So what's been fun on the Internet lately?

First up, in case you missed out on some of the new things from Microsoft, Windows 8 and Server 2012 are coming soon!  When you have some free time, start learning more about Server 2012 or take a close up look at Windows 8. You can even download a 90-day trial of the new desktop client.

And here are some other links to some fun things I've seen online, mostly via Twitter:

• 10+ Most Dangerous Species of Help Desk Callers
• Kids Explain Why We Should Use the Internet - where were you in 1995?

For those of you who work on Exchange, don't miss out on these:

• Fix Exchange Server 2010 SP Udpdate Errors
• Everything You Need to Know About Exchange Backups

What's A Techie To Do?

Or rather, what have I been up to lately?

Been doing a lot of "spring" cleaning at the office. Trying to tie up loose ends on lots of little projects.

1) Upgrading Shoretel - I've been using Shoretel since Shoretel 5. We've been through several upgrades since then and last week moved to Shoretel 12.3.  We have a fabulous reseller that did most of the work for me. Sometimes it's nice to just sit back and watch the magic. The trickiest part was getting the MSI file for the new desktop software, Shoretel Communicator, out of the setup file so I could deploy it with a GPO.  This guy had a good blog post that helped me out.

2) Removal of Exchange 2003 - Back in October I migrated our mail to Exchange 2010 SP1. Our old server had going through several stages of being decommissioned and had been left turned off for several months as other more pressing project got to me. I finally turned it back on and ran the setup program to remove it.  It didn't go completely flawlessly, but most issues were resolved by fixing a few public folder replication issues and then deleting the server from the Exchange 2003 ESM.

3) Training for Windows 7 and Office 2010 - We have finally reached the point where we are doing a bunch of hardware refreshes for staff in the office.  That means moving from XP / Office 2007 to Windows 7 and Office 2010.  I'm not doing the hardware deployments, but I'm responsible for providing basic training to the staff so they are prepared for some of the changes that will come.  My first two sessions were this week and I concentrated a lot on the new start menu and taskbar in Windows 7.  Also, Outlook 2010 has quite a few navigation changes that are notable.

4) De-cluttering My Desk - While not a super-techie endeavor, it needed to be done. I trashed piles of CDs and DVDs of very dated software, including diskettes for installing Windows 2000 Server. Diskettes!! Ah!!  If anyone is looking for the DVD to install Windows 95, I'm your girl. I'm hanging that in my cube for decoration.

Using Email Categories Within An Exchange Organization

Do you use the categories feature in Outlook to identify your mail?  If so, you might want that category information to be passed to others in your organization.  Starting with Exchange 2007, all categories get stripped from sent messages. Below is the PowerShell you can run to ensure that the category information stays put.

set-transportconfig -clearcategories $false

To turn it off again, change the flag to $true.

Junk Mail Settings via GPO & Exchange 2010

One of my most popular blog posts is "Control Outlook 2007 Junk Mail Settings via GPO". I've used this policy and corresponding text file for nearly two years now, without any issues.

And then I upgraded the mail server to Exchange 2010 SP1.

It was reported to me (and the "interwebs" confirm) that the import and processing of the text file for the "safe senders" has a bit of a special "feature".  If you have any addresses on the list that match your internal domain, they are removed a few minutes after the import happens.  And if you manually add any internal domain addresses to the safe senders list, they disappear too.  This happens with the Outlook 2007 and Outlook 2010 client. 

There is quite an extensive forum posting about the issue from early 2011 that you can check out. It includes some PowerShell to adjust transport rules so that domain mail has a reduced spam level. I haven't tried that though, as this issue isn't mission critical for our office.

But if you or your end users have noticed this behavior, it isn't insanity. It's just not working the way it did with Exchange 2003.

Customizing the Name of the Online Archive… Unfortunately Still Buggy.

With Exchange 2010 SP1, I have a lot more options for helping users manage their emails and help our company meet requirements regarding email retention policies, compared to past versions of Exchange. While the original Exchange 2010 RTM "Managed Folders" features are still available via PowerShell, the most current iteration of MRM involves Retention Tags and Retention Policies.

