Exchange and Collaboration (and Stuff)

What have I been doing lately - ITAP

Some of you may have worked with Microsoft Consulting Services on a project, but the consultant was likely in a technical delivery role.  Many customers do not know that MCS offers strategy consulting as well.

Historically, the ITAP (IT Architecture and Planning) was named something else - EPM, ESC, MTSS, ESC.  The role started as more of a ‘brain on a stick’, but now the role is much more formalized.

I plan on expanding on what the ITAP does and how this service helps customers get more out of their investments with Microsoft in later posts.  Also, I will talk about what its been like going from a deep technical resource to strategic advisor, and the skills it takes to be successful.

Is Someone listening?

Reason #101 to use OCS for audio conferencing. 

Who is listening in on your conference call?  With our previous conference bridge solution, we were assigned a permanent attendee code for people to use to join a conference call.  This number provides the authentication required to join the meeting (i.e. what you know)..but it doesn't prevent other from joining your call that do not belong, and perhaps hearing sensitive or confidential information.

Case in point, a large group of people (including myself) were sent a meeting invite for something by accident.  I had nothing to do with the meeting, but the subject was enticing (as was the invite list).  The meeting organizer realized the mistake and tried to cancel and resend out the invite, but the meeting codes had not changed..so I was able to join the meeting.

Had the organizer been using OCS with audio conferencing, they could have selected the meeting option to generate a new conference ID for each conference. (You can find this option after you create a new meeting invite – under the Audio options)

This also is great for times when you have back to back meetings with different people.

Another security option for OCS meetings have is to allow only authenticated users join.  There are 3 options:

1. Invite anyone – This is what you would choose if you need to invite people outside your company.  This allows ‘anonymous’ users to join.

2. Invite within network – This allows anyone in your company to join.

3. Invite within network (restricted) - You can invite people within your company, and only the people on the invite can attend.

If you initiate the call via OC, then the user names are resolved and you can see exactly who is in your conference call.

So the options are there..use them and have more secure meetings!

EULA

For Christmas this year, we bought our kids the Flip video recorder.  On my plane ride, I was reading PC Magazine, which had an editorial blurb about users giving up their rights (forcibly) to just use a product.  I am somewhat of a privacy nut, so reading that using their product gives their company unlimited rights to anything created/shared with their software made my want to return it to CostCo right away.

I sent an email to a link on their page, and was very surprised to get a response within hours.  The person, who is their web director, went so far as to contact their General Counsel to find out exactly what their EULA says. The last thing I want is video of my kids ending up on a website in some advertising (for example, on their Flip product page).

I’m happy to say he was patient in listening to my questions and went back and forth over several emails.  He confirmed they do not assume rights to video content produced by their customers.  In fact, he even confirmed all of the videos displayed on their website were given specific permission to do so.

So..we get to keep the camera and I feel better about their product.  I’m not sure where the editorial person got their information, but it was wrong (it may have to do with a specific “design” feature on one of their other cameras, but even then what they complained about was inaccurate). 

I came across the following comic on XKDC (one of the best strips out there – hopefully I linked this correctly to give proper credit).

http://xkcd.com/501/

MMCUG meeting tomorrow

Tomorrow is a Midwest Messaging and collaboration User's Group meeting.  Stop by if you have time!

Registration & Lunch (provided by PLA)  12:30-1:00 pm

1:00 – 1:15 pm

Exchange Capacity Planner Tool Demo

Jeff Rosen, Senior Consultant/Certified Architect (Ranger), Microsoft

System Center Capacity Planner (SCCP) 2007 is a pre-deployment capacity planning and post-deployment change analysis solution that provides IT professionals with the guidance required to plan a new deployment in the most efficient manner, while also delivering "what-if" analysis to optimize existing implementations and plan for change.

