Author Archives: Christian Pedersen

Update Center for Microsoft Forefront and Related Technologies

0
Posted by Christian Pedersen on September 4, 2010 – 18:51
Filed under Forefront

Find and manage updates in one place for the Microsoft Forefront family of products and related technologies.

This page tracks all updates to all supported versions of:

  • Microsoft Forefront Protection 2010 for Exchange Server
  • Forefront Protection 2010 for SharePoint
  • Microsoft Forefront Client Security
  • Microsoft Forefront Security for Exchange Server
  • Forefront Security for SharePoint
  • Forefront Server Security Management Console
  • Forefront Security for Office Communications Server
  • Antigen 9.0 for Exchange
  • Antigen 8.0 for Microsoft SharePoint Portal Server
  • Forefront Threat Management Gateway 2010
  • ISA Server 2006
  • Forefront Unified Access Gateway 2010
  • Intelligent Application Gateway 2007

http://technet.microsoft.com/en-us/forefront/ff899332.aspx

Exchange 2010 SP1 Language Pack Bundle

0
Posted by Christian Pedersen on August 29, 2010 – 17:31
Filed under Exchange 2010
This download contains the most recently updated language packs for Exchange 2010. The language bundle includes all packs for all supported languages.
 
This download is available to customers who would like to install the most recent languages packs for Exchange 2010. This bundle does not include language packs for Unified Messaging.
 
Download here
 

Exchange 2010 RTM schema prep fails when Exchange 2007 SP3 is installed

0
Posted by Christian Pedersen on August 28, 2010 – 14:55
Filed under Exchange 2010

According to Technet you should be able to install Exchange 2010 in an environment where Exchange 2007 is installed. But when running the setup.com /ps to extend the schema for Exchange, the following error message may be displayed:

 

 Schema

 

This error appears if you have extended the schema for Exchange 2007 SP3, because the schema version for SP3 is higher than the one for Exchange 2010 RTM.

Luckily Exchange 2010 SP1 has been released. SP1 introduces a higher schema version that 2007 SP3 and thus solves the problem.

 

Below an overview of the Exchange versions and which schema version they use:

Exchange

Forest (rangeUpper)

Forest (objectVersion)

Domain (objectVersion)

2000 RTM

4397

N/A

4406

2000 SP3

4406

N/A

4406

2003 RTM

6870

6903

6936

2003 SP2

6870

6903

6936

2007 RTM

10637

10666

10628

2007 SP1

11116

11221

11221

2007 SP2

14622

11222

11221

2007 SP3

14625

11222

11221

2010 RTM

14622

12640

12639

2010 SP1

14726

13214

13040

 

 

Exchange 2010 SP1 released

0
Posted by Christian Pedersen on August 25, 2010 – 20:25
Filed under Exchange 2010

Overview

Microsoft Exchange Server 2010 helps IT Professionals achieve new levels of reliability with greater flexibility, enhanced user experiences, and increased protection for business communications.
  • Flexible and reliable – Exchange Server 2010 gives you the flexibility to tailor your deployment based on your company’s unique needs and a simplified way to keep e-mail continuously available for your users.
  • Anywhere access – Exchange Server 2010 helps your users get more done by giving them the freedom to securely access all their communications – e-mail, voice mail, instant messaging, and more – from virtually any platform, Web browser, or device.
  • Protection and compliance – Exchange Server 2010 delivers integrated information loss prevention, and compliance tools aimed at helping you simplify the process of protecting your company’s communications and meeting regulatory requirements.

Release notes

Download here

Exchange 2010 SP1: Database Integrity checking

0
Posted by Christian Pedersen on August 24, 2010 – 07:53
Filed under Exchange 2010

Since the earliest versions of Exchange Server, the Information Store Integrity Checker (ISInteg) has offered Exchange administrators a way to check mailbox and public folder database integrity. ISInteg checks and fixes Exchange database errors that may prevent the database from mounting, prevent the user from logging on or from receiving, opening or deleting email. Curious to know what changes are coming to ISInteg in Exchange 2010 SP1? Let’s take a look.

In Exchange 2010 SP1, ISInteg is no longer a standalone program.

The functionality provided by the ISInteg tool has been rolled into two new Exchange Management Shell cmdlets:

  • New-MailboxRepairRequest
  • New-PublicFolderDatabaseRepairRequest

Note: Like other Shell cmdlets, these are subject to Role-Based Access Control (RBAC) scoping restrictions. For details, see Understanding Management Role Scopes.

Cool Features

These new ISInteg cmdlets come with some cool new functionality!