While our lawyers hammer out the details regarding how long we should be holding onto mail, I've been playing around with the tags and working out the most suitable way to implement the technology for our office. Part of this involves the use of the "Online Archive" feature as a way to eliminate the difficult to manage PST files and to ensure that the primary mailbox database remains small enough to restore quickly in the event of a system failure.

Online Archives act as an extension of the primary mailbox and the folders and mail within it are still subject to the retention tags that were applied to mail messages and folders. So for my needs, the "archive" is simply a place to automatically move the mail that is subject to our longer retention needs.

By default the label of the archive in OWA and Outlook is "Online Archive - User Name", however for my office I'd like to change the name from "Online Archive" to something more appropriate for our use of the feature, like "Retained Mail - User Name". 

The word "archive" seems to imply that any message put in that area will be saved indefinitely and I want to make sure it's clear that those messages are still subject to the retention rules. It's a cosmetic change and mostly semantics, I know, but I think it's important for the scope of our project.

Within EMC there is a spot on each users mailbox settings where you can customize the display name of the title. I changed my test account and was happy to see it reflected in OWA and Outlook 2007.  We'll be upgrading our users to Outlook 2010 in order to fully support the retention tag features, so I updated my lab workstation to Outlook 2010 as well.

Much to my dismay, I noticed the online archive title was not customized in Outlook 2010. It now read, "Archive - email address".  Curious.  I did a little search on the Internet and found a detailed posted describing the problem from fellow MVP, Tim Harrington.  The post dates back to December 2010, so I'm disappointed that the bug still exists after a year’s worth of Office 2010 patches and updates.  But there you have it.

Another quick note on Office 2010... If you launch Outlook during your Windows session, then close it and launch it again, it may hang on the "Loading Profile" step.  Switch over to Task Manager and you'll likely find several "agent" processes.  Kill them and Outlook will load properly when launched.

Recovering Exchange 2010 - Notes from the Field

With Exchange 2007/2010 more tightly integrated with Active Directory, recovering a server after a loss of hardware can be significantly easier than with previous version of Exchange. This is a boon for those of us in smaller offices where only one Exchange Server exists, holding multiple roles.

Check out this TechNet article with the basics for recovering Exchange 2010. However, there are some little tips that would be helpful, especially when you might be working under a stressful situtation to restore your mail system.

1. Make sure you know where your install directory is if Exchange isn't installed in the default location.  If you don't have it written down as part of your disaster recovery documentation, you can get that information out of Active Directory using ADSIEDIT.
2. Make sure you know the additional syntax for "setup /m:RecoverServer" switch. If you need to change the target directory the proper syntax is /t:"D:\Microsoft\Exchange\V14" or whatever your custom path happens to be.
3. If you are planning on using the /InstallWindowsComponents switch to save some time with getting your IIS settings just right, make sure you've preinstalled the .NET Framework 3.5.1 feature set first.
4. Don't forget to preinstall the Office 2010 Filter Packs. You don't need them to complete the setup, but you will be reminded about them as a requirement. 
5. Make sure you install your remote agent (or whatever components are necessary) for your backup software. Once the Exchange installation is restored, you'll need to mark your databases as "This database can be overwritten by a restore" so that you can restore the user data.

As always, planning ahead will save you in times of trouble.  Happy disaster recovery planning (and testing)!

Customizing Distribution Group Management in Exchange 2010

One of the things I allowed certain end-users to do via Outlook was manage some of their own distribution lists. With a small office and a small IT staff, constantly changing distribution list membership was an easy thing to just delegate back to the people who really "owned" those lists. In Exchange 2003, it was an easy process to delegate that ability to end-users by making them the "manager" of the list.

