Latest Entries »


A human is as complex of a machine as one can ever imagine. Packaged in one body under one skin, this complex machine does the greatest multi-tasking such deftly that the human mind itself cannot even think of. This multi-tasking sometimes runs faster than what it is designed for – or shall it be said, what capacity it is allowed to work at.

Once these boundaries are crossed, the brain starts functioning in its very unique way where there are different phases making a switch in functioning. It is like when two or more people are functioning inside one body – one pack carrying people inside, how is this one pack suppose to manage it? But the human body is manufactured to bare the burden of what tests the man is capable of putting it through.

This is the time when the man develops a Multiple Personality Disorder. The person suffering from multiple personality disorder is consistently passing through hallucinations and thinks himself to be somebody else or creates another personality that is in total contrast to his own. He totally frees himself from the confines of his own and whatever wrong or crime he commits he blames it on the imaginary personality that he had created in his own head. This disorder is mostly caused by some trauma or is a result of some unpleasant situation that he has suffered through in his life. Such a patient can become violent and very unpredictable.

Not a lot of scientific elements might be discussed here but what’s more important is the psyche of the multiple personality disorder’s victim and it is under particular consideration here.

The brain being such an organ which formulates and designs another world of customized choice if the reality hits too hard to it. Being a doctor when you are a nurse or rich when you are poverty stricken. Desirable is what one does not get and is the most desired of all.

Silence, sympathy, demon, psycho –  these all personality traits can exist in one person. Such a fit of a combination they can make that one meeting might just not be enough to judge all together.

Great vastness of mind and thoughts is needed to reach the level of emotions an MPD victim faces each and every moment in most cases. When the reverie becomes a part of reality, both the reverie of thoughts and the reality fight to take over each other. This fight is fought in the mind of the MPD victim and it is neither won nor lost by any. This nuisance that is created then results in the transition from one personality to the other. Here another brawl begins where the different personalities embedded in the mono – soul fight for their conquerance over the mono – frame.

It is these wars raged within oneself which bring in and take away the phases of transforming personalities which bring the victim to torments and hence steering them away from what’s known as normal or sanity.


Exchange 2007 and Delivery Restriction : In Exchange 2007 there was a feature of Delivery Restriction in which an Exchange administrator can setup that a User A cannot Send email to a Distribution Group named “All Users”. Thus this Rule  only allowed for explicitly setting restrictions on distribution lists with the options to "Accept messages from", "Reject messages from" or "Require that all users are authenticated".

With Exchange 2010 and Email Moderation now You can Setup All your users to send email to the Distribution List but have Designated Moderators to Monitor Or Approve/Reject Emails send to those Lists.

Thus the decision is taken by a human being rather than being automated through fixed white/black listing settings

Note: This Feature is a purely a Feature of “Exchange 2010”. Thus in a coexistence Scenario of Exchange 2010 and Exchange 2007 we must send a message first to Exchange 2010 Hub Transport Server first because if the Exchange 2010 Hub Transport Server would not Receive the Email and Exchange 2007 Hub Transport Serer would Receive the email than the Hub Transport Server would expand the distribution list and bypass Moderation.

Now for example you want that when you Managers sent an Email to the Distribution Lists those have Moderation Enabled on them. Than while creating the Email Moderation Rule you can exclude the “Managers group” from this Email Moderation Rule


Today On Microsoft’s Social Forums I was asked this Question a couple of times so I planned to write a Blog Post on this

Let us first start with Understanding that Why do we even need to Enable Proxying.

Let us Assume that we have 3 Active Directory Sites (Site A, B and C)and On Every Sites I have Exchange 2010 Installed.(Client Access Server is what we are focusing on)

Only My Site A is Internet Facing while on Site B and C “I dont want them to be Published to the Internet”

So far So good “fazalmkhan.com/owa is my URL for CAS Published on Site A”

So that Means that any of my Clients in Site A. B or C Would use the above URL type the User ID and password(Eg the user is in Site B) and than the CAS Would Proxy the Request to the CAS Server in Site B and User would be able to Access its Email.

