Free/Busy Federation Troubleshooting

I have had the pleasure of being the administrator of the very first organization to implement the new Exchange 2010 Free/Busy Federation (from now on I will call it F/B Fed) infrastructure last year during the Exchange 2010 TAP (Technical Adaption Program).  In doing so, I have been given the opportunity to work directly with a couple of the Microsoft Exchange Product Group members (thank you Ladislau and Matthias!!!) that guided me through the initial implementation and troubleshooting of Free/Busy Federation when it occasionally went awry.  I could probably write a small whitepaper on what I have learned, however for the purposes of this blog post, I wanted to delve into the latest issue I had. 

Recently, the public certificate we had been using for OWA, etc… and therefore for F/B Fed was going to expire and the cert vendor had made some changes to the UC certs they offered so we had to make a cert change, not just a renewal.  After we installed the new certificate and began using it for all the other web services (OWA, OA, EAS, etc…), we turned to F/B Fed and ran two commands with the intent of rolling to the new certificate.

Set-FederationTrust -Identity MyFederationTrust -Thumbprint <your new cert thumbprint here>

Set-FederationTrust "MyFederationTrust" –PublishFederationCertificate

The problem is, it didn’t work.  The new certificate didn’t get rolled to as it should have.  Instead, I received the error shown below.

An error occurred accessing Windows Live. Detailed information: "The request failed with HTTP status 403: Forbidden.". + CategoryInfo: ResourceUnavailable: (:) [Set-FederationTrust], LiveDomainServicesAccessException + FullyQualifiedErrorId: 7CDAC73F,Microsoft.Exchange.Management.SystemConfigurationTasks.SetLiveFederationTrust

Next, I validated that the new certificate was in fact valid and that the certificate was enabled for Server Authentication.

So Far, everything looked ok, but we still couldn’t roll the cert properly and federation had stopped working as well.  ARGH..

After a bit more trial and error, it had seemed like the Set-FederationTrust command shown earlier had finally worked, at least it didn’t give me an error when I ran it, however, F/B Fed still wasn’t working and when I ran Test-FederationTrust –Verbose, I received the following error in response.

RunspaceId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Id         : OrganizationPreviousCertificate Type       : Error Message    : Certificate referenced by property OrgPrevPrivCertificate in the FederationTrust object is expired.

With the help of Matthias, I ran the following script in order to attempt to push the old certificate completely out of the Federation system.

$a = Get-FederationTrust

Set-FederationTrust -Identity $a.Identity -Thumbprint $a.OrgPrivCertificate

Set-FederationTrust -Identity $a.Identity –PublishFederationCertificate

Unfortunately, when I ran the second command, I received a new error.

Federation certificate with thumbprint "C54359E291F10213…" must have a unique Subject Key Identifier.  The Subject Key Identifier "1A29F0C8C62971EA524BE4…" is already used by the certificate with thumbprint "C54359E291F10213…". + CategoryInfo: InvalidArgument: (:) [Set-FederationTrust], ProvisionerConfigException + FullyQualifiedErrorId: 4CFC5CA6,Microsoft.Exchange.Management.SystemConfigurationTasks.SetLiveFederationTrust

So, it seemed at the time that the issue was more of a security one due to the beta we are running for Service Pack 1, so we tried a different approach.

$a = get-federationtrust

$b = "LDAP://" + $a.DistinguishedName

$c = [ADSI]$b

If ($c.msExchFedOrgPrevPrivCertificate -ne $null) { $c.PutEx(1, "msExchFedOrgPrevPrivCertificate", 0) }

If ($c.msExchFedOrgPrevCertificate -ne $null) { $c.PutEx(1, "msExchFedOrgPrevCertificate", 0) }

$c.SetInfo()

I ran that script (without error) and waited for AD to replicate.  Afterwards, I ran Test-FederationTrust –Verbose again, this time with a slightly different error, yet still related to the “msExchFedOrgPrevPrivCertificate” attribute.

RunspaceId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Id         : OrganizationPreviousCertificate Type       : Error Message    : Unable to find certificate referenced by property OrgPrevPrivCertificate in the FederationTrust object.