Shortly after the migration to Exchange 2010, I started getting reports that the distribution lists could no longer be changed by the designated list managers. Exchange 2010 RBAC roles include a role called "MyDistributionGroups" that grants the ability for end-users to view and modify distribution groups. However, it also grants the right to create new distribution lists, which was not something I wanted for non-IT staffers.

I found this great blog post, Allowing End-Users to Manage Distribution Group Membership, in Exchange 2010 by Mike Pfeiffer on how to create a custom locked-down role for distribution group management using PowerShell. Written in early 2010, it's still get lots of great comments and usage - it certainly made my day easier!

Exchange 2010: Database Stores, Not Quite Ready When You Are

Once I had my Exchange 2010 server up and running, I had a need to create a new store. Unfortunately, things didn't look so great when the store wouldn't mount after I created the store in the GUI console.  There were even some fine error messages in the logs letting me know that Exchange was unable to mount the store. If you search the Web for answers to this problem, you'll find all sorts of potential solutions and ideas.

Turns out the thing that worked best for me was some patience. Exchange 2010 is deeply ingrained in Active Directory and Active Directory does things at it's own pace.  Sometimes immediately, sometimes in 5 minutes and sometimes in fifteen.

So go ahead and read all those links you found in the great WWW and then after about 5 minutes, go back and try to mount that database again.  Chances are, it'll work just fine.

Exchange 2010 and External Relays (Migration - Part 3)

The "Receive" Connector is a funny thing in Exchange 2010. The receive connectors on my system seem to double as "Send" connectors depending on who's doing the sending. Once my new server was up and running, it was a no brainer to make a proper "Send" connector so the server could access the Internet to deliver mail to external parties.  I was also able to quickly bring up "Receive" connector to collect mail from our Barracuda appliance.

Then I started tackling the servers within our organization that send alerts and reports via email.  I added their network addresses to the same connector I used for the Barracuda device, since they are all on the same network.

All the devices seemed happy until I ran across one that needed to send messages to external recipients. Turns out that on Exchange 2003, I was using the same connector for both internal and external relaying without issue, but Exchange 2010 is a little pickier from a security standpoint (a good thing) and I had to create a special receive connector to handle external relaying.

So why are we using "receive" connectors to relay external mail?  The receive connectors collect mail coming to the Exchange 2010 server which are then sent out using the Internet send connector.  So while all your devices are sending mail, the Exchange server is both receiving it and sending it.
Of course, I wouldn't be writing a post about External Relays if there wasn't something special about them. 

When creating an external relay you want to be sure to un-check all the security mechanisms from the Authentication tab, since it's likely you are relaying mail for things like your UPS which might be "phoning home" with updates to a support provider or copier/scanners that might need to send a scanned items to an outside party - all types of devices that likely won't have a mechanism to authenticate to your mail server.

You also need to set your "Permission Groups" to Anonymous, but the configuration doesn't end there.  Be sure to kick off this little extra PowerShell as well.

Get-ReceiveConnector "External Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

Now that this relay is pretty wide open, so lock down which IP addresses from your network are allowed to use it so that its well controlled.  If you need some screenshots for the configuration, check out this post from the Lazy Network Admin.
http://www.lazynetworkadmin.com/knowledgebase-mainmenu-6/2-windows/149-exchange-2010-configure-anonymous-relay-to-external-domains

Migrating to Exchange 2010 (Part 2) - Certificates

Depending on your installation of Exchange 2010 and what internal and external services you want to provide, you'll likely need a new SSL certificate from a 3rd party provider. You probably already have a basic mail.company.com certificate, but that's just not going to cut it anymore. 

If youl'll be supporting mailboxes on a previous version of Exchange or providing access to supporting Outlook Anywhere, you'll likely need additional host names on your certificate, like legacy.company.com and autodiscover.company.com. This will require a SAN (Subject Alternate Name) certificate. 

Exchange supports different URLs for internal and external access and after a typical installation, your internal URLs will be set to the FQDN of the server name (server.company.com) and external URLs will be set to whatever host name you specify during the install of the CAS server, like mail.company.com. 