1:15-2:30 pm
Storage Design Deep Dive for Microsoft Exchange Server 2007

Ross Smith, Technology Architect, Microsoft

This session provides advanced training and tools to help you design the right storage architecture for your Exchange 2007 deployment, with an emphasis on the Mailbox server role.  Expand your knowledge of ESE architecture.  Learn how to properly balance disk performance and capacity.  See the Exchange 2007 Mailbox Storage Requirements Calculator in action.  Understand Microsoft’s best practices for designing, testing, and monitoring your storage solution.  

Objectives:

Explore architectural changes in Exchange 2007 (RTM and SP1) that affect storage design

· Learn how to calculate storage requirements based on business needs and craft solutions to meet these requirements

· Understand what tools are needed to properly design, test, and monitor Exchange storage architectures

Break 2:30-2:45

2:45-3:45 pm

Microsoft SharePoint Tools for the Enterprise
Scott Jenkins, Pre-Sales System Consultant, Quest Software

SharePoint is redefining our current understanding of collaboration.  It is time to utilize SharePoint as a central interface to front-end Line of Business applications, and act as a repository for data that was formally stored in file shares, public folders and Notes databases.  Join Scott Jenkins of Quest Software as he walks through the tools available today to migrate your critical data from across the organization to SharePoint.

3:45 – 4:30 pm

Certificates and Exchange 2007 and ISA 2006
Mark Myers, Senior Consultant, Project Leadership Associates

Exchange 2007 requires certificates for authenticating and encrypting critical messaging services. The default certificate configuration with Microsoft’s Exchange 2007 is only a very basic start that is inadequate for nearly all real-world configurations. Come learn the Microsoft best-practice certificate design and real-world design and configurations from PLA. We will also cover how your certificate design and configuration will change when protecting your Exchange servers with Microsoft’s ISA 2006 reverse proxy server. In this session we will also discuss private and public-CA issued certificates and how you can design your certificates to maximize on functionality while minimizing costs to outside public Certificate Authorities (CAs).

4:30 - 4:45 pm  Wrap-up and Giveaways

Check out the website at http://www.mmcug.org/

System Center Virtual Machine Manager

My first impressions are that it's a very cool piece of software.  I am using it in my lab to create VM's for Exchange, AD, SCCM, and SCOM.

This got me..I tried to make a template from a brand new Windows 2003 R2 install.  SCVMM made it to about 49% then it failed.  It kept warning me that the version of sysprep was incorrect.  And, of course I didn't make a clone before I started the template creation.  I thought there was an issue with my VM..so I rebuild the whole thing again...same problem.  This time I found out the error was on the SCVMM side..not my VM.  For Windows 2003 R2 SP2, there was an updated sysprep (http://www.microsoft.com/downloads/details.aspx?familyid=93F20BB1-97AA-4356-8B43-9584B7E72556&displaylang=en)

I cannot find the web page that listed the error, but you have to copy a couple of files from deploy.cab from the web download to the program files\microsoft system center virtual machine manager directory.  Look for the sysprep directory. In it you will see different versions of windows.  The one for Windows 2003 sp2 is 5.2.3790.3959. Once I replaced the files with the new ones..it went smoothly.

Also, I could not figure out how to install the VM Additions..I had to go back to the Web admin console..

SharePoint growth

An interesting conversation popped up the other day.  There is no doubt the success and usefulness of Sharepoint out of the box, but many IT executives/business execs see it as "anarchy" or more p.c. "organic growth".  They do not see the overall business value of SharePoint from what I'll call a file server replacement/collaborative website.  To put it another way, CxO's do not see the business value (cost vs ROI) from an organic deployment.

Should Microsoft publish not only technical guidance, but guidance on how to maximize the value of their products?  If you look on IT Showcase, we do a very good job with the "how IT does it" but I could only find a few "Why MS uses it" type study on SharePoint.  I view (as does the CxO) as SharePoint is a piece of infrastructre that is used to build a solution around.  Its not SharePoint the product that is the focus.  Rather, its we have a communication problem and we can use SharePoint to solve that problem.  This is a pretty clear example.  Where it gets more interesting is when the problem does not scream "use sharepoint".  For example, We need to manage our IT portfolio.  There are probably a million ways from a technology standpoint to solve that problem.  Why choose SharePoint to solve that problem?  Basically, using the strengths of the product to deliver business value.