  • The cmdlets work with the database mounted. It’s no longer required to unmount the database to perform an integrity check or fix database errors.
  • You can repair logical corruption at the mailbox level.
  • You can fix corrupt search folders.
  • You can fix the Provisional Fid.
  • You can fix Aggregate Counts.

ISInteg can now work at the database or mailbox level

How does it do that? Well, the new schema in Exchange 2010 effectively partitions the database by mailbox. So the top problems fixed by ISInteg are now mostly limited to the affected mailboxes only. Previous versions of ISInteg required the database to be offline while validation and fixing are in progress. In Exchange 2010 SP1, the ability to do these checks at the mailbox level removes the need to dismount the database. It is actually required to have ISInteg operate against an online database!

New-MailboxRepairRequest

The New-MailboxRepairRequest cmdlet detects and fixes the following types of mailbox corruptions:

  • Search folder corruptions (SearchFolder): Repair tasks now look for all folders named in ptagSearchBacklinks, ptagSearchFIDs, and ptagRecursiveSearchFIDs and verifies that each folder exists. If the folder no longer exists, then it will remove that folder from the list.
  • Aggregate counts on folders that aren’t reflecting correct values (AggregateCounts): Repair tasks tally all messages in a folder and keep a running total of various counts and sizes. Once the iteration is complete, it will verify the computed counts against the persisted counts on the Folders table record for the folder. If there is a discrepancy, it will update the persisted counts to reflect the computed counts.
  • Views on folders that aren’t returning correct contents (FolderView): Repair tasks will iterate over all views for a folder and for each one, bring the view fully up to date and then reconstruct a temp copy. If there is a discrepancy between the existing view and the contents of the temp table, it will delete the view so it can be rebuilt from scratch the next time it is requested.
  • Provisioned folders that are incorrectly pointing into unprovisioned parent folders (ProvisionedFolder): Repair tasks can fix Provisioned folders incorrectly pointing into unprovisioned parents or vice versa.

Syntax

New-MailboxRepairRequest -Mailbox <MailboxIdParameter> -CorruptionType <MailboxStoreCorruptionType[]> [-Archive <SwitchParameter>] [-Confirm [<SwitchParameter>]] [-DetectOnly <SwitchParameter>] [-DomainController <Fqdn>] [-WhatIf [<SwitchParameter>]]

New-MailboxRepairRequest -Database <DatabaseIdParameter> -CorruptionType <MailboxStoreCorruptionType[]> [-Confirm [<SwitchParameter>]] [-DetectOnly <SwitchParameter>] [-DomainController <Fqdn>] [-WhatIf [<SwitchParameter>]]

Parameters

  • Database, Mailbox and Archive: You can repair an entire mailbox database or a specified mailbox by specifying either the Database or the Mailbox parameter. You can’t use both. To repair the archive mailbox for the specified user, use the Archive switch.
  • CorruptionType: (at least 1 required) you are already familiar with, we discussed them above:
    • SearchFolder
    • AggregateCounts
    • ProvisionedFolder
    • FolderView

    You can run a repair task with multiple parameters if you separate them with a comma (as shown in the Examples section below).

  • DetectOnly: (Optional) The DetectOnly switch secifies that you want this command to report errors, but not fix them. You don’t have to specify a value with this switch.
  • Other Optional Parameters: This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer and OutVariable. For more information, type “get-help about_commonparameters”.

      New-PublicFolderDatabaseRepairRequest

      The New-PublicFolderDatabaseRepairRequest cmdlet detects and fixes Public Folder replication state problems.

      Syntax

      New-PublicFolderDatabaseRepairRequest -Database <DatabaseIdParameter> -CorruptionType <PublicFolderDatabaseCorruptionType[]> [-Confirm [<SwitchParameter>]] [-DetectOnly <SwitchParameter>] [-DomainController <Fqdn>] [-WhatIf [<SwitchParameter>]]

      Parameters

      • Database: (required) Specifies the Public Folder database on which you will run this command. You can use one of the following values:
        • GUID of the database
        • Database name
      • CorruptionType: (required) Pretty easy, there’s only one value.
        • ReplState
      • DetectOnly: (optional) Specifies that you want this command to report errors, but not fix them. You don’t have to specify a value with this parameter.
      • Other Optional Parameters: This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer and OutVariable. For more information, type “get-help about_commonparameters”.