In order for us to get a shiny new SAN certificate, we had to revoke our existing mail.company.com while we were waiting for the new certificate to be issued. This would cause some temporary certificate problems with anyone who tried to use Outlook Web Access, but since this was a weekend project and I already declared the entire weekend as a maintenance window I wasn't too concerned about it. 

Meanwhile, I moved all my users mailboxes to the new server. All the Outlook clients were happy with the server's self-signed certificate, which was great, since our 3rd party certificate provider took a few days to finish issuing the new cert. Once the new certificate came, I loaded it onto the mail server and authorized it for IIS to use.

My OWA certificate errors disappeared, but shortly there after we started getting reports of Outlook 2007 complaining about the certificate having a different name than what it was expecting. This was because we didn't include the server name as part of the certificate, but all the internal URLs referenced the FQDN of the server's real name.   

Some of the internal URLs can be change in the Exchange Management Console, but there are a few that are easily overlooked since you can only change them using PowerShell, particularly the URLs for Autodiscover and EWS (Exchange Web Service). 

Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.company.com/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.company.com/ews/exchange.asmx

Then be sure to recycle your MSExchangeAutodiscoverAppPool in IIS.  You can read more about this issue in Microsoft's KB 940726.

Migrating to Exchange 2010 (Part 1)

Ah, upgrades and migrations. Nothing every happens the same way it does in the lab! First off though, I do have to say that my upgrade/migration from Exchange 2003 to Exchange 2010 SP1 was successful and relatively transparent to my end users. Of course, we have a pretty small office and only one server, so there were not a lot of moving parts.

Before working in production, I did two lab-based migrations using some older copies of my Active Directory and Exchange servers - probably a tad too old, since I ran into totally different troubleshooting hurdles in production. Also, there were several things I couldn't completely test in our lab environment, like our BlackBerry BES implementation or inbound and outbound mail connectors. But hey, I love flying by the seat of my pants.

One of the benefits of being late to Exchange 2010 was that there was lots of information on the Internet when I went search for solutions and nothing was insurmountable.
My primary source of guidance was the Microsoft Exchange Deployment Assistant, which is an online checklist of steps to follow. It asks a few questions about your environment and the produces a "customized" checklist. I have a few caveats about it though.

1. It assumes you are installing the various Exchange server roles on different machines or at different times. Since I was using the "typical" installation process my CAS, Hub and Mailbox roles were being installed together.
2. You must check off the completed steps in order. Sure, you can skip around and follow the instructions however you want, but if you like crossing things off a list as you go along and something early in the list is delayed, you can't check of any of the later tasks. For example, "Adding digital certificates on the CAS" is something that is listed very early in the checklist. I had to wait several days for my new SAN certificate to be issued but that didn't prevent me from moving forward with my migration. However, I couldn't play along with with the checklist.

These are small gripes and if you are a stickler for documentation, you can print, email or copy/paste the instructions from the deployment assistant into your own project plan.

In the lab, the typical installation went along with out a hitch. However, I was not blessed with such luck in production. The CAS and Hub Transport roles installed fine, but the installation choked on the Mailbox role with the following error.

Couldn't resolve the user or group "mydomain.local/Microsoft Exchange Security Groups/Discovery Management." If the user or group is a foreign forest principal, you must have either a two-way trust or an outgoing trust.
I found the solution in several places, but it was very nicely documented here on Peter Schmidt's blog.

Just to clarify, you are deleting the "DiscoverySearchMailbox" user from Active Directory, rerunning your install for the mailbox role and then rerunning "setup /prepareAD" to recreate the user you deleted. Interestingly, I can't see the Discovery Search Mailbox in my Recipient Configuration in production, but I can in my test lab. (Odd... maybe one day I'll figure that out.)

At this point, Exchange 2010 is humming along right next my Exchange 2003 server and everything is happy and still working the way it did before, mostly because we have a Barracuda appliance that collects our inbound mail and delivers it to the Exchange 2003 server, so really nothing had changed.