Note: CAS in Site A would be Set to Form Based Authentication While the CAS in Site B and C would be set to Windows Integrated Authentication.

How Client Access Servers Work:

The following steps describe what happens when a messaging client connects to the Client Access server:

1. If the client connects from the Internet using a non-MAPI connection, then the client connects to the Client Access server using the client protocol. Only the
protocol ports for client connections must be available on the external firewall.
2. If the client connects from the internal network using Office Outlook configured as a MAPI client, then the client connects to the Client Access
server using MAPI RPC connections.
3. The Client Access server connects to a Microsoft Active Directory® directory service domain controller by using Kerberos to authenticate the user. Internet
Information Services (IIS) or the RPC Client Access service on the Client Access server performs the authentication. The Client Access server uses a
Lightweight Directory Access Protocol (LDAP) request to a global catalog server to locate the Mailbox server that manages the user’s mailbox.
4. The Client Access server connects to the Mailbox server using a MAPI RPC to submit messages to the mailbox database, or to read messages.

Note: Proxying is supported for clients that use Outlook Web App, Exchange ActiveSync, and Exchange Web Services

Client Access protocols for redirection and proxying

Protocol

Client Access server to Mailbox server communication supported between Active Directory sites

Redirection supported between Client Access servers

Proxying supported between Client Access servers

Comments

Outlook Web App

No

Yes

Yes

Must have a Client Access server in each Active Directory site to use Outlook Web App.

Exchange ActiveSync

No

No (unnecessary)

Yes

Must have a Client Access server in each Active Directory site to use Exchange ActiveSync.

Exchange Web Services

No

No

Yes

Must have a Client Access server in each Active Directory site to use Exchange Web Services.

Availability service (used by Office Outlook 2007)

No

No (unnecessary)

Yes

Must have a Client Access server in each Active Directory site to use the Availability service.

Outlook Anywhere (RPC over HTTP)

Yes, with RPC

No

Not applicable

Not applicable

WebDAV and Exchange 2000 Server or Exchange 2003

Yes, over HTTP

No

Not applicable

Not applicable

POP3 and IMAP4

No

No

No

POP3 and IMAP4 clients must access a Client Access server in the same Active Directory site as their mailbox.


In Microsoft Exchange Server 2010, header firewall is a mechanism that removes specific header fields from inbound and outbound messages. Computers that are running Exchange 2010 that have the Hub Transport server role or the Edge Transport server role installed insert custom X-header fields into the message header.

Lets have a Closer look at this.

Server1, Server2 and Server3

When an Email is send from Server1 to Server3. Let us Assume it Went From Server1 to Server 2 and than to Server3

So Each Server’s which received the Email would ADD a RECEIVED header at the beginning of message header with a TimeStamp.

Here are headers from a message received from Dell. (Unnecessary headers removed).

(Errors By the Help of Bharat)

Received: from smtp.easydns.com (205.210.42.52) by exchange.somedomain.com
(192.168.2.171) with Microsoft SMTP Server id 8.1.240.5; Mon, 19 May 2008
03:12:46 -0700
Received: from mh.dell.m0.net (mh.dell.m0.net [209.11.164.66]) by
smtp.easydns.com (Postfix) with ESMTP id 647C222914 for ;
Mon, 19 May 2008 06:14:46 -0400 (EDT)
Received: from [192.168.138.130] ([192.168.138.130:57330]
helo=fc13a1.dc1.prod) by oms1.dc1.prod (ecelerity 2.1.1.24 r(19486)) with
ESMTP id 3B/AF-18306-11351384 for ; Mon, 19 May 2008
03:14:41 -0700</ME@SOMEDOMAIN.COM>
Message-ID: <14154167762.1211192081379@delivery.net>
Date: Mon, 19 May 2008 03:14:41 -0700
From: Dell Small Business
Reply-To:
To:
Subject: $429 desktop, plus new laptops. Hurry and shop now.
Errors-To: dell@smallbusiness.dell.com
Return-Path: dell@smallbusiness.dell.com</ME@SOMEDOMAIN.COM></DELL@SMALLBUSINESS.DELL.COM></DELL@SMALLBUSINESS.DELL.COM>/ME@SOMEDOMAIN.COM

So Most Companies Don’t want the Names to be Published to People who Receive there emails.