Hmmm…  that is interesting, now I don’t have a value in that attribute at all!  So I checked that by running Get-FederationTrust | fl and sure enough, this attribute was empty from Exchange’s point of view.  However, not fully convinced, Ladislau recommended I run the script below just to ensure it really was missing from AD.

$a = get-federationtrust

$b = "LDAP://" + $a.DistinguishedName

$c = [ADSI]$b

$c | fl * -force

And of course, it was actually missing from AD as well….

Come to find out, I had hit a new unknown bug on cert rolling and had to run this final script to set the msExchFedOrgPrevPrivCertificate attribute and get F/B Fed working again.

$a = get-federationtrust

$b = "LDAP://" + $a.DistinguishedName

$c = [ADSI]$b

$c.msExchFedOrgPrevPrivCertificate = $c.msExchFedOrgPrivCertificate

$c.SetInfo()

Now, when I run Test-FederationTrust –Verbose I get a “Success” on all tests!  And our users are happy because Free/Busy Federation is once again working as advertised.  I hope these little insights are helpful to others when they use their favorite search engine to find answers to their own Federation issues. 

Until next time…   

Download the updated E2010 Mailbox Server Role Calc!

Well, the boys in Redmond (thanks Ross and the soon to be Greg) for another fantastic update to the Exchange 2010 Storage Server Role Calculator!  There are a bunch of fixes in this version since the release of version 3.5.  According to the Version Notes, these include:

Version 3.6 - Fixed Number of Mailboxes per Database (I/O Driven) calculation formula to round down thereby adding additional IO buffer in the max number of mailboxes per database that could be supported in JBOD scenario (Perry Thompson); comment fixes
Version 3.7 - Fixed processor core calculations for secondary datacenter that resulted in error when only lagged copies are deployed; formatting fixes
Version 3.8 - Fixed number of lagged copy server calculation to round (Justin Brown)
Version 3.9 - Fixed required mailbox core CPU calculations to take into account that certain site resilient scenarios result in neither datacenter supporting a single server failure
Version 4.0 - Fixed /DAG LUN Size calculation to calculate based on number of servers and not total number of database copies (Wilfried van Oosterhout)
Version 4.1 - Added better explanation in JBOD scenario when disk selection falls short either via capacity or IO reasons (Jeremy Gagne)
Version 4.2 - Added Restore LUN RAID parity options (Robert Gillies and Rick Shire)
Version 4.3 - Conditional Formatting fixes (Robert Gillies)
Version 4.4 - Added minimum number of global catalog cores (James Reed)
Version 4.5 - Improved formatted capacity calculation formula (Kyryl Perederiy)

Lets just say it is well worth the download!  So… What are you waiting for….  http://msexchangeteam.com/files/12/attachments/entry453145.aspx

OCS 2007 R2 Workload Architecture Poster

I ran into a poster that Microsoft published a few days ago that details the traffic flow of protocols and ports used in each workload within Office Communications Server 2007 R2 (OCS 2007 R2). OCS 2007 R2 supports the following workloads: IM and Presence, Conferencing, Application Sharing, and Enterprise Voice. These filtered views can assist you in architecting your deployment of Communications Server 2007 R2. The different server roles are described along with server certificate requirements. Firewall and DNS configuration requirements are also described.

Get your copy at: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=af2c17cb-207c-4c52-8811-0aca6dfadc94

Newly updated Exchange 2010 Mailbox Requirements Calculator

Microsoft (thank you Ross and Matt!) have released a much needed update to the Exchange 2010 Mailbox Requirements Calculator. 

This version includes the following improvements and new features:

• Added processor core guidance for Hub Transport and Client Access server roles.
• Added the ability to define a custom number of databases that you would like to implement in the solution.
• Added support for 2-node site resilient Database Availability Groups.
• Added 1 and 6 processor cores as selectable options.
• Improved breakdown of the activation scenarios in a site resilient solution.
• Improved breakout of the role requirements section.
• The Storage Design tab now indicates that when you select a custom RAID configuration that the calculator ignores RAID-5 and RAID-6 for 5.xK and 7.2K spindles due to performance concerns.
• Updated processor utilization results to show the processor utilization even if it is above the recommended threshold.
• Made conditional formatting improvements throughout the calculator to warn you when you have a configuration that will not work.
• Improved various cell comments.