I created a Receive Connector for the Barracuda, updated the Barracuda to deliver mail the Exchange 2010 server, then created my new Send Connector as per the Deployment Assistant and removed the Send Connector on the Exchange 2003 server.  Once I verified that inbound and outbound mail was still flowing it was time to take a breather and regroup for the next round.

Coming up - Getting BlackBerry BES to work again, fixing certificate errors with Outlook 2007, creating an external relay for some legacy devices on my network and figuring out why I couldn't mount an new database after I created it.  Stay tuned.

Exchange 2010 Lab: Things I've Learned So Far

This month, I've been trying to concentrate on working on my test lab for Exchange 2010.  I've done a lot of reading about Exchange 2010, but now is the time where the rubber hits the road and I can start seeing what I've been reading actually means in practice.  Also, this gives me a reason to start paying attention to PowerShell, since I've have little need for it so far and I know I need to start learning it!

I did a pretty standard, "out of the box" installation of Exchange for this first test and I was having a problem moving mailboxes and creating databases.  If you are already a member of the Organization and Recipent Management groups in AD, then you might need to rerun the "setup.exe /PrepareAD" command to reapply the permissions. 

Yes,  the PrepareAD switch is run when you do the standard install.  And yes, even when I manually checked all the permissions they looked fine.  However, rerunning /PrepareAD solved my issues. Want to read more about Exchange Trusted Subsystem permissions and how they fit in?  Go here, to Richard's Exchange Ramblings on TechNet Blogs.

And for a little useful PowerShell, here's how to find the versions of Exchange you have installed in the entire organization:
Get-ExchangeServer | Format-Table Name, *Version*
For reference, all build numbers listed in this KB Article - http://support.microsoft.com/kb/158530

Finally, if you've been tweaking the Rentention Policies and want to kick off the Managed Folder Assistant immediately to see if your policies work for a particular user, here's the PowerShell for that too.
Start-ManagedFolderAssistant -Identity *MailboxOrMailUserIdParameter*
The full explanation of that command can be found here.

Exchange 2010 on the Horizon

I started this week and hopefully I'll get to spend more time next week working on my lab for migrating from Exchange 2003 to Exchange 2010.   Today I'm using the Exchange Server Deployment Assistant, which asks a few questions about your environment and then generates a checklist of things for you to check and do as you move through the installation process.

I'm also hoping to find some time to run the Exchange Pre-Deployment Analyzer in my production environment and see if that give me some good news.

Happy Friday Everyone!

Blog Highlights for October

October is just flying by, but I thought I’d take a moment to toss out a some other great blogs and recent posts that have caught my eye in the last few weeks.  (Many are by some of my fellow Microsoft MVPs, too!)

For those of you in the Exchange camp, check out BlankMan’s Blog, by Nicolas Blank, an Microsoft Exchange MVP. He’s recently posted a link to the Exchange 2010 Architecture Poster and a overview about Exchange 2010 SP1. 

Thinking about IPv6? Don’t miss out on some recent posts on www.howfunky.com, the blog by Microsoft MVP, Ed Horley.  Are you an ostrich or not when it comes to IPv6? You might want to find out.

Maybe you are on the certification path, if so, don’t miss out on some of the posts on the Born to Learn blog, geared to keep you up to date with the latest in Microsoft certification.  Born to Learn recently highlighted MVP Justin Rodino, who will be presenting a session on Windows 7 at the upcoming Certified Career Conference on November 18th.

Finally, since I’ve spent a lot of time in airports this month, I’m finding the TSA Blog to be particularly interesting. Learn about upcoming technologies, changes in protocols and tips on packing so you can breeze through security. Maybe I’ll cross paths with you at the airport.

Take-Aways from a Breakfast Event on Exchange 2010

Yesterday, I spent the morning at an event hosted by Quickstart, EMC and ExtraTeam on Exchange 2010 and Unified Communications.  Not only did they have a great breakfast laid out for those of us who attended event, I picked up a few tidbits about the new versions of these Microsoft products.  The Exchange portion of morning was lead by Mike Sneeringer, who is currently the only person in the world holding both the Microsoft Certified Master in Exchange 2010 and Office Communications Server 2007 - very cool.

