About Michel de Rooij

Michel is a Microsoft Exchange Server MVP and publisher of EighTwOne. He also holds several Microsoft certifications including Exchange Server 2007, 2010 and 2013. Michel was originally a developer so hence his PowerShell affection. Connect with Michel on Twitter, LinkedIn or Google+ or just use the Contact Form.

The UC Architects Podcast Ep36

UC2We’re glad to announce the availability of episode 36 of The UC Architects podcast, recorded live at the Microsoft Exchange Conference 2014 in Austin, Texas.

This episode is hosted by Michael Van Horenbeeck who is joined by Dave Stork, John Cook, Paul Cunningham, Serkan Varoglu and Michel de Rooij. Special guests are Greg Taylor, Brian Day and Jeff Guillet. Editing was done by Andrew Price.

Topic discussed in this episode are taken from sessions held at the Microsoft Exchange Conference as well as well as input from the audience. They are:

  • Favorite moments at MEC
  • Yammer
  • Exchange and Office social interaction features
  • OWA for Android
  • OneDrive for Business and Exchange
  • Sizing Guidance
  • Multi-Factor Authentication
  • On-premises vs. Hybrid vs. Cloud
  • Managed Availability
  • NFS Support
  • Questions from the audience

We are extremely proud the session made it to the Top 15 of the sessions held at MEC.

1506394_599834880107933_2045908672_n[1]

More information on the podcast including references and a link to download the podcast here or you can subscribe to the podcasts using iTunes, Zune or use the RSS feed.

About
The UC Architects is a bi-weekly community podcast by people with a passion for Unified Communications; our main focus is on Exchange, Lync or related subjects.

Exchange Server 2003 †

ex2003eeHóka-héy! Today is a good day to die(*).

With all the media attention for Windows XP support coming to an end today, one might forget that today also marks the official death of Exchange Server 2003 as the extended support phase ends for one of the products many of us developed a love-hate relationship with over the years. In addition, extended support for Office 2003 also ends today.

Reaching the end of extended support means that as of today, those products are no longer supported and will no longer receive security patches. Therefor, organization running Exchange Server 2003 or using Outlook 2003 might be exposed to security risks.

Of course there is an exception to this rule, depending on how deep your pockets are. Organization neglecting or ignoring the upcoming demise of products for some period can continue to receive support for a hefty price. For example, the UK government paid $9m for an additional year of Windows XP, Office 2003 and Exchange 2003 support, and the Dutch government paid an undisclosed amount for an additional year of Windows XP support for around 40,000 systems. Ironically, the Dutch National Cyber Security Center NCSC, part of the department of justice, warned citizens to stop using Windows XP and upgrade.

For organizations still running Exchange Server 2003, there is nothing to be ashamed of as there are occasional sightings of Exchange 5.5 out there. When you think about upgrading, be advised that there is no direct upgrade path to Exchange Server 2013 and you either need to perform a double hop migration through Exchange Server 2007 or Exchange Server 2010 (recommended) or migrate to Office 365 as an alternative.

*) A battle cry attributed to Crazy Horse

MEC 2014 Wrap-Up

imageAfter enjoying some days off in Austin, Texas, after the Microsoft Exchange Conference 2014 ended, it’s now time to wrap-up the event. As this was my first MEC, I have no reference but from what I heard from others who attended the MEC 2012 in Orlando, this MEC was in one word EPIC. I cannot disagree with that qualification. The event took off with what might be called a false start in the form of a somewhat uninspiring key note and substandard food, but instant enthusiasm was achieved by the hilarious Taylor/Espinoza video and Dell Venue 8 Pro giveaway. What followed was incredible quality contents and a level of interaction was beyond expectation, making this a near-perfect event.

imageThe conference featured over 100 sessions, making it impossible to catch everything with some time slots even set for 9 parallel sessions. Luckily, the sessions can be downloaded (script) by registered MEC attendees, which might explain the success of the unrecorded Unplugged sessions. Being free format, those sessions allowed for some nice Q&A between audience and panel members consisting of Product Group members, MCMs, MVPs or other SMEs.

imageThe UC Architects session on the last day in a final slot drew a bigger audience than expected, as it was parallel with one of the assumingly popular Unplugged : Exchange Top Issues session, hosted by Tony Redmond. Then again, we got Greg Taylor, Brian Day and Jeff Guillet on the show and several MSFTs were also in the house. The impact of the session’s high “sit back, relax and enjoy” factor can also not be ruled out. Nevertheless, great crowd and some great feedback after the event making it a potential recurring submission, especially on such a difficult last day/last slot where people are exhausted.