Get-SendConnector "Connector Name" | Remove-ADPermission -AccessRight ExtendedRight -ExtendedRights "ms-Exch-Send-Headers-Routing" -user "NT AUTHORITY\Anonymous Logon"

More on this Can be Found here

http://technet.microsoft.com/en-us/library/bb232136.aspx


Have a look at the Article by the Exchange Team.

  • Adding the flexibility to provision a user’s Personal Archive to a different mailbox database from their primary mailbox.
  • New server side capabilities so you can import historical e-mail data from .PST files, directly into Exchange, as well as IT pro controls to enable delegate access to a user’s Personal Archive.
  • SP1 updates the Exchange Management Console with new tools to create Retention Policy Tags
  • Made several improvements to the Multi-Mailbox Search features
  • Support access to a user’s Personal Archive with Outlook 2007.
  • Long running operations, such as attaching a very large file, will not block the rest of the OWA experience
  • Users will also be able to share their calendars to anonymous viewers via the web
  • In SP1, you’ll be able to add Web-Ready Document Viewing of IRM-protected documents as well and you’ll be able to do so in Safari on a Mac as well as in Firefox or IE on a PC.
  • Updated EAS capabilities also enable support for send-as, support for notifying the user if their device has been placed on block or quarantine by their admin, full implementation of conversation view including the ability to sync only unique parts of messages.

Last but not the Least

  • SP1 will bring several new management UI enhancements to enable a number of management tasks in the Exchange Management Console (EMC) and Exchange Control Panel (ECP). Here’s a taste:
  • Create/configure Retention Tags + Retention Policies in EMC
  • Configure Transport Rules in ECP
  • Configure Journal Rules in ECP
  • Configure MailTips in ECP
  • Provision and configure the Personal Archive in ECP
  • Configure Litigation Hold in ECP & EMC
  • Configure Allow/Block/Quarantine mobile device policies in ECP
  • RBAC role management in ECP
  • Configure Database Availability Group (DAG) IP Addresses and Alternate Witness Server in EMC
  • Recursive public folder settings management (including permissions) in EMC

http://msexchangeteam.com/archive/2010/04/07/454533.aspx


We are normally asked on the Microsoft Exchange 2010 Social Forum.

When should we be using Subscriber Access Number and When should we be using Auto Attendant.

We can call Subscriber Access Number to access the caller’s own Exchange mailbox via Outlook Voice Access or leave a voice mail to other Exchange users.

As to Auto Attendant, it can be used to guide the caller to locate different departments/locations of a company. For example, a company has many departments, such as finance, HR, IT and etc. Then, you can configure the Auto Attendant to guide the caller with a customized greeting, like “To contact finance department, please press 1. To contact IT department, please press 2.” In this way, the caller does not need to remember the extension of each department while the Auto Attendant can guide the caller.

Now let us take an example, the Subscriber Access Number set on the Dial Plan is 2000 and the Pilot Identifier set on Auto Attendant is 3000. When a caller calls 2000, the Subscriber Access Number serves and the caller will hear “Welcome to Microsoft Exchange …”. However, if  caller calls 3000, the Auto Attendant serves. The caller will hear “Welcome to Microsoft Exchange Auto Attendant …”.

http://technet.microsoft.com/en-us/library/bb397228.aspx

Here is a Nice Diagram which gets you going on Subscriber Access part.


Resolution

I suggest First Installing Exchange 2003 Console on an XP machine and than

1)From Exchange 2003 System Manager.

Go to Recipient Policies.

Right click on Default Policy, select property pages, and uncheck Mailbox Manager Settings.

Than Run the Above Cmdlet.

2) Method1: Set-EmailAddressPolicy “default policy” -forceupgrade -includedRecipients allrecipients
Method2: Set-EmailAddressPolicy “id policy” -forceupgrade -includedRecipients allrecipients

or use the Script in this LINK

http://social.technet.microsoft.com/Forums/en-US/exchangesvrmigration/thread/5f710678-5066-4e80-9dea-ae049aefcff0

I haven’t used This Script

Helped One on the Exchange Social Forums

http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/4a08a688-7828-4947-a404-dd12e8680cd9

Hope This Helps 🙂


Check out the full list of Set-AdServerSettings parameters here.