If you are an Exchange administrator, you'll appreciate some of these features:

• Role Based Access Control - enables administrators to delegate permissions to responsible users based on job function without giving them access to the entire Exchange management interface. Tasks such as performing multi-mailbox searches no longer have to be the sole responsibility of Exchange Admins, allowing your organization take better advantage of features like legal hold and mailbox searches without involving the IT department.
• Multi-Mailbox Search - allows designated users (like a legal team) a web-based tool for searching across mulitple mailboxes.  This applies to online archive as well as the main mailbox.
• Legal Hold - A legal hold preserves deleted mailbox items and records changes made to mailbox items. Deleted and changed items are returned in a discovery search.
• Improved Transport Rules - will allow for greater control of how mail flows both within your organization and to outside contacts.
• Online Mailbox Moves - this is available for 2007 to 2010 migrations only, but will allow users access to their mailboxes during migration from one database to another. For migrations from 2003 mailboxes must be taken offine.

In addition to some great improvement from the mail administration side, end users will appreciate some of these improvements:

• Delivery reports - provides access to message delivery information for both end users and administrators to help answer questions common questions about mail status.  Great for offices that have multiple locations and multiple email servers.
• MailTips - I can't describe how helpful mail tips can be any better than this blog post by the Microsoft Exchange team. You'll never accidentally "reply to all" for an email you where were BCC'd again.
• Online Archive - Instead of using PSTs to store archive mail, users can take advantage of an online archive separate from their regular mailbox.  With SP1, that archive can even be stored in a different database.
• List Moderation - Allow designated moderators to approve messages before they are sent out to common distribution lists.  This combined with MailTips will probably reduce a lot of common interoffice email mistakes!

Finally, Unified Communications Server can bring your teams together more than ever before, as well as make it easier to manage voice mails and emails together.  With the ability to integrate with other common applications like Office and SharePoint, knowing the "presence" and availabilty of other coworkers can streamline communications and improve productivity. 

Overall, the event was a morning well spent.  While the Unified Communcations offerings aren't something I'm looking at, the Exchange 2010 features just make me look forward to getting there sooner.  Also, EMC has some additional features regarding eDiscovery with their SourceOne product that could complement your Exchange infrastructure depending on your needs.

Exchange 2010 SP1: Personal Archive Improvements

I’ve spent a few years running a small Exchange 2003 organization and now’s the time to start thinking about upgrading. At one point I was deciding between Exchange 2007 and Exchange 2010, but with improvements slated for Service Pack 1 for Exchange 2010, I’m sold. Granted, SP1 isn’t out for general release yet, but I’m willing to wait on my upgrade until it is. Here are some of the killer features for me:

Personal Archives – Introduced in the RTM of Exchange 2010, the personal archives act as an alternate location for users to store mail outside of the main mailbox. Service Pack 1 introduces the option to store the archive in a different database than the main mailbox, finally bringing home the chance for users to store ALL their mail on the server, without affecting the time needed to restore their main mailbox in a recovery scenario.

PST Import – One you are using that personal archive option for users, its possible to put back all that mail that users have already moved out to PST files. The import tool helps streamline this process.

Better Discovery – Improved multi-mailbox search features and search “preview” options will provide a basic “e-discovery” solution for companies that aren’t quite ready to invest in a full blown archiving and discovery product.

I’m looking forward to SP1 for Exchange 2010 as the chance to to bring some new and valuable features to our existing mail infrastructure and take the leap from Exchange 2003. A day where I don’t have to help users keep track of PST files is a day I’ll be breaking out the champagne.

My TechEd Session Wish List

Had a great time at TechEd this year, do not get me wrong. But like all the other conferences of the past, there is often too much good stuff to get it all in.