imageThe city of Austin has proven to be a perfect host for such events, much like New Orleans was during TechEd North America last year. Everything was at walking distance and Austin’s lively nightlife, especially 6th Street, proved to be excellent for getting together with old and new friends outside of MEC social activities like MAPI Hour and the Attendee Party at Rainy Street. The reception and treatment by the friendly folks of Austin also contributed greatly to the positive experience.

imageA special shout out to ENow for hosting an excellent UC Architects party at the Speakeasy. With the venue located on the rooftop, it was really amazing as it offered a nice Austin nightly backdrop while enjoying the party. The turnout was incredible, with even Julia White (GM Office) and Michael Attala (Director Office Product Management) making their presence. The party was a real success and it looks like its going to be repeated as the Scheduled Maintenance registration website now mentions TechEd, Houston TX.

Some take-aways from the conference:

  • Exchange development is clearly a cloud-first strategy. Emphasis was added that cloud-first should be seen from an innovation point, as it can implemented faster due to the high level of standardization. This especially benefits OWA users directly as Outlook users need to wait for client updates. For example, Office Graph (the new container for self-learning social features such as ‘Clutter’ and ‘Groups’), will become available on Office 365 first, OWA first.
  • Yammer started to make sense. During the conference, you could interact through Yammer for the session you were attending and you were able to follow the presentation via ‘Second Screen’ functionality, showing slides as they were presented. Beyond this, people seemed to ignore Yammer, which perhaps could also be attributed to the contests on Twitter.
  • Using OneDrive for Business allows for storing attachments online (e.g. Office 365) while providing links to the attachment in the original e-mail, somewhat similar to Remote BLOB Store (RBS) in SQL Server which allows you to store BLOB  externally, outside of the main database.
  • Multi-Factor Authentication and Single Sign-On is coming to Outlook 2013 for Office 365 this year and Exchange 2013 on-premises next year.
  • Updated Sizing Guidance to accommodate for for MAPI/http impact on the CAS role (+50% CPU, but still lower than Exchange 2010) but also a cap on the pagefile sizing when using more than 32 GB of memory (maximum 32,778 MB).
  • With the introduction of MAPI/http will become the preferred protocol instead of Outlook Anywhere.
  • Outlook WebApp for Android is coming (no ETA) with all the nice features of a dedicated app like OWA for iOS, like selective wipe.
  • Clear statements on NFS not being supported to host Exchange databases. I repeat: NFS is not supported.
  • Emphasis on installing .NET Framework 4.5.1.
  • Recommendation to deploy 4 database copies, including 1 lagged copy, using a File Share Witness in a 3rd location.
  • Lots of well attended sessions on Office 365 Hybrid solutions, which shows a rise in the interest. However, during the UC Architects session, a vast majority of the audience indicated they are still (and will be) running Exchange on-premises.
  • Lots of attention for the Public Folder migration and the 10,000 folder limit raised its ugly head a few times. However, it has Microsoft’s full attention and they are working on it and are targeting a next boundary that will lie somewhere in the 1,000,000 region. However, still many customers with over 1m folders, so there was some discussion on that.
  • Lots of feedback on making troubleshooting Managed Availability easier. Since it’s a task of lookups and cross-checks between Exchange and Event Viewer a.o., being a DevOp I start to think in terms of developing a useful tool. I put that on my To Do list, so hold on until MS comes up with something or I find some decent time to develop tooling, whichever comes first.
  • Some requests for creating an interface for Edge Transport role as not every admin can be expected to have PowerShell skills. Same rule applies here as for the Managed Availability tool: duly noted until when time permits or MS comes up with something.

imageAfter MEC, I joined my colleagues for a shopping spree in Round Rock Premium Outlets and enjoyed hiking in McKinney Falls State Park were we were taken on a free, unsolicited but very welcome tour by a friendly local. Unfortunately, all good things come to an end and Saturday saw a formal closing of the trip with the return flight to Amsterdam.

A big thanks to Microsoft for this well-organized, excellent event and the Exchange PG, MVPs and MCM/MCSMs and everybody attending for contributing. It makes me really proud to be part of this family as an Exchange MVP and I really look forward to the next MEC. Thanks everyone!

PS: In addition, here are additional write-ups by some Exchange fellows:

Exchange 2013 Server Role Requirements Calculator 6.3

Excel-2013[1]The Exchange 2013 Server Role Requirements Calculator received an update to reflect changed incorporated in Exchange 2013 SP1, such as adjusted guidance to accomodate for MAPI/http and its impact on the CAS role, as well as revised pagefile sizing guidance. The new version number is 6.3.