First take a look at the current session settings. In this example dc1.exchangeserver.local has been automatically selected.

[PS] C:\>Get-ADServerSettings | fl

RunspaceId : 15e4d968-032b-4cd8-bc66-bf0b665c4161

DefaultGlobalCatalog : DC1.exchangeserver.local

PreferredDomainControllerForDomain : {}

DefaultConfigurationDomainController : DC1.exchangeserver.local

DefaultPreferredDomainControllers : {DC1.exchangeserver.local}

UserPreferredGlobalCatalog :

UserPreferredConfigurationDomainController :

UserPreferredDomainControllers : {}

RecipientViewRoot : exchangeserver.local

ViewEntireForest : False

Identity :

IsValid : True

Using Set-ADServerSettings we can specify the preferred server for the current session with the -PreferredServer switch.

[PS] C:\>Set-ADServerSettings -PreferredServer dc2.exchangeserver.local

Now Get-ADServerSettings shows this change has occurred.

[PS] C:\>Get-ADServerSettings | fl
 
RunspaceId                                 : b15cbfd9-5144-442e-bc74-c00a3216b864
DefaultGlobalCatalog                       : dc2.exchangeserver.local
PreferredDomainControllerForDomain         : {}
DefaultConfigurationDomainController       : dc2.exchangeserver.local
DefaultPreferredDomainControllers          : {DC1.exchangeserver.local}
UserPreferredGlobalCatalog                 : dc2.exchangeserver.local
UserPreferredConfigurationDomainController : dc2.exchangeserver.local
UserPreferredDomainControllers             : {dc2.exchangeserver.local}
RecipientViewRoot                          : exchangeserver.local
ViewEntireForest                           : False
Identity                                   :
IsValid                                    : True
 

Let us Start with Some basic understanding:

Q1) What are Routing Groups

A1)Exchange 2003 use routing groups to define an Exchange-specific routing topology. Typically, routing groups are used to specify a set of well-connected Exchange servers. Servers in the same routing group can communicate with each other without the use of connectors

Q2)What do we need to build Routing Group Connectors ?

A2)When more than one routing group is defined in an Exchange 2003 organization, you must manually create routing group connectors to enable mail flow between Exchange 2003 servers in different routing groups.The routing group connector must specify a source server and a target server as the connector endpoints. A routing group connector defines a one-way connection, and a reciprocal connector must be created to establish mail flow in both directions. The source and target servers are the bridgehead servers for the routing group.

Q3)What is The Email Routing mechanism in exchange 2010 ?

A3)In Exchange 2010, you don’t have to define an Exchange-specific routing configuration. Exchange 2010 uses the existing Active Directory site topology to define its routing topology.Mail routed to Exchange servers located in different sites must be relayed by Hub Transport servers. Hub Transport servers send E-mail to Hub Transport servers in remote sites by using the intra-organization Send connector. The intra-organization Send connector is an implicit connector computed by using Active Directory site and IP site link information

Summary:

If you have read the above Two Paragraphs you would be like

“Hmm so for Integration between these two Topologies Because Exchange 2003 is the legacy technology so Exchange 2010 When is installed Needs to be placed in a Pre Configured Routing group Which should be Made automatically during the Installation of Exchange 2010”   RITE ?

Lets Build on to our Understanding:

To support coexistence between these two routing topologies, all Exchange 2010 servers are automatically added to a single routing group when Exchange 2010 is installed. The Exchange 2010 routing group is recognized in Exchange System Manager in Exchange 2003 as Exchange Routing Group (DWBGZMFD01QNBJR) within Exchange Administrative Group (FYDIBOHF23SPDLT).