This year, just about all the breakout sessions are available online. While some may think this reduces the value of actually attending the conference, I disagree. The more intimate sessions, like Birds-of-a-Feather and the “Interactive” style sessions were not recorded. So when I could, I attended those sessions over the traditional breakouts, chatted with Microsoft experts in the TLC areas, or spent time networking with others in the Expo and Community Lounge.

If I could have tailored TechEd to fit my schedule and I had more than 4 days, here are the sessions I would have attended. I did get to a few of them during the conference, they are marked with a (*). Since it will probably take me a while to view all the ones I missed, if you caught one of these and it’s especially good or bad, comment and let me know!

Management Track
MGT314* – Technical Introduction to Microsoft System Center Essentials 2010

Office & SharePoint
OSP314* – Microsoft Outlook and Exchange 2010: Better Together Overview
OSP208 – Microsoft Office 2010 for IT Professionals
OSP203 – (SharePoint) Designing Governance: How Information Management and Security Must Drive Your Design

Security, Identity & Access
SIA333 – Useful Hacker Techniques: Which Part of Hackers’ Knowledge Will Help You in Efficient IT Administration?
SIA230 – Why Security Fixes Won’t Fix Your Security
SIA306 – Night of the Living Directory: Understanding Windows Server 2008 R2 Active Directory Recycle Bin, Undeletion and Reanimation

Unified Communications
UNC303* – Upgrading from Microsoft Exchange Server 2003/2007 to Exchange Server 2010: Tips, Tricks and Lessons Learned
UNC307* – What’s New in Archiving, Retention, and Discovery in Microsoft Exchange Server 2010 SP1
UNC201 – Microsoft Exchange Server 2010 SP1: An Overview of What’s Coming
UNC306 – Going Big! Deploying Large Mailboxes with Microsoft Exchange Server 2010 without Breaking the Bank
UNC203 – What’s New in OWA, Mobility, and Calendaring in Microsoft Exchange Server 2010 SP1
UNC301 – Microsoft Exchange Server 2010: Sizing and Performance – Get It Right the First Time

Virtualization
VIR310 – Networking and Windows Server 2008 R2 Hyper-V: Deployment Considerations
VIR403 – Virtualization FAQ, Tips and Tricks
VIR316 – Remote Desktop Session Host vs. Virtual Desktop Infrastructure Smackdown

Windows Client
WCL304 – Best Practices Guide to Managing Applications
WCL205 – Windows 7 Deployment Tips from Early Adopters

Windows Server
WSV208* – Best Practices in Architecting and Implementing Windows Server Update Services (WSUS)
WSV333 – DNSSEC and Windows: Get Ready, ‘Cause Here It Comes!
WSV201 – 10 Hot Topics Every IT Admin Needs to Know about Windows Server 2008 R2
WSV303 – Death of a Network: Identify the Hidden Causes of Lousy Network Performance
WSV301 – Administrators’ Idol: Windows and Active Directory Best Practices
WSV307 – Windows Server 2008 R2 SP1

Developer Tools, Languages & Frameworks DEV211 - Microsoft Professional, Master and Architect Level Certifications: Notes from Those Who Have Conquered and Lived to Tell the Tale

Notes from TechEd

Hope all the TechEd attendees have been enjoying themselves – I know I’ve been busy racing from one end of the conference center to the other. Turns out that the conference center is about 1.5 miles long and TechEd is spread throughout a mile of it. And it never fails, the next place I have to be is always the furthest point from where I am the moment before.
So far, I’ve been concentrating on sessions around Exchange 2010, so look for some Exchange and Outlook related posts as soon as I get a little bit more time to get everything I’ve been learning straight in my head.
This morning I’m starting out with a session on some technology that’s pretty critical to most systems administration – WSUS. I know it’s time for me to review and potentially adjust how we monitor and update computers in the office and I’m hoping this WSUS session will help move those tasks higher up on my project list.

My 2010 Reading List: So Far

It's unfortunate that I feel like I'm starting the year already behind on my "tech" reading list. Here's a quick list of I have within arms reach.

