, which was due to the default permissions at the root of the volume being modified.
I first started writing this blog on 20th may 2010