This version also corrects the following bugs:

• Fixed LUN Requirements tables to accurately reflect space requirements when database copies are deployed as each server may not host all database copies.
• Fixed conditions that resulted in -1 lagged copies.
• Improved the active database copies after first/second server failure calculations:
  • We now calculate and expose the worst case scenario (the server that has to host the most active databases) is used in sizing memory and CPU.
  • We now ensure that the secondary datacenter calculations only consider double server failures when there are 3+ HA copies located in the secondary datacenter.
• Removed maximum memory stipulation in the minimum ESE cache memory calculation.

For more information on this new update: http://msexchangeteam.com/archive/2009/11/09/453117.aspx

You can download the update from: http://msexchangeteam.com/files/12/attachments/entry453145.aspx

Exchange Server 2010 Deployment Assistant Expanded

In November, Microsoft launched the Exchange Server 2010 Deployment Assistant. In the initial version of the Deployment Assistant, content was available for customers upgrading from Exchange 2003. Microsoft has now announced that they have  released content for the following scenarios to http://technet.microsoft.com/exdeploy2010:

• Upgrading from Exchange Server 2007
• Upgrading from a mixed Exchange Server 2003/2007
• New Exchange Server 2010 installation

The Deployment Assistant allows you to create Exchange 2010 deployment instructions that are customized to your environment. The Deployment Assistant asks a small set of questions, and based on your answers, it provides a set of instructions that are designed help you install and complete a basic configuration on Exchange 2010. Instead of reading dozens of topics in the Exchange 2010 Technical library, you simply answer a few questions, and the Deployment Assistant gives you customized content to install Exchange 2010. 

I would recommended however that you also read the Technical Library later on as the instructions provided are basic and may not meet all of your needs if you already have an older install of Exchange that isn’t a standard installation or if you have another mail system such as Lotus Domino or GroupWise.

New uses for DiskPart CLI

So, here I am, reading new email (at 10pm I might add) from within the Exchange Master and Architect Community when I came across a thread started by one of the other long time Exchange Masters (thanks Derrick!) around the topic of using DiskPart for automation.  Now, many of us remember using DiskPart or DiskPar in older versions of Exchange when we were running it on Windows 2003 and earlier Operating Systems.  We used to use it to align the disk offset with the recommended settings from the disk subsystem manufacturer, often 64 or 128 instead of the default for Windows back then of 63.  And to be honest, I haven’t really thought much about DiskPart lately since we don’t require it for Windows 2008 (the default now in Windows is 64 – Yeah!).  

As the email pointed out, DiskPart now supports a Command Line Interface (CLI) that can be used for automation of Disk subsystem configuration and management.  Way cool eh!?

Microsoft has posted a TechNet article called “DiskPart Command-Line Options”.

So, what is new in the current release of DiskPart?  Read on:

1. One nice addition to diskpart scripting file is they finally have the NOERR parameter, so when a single typo dumps you out like before causing the user to create a second file with the fixed entries minus everything that worked.  Major Pain.

Ex: assign [{letter=d|mount=path}] [noerr]

2. Format: you can now format from inside Diskpart.  So the need for a second script file to Format all those drives is no longer needed. 

Ex FORMAT FS=NTFS LABEL="New Volume" QUICK

3. AUTOMOUNT: be careful.  This could really mess up clustering (if not in exchange) if used at the wrong time.

How does this make your life simpler?  If you have lots of drives, having to do each one manually, creating partitions, then assigning mount points through disk manager UI takes forever. Formatting through the UI (selecting each drive and waiting) also takes forever.  Now it all can be done in one place, and you are sure that you are selecting the correct drive for naming since its in the same command set.