• Mastering Windows SharePoint Services 3.0 by C. A. Callehan - This has been a great resource for my first attempt at implementing SharePoint. It's a hefty book, I wish it included a PDF version I could convert onto my Kindle.
  
• Microsoft Exchange Server 2007 : The Complete Reference by Richard Luckett, William Lefkovics, Bharat Suneja and MCITP: Microsoft Exchange Server 2007 Messaging Design and Deployment Study Guide - These have been part of my Exchange certification study materials, as well as a starting point for deciding if its worth migrating to Exchange 2007 or skipping to Exchange 2010.
  
• Windows Server 2008 Hyper-V: Insiders Guide to Microsoft's Hypervisor by John Kelbley, Mike Sterling and Allen Stewart - Would you believe I got this free from NetApp? It got several good reviews on Amazon, so I'm looking forward to getting a chance to sit down with it.
  
• Group Policy: Fundamentals, Security, and Troubleshooting by Jeremy Moskowitz. I've read his Windows 2000 Group Policy book years ago, so I much appreciated winning this one from him via Twitter.

In addition to books, I've downloaded several whitepapers onto my Kindle for those free moments on the subway:

• Implementing and Administering Certificate Templates in Windows Server 2008
• Windows Server 2008 Active Directory Certificate Services Step-By-Step Guide
• Exchange Server 2010: What's New and What's Changed by Allan Jacobs

Exchange Server under the tree this Christmas?

I've been reading a lot about Exchange 2007 and have been thinking about what the next move for our Exchange server at the office should be. We haven't decided on Exchange 2007 vs. Exchange 2010 yet, but no matter... I want Santa to bring me a way to eliminate all the PST files being used around the office.

We don't have a large staff. With less than 70 people our Exchange server doesn't work that hard. However, with the desire to bring email services back up as quickly as possible after a failure we have a policy in place that limits the amount of mail stored on the server to 250MB per user. This leaves our data store at a little over 18GB. Our last test restoration of exchange required about 2 hours for loading the database.

Contrary to this is everyone's need to keep every scrap of every email message. This has lead to numerous PST files created as archives for all this mail. It's pretty safe for me to assume that almost every employee has at least one PST file and they are all stored on the network shares.(Yes, I know PST storage on the network is unsupported.) My quick search yielded about 30 GB of PST files and I know I didn't find them all.

So what exactly can Santa bring me?

First, I would be lying if I said I needed a server with more space. The current exchange server still has upwards of 180GB free, so it's likely I could support years of user email with our current setup just by throwing open the storage limits.

I would like to have a proper email archiving system that would automatically move mail from the active mailboxes to secondary storage, thus leaving my primary database small while allowing users to seamlessly access old messages. Personally, I don't keep much in the way of work email and I think that if my company wants me to keep mail for historical purposes, they should provide an easy way to do so. However, I haven't managed to convince the powers-that-be that this is something to embrace quite yet.

My next choice would be reconfiguring Exchange using 2007 or 2010 to take advantage of additional storage groups and "dial-tone" mail service. If I could virtualize the mail server with a SAN for storage, I could bring basic services up in a snap(shot). By breaking up users into multiple storage groups, it would be possible for us to restore mail service immediately and then backfill the databases in small chunks. While it would still take time to restore all the data, users would be able to send and receive mail while old mail would trickle in as the storage groups come back online.

I know "dial-tone" restores are possible with my current setup, but utilizing it in Exchange 2007 or later is much easier than Exchange 2003 due to the auto-discovery features. I also would like to have at least one storage group (with only one database) per department, nearly double of the four storage group limit with Exchange 2003. With the 50 storage group limit in Exchange 2007 I wouldn't have any problem meeting my goal. Also, Exchange 2010 has some good "starter" archiving features for mail management that might be worth a closer look.

Of course Exchange 2007 and 2010 require 64-bit hardware, so maybe Santa can bring me that new server after all.