        Examples

        New-MailboxRepairRequest -Mailbox administrator@contoso.com -CorruptionType SearchFolder, AggregateCounts, ProvisionedFolder, FolderView

        New-MailboxRepairRequest -Mailbox administrator -CorruptionType SearchFolder, AggregateCounts, ProvisionedFolder, FolderView -WhatIf

        New-PublicFolderDatabaseRepairRequest -Database PFD01 -CorruptionType ReplState -DetectOnly

        Some additional examples are provided in the cmdlet help. You can retrieve them using the following commands, or refer to New-MailboxRepairRequest and New-PublicFolderDatabaseRepairRequest cmdlet reference:

        Get-help New-MailboxRepairRequest -examples
        Get-help New-PublicFolderDatabaseRepairRequest -examples

        I recommend that you get to know the cmdlets by using the cmdlet reference docs, or by using the following commands to retrieve detailed help from the shell:

        Get-help New-MailboxRepairRequest -detailed (or -full)
        Get-help New-PublicFolderDatabaseRepairRequest -detailed (or -full)

        Event Reporting

        After submitting the Mailbox or Public Folder repair request, you can monitor its progress with the Event Viewer. That’s right, no more text logs to weed through. The events are logged under the MSExchangeIS Mailbox Store source.

        The following event IDs will be logged for repair requests:

        • 10047 A mailbox-level repair request started
        • 10064 A Public Folder repair request started
        • 10048 The repair request successfully completed.
        • 10050 The mailbox repair request task skipped a mailbox .
        • 10059 A database-level repair request started.
        • 10062 Corruption was detected.


        Figure 1: Mailbox or Public Folder database repair request events are logged in the Application event log

        Note: the repair events will only show up on the mailbox server where the mailbox or Public Folder is located.

        This is very important to remember. Just because you fired off a repair task on a mailbox server does not mean the events will show up on that server. The repair task will be run on the database where the mailbox itself is, and the events will be in the event log on that mailbox server and that server alone.

        Things to remember:

        • Only 1 active repair task is permitted to be running per server if the active task is a database level repair.
        • Only 100 mailbox level active repair tasks are permitted to be running at once per server.
        • There is no -Server parameter to do all databases or mailboxes on a server.
        • The repair task dies on database dismount or store stop/crash.
        • The only way to stop a repair is to stop the store or dismount the database.
        • Mailbox access will be disrupted for the mailbox that is being repaired.
        • Repair for a mailbox will skip a mailbox if it has been quarantined.
        • Repair will cause a move-mailbox operation to be delayed until the repair is finished

         

        Source: http://msexchangeteam.com/archive/2010/08/23/455899.aspx

        Operating a Global Messaging Environment by Using Exchange Server 2010 paper from MS IT Showcase

        0
        Posted by Christian Pedersen on August 17, 2010 – 07:22
        Filed under Exchange 2010

        Summary:

        Enterprise IT organizations, including the Microsoft Information Technology (Microsoft IT) group, deal with service level agreements (SLAs) and power users accustomed to high levels of performance, availability, and responsiveness. The 180,000-plus users at Microsoft send over 15 million internal e-mail messages a day from more than 150 offices worldwide, as well as from home and while on the road. At Microsoft, many business-critical communication processes depend on the availability of messaging services provided through Microsoft® Exchange Server 2010.

        Managing the complex Microsoft IT infrastructure is a team effort that involves many different groups, such as the Datacenter team, the Network Infrastructure team, the Active Directory® team, and the Exchange Messaging team. Overall, Microsoft IT manages two distinct environments: a pre-release production environment to test new product versions and upgrades prior to their release to manufacturing (RTM) and a corporate production environment to provide IT services to Microsoft users. Within these environments, the Microsoft IT Exchange Messaging team handles all Exchange-related operation, management, administration, and process optimization. In that role, the Exchange Messaging team works with many other peer teams at Microsoft IT, sharing its operations and process optimization expertise to help those teams implement efficient and reliable operations processes.

        The Messaging Operations group within the Exchange Management team must meet several reliability, availability, and performance targets (such as 99.99 percent availability of Exchange services). To meet these targets, the Messaging Operations group makes use of industry-standard methodologies such as Microsoft Operations Framework (MOF), Microsoft Solutions Framework (MSF), and Information Technology Infrastructure Library (ITIL). For example, the operations model that the Messaging Operations group implemented based on the ITIL framework relies on structured incident management, problem handling, configuration management, and change control processes. These processes enable the Messaging Operations group to capitalize on Exchange Server 2010 administrative features, such as the Exchange Management Console (EMC), to reduce operations costs and ensure efficiencies.

        The key to success in daily operations is the right combination of technology, people, and processes. For example, the Messaging Operations group uses technical tools, such as the built-in product features of Exchange Server 2010 and Microsoft System Center Operations Manager, combined with a clear team structure and work processes that facilitate collaboration. Built-in product features of Exchange Server 2010, such as Database Availability Groups (DAGs), help the Messaging Operations group meet 99.99 percent availability and performance targets. New tools and software features, and optimization opportunities gained through customer feedback, enable the Messaging Operations group to analyze and implement changes when necessary to keep pace with the innovative and agile business landscape at Microsoft.