To run the answer file with diskpart

C:\DISKPART /s ANSWERFILE.txt

Diskpart answer file example: 

select disk 10

online disk noerr

attributes disk clear readonly noerr

create partition primary noerr

select partition 1

assign mount C:\EXCHANGE_MOUNT_POINTS\MDB1 noerr

FORMAT FS=NTFS unit=65536 LABEL="New Volume" QUICK noerr

Results:

Exchange 2007 SP2 RU1 – Raising diagnostic logging for “Message Access” causing calendar issues for users

Microsoft posted yesterday a new issue that administrators can cause with user calendaring just by increasing the diagnostic logging for “Message Access” to anything other than “Lowest”.  This seems to impact Exchange Server 2007 Service Pack 2 implementations up through Roll Up 1.  A KB article is not available yet, but appears to be in the works.  Based upon this Microsoft EHLO Blog article, the following information has been released on this issue. 

What the users may see

Symptoms before applying the pending update:

• Access to recurring appointments (which have attachments for the instances) is broken - Outlook in online mode receives an "Item cannot be opened" error.
• Sending an embedded message in cached mode results in the attachment being stripped.
• Availability is not shown for some users.

The following symptoms may persist, even after applying the update or manually setting the Message Access diagnostic level back to Lowest:

• Certain users show no availability information from Outlook or OWA scheduling assistant.  Also, event id 4009 for MSExchange Availability is logged on servers with the CAS role

Exception returned:

Microsoft.Exchange.Data.Storage.ObjectNotFoundException: Cannot open embedded message.

• Delegates viewing calendars receive the error:

Cannot read on instance of this recurring appointment. Close any open appointments and try again, or recreate the appointment

• Messages are sent to ActiveSync devices with the following text:

Microsoft Exchange was unable to send the following items to your mobile device. These items have not been deleted. You should be able to access them using either Outlook or Outlook Web Access.

• When accessing Calendar from OWA, the day, week or month viewing will fail with the error:

The item that you attempted to access no longer exists.

We have determined these symptoms are primarily due to calendar items affected between the time logging was increased and when the pending update or workaround is implemented. Recurring calendar items with no end date that have had an occurrence modified seem most susceptible.  A quick method to find these visually is to look for the circling arrows with a line through it.

Does this apply to you?

Before the release of the pending update, if any Exchange Server 2007 SP2 server with the Mailbox role has the following new event log level raised from Lowest, this applies to you.

MSExchangeIS\9000 Private\Message Access

How to check your Organization for the problem

You can determine if your MBX servers are at risk by looking in the following places:

1) The new GUI introduced in SP2 - in the Exchange Management Console under Server Configuration, Mailbox, select the server and choose Manage Diagnostic Logging Properties...

2) In the registry for each MBX server [Lowest = 0]

3) Run the following Exchange CMDlet to find all Exchange 2007 MBX servers and this specific diagnostic logging level for Message Access:

Get-MailboxServer | foreach {Get-EventLogLevel -id ($_.name + "\MSExchangeIS\9000 Private\Message Access")}

How to correct the problem

If any MBX server is found to have logging above the default before the pending update is applied, you should reset it to Lowest manually.  Note which MBX servers are configured with the non-default level and then run this CMDlet to ensure they are all set to "Lowest"

Then either remount the databases or restart the Information Store service.

Get-MailboxServer | foreach {Set-EventLogLevel -id ($_.name + "\MSExchangeIS\9000 Private\Message Access") -Level "Lowest"}

A sample PowerShell script is available here to track down calendar items contributing to the symptoms that persist after applying the workaround detailed above.  This script will identify the day containing problem appointments and can be run against a specific mailbox or all Exchange 2007 mailboxes.  The requirements for running the script are detailed in the script comments. The sample script uses the $true argument to enumerate all Exchange 2007 mailboxes and user42@contoso.com to initialize the Autodiscover portion of the Web Services object:

[PS] C:\Powershell\scripts> .\Find-BadCalendarItems.ps1 user42@contoso.com $true
Checking mailbox: user01@contoso.com
Checking mailbox: user02@contoso.com
...
Checking mailbox: user42@contoso.com
Checking mailbox: repro01@contoso.com
Failed: 11/30/2009 - 12/30/2009
Error: Mailbox logon failed., inner exception: Cannot open embedded message.