Then the question always turns to, well how does Microsoft use it?  I know we have our main portal, as well as the 'organic' user/team collaboration sites.  But, Im not sure what solutions are integrated.  We probably have a mangers web site which uses SharePoint to track KPI's...but I've not personally used something like that.  I cannot really think of any other enterprise solutions I use that are based on SharePoint.  I think we will be publishing a lot of new content with the launch of SharePoint 2007.  And as someone pointed on in my discussion that there is a lot of existing content, you just have to dig around to find it.  I think we will make it more discoverable as well.  Now that the product has matured and its had success, I think we will see more integration of SharePoint in business solutions.

I know this is a great space for partners / 3rd parties, and also vertically specilized soltuions. A great example is the SharePoint Learning Kit (formerly Class server).  You have to look a little deep to know this is a SharePoint based solution.  If you were a school, it is easy to explain to a CxO the business value of this solution - then you are not just selling a technology.

I'm interested to know how other companies solved this problem?  Have you ran into the 'organic growth' only to be asked by management to stop deployments until a strategy is formed?

SSL and Active Directory (LDAPS)

 I needed to setup secure LDAP for my lab and was not sure how to do it.  I did not want to purchase a certificate, and I did not want to have to install a Windows CA either.

I found a self SSL certificate generator in the IIS 6.0 Resource Kit called selfSSL.

With selfSSL I was able to create a self-signed certificate.

1) run selfSSL.  Make sure the CN=fully qualified hostname (i.e. mydc.putyourdomainhere.com).  Also the default validity period is low, so I used a year.  I took defaults for the rest of the settings.

2) start the certificates MMC (for the computer) and copy the personal certificate to the trusted root certificate store.

3) start the Internet Service Manager Snap-ip and remove the SSL from the default website (optional)

4) reboot

Thats it! I tested it with LDP and it showed an SSL connection. 

Link to

Microsoft Certified Messaging Architect

I just passed my review board and received my certification!!

What is the certification all about?

"The goal of the Messaging Architect Program, the first Product or Depth Architect program under the Microsoft Certified Architect umbrella, is to provide the world's top tier training and certification on Microsoft Exchange Server to build a community of trusted messaging architects who can successfully address the most complex customer requirements."

This is a little different than a MCSE, or other similar certifications. This program has strict entrance requirements and requires a lot of experience prior to entrance.  Currently, there are only 77 certified messaging architects in the world!

Want to learn more, check out http://www.microsoft.com/learning/mcp/architect/messaging/default.mspx

Migrating Public Folders from Exchange to SharePoint

Check out my article in Exchange & Outlook Magazine!

http://emea.windowsitpro.com/MicrosoftExchangeOutlook/Article/ArticleID/50172/50172.html

Every time Microsoft releases a new version of Exchange Server, we wonder whether it will still support public folders. Over the years, companies have experienced wild growth in public-folder usage. Users are often creative with public folders (which are intended for data archive), using them to make backups of their desktops and even to run business-critical applications. However, with its recent announcement of Exchange Server 2007—the next major version of Exchange—Microsoft has set the grounds for "de-emphasizing" public folders.

Terry Myerson, the general manager of the Microsoft Exchange Server Group, explains Microsoft's public-folder strategy for Exchange 2007 in his blog (http://blogs.technet.com/exchange/archive/2006/ 02/20/419994.aspx). To answer questions about the future of public folders, he makes several key points. In new Exchange deployments, public folders will be optional with the use of Microsoft Office Outlook 2007 and won't be installed by default. For companies migrating existing deployments, public folders will operate with little change from Exchange Server 2003. (Upgrades to Exchange 2007 won't depend on migrating or decommissioning public folders.) . . .