Exchange Server 2007 can be installed into an existing Exchange 2000/2003 (hereafter called Exchange 2003, except where there's something particular about Exchange 2000) organization as one step in the migration process. Once Exchange 2007 has been introduced into the Exchange 2003 organization, the organization is considered to be in a co-existence or "Interop" (interoperability) state so long as both versions are present in the Exchange organization.

While in this co-existence mode, Exchange 2003 and Exchange 2007 each have some management behaviors that you should keep in mind. This blog post will detail some of these behaviors.

Mailbox Management

Exchange 2003 mailbox management is done through the Active Directory Users and Computers (ADUC) snap-in extension for Exchange. Exchange 2007 mailbox management is done through the Exchange 2007 Exchange management shell or the Exchange management console GUI. Separately there is no confusion. However, when you're in a co-existence state, both management tools will be present. Although Exchange 2007 will not install the Exchange extensions for ADUC, any remaining Exchange 2003 servers or "admin-only" installations will still have this snap-in available for use.

So which tools to use on which objects? Here's the easy list to remember:

-           Exchange 2007 mailboxes must be managed with Exchange 2007 management console or shell.

-           Exchange 2007 mailboxes MUST NOT be managed with Exchange 2003 tools. Note that this is not blocked, but mailboxes managed from Exchange 2003 ADUC will not be fully functional.

-           Exchange 2003 mailboxes can be edited or removed with Exchange 2007 tools, but cannot be created by Exchange 2007 tools.

-           Exchange 2003 mailboxes can be managed with Exchange 2003 tools.

-           Both Exchange 2003 and Exchange 2007 mailboxes can be moved (in either direction) with the Exchange 2007 tools. Exchange 2003 move mailbox cannot be used to move mailboxes to or from Exchange 2007 mailbox server.

Recipient Management (contacts, groups, etc)

Since these other recipient objects (contacts, groups, etc) are not tied to a particular server version in the way a mailbox is, these objects can be managed successfully from either side. Because Exchange 2007 tools have knowledge of the full set of Exchange 2007 properties and validation rules, it is recommended to consistently use the Exchange 2007 tools for this recipient management for best results.

The one exception to this rule is Dynamic Distribution Lists (DDL or sometimes called Dynamic Distribution Group, so DDG). Since DDLs created with Exchange 2007 tools store their RecipientFilter in an OPATH format and those created with Exchange 2003 tools store the filter as LDAP, it makes these edits incompatible. Be sure that after you've set a DDL filter through Exchange 2007 you only edit this DDL through Exchange 2007 tools from that point forward.

Global Objects (Address lists, EmailAddressPolicy, etc)

There are also a number of global configuration objects shared between Exchange 2003 and Exchange 2007 when running in a co-existence state. Examples of these objects are: Address Lists, Email Address Policies, Offline Address Book, etc.

These global objects generally follow the pattern that if they are created in Exchange 2003, they can be fully edited only in Exchange 2003 until they are upgraded to Exchange 2007 version. Once upgraded to Exchange 2007 format (and for objects created in Exchange 2007), they can no longer be edited by Exchange 2003 (and Exchange 2003 system manager will actively block you making edits after the object is upgraded).

Also, as mentioned in the "Goodbye RUS" post, you should not configure an Exchange 2007 server to serve as the "Exchange Server" for a Recipient Update Service. Doing so will cause that RUS to cease to function.

Other Miscellaneous Objects

In Exchange 2003 system manager there are a number of other objects that are visible. For instance, the Exchange 2007 administrative and routing groups (and their embedded GUID) are visible to Exchange 2003 while the entire AG/RG concept is hidden in Exchange 2007.

Similarly, the Exchange 2007 server object (and storage groups, databases, protocols, etc) are also visible in Exchange 2003. Where possible, these Exchange 2007 objects are "blocked" from editing through the Exchange 2003 tools. In all cases, you should not use the Exchange 2003 tools to manage Exchange 2007 servers or Exchange 2007 versioned objects.

Some items in the Exchange 2003 are not hidden or blocked, but are simply non-functional. Deprecated items like monitoring administration and Exchange 2003 queue viewer remain visible and will produce an error connecting to the interface if you attempt to access them.

Finally, some items in the Exchange 2003 ESM will remain the appropriate GUI way to manage certain objects until replacement GUI is established in Exchange 2007. Two such items that fit this mold are the Public Folder GUI (which will remain functional and supported, so long as an Exchange 2003 server is the targeted public folder store) and the Address/Details template customization GUI. In both of these cases, the Exchange 2003 GUI is anticipated to be replaced by updated Exchange 2007 GUI at some point in the future.

Exchange 2000 and object blocking

Exchange 2003 ESM automatically includes support for "blocking" edits against Exchange 2007 objects, as described above. Exchange 2000, however, requires a post-SP3 hotfix to provide this same behavior. Although Exchange 2000 SP3 is the prereq'd version required by Exchange 2007 setup, you must make sure that all Exchange 2000 servers and Exchange 2000 admin-tools-only consoles are updated with both Exchange 2000 SP3 and the 6603+ roll-up hotfix – KB.870540 (also known as the August 2004 roll-up hotfix). Note that if this hotfix is not present on an Exchange 2000 admin console used to manage your Exchange 2007 objects, it is possible that Exchange 2007 objects can be modified incorrectly from this legacy console.

What is the symptom?