Day failed: 12/2/2009
Checking mailbox: repro02@contoso.com
Failed : 11/30/2009 - 12/30/2009
Error: Mailbox logon failed., inner exception: Cannot open embedded message.

Day failed: 12/23/2009
Checking mailbox: user43@contoso.com
Checking mailbox: lastuser@contoso.com
Problems found:
repro01@contoso.com: 12/2/2009
repro02@contoso.com: 12/23/2009
Done!

Now that 12/23/2009 has been identified as the problem date for user repro02@contoso.com, you can use Outlook to find any recurring calendar items with no end date that have had an occurrence modified on that day. Copy that occurrence [either to a temporary Calendar folder or even to a different time that day] then delete just that occurrence. Moving the copy back or manually recreating the instance will resolve the symptom for that user.

Happy whatever…

To All My Liberal Friends and Colleagues:

Please accept with no obligation, implied or implicit, my best wishes for an environmentally conscious, socially responsible, low-stress, non-addictive, gender-neutral celebration of the winter solstice holiday, practiced within the most enjoyable traditions of the religious persuasion of your choice, or secular practices of your choice, with respect for the religious/secular persuasion and/or traditions of others, or their choice not to practice religious or secular traditions at all. I also wish you a fiscally successful, personally fulfilling and medically uncomplicated recognition of the onset of the generally accepted calendar year 2010, but not without due respect for the calendars of choice of other cultures whose contributions to society have helped make America great. Not to imply that America is necessarily greater than any other country nor the only America in the Western Hemisphere. Also, this wish is made without regard to the race, creed, color, age, physical ability, religious faith or sexual preference of the wish.

To My Conservative Friends and Colleagues:

Happy New Year, in the year of our Lord, 2009/2010!!

Exchange 2010 Transport Architecture Diagrams

The Exchange 2010 transport server role architecture diagrams are now available for download. The Hub Transport Role Architecture diagram can help you understand the different transport components involved in processing and routing messages, the different transport and routing agents that act upon messages and the SMTP events on which they are triggered, and visualize the mail flow.

The Hub Transport Extensibility diagram can help you understand how different transport agents process a message in the Exchange 2010 transport pipeline.

Both diagrams can be downloaded from Microsoft Exchange Server 2010 Transport Server Role Architecture Diagrams.

Note that Exchange 2010 includes internal or built-in transport agents which are not visible when you use the Get-TransportAgent or Get-TransportPipeline cmdlets. The list includes transport agents that implement Information Rights Management (IRM) functionality- the RMS Protocol Decryption agent, Journal Report Decryption agent, RMS Encryption agent, and Prelicensing agent, as well as the Journaling agent. To learn more about transport agents, see Understanding Transport Agents in Exchange 2010 documentation.

It’s Official: RIM/BES Supports Exchange 2010!

It has been announced on the EHLO Blog yesterday that RIM now fully supports Exchange Server 2010.

In order to enable full support, three updates are required:

• Roll-Up 1 (RU1) for Exchange Server 2010
  
• MAPI v6.5.8147
  
• BlackBerry Enterprise Server 5.0.1 Maintenance Release 1 (MR1)
  

All three of these updates are available to customers of Exchange Server 2010 and BlackBerry Enterprise Server v.5.0 with Service Pack 1 at no cost. BlackBerry Enterprise Server v5.0 Service Pack 1 and Maintenance Release 1 can be found here: http://www.blackberry.com/support/downloads

Additional information on the solution requirements, preparing the BlackBerry environment for Microsoft Exchange Server2010, can be found on the BlackBerry site here.

Today's roll up also includes other minor updates to areas including calendaring, OWA, and transport. You can read more about Exchange Server 2010 RU1 here.

Source: http://msexchangeteam.com/archive/2009/12/09/453486.aspx

Office 2010 Beta Released to the Public

Office 2010 (or more importantly Outlook 2010) Beta has been released to the public on Technet, MSDN, the Beta Connect site now!