Changes since version 6.1:

  • Fixed Backup Requirements calculations to include greater than 50 databases.
  • Added additional processor core support.
  • Fixed the number of database volumes calculation when disk count is specified.
  • Fixed the database size calculation for A/P scenarios to match A/A scenario calculations.
  • Fixed the calculator to take into account halving database number per volume in non-site resilient scenarios.
  • Fixed conditional formatting errors on transport configuration settings.
  • Fixed transport sizing to take into account mailbox growth.
  • Updated CAS megacycle calculations to align with SP1 guidance.
  • Revised Dispart.ps1 script to create database mount points consistent with JetStress performance counters.
  • Added Calculator version number to record one field three of CSV export files.

You can download the calculator here. For more information, please consult the release notes and read me

Microsoft Exchange Conference 2014 Countdown

imageThe one conference people involved with Exchange and related technologies are looking forward to is now only one week away, the Microsoft Exchange Conference. In fact, this will be the first MEC(*) I will be attending and I am really looking forward to it. Apart from attending sessions and joining discussions that I am sure will be interesting, conferences like these means catching up with peers, some I have not had the pleasure of meeting them in person yet.

With over 100 sessions crammed in a 3 day conference, you can imagine picking sessions is not an easy task, depending on your experience and knowledge you wish to attain. For those still in doubt on which sessions to attend to, Exchange fellow Tony Redmond wrote a helpful list of recommendations here and followed up today with an overview of the MVP sessions here. As you may or may not know, MVPs are recognized people from the community offering independent real-world experience and insights.

Apart from all the learning opportunities, there will also be festivities and parties. I’d like to bring to your attention one of these parties, the ENow sponsored UC Architects party at the rooftop of the Speakeasy on April 1st (no joke). You can request a pass at  http://schedulemymaintenance.com but be quick because the number of passes is limited. To increase your chances, should drawing be required, make sure you listen to The UC Architects episode 35 for a special promo code.

Like with conferences I have attended before, I will be tweeting noteworthy information from the event. If you want to receive MEC-wide information, I suggest you monitor the official hashtag, #IAmMEC.

*) Pronounced by many as  [mek] but according to this Geek Out with Perry – MEC Edition video, Microsoft pronounces it as [em-ee-see]. However, this is insignificant compared to the discussion on how to pronounce Azure.

The UC Architects Podcast Ep35

UC2We’re glad to announce the availability of episode 35 of The UC Architects podcast. This episode is hosted by Steve Goodman who’s joined by Michael van Hoorenbeeck, Dave Stork, Serkan Varoglum, John Cook, Ståle Hansen and yours truly. Editing was done by Andrew Price.

Topic discussed in this episode are:

  • Exchange 2013 Service Pack 1
  • Exchange 2013 SP1 Transport bug
  • Exchange 2010 SP3 UR5
  • Exchange 2007 SP3 UR13
  • Have Public Folder limits changed recently? Let us know!
  • Now Available: GetLogFileUsage.ps1 script
  • Configuring Azure Multi-factor Authentication with Exchange 2013 SP1
  • Exchange 2013 SP1 now includes native ADFS support
  • Windows Server 2012 R2 and Database Availability Groups
  • Certificate Inspector™ by DigiCert
  • Office Web Apps Server 2013 Service Pack 1 (SP1) also available
  • Static IP Addresses for VMs in Windows Azure
  • HA EOP/Office 365 to On-Premises routing
  • SAML 2.0 federation with Office 365
  • Demo Scripts for Remotely managing Office 365 using PowerShell
  • Lync Conference 2014 – Some sessions released
  • Lync Room Systems (LRS) PSA – Update to 15.08
  • Minor update 1.01 to Lync2013 Call Pickup Group Manager Tool.
  • Lync call accounting for user or departmental billing – beta v0.2
  • Office 2013 SP1 fixes annoying UISuppressionMode bug for Lync
  • Using CsClientPolicyEntry for Inband Snom Provisioning
  • Lync 2013 – Masking Information from Monitoring Reports
  • Lync / Powerpoint certificate issue

More information on the podcast including references and a link to download the podcast here or you can subscribe to the podcasts using iTunes, Zune or use the RSS feed.

About
The UC Architects is a bi-weekly community podcast by people with a passion for Unified Communications; our main focus is on Exchange, Lync or related subjects.