This is the Question Which we are Asked Everyday on Microsoft Forums by people

Question : During the Exchange 2010 Installation in an origination which already has Exchange 2003 Installed which server do we have to Enter during the Exchange 2010 Installation

Answer:“During the installation of the first Exchange 2010 Hub Transport server in an existing Exchange organization, you must specify an Exchange 2003 bridgehead server to which to establish the first routing group connector. We recommend that you select a bridgehead server located in a hub routing group or in a routing group that has many mailboxes. The routing group connector links the routing group where the Exchange 2003 server resides and the Exchange 2010 routing group. The Exchange 2010 routing group includes all Exchange 2010 servers, regardless of the Active Directory site in which they reside”

Note: Now What the Above Step Does is

Exchange 2010 is one routing group connector and the Bridgehead Server you defined in the Above Step is in one Routing Group Connector.

Now all The Emails Flowing from Exchange 2003 To Exchange 2010 Would Be VIA these Connectors. So If you want to Create Additional Connectors So that Different routing Group can Directly Communicate With Exchange 2010 Routing group So we have to Build Connectors Using

Set-RoutingGroupConnector cmdlet in the Exchange Management Shell. It’s a best practice to specify more than one source server and more than one target server to provide redundancy and server availability.

Caution:

Don’t move Exchange 2010 servers out of Exchange Routing Group (DWBGZMFD01QNBJR), and don’t rename Exchange Routing Group (DWBGZMFD01QNBJR) by using a low-level directory editor. Neither action is supported. Exchange 2010 must use this routing group for communication with Exchange 2003

Important:

Placing Exchange 2010 servers and Exchange 2003 servers in the same routing group isn’t supported.

If your existing Exchange environment includes more than one routing group, you may want to create additional connection points between Exchange 2003 and Exchange 2010 to optimize mail flow. To create additional connection points, follow these steps:

  1. Determine how you will upgrade the organization to Exchange 2010. The order in which you decommission routing groups will determine which Exchange 2003 routing groups should connect directly with Exchange 2010.
  2. Modify the registry to suppress minor link state updates on all the Exchange 2003 servers. This configuration change prevents connector state messages from being relayed throughout the organization by using link state updates, but doesn’t prevent configuration change messages from being relayed. For more information, see Suppress Link State Updates.
  3. Use the New-RoutingGroupConnector cmdlet in the Shell to create all routing group connectors that specify Exchange 2010 Hub Transport servers as source or target servers. Configure a routing group connector from the Exchange Routing Group (DWBGZMFD01QNBJR) to each Exchange 2003 routing group with which Exchange 2010 will communicate directly, and configure the corresponding reciprocal routing group connectors. You can use the Bidirectional parameter with the New-RoutingGroupConnector cmdlet to create both connectors in a single operation. These connectors will enable mail flow between Exchange 2003 and Exchange 2010.

After reading the Above Paragraph the Question in Your Mind would be

What are LINK State Updates and why do we need to suppress minor link state updates on all Exchange 2003 Servers.

Answer

Part1)Exchange 2003 servers maintain a link state routing table that’s updated through communication with the routing group master. Each connector that has been created between Exchange 2003 routing groups is considered a link. Exchange 2003 servers determine how a message is routed inside the organization by using the cost assigned to these links. If a particular routing group is inaccessible by using the lowest cost route, the link state table is updated by the routing group master to show the state of that link as down. This data is communicated to every routing group in the Exchange organization

Part2If multiple paths exist between the Exchange 2010 routing group and any Exchange 2003 routing group, minor link state updates must be suppressed to make sure that message looping doesn’t occur when a route is recalculated. It is recommend that minor link state updates be suppressed for each server in the Exchange 2003 organization. When link state updates are suppressed, Exchange 2003 servers also queue at point of failure, instead of recalculating the route.

“”Link state routing isn’t used by Exchange 2010 Hub Transport servers. Exchange 2010 can’t propagate link state updates, and it doesn’t recalculate routes. Hub Transport servers always try to communicate directly with other Hub Transport servers. When a connection to a site is unavailable, Exchange 2010 uses the IP site link costs associated with Active Directory sites to determine the closest site at which to queue the message. This behavior is known as queue at point of failure. The message queue generated at the point of failure is put in a retry state””

Hope this Post was helpful In understanding the Routing topology in Exchange 2003 and Exchange 2010