Here are the apps available
Search Server 2010 Express Beta (x64) - (English)
SharePoint Foundation 2010 Beta (x64) - (English)
Office Web Applications Beta (x64) - (English)
Visio Premium 2010 Beta (x64) - (English)
Visio Premium 2010 Beta (x86) - (English)
FAST Search Server 2010 Beta for SharePoint (x64) - (English)
Project Server 2010 Beta (x64) - (English)
Project Professional 2010 Beta (x64) - (English)
Project Professional 2010 Beta (x86) - (English)
Office Professional Plus 2010 Beta (x64) - (English)
Office Professional Plus 2010 Beta (x86) - (English)
SharePoint Designer 2010 Beta (x86 and x64) - (English)
SharePoint Designer 2010 Beta (x86 and x64) - (English)
SharePoint Server 2010 Beta (x64) - (English)
Business Contact Manager for Microsoft Outlook 2010 Beta (x64) - (English)
Business Contact Manager for Microsoft Outlook 2010 Beta (x86) - (English)


These are the new icons…

One of the many new feature changes from the earlier Office 2010 CTP release is the ability to enable color schemes and specifically black. I do like this feature and this color choice since it allows for more emphasis on the document and less on the menus.
MS Word 2010 in Black color scheme

MS Outlook 2010 in Black color scheme

 Message Reviewer showing social networking features

 This is pretty awesome as it shows you the RSS feeds from this person, the emails received, the attachments they have sent me, the appointments I have with them, and the OCS IM transcripts we have had together. (kinda brings a lot of Xobni into Outlook by default)

I think this download is a great thing for everyone to try out… Come and get it!!!

Exchange 2010 Deployment Assistant

Microsoft has released an updated "basic" Deployment Assistant to aid organizations with guiding them through the basic process of implementing Exchange 2010 in an existing Exchange 2003 or Exchange 2007 organization as well as a newly created organization. It does give good information for those organizations that are smaller or only needing some basic information. I think it is a good start for those organizations that are complex in nature or for those that do not have very experienced on site engineers. Of course, I might be a bit biased ;-) based upon my consulting background.

The Deployment Assistant is available at http://technet.microsoft.com/exdeployment2010

Exchange Server 2010 Reaches Public Beta

I can't believe it is finally time for me to openly (well sort of) announce and discuss the Exchange Server 2010 product which has now gone into its first public Beta as of today (04/14/2009). You can now download the public beta at this site! So, let's get down to a few of the features coming in Exchange 2010 (at least those I can opening discuss so far J ).

• Exchange 2010 should be in full release mode by the end of the year (according to this PCWorld article)
  
• Rumors have also been floating around the Internet recently that the forthcoming Office 14 (most likely will be Office 2010) will not ship until sometime in calendar year 2010.
  
  • Both product names would seem to be accurate since Microsoft typically names its products after the fiscal year in which they ship, not the calendar year. Microsoft begins its fiscal year each July 1^st.
    
• Microsoft's stated direction for new server products is to release both an On-Promise server solution as well as a hosted service based solution (currently known as BPOS).
  
• It appears that for those existing BPOS customers, they will be given the option of upgrading to the new Exchange 2010 capabilities online starting in the first half of 2010.
  
• When Exchange 2010 ships, it is expected that organizations will be able to support both an On-Premise and a Service or hosted solution seamlessly within the same company. This provides many companies I have worked with in the past the ability to support year round employees "On-Premise" and yet offer a Hosted solution for temporary or seasonal workers. This could very well benefit organizations that have large seasonal work forces that didn't or couldn't move to Exchange because of the cost involved in ramping up servers for the seasonal workers. It will be interesting to see the eventual licensing model that Microsoft chooses to use for this…
  

With this new version of Exchange, there are a large number of significant changes to the product that I will be discussing in some detail over the next few weeks/months. For now, I will focus on one new feature that enables organizations to create and easily support a more granular administration model. With Exchange Server 2007, Microsoft published White Papers such as Configuring Permissions in Exchange Server 2007 and Exchange 2007 Permissions: Frequently Asked Questions. With Exchange 2010, although no White Papers are yet available, the permission model is much simpler and is based upon the Roles (not the Exchange permission set as it has been in all previous versions of Exchange). For example, an organization might need to grant specific permissions to search and access specific mailboxes if they are a Compliance Officer or Human Resources Manager in the company (according to Julia White, director of the Exchange product management team). What took a great deal of effort in Exchange 2007 and often with only limited success will be done in Exchange 2010 with relative ease.