Internal Message Classifications visible in Outlook

Ex2013 LogoMessage classifications were introduced with Exchange 2007 which seems like ages ago now. They are a piece of metadata which you can assign to messages, for example the intended audience or sensitivity of messages. These message can then be treated accordingly by the recipient or you can leverage transport rules functionality and Rights Management Services to act on or protect these messages.

Let’s assume you have created a custom message classification using the following cmdlet:

New-MessageClassification –Name ‘InternalUseOnly’ –DisplayName ‘Internal Use Only’ –SenderDescription ‘This message is for internal use only.’

When you retrieve the list of message classifications using Get-MessageClassifications you will notice three additional classifications:

image

Exchange comes with these message classifications which are used by Exchange internally: ExAttachmentRemoved, ExOrarMail and ExPartnerMail. These should not be used by users, let alone be visible. To make them hidden, the PermissionMenuVisible attribute is set to $false for these classifications. This will make them not show up in Outlook WebApp:image

Now, using classifications in Outlook is less admin-friendly and requires exporting of classification information and configuring Outlook to read these classifications from a file. In short, the process described on TechNet TechNet to use message classifications from Outlook is as follows:

From the Exchange Management Shell, run the Export-OutlookClassification.ps1 script from Exchange scripts folder, e.g.

& ‘C:\Program Files\Microsoft\Exchange Server\v15\Scripts\Export-OutlookClassification.ps1’ | Set-Content ‘C:\OutlookClass.xml’

Next, copy the XML file to a location on the client or networked location which is readable by Users. On the client, make the following registry changes:

[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Policy]
"AdminClassificationPath"="c:\\Classifications.xml"
"EnableClassifications"=dword:00000001
"TrustClassifications"=dword:00000001

Note: For the purpose of this example the XML is stored as C:\Temp\OutlookClass.xml . Note that “15.0” is for configuring Outlook 2013, replace with 14.0 for Outlook 2010 and 12.0 for Outlook 2007.

Restart Outlook so it will use these settings. When composing a message you will now see the message classification options appear under Options > Permission:

image

Apart from the message classification “Internal Use Only” we created, you will also see that Outlook shows the internal classifications by their display name. That should not be happening.

When you open up the Outlook classifications export file, you will spot that it contains all classifications, including the internal ones:image

So, what you can do now and what the documentation seems to fail to mention, is that after exporting message classifications you may want to remove the internal classifications “Attachment Removed” (ExAttachmentRemoved), “Originator Requested Alternate Recipient Mail” (ExOrarMail) and “Partner Mail” (ExPartnerMail) from the XML export file. Downside is that message with these internal classifications will not display the related description in Outlook, but that should not be an issue and a better option than users being able to select them.

When you have removed the three entries from the XML file and restarted Outlook, the built-in options will no longer be on the permission menu:

image

Exchange 2013 SP1 Transport Agent Fix (updated)

Ex2013 LogoAfter installing Exchange 2013 Service Pack 1, people reported issues with Transport Agents. Symptoms are that the Transport service doesn’t start or stops shortly after starting the service or you can’t install the 3rd party product.

Products experiencing the issue are TrendMicro ScanMail, McAfee Email Security (GroupShield), Symantec Mail Security for Exchange, AVG for Servers, ESET Mail Security for Exchange and CodeTwo Exchange Rules. Products from other vendors may be affected as well.

Microsoft is aware of this issue and has published KB2938053 which has a small Exchange2013-KB2938053-FixIt.zip script to fix the issue.

The cause of the issue lies in XML files containing invalid XML markup in the form of “comments” which prevents .NET from loading the XML files, e.g.

<!-- 15.0.847.30 -------------------------------->

The two files containing the invalid XML markup are:

$Env:Windir\Microsoft.NET\assembly\GAC_MSIL\policy.8.0.Microsoft.Exchange.Data.Common\v4.0_15.0.847.30__31bf3856ad364e35\Microsoft.Exchange.Data.Common.VersionPolicy.cfg
$Env:Windir\Microsoft.NET\assembly\GAC_MSIL\policy.8.0.Microsoft.Exchange.Data.Transport\v4.0_15.0.847.30__31bf3856ad364e35\Microsoft.Exchange.Data.Transport.VersionPolicy.cfg

Be advised that the script supplied in the KB article tries to locate and fix various alternate versions of those files. Something you might want to consider as well when fixing it manually, should you be unable to locate the specific files mentioned above.

After running the script you should be able to start the Transport service or install 3rd party containing transport agents..