In Exchange 2000 or 2003, when you have a delivery restriction based on distribution groups set on your connectors or recipients, message delivery to local mailboxes and to external recipients is slower than normal. Messages may be backed up in the "Messages Awaiting Directory Lookup" queue and/or "Messages Waiting to be Routed" queue. It may even cause backups in the Pre-Submission queue depending on the load on the server.

Why does this problem occur?

This problem occurs because Exchange 2000/2003 Server must expand the distribution groups to determine whether each user account is permitted to send or to receive the e-mail message. The results of this distribution group-expansion are not cached by Exchange 2000/2003 Server. Also, if a failure that can be retried occurs during this expansion process, Exchange 2000/2003 Server stops the distribution group-expansion process, and then retries the connection an hour later. The problem has been there since the early Exchange 2000 days.

How to fix this problem?

Exchange Server 2003

For Exchange Server 2003, the Microsoft-recommended solution is to use flat distribution group in combination with the RestrictionMethod registry key and the hotfix outlined in KB895407. Please note this solution is only effective if all the followings are true on the connector bridgehead server and/or distribution group expansion server:

1. Exchange Server 2003 SP2 has already been applied or the hotfix KB895407 is applied on Exchange Server 2003 SP1

2. The RestrictionMethod registry key is configured correctly.

3. All distribution groups used in the delivery restriction must be flat. If they are not then the nested groups will not be used in the restriction checking logic.

This registry key and hotfix solution helps with and changes the way delivery restrictions are checked for both per-recipient and per-connector, which greatly enhances messages delivery performance in an environment with delivery restriction for distribution groups. For more details about this solution, please refer to the following Microsoft Knowledge Base article:

In Exchange Server 2003, message delivery to local mailboxes and to external mailboxes is slower than you expect after you configure delivery restrictions based on distribution groups

http://support.microsoft.com/?id=895407

Exchange 2000 Server

For Exchange 2000 Server, every possible effort should be made to upgrade, at least the server which is doing connector restrictions or distribution group expansion, to Exchange Server 2003 SP2. This is the preferred and recommended solution even for Exchange Server 2000 due to the extremely positive performance gain for connector restrictions checking capabilities of Exchange Server 2003 SP2. If you are running Exchange 2000 server and are truly unable to upgrade to Exchange Server 2003 SP2 to implement the recommended solution above, there are a couple workarounds you may consider by referring to the following Microsoft Knowledge Base articles:

XADM: Mail Delivery Is Slow if Recipients Are Configured with Delivery Restrictions Based on Group Membership

http://support.microsoft.com/?id=329171

Mail delivery is slow after you configure delivery restrictions that are based on a distribution list

http://support.microsoft.com/?id=812298

What is the situation in the upcoming Exchange Server 2007?

This message delivery performance issue is resolved in Exchange Server 2007, as there are no connector restrictions in Exchange Server 2007. Restrictions will be applied on policy in the core transport via Transports Rules in Exchange Server 2007. Connector restrictions will be completely gone and it's up to the Exchange Server 2007 Transport Rules to enforce restrictions.

Recently, many customers reported the Windows Firewall issue. This seemed to be caused by a wide spread malicious application.

Symptom:

The error message "Windows Firewall can't change some of your settings. Error code 0x80070424" will pop up when you try to change the Windows Firewall settings. In the meantime, when you restart the system, it might pop up an error saying that "Base Filtering Engine Service" could not be found in the system.

Please note that the same error code could pop up when you try doing anything in Windows Defender.

Resolution:

Download the registry files (You can also export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE from another working Win7 PC)
1055.BFE.reg

0677.mpssvc.reg

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type services.msc and click ok

start base filtering engine service and then windows firewall service

Good luck

Note:Modifying REGISTRY settings incorrectly can cause serious problems that may prevent your computer from booting properly. Microsoft cannot guarantee that any problems resulting from the configuring of REGISTRY settings can be solved. Modifications of these settings are at your own risk...

Threads that you can reference:

In order to assist customers in designing their storage layout for Exchange 2007, we have put together a calculator that focuses on driving the storage requirements (I/O performance and capacity) and what the optimal LUN layout should be based on a set of input factors.

You can download the calculator at http://msexchangeteam.com/attachment/432207.ashx

Note that the calculator does not make any recommendations toward storage design (RAID parity, number of disks, etc.), as the storage design is largely dependent on the type of storage array being utilized.

For more information on some basic requirements around storage design, see the following blog posts:

• http://msexchangeteam.com/archive/2007/01/15/432199.aspx
• http://msexchangeteam.com/archive/2007/01/16/432222.aspx
• http://msexchangeteam.com/archive/2006/09/08/428860.aspx

For more information about this calculator, see the following blog post:

http://msexchangeteam.com/archive/2007/01/15/432207.aspx

Symptom:

You try to install Windows 8 (CP), and encountered the following error:

"We couldn't create a new partition or locate an existing one.  For more information, see the Setup log files."

Resolution:

Try to following methods:

1)Check if you have an SD Card in the system. If you do, you remove it and run setup again.

2) Once the setup fails to find the partition, just close the setup window (the top-right-hand side red X does the job).

From that point, you should be brought back at the initial setup screen.Choose "Repair" then go to the advanced tools and start the command line.

Start DISKPART.

Type LIST DISK and identify your SSD disk number (from 0 to n disks).

Type SELECT DISK <n> where <n> is your SSD disk number.

Type CLEAN

Type CREATE PARTITION PRIMARY

Type ACTIVE

Type FORMAT FS=NTFS QUICK

Type ASSIGN

Type EXIT twice (one to get out of DiskPart, the other to exit the command line tool)