I am very excited about this Exchange version, more so than I remember being about any other version in the history of Exchange. And yes, for those of you who don't know me, I have been working with and implementing Exchange since the Early Adopter program for Exchange 4.0 (the very first version) and also worked with MS Mail, CC:Mail, and others before that. The Exchange Product Group has come a long way with this product and has really listened to customers with regard to some of the key pain points they experienced in earlier versions of Exchange. The Product Group, in my opinion, has worked hard to resolve these pain points in Exchange 2010, often in very creative ways that I think will "Just work".

In future posts, I will be covering these topics related to Exchange 2010:

• Storage goals and design changes
  
• OWA Feature Updates
  
• Management and Permission Changes for users and administrators
  
• Compliance with Exchange 2010
  
• High Availability and Disaster Recovery
  
• Unified Messaging Improvements
  
• Migration to Exchange 2010
  
• Developer API Changes
  

Stay tuned…

Exchange 14 Web Services Preview

Ok, so Microsoft finally has release some information I have been dying to talk about with respect to Exchange 14. Microsoft is preparing to release with Exchange 14 a managed API for Exchange Web Services that can be utilized by developers to access Exchange data within mailboxes such as folders, email, calendar, contacts, etc… The Web Services approach is nothing new as it existed in Exchange Server 2007, but most applications written for Exchange Server 2003 or 2007 still used WebDav. Exchange Web Services is the new WebDav. There is already a sample Vista Gadget available today to demonstrate this functionality.

Go here to get more information on Exchange 14 Web Services and the announcement

Here is the PDC2008 presentation on Exchange Web Services Managed API

Go here to read more about the Managed Web Services API from MSDN.

Microsoft makes available Outlook 2007 Pre-SP2 Performance update

Microsoft has released (in February of this year) a cumulative update for Office that is a pre-release of fixes due in Service Pack 2. I have been running this for a few weeks now and the biggest changes in this update are these:

Outlook Improvements

• Improved responsiveness (reduced I/O disk usage and improved UI response time)
  
• Decreased Outlook startup time
  
• GREATLY improved exit/shutdown time (this one is HUGE since it resolves the issue with Outlook not really shutting down when you ask it to).
  
• Improved performance for folder and view changes
  
• General reliability of calendar updates especially in delegate manager scenarios
  

General Improvements

• Reduced Data File Checks (this is noticed when you see the message "The data file <file name> was not closed properly…")
  
• Improved search reliability
  
• Fewer duplicate RSS items
  
• General security improvements
  

A full list of improvements and fixes included in this update are available at: http://support.microsoft.com/kb/968009/

The update is available on request from this site: http://support.microsoft.com/?kbid=961752

Using PowerShell to Provision Active Directory Users

In the last two issues of TechNet Magazine, Don Jones of Concentrated Technology, has written about scripting (and therefore automating) the creating of users accounts within Active Directory. He does use the Quest Active Roles PowerShell cmdlets to accomplish his goal, so if you don't have that, some of the details might not work for you as described. However, he does go into good detail on some basics of PowerShell scripting such as using Process blocks, and imputing data into the pipe by way of a csv file. He also includes video demonstrating the techniques. So far, 2 of the 4 parts to this story have been published, so keep watching here or on the TechNet Magazine site for the last 2 parts. All in all, it is worth the read.