Update (3/5): Updated blog after official KB article got published. The issue was also blogged on by fellows Jason Sherry, Paul Cunningham while Tony Redmond has additionanal background details here.

Inbound e-mail not accepted after applying Exchange 2013 SP1

Ex2013 LogoAfter installing Exchange 2013 Service Pack 1 you may notice that inbound e-mail is not accepted and attempts to connect to port 25 will result in a timeout.

The application event log will contain event log entries ID 7012, generated by the MSExchangeFrontEndTransport, mentioning that “The service state for frontend transport is inconsistent. Current state – Inactive. Expected state – Active”:

image

When inspecting the component state from the Exchange Management Shell using:

Get-ServerComponentState <ServerID> -Component FrontendTransport

you will notice that it really is inconsistent, as Exchange will report that the component is active:

image

The quick workaround for this issue at the moment is to restart the Frontend Transport service:

Restart-Service MSExchangeFrontendTransport

After a restart of the service, or system restart if you must, the component state is working fine again and connections are accepted. In addition, the MSExchangeFrontendTransport will generate an event log entry ID 7009, “Retrieved the service state. Host service – FrontendTransport, Service state data – Active.”

Exchange and The UC Architects fellow Paul Cunningham discovered the same issue and blogged about it here.

Exchange 2013 Service Pack 1

Ex2013 LogoThe long awaited Service Pack 1 for Exchange Server 2013 was released today by the Exchange Team (KB2926248). This update raises Exchange 2013 version number to 15.0.847.32.

Service Pack 1 introduces the following changes or enhancements:

  • Support for running Exchange Server 2013 SP1 on Windows Server 2012 R2.
  • Support for Windows Server 2012 R2 Domain Controllers and Windows Server 2012 R2 Forest and Domain Functional Level.
  • MAPI over HTTP.  More information on MAPI over HTTP here. Note that MAPI over HTTP requires Outlook 2013 SP1; you can download Office 2013 SP1 32-bit version here and the 64-bit version here.
  • DLP policy tips for OWA.
  • Add custom document types to DLP using fingerprinting technologies.
  • Cmdlet logging in Exchange Administrative Console.
  • Support for IP-less DAGs (on Windows Server 2012 R2).
  • S/MIME support.
  • Rich-Text editor for OWA.
  • Edge Transport server role.
  • Support for SSL Offloading.

Service Pack 1 includes the following fixes:

  • 2860242 HTML format is lost after saving as an MSG file in Exchange 2013
  • 2900076 Mailbox quota warning message uses an incorrect language in Exchange Server 2013
  • 2910199 “Reply all by IM” chat window displays seven recipients in Outlook Web App
  • 2913999 Meeting request body and instructions are lost in delegate’s auto-forwarded meeting request
  • 2918655 Microsoft.Exchange.Servicehost.exe crashes after you enable FIPS
  • 2918951 Users cannot access public folders after you upgrade to Exchange Server 2013 Cumulative Update 3
  • 2925281 Outlook connectivity issue if SSLOffloading is “True” in Exchange 2013
  • 2925544 Empty ExternalURL value for ActiveSync virtual directory after build-to-build upgrade of Exchange Server 2013
  • 2927708 Resource mailboxes that are created by EAC will not be updated by policies in Exchange Server 2013
  • 2928748 Default from delegate’s address in shared mailboxes in Exchange Server 2013
  • 2928803 Long server connection for Outlook after a database failover in Exchange Server 2013
  • 2930346 POP3 access does not work if the name of the resource mailbox differs from the user’s name
  • 2930348 Manual redirection occurs in Outlook Web App if External URLs in each site are the same
  • 2930352 Outlook Web App cross-site silent redirection does not work in Exchange Server 2013

Cumulative Updates and Service Packs includes schema and AD changes, so make sure you run PrepareSchema /PrepareAD. After updating, the schema version will be 15292.

Note that Service Packs and Cumulative Updates can be installed directly, i.e. no need to install RTM prior to Cumulative Updates or Service Packs. Note that once applied, you can’t uninstall a Cumulative Update or Service Pack nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous Exchange generations.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

Also check with any 3rd party products you may use – there are reports of compatibility issues with 3rd party transport agents by Exclaimer, Trendmicro (other AV solutions possibly as well) and CodeTwo. The cause of the Transport service failing to start or problems with installing 3rd party transport agents has been identified. A workaround can be found here.

You can download Exchange 2013 Service Pack 1 here. The Exchange 2013 SP1 UM Language Packs can be found here. More details about these changes, preparing Active Directory or installing this Cumulative Update can be found in the original announcement here.