        This white paper is for business decision makers, technical decision makers, and operations managers. It assumes that the reader has a working knowledge of Microsoft Windows Server® 2008, Active Directory, Exchange Server 2010, and Microsoft System Center Operations Manager. Because many of the principles and procedures discussed in this paper are based on standard operations methodologies, a high-level understanding of the MOF, MSF, and ITIL models is also helpful.

        http://technet.microsoft.com/en-us/library/ff934521.aspx

        Understanding the Relative Costs of Client Access Server Workloads In Exchange Server 2010

        0
        Posted by Christian Pedersen on August 17, 2010 – 07:06
        Filed under Exchange 2010

        Estimating your Exchange Server 2010 Client Access server capacity needs is a critical setup task. The Client Access server is the entry point for all users. In addition, the Client Access server hosts important services used by the other Exchange server roles. This white paper presents an estimate of the relative CPU weights of the different protocols on the Client Access server that can be used to produce a more detailed estimate of hardware needs when you design a new Exchange 2010 deployment or expand an existing one. As part of the testing performed while researching this white paper, the effect of MailTips and the cost of NTML versus Basic authentication were also compared.

        http://technet.microsoft.com/en-us/library/ff803560(EXCHG.141).aspx

        Microsoft Forefront Protection Server Script Kit released

        0
        Posted by Christian Pedersen on August 10, 2010 – 06:54
        Filed under Forefront FSE

        The Microsoft® Forefront® Protection Server Script Kit provides multi-server management for Forefront Protection 2010 for Exchange Server and Forefront Protection 2010 for SharePoint®. In addition to the ability to manage multiple Forefront servers from a single location, this Solution Accelerator provides easily extensible command-line scripts that help enable server discovery, configuration, deployment, and integration with existing management technologies. It also offers basic reporting capabilities to detect configuration drift and monitor server statistics.

        Supported Products

        • Forefront Protection 2010 for Exchange Server
        • Forefront Protection 2010 for SharePoint

        Configuration Management and Reporting

        • Capture server configuration snapshots and push snapshots to any number of servers
        • Compare configuration of any number of servers or baselines
        • Obtain statistics from one or many servers, including information about infected files, detected malware, server health, and more
        • See summary and/or server detail views

        Ease of Use

        • Discover Forefront Protection Servers and export information to a .CSV file
        • Use customizable Windows PowerShell™ scripts to enhance your existing automation


        Full documentation here

        Download here

        July 2010 Updates to Communicator and OCS (Cumulative Update 6)

        0
        Posted by Christian Pedersen on July 29, 2010 – 15:49
        Filed under OCS 2007

        There has been a new round of updates for Communicator 2007 R2, OCS 2007 R2, and OCS 2007 R2 Group Chat – known as Cumulative Update 6 (CU6).

        ** July 26, 2010 Update **:  There have been several reports of problems (failure of the Front End Service to start) after applying the CU6 updates on the server. Consider holding off applying this update until more information is known.  It is important to install the CU 6 update to the back end database role first (see Description of the cumulative update package for Office Communications Server 2007 R2 database: July, 2010).  So far, the problems appear to be related to this, but more information to come.

        Client Updates

        Communicator 2007 R2:

        Communicator 2007 R2 Phone Edition:

        Communicator 2007 R2 Mobile:

        OCS 2007 R2 Group Chat Client:

        Server Updates

        OCS 2007 R2 Server:

        OCS 2007 R2 Group Chat Server:

        OCS 2007 R2 Group Chat Admin Tool:

        Publishing Exchange 2010 with Forefront UAG 2010 and Forefront TMG 2010

        0
        Posted by Christian Pedersen on July 19, 2010 – 18:17
        Filed under Exchange 2010, Forefront TMG and UAG

        Allowing access to corporate resources from any location, perhaps using devices that are not controlled by the organization, presents additional risk to the security of the data and services being accessed. Therefore it’s critical to take measures to ensure that the data is being accessed securely, which means implementing technologies such as certificates, firewalls, enforcing pre-authentication, and device or endpoint validation. This white paper provides detailed information about publishing Microsoft Exchange Server 2010 using Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010, including how to choose between them for different scenarios, and provides specific steps you can take to configure Forefront TMG and Forefront UAG to publish Exchange 2010.

        This white paper provides information about publishing Microsoft Exchange Server 2010 using Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010, including how to choose between them for different scenarios, and provides specific steps you can take to configure Forefront TMG and Forefront UAG to publish Exchange 2010.

        Download the whitepaper here