Source: Automating User Provisioning, Part 1 and Automating User Provisioning, Part 2

UM and Directory Access

I ran into an interesting and bizarre issue today when working to set up a new UM server for the Exchange User Group presentation next week. Everything was working well, on an old IBM Thinkpad A30p, except when I tried accessing the Directory using OVA. UM would respond with a short (1 second or less) delay and then say "Sorry I can't help with that" and then hang up. OUCH! Nothing was originally in the event logs that defined the issue. No TAP info or Google query found anything like this. After reading the logs and CHM file again, I still found nothing. I played with changes to the UM settings, OAB settings, added a PF for OAB to rest in (just in case), nothing helped. I turned up event logging levels to medium, then maximum, still nothing.

 

Finally I turned up logging to level 7 on the different UM aspects and got two event log warnings stating that GAL.CFG and DistributionList.CFG couldn't be found in the path C:\Program files\Microsoft\Exchange Server\UnifiedMessaging\grammar\en. I looked on the install CD and there the files were. I copied the files into the directory from the CD image and the Directory access worked immediately. This was a 32 bit RTM build, so maybe this only happens in 32 bit and not 64 bit.

 

I will have to try a clean install with SP1 and see if this happens again.

Filling the "Direct Push" Gap for Windows Mobile 2003 Devices

Similar to the Messaging Security & Feature Pack (MSFP) for Windows Mobile 5.0 devices, RoadSync is now available for Windows Mobile 2003 SE handsets.
• Secure, wireless and "Direct Push" synchronization of corporate e-mail, attachments, calendar and contacts with Microsoft Exchange Server 2003 SP2
• Global Address List (GAL) Look-up
• IT Policies including Remote Wipe & Device Passwords
• Mass Configuration Tool available for faster and more managed deployments
Looks like I may have to dig out one of my old 5600's to give this a test. If someone out there using a 2003se device and exchange, has the chance, give this a shot and let us know what you think. I will try it myself, schedule permitting once I can find a phone to get charged up.

Get the Full Detail from Dataviz

Source: MoDaCo

Updated (ver 8.0) of the MS IT Message Hygiene

An updated detailed discussion on how Microsoft IT manages the large quantities of unwanted e-mail (a.k.a. spam) and malware-infected messages in its inbound Internet e-mail traffic. The paper documents how Microsoft IT uses Microsoft Exchange Server 2003 technologies, Microsoft Office Outlook 2003, and third-party solutions to both reduce the quantity of spam routed through the corporate messaging infrastructure by filtering at the gateway layer and then remove the threats in remaining messages posed by viruses, worms, and their common distribution vectors, such as file attachments.

 

Get the updated Version 8.0 here:

http://www.microsoft.com/downloads/details.aspx?familyid=17dc35ad-8ba1-48b1-91f3-563313ee878a&displaylang=en

The Size of UM Messages in Exchange Server 2007

Recently, Michael Wilson posted this blog entry on the size of UM messages….

When talking about Exchange Server 2007 Unified Messaging (UM), we often get a question: "Just how big will those messages be?"

 The size of UM voice messages depends on the size of the attachment that holds the voice data. In turn, the size of the attachment depends on three factors:

           (1) the duration of the recording

          (2) the audio codec used

          (3) the audio storage format

 UM uses one of three codecs for creating voice messages: WMA (Windows Media Audio), GSM 06.10 and G.711 PCM Linear. The WMA codec is always stored in Windows Media format (the attachment is a file with a .wma extension). Audio encoded as GSM or PCM is always stored in RIFF/WAVE format (the attachment is a file with a .wav extension).

 The graph below shows how the size of the audio depends on the duration, for the three codecs used:

 

PCM is uncompressed, and therefore occupies the most space at a given duration (just over 160,000 bytes for each 10 seconds of audio). It has the highest audio quality of the three. However, WMA and GSM are both acceptable to the vast majority of listeners.

 

GSM is compressed (just over 16,000 bytes for each 10 seconds).

WMA is the most highly compressed codec (about 11,000 bytes for each 10 seconds). However, the WMA format has a much larger header section than the WAV format (about 7K, compared to less than 100 bytes). WMA recordings become smaller than GSM recordings for durations of about 15 seconds and above. The average call-answered voice message is about 30 seconds long.

WMA is the default setting. GSM or PCM can be used where interoperability with other platforms is of great importance (the WAV format and GSM codec are widely supported).